A
A
alekssamos2021-07-08 17:53:35
Android
alekssamos, 2021-07-08 17:53:35

Virus in original firmware or false positive? How to fix?

On the Xiaomi Redmi 3S phone, all versions of the original latest Sberbank online application detected the HEUR:Trojan-Dropper.AndroidOS.Agent.je virus.
Phone after reset, fully formatted and configured as new.
Android 6, MIUI 10.2
Sber asks to delete the file along the path:

/cust/app/customized/partner-SwiftKey_M_arm64/partner-SwiftKey_M_arm64.apk


But I do not have access there, even through the developer mode.
[email protected]:/cust/app/customized/partner-SwiftKey_M_arm64 $ ls
partner-SwiftKey_M_arm64.apk
m partner-SwiftKey_M_arm64.apk <
rm ro partner-SwiftKey_M_arm64.apk (y/N):y
rm: partner-SwiftKey_M_arm64.apk: Permission denied
1|[email protected]:/cust/app/customized/partner-SwiftKey_M_arm64 $
Permission denied


What is it, a virus in the original firmware or a false positive?
How to remove it without flashing and without root rights?
Help me please.

Answer the question

In order to leave comments, you need to log in

2 answer(s)
D
Drno, 2021-07-08
@Drno

As far as I understand it is not a virus. delete and generally touch the file from the firmware is unnecessary in principle.
I don’t know if there is such a function, but in the Sberbank application it’s better to disable all checks and other crap altogether. let it not dress up, they took the fashion damn it

A
alekssamos, 2021-07-16
@alekssamos

According to several antivirus companies,
this is a real virus,
not a false alarm,
mi support has not responded yet.
But on Github I found a mention of this file.
https://git.io/JWaxx

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question