PDA

View Full Version : Win32/Adload/DA



jasonburnaby
2012-09-13, 15:17
Hello,

I have a warning message from Windows that I have the virus Win32/Adload/DA
So far I have noticed nothing out of the ordinary but Windows says it caused my computer to stop working two days.

I have run TDSSKiller, OTL, Hitman and aswMBR. Sorry, I only have the log for the last one. I'll paste it below. I also ran the boot-time scan from my Avast antivirus. None of these programs have found any infections.

I was going to run ComboFix but with the warnings to not do this without supervision I figured I'd better get some help. I'd greatly appreciate it if someone can help me with this.

Here is the log from aswMBR. The strange thing is it doesn't say anywhere scan completed. I was away while it was running and when I came back it had finished but there was no message summing up the results.


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-12 21:31:36
-----------------------------
21:31:36.356 OS Version: Windows 6.1.7601 Service Pack 1
21:31:36.356 Number of processors: 2 586 0x1C02
21:31:36.363 ComputerName: JASON-PC UserName: Jason
21:31:40.017 Initialize success
21:31:41.803 AVAST engine defs: 12091201
21:31:56.739 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:31:56.764 Disk 0 Vendor: Hitachi_HTS545025B9A300 PB2OC60N Size: 238475MB BusType: 3
21:31:56.810 Disk 0 MBR read successfully
21:31:56.825 Disk 0 MBR scan
21:31:56.850 Disk 0 Windows 7 default MBR code
21:31:56.876 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 102400 MB offset 2048
21:31:56.927 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 125815 MB offset 209717248
21:31:56.980 Disk 0 Partition 3 00 1B Hidd FAT32 MSDOS5.0 10240 MB offset 467386368
21:31:57.015 Disk 0 Partition 4 00 EF EFI FAT A1451 16 MB offset 488357888
21:31:57.091 Disk 0 scanning sectors +488392065
21:31:57.218 Disk 0 scanning C:\windows\system32\drivers
21:32:22.813 Service scanning
21:33:09.460 Modules scanning
21:33:24.959 Disk 0 trace - called modules:
21:33:25.040 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
21:33:25.074 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a2f4b0]
21:33:25.110 3 CLASSPNP.SYS[88db159e] -> nt!IofCallDriver -> [0x855768e8]
21:33:25.152 5 ACPI.sys[888c23d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8594a030]
21:33:26.191 AVAST engine scan C:\windows
21:33:30.643 AVAST engine scan C:\windows\system32
21:38:47.618 AVAST engine scan C:\windows\system32\drivers
21:39:10.448 AVAST engine scan C:\Users\Jason
21:46:51.046 Disk 0 MBR has been saved successfully to "C:\Users\Jason\Desktop\MBR.dat"
21:46:51.106 The log file has been saved successfully to "C:\Users\Jason\Desktop\aswMBR.txt"

tashi
2012-09-13, 17:45
Hello jasonburnaby,



I have run TDSSKiller, OTL, Hitman and aswMBR. Sorry, I only have the log for the last one. I'll paste it below.

So that everyone is on the same track please see the FAQ which includes guidelines for this forum and instructions in post #2 on how to provide the preliminary DDS/aswMBR logs used for analysis. :)

"BEFORE You POST"(Please read this Procedure Before Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

Then start a new topic providing the logs as shown in that sticky and a link back to this thread. A volunteer analyst will advise when available.

Best regards.