Discovered: November 22, 2004
Updated: February 13, 2007 12:31:31 PM
Type: Worm
Systems Affected: EPOC
Removal using the Symantec Mobile Threats Removal Tool
Symantec Security Response has developed a
removal tool to clean the infections of SymbOS.Cabir.B. Use this removal tool first, as it is the easiest way to remove this threat.
Manual Removal:
To remove SymbOS.Cabir.B:
- Install a file manager program on the phone.
- Enable the option to view the files in the system directory.
- Search the drives, A through Y, for the \SYSTEM\APPS\CARIBE directory.
- Delete the files CARIBE.APP, CARIBE.RSC, and FLO.MDL from the \CARIBE directory.
- Go to the C:\SYSTEM\SYMBIANSECUREDATA\CARIBESECURITYMANAGER directory.
- Delete the files CARIBE.APP, CARIBE.RSC, and CARIBE.SIS.
- Go to the C:\SYSTEM\RECOGS directory.
- Delete the file, FLO.MDL.
- Go to the C:\SYSTEM\INSTALLS directory.
- Delete the file, CARIBE.SIS.
Note: You cannot delete the file CARIBE.RSC when the program is running.
If you cannot delete this file in steps 4 and 6, delete all the files that you can, restart the phone, and then delete the CARIBE.RSC file.
Writeup By: Robert X Wang
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine