Jump to content

Still major issues after scan and many "error opening" reports Win7


Zoltan

Recommended Posts

Hello.

I thought id try and sort out my issue before formatting my drive.

I have had massive issues with super slow boot up, security essentials not working, Updates were dissabled. Ran Eset and found 5 infected files. Seems to have fixed partially and still have major boot up issues. I also have a mass of red listed files that are corrupted or error opening. Here is the log. I have also tried to reinstall windows from a disc with the option of saving all my info but it freezes half way. Here is my log. Ive removed a ton of crypto machine keyeroors to fit in post. Many thanks in advance.

 

Log
Scan Log
Version of virus signature database: 14157 (20160921)
Date: 22/09/2016  Time: 2:19:22 AM
Scanned disks, folders and files: Operating memory;C:\Boot sector;D:\Boot sector;C:\;D:\
Boot sector of disk C: - error opening [4]
Boot sector of disk D: - error opening [4]
C:\hiberfil.sys - error opening [4]
C:\pagefile.sys - error opening [4]
 
C:\ProgramData\Microsoft\BingDesktop\Updater\BingDesktop.cab - error opening [4]
C:\ProgramData\Microsoft\Crypto\Keys\3351f3ab8688e90e4e22774c08cb45a2_812b595c-d160-4a20-9743-039483a2ebe9 - error opening [4]
 
