asianmusicguy Posted November 20, 2016 ID:1073527 Share Posted November 20, 2016 (edited) Hey Folks so ro day I woke to malwarebytes blocking threats all from different games all of which are from Independent developers and made using Adventure Game Studio http://www.adventuregamestudio.co.uk/site/ags/ winsetup.exe is the name used for each games setup file Malwarebytes Anti-Malware www.malwarebytes.org Protection, 20/11/2016 10:21 AM, SYSTEM, BRANDEN-PC, Protection, Malware Protection, Starting, Protection, 20/11/2016 10:21 AM, SYSTEM, BRANDEN-PC, Protection, Malware Protection, Started, Protection, 20/11/2016 10:21 AM, SYSTEM, BRANDEN-PC, Protection, Malicious Website Protection, Starting, Protection, 20/11/2016 10:21 AM, SYSTEM, BRANDEN-PC, Protection, Malicious Website Protection, Started, Update, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Scheduler, Rootkit Database, 2016.10.31.1, 2016.11.20.1, Update, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Scheduler, Domain Database, 2016.11.20.1, 2016.11.20.2, Update, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Scheduler, Malware Database, 2016.11.19.9, 2016.11.20.6, Protection, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Protection, Refresh, Starting, Protection, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Protection, Malicious Website Protection, Stopping, Protection, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Protection, Malicious Website Protection, Stopped, Protection, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Protection, Refresh, Success, Protection, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Protection, Malicious Website Protection, Starting, Protection, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Protection, Malicious Website Protection, Started, Detection, 20/11/2016 10:24 AM, SYSTEM, BRANDEN-PC, Protection, Malware Protection, File, Ransom.FileCryptor, C:\games\Blackwell Deception\winsetup.exe, Quarantine, [6620caf83e5c54e200591abf5ca72dd3] Detection, 20/11/2016 10:24 AM, Branden, BRANDEN-PC, Protection, Malware Protection, File, Ransom.FileCryptor, C:\games\Blackwell Unbound\winsetup.exe, Quarantine, [4f3701c176246ec8f861865354af758b] Detection, 20/11/2016 10:25 AM, Branden, BRANDEN-PC, Protection, Malware Protection, File, Ransom.FileCryptor, C:\games\Technobabylon\winsetup.exe, Quarantine, [226411b1fd9dab8b63f69940d82be41c] Detection, 20/11/2016 10:25 AM, Branden, BRANDEN-PC, Protection, Malware Protection, File, Ransom.FileCryptor, C:\games\Al Emmo and the Lost Dutchman's Mine\winsetup.exe, Quarantine, [fc8aead82377b08652078455bf44738d] Detection, 20/11/2016 10:25 AM, Branden, BRANDEN-PC, Protection, Malware Protection, File, Ransom.FileCryptor, C:\games\Resonance\winsetup.exe, Quarantine, [6c1a9032efab61d570e97d5ca75ced13] Detection, 20/11/2016 10:25 AM, Branden, BRANDEN-PC, Protection, Malware Protection, File, Ransom.FileCryptor, C:\games\The Blackwell Convergence\winsetup.exe, Quarantine, [483e388a9307d95dd8816c6dc142fb05] Detection, 20/11/2016 10:25 AM, SYSTEM, BRANDEN-PC, Protection, Malware Protection, File, Ransom.FileCryptor, C:\games\The Blackwell Legacy\winsetup.exe, Quarantine, [1d69b50d2377d264f168607918ebb14f] (end) interestingly they were automatically blocked on walwarebytes startup i did not launch them please advise EDIT: Virus Total check https://www.virustotal.com/en/file/30305e3aefd89131a4a3160d6c6daf9bd765a868939b88deee7675becdfcc2e8/analysis/1479677754/ offical wikipedia article https://en.m.wikipedia.org/wiki/Adventure_Game_Studio i never mind helping the community however this is quite the mistake and will effect many independent game developers i know the games in question have been on my hard drive for years and i know the developer personally http://www.wadjeteyegames.com/games/ please resolve this quickly thank you Edited November 21, 2016 by asianmusicguy Link to post Share on other sites More sharing options...
thisisu Posted November 21, 2016 ID:1073808 Share Posted November 21, 2016 Hi, Thanks for reporting and your patience. This will be fixed in db v2016.11.21.17 which should become available in about 20 minutes. Link to post Share on other sites More sharing options...
thisisu Posted November 21, 2016 ID:1073814 Share Posted November 21, 2016 Fixed in v2016.11.21.17 -- available now Link to post Share on other sites More sharing options...
asianmusicguy Posted November 21, 2016 Author ID:1073825 Share Posted November 21, 2016 (edited) Thank you updated and scanning now to check results if i may say so i really dont understand how such a well established program got flagged to start with i understand false positives happen in any security environment my main concern is what it is labeled as i nearly lost my mind till i calmed down and looked closer ransomware is not a detection anyone wants so can we try to be slightly more conservative with the use of the world and perhaps make up a title for generic detection Edited November 21, 2016 by asianmusicguy Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now