www.MegaLab.it

da **manero478** » ven nov 09, 2012 3:43 pm

questa mattina ho acceso il PC e Avira mi diceva che un prog "AnyPassPro" Apwp.exe era un virus..?!?!?!!?!?? (infatti l'icona era diventata generica)
Siccome mi sembrava strano non l'ho fatto cancellare a lui ma ho rinominato il file in apwp.exe.gil
e ho reinstallato il programma originale.. l'icona si e' ripristinata ed anche il file delle password aveva l'icona giusta..
Lancio il programma sembra che va' in esecuzione ma non si apre nulla.. e controllando i prog attivi non e' in esecuzione..
Allora l'ho disinstallato completamente con RevoUnistaller... lo reinstallo e tutto sembra andare a buon fine.. ma il prog fa la stessa cosa..
sembra che parte.. ma non si apre nulla..

Ho lanciato hijackthis per vedere se c'era qualcosa che non andava...
ma uniche cose che trovo .. per le mie conoscenze strane.. sono queste dighe :

O17 - HKLM\System\CCS\Services\Tcpip\..\{5861FF95-23D8-4AF4-93AE-543C2788A422}: NameServer = 83.224.70.62 83.224.70.78
Conoscete l'indirizzo IP o il Dominio '83.224.70.62 83.224.70.78'? Se no, eliminate questo oggetto.
O17 - HKLM\System\CS1\Services\Tcpip\..\{5861FF95-23D8-4AF4-93AE-543C2788A422}: NameServer = 83.224.70.62 83.224.70.78
Conoscete l'indirizzo IP o il Dominio '83.224.70.62 83.224.70.78'? Se no, eliminate questo oggetto.
O17 - HKLM\System\CS2\Services\Tcpip\..\{5861FF95-23D8-4AF4-93AE-543C2788A422}: NameServer = 83.224.70.62 83.224.70.78
Conoscete l'indirizzo IP o il Dominio '83.224.70.62 83.224.70.78'? Se no, eliminate questo oggetto.

Ed in effetti non so' cosa siano.. ne dove andare a controllare se ci debbano stare...
Non so' se le 2 cose sono collegate... [V]

a sto punto vorrei sapere, se possibile, come rimettere in funzione AnypassPro.. (ho tutte le mie password li e non so' come fare)
e capire quegli indirizzi se sono regolari e dove cercare per vedere cosa sono..

Grazie per l'aiuto..
ciao

da **crazy.cat** » ven nov 09, 2012 3:52 pm

Metti il programma nella lista delle esclusioni di avira in modo che non lo controlli.

da **manero478** » ven nov 09, 2012 4:25 pm

grazue rcazy
ho provato a metterlo comunque nelle esclusioni, anche se avira dopo la reinstallazione, non dava piu prob.,ma non si avvia.. [cry]

Per qugli indirizzi IP!?!?!? [cry]

comunque questo e' il file HijackThis completo :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:13:12, on 09/11/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\WTClient.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskmgr.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Roaming\Torque\Torque.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gilberto\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\mmc.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchya.com/?chnl=dcom-100&s=0& ... tBtDyDtAtC
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - mscoree.dll (file missing)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [Eraser] "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Gilberto\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - Global Startup: SketchBook Snapshot.lnk = C:\Program Files\Autodesk\SketchBookPro2011\SketchBookSnapshot.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Visualizza o nasconde HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: @C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)
O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{5861FF95-23D8-4AF4-93AE-543C2788A422}: NameServer = 83.224.70.62 83.224.70.78
O17 - HKLM\System\CS1\Services\Tcpip\..\{5861FF95-23D8-4AF4-93AE-543C2788A422}: NameServer = 83.224.70.62 83.224.70.78
O17 - HKLM\System\CS2\Services\Tcpip\..\{5861FF95-23D8-4AF4-93AE-543C2788A422}: NameServer = 83.224.70.62 83.224.70.78
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: CFSService - Protect Folder Plus Team - C:\Program Files\Protect Folder Plus\CFSSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
O23 - Service: Servizio Vodafone Mobile Broadband (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\Windows\System32\Drivers\WTSRV.EXE

--
End of file - 11359 bytes

da **crazy.cat** » ven nov 09, 2012 6:21 pm

manero478 ha scritto:Per qugli indirizzi IP!?!?!?

Sono quelli di vodafone che ti da la linea
http://www.ip-adress.com/ip_tracer/83.224.70.78

da **manero478** » ven nov 09, 2012 6:51 pm

Grazie sei un angelo :)

Avevo telefonato a Vodafone.. ma non ne sapevano nulla... :)))))

per anypass ho disinstallato tutto.. e tolto tutte le tracce con regedit..
e ora riprovato ad installarlo... nienterstessa cosa.. AIUTOOOOO
Ma se hai qualche altro consiglio ben venga..
ciao

www.MegaLab.it

indirizzi IP e pr0g che non parte piu'

indirizzi IP e pr0g che non parte piu'

Re: indirizzi IP e pr0g che non parte piu'

Re: indirizzi IP e pr0g che non parte piu'

Re: indirizzi IP e pr0g che non parte piu'

Re: indirizzi IP e pr0g che non parte piu'

Chi c’è in linea