Sign in with
Sign up | Sign in
Your question
Closed

Giga-byte GA-K8NMF-9. Motherboard

Last response: in Networking
Share
July 15, 2010 2:58:20 PM

Hello,
I have a serious security problem. Someone is connecting to my stable pc. I don’t have an Internet connection, nor a router. Can it be done using the motherboard? My model is: Giga-byte GA-K8NMF-9. Motherboard chipset nVidia nForce4 (Crush CK804).

Please Help, Thank you!


Personal e-mail address removed from text to prevent spam.
July 15, 2010 4:47:23 PM

impossible with out internet!!!

Only way they can connect with out internet to your machine is local meaning they have to seat in front of the screen.

The motherboard is holds all the parts to your PC and makes them work together.

Why do you say someone is connecting to your PC
July 15, 2010 4:50:00 PM

Also the Giga-byte GA-K8NMF-9 is not your modem its the motherboard
Related resources
July 16, 2010 3:24:17 AM

How did you determine that someone was connecting to your stable computer? If you don't have an internet connection how did you post on this forum? Does your modem provide you with a temporary internet connection?
July 16, 2010 1:36:31 PM

Thank you for answering.
I know that it's my motherboard. I just typed the wrong letter, sorry (model).
There are ways to connect to a pc, other than using the Internet Explorer.
I am using a different computer, not my own.

Is there a way for someone to connect using just your motherboard. It has an on-chip LAN, a network card on the motherboard. They manage to connect as Local Network. Do you happen to know any details about this particular model of motherboard?
July 16, 2010 3:00:16 PM

Lia said:
Thank you for answering.
I know that it's my motherboard. I just typed the wrong letter, sorry (model).
There are ways to connect to a pc, other than using the Internet Explorer.
I am using a different computer, not my own.

Is there a way for someone to connect using just your motherboard. It has an on-chip LAN, a network card on the motherboard. They manage to connect as Local Network. Do you happen to know any details about this particular model of motherboard?



Ok you are defiantly getting your terms mixed up motherboard does not grant you internet access motherboard hold all peripherals for you PC and yes your mobo does have a NIC card... BUT if you dont have anything plug into your NIC card then you dont have internet access unless you have a wireless card..


Internet explore is not internet it is a web browser just like safrai, firefox, google chrome etc...

Now what you can do is go to start>> run>> type cmd (or press hold down windows logo button and press R) black box will come up that's your command prompt.. Then type ipconfig /all and that should tell you if you have internet.. (you will see an IP address 192.168.X.X)

If you do have an IP then it is VERY possible your computer has been hjiacked also if you have wirelss router some can brake that and connect toy your local network and can pwn you that way.. (please explain symptoms why you think someone is controlling it)
July 16, 2010 6:12:05 PM

Thank you, I'll check this out. I was told that I might be part of a bot to bot network. What equipment would it take for this to happen?
July 16, 2010 6:51:29 PM

Lia said:
Thank you, I'll check this out. I was told that I might be part of a bot to bot network. What equipment would it take for this to happen?


This can be true, It would be your HDD (Hard Drive) because a bot net system takes control of your PC and what controls your PC is your Operating System and your OS is installed on your HDD
July 17, 2010 7:07:45 PM

You asked for details. Here it goes:

It is not a laptop. It's a steady pc. I don't have an Internet connection at home; I don't even have a router. All I have is my motherboad, unless someone has accessed my room and changed something. I can not exclude that. However, I have serious reasents to believe that some guys have gained access to my computer and keep messing things up. People keep telling me that this cannot be done since I don't have a router. But it has been going on for months and it has developped to a nightmare. The funny part is that I never wished to connect to the Internet, in order to be safer.
I used to have XP Home Edition. I have formatted the computer a few times as it wouldn’t open. Now I have Vista 7. My software is legal.

Indications:
- I have used a number of firewalls. They mention that some programs are listening and it refers to a remote computer with zeros as an address. Of course that could mean nothing. They use 127.0.0.0.1.
- I get the feeling that they connect to the computer as part of the system, to the main console through TCP/UDP, local port.
- I have scanned the pc with various antivirus programs. Right now they can not detect a virus.

- They move my mouse, it moves to irrelevant positions on the desktop, it even gets disconnected. Once, my mouse started moving asif someone was dragging it. It moved from one edge of the screen to the other and kept on. My hand was perfectly steady. I think they can hear everything in my room, as whenever I mention something annoying for them, they take control of my mouse. I use a black mouse pad. They disable the port and I can’t use it, it gets back when I have failed to do the job I was intending to. Sometimes I have failed to open my USB disc, it just comes and goes, whenever they want to. Usually when I have something important to copy from the flash disk.
- There is no software problem concering the quides, I have the original cds in good shape and I have programs like “Registry Mechanic”, “Tune Up Utilities”, “Ashampoo Optimizer” etch. They don’t detect any hardware problems.
- My security programs fail/collapse one after the other in a matter of days or ask me to download them again…. It’s a disaster. I insist that it is not a virus! Though I do think it's somekind of malware/worm I can not detect.
- In the past I could not see the user accounts. I could not get in through the control panel. Nor could I see the incidents (Security, Local settings…., appliances/hardware like gates, services,monitor… ) I know I had done nothing which would justify this. It just happened. These problems starting occuring when I started checking these things, like trying to anderstand what the incidents were showing. Whenever I got to discover something new (to me it was an unknown world), it would be the last time I gained access to the data. My account was one of an adminastrator. After that I used a non-administrator account to be safer.

- There are problems with my keybord as well. It's new. But what I think you might find interesting is that: When I once restarted the pc, the keyboard was inactive, thus I could not enter safe mode pressing enter. When I had to type my password to enter, it worked, when windows started, it was once more inactive, thus I could not access any security program or settings because for that, I would have to type my administrator password. This was not the case for a much older keyboard of different type. I don't know the word in english. It's the one which connects at the back of the tower. I think it is called serial. The other keyboard connects like a flash disk.

- The RPC Remote Process Control is working and I can not terminate it! Do I need it as I do not wish to connect to any network? It does not even allow me to check its properties. It is locked by the SYSTEM account and there is a password. I do not know if this is default. When I finally managed to terminate it once, the computer wouldn’t start, it kept returning to the log in Window, I kept typing the password all over again! I had to format the computer. I guess that's because it was programmed to do so if it failed to connect or something.

- When I used Windows XP, during shut down, it mentioned that it was terminating the Internet connections. Is that normal? What was it terminating as I had no connections to the internet.

- I get the feeling that I am part of a local network and various users can log in. It is like they have their own administrator accounts. Someone had told me that I do not need a Wifi connection and that a neighbor could easily connect to the LAN using their router, or something like that. Then another guy said that If I don’t have a router I don’t have a LAN. Some other guy said that the only case for that to happen would be for me to connect to a neighbor’s router. I think they are giving me a lot of misleading information. They even told me that I don't have an IP adress. I certainly have not attempted to connect to anyone’s pc. I wouldn't know how, even if I wanted to.

- Once, I saw my firewall block a command/file called ping. I checked it on the Internet and I found that If someone knows your IP they can connect to the computer, through this command. Why did the command start running out of nowhere?

- Most or all of the programs I use, even simple arcade games, try to perform actiong through Iscvhost.exe-irpcss and RPC (Remote process control).

- DHCP, DNS, SMB, NAStatus UI, LP Remote, I will not pretend I know what these thing are, but they have run on a daily basis. Once my firewall blocked a java script.

- I had a problem with svchost files, Local Network. One or two of its proccesses and one of the SYSTEM as well, were causing my CPU use reach 100%. This started when I tried to install a firewall program "On line Armor". I had to terminate these proccesses to finish the installation. My pc kept running without any problems despite terminating these proccesses.

