Windows 7 - EncFiltLog.menc file

Asked By one_sto on 01-Oct-08 08:53 AM
I inserted an SD card into my Samsung Omnia (WM 6.1). File Encryption is
turned off (unchecked) on the phone. However, when I took the card out and
tried reading it from a card reader, I see this EncFiltLog.menc file. I can't
write to the card or format it. How do I get around this problem?




Neil replied on 02-Oct-08 11:49 PM
with your PPC, disable the card encrypt

--
---------------------------
Enjoy the life...
onesto replied on 03-Oct-08 10:26 AM
File Encryption is turned off (unchecked) on the phone. It was never turned on.
Ed Hansberry, MS-MVP/Mobile Devices replied on 05-Oct-08 03:46 PM
It must have been at some point for this card. Have you tried
enabling it on that device then disabling it?



__________
This was posted on Microsoft's microsoft.public.* newsgroup server. If you see this
on any other web page, it was stolen and used without permission.
See http://www.microsoft.com/communities/newsgroups/default.mspx

--
__________________________________________________________________________________
Ed Hansberry  (Please do *NOT* email me. Post here for the benefit of all)
What is on my Pocket PC? http://www.ehansberry.com/
Microsoft MVP - Mobile Devices   www.pocketpc.com
What is an MVP? - http://mvp.support.microsoft.com/
onesto replied on 05-Oct-08 08:28 PM
I just tried that and the card is stil in the same state.
Ed Hansberry, MS-MVP/Mobile Devices replied on 06-Oct-08 05:38 AM
Is the write-protect switch on the SD card in the locked
position?



__________
This was posted on Microsoft's microsoft.public.* newsgroup server. If you see this
on any other web page, it was stolen and used without permission.
See http://www.microsoft.com/communities/newsgroups/default.mspx

--
__________________________________________________________________________________
Ed Hansberry  (Please do *NOT* email me. Post here for the benefit of all)
What is on my Pocket PC? http://www.ehansberry.com/
Microsoft MVP - Mobile Devices   www.pocketpc.com
What is an MVP? - http://mvp.support.microsoft.com/
onesto replied on 06-Oct-08 09:26 AM
No, that is the first thing that I checked.
Ed Hansberry, MS-MVP/Mobile Devices replied on 06-Oct-08 12:56 PM
Then I have to admit I am stumped. I've never seen a card that
you couldn't stick in your PC and just format. It could be a
defective card, allowing you to see the contents but not allowing
you to actually write to it. It may be totally unrelated to the
EncFltLog.menc file.



__________
This was posted on Microsoft's microsoft.public.* newsgroup server. If you see this
on any other web page, it was stolen and used without permission.
See http://www.microsoft.com/communities/newsgroups/default.mspx

--
__________________________________________________________________________________
Ed Hansberry  (Please do *NOT* email me. Post here for the benefit of all)
What is on my Pocket PC? http://www.ehansberry.com/
Microsoft MVP - Mobile Devices   www.pocketpc.com
What is an MVP? - http://mvp.support.microsoft.com/
onesto replied on 06-Oct-08 01:14 PM
I got the following response from xda-developers:

There appears to be two scenario's here, and none of them you are going to
like.
If some of your files appear with .menc extension (and all your files are
there), this means they have been encrypted by WM6. The only way to recover
them is with the original device that wrote them.
Please note the following:
if you hard-reset or flash your device you will lose your original code, and
all files will become unreadable.
there is no way (as of yet) to find out the encryption code, or back it up
If you only have EncFiltLog.menc file on your SD card, and all your other
files are missing, it is extremely likely that you have had file corruption
on your SD card and your files have been erased.
Please note the following:
EncFiltLog.menc is a red-herring, it usually exists on all SD cards (I think
it's put there by WMP)
You may find a good program to recover your lost files. Do this soon, and
don't use the SD card before doing this.
I wouldn't rely on this SD card in the future for anything important.
I hope this helps. NB, I have found some good recovery programs for jpeg
files if you're interested. Sorry to be bearer of bad news.
Ed Hansberry, MS-MVP/Mobile Devices replied on 06-Oct-08 09:50 PM
But none of that explains your inability to format the card or
write new files to it.




__________
This was posted on Microsoft's microsoft.public.* newsgroup server. If you see this
on any other web page, it was stolen and used without permission.
See http://www.microsoft.com/communities/newsgroups/default.mspx

--
__________________________________________________________________________________
Ed Hansberry  (Please do *NOT* email me. Post here for the benefit of all)
What is on my Pocket PC? http://www.ehansberry.com/
Microsoft MVP - Mobile Devices   www.pocketpc.com
What is an MVP? - http://mvp.support.microsoft.com/
onesto replied on 07-Oct-08 07:38 AM
I agree, so I too am stumped.
onesto replied on 07-Oct-08 12:59 PM
I would have to agree with you.
Geo120 replied on 13-Nov-08 08:56 PM
I have had the same issue with my memory card in my phone, Sony Ericsson X1,
and it def isnt a problem with the card as the card still accepts files when
using the Activesync.

