red cross anti-phishing filter

Discussion in 'Internet Explorer' started by Guest, Oct 27, 2007.

  1. Guest

    Guest Guest


    I've just noticed that there is a little red cross on the little screen in
    IE7 and I'm told that the service is not available at the moment.

    Any idea how to fix that?

    Guest, Oct 27, 2007
    1. Advertisements

  2. Guest

    nass Guest

    Hi Ben,
    1... Click start >> Control Panel >> Double Click Network and Internet
    Connections >> Double click Internet Options, on the IE Properties window
    you will see these Options:
    General | Security | Privacy | Content | Connections | Programs
    | Advanced .
    Click on Advanced Tab and make sure the Phishing Filter check box is checked
    to enable it.
    nass, Oct 27, 2007
    1. Advertisements

  3. Guest

    Guest Guest

    Hi Nass,

    Thanks for replying.

    I checked that before and the Phishing Filter box is already clicked.
    When I pointed on the the little screen where there is a red cross to be
    seen, I'm told that " the Phishing Filter can't verify this site, as the
    service on line from Microsoft is not available."

    Any idea


    NB: When I run IE7 in unsafe mode, the phishing filter is ok.
    Guest, Oct 27, 2007
  4. What if you right click the IE icon on the desktop and choose Start Without
    Or go to Start | All Programs | Accessories | System Tools | Internet
    Explorer (No Add-ons).
    Frank Saunders MS-MVP IE,OE/WM, Oct 27, 2007
  5. Guest

    Guest Guest

    Hi Frank,

    Thanks for replying.
    When I start IE7 without Ad-ons, there is no red cross. The Phishing filter
    does work.
    But I would to use IE7 in safe mode.
    How can I fix this issue with the little red cross?
    Thanks for replying.

    "Frank Saunders MS-MVP IE,OE/WM" <> a écrit dans le
    message de groupe de discussion :
    Guest, Oct 28, 2007
  6. Guest

    PA Bear Guest

    Troubleshooting and Internet Explorer’s (No Add-ons) Mode:

    You'll need to identify the troublemaker by re-enabling each Add-on, one by
    one, until you've found the culprit.

    Usual Suspect in this case: the (anti-)phishing filter included in an
    installed security suite (e.g., Norton/McAfee/Trend Micro/etc. Internet
    PA Bear, Oct 28, 2007
  7. Guest

    ben Guest

    Hi PA Bear,
    Thanks for replying.
    I disabled all Adds-on, but the red cross is always there and I'm tolf that
    the Phishing Filter can't verify this site, as the service is not available
    at the moment.
    It is strange, because running IE7 without any adds-on works fine, but even
    after disabling all the adds-on, the problem remains.
    I had installed ForceField Zone Alarm, I thought that it may have been the
    cause, but it is not the case.
    Any idea how to trouble shoot this issue?
    Thanks for replying.

    PS: I'm running Vista, IE7 and I've got WLOC 2 installed and no other
    anti-virus program.
    ben, Oct 28, 2007
  8. Guest

    PA Bear Guest

    I disabled all Adds-on, but the red cross is always there

    That contradicts what you posted earlier:

    Start IE7 in No Add-ons mode > Without restarting IE7, re-enable each
    Add-on, one-at-a-time, until you discover the Add-on causing the problem.

    You may have a horked (dirty; bad; flawed) install of IE7. I suggest that

    1. Uninstall IE7 (which automatically returns you to IE6) per

    2a. Uninstall all toolbars and third-party Windows Themes (including Window

    2b. Disable all Norton Add-ons, if applicable.

    3. Reinstall IE7 exactly per, and using as the installation
    source, not Automatic/Windows Update.

    4. IMMEDIATELY go to and install any
    critical updates offered. If a "Root Certificates" update is listed in the
    Optional category, you might install it, too, to take full advantage of
    IE7's additional security.

    Also see:

    IEBlog : IE7 (Un)Installation and Anti-Malware Applications

    What's New in Internet Explorer 7

    Release Notes
    PA Bear, Oct 28, 2007
  9. Do a thorough check for malware, following all of the steps at one of these
    Web pages.
    Help with malware:
    All MS-MVP Sites.

    Unexplained computer behavior may be caused by deceptive software.

    So How Did I Get Infected Anyway?
    For quite a few people it's by installing programs like Messenger Plus,
    whose ads for malware don't identify the malware as such and try to convince
    you that you owe it to the author. See also:
    Don't ever do a "default" install of anything. Always choose Custom and see
    what else is being carried along. Don't install any extras you're not sure
    Frank Saunders MS-MVP IE,OE/WM, Oct 28, 2007
  10. Guest

    ben Guest

    Hi Frank,

    Thanks for replying.
    I followed step by step what you wrote.
    I checked the presence of malwares with MRT from Microsoft, I got Spybot &
    Search run, I ran a full scan with Windows Live OneCare, I checked also
    malwares with Nanoscan and TotalScan from Pandare.
    There is no malware on my computer.
    Is the option to uninstall IE7 a good idea?
    Thanks for replying.
    ben, Oct 28, 2007
  11. You're running Vista, so you can't uninstall IE.
    Which site did you follow all the steps at?
    Frank Saunders MS-MVP IE,OE/WM, Oct 29, 2007
  12. Guest

    ben Guest

    Hi Frank,

    I followed the explanations of the first site.

    Any idea to solve out this issue?


    ben, Oct 29, 2007
  13. Do you have a link to youe HijackThis log on Aumha forums?
    Frank Saunders MS-MVP IE,OE/WM, Oct 29, 2007
  14. Guest

    ben Guest

    Here is the log of HijackThis :
    I hope it will help you to trouble shoot this issue.

