Hi, > * Alex <mysqlstud...@gmail.com>: > > Another malwarepatrol fp for docs.google.com > > > > # sigtool --find-sigs MBL_17713260 |sigtool --decode-sigs > > VIRUS NAME: MBL_17713260 > > TARGET TYPE: ANY FILE > > OFFSET: * > > DECODED SIGNATURE: > > https://docs.google.com > > > > I don't even know what to do anymore. Is it worth it to keep malwarepatrol? > > I'm wondering this as well. That stuff pops up every other day.
As a follow-up, in response to a question as to why they just block the specific URL and payload that triggered their detection, they insisted it wasn't a false-positive because the malware was detected by 12 other virus vendors. "Unfortunately, the file that serves the malware in question is in the root directory of that domain. That is the reason why the entire docs[.]google[.]com website is blocked." I love how they even had to obscure docs.google.com so their own software doesn't block receipt of their own email. It's not just bad experiences with them like this, it's also constant download issues, zero-length files, malformed files, and failure to reach their system at least every third day. _______________________________________________ clamav-users mailing list email@example.com http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml