F-Secure: Be Sure
Main
F-Secure Logo - Be Sure
Select local site


Privacy Policy
Legal Notices
Contact Us

F-Secure Virus Descriptions : Drever.B

[Summary] | [Disinfection] | [Detection]



NAME:Drever.B
ALIAS:SymbOS/Drever.B

Summary

Drever.B is a malicious SIS file trojan that disables the automatic startup from Simworks Symbian Anti-Virus software.

Drever.B does not affect F-Secure Mobile Anti-Virus.

Disinfection

Disinfection

Drever.B can be disinfected easily by using F-Secure Mobile Anti-Virus available from http://www.f-secure.com/estore/avmobile.shtml

Or you can uninstall it by uninstalling the SIS file in which Drever.C was installed from using application manager

1. Open the application manager

2. Uninstall Simworks_update.sis

3. Re-install your Anti-Virus


Back to the Top


Spreading in Simworks_update.sis

Payload Drever.B drops non-functional copy of the bootloader used by Simworks Symbian Anti-Virus. This non-functional copy overwrites the original file, causing target software not to load automatically when the phone boots.

Detection

Detection for this malware was published on March 21th, 2005 in the F-Secure Mobile Anti-Virus update build 31


Back to the Top


Write-up: Jarno Niemela March 22nd, 2005;

F-Secure Corporation