I believe the file ENCFILTLOG.MENC is put onto the card when you first use
Activesync and so stops the transfers of files by any other device except
through the original mobile device.

Unfortunately I am still in the same position as you as I cannot get rid of
the file and I have tried various ways to do this including Resco File
Explorer which could not find the file on the device as the file changes its
name on the device than to when its on a card reader on your computer.

Windows themselves must know a way around this but whether they will tell
you I'm not so sure as I have had a troll through and cant see anyone
admitting to this???
john dodd replied to one_sto on 13-Mar-10 02:56 PM
To remove EncFiltLog.menc

This file appears to be write protected, but it can be removed with a linux OS and the shred command.

Go to linuxcd.org. Order a copy of Backtrack3 live CD. (About $7.00) Remove the HD so you don't get confused. Make sure the bios setting will boot from a CD.  Start BT3. Open terminal window (bottom tray left side)  Type without quotes, the command  "cd /mnt"  List the contents of the mount directory, Code- "ls"  If you use a USB adapter for the SD card it should mount as sda5. In the mount directory you should see floppy/ live/ sda5/sr0  Change to the sda5 directory, Code- "cd sda5"  You should see the files on the microSD.  Use the shred command to remove the EncFiltLog.menc, Code- "shred -fuvz EncFiltLog.menc"  The first time it stops with an error message, repeat the command and it will overwrite 26 times. Now create a dummy file with the same name.  Code- "vi  EncFiltLog.menc" This will create an empty file with the same name. Push the escape key twice to put vi into command mode, you should hear a beep. Now put it into insert mode by pushing the i key. Type a few letters.  Now write it to the file Code-":w" and quit the editor, Code ":q"  Now make the file executable, Code- "chmod u=x EncFiltLog.menc" Remove all other access permissions Code- "chmod g-rwx EncFiltLog.menc" Then Code- "chmod o-rwx EncFiltLog.menc" You can also do this with the Graphical interface. What you want is an "excutable" file that looks like the original but does  nothing .  If you try to look at the original with vi  Code-


I noticed other problems. I install Compusec encryption . The next day my password doesn't work. I install windows xp on a dell laptop. The next day the password doesn't work. I install Vista on a lenovo laptop . The next day the password doesn't work . I install Ubuntu Linux on a external HD. The next day the password doesn't work. 4 different pieces of hardware and the same problem. 3 different OS and same problem. Not a hardware or software problem. I remove the wi-fi card and there is no bluetooth card - same problem .  One of the programs Zone Alarm is monitoring is Remote Registry Service, which allows the govt working with microsoft to shut down your firewall. The only program that can start Remote Registry Service is a remote computer. The fact that Zone Alarm was monitoring that program means it was started. How was Remote Registry Service started when I haven't installed the modem, there is no wi-fi card or bluetooth card?  A whole bunch of programs start acting as servers.  The firewall gets shut down. Acronis Try and Decide program shows 300MB of information added to my computer in 10 minutes. How, when I haven't connected to the internet yet?  When the laptop is covered with RFI shielding  (twpinc.com) and grounded to create a faraday cage the programs do not all become servers, the password doesn't get changed, the firewall doesn't get shutdown. Conclusion, there is a receiver in your computer that allows the govt to hack into your computer even when you are offline. If you think I am making this up dl Wireshark and see where your computer is connecting to.

Asia Pacific Network Information Center

121.0.0.0-121.255.255.255

221.0.0.0-221.255.255.255

61.0.0.0-61.255.255.255

202.0.0.0-203.255.255.255

210.0.0.0-211.255.255.255

218.0.0.0-218.255.255.255

220.0.0.0-220.255.255.255

60.0.0.0-60.255.255.255

125.0.0.0-125.255.255.255

189.0.0.0-189.255.255.255

200.0.0.0-200.255.255.255

Level 3 communications

8.0.0.0-8.255.255.255

64.152.0.0-64.159.255.255.255

67.24.0.0-67.31.255.255

4.0.0.0-4.255.255.255

69.192.0.0-69.192.255.255

RIPE

94.0.0.0-94.255.255.255

217.0.0.0-217.255.255.255

81.0.0.0-81.255.255.255

84.0.0.0-84.255.255.255

85.0.0.0-85.255.255.255

62.0.0.0-62.255.255.255

88.0.0.0-88.255.255.255

212.0.0.0-212.255.255.255

Go to a library and look at your spam mail. Go to the bottom and click on "show full headers" get the originating ip address and go to arin.net and do a reverse DNS lookup. You will see that most are comong from RIPE. Probably containing malicious code.
John Montgomery replied to one_sto on 20-Mar-10 03:23 PM
To remove EncFiltLog.menc

This file appears to be write protected, but it can be removed with a linux OS and the shred command.

