Virus

SymbOS/Romride.H!tr

Analysis

  • It is a Symbian virus, packed in .sis format.
  • Displays the following message prompting the user to install:
  • Install Bluetooth?
  • Drops the following file and executes it:
    • helzim.exe
    This causes the phone to restart and create a file in the C:\system\Data\  or other system folders. The file has a very long filename, blocking some applications from accessing these folders.

    Recommended Action

  • Delete all the dropped files using a file manager.