Solved

AntiPhishing Folder cannot delete - what application is using this file?

Posted on 2006-07-02
12
7,634 Views
Last Modified: 2012-06-27
Win XP Media Center, which is based on XP Pro.  New machine.

I am trying to delete a user account that has its own Temporary Internet Files folder.  Inside this folder is a folder called AntiPhishing.  I can't delete it.

I removed all of Norton, don't see any McAfee.  There is something called Windows Defender running.

Can anyone tell me what program creates/uses this folder.  I get access denied when trying to change its attributes, delete, or rename the folder.  I also cannot open it.  I suppose the application is some system utility that has it locked down, but I can't find which one.

Thanks
0
Comment
Question by:tkrauskopf
  • 4
  • 3
  • 2
  • +3
12 Comments
 
LVL 1

Expert Comment

by:KCDean
Comment Utility
Try using deletefxp files or unlocker, killbox.
IE will sometimes installs antiphishing folders which are almost impossible to delete those tools will delete almost anything.
0
 
LVL 11

Expert Comment

by:rvthost
Comment Utility
Download Pocket Killbox version 2.0.0.175
http://www.atribune.org/downloads/KillBox.exe
Click killbox.exe.
Select the option "Delete on reboot".
Copy the full path of the file you want to delete.

C:\Documents and Settings\Network User\Local Settings\Temporary Internet Files\AntiPhishing

From the "File" menu, choose Paste from clipboard.

Then press the button that looks like a red circle with a white X in it.
Click Yes to reboot.
If you don't get that message, reboot manually.
0
 
LVL 18

Expert Comment

by:Crash2100
Comment Utility
You could also try starting windows in safe mode and see if it will let you delete the folder.
0
 
LVL 23

Expert Comment

by:Erik Bjers
Comment Utility
Windos Defender is Microsoft's anti-malware protection, so it's OK for that to run.  

I agree with Crash, if you start the system in safemode the folder will not be in use so you can delete it.

To access safemode re-boot your computer and pres F8 or Shift+F5 when you first see the windows logo screen.  F8 will bring up a menu, select safe mode.  Shift+F5 will start safemode directly.

eb
0
 

Author Comment

by:tkrauskopf
Comment Utility

Safe Mode was a great suggestion, had me thinking, "why didn't I think of that?"

But....  didn't work.  

Trying killbox now.

timk
0
 
LVL 23

Expert Comment

by:Erik Bjers
Comment Utility
Are you loged in as the user that that folder belongs to?  If so login as a different user.

Otherwise if killbox does not work, boot with a Windows or linux boot disk that can read NTFS and delete the file that way.

boot disks can be found at bootdisk.com
other good ones are
knoppix.com  (click on the us/brit flag for english)
or bartPE (google it to finde the address)

eb
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:tkrauskopf
Comment Utility

Killbox failed, too, even with the reboot option.
Something like:

"Pending Application Remove was disabled by external application!"

So this might require more knowledge about why that file is there.  

Tim
0
 
LVL 23

Accepted Solution

by:
Erik Bjers earned 250 total points
Comment Utility
BTW this folder is created by IE7, so rolling back to IE6 may solve your problem.

You can try deleting the profile by:
Right click on my computer and selecy properties
Go to the advanced tab
Click settings under user profiles
Select the profile for the account you want to delete and click delte

Try this links for more info
http://www.experts-exchange.com/Operating_Systems/WinXP/Q_21856396.html
0
 

Author Comment

by:tkrauskopf
Comment Utility

Turns out the AntiPhishing is also an add-on feature for IE6, so rolling back IE7 beta 2 did not cure the folder settings.
Logging in as a different user did not help.

Here is the answer:
1) Use Microsoft instructions to "take ownership of the file" (see MS support site).  In Folder Options, you have to disable "Use Simple File Sharing" first.  Then access the Security tab on the AntiPhishing folder.  Under Advanced...  there is an Owner tab  -- from this point, taking ownership is easy.
2) After you are the owner, bingo!

Strangely, it was unable (or unwilling) to even TELL me who the previous owner was -- some kind of IE7 system owner, I guess.

I don't think killbox can do the job if Simple File Sharing is on and you are not the owner.  The system is pretty protective of others' files in this mode.

I am using XP Media Center which has most XP Pro options -- if I had XP Home, you can't turn "Simple File Sharing" off in XPH.  I might still be stuck in that case.

I think maybe more than one deserved points, but I'm giving it to the one who referred me to the other EE link.  It contained the basic suggestion to "take ownership" of the file.

Thanks - timk
0
 
LVL 23

Expert Comment

by:Erik Bjers
Comment Utility
Usualy dosen't show you who the owner is, unless you are the owner.

Thanks for the points

eb
0
 
LVL 2

Expert Comment

by:TrialWorks
Comment Utility
FYI -  I've seen situations where you can get to the "C:\Documents and Settings\USERNAME\Local Settings\Temporary Internet Files\AntiPhishing" folder but you cannot actually see it in the folder before it. I've gotten around that one by clicking the Share This Folder link on the left menu and then going to Security and ... the rest is the same as tkrauskopf posted.
0
 
LVL 2

Expert Comment

by:TrialWorks
Comment Utility
To clairfy my prev message -- the settings for HIdden and System folders were all done.  All the other folders would show EXCEPT the AntiPhishing.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Article by: IanTh
Hi Guys After a whole weekend getting wake on lan over the internet working, I thought I would share the experience. Your firewall has to have a port forward for port 9 udp to your local broadcast x.x.x.255 but if that doesnt work, do it to a …
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now