I have read several posts and noticed that the solutions are specific to each case. I would appreciate it if someone could take a look at my FRST logs and see if they can help me solve this issue. Thanks
Here is the log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
Ran by SYSTEM on MININT-FN5TKOI (28-01-2016 10:22:58)
Running from h:\
Platform: Windows 7 Home Premium (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [318464 2009-05-14] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2009-10-20] (IDT, Inc.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-08-25] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-12-05] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1276733934\ee\AOLSoftware.exe [41800 2010-02-10] (AOL Inc.)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-05-20] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [935288 2009-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1573576 2012-12-10] (Ask)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542104 2012-12-11] (Lavasoft)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3780008 2015-10-30] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2573712 2015-12-20] ()
HKLM-x32\...\Run: [Ad-Aware Antivirus] => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe
HKLM-x32\...\Run: [InboxAce_1g Browser Plugin Loader 64] => C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [723904 2015-11-10] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Admin\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-06-16] (Hewlett-Packard Company)
HKU\Admin\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [143360 2006-12-23] (Nero AG)
HKU\Admin\...\Run: [HP Photosmart 5510d series (NET)] => C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe [2676584 2011-08-16] (Hewlett-Packard Co.)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk [2016-01-13]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5510d series (Network).lnk -> C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2013-11-09]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236968 2012-12-14] (Lavasoft Limited)
S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3642280 2015-10-30] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-10-30] (AVG Technologies CZ, s.r.o.)
S2 DvmMDES; C:\SPLASH.SYS\config\DVMExportService.exe [323584 2009-07-08] (DeviceVM, Inc.)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-12-02] (McAfee, Inc.)
S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-11-10] (McAfee, Inc.)
S2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)
S2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)
S2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [262144 2006-12-23] (Nero AG)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
S2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\STacSV64.exe [240640 2009-10-20] (IDT, Inc.)
S2 vToolbarUpdater19.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.1.0\ToolbarUpdater.exe [1864592 2015-12-20] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 0020471450628012mcinstcleanup; C:\Windows\TEMP\002047~1.EXE -cleanup -nolog [X]
S2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [X]
S2 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.8.190.0\McCSPServiceHost.exe" [X]
S2 MpfService; "C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-10-19] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)
S1 DVMIO; C:\SPLASH.SYS\config\dvmio.sys [21624 2009-09-27] (DeviceVM, Inc.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2012-12-30] (GFI Software)
S3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.)
S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-12-02] (McAfee, Inc.)
S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)
S1 NEOFLTR_710_19525; C:\Windows\system32\Drivers\NEOFLTR_710_19525.SYS [99152 2011-10-11] (Juniper Networks)
S3 PTDUBus; C:\Windows\System32\DRIVERS\PTDUBus.sys [70672 2009-08-12] (DEVGURU Co., LTD.)
S3 PTDUMdm; C:\Windows\System32\DRIVERS\PTDUMdm.sys [173456 2009-08-12] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 PTDUVsp; C:\Windows\System32\DRIVERS\PTDUVsp.sys [173456 2009-08-12] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 PTDUWFLT; C:\Windows\System32\DRIVERS\PTDUWFLT.sys [12688 2009-08-12] (DEVGURU Co., LTD.)
S3 PTDUWWAN; C:\Windows\System32\DRIVERS\PTDUWWAN.sys [141840 2009-08-12] (DEVGURU Co., LTD.)
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2010-05-14] (support.com, Inc)
S4 eabfiltr; no ImagePath
S3 RTSTOR; system32\drivers\RTSTOR.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-28 10:09 - 2016-01-28 10:09 - 00000000 ____D C:\Windows\System32\config\HiveBackup
2016-01-28 09:57 - 2016-01-28 10:22 - 00000000 ____D C:\FRST
2016-01-28 09:13 - 2016-01-28 09:13 - 00000000 ____D C:\Windows\Microsoft Antimalware
2016-01-13 19:24 - 2016-01-13 19:24 - 00000000 __SHD C:\found.001
2016-01-08 12:24 - 2016-01-09 15:00 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForAdmin.job
2016-01-08 12:24 - 2016-01-08 12:24 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAdmin
2016-01-08 12:22 - 2016-01-09 15:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-08 11:49 - 2016-01-28 07:15 - 01357678 _____ C:\Windows\ntbtlog.txt
2016-01-01 06:49 - 2015-10-08 15:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\System32\nlsbres.dll
2016-01-01 06:49 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-01-01 06:49 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\kbdgeoqw.dll
2016-01-01 06:49 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDAZEL.DLL
