Decompression Errors

Discussion in 'ESET NOD32 Antivirus' started by flyrfan111, Nov 5, 2007.

Thread Status:
Not open for further replies.
  1. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Seeing decompression errors with copmressed files. This appears to be the same as the "Internal Errors" that were reported with the 1st beta back in August. inssuficient memory or disk space are not the problems, I have 2GB of Ram and a 200GB hard less than 25% full.

    C:\Ani\coupon.docx » ZIP » [Content_Types].xml - decompression could not complete (possible reasons: insufficient free memory or disk space, or a problem with temp folders)
    C:\Ani\coupon.docx » ZIP » _rels/.rels - decompression could not complete (possible reasons: insufficient free memory or disk space, or a problem with temp folders)
    C:\Ani\coupon.docx » ZIP » word/_rels/document.xml.rels - decompression could not complete (possible reasons: insufficient free memory or disk space, or a problem with temp folders)
    C:\Ani\coupon.docx » ZIP » word/document.xml - decompression could not complete (possible reasons: insufficient free memory or disk space, or a problem with temp folders)
    C:\Ani\coupon.docx » ZIP » word/theme/theme1.xml - decompression could not complete (possible reasons: insufficient free memory or disk space, or a problem with temp folders)
    C:\Ani\coupon.docx » ZIP » word/settings.xml - decompression could not complete (possible reasons: insufficient free memory or disk space, or a problem with temp folders)
    C:\Ani\coupon.docx » ZIP » word/fontTable.xml - decompression could not complete (possible reasons: insufficient free memory or disk space, or a problem with temp folders)
    C:\Ani\coupon.docx » ZIP » word/webSettings.xml - decompression could not complete (possible reasons: insufficient free memory or disk space, or a problem with temp folders)
    C:\Ani\coupon.docx » ZIP » docProps/app.xml - decompression could not complete (possible reasons: insufficient free memory or disk space, or a problem with temp folders)
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    This error occurs if ESS/EAV is unable to figure out the temporary folder. Make sure both the system and user TEMP/TMP variables point to existing folders and that the system account has full control granted.
     
  3. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Temp settings are correct, it is not an issue when Vista's UAC is turned off.

    Variables are;

    TEMP %USERPROFILE%\AppData\Local\Temp

    TMP %USERPROFILE%\AppData\Local\Temp
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Have you checked permissions for that folder?
     
  5. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Yes, the user account, system account and administrators all have full privileges
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Weird. Maybe Filemon (formerly from Sysinternals, now provided by Microsoft) might help you figure out what temporary folder EAV is trying to decompress the archive into.
     
  7. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Next suggestion? Filemon doesn't work on Vista, from the MS download site for Filemon;

    FileMon works on NT 4.0, Windows 2000, Windows XP, Windows XP and Windows Server 2003 64-bit Edition, Windows 2003 Server, Windows 95, Windows 98 and Windows ME.
     
  8. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Found Process Monitor which replaces FileMon for Vista, I have tried using it while NOD was scanning and have saved the file it produced. not that I understand it but it seems to be generating buffer overflow errors on most of the files that show as problems. I can send it if you wish.
     
  9. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    ok, send it by email to support[at]eset.com with this thread's url in the subject.
     
  10. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Sent, file named EkrnLogfile.rar
     
  11. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Any response?
     
  12. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    I guess not.
     
  13. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I apologize with the delay in analysing your log, we are entirely inundated with queries after the release of ESS/EAV.

    As you can see, ekrn cannot write into c:\windows\temp. Please check permissions for that folder again:

    266436 22:07:25,8314890 ekrn.exe 1904 CreateFile C:\Windows\Temp\NOD94D0.tmp ACCESS DENIED Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, Impersonating: S-1-5-21-2677388004-409760151-3765161205-1000
    266446 22:07:25,8321592 ekrn.exe 1904 CreateFile C:\Windows\Temp\NOD94D1.tmp ACCESS DENIED Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, Impersonating: S-1-5-21-2677388004-409760151-3765161205-1000
    266456 22:07:25,8327767 ekrn.exe 1904 CreateFile C:\Windows\Temp\NOD94D2.tmp ACCESS DENIED Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, Impersonating: S-1-5-21-2677388004-409760151-3765161205-1000
    266466 22:07:25,8335325 ekrn.exe 1904 CreateFile C:\Windows\Temp\NOD94D3.tmp ACCESS DENIED Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, Impersonating: S-1-5-21-2677388004-409760151-3765161205-1000
    266476 22:07:25,8341684 ekrn.exe 1904 CreateFile C:\Windows\Temp\NOD94D4.tmp ACCESS DENIED Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, Impersonating: S-1-5-21-2677388004-409760151-3765161205-1000
    266486 22:07:25,8356520 ekrn.exe 1904 CreateFile C:\Windows\Temp\NOD94E5.tmp ACCESS DENIED Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, Impersonating: S-1-5-21-2677388004-409760151-3765161205-1000
    266496 22:07:25,8363148 ekrn.exe 1904 CreateFile C:\Windows\Temp\NOD94E6.tmp ACCESS DENIED Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, Impersonating: S-1-5-21-2677388004-409760151-3765161205-1000
    266506 22:07:25,8369557 ekrn.exe 1904 CreateFile C:\Windows\Temp\NOD94E7.tmp ACCESS DENIED Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, Impersonating: S-1-5-21-2677388004-409760151-3765161205-1000
     
  14. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Added Administrator and system to have full access and still getting same errors.
     
  15. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Just tried giving Everyone full access to Windows Temp and no difference.
     
  16. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Could you please post a screenshot of the Permission settings for that folder?
     
  17. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Why is ekrn trying to write there anyway? They Temp directories are as I wrote in post 3, NOD 2.7 doesn't have any issues running scans on my system.
     
  18. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    You were not inundated with queries back in mid August when this issue was first reported during the 1st beta.
     
  19. softtouch

    softtouch Registered Member

    Joined:
    Jan 31, 2006
    Posts:
    415
    Getting the same crap all the time...

    WHY is Nod32 using Windows/Tempo_O?
    The evironment variables are set to
    %USERPROFILE%\AppData\Local\Temp
    under Vista... ALL, for the user and for the system.
    This is annoying.
     
Thread Status:
Not open for further replies.