Forum Thread: Adobe Reader - Yes and No

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Adobe Systems
And, this specific program:
Adobe Reader 9.x

This thread has been marked as locked.
royharv Adobe Reader - Yes and No
Member 13th Mar, 2010 18:42
Ranking: 5
Posts: 4
User Since: 13th Mar, 2010
System Score: N/A
Location: US
I am running Secunia PSI v1.5.0.0 on Windows XP latest service pack and patches. Adobe Reader is the latest version; the About shows version 9.3.1. Running the Check for Update feature internal to Adobe Reader says there are no updates.

Ever time I run a PSI scan one program shows up as Insecure: Adobe Reader 9.x. To be specific:

Version Detected:
9.1.2.82 <---NOTE THIS

Installation Path:
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe

Last Inspection of Program:
13th Mar. 2010, 18:14 CET

Checking the Properties for this file finds:
File Version 9.3.0.148
Size 341 KB (349,616 bytes)

However, if within the entry for Adobe Reader on the Insecure tab I click on the "Re-scan program" button I am congratulated for removing a security threat. Note that I did nothing to remove anything, all I did was scan and re-scan. Under the Patched tab the entry for Adobe Reader 9.x shows the same Installation Path as above, BUT
Version Detected is 9.3.1.203 <---CHANGED BY THE RESCAN!!!


This is repeatable. Every time I scan it shows as insecure, every time I use the re-scan it says it has been fixed.

Not a huge problem but I thought it should be reported.

Thanks for providing such a valuable tool!

Roy Harvey
Beacon Falls, CT

This user no longer exists RE: Adobe Reader - Yes and No
Member 15th Mar, 2010 09:03
Last edited on 15th Mar, 2010 09:04 Hi,

Please rescan now. Does the problem still occur? If so, could you please provide us with a debug log?

You can get a debug log by following these steps:
1) Close the secunia PSI, by right-clicking the tray icon and choosing "Quit"
2) Open the command prompt, from Start > Run, and enter "cmd"
3) Now enter the this exactly (It has to be exact, so copying-and pasting is a good idea.):
cd "C:\Program Files\Secunia\PSI\"
The hit enter. Now enter:
psi.exe --verbose --debug secunia.txt
and hit enter. Please make a full scan with the PSI, including the re-scan that corrects the problem.

Then please send us the files "secunia.txt" @ support@secunia.com
Hope this helps.
Was this reply relevant?
+0
-0
royharv RE: Adobe Reader - Yes and No
Member 15th Mar, 2010 12:36
Score: 5
Posts: 4
User Since: 13th Mar 2010
System Score: N/A
Location: US
I followed your instructions. The problem continues. I am pasting the data from secunia.txt below. If you have some other way you want me to send it please let me know.

Thanks!

