1. /
  2. Security Response/
  3. Spyware.FlexiSpy

Spyware.FlexiSpy - Removal

July 2, 2007 4:56:37 PM
Also Known As:
Flexispy.A [F-Secure], SYMBOS_FLEXSPY.A [Trend]
Risk Impact:
Systems Affected:
Symbian OS
On Symbian OS:
  1. Install a file manager program on the device.

  2. Enable the option to view the files in the system folder.

  3. Delete the following malicious files:

    • [DRIVE LETTER]:\system\recogs\FSLRECOG.MDL
    • [DRIVE LETTER]:\system\recogs\FXSMON.MDL
    • [DRIVE LETTER]:\system\apps\system\phones\FXSMON.EXE
    • [DRIVE LETTER]:\system\apps\system\phones\MONUNINS.EXE
    • [DRIVE LETTER]:\system\apps\system\phones\t4l.cfg
    • [DRIVE LETTER]:\system\apps\system\phones\Fxs_caption.rsc
    • [DRIVE LETTER]:\system\apps\system\phones\Fxs.rsc
    • [DRIVE LETTER]:\system\apps\system\phones\Fxs.app
    • [DRIVE LETTER]:\system\apps\system\phones\Fxs.aif
    • [DRIVE LETTER]:\system\apps\system\phones\MONITOR.DLL
    • [DRIVE LETTER]:\system\apps\system\phones\config.dat
    • [DRIVE LETTER]:\system\apps\system\phones\monitor.log
    • [DRIVE LETTER]:\system\apps\system\phones\phones.db

  4. Exit the file manager.

On BlackBerry:

Removal depends on how the program was loaded onto the device, and on device specific settings.

If the program was install OTA (or with an associated ALX file), navigate to the following option:
Options > Security Options > Application Permissions -> (BlackBerry key) -> Delete

If the program was loaded via cable, BlackBerry Enterprise Server (BES) refer to BES documentation for further details.
Writeup By: Hyun Choi and James O'Connor

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver