Most likely you will never use it, but it is a good precaution to install it on machines that don't already have it.
How come you have already run Combofix 5 times Please attach here:
C:\ComboFix-quarantined-files.txt
I also noticed you started working on this problem the 26th of last month. Are you receiving help on another forum? If so we need to know so that our instructions don't conflict with each other.
----------------------------------------------------------------
Run CFScript
Open
notepad and copy/paste the text in the code box below into it:
NOTE* make sure to only highlight and copy what is inside the quote box nothing out side of it.
Also ..
Pay particular attention to this :-
Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)
File::
F:\krag.exe
F:\noteped.exe
F:\Recycled/dllcache32.exe
F:\3bqqnkd.bat
G:\3bqqnkd.bat
H:\3bqqnkd.bat
H:\SSCVIHOST.exe
C:\Windows\System32\bar311.exe
C:\Windows\System32\3bqqnkd.bat
C:\Windows\System32\tomskype.exe
C:\Windows\System32\krag.exe
C:\Windows\System32\SilentSoftech.exe
C:\WINDOWS\system32\affv208325p1now.sys
Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{398dc92a-203d-11d7-8bac-00142a22f1fe}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{572e273d-1dda-11d7-8b46-00142a22f1fe}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76384f64-2e9f-11dd-8bda-00142a22f1fe}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77604434-37b2-11dd-8bec-00142a22f1fe}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78c81cac-26d7-11dd-8bc5-00142a22f1fe}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c2ef5a7-d889-11dc-8b24-00142a22f1fe}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9abfae3e-2695-11dd-8bc3-00142a22f1fe}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a54f4fce-14c7-11dd-8b98-00142a22f1fe}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a54f4fcf-14c7-11dd-8b98-00142a22f1fe}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af91a0cc-1d74-11d7-8b44-00142a22f1fe}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee6f3930-21b6-11d7-8bb7-00142a22f1fe}]
Save this as
CFScript.txt
Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a fresh HJT log.