Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DHCP-Client000000 ?

Status
Not open for further replies.
USMC1775

USMC1775

IS-IT--Management
Feb 11, 2003
7
US
I have a 2000 Advanced Server. In re-checking services I found an odd item.

Item is called "DHCP-Client000000".
It was set in startup as automatic. The service was stopped. I made it disabled. It had no dependencies.

It is described as, "Provides FTP services and allows remote FTP clients to connect to this computer"

The file name it wants to run is "WINNT\repair\rundll32new.exe".

A search shows this file not on any drive of this server. A web check via Google search found nothing on the service name or filename.

The unit has been coprimised before by Warez. I have already moved my valuable files and am just curious about this.

 
Sort by date Sort by votes
Thanks viol8ion,

I ran Hijak when I first became concerned at the beginning of the year. I killed the known items Hijack pointed out and also those I could find. Mostly Dameware and Serv-U. You are correct that I had a Warex FTP going on. Those also have been deleted. Thankfully this unit was not storing "real" data. It just had not been taken offline yet.

This was one item (DHCP-Client000000) that I had not seen in Hijack or any other Trojan info areas.

thanks again.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

HaierIT
  • Locked
  • Question
Security/Group Policy - DHCP Service Disable 1
Replies
3
Views
28
AndrewTait
AndrewTait
saidfrh
  • Locked
  • Question
PIX 501 receive outside IP dynamicall from DHCP serv 1
Replies
5
Views
33
I21st
I21st

Part and Inventory Search

Sponsor

Back
Top