Jump to content

larryccf

Member
  • Posts

    20
  • Joined

  • Last visited

  • Days Won

    1

Posts posted by larryccf

  1. First, running win 7 x64, and Emsisoft Anti-Malware V 11.5.1.6247.

     

    Yesterday, my desktop computer wouldn't get past POST and load windows so i had to clone my backup copy of the OS drive back to it. For whatever reason, the windows software glitch returned and i had to clone back to the OS drive a 2nd time, but on the 2nd clone back, all was well except for a message from emsisoft AM asking me to select which license i wished to select ( i had purchased two licenses in 8/2015) - both are still showing expiration of 8/2017. When i selected the desktop license, i got the message "Mapping limit for this key  reached for today. Please try again in 24 hours or enter another license key". Problem is that today i got the same message.

     

    I tried un-installing and re-installing EAM and same result.

     

    ???

  2. Kevin - appreciate the assist so far - i've resolved the issue - i had previously re-installed (or attempted) to re-install everything on my computer and got the windows 7 home premium OS installed but never could get the Windows 7 Ultimate upgrade disc to install. Saturday i took the time to get thru to microsoft support (telephone svc) and they had me do a complete "Custom" install of 7 Ultimate, which wiped the disc and did another full clean install of the OS.

     

    So the issue has been eliminated. Tks for the assist

  3. ran both

    logs attached

     

    strange occurance after running both scans

    went to move JRT and ADWCleaner into a folder on my computer called "Computer tools" and it went into a "discovering" mode but didn't move them - same with docs i created, one for each program with the instructions for running each, again files never moved, small window opened showing it was "discovering" ????

     

    AdwCleanerS1.txt

    JRT.txt

  4. Emsisoft, on it's daily full scan, found one adware/malware that for whatever reason it couldn't quarantine:

    HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F

     

    googling it i found a thread here, in this very forum, on the same item -- ( http://support.emsisoft.com/topic/15687-infected-cant-delete-or-quarantinehelp/ )

     

    I've attached the prerequisite EEK and FRST logs

     

    this is on a brand new computer that i just built, running windows 7 home, 64 bit

    a2scan_141202-110115.txt

    FRST.txt

    Addition.txt

  5. done

    it went smooth as a mayo sandwich

    fixlog.txt attached

     

    went and checked under msconfig and found under the services tab, all instances of the Mezaa file were now absent, but under the startup tab,

    "Mezaa tray" still exists, and the little i can view (the window will not open but so large, under location is: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion...."

    (the .... being the portion hidden to the right)

    and in copying that location, i noticed a file above and below the Mezaa tray have the same "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion...."

     

    and then down a couple of lines, three files w/mgfr identified as either Sony, Nvidia or unknown, again have that same location description ?

     

    correction, there are about 12-14 with different names (from adobe to UPS) with that same location description

     

    anything to worry about?

  6. am responding from my laptop - came home from work and wife indicated the computer "wasn't working". Sat down and most functionality was dead, nothing would open when clikked on, dvd player wouldn't respond or was even recognized under the computer tree or directory

     

    right now i've got a backup i'd just made after emsisoft had quarantined it, being restored or cloned back to the computer

     

    i was able to get into msconfig and found "mezaa tray" listed under the startup tab -

     

    i'll try to run the EEK and FRST in the morning before heading into the shop - luckily i'm the owner so i can run a bit late

  7. Went home for an early lunch and ran the two programs, in the order described

    attached are the log files

     

    interestingly, after removal, i experienced a "mild" version of inoperability of the computer, ie some icons when clikked on, would not open, other items like creating a new folder in documents folder would not open or operate, but would let me create a new folder on the desktop and then drag /paste it over to the documents folder

     

    but for the hey of it, i shut down (after sacrificing a few chickens and repeating some magical phrases) and rebooted and all is working fine - think i'll let it operate like this for a few days and then do a clone backup

     

    i'll check back this evening for any further suggestions

     

    tks

  8. thanks - i've downloaded adw and jrt files and will use them tonite on the home computer

     

    fyi, it's sine been contained by emisoft - i quit trying to un-install it, and let emisoft quarantine it, and two "sub" versions of it that emsisoft would flag during daily scan, then went into msconfig and found one file titled "MezvcV1" and the other "MezvcV2" under the services tab. I dis-abled or unchecked both as well as unchecking "Mezaa" under the Startup tab. Since doing that night before last, yesterday morning's Emisoft scan reported no instance of it during the scan.

