EDIT: Is this a hacker? Someone I don't know is connected to my network

I’m sorry, but am I supposed to post logs to the malware I get?
Does it help somehow? Heh.

Well apparently I just got a Trojan.Agent. I found out by doing a up-to-date MBAM quick scan. I removed it by restarting my computer with MBAM and I then did another quick scan and it was gone, I am assuming MBAM got rid of it. :slight_smile:

Here is the log:

Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org

Database version: 4199

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18928

6/15/2010 12:37:26 AM
mbam-log-2010-06-15 (00-37-26).txt

Scan type: Quick scan
Objects scanned: 129395
Time elapsed: 7 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users[My Name]\AppData\Local\Temp\Tpv.exe (Trojan.TDSS) → Quarantined and deleted successfully.

A question about this:
I have got my household to be more careful online, but do you guys have any idea how you get this specific malware?
Is it from a video, codec… What? I want to know so I can make sure my household is more safe on the internet.

Thank you in advance. :slight_smile:

EDIT:
Now a pop-up said

“Windows Media Player found: DAPHNEKLINE-PIC
Winows Media Device can share music, pictures, or video to this device. Click here to set up sharing…”

I just chose to not show any further notifications.
I got worried, is this a hacker or something?

Sorry for the double post, but now I can see this person’s PC in my network,
is this a hacker? Can they see my information somehow?

I’ve never had any other networks on my network before besides my household’s computer.

Please help.
I have a picture of it here now.

EDIT: Phew, it’s gone now… But do you have any idea if this was a hacker? Or something like that?
EDIT: It’s back and when I was about to edit this post I think I seen a green bar a crossed the browser that said “TROJAN” …

Please help. I’m really worried. :frowning:

Okay hehe, sorry I realized now that the green bar said “LOADING” ^^;

However, when I tried to click on this other PC connected to my network it said it couldn’t access it… Is this a sign of a hacker?
I don’t know anyone named DAPHNEKLIN

do you have wireless connetion ? is it crypted ?

What is your computer name ? check all your pc to see if you find that name

What is my computer name?
http://www.cablesense.com/qa/computername/

but is being connected to the network the only way to get malware from a another infected computer?
no, if you connect a device that have been connected to another computer that was infected, the bug can move over ( like a USB stick or eksternal hardisk)

Thank you so much for your reply.

I have a wireless connection. However, I do not know hardly anything about how to secure it, what options I should do… I don’t want anyone seeing my information.

And yes I know that bout the USB Stick etc… But thanks for the reply.

EDIT:
I don’t know what computer names I should look for. I know my computer’s name and all my other household computers’ names, but I don’t recognize this new one.

http://www.pcworld.com/article/130330/how_to_secure_your_wireless_network.html
http://www.youtube.com/watch?v=wqJLQAuDUVk

http://www.google.no/search?hl=no&source=hp&q=how+to+secure+my+wireless&aq=f&aqi=g1&aql=&oq=&gs_rfai=

I don't know what computer names I should look for. I know my computer's name and all my other household computers' names, but I don't recognize this new one.
then maybe your neighbour is surfing for free on your open wireless connection........ ;)

Both the neighbors next to me don’t have computers I believe.

Thank you for the links, I will research this.

But in your opinion, does this sound like a hacker to you or is it just something I’m worried over for no reason?

EDIT:
I’m sorry, but I’m having trouble getting a WPA. I’m not that smart when it comes to this kind of stuff.
I am using Vista right now, so where exactly do I need to go to get WPA?

unless you are detecting something weird going on with your computers, i guess this is just somone surfing for free
the signal can easy go 100 meters in open range, if the wireless is close to a window…

It probably is, but I’m just worried because I got malware right before it happened.
I’m still lost at how to secure my network, I’m very dumb when it comes to things like this. I don’t know what to do. I feel really useless when it comes to this stuff.
Sorry.

P.S. Should I have my network set to public or private?

EDIT:
The weirdest thing going on in my computer now is that even though I keep turning it off, my “File Sharing” option under “Network and Sharing Center” keeps turning on.

you find lots of how to videos on youtube or google it
if you don`t know how to, take your wireless router down to a computer shop and let them do it, it takes 10min

Then write the network name and access code on it with dymo-tape so you don forget
http://global.dymo.com/enCA/LabelMaterial/Embossed_tapes.html

Ok, thank you so much. :slight_smile:
However, I’m pretty sure I got malware from one of the YouTube videos on how to secure my network.

