If this is a problem as i read else where that this is part of kaspersky and spybot is giving a false positive....

Can anyone confirm this please as every time i scan with spybot it comes up with 4 entries of mailskinner rtk ...every time i fix the problem it appears when i scan with spybot although it says it has fixed the problem.

Anyone know if this is anythink to do with kaspersky as i have the security suite 7.0.0 125

Any advice appreciated thanks .

shaun.:sad:

If this is a problem as i read else where that this is part of kaspersky and spybot is giving a false positive....

Can anyone confirm this please as every time i scan with spybot it comes up with 4 entries of mailskinner rtk ...every time i fix the problem it appears when i scan with spybot although it says it has fixed the problem.

Anyone know if this is anythink to do with kaspersky as i have the security suite 7.0.0 125

Any advice appreciated thanks .

shaun.:sad:

p.s someone said on the kaspersky forum it was part of there Anti-Spam toolbar ..anyone know if this true..:)

Hello.

If you post the log of the actual detection you are getting, someone will be better able to advise you.

Run another scan.
When the scan completes, right click on the results list, select "Copy results to clipboard".
Then paste (Ctrl+V) those results to a new post in this thread.

Best regards.

p.s someone said on the kaspersky forum it was part of there Anti-Spam toolbar ..anyone know if this true..:)

FWIW when I ran SpyBot it told me I had mailskinner.rtk. I chose not to fix it, and ran:

1. A Norton scan which was clean.
2. A Kaspersky online scan which was clean.
3. An Ewido online scan which was clean.
4. An AdAware scan which was clean.
5. HijackThis which showed nothing suspicious.
6. ComboFix which didn't show anything odd.

I then ran SpyBot again and it no longer reported mailskinner.rtk.

When running the Kaspersky scan it required me to uninstall an earlier version before installing the current one, so I'm wondering if the apparent disappearance of mailskinner.rtk may have been related to that uninstall?

Stompaman

On another forum at another site I prepped for the hijack log with this:
Preparations per the sticky on Hijack this logs:

Ran all updates and scans on:
-Windows XP home w/SP-2
-AdAware SE
-All 4) Kaspersky scans: no threats (even rootkits)
-Spyware Blaster: no updates and running.
-Window$ (useless) Defender updated to KB915597 (Definition 1.21.2947.3), scanned: detected nothing (surprise)

Spybot: the particulars on MailSkinner:
--- Search result list ---
MailSkinner.rtk: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\OutlookAddin.Addin

MailSkinner.rtk: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\OutlookAddin.Addin.1

MailSkinner.rtk: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C704648D-6030-47E9-ADBA-1E13B6A784AE}

MailSkinner.rtk: Settings (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\OutlookAddin.Addin
_______________________________________________________

Trojan scan at A-SQUARED, in a Deep Scan found:
a-squared Free - Version 2

Scan settings:
Objects: Memory, Traces, Cookies, C:\
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start: 9/27/2007 3:52:41 PM
Scanned
Files: 118497
Traces: 142267
Cookies: 21
Processes: 43

Found
Files: 2 (that were related to AdAwareSE: added by me)
Traces: 0
Cookies: 0
Processes: 0
Scan end: 9/27/2007 4:20:05 PM
Scan time: 12:27:24 AM

Panda will not open: period, even if I shut Kaspersky totally down and turn off my pop-up blocker: AdSubtract.

I am kinda familiar with Trend Micro's anti-virus.
I had the full version and junked it.

They might find something, but (of course) they want $$ I don’t have to fix anything.

______________________________________

When you perform a scan, it deletes MailSkinner: all 4) regiistry entries.

Reboot: There the frapping thing is again.

Manually delete the new regisrty entries, Reboot: There the frapping thing is again.

I am at my wit's end trying to get rid of of this!

If you google it there's a support email you send a grip to, but they also claim it's dangerous to even visit this site:

It states:
Mail Skinner Installation
This site may harm your computer.
Please email to support AT mailskinner.com in case of any problem with the Software that is not remedied by reinstalling it. CONDITIONS 1. ...
mailskinner.com/install/ licence.php?grpid=&nums=&bannerid=

ANY solutions much appreciated!

