LibClamAV debug: searching for unrar, user-searchpath: /usr/lib LibClamAV debug: searching for unrar: cygclamunrar_iface.dll.7.1.1 not found LibClamAV debug: searching for unrar: cygclamunrar_iface.dll.7 not found LibClamAV debug: searching for unrar: cygclamunrar_iface-7.dll not found LibClamAV debug: searching for unrar: cygclamunrar_iface.dll not found LibClamAV debug: searching for unrar: cygclamunrar_iface.a not found LibClamAV debug: Cannot dlopen cygclamunrar_iface: The specified module could not be found. - unrar support unavailable LibClamAV debug: Initialized devel-1282689 engine LibClamAV debug: Initializing phishcheck module LibClamAV debug: Phishcheck: Compiling regex: ^ *(http|https|ftp:(//)?)?[0-9]{1,3}(\.[0-9]{1,3}){3}[/?:]? *$ LibClamAV debug: Phishcheck module initialized LibClamAV debug: Bytecode initialized in JIT mode LibClamAV debug: Loading databases from /var/lib/clamav LibClamAV debug: in cli_cvdload() LibClamAV debug: in cli_tgzload() LibClamAV debug: daily.info loaded LibClamAV debug: in cli_tgzload_cleanup() LibClamAV debug: in cli_tgzload() LibClamAV debug: daily.cfg loaded LibClamAV debug: daily.cdb loaded LibClamAV debug: cli_loadcrt: subject: 4a532974c46ae5048824c6da8cfb8e163705b693 LibClamAV debug: cli_loadcrt: public key: ABCAC1194D5A2DDB91CD71AA7464BEE3EF5CFF333343EFFDA9A43DD193BEDEDD3276FBEF27DD41E3C86D2A44670388D6DB3FDE36F3EE1F96DEA1304CEB49E7355CD0C2AB5A9DA2A599155AE9D3787B5413CB00C0CBBC02AF8A0FF2EF8DE3CFF39F1CB6B001933A0D8FC9ED17C21BC27FFDD85BB0D7960BC7B863722B2503CCEDA1991ACF429908C3DA06DE4D59E399616F7E71269C27041B0425B9209167E1471911222C501D9322646BCFB0DE921542A611476A2E0CB60AA356A7CBE23BC127B8B20062996266539ACF4BD4042CF088E75E61BFFF2AB3FEA4BB5AF8B0D7198CEF14F60BA4F5FECB181D2566125E2854FD8DD65FD7AE665AF723077A5A5F8695 LibClamAV debug: cli_loadcrt: subject: 113bd86beddebcd4c5f10aa07ab2026b982f4b92 LibClamAV debug: cli_loadcrt: public key: 00f35dfa8067d45aa7a90c2c9020d035083c7584cdb707899c89dadecec360fa91685a9e94712918767cc2e0c82576940e58fa043436e6dfaff780bae9580b2b93e59d05e3772291f734643c22911d5ee10990bc14fefc755819e179b70792a3ae885908d89f07ca0358fc68296d32d7d2a8cb4bfce10b48324fe6ebb8ad4fe45c6f139499db95d575dba81ab79491b4775bf5480c8f6a797d1470047d6daf90f5da70d847b7bf9b2f6ce705b7e11160ac7991147cc5d6a6e4e17ed5c37ee592d23c00b53682de79e16df3b56ef89f33c9cb527d739836db8ba16ba295979ba3dec24d26ff0696672506c8e7ace4ee1233953199c835084e34ca7953d5b5be6332594036c0a54e044d3ddb5b0733e458bfef3f5364d842593557fd0f457c24044d9ed6387411972290ce684474926fd54b6fb086e3c73642a0d0fcc1c05af9a361b9304771960a16b091c04295ef107f286ae32a1fb1e4cd033f777104c720fc490f1d4588a4d7cb7e88ad8e2dec45dbc45104c92afcec869e9a11975bdece5388e6e2b7fdac95c22840dbef0490df813339d9b245a5238706a5558931bb062d600e41187d1f2eb597cb11eb15d524a594ef151489fd4b73fa325bfcd13300f95962700732ea2eab402d7bcadd21671b30998f16aa23a841d1b06e119b36c4de40749ce15865c1601e7a5LibClamAV debug: cli_loadcrt: subject: 113bd86beddebcd4c5f10aa07ab2026b982f4b92 LibClamAV debug: cli_loadcrt: public key: 00f35dfa8067d45aa7a90c2c9020d035083c7584cdb707899c89dadecec360fa91685a9e94712918767cc2e0c82576940e58fa043436e6dfaff780bae9580b2b93e59d05e3772291f734643c22911d5ee10990bc14fefc755819e179b70792a3ae885908d89f07ca0358fc68296d32d7d2a8cb4bfce10b48324fe6ebb8ad4fe45c6f139499db95d575dba81ab79491b4775bf5480c8f6a797d1470047d6daf90f5da70d847b7bf9b2f6ce705b7e11160ac7991147cc5d6a6e4e17ed5c37ee592d23c00b53682de79e16df3b56ef89f33c9cb527d739836db8ba16ba295979ba3dec24d26ff0696672506c8e7ace4ee1233953199c835084e34ca7953d5b5be6332594036c0a54e044d3ddb5b0733e458bfef3f5364d842593557fd0f457c24044d9ed6387411972290ce684474926fd54b6fb086e3c73642a0d0fcc1c05af9a361b9304771960a16b091c04295ef107f286ae32a1fb1e4cd033f777104c720fc490f1d4588a4d7cb7e88ad8e2dec45dbc45104c92afcec869e9a11975bdece5388e6e2b7fdac95c22840dbef0490df813339d9b245a5238706a5558931bb062d600e41187d1f2eb597cb11eb15d524a594ef151489fd4b73fa325bfcd13300f95962700732ea2eab402d7bcadd21671b30998f16aa23a841d1b06e119b36c4de40749ce15865c1601e7a5LibClamAV debug: cli_loadcrt: subject: 113bd86beddebcd4c5f10aa07ab2026b982f4b92 LibClamAV debug: cli_loadcrt: public key: 00f35dfa8067d45aa7a90c2c9020d035083c7584cdb707899c89dadecec360fa91685a9e94712918767cc2e0c82576940e58fa043436e6dfaff780bae9580b2b93e59d05e3772291f734643c22911d5ee10990bc14fefc755819e179b70792a3ae885908d89f07ca0358fc68296d32d7d2a8cb4bfce10b48324fe6ebb8ad4fe45c6f139499db95d575dba81ab79491b4775bf5480c8f6a797d1470047d6daf90f5da70d847b7bf9b2f6ce705b7e11160ac7991147cc5d6a6e4e17ed5c37ee592d23c00b53682de79e16df3b56ef89f33c9cb527d739836db8ba16ba295979ba3dec24d26ff0696672506c8e7ace4ee1233953199c835084e34ca7953d5b5be6332594036c0a54e044d3ddb5b0733e458bfef3f5364d842593557fd0f457c24044d9ed6387411972290ce684474926fd54b6fb086e3c73642a0d0fcc1c05af9a361b9304771960a16b091c04295ef107f286ae32a1fb1e4cd033f777104c720fc490f1d4588a4d7cb7e88ad8e2dec45dbc45104c92afcec869e9a11975bdece5388e6e2b7fdac95c22840dbef0490df813339d9b245a5238706a5558931bb062d600e41187d1f2eb597cb11eb15d524a594ef151489fd4b73fa325bfcd13300f95962700732ea2eab402d7bcadd21671b30998f16aa23a841d1b06e119b36c4de40749ce15865c1601e7a5LibClamAV debug: cli_loadcrt: subject: 113bd86beddebcd4c5f10aa07ab2026b982f4b92 LibClamAV debug: cli_loadcrt: public key: 00f35dfa8067d45aa7a90c2c9020d035083c7584cdb707899c89dadecec360fa91685a9e94712918767cc2e0c82576940e58fa043436e6dfaff780bae9580b2b93e59d05e3772291f734643c22911d5ee10990bc14fefc755819e179b70792a3ae885908d89f07ca0358fc68296d32d7d2a8cb4bfce10b48324fe6ebb8ad4fe45c6f139499db95d575dba81ab79491b4775bf5480c8f6a797d1470047d6daf90f5da70d847b7bf9b2f6ce705b7e11160ac7991147cc5d6a6e4e17ed5c37ee592d23c00b53682de79e16df3b56ef89f33c9cb527d739836db8ba16ba295979ba3dec24d26ff0696672506c8e7ace4ee1233953199c835084e34ca7953d5b5be6332594036c0a54e044d3ddb5b0733e458bfef3f5364d842593557fd0f457c24044d9ed6387411972290ce684474926fd54b6fb086e3c73642a0d0fcc1c05af9a361b9304771960a16b091c04295ef107f286ae32a1fb1e4cd033f777104c720fc490f1d4588a4d7cb7e88ad8e2dec45dbc45104c92afcec869e9a11975bdece5388e6e2b7fdac95c22840dbef0490df813339d9b245a5238706a5558931bb062d600e41187d1f2eb597cb11eb15d524a594ef151489fd4b73fa325bfcd13300f95962700732ea2eab402d7bcadd21671b30998f16aa23a841d1b06e119b36c4de40749ce15865c1601e7a5LibClamAV debug: Number of certs: 2 LibClamAV debug: daily.crb loaded LibClamAV debug: hashtab.c:Growing hashtable 0x6ffffff8e10, because it has exceeded maxfill, old size:64 LibClamAV debug: hashtab.c: new capacity: 128 LibClamAV debug: Table 0x6ffffff8e10 size after grow:128 LibClamAV debug: hashtab.c:Growing hashtable 0x6ffffff8e10, because it has exceeded maxfill, old size:128 LibClamAV debug: hashtab.c: new capacity: 256 LibClamAV debug: Table 0x6ffffff8e10 size after grow:256 LibClamAV debug: hashtab.c:Growing hashtable 0x6ffffff8e10, because it has exceeded maxfill, old size:256 LibClamAV debug: hashtab.c: new