- All the programs running on my desktop keep trying to access and modify my registry. Even paintbrush. Additionally, all programs try to control my firewall! Not the other way around! I can see it as a notification by the firewall. Even paintbrusth. The programs perform these actions through DNS resolver/RPC!

- My screen turned blue a few days after that as soon as Windows started and I had to reinstall Vista. I don't know what caused this.

- Power Bios server with the server RPC CONTROL\OLEEE8087F002824DC6A2060115E55A and svchost as a port was trying to control a network enebled connection using OLE.


I read a magazine article lately which explained that you can access a pc just through its network card. That a series of programs like Web client, DNS, IPV6, και 4, Ι/Ο e.t.c collaborate for this to happen. All these programs run on my pc like crazy, I get notifications from the firewall. The article said that to do this you need a hacking tool and that the rest is done by a worm. It is called "conficker/Kido". That the worm creates a cory of the svchost file and takes control of the system. It even starts procedures, like the ones of Local Network I had to terminate due to CPU reaching 100%. My ad-aware Pro antivirus had once detected Kido. I kept removing it and adding it to the quarantine but everytime a ran a new scan, it was there. I finally never saw it again.
I think that something like this is what is happening here.

These are my Web adopters (if I am saying it right), in Managing devices:
WAN MINOPORT (IP)
WAN MINOPORT (IP) COMODO FIREWALL MINOPORT
WAN MINOPORT (IP) PC TOOL DRIVER
WAN MINOPORT (IPv6)
WAN MINOPORT (IPv6) COMODO FIREWALL MINOPORT
WAN MINOPORT (IPv6) PC TOOL DRIVER
WAN MINOPORT (L2TP)
WAN MINOPORT (PPPOE)
WAN MINOPORT (PPTP)
Host Controller Nvidia nForce COMODO FIREWALL MINOPORT (my firewall)
Host Controller Nvidia nForce PC TOOL DRIVER
Host Controller Nvidia nForce 2 PC TOOL DRIVER

In Mobile Devices: There is a Windows Mobile Device (Since reinstalling Windows, it has been trying to download its drivers)



I am willing to attatch any data you will need, from my pc. I have many screenshots.

Technitians say I should perform a format but I know they will be in my system before I even start the Windows. I have already tried this option. It does not shut them off.

Please, I know it’s a lot of work.



If it is a bot to bot Network, whose description I have read seem a lot like what I am going through, can somebody tell me how I could stop something like that?
July 19, 2010 1:32:24 PM

WOW, writing and essay lol....

OK here we go i hate to be a smart ass but 1st when you say you have no router just motherboard i am assuming you mean you have Network Interface Card on the back of your pc.

2nd its not called vista 7 it is windows 7 and it dont matter if your software is illegal as long as it stats that its registered (also what version home, business, ultimate).

3rd since you getting your terms confused can you please bring up the command prompt and run ipconfig /all. and copy and past what the command propmt gives you

4th you don't need numerous firewalls that is bad they start fighting against each other (you don't need one if you have no internet)..

5th same with the antivirus choose one and THATS IT (again they fight against each other causing alots of problems also dont need any since you have no internet)

6th i would look up your computer for new drivers(if its a custom built then your motherboard) find the newest driver and update them..

7th clean your mouse / keyboard (compressed air works great) if its optical sometimes pieces of hair/dust/food get stuck in the laser and force it to move on its on (also try different mouse and keyboard)

8th download a free tool called ccleaner for your computer it cleans up cookies and other temp files not need also stops things from start up which will help boost performance.

