help with malware iswizard

My avast keeps having a trojan notification appearing and I can’t get rid of the file.

C:\User\Name\AppData\Local\Temp\iswizard folder
wuaudit.exe Win32:BitCoinMiner-CA[Trj]

Then while getting the logs, Malwarebytes Anti-Malware keeps having another notification then appears at the same time as the avast notification

Same folder as the above
dwm.exe Trojan.BitcoinMiner

Help please

log :slight_smile:

Hi Ephel

Re-run OTL.exe.

[*]Copy and paste the following text written inside of the quote box into the Custom Scans/Fixes box.



:OTL
O4 - HKU\S-1-5-21-2361354324-3285132098-4036411114-1001..\Run: [tsiVideo] C:\Users\Ephel\AppData\Local\Temp\tsiVi032.dll ()

:commands
[CREATERESTOREPOINT]
[emptytemp]


[*]Then click the Run Fix button at the top.
[*]Let the program run unhindered; it will reboot the system when it is done and open notepad with logreport. Attach here that logreport.

If the log doesn’t appear, it can be found here:

c:_OTL\MovedFiles\mmddyyyy_hhmmss.log

.

thanks :slight_smile:

here the log!

How is your computer behaving now?

Fine!

thank you very much!

Please download DelFix by “Xplode” to your Desktop.

Run the tool and check the following boxes below;

[] Remove disinfection tools
[
] Create registry backup
[*] Purge System Restore

Now click on “Run” button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt

I don’t need DelFix log report.

I recommended to use MCShield if you will.
You may download MCShield from one of the following links:

MyCity - Official download link
Softpedija - Mirror download link

It will prevent infection by computer via USB flash drive, mobile phone or any other memory card.
And not only will prevent infection, but it will immediately clean flash drive, memory card or external HDD.

Hy guys, i’m having the same problem, could you help me? I put the log of OTL program, thanks.

Re-run OTL.exe.

[*]Copy and paste the following text written inside of the quote box into the Custom Scans/Fixes box.



:OTL
O4 - HKU\S-1-5-21-606747145-1563985344-1177238915-500..\Run: [tsiVideo] C:\Documents and Settings\Administrador\Configurações locais\Temp\tsiVi132.dll ()

:commands
[CREATERESTOREPOINT]
[emptytemp]


[*]Then click the Run Fix button at the top.
[*]Let the program run unhindered; it will reboot the system when it is done and open notepad with logreport. Attach here that logreport.[/list]

If the log doesn’t appear, it can be found here:

c:_OTL\MovedFiles\mmddyyyy_hhmmss.log

[b]

************* Next *****************[/b]

Please download zoek.zip or zoek.rar by smeenk (
http://www.mcshield.net/personal/magna86/Images/Zoek_icon.png
) from here or here and save it to your Desktop.
Unpack the archive…
[list]
[*]Close any open browsers
[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.

[*]Double click on zoek.exe to run the tool .
Please wait while the tool does not start…

[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:

filesrcm;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;

[*] Click on
http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png
button.
Please wait until a logreport will open (this can be after reboot)

[*]Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named “zoek-results.log

I did those steps and these r the reports.

And now? Done?

[*]Close any open browsers
[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.

[*]Double click on zoek.exe to run the tool .
Please wait while the tool does not start…

[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:

bbjciahceamgodcoidkjpchnokgfpphh;ff
C:\DOCUME~1\ADMINI~1\CONFIG~1\DADOSD~1\funmoods.crx;chr
{0633EE93-D776-472f-A0FF-E1416B8B2E3A};c
emptyalltemp;
autoclean;
emptyclsid;
ipconfig /flushdns >> %temp%\log.txt;b

[*] Click on
http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png
button.
Please wait until a logreport will open (this can be after reboot)

[*]Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named “zoek-results.log

I did that…and this is the result.

Thank u for ur help!

Please download DelFix by “Xplode” to your Desktop.

Run the tool and check the following boxes below;

[] Remove disinfection tools
[
] Create registry backup
[*] Purge System Restore

Now click on “Run” button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt

I don’t need DelFix log report.

Tks for all your help man!!! my pc is good again!!! thanks