ELF>@x@8 @@@@hh pp"p"hm ``#`#   DDStd PtdQtdRtdpp"p"hh/lib64/ld-linux-x86-64.so.2GNUGNUGNUbI4B:=@! (BE |fUaqX2T3has: m;"i7qo aG8)`^%p_*  y#n0c# \\IS}/}jl(E>BxC{Sv~\TH=*.n K<XJ 5 ZD $  # ## #5#E0# ##q#libclamav.so.11gzclose_ITM_deregisterTMCloneTable__gmon_start___ITM_registerTMCloneTablecli_gettmpdircli_hashfilecli_check_auth_headertext_normalize_initfuzzy_hash_calculate_imagecl_initffierror_freecl_engine_newcli_ldbtokenizecli_filecopycli_hex2uicli_scan_fmapcli_isnumberhtml_normalise_mapcl_cvdunpackcli_genhash_pescript2cdiffcli_vba_inflatecli_str2hexcdiff_applyevidence_newevidence_freecli_calloccl_update_hashcli_strerroruniq_getcli_strbcasestrtext_normalize_mapcl_engine_set_numcli_ac_chklsigcli_rmdirscl_retdbdircli_regexeccl_strerrortext_normalize_resetcl_hash_initcli_ctimecli_wm_readdircli_gentempcl_finish_hashclrs_log_initcl_cvdverifycli_regcompcl_loadreaddb_parse_ldb_subsignaturecli_hashstreamcli_regfreecli_dbgmsgcl_engine_freecl_cvdfreecl_debugcli_free_vba_projectcl_cvdheadffierror_fmtcli_strtokenizecli_utf16toasciicli_ppt_vba_readcli_initrootscli_strtokcli_getdsigcli_ole2_extractcl_hash_destroycli_chompcli_hex2strcl_retflevelcli_vba_readdircli_add_content_match_patterncli_wm_decrypt_macrocl_engine_compilelibc.so.6setuid__stpcpy_chk__xpg_basenamefflush__printf_chkexitsetlocalefopenstrncmpoptindstrrchrwaitperror__fdelt_chkclosedirinitgroupsftellstrncpyfork__stack_chk_fail__lxstatunlinkpthread_mutex_lockselectmkdirreallocstdinstrpbrkkillstrdupstrftimerewindlocaltime_rstrtollchownfgetsgetpwnamstrlensendsigemptysetstrstr__errno_locationfseekchdir__syslog_chkdup2__fprintf_chkpthread_mutex_unlockstdoutfputslseekmemcpyfclose__vsnprintf_chkstrtoulmallocstrcasecmpopendir__ctype_b_locgetenvoptargstderr__snprintf_chkoptopt__fxstatfilenogetcwdfwritefreadrenamesigactiongeteuidlocaltimestrchrfdopenqsortsleep__cxa_finalizesetsidfcntl__sprintf_chk__xstatscanfaccessopterrsetgidstrcmp__libc_start_mainstpcpycloseloglibz.so.1gzwritegzopen_edata__bss_start_endGLIBC_2.15GLIBC_2.4GLIBC_2.3GLIBC_2.14GLIBC_2.2.5GLIBC_2.3.4Pii ii ui ti p"x""""""Ч"""l""* "90">@"lP"4`"Cp"H"R"W"\"a"fШ"k"p""" "0"@" P"%`"up"M""kة"k"k"k"k "k("k8"kX"`h"kp"k"k"l"k"kȪ" ت"k"k"k"z "k@"kH"kX"0lh"k"k"k"Rn"kЫ"kث"k"9l"k" "k0"m@"k`"kh"kx"Cl"k"k"k"OlЬ"k"k"k"[l"k8"k@"kP"s`"k"k"k"il"kȭ"kЭ"k"pl"k"k"k("wl8"kX"k`"kp"l"k"k"lȮ"k"k"k"l"k0"k8"kH"lX"kx"k"k"l"k"kȯ"kد"l"k"k"k "By0"kP"0X"kh"l"8"k"k"l"k"k"k"l"k("`0"k@"lP"lp"kx"k"l"l"k"kб"m"k"k"k"m("kH"kP"k`""k"k"m"kز"k"k"m "k("k8"!mH"kh"kp"k"&m"k"k"kȳ"Am"k"k":m@"kH"kX"?mh"k"k"k"Fmд"kش"k"Nm"k "k0"Zm`"kh"kx"bm"k"k"nmе"l"k"k""k8"k@"kP"`"k"k"k""kȶ"kж"k""k"k"k("l8"kX"k`"kp"M"k"k"k"ȷ"k"k"k"0"k8"kH"x"k"k"1"kȸ"kظ"n"k"k "P"kX"kh"x"l""m"r"l""k""l("0"k@"ltP"kp"kx"k"M"k"k"kк""k"k"H"kP"k`"}"k"k"ػ"k"k"."8 "k("k8"HX"8h"kp"k"R"k"k"kȼ"M"k"k"^@"kH"kX"b"k"k"н"kؽ"k""k "k0"`"kh"kx""k"k"о"k"0"k"m"k8"k@"kP"mp"m"k"k"m"kȿ"kп"k"m"k"k("m8"kX"h`"kp"m"k""k""k""k"m"k0"m8"kH" nX"kx""k"n""k"n"l"!n"k "6n0"kP"@X"kh"Jnx"k"k"k"Zn"k"k"k"mn("k0"k@"xnp"kx"k"n"k"k"n"k"k"k"n("kH"kP"k`"np"k"k"k"n"k"k"k"n"k "k("k8"nH"kh"kp"k"n"k"k"k"n"k"k"k"n "k@"kH"kX"nh"k"k"k"n"k"k"k"n"k"k "k0"o@"k`"kh"kx""o"k"k"k"=o"l"k"k"Go"Qo8"k@"kP"_op"k"k"k"eo"k"k"k"ko"k"k"k("ooH"kX"k`"kp"uo"k"k"k"yo"k"k"k"}o "k0"k8"kH"oh"kx"k"k"o"k"k"k"o"o"k"k"k"o "o0"kP"oX"k`"oh"o"h"k"Y|"\""p"p"k("0"k8"pP"Qop"8x".p"1p"k"9p"k"Up"k"x"k"^p("kH"P"kX"hp"tp""p"p"k"p"k"p"p"k "X("k0"pH"kh"p"kx"p"p""p"p"q"8" q"t"u0"8@"H"8P"qX"%qh"k"("6q"9q"Cq"p"k"Nq" "Zq("lq`"Ph"}qp"q""q"q"k""k"q"l8"@"qH"q" "q"q"l""q"q"Qo""q "q8"lX"`" rh"r"l""r"{"l" "$r".r"l0"X8"#r@"'rX"lx""q":r"l"`"Ir".r"l""Mr"Qr0"lP"0X"Ir`"Zrx"l""q"z""fr"ur"r"l("0"r8"rP"kp"rx"6q"r"k""6q"r"r"k""k"s("lH"(P" sX"sp"k""k"'s"4s"k"`"6q"Bs "("Ms0"jsH"kh" p"kx"ts"k"P "k"s"s"k"s"6q"s "k@"x H"6qP"sh"k" "6q"s"k" "6q"s"  "A("s0"n@"k`"` h"kp"s"t"t" "t"+t";t"l"` "Lt"Rt"ct"k8" @"6qH"utP"t`" p"t" "t"t"t"("X"t"t"t"k""k "t("tX"0`"th"tp"t""u"u"u"k"0"k"!u")u"k0"8"k@"2uH";uX"kx""k"Eu"k"X"6q"Yu"n"k"P"k"lu "o0"kP"X"k`"}uh"ux"k""k"u"u"k""k"u"u"k("P0"6q8"u@"vP"lp"xx"r"+v"Av"l""r"Vv"k"@"k"pv("kH"P"6qX"v`"vp"k""k"v"v"k""k"v"v"k "("k0"v8"vH"kh" p"kx"v" w"k""6q"w"*w"k""6q"=w"Sw "k@"H"6qP"kwX"}wh"k""6q"w"w"k""6q"w"w"k" "k("w0"w@"k`" h"6qp"xx"x"k"p "k":x"Bx"k" "k"Kx"Sx"k8"`!@"kH"\xP"hx`"k"""k"ux"~x"k"""k"x"x"k"X#"k "x("x8"kX"$`"6qh"xp"x"l"$"x""x"Qo"&"x"cz"tz"Qo0"8'8"q@"H"xX"lx"("x""x"l")"Lt"y"y"Qo"*"%y")y ":y0"QoP"+X"%y`"Lyh"Zyx"Qo","iy"ly"y"Qo"-"y"y"y"Qo(".0"y8"y@"yP"lp"/x"y"y"y"l"(1"y"y"y"l"H2" z" z"z("lH"3P"-zX"4z`"Fzp"l"(5"Zz"_z"oz"Qo"6"q"z "H8("z0"zh"9p"zx"z"0:"z"z"k":"6q"{ "l@"@;H"2zP"{"p<"({"1{"Qo"<".p"E{"k"(= "6q("X{@"k`"=h"kp"k{"k" >"k"{"l">"{"{"l8"H?@"qH"{`"l"@""{"k"(A"k"{"k"k("{X"k`"kh"{p"{"k"k"k"|"|"l"k"k"|".|"k0"k8"k@">|H"H|X"kx"k"k"S|"\""a|"x|"~n"|"XB"|"| "|0"lP"BX" r`"|"|"C"|"|"XD"|"|("D0"G8"|P"lp"0Gx"r"}"k"G"k"}"k"G"k"!}("kH"HIP"kX"7}" J"E}"U}"J"E}"e} "J("hK0"w}h"Kp"}x"}"l"}"}"}"K"}"}@"LH"lP"}"HL"m"}"}"k"L"k" ~"~"(M ".~("6~0"E~`"Mh".~p"V~x"h~"M".~"|~"~"XN"~"~"l8"N@"qH"~`"l"O"q"s"k"PO"k"~"~"k"O"6q "~8"kX" P`"6qh"~p"~"l"P"x"""k"(Q"6q"'"<"k0"pQ8"6q@""H"RX"kx"k"k"Q"w"k"Q"6q"\"w"k"hR"6q"x "#x0"kP"RX"6q`"uh"x"k""6q"""k"@S"6q"("k0"k8"p"kx"k""k"k""k"k"H"kP"kX"p"k"k"k"+"k"k"k"C"R"k "k("k0"cH"kh"Sp"6qx"|"k"k"k""S""@"xVH"WP""W"}q"΀"X"q"߀"XX "pY("@"YP"`"Yh"p""Y""Y"" "","x[","28"]@"<H"I`"Sp"6q"]"j"r"`_"""`"a "X" b`"h""b""ҁ"b""܁0#`d8#e@#x#e##Up# h###k#h#k#0#kP#kX#k`#t#k#k#s#k#k#k##k(#k0#k8#sP#kp#kx#k#Nq#k#k#C#k#k#k#(#QoH#kP#kX#p#l#k#k##l#k#k#Yu#k #k(#k0#xH#kh#kp#kx#v#k#k#k#2u#k#k#k#v #k@#kH#kP#uh#k#k#k#q#Qo#k#k#q#k #k(#q@#l`#kh#kp#p#k#k#p#y #0#@#P#`#p#p##p##ǂ#Ђ#ق#### #0#tp@##"###u#### #0# # # # # # # # # # # # # # # # # # #( #0 #8 #@ #H #P #X #` #h #p #x # # # # #! #" ## #$ #% #& #' #( #) #* #+ #, #- #. #/ #0 #1 #2( #30 #48 #5@ #6H #7P #8X #9` #:h #;p #<x #= #> #? #@ #A #B #C #D #E #F #G #H #I #J #K #L #M #N #O #P #Q #R( #S0 #T8 #U@ #VH #WP #XX #Y` #Zh #[p #\x #] #^ #_ #` #a #b #c #d #e #f #g #h #i #j #k #l #m#n#o#p#q #r(#s0#t8#v@#wH#xP#yX#z`#{h#|p#}x#~#################### #(#0#8#@#H#P#X#`#h#p#x##########HH^"HtH52Y"%3Y"hhhhhhhhqhah Qh Ah 1h !h hhhhhhhhhhqhahQhAh1h!hhhh h!h"h#h$h%h&h'qh(ah)Qh*Ah+1h,!h-h.h/h0h1h2h3h4h5h6h7qh8ah9Qh:Ah;1h<!h=h>h?h@hAhBhChDhEhFhGqhHahIQhJAhK1hL!hMhNhOhPhQhRhShThUhVhWqhXahYQhZAh[1h\!h]h^h_h`hahbhchdhehfhgqhhahiQhjAhk1hl!hmhnhohphqhrhshthuhvhwqhxahyQhzAh{1h|!h}h~hhhhhhhhhqhahQhAh1h!hhhhhhhhhhhqhahQhAh1h!hhhhhhhhh%N"D%N"D%N"D%N"D%N"D%N"D%N"D%N"D%N"D%N"D%}N"D%uN"D%mN"D%eN"D%]N"D%UN"D%MN"D%EN"D%=N"D%5N"D%-N"D%%N"D%N"D%N"D% N"D%N"D%M"D%M"D%M"D%M"D%M"D%M"D%M"D%M"D%M"D%M"D%M"D%M"D%M"D%M"D%M"D%M"D%}M"D%uM"D%mM"D%eM"D%]M"D%UM"D%MM"D%EM"D%=M"D%5M"D%-M"D%%M"D%M"D%M"D% M"D%M"D%L"D%L"D%L"D%L"D%L"D%L"D%L"D%L"D%L"D%L"D%L"D%L"D%L"D%L"D%L"D%L"D%}L"D%uL"D%mL"D%eL"D%]L"D%UL"D%ML"D%EL"D%=L"D%5L"D%-L"D%%L"D%L"D%L"D% L"D%L"D%K"D%K"D%K"D%K"D%K"D%K"D%K"D%K"D%K"D%K"D%K"D%K"D%K"D%K"D%K"D%K"D%}K"D%uK"D%mK"D%eK"D%]K"D%UK"D%MK"D%EK"D%=K"D%5K"D%-K"D%%K"D%K"D%K"D% K"D%K"D%J"D%J"D%J"D%J"D%J"D%J"D%J"D%J"D%J"D%J"D%J"D%J"D%J"D%J"D%J"D%J"D%}J"D%uJ"D%mJ"D%eJ"D%]J"D%UJ"D%MJ"D%EJ"D%=J"D%5J"D%-J"D%%J"D%J"D%J"D% J"D%J"D%I"D%I"D%I"D%I"D%I"D%I"D%I"D%I"D%I"D%I"D%I"D%I"DAWAVAUATIUSHdH%(H$1n!1AQE1A jL1jAZA[HHrH5H x t fM"H5Hx t fM"H5Hϫx H5 H趫x H5eH蝫x H5QH脫x H˫@@1H=( ǃtH5 H1H$dH3 %(H[]A\A]A^A_1輛HT#H5H٪x tHH{@1JIH1mFzH5) 1]H5VH|x u,H5WHgx t.H{@1JH{@1IH59H$x tH{@IH5Hh tH{@IaH5Hũx FE1H{@ H$l$HD$HD$@HD$ HD$`HD$(LD$ HT$(L L$APD$oL LPD$vPD$}P$P$P$P$P1D$LT$HFH@LLT$H5 1H1LLH|$@HIHC@N,0MHD$@1L1HD$`_ŃHT$ƿcADž5H$ HHT$cHT$HIHƉH<H$ H9L5H5H1L7H|$@AHtRtED$H|$@LILH5 H1y똉뺋l$H5Hfx H5HM1Hx1 H5pH߉Ń&11HHIHH1H51LAT$`1oH$8 LILH5H1LHT$H5oHH1jH5Hfx H5HM1L`1LŃ_HH5IHL11IHHPXH-1b1AH=sD$ Ld$@LE1L9LLLmHt,HT$P|$LItHNLM;uXu1|$LLAU`H5H7x LH5H1Lh1LŃI1LLHHHxIHMHH L1L$L1ALt$ADžyLIHLL1DH513>H$8JLI/LH5H1ֿH5Hңx H jFHL$1LLDHHHPHLH$8LHHH5/H14H|$@HrhH5HD$1=|$4LLLAU`HT$vH5Hڢx IH5Hx 0H5H訢x SH5H菢L`L#LHH1H5/1TH}-fH:HU11H5 &U11H5U 11H5U11H5HU(11H5ٽH5HڡH5L`L,HH5LŅH5111|HdLH5f1RLDH51(D^$H5cHP1LHD$1H5ݼL5DLNLHL$GH51藼LLAU`l$H51eLLAU`H512hLH51>LH51{H51Ȼ`LH51譻EL=H511舻 HU11H5oHU 11H5[H51@H5H<x$mH5 H#x$ H5HE1L`LH$LŃfq@"$%=@H5'Lu]MLDI1LLHǃH5H1;1L<1LLH511H5 HH5dHLhL`LMMEH5FH趝x$tZH5^ H衝x$H5HLd$@胝LHp"t=H5/11KH5HGx$x^f>"sHILHLXL H5 HLd$@H5hHHhԜLHpsMfV>"HIHDH5' H蒜x tHt^ H5Hnx uH5HYx |H5HHD$@D$8D$<'Dp E/H5HAL`1L1Ń1IHH:|IHt~LHL$8HT$@E1LD$LLCtnLWH5(1贴LH5 H谘h tlHC@HtJH5` HH(L%5"臘HxHLh?LH51KH52H5 H.x 0H$H9"Ld$@H|$H5 LHLhMT1L1ADž11vHT$`DL1DH$IHIH HǺ1LXIF`RH=E1jE11H5kjH8RHiH L#LqL$ 0L$0H$ID$DH$hH$ pP$H\H$@HW$LH|$1Hk0HIUXLhHPL$PGH H Hc H>HC@H5_H1 LLLULMLH51ұL*LLRH5n1袱LAU`MH$@HtH$HtMtLADH591=뙉H5Z1&낃zH51_H5j1DH5'1а)H51走H51蚰LH5[1E1yH5X1^AH5SHWx H5:H߽9H5L`LHd1L1AŃ. D!vLA(gH5+1路LLH$( dH3 %(HuCH8 []A\A]A^A_fDEuMHH5U1QH1 AWAVIAUATIH5USHpHH:HH-H H^H&H= H=H/LrHHH5LE1HD$L=HHH?MuJA;#tپ=HdHLHHtHH5O11HE111HL&vHT$HH5B1ب[H5=LL-RfHHHwH;#tME111HLuHT$HH51UH5LDH5L-H5LH5LH5LiH5LRH5LAŅ8H5qLt|HHHtgHHHtR;HHHM$E111HLquHT$HH51'HE1HmHD[]A\A]A^A_HL114@H8Hp1yHHH0AŅaHLUrLHŃHOHUfH5LQE1fDHHHHMujA;#tHJH]IHH5VHHt1LH51ǥLzf.E111HLVHT$HH51耥;LDH5VaHAH9H5L7H5L H5L H5LH5pLH5^LsH5LL\H5:LEH5(L$E1L=HHH4HMA;#tLL/;H:HH5sHHtHH5!11rLDH51YH5A訣HH8L1AH5weLH501AYH1H7Hڿ1AH5(HL1AH5HHOLH5"֢pH51A踢HPH51A蒢H56L~O:HJE111HLHT$HH514HH5V11HHdff.@AWAVAUIATUSHHt$HTHH-L%HHH8tLpHLtϹLLtH5LbuH5LOLLII|ZIHNHǾ1MMH H;Ht$L:L=HH%@H`1H[]A\A]A^A_DH5LJH5L3H5LkH5LTH5L=H5L&H5LH5LH5LH5}L{H5kLdH5YLMH5GL6H55LnH5#LWH5L@H5L)H5LH5wLH5LH51轞HULH5D$1葞LH!L$LH51bAWAVAUATIUSHHt$LHHAHIč{DkH1Jthf%fHH9uHHi1E1L5f.E\Dftaffftd҉H5P1lH1LHH[]A\A]A^A_DADDHCI9t;HsDfo5}AHfPHCI9ufHD$LD8@fDDAH 1HHAwDAL1HHAIDHHmL1H51@1@AWAVAUATUSHHXHt$ dH%(HD$H1H(HI HHH8HwIHID$D$MHD$HD$DHD$L$$LeEE1L9d$w }!Ht$LIHuWML$$H5xL1JLLHL$HdH3 %(LHX[]A\A]A^A_@|$T$DHLHL\$NEt/L1<)tTHt<(uHuL$$H51E1蝚LLNt }LBLH=zH;,$LǾ(LD$(;LD$(HHrHt$LL$$IH|$T$DHHLHLM'LHD$ yEA%LH={uVzH;,$ED$HLEforDLHt$ HIH=\L7zH;,$D$HLEfoAT}@_LEFfDH@L$fDD$HLEt"fo@GHT}@L$Zfo@D$AD$HLEfoH_RIGHT}HpL$ H571E1 H5D1E1L]D$HLEfoM눋D$HLEfo@ATIVHG_ALTERNHpE:Afp@E1Hl$0LD$8Lt$\$(D(AIH5LIHAInA(tA)t A<$LIHZLpDLH|$HHILEL)t'|fHL$DA|Zfl$(Ht$AEL$(B.