Nasty Little Rogue Hiding In The File Repository,,, Please Help

Discussion in 'Malware Help (A Specialist Will Reply)' started by Bill_Mars, Nov 25, 2022.

  1. Bill_Mars

    Bill_Mars Private E-2

    in C-windows-system32-driverstore-filerepository
    I have 5 folders starting with Nv...
    The first one it is nv_disp
    it's loading 2 or 3 "Nvidia containers" at startup.

    I have deleted all the old Nvidia software and removed the old nvidia710 graphics card.

    But this thing keeps booting up at startup.

    And it's got nothing to do with display drivers.

    Windows Malware is doing the duelling basnjos with it for about a half hour before it gives it a tanya harding to shut it up,. because if you look in the folder it is sitting on a "container reccovery"gizmo which keeps reactivating them.

    If I load task manager at startup and manually do the 'end task' on it I have to do so 8 or 9 times.

    So what's the best way of getting rid of all this nvidia stuff hiding in the file repository and causing me grief?

    I have all the big guns installed:
    10bit pro, revo, the stuff from tweaking.com and geektweaks, and so far no luck.

    What now?

    sincerely

    Bill
     
    Bill_Mars, Nov 25, 2022
    #1
  2. plodr

    plodr MajorGeek Super Extraordinaire Moderator Staff Member

    plodr, Nov 26, 2022
    #2
  3. Bill_Mars

    Bill_Mars Private E-2

    Oh yeah... that little Nvidia container can do alot of damage.
    It got bad when the rogue got into the Office extension I'd installed in Chrome;
    because then it could get into everything windows could get into.
    Only took me 2 minutes to find that out.
    Pulled the plug and made sure it stayed offline till I could get rid of it.
    But first changed all the passwords for banking!

    I managed last night though, just went through the back door of Task manager and shut it off in services.
    Then getting rid of the nvdisp... folder and contents in group policy was easy.

    Now it's just standard rule; let things go a couple weeks to make sure it doesn't show up again.

    Been 12 hours and a couple reboots...still quiet, nothing resurfaced, nothing auto-reinstalled.

    Still trying to remeber the details and dates, since it was not part of the Nvidia control panel.
    Ive been using the Nvidia Control Panel since 2008 for display settings.

    About 8 months ago I downloaded and installed the Nvidia "Geforce Experience"bundle.
    I think the nvidia container drivers came in the package.
    I do remember deleting the package about a month later,
    Couldn't justify a 160 meg app installed just to swap out a couple of 60k drivers once in a while.
    but I never scrubbed the registry since I still had other Nvidia stuff in the comp.

    For as long as it was parked in a driver folder that was never used it was harmless.
    But something got into it and started booting those containers on startup.
    Don't know what it was, just glad it's gone.
     
    Bill_Mars, Nov 26, 2022
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds