Are development tools infected?

Question

Are development tools infected?

My antivirus program (CA Anti-Virus) has just started reporting the existence of "AndroidOS / SMSTroj.D! Generic" in several .dex files generated for my Android projects in Eclipse. (I do not write malware!)

Has anyone else seen something like this?

Is my development environment infected in some way, or is it a false positive? How can I check and, if true, disinfect my system?

I did not find any information about this trojan (there is no information on the CA website). Does anyone have pointers to information about this (in particular, about disinfection of the development environment)?

+4

android eclipse antivirus trojan

Ted hopp Feb 03 '12 at 21:39

source share

2 answers

Yes, it is TRIGGER. Look at here.

https://www.virustotal.com/file/dcf44f7262682ec2274829e6a14dfde470ca60dc1fbb2b76ff1053230ae305c2/analysis/1323302988/

0

Shankar damodaran Feb 03 '12 at 21:41

source share

kabuko · Accepted Answer · 2012-02-06T22:48:53+0000

Contacting CA really seems like a good idea, but it may also be interesting to create a blank / hello world application and clean / rebuild dex files several times and see if something catches up. For some reason, I doubt that the virus will try to parse your program and see what it does (except, perhaps, manifest permissions, I think you could copy them from your "infected" project), so build any dex that I would I thought you should have given the same results. I suspect this is also a false positive. If this happens through a clean one, you can slowly add several classes at a time from your "infected" project and narrow it in this way.

Are development tools infected?

More articles: