Prova Malwarebytes.

Inoltre ho fatto la scansione con Combofix come mi suggerivi tu... ecco il log:

ComboFix 09-11-05.05 - Amministratore 10/11/2009 18.17.12.1.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.39.1040.18.1023.590 [GMT 1:00]
Eseguito da: c:\documents and settings\Amministratore\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\emMON.exe
c:\windows\system32\UACpavkyewppxdpyyr.db
c:\windows\system32\UACpoyxiceqobqlekd.log
c:\windows\system32\uactmp.db

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF


((((((((((((((((((((((((( Files Creati Da 2009-10-10 al 2009-11-10 )))))))))))))))))))))))))))))))))))
.

2009-11-10 15:35 . 2009-11-10 15:35 -------- d-----w- c:\documents and settings\Amministratore\Dati applicazioni\Malwarebytes
2009-11-10 15:35 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-10 15:35 . 2009-11-10 15:35 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2009-11-10 15:35 . 2009-11-10 15:35 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-11-10 15:35 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-09 16:13 . 2009-11-09 16:13 1052 ----a-w- C:\prgmonsp.bin
2009-11-02 16:15 . 2009-11-02 16:29 -------- d-----w- c:\windows\BDOSCAN8
2009-10-30 10:14 . 2004-08-19 12:00 25600 ----a-w- c:\documents and settings\LocalService\Dati applicazioni\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-10-15 14:31 . 2009-10-15 14:31 44288 --s-a-w- c:\windows\system32\drivers\VIRAGTLT.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-10 16:57 . 2009-11-10 16:57 32564 ----a-w- c:\windows\SCHEDLGU.TXT.TMP
2009-02-27 15:38 . 2009-02-27 15:33 8 --sh--w- c:\programmi\.data211204.dat
2009-02-27 15:38 . 2009-02-27 15:33 8 --sh--w- c:\programmi\.data211004.dat
2009-02-27 15:38 . 2009-02-27 15:33 8 --sh--w- c:\programmi\.data110704.dat
2009-02-27 15:33 . 2009-02-27 15:33 8 --sh--w- c:\programmi\.drv120405.dat
2009-02-27 15:33 . 2009-02-27 15:33 8 --sh--w- c:\programmi\.dat000002.dat
2009-02-27 15:33 . 2009-02-27 15:33 8 --sh--w- c:\programmi\.dat000001.dat
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
"updateMgr"="c:\programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"swg"="c:\programmi\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-02-02 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Power_Gear"="c:\programmi\ASUS\Power4 Gear\BatteryLife.exe" [2005-10-05 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-11-21 7335936]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-17 1947928]
"SunJavaUpdateSched"="c:\programmi\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"VIRIT LITE MONITOR"="c:\vexplite\MONLITE.EXE" [2009-11-10 274432]
"Malwarebytes Anti-Malware (reboot)"="c:\programmi\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"combofix"="c:\combofix\CF13055.exe" [2009-11-10 397824]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2005-11-21 1519616]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\Amministratore\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Avvio veloce di Adobe Reader.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Microsoft Office.lnk - c:\programmi\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktop"= 00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-17 08:01 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^ASUS ChkMail.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Avvio veloce di Adobe Reader.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio veloce di Adobe Reader.lnk
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\rundll32.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgupd.exe"=
"c:\\Programmi\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"6569:TCP"= 6569:TCP:WWW

R0 VIRAGTLT;VIRAGTLT;c:\windows\system32\drivers\VIRAGTLT.sys [15/10/2009 15.31.26 44288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [10/02/2009 10.09.53 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [10/02/2009 10.10.03 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [10/02/2009 10.09.25 298776]
R2 viritsvclite;VirIT eXplorer Lite;c:\vexplite\VIRITSVC.EXE [21/10/2009 10.37.16 69632]
S2 qdvgfl;qdvgfl;c:\windows\system32\svchost.exe -k netsvcs [16/09/2004 14.31.20 14336]
S3 OracleServiceXE;OracleServiceXE;c:\programmi\oracle\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE --> c:\programmi\oracle\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE [?]
S3 OracleXETNSListener;OracleXETNSListener;c:\programmi\Oracle\app\oracle\product\10.2.0\server\BIN\TNSLSNR.EXE [01/02/2006 23.49.14 204800]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE;c:\programmi\oracle\app\oracle\product\10.2.0\server\Bin\extjob.exe XE --> c:\programmi\oracle\app\oracle\product\10.2.0\server\Bin\extjob.exe XE [?]

