[clamav-users] [ext] MBL_17713260 false positive!
Al Varnell
alvarnell at mac.com
Wed Oct 24 08:05:58 UTC 2018
I cannot argue that malware does not show up in Google Docs which is wide open to anybody that wants to post there, as I know it has occurred. Not sure how big a problem it has become for Google to police. I think it would be better if malwarepatrol were to list the specific site where the malware was reportedly found, rather than condemning the entire sub-domain.
-Al-
On Wed, Oct 24, 2018 at 01:00 AM, Ralf Hildebrandt wrote:
> * Alex <mysqlstudent at gmail.com <mailto:mysqlstudent at gmail.com>>:
>> Another malwarepatrol fp for docs.google.com <http://docs.google.com/>
>>
>> # sigtool --find-sigs MBL_17713260 |sigtool --decode-sigs
>> VIRUS NAME: MBL_17713260
>> TARGET TYPE: ANY FILE
>> OFFSET: *
>> DECODED SIGNATURE:
>> https://docs.google.com <https://docs.google.com/>
>>
>> I don't even know what to do anymore. Is it worth it to keep malwarepatrol?
>
> I'm wondering this as well. That stuff pops up every other day.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20181024/fbdbd320/attachment.htm>
More information about the clamav-users
mailing list