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\febf5f517172ea1f9cc04ad5ef71aa30_812b595c-d160-4a20-9743-039483a2ebe9 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\feffbe9c48605b9052bedef20d245a0f_812b595c-d160-4a20-9743-039483a2ebe9 - error opening [4]
C:\ProgramData\Microsoft\User Account Pictures\Admin.dat - error opening [4]
C:\ProgramData\Microsoft\User Account Pictures\Test.dat - error opening [4]
C:\ProgramData\TuneUp Software\TuneUp Utilities 2013\TTUSvclrt.tt - error opening [4]
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms - error opening [4]
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms - error opening [4]
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms - error opening [4]
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Libraries\Videos.library-ms - error opening [4]
C:\Users\Admin\NTUSER.DAT - error opening [4]
C:\Users\Admin\ntuser.dat.LOG1 - error opening [4]
C:\Users\Admin\ntuser.dat.LOG2 - error opening [4]
C:\Users\Admin\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf - error opening [4]
C:\Users\Admin\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms - error opening [4]
C:\Users\Admin\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms - error opening [4]
C:\Users\Admin\ntuser.ini - error opening [4]
C:\Users\All Users\Microsoft\BingDesktop\Updater\BingDesktop.cab - error opening [4]
C:\Users\All Users\Microsoft\Crypto\Keys\3351f3ab8688e90e4e22774c08cb45a2_812b595c-d160-4a20-9743-039483a2ebe9 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\00a442bfa0a08424647945d388800b2e_812b595c-d160-4a20-9743-039483a2ebe9 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\019aef55168e62c9122230e7965aa535_812b595c-d160-4a20-9743-
C:\Users\All Users\Microsoft\User Account Pictures\Admin.dat - error opening [4]
C:\Users\All Users\Microsoft\User Account Pictures\Test.dat - error opening [4]
C:\Users\All Users\TuneUp Software\TuneUp Utilities 2013\TTUSvclrt.tt - error opening [4]
C:\Users\Main\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0OTS0WAA\iCloud64[1].msi » MSI - archive damaged - the file could not be extracted.
C:\Users\Main\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\19NJCEYZ\iTunes64[3].msi » MSI - archive damaged - the file could not be extracted.
C:\Users\Main\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F252QLD4\iTunes6464[2].msi » MSI - archive damaged - the file could not be extracted.
C:\Users\Main\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P9OGDUDL\iTunes64[1].msi » MSI - archive damaged - the file could not be extracted.
C:\Users\Main\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P9OGDUDL\QuickTime[1].msi » MSI - archive damaged - the file could not be extracted.
C:\Users\Main\Downloads\FreeMP4VideoConverter.exe » INNO » {tmp}\OCSetupHlp.dll - is OK
C:\Users\Main\Downloads\FreeMP4VideoConverter.exe » INNO » {tmp}\OCSetupHlpNonSearch.dll - is OK
C:\Users\Main\Downloads\MicrosoftCameraCodecPack-x64.msi » MSI - archive damaged - the file could not be extracted.
C:\Users\Test\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms - error opening [4]
C:\Users\Test\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms - error opening [4]
C:\Users\Test\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms - error opening [4]
C:\Users\Test\AppData\Roaming\Microsoft\Windows\Libraries\Videos.library-ms - error opening [4]
C:\Users\Test\NTUSER.DAT - error opening [4]
C:\Users\Test\ntuser.dat.LOG1 - error opening [4]
C:\Users\Test\ntuser.dat.LOG2 - error opening [4]
C:\Users\Test\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf - error opening [4]
C:\Users\Test\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms - error opening [4]
C:\Users\Test\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms - error opening [4]
C:\Users\Test\ntuser.ini - error opening [4]
C:\Windows\Installer\2775f.msi » MSI » Binary.Reporter - is OK
C:\Windows\Installer\2775f.msi » MSI » Binary.ICActs - is OK
C:\Windows\Logs\CBS\CBS.log - error opening [4]
C:\Windows\Logs\DPX\setupact.log - error opening [4]
C:\Windows\Logs\DPX\setuperr.log - error opening [4]
C:\Windows\Logs\Gwx\ConfigManager.log - error opening [4]
C:\Windows\MEMORY.DMP - error opening [4]
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config - error opening [4]
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe.config - error opening [4]
C:\Windows\Panther\UnattendGC\diagerr.xml - error opening [4]
C:\Windows\Panther\UnattendGC\diagwrn.xml - error opening [4]
C:\Windows\Panther\UnattendGC\setupact.log - error opening [4]
C:\Windows\Panther\UnattendGC\setuperr.log - error opening [4]
C:\Windows\PLA\System\System Diagnostics.xml - error opening [4]
C:\Windows\PLA\System\System Performance.xml - error opening [4]
C:\Windows\security\database\secedit.sdb - error opening [4]
C:\Windows\System32\restore\MachineGuid.txt - error opening [4]
C:\Windows\System32\sysprep\Panther\IE\diagerr.xml - error opening [4]
C:\Windows\System32\sysprep\Panther\IE\diagwrn.xml - error opening [4]
C:\Windows\System32\sysprep\Panther\IE\setupact.log - error opening [4]
C:\Windows\System32\sysprep\Panther\IE\setuperr.log - error opening [4]
C:\Windows\System32\winevt\Logs\Application.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\HardwareEvents.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Key Management Service.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Media Center.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application Server-Applications%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application Server-Applications%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Problem-Steps-Recorder.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Compatibility-Assistant.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Compatibility-Troubleshooter.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Inventory.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Application-Experience%4Program-Telemetry.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Audio%4CaptureMonitor.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Audio%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-BranchCacheSMB%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CAPI2%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Compat-Appraiser%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CorruptedFileRecovery-Client%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CorruptedFileRecovery-Server%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Dhcp-Client%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Dhcpv6-Client%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-Scheduled%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-Scripted%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-Scripted%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-ScriptedDiagnosticsProvider%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Fault-Tolerant-Heap%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GWX-Ins%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-HomeGroup Provider Service%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-EventTracing%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-Power%4Thermal-Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-StoreMgr%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WDI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA%4Errors.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Known Folders API Service.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NCSI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4WHC.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkLocationWizard%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkProfile%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-OfflineFiles%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ParentalControls%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-PrintService%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteApp and Desktop Connections%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RemoteApp and Desktop Connections%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-ClientUSBDevices%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-ClientUSBDevices%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Admin.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-RDPClient%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-User Profile Service%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WER-Diag%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Defender%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Defender%4WHC.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4ConnectionSecurity.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4Firewall.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsBackup%4ActionCenter.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsSystemAssessmentTool%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winlogon%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WPD-MTPClassDriver%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\OAlerts.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Security.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Setup.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\System.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\TuneUp.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Windows PowerShell.evtx - error opening [4]
C:\Windows\winsxs\amd64_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.1.7601.17514_none_2f54961b4c9f4194\dnary.xsd - error opening [4]
C:\Windows\winsxs\amd64_microsoft-windows-u..ed-telemetry-client_31bf3856ad364e35_6.1.7601.18839_none_fe0845bb1d97efda\telemetry.ASM-WindowsDefault.json - error opening [4]
C:\Windows\winsxs\amd64_microsoft-windows-u..ed-telemetry-client_31bf3856ad364e35_6.1.7601.18839_none_fe0845bb1d97efda\utc.app.json - error opening [4]
C:\Windows\winsxs\amd64_microsoft-windows-u..ed-telemetry-client_31bf3856ad364e35_6.1.7601.18869_none_fde7d5f71db043ad\telemetry.ASM-WindowsDefault.json - error opening [4]
C:\Windows\winsxs\amd64_microsoft-windows-u..ed-telemetry-client_31bf3856ad364e35_6.1.7601.18869_none_fde7d5f71db043ad\utc.app.json - error opening [4]
C:\Windows\winsxs\amd64_microsoft-windows-u..ed-telemetry-client_31bf3856ad364e35_6.1.7601.23072_none_fe5f78f236dc8149\telemetry.ASM-WindowsDefault.json - error opening [4]
C:\Windows\winsxs\amd64_microsoft-windows-u..ed-telemetry-client_31bf3856ad364e35_6.1.7601.23072_none_fe5f78f236dc8149\utc.app.json - error opening [4]
 
