Jump to content
LinkinForcer

NVIDIA Trojan.Crypt?

Recommended Posts

Just updated database (MBAM 3.2.2 - Update package version 1.0.2967) and restored file. 
Ran manual threat scan and all came up clean for me (Win 10 Pro 64bit if it matters)

Share this post


Link to post
Share on other sites

Hi,

I got this same problem but Malware Bytes wants to delete the file on reboot and won't let me stop it. I've tried restoring the file in the quarantine list but it's tellikng me it can't do anything until a reboot.

Will I still have the option to restore it after a reboot? As far as I can tell, this is an important file for Nvidia so having it deleted will cause problems with my display drivers. I've gone ahead and added the containing folder to the exclusion list.

Share this post


Link to post
Share on other sites

So I deleted the file...  Can I add it back in from the earlier posts in the forum?  Went into full panic mode because I had my bank account hacked after an attack before I got Malware Bytes.

Share this post


Link to post
Share on other sites
40 minutes ago, octaviom18 said:

I got the file for you good sir!

Ontology.zip

Thank you :)

19 minutes ago, TheBorzoi said:

Will I still have the option to restore it after a reboot?

Yes. Be sure to update your database version too.

 

14 minutes ago, cutepanda86 said:

So I deleted the file...  Can I add it back in from the earlier posts in the forum?  Went into full panic mode because I had my bank account hacked after an attack before I got Malware Bytes.

Sorry for the false alarm. Yes you can restore the file now from the quarantine tab. I recommend updating to the latest database as well.

Edited by thisisu

Share this post


Link to post
Share on other sites
4 minutes ago, cutepanda86 said:

So I deleted the file...  Can I add it back in from the earlier posts in the forum?  Went into full panic mode because I had my bank account hacked after an attack before I got Malware Bytes.

I guess yes, but I cannot be sure if nVidia made different versions of this DLL for different Windows/Geforce Experience versions.

Someone else suggested deleting the contents of C:\Users\(Your username)\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\ or reinstalling Geforce Experience.

https://forums.geforce.com/default/topic/800367/geforce-experience/i-get-a-nividia-error-with-the-file-ontology-dll/post/4411615/#4411615

Backup any files before deleting.

Share this post


Link to post
Share on other sites
Just now, TheQuickFox said:

I guess yes, but I cannot be sure if nVidia made different versions of this DLL for different Windows/Geforce Experience versions.

Someone else suggested deleting the contents of C:\Users\(Your username)\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\ or reinstalling Geforce Experience.

https://forums.geforce.com/default/topic/800367/geforce-experience/i-get-a-nividia-error-with-the-file-ontology-dll/post/4411615/#4411615

Backup any files before deleting.

Yeah not sure I can do that.  I'm running Windows 7 and the last update forces my computer to freeze and reboot.  My computer guy said that as ling as I don't update, that I should be able to run everything fine.  So should I just try to run without?

Share this post


Link to post
Share on other sites
1 minute ago, cutepanda86 said:

Yeah not sure I can do that.  I'm running Windows 7 and the last update forces my computer to freeze and reboot.  My computer guy said that as ling as I don't update, that I should be able to run everything fine.  So should I just try to run without?

The result of a missing DLL can be unpredictable. My DLL in the RAR is also from Windows 7 x64 but I run GFE 2.11.4.0 (I dislike mandatory login wit GFE 3.x)

But considering the file and file signature date it looks like the DLL is being automatically updated from nVidia servers. Maybe rebooting, deleting the mentioned folder contents or reinstalling GFE works, but I'm guessing here.

Again: backup before you delete.

Share this post


Link to post
Share on other sites
Just now, TheQuickFox said:

The result of a missing DLL can be unpredictable. My DLL in the RAR is also from Windows 7 x64 but I run GFE 2.11.4.0 (I dislike mandatory login wit GFE 3.x)

But considering the file and file signature date it looks like the DLL is being automatically updated from nVidia servers. Maybe rebooting, deleting the mentioned folder contents or reinstalling GFE works, but I'm guessing here.

Again: backup before you delete.

Yeah I'm using version 3.0.7.34.  I restored a previous version of the folder and it reappeared.  I think I should be good now.  Thanks!

Share this post


Link to post
Share on other sites

If you did not reboot yet after MBAM quarantined the file, you won't be able to restore it until you reboot because MBAM itself has it locked.
If this is the case, reboot the machine, open MBAM & in the main program window under "scan status", click "current" beside "updates". Once updated, you should be able to de-quarantine the file(s).

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.