[HOME]8:42 AM December 5, 2019

Crashing Video Drivers Or Malware

My nephew, the last few days, had a problem with his video drivers crashing. Can't remember it's exact name or model but it was a NVIDIA Geoforce. When I first tried to fix it I noticed he was almost out of hard drive space which made it hard to download and update to the latest drivers from NVIDIA. So I was able to help him free up some space. And then downloaded the latest software to update the drivers. (sorry no screenshots)

The next day he had the same problem, video crashing. So I went online and found out others where having the same problem. One solution suggested was to turn off Vertical sync. Right click on the desktop and click on NVIDIA Control Panel, click on Manage 3D settings then scroll down to Vertical sync and click on it to turn it off. This didn't work because the next day I had another call from him. So I decided to remove the drivers using DDU. Display Driver Uninstaller - www.wagnardsoft.com

It's a utility for completely removing video drivers. It's usually recommended to run it in safe mode but I discovered a problem there. My nephew uses a PIN number to log into his computer but when I try to go into safe mode it only requests a password which he can't remember. I decided to run it anyway.

In the DDU choose your video card (The screen shot is from my system) and then I clicked on Clean and restart.

Also I made sure when everything was finished I set the Vsync thing off.

Next day another call, still didn't seem to work. He has two monitors and the main screen goes completely blank while the active window switches to the second monitor. I noticed it was hard to get any programs open. I right clicked on the taskbar to see what was running in the background only to find one program listed, Chrome, and it was using 86% of the memory. When I closed Chrome with the task manager everything on the computer went back to normal.

So now I'm thinking this might be the problem all along. I manage to close Chrome and open it again to reset it and I noticed an extension with the name of Segurazo (it was active and syncing?). I reset Chrome and decided to do some research on the Segurazo program that I also noticed running in the background. I couldn't disable it. It wasn't listed in apps section to uninstall it. I couldn't disable the services.

I needed safe mode. My nephew couldn't remember the password to get into safe mode. So I decided to use Lazesoft Recover My Password Home Edition to erase his password.



Now the tricky part, booting of the flash. I thought it was going to be hard having to search through the BIOS for the security boot options. It was a GIGABYTE motherboard and it displayed a F12 option for boot menu. I put in the flash and pressed F12 and managed to boot of the flash no problem.

Then I had another problem. My nephews account name did not show up as an option. I did see an account associated with his email but I couldn't reset it because it wasn't a local account. So I decided to click on the Administrator account and see if it would give me some more access to the system. When I rebooted the system on the login screen was listed the Administrator account. I was able to use that since it had no password associated with it and go into safe mode with network support and did the following:

First I downloaded Autoruns and used it to search for every reference to Segurazo and deleted them.

Autoruns - https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns


Just right click on an item and choose delete from the menu. Please note: you'll need to run this as administrator, if not in safe mode, to make changes and some changes you will not be able to make unless in safe mode. Then I enabled hidden files and searched for every folder on the system with the Segurazo named and deleted them.

Then I downloaded Malwarebytesand ran a scan and it took care of the rest. Malwarebytes calls Segurazo a PUP. It's known to cause pop-up advertisements, browser redirects and declining browser performance and functionality, installs other PUPs and it ccomes bundled with other software. Could be what was making Chrome spike the memory.

Malwarebytes - https://www.malwarebytes.com/

Then I let the computer reboot itself. One minor problem. Because the Administrator account was now active and no password, the system automatically booted into that account. So I had to log out of that account, into my nephews and then used the command prompt to disable the Administrator account. In the search bar type cmd and right click, then Run as administrator, then type net user administrator /active:no

One more reboot and everything seems normal. Segurazo was history. If this will solved the crashing video driver I don't know. Only time will tell. I'll keep you updated. A system reset seems to be the only other option.

Update: I originally wrote this a back in August and the problem hasn't returned.