Hello, i’m trying to send a file of 27mb but the size is too big to send.
It’s called “main.exe” , from webzen.com game called muonline. The Virus detected is Hoblig Heur.
Since some update from avast, i cannot play the game anymore by the false-positive. The webzen did not try to solve that, so i’m trying to have solution.
How can we solve this? Thanks.
Where are you trying to send it for analysis ?
Try https://www.metascan-online.com/ it can handle 140 MB files.
Hello, i was trying to send for https://www.avast.com/contact-us.php?subject=VIRUS-FILE
I’m now sending the file to the website you sent to me, soon i will post the result here.
But will it update avast definition of files, or i will have to mark as exception of false-positive in avast?
Here they telling you there it is an avast! FP: http://forum.webzen.com/forum/en/mu-online-english/mu-online-issues-feedback/395712-issues-with-last-update
Wait for what we hear from Avast? You can mail virus@avast.com
polonus
Besides mailing the sample to Avast as polonus indicated above you can also use https://support.avast.com/ > Avast Virus lab.
I sent the file to https://www.metascan-online.com/en and found nothing.
I opened the topic about Hoblig Heur too in this forum from webzen some weeks ago. The admin from webzen muonline said for me to change my Anti Virus…
Thanks, i will send mail to virus@avast.com and visit https://support.avast.com/
Is permitted to post dropbox link file of “main.exe” in the forum?
yes …
Here is the link: https://www.dropbox.com/s/mt5cv42nqvdqfr4/main.rar?dl=0
(File is in rar, called “main.exe” from webzen.com muonline game.
Hi Pondus,
Haven’t we been there before late August last year, with a similar detection →
: http://forums.elderscrollsonline.com/discussion/126013/issue-after-maintenance-avast-detects-a-threat-win32-hoblig-heur
It is always good to go back in time, as such heuristical FP as soon as no longer reminded are prone to be repeated.
And such an incident with the installer being flagged makes me lean more towards a FP.
Again the only certainty we will have is someone from avast team confirming this.
Somehow updates cannot become white listed at once.
polonus
The Virus detected is [b]Hoblig Heur[/b].no detection from avast
First submission 2014-11-12 14:23:11 UTC ( 2 months, 1 week ago )
https://www.virustotal.com/en/file/4cda8e8fc306ce1f0d1d06493d0eb0322b478ecd434f9461d49cd22fc24f04db/analysis/1422112203/
CopyrightCopyright ? 2002 Publisher WebZen Product WebZen mu main Original name main.exe Internal name main File version 1, 5, 14, 0 Description main
post a screenshot of the avast detection popup
Yes, i’m sorry about that and the confusion. The file with Virus is called Mu.exe
But it’s when i try to play the game, it updates the launcher, and Avast Got Runtime Error C:\Program Files (x86)\Webzen\Mu\Mu.exe
It’s without viruses, but when it updates from webzen, becomes the alert Hoblig Heur.
I will send the file without infection, because i don’t know how to get the file infected from the launcher muonline game updater
Maybe it’s possible to do something even with the first file: https://www.dropbox.com/s/4gp5qb3inccux06/Mu.rar?dl=0
I will install Muonline in Virtual Machine with the files all updated, soon i will post here again the file with Hoblig Heur in drop box