Question Possible infection. Should I reset or not?

[hnsp18128]

Greetings to all,

under pressure I made a mistake. I opened an executable file, which I needed urgently, downloaded from an untrusted source and checked it beforehand only with Avira. Once started, it interacted with WerFault.exe.
Uploaded to Virustotal, 7 out of 70 providers indicated it as a Trojan or generic malware:
AliCloud -Trojan[spy]:Win/Zbot.AMW
Bkav Pro -W32.AIDetectMalware
Cylance -Unsafe
Google -Detected
Ikarus -Gen.Codenox
Jiangmin -Trojan/Refroso.aazt
Trapmine -Malicious.high.ml.score

I subsequently performed disk scans with 4 different programs (Avira, ESET, Kaspersky and Malwarebytes) and none of them reported anything.
OS: Windows 11.
I would still proceed with a reset. Is this an excessive countermeasure? Is there a more targeted and decisive check that I can perform quickly?

Thank you in advance

 

[punkncat]

WerFault is a Windows process which reports errors.

If you are already using an AV solution, does it show anything under detected or quarantine and so on? Defender has options for an online scan and an offline scan.

Have you seen anything strange working under processes in Task Manager?

 

[USAFRet]

Since you're asking the question, the system is still in question, in your mind.

No matter what we say out here...it will always be questionable. To you.

Me personally, I would recover from the Full+Incremental backup from a couple of days ago.
Lacking that....a full wipe and reinstall is warranted.

 

[punkncat]

Good point @USAFRet

 

[rgd1101]

under pressure? why? to do what?

 

[USAFRet]

And, I recently had almost exactly the same situation.

I wanted to try a different ISO creation tool.
(silly me)

Found one, started the install. It asked to install a bunch of other gunk.
I specifically clicked NO on all of them.

It installed them anyway.

It was far faster, for me, to simply recover the OS drive from the overnight backup, than to try to eradicate all of that junk.

But thats just me.