Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 8 subscribers
  • Views 3836 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Generic c not deleted

Mags R

On my Moto G6 android 9 I downloaded and started Sophos Intercept X. It found malicious file

com.cleaner.znidyaxeu.ryzsl.apx

But it is not able to delete it and gives regular warnings...



This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    Could you please provide more details about the warning you are receiving? Would you please try to run a manual scan once, from App Security page> Show Scan details and then click on start? 

  • 0 in reply to Shweta

    Dear Shweta,

    I went through the entire app. There is absolutely no button to click for manual scan. There are no more details about this threat. The app that reports this threat is Sophos Intercept X, my device is an Android 9 mobile phone Moto g6

  • 0 in reply to Mags R

    Hi  

    When you open Sophos Intercept X on the mobile, you will see App Security Tab just below the device and network security. Once you click on the App security it will show you last scan details and engine update, click on show scan details and it will trigger a manual scan on the app. Also, kindly check under the "Log" tab, and check if you are seeing any more details about this detection. 

Reply
  • 0 in reply to Mags R

    Hi  

    When you open Sophos Intercept X on the mobile, you will see App Security Tab just below the device and network security. Once you click on the App security it will show you last scan details and engine update, click on show scan details and it will trigger a manual scan on the app. Also, kindly check under the "Log" tab, and check if you are seeing any more details about this detection. 

Children
  • 0 in reply to Shweta

    Thank you, the manual scan reports the exact same threat. I found 4 log files. I cut and paste the IMHO most relevant part below. Please let me know if you need parts of the other logs.

    Log entries exported  at 2019/12/10 10:30:23

    Scanner; 2019/12/10 10:28:45; Manual scan finished. 15690 objects scanned. One threat or PUA found. 0 low reputation apps found.

    Scanner; 2019/12/10 10:02:14; Threat 'Andr/Generic-C' was found in file '/storage/9016-4EF8/Download/com.cleaner.znidyaxeu.ryzsl.apk'.

    Scanner; 2019/12/09 01:09:48; Virus definitions updated to version 3.76.5:2019120603.

    Scanner; 2019/12/08 20:34:38; Could not delete file '/storage/9016-4EF8/Download/com.cleaner.znidyaxeu.ryzsl.apk'.

  • 0 in reply to Mags R

    Hi  

    In few instances, we require to manually delete the detected file. Could you please check on this path storage/9016-4EF8/Download/ on your mobile device and see if you are able to manually delete this detected file?

  • 0 in reply to Shweta

    Dear Shweta, that was my first idea but there is no visible map with this path. I don't know if it is possible to show hidden maps in Android without rooting. I have no experience in rooting Android devices

  • 0 in reply to Mags R

    Hi  

    I will try to replicate this at our end and shall let you know the results. 

  • 0 in reply to Shweta

    Dear Shweta, to my surprise with another file browser than the default one I found out that the folder was there, not hidden, and I was able to delete the file. Thanks for your help.

  • 0 in reply to Mags R

    Hi  

    That is great, glad to hear that the issue has been resolved. Let us know if you have any further concerns or queries.