Cardtrap.D is a minor variation of Cardtrap.B, the main differences are
that Cardtrap.D disables smaller number of application and drops other
Symbian malware on the device.
We have tested Cardtrap.D on several different phones, and on all the phones
we tested the installation of Cardtrap.D fails. And thus it is not dangerous
to most of the users. But we cannot be sure that it doesnt work on on all
phone models, so we are providing disinfection instructions for it.
Cardtrap.D also drops components from SymbOS/Doomboot.A, which prevent the phone from
booting. So if your phone is infected with Cardtrap.D it is important not to reboot the phone
before disinfecting it.
Disinfection
The Cardtrap.D disables Application manager to prevent it's uninstallation
and application installer to prevent installation of Anti-Virus. So the only
working disinfection method works only in phones in which the MMC card
can be installed without powering off the phone.
For this disinfection method you need help of someone with clean Series 60 phone
1. Install F-Skulls.sis into clean memory card with a clean phone
2. Put the memory card with F-Skulls into infected phone
3. Application manager and application installer should work again
4. Go to application manager and uninstall the SIS file in which you installed the skulls variant
5. Download and install F-Secure Mobile Anti-Virus to remove any Cabirs dropped by the Skulls variant
http://www.europe.f-secure.com/estore/avmobile.shtml
or with mobile itself
http://mobile.f-secure.com
6. Remove the F-Skulls with application manager as the phone is now cleaned
