Jump to content

Recommended Posts

Posted (edited)

Hi, i need help and i hope that someone here can help me, im currently infested by a virus or malware that keeps on coming back, it never stop it always install itself
and it has the capability to
1. read phone status and identity
2. location
3. modify/delete contents
4. find accounts on device
5. download files WITHOUT notification
6.retrieve running app and run at startup
7. draw over other apps
8. read sync settings

it looks very dangerous it could steal info from my phone, based on my research those who are infected by this app also receives msgs with links and it seems that the phone itself created that message and sends to itself

right now i have no idea on how to remove this problem, also rooting is impossible currently because my phone is not supported on any rooting services and i yes i tried everything, emailed them if they supports rooting my phone and they all say no.

i was able to grab a copy of the enginee app in apk format maybe someone is interested on simulating it on an emulator (im doing it right now actually)

Edited by AlexSmith
Removed link

Share this post


Link to post
Share on other sites
Posted (edited)

Hello !

I'm a simple member here. I just want to help.

Have you tried to uninstall this application from Settings ?

Settings >> Click on "Clear cache" and "Clear data" >> Uncheck "Show notifications" >> "Force stop" and "Uninstall"

Have you also tried to scan with Malwarebytes for Android ? Check this : https://www.malwarebytes.com/mobile/.

If you have important data try to make an backup and reset your smartphone back to factory settings.

Good luck !

Edited by florinch

Share this post


Link to post
Share on other sites

Hello, well I guess that is Malware.

You can upload it here to check then.

---> www.virustotal.com

MAM

 

 

Share this post


Link to post
Share on other sites

Hello, please remove your download link here on the forum.

And make please this.

MAM

Share this post


Link to post
Share on other sites
Posted (edited)

@florinch i just tried, it didnt return... yet

@MAM i checked it on virustotal, 14/62 engines found this as infected files, i rescanned it and 22/61

Also i dont know how to edit my post to remove the download link

Edited by Lutzkhie

Share this post


Link to post
Share on other sites

based on virustotal graph, i found a link which if you try to load it on desktop it auto download the same apk file and that is the enginee app
if i could blacklist this link on my phone it should stop the auto installing right?

Share this post


Link to post
Share on other sites
Posted (edited)

yeah but it got my attention and started pulling some strings and i ended up in a website that make military weapons in america, its the same one sending the url for auto installation, i think their spying on us

Edited by Lutzkhie

Share this post


Link to post
Share on other sites

Hello, Lutzkhie please wait for the expert´ s here.

And in the other problem to edit your posting: You must have at least 30 postings or more here to do this. I do not know what exactly.

MAM

Share this post


Link to post
Share on other sites

HI @Lutzkhie,

If you could share the link of the VirusTotal results, that would be very helpful.  Also, you can send an Apps Report and I can see what is on your device.

To send an Apps Report with Malwarebytes for Android use the following instructions.

1.Open the Malwarebytes for Android app.

2.Tap the Menu icon.

3. Tap Your apps.

4. Tap three lines icon in upper right corner.

5. Tap Send to support

Choose an email app to send Apps Report.

Your email app will open with the Apps Report included. Send the Apps Report to create a ticket.

PM the email used and/or the ticket number assigned.

Nathan

Share this post


Link to post
Share on other sites

i cant send a report, theres an error, i forgot the exact words but it means that i dont have an email app to send report

also i think i found it, the source, i was monitoring my data consumption when suddenly a pre-installed app called "shell.apk" downloaded 1.5mb then a message pop up from malware about enginee as a threat i dont think its coincidence. but i still need confirmation

Share this post


Link to post
Share on other sites

Hi @Lutzkhie,

The virustotal link is indeed to a malicious app, and do detect as Android/Trojan.Guerrilla.AK.

I'm interested in the "shell.apk" you are speak of.  Let's try another approach.  Download/install this app: https://play.google.com/store/apps/details?id=com.makaylatech.applist

You can then send me a screenshot of the app you are referring.

Have you recently installed a custom ROM onto your phone?  I recall a case were some ROMs come with per-installed malware.

Nathan

Share this post


Link to post
Share on other sites
Posted (edited)

@mbam_mtbr

i cant find shell.apk on the app list package, it doesnt show system apps
also i kept on monitoring my data and there is also another app that would spike 1.5mb then followed by an "enginee" notification being installed, the weird part is that this particular app doesnt show on my system apps, its called "OS Services"
 

Edited by Lutzkhie

Share this post


Link to post
Share on other sites

i was finally able to send a report, i tried disabling the shell.apk, enginee somehow stopped but a new app is auto installed something with "whone" in its name, if i remember correctly it was found adware by malwarebytes

i tried a factory reset, and it gave me an option to restore backup, how do i delete the recovery/backup file?

Share this post


Link to post
Share on other sites

@Lutzkhie Please remove the download link from your opening post to keep common readers from accidentally installing and infecting their device(s). And about the new application installed, can you please inform us what device you are using?

Share this post


Link to post
Share on other sites

@mbam_mtbr ,

Thank you for the update, I reported the file to mediafire yesterday since the file wasnt blocked when I checked to see if the link was dead. Thank you for the update again.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.