Discovered: July 4, 2006
Updated: February 13, 2007 12:57:15 PM
Type: Trojan Horse
Systems Affected: Symbian OS
- Install a file manager program on the device.
- Enable the option to view the files in the system folder.
- Navigate to and delete the following files:
- C:\ETel.dll
- C:\etelmm.dll
- C:\etelpckt.dll
- C:\etelsat.dll
- C:\system\apps\AntiVirus\AntiVirus.aif
- C:\system\apps\AntiVirus\AntiVirus.hlp
- C:\system\apps\AntiVirus\AntiVirus.ini
- C:\system\apps\AntiVirus\AntiVirus.lsc
- C:\system\apps\AntiVirus\AntiVirus.mbm
- C:\system\apps\AntiVirus\AntiVirus.rsc
- C:\system\apps\AntiVirus\AVServer.exe
- C:\system\apps\AntiVirus\Definitions.dat
- C:\system\apps\AntiVirus\Log.txt
- C:\system\apps\AntiVirus\Update.ini
- C:\system\apps\AntiVirus\~AntiVirus.app
- C:\system\apps\AppInst\Appinst.aif
- C:\system\apps\AppInst\Appinst.app
- C:\system\apps\BatteryDrainer!!\BatteryDrainer!!.MBM
- C:\system\apps\BatteryDrainer!!\BatteryDrainer!!.app
- C:\system\apps\BatteryDrainer!!\BatteryDrainer!!.rsc
- C:\system\apps\BatteryDrainer!!\ezrecog.MDL
- C:\system\apps\caribe\caribe.app
- C:\system\apps\caribe\caribe.rsc
- C:\system\apps\caribe\flo.mdl
- C:\system\apps\CommWarrior\commrec.mdl
- C:\system\apps\CommWarrior\commwarrior.exe
- C:\system\apps\file\file.app
- C:\system\apps\gavno\gavno.App
- C:\system\apps\gavno\gavno.Rsc
- C:\system\apps\gavno\gavno_caption.Rsc
- C:\system\apps\OIDI500\OIDI500.aif
- C:\system\apps\OIDI500\OIDI500.app
- C:\system\apps\OIDI500\OIDI500.mdl
- C:\system\apps\OIDI500\OIDI500.rsc
- C:\system\apps\SystemExplorer\SystemExplorer.app
- C:\system\apps\velasco\marcos.mdl
- C:\system\apps\velasco\velasco.app
- C:\system\apps\velasco\velasco.rsc
- C:\system\CARIBESECURITYMANAGER\caribe.app
- C:\system\CARIBESECURITYMANAGER\caribe.rsc
- C:\system\programs\cwoutcast.exe
- C:\system\RECOGS\AVBoot.mdl
- C:\system\RECOGS\flo.mdl
- METALG.SIS
- caribe.sis
- Exit the file manager.
Writeup By: Yana Liu
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine