SUDO is causing entries in the console log. A Virus?

Hello,
I was looking through my OSX installation and I found this mysterious file placed in my Application Support Folder in my library:
username/library/application support/7103555
It is named "7103555" and it is a Unix Executable File (according to "Get Info")
I am worried it might be a virus. I don't recall putting it there. The only time I used terminal so far was to open a Profile Manager for Mozilla Thunderbird. I see that it mentions PrinterNotification and I do recall installing an HP printer driver. Is that where it might have come from. Is this normal? May I delete it? Should I reset something back in console? I am not sure what to do here.
Should I be concerned?
Thank you for any advice.
This is what it looks like when I open it:
cd /System/Library/SystemConfiguration/PrinterNotifications.bundle/Contents/MacOS
# SUDO is causing entries in the console log making me believe
# that it's not getting run correctly. I am removing SUDO from the
# command lines.
#sudo ./makequeues -u
#sudo ./makequeues -r
./makequeues -u;./makequeues -r&
exit 0

Mulder,
<<sarcasm mode on>>
You got me there: I can't even spot a simple shell script and figure out what it does and why. Nor could I explain it in plain 'Merican English to poor ol' rainforest. Nope, I must have absolutely no idea what I'm talking about.
<<sarcasm mode off>>
HINT: This is well within my area of expertise.
To quote one of your compadres, who "borrowed" it from answers.com:
"computer virus n. A computer program that is designed to replicate itself by copying itself into the other programs stored in a computer. It may be benign or have a negative effect, such as causing a program to operate incorrectly or corrupting a computer's memory."
A little further on in the same page:
"Virus
Software used to infect a computer. After the virus code is written, it is buried within an existing program. Once that program is executed, the virus code is activated and attaches copies of itself to other programs in the system. Infected programs copy the virus to other programs."
and
"Viruses Must Be Run to Do Damage
A virus is not inserted into data. It is a self-contained program or code that attaches itself to an existing application in a manner that causes it to be executed when the application is run."
On to Leap-A, from the description in Macworld (edited for brevity and clarity):
"...[W]hen you try to launch the newly-infected application, an apparent bug ... in the code prevents it [the application] from launching. But, ... a lot just happened:
A Spotlight search for the most-recently-used user-owned applications is run, and ... up to four of those programs at a time are infected...
The above process will repeat each time you try to launch an infected application."
The process described above fully conforms to the definition. Therefore, your, uh, "1337" assertion is wrong: Leap-A IS a virus.
-Wayne
PS I'll even make a more radical assertion: The first OS X viruses were written in 1983 by Fred Cohen. My source? Professor Cohen (after all, he invented the computer virus), who told me, "the first viruses written for the original experiments run on current Mac OSX systems without even a recompilation."

Similar Messages

  • Wierd applet entry in my Console log.  What is it?

    I found this entry in my Console log, does anyone know what this is? Is this spyware?
    Sun Nov 09 08:28:04 EST 2008 JEP creating applet reportcard2.ReportCard (http://i.cmpnet.com/nc/java/)
    Interactive Report Card version 2.0, written by Mike Lee.
    I Googled cmpnet.com and here is what I found:
    CMP Technology is a marketing solutions company serving the technology industry.
    If this is spyware, how do I get rid of it?
    TIA

    Hmmm, is QWest your ISP perchance?
    whois query for 66.77.24.10...
    Results returned from whois.arin.net:
    Qwest Communications Corporation QWEST-INET-12 (NET-66-77-0-0-1)
    66.77.0.0 - 66.77.255.255
    CMP Media LLC QWEST-IAD-CMPMEDIA (NET-66-77-24-0-1)
    66.77.24.0 - 66.77.27.255

  • Will the console log show a history of random shutdowns?

    My macbook has suddenly started the random shutdown problem. It started a couple of days ago, I'd had no problems up until then. At one point today it was shutting down immediately on waking from sleep, and then would only stay on for about two minutes with the fans racing before, bang, off it would go. I left it alone in exasperation, then returned to try again, and this time it lasted around an hour before shutting down repeatedly again. I will need to take it home to the UK to my local Apple service centre and I am worried that if it doesn't actually shut down in front of them when they have it they will tell me there is no problem and won't repair it. I know that this macbook has the RSS issue now but it really is random, so can I prove it from the console log? I looked through this just now and of course most of it means nothing to me but I did notice that there was a line saying "cause of last shutdown -72" occuring many times since this started. Does anyone know what this refers to and will it show that the problem is definitely happening?

    What does the holding the button down trick do?
    From the Apple article I referenced in your earlier thread:
    "If your MacBook is in a state where it will not remain on long enough to install the update, wait for the issue to reproduce itself. Once the MacBook has turned itself off, turn the computer on the by holding the power button down. Keep the button down until you hear a single long tone. Once you hear the tone you can release the button, install the recommended updates, and restart as you would expect."
    Allegedly, this throttles the CPU to 1 GHz.
    And I am slightly worried that a2dox says that the
    problem returned even after the repair..!
    Different experiences for different people, during the period when Apple had not yet figured out the problem. Their contract repair facility was doing different repairs, some getting heat sink replacements, some logic board replacements, some both, and, later, some a differently designed heat sink. When one of those repairs didn't fix the problem, they would do another.

