[RKinner]

Found a better Stuxnet tool:

 

Get the W32.Worm.Stuxnet Removal Tool from

 

http://www.softpedia...oval-Tool.shtml

 

Click on Download Now. Then go to the download folder and right click on the downloaded file and Run As Admin.

 

Once the tool loads, click on Options then on Full System Scan,  Uncheck Use Fast System Scan then Start Scan.

 

Takes a while but it should tell you if you really have Stuxnet anywhere

[Advertisements]

After clicking download now, this is what I get.

Attached Thumbnails

• 

[wayneman50]

After clicking download now, this is what I get.

Attached Thumbnails

• 

[RKinner]

Click on the softpedia secure download

[wayneman50]

Here you go...

Attached Thumbnails

• 

[RKinner]

Doesn't appear that you have stuxnet.  Are there any other computers on your local network?

[wayneman50]

I use a laptop connected to the same router, but they are not on a network.

[RKinner]

Run the  W32.Worm.Stuxnet Removal Tool on the laptop too.  Stuxnet is a worm that tries to infiltrate via the network.  If they are on the same router then that's a possibility.

[wayneman50]

No infected files on laptop.

[RKinner]

Download aswMBR.exe 

 http://files.avast.com/files/rootkit-scanner/aswmbr.exe 

to your desktop.

Double click the aswMBR.exe to run it

uncheck trace disk IO calls

Click the "Scan" button to start scan

On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

[wayneman50]

 http://files.avast.c...ner/aswmbr.exe   404 - Not Found

[RKinner]

http://public.avast....erek/aswMBR.htm

[wayneman50]

Hmmm. I ran it but it looks like FixMBR is enabled and Fix is disabled.

 

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2016-01-04 09:53:26
-----------------------------
09:53:26.143    OS Version: Windows x64 6.1.7601 Service Pack 1
09:53:26.144    Number of processors: 4 586 0x503
09:53:26.145    ComputerName: WAYNE-HP  UserName: WAYNE
09:53:28.442    Initialize success
09:53:28.463    VM: initialized successfully
09:53:28.465    VM: Amd CPU BiosDisabled
09:53:30.399    AVAST engine defs: 16010400
09:54:02.378    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005b
09:54:02.381    Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 11
09:54:02.668    Disk 0 MBR read successfully
09:54:02.671    Disk 0 MBR scan
09:54:02.675    Disk 0 unknown MBR code
09:54:04.317    Disk 0 Partition 1 80 (A) 07      HPFS/NTFS NTFS          100 MB offset 2048
09:54:04.334    Disk 0 default boot code
09:54:04.351    Disk 0 Partition 2 00     07      HPFS/NTFS NTFS       597639 MB offset 206848
09:54:04.378    Disk 0 Partition 3 00     07      HPFS/NTFS NTFS        12737 MB offset 1224173249
09:54:04.568    Disk 0 scanning C:\Windows\system32\drivers
09:54:17.981    Service scanning
09:54:38.799    Modules scanning
09:54:40.460    AVAST engine scan C:\Windows
09:54:50.677    AVAST engine scan C:\Windows\system32
09:59:29.164    AVAST engine scan C:\Windows\system32\drivers
09:59:42.182    AVAST engine scan C:\Users\WAYNE
10:15:11.190    AVAST engine scan C:\ProgramData
10:21:43.046    Disk 0 statistics 4292199/0/0 @ 1.51 MB/s
10:21:43.053    Scan finished successfully
11:24:20.793    Disk 0 MBR has been saved successfully to "C:\Users\WAYNE\Desktop\MBR.dat"
11:24:20.797    The log file has been saved successfully to "C:\Users\WAYNE\Desktop\aswMBR.txt"

 

 

Attached Thumbnails

• 

[RKinner]

It didn't find anything but it doesn't recognize your MBR so let's check it;

 

Download

 

http://ad13.geekstogo.com/MBRCheck.exe

 

Save it and run it.  It will produce a log MBRCheck(date).txt on your desktop.  Copy and paste it into a reply.

[RKinner]

In addition to the mbrcheck program above, I'd like you to run Avast's boot-time scan.

 

This will take about 6 hours so you may want to let it run while you sleep.  Make sure you set it up per the following instructions or it won't be as good or it will stop in the middle and wait for you.  This is for the latest version so if the instructions do not seem right then upgrade the avast engine first.

