SymbOS/Appdisabler.U!tr - Released May 12, 2006 - Last Updated Jan 23, 2007
|
Alias/esSymbOS/Appdisabler.U!tr, SymbOS/Multidr.AE!tr, Trojan.SymbOS.Blankfont.a, SymbOS/MultiDropper.cf!sis trojan, SymbOS/Skulls.AE!intended |
Visible SymptomsMany applications no longer work after being infected by this virus.
The icon of some applications shown in the menu may be changed to a picture of skull. |
Detailed AnalysisIt is a Symbian virus, packed in .sis format.
Displays the following message prompting the user to install:
Installs the following corrupted Font file into the infected device:
- C:\system\fonts\panic.gdr
Drops some non-functioning files to disable some broadly used applications in the phone.
May drop some files which are variants of SymbOS/Cabir and SymbOS/Skulls.
May drop the following files which are variants of SymbOS/Flexispy:
- c:/system/apps/system/phones/fxs.aif
- c:/system/apps/system/phones/fxs.app
- c:/system/apps/system/phones/fxs.rsc
- c:/system/apps/system/phones/fxs_caption.rsc
- c:/system/apps/system/phones/fxsmon.exe
- c:/system/apps/system/phones/monitor.dll
- c:/system/apps/system/phones/monunins.exe
- c:/system/apps/system/phones/t4l.cfg
- c:/system/recogs/fslrecog.mdl
- c:/system/recogs/fxsmon.mdl
These files will be run when the device is rebooted.
|
Recommended ActionDelete all the virus files using a file manager program or an AV software for mobile devices.
Reinstall overwritten applications. |
