Ghost computer on the network

[darkane]

first of all I must say that my problem happens with all kind of routers so it is not a Router related problem and hopefully the questions belongs here in trojans help , here it goes
on my LAN's router currently Paradyne 6218 appears a computer with my own computer name "Darkania-no99pb" but as another entry with a different MAC address and spoofing multiple IP addresses at the same time and if that is not weird enough I searched the net for that physical address and it doesn't belong to any company in the world that uses it , it is even invalid because it starts with "9A" not "00" as usual it is "edited"
while my regular MAC is "edited" it's an ASUS motherboard
I ve been told on whirlpool DSL help that trojans can do that , poison /spoof IP and make a virtual MAC address and connect to router
and ofcourse I am not using netcut softweare or anything similiar
I also disabled and uninstalled the network adapters of VMware just as a suspicion and I also uninstalled mobile net switch it is a program to switch network profile for faster changing of IPs and DNS but nothing works all suspicions are false
and I use zonealarm it never reports suspicious programs always reports my usual programs that I am familiar with
so my HJT link is here and I am desparate for any kind of help even if refering to where I can read about such a strange kind of trojans because it is unusual to me thank you
http://hjt.networktechs.com/parse.php?log=340075

-edited to remove MAC addresses ~Admin

[jholland1964]

Please do not post the parsed log. Post the actual log, also, please go to this link and download and run HJT version 1.99
The HJT version 2 is a beta version, still being tested.
http://forum.networktechs.com/showthread.php?t=49

[cauzomb]

it's probly someone spoofing a mac address to connect to your wireless network..

[darkane]

the wireless thing is turned off but the Ethernet users are like 20 something
and I did investigate the Spoofing issue for a long time nothing left for me but to know if there is a Trojan can do this or even a legitimate program mis-configured can do this , remember that it has my computer name , I know that anyone can use the computer name he desires and can also obtain other people computer names easily but I really doubt someone did this on purpose , man they don't even know what a MAC address is , I already banned someone and kicked him out and unfortunately it seems like he was innocent because the crap is happening again with my PC name this time not his "this part of the story is old so I didn't tell it " so it is possible the same happened to him unintentionally

[cauzomb]

I dunno, I haven't come accross this issue yet, but it sounds like you can limmit the number of users to 1 "your machine" on your lan.. Then monitor incoming/outgoing logs of the router to see if that MAC address pops up in the dhcp clients list.

[cauzomb]

Also, if you have to let people "20 users" on the lan, it might take extra work to identify which machines are originating the dhcp request using the strange mac address..

[darkane]

it happened again and when I disconnected all users but me , the ghost vanished it means it was not my computer this time , but it has the same stupid
9A:xx:xx:xx:xx:xx
it is not even valid for any company , who ever do this is a spoofer and the last time he was using my computer name , man I am getting out of my mind
thanks for the tips guys