Roy Harvey
Beacon Falls, CT

[03/15 07:22:55.318] Scanning file: 'C:\Program Files\Secunia\PSI\psi.exe'
[03/15 07:22:55.318] Scanning PE header for file: C:\Program Files\Secunia\PSI\psi.exe
[03/15 07:22:55.318] Offset=248
[03/15 07:22:55.334] Timestamp: 0x4a41e7dc
[03/15 07:22:55.350] Machine : 0x014c
[03/15 07:22:55.350] Secunia PSI 1.5.0.0 starting
[03/15 07:22:55.350] WOW64 : 0
[03/15 07:22:55.584] Checking in with server (psi.secunia.com)
[03/15 07:22:55.600] Connecting to psi.secunia.com:443
[03/15 07:22:55.600] GET /psi_api/1500/?type=agent_check&agent_version=1.5. 0.0&tz=14400&fm=0x00000000&uid=ZROKYV5fch6f92a600c 5f173bd1e93e615e03dc3ef3cd3c396&ui=agent&langroup= WORKGROUP&host=PEREGRINE
[03/15 07:23:54.272] Connecting to psi.secunia.com:443
[03/15 07:23:54.272] Downloading software inspection rules from Secunia
[03/15 07:23:54.272] GET /psi_api/1500/?type=rules&uid=ZROKYV5fch6f92a600c5 f173bd1e93e615e03dc3ef3cd3c396&ui=agent&langroup=W ORKGROUP&host=PEREGRINE
[03/15 07:23:56.834] Initializing Filesystem Inspector
[03/15 07:23:56.834] File Inspector initialized
[03/15 07:23:56.834] Connecting to psi.secunia.com:443
[03/15 07:23:56.834] Scanning files
[03/15 07:23:56.850] GET /psi_api/1500/?type=host_check&agent_version=1.5.0 .0&langroup=WORKGROUP&host=PEREGRINE&uid=ZROKYV5fc h6f92a600c5f173bd1e93e615e03dc3ef3cd3c396&ui=agent
[03/15 07:23:56.834] Initializing Windows Update Inspector
[03/15 07:23:56.850] Checking for available Windows Updates
[03/15 07:23:57.600] Initializing Filesystem Inspector
[03/15 07:23:57.615] Drive "A:\" skipped (type=2)
[03/15 07:23:57.615] Added "C:\" to search list
[03/15 07:23:57.615] Drive "D:\" skipped (type=5)
[03/15 07:23:57.615] Added "E:\" to search list
[03/15 07:23:57.615] Drive "F:\" skipped (type=2)
[03/15 07:23:58.131] No results to submit
[03/15 07:23:58.600]
#4000(N)()
#4001(S)(5)
#5019(S)()
#5007(S)()
#4002(S)()
#5101(S)(249)
#10000(S)()
#4003(S)()
#5017(S)()
[03/15 07:24:57.147] Initializing Filesystem Inspector
[03/15 07:24:57.147] File Inspector initialized
[03/15 07:24:57.147] Scanning files
[03/15 07:24:57.178] No results to submit
[03/15 07:24:57.600]
#4000(N)()
#4001(S)(5)
#5007(S)()
#4002(S)()
#5101(S)(249)
#10000(S)()
#4003(S)()
#5017(S)()
[03/15 07:25:58.209] Initializing Filesystem Inspector
[03/15 07:25:58.225] File Inspector initialized
[03/15 07:25:58.225] Scanning files
[03/15 07:25:58.318] No results to submit
[03/15 07:25:58.600]
#4000(N)()
#4001(S)(5)
#5007(S)()
#4002(S)()
#5101(S)(249)
#10000(S)()
#4003(S)()
#5017(S)()
[03/15 07:26:59.240] Initializing Filesystem Inspector
[03/15 07:26:59.303] File Inspector initialized
[03/15 07:26:59.303] Scanning files
[03/15 07:26:59.334] No results to submit
[03/15 07:26:59.600]
#4000(N)()
#4001(S)(5)
#5007(S)()
#4002(S)()
#5101(S)(249)
#10000(S)()
#4003(S)()
#5017(S)()
[03/15 07:27:09.053] Generating results
[03/15 07:28:00.287] Initializing Filesystem Inspector
[03/15 07:28:00.287] File Inspector initialized
[03/15 07:28:00.287] Scanning files
[03/15 07:28:00.303] No results to submit
[03/15 07:28:00.600]
#4000(N)()
#4001(S)(5)
#5007(S)()
#4002(S)()
#5101(S)(249)
#10000(S)()
#4003(S)()
#5017(S)()
[03/15 07:29:01.084] Initializing Filesystem Inspector
[03/15 07:29:01.084] File Inspector initialized
[03/15 07:29:01.084] Scanning files
[03/15 07:29:01.115] No results to submit
[03/15 07:29:01.397]
#4000(N)()
#4001(S)(5)
#5007(S)()
#4002(S)()
#5101(S)(249)
#10000(S)()
#4003(S)()
#5017(S)()
[03/15 07:29:57.772] File Inspector initialized
[03/15 07:29:57.772] Initializing Windows Version Inspector
[03/15 07:29:57.772] Initializing Windows Registry Inspector
[03/15 07:29:57.772] Scanning files
[03/15 07:29:57.772] Scanning file: 'C:\Documents and Settings\Roy\Application Data\kompozer.net\KompoZer\Profiles\fbkkrvol.defau lt\extensions\{972ce4c6-7e08-4474-a285-3208198ce6f d}\install.rdf'
[03/15 07:29:57.787] Scanning file: 'C:\Documents and Settings\Roy\Application Data\Microsoft\Installer\{6AE22174-4FFA-4572-B692- 31F0C386ED38}\ARPPRODUCTICON.exe'
[03/15 07:29:57.803] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Application Data\Microsoft\Installer\{6AE22174-4FFA-4572-B692- 31F0C386ED38}\ARPPRODUCTICON.exe
[03/15 07:29:57.818] Invalid magic number: 0x0000
[03/15 07:29:57.818] Scanning file: 'C:\Documents and Settings\Roy\Application Data\Microsoft\Installer\{7D95B533-4BA1-4EED-8096- EFCB6DD6B95F}\ARPPRODUCTICON.exe'
[03/15 07:29:57.818] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Application Data\Microsoft\Installer\{7D95B533-4BA1-4EED-8096- EFCB6DD6B95F}\ARPPRODUCTICON.exe
[03/15 07:29:57.850] Invalid magic number: 0x0000
[03/15 07:29:57.850] Scanning file: 'C:\Documents and Settings\Roy\Application Data\Microsoft\Installer\{89DE67AD-08B8-4699-A55D- CA5C0AF82BF3}\ARPPRODUCTICON.exe'
[03/15 07:29:57.850] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Application Data\Microsoft\Installer\{89DE67AD-08B8-4699-A55D- CA5C0AF82BF3}\ARPPRODUCTICON.exe
[03/15 07:29:57.881] Invalid magic number: 0x0000
[03/15 07:29:57.881] Scanning file: 'C:\Documents and Settings\Roy\Application Data\Microsoft\Installer\{C941F1F1-25B3-4DF5-83E6- 888C51A1AAB6}\ARPPRODUCTICON.exe'
[03/15 07:29:57.881] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Application Data\Microsoft\Installer\{C941F1F1-25B3-4DF5-83E6- 888C51A1AAB6}\ARPPRODUCTICON.exe
[03/15 07:29:57.912] Invalid magic number: 0x0000
[03/15 07:29:57.912] Scanning file: 'C:\Documents and Settings\Roy\Application Data\Move Networks\ie_bin\Uninst.exe'
[03/15 07:29:57.912] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Application Data\Move Networks\ie_bin\Uninst.exe
[03/15 07:29:57.943] Offset=216
[03/15 07:29:57.943] Timestamp: 0x4669ceba
[03/15 07:29:57.943] Machine : 0x014c
[03/15 07:29:57.943] Scanning file: 'C:\Documents and Settings\Roy\Application Data\Mozilla\Firefox\Profiles\tagf1j8h.default\ext ensions\moveplayer@movenetworks.com\install.rdf'
[03/15 07:29:57.990] Scanning file: 'C:\Documents and Settings\Roy\Application Data\Mozilla\Firefox\Profiles\tagf1j8h.default\ext ensions\{20a82645-c095-46ed-80e3-08825760534b}\ins tall.rdf'
[03/15 07:29:58.022] Scanning file: 'C:\Documents and Settings\Roy\Application Data\Mozilla\Firefox\Profiles\tagf1j8h.default\ext ensions\{9458ca25-39fd-4ba8-9520-acc5c0d877b6}\ins tall.rdf'
[03/15 07:29:58.084] Scanning file: 'C:\Documents and Settings\Roy\Application Data\Mozilla\Firefox\Profiles\tagf1j8h.default\ext ensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\ins tall.rdf'
[03/15 07:29:58.131] Scanning file: 'C:\Documents and Settings\Roy\Application Data\Nvu\Profiles\xp6zk7wt.default\extensions\{972 ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf'
[03/15 07:29:58.162] Scanning file: 'C:\Documents and Settings\Roy\Application Data\Real\RealPlayer\setup\setup.exe'
[03/15 07:29:58.162] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Application Data\Real\RealPlayer\setup\setup.exe
[03/15 07:29:58.256] Offset=256
[03/15 07:29:58.256] Timestamp: 0x46a032f8
[03/15 07:29:58.256] Machine : 0x014c
[03/15 07:29:58.272] Scanning file: 'C:\Documents and Settings\Roy\Application Data\Sun\Java\Deployment\cache\6.0\15\58fb3e0f-5b3 236f4-n\msvcr71.dll'
[03/15 07:29:58.272] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Application Data\Sun\Java\Deployment\cache\6.0\15\58fb3e0f-5b3 236f4-n\msvcr71.dll
[03/15 07:29:58.303] Offset=240
[03/15 07:29:58.303] Timestamp: 0x44b451e8
[03/15 07:29:58.303] Machine : 0x014c
[03/15 07:29:58.303] Scanning file: 'C:\Documents and Settings\Roy\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-450 7febb-n\msvcr71.dll'
[03/15 07:29:58.303] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-450 7febb-n\msvcr71.dll
[03/15 07:29:58.318] Offset=240
[03/15 07:29:58.318] Timestamp: 0x3e561eac
[03/15 07:29:58.334] Machine : 0x014c
[03/15 07:29:58.334] Scanning file: 'C:\Documents and Settings\Roy\Application Data\Sun\Java\Deployment\cache\6.0\38\39ba6e6-2c1e aa53-n\msvcr71.dll'
[03/15 07:29:58.334] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Application Data\Sun\Java\Deployment\cache\6.0\38\39ba6e6-2c1e aa53-n\msvcr71.dll
[03/15 07:29:58.350] Offset=240
[03/15 07:29:58.350] Timestamp: 0x44b451e8
[03/15 07:29:58.350] Machine : 0x014c
[03/15 07:29:58.350] Scanning file: 'C:\Documents and Settings\Roy\Application Data\Sun\Java\Deployment\cache\6.0\54\1a209876-73e 2e8a5-n\msvcr71.dll'
[03/15 07:29:58.350] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Application Data\Sun\Java\Deployment\cache\6.0\54\1a209876-73e 2e8a5-n\msvcr71.dll
[03/15 07:29:58.443] Offset=240
[03/15 07:29:58.443] Timestamp: 0x44b451e8
[03/15 07:29:58.443] Machine : 0x014c
[03/15 07:29:58.443] Scanning file: 'C:\Documents and Settings\Roy\Application Data\U3\temp\cleanup.exe'
[03/15 07:29:58.443] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Application Data\U3\temp\cleanup.exe
[03/15 07:29:58.459] Offset=248
[03/15 07:29:58.459] Timestamp: 0x42a40741
[03/15 07:29:58.459] Machine : 0x014c
[03/15 07:29:58.459] Scanning file: 'C:\Documents and Settings\Roy\Local Settings\Temp\094298AAD5554A51A8D5B0E9352EC85A\msv cr71.dll'
[03/15 07:29:58.459] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Local Settings\Temp\094298AAD5554A51A8D5B0E9352EC85A\msv cr71.dll
[03/15 07:29:58.490] Offset=240
[03/15 07:29:58.490] Timestamp: 0x3e561eac
[03/15 07:29:58.490] Machine : 0x014c
[03/15 07:29:58.490] Scanning file: 'C:\Documents and Settings\Roy\Local Settings\Temp\AIR4C1B.tmp\Adobe AIR\Versions\1.0\Adobe AIR.dll'
[03/15 07:29:58.490] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Local Settings\Temp\AIR4C1B.tmp\Adobe AIR\Versions\1.0\Adobe AIR.dll
[03/15 07:29:58.615] Offset=264
[03/15 07:29:58.615] Timestamp: 0x49947992
[03/15 07:29:58.631] Machine : 0x014c
[03/15 07:29:58.631] Scanning file: 'C:\Documents and Settings\Roy\Local Settings\Temp\AIR4C1B.tmp\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll'
[03/15 07:29:58.631] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Local Settings\Temp\AIR4C1B.tmp\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
[03/15 07:29:58.740] Offset=264
[03/15 07:29:58.740] Timestamp: 0x4987a8b1
