Doomboot.D is a close variant to Doomboot.C. The major difference between
Doomboot.D and Doomboot.C is that Doomboot.D contains corrupted font file
from Fontal.A and theme file that changes the background and other images
on the phone.
Doomboot.D pretends to be theme pack that contains images of celebrity
Angelina Jolie, unlike most such trojans the Doomboot.D actually does contain
the theme files. But in addition it also contains trojan files, that crash
the phone when it is being rebooted.
If you have installed Doomboot.D, the most important thing is not to
reboot the phone and follow the disinfection instruction in this
description.
If you have rebooted the phone and the phone will not start again, the phone
can be recovered with hard format key code that is entered in the phone boot.
Disinfection
Disinfection with F-Secure Anti-Virus
F-Secure Mobile Anti-Virus will detect and disinfect Doomboot.D
1. Remove the SIS file in which the Doomboot.D was installed
2. Open web browser on the phone
3. Go to http://phoneav.com
4. Select link "Download antivirus software for your smartphone" and then
select phone model
5. Download the file and select open after download
7. Install F-Secure Mobile Anti-Virus
8. Go to applications menu and start Anti-Virus
9. Activate Anti-Virus and scan all files
Disinfection for the cases when phone is already rebooted and cannot start up
CAUTION! this method will remove all data on the device including calendar and
phone numbers
Sometimes Doomboot.D installs the corrupted file on memory card, so try to boot
without the card. If the phone still does not boot use the instructions below.
1. Power off the phone
2. Hold following three buttons down "answer call" + "*" + "3"
3. Keep holding the buttons and power on the phone
4. Depending on the model, you either get text "formatting" or startup dialog that
asks for initial phone settings
5. Your phone is now fomatted and can be used again
Installation to system
Doomboot.D installs corrupted system binary into C:\ drive of the phone.
When phone boots this corrupted binary will be loaded instead of the correct
ones, and the phone will crash at boot.
Spreading in
"Angelina Joulie Theme(Universal Theme).sis"
Payload
Installs corrupted system binaries and theme skin files to fool the user.
