|
|
| Page 1 of 1 |
|
|
 Posted: Mon, 19th Jul 2021 07:16 Post subject: gpu_update.exe heating GPU up |
|
 |
I've seen that gpu_update.exe (not gpupdate.exe) in task manager is using 100% of the GPU all the time
i've read that it's a bitcoin miner malware but there's no right tutorial on how to remove FOREVER the bastard out without using a trial/pay app
Anything i can do to kill it forever?
ASUS X570 TUF GAMING PLUS, 32GB DDR4@2666 ,RYZEN 5800X3D (NO OC),GIGABYTE RTX 4070 Super GAMING OC, Western Digital Blue 4TB 5400RPM + SAMSUNG 860 EVO 500+1TB GB SSDs , OEM SATA DVD 22xNoctua NH-D15 Chromax Black, BenQ XL2420T Case: Be Quiet! DARK BASE PRO 901. PSU CORSAIR RM1200 SHIFT
|
|
| Back to top |
|
|
|
|
| Posted: Mon, 19th Jul 2021 11:41 Post subject: |
|
|
Start fresh, your machine has been p0wned, who knows what else is happening under the hood.
|
|
| Back to top |
|
|
|
|
| Posted: Mon, 19th Jul 2021 12:15 Post subject: |
|
|
Ran a Malwarebytes and found 12 things, a few of em was the same gpu_update.exe thing. Now it sits idle at 40C 19W and the CPU temps also lowered from 45 to 37
Sadly Malwarebytes is a Trial version but it killed the stuff. After 2-3 reboots it worked and well, temps n stuff above
The problem?... Trial version. Wish there was an app like that but better and single payment and cheap?. Because it's hard to find a cracked version of that app (i tried before and no methods worked)
ASUS X570 TUF GAMING PLUS, 32GB DDR4@2666 ,RYZEN 5800X3D (NO OC),GIGABYTE RTX 4070 Super GAMING OC, Western Digital Blue 4TB 5400RPM + SAMSUNG 860 EVO 500+1TB GB SSDs , OEM SATA DVD 22xNoctua NH-D15 Chromax Black, BenQ XL2420T Case: Be Quiet! DARK BASE PRO 901. PSU CORSAIR RM1200 SHIFT
|
|
| Back to top |
|
|
couleur
[Moderator] Janitor
Posts: 14081
|
| Posted: Mon, 19th Jul 2021 12:42 Post subject: |
|
|
Backup your important stuff and start fresh.
"Enlightenment is man's emergence from his self-imposed nonage. Nonage is the inability to use one's own understanding without another's guidance. This nonage is self-imposed if its cause lies not in lack of understanding but in indecision and lack of courage to use one's own mind without another's guidance. Dare to know! (Sapere aude.) "Have the courage to use your own understanding," is therefore the motto of the enlightenment."
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
| Posted: Mon, 19th Jul 2021 20:09 Post subject: |
|
|
So i saw this game called Contra Returns, with being official and even announced on FB, where it was avaliable for Windows
So i've downloaded it, ran the setup and it said that it needed a "Simulation Environment" , probably to emulate android on the PC
So i removed the files and noticed on startup in taskmanager that there are 4-5 "updates" tasks with the game's icon. I went to each one of em and deleted it's "updates" folder that contained em all, but once i restart the PC they re-appear outta nowhere again!
Is there a way to kill this exe forever?. It's not doing weird behaviours on my PC but i wanna take it away from the PC if it's not gonna work
However the moment the PC gets fully booted these updates.exe processes disappears but i want em out from the PC without the need of a format
Do i have like install an android emulator or something and do a normal install, then uninstall or what can i do?
ASUS X570 TUF GAMING PLUS, 32GB DDR4@2666 ,RYZEN 5800X3D (NO OC),GIGABYTE RTX 4070 Super GAMING OC, Western Digital Blue 4TB 5400RPM + SAMSUNG 860 EVO 500+1TB GB SSDs , OEM SATA DVD 22xNoctua NH-D15 Chromax Black, BenQ XL2420T Case: Be Quiet! DARK BASE PRO 901. PSU CORSAIR RM1200 SHIFT
|
|
| Back to top |
|
|
|
|
| Posted: Mon, 19th Jul 2021 20:26 Post subject: |
|
|
type msconfig and see whats starting up on pc boot in startup
|
|
| Back to top |
|
|
|
|
| Posted: Mon, 19th Jul 2021 21:25 Post subject: |
|
|
It shows the task manager, but i've did a format in the end and will create a new macrium image once all is installed then Malwarebytes does it work...
