[clamav-users] Malwarepatrol false positive
Arnaud Jacques
webmaster at securiteinfo.com
Tue Aug 21 12:48:01 UTC 2018
Hello,
Do it yourself:
https://www.securiteinfo.com/services/anti-spam-anti-virus/whitelisting_clamav_signatures.shtml
Btw, users/customers of
https://www.securiteinfo.com/services/anti-spam-anti-virus/improve-detection-rate-of-zero-day-malwares-for-clamav.shtml
have no problem because the signature has been included in
securiteinfo.ign2.
Le 21/08/2018 à 13:31, Al Varnell a écrit :
> OK, I don't think there is anything that ClamAV can do about it since
> it's an UNOFFICIAL.
>
> Maybe Steve Basford from SaneSecurity can put some pressure on them. He
> usually reads what's posted here.
>
> -Al-
>
> On Tue, Aug 21, 2018 at 04:27 AM, Dave McMurtrie wrote:
>> They did this in April, 2017 also. When I reported it as a false
>> positive at that time, they responded with:
>>
>> "Thank you for contacting us. There is a file hosted there with a vague
>> AV classification. After further reviewing it, we've decided to remove
>> the URL from our block lists and data feeds."
>>
>> I'm beginning to get the feeling they don't have any type of review
>> process in place.
>>
>>
>> On Mon, 20 Aug 2018, Al Varnell wrote:
>>
>>> Submit to fp (at) malwarepatrol.net <http://malwarepatrol.net>.
>>>
>>> -Al-
>>>
>>> On Mon, Aug 20, 2018 at 08:34 PM, Alex wrote:
>>>> Hi, fyi
>>>>
>>>> # sigtool --find-sigs MBL_12952716 | sigtool --decode-sigs
>>>> VIRUS NAME: MBL_12952716
>>>> TARGET TYPE: ANY FILE
>>>> OFFSET: *
>>>> DECODED SIGNATURE:
>>>> https://drive.google.com
>
>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
--
Cordialement / Best regards,
Arnaud Jacques
Gérant de SecuriteInfo.com
Téléphone : +33-(0)3.44.39.76.46
E-mail : aj at securiteinfo.com
Site web : https://www.securiteinfo.com
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
Twitter : @SecuriteInfoCom
Securiteinfo.com
La Sécurité Informatique - La Sécurité des Informations.
266, rue de Villers
60123 Bonneuil en Valois
More information about the clamav-users
mailing list