[clamav-users] Win.Exploit.CVE_2019_0758-6968262-1 - VERY false positives
Groach
roach.clamav at decrofloor.co.uk
Mon May 27 09:38:33 UTC 2019
Since 25th May, my email system (according to this new signature) is
rife with a virus that didnt (and still doesnt) exist in these historic
emails. These emails (an extract of the scan results is shown below)
have PDF's in them but are without risk. Can we drop this signature please?
Thanks
D:\Datastore\hMailData\mydomain.net\ann\61\{613A996C-968D-442C-BF07-B5BA1704A79B}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\ann\84\{84206D6D-4665-4DA7-BB72-63F9FDCF8D3A}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\00\{007E306E-9A30-41E4-94F8-4ADC13B69D3F}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\03\{03EE7140-81BA-4F9C-8282-BCDF515C036A}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\04\{044E8E8F-4409-4A26-A5FA-08A8935166DB}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\05\{0509C691-0E9E-4333-8600-931E279251F6}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\06\{06EB0A67-BB7B-452E-998F-3D1D4115A2A7}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\06\{06EE8596-D4F1-4115-A0B2-FF9DD204A6E6}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\11\{11D9F311-3765-4783-8C32-9ED8F74FA53C}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\13\{13D21848-6188-4F8D-A41F-D549D3B7DD0A}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\19\{193A7E10-5024-42BF-AB93-782B8B3D678D}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\21\{21065CDC-0E74-46DF-96AB-70E7153EBDA5}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\24\{24566998-C28F-443C-9402-EB6CDEAA1D75}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\24\{247F7F9A-02B4-4E8A-B12A-6C5459CA3D97}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\24\{24868C4D-2E81-4FE3-982E-44B81FA7E4C4}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\25\{25FE91E4-9A8E-4660-BE70-C56100C6F178}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\26\{2612BBDD-22DB-4CCF-843A-6AF4FA0C2688}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\28\{28385A6B-0546-4D0D-A0E6-F8016EDF1CC8}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\2A\{2A6AFBE6-C309-49E8-8A86-7B14A29D9071}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\2A\{2AE80F71-9335-421A-BCFC-912A46391BF7}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
D:\Datastore\hMailData\mydomain.net\sales\2B\{2B0EAE95-B98C-4778-BF63-0E70D354DC27}.eml:
Win.Exploit.CVE_2019_0758-6968262-1 FOUND
and several hundred more
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20190527/e8f4e545/attachment.htm>
More information about the clamav-users
mailing list