F-Secure: Be Sure
Main
F-Secure Logo - Be Sure
Select local site


Privacy Policy
Contact Us

F-Secure Trojan Information Pages : Bootton.F

[ Summary ] | [ Disinfection ] | [ Detailed Description ] | [ Detection ]

Name:Bootton.F
Category:Trojan
Platform:SymbOS
Date of Discovery:March 28, 2006

Summary

Bootton.F is a SIS file that installs a small software component that resets the device. This component will be executed automatically after installation and at system start up. That causes the reboot to fail and leaves the phone in an unusable state.

Disinfection

CAUTION! This method will remove all data on the device including the calendar and phone numbers:

  1. Power off the phone
  2. Hold following three buttons down "answer call" + "*" + "3"
  3. Keep holding the buttons and power on the phone
  4. Depending on the model, you either get text "formatting" or start-up dialog that asks for initial phone settings
  5. Your phone is now formatted and can be used again


Back to the Top


Detailed Description

In its structure, Bootton.F is quite similar to SymbOS/Bootton.E with the exception that instead of needing user action to reboot the phone it does so automatically after installation and at the phone's start up.


Back to the Top


Detection

F-Secure Mobile Anti-Virus for Symbian detects this malware starting from the update build number 44.


Back to the Top


Write-up: Mika Tolvanen, May 10, 2006

Technical Details: Mika Tolvanen, May 10, 2006

F-Secure Corporation