diff --git a/src/src/malware.c b/src/src/malware.c
index c18cd95..e74ba98 100644
--- a/src/src/malware.c
+++ b/src/src/malware.c
@@ -1968,15 +1968,17 @@ b_seek:   err = errno;
 		    0, 0, ovector, nelem(ovector)) > 0)
 		break;
 
-	      if ((malware_name = m_pcre_exec(ava_re_virus, buf)))
+	      if (  !malware_name
+	         && (malware_name = m_pcre_exec(ava_re_virus, buf)))
 		{ /* remove backslash in front of [whitespace|backslash] */
 		uschar * p, * p0;
 		for (p = malware_name; *p; ++p)
 		  if (*p == '\\' && (isspace(p[1]) || p[1] == '\\'))
 		    for (p0 = p; *p0; ++p0) *p0 = p0[1];
 
-		avast_stage = AVA_DONE;
-		goto endloop;
+		DEBUG(D_acl)
+		  debug_printf_indent("unescaped m-name: '%s'\n", malware_name);
+		break;
 		}
 
 	      if (Ustrncmp(buf, "200 SCAN OK", 11) == 0)
@@ -1987,15 +1989,14 @@ b_seek:   err = errno;
 			      "unable to send quit request to socket (%s): %s",
 			      scanner_options, strerror(errno)),
 			      sock);
-		malware_name = NULL;
+
 		avast_stage = AVA_DONE;
-		goto endloop;
 		}
 
-	      /* here for any unexpected response from the scanner */
+	      /* here also for any unexpected response from the scanner */
 	      goto endloop;
 
-	    case AVA_DONE:	log_write(0, LOG_PANIC, "%s:%d:%s: should not happen",
+	    default:	log_write(0, LOG_PANIC, "%s:%d:%s: should not happen",
 			    __FILE__, __LINE__, __FUNCTION__);
 	    }
 	  }