my computer has been infected with the newmalware.j virus. i think i have it cleaned only to find it has returned the next day. i followed the instructions and ran ewido and hijack this. here are my logs and any help would be greatly appreciated. thanks also a 16 bit dos prompt keeps poping up and seems to be trying to run a program over and over. very annoying it starts as
dos prompt labeled c:/windows/temp/h91746.exe then a window pops up saying the NTVDM CPU has encountered an illegal instruction.
CS>0db3 IP:01d4 OP:63 63 65 2f 31 chose close to terminate the application. with option to close or ignore.

Hi there and welcome to the forum.

I have edited your post as we do not accept pasted logs. All logs must be submitted as attachments, thank you.

One of the Security Team will look at your logs shortly.

Hi there Amilfor.

Let's see if we can get rid of that.


Download Smitrem to your desktop:
http://noahdfear.geekstogo.com/click...click.php?id=1

Run the installer and then press Start to Extract the files to the desktop, Do not run it yet.


Reboot into safe mode.
(hit f8 when booting up)

Then fix these with hijackthis:

And manually delete the file in bold.


Now run SmitRem:

Open the SmitRem folder and double click the "RunThis.bat"
file to start the tool , Follow the prompts on screen. Wait for the tool to complete and disk cleanup to finish.

The tool will create a log named smitfiles.txt in the root of the drive that you ran the batch file on, eg; Local Disk C: or partition where your operating system is installed. Please attach this log to your next reply.




You will need to reload your wallpaper as the SmitRem
tool will reset it, you can do this by right clicking
desktop and choosing properties, First check Theme and
set it to Windows XP then click the Desktop tab and
choose the one you want to use and press apply.


When done please post a new , and full hjt log , there seems to be a part cut off of this one , and out of normal mode instead of safemode. Also post the smitrem log.

Also it seems you have no AV and no firewall , have a look in our download section for some free ones. You really should have those to be better protected from things like this.

Yup , the trojan is gone. And for the smitrem log , have a look for it at C:\smitfiles.txt. But it looks like you are clean so it isn't really importend if it isn't there.

Do you still have any problems?

no more problems. thanks for the help. donations headed your way

Thats great to hear. And thanks alot for helping keeping the site up , much apreciated.


Marked as Fixed , and you know where to find us if you need us again.