[03/15 07:29:58.740] Machine : 0x014c
[03/15 07:29:58.740] Scanning file: 'C:\Documents and Settings\Roy\Local Settings\Temp\AIR53F3.tmp\Adobe AIR\Versions\1.0\Adobe AIR.dll'
[03/15 07:29:58.740] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Local Settings\Temp\AIR53F3.tmp\Adobe AIR\Versions\1.0\Adobe AIR.dll
[03/15 07:29:59.068] Offset=264
[03/15 07:29:59.068] Timestamp: 0x4a6614da
[03/15 07:29:59.068] Machine : 0x014c
[03/15 07:29:59.068] Scanning file: 'C:\Documents and Settings\Roy\Local Settings\Temp\AIR53F3.tmp\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll'
[03/15 07:29:59.068] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Local Settings\Temp\AIR53F3.tmp\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
[03/15 07:29:59.178] Offset=256
[03/15 07:29:59.178] Timestamp: 0x4a613f8d
[03/15 07:29:59.178] Machine : 0x014c
[03/15 07:29:59.178] Scanning file: 'C:\Documents and Settings\Roy\Local Settings\Temp\AIRE51.tmp\Adobe AIR\Versions\1.0\Adobe AIR.dll'
[03/15 07:29:59.178] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Local Settings\Temp\AIRE51.tmp\Adobe AIR\Versions\1.0\Adobe AIR.dll
[03/15 07:29:59.303] Offset=272
[03/15 07:29:59.303] Timestamp: 0x49080d62
[03/15 07:29:59.303] Machine : 0x014c
[03/15 07:29:59.303] Scanning file: 'C:\Documents and Settings\Roy\Local Settings\Temp\AIRE51.tmp\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll'
[03/15 07:29:59.303] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Local Settings\Temp\AIRE51.tmp\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
[03/15 07:29:59.397] Offset=256
[03/15 07:29:59.397] Timestamp: 0x4904a6a0
[03/15 07:29:59.397] Machine : 0x014c
[03/15 07:29:59.397] Scanning file: 'C:\Documents and Settings\Roy\Local Settings\Temp\{BB55687D-7EB4-4C8A-8C47-BF87C0CF24F B}\{57217148-69B8-48D8-B517-77AA6415C2D3}\RevoUnin staller.exe'
[03/15 07:29:59.412] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\Local Settings\Temp\{BB55687D-7EB4-4C8A-8C47-BF87C0CF24F B}\{57217148-69B8-48D8-B517-77AA6415C2D3}\RevoUnin staller.exe
[03/15 07:29:59.428] Offset=232
[03/15 07:29:59.428] Timestamp: 0x47dfc3a9
[03/15 07:29:59.428] Machine : 0x014c
[03/15 07:29:59.428] Scanning file: 'C:\Documents and Settings\Roy\My Documents\AGENT\agent.exe'
[03/15 07:29:59.428] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\AGENT\agent.exe
[03/15 07:29:59.428] Offset=256
[03/15 07:29:59.428] Timestamp: 0xbe002d03
[03/15 07:29:59.428] Machine : 0x014c
[03/15 07:29:59.443] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Bootable CD Project\WinImage\winimage.exe'
[03/15 07:29:59.443] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Bootable CD Project\WinImage\winimage.exe
[03/15 07:29:59.490] Offset=296
[03/15 07:29:59.490] Timestamp: 0x43527a88
[03/15 07:29:59.490] Machine : 0x014c
[03/15 07:29:59.490] Scanning file: 'C:\Documents and Settings\Roy\My Documents\COA\Database\setup\SETUP.EXE'
[03/15 07:29:59.490] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\COA\Database\setup\SETUP.EXE
[03/15 07:29:59.522] Offset=128
[03/15 07:29:59.522] Timestamp: 0x32766e71
[03/15 07:29:59.522] Machine : 0x014c
[03/15 07:29:59.522] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\AvidFreeDV_1.6.1\Installers\Avi dFreeDV\Disk1\setup.exe'
[03/15 07:29:59.522] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\AvidFreeDV_1.6.1\Installers\Avi dFreeDV\Disk1\setup.exe
[03/15 07:29:59.553] Offset=232
[03/15 07:29:59.553] Timestamp: 0x3deba70f
[03/15 07:29:59.553] Machine : 0x014c
[03/15 07:29:59.553] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\AvidFreeDV_1.6.1\Launch.exe'
[03/15 07:29:59.553] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\AvidFreeDV_1.6.1\Launch.exe
[03/15 07:29:59.568] Offset=232
[03/15 07:29:59.568] Timestamp: 0x3bf17925
[03/15 07:29:59.568] Machine : 0x014c
[03/15 07:29:59.568] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\Compare2\setup.exe'
[03/15 07:29:59.584] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\Compare2\setup.exe
[03/15 07:29:59.600] Offset=184
[03/15 07:29:59.600] Timestamp: 0x38ce7d66
[03/15 07:29:59.600] Machine : 0x014c
[03/15 07:29:59.600] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\converter.exe'
[03/15 07:29:59.600] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\converter.exe
[03/15 07:29:59.709] Offset=200
[03/15 07:29:59.709] Timestamp: 0x3a5b1b81
[03/15 07:29:59.709] Machine : 0x014c
[03/15 07:29:59.725] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\FarCry\setup.exe'
[03/15 07:29:59.725] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\FarCry\setup.exe
[03/15 07:30:00.225] Offset=264
[03/15 07:30:00.225] Timestamp: 0x3e95e74e
[03/15 07:30:00.225] Machine : 0x014c
[03/15 07:30:00.225] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\FromDura\XDOS\InfoTool.exe'
[03/15 07:30:00.240] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\FromDura\XDOS\InfoTool.exe
[03/15 07:30:00.256] Offset=232
[03/15 07:30:00.256] Timestamp: 0x3c1e0044
[03/15 07:30:00.256] Machine : 0x014c
[03/15 07:30:00.256] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\FromDura\XDOS\nistime-32bit.exe '
[03/15 07:30:00.256] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\FromDura\XDOS\nistime-32bit.exe
[03/15 07:30:00.272] Offset=256
[03/15 07:30:00.272] Timestamp: 0x422928b0
[03/15 07:30:00.272] Machine : 0x014c
[03/15 07:30:00.272] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\FromDura\XDOS\WNBROWSE.EXE'
[03/15 07:30:00.287] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\FromDura\XDOS\WNBROWSE.EXE
[03/15 07:30:00.287] Offset=592
[03/15 07:30:00.287] Invalid signature : 0x454e
[03/15 07:30:00.287] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\GenuineCheck.exe'
[03/15 07:30:00.303] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\GenuineCheck.exe
[03/15 07:30:00.350] Offset=280
[03/15 07:30:00.350] Timestamp: 0x470af2bc
[03/15 07:30:00.350] Machine : 0x014c
[03/15 07:30:00.350] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\MpegShcnitt071\Mpeg2Schnitt.exe '
[03/15 07:30:00.350] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\MpegShcnitt071\Mpeg2Schnitt.exe
[03/15 07:30:00.381] Offset=256
[03/15 07:30:00.397] Timestamp: 0x2a425e19
[03/15 07:30:00.397] Machine : 0x014c
[03/15 07:30:00.397] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\NHDBCompare\Setup.Exe'
[03/15 07:30:00.397] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\NHDBCompare\Setup.Exe
[03/15 07:30:00.412] Offset=256
[03/15 07:30:00.412] Timestamp: 0x3e77fa1a
[03/15 07:30:00.412] Machine : 0x014c
[03/15 07:30:00.412] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\nistime-32bit.exe'
[03/15 07:30:00.412] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\nistime-32bit.exe
[03/15 07:30:00.443] Offset=256
[03/15 07:30:00.443] Timestamp: 0x453d3734
[03/15 07:30:00.443] Machine : 0x014c
[03/15 07:30:00.443] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\Old Download\GenuineCheck.exe'
[03/15 07:30:00.443] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\Old Download\GenuineCheck.exe
[03/15 07:30:00.459] Offset=272
[03/15 07:30:00.459] Timestamp: 0x4195087c
[03/15 07:30:00.459] Machine : 0x014c
[03/15 07:30:00.475] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\Old Download\GoogleEarth.exe'
[03/15 07:30:00.475] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\Old Download\GoogleEarth.exe
[03/15 07:30:00.631] Offset=232
[03/15 07:30:00.631] Timestamp: 0x424219de
[03/15 07:30:00.631] Machine : 0x014c
[03/15 07:30:00.631] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\Old Download\Mpeg2Schnitt.exe'
[03/15 07:30:00.631] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\Old Download\Mpeg2Schnitt.exe
[03/15 07:30:00.678] Offset=256
[03/15 07:30:00.678] Timestamp: 0x2a425e19
[03/15 07:30:00.678] Machine : 0x014c
[03/15 07:30:00.678] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\Old Download\nistime-32bit.exe'
[03/15 07:30:00.678] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\Old Download\nistime-32bit.exe
[03/15 07:30:00.709] Offset=256
[03/15 07:30:00.709] Timestamp: 0x50512d44
[03/15 07:30:00.709] Machine : 0x014c
[03/15 07:30:00.709] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\Old Download\shootthemessenger.exe'
[03/15 07:30:00.709] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\Old Download\shootthemessenger.exe
[03/15 07:30:00.756] Offset=208
[03/15 07:30:00.772] Timestamp: 0x3eaa9d15
[03/15 07:30:00.772] Machine : 0x014c
[03/15 07:30:00.772] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\Old Download\update.exe'
[03/15 07:30:00.772] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\Old Download\update.exe
[03/15 07:30:01.100] Offset=208
[03/15 07:30:01.100] Timestamp: 0x3bd86c3f
[03/15 07:30:01.100] Machine : 0x014c
[03/15 07:30:01.100] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\ProcessExplorer\_._\procexp.exe '
[03/15 07:30:01.100] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\ProcessExplorer\_._\procexp.exe
[03/15 07:30:01.178] Offset=248
[03/15 07:30:01.178] Timestamp: 0x489a3355
[03/15 07:30:01.178] Machine : 0x014c
[03/15 07:30:01.178] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\pvas21015\gui\PVAStrumento.exe'
[03/15 07:30:01.178] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\pvas21015\gui\PVAStrumento.exe
[03/15 07:30:01.225] Offset=272
[03/15 07:30:01.225] Timestamp: 0x42aefcd3
[03/15 07:30:01.225] Machine : 0x014c
[03/15 07:30:01.225] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\setup.exe'
[03/15 07:30:01.225] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\setup.exe
[03/15 07:30:01.287] Offset=304
[03/15 07:30:01.287] Timestamp: 0x454280c5
[03/15 07:30:01.287] Machine : 0x014c
[03/15 07:30:01.287] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SQL Training\TNT1-150\TNT1-150\EULA.exe'
[03/15 07:30:01.287] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SQL Training\TNT1-150\TNT1-150\EULA.exe
[03/15 07:30:01.318] Offset=216
[03/15 07:30:01.318] Timestamp: 0x378d1580
[03/15 07:30:01.318] Machine : 0x014c
[03/15 07:30:01.318] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SQL Training\TNT1-150\TNT1-150_demo_1\EULA.exe'
[03/15 07:30:01.318] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SQL Training\TNT1-150\TNT1-150_demo_1\EULA.exe
[03/15 07:30:01.318] Offset=216
[03/15 07:30:01.318] Timestamp: 0x378d1580
[03/15 07:30:01.318] Machine : 0x014c
[03/15 07:30:01.318] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SQL Training\TNT1-150\TNT1-150_demo_2\EULA.exe'
[03/15 07:30:01.334] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SQL Training\TNT1-150\TNT1-150_demo_2\EULA.exe
[03/15 07:30:01.334] Offset=216
[03/15 07:30:01.334] Timestamp: 0x378d1580
[03/15 07:30:01.334] Machine : 0x014c
[03/15 07:30:01.334] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SQL Training\TNT1-150\TNT1-150_demo_3\EULA.exe'
[03/15 07:30:01.334] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SQL Training\TNT1-150\TNT1-150_demo_3\EULA.exe
[03/15 07:30:01.350] Offset=216
[03/15 07:30:01.350] Timestamp: 0x378d1580
[03/15 07:30:01.350] Machine : 0x014c
[03/15 07:30:01.350] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SQL Training\TNT1-150\TNT1-150_demo_4\EULA.exe'
[03/15 07:30:01.350] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SQL Training\TNT1-150\TNT1-150_demo_4\EULA.exe
[03/15 07:30:01.365] Offset=216
[03/15 07:30:01.365] Timestamp: 0x378d1580
[03/15 07:30:01.365] Machine : 0x014c
[03/15 07:30:01.365] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SQL Training\TNT1-150\TNT1-150_demo_5\EULA.exe'
[03/15 07:30:01.365] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SQL Training\TNT1-150\TNT1-150_demo_5\EULA.exe
[03/15 07:30:01.381] Offset=216
[03/15 07:30:01.381] Timestamp: 0x378d1580
[03/15 07:30:01.381] Machine : 0x014c
[03/15 07:30:01.381] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\binn\console.exe'
[03/15 07:30:01.397] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\binn\console.exe
[03/15 07:30:01.412] Offset=232
[03/15 07:30:01.412] Timestamp: 0x42785e11
[03/15 07:30:01.412] Machine : 0x014c
[03/15 07:30:01.412] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\binn\isql.exe'
[03/15 07:30:01.412] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\binn\isql.exe
[03/15 07:30:01.428] Offset=240
[03/15 07:30:01.428] Timestamp: 0x42784fac
[03/15 07:30:01.428] Machine : 0x014c
[03/15 07:30:01.428] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\binn\snapshot.exe'
[03/15 07:30:01.428] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\binn\snapshot.exe
[03/15 07:30:01.443] Offset=264
[03/15 07:30:01.443] Timestamp: 0x427856ce
[03/15 07:30:01.443] Machine : 0x014c
[03/15 07:30:01.443] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\binn\sqlservr.exe'
[03/15 07:30:01.443] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\binn\sqlservr.exe
[03/15 07:30:01.662] Offset=272
[03/15 07:30:01.662] Timestamp: 0x42787327
[03/15 07:30:01.662] Machine : 0x014c
[03/15 07:30:01.662] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\binn\vswitch.exe'
[03/15 07:30:01.662] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\binn\vswitch.exe
[03/15 07:30:01.693] Offset=256
[03/15 07:30:01.693] Timestamp: 0x42785c88
[03/15 07:30:01.693] Machine : 0x014c
[03/15 07:30:01.693] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\setup\msvcr71.dll'
[03/15 07:30:01.693] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\setup\msvcr71.dll
[03/15 07:30:01.709] Offset=240
[03/15 07:30:01.709] Timestamp: 0x3e561eac
[03/15 07:30:01.725] Machine : 0x014c
[03/15 07:30:01.725] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\system\msvcr71.dll '
[03/15 07:30:01.725] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\system\msvcr71.dll
[03/15 07:30:01.740] Offset=240
[03/15 07:30:01.740] Timestamp: 0x3e561eac
[03/15 07:30:01.740] Machine : 0x014c
[03/15 07:30:01.740] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\system\win9x\atl71 .dll'
[03/15 07:30:01.740] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\system\win9x\atl71 .dll
[03/15 07:30:01.787] Offset=264
[03/15 07:30:01.803] Timestamp: 0x3e77de95
[03/15 07:30:01.803] Machine : 0x014c
[03/15 07:30:01.803] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\system\winnt\atl71 .dll'
[03/15 07:30:01.803] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SQL2KSP4\x86\system\winnt\atl71 .dll
[03/15 07:30:01.912] Offset=256
[03/15 07:30:01.912] Timestamp: 0x3e77de8c
[03/15 07:30:01.912] Machine : 0x014c
[03/15 07:30:01.912] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\SUPERAntiSpyware.exe'
[03/15 07:30:01.912] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\SUPERAntiSpyware.exe
[03/15 07:30:02.131] Initializing Filesystem Inspector
[03/15 07:30:02.131] File Inspector initialized
[03/15 07:30:02.131] Scanning files
[03/15 07:30:02.147] No results to submit
[03/15 07:30:02.162] Offset=232
[03/15 07:30:02.162] Timestamp: 0x4018a470
[03/15 07:30:02.162] Machine : 0x014c
[03/15 07:30:02.178] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\Tree\TreeSizeFree.exe'
[03/15 07:30:02.178] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\Tree\TreeSizeFree.exe
[03/15 07:30:02.334] Offset=256
[03/15 07:30:02.334] Timestamp: 0x48317a54
[03/15 07:30:02.334] Machine : 0x014c
[03/15 07:30:02.334] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\VirtualPC\setup.exe'
[03/15 07:30:02.365] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\VirtualPC\setup.exe
[03/15 07:30:02.381]
#4000(N)()
#4001(S)(5)
#5007(S)()
#4002(S)()
#5101(S)(249)
#10000(S)()
#4003(S)()
#5017(S)()
[03/15 07:30:02.381] Offset=224
[03/15 07:30:02.397] Timestamp: 0x45d8843b
[03/15 07:30:02.397] Machine : 0x014c
[03/15 07:30:02.397] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\WinAudit.exe'
[03/15 07:30:02.397] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\WinAudit.exe
[03/15 07:30:02.553] Offset=224
[03/15 07:30:02.568] Timestamp: 0x470a1ceb
[03/15 07:30:02.568] Machine : 0x014c
[03/15 07:30:02.568] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\WinZip\SETUP.EXE'
[03/15 07:30:02.568] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\WinZip\SETUP.EXE
[03/15 07:30:02.584] Offset=176
[03/15 07:30:02.584] Invalid signature : 0x454e
[03/15 07:30:02.584] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\WinZip\WIN16\SETUP.EXE'
[03/15 07:30:02.584] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\WinZip\WIN16\SETUP.EXE
[03/15 07:30:02.600] Offset=1024
[03/15 07:30:02.600] PE Header too far into file : 1024
[03/15 07:30:02.600] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\WinZip\WIN32\SETUP.EXE'
[03/15 07:30:02.600] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\WinZip\WIN32\SETUP.EXE
[03/15 07:30:02.615] Offset=176
[03/15 07:30:02.615] Timestamp: 0x36223d58
[03/15 07:30:02.615] Machine : 0x014c
[03/15 07:30:02.615] Scanning file: 'C:\Documents and Settings\Roy\My Documents\Download\Xcopy\Debug\Setup.Exe'
[03/15 07:30:02.615] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\Download\Xcopy\Debug\Setup.Exe
[03/15 07:30:02.647] Offset=256
[03/15 07:30:02.647] Timestamp: 0x3e77fa1a
[03/15 07:30:02.647] Machine : 0x014c
[03/15 07:30:02.647] Scanning file: 'C:\Documents and Settings\Roy\My Documents\IronPortable\Iron\gears.dll'
[03/15 07:30:02.647] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\IronPortable\Iron\gears.dll
[03/15 07:30:02.772] Offset=264
[03/15 07:30:02.772] Timestamp: 0x4a68b8d5
[03/15 07:30:02.772] Machine : 0x014c
[03/15 07:30:02.772] Scanning file: 'C:\Documents and Settings\Roy\My Documents\IronPortable\Iron\iron.exe'
[03/15 07:30:02.787] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\IronPortable\Iron\iron.exe
[03/15 07:30:02.818] Offset=256
[03/15 07:30:02.818] Timestamp: 0x4a7d6ef9
[03/15 07:30:02.818] Machine : 0x014c
[03/15 07:30:02.818] Scanning file: 'C:\Documents and Settings\Roy\My Documents\IronPortable\Iron\locales\de.dll'
[03/15 07:30:02.818] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\IronPortable\Iron\locales\de.dll
[03/15 07:30:02.850] Offset=184
[03/15 07:30:02.850] Timestamp: 0x4a805760
[03/15 07:30:02.850] Machine : 0x014c
[03/15 07:30:02.850] Scanning file: 'C:\Documents and Settings\Roy\My Documents\IronPortable\Iron\plugins\gears\gears.dl l'
[03/15 07:30:02.850] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\IronPortable\Iron\plugins\gears\gears.dl l
[03/15 07:30:02.928] Offset=256
[03/15 07:30:02.928] Timestamp: 0x494c2a21
[03/15 07:30:02.928] Machine : 0x014c
[03/15 07:30:02.928] Scanning file: 'C:\Documents and Settings\Roy\My Documents\KompoZer-0.8b1\components\chrome.dll'
[03/15 07:30:02.928] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\KompoZer-0.8b1\components\chrome.dll
[03/15 07:30:02.943] Offset=248
[03/15 07:30:02.943] Timestamp: 0x4a042c8a
[03/15 07:30:02.943] Machine : 0x014c
[03/15 07:30:02.959] Scanning file: 'C:\Documents and Settings\Roy\My Documents\KompoZer-0.8b1\defaults\profile\extensio ns\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install. rdf'
[03/15 07:30:02.975] Scanning file: 'C:\Documents and Settings\Roy\My Documents\KompoZer-0.8b1\kompozer.exe'
[03/15 07:30:02.975] Scanning PE header for file: \\.\C:\Documents and Settings\Roy\My Documents\KompoZer-0.8b1\kompozer.exe
[03/15 07:30:02.990] Offset=232
[03/15 07:30:02.990] Timestamp: 0x4ad197c8
[03/15 07:30:02.990] Machine : 0x014c
[03/15 07:30:03.006] Scanning file: 'C:\epson\epson10245\Setup.exe'
[03/15 07:30:03.006] Scanning PE header for file: \\.\C:\epson\epson10245\Setup.exe
[03/15 07:30:03.022] Offset=232
[03/15 07:30:03.022] Timestamp: 0x3ad4e8ae
[03/15 07:30:03.022] Machine : 0x014c
[03/15 07:30:03.022] Scanning file: 'C:\lexmark\win32drv\Install\setup.exe'
[03/15 07:30:03.022] Scanning PE header for file: \\.\C:\lexmark\win32drv\Install\setup.exe
[03/15 07:30:03.068] Offset=240
[03/15 07:30:03.084] Timestamp: 0x3d9485ab
[03/15 07:30:03.084] Machine : 0x014c
[03/15 07:30:03.084] Scanning file: 'C:\lexmark\win32drv\setup.exe'
[03/15 07:30:03.084] Scanning PE header for file: \\.\C:\lexmark\win32drv\setup.exe
[03/15 07:30:03.100] Offset=216
[03/15 07:30:03.100] Timestamp: 0x3d3c794e
[03/15 07:30:03.100] Machine : 0x014c
[03/15 07:30:03.100] Scanning file: 'C:\MGtools\grep.exe'
[03/15 07:30:03.100] Scanning PE header for file: \\.\C:\MGtools\grep.exe
[03/15 07:30:03.115] Offset=128
[03/15 07:30:03.115] Timestamp: 0x38a95b0a
[03/15 07:30:03.115] Machine : 0x014c
[03/15 07:30:03.115] Scanning file: 'C:\MGtools\Process.exe'
[03/15 07:30:03.115] Scanning PE header for file: \\.\C:\MGtools\Process.exe
[03/15 07:30:03.131] Offset=232
[03/15 07:30:03.131] Timestamp: 0x3edf2cf1
[03/15 07:30:03.131] Machine : 0x014c
[03/15 07:30:03.131] Scanning file: 'C:\MSOCache\All Users\{90120000-0021-0000-0000-0000000FF1CE}-C\set up.exe'
[03/15 07:30:03.131] Scanning PE header for file: \\.\C:\MSOCache\All Users\{90120000-0021-0000-0000-0000000FF1CE}-C\set up.exe
[03/15 07:30:03.162] Offset=304
[03/15 07:30:03.162] Timestamp: 0x46e03ce1
[03/15 07:30:03.162] Machine : 0x014c
[03/15 07:30:03.162] Scanning file: 'C:\MSOCache\All Users\{91120000-002E-0000-0000-0000000FF1CE}-C\set up.exe'
[03/15 07:30:03.162] Scanning PE header for file: \\.\C:\MSOCache\All Users\{91120000-002E-0000-0000-0000000FF1CE}-C\set up.exe
[03/15 07:30:03.193] Offset=304
[03/15 07:30:03.193] Timestamp: 0x454280c5
[03/15 07:30:03.193] Machine : 0x014c
[03/15 07:30:03.193] Scanning file: 'C:\Old98\CDrive\Download\WinZip\SETUP.EXE'
[03/15 07:30:03.193] Scanning PE header for file: \\.\C:\Old98\CDrive\Download\WinZip\SETUP.EXE
[03/15 07:30:03.193] Offset=176
[03/15 07:30:03.209] Invalid signature : 0x454e
[03/15 07:30:03.209] Scanning file: 'C:\Old98\CDrive\Download\WinZip\WIN16\SETUP.EXE'
[03/15 07:30:03.209] Scanning PE header for file: \\.\C:\Old98\CDrive\Download\WinZip\WIN16\SETUP.EX E
[03/15 07:30:03.225] Offset=1024
[03/15 07:30:03.225] PE Header too far into file : 1024
[03/15 07:30:03.225] Scanning file: 'C:\Old98\CDrive\Download\WinZip\WIN32\SETUP.EXE'
[03/15 07:30:03.225] Scanning PE header for file: \\.\C:\Old98\CDrive\Download\WinZip\WIN32\SETUP.EX E
[03/15 07:30:03.240] Offset=176
[03/15 07:30:03.240] Timestamp: 0x36223d58
[03/15 07:30:03.240] Machine : 0x014c
[03/15 07:30:03.240] Scanning file: 'C:\Old98\CDrive\Download\WZ7\SETUP.EXE'
[03/15 07:30:03.240] Scanning PE header for file: \\.\C:\Old98\CDrive\Download\WZ7\SETUP.EXE
[03/15 07:30:03.256] Offset=176
[03/15 07:30:03.256] Invalid signature : 0x454e
[03/15 07:30:03.256] Scanning file: 'C:\Old98\CDrive\Download\WZ7\WIN16\SETUP.EXE'
[03/15 07:30:03.256] Scanning PE header for file: \\.\C:\Old98\CDrive\Download\WZ7\WIN16\SETUP.EXE
[03/15 07:30:03.272] Offset=1024
[03/15 07:30:03.272] PE Header too far into file : 1024
[03/15 07:30:03.272] Scanning file: 'C:\Old98\CDrive\Download\WZ7\WIN32\SETUP.EXE'
[03/15 07:30:03.272] Scanning PE header for file: \\.\C:\Old98\CDrive\Download\WZ7\WIN32\SETUP.EXE
[03/15 07:30:03.287] Offset=176
[03/15 07:30:03.287] Timestamp: 0x36223d58
[03/15 07:30:03.287] Machine : 0x014c
[03/15 07:30:03.303] Scanning file: 'C:\Old98\CDrive\Download\WZ\Winzip32\SETUP.EXE'
[03/15 07:30:03.303] Scanning PE header for file: \\.\C:\Old98\CDrive\Download\WZ\Winzip32\SETUP.EXE
[03/15 07:30:03.303] Offset=128
[03/15 07:30:03.303] Timestamp: 0x3401c425
[03/15 07:30:03.303] Machine : 0x014c
[03/15 07:30:03.303] Scanning file: 'C:\Old98\CDrive\ESM2\SETUP.EXE'
[03/15 07:30:03.318] Scanning PE header for file: \\.\C:\Old98\CDrive\ESM2\SETUP.EXE
[03/15 07:30:03.318] Offset=3584
[03/15 07:30:03.318] PE Header too far into file : 3584
[03/15 07:30:03.334] Scanning file: 'C:\Old98\CDrive\Games\Descent\SETUP.EXE'
[03/15 07:30:03.334] Scanning PE header for file: \\.\C:\Old98\CDrive\Games\Descent\SETUP.EXE
[03/15 07:30:03.350] Offset=162791424
[03/15 07:30:03.350] PE Header too far into file : 162791424
[03/15 07:30:03.350] Scanning file: 'C:\Old98\CDrive\Games\Doom\DOOM.EXE'
[03/15 07:30:03.350] Scanning PE header for file: \\.\C:\Old98\CDrive\Games\Doom\DOOM.EXE
[03/15 07:30:03.428] Offset=162791424
[03/15 07:30:03.428] PE Header too far into file : 162791424
[03/15 07:30:03.428] Scanning file: 'C:\Old98\CDrive\Games\Doom\SETUP.EXE'
[03/15 07:30:03.428] Scanning PE header for file: \\.\C:\Old98\CDrive\Games\Doom\SETUP.EXE
[03/15 07:30:03.443] Offset=3909091326
[03/15 07:30:03.443] PE Header too far into file : 3909091326
[03/15 07:30:03.443] Scanning file: 'C:\Old98\CDrive\Games\Heretic\DM.EXE'
[03/15 07:30:03.443] Scanning PE header for file: \\.\C:\Old98\CDrive\Games\Heretic\DM.EXE
[03/15 07:30:03.459] Offset=2047249408
[03/15 07:30:03.459] PE Header too far into file : 2047249408
[03/15 07:30:03.459] Scanning file: 'C:\Old98\CDrive\Games\Heretic\SETUP.EXE'
[03/15 07:30:03.459] Scanning PE header for file: \\.\C:\Old98\CDrive\Games\Heretic\SETUP.EXE
[03/15 07:30:03.475] Offset=2416348160
[03/15 07:30:03.475] PE Header too far into file : 2416348160
[03/15 07:30:03.475] Scanning file: 'C:\Old98\CDrive\Games\Hocus\SETUP.EXE'
[03/15 07:30:03.475] Scanning PE header for file: \\.\C:\Old98\CDrive\Games\Hocus\SETUP.EXE
[03/15 07:30:03.490] Offset=65536
[03/15 07:30:03.490] PE Header too far into file : 65536
[03/15 07:30:03.490] Scanning file: 'C:\Old98\CDrive\Games\Misc\SPIDER\SPIDER.EXE'
[03/15 07:30:03.490] Scanning PE header for file: \\.\C:\Old98\CDrive\Games\Misc\SPIDER\SPIDER.EXE
[03/15 07:30:03.506] Offset=144
[03/15 07:30:03.522] Invalid signature : 0x454e
[03/15 07:30:03.522] Scanning file: 'C:\Old98\CDrive\OldG2K\OldD\Ts\SYS\VID.EXE'
[03/15 07:30:03.522] Scanning PE header for file: \\.\C:\Old98\CDrive\OldG2K\OldD\Ts\SYS\VID.EXE
[03/15 07:30:03.537] Offset=196635
[03/15 07:30:03.537] PE Header too far into file : 196635
[03/15 07:30:03.537] Scanning file: 'C:\Old98\CDrive\OldG2K\OldE\jigsaw.exe'
[03/15 07:30:03.537] Scanning PE header for file: \\.\C:\Old98\CDrive\OldG2K\OldE\jigsaw.exe
[03/15 07:30:03.537] Offset=1092628067
[03/15 07:30:03.537] PE Header too far into file : 1092628067
[03/15 07:30:03.537] Scanning file: 'C:\Old98\CDrive\OldG2K\OldE\Msvc\BIN\CV.EXE'
[03/15 07:30:03.553] Scanning PE header for file: \\.\C:\Old98\CDrive\OldG2K\OldE\Msvc\BIN\CV.EXE
[03/15 07:30:03.568] Offset=48103432
[03/15 07:30:03.568] PE Header too far into file : 48103432
[03/15 07:30:03.568] Scanning file: 'C:\Old98\CDrive\OldG2K\OldE\Msvc\BIN\PROFILE.EXE'
[03/15 07:30:03.584] Scanning PE header for file: \\.\C:\Old98\CDrive\OldG2K\OldE\Msvc\BIN\PROFILE.E XE
[03/15 07:30:03.600] Offset=40697856
[03/15 07:30:03.600] PE Header too far into file : 40697856
[03/15 07:30:03.600] Scanning file: 'C:\Old98\CDrive\OldG2K\OldE\Msvc\BIN\TRACE.EXE'
[03/15 07:30:03.600] Scanning PE header for file: \\.\C:\Old98\CDrive\OldG2K\OldE\Msvc\BIN\TRACE.EXE
[03/15 07:30:03.615] Offset=525833
[03/15 07:30:03.615] PE Header too far into file : 525833
[03/15 07:30:03.615] Scanning file: 'C:\Old98\CDrive\OldG2K\OldE\Nrtn\DISKMON.EXE'
[03/15 07:30:03.615] Scanning PE header for file: \\.\C:\Old98\CDrive\OldG2K\OldE\Nrtn\DISKMON.EXE
[03/15 07:30:03.631] Offset=3532849152
[03/15 07:30:03.631] PE Header too far into file : 3532849152
[03/15 07:30:03.631] Scanning file: 'C:\Old98\CDrive\OldG2K\OldE\Nrtn\DS.EXE'
[03/15 07:30:03.647] Scanning PE header for file: \\.\C:\Old98\CDrive\OldG2K\OldE\Nrtn\DS.EXE
[03/15 07:30:03.647] Offset=0
[03/15 07:30:03.647] Invalid signature : 0x5a4d
[03/15 07:30:03.647] Scanning file: 'C:\Old98\CDrive\OldG2K\OldE\Nrtn\FD.EXE'
[03/15 07:30:03.647] Scanning PE header for file: \\.\C:\Old98\CDrive\OldG2K\OldE\Nrtn\FD.EXE
[03/15 07:30:03.662] Offset=0
[03/15 07:30:03.662] Invalid signature : 0x5a4d
[03/15 07:30:03.662] Scanning file: 'C:\Old98\CDrive\OldG2K\OldE\Nrtn\FL.EXE'
[03/15 07:30:03.662] Scanning PE header for file: \\.\C:\Old98\CDrive\OldG2K\OldE\Nrtn\FL.EXE
[03/15 07:30:03.678] Offset=0
[03/15 07:30:03.678] Invalid signature : 0x5a4d
[03/15 07:30:03.678] Scanning file: 'C:\Old98\CDrive\OldG2K\OldE\Nrtn\IMAGE.EXE'
[03/15 07:30:03.678] Scanning PE header for file: \\.\C:\Old98\CDrive\OldG2K\OldE\Nrtn\IMAGE.EXE
[03/15 07:30:03.693] Offset=0
[03/15 07:30:03.693] Invalid signature : 0x5a4d
[03/15 07:30:03.693] Scanning file: 'C:\Old98\CDrive\OldG2K\OldE\Spellchk\SETUP.EXE'
[03/15 07:30:03.693] Scanning PE header for file: \\.\C:\Old98\CDrive\OldG2K\OldE\Spellchk\SETUP.EXE
[03/15 07:30:03.709] Offset=144
[03/15 07:30:03.709] Invalid signature : 0x454e
[03/15 07:30:03.709] Scanning file: 'C:\Old98\CDrive\OldG2K\OldE\Ts\MYLIB\STATUS.EXE'
[03/15 07:30:03.709] Scanning PE header for file: \\.\C:\Old98\CDrive\OldG2K\OldE\Ts\MYLIB\STATUS.EX E
[03/15 07:30:03.725] Offset=0
[03/15 07:30:03.725] Invalid signature : 0x5a4d
[03/15 07:30:03.725] Scanning file: 'C:\Old98\CDrive\Program Files\ArcSoft\Software Suite\PanoramaMaker\pmk3.exe'
[03/15 07:30:03.725] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\ArcSoft\Software Suite\PanoramaMaker\pmk3.exe
[03/15 07:30:03.740] Offset=288
[03/15 07:30:03.740] Timestamp: 0x3cbe5f36
[03/15 07:30:03.740] Machine : 0x014c
[03/15 07:30:03.740] Scanning file: 'C:\Old98\CDrive\Program Files\ArcSoft\Software Suite\PhotoImpression\PhotoImpression.exe'
[03/15 07:30:03.740] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\ArcSoft\Software Suite\PhotoImpression\PhotoImpression.exe
[03/15 07:30:03.818] Offset=256
[03/15 07:30:03.834] Timestamp: 0x3cb64faa
[03/15 07:30:03.834] Machine : 0x014c
[03/15 07:30:03.834] Scanning file: 'C:\Old98\CDrive\Program Files\ArcSoft\Software Suite\VideoImpression\videoimp.exe'
[03/15 07:30:03.834] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\ArcSoft\Software Suite\VideoImpression\videoimp.exe
[03/15 07:30:03.865] Offset=296
[03/15 07:30:03.865] Timestamp: 0x3c6252ce
[03/15 07:30:03.865] Machine : 0x014c
[03/15 07:30:03.865] Scanning file: 'C:\Old98\CDrive\Program Files\Common Files\Microsoft Shared\Dashboard Components\10\MSDDSC.DLL'
[03/15 07:30:03.865] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\Common Files\Microsoft Shared\Dashboard Components\10\MSDDSC.DLL
[03/15 07:30:03.897] Offset=240
[03/15 07:30:03.897] Timestamp: 0x3a5c2c6e
[03/15 07:30:03.912] Machine : 0x014c
[03/15 07:30:03.912] Scanning file: 'C:\Old98\CDrive\Program Files\Common Files\Microsoft Shared\Office10\MSO.DLL'
[03/15 07:30:03.912] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\Common Files\Microsoft Shared\Office10\MSO.DLL
[03/15 07:30:04.053] Offset=256
[03/15 07:30:04.053] Timestamp: 0x409b17a6
[03/15 07:30:04.053] Machine : 0x014c
