Keeping You free......From Bootton Virus

Here at All Symbian Antivirus we are dedicated to providing you with manual fixes and recommended softwear to keep you symbian devices virus free. We are provided by regularly updated info from UMU Symbian Solutions .

Bootton usually arrives on a phone disguised as a SIS installer for normal applications or dropped by other malwares. When this malicious SIS package is executed, it overwrites normal application files in the device’s C drive with copies that, when executed, restarts the compromised device. Some of the popular applications it disables in this way include the following (it's quite the list I've tried to list he alphebetically and in blocks for an easier search):

C:\System\apps\Appctrl\Appctrl.aif
C:\System\apps\Appctrl\Appctrl.app
C:\System\apps\Appinst\Appinst.aif
C:\System\apps\Appinst\Appinst.app
C:\System\apps\Appmngr\Appmngr.aif
C:\System\apps\Appmngr\Appmngr.app

C:\System\apps\BtUi\BtUi.aif
C:\System\apps\BtUi\BtUi.app

C:\System\apps\Camcorder\Camcorder.aif
C:\System\apps\Camcorder\Camcorder.app
C:\System\apps\Camera\Camera.aif
C:\System\apps\Camera\Camera.app

C:\System\apps\efileman\efileman.aif
C:\System\apps\efileman\efileman.app

C:\System\apps\FExplorer\FExplorer.aif
C:\System\apps\FExplorer\FExplorer.app
C:\System\apps\FExplorer\FExplorer_caption.rsc
C:\System\apps\File\File.aif
C:\System\apps\File\File.app
C:\System\apps\FileManager\FileManager.aif
C:\System\apps\FileManager\FileManager.app

C:\System\apps\ILoveU\ILoveU.aif
C:\System\apps\ILoveU\ILoveU.APP
C:\System\apps\ILoveU\ILoveU.RSC
C:\System\apps\ILoveU\ILU.mdl
C:\System\apps\Logs\Logs.aif
C:\System\apps\Logs\Logs.app
C:\System\apps\IrApp\IrApp.aif
C:\System\apps\IrApp\IrApp.app

C:\System\apps\mce\mce.aif
C:\System\apps\mce\mce.app
C:\System\apps\MediaGallery\MediaGallery.aif
C:\System\apps\MediaGallery\MediaGallery.app
C:\System\apps\Menu\Menu.aif
C:\System\apps\Menu\Menu.app

C:\System\apps\Phone\Phone.aif
C:\System\apps\Phone\Phone.app
C:\System\apps\Phonebook\Phonebook.aif
C:\System\apps\Phonebook\Phonebook.app

C:\System\apps\SymCommander\SymCommander.aif
C:\System\apps\SymCommander\SymCommander.app
C:\System\apps\SystemExplorer\SystemExplorer.aif
C:\System\apps\SystemExplorer\SystemExplorer.app

C:\System\apps\ThNdRbRd.gif
C:\System\RECOGS\ILU.mdl

During installation, Bootton displays any of the following messages:

This app can restart your phone by only clicking on the restart icon. It is suitable for S60 phones. Enjoy!!

Created By:

Symbian Corporation ©2006
=================================


° ¨ ¨ ™ ¤ ¦ T h N d R b R d ¦ ¤ ™ ¨ ¨ °

Some variants also drop a file named Dont4get2readme.txt. It contains the following message:

Saying HELLO From Here (SYRIA)
TO All The WORLD !!!

I Wish U N-Joy UR
Damaged Device ..

U Know, Not all may Read These Words But,
No Problem Bcuz Some will,

But even This, Thats The Way I Love U All ...

;-)


Regards,
ThNdRbRd

Bootton affects phones running the Symbian S60 platform. Some affected phones include the following:

Nokia 3650, 3600, 3660, 3620
Nokia 6600, 6620
Nokia 7610, 7650
Nokia N-Gage
Panasonic X700
Sendo X
Siemens SX1

Manual Disinfection / Bootton Virus Removal

To disinfect a compromised device, it is necessary to reinstall all overwritten applications. The SymbOS/Bootton SIS installer must then be deleted. If this does not restore the phone, a formatting the phone may be necessary. All data saved in the C drive will be lost during a format.

 

The information we supply on on this site is correct at the time of publishing. Weather you have a Nokia, Siemens, Panasonic or whatever symbian device you have we have the virus fixes for your virus afflictions here.

Search Our Articles on how best to remain virus free, and how to fix any infectections you may already have in you symbian device.

We have softwear links to UMU for the best antivirus softwear on the market, or we also list the manual methods of virus removal for most mobile viruses from Cabir, Dommed to CommWarrior and PBSteal plus everything inbetween.

We hope you find our site usefull and book mark us for future reference.....