Threat Explorer

The Threat Explorer is a comprehensive resource consumers can turn to for daily, accurate, up-to-date information on the latest threats, risks and vulnerabilities.

Android.Gugespy

Android.Gugespy

Updated:
July 19, 2012
Risk Impact:
Low
Systems Affected:
Android

Behavior

Android.Gugespy is a spyware program for Android devices that logs the device's activity and sends it to a predetermined email address.

Android package file
The application may arrive as a package with one of the following names:

APKs :
com.plus.QQMsg
com.plus.QQMsgX
com.plus.sms2mail
com.plus.sms2mailX

Installation
Once installed, the application will display the following icon:

Antivirus Protection Dates

  • Initial Rapid Release version October 02, 2014 revision 022
  • Latest Rapid Release version September 22, 2016 revision 024
  • Initial Daily Certified version July 02, 2012 revision 018
  • Latest Daily Certified version September 22, 2016 revision 025
  • Initial Weekly Certified release date July 18, 2012
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Android package file
The application may arrive as a package with one of the following names:

APKs:
  • com.plus.QQMsg
  • com.plus.QQMsgX
  • com.plus.sms2mail
  • com.plus.sms2mailX

Permissions
When the application is being installed, it requests permissions to perform the following actions:
  • Read SMS messages on the device
  • Prevent processor from sleeping or screen from dimming
  • Check the phone's current state
  • Write to external storage devices
  • Allows an application to read the owner's data
  • Open network connections
  • Start once the device has finished booting
  • Read user's contacts data

    Installation
    Once installed, the application will display the following icon:




    System monitoring
    The application will run in the background, gathering the following information and periodically sending it to a proxy email address:
    • Incoming and outgoing call logs
    • SMS messages
    • Instant messenger chat history
    You may have arrived at this page either because you have been alerted by your Symantec product about this risk, or you are concerned that your device has been affected by this risk.


    Install Norton Mobile Security
    If you do not already have Norton Mobile Security installed on your device, please download the product from the Android marketplace .

    Alternatively, you can navigate to the norton.mobi website from your device and download the product from there by completing the following steps:
    1. Select the 90-Day free download.
    2. Click on the Android icon to begin downloading the product.
    3. Click on Install in order to accept the permissions that are being requested by the program.
    4. Next, click Open and then Agree & Launch.

    Note: The first time the product runs, you will be required to enter a code that is displayed on the screen in order to activate the product. Enter the provided code and press Submit .


    Run a full system scan
    Run a full system scan using Norton Mobile Security to remove this risk from the device. To do this, please perform the following actions:
    1. Navigate to the Anti-Malware tab.
    2. Click Scan Now.


    Manual removal
    To remove this risk manually, please perform the following actions:
    1. Open the Google Android Menu.
    2. Go to the Settings icon and select Applications.
    3. Next, click Manage.
    4. Select the application and click the Uninstall button.