Esegui 
Qualcuno puo' dare un occhiata al log di questa scansione fatta con RootkitRevealer (www.sysinternals.com)??
Gmer non mi ha dato niente di strano, pero' questa....mi preoccupa.
ciao e grazie
HKLM\SECURITY\Policy\Secrets\SAC* 09/02/08 12.53 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 09/02/08 12.53 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\ 08/03/08 22.13 19 bytes Data mismatch between Windows API and raw hive data.
G:\Documents and Settings\userbuffered\Cookies\userbuffered@www.rootkit[1].txt 04/05/08 0.14 73 bytes Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Cronologia\History.IE5\MSHist012008050420080505 04/05/08 0.14 0 bytes Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Cronologia\History.IE5\MSHist012008050420080505\index.dat 04/05/08 0.14 32.00 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temp\Google Toolbar 04/05/08 0.14 0 bytes Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\2CPJE3XB\admin[1].jpg 04/05/08 0.14 3.53 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\2CPJE3XB\CAFVYW4D.HTM 04/05/08 0.13 1.15 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\2CPJE3XB\ciary[1].png 04/05/08 0.14 149 bytes Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\2CPJE3XB\kr[1].gif 04/05/08 0.14 1004 bytes Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\2CPJE3XB\pl[1].gif 04/05/08 0.14 1006 bytes Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\2CPJE3XB\rootkit_bookcover_sm[1].jpg 04/05/08 0.14 26.67 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\2CPJE3XB\ru[1].gif 04/05/08 0.14 1006 bytes Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\4CSSBQQ3\00005611[1].jpg 04/05/08 0.14 4.73 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\4CSSBQQ3\MaD.[1].jpg 04/05/08 0.14 3.44 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\4CSSBQQ3\NIAPGroup[1].jpg 04/05/08 0.14 2.34 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\4CSSBQQ3\tmeagle_2[1].jpg 04/05/08 0.14 63.64 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\4CSSBQQ3\valid-rss[1].png 04/05/08 0.14 1.49 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\4CSSBQQ3\wink[1].gif 04/05/08 0.14 944 bytes Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\TKB0E2XD\00[1].gif 04/05/08 0.14 879 bytes Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\TKB0E2XD\ciary[1].gif 04/05/08 0.14 1.06 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\TKB0E2XD\fr[1].gif 04/05/08 0.14 1006 bytes Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\TKB0E2XD\ir[1].gif 04/05/08 0.14 1006 bytes Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\TKB0E2XD\smile[1].gif 04/05/08 0.14 944 bytes Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\TKB0E2XD\YoLeJedi[1].jpg 04/05/08 0.14 2.34 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\YZWLZLQ4\banner_ad_1[1].jpg 04/05/08 0.14 61.05 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\YZWLZLQ4\CAOP0TN2.HTM 03/05/08 23.58 1.15 KB Visible in Windows API, but not in MFT or directory index.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\YZWLZLQ4\chpie[1].jpg 04/05/08 0.14 6.65 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\YZWLZLQ4\favicon[1].ico 04/05/08 0.14 1.37 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\YZWLZLQ4\hoglund[1].jpg 04/05/08 0.14 4.22 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\YZWLZLQ4\northlabs[1].jpg 04/05/08 0.14 1.85 KB Hidden from Windows API.
G:\Documents and Settings\userbuffered\Impostazioni locali\Temporary Internet Files\Content.IE5\YZWLZLQ4\us[1].gif 04/05/08 0.14 1006 bytes Hidden from Windows API.
G:\WINDOWS\Prefetch\RUNDLL32.EXE-1F6D2C45.pf 04/05/08 0.16 55.75 KB Hidden from Windows API.
![[^]](http://www.megalab.it/forum/images/smilies/Oh-yea.gif "Approvazione")
![[applauso+]](http://www.megalab.it/forum/images/smilies/Bigclap.gif "Grande applauso")