[03/15 07:30:04.053] Scanning file: 'C:\Old98\CDrive\Program Files\Common Files\Microsoft Shared\Office10\SETUP.EXE'
[03/15 07:30:04.053] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\Common Files\Microsoft Shared\Office10\SETUP.EXE
[03/15 07:30:04.084] Offset=208
[03/15 07:30:04.084] Timestamp: 0x3a9cd343
[03/15 07:30:04.084] Machine : 0x014c
[03/15 07:30:04.084] Scanning file: 'C:\Old98\CDrive\Program Files\Common Files\Microsoft Shared\Orgchart\ORGCHART.EXE'
[03/15 07:30:04.084] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\Common Files\Microsoft Shared\Orgchart\ORGCHART.EXE
[03/15 07:30:04.115] Offset=128
[03/15 07:30:04.115] Timestamp: 0x30831f1b
[03/15 07:30:04.115] Machine : 0x014c
[03/15 07:30:04.131] Scanning file: 'C:\Old98\CDrive\Program Files\Common Files\mozilla.org\GRE\1.7_2004061609\components\ch rome.dll'
[03/15 07:30:04.131] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\Common Files\mozilla.org\GRE\1.7_2004061609\components\ch rome.dll
[03/15 07:30:04.147] Offset=224
[03/15 07:30:04.147] Timestamp: 0x40d08f25
[03/15 07:30:04.147] Machine : 0x014c
[03/15 07:30:04.147] Scanning file: 'C:\Old98\CDrive\Program Files\Common Files\mozilla.org\GRE\1.7_2004061609\Setup GRE\SETUP.EXE'
[03/15 07:30:04.147] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\Common Files\mozilla.org\GRE\1.7_2004061609\Setup GRE\SETUP.EXE
[03/15 07:30:04.178] Offset=256
[03/15 07:30:04.178] Timestamp: 0x40d08a35
[03/15 07:30:04.178] Machine : 0x014c
[03/15 07:30:04.178] Scanning file: 'C:\Old98\CDrive\Program Files\Common Files\SYSTEM\ADO\msadox.dll'
[03/15 07:30:04.178] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\Common Files\SYSTEM\ADO\msadox.dll
[03/15 07:30:04.193] Offset=240
[03/15 07:30:04.209] Timestamp: 0x3d2c6fb5
[03/15 07:30:04.209] Machine : 0x014c
[03/15 07:30:04.209] Scanning file: 'C:\Old98\CDrive\Program Files\Common Files\Visio Shared\vim.exe'
[03/15 07:30:04.209] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\Common Files\Visio Shared\vim.exe
[03/15 07:30:04.240] Offset=240
[03/15 07:30:04.240] Timestamp: 0x38a0c171
[03/15 07:30:04.256] Machine : 0x014c
[03/15 07:30:04.256] Scanning file: 'C:\Old98\CDrive\Program Files\Microsoft SQL Server\80\COM\snapshot.exe'
[03/15 07:30:04.256] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\Microsoft SQL Server\80\COM\snapshot.exe
[03/15 07:30:04.256] Offset=280
[03/15 07:30:04.272] Timestamp: 0x3dff9787
[03/15 07:30:04.272] Machine : 0x014c
[03/15 07:30:04.272] Scanning file: 'C:\Old98\CDrive\Program Files\Microsoft SQL Server\80\Tools\Binn\isql.exe'
[03/15 07:30:04.272] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\Microsoft SQL Server\80\Tools\Binn\isql.exe
[03/15 07:30:04.287] Offset=232
[03/15 07:30:04.287] Timestamp: 0x398d14a5
[03/15 07:30:04.287] Machine : 0x014c
[03/15 07:30:04.287] Scanning file: 'C:\Old98\CDrive\Program Files\NewSoft\PageManager\Convert.exe'
[03/15 07:30:04.287] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\NewSoft\PageManager\Convert.exe
[03/15 07:30:04.303] Offset=128
[03/15 07:30:04.303] Timestamp: 0x372ff03b
[03/15 07:30:04.303] Machine : 0x014c
[03/15 07:30:04.318] Scanning file: 'C:\Old98\CDrive\Program Files\NewSoft\PageManager\MyUninst.exe'
[03/15 07:30:04.318] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\NewSoft\PageManager\MyUninst.exe
[03/15 07:30:04.318] Offset=128
[03/15 07:30:04.318] Timestamp: 0x36dbeefb
[03/15 07:30:04.318] Machine : 0x014c
[03/15 07:30:04.318] Scanning file: 'C:\Old98\CDrive\Program Files\NewSoft\PageManager\prestopm.exe'
[03/15 07:30:04.334] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\NewSoft\PageManager\prestopm.exe
[03/15 07:30:04.381] Offset=128
[03/15 07:30:04.381] Timestamp: 0x3755f0fc
[03/15 07:30:04.381] Machine : 0x014c
[03/15 07:30:04.397] Scanning file: 'C:\Old98\CDrive\Program Files\Windows Media Player\mplayer2.exe'
[03/15 07:30:04.397] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\Windows Media Player\mplayer2.exe
[03/15 07:30:04.412] Offset=208
[03/15 07:30:04.412] Timestamp: 0x3af1e7d8
[03/15 07:30:04.412] Machine : 0x014c
[03/15 07:30:04.412] Scanning file: 'C:\Old98\CDrive\Program Files\Windows Media Player\wmplayer.exe'
[03/15 07:30:04.412] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\Windows Media Player\wmplayer.exe
[03/15 07:30:04.443] Offset=248
[03/15 07:30:04.443] Timestamp: 0x3e9f968a
[03/15 07:30:04.443] Machine : 0x014c
[03/15 07:30:04.443] Scanning file: 'C:\Old98\CDrive\Program Files\WinZip\WINZIP32.EXE'
[03/15 07:30:04.443] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\WinZip\WINZIP32.EXE
[03/15 07:30:04.475] Offset=128
[03/15 07:30:04.475] Timestamp: 0x34131823
[03/15 07:30:04.475] Machine : 0x014c
[03/15 07:30:04.475] Scanning file: 'C:\Old98\CDrive\Program Files\WinZip\WZSEPE32.EXE'
[03/15 07:30:04.475] Scanning PE header for file: \\.\C:\Old98\CDrive\Program Files\WinZip\WZSEPE32.EXE
[03/15 07:30:04.490] Offset=128
[03/15 07:30:04.490] Timestamp: 0x33c1452a
[03/15 07:30:04.490] Machine : 0x014c
[03/15 07:30:04.490] Scanning file: 'C:\Old98\CDrive\psfonts\ATMFM.EXE'
[03/15 07:30:04.490] Scanning PE header for file: \\.\C:\Old98\CDrive\psfonts\ATMFM.EXE
[03/15 07:30:04.522] Offset=128
[03/15 07:30:04.522] Timestamp: 0x325ed4c2
[03/15 07:30:04.537] Machine : 0x014c
[03/15 07:30:04.537] Scanning file: 'C:\Old98\CDrive\TB2\ENGLISH\APPS\SETUP.EXE'
[03/15 07:30:04.537] Scanning PE header for file: \\.\C:\Old98\CDrive\TB2\ENGLISH\APPS\SETUP.EXE
[03/15 07:30:04.553] Offset=1024
[03/15 07:30:04.553] PE Header too far into file : 1024
[03/15 07:30:04.553] Scanning file: 'C:\Old98\CDrive\TB2\ENGLISH\SETUP.EXE'
[03/15 07:30:04.553] Scanning PE header for file: \\.\C:\Old98\CDrive\TB2\ENGLISH\SETUP.EXE
[03/15 07:30:04.568] Offset=128
[03/15 07:30:04.568] Timestamp: 0x35cdea09
[03/15 07:30:04.568] Machine : 0x014c
[03/15 07:30:04.568] Scanning file: 'C:\Old98\CDrive\XDOS\nistime-32bit.exe'
[03/15 07:30:04.568] Scanning PE header for file: \\.\C:\Old98\CDrive\XDOS\nistime-32bit.exe
[03/15 07:30:04.584] Offset=256
[03/15 07:30:04.584] Timestamp: 0x422928b0
[03/15 07:30:04.600] Machine : 0x014c
[03/15 07:30:04.600] Scanning file: 'C:\Perl\bin\perl.exe'
[03/15 07:30:04.600] Scanning PE header for file: \\.\C:\Perl\bin\perl.exe
[03/15 07:30:04.615] Offset=224
[03/15 07:30:04.615] Timestamp: 0x46aff16f
[03/15 07:30:04.615] Machine : 0x014c
[03/15 07:30:04.615] Scanning file: 'C:\Perl\lib\auto\Compress\Zlib\Zlib.dll'
[03/15 07:30:04.615] Scanning PE header for file: \\.\C:\Perl\lib\auto\Compress\Zlib\Zlib.dll
[03/15 07:30:04.631] Offset=216
[03/15 07:30:04.631] Timestamp: 0x46aff6d8
[03/15 07:30:04.631] Machine : 0x014c
[03/15 07:30:04.631] Scanning file: 'C:\Program Files\7-Zip\7z.exe'
[03/15 07:30:04.631] Scanning PE header for file: \\.\C:\Program Files\7-Zip\7z.exe
[03/15 07:30:04.647] Offset=272
[03/15 07:30:04.647] Timestamp: 0x4757b3af
[03/15 07:30:04.647] Machine : 0x014c
[03/15 07:30:04.647] Scanning file: 'C:\Program Files\7-Zip\7zFM.exe'
[03/15 07:30:04.647] Scanning PE header for file: \\.\C:\Program Files\7-Zip\7zFM.exe
[03/15 07:30:04.693] Offset=272
[03/15 07:30:04.693] Timestamp: 0x4757b3e5
[03/15 07:30:04.693] Machine : 0x014c
[03/15 07:30:04.693] Scanning file: 'C:\Program Files\Acro Software\CutePDF Writer\CPWSave.exe'
[03/15 07:30:04.693] Scanning PE header for file: \\.\C:\Program Files\Acro Software\CutePDF Writer\CPWSave.exe
[03/15 07:30:04.709] Offset=232
[03/15 07:30:04.725] Timestamp: 0x45787675
[03/15 07:30:04.725] Machine : 0x014c
[03/15 07:30:04.725] Scanning file: 'C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.dll'
[03/15 07:30:04.725] Scanning PE header for file: \\.\C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.dll
[03/15 07:30:04.725] Offset=248
[03/15 07:30:04.725] Timestamp: 0x4b307339
[03/15 07:30:04.725] Machine : 0x014c
[03/15 07:30:04.725] Scanning file: 'C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe'
[03/15 07:30:04.725] Scanning PE header for file: \\.\C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
[03/15 07:30:04.740] Offset=240
[03/15 07:30:04.740] Timestamp: 0x4b309800
[03/15 07:30:04.740] Machine : 0x014c
[03/15 07:30:04.756] Scanning file: 'C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll'
[03/15 07:30:04.756] Scanning PE header for file: \\.\C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[03/15 07:30:04.772] Offset=248
[03/15 07:30:04.772] Timestamp: 0x4b303016
[03/15 07:30:04.787] Machine : 0x014c
[03/15 07:30:04.787] Scanning file: 'C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll'
[03/15 07:30:04.787] Scanning PE header for file: \\.\C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll
[03/15 07:30:04.897] Offset=264
[03/15 07:30:04.897] Timestamp: 0x4b5f9061
[03/15 07:30:04.897] Machine : 0x014c
[03/15 07:30:04.912] Scanning file: 'C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll'
[03/15 07:30:04.912] Scanning PE header for file: \\.\C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
[03/15 07:30:04.912] Offset=248
[03/15 07:30:04.912] Timestamp: 0x4b303016
[03/15 07:30:04.912] Machine : 0x014c
[03/15 07:30:04.912] Scanning file: 'C:\Program Files\Adobe\Reader 9.0\Reader\Eula.exe'
[03/15 07:30:04.912] Scanning PE header for file: \\.\C:\Program Files\Adobe\Reader 9.0\Reader\Eula.exe
[03/15 07:30:04.959] Offset=248
[03/15 07:30:04.959] Timestamp: 0x4b302fd2
[03/15 07:30:04.959] Machine : 0x014c
[03/15 07:30:04.959] Scanning file: 'C:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\AcroForm.api'
[03/15 07:30:04.959] Scanning PE header for file: \\.\C:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\AcroForm.api
[03/15 07:30:04.975] Offset=248
[03/15 07:30:04.975] Timestamp: 0x4b67f24e
[03/15 07:30:04.975] Machine : 0x014c
[03/15 07:30:04.990] Scanning file: 'C:\Program Files\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A93000000001}\Setup .exe'
[03/15 07:30:04.990] Scanning PE header for file: \\.\C:\Program Files\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A93000000001}\Setup .exe
[03/15 07:30:05.037] Offset=224
[03/15 07:30:05.037] Timestamp: 0x4b30480d
[03/15 07:30:05.037] Machine : 0x014c
[03/15 07:30:05.037] Scanning file: 'C:\Program Files\Agent\agent.exe'
[03/15 07:30:05.037] Scanning PE header for file: \\.\C:\Program Files\Agent\agent.exe
[03/15 07:30:05.053] Offset=280
[03/15 07:30:05.053] Timestamp: 0x45ca0b3e
[03/15 07:30:05.053] Machine : 0x014c
[03/15 07:30:05.053] Scanning file: 'C:\Program Files\ArcSoft\Software Suite\PanoramaMaker\pmk3.exe'
[03/15 07:30:05.053] Scanning PE header for file: \\.\C:\Program Files\ArcSoft\Software Suite\PanoramaMaker\pmk3.exe
[03/15 07:30:05.084] Offset=288
[03/15 07:30:05.084] Timestamp: 0x3cbe5f36
[03/15 07:30:05.100] Machine : 0x014c
[03/15 07:30:05.100] Scanning file: 'C:\Program Files\ArcSoft\Software Suite\PhotoImpression\PhotoImpression.exe'
[03/15 07:30:05.100] Scanning PE header for file: \\.\C:\Program Files\ArcSoft\Software Suite\PhotoImpression\PhotoImpression.exe
[03/15 07:30:05.162] Offset=256
[03/15 07:30:05.162] Timestamp: 0x3cb64faa
[03/15 07:30:05.162] Machine : 0x014c
[03/15 07:30:05.162] Scanning file: 'C:\Program Files\ArcSoft\Software Suite\VideoImpression\videoimp.exe'
[03/15 07:30:05.162] Scanning PE header for file: \\.\C:\Program Files\ArcSoft\Software Suite\VideoImpression\videoimp.exe
[03/15 07:30:05.209] Offset=296
[03/15 07:30:05.209] Timestamp: 0x3c6252ce
[03/15 07:30:05.209] Machine : 0x014c
[03/15 07:30:05.209] Scanning file: 'C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe'
[03/15 07:30:05.209] Scanning PE header for file: \\.\C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
[03/15 07:30:05.209] Offset=128
[03/15 07:30:05.209] Timestamp: 0x469cdc9c
[03/15 07:30:05.225] Machine : 0x014c
[03/15 07:30:05.225] Scanning file: 'C:\Program Files\Audacity\audacity.exe'
[03/15 07:30:05.225] Scanning PE header for file: \\.\C:\Program Files\Audacity\audacity.exe
[03/15 07:30:05.397] Offset=272
[03/15 07:30:05.412] Timestamp: 0x455814e4
[03/15 07:30:05.412] Machine : 0x014c
[03/15 07:30:05.412] Scanning file: 'C:\Program Files\Avery Dennison\DesignPro 5.0 Limited Edition\labeler.exe'
[03/15 07:30:05.412] Scanning PE header for file: \\.\C:\Program Files\Avery Dennison\DesignPro 5.0 Limited Edition\labeler.exe
[03/15 07:30:05.506] Offset=288
[03/15 07:30:05.522] Timestamp: 0x40edc3b9
[03/15 07:30:05.522] Machine : 0x014c
[03/15 07:30:05.522] Scanning file: 'C:\Program Files\Avery Dennison\DesignPro 5.0 Limited Edition\msxml4.dll'
[03/15 07:30:05.522] Scanning PE header for file: \\.\C:\Program Files\Avery Dennison\DesignPro 5.0 Limited Edition\msxml4.dll
[03/15 07:30:05.568] Offset=248
[03/15 07:30:05.568] Timestamp: 0x3c5e6804
[03/15 07:30:05.568] Machine : 0x014c
[03/15 07:30:05.568] Scanning file: 'C:\Program Files\Avid\Avid Free DV\zlib.dll'
[03/15 07:30:05.568] Scanning PE header for file: \\.\C:\Program Files\Avid\Avid Free DV\zlib.dll
[03/15 07:30:05.600] Offset=216
[03/15 07:30:05.600] Timestamp: 0x3c647d80
[03/15 07:30:05.600] Machine : 0x014c
[03/15 07:30:05.600] Scanning file: 'C:\Program Files\Brother\BRHL5370\WEBLINK.exe'
[03/15 07:30:05.600] Scanning PE header for file: \\.\C:\Program Files\Brother\BRHL5370\WEBLINK.exe
[03/15 07:30:05.615] Offset=216
[03/15 07:30:05.615] Timestamp: 0x4510afce
[03/15 07:30:05.615] Machine : 0x014c
[03/15 07:30:05.631] Scanning file: 'C:\Program Files\Brownie\BROWNIE.EXE'
[03/15 07:30:05.631] Scanning PE header for file: \\.\C:\Program Files\Brownie\BROWNIE.EXE
[03/15 07:30:05.647] Offset=128
[03/15 07:30:05.647] Timestamp: 0x39fa934d
[03/15 07:30:05.662] Machine : 0x014c
[03/15 07:30:05.662] Scanning file: 'C:\Program Files\Business Objects\Common\2.8\bin\crviewer.dll'
[03/15 07:30:05.662] Scanning PE header for file: \\.\C:\Program Files\Business Objects\Common\2.8\bin\crviewer.dll
[03/15 07:30:05.693] Offset=272
[03/15 07:30:05.693] Timestamp: 0x4711b530
[03/15 07:30:05.693] Machine : 0x014c
[03/15 07:30:05.709] Scanning file: 'C:\Program Files\Business Objects\Common\2.8\bin\regwiz.exe'
[03/15 07:30:05.709] Scanning PE header for file: \\.\C:\Program Files\Business Objects\Common\2.8\bin\regwiz.exe
[03/15 07:30:05.740] Offset=256
[03/15 07:30:05.740] Timestamp: 0x4711b19c
[03/15 07:30:05.740] Machine : 0x014c
[03/15 07:30:05.756] Scanning file: 'C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll'
[03/15 07:30:05.756] Scanning PE header for file: \\.\C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll
[03/15 07:30:06.022] Offset=264
[03/15 07:30:06.022] Timestamp: 0x4b06f6c8
[03/15 07:30:06.022] Machine : 0x014c
[03/15 07:30:06.037] Scanning file: 'C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll'
[03/15 07:30:06.037] Scanning PE header for file: \\.\C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
[03/15 07:30:06.178] Offset=256
[03/15 07:30:06.178] Timestamp: 0x4ae7bd0e
[03/15 07:30:06.178] Machine : 0x014c
[03/15 07:30:06.178] Scanning file: 'C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe'
[03/15 07:30:06.178] Scanning PE header for file: \\.\C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe
[03/15 07:30:06.272] Offset=264
[03/15 07:30:06.272] Timestamp: 0x49661cac
[03/15 07:30:06.287] Machine : 0x014c
[03/15 07:30:06.287] Scanning file: 'C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll'
[03/15 07:30:06.287] Scanning PE header for file: \\.\C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
[03/15 07:30:06.303] Offset=240
[03/15 07:30:06.303] Timestamp: 0x4a3c39f0
[03/15 07:30:06.303] Machine : 0x014c
[03/15 07:30:06.303] Scanning file: 'C:\Program Files\Common Files\Borland Shared\Bde\bdeadmin.exe'
[03/15 07:30:06.303] Scanning PE header for file: \\.\C:\Program Files\Common Files\Borland Shared\Bde\bdeadmin.exe
[03/15 07:30:06.350] Offset=256
[03/15 07:30:06.350] Timestamp: 0x2a425e19
[03/15 07:30:06.350] Machine : 0x014c
[03/15 07:30:06.365] Scanning file: 'C:\Program Files\Common Files\Borland Shared\Bde\datapump.exe'
[03/15 07:30:06.428] Scanning PE header for file: \\.\C:\Program Files\Common Files\Borland Shared\Bde\datapump.exe
[03/15 07:30:06.443] Offset=256
[03/15 07:30:06.443] Timestamp: 0x2a425e19
[03/15 07:30:06.443] Machine : 0x014c
[03/15 07:30:06.459] Scanning file: 'C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Inte l32\setup.dll'
[03/15 07:30:06.459] Scanning PE header for file: \\.\C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Inte l32\setup.dll
[03/15 07:30:06.490] Offset=272
[03/15 07:30:06.490] Timestamp: 0x3deba75f
[03/15 07:30:06.490] Machine : 0x014c
[03/15 07:30:06.506] Scanning file: 'C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\01\Int el32\setup.dll'
[03/15 07:30:06.506] Scanning PE header for file: \\.\C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\01\Int el32\setup.dll
[03/15 07:30:06.522] Offset=264
[03/15 07:30:06.522] Timestamp: 0x3fb01c53
[03/15 07:30:06.522] Machine : 0x014c
[03/15 07:30:06.522] Scanning file: 'C:\Program Files\Common Files\InstallShield\Professional\RunTime\10\00\Int el32\setup.dll'
[03/15 07:30:06.522] Scanning PE header for file: \\.\C:\Program Files\Common Files\InstallShield\Professional\RunTime\10\00\Int el32\setup.dll
[03/15 07:30:06.537] Offset=264
[03/15 07:30:06.537] Timestamp: 0x40835922
[03/15 07:30:06.553] Machine : 0x014c
[03/15 07:30:06.553] Scanning file: 'C:\Program Files\Common Files\InstallShield\Professional\RunTime\10\01\Int el32\setup.dll'
[03/15 07:30:06.553] Scanning PE header for file: \\.\C:\Program Files\Common Files\InstallShield\Professional\RunTime\10\01\Int el32\setup.dll
[03/15 07:30:06.568] Offset=264
[03/15 07:30:06.568] Timestamp: 0x424219cf
[03/15 07:30:06.568] Machine : 0x014c
[03/15 07:30:06.568] Scanning file: 'C:\Program Files\Common Files\InstallShield\Professional\RunTime\11\00\Int el32\setup.dll'
[03/15 07:30:06.568] Scanning PE header for file: \\.\C:\Program Files\Common Files\InstallShield\Professional\RunTime\11\00\Int el32\setup.dll
[03/15 07:30:06.600] Offset=264
[03/15 07:30:06.600] Timestamp: 0x4250bce8
[03/15 07:30:06.600] Machine : 0x014c
[03/15 07:30:06.600] Scanning file: 'C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_07.b06\launche r.exe'
[03/15 07:30:06.600] Scanning PE header for file: \\.\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_07.b06\launche r.exe
[03/15 07:30:06.615] Offset=216
[03/15 07:30:06.615] Timestamp: 0x484e7711
[03/15 07:30:06.615] Machine : 0x014c
[03/15 07:30:06.615] Scanning file: 'C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_07.b06\msvcr71 .dll'
[03/15 07:30:06.615] Scanning PE header for file: \\.\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_07.b06\msvcr71 .dll
[03/15 07:30:06.631] Offset=240
[03/15 07:30:06.631] Timestamp: 0x3e561eac
[03/15 07:30:06.631] Machine : 0x014c
[03/15 07:30:06.631] Scanning file: 'C:\Program Files\Common Files\Microsoft Shared\CAPICOM\CapiCom.dll'
[03/15 07:30:06.631] Scanning PE header for file: \\.\C:\Program Files\Common Files\Microsoft Shared\CAPICOM\CapiCom.dll
[03/15 07:30:06.662] Offset=232
[03/15 07:30:06.662] Timestamp: 0x461ab672
[03/15 07:30:06.662] Machine : 0x014c
[03/15 07:30:06.662] Scanning file: 'C:\Program Files\Common Files\Microsoft Shared\Dashboard Components\10\MSDDSC.DLL'
[03/15 07:30:06.678] Scanning PE header for file: \\.\C:\Program Files\Common Files\Microsoft Shared\Dashboard Components\10\MSDDSC.DLL
[03/15 07:30:06.693] Offset=240
[03/15 07:30:06.693] Timestamp: 0x3a5c2c6e
[03/15 07:30:06.693] Machine : 0x014c
[03/15 07:30:06.693] Scanning file: 'C:\Program Files\Common Files\Microsoft Shared\DSO\msvcr71.dll'
[03/15 07:30:06.693] Scanning PE header for file: \\.\C:\Program Files\Common Files\Microsoft Shared\DSO\msvcr71.dll
[03/15 07:30:06.725] Offset=240
[03/15 07:30:06.725] Timestamp: 0x3e561eac
[03/15 07:30:06.725] Machine : 0x014c
[03/15 07:30:06.725] Scanning file: 'C:\Program Files\Common Files\Microsoft Shared\MSEnv\VsLogP.dll'
[03/15 07:30:06.725] Scanning PE header for file: \\.\C:\Program Files\Common Files\Microsoft Shared\MSEnv\VsLogP.dll
[03/15 07:30:06.740] Offset=232
[03/15 07:30:06.740] Timestamp: 0x488f1707
[03/15 07:30:06.740] Machine : 0x014c
[03/15 07:30:06.740] Scanning file: 'C:\Program Files\Common Files\
Was this reply relevant?
+5
-0
This user no longer exists RE: Adobe Reader - Yes and No
Member 15th Mar, 2010 12:40
Hi,

