Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What's Happening Here?


  • Please log in to reply
9 replies to this topic

#1 ronbo613

ronbo613

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:16 PM

Posted 02 December 2014 - 11:56 AM

I installed a new nVidia video card and was getting terrible results with benchmarks or trying to play video games. After installing a GPU monitor, I found out the reason for the poor GPU performance was because the GPU usage was at 98% idling at the desktop. Something is utilizing all of my GPU with no programs running. Here's the strange part; when I open the Task Manager to check what might be using the GPU, the GPU usage drops to zero! The same thing happens when I open Process Explorer(procexp.exe) to check what processes are running; GPU usage goes from 98% to zero.

 

I don't think it's a hardware problem, the video card runs fine and has the latest drivers. The fact that any program needed to see what the problem might be causes the GPU usage to stop makes me suspicious. I mean how can opening programs like Task Manager and Process Explorer have such a dramatic effect on GPU usage? I was thinking maybe I had some kind of data or bitcoin mining malware. I run ESET NOD32 all the time and in depth virus scans show nothing, same thing for Malwarebytes.

 

At this point, I'm kind of grasping at straws. I don't know if this is the result of a virus or malware, bad software or what. Have any of you ever heard of anything like this?

 

Thanks



BC AdBot (Login to Remove)

 


#2 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 02 December 2014 - 12:02 PM

Hello there    :welcome:

 

I'm LighthouseParty and I'll be assisting you with your concern today. Let's run a couple of scans to see what could be causing this.
 

:step1: Download MiniToolBox

  1. Click here to download MiniToolBox to your desktop.
  2. Double click MiniToolBox.
  3. Select the following and then press go.
  4. Post the log in your next reply.

Flush DNS

Reset IE Proxy Settings

Reset FF Proxy Settings

List Installed Programs

List Restore Points

 

:step2: Install and run a scan with Malwarebytes Anti-Malware
  1. Click here to download Malwarebytes to your desktop.
  2. Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  3. On the dashboard, click update now.
  4. After that, click scan now - the scan will now begin.
  5. When the scan's completed, select apply actions - make sure the action is quarantine.
  6. Restart your computer.

How to get the log.

  1. On the dashboard, select the history tab and click application logs.
  2. Select the log which has the time and date of when you did the scan.
  3. Click copy to clipboard and paste it into your reply.

:step3: Download Security Check

  1. Click here to download Security Check to your desktop.
  2. Double click SecurityCheck and follow the on-screen instructions.
  3. A log should open, called checkup.txt.
  4. Please post the contents of it in your next reply.

Thanks and good luck!



#3 HackerFun

HackerFun

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wilkes-Barre, PA

Posted 02 December 2014 - 12:26 PM

Undo the changes you recently changed on your computer. (take out that new video card and install/load the original)

 

If the problem is resolved, the hardware is having problems... You can test it further by trying it in another PC but I'd recommand reporting the malfunction to whomever you bought it from.



#4 ronbo613

ronbo613
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:16 PM

Posted 02 December 2014 - 03:51 PM

Thanks for responding. I'll run those tests.



#5 ronbo613

ronbo613
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:16 PM

Posted 02 December 2014 - 05:44 PM

I'm pretty sure I figured out what the problem is.

 

There is a program called wdm.exe, located at C\Windows\SysWOW64\wdm.exe. It doesn't show up in the Task Manager or Process Explorer and is not detected by ESET NOD 32, MalwareBytes, MiniToolbox or SecurityCheck. The only way to find it is to open the System Resource Networking window and watch network traffic while toggling Process Explorer, you can see wdm.exe "phoning home".

 

This was a tough one to figure out.

 

Thanks for your assistance, hope this helps somebody else out.


Edited by ronbo613, 02 December 2014 - 08:11 PM.


#6 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 03 December 2014 - 02:17 AM

Has this resolved your issue then?



#7 ronbo613

ronbo613
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:16 PM

Posted 04 December 2014 - 07:23 PM

Has this resolved your issue then?

After a couple days of observation, I can say that it has.



#8 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 05 December 2014 - 01:34 AM

For one last final step, please download Delfix from here and save it to your desktop. Right-click it and select run as administrator. Select the following and press run:

  • Remove disinfection tools
  • Purge system restore

Happy surfing!



#9 ronbo613

ronbo613
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 05 December 2014 - 02:27 PM

Thanks for your help



#10 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 05 December 2014 - 02:33 PM

No problem at-all :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users