dhcpclient.exe

Discussion in 'malware problems & news' started by RadicalEdward, Jul 1, 2005.

Thread Status:
Not open for further replies.
  1. RadicalEdward

    RadicalEdward Registered Member

    Joined:
    Jul 19, 2004
    Posts:
    64
    A few days ago our Marketing head came in with a laptop problem. Needless to say he plugged his machine into our network and something called dhcpclient.exe was created on one of our machines running Windows 2000 Server, in the windows system 32 folder, though this one doesn't act as a server and seems to just be isolated to that machine alone. When connected to our network, it floods it with unessacary traffic and slows everything down. As long as it's unlpuggd life is good. It seems that it also only targeted Windows 2000 Server, because the rest of the machines on that network run XP and two others run plain old 2000. Mcaffee Enterprise 7 didn't find anything, TDS 3 didn't find anything either, nor did Spybot or Adaware. I haven't loaded any other of the free Avs yet, because updating them would require connecting it to a connection, which would not be good. So, has anyone seen this thing before, and does anyone know of any free tools like stinger or something I can run to remove it?

    Oh, to top it off, I booted it and safe mode and tried to re-name the file, but it wouldn't even let me do that....

    Any help would be greatly appreciated.

    Thanks
     
  2. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
  3. RadicalEdward

    RadicalEdward Registered Member

    Joined:
    Jul 19, 2004
    Posts:
    64
    Hey thanks man, that really helped. I guess looking at the date shows that it's relatively new and would explain why Mcafee hadn't grabbed it just yet....
     
  4. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    Always glad to help. :D

    I hope you are able to get it cleaned
     
Thread Status:
Not open for further replies.