SymbOS/Cabir.E!worm - Released Mar 22, 2007 - Last Updated Jul 14, 2008

Symb/Cabir-E [Sophos], SymbOS.Worm.Cabir.C [BitDefender], SymbOS/Cabir.R.worm [Panda]

Rapid battery power loss due to repeated propagation attempts via Bluetooth.

Presence of the following files in \SYSTEM\SYMBIANSECUREDATA\ni&ai-SECURITYMANAGER:

This variant of Cabir is similar to SymbOS/Cabir.A!worm.

The difference is that it is installed in the following folder with file name ni&ai-:

\SYSTEM\APPS\ni&ai-

and that the the virus files are copied to the following folder:

\SYSTEM\SYMBIANSECUREDATA\ni&ai-SECURITYMANAGER

Delete all the virus files with a file manager application - or run FortiClient Mobile Security.

Fortinet