PDA

View Full Version : No or invisible owning process



matmat07
2015-12-10, 23:41
I've got nearly 20 of these entries, most are related to Nvidia, at least one to some .net file, one from dropbox, and a couple just totaly blank. They appear in the scan result, but not in the log file.

They are all empty in the "thread", "module" and "heaps" tab. For exemple, I got the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe. Some files does appear twice.

I wanted to make the scan because "system" in windows 10 is starting to use a lot of ram after a while, which seems to drop down if I close chrome. It is probably unrelated, but those scan results still worries me.

tashi
2015-12-11, 02:08
Hello matmat07,

Can you produce a log please, as shown here
(https://forums.spybot.info/showthread.php?72882-Root-Scan-Completed-Are-These-OK)


I've got nearly 20 of these entries, most are related to Nvidia, at least one to some .net file, one from dropbox, and a couple just totaly blank. They appear in the scan result, but not in the log file.

They are all empty in the "thread", "module" and "heaps" tab. For exemple, I got the file \Device\HarddiskVolume8\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe. Some files does appear twice.

(https://forums.spybot.info/showthread.php?72882-Root-Scan-Completed-Are-These-OK)The RootAlyzer is an analyst tool, even legitimate software may use rootkit technologies.


I wanted to make the scan because "system" in windows 10 is starting to use a lot of ram after a while, which seems to drop down if I close chrome. It is probably unrelated, but those scan results still worries me.
When did the problem start, was the NVIDIA driver updated recently?

Best regards. :)

matmat07
2015-12-12, 04:51
Well, that doesn't really tell me how to produce a log, but here is mine.
// info: Rootkit removal help file
// copyright: (c) 2008-2015 Safer-Networking Ltd. All rights reserved.

