ls_quarantine.pm: fetchrow_hashref error

kiddinn / log2timeline

Automatically exported from code.google.com/p/log2timeline

GNU General Public License v3.0

0 stars 3 forks source link

ls_quarantine.pm: fetchrow_hashref error #15

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago

When i run:
log2timeline -r -z Europe/Rome /mnt/c -m C: -w log2t.csv

i've got this error:
[LOG2T] Error while parsing: 
/mnt/c/Windows/System32/DriverStore/FileRepository/prnhp004.inf_amd64_neutral_53
f688945cfc24cc/Amd64/hpc5300t.vdf error given: Can't call method 
"fetchrow_hashref" on an undefined value at 
/usr/local/share/perl/5.12.4/Log2t/input/ls_quarantine.pm line 136.

I'm using log2timeline 0.65 under lubuntu linux 11.10

Original issue reported on code.google.com by blackmoo...@gmail.com on 16 Nov 2012 at 12:48

GoogleCodeExporter commented 9 years ago

ls_quarantine is not an winxp module.

try to add -f winxp (or win7, winsrv) in your log2timeline command.

Original comment by marco.dm...@gmail.com on 23 Nov 2012 at 12:09

GoogleCodeExporter commented 9 years ago

This is still a "weird" error since this file is definitely not a LS_Quarantine 
database, yet the code you point to is inside the get_time function that is 
only called after verifying the database. (and it is actually after few steps 
of verification and processing).

Is there any change to provide this file to me as a mean of testing it?

Can  you run "file" against it?

file 
/mnt/c/Windows/System32/DriverStore/FileRepository/prnhp004.inf_amd64_neutral_53
f688945cfc24cc/Amd64/hpc5300t.vdf 

?

Original comment by ki...@kiddaland.net on 25 Nov 2012 at 3:54

Changed state: Accepted