Tools
Trojan:SymbOS/CDropper
Summary
Disinfection
Automatic Disinfection
F-Secure Mobile Anti-Virus will detect the installed Cabir variants and delete the worm components. After deleting worm files you can use application manager to uninstall the SIS file that dropped the worm.
If your phone is infected with Cabir variant and you cannot install files over Bluetooth, you can download F-Secure Mobile Anti-Virus directly to your phone
- Open web browser on the phone
- Go to http://mobile.f-secure.com
- Select link "Download F-Secure Mobile Anti-Virus" and select phone model
- Download the file and select open after download
- Install F-Secure Mobile Anti-Virus Go to applications menu and start Anti-Virus
- Scan all files
Additional Details
This description is for the Trojan:SymbOS/CDropper malware family, which contains numerous variants. Trojan:SymbOS/CDropper functions, as its name suggests, as a dropper. On arriving on a new system, it installs Cabir variant(s) into several places in the device file system.
Some of the installed Cabirs will replace system or common third party applications. If the user has one of these applications installed, it will be replaced with Cabir and its icon in the menu will go blank.If the user clicks on one of the replaced icons in the menu, the Cabir executable will execute and try to spread to other devices.
For more details, see Trojan:SymbOS/CDropper.A