}AA)&fHL$0DD$(HD$HQH9r A~!foB@IVE:A@A(D$HLEtzfo~@FT}L$fo@HT}D$foDl$@IVE:@ACfo@HT}D$foD$zfooE:AFHG_ALTERNHHA@ATIVfP@L$$H5ɴLD$8Lt$L\$(HLD$LD$HIHLD$(DLHLHHAL^AEC.}D$LD$(L$$H5(@LD$8IAsMLt$L$$H5LMfo+AT}@fDPD$RL$$Lt$H5fo"T}@fxD$H515LLL$$HH5dAWAVIAUATUSH8dH%(HD$(1:/LHAHHL)Hx/HzU9v0 HA9v A</upA<6\tHHHH$9;L}H)H+$LHCHD$ IHsHLHH$A,HxIH_K4>L<$HLH|$CD=H{IHH$HSLHtLADL1H561茒L11H57y1L1H58fLLL1HL$(dH3 %(H8[]A\A]A^A_fLH511 L11H511H51L@L81@{LHLRHD$HOCLE1ItfDƒ߀[t<*uAHH9uEA HD$$Ll$E1E1$HD$LA9tHH胿1+H:AAA[@*H9rLLjEEE9xDDH5ñ11貐Ht$HuHHT$$H舾HA9*$|}LH-LHXbH1H9LHHHD$HL$41HϺ HL$QHL$AH9HL%HHHD$LD$1LǺ LD$LD$ALHxL¿HA9H|$1H5131@[L;HX*L%HtSLI|118*@HH9utAtL|$$]@LH}IH$T$$H萼LA9vH5o11sHA9sH`L譾HHu1H50fDEE\DH5\11DfDH511LݍE1E1yf]LHdH|$ZfDLtں 1LAƅxAfD$z@$j@DH5&11=DH5V11fE1/E11H5H|$;H)H|$iL H|$MHH|$11H5VjH¿ Ht$$LHHT$$Hƿ.H膿1H5@1H5LILA1H5Sċn1H5觋Q1H5芋L,1H5Qe8AWfIAVIH5tAUATUSLH(dH%(H$1L$PLd$0)D$LD$ HD$HLH1֊11H$޿Ǽ11H$HHHH HǺ1H CHC`HE1E1ATH WLH5jH8jH JHBAąH$*0D$H$hHD$H$HH$H$pP$蒹H$H$H11ALHRHHHUXHhHP1H$jLL$FHD$ZYHfDH@AHuEAHODL2HNLDMH fHDH5T11Ld$Mt%L-UAT$L11׈Md$MuH5H11轈H|$1Ht'@HGHD$H|$HuHtHU`H$Ht˻H$hHtHtHܹH$dH3%(H([]A\A]A^A_H51 H|$H_wH51DH5٩1͇H5q1赇H511裇|ff.AWAVAUATUSHH $HH $HhdH%(H$X 1Hm-HHHHxHUHDPE/HLl$0迹L LHLH LD14H,H5;L IHH\$PH¾ H H* H=FH@@@Lt$L=,L H»HtUHźLH߾:@tfHt$LtL1H5L萷H$X dH3%(Hh []A\A]A^A_H|$1HtqHt$ HHD$HL$utH*H5ͧ1vHθyLH5ǧ1PLSHH51*-HH51 HL$H_LH51H5T1Ƅ蜷ff.AWIAVIH5nAUATUHSHdH%(H$1fL$H41 HHHIJAŃM5HL߳L$LҲHT1H1ݳAǃH蹸AŃt$DAŃDHLAyHhHEuMLHH511\H$dH3%(DH[]A\A]A^A_H5HfD$HH5AHT$ H޿訴JLIHH$Lt$L$IHD$LLHH8tLxH=aLt˹LH=CtHIL-1AWH|$ 莱L1ILL<$gXZLH|$([GHIİL|HLH51ÁHA藰HNLLLt$:HLH51hHH5ѥ11PHH5A1E2H H肴1HH5LߵHίHFD}HH51ÀH5 1A誀IH5t蔀LH551yHH51^H足LH5osH1H51gR1H5ƤH111H511H5111H5q11H511H5Q11H5!11H5Q1H511H5ۥ1t11H5d11H5yT11H5D11H5411H59$11H5q11H511H5~11H5)~H5e11~11H5~11H5~11H51~11H5y~11H5ɩ~11H5t~11H59d~11H5iT~11H5D~H5114~_1H5&1~11H5J ~11H5}11H5ګ}11H5}11H5Z}11H5}11H5}11H52}11H5r}H511}}11H5m}11H5*]}11H5M}11H5ʮ=}11H5 -}11H5R}11H5 }11H5ʯ|11H5|1H5D1|1H51|H5ΰ11|H511|H5611|H5~11|H511}|H511m|H5611]|H5v11M|H511H9|fAWAVAUATUSHHt$ T$dH%(H$81HHH0HHD$PI1E1H$H$pHD$H$HD$ HD$0HD$( DCH4HL<HH$GD$hI%=ut$ J,:H|$1f1)D$0HHD$@!AŅ11DHT$ DH1DH$IH2HH HǺT1HZHE`HE1E1H jHjH8H5Q1PH -H茮H$w0D$4H$HD$(H$HH$H$pP$ߩH$H|$11LHRHHIT$XL`HPH$L$AT$hH蟯1Ƀ|$ T$H|$1袭GH561ZyD$LAT$`H$Ht蘬H$Ht趬HtH詪AtDKIL$H…IJ8H5v1xH$8dH3%(HH[]A\A]A^A_@H|$豬H51xD$&t$HHIH\J<8茮$H1IH5d1/xH臫Io|$ T$H=!1BHHH1H51wH;1H5I1wD$bH5M1wD$BH=FIH5߭J81lwH51TwD$H5h14wD$H5(1wD$HH551v1D$H511vD$vH51vD$NH5vD$0D$#H5n1_v{H51Dv`D$ff.fAW1AVAUIATUSH(dH%(H$1ŃH\$E1E1LcHމaH~:HDL@HAH9tɀ8 uA9DLfDt2Ao谬H$dH34%(uUH([]A\A]A^A_HD$L1H5í.ugHL$LH51uAWAVAUIATUSHXHt$(HT$ugLjHHtRH|$(SHHHHHHL\A1E1H|$(AA9DLEt$IcHHD$0dIHH|$0NHHH|$08HHAGHL$(H|$H1袩H|$(H5<HD$H[LH5AD$IŸDOMcJD%HD$@K'HD$8fDHT$DHШHHڋ H!%tDHJHDщ@HH)ڃvB< < HxMLDLQHHLD$KLHHLE1͟HD$ .fDAHAt&HHЦLDHڧHuHt$ 1L&AHD$8 LWHtL$H|$IMH1ݧB< HT$(1H5xqMtLnH|$dLHH HX[]A\A]A^A_LE1%H|$H1H":DH|$Hپ1HL%Mt~H\$ \$Hl$Hl$8DL荥E LHtH|$ML1諦LDL=HuLH\$ Hl$VHL$H=p˧LHHH|$HX1[]A\A]A^A_Ht$ 1L!HT$0LH1HD$0L|$ H\$HL|$@DD$AĉDA9|A HHtH|$H1پI覥LDH8HuL|$ H\$HDd$?H|$AL$!H11[H߉D$ڢHҢD$LLl$H=LsL蛢HH-߽茢L|$(L1HLޤLLH1ŤLd$LH#fDHXHHL1蓤LDH%HuHL$H=jť\$L|$ H\$H 1H5|jnL¡HT$(H5Bny1H5 *ny1H5O nLeH]LHT$(1H5mH3$ff.AWAVAUATUSH8H<$H|$ Ht$HT$dH%(H$(1H|$JHH|$H5b谠IHH|$*H|$WHHH-L-L$ DHHHH8tLxHLtϹLLtH1AWLL$LL^L_LLuH|$$X $L $H|$H $HءH<$OHHH-L-L$ DH@HH8tLxHLtϹLLtH1AWLL$LL}L虡ZYwLHLL16YHLHT$11H5];kH|$1Ƀt+H$(dH3%(H8[]A\A]A^A_HT$1 $H5j $HT$H5ӹ1j $SHT$H51juH5zj\HT$$1H5pkjL $1H$H5P1DjLܛ HT$ATL%,UHSH1hH9vD1L1iDfD]FH HX@H5!1d=HHb Hh11HH5BdAtHD11[fD1H5 1dHHT$@11H5HtddHT$HHHH5HHD110d11H5t dH|$PHl$PHH?-HHHL$ -HғUH|$ 诙CH|$(蝙1HL$(HT$ 11H5{cHT$X11H5fc11H5VcH|$`LHl$`HH-H8H9HL$ -HH|$ yH|$(ӘgHL$(HT$ 11H5b11H51bH|$h藘THl$hHH-H胐HiHL$ -HSH|$ 0H|$(HL$(HT$ 11H5aa11H5aH|$pHt$pHcH5g1a11H5^aH|$x薗mHl$xHH-H肏H4HL$ -HRH|$ /H|$(HL$(HT$ 11H5``HT$H H=Ht H=H1L$HL@@@H5m11`fDH|$@ Ht$ĔHL$@HQH9T$Hv HHT$X11H5,+`HT$@11H5+`HT$H11H5/`HT$P11H51_H5911_H|$PHT$`11H5+_HT$h11H5._HL$xHT$p11H5,|_HT$PH511[_H5ű11F_fDHT$P11H5 +_AHHT$PH=HH|$XHEDH1H5S11^H511^H5;11^pH511^[H5ڰ11^FH511v^1H511a^H511L^H5k117^H5P11"^H5711 ^H5k11]HT$`H511]TH5[111]H|$XHL$hHT$`11H5]Ċ1LHܑu dH5T11\]1eHT$`H5}11@]HT$hH5c11&]%HT$xH5I11 ] H|$p1 VHKH5H?HD11\H5N1\H51\"H51\H5m1|\{H5Z1i\iH51L\WH5h1/\:H51\H5[H51[H511[H51[HT$pH5811[H5}[H511e[p;H5\1E[PH51*[5H5N1[H5[ZH5–1ZH51Zff.USL$HH $L9uHH= !dH%(H$1H認%H؎<$t(HtH!H蟏Hu1H$dH3 %(u H[]fDAUATUSL$HH $L9uHdH%(H$1H@H5UH=H5HxIHHC@1H81tAŃH#H<$t'DH'ŃtLH谎Hu1DqLɊH$dH3 %(H[]A\A]H5ӕXH5H߃<H5zHP1XH5WHD<H5OHP1XL0bffDAUH5<ATUHSHdH%(H$1a<DP$EH5 HE<@ _H5HH(<HHpƄ$HGGH5ãH蛇I1H$dH3 %(H[]A\A]H5jH;H5cHL`;x V)H5AHIy;MH@MDHWMPL&H߾1薆H9AXAYtIH5H";MHRLp1KHY^ulL0&)H5HI:MH@J1HڿH5ϓV1HڿH5ptVH52Hm:LH5NHP1CVL蛉bff.AUATIUHSHkH5HIʼnt0A]HLOHcHÄAH[]A\A]H5H贈uH5H衈uff.AWAVAUATUSHH $HH $HxH5uH|$HdH%(H$h&1D$lH9x uH5:H29x H|$H5ѧE19p$H$H5蠆AŃL|$H5H$0L8HH\$Hx HH=3H5LD$TD$>8@ D$PD$?豅HHHT$l`HH=! Aą0H蹅D$lD$8|$>|$? D$8E1HD$L=l!Dd$ HMH$HL|$IID$H H$MIP$H1A $XZtH胉uH3AH|$H5a7LpOH5Y7SHD$HD$H@@H H8H5 u HD$H5H@@H8HD$H$PHHt$0H@@H0賁Ƅ$OH|$0aHD$HHHt$HFHDf D$ D$p贈T$lH511pRT$lD9e Hl$xH$PHClamAV-VDŽ$XDB:HH$PaHH$!H5åIHL H膂HߋH!%tDHWHD@HH1DD$pH ]HH1πHߋH!%tDD$lH %DHWHDH@ƾH1xH|$H575HߋH!ʁ tD@€DHOHDH @HH1H؋H!ʁ tH=t€DHHHD@HH)AHX:X:@H H$p!HHt$(H@Ƅ$HߋH!%tDHWHD@Ht$(H}DD$xH ףHH1LL$H$P HIHD$ 1LP L譅uL!~H|$ H5ǂIHHH1H"2D$8Ht$Ld$tH\$@HLl=fDD$tHMIL1H6΄ HHJL9t\H}LHHuHT$ H51NLQH5"1NHt$D$8HH,H|$H5H\$@2x   HL$AQPLl$ L1LqH-0g!M}AZA[HD$tH\$XHD$@HH]HH 1S LML7}H[ZH=tL较uHt$@LݡHHDD$tIL1HL@HKH\$XH|$H53U1x LH$`zH=/IHuYfHLszL HD$tuH$LHcH|$H5ܟ0Ht$(HAHx &~HHHL1HQHL~DH=GƄP HD$ H H|$ H5r+IH HDHƿZAŃ|$>|$?L=d!H+Ll$H$L5DIIGHfHMM$P$H1zH螁_AXuHL'ZuLA臁H\$ HyH~D$8t+Ht$HHlf.H;H~H9uH|$u~H$h&dH34%(DHx&[]A\A]A^A_Ã|$Pt |$8D$8L|$LMtDIM9&ILKYuLA諀H\$ HyH}fDH}H}L9u:Lq|$8t$Ld$Dl$81fDIHPLL$ 1uZYHH|$0HHAKuHyA H\$01HHHAuAnH|$H5;1*Ht$(HHPPsDAED)H511EDLHHHD fX:@LH51AELCwH\$ H&tHxL&wLtdH5E11iEH$pH=<HD$(H1KyAŃH5Є1,EMLLDHúH$PHD$0HIMAS1t$?tLz]A]H|$0zHxDd$ DD$lE9tHT$D1H5FyDH|$H5x(H@.EtT$lD9D)9H5@1,DHt$D$8HH, H;HnwH9uH|$A[wH=ϏE1L=yHD$HHu.f.H8LHxHuHAyH|$HtDH zH=y_E0AuH|$t$8H yHD$HH=gDyHt$HHHH=>"AŋD$T D$PYE1QML't$H|$@1 r^_ APML1t$H|$@qAYAZD$T D$P~Lx HXLH[uAuH|$t$8HwHD$HJHHD$ xHt$JDl$8HMHl$ HH H;HJuH9uH|$A7uH5H1AH|$H5o'%x H|$H5%HxH|$H5Ӕ%H@D$pHLPAŃk|$8n|$T=LNwH521ALrHftPH5]11@Ht$pH=P1tAŃNH5?1@Ht$D$8HH, H;HtH9uxH511@mH5C~1A2i@OHD$H5H@@H8Ls[H5u3@Ht$D$8HH, H;HusH9uDl$8HT$0H5M1?p6H;H.sH9u91I9H$LYHnHHntnHnH51o?UH5|1AS?9H5W1H\$6?LpLT$LrkHH51?A6mH5|H1>HhpH5T|1>HT$ H5g~1>H\$ H5j1H>HqHt$D$8HH, H;HqH9uJH5~1@>Ht$D$8HH, H;HqH9uHT$ H5BH\$ H5+1H=HAplH8qH\$ H51H=LPoLH5d1=L0oH\$ H5~1v=LsH\$ HkHpHt$D$8HH, H;HpH9uH5{A=H\$ H5j1H<HkHLpLtkH5}1<HT$ H51<H5+~1<L/nH\$ HkHo`H5zA`<FHT$0H5~1C<HkHAoLj HH5(~1 <H5}1A;L{jnLqH\$ H\jH$oHt$D$8HH, H;HoH9u}H5y1A;kH5yAk;HqIHH H}HnH9uZH|$0jLiLH5Y}1;HiHbnH|$0AiL|iHH5|1:H5|1:f.ATUSkHH HǺj1HmHC`HE1E1H gjHjH8H5Q1kH HKnK111&qIHJiHHGHX0l0HEHHExHE0pPuXiHEPHU\HRHHIT$XL`HPLe`RiHE@HtIH@ f.H=ynH1jH[]A\fH=nfH=tn@LAT$`H}@HtjlH}PHt\lHTlfH=ّ4nH[]A\@H5A1elH=֓n[H=AmLAT$`;ff.@HSHHPHt|C\u0KDHP`S\H{PHHRHHDC\tH@HHDHuŋC\C\uHGHtHP`H{PHGRkHCPH{0Ht liHC0H{@Ht &kHC@H{Ht@kH[kff.@AW1AVAUATUSHH|$ H׉t$4H5HT$( dH%(H$1HD$LIHD$8fT$LHD$PHD$kfHt$(H|$ mIH4DX8EHD$H@H$HT$1DH L$HL$EMO(ISLؑHL$H41e1H1Ƅ$AYAZHfAŃtaIGHT$DB4 eDIpmMtHD$HT$A9W8LcD$LPT$LHl$XLD$8H|$(HH5 eÅCD$LH$PLHt$`LL$01dƄ$1^1_H eAăt51bIHtt$4H;LcL[hD3lD$LD$LpLD$8H|$(H H5+BdÅD$LL$H-͎PL܏Lt$`LL$01c1L1Ƅ$ZYMdAƃbIH@81ۅ~rDIEDHD$PHIE  IE4cHt8HL$PHHqiHIHD$PLA1`L-gHA9]8DjLaD$LD$LH|$ hHH}L%cL-^Lt$`HhHH8tHhLHtϹHH=tH|$ aHIwaI|bLD$ ILHIǾ1H$bLLitD$x%=@LfHgH~IHD$Lp@MA,$|$49HcL|$8Ll HL9IDT$@EDL$ MHHkHČ!H81]AH!H=pHBH|$XHD$DL$@EDL$ MHHxkff.AWAVMAUATEUS1HxHt$L|$0Ll$(H|$T$ dH%(HD$h1H-!LL$(HD$0H0(fH4!u EtDt MHHAHHHuHHHuLt$IML|$(LLHtuHcP,H5!H HH ʋQ4EtAt DHLL8L|$(LL0Hut$ HL$HofDL@(LH LLHHAR@0PK_AXH!H0T$ HHoH!H81$?_L$ HH9oHL$HjHL!H81>L|$(LxHt$hdH34%(LHx[]A\A]A^A_H!?E1H=gH?H|$(%Hԉ!.H=CnH?L|$(yHqIHtYA0H\$@H߃҃7Ht$11E1Hs;H߉i:HL$H-kAFHuQH\$H5 HH:t~H=HtdH5H:1HD$HT$Ht$H|$(=Ll$(}HuH|$uIF(HD$HD$H|$t~H|$ 1;HD$HcZ4H|$HHtG1Ht$84;"HT$8HMtl`tuKHL$HjfHD$1H!INHfiLD$H81jH߉HL@7|$11MHL Ā3xH|$Dl$D$DLd$ Y6T$DH|$1H|$(H|$H4H|$Dl$Ld$ 6HX5IHrH\$(LL$hILH$HD$hHD$pHH$D$l0HD$xn1ADD$@x Ld$HL4DD$@7H|$0H|$(H|$H3O3ff.@USHH!f8uAHr!H 5H-!H}Ht 1HEHH[]_0s1븐AWAVAUATAUHSHH$PH$XL$`L$ht@)$p)$)$)$)$)$)$)$dH%(H$81H!!f8t1H$8dH3%(eH[]A\A]A^A_HA!HD$D$0L0H$0HD$ H$@HD$(T-IIIHt$(1fDHI9vX|%HXuTls>f T$/T$HXH HI9wfIIAL|$0H$LL$ILH$0HLD$HD$ H$@D$0HD$(.AA0H!f8u#AALL0@H~!L90HIBH<$04DT$T$HHX@T$/wo׃T$HH?HXHsHt$H $+H $Ht$HT@T$/wT$HHX3HD$ H|$ HWHT$ HD$ \DHD$ <DHm!f8u H}!L0LH L1`2L0H$IHtdI]#L/H!f8H!f8u H[}!L0LHL11RfAL|$0H!f8*.AWAVAUIATUSHHH$H$L$L$t@)$)$)$)$)$)$)$ )$0dH%(H$1&uH!f8H$LD$XHD$`H$D$\0HD$h^)IIIHL$h1AHL9sXA|%HhuATlsdf3T$X/T$XHhI HL9rMIAAH$E1LLL$XMH$HHD$XHD$`H$D$\0HD$h*BD=H=+!.L5!I6HtL=!I?L-!I}H!D0H!f8I}RHHw,fEDHz!f8H+!f8-Lt$L$Lh* LL'L H!%tDHJHDH@H5H1L)ƄLH0!f8H=~!)MtL,E1H$dH3%(D[HH[]A\A]A^A_fDT$\T$\IHht@T$X/փT$XHH>HhHGH $v&H $I2f.T$X/w?T$XIHh H}!f8I}+DHD$`Ht$`HVHT$`nDHD$`DHD$`$DL+IHdM~HHT$p)bH$ML9NL=|!L-|!fA?u?I}Ht-H1,IMaH=V .fA7I>(%HpH4$Hpb&IH1'H|$HD$HD$ HHD$%HI6LO(LHL$HH)HxH4$&I}Ht 'IEI>L%L)SfH{!f8ef.Hx*VHHQl1o(f.I>H,A1%Aǃ_H5Qy'IEHDHv!f:f1ҹHL|$ D$"fT$>fL$ HD$2D$:'L12$AǃI}2fDI}'(jfHL$L$HH $%H $ LH##L H!%tI}DHJHDL@ƾH1L)ƄH &*I}HH1*I}>f.HH51 9AAH$H1HN|& Hy!f8HH1i)I}H_y!f8H1H&1&y 8_H=('&S H$8H\*I1HH5` H=y!7#ME3q!AWAVAUAH=ATIUDSHHhH $LD$H1A++Hp!HHk!DE9"McNJHD$A<-@+@-u DIE9cNAMc<-uAxtHBk!ALHLD$H $DD\$D0D\$Hk!E9Hc0EFHD)LH NLD9~AGHH@HPHHPH9uILLHHE9|E)Hj!AD*AxDH}j!ADE9} Hej!D(Hh[]A\A]A^A_DE<$A:A4FըaA:THcƒE<A:D=fAx@-I@NHn!8-taAxuZf.HcrAtAHcA :p;u Wb9uHhLHD[]A\A]A^A_1Ax-@ID@D0HD$|$@A=*E!GH A=tE4HEuT$DH4$LLL$HMD$D+D$@D|$'1HLD$(HD$PD\$0Dl$4IH\$8LLd$XIĐHL9HcHI\HuLD$(D\$01E1D|$'H$Dt$(Dl$4H\$8D\$0Ld$XLt$LD$Hh D|$'1L|$PH|$HDl$4IH\$8Ld$HE̐LLEuDI I}AHuډD|$'Dt$(LD$D\$0Dl$4H\$8Ld$HgHg!?FHg!AH HDHEg!H81Hsg!DH]g!ADH6l!LLHDH+g!DJHcA<4:D$@D$DHt$LH9D|$'LD$(D\$0Dl$4H\$8HcH$HH‹BA=HD$Ht8HBjH(Hof!1DHcf!AD|$@ HAf!?H/f!AH H*DHf!?0tH LHfHe!H81@He!DcHe!ADE9|IHe!1A:@ŋl:1LH H2뚋D$DH5mj!HLHHD$H5Qj!HDHff.E14@A!AWIAVIAUAATL%d UH-d SL)HHt1LLDAHH9uH[]A\A]A^A_ff.HHhexdump: Can't write to stdout sha256file: Can't open file %s listdb: Can't allocate memory for buffer listdb: Can't generate temporary name listdb: Can't create temporary directory %s listdb: Can't unpack CVD file %s listdb: Can't list directory %s listdb: Malformed pattern line %u (file %s) listdir: Can't open directory %s listdir: Can't allocate memory for dbfile listdb: Error listing database %s decodehexstr: Can't allocate memory for decoded decodehexstr: Unknown wildcard (0x%x@%u) decodehexspecial: strdup(hex) failed decodehexspecial: Can't allocate memory for buff decodehexspecial: Empty block decodehexspecial: Empty string alternative block decodehexspecial: Invalid string alternative nesting decodehexspecial: Missing closing parenthesis missing regex expression terminator / cannot allocate memory for trigger string cannot allocate memory for regex expression cannot allocate memory for compile flags {WILDCARD_ANY_STRING(LENGTH==%u)}{WILDCARD_ANY_STRING(LENGTH>=%u&&<=%u)}{WILDCARD_ANY_STRING(LENGTH>=%u)}{WILDCARD_ANY_STRING(LENGTH<=%u)}Can't extract part %u of partial signature matchsig: Can't create new engine matchsig: cli_initroots() failed matchsig: Can't parse signature matchsig: Can't compile engine verifydiff: Invalid diff name verifydiff: Incorrect info file %s verifydiff: Incorrect format of %s verifydiff: Can't generate SHA256 for %s verifydiff: %s has incorrect checksum verifydiff: Incorrect file name (no .cdiff/.script extension) verifydiff: Can't generate temporary name for tempdir verifydiff: Can't create directory %s verifydiff: Can't unpack CVD file %s verifydiff: Can't copy dir %s to %s verifydiff: Can't open diff file %s verifydiff: Can't chdir to %s Verification: %s correctly applies to %s Verification: %s correctly applies to the previous version Clam AntiVirus: Signature Tool %s By The ClamAV Team: https://www.clamav.net/about.html#credits (C) 2022 Cisco Systems, Inc. --help -h Show this help --version -V Print version number and exit --quiet Be quiet, output only error messages --debug Enable debug messages --stdout Write to stdout instead of stderr. Does not affect 'debug' messages. --hex-dump Convert data from stdin to a hex string and print it on stdout --md5 [FILES] Generate MD5 checksum from stdin or MD5 sigs for FILES --sha1 [FILES] Generate SHA1 checksum from stdin or SHA1 sigs for FILES --sha256 [FILES] Generate SHA256 checksum from stdin or SHA256 sigs for FILES --mdb [FILES] Generate .mdb (section hash) sigs --imp [FILES] Generate .imp (import table hash) sigs --fuzzy-img FILE(S) Generate image fuzzy hash for each file --html-normalise=FILE Create normalised parts of HTML file --ascii-normalise=FILE Create normalised text file from ascii source --utf16-decode=FILE Decode UTF16 encoded files --info=FILE -i FILE Print database information --build=NAME [cvd] -b NAME Build a CVD file --max-bad-sigs=NUMBER Maximum number of mismatched signatures When building a CVD. Default: 3000 --flevel=FLEVEL Specify a custom flevel. Default: %u --cvd-version=NUMBER Specify the version number to use for the build. Default is to use the value+1 from the current CVD in --datadir. If no datafile is found the default behaviour is to prompt for a version number, this switch will prevent the prompt. NOTE: If a CVD is found in the --datadir its version+1 is used and this value is ignored. --no-cdiff Don't generate .cdiff file --unsigned Create unsigned database file (.cud) --hybrid Create a hybrid (standard and bytecode) database file --print-certs=FILE Print Authenticode details from a PE --server=ADDR ClamAV Signing Service address --datadir=DIR Use DIR as default database directory --unpack=FILE -u FILE Unpack a CVD/CLD file --unpack-current=SHORTNAME Unpack local CVD/CLD into cwd --list-sigs[=FILE] -l[FILE] List signature names --find-sigs=REGEX -fREGEX Find signatures matching REGEX --decode-sigs Decode signatures from stdin --test-sigs=DATABASE TARGET_FILE Test signatures from DATABASE against TARGET_FILE --vba=FILE Extract VBA/Word6 macro code --vba-hex=FILE Extract Word6 macro code with hex values --diff=OLD NEW -d OLD NEW Create diff for OLD and NEW CVDs --compare=OLD NEW -c OLD NEW Show diff between OLD and NEW files in cdiff format --run-cdiff=FILE -r FILE Execute update script FILE in cwd --verify-cdiff=DIFF CVD/CLD Verify DIFF against CVD/CLD hashsig: Can't access file %s hashsig: Can't generate hash for %s hashpe: Can't create fmap for open file hashpe: Can't create new engine hashpe: cli_initroots() failed hashpe: Can't parse signature hashpe: fmap_need_off_once failed! hashpe: CL_VIRUS after cli_genhash_pe()! hashpe: CL_BREAK after cli_genhash_pe()! hashpe: Other error %d inside cli_genhash_pe. hashsig: Can't generate requested hash for input stream hashsig: Can't generate hash for input stream maxlinelen: Can't open file %s maxlinelen: Can't read file %s compare: Can't get MD5 checksum of %s compare: Can't allocate memory for 'obuff' compare: Can't allocate memory for 'nbuff' compare: Can't allocate memory for 'tbuff' compare: Can't open file %s for reading compare: New %s file contains lines terminated with CRLF or CR diffdirs: Can't open %s for writing diffdirs: Can't open directory %s decodesig: Invalid or not supported signature format decodesig: Broken logical expression decodesig: Too many subsignatures decodesig: The number of subsignatures (==%u) doesn't match the IDs in the logical expression (==%u) decodesig: Invalid or not supported subsignature format decodesig: Invalid container size range decodesig: Invalid container size decodesig: Invalid compressed filesize decodesig: Invalid uncompressed filesize decodesig: Invalid encryption flag decodesig: Invalid file position decodesig: Invalid cyclic redundancy check sum decodesig: Invalid target type decodesig: Not supported signature format --test-sigs requires two arguments unpack: Couldn't find %s CLD/CVD database in %s unpack: %s is not a valid CVD build: --server is required for --build build: COPYING file not found in current working directory. build: Can't initialize antivirus engine build: Can't load database: %s build: There are no signatures in database files build: Can't open current directory build: Memory allocation error build: dblist2 == NULL (no .cbc files?) build: Signatures in %s db files: %u, loaded by libclamav: %u Bad number of signatures in database files build: Not a CVD/CLD/CUD file build: CAN'T READ CVD HEADER OF CURRENT DATABASE %s (wait 3 s) build: Can't get builder name writeinfo: Can't create file %s writeinfo: Can't generate SHA256 for %s writeinfo: Can't write to info file writeinfo: Can't get digital signature from remote server build: Can't generate info file build: Can't generate temporary name for tarfile build: Can't open file %s for writing build: Can't add COPYING to tar archive build: Can't open file %s for reading build: Can't generate MD5 checksum for %s build: Can't get digital signature from remote server build: Can't create final database %s build: Can't generate temporary name build: Can't create temporary directory %s build: Can't unpack CVD file %s Generated file is incorrect, removedGenerated file is incorrect, renamed to %s Can't initialize libclamav: %s Unexpected problem occurred while setting up rust logging... continuing without rust logging. Please submit an issue to https://github.com/Cisco-Talos/clamavCan't parse command line options You must provide one or more files to generate a hash.%s: Malloc failed, buffer size: %zu %s: Read fewer bytes than expected. The file may have been modified while attempting to process it. %s: Failed to calculate image fuzzy hash: %s %02x%02x%02x%02x%02x%02x%02x%02xasciinorm: Can't open file %s asciinorm: Can't allocate memory asciinorm: File size of %zu too large asciinorm: Can't open file ./normalised_text asciinorm: Can't write to file ./normalised_text utf16decode: Can't open file %s utf16decode: Can't allocate memory utf16decode: Can't create file %s utf16decode: Can't write to file %s cvdinfo: Can't read/parse CVD header of %s Verification: Unsigned container --list-sigs: Can't get status of %s --find-sigs: Can't compile regex vbadump: Can't generate temporary name vbadump: Can't create temporary directory %s makediff: --diff requires two arguments makediff: Can't read CVD header from %s makediff: The old CVD must be %u makediff: Can't generate temporary name for odir makediff: Can't create directory %s makediff: Can't unpack CVD file %s makediff: Can't generate temporary name for ndir makediff: --compare requires two arguments dumpcerts: Can't open file %s! dumpcerts: Can't create fmap for open file dumpcerts: Can't create new engine dumpcerts: cli_initroots() failed dumpcerts: Can't parse signature dumpcerts: Can't compile engine dumpcerts: No Authenticode signature detected dumpcerts: An error occurred when parsing the file dumpcerts: Other error %d inside cli_check_auth_header. rundiff: Incorrect file name (no .cdiff/.script extension) --verify-cdiff requires two arguments --verify-cdiff: Can't get status of %s sha256%02xlistdb: Can't open file %s listdb: fgets failed ClamAV-VDB:listdb: Invalid filename %s .db[%s] %s (Clam).crb.hdu.mdb.mdu.hsb.hsu.msb.msu.imp.ndb.ndu.ldb.ldu.sdb.zmd.rmd.cdb.cbc[%s BYTECODE] %s..%s/%s{WILDCARD_NIBBLE_HIGH:0x%x}{WILDCARD_NIBBLE_LOW:0x%x}Decoding failed (1): %s WDecoding failed (3): %s ()|Decoding failed (4): %s Decoding failed (2) pcre without logical trigger +-> TRIGGER: %s +-> REGEX: %s +-> CFLAGS: %s Decoding failed {WILDCARD_ANY_STRING}-*matches at offsetsmatch at offset/CHECK OFFSETSUBSIG: %s testMATCH: ** YES%s ** (%u %s: %uMATCH: ** NO ** verifydiff: strdup() failed %s.infoverifydiff: Can't open %s ClamAV-VDBDSIG.cdiffverifydiff: getcwd() failed verifydiff: Can't apply %s sigtool [options] hashsig%s:%u:%s hashpe: Can't open file %s! deadbeefhashpe: Can't compile engine hashpe: Not a valid PE file! #LSIZE %u OPEN %s ADD %s DEL %u %s XCHG %u %s %s CLOSE UNLINK %s diffdirs: getcwd() failed wbdiffdirs: Can't chdir to %s Generated diff file %s NOCASEFULLWORDWIDEASCIIUNKNOWNANYYESNOdecodesig: Invalid input VIRUS NAME: %s .{TDB: %s LOGICAL EXPRESSION: %s * BYTECODE SUBSIG * SUBSIG ID %d +-> OFFSET: %s +-> OFFSET: ANY +-> SIGMOD: +-> SIGMOD: NONE +-> DECODED SUBSIGNATURE: +-> CONTAINER TYPE: %s CONTAINER SIZE: WITHIN RANGE %s to %s FILENAME REGEX: %s UNCOMPRESSED FILESIZE: ENCRYPTION: IGNORED FILE POSITION: CL_TYPE_ZIPCL_TYPE_RARCRC SUM: ANY CRC SUM: %d FILE TYPE NAME: %s FILE SIGNATURE TYPE: %s FILE MAGIC OFFSET: %s FILE MAGIC HEX: %s FILE MAGIC DECODED: FILE TYPE REQUIRED: %s FILE TYPE DETECTED: %s FTM FLEVEL: >=%s FTM FLEVEL: %s..%s TOKENS COUNT: %u FUNCTIONALITY LEVEL: >=%s FUNCTIONALITY LEVEL: %s..%s TARGET TYPE: ANY FILE PE OLE2 HTML MAIL GRAPHICS ELF NORMALIZED ASCII TEXT DISASM DATA MACHO PDF FLASH JAVA CLASS DECODED SIGNATURE: test-sigstestsigs: Can't open file %s datadirunpack-current%s/%s.cvd%s/%s.cldunpackunpack: Can't unpack file %s serverCOPYINGbuildhybridlast.hdb%s.%smax-bad-sigs%s/%s.cudcvd-versionVersion number: build: scanf() failed Total sigs: %u New sigs: %u C%d %b %Y %H-%M %z:%u:flevelSIGNDUSERBuilder name: %32s:%uwriteinfo: Can't unlink %s wb+writeinfo: Can't write to %s DSIG:%s wb9fbytecode.infobuild: Can't write to %s build: Can't unlink %s Created %s Skipping .cdiff creation no-cdiff%s-%u.script%s.brokenquietstdoutdebughelphex-dumpmd5sha1fuzzy-img%s: Can't open file: %s %s: fstat() failed: %s %s: Failed to read file: %s %s: %s html-normalisehtmlnorm: Can't open file %s fmap failed ascii-normalisefmap: Could not map fd %d ./normalised_textutf16-decode%s.asciiFile: %s Build time: %s Version: %u Signatures: %u Functionality level: %u Builder: %s MD5: %s Digital signature: %s cvdinfo: Verification: %s Verification OK. list-sigs/var/lib/clamavfind-sigsdecode-sigsvbavba-hexvbadump: Can't open file %s compareprint-certsdumpcerts: No filename! run-cdiffrundiff: Can't open file %s verify-cdiffcfgignign2ftmidbsfpgdbpdbwdbIJnJYJDJ/JJJIJIJII1111111111111111111111111111{WILDCARD_IGNORE{NOT_BOUNDARY_RI{BOUNDARY_RIGHT}{NOT_BOUNDARY_LE{BOUNDARY_LEFT}{NOT_LINE_MARKER{LINE_MARKER_RIG{LINE_MARKER_LEF{NOT_WORD_MARKER{WORD_MARKER_RIG{WORD_MARKER_LEF{EXCLUDING_STRIN{STRING_ALTERNATconvenience_ctx: engine initialization failedconvenience_ctx: cli_initroots() failedconvenience_ctx: Can't parse signatureconvenience_ctx: failed to compile engine.convenience_ctx: ctx allocation failedconvenience_ctx: scan options allocation failedScanDir -> uniq_get('_vba_project') failed. -------------- start of code ------------------ %s -------------- end of code ------------------ ScanDir -> uniq_get('powerpoint document') failed. ScanDir -> uniq_get('worddocument') failed. ScanDir -> Can't open directory %s. convenience_ctx: fmap failed_vba_project%s/%s_%upowerpoint documentworddocumentcli_gentemp() failedERROR %s Can't open directory %s. 1.0.8/etc/freshclam.confDatabaseDirectory%s/daily.cvd%s/daily.cldClamAV %s ClamAV %s/%u/%sfile-list/dev/nullCan't open /dev/null dup2(%d, %d) failed ERROR: initgroups() failed. log file '%s'. Error was '%s' ERROR: setgid(%d) failed. ERROR: setuid(%d) failed. sigaction%s/Unable to allocate memory for db directory... ERROR: This tool requires libclamav with functionality level %u or higher (current f-level: %u) ERROR: --file-list: Can't open file %s Can't get information about user %s. ERROR: Can't get information about user %s. ERROR: lchown to user '%s' failed on lchown to user '%s' failed on log file '%s'. Error was '%s' ERROR: optaddarg: Unregistered option %s ERROR: optaddarg: strdup() failed ERROR: optaddarg: malloc() failed ERROR: optparse: Can't register new option (not enough memory) ERROR: optparse: longopts[] is too small ERROR: optparse: shortopts[] is too small ERROR: optparse: (short|long)opts[] is too small ERROR: Please edit the example config file %s ERROR: Missing argument for option at %s:%d ERROR: Missing closing parenthesis in option %s at %s:%d ERROR: Empty argument for option %s at %s:%d ERROR: Incomplete option passed (missing argument) ERROR: optparse: No corresponding long name for option '-%c' ERROR: Parse error at %s:%d: Unknown option %s WARNING: Ignoring unsupported option %s at %s:%d WARNING: Ignoring unsupported option --%s (-%c) WARNING: Ignoring unsupported option --%s ERROR: Can't register argument for option %s ERROR: Can't register argument for option --%s WARNING: Ignoring deprecated option %s at %s:%d WARNING: Ignoring deprecated option --%s (-%c) WARNING: Ignoring deprecated option --%s ERROR: optparse: Can't compile regular expression %s for option %s ERROR: Incorrect argument format for option %s ERROR: Incorrect argument format for option --%s (-%c) ERROR: Incorrect argument format for option --%s ERROR: Option --%s (-%c) requires a non-empty string argument ERROR: Option --%s requires a non-empty string argument ERROR: Can't parse numerical argument for option %s ERROR: Can't parse numerical argument for option --%s (-%c) ERROR: Can't parse numerical argument for option --%s WARNING: Numerical value for option %s too high, resetting to 4G WARNING: Numerical value for option --%s (-%c) too high, resetting to 4G ERROR: optparse: calloc failed ERROR: optparse: strdup failed ERROR: Problem parsing options (name == NULL) ERROR: Parse error: Unknown option %s WARNING: Ignoring unsupported option %s WARNING: Ignoring deprecated option %s Dump authenticode certificate chain.Perform HTML, script, and text normalizationAlways generate MDB entries for PE sectionsMaximum number of mismatched signatures when building a CVD. Zero disables this limit.Feature level to put in the CVDVersion number of the CVD to buildCreate a hybrid (standard and bytecode) database fileForce using the interpreter instead of the JITTrust loaded bytecode (default yes)Load and print bytecode information without executingPrint IR of bytecode signatureInput file to run the bytecode nDon't show source line during tracingName of the analyzer as seen in prewikkaSave all reports to a log file.By default the log file is locked for writing and only a single daemon process can write to it. This option disables the lock.Maximum size of the log file. Value of 0 disables the limit.Log all clean files. Useful in debugging but drastically increases the log size.Use the system logger (can work together with LogFile).Type of syslog messages. Please refer to 'man syslog' for the facility names.Rotate log file. Requires LogFileMaxSize option set prior to this option.Log additional information about the infected file, such as its size and hash, together with the virus name.Save the process ID to a file.This option allows you to change the default temporary directory.This option allows you to change the default database directory. If you enable it, please make sure it points to the same directory in both clamd and freshclam.Only load the official signatures published by the ClamAV project.By default, yara rules will be loaded. This option allows you to exclude yara rules when scanning and also to scan only using yara rules. Valid options are yes|no|onlyPath to a local socket file the daemon will listen on.Sets the group ownership on the unix socket.Sets the permissions on the unix socket to the specified mode.Remove a stale socket after unclean shutdownA TCP port number the daemon will listen on.By default clamd binds to INADDR_ANY. This option allows you to restrict the TCP address and provide some degree of protection from the outside world.Maximum length the queue of pending connections may grow to.Close the STREAM session when the data size limit is exceeded. The value should match your MTA's limit for the maximum attachment size.The STREAM command uses an FTP-like protocol. This option sets the lower boundary for the port range.This option sets the upper boundary for the port range.Maximum number of threads running at the same time.This option specifies the time (in seconds) after which clamd should timeout if a client doesn't provide any data.This option specifies the time (in seconds) after which clamd should timeout if a client doesn't provide any initial command after connecting.This option specifies how long to wait (in milliseconds) if the send buffer is full. Keep this value low to prevent clamd hanging.Waiting for data from clamd will timeout after this time (seconds).Maximum number of queued items (including those being processed by MaxThreads threads). It is recommended to have this value at least twice MaxThreads if possible. WARNING: you shouldn't increase this too much to avoid running out of file descriptors, the following condition should hold: MaxThreads*MaxRecursion + MaxQueue - MaxThreads + 6 < RLIMIT_NOFILE (usual max for RLIMIT_NOFILE is 1024) This option specifies how long (in seconds) the process should wait for a new job.Don't scan files/directories whose names match the provided regular expression. This option can be specified multiple times.Maximum depth the directories are scanned at.Follow symlinks to regular files.Scan files and directories on other filesystems.This option specifies the time intervals (in seconds) in which clamd should perform a database check.Enable non-blocking (multi-threaded/concurrent) database reloads. This feature will temporarily load a second scanning engine while scanning continues using the first engine. Once loaded, the new engine takes over. The old engine is removed as soon as all scans using the old engine have completed. This feature requires more RAM, so this option is provided in case users are willing to block scans during reload in exchange for lower RAM requirements.This option allows you to disable clamd's caching feature.Execute a command when virus is found. Use the following environment variables to identify the file and virus names: - $CLAM_VIRUSEVENT_FILENAME - $CLAM_VIRUSEVENT_VIRUSNAME In the command string, '%v' will also be replaced with the virus name. Note: The '%f' filename format character has been disabled and will no longer be replaced with the file name, due to command injection security concerns. Use the 'CLAM_VIRUSEVENT_FILENAME' environment variable instead. For the same reason, you should NOT use the environment variables in the command directly, but should use it carefully from your executed script.Stop the daemon when libclamav reports an out of memory condition.Permit use of the ALLMATCHSCAN command.Enable debug messages in libclamav.Don't remove temporary files (for debugging purposes).Record metadata about the file being scanned. Scan metadata is useful for file analysis purposes and for debugging scan behavior. The JSON metadata will be printed after the scan is complete if Debug is enabled. A metadata.json file will be written to the scan temp directory if LeaveTemporaryFiles is enabled.Run the daemon as a specified user (the process must be started by root).With this option enabled ClamAV will load bytecode from the database. It is highly recommended you keep this option on, otherwise you'll miss detections for many new viruses.Set bytecode security level. Possible values: TrustSigned - trust bytecode loaded from signed .c[lv]d files, insert runtime safety checks for bytecode loaded from other sources Paranoid - don't trust any bytecode, insert runtime checks for all Recommended: TrustSigned, because bytecode in .cvd files already has these checks.Set bytecode timeout in milliseconds.Allow loading bytecode from outside digitally signed .c[lv]d files.^(Auto|ForceJIT|ForceInterpreter|Test)$Set bytecode execution mode. Possible values: Auto - automatically choose JIT if possible, fallback to interpreter ForceJIT - always choose JIT, fail if not possible ForceInterpreter - always choose interpreter Test - run with both JIT and interpreter and compare results. Make all failures fatal.^(none|None|bytecode|Bytecode|pcre|PCRE)$Collect and print execution statistics. Possible values: Bytecode - reports bytecode statistics PCRE - reports PCRE execution statistics None - reports no statisticsDetect Potentially Unwanted Applications.Exclude a specific PUA category. This directive can be used multiple times. See https://docs.clamav.net/faq/faq-pua.html for the complete list of PUA categories.Only include a specific PUA category. This directive can be used multiple times.PE stands for Portable Executable - it's an executable file format used in all 32- and 64-bit versions of Windows operating systems. This option allows ClamAV to perform a deeper analysis of executable files and it's also required for decompression of popular executable packers such as UPX or FSG. If you turn off this option, the original files will still be scanned, but without additional processing.Executable and Linking Format is a standard format for UN*X executables. This option allows you to control the scanning of ELF files. If you turn off this option, the original files will still be scanned, but without additional processing.Enable the built in email scanner. If you turn off this option, the original files will still be scanned, but without parsing individual messages/attachments.Scan RFC1341 messages split over many emails. You will need to periodically clean up $TemporaryDirectory/clamav-partial directory. WARNING: This option may open your system to a DoS attack. Please don't use this feature on highly loaded servers.With this option enabled ClamAV will try to detect phishing attempts by using signatures.Scan URLs found in mails for phishing attempts using heuristics.In some cases (eg. complex malware, exploits in graphic files, and others), ClamAV uses special algorithms to provide accurate detection. This option controls the algorithmic detection.Allow heuristic match to take precedence. When enabled, if a heuristic scan (such as phishingScan) detects a possible virus/phish it will stop scan immediately. Recommended, saves CPU scan-time. When disabled, virus/phish detected by heuristic scans will be reported only at the end of a scan. If an archive contains both a heuristically detected virus/phish, and a real malware, the real malware will be reported. Keep this disabled if you intend to handle "Heuristics.*" viruses differently from "real" malware. If a non-heuristically-detected virus (signature-based) is found first, the scan is interrupted immediately, regardless of this config option.Enable the Data Loss Prevention module.This option sets the lowest number of Credit Card numbers found in a file to generate a detect.This option sets the lowest number of Social Security Numbers found in a file to generate a detect.With this option enabled the DLP module will search for valid SSNs formatted as xxx-yy-zzzz.With this option enabled the DLP module will search for valid SSNs formatted as xxxyyzzzzPerform HTML/JavaScript/ScriptEncoder normalisation and decryption. If you turn off this option, the original files will still be scanned, but without additional processing.This option enables scanning of OLE2 files, such as Microsoft Office documents and .msi files. If you turn off this option, the original files will still be scanned, but without additional processing.With this option enabled clamav will try to detect broken executables (PE, ELF, & Mach-O) and alert on them with a Broken.Executable heuristic signature.With this option enabled clamav will try to detect broken media files (JPEG, TIFF, PNG, GIF) and alert on them with a Broken.Media heuristic signature.Alert on encrypted archives and documents (encrypted .zip, .7zip, .rar, .pdf).With this option enabled the DLP module will search for valid Credit Card numbers only. Debit and Private Label cards will not be searched.Alert on encrypted archives (encrypted .zip, .7zip, .rar).Alert on encrypted documents (encrypted .pdf).With this option enabled OLE2 files with VBA macros, which were not detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros".Alert on SSL mismatches in URLs, even if they're not in the database. This feature can lead to false positives.Alert on cloaked URLs, even if they're not in the database. This feature can lead to false positives.Alert on raw DMG image files containing partition intersections.This option enables scanning within PDF files. If you turn off this option, the original files will still be scanned, but without decoding and additional processing.This option enables scanning within SWF files. If you turn off this option, the original files will still be scanned, but without decoding and additional processing.This option enables scanning xml-based document files supported by libclamav. If you turn off this option, the original files will still be scanned, but without additional processing.This option enables scanning HWP3 files. If you turn off this option, the original files will still be scanned, but without additional processing.Scan within archives and compressed files. If you turn off this option, the original files will still be scanned, but without unpacking and additional processing.This option causes memory or nested map scans to dump the content to disk. If you turn on this option, more data is written to disk and is available when the leave-temps option is enabled at the cost of more disk writes.This option sets the maximum amount of time a scan may take to complete. The value of 0 disables the limit. WARNING: disabling this limit or setting it too high may result allow scanning of certain files to lock up the scanning process/threads resulting in a Denial of Service. The value is in milliseconds.This option sets the maximum amount of data to be scanned for each input file. Archives and other containers are recursively extracted and scanned up to this value. The value of 0 disables the limit. WARNING: disabling this limit or setting it too high may result in severe damage.Files/messages larger than this limit won't be scanned. Affects the input file itself as well as files contained inside it (when the input file is an archive, a document or some other kind of container). The value of 0 disables the limit. WARNING: disabling this limit or setting it too high may result in severe damage to the system.Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR file, all files within it will also be scanned. This option specifies how deeply the process should be continued. The value of 0 disables the limit. WARNING: disabling this limit or setting it too high may result in severe damage to the system.Number of files to be scanned within an archive, a document, or any other container file. The value of 0 disables the limit. WARNING: disabling this limit or setting it too high may result in severe damage to the system.This option sets the maximum size of a file to check for embedded PE. Files larger than this value will skip the additional analysis step. Negative values are not allowed. WARNING: setting this limit too high may result in severe damage or impact performance.This option sets the maximum size of a HTML file to normalize. HTML files larger than this value will not be normalized or scanned. Negative values are not allowed. WARNING: setting this limit too high may result in severe damage or impact performance.This option sets the maximum size of a normalized HTML file to scan. HTML files larger than this value after normalization will not be scanned. Negative values are not allowed. WARNING: setting this limit too high may result in severe damage or impact performance.This option sets the maximum size of a script file to normalize. Script content larger than this value will not be normalized or scanned. Negative values are not allowed. WARNING: setting this limit too high may result in severe damage or impact performance.This option sets the maximum size of a ZIP file to reanalyze type recognition. ZIP files larger than this value will skip the step to potentially reanalyze as PE. Negative values are not allowed. WARNING: setting this limit too high may result in severe damage or impact performance.This option sets the maximum number of partitions of a raw disk image to be scanned. Raw disk images with more partitions than this value will have up to the value number partitions scanned. Negative values are not allowed. WARNING: setting this limit too high may result in severe damage or impact performance.This option sets the maximum number of icons within a PE to be scanned. PE files with more icons than this value will have up to the value number icons scanned. Negative values are not allowed. WARNING: setting this limit too high may result in severe damage or impact performance.This option sets the maximum recursive calls to HWP3 parsing function. HWP3 files using more than this limit will be terminated and alert the user. Scans will be unable to scan any HWP3 attachments if the recursive limit is reached. Negative values are not allowed. WARNING: setting this limit too high may result in severe damage or impact performance.This option sets the maximum calls to the PCRE match function during an instance of regex matching. Instances using more than this limit will be terminated and alert the user but the scan will continue. For more information on match_limit, see the PCRE documentation. Negative values are not allowed. WARNING: setting this limit too high may severely impact performance.This option sets the maximum recursive calls to the PCRE match function during an instance of regex matching. Instances using more than this limit will be terminated and alert the user but the scan will continue. For more information on match_limit_recursion, see the PCRE documentation. Negative values are not allowed and values > PCREMatchLimit are superfluous. WARNING: setting this limit too high may severely impact performance.This option sets the maximum filesize for which PCRE subsigs will be executed. Files exceeding this limit will not have PCRE subsigs executed unless a subsig is encompassed to a smaller buffer. Negative values are not allowed. Setting this value to zero disables the limit. WARNING: setting this limit too high or disabling it may severely impact performance.This option specifies a directory or mount point which should be scanned on access. The mount point specified, or the mount point containing the specified directory will be watched, but only notifications will occur. If any directories are specified, this option will preempt the DDD system. It can also be used multiple times.This option specifies a directory (including all files and directories inside it), which should be scanned on access. This option can be used multiple times.This option allows excluding directories from on-access scanning. It can be used multiple times. Only works with DDD system.Use this option to exclude the root UID (0) and allow any processes run under root to access all watched files without triggering scans.With this option you can exclude specific UIDs. Processes with these UIDs will be able to access all files. This option can be used multiple times (one per line). Using a value of 0 on any line will disable this option entirely. To exclude the root UID please enable the OnAccessExcludeRootUID option.This option allows exclusions via user names when using the on-access scanning client. It can be used multiple times.Files larger than this value will not be scanned in on access.This option toggles the dynamic directory determination system for on-access scanning (Linux only).This option changes fanotify behavior to prevent access attempts on malicious files instead of simply notifying the user (On Access scan only).Enables extra scanning and notification after catching certain inotify events. Only works with the DDD system enabled.Max amount of time (in milliseconds) that the OnAccess client should spend for every connect, send, and recieve attempt when communicating with clamd via curl (5s default)Max number of scanning threads to allocate to the OnAccess thread pool at startup--these threads are the ones responsible for creating a connection with the daemon and kicking off scanning after an event has been processed. To prevent clamonacc from consuming all clamd's resources keep this lower than clamd's max threads. Default is 5Number of times the OnAccess client will retry a failed scan due to connection problems (or other issues). Defaults to no retries.When using prevention, if this option is turned on, any errors that occur during scanning will result in the event attempt being denied. This could potentially lead to unwanted system behaviour with certain configurations, so the client defaults to off and allowing access events in case of error.When started by root freshclam will drop privileges and switch to the user defined in this option.This option defined how many times daily freshclam should check for a database update.Use DNS to verify the virus database version. FreshClam uses DNS TXT records to verify the versions of the database and software itself. With this directive you can change the database verification domain. WARNING: Please don't change it unless you're configuring freshclam to use your own database verification domain.DatabaseMirror specifies to which mirror(s) freshclam should connect. You should have at least one entry: database.clamav.net.This option allows you to easily point freshclam to private mirrors. If PrivateMirror is set, freshclam does not attempt to use DNS to determine whether its databases are out-of-date, instead it will use the If-Modified-Since request or directly check the headers of the remote database files. For each database, freshclam first attempts to download the CLD file. If that fails, it tries to download the CVD file. This option overrides DatabaseMirror, DNSDatabaseInfo and Scripted Updates. It can be used multiple times to provide fall-back mirrors.mirror1.mynetwork.com mirror2.mynetwork.comThis option defines how many attempts freshclam should make before giving up.With this option you can control scripted updates. It's highly recommended to keep them enabled.With this option enabled, freshclam will attempt to load new databases into memory to make sure they are properly handled by libclamav before replacing the old ones. Tip: This feature uses a lot of RAM. If your system has limited RAM and you are actively running ClamD or ClamScan during the update, then you may need to set `TestDatabases no`.By default freshclam will keep the local databases (.cld) uncompressed to make their handling faster. With this option you can enable the compression. The change will take effect with the next database update.Include an optional signature databases (opt-in). This option can be used multiple times.Exclude a standard signature database (opt-out). This option can be used multiple times.With this option you can provide custom sources (http:// or file://) for database files. This option can be used multiple times.http://myserver.com/mysigs.ndb file:///mnt/nfs/local.hdbIf you're behind a proxy, please enter its address here.A user name for the HTTP proxy authentication.A password for the HTTP proxy authentication.If your servers are behind a firewall/proxy which does a User-Agent filtering you can use this option to force the use of a different User-Agent header.Send the RELOAD command to clamd after a successful update.Run a command after a successful database update. Use EXIT_1 to return 1 after successful database update.Run a command when a database update error occurs.Run a command when freshclam reports an outdated version. In the command string %v will be replaced with the new version number.With this option you can provide a client address for the database downloading. Useful for multi-homed systems.Timeout in seconds when connecting to database server.Timeout in seconds when reading from database server. 