Thanks for letting us know !This advert being is widely circulated on FB nowadays(See attachment).Its purportedly a remake of the Contra game by some unknown studio called Raize gaming.
I assumed it was what it claimed to be,moreover as it was being advertised on FB i thought it was legit.After downloading this so-called game from their link,i found that it didn't work and was demanding that i install some "simulator" to get it to work.
Frustrated i gave up trying,but shortly afterwards an executable of the game that was running in the background was flagged by AVG as a malware(bitcoin miner) and was blocked.
This set off some alarm bells,so i checked the FB post once again where i got it from,and surely discovered that many others had also reported the same issue-that it was being flagged as a malware.It was my mistake for not having checked the comments thoroughly before proceeding to download this fake game-actually i didn't think any app that was being advertised on FB would contain malware,as i assumed they would have verified it before allowing it to appear on their website.
I ran a full system scan with avg and it came up clean in the results.I even scanned my system with malwarebytes and hitman pro but they couldn't find any traces of that malware either.
However much to my surprise,i found that the executables were still running from multiple places within my primary drive (C : ) after i rebooted my system,and quite inexplicably AVG was not detecting them.So i manually found their source folders using task manager and deleted them all,only to find them still appearing again upon the next reboot.
So this time i downloaded Eset online scanner and ran another system-wide scan but it came up empty as well.I couldn't imagine that some of the oldest and the most reputable AV products like ESET ,AVg etc were failing to detect this generic bitcoin mining trojan.
As a last resort,i scanned my system using a tool called rogue killer,and it did manage to detect multiple traces of the app on my C: drive and deleted them all !! I hope i wont find it running again upon the next reboot!
I reported this ad to facebook multiple times,but they rejected it claiming that it didn't violate any of their "community guidelines"!! (go figure!!)
Please beware of this,and if you chance upon this ad,do report it straight away!
i uninstalled the previous one before installing another anti-malware program.Thanks for letting us know !
One question, Isn't marlwarebyte, hitman and rogue killer conflicting with each other like antiviruses does?
Posted here by mistake? Perhaps move to a different thread.Btw the Contra Returns is a Mobile Exclusive game releasing for Android/iOS
This is what baffles me-the files are clearly malicious,otherwise they wouldn't have reappeared at their original locations upon reboot (despite having been deleted previously).And during startup i can see multiple instances of update.exe running in the background for no apparent reason-they disappear after sometime.I dont think any legit app would behave this way.^^Scanned using Bitdefender & Malwarebytes. Nothing detected. Files are clean
Can you post the taskmanager screenshot running these malicious exe ? It could be the exe is being invoked by some other infected program/app.This is what baffles me-the files are clearly malicious,otherwise they wouldn't have reappeared at their original locations upon reboot (despite having been deleted previously).And during startup i can see multiple instances of update.exe running in the background for no apparent reason-they disappear after sometime.I dont think any legit app would behave this way.
I wonder why none of the popular antivirus programs can detect them as malware.Even in virustotal,only one obscure av product called ikarus or something detects the update.exe as a malicious file out of several others listed there,which include some popular a/vs like kaspersky,eset and bitdefender.This is a major disappointment to say the least!!