Yesteday I visited my mother at Kuala Lumpur because of fasting months. There some how, my brother received a sms and open it. Because of that the handphone got infected with this virus. My handphone started sending sms and mms. When i switch on my bluetooth in my Laptop, it also trying to send the virus into the laptop. After 6 hours finding the solution in the internet . I solve it with this solution and i hope we can share the experience and i'm happy to hear any comments from other about this solution.
Sign and Symptoms
The variant dubbed Commwarrior.C, will launch a process named “cwoutcast” once it install itself in the infected device. It will send MMS message to certain devices non-stop.
The difference between this variant and the previous Commwarrior are:
* This variant has a safe mode in the background process that gives the smart phone user a hard time to remove it by just following normal virus clearing procedure.
* Even if you can locate the virus in the disk and delete it, the remaining process in the memory will regenerate the same files in the corresponding disk, and this is why this variant is considered un-beatable.
* This variant, same as its ancestor, can also spread itself through bluetooth, only in a more aggressive way. It can spread itself to several devices through bluetooth simultaneously.
* It will infect your MMC card, so that when you send information to your friends with your MMC card, you will possibly have sent the virus to them as well.
Removal Steps:
First(important)
Kill Commwarrior Process
- Install a third-party file manager. For example FExplorer
- Start FExplorer
- Select and copy any file to clipboard
- Navigate file system with navigation button. Press right to enter directory, left to leave directory.
- Select C: and press right, select system and press right
- Select any file from c:\system such as backup.xml
- Select Edit/Copy from menu
- Copy the file to E:\system\temp
- Press left until you are at filesystem selection screen
- Select E: and press right
- Select System and press right, and then temp and press right
- Select Edit/Paste from menu
- Rename the file to noboot
- Select File/Rename from menu
- Rename the copied file to noboot
- Reboot the phone
download and run the tool
Follow these steps to download and run the tool:
- Download the SymcMTRT.sis file from the following URL:
http://securityresponse.symantec.com/avcenter/SymcMTRT.sis
Note:- The current version of the tool is version 1.0.5.
- The certificate details are as follows:
Issuer:
Symbian Limited
Owner:
Symantec Corporation
Expires:
06/27/2016
Serial number:
554E3938F3A3BFB6ED39D54C9653BDBD
Valid from:
06/28/2006
- Save the file to a convenient location, such as your Windows desktop.
- Load the SymcMTRT.sis removal tool file onto the compromised device.
- In the Symbian OS Menu, open the Tools folder.
- Open the File Mngr. program.
- Locate the SymcMTRT.sis file and open it.
- Click Yes when you see the following message:
Install Symantec Mobile Threats Removal Tool? - Choose Continue and then click OK.
- Click Exit to exit the file manager.
- Click Back to exit the Tools folder.
- Open the SymcMTRT application.
- Click Options, select Quick Scan, and then click Select.
- Choose Yes or No when the following message appears:
Would you like to create a log file as C:\Nokia\SymcMTRT.LOG? - One of two messages will appear:
Scanning Completed!
The removal was successful.
Directories deleted:[NUMBER OF DIRECTORIES]
Files deleted:[NUMBER OF FILES]
Scanning Complete!
No threat has been found on your device - Click Close to exit the removal tool.
- Restart the device.
- Run the removal tool again to ensure that the device is clean.
%20and%20Linux.%20The%20image%20should%20feature%20a%20side-by-side%20comparison,%20with%20one%20half%20representi.webp)
22 comments:
Hey man tried ur meoth. Some files were deleted but the banner (infected by Commwarrior) remains. The phone does not restart nor does it send any mms. Could u plz tell me how to delete the banner. Urgent man thanX a lot. plz reply to me : eshmeister@gmail.com
thankyou very much for your help. but I've got the same problem as the above one the banner is still appearing insted of the service provider logo!
sorry my email is yacinemeca@hotmail.com
U can use file explorer to remove banner "infected by comwarrior" in oprator logo by deleting folder c:\system\apps\phone.
Hey man tried ur meoth. Some files were deleted but the banner (infected by Commwarrior) remains. Could u plz tell me how to delete the banner. Urgent man thanX a lot. plz reply to me : zakiemad@hotmail.com
thnks for the help on removing that damn commwarrior...
uhm, the banner, mine was removed when i reformatted my fone after your process...thanks again..
reformatting fone (i just tried it with 6600)
1. turn off the phone
2. press call button (the green one) + * + 3
3. then while pressing these three turn on the fone then release them when you see the 'formatting...'
Yeah... it's worked for me i already found the removal tool and cleared the virus but the logo was still there .... i tried deleting the c:\system\phone folder and restarted the phone now it has gone away... my phone is N70.
Thanks man, saved me $80 SGD
Thank you for the Good job that u are doing.Thanx for helping me remove CommWarrior from my cellphone,God bless u
Bernard
thanks and here is the best working solution for me with N70 infected by Commwarrior.c
go
http://www.netqin.com/english/tools_cw.c.html
Yeah,this is a really good job.I tried your way and it worked magically. After which I formatted my device,after which the banner disappered. to be on a safer side. I used file explorer to delete the CommWarrior folder on c:\system\app.
Hey! Dont forget to format your MMC to prevent reinfection.
type in *#7370# choose yes, security code should be 12345, phone will restart, but make sure u take ur memry crd out n dont put it back in until you have formatted it via ur computer.
thanks so much.. it really helped me... i was so suffering.. its worked and no logo also..
Spiritcoda
www.shivika.net
thanks so much!!!! great help with removing the "infected by comwarrior"
logo!!! big help!!!
Thank you very much !!!!!
Thanks to you, i have been able to:
Remove CommWarrior from my Nokia 6680.
The logo was still there, I only had to to a hard reset *#7370# then it was Clean !! (lock code is 12345)
Beware, the code formats the memory card !!! and deletes everything.
Hay!! Thanx very much!! I searched Anti virus web sites!! But could not find a precise solution as that of yours! Thanx man!!
Damn, I had this one for a long time, I just didn't use my Ngage because of the virus, I was one of the very first so there was like NO info to find online. Well thx :)
Man, thx alot. God bless u. my n-gage qd is free now from comwarrior. good job bro.
tnk you tnk you for all the tips!! love you all!! keep it all up!
Thanks a lot. You saved me a lot of hassle having to go to a technician to have this fixed.
You should be getting something out of this. ( I don't know what though. LOL)
Anyway, seriously, it's really a great help. If you just keep this procedure of yours updated, you can help a lot more in the future. That should bring a very good feeling. I wish I have your knack for these stuffs as well. Very impressive.
God bless!
cost of viagra effects of viagra can viagra causes legs to ache viva viagra song viagra attorney columbus viagra uk cheap purchase buy viagra lawyer ohio viagra oral jelly order viagra online videos viagra pfizer viagra generic viagra india side effects of viagra viagra buy price iframe
Great Site. Was added to mybookmarks. Greetings From USA.
Post a Comment