Sorry, I didn't have access to the infected computer yesterday, but I've done what you said now. Combifix deleted several files, and control panel is now available again (yay) updated java, but I haven't been able to verify it yet, as I haven't been allowed to reconnect to the internet on that computer... also ran hjt, and the logs are attached.
Notes:
* Kaspersky kept flagging combofix.exe as infected with Heur.Invader(modification), don't know why...
* when the computer restarted during combofix, it complained of not being able to find C:\WINDOWS\system32\ndaTqsVqrX.dll, one of the files that combofix removed.
* Combofix also deleted some of kasperky's files.
Reply With Quote