Kaspersky support claims they do not have any information on this piece of trojan: Nonsense!

Groucho

--- Search result list ---
MailSkinner.rtk: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\OutlookAddin.Addin

MailSkinner.rtk: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\OutlookAddin.Addin.1

MailSkinner.rtk: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C704648D-6030-47E9-ADBA-1E13B6A784AE}

MailSkinner.rtk: Settings (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\OutlookAddin.Addin
_______________________________

Spybot wil remove it once.

Reboot: there it is AGAIN! (going on since 9/26/07) your last update.

Remove all entries manually with regedit: Reboot: there it is AGAIN!

I've been surfing the forums for a fix: Kspersky claims they know nothing about it: BS

:banghead:

M A I L Skinner.rtk

Hello.

At the Kaspersky forums this is being reported as a false positive: http://forum.kaspersky.com/lofiversion/index.php/t49084.html

I have made a note of the topics for a detective's attention and he will confirm when on-line.

Best regards.

I got:

MailSkinner.rtk: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\OutlookAddin.Addin

MailSkinner.rtk: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\OutlookAddin.Addin.1

MailSkinner.rtk: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C704648D-6030-47E9-ADBA-1E13B6A784AE}

But as far as I can see:

HKEY_CLASSES_ROOT\CLSID\{C704648D-6030-47E9-ADBA-1E13B6A784AE}\InprocServer32

is set to:

C:\Program Files\IVT Corporation\BlueSoleil\outlookAddin.dll

part of the BlueSoleil Bluetooth Plug and Play Module.

I submitted a copy of "outlookAddin.dll" to VirusTotal which didn't identify any problems.

Stompaman

I got an email from visititing mailskinner.com, which google claims is dangerous to visit.
So I used a 'puter at the public library

It said:


Dear user

Please click on the following link to download the PromoRemover software to uninstall our advertising component:

http://www03.pc-on-internet.com/uninstall/download/promoremover_20070929222128.zip

You have 24 hours to download our uninstalling software. Once you have downloaded it, just unzip the file and run "promoremover.exe".

After executing "promoremover.exe", you will no longer have any pop-ups from this software on your computer. However, you will not be able to use the free functionalities of the software anymore.

We hope that you will soon find one of our softwares that you find worth seeing pop-ups for…

Best regard,

The Favorit technical team

When I try to do that Windows claims: my security settings will not allow the download of this file. :buried:

One of my weaknesses is zip files.

Furthermore: I'm leary of the 24 hour deal, and the fact that Spybot detected it as Spyware. :fear:

This is supposed to fix MailSkinner which appears harmless, but so does my cat: who'll BITE you in a heartbeat.

Does anyone have the expertise to tell if this is dangerous?

Groucho

I've been looking into this for about a week and have come to the conclusion that Mailskinner.rtk is a false positive that is actually part of Kaspersky internet securitys outlook express anti spam toolbar..however i'd be happy to be proven wrong by any of the safer networking forums malware pro's..:rolleyes:

hope it is a false positive when i run spybot i am getting the same as you guys that posted your logs ...surly if we are all using kaspersky and spybot is showing it then this could be a false positive anyone from spybot no any different .

Thanks
shaun: :D:

I'm not using Kapersky, but Avira Antivir, however, I receive the same warnings (see enclosure) :mad:

Otherwise the behaviour is as described in the previous postings :scratch::scratch::scratch:

Anybody got an idea ???

Felix

Hallo to everybody,

the hell to this message of "MailSkinner".

As I got this too, but only after the Update from Sep.26th and also upgrading to version 1,5 I informed Kaspersky Support with necessary files.
The reply I received was, that it is definately a "False Message" and all my sent posts where OK.
Now its SpyBot's turn to check and repair this boring problem, as far as I understand.

Just for interest. I scanned my system with some other scanners and got NO message.


