Site Related > Site / Forum Discussion
GPU Process Reversal?
walterab:
I have given up on posting solutions so today I have a problem that needs addressing. I have re-formatted my 1TB hard drive to attempt to reverse what occurred when a hacker penetrated my firewall and used my nVidia GeForce Graphics Card's memory to mine bit coins. I have my Windows Vista computer set up to do all of my computing "in the Cloud" and on a wireless network driven by a cable modem. I have 52+ years experience with digital information systems and turned 81 years of age last month. Is there anyone that has any experience in re-setting the default environment for normal operation? My main system memory consists of 8GB (4 DDR modules) and my Graphics card has 256MBs. :-\
dlipman:
I truly doubt "...hacker penetrated my firewall and used my nVidia GeForce Graphics Card's memory to mine bit coins".
More likely a driveby download or visiting a vulnerability/exploitation site with the payload being a BitCoin Miner trojan. (assuming that's what you had).
I don't know what you want so I will be general...
Make sure your your SOHO Router is properly secured (does not respond to PINGs, no remote administration and the default password has been changed to a strong password) and WiFi accessed via a strong password using WPA2-AES.
Make sure your Vista PC is up-to-date in ALL software, not just the OS.
Make sure you use anti virus software and practice Safe Hex.
For regular computer usage, use a Limited User Account (LUA) instead of an account with administrative privileges.
Make data backups and image the computer regularly so you don't have to wipe and re-install the OS.
walterab:
Erasing the words "truly doubt", let me offer this in my behalf. I have Windows Vista Home Premium along with 8GBs of DDR System RAM Plus an NVIDIA GeForce 9300 Graphics Card with 256MBs of on-card memory. But there is more as you can see in the following screen snapshot taken from Control Panel:
I have customized my Control Panel 'Default Programs' to include Apple Safari, iTunes, and QuickTime. With the hefty Graphics Memory, the Trojan Horse DevilRobber set up shop on my computer and I finally found a way to block it from spreading to other systems. The fix was sent to Steve Gibson at www.grc.com (patch TCP/IP Port 34522).
The Trojan DevilRobber has the potential to bring down a Nation due to the use of Bit Coins and online gambling.
Check me out on Google using the keywords walt, ivey
dlipman:
Your screenshots show the use of MS Windows, not MAC OSX.
The DevilRobber (Backdoor:OSX/DevilRobber) is a MAC OSX trojan backdoor and data stealer and not a virus or worm. It opens TCP port 34522 for its backdoor operations. It can not infect a PC on its own and requires assistance. That assistance is via Social Engineering by it being repackaged with a software installer and was originally distributed via Torrents but could be located on Usenet or warez sites.
walterab:
Follow along with me on this one. My computer IS a Microsoft Vista Home Premium that is loaded with features. If you looked closely at the screen snapshot showing my non-Windows defaults, then you can see that I have Mac Safari, iTunes, and QuickTime defaulted - but you can also see that my secondary O/S is Google Chromium and Cloud Computing. I think that some culprit mistook my Vista/Mac/Chrome/Cloud system for a Mac because I have the quality of Graphic architecture that Bit Coin Miners seek. This is what I have stated from the first. I think that I nailed the miscreant last night when I downloaded, installed, and ran PortQueryV2 - because I have not heard the fan roaring on the NVIDIA GeForce 9300 w/256MB graphic memory. Thanks for your interest and comments - I value your help.
Walter Ivey
Navigation
[0] Message Index
[#] Next page
Go to full version