MBR : \.\\PHYSICALDRIVE0\PARTITION2

[willo.c]

Jeff,

Remember the process services.exe is still running and it takes almost all my cpu, at least in Normal mode.
In safe mode i cannot disable completly my antivirus.. And it is always difficult to run something..

I try to do the steps you kindly suggest me..
I keep you informed..

[willo.c]

Jeff..

Here the log of the last scan..
I have not finished the ESET Online Scan (50%), i will rescan my computer tomorrow..

Anyway i attached the results..

[jeffce]

i will rescan my computer tomorrow..

Ok let me know. 

[willo.c]

Jeff,

finally we have a Eset log... It is attached..
In the previous post you can find the Malwarebytes log..

Are we close to the solution?? 

Thanks

[jeffce]

Hi,

• Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
  

Code: [Select]

File::
C:\Documents and Settings\Willy\My Documents\Download\SoftonicDownloader76569.exe
C:\Documents and Settings\Willy\My Documents\Download\Windows-Media-Player-Firefox-Plugin-1-0-0-8-Italian.exe
C:\Documents and Settings\Willy\My Documents\Programmi LEP\Nero.v.8.1.1.0 .exe


• Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.
  
  
  
  
• Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  
• Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  
• ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
• When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.
  

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
----------

In your next reply please attach the new ComboFix log and let me know how things are running now?  :)

[willo.c]

Here the new Combofix log..

There still is the process Services.exe that take the 90% of my CPU.. This is the only problem, i think...

[willo.c]

Jeff,

Any other suggestions to stop this process?

[jeffce]

Hi,

Let's get a fresh scan and try to see what is using all that...

Run a new scan with OTL
In Custom Scans/Fixes put the following:

netsvcs

Press the Run Scan button and attach the logs created. 

[willo.c]

Here the OTL log done in Safe Mode, because i can-t go to an end in Normal mode..

Consider that services.exe take 50-60 % of CPU in Safe Mode, and 85-95% in Normal mode..

In your opinion, do I have to format C?

[jeffce]

I am not sure about formatting yet. 

You never mentioned whether or not you are still using ZoneAlarm.  In my experience that can be quite a resource hog.

[willo.c]

Jeff,

I think this is not Zonealarm.. If I stop it nothing happens..
Could it be avast? And is there a problem to formatting?

[jeffce]

is there a problem to formatting?

No there is not a problem at all.  As a matter of fact I recommend it every so often just to have a clean start and make sure everything is fresh and running right.  With the infection that you had, if it were my computer, I would format...but that is just me. 

[willo.c]

Ok, i'm going to do it..

Thanks for all your support.. I will keep you informed if everything is going well..

[jeffce]

Ok thanks for letting me know. 

[willo.c]

Jeff,

everything is done, my pc is well formatted.. No problems now..

Thank you again for supporting me..

Byee