 

 

Let's see if a boot-time scan can get rid of it.

 

Click on the Avast ball in systray or the Avast shortcut on your desktop or All Programs, Avast Software, Avast Free Anti-virus.

 

Click on Scan then Scan for Viruses.  In the box under the monitor icon, click on the down arrow and select Boot-time Scan.

 

Click on Scan Settings

 

Change System Drive to All hard drives

 

 

Under Heuristics click on the gray box to the left of Normal. It should turn Orange and now say High

 

Make sure the two boxes are checked.  Where it says 

 

When a threat is found... change it to Move to Chest.  OK.  Start.

 

The next time you reboot the scan will start.  I usually let it run while I sleep because it can take 6 hours.  (Good idea to mute the speakers so windows won't wake you when it finally boots up)

 

It normally stores its log in C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change but last time I ran it it told you where to look for the log when it first started up.

 

Once it finishes copy and paste the log into a replay.  (if it says it found anything)

[wayneman50]

MBRCheck, version 1.2.3
© 2010, AD

Command-line:            
Windows Version:        Windows 7 Home Premium Edition
Windows Information:        Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer:    FOXCONN
BIOS Manufacturer:        American Megatrends Inc.
System Manufacturer:        Hewlett-Packard
System Product Name:        p6650z
Logical Drives Mask:        0x0001013c