    Logfile of HijackThis v1.99.1
    Scan saved at 15:45:32, on 29/10/2007
    Platform: Unknown Windows (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16546)

    Running processes:
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Labtec\WebCam10\WebCam10.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
    C:\Program Files\ThreatFire\TFTray.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
    C:\Program Files\\VoipBusterPro\VoipBusterPro.exe
    C:\Program Files\NetAppel\NetAppel.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Eraser\Eraser.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F}
    - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
    - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
    C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Call HoverToCall class -
    {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\Windows
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live -
    {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common
    Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} -
    C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows
    Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program
    Files\Labtec\WebCam10\WebCam10.exe" /hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
    O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
    O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft
    O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
    O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
    O4 - HKCU\..\Run: [Speech Recognition]
    "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
    O4 - HKCU\..\Run: [VoipBusterPro] "C:\Program
    Files\\VoipBusterPro\VoipBusterPro.exe" -nosplash -minimized
    O4 - HKCU\..\Run: [VoipBuster] "C:\Program
    Files\\VoipBuster\VoipBuster.exe" -nosplash -minimized
    O4 - HKCU\..\Run: [NetAppel] "C:\Program Files\NetAppel\NetAppel.exe"
    -nosplash -minimized
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows
    Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe
    O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program
    Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo!
    Widget Engine\YahooWidgetEngine.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
    C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) -
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
    O9 - Extra button: Envoyer à OneNote -
    {2670000A-7350-4f3c-8081-5663EE0C6C49} -
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote -
    {2670000A-7350-4f3c-8081-5663EE0C6C49} -
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -
    (no file)
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 -
    {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -
    {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O11 - Options group: [INTERNATIONAL] International*
    O13 - Gopher Prefix:
    O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare
    safety scanner control) -
    O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) -
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment
    1.6.0) -
    O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} -
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -,2,0,5140/
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} -
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} -
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} -
    C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
    O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} -
    C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
    O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - (no
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} -
    O20 - Winlogon Notify: !SASWinLogon - C:\Program
    O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner -
    %windir%\system32\svchost.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) -
    Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner -
    C:\Program Files\SiteAdvisor\6172\SAService.exe
    O23 - Service: SmartLinkService (SLService) - -
    O23 - Service: ThreatFire - PC Tools - C:\Program
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner -
    C:\Program Files\Windows Live\installer\WLSetupSvc.exe
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101
    (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media
    Player\wmpnetwk.exe (file missing)
    ben, Oct 29, 2007
  15. Guest

    Guest Guest

    I can't uninstall IE7 as it is implemented in Vista !!!

    Guest, Oct 29, 2007
  16. Guest

    PA Bear Guest

    Sorry, I misremembered that you were running Vista.

    OT: Why are you using 2 different Usernames here (i.e.,
    and ben) and why aren't you posting all replies using
    Windows Live Mail?
    PA Bear, Oct 29, 2007
  17. Guest

    PA Bear Guest

    1. You're using an outdated version of HijackThis: replace v1.99.1 with
    v2.0.2 ASAP (see below).

    2. HijackThis should be located in its own, dedicated folder (e.g.,
    %system%\Program Files\HijackThis\hijackthis.exe).

    3. You've got two (2) anti-virus applications installed and loading at boot
    (OneCare & ThreatFire). Chances are that neither is fully protecting you.

    You paid good money for your Vista machine: Don't be a tightwad when it
    comes to Security either. If OneCare is the free-trial version and you have
    no intention of purchasing it, uninstall *both* applications and get a
    reliable anti-virus application (free or paid) installed ASAP. If cost is a
    factor, try Avira AntiVir or Avast4 (free); I do NOT recommend any version
    of AVG Anti-Virus.

    Protect Your PC!

    Learn how to protect your PC by taking three simple steps

    4. For a variety of reasons, we do not interpret HijackThis logs in MS
    Public newsgroups.

    When all else fails, HijackThis v2.0.2
    ( is the preferred tool to use.
    It will help you to both identify and remove any hijackware/spyware with
    assistance from an expert. **Post your log to,,,, or other appropriate forums for expert
    analysis, not here.**
    [Personally, I'd flatten the box and reinstall Vista.]
    ~Robear Dyer (PA Bear)
    MS MVP-Windows (IE, OE, Security, Shell/User)
    AumHa VSOP & Admin
    PA Bear, Oct 29, 2007
  18. Guest

    ben Guest

    Hi PA Bear,

    Thanks for replying to my previous e-mail.
    // I will run the fresh version of HijackThis and I will post it on the site
    that you've recommended to me.

    /// I've got indeed WLOC 2 installed on my pc as beta-tester, but I have a
    subscribtion paid for WLOC 1.6. As soon as WLOC 2 is released, my
    subscription will be set again.

    /// I didn't know that ThreatFire was an anti-virus, I'm told that Treatfire
    only checks malwares and blocks them.
    Do you think that it can prevent the Phishing Filter from connecting to The
    Phishing Filter server?

    Thanks for replying.


    ben, Oct 30, 2007
  19. Guest

    PA Bear Guest

    It's "ThreatFire AntiVirus" ( While what it
    does and how it does it isn't really clear to me, you certainly don't need
    it with WOLC running in Vista (which both include Defender) IMHO. I'd ditch
    (uninstall) ThreatFire before doing anything else. WLOC shouldn't be
    clashing with IE's Phishing Filter but since you're running a beta build,
    who knows? You might wanna bug it, just in case.
    ~PA Bear
    PA Bear, Oct 30, 2007
  20. Guest

    ben Guest

    I did uninstall ThreatFire but it didn't fix the problem with the Phishing
    There is always a red cross....

    ben, Oct 30, 2007
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.