Hi guys,
got just a false positive while updating my GPG from h**ps://files.gpg4win.org/gpg4win-4.4.0.exe
Wish you a healthy and successful 2025!
cheers
@calimero Thanks very much for the good hint 👍 - but unfortunately I fear, it's out of our hands.
We have licensed the Malware Patrol filters and use them as provided. Any change - i.e. a false positive notice must be filed with Malware Patrol for their maintenance. We can not put URLs on whitelists as we are unable to verify the case thoroughly. That's why we pay for their expertise. 😉
THX!
@random Thanks, but if you (eB Team) are not the one to report - even when you (eB team) bought this lists, it would have been good on how to report things like that 🙂
For completeness and others here is the way:
Reported it now via Mail directly to malware patrol....
regards
@random HI, I received feedback from Malware Partrol:
Hello,
Thank you for the contact. I've verified our database and I don't see any entries for that URL or its domain.
Can you please let us know the source of this information, so we can investigate further?
Regards,
Luciana
Malware Patrol Team
I can see gpg4win in the malware-urls.json and malware.filter file in eBlocker, but can you check the last Malware Patrol Update eBlocker is using and which Malware Patrol lists have been used, so I can provide feedback to them?
JSON
{"url":"ftp.gpg4win.org","hostedMalware":["MalwarePatrol"]}
{"url":"files.gpg4win.org","hostedMalware":["MalwarePatrol"]}
FILTER
.ftp.gpg4win.org
.files.gpg4win.org
Many thanks and best regards
@calimero All I can say from my position is that we are pulling the Malware Patrol filters daily. So you can assume we are always using the latest version.
Just a personal word: As much I appreciate your engagement in this case, please bear in mind that it causes our workforce to focus on a most minor issuse. From my perspective, we are making a mountain out of a molehill here.
Don't get me wrong: If you feel it's super important to you to get gpg4win.org off the Malware Patrol list, just move forward. I just don't want to spend more of my time on this topic to rather focus on more important tasks moving us forward.
Remember the easiest solution: If you feel the Malware Patrol filter contain a false positive, just hit "Pause" and download the file. Not a big deal for a pro.
THX!
the Malware Patrol list is not public (eBlocker has a subscription), so I cannot post the URL here. But I can confirm that currently the list contains these lines:
files.gpg4win.org/ ftp.gpg4win.org/
Our list builder uses the parameter "list=squidguard" for downloading the list.
@random Thank you very much for your help.
As eBlocker is NOT JUST for us PROs, this documentation should be for all comming to such an issue with the eBlocker 🙂
Next mail sent to malware patrol with your input and waiting for repsonse from them.
Thanks and regards
Last Update on this thread
The URLs where fals positive and are now whitelisted!
So in the next update on this malware patrol lists, it is fixed
Hello,
Thank you for the information. We have confirmed this to be a false positive and whitelisted in our database.
We are sorry for the trouble this may have caused.
Best regards,
Luciana
Malware Patrol Team
best regards