capacity: 512 LibClamAV debug: Table 0x6ffffff8e10 size after grow:512 LibClamAV debug: hashtab.c:Growing hashtable 0x6ffffff8e10, because it has exceeded maxfill, old size:512 LibClamAV debug: hashtab.c: new capacity: 1024 LibClamAV debug: Table 0x6ffffff8e10 size after grow:1024 LibClamAV debug: daily.fp loaded LibClamAV debug: Initializing engine->root[0] LibClamAV debug: Initialising AC pattern matcher of root[0] LibClamAV debug: cli_initroots: Initializing BM tables of root[0] LibClamAV debug: Initializing engine->root[1] LibClamAV debug: Initialising AC pattern matcher of root[1] LibClamAV debug: cli_initroots: Initializing BM tables of root[1] LibClamAV debug: Initializing engine->root[2] LibClamAV debug: Initialising AC pattern matcher of root[2] LibClamAV debug: Initializing engine->root[3] LibClamAV debug: Initialising AC pattern matcher of root[3] LibClamAV debug: Initializing engine->root[4] LibClamAV debug: Initialising AC pattern matcher of root[4] LibClamAV debug: Initializing engine->root[5] LibClamAV debug: Initialising AC pattern matcher of root[5] LibClamAV debug: Initializing engine->root[6] LibClamAV debug: Initialising AC pattern matcher of root[6] LibClamAV debug: Initializing engine->root[7] LibClamAV debug: Initialising AC pattern matcher of root[7] LibClamAV debug: Initializing engine->root[8] LibClamAV debug: Initialising AC pattern matcher of root[8] LibClamAV debug: Initializing engine->root[9] LibClamAV debug: Initialising AC pattern matcher of root[9] LibClamAV debug: Initializing engine->root[10] LibClamAV debug: Initialising AC pattern matcher of root[10] LibClamAV debug: Initializing engine->root[11] LibClamAV debug: Initialising AC pattern matcher of root[11] LibClamAV debug: Initializing engine->root[12] LibClamAV debug: Initialising AC pattern matcher of root[12] LibClamAV debug: Initializing engine->root[13] LibClamAV debug: Initialising AC pattern matcher of root[13] LibClamAV debug: Initializing engine->root[14] LibClamAV debug: Initialising AC pattern matcher of root[14] LibClamAV debug: Loaded 147 filetype definitions LibClamAV debug: daily.ftm loaded LibClamAV debug: hashtab.c:Growing hashtable 0x6ffff91c200, because it has exceeded maxfill, old size:64 LibClamAV debug: hashtab.c: new capacity: 128 LibClamAV debug: Table 0x6ffff91c200 size after grow:128 LibClamAV debug: hashtab.c:Growing hashtable 0x6ffff91c200, because it has exceeded maxfill, old size:128 LibClamAV debug: hashtab.c: new capacity: 256 LibClamAV debug: Table 0x6ffff91c200 size after grow:256 LibClamAV debug: hashtab.c:Growing hashtable 0x6ffff91c200, because it has exceeded maxfill, old size:256 LibClamAV debug: hashtab.c: new capacity: 512 LibClamAV debug: Table 0x6ffff91c200 size after grow:512 LibClamAV debug: hashtab.c:Growing hashtable 0x6ffff91c200, because it has exceeded maxfill, old size:512 LibClamAV debug: hashtab.c: new capacity: 1024 LibClamAV debug: Table 0x6ffff91c200 size after grow:1024 LibClamAV debug: hashtab.c:Growing hashtable 0x6ffff91c200, because it has exceeded maxfill, old size:1024 LibClamAV debug: hashtab.c: new capacity: 2048 LibClamAV debug: Table 0x6ffff91c200 size after grow:2048 LibClamAV debug: hashtab.c:Growing hashtable 0x6ffff91c200, because it has exceeded maxfill, old size:2048 LibClamAV debug: hashtab.c: new capacity: 4096 LibClamAV debug: Table 0x6ffff91c200 size after grow:4096 LibClamAV debug: hashtab.c:Growing hashtable 0x6ffff91c200, because it has exceeded maxfill, old size:4096 LibClamAV debug: hashtab.c: new capacity: 8192 LibClamAV debug: Table 0x6ffff91c200 size after grow:8192 LibClamAV debug: hashtab.c:Growing hashtable 0x6ffff91c200, because it has exceeded maxfill, old size:8192 LibClamAV debug: hashtab.c: new capacity: 16384 LibClamAV debug: Table 0x6ffff91c200 size after grow:16384 LibClamAV debug: hashtab.c:Growing hashtable 0x6ffff91c200, because it has exceeded maxfill, old size:16384 LibClamAV debug: hashtab.c: new capacity: 32768 LibClamAV debug: Table 0x6ffff91c200 size after grow:32768 LibClamAV debug: daily.hdb loaded LibClamAV debug: daily.hdu skipped LibClamAV debug: daily.hsb loaded LibClamAV debug: daily.hsu skipped LibClamAV debug: daily.idb loaded LibClamAV debug: daily.ign loaded LibClamAV debug: daily.ign2 loaded LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType' LibClamAV debug: init_tdb: Not supported attribute(s) in signature for Win.Trojan.CVE_2006_5857-1, skipping LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType' LibClamAV debug: init_tdb: Not supported attribute(s) in signature for Win.Exploit.CVE_2009_2502-1, skipping LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType' LibClamAV debug: init_tdb: Not supported attribute(s) in signature for Pdf.Exploit.Agent-1388609, skipping LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType' LibClamAV debug: init_tdb: Not supported attribute(s) in signature for Pdf.Exploit.CVE_2012_4154-1, skipping LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType' LibClamAV debug: init_tdb: Not supported attribute(s) in signature for Pdf.Exploit.CVE_2012_4157-1, skipping LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType' LibClamAV debug: init_tdb: Not supported attribute(s) in signature for Pdf.Exploit.CVE_2011_4370-1, skipping LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType' LibClamAV debug: init_tdb: Not supported attribute(s) in signature for Osx.Trojan.Iumler-1, skipping LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType' LibClamAV debug: init_tdb: Not supported attribute(s) in signature for Pdf.Exploit.Dropped-2014, skipping LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType' LibClamAV debug: init_tdb: Not supported attribute(s) in signature for Win.Trojan.Quarian-2, skipping LibClamAV debug: daily.ldb loaded LibClamAV debug: daily.ldu skipped LibClamAV debug: hashtab.c:Growing hashtable 0x6fffe959cb8, because it has exceeded maxfill, old size:64 LibClamAV debug: hashtab.c: new capacity: 128 LibClamAV debug: Table 0x6fffe959cb8 size after grow:128 LibClamAV debug: hashtab.c:Growing hashtable 0x6fffe959cb8, because it has exceeded maxfill, old size:128 LibClamAV debug: hashtab.c: new capacity: 256 LibClamAV debug: Table 0x6fffe959cb8 size after grow:256 LibClamAV debug: hashtab.c:Growing hashtable 0x6fffe959cb8, because it has exceeded maxfill, old size:256 LibClamAV debug: hashtab.c: new capacity: 512 LibClamAV debug: Table 0x6fffe959cb8 size after grow:512 LibClamAV debug: hashtab.c:Growing hashtable 0x6fffe959cb8, because it has exceeded maxfill, old size:512 LibClamAV debug: hashtab.c: new capacity: 1024 LibClamAV debug: Table 0x6fffe959cb8 size after grow:1024 LibClamAV debug: hashtab.c:Growing hashtable 0x6fffe959cb8, because it has exceeded maxfill, old size:1024 LibClamAV debug: hashtab.c: new capacity: 