If I never installed Mobile Terminal on my jailbreaked iPhone before, can I still get the virus? How does the virus spread? Through WiFi or 3G?

Big Thanks!!
I’ve followed ur instruction & get rid of the virus.
Have a nice day!!
rgd,
Maung

Thank You for your help. At first, I tried many times but seems it didnt work but after that, i realize there’s a space between “rm” and “/” …

Thanks so much.. it work.. for the virus author.. you’re the best.. one of a kind.. but, help produce good apps, not viruses.

@Afif If you haven’t jailbroken your phone, you can’t get this Ikee virus. I believe it can spread via both wifi and 3G networks, but I’m not absolutely certain about the 3G spread.

not familiar at all with linux. but if im being asked the confrimation, should i just type ‘y’ then enter? or should i just enter. please help thanks.

Did you do the su step?

yes i have.. but when it comes to deleting the files. a message asking for confirmation appeared. what should i do at this stage? since im not a linux guy, therefore unable to command it to confirm.

Thanks alot, i’m virus free now

Thanks for the easy to follow instructions!
The Rick has successfully been removed.

hey can somebody help me here… what should i do when it ask me for confirmation to remove the file? what command do i type?

WOW! made it! it works! thanks!

Thanks a million. It works!!!! The virus is gone

Done n TQ. Do remember to insert space between rm and /
Hope ther are more good man in this world like you.

bro.. i have a problem over here.. im using iphone 2G
and after downloading n reboot mobile terminal
when i run it n trying to type in password.. it jst say command not found
can help??

I’m glad this was able to help many of you. It annoyed me to no end.

@Amar – I’m not sure why you’re having problems, so many others have cleaned it out.

@gideon – which command did you type before the command not found one? su?

I think I am the first victim in Malaysia. It happened this morning. First attempt failed. Then I saw comment by yusri on the “space after rm”. tried again and woila! the ikee ghost gone! Thanks dudes! Now got to change my pw.

hey guys i got a better method!!!

1. try to restore yr iphone using the latest itunes. using the ‘iPhone2,1_3.1.2_7D11_Restore’ ( remember restore is using the shift + restore )

2. once yr iphonee is restore , (never back up yr iphone to the latest date) choose set up as a new phone!!

and everything is done, lastly

Steps to change your iPhone root password (and minimize being hacked)

1. Start mobile terminal (download and install via Cydia if you haven’t done so yet).
2. Type su.
3. Enter alpine as the password.
4. At the prompt, type passwd.
5. Enter your new root password. DO NOT FORGET THIS!
6. Enter the same password again.
7. You should now be secure from viruses that use the default password to hack into your phone.

thanx backpackers =) i cleaned it up..yahoooooo!!!!!!!!!!!!!

Gone through the steps 3 times but I still have the iKee
I’ve a 3GS with 3.12
Any more ideas?

Thanks

I just did the steps to get rid of the virus but my iphone gets stuck at the loading screen with the apple logo

De Cruz, are you sure you won’t lose your existing data, with your method? I would rather not wipe out everything on my phone, if possible – hence using mobile terminal to delete the problematic files. I still think my method is easiest, dude.

The best way to remove the Ikee virus is making a clear restore .

hey bro! iam able to change my PW! but not the virus..
i trying to type in
Type in the following commands one line at a time, end press return after each line.
You may get messages such as No such file or directory – but that’s fine, different variants may leave behind different files.

rm /bin/poc-bbot
rm /bin/sshpass
rm /System/Library/LaunchDaemons/com.ikey.bbot.plist
rm /var/lock/bbot.lock
rm /var/log/youcanbeclosertogod.jpg
rm /var/mobile/Library/LockBackground.jpg
rm /System/Library/LaunchDaemons/com.saurik.Cydia.Startup.plist
rm /usr/libexec/cydia/startup
rm /usr/libexec/cydia/startup-helper
rm /usr/libexec/cydia/startup.so

as u told.. but yet i cant delete the virus.. can help me up??

Do you get error messages? Do note that there is a between rm and the /

i try it out again today..
each line of command is not working..
it pop up saying cannot remove … no such file or directory..

i seriously need help on this

yep.. i know there’s a space between rm /

once the password changed, i wonder is it come to default password when the firmware is restored back?

Thanks bro…
You great bro…
Now my phone work as usual without Rick’s ghost

Thanks bro!!!

Thanks man.
That did the trick.

i am also infected, but i cant seem to delete any of the files?
There seem to be non of the files found in my iphone?
i did a manual delete from mobileterminal and also winscp into the phone to look for the files..

No such file or directory

So far i am able to delete # Remove: /var/mobile/LockBackground.jpg ONLY

plz advise

It is case sensitive, I believe, so do make sure you are typing it out exactly as per the instructions. Others have been “cured”, so you should be able to as well.

thanks bro. pls try to change password first then only use the above method. it works. my phone now clear with that piece of ugly photo. thanks to the author. good work.

hey bro.. i think i have the same problem as “jaws”
any solution to it??

thanks bro…worked after i read that there was a space between rm and the /

you have been a great help thanks man!!!!! keep up the good work

awesome worked

Hey mate, have same problem as gideon and jaws, always says file not found…

Big TQ to u…
i follow all the command…
IT WORKS!!!!

