Andr.Trojan.Zitmo-2 ClamAV blocking Android Updates

Written by James McDonald

IT Tips

0 Comments(s)

September 11, 2013

I’m using DansGuardian + ClamAV to do webfiltering and scanning. I have my Samsung Galaxy SII connected via Wi-Fi to the network so the traffic is scanned by DG. However this morning got warnings about Andr.Trojan.Zitmo-2.

1 for OpenDocument Reader and the other for  a Samsung website (ospserver.net).

Really hoping (PRETTY SURE) it’s just ClamAV doing false positives.

A virus was detected by DansGuardian.

 

Data/Time:2013.9.11 13:01:01

From:     192.168.0.131 (-)

Where:    http://apps-dn2.ospserver.net/217ff51a6399415da9f5d17252da16dc?signed=6qudxJvvyVaJN2mjnpZ5PNS6t0tcIY24E%2Bn4eD9dbYx2RqsuypXZTjZCpbLxS9iqo7YvycZXlrpxA4dj8tXh2d5sG%2Fw%3D&object_id=66baaff6beb026bfb79804843e98272cba96e338ebb59fdd809e256986599df1

Why:      Andr.Trojan.Zitmo-2

Method:   GET

Size:     3985353

Weight:   0

Category: Content scanning

Mime type:application/octet-stream

Group:

HTTP resp:403

 

A virus was detected by DansGuardian.

Data/Time:2013.9.11 9:12:32

From:     192.168.0.131 (-)

Where:    http://r8—sn-uxanug5-ntql.c.android.clients.google.com/market/GetBinary/GetBinary/at.tomtasche.reader/46?ms=au&mt=1378854625&mv=m&expire=1379027490&ipbits=0&ip=0.0.0.0&cp=Snp1cGFyR0E6ODU4MzMxMTY3MDgzMDAyNDAzNTA&sparams=expire,ipbits,ip,q:,cp&signature=B7F3205325B463AFCAA48E2C7642EA58F72795BB.6371051A631E99E985F43963816BB54BF57D35BD&key=am3

Why:      Andr.Trojan.Zitmo-2

Method:   GET

Size:     1637694

Weight:   0

Category: Content scanning

Mime type:application/vnd.android.package-archive

Group:

HTTP resp:403

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…