yesterday scan with AVAST and none , but with antimlwarebtye’s (suggest to me by avast team ) it found :

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
[b]HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|StartMenuLogoff /b → Bad: (1) Good: (0) → No action taken.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

what is ? false/positive or REAL infect key ?

and hijackthis found this :

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe

i think is not infect but a skype tool ?

and this :

O23 - Service: HWDeviceService.exe - Unknown owner - C:\Documents and Settings\All Users\Dati applicazioni\DatacardService\HWDeviceService.exe

i think my datacard internet key

what i to do ? SAS , and kasperky Tdss anf GMER not found this 3 INFECTIONS…

i delete this or ? help me …

Hi PUM means Possible Unwanted Modification (Possibile modifica indesiderata)

And is of no great concern

Is the computer exhibiting any weird behaviour ?

a little bit !

this key register i delete or not ?

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|StartMenuLogoff

help me ? hi,

Yes accept the recommendation

What are the problems you are experiencing ?

Download OTL to your Desktop

[*]Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

https://dl.dropbox.com/u/73555776/OTL_Main_Tutorial.gif

[*]Select All Users
[*]Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s
CREATERESTOREPOINT
[*]Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Post both logs

in attach my log file of OTL… please say if i have a infect or not ? thanks…

That looks clean no infection that I can see ;D

great !

also the key and the two 023 object from hijackthis is ALL false/postivie ?

i NOT delete it ?

and hijackthis found this :

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: HWDeviceService.exe - Unknown owner - C:\Documents and Settings\All Users\Dati applicazioni\DatacardService\HWDeviceService.exe

Those keys are legitimate, I am afraid Hijackthis cannot cope with the current windows or malware