Jump to content

Nvidia Ontology.dll detected as Trojan


Recommended Posts

Hello,

About a half hour ago I booted up my computer and my Malwarebytes gave me a heads up about a malware being blocked located in "NVIDIA/NvBackend/ApplicationOntology/Ontology.dll"

I looked around and saw that 15 minutes ago people are reporting this too on the geforce forums slowly that their Malwarebytes is too. is there an infection going on and is my computer now infected?

I am deeply sorry if this is the wront forum/section to ask/report this in but im not sure how to treat this and I am worried this is a malware infection on my computer right now.

Link to post
Share on other sites

I just had the same thing come up.
Some reports from users on the nvidia forums appear to indicate virus total scans come back clean, but I don't really want to unquarantine to zip and submit just in case. 
Came up as Trojan Crypt for me. 

Apparently it has something to do with Geforce Experience, as users are reporting it's not working after quarantine (not detecting games or something), but the drivers appear to be fine. 

Edited by welbot
Link to post
Share on other sites

Have the "trojan" as well and I would say it looks like false positive but better wait for one of the malwarebytes employees for confirmation I mean there was a vulnerability in part of the nvidia driver at the end of the day as far as I remember. This is the file https://www.virustotal.com/en/file/39e2df03737c3429fcb7c44055d2cede0f64d0e6ebbd1987a57242fd643a570e/analysis/1507335479/ it's referring to. 

Link to post
Share on other sites

I received the same threat as well on two separate computers at the same time, one for gaming and one for work. I called a friend (Who also had Malwarebytes and Nvidia Experience) asking him to run a scan; he received the same threat. Looking like a false positive, but would like to hear from a staff member to be safe.

Link to post
Share on other sites

I got the same message. C:\Users\Administrator\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\Ontology.dll was quarantined.

File version 36.0.5.1

File signed by NVIDIA Corporation 2017-OCT-06 16:42:53 (Issued by VeriSign Class 3 Code Signing)

Strange thing is that I did not install any NVIDIA graphics drivers /software on or after this date. (Today/yesterday based on your time zone)

 

https://www.virustotal.com/en/file/39e2df03737c3429fcb7c44055d2cede0f64d0e6ebbd1987a57242fd643a570e/analysis/1507336836/

Edited by TheQuickFox
Link to post
Share on other sites

Hi everyone,

This was a false positive and has been fixed in the following database versions

MBAM2 Version: v2017.10.07.01
MBAM3 Version: 1.0.2967

Please update your database and restore the file from quarantine if needed. Sorry for the false alarm everyone.

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.