[clamav-users] Malwarepatrol false positive
Al Varnell
alvarnell at mac.com
Tue Aug 21 11:31:28 UTC 2018
OK, I don't think there is anything that ClamAV can do about it since it's an UNOFFICIAL.
Maybe Steve Basford from SaneSecurity can put some pressure on them. He usually reads what's posted here.
-Al-
On Tue, Aug 21, 2018 at 04:27 AM, Dave McMurtrie wrote:
> They did this in April, 2017 also. When I reported it as a false positive at that time, they responded with:
>
> "Thank you for contacting us. There is a file hosted there with a vague
> AV classification. After further reviewing it, we've decided to remove
> the URL from our block lists and data feeds."
>
> I'm beginning to get the feeling they don't have any type of review process in place.
>
>
> On Mon, 20 Aug 2018, Al Varnell wrote:
>
>> Submit to fp (at) malwarepatrol.net <http://malwarepatrol.net/>.
>>
>> -Al-
>>
>> On Mon, Aug 20, 2018 at 08:34 PM, Alex wrote:
>>> Hi, fyi
>>>
>>> # sigtool --find-sigs MBL_12952716 | sigtool --decode-sigs
>>> VIRUS NAME: MBL_12952716
>>> TARGET TYPE: ANY FILE
>>> OFFSET: *
>>> DECODED SIGNATURE:
>>> https://drive.google.com <https://drive.google.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20180821/03bb3245/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3860 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20180821/03bb3245/attachment.bin>
More information about the clamav-users
mailing list