2016-01-01 06:49 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDAZE.DLL
2016-01-01 06:49 - 2015-10-08 15:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-01-01 06:49 - 2015-10-08 15:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-01-01 06:49 - 2015-10-08 15:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-01-01 06:49 - 2015-10-08 11:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2016-01-01 06:49 - 2015-10-08 10:52 - 00419928 _____ C:\Windows\System32\locale.nls
2015-12-31 14:54 - 2015-12-31 14:54 - 00002191 _____ C:\Users\Admin\Desktop\HP Support Assistant.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-28 07:12 - 2009-07-13 20:45 - 00344608 _____ C:\Windows\System32\FNTCACHE.DAT
2016-01-28 05:57 - 2010-05-05 08:43 - 00000177 ____H C:\dvmexp.idx
2016-01-28 05:52 - 2012-12-30 07:50 - 00000000 ____D C:\ProgramData\MFAData
2016-01-13 16:01 - 2009-07-13 20:45 - 00026192 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-13 16:01 - 2009-07-13 20:45 - 00026192 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-13 16:00 - 2015-07-14 15:46 - 00000402 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2016-01-13 15:53 - 2009-07-13 21:13 - 00782510 _____ C:\Windows\System32\PerfStringBackup.INI
2016-01-13 15:53 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2016-01-13 15:48 - 2015-05-04 14:42 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-13 15:48 - 2012-12-30 08:11 - 00001828 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2016-01-13 15:48 - 2012-12-30 08:11 - 00001828 _____ C:\ProgramData\Desktop\Ad-Aware Antivirus.lnk
2016-01-13 15:48 - 2010-06-09 08:52 - 00000192 _____ C:\ProgramData\HPWALog.txt
2016-01-13 15:47 - 2013-06-09 06:35 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2016-01-13 15:47 - 2013-06-04 14:44 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2016-01-13 15:47 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-12 16:36 - 2012-04-09 16:18 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-12 16:17 - 2015-05-04 14:42 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-12 16:00 - 2012-12-30 07:48 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2016-01-10 15:20 - 2010-06-09 08:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\HpUpdate
2016-01-10 07:01 - 2010-06-09 08:31 - 00000000 ____D C:\users\Admin
2016-01-09 15:00 - 2012-05-14 14:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-08 12:36 - 2012-04-09 16:18 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-08 12:36 - 2012-04-09 16:18 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-08 12:36 - 2012-01-01 15:28 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-08 12:24 - 2010-06-09 08:31 - 00000000 ____D C:\Users\Admin\AppData\Local\Hewlett-Packard
2016-01-05 16:18 - 2015-12-05 10:18 - 00003218 _____ C:\Windows\System32\Tasks\HPCeeScheduleForADMIN-PC$
2016-01-05 16:18 - 2015-12-05 10:18 - 00000342 _____ C:\Windows\Tasks\HPCeeScheduleForADMIN-PC$.job
2016-01-03 15:38 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2016-01-03 15:05 - 2010-05-05 08:36 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2016-01-03 15:05 - 2009-12-05 10:20 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-12-31 14:54 - 2010-06-09 08:31 - 00000000 ___RD C:\Users\Admin\Desktop
2015-12-31 14:54 - 2009-12-05 09:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-31 14:53 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Help
2015-12-31 14:41 - 2013-01-06 06:53 - 00000000 __SHD C:\Config.Msi
2015-12-31 14:41 - 2010-06-09 08:51 - 00085824 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-31 14:41 - 2009-12-05 09:15 - 00000000 __SHD C:\Windows\Installer
2015-12-31 14:41 - 2009-12-05 09:12 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-12-31 14:40 - 2009-07-13 19:20 - 00000000 __RSD C:\Windows\assembly
2015-12-31 14:32 - 2009-09-06 16:40 - 00000000 ____D C:\SwSetup
2015-12-31 13:55 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\config\RegBack
Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\Admin\AppData\Local\Temp\JuniperSetupClientInstaller.exe
C:\Users\Admin\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Admin\AppData\Local\Temp\xdalwhza.dll
==================== Known DLLs (Whitelisted) =========================
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2015-12-14 16:17] - [2015-11-10 10:55] - 1008640 ____A (Microsoft Corporation) 06BF84D26A05D400F6B3FB3D3DE0B03A
C:\Windows\SysWOW64\User32.dll
[2015-12-14 16:17] - [2015-11-10 10:37] - 0833024 ____A (Microsoft Corporation) 0A78439765E31510D75C9E2284F3A722
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE Association (Whitelisted) =============
==================== Restore Points =========================
==================== Memory info ===========================
Percentage of memory in use: 19%
Total physical RAM: 3894.79 MB
Available physical RAM: 3138.91 MB
Total Virtual: 3892.94 MB
Available Virtual: 3127.39 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:279.03 GB) (Free:200.25 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (RECOVERY) (Fixed) (Total:18.76 GB) (Free:3.02 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive h: (WIN7INSTALL) (Removable) (Total:3.66 GB) (Free:1.32 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.15 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: F8071B56)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=279 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 3.7 GB) (Disk ID: 00000000)
Partition: GPT.
LastRegBack: 2015-12-26 12:06
==================== End of FRST.txt ============================