system
1
Hi,
I was infected with Malware-Gen yesterday after clicking an exe I shouldn’t have. Machine is Windows 8. After realizing what I did, within 20 seconds or so, I hard shutoff the machine + disconnected it from the internet before turning it back on.
I briefly reconnected internet to download AVAST and scanned the drive, which identified Malware-Gen in an Application Data/ folder. I then followed some of the online guides off my iPad: TDSSKILLER (didn’t find anything), Combofix (found a couple registry entries and a C:\Install.exe), Malwarebytes Anti-Malware (didn’t find anything), RogueKiller (a couple registry and tcp/ip entries), HitmanPro (didn’t find anything), Emsioft Emergeny Kit (nothing), Eset Online Scanner (nothing), AdwCleaner (nothing). I’ve also rerun Avast, Malwarebyes, and Windows Defender through full scans without finding anything, so I don’t think the trojan got too far.
I did generate an OTL log (attached). Greatly appreciated if someone could see if it looks clean.
Side note: CREATERESTOREPOINT was run in OTL, but I didn’t see the restore point in the windows system restore points. Is this a different restore point and, if so, how do I delete it?
Thanks!
[Edit: Removing log file attachment since issues resolved]
Nothing apparent there, how is the computer behaving ?
system
3
Nothing out-of-the-ordinary that I can tell, even right after double clicking the exe yesterday. Hopefully I caught it early enough before it fully rooted… I did not notice any .dll affected in the earlier tool logs either. Admittedly, I’m a little surprised Windows Defender or UAC didn’t complain at any point. For reference, I mostly followed http://malwaretips.com/blogs/remove-win32malware-gen/.
Should I be running “Cleanup” in OTL before deleting otl.exe?
Thanks again! I was reading through some of your earlier posts for others while I was cleaning things yesterday, and they were very helpful.
That link is a bit of an overkill for what is usually a bundled software problem. However, it does confirm a squeaky clean system 
To remove OTL and its associated folders run it and press the cleanup button. This should also remove combofix
system
5
Maybe I spoke too soon- Hitman Pro detected something today (Gen.Trojan.Heur!IK). Log attached. Though, maybe a false positive? Time coincides with when I ran AdwCleaner.
Yep that has locked onto AdwCleaner and is a false positive