-
February 4th, 2005, 09:25 PM
#1
Junior Member
ifconfig in Win ME
has anyone heard of WIN ME running a process called 'ifconfig'? from what i understand this is a *nix process. I've done alot of google'ing but ifconfig is barely mentioned with Win ME and it doesn't say alot. I've tried to end the task and it comes up twice in the task list afterwards. I've gone into the registry and tried to delete it but it always shows up again. I used serveral registry editing/checking programs and it still comes back. Thanks in advance.
Rain
Go Spurs Go!
One Team, One Goal
-
February 4th, 2005, 09:37 PM
#2
-
February 4th, 2005, 09:42 PM
#3
Junior Member
Thank you XTC.
"The ifconfig command is used on Solaris (unix) machines to assign an address to a network interface or to configure your network interface. During system startup, ifconfig is called to define the network address of each interface present on your Solaris machine. ifconfig may also be used to redefine a network interface's address or other operating parameters, or to display the current configuration on an interface."
Is this originally a *nix command? or I think I should ask, is this predominantly used for *nix systems? Thanks again.
Go Spurs Go!
One Team, One Goal
-
February 4th, 2005, 09:53 PM
#4
Yes, ifconfig is a *nix command ( unix, linux, etc. )
not found on my copies of ME !
It is also used in *nix rootkits.
Where is it loading from ??
" And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
-
February 4th, 2005, 09:53 PM
#5
ifconfig is a *NIX command. ipconfig is the bastard cousin cripple-ware version for Windows. That being said, it could be a legitimate thread. Depends on what is installed/running. Search AO here for info on the HiJack This! util, it should help you figure out what is spawning them (I think. Don't really know it too well.)
"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore
-
February 4th, 2005, 09:59 PM
#6
Check the following
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\]
ifconfig.exe=C:\WINDOWS\system32\ifconfig.exe
[PluginObj]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5483427F-93B8-1470-5A89-E6B56484CDB2}=c:\documents and settings\app hunter\local settings\temp\rdfzihvzquh.dll
[FileCreated]
c:\windows\system32\ifconfig.exe=1
c:\docume~1\apphun~1\locals~1\temp\rdfzihvzquh.dll=1
-
February 4th, 2005, 10:00 PM
#7
Cyberdefender has a bug picked up in ifconfig.exe although their site isn't very useful.
http://www.cyberdefender.com/risk/ht...94800.log.html
Is this where ifconfig is listed in your registry
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\]
ifconfig.exe=C:\WINDOWS\system32\ifconfig.exe
If it is I don't think it is normal ME startup app. Should do a virus scan.
\"You got a mouth like an outboard motor..all the time putt putt putt\" - Foghorn Leghorn
-
February 4th, 2005, 10:44 PM
#8
I would go to www.winpatrol.com and download winpatrol. Use it to disable it at startup, restart and see if everything works right. It is possible that it is something that came with a NIC driver and you don't want to delete it right off the bat.
If everything works fine then you need to look closely at the box because it may be compromised.
Tell us what you find please
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
February 7th, 2005, 05:04 PM
#9
Junior Member
Thanks to everyone for all of the help. However, after hours of toying with the registry and 'hijack this', I am extremly unsat with WIN ME and the 'blue screen of death' I get every ten minutes. The os won't even accept MS critical updates - everytime I intsall and reboot, I get a black screen on boot that has numerous lines of 'updating system files...1%...2%...could not update files'; from there I have to boot into safe mode then reboot again and it still did not update the files. There seems to be too many problems so I think it's time for a clean wipe and a fresh XP intsall. Thanks again for everyone's help.
Go Spurs Go!
One Team, One Goal
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|