Andr.Trojan.Zitmo-2 ClamAV blocking Android Updates

Written by James McDonald

September 11, 2013

I’m using DansGuardian + ClamAV to do webfiltering and scanning. I have my Samsung Galaxy SII connected via Wi-Fi to the network so the traffic is scanned by DG. However this morning got warnings about Andr.Trojan.Zitmo-2.

1 for OpenDocument Reader and the other for  a Samsung website (ospserver.net).

Really hoping (PRETTY SURE) it’s just ClamAV doing false positives.

A virus was detected by DansGuardian.

 

Data/Time:2013.9.11 13:01:01

From:     192.168.0.131 (-)

Where:    http://apps-dn2.ospserver.net/217ff51a6399415da9f5d17252da16dc?signed=6qudxJvvyVaJN2mjnpZ5PNS6t0tcIY24E%2Bn4eD9dbYx2RqsuypXZTjZCpbLxS9iqo7YvycZXlrpxA4dj8tXh2d5sG%2Fw%3D&object_id=66baaff6beb026bfb79804843e98272cba96e338ebb59fdd809e256986599df1

Why:      Andr.Trojan.Zitmo-2

Method:   GET

Size:     3985353

Weight:   0

Category: Content scanning

Mime type:application/octet-stream

Group:

HTTP resp:403

 

A virus was detected by DansGuardian.

Data/Time:2013.9.11 9:12:32

From:     192.168.0.131 (-)

Where:    http://r8—sn-uxanug5-ntql.c.android.clients.google.com/market/GetBinary/GetBinary/at.tomtasche.reader/46?ms=au&mt=1378854625&mv=m&expire=1379027490&ipbits=0&ip=0.0.0.0&cp=Snp1cGFyR0E6ODU4MzMxMTY3MDgzMDAyNDAzNTA&sparams=expire,ipbits,ip,q:,cp&signature=B7F3205325B463AFCAA48E2C7642EA58F72795BB.6371051A631E99E985F43963816BB54BF57D35BD&key=am3

Why:      Andr.Trojan.Zitmo-2

Method:   GET

Size:     1637694

Weight:   0

Category: Content scanning

Mime type:application/vnd.android.package-archive

Group:

HTTP resp:403

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…

Squarespace Image Export

To gain continued access to your Squarespace website images after cancelling your subscription you have several...

MySQL 8.x GRANT ALL STATEMENT

-- CREATE CREATE USER 'tgnrestoreuser'@'localhost' IDENTIFIED BY 'AppleSauceLoveBird2024'; GRANT ALL PRIVILEGES ON...

Exetel Opt-Out of CGNAT

If your port forwards and inbound and/or outbound site-to-site VPN's have failed when switching to Exetel due to their...