0 means no timeout.This option enables downloading of bytecode.cvd, which includes additional detection mechanisms and improvements to the ClamAV engine.Disable authenticode certificate chain verification in PE files.Deprecated option to download signatures derived from the Google Safe Browsing API. See https://blog.clamav.net/2020/06/the-future-of-clamav-safebrowsing.html for more details.Deprecated option to set the max-scantime. The value is in milliseconds.Deprecated option to alert on broken PE and ELF executable files.Deprecated option to enable heuristic alerts (e.g. "Heuristics.")PhishingAlwaysBlockSSLMismatchDeprecated option to alert on SSL mismatches in URLs, even if they're not in the database. This feature can lead to false positives.Deprecated option to alert on cloaked URLs, even if they're not in the database. This feature can lead to false positives.Deprecated option to alert on raw DMG image files containing partition intersections.Deprecated option to alert on encrypted archives and documents (encrypted .zip, .7zip, .rar, .pdf).Initialize a supplementary group access (the process must be started by root).Define the clamd socket to connect to for scanning. This option is mandatory! Syntax: ClamdSocket unix:path ClamdSocket tcp:host:port The first syntax specifies a local unix socket (needs an absolute path) e.g.: ClamdSocket unix:/var/run/clamd/clamd.socket The second syntax specifies a tcp local or remote tcp socket: the host can be a hostname or an ip address; the ":port" field is only required for IPv6 addresses, otherwise it defaults to 3310 ClamdSocket tcp:192.168.0.1 This option can be repeated several times with different sockets or even with the same socket: clamd servers will be selected in a round-robin fashion.Define the interface through which we communicate with sendmail. This option is mandatory! Possible formats are: [[unix|local]:]/path/to/file - to specify a unix domain socket; inet:port@[hostname|ip-address] - to specify an ipv4 socket; inet6:port@[hostname|ip-address] - to specify an ipv6 socket./tmp/clamav-milter.socket inet:7357Define the group ownership for the (unix) milter socket.Sets the permissions on the (unix) milter socket to the specified mode.Messages originating from these hosts/networks will not be scanned This option takes a host(name)/mask pair in CIRD notation and can be repeated several times. If "/mask" is omitted, a host is assumed. To specify a locally originated, non-smtp, email use the keyword "local".local 192.168.0.0/24 1111:2222:3333::/48^(Accept|Reject|Defer|Blackhole|Quarantine)$Action to be performed on clean messages (mostly useful for testing). The following actions are available: Accept: the message is accepted for delivery Reject: immediately refuse delivery (a 5xx error is returned to the peer) Defer: return a temporary failure message (4xx) to the peer Blackhole: like Accept but the message is sent to oblivion Quarantine: like Accept but message is quarantined instead of being deliveredAction to be performed on error conditions (this includes failure to allocate data structures, no scanners available, network timeouts, unknown scanner replies and the like. The following actions are available: Accept: the message is accepted for delivery; Reject: immediately refuse delivery (a 5xx error is returned to the peer); Defer: return a temporary failure message (4xx) to the peer.This option allows you to set a specific rejection reason for infected messages and it's therefore only useful together with "OnInfected Reject" The string "%v", if present, will be replaced with the virus name.If this option is set to "Replace" (or "Yes"), an "X-Virus-Scanned" and an "X-Virus-Status" headers will be attached to each processed message, possibly replacing existing headers. If it is set to Add, the X-Virus headers are added possibly on top of the existing ones. Note that while "Replace" can potentially break DKIM signatures, "Add" may confuse procmail and similar filters.When AddHeader is in use, this option allows you to set the reported hostname. This may be desirable in order to avoid leaking internal names. If unset the real machine name is used.Execute a command when an infected message is processed. The following parameters are passed to the invoked program in this order: virus name, queue id, sender, destination, subject, message id, message date. Note #1: this requires MTA macroes to be available (see LogInfected below) Note #2: the process is invoked in the context of clamav-milter Note #3: clamav-milter will wait for the process to exit. Be quick or fork to avoid unnecessary delays in email delivery/usr/local/bin/my_infected_message_handlerChroot to the specified directory. Chrooting is performed just after reading the config file and before dropping privileges.This option specifies a file which contains a list of basic POSIX regular expressions. Addresses (sent to or from - see below) matching these regexes will not be scanned. Optionally each line can start with the string "From:" or "To:" (note: no whitespace after the colon) indicating if it is, respectively, the sender or recipient that is to be allowed. If the field is missing, "To:" is assumed. Lines starting with #, : or ! are ignored.Messages from authenticated SMTP users matching this extended POSIX regular expression (egrep-like) will not be scanned. As an alternative, a file containing a plain (not regex) list of names (one per line) can be specified using the prefix "file:". e.g. SkipAuthenticated file:/etc/good_guys Note: this is the AUTH login name!SkipAuthenticated ^(tom|dick|henry)$This option allows you to tune what is logged when a message is infected. Possible values are Off (the default - nothing is logged), Basic (minimal info logged), Full (verbose info logged) Note: For this to work properly in sendmail, make sure the msg_id, mail_addr, rcpt_addr and i macroes are available in eom. In other words add a line like: Milter.macros.eom={msg_id}, {mail_addr}, {rcpt_addr}, i to your .cf file. Alternatively use the macro: define(`confMILTER_MACROS_EOM', `{msg_id}, {mail_addr}, {rcpt_addr}, i') Postfix should be working fine with the default settings.This option allows you to tune what is logged when no threat is found in a scanned message. See LogInfected for possible values and caveats. Useful in debugging but drastically increases the log size.This option affects the behaviour of LogInfected, LogClean and VirusAction when a message with multiple recipients is scanned: If SupportMultipleRecipients is off (the default) then one single log entry is generated for the message and, in case the message is determined to be malicious, the command indicated by VirusAction is executed just once. In both cases only the last recipient is reported. If SupportMultipleRecipients is on: then one line is logged for each recipient and the command indicated by VirusAction is also executed once for each recipient. Note: although it's probably a good idea to enable this option, the default value is currently set to off for legacy reasons.Example ERROR: Unknown option passed fooyestrue^(yes|true|1|no|false|0)$config-file/etc/clamd.d/scan.conf/etc/mail/clamav-milter.confgen-jsondumpcertsleave-tempsno-warningsshow-progressdaemonno-dnslist-mirrorsupdate-dbreloadmultiscanfdpassstreamallmatchdatabaserecursivegen-mdbfollow-dir-symlinks^[0-9]+$follow-file-symlinksbellno-summaryinfectedpingwaitsuppress-ok-resultscopyremoveexcludeexclude-dirincludeinclude-dirstructured-ssn-format3000defaultcolorsconfig-dir/etcnon-defaultgenerate-configforce-interpretertrust-bytecodeprintsrcPrint source code of bytecodeprintbcirinputtracebytecode trace levelno-trace-showsourcearchive-verbosebytecode-trust-allhttp-proxyproxy-userlog-verboseforcedisable-summarydisable-archiveno-archiveno-peno-elfno-ole2no-pdfno-htmlno-mailno-phishing-sigsno-phishing-scan-urlsno-algorithmicno-phishing-restrictedscanmax-ratiomax-space^[0-9]+[KM]?