9th go to my computer go to manage go to local user and groups (depending on what version you have it might not be there) make sure your admin account is disabled as well change the password also change your user password (f not using the default administrator acct)

10 after doing all these steps run the computer in safe mode run your anti-virus (if you uninstalled all of them download malware bytes (http://www.malwarebytes.org/mbam.php) as well as spybot (http://www.safer-networking.org/en/download/index.html) after that done run the computer in normal mode run same thing (run one at a time)

11 finally uninstall malware bytes since its free version (if you want AV i suggest AVAST http://www.avast.com/index)

12 run ccleaner a clean registry


use the computer that has internet to DL exe files and driver files and use usb stick to transfer files back and forth dont connect your infected computer to the internet (even tho you say its not also please post ipconfig /all have to make sure you are getting your terms right only way i can help)
July 19, 2010 2:02:49 PM

Thanks for your ansear.

1. I don't have a Network Interface Card on the back of the pc. Can something be placed somewhere else?
2. I have vista. I'll check out 7 again. I must be confused.
3. I will run ipconfig /all as soon as possible.
4. I already have cleaners and run them daily.
5. I have an administrator account but I only connect as a typical user. They have been changed recently.
6. When you mention new drivers, what do you mean?
7. My antivirus can't fing anything but I will certainly download what you mention.
8. I don't connect to the Internet. I don't have a router.

July 19, 2010 2:05:36 PM

Any additional information on botnet systems?
July 19, 2010 2:17:59 PM

1 no all computers have NIC card in the back ( http://www.gigabyte.com/products/product-page.aspx?pid=... right next to purple/pinkish connector aka serial connector)
2 right click on my computer go to properties (tells what version and OS)
3 ok
4 choose one (one you like the best again ccleaner is simple and efficient )
5 disable it and make sure you chnage the password and no one knows it but you for both accounts
6 drivers help your devices talk to your OS for example when you get a new camera or graphics card you need to install the drivers so the computer can know what device it is and how to use it (http://www.gigabyte.com/products/product-page.aspx?pid=... ) you need to know what OS you have in-order to download the right drivers
7 YOU HAVE MORE THAN ONE only use one
July 19, 2010 2:49:39 PM

Thank you for your help. I will try out everything you say. Any additional information on botnet systems?

August 6, 2010 6:23:22 PM

Hello, anybody remembering me? I have a serious hacking problem and I can not figure out what gives them access, since I don't have a router or a cable connected to my network card on board.
Could somebody please explain to me briefly what these things are? Please, I know it is boring. DHCP, DNS, SMB, NAStatus UI, LP Remote.

And why was there an incident which mentioned that a successful connection of type 3 (network) had been performed since I do not willingly connect to a network.

What is nVidia On-Chip LAN?
The Gigabit LAN capabilities on certain nForce3-250 chipsets is not really a fully integrated LAN. Like solutions in a few other chipsets that remove the LAN from the confines of the PCI bus, nVidia provides a port for direct communication of a Gigabit LAN PHY (Physical Layer) with the nForce3-250 family chipset. There is still an external Gigabit LAN chip providing PHY Gigabit LAN capabilities, which communicates directly with the nF3-250 chipset.

As a result, you cannot determine if an nVidia nForce3-250 family board has on-chip Gigabit LAN merely by looking at the specifications for other brand LAN chipsets. The on-chip LAN will still have an external Gigabit LAN chip providing PHY Gigabit capabilities. This makes the on-chip LAN more like a port to communicate with the external Gigabit LAN PHY than it is a fully integrated Gigabit LAN chip. The end results are the same however - removing the Gigabit LAN from the constraints of the slower PCI bus.

Can someone connect using this?

You have asked for some images from the incide of my pc. How can I updoad them?
August 6, 2010 6:32:12 PM

Lia said:
Hello, anybody remembering me? I have a serious hacking problem and I can not figure out what gives them access, since I don't have a router or a cable connected to my network card on board.
Could somebody please explain to me briefly what these things are? Please, I know it is boring. DHCP, DNS, SMB, NAStatus UI, LP Remote.

