MBR still states that the Stealth MBR rootkit/Mebroot/Sinowal/TDL4 is still there. Links seem okay when doing a search result. Am unable to turn on windows defender. Here is the Rkill results:
Rkill 2.3.3 by Lawrence Abrams (Grinler)
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
Program started at: 08/24/2012 09:14:37 AM in x64 mode.
Windows Version: Windows Vista Home Premium Service Pack 2
Checking for Windows services to stop.
* No malware services found to stop.
Checking for processes to terminate.
* No malware processes found to kill.
Checking Registry for malware related settings.
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\.com "@" has been changed to ComFile!
* HKLM\Software\Classes\.com "@" was reset to comfile!
Performing miscellaneous checks.
* Windows Defender Disabled
"DisableAntiSpyware" = dword:00000001
Checking Windows Service Integrity:
* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual
* msiserver => %systemroot%\system32\msiexec.exe /V [Incorrect ImagePath]
* atapi => \SystemRoot\system32\drivers\atapi.sys [Incorrect ImagePath]
Searching for Missing Digital Signatures:
* No issues found.
Program finished at: 08/24/2012 09:14:52 AM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)