$unzipunrararjunzoolhajartartgzdebAlertExceedsMaxalert-exceeds-maxPreludeEnableprelude-enableEnable preludePreludeAnalyzerNameprelude-analyzer-name/tmp/clamav.logLogFileUnlockLogFileMaxSize5MLogTimeLog time with each message.LogCleanLogSyslogLogFacilityLOG_LOCAL6LOG_MAILLogVerboseEnable verbose logging.LogRotatelog-rotateExtendedDetectionInfoPidFile/var/run/clam.pidTemporaryDirectorytempdir/tmpOfficialDatabaseOnlyofficial-db-onlynoYaraRulesyara-rulesLocalSocket/tmp/clamd.socketLocalSocketGroupvirusgroupLocalSocketMode660FixStaleSocketTCPSocket3310TCPAddrlocalhostMaxConnectionQueueLength30StreamMaxLength100MStreamMinPort1024StreamMaxPort2048120CommandReadTimeoutSendBufTimeout200300MaxQueueIdleTimeout^/proc/ ^/sys/MaxDirectoryRecursionmax-dir-recursion15FollowDirectorySymlinksFollow directory symlinks.FollowFileSymlinksCrossFilesystemscross-fsSelfCheck600ConcurrentDatabaseReloadDisableCachedisable-cacheVirusEvent/opt/send_virus_alert_sms.shExitOnOOMAllowAllMatchScanForegroundforegroundDon't fork into background.DebugLeaveTemporaryFilesGenerateMetadataJsonUserBytecodeBytecodeSecurity^(TrustSigned|Paranoid)$TrustSignedBytecodeTimeoutbytecode-timeout10000BytecodeUnsignedbytecode-unsignedBytecodeModebytecode-modeAutoStatisticsstatisticsNoneDetectPUAdetect-puaExcludePUAexclude-puaNetTool PWToolIncludePUAinclude-puaSpy Scanner RATScanPEscan-peScanELFscan-elfScanMailscan-mailScanPartialMessagesPhishingSignaturesPhishingScanURLsHeuristicAlertsheuristic-alertsHeuristicScanPrecedenceheuristic-scan-precedenceStructuredDataDetectiondetect-structuredStructuredMinCreditCardCountstructured-cc-countStructuredMinSSNCountstructured-ssn-countStructuredSSNFormatNormalStructuredSSNFormatStrippedScanHTMLscan-htmlScanOLE2scan-ole2AlertBrokenExecutablesalert-brokenAlertBrokenMediaalert-broken-mediaAlertEncryptedalert-encryptedStructuredCCOnlystructured-cc-modeAlertEncryptedArchivealert-encrypted-archiveAlertEncryptedDocalert-encrypted-docAlertOLE2Macrosalert-macrosAlertPhishingSSLMismatchalert-phishing-sslAlertPhishingCloakalert-phishing-cloakAlertPartitionIntersectionalert-partition-intersectionScanPDFscan-pdfScanSWFscan-swfScanXMLDOCSscan-xmldocsScanHWP3scan-hwp3ScanArchivescan-archiveForceToDiskforce-to-diskMaxScanTimemax-scantime120000max-scansize400Mmax-recursion17max-filesMaxEmbeddedPEmax-embeddedpe40MMaxHTMLNormalizemax-htmlnormalizeMaxHTMLNoTagsmax-htmlnotags8MMaxScriptNormalizemax-scriptnormalize20MMaxZipTypeRcgmax-ziptypercg1MMaxPartitionsmax-partitions128MaxIconsPEmax-iconspe100MaxRecHWP3max-rechwp316PCREMatchLimitpcre-match-limit100000PCRERecMatchLimitpcre-recmatch-limit5000PCREMaxFileSizepcre-max-filesizeOnAccessMountPath/ /home/userOnAccessIncludePath/home /studentsOnAccessExcludePath/home/bofh /rootOnAccessExcludeRootUIDOnAccessExcludeUIDOnAccessExcludeUnameclamuserOnAccessMaxFileSizeOnAccessDisableDDDOnAccessPreventionOnAccessExtraScanningOnAccessCurlTimeout10000LOnAccessMaxThreadsOnAccessRetryAttemptsOnAccessDenyOnErrorwatch-listexclude-listDevACOnlydev-ac-onlyDevACDepthdev-ac-depthDevPerformancedev-performanceDevLiblogdev-liblogUpdateLogFile/var/log/freshclam.logDatabaseOwnerclamupdateCheckschecksDNSDatabaseInfocurrent.cvd.clamav.netDatabaseMirrordatabase.clamav.netPrivateMirrorMaxAttemptsScriptedUpdatesTestDatabasesCompressLocalDatabaseExtraDatabasedbname1 dbname2ExcludeDatabaseDatabaseCustomURLHTTPProxyServeryour-proxyHTTPProxyPortHTTP proxy's port8080HTTPProxyUsernameusernameHTTPProxyPasswordHTTPUserAgentNotifyClamddaemon-notifyOnUpdateExecuteon-update-executecommandOnErrorExecuteon-error-executeOnOutdatedExecuteon-outdated-executeLocalIPAddresslocal-addressaaa.bbb.ccc.dddConnectTimeoutReceiveTimeoutDisableCertChecknocertsSafeBrowsingTimeLimittimelimitDetectBrokenExecutablesdetect-brokenAlgorithmicDetectionalgorithmic-detectionblock-maxPhishingAlwaysBlockCloakOLE2BlockMacrosblock-macrosArchiveBlockEncryptedblock-encryptedMailMaxRecursionArchiveMaxScanSizeArchiveMaxRecursionArchiveMaxFilesArchiveMaxCompressionRatioArchiveBlockMaxArchiveLimitMemoryUsageMailFollowURLsmail-follow-urlsAllowSupplementaryGroupsScanOnAccessClamdSockettcp:scanner.mydomain:7357MilterSocketMilterSocketGroupMilterSocketModeLocalNetOnCleanAcceptOnInfectedQuarantineOnFail^(Accept|Reject|Defer)$DeferRejectMsgMTA specificAddHeader^(No|Replace|Yes|Add)$ReplaceReportHostnamemy.mail.server.nameVirusActionChroot/newrootAllowList/etc/allowed_addressesWhitelistSkipAuthenticatedLogInfectedBasicSupportMultipleRecipientsERROR: %sWARNING: %sLog size = %lld, max = %lld -%Y%m%d_%H%M%S.log%s -> %s -> %sLOG_AUTHLOG_AUTHPRIVLOG_CRONLOG_DAEMONLOG_FTPLOG_KERNLOG_LPRLOG_NEWSLOG_SYSLOGLOG_USERLOG_UUCPLOG_LOCAL0LOG_LOCAL1LOG_LOCAL2LOG_LOCAL3LOG_LOCAL4LOG_LOCAL5LOG_LOCAL7WARNING: Log size limit met but log file rotation turned off. Forcing log file rotation anyways. Need to rotate log file due to size but ran out of memory. Need to rotate log file due to size but could not get local time. ERROR: Failed to open log file %s: %s ERROR: Failed to convert the open log file descriptor for %s to a FILE* handle: %s WARNING: File locking not supported (NFS?)ERROR: Failed to lock the log file %s: %s %o%06oPOSIXLY_CORRECT%s: illegal option -- %c %s: unrecognized option `%s' %s: option `%s' is ambiguous %s: option requires an argument -- %c %s: option `--%s' doesn't allow an argument %s: option `--%s' requires an argument ;Bh+P5x8@ ([8\\]^8fxjltlx}8,dȓȮLH80  H 8(  (( 8 \ p  8 hHh|hxx(84hHt xH($p$%x%zRx X/D$4)p FJ w?:*3$"\X3` 8tYBAA G L@I@  AABA $ZT ZBBB B(A0A8G L@I@ 8A0A(B BBBG HH[ABBE B(K0A8DP 8D0A(B BBBD HhLcBBB E(A0A8DP% 8C0A(B BBBF HfBBB B(D0A8DP 8D0A(B BBBI Lth(BBB B(A0A8G 8A0A(B BBBE HPTpBBE B(A0A8Dp 8A0A(B BBBJ pxBNL B(A0A8LHSEIvPA1 8A0A(B BBBD T|BBB B(A0A8G L@IA 8A0A(B BBBA \h~xBEL B(A0D8G T 8A0A(B BBBA  N A A D`BBB B(A0A8GuOIKK 8A0A(B BBBE HH<BDB E(A0A8G 8A0A(B BBBA d5BBB E(A0A8DL 8A0A(B BBBI  8C0A(B BBBI lBBB B(A0A8G  N Z D  N g A } 8A0A(B BBBA 8lBHD d CBI I FBG L̗uBBB B(D0A8JI 8A0A(B BBBF 4AAH Q D AAA D0tzBBA A(H Q D (A ABBA \xRBIA D(G (A ABBA RIjB_TUA8BBD D(D0F (A ABBA BBB B(A0A8G L@LMMLMYMAM;MAMbMBMiMMM[MAMMLMbMBM 8A0A(B BBBA FMOMMMAMMFMSMBMMSMWMAMGMPM[MBM 6FBB B(D0A8I@MQB 8A0A(B BBBA PFFIIII Y`OHD.LNDPHP!FAC }(O0I8K@K  ABC ` ABE 4N| FDB B(A0A8G  \ ] B  S a C  S f A  8A0A(B BBBA L HBBE B(A0A8Gf 8A0A(B BBBD  EAF l hFBB B(A0A8D@IHFP[HA@| 8D0A(B BBBJ , 8D0A(B BBBG X| =FBB A(D0D@ 0D(A BBBF D 0A(A BBBD  VHT D sD LAA k ABD  ABG R ABK @ @T FKB A(A0DP 0A(A BBBA  !EN E H 0HM K  EO8 $"FBD A(G0T (A ABBB 0, FDD GC  AABD 8` FJG D(G (A ABBI  0 FHA Gn  AABH $ TAAG EDA` HBEE J(D0D8DP 8A0A(B BBBH L 8C0A(B BBBA Lp tBED D(D0g (A ABBH  (C ABBA $ TEAG ADA, ,ODA ABA`FBB B(A0A8G L00D0P0A0 8A0A(B BBBA \|FBE B(D0C8F`DFB 8A0A(B BBBA LFBB B(A0D8G 8A0A(B BBBI (,_EAD } DAL HXL FBB B(D0D8G 8A0A(B BBBI L  FBB E(A0A8I E 8A0A(B BBBG 4bFKC s IBF AFBT,(iFBB B(A0A8G L@LEh 8A0A(B BBBA d@8FBB E(K0D8D@ 8A0A(B BBBB L 8F0A(B BBBE d BBB L(D0D8G 8C0A(B BBBF  8J0A(B BBBE Tp hlD|heFEE E(H0H8G@n8A0A(B BBB"l*9>l4CHRW\afkp %uMhkkkkckkkk`kkkclkk Vkkkzk+kk0lk)kkRnvk:kk9lkkmk:kkClkkkOlkkk[lkkksk:kkildkkkplkkkwlkkklkklkkklmkkklkkklkkklzkkkByk0kld8kklrkkklk`kllkkllkkmkkkmkkkfkkmikkkmpkk!mwkkk&mokkkAmkk:mkk?mkkkFmkkNmkkZmkkbmkknmlkkk kkk kkk kkk kklk kkMk kkk kk kk kk1 kkn kkb kkl mrl kl kltk kkMk kk kku kk} kki kk.l8 kkHf8 kkRk kkM kk^ kkb kkd kkc kkr kk kkk 0kmdkkkmcm@kkmnk@kkmg@kkmfkhkmtkkikkmpkmk nckknrknTl!nk6nsk@kJnakkkZntkkkmnkkxnkknkknkkknkkknkkknkkknkkknkkknkkknkkknkkknkkknkkknkkkokkk"okkk=olkkGoQokk_okkkeokkkkokkkookkkuokkkyokkk}okkkokkkokkkook kkookokoohkY|\lppkkpQo8.p1pk9pkUpkxk^pkkhptpppkpkppkXkpkkpppppq-8 qtu8#8q%qk (6q9qCqpkNqZqlqP}qqqqkkqlqq qqlqqQo@qql rrlr{l  $r.rlxX#r'rlq:rl`Ir.rlxMrQrld0IrZrlqzfrurrl rrkr6qrk6qrrk kslX( sskk's4sk `6qBsMsjsk ktskP kssFks6qskx 6qsk 6qsk 6qs Asnk ` kstt t+t;tl' ` LtRtctk 6qutt t ttt(Xtttk ktt 0ttt uuuk 0k!u)uk k2u;uk kEukX6qYunk Pkluok k}uuk kuuk kuuk P6quvl xr+vAvl rVvk@kpvk6qvvk kvvk kvvk kvvk kv wk 6qw*wk 6q=wSwk 6qkw}wk 6qwwk 6qwwk kwwk  6qxxk p k:xBxk kKxSxk `!k\xhxk "kux~xk "kxxk X#kxxk $6qxxl $xxQo &xcztzQo@ 8'qxl (xxl' )LtyyQo *%y)y:yQo +%yLyZyQo ,iylyyQo@ -yyyQo .yyyl2 /yyyld (1yyyl H2 z zzl 3-z4zFzl (5Zz_zozQo@ 6qzH8zz9zz0:zzk:6q{l@;2z{p<({1{QoP<.pE{k(=6qX{k=kk{k >k{l>{{lH?q{l@{k(Ak{Wkk{ekk{{k kk||l kk|.|k kk>|H|kkkS|\la|x|~nu|XB|||cl B r||C||XD||DG|l0Gr}kGk}kGk!}kHIk7} JE}U}JE}e}JhKw}K}}l}}}K}}Ll}HLm}}kLk ~~(M.~6~E~M.~V~h~M.~|~~aXN~~lNq~l<OqskPOk~~k O6q~k P6q~~lPxk (Q6q'<k pQ6q"Rk kkQwk Q6q\wk hR6qx#xk R6quk 6qk @S6qkkkkkkkkkkkkk+kkkCRk kkckS6q|kkkSxVWW}q΀Xq߀XXpYYYYY ,x[,2]<IS6q]jr`_`a bbҁb܁`deeUp hkhkkkktkkskkkkkkskkkNqkkCkkkQokklkklkkYukkkxkkkvkkk2ukkkvkkkukkkqQokkqkkqlkkpkkp yPHX0p8p (ǂЂ@قtpPl ( hp"x"o0px n  # ooHoook`#`pб 0@P`pв 0@P`pг 0@P`pд 0@P`pе 0@P`pж 0@P`pз 0@P`pи 0@P`pй 0@P`pк 0@P`p"dGA$3a1(? GA$3p1113 GA*GA$annobin gcc 8.5.0 20210514GA$plugin name: gcc-annobinGA$running gcc 8.5.0 20210514GA*GA! GA*FORTIFYGA+GLIBCXX_ASSERTIONS GA*GOW*GA*cf_protectionGA+omit_frame_pointerGA+stack_clashGA!stack_realignGA* SGA$3a1@u GA$3p1113TeGA*GA$annobin gcc 8.5.0 20210514GA$plugin name: gcc-annobinGA$running gcc 8.5.0 20210514GA*GA! GA*FORTIFYGA+GLIBCXX_ASSERTIONSGA*cf_protectionGA+omit_frame_pointerGA+stack_clashGA!stack_realign GA*GOW*TɟGA*T`GA*`GA*oe GA*GOW*e GA*FORTIFYUGA+GLIBCXX_ASSERTIONS GA*FORTIFYTGA+GLIBCXX_ASSERTIONSsigtool-1.0.8-1.el8.x86_64.debug_7zXZִF!t/O]?Eh=ڊ2N)p3ZR&!UcBb> #2p QWr`.<37QC=E.qҥZf-D jj>@!&6A!fst:nHTn9J}RSh!wkmy:D4)ZlQR)Ct2m2۷NH.8t-wѸ#Xv+PUC.tEqVM%,j Bސ-j |~c S Az:6h$\A5?u)m&XmT9@j/2sĹP 5bT f{R~;4v<\glBPcLuԙEc%v#ffCuAEd6c M{퍢:U$=Up=SӤ~mӷ sT |I9,PXu?.']) )~h3e[{?xu 3٧\న#Num o|b_EH)9=ї\'H{I[p)6 *ɺeeMkmG$ٖ7(#M"c8D.lǹZS^d!7rXd)ZsL!8dtZ{FAi›ΐ{E3QdcD9x$ED׻i2|6-\G3ÔYi_hk6~,dcDϴ 'B8A9B?0/:1gJhd*VQkvX^6UPZjQuU%̓_OF,'&am\½Q [EsAaolh7Y= իXS |4hr8.gWS_$ |- ŐWV }e__;H*`}EMw`&q!pi۴1tEdj'33QGO%[(-jhPp'pȗR_\aćqvc1 )r[>m6&nmDSb8"XRֵ5rf$"5 W4|>Yco@,, ;3L7~⩝ٶ'd9,9EV/_C42lJӞ.3 Ӕ+?ZrZ{z;g@ wrzD2|j7V\ OANr)n3&6g gg%Szû;alװ([Y 7Qe j[!}Vۛt#\gE:~X%y,]O+wި gAz| λ^b޹<a0Ch.FJ1aQ2ʍZ$K AIw*%TtA|{SV`lEdebQEvΪ8۩ٮj'FDn}b>%1 0[NgYZ.shstrtab.interp.note.gnu.property.note.ABI-tag.note.gnu.build-id.gnu.hash.dynsym.dynstr.gnu.version.gnu.version_r.rela.dyn.rela.plt.init.plt.sec.text.fini.rodata.eh_frame_hdr.eh_frame.init_array.fini_array.data.rel.ro.dynamic.got.data.bss.gnu.build.attributes.gnu_debuglink.gnu_debugdata  & 4$Go00HQ xxYppnaojnoHHp}B((PPp `  Ehh hp"px"x"` `#`  # #  #   c 0 P(/x8>