doomed the nasty mobile virus how to fix it here at mobile-antivirus.org

Doomed how to fix this nasty one - mobile-antivirus.org - information on mobile virus threats and more.........

the site that specializes in keeping mobile devices safe

Doomed how to fix this mobile virus

This site is a free information base of anti virus knowledge which is sponsered and kept free thanks to the sponsership of UMU mobile antivirus....please visit our sponsers link to keep mobile-antivirus.org free.

SymbOS/Doomed is a highly destructive mobile Trojan program that arrives a SIS installer disguised as a normal application. Some known applications it uses for cover are:

Double Process Speed v6.1.3 by DFT
Effects v1.05 by Dj 6230
exoVirusStop v2.13.16
Doom 2

It usually has three primary payloads:

• Disable normal applications
• Prevent proper phone boot
• Drop and execute other Symbian malwares

The first payload is done by dropping corrupted copies of popular applications, which effectively disables them. Some known applications that it disables are the following:

bootdata.app
data.app
file.app
freakbtui.app
nokiafile.app
pjBLUE.APP

The second payload is accomplished by dropping any or all of the following files:

Etel.dll
etelmm.dll
etelpckt.dll
etelsat.dll

These files are corrupted copies of normal system files that prevent proper phone booting. However, this routine does not usually succeed because the damaged copies are dropped in the wrong directories.

For the third payload, SymbOS/Doomed has been known to drop and executes the following copies of Symbian malwares:

SymbOS/Cabir
SymbOS/CommWarrior
SymbOS/Fontal
SymbOS/CardTrap
SymbOS/CardBlock
SymbOS/Skulls

Some variants of SymbOS/Doomed display an image taken from popular horror movies during installation. This image contain the message:

You are Cursed by
DFT

There are some variants of SymbOS/Doomed that exploits a known bluetooth vulnerability in phones. This vulnerability causes other mobile devices doing a search for bluetooth devices to restart when they detect the infected phone.

SymbOS/Doomed affects phones running the Symbian S60 platform. Some affected phones include the following:

Nokia 3650, 3600
Nokia 3660, 3620
Nokia 6600
Nokia 6620
Nokia 7610
Nokia 7650
Nokia N-Gage
Panasonic X700
Sendo X
Siemens SX1

Manual Disinfection

To disinfect a compromised device, it is necessary to reinstall all overwritten applications. The SymbOS/Doomed SIS installer must then be deleted. If this does not restore the phone, a formatting the phone may be necessary. All data saved in the C drive will be lost during a format.

To protect your mobile devices from the bluetooth vulnerability, always make sure you have the latest Symbian patch installed. Set your phone’s non-discoverable mode on whenever possible and turn off bluetooth when not in use.

Articles & Info
SymbOS Threats
Flexispy Hobbes SendTool Cadmesk Doomed Fontal Bootton Skulls Disable Dampig CardTrap Drever CommWarrior Blanfon Cabir PBSteal CardBlock Locknut
Threats by Phone
Nokia 3650, 3600 Nokia 3660, 3620 Nokia 6600 Nokia 6620 Nokia 7610 Nokia 7650 Nokia N-Gage Panasonic Sendo Siemens
Anti virus Articles
The gowth of mobile viruses Mobile Viruses 101 Cell phone viruses - cabir A irony A Virus is just a call away Downloading a Free Ring Tone...?Downloading a Virus...

Home | Site Map | Contact Us | Links Directory