:: RootAlyzer Results
File:"Unknown ADS","C:\Users\Marc\OneDrive:ms-properties:$DATA"
File:"Unknown ADS","C:\Users\Marc\OneDrive\Documents:ms-properties:$DATA"
File:"Unknown ADS","C:\Users\Marc\OneDrive\Favorites:ms-properties:$DATA"
File:"Unknown ADS","C:\Users\Marc\OneDrive\Images:ms-properties:$DATA"
File:"Unknown ADS","C:\Users\Marc\OneDrive\Musique:ms-properties:$DATA"
File:"Unknown ADS","C:\Users\Marc\OneDrive\Pictures:ms-properties:$DATA"
File:"Unknown ADS","C:\Users\Marc\OneDrive\Public:ms-properties:$DATA"
File:"Unknown ADS","C:\Users\Marc\OneDrive\Shared favorites:ms-properties:$DATA"
File:"Unknown ADS","C:\Users\Marc\OneDrive\Pictures\Camera Roll:ms-properties:$DATA"
File:"Unknown ADS","C:\Users\Marc\OneDrive\Documents\Nouveau dossier:ms-properties:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2014-03:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\Apps:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\Photos pour mariage:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\Screenshots:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\Stage:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\Voyage:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\Voyage\Mission Royaume-Uni:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\Voyage\Session d'étude:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\Photos pour mariage\A faire:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\Photos pour mariage\batch 2:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\Photos pour mariage\Fini:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\Photos pour mariage\A faire\Scan bien découper:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\Bonus 445:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\PHY332:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\PHY332\Lab 1:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\PHY332\Lab 2:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 1:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Projet final gpa770:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Projet final gpa770\rapport:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Projet final gpa770\Sources Fonctionnel:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Projet final gpa770\rapport\code:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 1:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2b_bon:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2c:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\Lab2D:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\Remise:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2c\bin:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2c\cmd:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2c\lab2c_Data:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2c\prm:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2c\Sources:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2c\lab2c_Data\Full_Chip_Simulation:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2c\lab2c_Data\SofTec_HCS12:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2c\lab2c_Data\SofTec_HCS12\ObjectCode:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2c\lab2c_Data\Full_Chip_Simulation\ObjectCode:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2b_bon\lab2b_bon:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2b_bon\lab2b_bon\bin:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2b_bon\lab2b_bon\cmd:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2b_bon\lab2b_bon\lab2b_Data:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2b_bon\lab2b_bon\prm:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2b_bon\lab2b_bon\Sources:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2b_bon\lab2b_bon\lab2b_Data\Simulator:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2b_bon\lab2b_bon\lab2b_Data\SofTec:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2b_bon\lab2b_bon\lab2b_Data\SofTec\ObjectCode:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 2\lab2b_bon\lab2b_bon\lab2b_Data\Simulator\ObjectCode:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Laboratoires\Lab 1\Lab 1 - Remise 15:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2b_bon:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2c:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\Lab2D:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\Remise:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2c\bin:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2c\cmd:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2c\lab2c_Data:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2c\prm:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2c\Sources:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2c\lab2c_Data\Full_Chip_Simulation:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2c\lab2c_Data\SofTec_HCS12:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2c\lab2c_Data\SofTec_HCS12\ObjectCode:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2c\lab2c_Data\Full_Chip_Simulation\ObjectCode:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2b_bon\lab2b_bon:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2b_bon\lab2b_bon\bin:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2b_bon\lab2b_bon\cmd:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2b_bon\lab2b_bon\lab2b_Data:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2b_bon\lab2b_bon\prm:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2b_bon\lab2b_bon\Sources:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2b_bon\lab2b_bon\lab2b_Data\Simulator:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2b_bon\lab2b_bon\lab2b_Data\SofTec:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2b_bon\lab2b_bon\lab2b_Data\SofTec\ObjectCode:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 2\lab2b_bon\lab2b_bon\lab2b_Data\Simulator\ObjectCode:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA770\Lab 1\Lab 1 - Remise 15:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 1:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 10:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 2:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 3:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 4:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 5:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 6:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 7:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 8:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 9:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 8\Asm_Balai:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 8\Asm_Linkage:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 8\Asm_Moteur:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 7\Lab 7:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 7\vieux:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 7\vieux\Asm_Balai:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 7\vieux\Asm_Linkage:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 7\vieux\Asm_Moteur:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 7\Lab 7\Asm_Balai:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 7\Lab 7\Asm_Linkage:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 7\Lab 7\Asm_Moteur:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 6\Asm_Balai:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 6\Asm_Linkage:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 6\Asm_Moteur:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 4\New folder:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 4\Rondelle plate:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 4\vis:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-03\GPA445\Lab 10\mesures:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\COM115:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA210:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA210\Gamme d'usinage:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA210\Gamme d'usinage\CAD original:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA210\Gamme d'usinage\CAD SW:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA210\Gamme d'usinage\CAD étapes:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA210\Gamme d'usinage\Croquis:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA210\Gamme d'usinage\dessin de definition:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA210\Gamme d'usinage\dessin de surface:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA210\Gamme d'usinage\matrice:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA210\Gamme d'usinage\Montage d'usinage:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA210\Gamme d'usinage\Remise:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA210\Gamme d'usinage\Montage d'usinage\capture d'ecran:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA210\Gamme d'usinage\Montage d'usinage\piece sw:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\Note de cours:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_1:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_2:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_3:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_3\PDFs:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_3\Sections séparée:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_2\Feuilles de routage:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_2\Info TP2:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_2\Rendu TP2:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_2\Feuilles de routage\Pièces achetées:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_1\CAD:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_1\Diagramme d'assemblage:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_1\Nomenclature:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_1\Nomenclature arborescente:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_1\Rendu TP1:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_1\CAD\BXXXXX - BOULONNERIE:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_1\CAD\old:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_1\CAD\BXXXXX - BOULONNERIE\BOULON:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_1\CAD\BXXXXX - BOULONNERIE\BOULON 6 PANS CREUX:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_1\CAD\BXXXXX - BOULONNERIE\ECROU:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_1\CAD\BXXXXX - BOULONNERIE\GREASE FITTING:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_1\CAD\BXXXXX - BOULONNERIE\RONDELLES:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\GPA205\TP_1\CAD\BXXXXX - BOULONNERIE\GREASE FITTING\DOCUMENTATION:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\COM115\Kenya:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\COM115\Projet vidéo:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\COM115\Projet vidéo\ATE800:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\COM115\Projet vidéo\BD:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\COM115\Projet vidéo\Kenya:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\COM115\Projet vidéo\Kenya\Précédent:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\COM115\Projet vidéo\BD\Chroniques de Jérusalem (Guy Delisle):com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\COM115\Projet vidéo\BD\Pyongyang - A Journey in North Korea (Drawn & Quarterly) (2005) (Minutemen-DTs):com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2015-01\COM115\Kenya\Précédent:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2014-03\gpa151:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2014-03\gpa155:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2014-03\INF155:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2014-03\mat145:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2014-03\PRE010:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2014-03\INF155\Compilation:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2014-03\INF155\Cours 2:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2014-03\INF155\Cours 3:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2014-03\INF155\Devoir1:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2014-03\INF155\modules_1:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2014-03\INF155\modules_1\ecrir_textes:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2014-03\INF155\modules_1\mtwister:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2014-03\INF155\modules_1\un_chrono:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\Users\Marc\Dropbox\2014-03\gpa155\lab1:com.dropbox.attributes:$DATA"
File:"Unknown ADS","C:\ProgramData\CyberLink\PowerDVD14\001.FCL:001.FCL:$DATA"
File:"Unknown ADS","C:\ProgramData\CyberLink\PowerDVD14\CLDShowX.ini:Update.CL:$DATA"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Security Center","Svc"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Security Center\Svc","Upgrade"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\InputMethod\Jpn","DuState"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\InputMethod\Chs","DuState"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc","Upgrade"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Jpn","DuState"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Chs","DuState"


Like I said, the entries I talked about aren't shown there.

Beside that, I have windows 10, and Spybot is on version 2.4, with the free edition.

Nvidia is updated regularly, and I couldn't be sure when it started happening, but it's been a while. Closing Chrome (with 20+ tabs) makes "system" lose about 400MB after a while, and gain about 20 when I open it up again. I still think those two issue aren't related, but thanks if you want to help. Disabling the Windows Network Data Usage service as suggested seem to have helped, but I'll need another day to really be sure.

tashi
2015-12-13, 20:34
Hello matmat07,

The log alone doesn't present an infection, to look into that further you'd need someone to take a look at the system in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) after reading that forum's FAQ which also includes instructions in post #2 on how to provide the logs from Farbar Recovery Scan Tool and aswMBR, which are the logs used in the preliminary analysis.

http://forums.spybot.info/showthread.php?t=288

However, it appears troubleshooting the issues you are encountering with the operating system is warranted before we consider malware to be an issue. :)

Please register and start a topic in this forum at What the Tech: Microsoft Windows™ (http://forums.whatthetech.com/index.php?showforum=119)

A link to this topic may be helpful.

Best regards.