Da oggi l'outlook balla!
ovvero ogni finestra ha un tremolio del focus che ne impedisce praticamente l'utilizzo.

la prima cosa a cui ho pensato è un virus qualcuno sa illuminarmi?

grazie mille :muro:

Ciao,

ti riferisci ad Outlook o ad Outlook express? Non ho mai saputo di virus, trojan o spyware che abbiano quell'effetto :confused: in ogni modo puoi postare il log generato da hijackthis (http://www.majorgeeks.com/download3155.html) qui sul forum, così vediamo se c'è qualcosa di anomalo

l'outlook da problemi. l'express sembra funzionare ma non lo uso per la posta.

Logfile of HijackThis v1.98.2
Scan saved at 9.40.38, on 19/11/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP1 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\ofcdog.exe
C:\program files\citrix\ica client\ssonsvr.exe
C:\WINNT\Explorer.EXE
C:\WINNT\Mixer.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\WINNT\system32\rundll32.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\DS Clock\dsclock.exe
C:\PROGRA~1\CACHEMAN\Cacheman.exe
C:\Program Files\Microsoft Office\Office\1040\OLFSNT40.EXE
C:\WINNT\ILOOKUP\EZSTUB22.EXE
C:\Program Files\Sistema5_PMDesign\Bin\s5.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE
C:\Program Files\Common Files\System\MAPI\1040\nt\MAPISP32.EXE
D:\Pvt~1\Program\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///X:/UFFICIO_TECNICO/Documentazione/DispenseHTML/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Permasteelisa Spa
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http:\\proxy.permasteelisa.net\autoconf.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.7.251:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 10.*;*permasteelisa*;192.168.*;196.0.0.*;172.*;193.203.229.136;80.74.67.40;*pisa*;dhs*;64.85.21.186;*essoglen.net;*cephren.co.uk;204.60.95.23*;*4projects.*;*mybiw.*;*turnerta*;*besix.com;timetracker;*.dtu.dk;*skanska*;*buildonline.com;*aconex*;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: IncrediFindBHO Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O1 - Hosts: 12.129.205.209 auto.search.msn.com
O1 - Hosts: 12.129.205.209 ieautosearch
O2 - BHO: F1 Organizer Class - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINNT\system32\ATPART~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet3_88.dll
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL
O2 - BHO: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup
O4 - HKLM\..\Run: [SAHBundle] C:\DOCUME~1\ABEF0~1.OMA\LOCALS~1\Temp\bundle.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKCU\..\Run: [DS Clock] "C:\Program Files\DS Clock\dsclock.exe"
O4 - HKCU\..\Run: [Cacheman] C:\PROGRA~1\CACHEMAN\Cacheman.exe
O4 - HKCU\..\RunOnce: [Web Offer] C:\WINNT\ILOOKUP\EZSTUB22.EXE
O4 - Startup: Collegamento a Microsoft Outlook.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Porta Symantec Fax Starter Edition.lnk = C:\Program Files\Microsoft Office\Office\1040\OLFSNT40.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {B3872502-F9FD-4E96-93FF-0D37298F0689} (SOESysInfo Control) - http://everquest2.station.sony.com/systemscan/soesysinfo.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = italy.eu.permasteelisa.net
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = italy.eu.permasteelisa.net
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = italy.eu.permasteelisa.net

Ciao,

il tuo log è abbastanza complesso da interpretare, tra installazione non standard del sistema operativo e impostazioni proxy, ci vorrebbe un po' di tempo per capire tutto. Risulta tuttavia una grave compromissione da parte di spyware. Uno per tutti:

O10 - Hijacked Internet access by New.Net

Il mio consiglio è quello di provare innanzitutto con un buon programma antispyware. Escluderei Giant perchè se ricordo bene non funziona con la versione 5.0 di Internet Explorer. Prova con la versione freeware di spysweeper (http://www.spyware-removal.com/free-spyware-removal.html)

:( ho fatto come mi avevi consigliato ma il problema persiste.
non capisco veramente da cosa sia dovuto.
il programma mi ha trovato un bel po' di spy ma anche pulendo il problema rimane

booooo! :O

Ciao,

prova a postare il nuovo log fatto dopo la pulizia, forse ora è più facile da leggere... cerchiamo di capire cos'è rimasto

Logfile of HijackThis v1.98.2
Scan saved at 11.15.47, on 19/11/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP1 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\ofcdog.exe
C:\program files\citrix\ica client\ssonsvr.exe
C:\WINNT\Explorer.EXE
C:\WINNT\Mixer.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\WINNT\system32\rundll32.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\DS Clock\dsclock.exe
C:\PROGRA~1\CACHEMAN\Cacheman.exe
C:\Program Files\Microsoft Office\Office\1040\OLFSNT40.EXE
C:\WINNT\ILOOKUP\EZSTUB22.EXE
C:\Program Files\Sistema5_PMDesign\Bin\s5.exe
C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE
C:\Program Files\Common Files\System\MAPI\1040\nt\MAPISP32.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Pvt~1\Program\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///X:/UFFICIO_TECNICO/Documentazione/DispenseHTML/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Permasteelisa Spa
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http:\\proxy.permasteelisa.net\autoconf.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.7.251:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 10.*;*permasteelisa*;192.168.*;196.0.0.*;172.*;193.203.229.136;80.74.67.40;*pisa*;dhs*;64.85.21.186;*essoglen.net;*cephren.co.uk;204.60.95.23*;*4projects.*;*mybiw.*;*turnerta*;*besix.com;timetracker;*.dtu.dk;*skanska*;*buildonline.com;*aconex*;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O1 - Hosts: 12.129.205.209 auto.search.msn.com
O1 - Hosts: 12.129.205.209 ieautosearch
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet3_88.dll
O2 - BHO: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup
O4 - HKLM\..\Run: [SAHBundle] C:\DOCUME~1\ABEF0~1.OMA\LOCALS~1\Temp\bundle.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKCU\..\Run: [DS Clock] "C:\Program Files\DS Clock\dsclock.exe"
O4 - HKCU\..\Run: [Cacheman] C:\PROGRA~1\CACHEMAN\Cacheman.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\RunOnce: [Web Offer] C:\WINNT\ILOOKUP\EZSTUB22.EXE
O4 - Startup: Collegamento a Microsoft Outlook.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Porta Symantec Fax Starter Edition.lnk = C:\Program Files\Microsoft Office\Office\1040\OLFSNT40.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {B3872502-F9FD-4E96-93FF-0D37298F0689} (SOESysInfo Control) - http://everquest2.station.sony.com/systemscan/soesysinfo.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = italy.eu.permasteelisa.net
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = italy.eu.permasteelisa.net
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = italy.eu.permasteelisa.net

Ciao,

non so se il problema di outlook dipende da New.Net, che è ancora presente sul tuo pc, comunque varrebbe la pena di rimuoverlo dato che è uno spyware. Da informazioni riguardo New.Net raccolte su internet ho appreso che si dovrebbe eliminare con Spybot S&D (http://www.safer-networking.org/it/mirrors/index.html)

Puoi provare ad installarlo. Dopo l'installazione, prima di fare la scansione va aggiornato.

ho riavviato il pc ed ora sembra stabile.
grazie mille per il prezioso aiuto :)