Jump to content

Video game titled "Hades" marked as ransomeware.


Tiergan

Recommended Posts

  • Staff

Hi,

Just temporary disable the antiransomware component. You can do this via the system tray, right click the malwarebytes icon and select to disable antiransomware.

 

Then add the file to your exclusions:

* To add the exclusion, open Malwarebytes > Settings > Exclusions tab

* Below, click the button: "Add Exclusion"

* Then, select "Exclude a File or Folder" (this should be prechecked already by default)

* Click Next

* You'll see a field that says: "Specify a File or Folder" - there, click the button "Select Files..." and browse to the file you want to exclude.

* For "How to Exclude", select: "Exclude from detection as malware, ransomware or potentially unwanted item" (this is normally also selected by default already)

* Then click the OK button below.

 

Then reboot, as that unlocks the file again, so you can zip and attach it.

Then enable malwarebytes antiransomware again.

Link to post
Share on other sites

  • 2 months later...

It's the same game as the post above. When it happened, I googled it and that's how i got this thread. That said, the game has updated a number of times since August, so the exe has no doubt changed. The game is sold by Epic Games, and has both 32-bit and 64-bit exe's. I've attached both. I renamed the files accordingly, but both files actual name is hades.exe

 

thanks

hades false positive.zip

Link to post
Share on other sites

Here's the report that MBAM generated:

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 10/29/19
Protection Event Time: 4:09 PM
Log File: 0479d250-fa88-11e9-b777-7085c23887fd.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.629
Update Package Version: 1.0.13107
License: Premium

-System Information-
OS: Windows 10 (Build 18362.418)
CPU: x64
File System: NTFS
User: System

-Ransomware Details-
File: 1
Malware.Ransom.Agent.Generic, Z:\Epic\Hades\x64\Hades.exe, Blocked, [0], [392685],0.0.0


(end)

Link to post
Share on other sites

  • 2 months later...
  • 1 month later...
  • 8 months later...
  • Staff

Hi,

The above file that you have attached has been whitelisted since November 24 already. So it might be a caching issue on your end.

In order to fix this, Quit malwarebytes from the systemtray.
Then navigate to the following folder:

C:\ProgramData\Malwarebytes\MBAMService

In there, locate the file HubbleCache and delete it.

Restart Malwarebytes again. A new Hubblecache will then be created again, so it will properly pick it up and remember to not detect this anymore.

In case it's still detected, please verify if the above file that you have attached is the exact file that was detected, if not, please zip and attach the exact file.

Thanks!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.