2048 LibClamAV debug: Table 0x6fffe959cb8 size after grow:2048 LibClamAV debug: hashtab.c:Growing hashtable 0x6fffe959cb8, because it has exceeded maxfill, old size:2048 LibClamAV debug: hashtab.c: new capacity: 4096 LibClamAV debug: Table 0x6fffe959cb8 size after grow:4096 LibClamAV debug: hashtab.c:Growing hashtable 0x6fffe959cb8, because it has exceeded maxfill, old size:4096 LibClamAV debug: hashtab.c: new capacity: 8192 LibClamAV debug: Table 0x6fffe959cb8 size after grow:8192 LibClamAV debug: daily.mdb loaded LibClamAV debug: daily.mdu skipped LibClamAV debug: daily.msb loaded LibClamAV debug: daily.msu skipped LibClamAV debug: daily.ndb loaded LibClamAV debug: daily.ndu skipped LibClamAV debug: Loading regex_list LibClamAV debug: daily.pdb loaded LibClamAV debug: daily.sfp loaded LibClamAV debug: Loading regex_list LibClamAV debug: daily.wdb loaded LibClamAV debug: in cli_tgzload_cleanup() LibClamAV debug: /var/lib/clamav/daily.cld loaded LibClamAV debug: in cli_cvdload() LibClamAV debug: MD5(.tar.gz) = ec5fe4a17ebfbcbbd873fa6048d5b001 LibClamAV debug: cli_versig: Decoded signature: ec5fe4a17ebfbcbbd873fa6048d5b001 LibClamAV debug: cli_versig: Digital signature is correct. LibClamAV debug: in cli_tgzload() LibClamAV debug: bytecode.info loaded LibClamAV debug: in cli_tgzload_cleanup() LibClamAV debug: in cli_tgzload() LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 6 APIcalls, maxapi 42 LibClamAV debug: Parsed 46 BBs, 210 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986185.cbc(1) has logical signature: BC.Legacy.Exploit.CVE_2010_2568-4.{};Engine:56-255,Target:0;0;4c0000000114020000000000c000000000000046 LibClamAV debug: 3986185.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 11 APIcalls, maxapi 66 LibClamAV debug: Parsed 48 BBs, 230 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986187.cbc(2) has logical signature: BC.Legacy.Exploit.CVE_2010_1885-2;Engine:52-255,Target:3;0;6863703a2f2f{25-700}736372697074{1-3}6465666572 LibClamAV debug: 3986187.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 7 APIcalls, maxapi 89 LibClamAV debug: Parsed 11 BBs, 43 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986188.cbc(3) has logical signature: BC.Heuristics.Trojan.Agent-1350164.{};Engine:56-255,IconGroup2:BIFROSE,Target:1;0;EP+0:60be00??41008dbe00??feff57eb0b908a064688074701db75078b1e83eefc11db72edb80100000001db75078b1e83eefc11db11c001 LibClamAV debug: 3986188.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 9 APIcalls, maxapi 87 LibClamAV debug: Parsed 20 BBs, 67 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: 3986206.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 11 APIcalls, maxapi 87 LibClamAV debug: Parsed 26 BBs, 150 instructions LibClamAV debug: Parsed 40 BBs, 131 instructions LibClamAV debug: Parsed 2 functions LibClamAV debug: 3986212.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 13 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986214.cbc(6) has logical signature: BC.Legacy.Exploit.CVE_2010_3338-1.{Exploit-CVE_2010_3338};Engine:56-255,Target:1;0;S1+3125:003c005000 LibClamAV debug: 3986214.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 23 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986215.cbc(7) has logical signature: BC.Legacy.Exploit.CVE_2010_3963-1.{Exploit-CVE_2010_3963};Engine:56-255,Target:1;(1|0);EOF-64:453a5c776f;453a5c776f LibClamAV debug: 3986215.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 2 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 27 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986216.cbc(8) has logical signature: BC.Legacy.Exploit.CVE_2010_3943-1.{Exploit-CVE_2010_3943};Engine:56-255,Target:1;(0&2&1);S0+14736:ffff595f5e;S0+15632:8b00385dfc;S0+19520:83661c0059 LibClamAV debug: 3986216.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 13 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986217.cbc(9) has logical signature: BC.Legacy.Exploit.CVE_2010_3939-1.{Exploit-CVE_2010_3939};Engine:56-255,Target:1;0;S0+0:81ecc80000 LibClamAV debug: 3986217.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 33 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986218.cbc(10) has logical signature: BC.Legacy.Exploit.CVE_2010_3942-1.{Exploit-CVE_2010_3942};Engine:56-255,Target:1;(0&2&1);S0+4096:d6ffd05959;S0+9456:c6730f8b07;S0+12912:a0b9400089 LibClamAV debug: 3986218.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 13 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986219.cbc(11) has logical signature: BC.Legacy.Exploit.CVE_2010_3940-1.{Exploit-CVE_2010_3940};Engine:56-255,Target:1;0;S1+608:256400000a LibClamAV debug: 3986219.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 13 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986220.cbc(12) has logical signature: BC.Legacy.Exploit.CVE_2010_3941-1.{Exploit-CVE_2010_3941};Engine:56-255,Target:1;0;S1+6656:436f756c64 LibClamAV debug: 3986220.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 2 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 19 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986221.cbc(13) has logical signature: BC.Legacy.Exploit.CVE_2010_3944-1.{Exploit-CVE_2010_3944};Engine:56-255,Target:1;(0&1);S0+1696:fc0000000f;S0+2864:1f837dfc00 LibClamAV debug: 3986221.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 2 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 11 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986222.cbc(14) has logical signature: BC.Legacy.Exploit.CVE_2010_3961-1.{Exploit-CVE_2010_3961};Engine:56-255,Target:1;0;S1+704:7665640044 LibClamAV debug: 3986222.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 5 APIcalls, maxapi 66 LibClamAV debug: Parsed 9 BBs, 38 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986223.cbc(15) has logical signature: BC.Legacy.Exploit.CVE_2010_3333-5.{Exploit-CVE_2010_3333};Engine:56-255,Target:0;0;5c7370{-100}5c736e2070467261676d656e7473{-100}5c7376 LibClamAV debug: 3986223.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 13 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986224.cbc(16) has logical signature: BC.Legacy.Exploit.CVE_2011_0026-1.{Exploit-CVE_2011_0026};Engine:56-255,Target:1;0;S1+1200:fffeffebd0 LibClamAV debug: 3986224.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 23 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986229.cbc(17) has logical signature: BC.Legacy.Exploit.CVE_2011_0030-1.{Exploit-CVE_2011_0030};Engine:56-255,Target:1;(1|0);S1+11272:483a5c7368656c6c;S1+2652:437372436c69656e7443616c6c536572766572 LibClamAV debug: 3986229.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 23 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986230.cbc(18) has logical signature: BC.Legacy.Exploit.CVE_2011_0045-1.