Kernel Drivers (total 210):
  0x03055000 \SystemRoot\system32\ntoskrnl.exe
  0x0300C000 \SystemRoot\system32\hal.dll
  0x00BA5000 \SystemRoot\system32\kdcom.dll
  0x00CA5000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
  0x00CB2000 \SystemRoot\system32\PSHED.dll
  0x00CC6000 \SystemRoot\system32\CLFS.SYS
  0x00D24000 \SystemRoot\system32\CI.dll
  0x00ED4000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x00F96000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x00FA6000 \SystemRoot\system32\drivers\ACPI.sys
  0x00E00000 \SystemRoot\system32\drivers\WMILIB.SYS
  0x00E09000 \SystemRoot\system32\drivers\msisadrv.sys
  0x00E13000 \SystemRoot\system32\drivers\pci.sys
  0x00E46000 \SystemRoot\system32\drivers\vdrvroot.sys
  0x00E53000 \SystemRoot\System32\drivers\partmgr.sys
  0x00E68000 \SystemRoot\system32\DRIVERS\compbatt.sys
  0x00E71000 \SystemRoot\system32\DRIVERS\BATTC.SYS
  0x00E7D000 \SystemRoot\system32\drivers\volmgr.sys
  0x00D99000 \SystemRoot\System32\drivers\volmgrx.sys
  0x00E92000 \SystemRoot\System32\drivers\mountmgr.sys
  0x00EAC000 \SystemRoot\system32\drivers\pavboot64.sys
  0x00EB7000 \SystemRoot\system32\DRIVERS\amdsata.sys
  0x00C00000 \SystemRoot\system32\DRIVERS\storport.sys
  0x00C64000 \SystemRoot\system32\DRIVERS\amdxata.sys
  0x00C6F000 \SystemRoot\system32\DRIVERS\amd_sata.sys
  0x00C87000 \SystemRoot\system32\DRIVERS\amd_xata.sys
  0x01001000 \SystemRoot\system32\drivers\fltmgr.sys
  0x0104D000 \SystemRoot\system32\drivers\fileinfo.sys
  0x01061000 \SystemRoot\System32\Drivers\PxHlpa64.sys
  0x01245000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x0106D000 \SystemRoot\System32\Drivers\msrpc.sys
  0x01200000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x010CB000 \SystemRoot\System32\Drivers\cng.sys
  0x0121B000 \SystemRoot\System32\drivers\pcw.sys
  0x0122C000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x014FB000 \SystemRoot\system32\drivers\ndis.sys
  0x01400000 \SystemRoot\system32\drivers\NETIO.SYS
  0x01460000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x01600000 \SystemRoot\System32\drivers\tcpip.sys
  0x0148B000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x014D4000 \SystemRoot\System32\Drivers\aswRvrt.sys
  0x0113D000 \SystemRoot\System32\Drivers\aswVmm.sys
  0x01182000 \SystemRoot\system32\drivers\volsnap.sys
  0x014E7000 \SystemRoot\System32\Drivers\spldr.sys
  0x0183A000 \SystemRoot\System32\drivers\rdyboost.sys
  0x01874000 \SystemRoot\System32\Drivers\mup.sys
  0x01886000 \SystemRoot\System32\drivers\hwpolicy.sys
  0x0188F000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x018C9000 \SystemRoot\system32\DRIVERS\disk.sys
  0x018DF000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
  0x0190F000 \SystemRoot\system32\DRIVERS\AtiPcie64.sys
  0x0195A000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0x01984000 \SystemRoot\system32\drivers\aswSP.sys
  0x03EBF000 \SystemRoot\system32\drivers\aswSnx.sys
  0x03FC5000 \SystemRoot\System32\Drivers\Null.SYS
  0x03FCE000 \SystemRoot\System32\Drivers\Beep.SYS
  0x03FD5000 \SystemRoot\System32\drivers\vga.sys
  0x03E00000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x03E25000 \SystemRoot\System32\drivers\watchdog.sys
  0x03E35000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x03E3E000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x03E47000 \SystemRoot\system32\drivers\rdprefmp.sys
  0x03E50000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x03E5B000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x03E6C000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x03E8E000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x04282000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x042C7000 \SystemRoot\system32\drivers\afd.sys
  0x04350000 \SystemRoot\system32\drivers\aswRdr2.sys
  0x0436A000 \SystemRoot\system32\drivers\ws2ifsl.sys
  0x04375000 \SystemRoot\system32\DRIVERS\wfplwf.sys
  0x0437E000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x043A4000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x043B3000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x043CE000 \SystemRoot\system32\drivers\termdd.sys
  0x04200000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x04251000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x0425D000 \SystemRoot\system32\drivers\mssmbios.sys
  0x04268000 \SystemRoot\System32\drivers\discache.sys
  0x043E2000 \SystemRoot\System32\Drivers\dfsc.sys
  0x03E9B000 \SystemRoot\system32\DRIVERS\blbdrive.sys
  0x01800000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x03FE3000 \SystemRoot\system32\DRIVERS\amdppm.sys
  0x04418000 \SystemRoot\system32\DRIVERS\atikmpag.sys
  0x110F8000 \SystemRoot\system32\DRIVERS\atikmdag.sys
  0x11000000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x1237C000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x123C2000 \SystemRoot\system32\drivers\HDAudBus.sys
  0x044AE000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
  0x123E6000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  0x123ED000 \SystemRoot\system32\DRIVERS\usbohci.sys
  0x04523000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x04579000 \SystemRoot\system32\DRIVERS\usbfilter.sys
  0x04586000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x04598000 \SystemRoot\system32\drivers\wmiacpi.sys
  0x045A1000 \SystemRoot\system32\drivers\CompositeBus.sys
  0x045B1000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x045C7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x045EB000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x011CE000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x048C3000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x048DE000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x048FF000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x04919000 \SystemRoot\System32\Drivers\pcouffin.sys