ASUS X570 TUF GAMING PLUS, 32GB DDR4@2666 ,RYZEN 5800X3D (NO OC),GIGABYTE RTX 4070 Super GAMING OC, Western Digital Blue 4TB 5400RPM + SAMSUNG 860 EVO 500+1TB GB SSDs , OEM SATA DVD 22xNoctua NH-D15 Chromax Black, BenQ XL2420T Case: Be Quiet! DARK BASE PRO 901. PSU CORSAIR RM1200 SHIFT
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
Frant
King's Bounty
Posts: 24433
Location: Your Mom
|
| Posted: Tue, 20th Jul 2021 10:48 Post subject: |
|
|
It's a bitcoin miner virus which is why your GPU was maxing out.
https://howtofix.guide/gpu_update-exe-virus/
Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn!
"Thank you to God for making me an Atheist" - Ricky Gervais
|
|
| Back to top |
|
|
|
|
| Posted: Tue, 20th Jul 2021 12:03 Post subject: |
|
|
Already used Malwarebytes Trial and it did the trick but the Contra Returns shit was unkillable, so i did a format and everything's all fine.. And another clean Macrium image
ASUS X570 TUF GAMING PLUS, 32GB DDR4@2666 ,RYZEN 5800X3D (NO OC),GIGABYTE RTX 4070 Super GAMING OC, Western Digital Blue 4TB 5400RPM + SAMSUNG 860 EVO 500+1TB GB SSDs , OEM SATA DVD 22xNoctua NH-D15 Chromax Black, BenQ XL2420T Case: Be Quiet! DARK BASE PRO 901. PSU CORSAIR RM1200 SHIFT
|
|
| Back to top |
|
|
Frant
King's Bounty
Posts: 24433
Location: Your Mom
|
| Posted: Tue, 20th Jul 2021 12:47 Post subject: |
|
|
You may still have it on your drives in encrypted form that you unwittingly install again. You should try several antivirus programs, rootkit removers and malware removers since there's no AV/malware remover that can find them all.
Besides, you should be more mindful of what and where you download your stuff from. You should also test any warez exe-file with Virustotal.com before running it.
Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn!
"Thank you to God for making me an Atheist" - Ricky Gervais
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
LeoNatan
Banned
Posts: 73193
Location: Ramat Gan, Israel 🇮🇱
|
| Posted: Wed, 21st Jul 2021 13:33 Post subject: |
|
|
gpu_update.exe 
I think it's the exe that upgrades your DX9 card to support DX10 with a patch! Well what you want, it takes time to install the update 
|
|
| Back to top |
|
|
|
|
| Posted: Wed, 21st Jul 2021 22:42 Post subject: |
|
|
Seems i wasn't the only one who got the gpu_update.exe thing, and it was that Contra Returns thing in the end!!
Fucking fake ads should fucking die. Atleast it wasn't caused by any software etc that i'm used to install out after a format etc ;3.. Not even Office 2019
ASUS X570 TUF GAMING PLUS, 32GB DDR4@2666 ,RYZEN 5800X3D (NO OC),GIGABYTE RTX 4070 Super GAMING OC, Western Digital Blue 4TB 5400RPM + SAMSUNG 860 EVO 500+1TB GB SSDs , OEM SATA DVD 22xNoctua NH-D15 Chromax Black, BenQ XL2420T Case: Be Quiet! DARK BASE PRO 901. PSU CORSAIR RM1200 SHIFT
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
| Posted: Thu, 22nd Jul 2021 08:03 Post subject: |
|
|
Couldn't you remove it e.g. with Kaspersky Live image, without booting into Windows?
|
|
| Back to top |
|
|
|
|
| Posted: Thu, 22nd Jul 2021 08:14 Post subject: |
|
|
|
|
|
| Back to top |
|
|
|
|
| Posted: Thu, 22nd Jul 2021 12:34 Post subject: |
|
|
I already did a Macrium image with everything cleaned and set up.
And the OS images are always from M$
ASUS X570 TUF GAMING PLUS, 32GB DDR4@2666 ,RYZEN 5800X3D (NO OC),GIGABYTE RTX 4070 Super GAMING OC, Western Digital Blue 4TB 5400RPM + SAMSUNG 860 EVO 500+1TB GB SSDs , OEM SATA DVD 22xNoctua NH-D15 Chromax Black, BenQ XL2420T Case: Be Quiet! DARK BASE PRO 901. PSU CORSAIR RM1200 SHIFT
|
|
| Back to top |
|
|
|
|
| Posted: Thu, 22nd Jul 2021 14:40 Post subject: |
|
|
|
|
|
| Back to top |
|
|
|
|
| Posted: Thu, 22nd Jul 2021 23:49 Post subject: |
|
|
|
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
| Page 1 of 1 |
All times are GMT + 1 Hour |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB 2.0.8 © 2001, 2002 phpBB Group
|
|
 |
|
75% of the personal laptops in Latin America are infected like this nowadays. The main attack vector I noticed for all the people around me, is office bitcoin miners infected iso images.
I am not a W10 user, but nowadays you have this W10 sandbox feature available to test run any dodgy software to analyze what happens under the hood. Use it!
Would be funny if that happened to you 