{Exploit-CVE_2011_0045};Engine:56-255,Target:1;(1|0);S1+346:54726163654576656e74;S0+0:558bec83ec48c745f0080000c0c745f8 LibClamAV debug: 3986230.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 13 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986231.cbc(19) has logical signature: BC.Legacy.Exploit.CVE_2011_0090-1.{Exploit-CVE_2011_0090};Engine:56-255,Target:1;0;S0+64:558bec83ec68c745d80000000033c089 LibClamAV debug: 3986231.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 23 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986232.cbc(20) has logical signature: BC.Legacy.Exploit.CVE_2011_0089-1.{Exploit-CVE_2011_0089};Engine:56-255,Target:1;(1|0);S2+16304:020000005c5c7265647465616d5c7365;S1+6000:51ff15242443003bf4e803efffff8bf4 LibClamAV debug: 3986232.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 23 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986233.cbc(21) has logical signature: BC.Legacy.Exploit.CVE_2011_0088-1.{Exploit-CVE_2011_0088};Engine:56-255,Target:1;(1|0);S2+16224:4551466f020000005c5c726564746561;S1+5680:ec51ff15182443003bf4e838f0ffffb8 LibClamAV debug: 3986233.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 23 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986234.cbc(22) has logical signature: BC.Legacy.Exploit.CVE_2011_0039-1.{Exploit-CVE_2011_0039};Engine:56-255,Target:1;(1|0);S0+784:5c564d572d5850535032454e5c63245c;S1+992:747874446f6d61696e00020438045802 LibClamAV debug: 3986234.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 23 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986235.cbc(23) has logical signature: BC.Legacy.Exploit.CVE_2011_0087-1.{Exploit-CVE_2011_0087};Engine:56-255,Target:1;(1|0);S2+0:0a5b2a5d20466f756e642077696e646f;S0+80:550852ff15248140008b85f0feffff8b LibClamAV debug: 3986235.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 23 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986236.cbc(24) has logical signature: BC.Legacy.Exploit.CVE_2011_0086-1.{Exploit-CVE_2011_0086};Engine:56-255,Target:1;(1|0);S2+16:6e642077696e646f773a202578202825;S0+256:4000e8ad03000083c4048b550852ff15 LibClamAV debug: 3986236.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 3 BBs, 13 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986242.cbc(25) has logical signature: BC.Legacy.Exploit.CVE_2011_0037-1.{Exploit-CVE_2011_0037};Engine:56-255,Target:1;0;S1+736:626c6564000000002028557365642066 LibClamAV debug: 3986242.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 66 LibClamAV debug: Parsed 15 BBs, 85 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986244.cbc(26) has logical signature: BC.Legacy.Exploit.MS_04_11-1.{CVE_2011_0662,CVE_2011_1229_or_CVE_2011_1231,CVE_2011_1231,CVE_2011_1237,CVE_2011_1238,CVE_2011_1239,CVE_2011_1241,CVE_2011_1242};Engine:56-255,Target:1;(0|1|2|3|4|5|6);S2+16272:52534453bb1a649c7ea0154cb19ce3e3;S2+16240:000000000000000052534453646e64ce;S0+432:ff15d8ca40006a006830f10000681201;S2+16128:52534453645a82377e51384580df1e6c;S2+16272:00000000000000000000000052534453;S2+17568:0000000000000000525344537b499ed5;S2+16608:0000000000000000525344538c350b8e LibClamAV debug: 3986244.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 9 APIcalls, maxapi 72 LibClamAV debug: Parsed 214 BBs, 952 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986249.cbc(27) has logical signature: BC.Win.Trojan.Xpaj-7;Engine:60-255,Target:1;(1|0);5589e583ec;558bec83ec LibClamAV debug: 3986249.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 5 LibClamAV debug: Parsed 43 BBs, 111 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986259.cbc(28) has logical signature: BC.Legacy.Exploit.CVE_2011_4373-2;Engine:56-255,Container:CL_TYPE_PDF,Target:5;0;0:424d????00000000 LibClamAV debug: 3986259.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 7 APIcalls, maxapi 55 LibClamAV debug: Parsed 15 BBs, 76 instructions LibClamAV debug: Parsed 8 BBs, 29 instructions LibClamAV debug: Parsed 2 functions LibClamAV debug: Bytecode 3986282.cbc(29) has logical signature: BC.Legacy.Exploit.CVE_2012_0158-20.{CVE_2012_0158};Engine:56-255,Target:0;(0&1);0:7b5c7274;*:4430434631314530 LibClamAV debug: 3986282.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 4 APIcalls, maxapi 16 LibClamAV debug: Parsed 22 BBs, 58 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986283.cbc(30) has logical signature: BC.Legacy.Exploit.CVE_2012_1888-1.{};Engine:56-255,Target:0;0;0:2020300d0a53454354494f4e0d0a*454e544954494553{-500}4d54455854 LibClamAV debug: 3986283.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 5 LibClamAV debug: Parsed 17 BBs, 65 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986289.cbc(31) has logical signature: BC.Legacy.Exploit.Briefcase-1.{CVE_2012_1527,CVE_2012_1528};Engine:56-255,Target:0;0;0:444453480205011414000000 LibClamAV debug: 3986289.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 4 APIcalls, maxapi 16 LibClamAV debug: Parsed 14 BBs, 41 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986292.cbc(32) has logical signature: BC.Legacy.Exploit.CVE_2012_1886-2.{};Engine:56-255,Target:2;0;0:d0cf11e0a1b11ae1*57006f0072006b0062006f006f006b*88000800 LibClamAV debug: 3986292.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 4 APIcalls, maxapi 16 LibClamAV debug: Parsed 15 BBs, 54 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986301.cbc(33) has logical signature: BC.Legacy.Exploit.CVE_2013_0030-2.{};Engine:60-255,Target:3;(0&2&1);646f63756d656e742e637265617465656c656d656e7428;3a7368617065;73657461747472696275746528{-5}70617468 LibClamAV debug: 3986301.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 8 APIcalls, maxapi 55 LibClamAV debug: Parsed 101 BBs, 378 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986303.cbc(34) has logical signature: BC.Legacy.Exploit.CVE_2013_0024-1.{};Engine:60-255,Target:3;(0&2&1);646f63756d656e742e626f64792e676574656c656d656e747362797461676e616d6528222a22293b;646f63756d656e742e73656c656374696f6e2e63726561746572616e676528;2e6d6f7665746f656c656d656e747465787428{-100}2e636f6c6c617073652874727565293b{-100}2e73656c65637428{-100}2e706173746568746d6c28 LibClamAV debug: 3986303.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 8 APIcalls, maxapi 55 LibClamAV debug: Parsed 30 BBs, 108 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986305.cbc(35) has logical signature: BC.Legacy.Exploit.CVE_2013_3146-2.{};Engine:60-255,Target:0;0;2e676574656c656d656e747362797461676e616d6528*636f6c756d6e2d636f756e74 LibClamAV debug: 3986305.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 5 APIcalls, maxapi 42 LibClamAV debug: Parsed 61 BBs, 261 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986306.cbc(36) has logical signature: BC.Legacy.Exploit.Andr-2.{Extra_Field,Master_Key};Engine:56-255,Target:0;(0&2&1);0:504b0304;*:416e64726f69644d616e69666573742e786d6c;*:636c61737365732e646578 LibClamAV debug: 3986306.