SymbOS/Agent.A!tr - Released May 12, 2006 - Last Updated Jun 21, 2007

Alias/es Trojan-Dropper.SymbOS.Agent.a, SYMBOS_MDROP.AJ, SymbOS/MultiDropper!sis trojan
Visible Symptoms The following files exist: E:\Opera anti spyware system\opera.txt E:\Opera anti spyware system\opera antispyware.bat
Detailed Analysis It is a Symbian virus, packed in SIS format. Pretends to be a sis pack of Opera Antispyware to trick the user into installing it. Upon installing, it drops the following files: E:\Opera anti spyware system\opera.txt : a Windows PE file. This is a trojan downloader that is already being detected as W32/IstBar.IS!tr. E:\Opera anti spyware system\opera antispyware.bat : a Windows batch file. If the mobile device is connected to a PC, it copies the file opera.txt to the connected computer and executes it.
Recommended Action Delete all the dropped files using a file manager program.

Fortinet