Go to linuxcd.org. Order a copy of Backtrack3 live CD. (About $7.00) Remove the HD so you don't get confused. Make sure the bios setting will boot from a CD.  Start BT3. Open terminal window (bottom tray left side)  Type without quotes, the command  "cd /mnt"  List the contents of the mount directory, Code- "ls"  If you use a USB adapter for the SD card it should mount as sda5. In the mount directory you should see floppy/ live/ sda5/sr0  Change to the sda5 directory, Code- "cd sda5"  You should see the files on the microSD.  Use the shred command to remove the EncFiltLog.menc, Code- "shred -fuvz EncFiltLog.menc"  The first time it stops with an error message, repeat the command and it will overwrite 26 times. Now create a dummy file with the same name.  Code- "vi  EncFiltLog.menc" This will create an empty file with the same name. Push the escape key twice to put vi into command mode, you should hear a beep. Now put it into insert mode by pushing the i key. Type a few letters.  Now write it to the file Code-":w" and quit the editor, Code ":q"  Now make the file executable, Code- "chmod u=x EncFiltLog.menc" Remove all other access permissions Code- "chmod g-rwx EncFiltLog.menc" Then Code- "chmod o-rwx EncFiltLog.menc" You can also do this with the Graphical interface. What you want is an "excutable" file that looks like the original but does  nothing .  If you try to look at the original with vi  Code-


I noticed other problems. I install Compusec encryption . The next day my password doesn't work. I install windows xp on a dell laptop. The next day the password doesn't work. I install Vista on a lenovo laptop . The next day the password doesn't work . I install Ubuntu Linux on a external HD. The next day the password doesn't work. 4 different pieces of hardware and the same problem. 3 different OS and same problem. Not a hardware or software problem. I remove the wi-fi card and there is no bluetooth card - same problem .  One of the programs Zone Alarm is monitoring is Remote Registry Service, which allows the govt working with microsoft to shut down your firewall. The only program that can start Remote Registry Service is a remote computer. The fact that Zone Alarm was monitoring that program means it was started. How was Remote Registry Service started when I haven't installed the modem, there is no wi-fi card or bluetooth card?  A whole bunch of programs start acting as servers.  The firewall gets shut down. Acronis Try and Decide program shows 300MB of information added to my computer in 10 minutes. How, when I haven't connected to the internet yet?  When the laptop is covered with RFI shielding  (twpinc.com) and grounded to create a faraday cage the programs do not all become servers, the password doesn't get changed, the firewall doesn't get shutdown. Conclusion, there is a receiver in your computer that allows the govt to hack into your computer even when you are offline. If you think I am making this up dl Wireshark and see where your computer is connecting to.

Asia Pacific Network Information Center

121.0.0.0-121.255.255.255

221.0.0.0-221.255.255.255

61.0.0.0-61.255.255.255

202.0.0.0-203.255.255.255

210.0.0.0-211.255.255.255

218.0.0.0-218.255.255.255

220.0.0.0-220.255.255.255

60.0.0.0-60.255.255.255

125.0.0.0-125.255.255.255

189.0.0.0-189.255.255.255

200.0.0.0-200.255.255.255

Level 3 communications

8.0.0.0-8.255.255.255

64.152.0.0-64.159.255.255.255

67.24.0.0-67.31.255.255

4.0.0.0-4.255.255.255

69.192.0.0-69.192.255.255

RIPE

94.0.0.0-94.255.255.255

217.0.0.0-217.255.255.255

81.0.0.0-81.255.255.255

84.0.0.0-84.255.255.255

85.0.0.0-85.255.255.255

62.0.0.0-62.255.255.255

88.0.0.0-88.255.255.255

212.0.0.0-212.255.255.255

Go to a library and look at your spam mail. Go to the bottom and click on "show full headers" get the originating ip address and go to arin.net and do a reverse DNS lookup. You will see that most are comong from RIPE. Probably containing malicious code.
John Montgomery replied to John Montgomery on 20-Mar-10 03:24 PM
To remove EncFiltLog.menc

This file appears to be write protected, but it can be removed with a linux OS and the shred command.

