iswizard is a virus?

Hi,

my laptop getting lag since a week ago, i have observe the process in windows task manager
and found a program that almost used up the cpu which named dwm.exe with description dwm
i search the process at computer and found the file is under the section C:\Users\User\AppData\Local\Temp\iswizard05
i tried to perform the system restore back into half month before the windows get lag
so i wanna to ask is the iswizard is completely removed or any further action is needed to investigate?

Thanks and sorry for bad english.

Please attach your logs. (MBAM, OTL and aswMBR…!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0

Monitoring…

Attachment

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

attachments

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.

[*]Click on the Scan button.
[*]After the scan has finished click on the Clean button.

Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.

[*]After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
[*]Post logfile will also be saved in the C:\AdwCleaner folder.

Then…

Please download TFC by OldTimer to your desktop

[*]Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
[*]It will close all programs when run, so make sure you have saved all your work before you begin.
[*]Click the Start button to begin the process. Depending on how often you clean temp
files, execution time should be anywhere from a few seconds to a minute
or two. Let it run uninterrupted to completion.
[*]Once it’s finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

========================================================

How are the things now?

After all the process is carry out, its going smooth and okay now
Thanks for the help =)
If the problem still occur, I will update the post as soon as possible.

Thanks.

Update

After running the TFC.exe, it generates 2 files which is hidden files same named desktop.ini
Is that okay for me to delete it or just leave it?

Yes, you can :slight_smile:

Thanks for the helping =)

Please download DelFix by “Xplode” to your Desktop.

Run the tool and check the following boxes below;

[] Remove disinfection tools
[
] Create registry backup
[*] Purge System Restore

Now click on “Run” button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt

I don’t need DelFix log report.

Helo! I am having the same problem but the antivirus detected it as win32 dropper-gen drp, what can I do to remove it? I have run the avast antivirus at the startup but it does not work

thanks

Start your own topic and attach the requested logs from this guide http://forum.avast.com/index.php?topic=53253.0
Malwarebytes / OTL / aswMBR