1. /
  2. Security Response/
  3. SymbOS.Opfake

SymbOS.Opfake - Removal

Risk Level 1: Very Low

Discovered:
December 15, 2013
Updated:
December 16, 2013 2:20:45 PM
Type:
Trojan
Infection Length:
132068
Systems Affected:
Symbian OS
  • Install a file manager program on the device.
  • Enable the option to view the files in the system folder.
  • Delete the following files:
%DriveLetter%\sys\bin\Viewer_0xa00161e7.exe
%DriveLetter%\resource\apps\Viewer_0xa00161e7.rsc
%DriveLetter%\resource\apps\Viewer_0xa00161e7.mbm
%DriveLetter%\private\a00161e7\config.xml
%DriveLetter%\private\a00161e7\location.xml
%DriveLetter%\private\a00161e7\antiAOS.xml
%DriveLetter%\private\a00161e7\sms.xml
%DriveLetter%\private\a00161e7\pages\index.xml
%DriveLetter%\private\a00161e7\pages\member.xml
%DriveLetter%\private\a00161e7\pages\rules.xml
%DriveLetter%\private\a00161e7\pages\runonce.xml
%DriveLetter%\private\a00161e7\pages\spacer1.xml
%DriveLetter%\private\a00161e7\pages\spacer2.xml
%DriveLetter%\private\a00161e7\pages\timeout1.xml
%DriveLetter%\private\a00161e7\pages\timeout2.xml
%DriveLetter%\private\a00161e7\pages\timeout3.xml
%DriveLetter%\private\a00161e7\pages\wait.xml
%DriveLetter%\private\a00161e7\html\index.html
%DriveLetter%\private\a00161e7\html\index.beeline.html
%DriveLetter%\private\a00161e7\html\index.megafon.html
%DriveLetter%\private\a00161e7\html\beeline_spacer1.html
%DriveLetter%\private\a00161e7\html\beeline_spacer2.html
%DriveLetter%\private\a00161e7\html\megafon_spacer1.html
%DriveLetter%\private\a00161e7\html\megafon_spacer2.html
%DriveLetter%\private\a00161e7\html\member.html
%DriveLetter%\private\a00161e7\html\member_c51a0e778a98e197fa5d089687b1859c.html
%DriveLetter%\private\a00161e7\html\member_c963985b1f664b92d737aaec8995d0ac.html
%DriveLetter%\private\a00161e7\html\member_cc1c5cb07be6496fbdd5c5703072dfe3.html
%DriveLetter%\private\a00161e7\html\member_ua.html
%DriveLetter%\private\a00161e7\html\mts_spacer1.html
%DriveLetter%\private\a00161e7\html\rules.html
%DriveLetter%\private\a00161e7\html\timeout.html
%DriveLetter%\private\a00161e7\html\wait.html
%DriveLetter%\private\a00161e7\html\pic\ctrtt.png
%DriveLetter%\private\a00161e7\html\pic\radial.png
%DriveLetter%\private\a00161e7\html\pic\tr2.png
%DriveLetter%\private\a00161e7\html\pic\wait.gif
%DriveLetter%\private\a00161e7\html\midlet_image\4376.medium.png
  • Exit the file manager.
    Writeup By: Masaki Suenaga

    Search Threats

    Search by name
    Example: W32.Beagle.AG@mm
    STAR Antimalware Protection Technologies
    Internet Security Threat Report
    Symantec DeepSight Screensaver