RE: Microsoft Phishing Filter Add-in for MSN Search Toolbar

Well ,you need to remove it,to remove the rootkit.

Yes ,your protection level seems high but this doesn't mean you can't make
it higher.

I recommend you scan with the free Panda's Active scan so it will identify
the malware.If it is rootkit it is less likely to be only in that folder.
And I told you to zip the folder and send it for analyze to VirusTotal.

Let me repeat what Virus Total is:
They will scan it for malware with almost ALL antivirus softwares with the
latest definitions
and then will send you the report.The service is FREE .The service is
automated and very very fast.
If something is suspicious they WILL SEND the file to all antivirus
companies so that
they WILL establish signatures for disinfecting the malware


Please ,submit the ZIP folder for analyze ,post your report ,then scan with
Panda and again post the report.Then start performing these fast malware
removal steps

http://free.hit.bg/fightmalware/fast_MRI.htm

In these instructions you use tools which I think are very very good (may be
the best) and this is a way I can somehow guarantee you a success.I can't
guarantee you a 100 % success as I am not sitting at your PC but at lease you
may use the tools that helps me everyday.
Just for addition ,as well as my instructions ,use your SpySweeper in Safe
Mode.


Panda_man
--
Prevention is always better than cure !
Panda TruPrevent - the most intelligent technology to combat unknown malware
http://www.pandasoftware.com
http://free.hit.bg/fightmalware/homepage_en.htm




"Ricardo Grecco" wrote:

> Ok Panda_man , I have Windows XP Professional with the latest patches.
> I use CounterSpy in my common user account, AVG Antivirus (all users),Zone
> Labs Personal Firewall(all users), Cloudmark Anti-Phishing Toolbar(all
> users), Spy Sweeper 4.5 (Adm account) and Lavasoft Ad Aware (Adm account).
>
> After scanning my whole PC for the first time with Spy Sweeper, the scan
> result as following:
>
> c:\documents and settings\ricardo grecco.magnetizer\local
> settings\temp\antiphishing\4d122e84-f372-4351-a5aa-5688ef0485ac.dat". Access
> is denied
>
> c:\documents and settings\administrator\local
> settings\temp\antiphishing\4d122e84-f372-4351-a5aa-5688ef0485ac.dat
>
> The program itself recognized the folder and its content as a possible
> rootkit but could not get rid of it.
> I have changed permission for the folder and could even delete it, but it
> comes back and forth as I rebbot my machine. Cannnot delete it
>
> Thanks for your hint about scanning with Panda, but this is not the case due
> to my high security defense wall.
>
> Thanks if you have something else to help me solve this issue
>
> Ricardo Grecco
>
>
> --
> Spy Safari
>
>
> "Panda_man" wrote:
>
> > Well ,I have installed it on a computer some month before and really haven't
> > notoced such a folder.
> >
> >
> > You haven't mention what is your Windows version.
> > What security software do you have installed on your computer?
> >
> > Well ,Windows XP has integrated ZIP archiver ,so go there ,rigth click on it
> > and choose Send to ZIP archive.Choose where to be sent.Choose Desktop.
> >
> > Then goto
> >
> > http://www.virustotal.com/flash/index_en.html
> >
> > Send a suspicious file for analyze to VirusTotal
> > They will scan it for malware with almost all antivirus softwares with the
> > latest definitions
> > and then will send you the report.The service is FREE .
> > If something is suspicious they will send the file to all antivirus
> > companies so that
> > they will establish signatures for disinfecting the malware.
> >
> >
> > Please ,pose ivt back the report.
> >
> >
> > Also goto http://www.activescan.com
> > This is Panda Software free Active scan where you cancheck your PC for ALL
> > kind of security threats.Please ,post the report also.
> >
> > Panda_man
> > --
> > Prevention is always better than cure !
> > Panda TruPrevent - the most intelligent technology to combat unknown malware
> > http://www.pandasoftware.com
> > http://free.hit.bg/fightmalware/homepage_en.htm
> >
> >
> >
> >
> > "Ricardo Grecco" wrote:
> >
> > > I haven't seen yet a support for the Microsoft Phishing Filter Add-in for MSN
> > > Search Toolbar and decided to make this a public question.
> > >
> > > Does anyone would tell me if after installing the Microsoft Phishing Filter
> > > Add-in for MSN Search Toolbar a folder called "Antiphishing" shows into the
> > > Documents and Settings/Administrator/Local Settings/Temp/Antiphishing
> > > directory of your Windows partition ?
> > >
> > > This folder is impossible to be deleted and its been recognized as rootkit
> > > in my system
> > > Any help about this issue would very helpfull to me
> > >
> > > Thanks in advance
> > >
> > > Ricardo Grecco
> > > --
> > > Spy Safari
.