Site Related > Site / Forum Discussion

GPU Process Reversal?

(1/2) > >>

walterab:
I have given up on posting solutions so today I have a problem that needs addressing.  I have re-formatted my 1TB hard drive to attempt to reverse what occurred when a hacker penetrated my firewall and used my nVidia GeForce Graphics Card's memory to mine bit coins.  I have my Windows Vista computer set up to do all of my computing "in the Cloud" and on a wireless network driven by a cable modem.  I have 52+ years experience with digital information systems and turned 81 years of age last month.  Is there anyone that has any experience in re-setting the default environment for normal operation?  My main system memory consists of 8GB (4 DDR modules) and my Graphics card has 256MBs. :-\

dlipman:
I truly doubt "...hacker penetrated my firewall and used my nVidia GeForce Graphics Card's memory to mine bit coins".

More likely a driveby download or visiting a vulnerability/exploitation site with the payload being a BitCoin Miner trojan. (assuming that's what you had).

I don't know what you want so I will be general...

Make sure your your SOHO Router is properly secured (does not respond to PINGs, no remote administration and the default password has been changed to a strong password) and WiFi accessed via a strong password using WPA2-AES.

Make sure your Vista PC is up-to-date in ALL software, not just the OS.

Make sure you use anti virus software and practice Safe Hex.

For regular computer usage, use a Limited User Account (LUA) instead of an account with administrative privileges.

Make data backups and image the computer regularly so you don't have to wipe and re-install the OS.


walterab:
Erasing the words "truly doubt", let me offer this in my behalf.  I have Windows Vista Home Premium along with 8GBs of DDR System RAM Plus an NVIDIA GeForce 9300 Graphics Card with 256MBs of on-card memory.  But there is more as you can see in the following screen snapshot taken from Control Panel:

I have customized my Control Panel 'Default Programs' to include Apple Safari, iTunes, and QuickTime.  With the hefty Graphics Memory, the Trojan Horse DevilRobber set up shop on my computer and I finally found a way to block it from spreading to other systems.  The fix was sent to Steve Gibson at www.grc.com (patch TCP/IP Port 34522).

The Trojan DevilRobber has the potential to bring down a Nation due to the use of Bit Coins and online gambling.

Check me out on Google using the keywords walt, ivey

dlipman:
Your screenshots show the use of MS Windows, not MAC OSX.

The DevilRobber (Backdoor:OSX/DevilRobber) is a MAC OSX trojan backdoor and data stealer and not a virus or worm.  It opens TCP port 34522 for its backdoor operations.  It can not infect a PC on its own and requires assistance.  That assistance is via Social Engineering by it being repackaged with a software installer and was originally distributed via Torrents but could be located on Usenet or warez sites.


walterab:
Follow along with me on this one.  My computer IS a Microsoft Vista Home Premium that is loaded with features.  If you looked closely at the screen snapshot showing my non-Windows defaults, then you can see that I have Mac Safari, iTunes, and QuickTime defaulted - but you can also see that my secondary O/S is Google Chromium and Cloud Computing.  I think that some culprit mistook my Vista/Mac/Chrome/Cloud system for a Mac because I have the quality of Graphic architecture that Bit Coin Miners seek.  This is what I have stated from the first.  I think that I nailed the miscreant last night when I downloaded, installed, and ran PortQueryV2 - because I have not heard the fan roaring on the NVIDIA GeForce 9300 w/256MB graphic memory.  Thanks for your interest and comments - I value your help.
Walter Ivey

Navigation

[0] Message Index

[#] Next page

Go to full version