[clamav-users] swift.doc Doc.Dropper.Agent-1776597

Joel Esler (jesler) jesler at cisco.com
Wed Oct 19 10:05:44 EDT 2016

So to be clear, it is not detected or it is detected?

Joel Esler | Talos: Manager| jesler at cisco.com<mailto:jesler at cisco.com>

On Oct 19, 2016, at 9:50 AM, Heino Backhaus <heino.backhaus at fink-computer.de<mailto:heino.backhaus at fink-computer.de>> wrote:

Hello List,

we've received totay early in the morning mails with a word document
containing a malicius macro,
which was not detected by clamav. It is now detected as
I've set up clamd with the OLE2BlockMacros yes option which normaly
works fine, but not with this file.
Even though i've reported this as a bug, i just whanted to ask if
somebody knows more about this.

Mit freundlichen Gruessen

H. Backhaus

Fink-Computer Systeme
Heggrabenstr. 9, 35435 Wettenberg
Email: heino.backhaus at fink-computer.de<mailto:heino.backhaus at fink-computer.de>
Web: www.fink-computer.de<http://www.fink-computer.de>
Fax: +49-641-98444638
Fon: +49-641-98444640
UST-ID: DE151040770
HRB: 2143 Gießen
GF: Fredi Fink

"In retrospect it becomes clear that hindsight is definitely overrated!"

 -Alfred E. Neumann

Help us build a comprehensive ClamAV guide:


More information about the clamav-users mailing list