F-Secure Freedome potential false positive on Samsung Galaxy Note 5- "System UI"

Scholar

F-Secure Freedome potential false positive on Samsung Galaxy Note 5- "System UI"

Starting this morning, F-Secure Freedome has been warning me that my Samsung Galaxy Note 5 device  is infected. It says that "System UI" is infected with "Trojan:Android/SmsSend.AB". I have scanned my phone with Sophos, Kaspersky, Norton, and Bitdefender, yet they do not detect any malware on my phone. I am running Freedome version 2.0.33.3236 on Android 5.1.1.

I have checked the System UI permissions on another Galaxy Note 5 and the permissions are identical. I have also checked with my wireless carrier and there have been no suspicious SMS messages sent from my device to premium numbers or otherwise. Indications are this is a false positive on F-Secure's behalf.

6 REPLIES 6
Community Manager

Re: F-Secure Freedome potential false positive on Samsung Galaxy Note 5- "System UI"

Hi MemoryAccessReg,

 

Is the detection shown from the App Security feature in Freedome? Please open a support request in order to investigate this further.

Has somebody helped you? Say thanks by giving likes. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.
Scholar

Re: F-Secure Freedome potential false positive on Samsung Galaxy Note 5- "System UI"

Just to say that I have the same issue flagged up by Freedome (on Samsung Note 4). I thought it unlikely to be a false positive, so thanks, Scholar, for mentioning it. I've sent a support request. 

 

Here's a screenshot

 

Novice

Re: F-Secure Freedome potential false positive on Samsung Galaxy Note 5- "System UI"

Same here on S5 Neo (G903F) running 5.1.
Community Manager

Re: F-Secure Freedome potential false positive on Samsung Galaxy Note 5- "System UI"

Hello Everyone,

 

This suspected false positive has been updated on our backend. Could you please check again and keep us posted if the issue persists?

Has somebody helped you? Say thanks by giving likes. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.
Scholar

Re: F-Secure Freedome potential false positive on Samsung Galaxy Note 5- "System UI"

Same here.

Running Google Nexus 7, Android 6.0.1, kernel 3.4.0-g094b859, Android security patch level 1 March 2016

Scholar

Re: F-Secure Freedome potential false positive on Samsung Galaxy Note 5- "System UI"

... and it persists:

running Google Nexus 7, Android 6.0.1, kernel 3.4.0-g094b859, Android security patch level 1 March 2016,

Freedome 2.1.4.3592

fs protection 16.2.012727

... flagged: "Basic Daydreams, scanned 31 Mar 2016, (...) This app is infected with a virus: Trojan:Android/Smsspy.6d2d2b3dab!Online" 

 ... the same flag for: Calendar Storage, com.android.providers.partnerbookmarks, HTML Viewer, Intent Filter Verification Service, MusicFX, Print Spooler, Simple mesage receiver

... and these flags while fs protection finds nothing.