Malwarebytes detects, since this afternoon, gems of war as malware


Since last update of malwarebytes, a file of Gems of War (GameAseembly.dll) is detected as malware (Malware.Heuristic.1001, that means 0-day threat).

@Saltypatra, some info about this ?

I knew their monetisation efforts would cross the line eventually! /s


Yes, eventually, but how to be sure the file is not infected ? I think it is a false positive. I will test with virustotal.
A dev answer would be greatly appreciated :slight_smile:

Right now, only Malwarebytes detects this file as malicious. So no problem or a very 0-day.

What if GoW now does bitcoin mining on our computers? :rofl:

Disclaimer: I’m being sarcastic. …Right?

1 Like

Mongo’s spell is getting too random.


It is not the first time Malwarebytes detects GoW as malicious. Sometime it is URL, sometime a file. So wait and see if Malwarebytes fix it.

Should be rated as Adware… (warning: some irony inside!)

Players have to opt in to see ads in Gems of War. So that’s some faulty detection software if that’s what’s picking it up.

It would be like the FTC coming after a kids lemonade stand because of reports it’s a monopoly in their small town.

It’s an F/P (FYI, Malware.Heuristic.* is just a match by their heuristics engine on some part(s) of the code in the DLL (to put it simply), it doesn’t mean 0day).

You can report it via their forums.

Full disclosure: I used to work for them :wink:


I reported the same 2 days ago, but it is still not in the forum. But l got the same virus message with many games on Steam so it affects many other games too.
I got another message too with the corrupted games: ‘failed to load il2app.’ Now l can not play with GoW that is suck, because l am playing with it every day on my pc. I hope it is only the fault of Malwarebyte and not something else. OUCH!

After l played with GOw on my mobile l got my virus killer turned off by itself. I think this MUST be something wrong. As l am reading about it on the Forum it has been present for a long time from time to time. Could someone solve it for good?

The strange thing is that on Virustotal, malwarebytes do not detect the file as malicious (and it seems antivirus and antimalware on virustotal are all up to date), but the file is still detected as malicious by local Malwarebytes. So weird !

You can put the gems of war folder in exclusion in Malwarebytes and then check the game files in Steam. Steam will repair the game by itself and all will be good again. :wink:

1 Like