In order to analyze your system, please download the System Information Collector (SIC) tool that is closest to your current location and execute it on the machine where you encounter malware-related issues. The SIC tool automatically collects information about your system. . http://www.trendmicro.com/download/sic.asp or . For Global users: o http://www.trendmicro.com/ftp/products/sic/Sic33_global.zip . ;For APAC users: o http://www.trendmicro.com/ftp/products/sic/Sic-3.3_APAC.zip . For US, EMEA, and Japan users: o http://www.trendmicro.com/ftp/products/sic/Sic-3.3_US_EMEA_Japan.zip Here are the instructions on how to use the tool: . 1. Boot in Normal mode. Otherwise, use Safe-mode. . 2. Log on to the suspected machine as a local admin user or equivalent. . 3. Close all other open applications. . 4. Use WinZip to the extract the tool's contents to a temporary folder, e.g., C:\SIC. . The following files should be extracted: o SICWin.exe o SICBASE.DAT o tmrshlp.sys o SIC.CONF o tmufeng.dll . 5. Double-click the SICWin.exe file and accept the End User License Agreement (EULA). . 6. When the SIC window appears, click Analyze to initiate system information collection. . 7. Click No when asked to view the log. . 8. Click Retrieve Files to gather samples of uncleaned or suspected files. . 9. Click on the Compress and Retrieve Files button. o (Note: the masked password (***) is "virus". Do not cha nge it.) . 10. Click Done after the compression is complete. . 11. Click Send files to TrendLab to send copies of the suspected files to the Trend FTP server. o (Note: Sample submission using the Send files to TrendLab button is an automated process and no reply will be sent.) . 12. Open the Temporary folder to which the SIC files were extracted. . 13. Go to the SICLOG subfolder, verify that the files SICLOG.txt and SUSPECT.log exist. Archive the subfolder and password-protect it with "novirus". . 14. Return to the main SIC folder and find the SUSPECT.zip file.