Possibly infected [FIXED]

Welp I just finished finding out that just simply opening an email could infect your machine if there is a malicious script :'(. So now I’m here because I might have just done that. I opened an email sent by a friend to see that the only thing there was a link and the message “Hey”. I got no alerts and the scans from both Hitman Pro 64 (EWS) an MBAM (full scan) have shown negative so should I still be worried or did I just dodge a bullet :-?

Fox.

Sorry I couldn’t help you any further on the other thread.
See this for more and better qualified assistance http://forum.avast.com/index.php?topic=53253.0
Be patient as the malware experts are assisting other users. :slight_smile:

Will attach the MBAM log.

Will attach the OTL log soon. Cannot do the ASWmbr due to the fact it bluescreens my computer.

try run aswMBR from safe mode… and dont forget AdwCleaner

Here is the OTL log. I’m slightly concerned when I looked at the “Recently changed”.

Looks clean, the majority of the time you need to click the link to get to the infected site, no visit no harm :slight_smile:

Thanks again essex. What is bootsat.dat? I saw that was changed 8 minutes before I downloaded OTL. I’m thinking it was me changing the block all inbound and outbound connections.

Hi YellowFox,

Think you omitted the t there, file is bootstat.dat I guess: http://www.bleepingcomputer.com/filedb/bootstat.dat-13.html
Re: http://support.microsoft.com/kb/309481/en-us
Here you find all of the information you’d like yo have on this: http://www.geoffchappell.com/notes/windows/boot/bsd.htm
link source author = Geoff Chappell - All rights reserved -

polonus

Thanks Polonus. Hey do you or Essexboy know where I could learn about Malware finding / removal? I want to someday be able to do the same thing you two do.

Fox.

It just so happens that I do :slight_smile: The instructors there are absolutely brilliant ;D 8)
http://www.geekstogo.com/geeku/

Run OTL and press the cleanup button to remove it

Hi YellowFox,

Now you have heard it from the horse’s mouth. Yes, my friend, you were in direct contact which such an instructor in this thread.
And the name is essexboy and another one here is oldman (also attached to these here forums and G2G).
You are in the best of hands and extremely lucky to have these qualified removal instructors on the other side of your screen.
I can only help out towards better website security scanning together with
our good forum friend, !Donovan, a “master of all arms on script”.
We have a top forum here, avast! thank you for having us…

polonus