|
|
|  |
|
|
|
|
F-Secure Malware Information Pages: Trojan:SymbOS/SrvSender
|
|
|
| Radar |
 |
|
|
|
Summary
|
Trojan:SymbOS/SrvSender affects Symbian Series 60 Second Edition devices.
SrvSender responds to all incoming messages and phone calls with a random SMS message and removes all traces of some incoming messages. |
|
|
|
Disinfection
|
Disinfecting using F-Secure Mobile Anti-Virus
- Download F-Secure Mobile Anti-Virus from http://f-secure.mobi
and activate the Anti-Virus - Scan the phone and remove any components of the malware
- Reboot the phone to remove memory resident components
Disinfection for the cases when phone cannot start up
CAUTION! this method will remove all data on the device including calendar and phone numbers:
- Power off the phone
- Hold the following three buttons down - "answer call" + "*" + "3"
- Keep holding down the buttons and power on the phone
- Depending on the model, you will either get text that reads "formatting" or a start-up dialog that asks for the initial phone settings
- Your phone is now formatted and can be used again
To prevent future infections, please download F-Secure Mobile Anti-Virus from here: http://f-secure.mobi. |
|
|
|
Detailed Description
|
Trojan:SymbOS/SrvSender affects Symbian Series 60 Second Edition devices.
SrvSender responds to all incoming messages and voice calls with a random SMS message. It removes all traces of all incoming SMS messages.
SymbOS/SrvSender.A has following features.
It attempts to kill the following processes:
It attempts to remove the following files:
- \system\recogs\AppToolkit.mdl
- \system\recogs\RecMemCard.mdl
It deletes incoming MMS messages containing attachments with the following extension:
- install
- sis
- app
- exe
- jar
- jad
SrvSender.A creates a file containing logs of some of its activities in the following location:
- C:\system\data\apple.txt.
|
|
|
|
F-Secure Corporation |
|
|
|
|
|
Last Modified: March 07, 2008
|
|
|
|
|
