Hallo to everyone,sirry for my bad english, but i'm an italian user.
i'have my laptop (packard bell whit vista 32 bit) that is under attack...
rootkit,virus, varieus problem, crash and blue screen
i can only open the safe mode.
if I start Windows when I try to log into my account, the PC crashes and a screen Blue
I therefore start in Safe Mode.
I have used many programs that have removed virus (also in the linux version) but I have not resolved.
When I reboot in safe mode again reappear
GMER found this Rootkit
(*** hidden *** ) [DISABLED] pxkbf <-- ROOTKIT !!!
(*** hidden *** ) [DISABLED] pxrts <-- ROOTKIT !!!
(*** hidden *** ) [DISABLED] pxscan <-- ROOTKIT !!!
(*** hidden *** ) [DISABLED] pxsec
These files belong to the Prevx programm, but i think that prevx is infected beacuse , If I open Prevx, an alert tells me that is not licensed Cleanup
..and the scanning end.
Then i found in C: a file CLEANUP.exe that is a trojan(result of virustotal)
This is the log of MB Rootkit detector...
h MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6002 Disk: Hitachi_HTS543216L9A300 rev.FB2OC40C -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK copy of MBR has been found in sector 9 !
What can i do?