Go to linuxcd.org. Order a copy of Backtrack3 live CD. (About $7.00) Remove the HD so you don't get confused. Make sure the bios setting will boot from a CD.  Start BT3. Open terminal window (bottom tray left side)  Type without quotes, the command  "cd /mnt"  List the contents of the mount directory, Code- "ls"  If you use a USB adapter for the SD card it should mount as sda5. In the mount directory you should see floppy/ live/ sda5/sr0  Change to the sda5 directory, Code- "cd sda5"  You should see the files on the microSD.  Use the shred command to remove the EncFiltLog.menc, Code- "shred -fuvz EncFiltLog.menc"  The first time it stops with an error message, repeat the command and it will overwrite 26 times. Now create a dummy file with the same name.  Code- "vi  EncFiltLog.menc" This will create an empty file with the same name. Push the escape key twice to put vi into command mode, you should hear a beep. Now put it into insert mode by pushing the i key. Type a few letters.  Now write it to the file Code-":w" and quit the editor, Code ":q"  Now make the file executable, Code- "chmod u=x EncFiltLog.menc" Remove all other access permissions Code- "chmod g-rwx EncFiltLog.menc" Then Code- "chmod o-rwx EncFiltLog.menc" You can also do this with the Graphical interface. What you want is an "excutable" file that looks like the original but does  nothing .  If you try to look at the original with vi  Code-


I noticed other problems. I install Compusec encryption . The next day my password doesn't work. I install windows xp on a dell laptop. The next day the password doesn't work. I install Vista on a lenovo laptop . The next day the password doesn't work . I install Ubuntu Linux on a external HD. The next day the password doesn't work. 4 different pieces of hardware and the same problem. 3 different OS and same problem. Not a hardware or software problem. I remove the wi-fi card and there is no bluetooth card - same problem .  One of the programs Zone Alarm is monitoring is Remote Registry Service, which allows the govt working with microsoft to shut down your firewall. The only program that can start Remote Registry Service is a remote computer. The fact that Zone Alarm was monitoring that program means it was started. How was Remote Registry Service started when I haven't installed the modem, there is no wi-fi card or bluetooth card?  A whole bunch of programs start acting as servers.  The firewall gets shut down. Acronis Try and Decide program shows 300MB of information added to my computer in 10 minutes. How, when I haven't connected to the internet yet?  When the laptop is covered with RFI shielding  (twpinc.com) and grounded to create a faraday cage the programs do not all become servers, the password doesn't get changed, the firewall doesn't get shutdown. Conclusion, there is a receiver in your computer that allows the govt to hack into your computer even when you are offline. If you think I am making this up dl Wireshark and see where your computer is connecting to.

Asia Pacific Network Information Center

121.0.0.0-121.255.255.255

221.0.0.0-221.255.255.255

61.0.0.0-61.255.255.255

202.0.0.0-203.255.255.255

210.0.0.0-211.255.255.255

218.0.0.0-218.255.255.255

220.0.0.0-220.255.255.255

60.0.0.0-60.255.255.255

125.0.0.0-125.255.255.255

189.0.0.0-189.255.255.255

200.0.0.0-200.255.255.255

Level 3 communications

8.0.0.0-8.255.255.255

64.152.0.0-64.159.255.255.255

67.24.0.0-67.31.255.255

4.0.0.0-4.255.255.255

69.192.0.0-69.192.255.255

RIPE

94.0.0.0-94.255.255.255

217.0.0.0-217.255.255.255

81.0.0.0-81.255.255.255

84.0.0.0-84.255.255.255

85.0.0.0-85.255.255.255

62.0.0.0-62.255.255.255

88.0.0.0-88.255.255.255

212.0.0.0-212.255.255.255

Go to a library and look at your spam mail. Go to the bottom and click on "show full headers" get the originating ip address and go to arin.net and do a reverse DNS lookup. You will see that most are comong from RIPE. Probably containing malicious code.
j j replied to John Montgomery on 27-Oct-10 05:40 AM
I found this article http://www.associatedcontent.com/article/5774634/how_to_open_menc_files_what_are_mencs.html?cat=15 which has information that explains how to open a .MENC file!!! You can decrypt the file even if you don’t have an encryption key. It’s very cool and convenient software.
cris buteg replied to j j on 01-Jan-11 12:06 AM
i just had the same problem with my new sd card 16 gigs when i inserted it to my samsung omnia B7610(windows 6.2). when i inserted the sd card to my laptop, i saw the same menc. file and can not transfer files unto it,it can not be DELETED NOR FORMATTED. i even tried using bluetooth to transfer files but to no avail. however...what i did was..i re-inserted the sd card to the phone and using the format option of the phone...i formatted it!!! i then re-inserted the sd card to my laptop and lo and behold...the .menc file is still there!!! however, when i tried again to delete it... IT WAS DELETED this time...now am happy transferring files to my sd card...hope my experience helps others too.