This application requires Javascript for optimal performance.

SymbOS/Yxes.B!worm - Released Feb 19, 2009 - Last Updated Feb 20, 2009

Detection Availability

Active DatabaseExtended Database
FortiGate
low
high
FortiClient
FortiMail N/A

Visible Symptoms

  • The repeated attempts by the virus to send SMS messages may yield:

    • Rapid battery power loss
    • Abnormally high phone bills

  • Presence of the following files:

    • c:\sys\bin\EConServer.exe
    • c:\private\101f875a\import\[2001EB45].rsc

Detailed Analysis

This worm is a variant of SymbOS/Yxes.A!worm, with which it shares most functionalities. Unlike the latter, however, the worm installation package is signed with a development certificate (instead of a Symbian certificate). Therefore, attempts to install it on factory mobile devices running S60 3rd Edition will cause a "Constrained by the certificate" error.
.

Recommended Action

    FortiGate Systems

  • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.

    FortiClient Systems

  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Reference: ID - 755620