I've made a change to our rules. Has this corrected the issue?
Was this reply relevant?
+0
-0
royharv RE: Adobe Reader - Yes and No
Member 15th Mar, 2010 13:06
Score: 5
Posts: 4
User Since: 13th Mar 2010
System Score: N/A
Location: US
No, it did not fix it. The behavior is the same.

Roy
Was this reply relevant?
+0
-0
This user no longer exists RE: Adobe Reader - Yes and No
Member 15th Mar, 2010 13:16
Hi,

The log file you posted was longer than the maximum allowed post length on this forum, so important information may have been left out. Could you please email us the secunia.txt file?
The address is support@secunia.com

Was this reply relevant?
+0
-0
royharv RE: Adobe Reader - Yes and No
Member 15th Mar, 2010 13:57
Score: 5
Posts: 4
User Since: 13th Mar 2010
System Score: N/A
Location: US
The email with attachment has been sent.

Roy
Was this reply relevant?
+0
-0
This user no longer exists RE: Adobe Reader - Yes and No
Member 15th Mar, 2010 14:22
Hi,

Please follow the instructions in the email you received.

The problem was caused by having a backup on another partition, containing an old version of the AcroForm.api file, which we use to get version info for Adobe Reader.

Thread closed, if there are any further question, please ask them by email.
Hope this helps.
Was this reply relevant?
+0
-0

This thread has been marked as locked.