F-Secure: Be Sure
Main
F-Secure Logo - Be Sure
Select local site


Privacy Policy
Contact Us

F-Secure Trojan Information Pages: Doomboot.P

[Summary] | [Disinfection] | [Detailed Description] | [Detection]

Name:Doomboot.P
Type:Trojan
Category:Trojan
Platform:SymbOS
Date of Discovery:July 27, 2006

Summary
DoomBoot.P is a malicious SIS file trojan that drops corrupted system binaries and after installing the corrupted binaries reboots the phone. The corrupted binaries dropped by DoomBoot.P prevent the phone from restarting thus disabling the phone immediately after installation.
Back to the Top

Disinfection

Disinfection for the cases when phone cannot start up
CAUTION! this method will remove all data on the device including calendar and phone numbers:

  1. Power off the phone
  2. Hold the following three buttons down - "answer call" + "*" + "3"
  3. Keep holding down the buttons and power on the phone
  4. Depending on the model, you will either get text that reads "formatting" or a start-up dialog that asks for the initial phone settings
  5. Your phone is now formatted and can be used again

To prevent future infections, please download F-Secure Mobile Anti-Virus from here: http://mobile.f-secure.com
Back to the Top

Detailed Description
Installation to system Doomboot.P installs corrupted system binaries into C:\ drive of the phone. When phone boots this corrupted binaries will be loaded instead of the correct ones, and the phone will crash at boot.
Back to the Top

Detection

F-Secure Mobile Anti-Virus for Symbian detects this malware starting from the update build number 28.
Back to the Top



F-Secure Corporation


  Description Index