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 8 APIcalls, maxapi 55 LibClamAV debug: Parsed 38 BBs, 135 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986310.cbc(37) has logical signature: BC.Legacy.Exploit.CVE_2013_3893-1.{CVE_2013_3893};Engine:60-255,Target:3;0;2e6170706c79656c656d656e7428*2e6f6e6c6f736563617074757265*2e7365746361707475726528*2e7365746361707475726528 LibClamAV debug: 3986310.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 4 APIcalls, maxapi 16 LibClamAV debug: Parsed 35 BBs, 96 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986318.cbc(38) has logical signature: BC.Legacy.Exploit.CVE_2012_4148-1.{};Engine:70-255,Target:10;(0&2&1);0:255044462d312e;*:2f416e6e6f74;*:2f53756274797065{-5}2f576964676574 LibClamAV debug: 3986318.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 4 APIcalls, maxapi 42 LibClamAV debug: Parsed 83 BBs, 646 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986321.cbc(39) has logical signature: BC.Win.Virus.Ransom-9157.{A,B};Engine:56-255,Target:1;((1&2)|0);81c1????????81c2????????81c1;0bf2*0bca;0bd3*0bc1 LibClamAV debug: 3986321.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 6 APIcalls, maxapi 42 LibClamAV debug: Parsed 19 BBs, 65 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986322.cbc(40) has logical signature: BC.Legacy.Exploit.CVE_2014_8460-1.{};Engine:73-255,Target:10;0;2f537562727320 LibClamAV debug: 3986322.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 4 APIcalls, maxapi 16 LibClamAV debug: Parsed 9 BBs, 35 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986326.cbc(41) has logical signature: BC.Win.Trojan.Phasebot-1.{};Engine:56-255,Target:1;0;0:4d5a{-58}5045 LibClamAV debug: 3986326.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 4 APIcalls, maxapi 16 LibClamAV debug: Parsed 11 BBs, 50 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986327.cbc(42) has logical signature: BC.Legacy.Exploit.CVE_2012_1535-2.{};Engine:56-255,Target:0;((1|0)&2);0:465753;0:d0cf11e0a1b11ae1*465753;4f54544f LibClamAV debug: 3986327.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 4 APIcalls, maxapi 16 LibClamAV debug: Parsed 12 BBs, 52 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986328.cbc(43) has logical signature: BC.Legacy.Exploit.CVE_2012_1458-1.{};Engine:56-255,Target:0;(0&1);0:49545346;4c5a5843 LibClamAV debug: 3986328.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 4 APIcalls, maxapi 16 LibClamAV debug: Parsed 16 BBs, 52 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986334.cbc(44) has logical signature: BC.Legacy.Exploit.CVE_2015_3078-1;Engine:56-255,Target:0;0;4:6d6f6f76*00000001(61|68)766343 LibClamAV debug: 3986334.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 3 APIcalls, maxapi 16 LibClamAV debug: Parsed 9 BBs, 21 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 3986337.cbc(45) has logical signature: BC.Legacy.Exploit.CVE_2015_5093-2.{};Engine:74-255,Target:10;0;6170702e646f632e676574416e6e6f74733344*6d616b654d6561737572656d656e74 LibClamAV debug: 3986337.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 7 APIcalls, maxapi 55 LibClamAV debug: Parsed 13 BBs, 47 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode 4306126.cbc(46) has logical signature: BC.Unix.Exploit.Agent-1393645-1.{};Engine:56-255,Target:0;0;04002d6c68{14}2003{4}000000 LibClamAV debug: 4306126.cbc loaded LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 5 APIcalls, maxapi 42 LibClamAV debug: Parsed 10 BBs, 48 instructions LibClamAV debug: Parsed 25 BBs, 125 instructions LibClamAV debug: Parsed 2 functions LibClamAV debug: Bytecode 4306157.cbc(47) has logical signature: BC.Win.Packer.Troll-11;Engine:56-255,Target:1;0;2a8378100375248b40143d2005931974153d21059319740e3d2205931974 LibClamAV debug: 4306157.cbc loaded LibClamAV debug: in cli_tgzload_cleanup() LibClamAV debug: /var/lib/clamav/bytecode.cvd loaded LibClamAV debug: in cli_cvdload() LibClamAV debug: MD5(.tar.gz) = 06386f34a16ebeea2733ab037f0536be LibClamAV debug: cli_versig: Decoded signature: 06386f34a16ebeea2733ab037f0536be LibClamAV debug: cli_versig: Digital signature is correct. LibClamAV debug: in cli_tgzload() LibClamAV debug: main.info loaded LibClamAV debug: in cli_tgzload_cleanup() LibClamAV debug: in cli_tgzload() LibClamAV debug: Ignoring signature Win.Trojan.Trojan-476 LibClamAV debug: hashtab.c:Growing hashtable 0x6ffff91c200, because it has exceeded maxfill, old size:32768 LibClamAV debug: hashtab.c: new capacity: 65536 LibClamAV debug: Table 0x6ffff91c200 size after grow:65536 LibClamAV debug: main.hdb loaded LibClamAV debug: main.hsb loaded LibClamAV debug: hashtab.c:Growing hashtable 0x6fffe959cb8, because it has exceeded maxfill, old size:8192 LibClamAV debug: hashtab.c: new capacity: 16384 LibClamAV debug: Table 0x6fffe959cb8 size after grow:16384 LibClamAV debug: hashtab.c:Growing hashtable 0x6fffe959cb8, because it has exceeded maxfill, old size:16384 LibClamAV debug: hashtab.c: new capacity: 32768 LibClamAV debug: Table 0x6fffe959cb8 size after grow:32768 LibClamAV debug: hashtab.c:Growing hashtable 0x6fffe959cb8, because it has exceeded maxfill, old size:32768 LibClamAV debug: hashtab.c: new capacity: 65536 LibClamAV debug: Table 0x6fffe959cb8 size after grow:65536 LibClamAV debug: Ignoring signature Win.Trojan.Kazy-243 LibClamAV debug: Ignoring signature Win.Trojan.Kazy-248 LibClamAV debug: hashtab.c:Growing hashtable 0x6fffe959cb8, because it has exceeded maxfill, old size:65536 LibClamAV debug: hashtab.c: new capacity: 131072 LibClamAV debug: Table 0x6fffe959cb8 size after grow:131072 LibClamAV debug: Ignoring signature Win.Trojan.Agent-635923 LibClamAV debug: Ignoring signature Win.Trojan.Vbkrypt-10091 LibClamAV debug: Ignoring signature Win.Trojan.Ramnit-2960 LibClamAV debug: Ignoring signature Win.Trojan.Test-6 LibClamAV debug: Ignoring signature Win.Trojan.Swrort-11418 LibClamAV debug: Ignoring signature Win.Trojan.Agent-947042 LibClamAV debug: hashtab.c:Growing hashtable 0x6fffe959cb8, because it has exceeded maxfill, old size:131072 LibClamAV debug: hashtab.c: new capacity: 262144 LibClamAV debug: Table 0x6fffe959cb8 size after grow:262144 LibClamAV debug: Ignoring signature Win.Trojan.Zekos-2 LibClamAV debug: Ignoring signature Win.Trojan.Agent-1139702 LibClamAV debug: Ignoring signature Win.Trojan.Agent-1259832 LibClamAV debug: Ignoring signature Win.Trojan.Agent-1320845 LibClamAV debug: Ignoring signature Win.Trojan.Slugin-285 LibClamAV debug: Ignoring signature Win.Trojan.11090634-1 LibClamAV debug: Ignoring signature Win.Worm.Tenga-163 LibClamAV debug: main.mdb loaded LibClamAV debug: main.msb loaded LibClamAV debug: Ignoring signature Email.Phishing.DblDom-53 LibClamAV debug: Ignoring signature Email.Phishing.DblDom-60 LibClamAV debug: Ignoring signature Win.Trojan.Qhost-106 LibClamAV debug: Ignoring signature Win.Trojan.Poebot-44 LibClamAV debug: Ignoring signature Win.Trojan.Trojan-605 LibClamAV debug: Ignoring signature Win.Trojan.Virut-385 LibClamAV debug: Ignoring signature Win.Trojan.Troldesh-1 LibClamAV debug: Ignoring signature Html.Exploit.CVE_2015_6136-1 LibClamAV debug: main.ndb loaded LibClamAV debug: hashtab.c:Growing hashtable 0x6ffffff8e10, because it has exceeded maxfill, old size:1024 LibClamAV debug: hashtab.c: new capacity: 2048 LibClamAV debug: Table 0x6ffffff8e10 size after grow:2048 LibClamAV debug: main.fp loaded LibClamAV debug: main.sfp loaded LibClamAV debug: Number of certs: 2 LibClamAV debug: main.crb loaded LibClamAV debug: in cli_tgzload_cleanup() LibClamAV debug: /var/lib/clamav/main.cvd loaded LibClamAV debug: Using filter for trie 0 LibClamAV debug: Matcher[0]: GENERIC: AC sigs: 8350 (reloff: 9, absoff: 0) BM sigs: 30913 (reloff: 15, absoff: 130) PCREs: 1 (reloff: 0, absoff: 0) maxpatlen 1218 LibClamAV debug: Using filter for trie 1 LibClamAV debug: Matcher[1]: PE: AC sigs: 20807 (reloff: 5105, absoff: 0) BM sigs: 49020 (reloff: 44876, absoff: 4144) PCREs: 0 (reloff: 0, absoff: 0) maxpatlen 5584 LibClamAV debug: Matcher[2]: OLE2: AC sigs: 1903 (reloff: 0, absoff: 0) BM sigs: 0 (reloff: 0, absoff: 0) PCREs: 0 (reloff: 0, absoff: 0) maxpatlen 326 (ac_only mode) LibClamAV debug: Matcher[3]: HTML: AC sigs: 8625 (reloff: 0, absoff: 0) BM sigs: 0 (reloff: 0, absoff: 0) PCREs: 1 (reloff: 0, absoff: 0) maxpatlen 799 (ac_only mode) LibClamAV debug: Using filter for trie 4 LibClamAV debug: Matcher[4]: MAIL: AC sigs: 2729 (reloff: 0, absoff: 0) BM sigs: 0 (reloff: 0, absoff: 0) PCREs: 1 (reloff: 0, absoff: 0) maxpatlen 270 (ac_only mode) LibClamAV debug: Matcher[5]: GRAPHICS: AC sigs: 24 (reloff: 0, absoff: 0) BM sigs: 0 (reloff: 0, absoff: 0) PCREs: 0 (reloff: 0, absoff: 0) maxpatlen 227 (ac_only mode) LibClamAV debug: Matcher[6]: ELF: AC sigs: 208 (reloff: 34, absoff: 0) BM sigs: 0 (reloff: 0, absoff: 0) PCREs: 0 (reloff: 0, absoff: 0) maxpatlen 400 (ac_only mode) LibClamAV debug: Using filter for trie 7 LibClamAV debug: Matcher[7]: ASCII: AC sigs: 2432 (reloff: 0, absoff: 0) BM sigs: 0 (reloff: 0, absoff: 0) PCREs: 0 (reloff: 0, absoff: 0) maxpatlen 589 (ac_only mode) LibClamAV debug: Matcher[8]: NOT USED: AC sigs: 0 (reloff: 0, absoff: 0) BM sigs: 0 (reloff: 0, absoff: 0) PCREs: 0 (reloff: 0, absoff: 0) maxpatlen 0 (ac_only mode) LibClamAV debug: Matcher[9]: MACH-O: AC sigs: 930 (reloff: 0, absoff: 0) BM sigs: 0 (reloff: 0, absoff: 0) PCREs: 0 (reloff: 0, absoff: 0) maxpatlen 147 (ac_only mode) LibClamAV debug: Matcher[10]: PDF: AC sigs: 191 (reloff: 0, absoff: 0) BM sigs: 0 (reloff: 0, absoff: 0) PCREs: 0 (reloff: 0, absoff: 0) maxpatlen 211 (ac_only mode) LibClamAV debug: Matcher[11]: FLASH: AC sigs: 362 (reloff: 0, absoff: 0) BM sigs: 0 (reloff: 0, absoff: 0) PCREs: 0 (reloff: 0, absoff: 0) maxpatlen 128 (ac_only mode) LibClamAV debug: Matcher[12]: JAVA: AC sigs: 20 (reloff: 0, absoff: 0) BM sigs: 0 (reloff: 0, absoff: 0) PCREs: 0 (reloff: 0, absoff: 0) maxpatlen 30 (ac_only mode) LibClamAV debug: Matcher[13]: INTERNAL: AC sigs: 0 (reloff: 0, absoff: 0) BM sigs: 0 (reloff: 0, absoff: 0) PCREs: 0 (reloff: 0, absoff: 0) maxpatlen 0 (ac_only mode) LibClamAV debug: Matcher[14]: OTHER: AC sigs: 0 (reloff: 0, absoff: 0) BM sigs: 0 (reloff: 0, absoff: 0) PCREs: 0 (reloff: 0, absoff: 0) maxpatlen 0 (ac_only mode) LibClamAV debug: Building regex list LibClamAV debug: Using filter for trie 0 LibClamAV debug: hashtab: Freeing hashset, elements: 0, capacity: 0 LibClamAV debug: Building regex list LibClamAV debug: Using filter for trie 0 LibClamAV debug: hashtab: Freeing hashset, elements: 0, capacity: 0 LibClamAV debug: Dynamic engine configuration settings: LibClamAV debug: -------------------------------------- LibClamAV debug: Module PE: On LibClamAV debug: * Submodule PARITE: On LibClamAV debug: * Submodule KRIZ: On LibClamAV debug: * Submodule MAGISTR: On LibClamAV debug: * Submodule POLIPOS: On LibClamAV debug: * Submodule MD5SECT: On LibClamAV debug: * Submodule UPX: On LibClamAV debug: * Submodule FSG: On LibClamAV debug: * Submodule SWIZZOR: ** Off ** LibClamAV debug: * Submodule PETITE: On LibClamAV debug: * Submodule PESPIN: On LibClamAV debug: * Submodule YC: On LibClamAV debug: * Submodule WWPACK: On LibClamAV debug: * Submodule NSPACK: On LibClamAV debug: * Submodule MEW: On LibClamAV debug: * Submodule UPACK: On LibClamAV debug: * Submodule ASPACK: On LibClamAV debug: * Submodule CATALOG: On LibClamAV debug: * Submodule DISABLECERT: ** Off ** LibClamAV debug: * Submodule DUMPCERT: ** Off ** LibClamAV debug: * Submodule MATCHICON: On LibClamAV debug: Module ELF: On LibClamAV debug: Module MACHO: On LibClamAV debug: Module ARCHIVE: On LibClamAV debug: * Submodule RAR: On LibClamAV debug: * Submodule ZIP: On LibClamAV debug: * Submodule GZIP: On LibClamAV debug: * Submodule BZIP: On LibClamAV debug: * Submodule ARJ: On LibClamAV debug: * Submodule SZDD: On LibClamAV debug: * Submodule CAB: On LibClamAV debug: * Submodule CHM: On LibClamAV debug: * Submodule OLE2: On LibClamAV debug: * Submodule TAR: On LibClamAV debug: * Submodule CPIO: On LibClamAV debug: * Submodule BINHEX: On LibClamAV debug: * Submodule SIS: On LibClamAV debug: * Submodule NSIS: On LibClamAV debug: * Submodule AUTOIT: On LibClamAV debug: * Submodule ISHIELD: On LibClamAV debug: * Submodule 7zip: On LibClamAV debug: * Submodule ISO9660: On LibClamAV debug: * Submodule DMG: On LibClamAV debug: * Submodule XAR: On LibClamAV debug: * Submodule HFSPLUS: On LibClamAV debug: * Submodule XZ: On LibClamAV debug: * Submodule PASSWD: On LibClamAV debug: * Submodule MBR: On LibClamAV debug: * Submodule GPT: On LibClamAV debug: * Submodule APM: On LibClamAV debug: Module DOCUMENT: On LibClamAV debug: * Submodule HTML: On LibClamAV debug: * Submodule RTF: On LibClamAV debug: * Submodule PDF: On LibClamAV debug: * Submodule SCRIPT: On LibClamAV debug: * Submodule HTMLSKIPRAW: On LibClamAV debug: * Submodule JSNORM: On LibClamAV debug: * Submodule SWF: On LibClamAV debug: * Submodule OOXML: On LibClamAV debug: * Submodule MSPML: On LibClamAV debug: * Submodule HWP: On LibClamAV debug: Module MAIL: On LibClamAV debug: * Submodule MBOX: On LibClamAV debug: * Submodule TNEF: On LibClamAV debug: Module OTHER: On LibClamAV debug: * Submodule UUENCODED: On LibClamAV debug: * Submodule SCRENC: On LibClamAV debug: * Submodule RIFF: On LibClamAV debug: * Submodule JPEG: On LibClamAV debug: * Submodule CRYPTFF: On LibClamAV debug: * Submodule DLP: On LibClamAV debug: * Submodule MYDOOMLOG: On LibClamAV debug: * Submodule PREFILTERING: On LibClamAV debug: * Submodule PDFNAMEOBJ: On LibClamAV debug: * Submodule PRTNINTXN: On LibClamAV debug: Module PHISHING On LibClamAV debug: * Submodule ENGINE: On LibClamAV debug: * Submodule ENTCONV: On LibClamAV debug: Module BYTECODE On LibClamAV debug: * Submodule INTERPRETER: On LibClamAV debug: * Submodule JIT X86: On LibClamAV debug: * Submodule JIT PPC: On LibClamAV debug: * Submodule JIT ARM: ** Off ** LibClamAV debug: Module STATS Off LibClamAV debug: Module PCRE On LibClamAV debug: * Submodule SUPPORT: On LibClamAV debug: * Submodule OPTIONS: On LibClamAV debug: * Submodule GLOBAL: On LibClamAV debug: pool memory used: 344.374 MB LibClamAV debug: environment detected: LibClamAV debug: check_platform(0x11215252, 0x08050300, 0x01050300) LibClamAV debug: check_platform(0x11 2 1 52 52,0x0 8 05 03 00,0x01 05 03 00) LibClamAV debug: check_platform( OS CPU COM FL DCONF,BE PTR CXX VV.VV.VV, FLG CC VV.VV.VV) LibClamAV debug: Engine version: devel-1282689 LibClamAV debug: Host triple: x86_64-unknown-windows-cygnus LibClamAV debug: Host CPU: pentium-m LibClamAV debug: OS: CYGWIN_NT-6.3 LibClamAV debug: OS release: 2.5.1(0.297/5/3) LibClamAV debug: OS version: 2016-04-21 22:14 LibClamAV debug: OS hardware: x86_64 LibClamAV debug: OS LLVM category: 14 LibClamAV debug: Has JIT compiled: 1 LibClamAV debug: ------------------------------------------------------ LibClamAV debug: Bytecode: mode is 0 LibClamAV debug: Loading trusted bytecode LibClamAV debug: bytecode: Parsed 9 APIcalls, maxapi 74 LibClamAV debug: unknown inst type: 96 LibClamAV debug: unknown inst type: 67 LibClamAV debug: unknown inst type: 67 LibClamAV debug: unknown inst type: 67 LibClamAV debug: unknown inst type: 67 LibClamAV debug: unknown inst type: 67 LibClamAV debug: unknown inst type: 67 LibClamAV debug: unknown inst type: 67 LibClamAV debug: unknown inst type: 67 LibClamAV debug: Parsed 53 BBs, 226 instructions LibClamAV debug: Parsed 1 functions LibClamAV debug: Bytecode: BC_STARTUP running (builtin) LibClamAV debug: Bytecode 0: executing in interpeter mode LibClamAV debug: bytecode: registered ctx variable at 0x3fed34280 (+256) id 6 LibClamAV debug: bytecode: registered ctx variable at 0x3fed6532c (+2) id 2 LibClamAV debug: bytecode: registered ctx variable at 0x3fed34380 (+256) id 1 LibClamAV debug: bytecode: registered ctx variable at 0x3fed65328 (+4) id 5 LibClamAV debug: bytecode: registered ctx variable at 0x3fed650a0 (+648) id 4 LibClamAV debug: bytecode: registered ctx variable at 0x6001721d0 (+744) id 7 LibClamAV debug: bytecode debug: startup: bytecode execution in auto mode LibClamAV debug: intepreter bytecode run finished in 37us, after executing 119 opcodes LibClamAV debug: Bytecode: disable status is 0 LibClamAV debug: [Bytecode JIT]: emitted function bc4294967295f0 of 26 bytes at 0x6ffea700010 LibClamAV debug: [Bytecode JIT]: emitted function bc4294967295f0_wrap of 21 bytes at 0x6ffea700040 LibClamAV debug: bytecode self test running LibClamAV debug: Bytecode 4294967295: executing in JIT mode LibClamAV debug: bytecode finished in 9 us LibClamAV debug: bytecode self test succeeded LibClamAV debug: [Bytecode JIT]: emitted function bc1f0 of 1113 bytes at 0x6ffea680010 LibClamAV debug: [Bytecode JIT]: emitted function bc1f0_wrap of 21 bytes at 0x6ffea680480 LibClamAV debug: [Bytecode JIT]: emitted function bc2f0 of 1463 bytes at 0x6ffea6804a0 LibClamAV debug: [Bytecode JIT]: emitted function bc2f0_wrap of 21 bytes at 0x6ffea680a60 LibClamAV debug: [Bytecode JIT]: emitted function bc3f0 of 394 bytes at 0x6ffea680a80 LibClamAV debug: [Bytecode JIT]: emitted function bc3f0_wrap of 21 bytes at 0x6ffea680c20 LibClamAV debug: [Bytecode JIT]: emitted function bc4f0 of 630 bytes at 0x6ffea680c40 LibClamAV debug: [Bytecode JIT]: emitted function bc4f0_wrap of 21 bytes at 0x6ffea680ec0 LibClamAV debug: [Bytecode JIT]: emitted function bc5f0 of 1033 bytes at 0x6ffea680ee0 LibClamAV debug: [Bytecode JIT]: emitted function bc5f1 of 682 bytes at 0x6ffea681300 LibClamAV debug: [Bytecode JIT]: emitted function bc5f0_wrap of 21 bytes at 0x6ffea6815c0 LibClamAV debug: [Bytecode JIT]: emitted function bc6f0 of 97 bytes at 0x6ffea6815e0 LibClamAV debug: [Bytecode JIT]: emitted function bc6f0_wrap of 21 bytes at 0x6ffea681650 LibClamAV debug: [Bytecode JIT]: emitted function bc7f0 of 146 bytes at 0x6ffea681670 LibClamAV debug: [Bytecode JIT]: emitted function bc7f0_wrap of 21 bytes at 0x6ffea681710 LibClamAV debug: [Bytecode JIT]: emitted function bc8f0 of 84 bytes at 0x6ffea681730 LibClamAV debug: [Bytecode JIT]: emitted function bc8f0_wrap of 21 bytes at 0x6ffea681790 LibClamAV debug: [Bytecode JIT]: emitted function bc9f0 of 97 bytes at 0x6ffea6817b0 LibClamAV debug: [Bytecode JIT]: emitted function bc9f0_wrap of 21 bytes at 0x6ffea681820 LibClamAV debug: [Bytecode JIT]: emitted function bc10f0 of 190 bytes at 0x6ffea681840 LibClamAV debug: [Bytecode JIT]: emitted function bc10f0_wrap of 21 bytes at 0x6ffea681910 LibClamAV debug: [Bytecode JIT]: emitted function bc11f0 of 97 bytes at 0x6ffea681930 LibClamAV debug: [Bytecode JIT]: emitted function bc11f0_wrap of 21 bytes at 0x6ffea6819a0 LibClamAV debug: [Bytecode JIT]: emitted function bc12f0 of 97 bytes at 0x6ffea6819c0 LibClamAV debug: [Bytecode JIT]: emitted function bc12f0_wrap of 21 bytes at 0x6ffea681a30 LibClamAV debug: [Bytecode JIT]: emitted function bc13f0 of 67 bytes at 0x6ffea681a50 LibClamAV debug: [Bytecode JIT]: emitted function bc13f0_wrap of 21 bytes at 0x6ffea681aa0 LibClamAV debug: [Bytecode JIT]: emitted function bc14f0 of 65 bytes at 0x6ffea681ac0 LibClamAV debug: [Bytecode JIT]: emitted function bc14f0_wrap of 21 bytes at 0x6ffea681b10 LibClamAV debug: [Bytecode JIT]: emitted function bc15f0 of 246 bytes at 0x6ffea681b30 LibClamAV debug: [Bytecode JIT]: emitted function bc15f0_wrap of 21 bytes at 0x6ffea681c30 LibClamAV debug: [Bytecode JIT]: emitted function bc16f0 of 95 bytes at 0x6ffea681c50 LibClamAV debug: [Bytecode JIT]: emitted function bc16f0_wrap of 21 bytes at 0x6ffea681cc0 LibClamAV debug: [Bytecode JIT]: emitted function bc17f0 of 148 bytes at 0x6ffea681ce0 LibClamAV debug: [Bytecode JIT]: emitted function bc17f0_wrap of 21 bytes at 0x6ffea681d80 LibClamAV debug: [Bytecode JIT]: emitted function bc18f0 of 148 bytes at 0x6ffea681da0 LibClamAV debug: [Bytecode JIT]: emitted function bc18f0_wrap of 21 bytes at 0x6ffea681e40 LibClamAV debug: [Bytecode JIT]: emitted function bc19f0 of 97 bytes at 0x6ffea681e60 LibClamAV debug: [Bytecode JIT]: emitted function bc19f0_wrap of 21 bytes at 0x6ffea681ed0 LibClamAV debug: [Bytecode JIT]: emitted function bc20f0 of 148 bytes at 0x6ffea681ef0 LibClamAV debug: [Bytecode JIT]: emitted function bc20f0_wrap of 21 bytes at 0x6ffea681f90 LibClamAV debug: [Bytecode JIT]: emitted function bc21f0 of 146 bytes at 0x6ffea681fb0 LibClamAV debug: [Bytecode JIT]: emitted function bc21f0_wrap of 21 bytes at 0x6ffea682050 LibClamAV debug: [Bytecode JIT]: emitted function bc22f0 of 146 bytes at 0x6ffea682070 