Number of scanned objects: 372145
Number of threats found: 0
Time of completion: 3:09:29 AM  Total scanning time: 3007 sec (00:50:07)
 
Notes:
[4] Object cannot be opened. It may be in use by another application or operating system.
 
Link to comment
Share on other sites

  • Administrators

The errors opening files are ok. They are being exclusively used by the operating system, another application or you didn't have sufficient rights to access them.

If you are a paying user, you could contact Customer care and provide them with a Process monitor boot log for perusal.

Link to comment
Share on other sites

  • 4 months later...

I am new to ESET, I have ESET NOD32, ..everytime I scan I get error report on every file NOD is trying to scan...Im concerned I have a virus because Firefox crashes a lot and I get a blue screen with a message to restart....might be 2 different issues....I dont know...who can help, how do i know the scan is actually legit

Link to comment
Share on other sites

  • Administrators
1 hour ago, solarman said:

I am new to ESET, I have ESET NOD32, ..everytime I scan I get error report on every file NOD is trying to scan...Im concerned I have a virus because Firefox crashes a lot and I get a blue screen with a message to restart....might be 2 different issues....I dont know...who can help, how do i know the scan is actually legit

Probably not on every file as only errors and detection records are logged by default. Please provide some examples of files with the full path that could not be scanned and are not already listed in the log above.

Link to comment
Share on other sites

first scan i didnt run my scan under admin so i got a error message saying boot disk c -error opening . soo i looked that up ad found out how to run my scan under admin it scanned the boot disk which i suppose is good but i would have thought it would have had more access to other files and i wouldnt have got sooo many error opening messages. the main messages imy worried about are the microsoft/machinekey./rsa i read somewhere that there is ransome where that likes the microsoft macros and they would be turned off ? again im not computer wizz but im somewhat literate i well post pics if that will provide info that you need to help!! just dont want my computer and gunked up...

 

Link to comment
Share on other sites

  • Administrators

Those files in the RSA folder are not related to ransomware but mainly to SSL/TLS secure communication. It's ok that you're getting those errors as the system prevents ESET as well as other applications from accessing them.

Link to comment
Share on other sites

6 minutes ago, Marcos said:

Those files in the RSA folder are not related to ransomware but mainly to SSL/TLS secure communication. It's ok that you're getting those errors as the system prevents ESET as well as other applications from accessing them.

thank you for the help i just looked up the blue and orange open error help page it explained a little to me . i guess my real question is .. if i get a open error just because nod32 cant open it is there still a chance that it is infected? and if soo is there something i coud look for as to deciding if it could be threatening ? or is there a page that shows all these error openings that are threatening so i could look out for them

Link to comment
Share on other sites

  • 3 weeks later...
  • Administrators
17 hours ago, Pedson said:

What is the status of this post?  I have not seen the above mentioned ..version 6.5?

It was mentioned elsewhere that Endpoint v6.5 and ERA v6.5 are going to be released soon. Stay tuned :)

As for the errors opening certain files, you can use the filter feature to hide them in a scan log.

Edited by Marcos
Release date removed
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...