KEEP IT UP….!!
have a nice day….

Thanks Again….!!!
IM SO HAPPY NOW….
GO to HELL IKEE VIRUS…

Guys i cant do the last two ones!
rm /usr/libexec/cydia/startup-helper
rm /usr/libexec/cydia/startup.so
I did eveyrthing exactly as it is but it says no such file.=(
Help mee

WOW its work .. ty Bro

welll i think he’s not helping out even we cant solve the problem..

I have the same Problem as Jaws, im sure im typing it correctly :S
any ideas why this would occur?

Anya, it means you were infected by a different variant of the Ikee, and it doesn’t have those 2 files. Don’t worry about it.

thanks a lot buddy, it did work for me. good on ya

Thanks heaps backpackr! was stuck with that pic for weeks!

thanks again.

ps get stuffed iKee!

thxxx uuu!!! finally remove this worm from my iphone

All I can say is Thank You so much……….
You are the life saver……..
To all,
This really works…….
Again……. Thank you so much……

i have problem same as gideon.what can i do?

thanks guys for the great work

If you see this message :no such file or directory..
Go to cydia and download ifile and find all adress that type in terminal. Some of them is hidden or remove befor but some of them us stile there.
And for better result check A B C methods. After you find that file. Remove it.

It’s work for me after I can’t work white terminal.

Good luck

I tried this several times, off several websites…
I got a bum steer somewhere cause the file path:
” /var/mobile/Library/LockBackground.jpg”
was missing the sub-directory “/Library”

I think the original variant worked too but so it’s probably worth giving them both a shot.

Works good now but… Cheers ey

Hey!! thanks a heap!! it worked !!!!

Hey whenever I try to delete the files I get a “permission denied”, any way to solve this??

not working for me man!!! i’ve followed instructions step by step and it is not working at all.
i hope you can help me

chris

thanks a lot !!! it’s work for me it pissed me to the max to see my wallpaper with ricky but now it’s GONE !! yeayyyy

thanksssss loadsssssssssss

Thanks alot!

it worked! thank you!

I wanna point out it’s very easy to make a mistake when you are typing in the root menu as there is no spellcheck

Hi All,

I tried entering all the commands twice and some files were removed and some were not found but still the ugly face of ikee is still there.

Then I tried the 3rd time with case sensitive and some files were removed.
And the virus is gone now.

So I would like to share my experience that you must type in the commands as per what you see. If it is capital letter, type it as capital letter.

Thanks alot for the help.

Thanks for sharing your experience, Shunhui. You’re right, everything must be as per how I’ve documented it. Spaces must be where they are, and the capitalization must be right.

Thank you so muchhh for the help in removing this annoying virus !!

Yes you need to follow step-by-step from the beginning till the end and remember after the rm, there’s a space in between and again it’s case sensitive. If it’s capital letter, then follow.

Thanks againnn !! So glad that I don’t need to see Rick’s face anymore! haha

Hi,
I have this Ikee virus and really don’t know what to do. The version of my mobile is 1.1.4. Please give me the link to download mobile terminal.
Thank you

hi all! i cant be able to remove the last 2 steps, the ‘startup-helper’ and ‘startup.so’ but nevertheless i got rid of the irritating picture!!! thanks to the author! im using 16G 3GS, 3.1.2 firmware. so its proven right! thanks again!

As mentioned, if you cannot remove certain files, it is because you have a different variant of the ikee virus. You might not be infected with that strain, so don’t worry about it.

I have an iPhone 1:st gen and this worked perfectly thx!!!

works like a charm.

thanks a lot!

The easiest way to delete those files is by using DiskAid -(just follow the path) and use the terminal to change the password..

TheBackpackr thanks very much for your hardwork!!!

I’ve been infected yesterday 13.02.2010 and am living in Spain.

It worked! Now I’m clean again.

Rgds,

what an asshole that dude is he should go to jail for the years strangers have had to waste fixing his stupid prank

thanks. Its works and finally – i have my own wallpaper

Thanks a bunch! Been procrastinating this for the past few months but finally decided i’ve had enough of Rick Astley…

Hiii,

I’m from sri lanka.Thanks alot finally it did work.

thanks onece again

I got this ugly picture for the past 2 weeks, then I upgraded the Iphone latest version hopefully to reset everything back. Of course, Cydia was gone as well. Now the question is, how do I install the mobile terminal without Cydia?

Can someone help?

Thanks

THANKS MATE

dude you are the best man!! thanks alot

I’ve tried everything but it didn’t work for me?! is there any other way? pls let me know, thnx

Thanks a lot. My iphone now is totally free from the ‘gay-face’. Thanks again.

it was a great help and thanks a lot for the solution

[...] الطريقه اللي بالرابط و ان شاءالله كل شي راح يضبط معاج : Remove the Ikee virus from your iPhone | TheBackpackr.com بالتوفيق ان شاءالله اختي [...]

