Tools
Trojan:W32/Romride.J
Summary
Disinfection
CAUTION! This method will remove all data on the device, including calendar and phone numbers:
- Power off the phone
- Hold the following three buttons down - "answer call" + "*" + "3"
- Keep holding down the buttons and power on the phone
- Depending on the model, you will either get text that reads "formatting" or a start-up dialog that asks for the initial phone settings
- Your phone is now formatted and can be used again
Prevention
Prevent future infections with F-Secure Mobile Anti-Virus
Additional Details
Trojan:SymbOS/Romride.J affects devices running the Symbian S60 operating system. It is distributed in a malicious SIS file and when executed, installs components that cause the phone to 'crash', essentially becoming useless.
Execution
On execution, Romride.J installs malfunctioning system component configurations. These components are designed to cause effects on the device, which may differ based on the version of ROM software installed. The message "Attack Successfully" is displayed, then the phone is immediately rebooted.
The effects produced by the system components are not seen, as Romride.J also installs a bootstrap component that reboots the phone every time it attempts to complete startup, leaving the phone in a continuous reboot loop.