  0x0492E000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0x0493D000 \SystemRoot\system32\drivers\mouclass.sys
  0x0494C000 \SystemRoot\system32\drivers\swenum.sys
  0x0494E000 \SystemRoot\system32\drivers\ks.sys
  0x04991000 \SystemRoot\system32\drivers\umbus.sys
  0x049A3000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0x04800000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x04815000 \SystemRoot\system32\drivers\AtihdW76.sys
  0x04830000 \SystemRoot\system32\drivers\portcls.sys
  0x0486D000 \SystemRoot\system32\drivers\drmk.sys
  0x0488F000 \SystemRoot\system32\drivers\ksthunk.sys
  0x05A05000 \SystemRoot\system32\drivers\RTKVHD64.sys
  0x05C62000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x05C70000 \SystemRoot\System32\Drivers\dump_diskdump.sys
  0x05C7A000 \SystemRoot\System32\Drivers\dump_amd_sata.sys
  0x05C92000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x00070000 \SystemRoot\System32\win32k.sys
  0x05CA5000 \SystemRoot\System32\drivers\Dxapi.sys
  0x05CB1000 \SystemRoot\system32\DRIVERS\usbccgp.sys
  0x05CCE000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0x05D0C000 \SystemRoot\system32\DRIVERS\hidusb.sys
  0x05D1A000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
  0x05D33000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0x05D3C000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
  0x05D57000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x05D65000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x05D72000 \SystemRoot\system32\DRIVERS\kbdhid.sys
  0x00560000 \SystemRoot\System32\TSDDD.dll
  0x00700000 \SystemRoot\System32\cdd.dll
  0x00890000 \SystemRoot\System32\ATMFD.DLL
  0x05D80000 \SystemRoot\system32\drivers\luafv.sys
  0x05DA3000 \SystemRoot\system32\drivers\aswMonFlt.sys
  0x05DC8000 \??\C:\Windows\system32\drivers\mbam.sys
  0x05DD2000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
  0x05DDD000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x04400000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x01917000 \SystemRoot\System32\Drivers\fastfat.SYS
  0x03A7E000 \SystemRoot\system32\drivers\HTTP.sys
  0x03B47000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x03B65000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x03B7D000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x03BAA000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x03A00000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x03A24000 \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
  0x03A56000 \SystemRoot\system32\drivers\aswHwid.sys
  0x03A60000 \SystemRoot\system32\drivers\npf.sys
  0x0660C000 \SystemRoot\system32\drivers\peauth.sys
  0x066B6000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
  0x06778000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
  0x067C6000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x03EAC000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x06E02000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x06E6B000 \SystemRoot\System32\DRIVERS\srv.sys
  0x06F03000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
  0x06F45000 \SystemRoot\system32\drivers\WudfPf.sys
  0x06F5E000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
  0x06F94000 \SystemRoot\system32\DRIVERS\asyncmac.sys
  0x06F0F000 \??\C:\Users\WAYNE\AppData\Local\Temp\aswMBR.sys
  0x77030000 \Windows\System32\ntdll.dll
  0x476C0000 \Windows\System32\smss.exe
  0xFF350000 \Windows\System32\apisetschema.dll
  0xFF730000 \Windows\System32\autochk.exe
  0xFF2C0000 \Windows\System32\difxapi.dll
  0xFF0B0000 \Windows\System32\ole32.dll
  0xFF080000 \Windows\System32\imm32.dll
  0xFEFE0000 \Windows\System32\clbcatq.dll
  0xFEEB0000 \Windows\System32\rpcrt4.dll
  0xFEDE0000 \Windows\System32\usp10.dll
  0xFEC00000 \Windows\System32\setupapi.dll
  0x77200000 \Windows\System32\psapi.dll
  0x771F0000 \Windows\System32\normaliz.dll
  0xFEB60000 \Windows\System32\msvcrt.dll
  0xFEB50000 \Windows\System32\nsi.dll
  0xFEB30000 \Windows\System32\sechost.dll
  0xFEA20000 \Windows\System32\msctf.dll
  0xFE980000 \Windows\System32\comdlg32.dll
  0x76F30000 \Windows\System32\user32.dll
  0xFE8A0000 \Windows\System32\oleaut32.dll
  0xFE820000 \Windows\System32\shlwapi.dll
  0xFE7B0000 \Windows\System32\gdi32.dll
  0xFDA20000 \Windows\System32\shell32.dll
  0xFDA10000 \Windows\System32\lpk.dll
  0xFD740000 \Windows\System32\iertutil.dll
  0xFD720000 \Windows\System32\imagehlp.dll
  0x76E10000 \Windows\System32\kernel32.dll
  0xFD640000 \Windows\System32\advapi32.dll
  0xFD3D0000 \Windows\System32\wininet.dll
  0xFD370000 \Windows\System32\Wldap32.dll
  0xFD1E0000 \Windows\System32\urlmon.dll
  0xFD190000 \Windows\System32\ws2_32.dll
  0xFD180000 \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
  0xFD170000 \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
  0xFD160000 \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
  0xFD140000 \Windows\System32\devobj.dll
  0xFD120000 \Windows\System32\userenv.dll
  0xFD0B0000 \Windows\System32\KernelBase.dll
  0xFD010000 \Windows\System32\comctl32.dll
  0xFD000000 \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
  0xFCFF0000 \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
  0xFCFB0000 \Windows\System32\wintrust.dll
  0xFCFA0000 \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
  0xFCF60000 \Windows\System32\cfgmgr32.dll
  0xFCDF0000 \Windows\System32\crypt32.dll
  0xFCDE0000 \Windows\System32\profapi.dll
  0xFCDD0000 \Windows\System32\msasn1.dll
  0x76C00000 \Windows\SysWOW64\normaliz.dll