--- Altri Servizi/Drivers In Memoria ---

*NewlyCreated* - MBR
*Deregistered* - mbr

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
qdvgfl
pujcf
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/webhp?sourceid=navclient&hl=it&ie=UTF-8
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tb_id=60327
mCustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

AddRemove-{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA} - c:\programmi\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exeUNINSTALL



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-10 18:27
Windows 5.1.2600 Service Pack 2 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_USERS\S-1-5-21-2647131867-2187286375-1300774687-1005\Identities\{CEE731E2-5414-4B9E-A965-21E14F1530F7}\Software\Microsoft\Outlook Express\5.0\Recent Stationery List]
@DACL=(02 0000)
@SACL=
"File0"="Cielo blu.htm"
"File1"="Natura.htm"
"File2"="Giallo.htm"
"File3"="Girasole.htm"
"File4"="Agrumi.htm"
"File5"="Quadretti bianchi.htm"
"File6"="Foglie.htm"

[HKEY_USERS\S-1-5-21-2647131867-2187286375-1300774687-1005\Identities\{CEE731E2-5414-4B9E-A965-21E14F1530F7}\Software\Microsoft\Outlook Express\5.0\Shared Settings]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-2647131867-2187286375-1300774687-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\ATK\Wireless Console 2]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\CyberLink\PowerDVD\6.0]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\CyberLink\PowerDVD\BuildInfo]
@DACL=(02 0000)
@SACL=
"SR_No"="DVD050816-01"
"Setup"="050823"
"RC"="050426_ASUS"
"Help"="050420_ASUS"
"Readme"="050420_ASUS"
"Skin"="ASUS_050422"
"OlReg"="041130"
"RegRC"="041223"
"TrialDialog RC"="-"
"Ver"="6.00.1417"
"Utility"="1102"
"UI"="1417b_ASUS"
"UI98"="1417b_ASUS"
"DShow"="1403d_Asus(a)"
"AVSetting"="3218"
"CPXM"="2207"
"Other"="1215"
"CL264"="-"
"Pou"="1423"
"TrialDialog"="-"

[HKEY_LOCAL_MACHINE\software\CyberLink\PowerDVD\UserReg]
@DACL=(02 0000)
@SACL=
"SR_No"="DVD050816-01"
"Prod_Name"="PowerDVD"
"Prod_Ver"="6.0"
"CustomerNO"="3613"
"Hardware"="CD/DVD Drive"
"Channel"="OEM_ASUS"
"RegVType"="OEM 2CH"

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\OptionalComponents\SwFlash]
@DACL=(02 0000)
@SACL=
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\Realtek Semiconductor Corp.\Realtek High Definition Audio Driver]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\REALTEK Semiconductor Corporation\REALTEK PCIE NIC Driver]
@DACL=(02 0000)
@SACL=
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Intel\Wireless\Bin\EvtEng.exe
c:\programmi\Intel\Wireless\Bin\S24EvMon.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\programmi\Intel\Wireless\Bin\RegSrvc.exe
c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Ora fine scansione: 2009-11-10 18.33.41 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2009-11-10 17:33

Pre-Run: 24.430.139.904 byte disponibili
Post-Run: 24.409.930.752 byte disponibili

- - End Of File - - A26A73403D8FFCC55FDFADB8F1EE4A25

fino ad ora era tutto ok..... ma prima di fare il file di testo con notepad, mentre leggevo quello che dovevo fare dal fisso di casa... ho fatto fare al portatile (mi sembrava uno buona idea e lo facevo tipo una volta a settimana) una pulizia prima con Ccleaner e poi una pulizia del registro con Regseeker.... poi ho notato subito che c'era qualcosa che non andava tipo cartelle nel desktop senza nome ecc.. quindi ho ripristinato il registro con il file che mi crea lui e ho riavviato il computer ma........... sia in mod normale che in provv il portatile si pianta sulla schermata blu di Win..

R16... ho combinato qualcosa di irreparabile?... dammi notizie.

Mi si pianta sulla schermata blu... sia in mod provvisoria che normale e anche in "Ultima configurazione sicuramente funzionante"
Forse caro r16 è arrivata l'ora di formattare.... che ne pensi... o c'è qualche altra cosa da fare? non vorrei abusare della tua pazienza

P.S. dato che ho anche Ubuntu sul portatile posso fare qualcosa da li...