So my computer should be pretty safe right now?
But, can this other computer send malware to my network, thus getting this computer malware’d?

EDIT: Everyone in my neighborhood should be sleeping, it’s night so I doubt it’s any of them, but who knows?

Also, um, I asked this above but would you mind answering it?:

Should I set my computer’s network to private or public?

Should I set my computer's network to private or public?
not 100% sure what that setting does.....if it changes something in the firewall i guess it is strickter / more secure when sett to public. I am guessing have to run for work now....
Files Infected: C:\Users\[My Name]\AppData\Local\Temp\Tpv.exe (Trojan.TDSS) -> Quarantined and deleted successfully.

A question about this:
I have got my household to be more careful online, but do you guys have any idea how you get this specific malware?
Is it from a video, codec… What? I want to know so I can make sure my household is more safe on the internet.


Prevex file info
http://www.prevx.com/filenames/2320436227280517373-X1/TPV.EXE.html

http://www.google.no/search?hl=no&client=opera&hs=jRm&rls=nb&q=Tpv.exe&btnG=Søk&aq=f&aqi=&aql=&oq=&gs_rfai=

Check the properties of the computer DAPHNEKLINE_PC- is it an ad-hock network?

Ad-hock connections act like a virus- once you try to connect to one, your computer starts sending the ad-hock signal. As far as I know, it’s not possible for information to pass either way on these “networks”. I’ve seen several computers advertising themselves as ad-hock networks in my own area.

http://erratasec.blogspot.com/2007/01/ad-hoc-wifi-virus.html

Thanks for the replies. ^^

I can’t see the DAPHNEKLINE-PC under “Networks” anymore. So I don’t know.

Sorry for the double post.

Me and my household is working with the people that made our router on how to block other people from our network.
We’ll see how that goes.

Also,
Is being disconnected to a network prevent you from getting malware from it? Even if you can easily just re-connect to that same network?

Thanks for all your help guys.

EDIT: Okay we have our network secured now. We have a key now. So this should be okay, right?

I have enclosed a screen shot of what an unsecured network looks like

The top is my secured network - the bottom is an unsecured one as shown by the !

When I try to connect to the secured network I am asked for a key (the example is not my network but another secured one )

Is this what you see when you first connected to your secured network ?

If you have any concerns I can check out your system for you

My secured network looks like the bottom picture you attached, whenever I try to connect to it.
I do get asked for keys when I try to connect to my secured network as well.

At the time, I’m not really concerned, but any help or info you guys have about unsecured networks are welcome. ^^

I do have some questions however:

  1. Despite my household now having a secured network, our older, unsecured network is still on the list of networks.
    We called the same people that helped us and they said that no one can use the older unsecured network now that we have the new one, however, it seemed as if I could use the older network anyway.

We don’t want people using that older network for free. Is there a way to get rid of it?

  1. Malware can’t spread to other networks, can it? Even if it’s the same router as long as your on different networks you can’t get malware from the other networks, is this right?

Thanks for the help guys. I really appreciate it.

To remove old networks in Vista see here http://www.ehow.com/how_2056400_remove-old-network-connections-windows.html

2. Malware can't spread to other networks, can it? Even[b] [i]if it's the same router [/i] [/b] as long as your on different networks you can't get malware from the other networks, is this right?
Not quite as routers can get infected, although they generally redirect to malware sites

Hmm, I tried to remove the older network a while ago and I just checked the “Connect to a Network” list and it’s no longer there.
Is it really gone or can others still see it even if we can’t?

Okay so everyone who has networks on the same router can get infected if the router is infected?

More questions, sorry :frowning: :

  1. So would disconnecting from the router/network that your currently on prevent you from getting malware?
    (Even if you can still connect to the network)

Like I disconnect my computer from the network I’m currently on often, just in case my other household members get malware on their computers. However, I can easily just re-connect to the network. Would disconnecting from the network prevent you from getting malware from the router, even if you can easily just re-connect to the network?

  1. I also can see other peoples’ networks on my network list. Their people I don’t know.
    Because I can connect to their networks, even if I don’t connect to their network, can I get malware if they get malware even if it’s not the same router?
    Or can malware only spread to networks on that router, and that router only? As long as I don’t connect to another network?

Sorry for all the questions.
Thanks.