Hi!
I got the new malware.j and can't remove it! I've tried quarantining, deleting, and cleaning it but it won't work. My mcafee says that it is located in the svchost.exe

Thanks in advance!

Hya Em2035 , welcome to PCHF.


That should be fixed in no time.


Boot youre pc in safemode (hit f8 when booting up).


Click Start>Run and type in: services.msc
Click OK
In the Services window find:

Network DDE DSMA

Select/highlight and right click the entry, and choose: Properties
On the General tab, under Service Status click the Stop button
Beside: Startup Type, in the drop menu, select: Disabled
Click Apply, then OK
Open HJT and click config > misc tools > “delete an NT service”
Copy and past:

NetDDEdsma

Click OK.


Then fix these entry's with hjt:

And manually delete the file in bold.
(watchout , dont delete the svchost.exe from the system32 folder , only from the windows folder)

When done , post a new hjt log to check please.

Thanks! I'm pretty sure it worked..
Two things.... in hjt, i couldnt find "O23 - Service: Network DDE DSMA (NetDDEdsma)" to delete.
Also, when i went to delete manually delete svchost.exe, couldnt find one in the windows folder just the system 32 and this,
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0 c41f4dfdb4d3cc228a4f819

Thats ok , that was removed by the first part of the instructions. And youre log is clean now.


Have a look again but set hidden files and folders to show first:

1. On the Tools menu in Windows Explorer, click Folder Options.
2. Click the View tab.
3. Under Hidden files and folders, click Show hidden files and folders.
4. If you see a warning message, click Yes.
5. Click Apply.
6. Click OK.