Lookout scan found questionable "riskware"--looking for advice

[anon(9072051)]

Lookout completed one of its usual self-scheduled scans today and has identified two items as "riskware":

com.android.cts.priv.ctsshim

com.android.cts.ctsshim

I've tried online searching to find out what they might be and got nowhere. During the searches, Google is apparently finding the items in the source code for a number of web pages, but the pages themselves don't identify either filename. And because I can't tell if these are system files or app-related crapfiles, I don't feel comfortable about letting Lookout remove them.

Any ideas?

I'm running a Nexus 6 on the DP5 of Android N. The only app on the phone that was not downloaded from Google Play is an old HTC Gallery app

 

[DroidFromVA]

CTS is related to compatibility testing. Not sure what those things are other than that, but A/V programs can easily send up false flag alerts based on program behavior.

 

[Golfdriver97]

A false flag was my first thought too.

 

[anon(9072051)]

Thanks for the quick responses. Yeah, the first thing that popped into my head was that Lookout was flagging something in N that it hadn't been programmed to accept as a system file, so it wanted to remove the anomaly. But since I don't know squat about that long parade of "com.android.whatevers," my own ignorance was nagging at me.

 

[java007]

Just had the same alert from Lookout. Also running Android N DP5 on a Nexus 6. This could very well be part of the N preview code.

Two android developer links that look relevant:

https://source.android.com/compatibility/cts/
https://source.android.com/compatibility/cts/setup.html

I'm leaving these alone for now.

 

[Pu-242]

I got the same detection after upgrading to nougat dp5. I'm very confident it's a legitimate part of dp5.

 

[RevLauren]

Same thing here. I got the error message from Lookout shortly after I updated to DP5, and figured it's one of those anomalies that will be smoothed out in the final. I also installed the new Nexus Launcher and it's pretty nice once you get used to it, except that it failed to update the Date in the top right corner of the screen today. A reboot fixed that.

 

[Borno666]

Lookout completed one of its usual self-scheduled scans today and has identified two items as "riskware":

com.android.cts.priv.ctsshim

com.android.cts.ctsshim

I've tried online searching to find out what they might be and got nowhere. During the searches, Google is apparently finding the items in the source code for a number of web pages, but the pages themselves don't identify either filename. And because I can't tell if these are system files or app-related crapfiles, I don't feel comfortable about letting Lookout remove them.

Any ideas?

I'm running a Nexus 6 on the DP5 of Android N. The only app on the phone that was not downloaded from Google Play is an old HTC Gallery app

Oops, only meant to copy part of your message.

Had the same thing come up on my lookout. Let it try to uninstall and it couldn't.

 

[rasmith1959]

CTS is a tool for developers to check for and help resolve compatibility issues with apps on various versions of Android. CTS (Compatibility Test Suite) has two parts, one is run on the development PC (64 bit Linux or Mac) and another is a system file in Android. Since this is a developer preview the Android CTS files are already installed, and since they are system files can't be removed unless you have root privileges. So long story short, it is safe to ignore these as they are harmless.

 

[Brad Bridwell]

I understand the testing suite for developers of apps and Google, however the information you gave is misleading. Someone with access to the phone could easily replace these files as malware. To ignore a warning from an antivirus program is negligent. First check the signatures of the files with the signatures of the known source files. If they are the same ignore them.

 

[anon(319128)]

Same error for me on a Nexus 6p. Just upgraded to N yesterday, and Lookout flagged with the same errors this morning. ....and Lookout seems all locked up over it. I killed it and restarted Lookout, but it's not responsive...hmm....

Joel

 

[JCHAOS]

Got the same here. in lookout selecting app info and options there is a selection to enable the app. should we do that or just choose to ignore in lookout so it doesn't continue to flag them during each scan.

 

[inougat]

Just had the same alert from Lookout. Also running Android N DP5 on a Nexus 6. This could very well be part of the N preview code.

Two android developer links that look relevant:

https://source.android.com/compatibility/cts/
https://source.android.com/compatibility/cts/setup.html

I'm leaving these alone for now.

Maybe you are right. It is something like a compatibility test suit that helps adding new updates in your device by managing partitions in system.

 

[Mike Oz]

I was testing some apps and these 2 files showed up as being modified which tells me they are more than Samsung service apps. . Bad news is. That Malwarebytes as well as Avast Security stopped on both the files for a 20 seconds then went on undetected. They both paused then went on. Later on my A20 would not open any programs. The all quiet responding. I had to reflash it to get it working again