-
Are these Ok?
// info: Rootkit removal help file
// copyright: (c) 2008-2013 Safer-Networking Ltd. All rights reserved.
:: RootAlyzer Results
File:"Unknown ADS","C:\ProgramData:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\All Users:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Altyran:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Public\Pictures\desktop.ini:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Public\Documents\desktop.ini:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Altyran\Application Data:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Altyran\Cookies:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Altyran\Local Settings:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Altyran\Templates:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Altyran\Documents\desktop.ini:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Altyran\Desktop\desktop.ini:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Altyran\AppData\Local:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Altyran\AppData\Roaming:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Altyran\AppData\Roaming\Microsoft\Windows\Cookies:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Altyran\AppData\Roaming\Microsoft\Windows\Templates:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Altyran\AppData\Roaming\Microsoft\Windows\Recent\desktop.ini:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Altyran\AppData\Local\Application Data:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Altyran\AppData\Local\History:gs5sys:$DATA"
File:"Unknown ADS","C:\Users\Altyran\AppData\Local\Microsoft\Windows\History:gs5sys:$DATA"
File:"Unknown ADS","C:\ProgramData\Application Data:gs5sys:$DATA"
I have no idea what most of these mean. =(
-
Hello Altyran,
How is the computer running?
In order for someone to advise please see the Malware Removal Forum sticky which includes guidelines and instructions in post #2 on how to provide the preliminary DDS and aswMBR logs used for analysis.
http://forums.spybot.info/showthread.php?t=288
Then start a new topic in that forum as shown in the FAQ along with a description of the computer's symptoms and a volunteer analyst will assist when available.
Best regards.