:present:

So that's my oppinion to that problem.

regards and keep smiling

kerni

Thanks kerni, and cubanice31's machine was found clean here:
http://forums.spybot.info/showthread.php?p=123517

:oops: This false positive will be fixed in our next update on Wednesday. Looks like Mailskinner.rtk is not the only one, who creates these entries.

:oops: This false positive will be fixed in our next update on Wednesday. Looks like Mailskinner.rtk is not the only one, who creates these entries.

Can anyone explain what this file is? If it is a "False Positive" what program does it below to?

RickAce

:oops: This false positive will be fixed in our next update on Wednesday. Looks like Mailskinner.rtk is not the only one, who creates these entries.

Thanks Buster. That was the response everyone was hoping to hear.

It was a little alarming to see mailskinner appear in the scan results. I personally have been at it for all of yesterday and today. Reloaded Kaspersky and relaoded Spybot... the whole bit. Oh well. Wednesday then.:bigthumb:

I hope the next update solves the MailSkinner stuff, because last week when SD discovered I restored mi Windows to a prevous state 5th september using TrueImage and then I realized that was a false positive and it's not funny to download all the update of the 5 antispywares programs I have

:angel:

I hope the next update solves the MailSkinner stuff, because last week when SD discovered I restored mi Windows to a prevous state dated 5th september using TrueImage and then I realized that was a false positive and it's not funny to rollback to all the updates of the 5 antispywares programs I have at 29th september, believe me, I have Counterspy V2 and it was "merely" 59MB of definitions with a dial-up connection.

So I'm expecting the update to use SD 1.5, because I like the product, I use SD 4 years ago..

:angel:
:bigthumb:

hallo groucho and all Other,

as i wrote, the warning message of SB about the "Mailskinner" is a FALSE POSITIVE !!!!!!!
Do nothing in this problem, but wait for the promised new update, as i have been informed from the
SpyBot-Team.
The only thing you possibly will get, are much more and real problems.
It is not good to awake a sleeping lion.
----->means if you had no problems until now, you will have them.

:band:

kind geetings

kerni

I actually couldn't agree more PepiMK.

Also...I don;t know what it is, but the 'puter with-*out* Kaspersky version 2009 alway finds --> Microsoft Direct Draw <--, a few cookies I missed, same with history if I'm tired, same with Explorer.

Sure drr...I agree too.
If I had my wish in a perfect world...I'd never find anything, but this isn't and I'm not (finding anything).

That's what concerns me.

And no..Kaspersky does not warn you until you're 1/2 way thru a 20-30 minute procedure to update versions to 09 that Spybot's GOING AWAY, whether you like it or not. :police:

BS!..I say!

Here's the sticky on their forum on the upgrade:
Installing version 2009:
http://forum.kaspersky.com/index.php?showtopic=67812


The somewhat informed user guides to Kaspersky 2009, Everything you didn't need to know.............(I didn't bother with it...maybe I should have, I was too anxious about Norton Cr**):
http://forum.kaspersky.com/index.php?showtopic=72383

(and)


Download the latest Kaspersky product updates, Latest version is 2009 (build 8.0.0.506 CF2)
http://forum.kaspersky.com/index.php?showtopic=92200

Do you guys spot Anything about SpyBot?
I sure didn't. :sad:

What's the consensus, please?

A fresh reinstall, or removal...which I'd HATE to do!

The only reason I think it even works ....at all......is the deal on a search of these forums about unchecking one box.

Can't find it now, but it's done.

Advice if anyone has the time, Please?

Gotta go to work. (sh"" !) :sick:

Groucho

As I recalll there have been 2) small updates the week of 12/1/08 that were supposed to have corrected F/P's.

So if False Positives were the problem --> Then Cheers :2thumb: to the Spybot/Safer Networking people.


I must have toooooo many Cases going with defective Operating Systems with Micro$oft.
After dealing them....I was under the impression that F/P's meant:
F***ed UP Programs. :hair:

Thanks again Spybot crew! :)

Groucho