PBsteal how to fix this threat

 

This site is a free information base of anti virus knowledge which is sponsered and kept free thanks to the sponsership of UMU mobile antivirus....please visit our sponsers link to keep mobile-antivirus.org free.

PBSteal is the first known mobile malware that steals phone user’s data.

It affects phones running the Symbian S60 platform. Some phones affected by SymbOS/PBSteal include the following:

Nokia 3650, 3600
Nokia 3660, 3620
Nokia 6600
Nokia 6620
Nokia 7610
Nokia 7650
Nokia N-Gage
Panasonic X700
Sendo X
Siemens SX1

It arrives as a SIS file that, when executed, installs the following files:

C:\system\apps\pbexplorer\pbexplorer.app
C:\system\apps\pbexplorer\pbexplorer.rsc

When installed, SymbOS/PBSteal copies the phone’s phonebook entries and saves them into the following file:

C:\SYSTEM\MAIL\PHONEBOOK.TXT

It then sends PHONEBOOK.TXT to the first Bluetooth device it can connect to. The stolen entries are arranged in the PHONEBOOK.TXT file in the following order:

Phone Book Stolen
by: lajel 202u
--
Fname: {first name}
Lname: {last name}
Com: {company}
JobT: {job title}
Tlp: {phone number}
Other:
BirthD: {birth date}

SymbOS/PBSteal displays the following messages:

Compacting your contact(s),step 2

Please wait again
until done...

Phone Book
Compacting
by: lajel 202u

The following string is found in the malware body:

.:: Good artist copy, great artist steal ::.

Manual Disinfection

To kill the running SymbOS/PBSteal process:

1. Download a third party Application Manager or used the Application Manager that comes with the phone.
2. Locate the PBSteal process in the list of running applications.
3. Choose and cancel or terminate the process.

To remove the dropped components:

1. Download a third party File Explorer.
2. Locate and delete the following files:

C:\system\apps\pbexplorer\pbexplorer.app
C:\system\apps\pbexplorer\pbexplorer.rsc

Home | Site Map | Contact Us | Links Directory