LibClamAV debug: [Bytecode JIT]: emitted function bc22f0_wrap of 21 bytes at 0x6ffea682110 LibClamAV debug: [Bytecode JIT]: emitted function bc23f0 of 146 bytes at 0x6ffea682130 LibClamAV debug: [Bytecode JIT]: emitted function bc23f0_wrap of 21 bytes at 0x6ffea6821d0 LibClamAV debug: [Bytecode JIT]: emitted function bc24f0 of 146 bytes at 0x6ffea6821f0 LibClamAV debug: [Bytecode JIT]: emitted function bc24f0_wrap of 21 bytes at 0x6ffea682290 LibClamAV debug: [Bytecode JIT]: emitted function bc25f0 of 95 bytes at 0x6ffea6822b0 LibClamAV debug: [Bytecode JIT]: emitted function bc25f0_wrap of 21 bytes at 0x6ffea682320 LibClamAV debug: [Bytecode JIT]: emitted function bc26f0 of 513 bytes at 0x6ffea682340 LibClamAV debug: [Bytecode JIT]: emitted function bc26f0_wrap of 21 bytes at 0x6ffea682550 LibClamAV debug: [Bytecode JIT]: emitted function bc27f0 of 3645 bytes at 0x6ffea682570 LibClamAV debug: [Bytecode JIT]: emitted function bc27f0_wrap of 21 bytes at 0x6ffea6833c0 LibClamAV debug: [Bytecode JIT]: emitted function bc28f0 of 562 bytes at 0x6ffea6833e0 LibClamAV debug: [Bytecode JIT]: emitted function bc28f0_wrap of 21 bytes at 0x6ffea683620 LibClamAV debug: [Bytecode JIT]: emitted function bc29f0 of 710 bytes at 0x6ffea683640 LibClamAV debug: [Bytecode JIT]: emitted function bc29f1 of 229 bytes at 0x6ffea683910 LibClamAV debug: [Bytecode JIT]: emitted function bc29f0_wrap of 21 bytes at 0x6ffea683a00 LibClamAV debug: [Bytecode JIT]: emitted function bc30f0 of 453 bytes at 0x6ffea683a20 LibClamAV debug: [Bytecode JIT]: emitted function bc30f0_wrap of 21 bytes at 0x6ffea683bf0 LibClamAV debug: [Bytecode JIT]: emitted function bc31f0 of 411 bytes at 0x6ffea683c10 LibClamAV debug: [Bytecode JIT]: emitted function bc31f0_wrap of 21 bytes at 0x6ffea683dc0 LibClamAV debug: [Bytecode JIT]: emitted function bc32f0 of 384 bytes at 0x6ffea683de0 LibClamAV debug: [Bytecode JIT]: emitted function bc32f0_wrap of 21 bytes at 0x6ffea683f70 LibClamAV debug: [Bytecode JIT]: emitted function bc33f0 of 495 bytes at 0x6ffea683f90 LibClamAV debug: [Bytecode JIT]: emitted function bc33f0_wrap of 21 bytes at 0x6ffea684190 LibClamAV debug: [Bytecode JIT]: emitted function bc34f0 of 4377 bytes at 0x6ffea6841b0 LibClamAV debug: [Bytecode JIT]: emitted function bc34f0_wrap of 21 bytes at 0x6ffea6852e0 LibClamAV debug: [Bytecode JIT]: emitted function bc35f0 of 1170 bytes at 0x6ffea685300 LibClamAV debug: [Bytecode JIT]: emitted function bc35f0_wrap of 21 bytes at 0x6ffea6857a0 LibClamAV debug: [Bytecode JIT]: emitted function bc36f0 of 1406 bytes at 0x6ffea6857c0 LibClamAV debug: [Bytecode JIT]: emitted function bc36f0_wrap of 21 bytes at 0x6ffea685d50 LibClamAV debug: [Bytecode JIT]: emitted function bc37f0 of 1439 bytes at 0x6ffea685d70 LibClamAV debug: [Bytecode JIT]: emitted function bc37f0_wrap of 21 bytes at 0x6ffea686320 LibClamAV debug: [Bytecode JIT]: emitted function bc38f0 of 552 bytes at 0x6ffea686340 LibClamAV debug: [Bytecode JIT]: emitted function bc38f0_wrap of 21 bytes at 0x6ffea686570 LibClamAV debug: [Bytecode JIT]: emitted function bc39f0 of 1673 bytes at 0x6ffea686590 LibClamAV debug: [Bytecode JIT]: emitted function bc39f0_wrap of 21 bytes at 0x6ffea686c30 LibClamAV debug: [Bytecode JIT]: emitted function bc40f0 of 448 bytes at 0x6ffea686c50 LibClamAV debug: [Bytecode JIT]: emitted function bc40f0_wrap of 21 bytes at 0x6ffea686e20 LibClamAV debug: [Bytecode JIT]: emitted function bc41f0 of 257 bytes at 0x6ffea686e40 LibClamAV debug: [Bytecode JIT]: emitted function bc41f0_wrap of 21 bytes at 0x6ffea686f50 LibClamAV debug: [Bytecode JIT]: emitted function bc42f0 of 340 bytes at 0x6ffea686f70 LibClamAV debug: [Bytecode JIT]: emitted function bc42f0_wrap of 21 bytes at 0x6ffea6870d0 LibClamAV debug: [Bytecode JIT]: emitted function bc43f0 of 323 bytes at 0x6ffea6870f0 LibClamAV debug: [Bytecode JIT]: emitted function bc43f0_wrap of 21 bytes at 0x6ffea687240 LibClamAV debug: [Bytecode JIT]: emitted function bc44f0 of 426 bytes at 0x6ffea687260 LibClamAV debug: [Bytecode JIT]: emitted function bc44f0_wrap of 21 bytes at 0x6ffea687420 LibClamAV debug: [Bytecode JIT]: emitted function bc45f0 of 259 bytes at 0x6ffea687440 LibClamAV debug: [Bytecode JIT]: emitted function bc45f0_wrap of 21 bytes at 0x6ffea687550 LibClamAV debug: [Bytecode JIT]: emitted function bc46f0 of 421 bytes at 0x6ffea687570 LibClamAV debug: [Bytecode JIT]: emitted function bc46f0_wrap of 21 bytes at 0x6ffea687720 LibClamAV debug: [Bytecode JIT]: emitted function bc47f0 of 240 bytes at 0x6ffea687740 LibClamAV debug: [Bytecode JIT]: emitted function bc47f1 of 489 bytes at 0x6ffea687840 LibClamAV debug: [Bytecode JIT]: emitted function bc47f0_wrap of 21 bytes at 0x6ffea687a40 LibClamAV debug: Bytecode: 47 bytecode prepared with JIT LibClamAV debug: in cli_magic_scandesc (reclevel: 0/16) LibClamAV debug: Recognized MS-EXE/DLL file LibClamAV debug: cache_check: 708ab11f625e429673d258423273ca21 is negative LibClamAV debug: in cli_peheader LibClamAV debug: versioninfo_cb: type: 10, name: 1, lang: 409, rva: 11080 LibClamAV debug: cli_peheader: parsing version info @ rva 11080 (1/1) LibClamAV debug: VersionInfo (d73e): 'CompanyName'='Daynix Ltd.' - VI:43006f006d00700061006e0079004e0061006d006500000000004400610079006e006900780020004c007400 LibClamAV debug: VersionInfo (d776): 'FileDescription'='Date utility' - VI:460069006c0065004400650073006300720069007000740069006f006e0000000000440061007400650020007500740069006c0069007400 LibClamAV debug: VersionInfo (d7ba): 'FileVersion'='1.0.0.0' - VI:460069006c006500560065007200730069006f006e000000000031002e0030002e003000 LibClamAV debug: VersionInfo (d7ea): 'InternalName'='xdate.exe' - VI:49006e007400650072006e0061006c004e0061006d0065000000780064006100740065002e006500 LibClamAV debug: VersionInfo (d81e): 'LegalCopyright'='Copyright (C) 2012 Daynix Ltd' - VI:4c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020002800430029002000320030003100320020004400610079006e006900780020004c00 LibClamAV debug: VersionInfo (d87e): 'OriginalFilename'='xdate.exe' - VI:4f0072006900670069006e0061006c00460069006c0065006e0061006d0065000000780064006100740065002e006500 LibClamAV debug: VersionInfo (d8ba): 'ProductName'='Date utility, free for any use ' - VI:500072006f0064007500630074004e0061006d00650000000000440061007400650020007500740069006c006900740079002c0020006600720065006500200066006f007200200061006e007900200075007300 LibClamAV debug: VersionInfo (d91a): 'ProductVersion'='1.0.0.0' - VI:500072006f006400750063007400560065007200730069006f006e00000031002e0030002e003000 LibClamAV debug: Matched signature for file type PE LibClamAV debug: hook lsig id 1 matched (bc 27) LibClamAV debug: Running bytecode for logical signature match LibClamAV debug: Bytecode 47: executing in JIT mode LibClamAV debug: bytecode watchdog is running