kesegy 0 Posted August 28, 2023 Share Posted August 28, 2023 I keep my EIS Firewall in interactive mode and, generally, it works well. But, for the last couple of weeks - maybe since EIS 16.2.13 was released - every time I reboot the PC (which is at least once each day), after Windows starts up, EIS asks again for internet access permission for NVDisplay.Container.exe (Nvidia display driver telemetry). I keep checking the Remember rule option and denying access but it asks again on the next reboot like no rule was created, and firewall makes another identical rule for this executable as it already exists in the EIS firewall rule list (see attached picture). Again, all these rules are completely identical, are concerning the same executable and have the blanket OUT-Deny settings for ANY local and remote ports and hosts. This doesn't happen with any other executable, just this one. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,267 Posted August 28, 2023 Administrators Share Posted August 28, 2023 Please provide logs collected with ESET Log Collector so that I can compare the rules created. Link to comment Share on other sites More sharing options...
itman 1,746 Posted August 28, 2023 Share Posted August 28, 2023 The only effective way to block nVidia Container outbound traffic is to block the IP address it is connecting to; Link to comment Share on other sites More sharing options...
mh123 0 Posted August 29, 2023 Share Posted August 29, 2023 13 hours ago, itman said: The only effective way to block nVidia Container outbound traffic is to block the IP address it is connecting to; Really? What if IPs get changed? Only effective way is to block all outbound connections for respective process. Interactive mode is screwed up in latest version of EIS. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,267 Posted August 29, 2023 Administrators Share Posted August 29, 2023 Please provide logs collected with ESET Log Collector so that I can check if the rules are really 100% identical. Link to comment Share on other sites More sharing options...
itman 1,746 Posted August 29, 2023 Share Posted August 29, 2023 (edited) 14 hours ago, mh123 said: Really? What if IPs get changed? The only complete way to disable all nVidia telemetry is given in this article: https://www.ghacks.net/2016/11/07/nvidia-telemetry-tracking/ and it doesn't work anymore. The only way nVidia telemetry can be disabled is; Quote The only way to disable nvidia telemetry now is to delete the nvtelemetry.dll, for example in the folder: C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_547eeefb57db4499 if you do not delete this... then C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe will connect to *.gfe.nvidia.com https://github.com/NateShoffner/Disable-Nvidia-Telemetry/issues/19 and deleting this .dll can cause issues. Hence, IP address blocking is currently the safest alternative. Edited August 29, 2023 by itman Link to comment Share on other sites More sharing options...
Recommended Posts