     

    i'll report back with the logs you've asked for

  9. first, i have gone thru your instructions, and have attached the EEK and FRST scan reports. I have been using Emisoft's Anti-Malware for 3-4 years now. Also am running Windows 7 X64

     

    I noticed in my control panel's list of programs, one titled MEZAA – apparently this is an Adware program. But it had been there for some time.

    • In searching the web, I found a forum indicating the best way to remove Mezaa is to use the “un-installer” that came with it, and then this stmt about Mezaa: “If you were unable to use the uninstaller that came with Mezaa and you used Malwarebytes Anti-Malware to remove the potentially unwanted program, there will be a dll inserted in your LSP stack. This was not removed because that could possibly break your internet connection. Read the additional guide in the reply to this topic.”

    I tried to un-install it using it’s own “un-installer function” and instead it caused 90% of the icons on my desktop to go non-functional, ie programs wouldn’t open, Mozilla firefox would open but couldn’t find the server, same with Outlook, and computer boot files become corrupted.

     

    I then installed a backup copy of my computer’s disk and did an un-install using my control panel un-install function. Then a third time, after emisoft found it, I selected “delete it” in the emisoft panel – each time with same result, computer’s OS became functionless. Interestingly, when Emisoft found Mezaa the first two times, all it showed was “Mezza” with the notation, no risk. The 3rd time it noted “medium” risk.

    I have since re-installed the backup copy a 3rd time, updated Emisoft and ran a full scan a third time, this time it found two instances of it, apparently installed and running – see report “a2scan_141019-095318.txt”.  Unfortunately I didn’t save those reports, and after spending all night reloading my C drive, I can’t remember for certain whether emisoft deleted or quarantined the two instances, and the log pages on emisoft are empty.

     

    FYI, Mezaa shows to be even on the backup disk from Sept 14, 2014 – I do full backups every two weeks. So apparently it’s existed on my computer without creating any apparent chaos for awhile. It’s only when you attempt to remove it that it does it’s damage.

     

    Now, after running the EEK scan, under Smart Scan, it found no instances of it, but Mezaa is still listed in my control panel’s list of programs and under the C > Programs Files (X86). EEK scan report attached.

     

    any assistance is appreciated

  10. while we don't have exact details published, it was acknowledged sometime ago, BEFORE the Ed Snowden releases, that the gov't had received backdoors from Microsoft, Apple, Google et al

     

    for a navy contractor, as i posted in the other thread, to be able to troll personal computers over the internet ( http://www.wnd.com/2014/09/u-s-navy-caught-spying-on-whole-state/ ), i can think of no other way for him to have gained access. While i have no interest in defending child pornography, i do have a strong interest in privacy and warrantless searching and even "fishing expeditions". It was reported in the story that the contractor had been doing this for 2 years and provided police with 8-9 leads - how many computers had he searched to find 8-9 possiblle child pornographers?

  11. this is assumming, that they've been discovered.

     

    I noticed this story ( http://www.wnd.com/2014/09/u-s-navy-caught-spying-on-whole-state/ ) about a US Navy NCIS private contractor, that using gov't computers, was trolling thru private individual computers, apparently over the internet, looking for evidence of child pornography (I have no interest in defending child pornography, for the record) - i am interested in privacy.

     

    I am not that literate in computer software, but have to assume that in the population at large, maybe .01% are paedephiles, and wonder how many civillian computers he searched, illegally, to find the 9 or 10 cases he referred to the police? He apparently had been doing this for a few years.

     

    again, my interest lies in privacy concerns, the US gov't obtained the backdoors from microsoft thru, in all likelihood, illegal arm twisting when the Dept of Justice was trying to breakup microsoft into smaller companies. And for the record, there is no law against a citizen blocking those backdoors if he/she can identify them.

     

    Thanks in advance

×
×
  • Create New...