Threat Description

Bootton.E

Details

Aliases: Bootton.E
Category: Malware
Type: Trojan
Platform: SymbOS

Summary



Bootton.E is a SIS file that installs small software component that resets the device if executed. This component is installed as reset application. Bootton.E installs also corrupted system components that cause reboot to fail. Thus leaving phone in unusable state.



Removal



F-Secure Mobile Anti-Virus is capable to detecting and deleting the Bootton.E trojan. It can be also removed by uninstalling it with Symbian application manager.

Disinfection for the cases when phone is already rebooted and cannot start up

CAUTION! This method will remove all data on the device including calendar and phone numbers

  • Power off the phone
  • Hold following three buttons down "answer call" + "*" + "3"
  • Keep holding the buttons and power on the phone
  • Depending on the model, you either get text "formatting" or start-up dialog that asks for initial phone settings
  • Your phone is now formatted and can be used again


Technical Details



In its structure Bootton.E is quite similar to SymbOS/Bootton.C. With the exception that instead of replacing system files with corrupted binaries the Bootton.E uses application that causes device to reboot.

In the device that is infected with Bootton.E, executing reboot application reboots device immediately. Installed corrupted system components cause reboot to fail. Thus leaving phone in unusable state after reboot.



Detection


F-Secure Mobile Anti-Virus for Symbian detects this malware starting from the
Detection Type: Mobile
Database: update build number 44



Description Created: Mika Tolvanen, January 16, 2006
Technical Details: Mika Tolvanen, January 16, 2006


SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Keep your mobile device protected

F-Secure Mobile Security will keep your mobile device protected on the go and enable you to find it in case you lose it

Learn More