Processes (total 84):
       0 System Idle Process
       4 System
     316 C:\Windows\System32\smss.exe
     460 csrss.exe
     536 csrss.exe
     544 C:\Windows\System32\wininit.exe
     584 C:\Windows\System32\winlogon.exe
     644 C:\Windows\System32\services.exe
     652 C:\Windows\System32\lsass.exe
     660 C:\Windows\System32\lsm.exe
     764 C:\Windows\System32\svchost.exe
     868 C:\Windows\System32\svchost.exe
     952 C:\Windows\System32\atiesrxx.exe
     996 C:\Windows\System32\svchost.exe
     116 C:\Windows\System32\svchost.exe
     356 C:\Windows\System32\svchost.exe
     480 C:\Windows\System32\svchost.exe
    1036 C:\Windows\System32\svchost.exe
    1156 C:\Windows\System32\svchost.exe
    1228 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    1356 C:\Windows\System32\atieclxx.exe
    1600 C:\Windows\System32\spoolsv.exe
    1644 C:\Windows\System32\svchost.exe
    1744 C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
    1784 C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
    1836 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    1924 C:\Program Files\Bonjour\mDNSResponder.exe
    1996 C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
    2028 C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    1312 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    2296 C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    2668 C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
    2772 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    2832 C:\Program Files (x86)\Secunia\PSI\sua.exe
    2288 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    2444 C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
    2632 C:\Windows\System32\svchost.exe
     816 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
     932 C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
    3096 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    3240 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    3916 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    1580 C:\Windows\System32\SearchIndexer.exe
    3212 C:\Windows\System32\svchost.exe
    2204 C:\Windows\System32\svchost.exe
    4156 WUDFHost.exe
    4732 C:\Windows\System32\taskhost.exe
    4952 C:\Windows\System32\dwm.exe
    4996 C:\Windows\explorer.exe
    2264 C:\Program Files\iTunes\iTunesHelper.exe
     916 C:\Program Files\VDownloader\VDownloader4.exe
    3532 C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    1452 C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
    2212 C:\Program Files\iPod\bin\iPodService.exe
    3720 C:\Program Files\AVAST Software\Avast\AvastUI.exe
    4564 C:\Program Files (x86)\Autorun Eater\oldmcdonald.exe
    4572 C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
    4764 C:\Program Files (x86)\Autorun Eater\billy.exe
    5116 C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    4804 C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
    1376 C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
    5076 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    4316 C:\Windows\System32\wbem\unsecapp.exe
    1284 WmiPrvSE.exe
    5772 C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
    4796 C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    5756 C:\Windows\System32\svchost.exe
    4896 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    4452 C:\Windows\System32\taskhost.exe
    3556 C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
    3520 C:\Windows\System32\svchost.exe
    4480 C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
    3420 C:\Windows\System32\VSSVC.exe
    2736 C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
    6504 C:\Windows\System32\taskeng.exe
    7072 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
    6652 C:\Windows\System32\SearchProtocolHost.exe
    4664 C:\Windows\System32\SearchFilterHost.exe
    7164 C:\Windows\System32\audiodg.exe
    1556 C:\Program Files\Windows Defender\MSASCui.exe
    5460 dllhost.exe
    5188 dllhost.exe
    2548 C:\Users\WAYNE\Desktop\MBRCheck.exe
    3376 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000  (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000091`eecd8200  (NTFS)
\\.\F: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000  (NTFS)
\\.\Q: -->  error 5

PhysicalDrive0 Model Number: WDCWD6400AAKS-65Z7B0, Rev: 01.03B01
PhysicalDrive1 Model Number: WD5000AAD External, Rev: 1.75

      Size  Device Name          MBR Status
  --------------------------------------------
    596 GB  \\.\PhysicalDrive0   Unknown MBR code
            SHA1: CB2ADA703438207237F9AFA0B5D511CC1CD35A24
    465 GB  \\.\PhysicalDrive1   RE: Windows XP MBR code detected
            SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!