Omg Thank you so much

Hi,

As you mentioned, if cannot remove certain files, it is because it have a different variant of the ikee virus. So what should i do?? bcoz it doesn’t seem to cure. Thanks.

guys… keep in mind that it is cap sensitive.. i just remove all of them! its works! thankiu host

I have already follow the steps u display. But i still cannot remove the virus. Can u help me out please?

Hey, dunno if it can happen to any of u guys, but I had my Iphone 3G jailbroken, and it had some hardware problem so I got new one (same Iphone 3G), don’t plan to jailbreak it, and when i got it to sync with my itunes, the lkee virus got affacted, as i know this virus is only active through jailbroken iphones right? can anyone explain why my new Iphone (not jailbroken) got this virus? is this through my itunes? and how to fix it? thanks in advance…

Hi

I follow the instruction that you teach, but whe some of th commands need capitalisation, it’s doesn’t work, it’s only always stay in small capital letter. Pls help me and tell the way to make it work.

THANK YOU

hi

i solved the problem already.Anywhere, thank’s a lot your help. You are so nice person.

Thank you.

Another way to remove the virus is to use iFile (something like explorer from Cydia). Some of the files cannot be remove via terminal..well at least it happen to me. Maybe it will help those who followed the instructions above but still unable to set their wallpaper after reboot. It is best to use iFile to browse those infected path and make sure the variants are removed. Cheers !

Moltes gràcies.
Thanks!

Thanks a lot for your guideline! I have removed the virus successfully!

THANKYOUUUUUUUUUUUUUUUUUUUUU

thankyou!!!!

Thanks !!!!!!
Really Thank you~~~~!!!!
It works~!!!
Get rid of that ghost photo~!!

thx i luv you finally d ugly ikee went away
but im still goin 2 keep him as my wallpaper
ikee ROCKS!!!!!!!!! (jk)

Hay Guys Its Work …..

Remmemberrrrrrrrrrrrrrrrrrrr Its Case Sensitive…

Capetal Letters and Small must be the same as the Instructions

Thks bro…thks alot..finally i dont need to see Rick Astley face anymore!!!!!

WORKED follow everystep carefully, make sure you use capitols when needed!

Hey i need quick replies. I am from Singapore. But thru Cydia, i cant find the app “mobile terminator” what do i do?

this totally works! i was so vexed before that.. and i didnt know after jailbreaking, it take so long to reboot that make me almost thought that my phone is gone.

THANKS SO MUCH.

worked on 22 June 2010.

Where do i get cydia? Where do i download mobile terminal app? Please help me! Can i do this directly on my iphone? I have a 2g versión 1.4. Wanted to update but have no idea how! Thank u and god bless u!

I managed to get rid of it.Yahoooooooooooooooo.

Enough of Rick Ashley.
It really works but need alot of patience.
Thank you very much…………….Richard from Singapore…//

Seriously guys, this method works like a charm, it didn’t work for me at the first time but then again i saw i’m missing a space between “rm” and “/”
so keep a space and type all that, mostly the last two commands will tell cannot delete hay what the hec, don’t worry, just type everything there,

dont forget guys, change your password, i did it before i remove the worm.

Good luck guys and stay safe!!!

hei you guys,
i know this seems a tad bit outdated.
but just tot it might help those of ya’ll whose still bummed up over this shitty ass problem.
spent 5 bagazillion times writing the instructions above and yet rick’s goddamn face is still there >.<
finally did it right this time round tho.
realised the problem was i didnt follow exactly what it says there.
and when i say exactly, i mean, EXACTLY!!!
hint hint: FOLLOW THE CAPS IF REQUIRED! small caps n big caps!!!

cheers

@ wendy:
at first, i cudnt find the terminal in cydia as well.
but heres how u can find it:

1. launch cydia
2. scroll down to “openSSH Access How-To” and click.
3. scroll all the way down to “change default password” and click
4. at the top u see “0: install mobileterminal package”

there ya go

i didnt get that picture bur the virus is in my procces
and makes my phone very very slow
gonna try to get it out now

Thank’s alot. after 5 times it worked, ofcourse with capitalization

I followed exactly what it says leave space, FOLLOW THE CAPS, small caps n big caps but still it didn’t work. What should i type when it says “remove write-protected regular empty file ‘xxxxx’?” Do I type in “YES”?? When i did so, it says ” rm: cannot remove “xxxxx” : Permission denied. For some, after I key in the command, it straightaways say rm: cannot remove “xxxxx” : No such file or directory. Please help!!!!

thanks for the guideline..really appreciate! finally i can remove the virus as well.use the instruction carefully.

Don’t erase the Cydia stuff. It’s not part of the infection.

Why is the creator “an ass”? It’s clearly Apple’s fault for making root so easy accessible.

Whenever i open the mobile terminal, it just goes off…(close itself),,,why is this so???..i seriously need help…