Now rescan again with MBAM but this time perform a Full Scan
in normal mode and check all items found for removal. Don't forgot to check for database updates
through the program's interface (preferable way
) before scanning and to reboot afterwards. Failure to reboot normally
(not into safe mode) will prevent MBAM from removing all the malware. When done, click the Logs
tab and copy/paste the contents of the new report in your next reply.
The System32 folder opens at startup because of a corrupt registry value. The value could have been corrupted for a number of reasons to include malware or installing/uninstalling a program which did not install/uninstall itself properly.
Click on the link below:http://www.kellys-korner-xp.com/xp_tweaks.htm
Scroll down to #260 and click "System32 Folder Opens Upon Boot" in the right column. You will be prompted to download xp_systems32opens.vbs
. Save the file to your desktop and double-click on it to run the script. Since the script modifies certain registry settings you may receive an alert from your anti-virus or any script blocking program. Ignore the warning and allow it to continue.
The problem could also be caused by empty run entries in your startup shortcuts which will open the system32 folder. Check the startup run registry entries with AutoRuns
and remove those entries. See System32 Folder Opens When Logging on to Windows
This step involves making changes in the registry. Always back up your registry before making any changes
. If you are not familiar with working in the registry, then you should NOT attempt to make any changes on your own. ERUNT
is an excellent free tool that allows you to to take a snapshot (backup) of your registry before making changes and restore it when needed.