[clamav-users] swift.doc Doc.Dropper.Agent-1776597
Joel Esler (jesler)
jesler at cisco.com
Wed Oct 19 10:05:44 EDT 2016
So to be clear, it is not detected or it is detected?
--
Joel Esler | Talos: Manager| jesler at cisco.com<mailto:jesler at cisco.com>
On Oct 19, 2016, at 9:50 AM, Heino Backhaus <heino.backhaus at fink-computer.de<mailto:heino.backhaus at fink-computer.de>> wrote:
Hello List,
we've received totay early in the morning mails with a word document
containing a malicius macro,
which was not detected by clamav. It is now detected as
Doc.Dropper.Agent-177659.
I've set up clamd with the OLE2BlockMacros yes option which normaly
works fine, but not with this file.
Even though i've reported this as a bug, i just whanted to ask if
somebody knows more about this.
--
Mit freundlichen Gruessen
H. Backhaus
Fink-Computer Systeme
Heggrabenstr. 9, 35435 Wettenberg
Email: heino.backhaus at fink-computer.de<mailto:heino.backhaus at fink-computer.de>
Web: www.fink-computer.de<http://www.fink-computer.de>
Fax: +49-641-98444638
Fon: +49-641-98444640
UST-ID: DE151040770
HRB: 2143 Gießen
GF: Fredi Fink
"In retrospect it becomes clear that hindsight is definitely overrated!"
-Alfred E. Neumann
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list