This application requires Javascript for optimal performance.

SymbOS/Bootton.E!tr - Released May 12, 2006 - Last Updated May 18, 2009

Alias/es

Trojan.SymbOS.Bootton.e (KAV)

Detection Availability

	Active Database	Extended Database
FortiGate		low high
FortiClient
FortiMail		N/A

Visible Symptoms

The mobile phone will reboot.

Detailed Analysis

It is a Symbian SIS archive. The following message will show on the screen during the installation:

Figure 1: Post-install display

Upon installation, it drops the following files (528 Bytes):

!:\System\Data\Profiles\Profile0.dat
!:\System\Data\Profiles\Profile1.dat
!:\System\Data\Profiles\Profile2.dat
!:\System\Data\Profiles\Profile3.dat
!:\System\Data\Profiles\Profile4.dat
!:\System\Data\Profiles\Profile5.dat

which will overwrite the default profile settings. Then, it drops and executes the following EXE files to make the phone reboot:

!:\System\Data\Profiles\Profiles.exe
!:\System\Data\Profiles\Remove.exe

Recommended Action

Delete the EXE files with a file manager application - or run FortiClient Mobile Security.

Reference: ID - 251833

Current Threat Level

Vulnerabilities

Virus/Spyware

Spam

PGP Keys

Contact Form

Copyright © 2011 Fortinet Inc. All Rights Reserved