And why was there an incident which mentioned that a successful connection of type 3 (network) had been performed since I do not willingly connect to a network.

What is nVidia On-Chip LAN?
The Gigabit LAN capabilities on certain nForce3-250 chipsets is not really a fully integrated LAN. Like solutions in a few other chipsets that remove the LAN from the confines of the PCI bus, nVidia provides a port for direct communication of a Gigabit LAN PHY (Physical Layer) with the nForce3-250 family chipset. There is still an external Gigabit LAN chip providing PHY Gigabit LAN capabilities, which communicates directly with the nF3-250 chipset.

As a result, you cannot determine if an nVidia nForce3-250 family board has on-chip Gigabit LAN merely by looking at the specifications for other brand LAN chipsets. The on-chip LAN will still have an external Gigabit LAN chip providing PHY Gigabit capabilities. This makes the on-chip LAN more like a port to communicate with the external Gigabit LAN PHY than it is a fully integrated Gigabit LAN chip. The end results are the same however - removing the Gigabit LAN from the constraints of the slower PCI bus.

Can someone connect using this?

You have asked for some images from the incide of my pc. How can I updoad them?



Ok i am confused about the last question you want to remove your on board LAN..

For the other question you are lazy (sorry to be offensive) but you can google dhcp and dns etc also the on board chip lan explains its self.. NIC card that built into mobo and there is a separt chip that controls it.

There are plenty of documentation out there to explain what they are, its basically networking 101. I think wiki explains it nice and simple
August 6, 2010 6:45:58 PM

Please believe me, I am everything but lazy. I have spent hours checking these things. But I can not figure out if my motherboard can allow any type of connection without a wire. Please, help me. The question is not just what these definitions are. I need to know how they can be on my pc which does not connect.
August 6, 2010 6:59:06 PM

1 I do not want to remove my on chip Lan. I just need to know if on chip Mac lan can allow any type of connection to any network. Somebody please comment on the images. Anything that was not supposed to be there?

2 Why did I get this incident of succesful connection of type 3 (network)?

August 6, 2010 7:57:45 PM

Lia said:
1 I do not want to remove my on chip Lan. I just need to know if on chip Mac lan can allow any type of connection to any network. Somebody please comment on the images. Anything that was not supposed to be there?

2 Why did I get this incident of succesful connection of type 3 (network)?



were are the pics and no the only way you can connect is wirelessly or wired if you have nothing plugged in then your set, I google your mobo it doesn't have a wireless card. So unless you have wireless card installed as add on dont have to worry.

AS for dhcp and dns your router takes care of that your pc just sends an arp req and arp rep to get an an ip


SMB speakes for its self Server message block with out a server dont have to worry (Clients connect to servers using TCP/IP) no internet no server no worries

I dont know what the lp remote is did u mean rdp?
August 7, 2010 12:32:34 PM

were are the pics I am afraid I didn't get that.
My neighbout HAS a router, it is not that simple. He is very close.
No I meant LP remote.
So unless you have wireless card installed as add on dont have to worry. What do you mean? Just a joke?
I need help with on chip Mac Lan. Nvidia seems to have an outgoing service for helping calls. Please, help me a little more on that.
August 7, 2010 12:35:05 PM

Don't forget that telephony was working and I got an incident of successful logon to the network.
August 9, 2010 2:10:25 PM

Lia said:
were are the pics I am afraid I didn't get that.
My neighbout HAS a router, it is not that simple. He is very close.
No I meant LP remote.
So unless you have wireless card installed as add on dont have to worry. What do you mean? Just a joke?
I need help with on chip Mac Lan. Nvidia seems to have an outgoing service for helping calls. Please, help me a little more on that.



