Infected Win 7 Dell Laptop

RussJK

Thanks for the new log. Still doesn't look right.

Run hijackthis, and check the box next to these two items and then press 'Fix Checked'
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Users\Tina\NPSAgent.exe
O20 - AppInit_DLLs:

whiskymincher

Sorry if garbled but trying to do this at work. hitmanpro fixed the issue along with other minor issues. Then ran tdskiller which found no issues. Could not run the aswmbr as link did not work. Have since re-installed malwarebytes and ran a scan with no issues and have posted above a hjt scan. Hope this helps and thanks for all of your efforts.

whiskymincher

Not cut anything out of HJT log. Have now fixed those two items. Not sure about teamviewer, I am doing this on the actual laptop

RussJK

whiskymincher wrote: »

Sorry if garbled but trying to do this at work. hitmanpro fixed the issue along with other minor issues. Then ran tdskiller which found no issues. Could not run the aswmbr as link did not work. Have since re-installed malwarebytes and ran a scan with no issues and have posted above a hjt scan. Hope this helps and thanks for all of your efforts.

Ah no worries, didn't know you were at work. The link to aswMBR should work now if there's no rootkit, can't think of any other reason it won't now:
http://public.avast.com/~gmerek/aswMBR.htm

Afterwards it wouldn't hurt doing a long scan with something like Kaspersky or Dr Web.
http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool
https://www.freedrweb.com/download+cureit/gr/?lng=en

Unforfortunately the TDL3 rootkits are nasty, so worth taking a bit of time to make sure it didn't leave anything behind to reassert itself.

Also, wouldn't hurt to leave Prevx 3.0 on for a few weeks as an early detection system. It's a manual scanner and realtime guard - doesn't cure malware in the free version with the exception of rootkits. Shouldn't slow things down noticeably.
http://www.prevx.com/freescan.asp