My netbook does not have a dvd drive and it's infected so I wanted to re-install windows xp. Searching the web I found some people say that wintoflash was a good way to make the windows XP ISO bootable on a usb flash drive. Wow what a mistake. I downloaded wintoflash on this page http://wintoflash.com/download/en/ from this link ftp://wintoflash:YPNP4TVC@downloadserver1.wintoflash.com/distributions/Novicorp%20WinToFlash%200.7.0054%20beta.zip I extracted the "Novicorp WinToFlash 0.7.0054 beta.zip" file and ran WinToFlash.exe. It did some stuff to the usb flash drive and after finishing all my home pages were set to www.v9.com Googling this I see some say it is malware http://blog.teesupport.com/infected-by-th-v9-com-hijacker-virus-remove-th-v9-com-browser-hijacker-manually/ In the installer zip I see G:\Novicorp WinToFlash 0.7.0054 beta\ValueAdd\3rdParty\V9\v9wnf.exe.secure I posted in wintoflash forums what is v9wnf.exe.secure for? Of course no response. I can't even figure out the purpose of the home page. Apparently it is run by Beijing ELEX Technology Co.,Ltd. I emailed them as well but their response made no sense. There was an application installed that said w9.com or something. I uninstalled that. I was never prompted to have all of my home pages changed (IE, Chrome) I ran malware bytes scan but found nothing. But this just happened. Malwarebytes Anti-Malware Successfully blocked access to a potentially malicous website: 89.187.53.65 Type: outgoing Port: 13857, Process iexplore.exe So I ran DDS.COM and here are the files. attach.txt dds.txt