This application requires Javascript for optimal performance.

SymbOS/Comwar.v10.VAR!worm - Released May 18, 2006 - Last Updated Mar 11, 2008

Alias/es

Worm.SymbOS.Comwar.b, SymbOS/Commwarrior.i!exe, Symb/Comwar-A, SymbOS.Worm.CommWar.B, SymbOS/CommWarrior.F, SymbOS/ComWar.A.worm, SymbOS/CommWarrior.A, SYMBOS/Comwar.B, Symbian.Commwar, SymbOS/Comwar.1.0.A.VAR!worm, SymbOS/Comwar.B!worm

Detection Availability

	Active Database	Extended Database
FortiGate		low high
FortiClient
FortiMail		N/A

Visible Symptoms

An infected phone may experience rapid battery power loss due to the constant efforts by the virus to infect other phones via a Bluetooth seek-and-connect outreach
Creation of files in the relative system path on an infected phone, such as the following:

\system\data\IloveLeslie\LeslieLoves.exe
\system\data\IloveLeslie\RecQWRD.mdl

Detailed Analysis

This detection is for samples that are very similar to SymbOS/Comwar.v10!worm. These are usually binary edited samples of the original worm.
The message and dropped files of these samples vary.
Some observed filenames of dropped files are the following:
- \system\data\IloveLeslie\LeslieLoves.exe
- \system\data\IloveLeslie\RecQWRD.mdl

Recommended Action

Scan the infected device and delete all modules related to this worm.

Reference: ID - 431505

Current Threat Level

Vulnerabilities

Virus/Spyware

Spam

PGP Keys

Contact Form

Copyright © 2011 Fortinet Inc. All Rights Reserved