Dampig.A is a malicious SIS file dropper, that pretends to be a crack for version 3.2 of FSCaller application. The Dampig.A disables some system applications and third party file managers and installs several variants of Cabir worm on the phone.
The Dampig.A trojan disables Bluetooth UI, system file manager, Messaging application and phone book on the infected handheld. Also the Dampig.A will corrupt the uninstallation information in the system installer, so that it cannot be uninstalled without being disinfected first.
The menu application is not disabled, so the user is able to use his phone, and download Anti-Virus to disinfect the phone without any special tool.
None of the Cabir variants installed on the phone will start automatically, but some of the applications that are replaced with Cabir executables, such as Messaging application, will be most likely called and thus executed by the user.
All of the Cabir variants worm dropped by Dampig.A are already detected. So the Dampig.A is already detected and stopped without need for updated Anti-Virus database.
Please note, that even as the FSCaller application that Dampig.A prenteds to crack, has similar name to our product naming. It has nothing to do with F-Secure. FSCaller is software made by SymbianWare OHG in Germany.
F-Secure Mobile Security will detect the installed Cabir variants and delete the worm components. After deleting worm files you can delete go to application manager and uninstall the Fscaller3.2Crack7610.sis
If your phone is infected with some Cabir variant and you cannot install files over bluetooth, you can download F-Secure Mobile Anti-Virus directly to your phone.
1. Open web browser on the phone
2. Go to https://mobile.f-secure.com
3. Select link "Download F-Secure Mobile Anti-Virus" and then select phone model
4. Download the file and select open after download
5. Install F-Secure Mobile Anti-Virus
6. Go to applications menu and start Anti-Virus
7. Activate Anti-Virus and scan all files
Kill the Cabir variants that are currently running in the system:
1. Press menu button until you get a list of running applications
2. Kill all applications that look suspicious by pressing 'C' button
A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:
Check for the latest database updates
First check if your F-Secure security program is using the latest detection database updates, then try scanning the file again.
Submit a sample
After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis.
NOTE If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.
Exclude a file from further scanning
If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.
Note You need administrative rights to change the settings.
When installed Dampig.A will replace most common third party file managers, and key system applications with non-functional versions.
Spreading in: Fscaller3.2Crack7610.sis or vir.sis
Disables following applications: