Development tools infected?
https://stackoverflow.com/questions/9168506
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
My antivirus program (CA Anti-Virus) just started reporting the existence of "AndroidOS/SMSTroj.D!generic" in a few of the .dex files generated for my Android projects in Eclipse. (I'm not writing malware!)
Has anyone else seen anything similar?
Is my development environment infected somehow, or is this a false positive? How can I verify and, if it's real, disinfect my system?
I haven't found any info about this trojan (the CA site reports no info). Does anyone have pointers to info about this (in particular about disinfecting the development environment)?
Solution
Contacting CA does seem like a good idea, but it might also be interesting to create a blank/hello world app and clean/rebuild the dex files a few times and see if anything picks up. Somehow I doubt a virus would try to parse your program and see what it's doing (other than perhaps permissions of the manifest, I guess you could copy over those from your "infected" project) so a build of any dex I would think should give you the same results. I suspect it's a false positive too. If it comes through clean you can slowly add a few classes at a time from your "infected" project and narrow it down that way.
OTHER TIPS
Yes its a TROJAN. Have a look here.
