Site Related > Site / Forum Discussion

GPU Process Reversal?

(1/2) > >>

I have given up on posting solutions so today I have a problem that needs addressing.  I have re-formatted my 1TB hard drive to attempt to reverse what occurred when a hacker penetrated my firewall and used my nVidia GeForce Graphics Card's memory to mine bit coins.  I have my Windows Vista computer set up to do all of my computing "in the Cloud" and on a wireless network driven by a cable modem.  I have 52+ years experience with digital information systems and turned 81 years of age last month.  Is there anyone that has any experience in re-setting the default environment for normal operation?  My main system memory consists of 8GB (4 DDR modules) and my Graphics card has 256MBs. :-\

I truly doubt "...hacker penetrated my firewall and used my nVidia GeForce Graphics Card's memory to mine bit coins".

More likely a driveby download or visiting a vulnerability/exploitation site with the payload being a BitCoin Miner trojan. (assuming that's what you had).

I don't know what you want so I will be general...

Make sure your your SOHO Router is properly secured (does not respond to PINGs, no remote administration and the default password has been changed to a strong password) and WiFi accessed via a strong password using WPA2-AES.

Make sure your Vista PC is up-to-date in ALL software, not just the OS.

Make sure you use anti virus software and practice Safe Hex.

For regular computer usage, use a Limited User Account (LUA) instead of an account with administrative privileges.

Make data backups and image the computer regularly so you don't have to wipe and re-install the OS.

Erasing the words "truly doubt", let me offer this in my behalf.  I have Windows Vista Home Premium along with 8GBs of DDR System RAM Plus an NVIDIA GeForce 9300 Graphics Card with 256MBs of on-card memory.  But there is more as you can see in the following screen snapshot taken from Control Panel:

I have customized my Control Panel 'Default Programs' to include Apple Safari, iTunes, and QuickTime.  With the hefty Graphics Memory, the Trojan Horse DevilRobber set up shop on my computer and I finally found a way to block it from spreading to other systems.  The fix was sent to Steve Gibson at (patch TCP/IP Port 34522).

The Trojan DevilRobber has the potential to bring down a Nation due to the use of Bit Coins and online gambling.

Check me out on Google using the keywords walt, ivey

Your screenshots show the use of MS Windows, not MAC OSX.

The DevilRobber (Backdoor:OSX/DevilRobber) is a MAC OSX trojan backdoor and data stealer and not a virus or worm.  It opens TCP port 34522 for its backdoor operations.  It can not infect a PC on its own and requires assistance.  That assistance is via Social Engineering by it being repackaged with a software installer and was originally distributed via Torrents but could be located on Usenet or warez sites.

Follow along with me on this one.  My computer IS a Microsoft Vista Home Premium that is loaded with features.  If you looked closely at the screen snapshot showing my non-Windows defaults, then you can see that I have Mac Safari, iTunes, and QuickTime defaulted - but you can also see that my secondary O/S is Google Chromium and Cloud Computing.  I think that some culprit mistook my Vista/Mac/Chrome/Cloud system for a Mac because I have the quality of Graphic architecture that Bit Coin Miners seek.  This is what I have stated from the first.  I think that I nailed the miscreant last night when I downloaded, installed, and ran PortQueryV2 - because I have not heard the fan roaring on the NVIDIA GeForce 9300 w/256MB graphic memory.  Thanks for your interest and comments - I value your help.
Walter Ivey


[0] Message Index

[#] Next page

Go to full version