nVidia provides a port for direct communication of a Gigabit LAN PHY (Physical Layer) with the nForce3-250 family chipset. There is still an external Gigabit LAN chip providing PHY Gigabit LAN capabilities, which communicates directly with the nF3-250 chipset. As a result, you cannot determine if an nVidia nForce3-250 family board has on-chip Gigabit LAN merely by looking at the specifications for other brand LAN chipsets. The on-chip LAN will still have an external Gigabit LAN chip providing PHY Gigabit capabilities. This makes the on-chip LAN more like a port to communicate with the external Gigabit LAN PHY than it is a fully integrated Gigabit LAN chip. The end results are the same however - removing the Gigabit LAN from the constraints of the slower PCI bus. (google ftw) MEANS nvidia controls the LOCAL AREA NETWORK CARD MEANING YOU NEED ETHERNET CABLE TO CONNECT...

SO what your neighbor has a router i live in the city all my neighbors have routers like 20 people around me. As long as you don't connect to his network he cant see your computer hence you need a wireless adapter to do that. (You have to manually connect to their network for 1st time) Your desktop does not have wireless card unless you add one.

Now do you have a wireless router and you are connect to that >? if so i would assume its wired
August 9, 2010 2:25:57 PM

i really think you are getting your term confused can you run ipconfig /all and systeminfo in command prompt
August 11, 2010 4:59:32 PM

Sorry for the delay. I only now got to a pc with an internet connection. I have tried to run ipconfig / all but it shows nothing. Just 3 lines.
You asked me if I have a wireless router and connect to that. It is very possible that someone has accessed my room and made the necessary changes. The question is how a wireless router could coccent to this particular machine. Is the equipment on board enough for that to happen?
August 11, 2010 5:41:47 PM

Perhaps it is a ghost. I have read in the Necronomicon that certain spirit entities have direct access to the nF3-250 chipset. If this is the case, the I suggest spraying your room with Cthulhu-away. Should take care of it.
August 12, 2010 7:23:17 PM

ciscocbee said:
Perhaps it is a ghost. I have read in the Necronomicon that certain spirit entities have direct access to the nF3-250 chipset. If this is the case, the I suggest spraying your room with Cthulhu-away. Should take care of it.



Either that or lia on some type of serious medication.. cough mushrooms cough


Any who all jokes aside Without images or the correct details i cant help sorry.... Your story keeps changing you are mixing up terms you throw out terms that are semi adv but yet you don't know what wireless NIC looks like =( we are going no where. I ask you to past the ipconfig and system info but instead you tell me something else.


Also if some one access your room you would see the changes its your room you know what you put in and out of it as well your computer...


Use google look up your computer, look at images if it doesn't match then something fishy, like i said before with out documentation i cant help you simple copy and past would make this whole lot easier.. You probably have dust in your mouse and its making your mouse jump

If you feel i am wrong re-stage or post some helpfully martial that i can look at and examine.

Disconnected everything expect mouse keyboard and video Run combofix make sure you have no AV install and should solve your problem
August 13, 2010 6:48:14 PM

And what is that?
- Power Bios server with the server RPC CONTROL\OLEEE8087F002824DC6A2060115E55A and svchost as a port was trying to control a network enebled connection using OLE.

August 14, 2010 2:38:38 PM

ok 1st off dust can get in the laser causing it to skip and act weird 2nd off your 1st set of pics i cant view and 3d your last pic i can view but why would you post a pic in another language if you are typing English in this forum
August 14, 2010 5:51:15 PM
August 14, 2010 5:57:07 PM
August 14, 2010 6:12:58 PM
August 15, 2010 1:29:59 PM

cant view getting google temporary error 404
August 15, 2010 11:44:51 PM

this guy has got to be a troll...wtf
August 16, 2010 3:33:26 PM

k3y3n1n said:
cant view getting google temporary error 404

Thank you for telling me, I will try again.
August 16, 2010 4:12:14 PM

Can somebody help me on how I could upload screenshots?
Thank you.
August 16, 2010 4:25:26 PM

[
August 16, 2010 6:54:59 PM

This topic has been closed by Jpishgar
!