  • Suspicious activity in the console log

    I was looking at my Macbook Pro's console log and there are some suspicious items in there.
    For example:
    sudo killall -HUP mDNSResponder , IP Address changes, websites I’ve never visited, and something called x-terminal that keeps popping up on my desktop.
    I have only used my Macbook for internet browsing and have never run or entered any computer codes in the console log.
    Is there an explanation? Is it possible that any of the above could be run without me doing anything?

    try upgrading to at least 10.4.4 of mac OS as there may be an issue with 6.0.3 running on 10.3.9...that might fix it

  • A function module to add an entry to the change log of the ODS needed

    Hi all,
    I want to add an entry to the change log table of the ODS .
    Is there a Function module available for this or a work around for this.
    Regards
    Akshay

    Hi Kiran,
    You can directly add days to the date.
    Eg:
    DATA date LIKE sy-datum.
    DATA days TYPE i.
    date = sy-datum.
    days = 100.
    date = date + days.
    WRITE date.
    Regards
    Wenceslaus

  • How to rebuild the config from the entries in the change logs

    Hi,
    We have overwritten something vital in the KEDR t.code through a transport.  The users have created their own entries in the KEDR t.code directly in the system because this t.code was available for editing although the Client was locked for customizing (option no changes allowed). Not sure why SAP allows KEDR to be edited although the client was locked for customizing. Anyone knows?
    Now the problem is how can we restore the entries maintained by the users?
    Fortunately this KEDR table is enabled for audit log. Is there a way to actually restore the entries from the change logs? Please advise.

    If the device is already in the Prime Infrastructure, you can open it in Device work center and select the device > use the configuration archive option > scheduled deploy.
    Also, the Prime Infrastructure Plug and Play feature allows you to perform an initial provisioning of a software image and configuration on a new device. For more details check :
    Automating Device Deployment Using Plug and Play Profiles
    Working with Device Configurations
    -Thanks
    Vinod

  • Reading the console logs

    I am having intermittent power problems with my intel imac. Occasionally it will completely lose power and die. The Apple staff looked it over but could not find the problem. They said I should look at the console logs when it happens next time. I can open console but the first logs I see only have the most recent postings, which don't include when it died. Can someone explain to me where I can find the logs that would show what happened just before it lost power? Thanks!

    try searching the console with "shutdown"

  • How do you add an entry in the monitor log from the update rules?

    How do you add an entry in the monitor log from the update rules?

    Check this link for relevant SAP recommended implementation.
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/0c22e690-0201-0010-9581-832abdb5d50d
    Sample Code (Routine) available on the last page of the document.
    award points if useful

  • Just leaking in the console.log

    I'm using iTunes 6.0.3.
    Yesterday, I downloaded a video from the Music Store and watched it without a problem. About 2 hours later, I got a flood of messages like this in the console.log:
    2006-02-21 19:59:14.121 iTunes[2483] * _NSAutoreleaseNoPool(): Object 0x76c1b80 of class NSCFString autoreleased with no pool in place - just leaking
    2006-02-21 19:59:14.121 iTunes[2483] * _NSAutoreleaseNoPool(): Object 0x76c1ba0 of class NSCFString autoreleased with no pool in place - just leaking
    At the time, iTunes was running in the background, but not playing anything. The messages stopped and after another 2 hours came another flood.
    This morning. I saw what was in the console.log. clicked on iTunes, and immediately got another blast. It went on for about 5 minutes. There was over 12,000 lines of this stuff.
    Anyone have any ideas about this?

    try upgrading to at least 10.4.4 of mac OS as there may be an issue with 6.0.3 running on 10.3.9...that might fix it

  • Understanding the Console Log Entries

    I am trying to decipher which USER_PROCESS stands for a logon. So when a user logs into the machine it is USER_PROCESS: # Console.
    I just don't know which number it is. 44? 47? other?
    Any help is very much appreciated.

    It won't tell you much, but I think you'll get a +Login Window Started Security Agent+ message from a new loginwindow process. But it won't tell you which user logged-on.
    If you're trying to monitor a particular account's usage, there's probably an app for that; I don't think you'll get much from the normal logs.
    You might be able to write an Applescript or Automator to put in that user's Login items, that would update a file somewhere.
    I haven't used +Parental Controls,+ but something there might do what you want.
    You might find something in the +Account and Login+ section of the +Snow Leopard+ forum, either by browsing or searching.
    If nobody responds to this thread for a while, you might want to repost with a title asking specifically how to do whatever it is.

  • Question on the entries in the oc4j log

    Hi all,
    If anybody could help me on the following issue, It is highly admirable. Thanks in advance.
    There is a module in our application to send mails to the people working in the organization regarding their work.
    We have a java servlet that send mail to the people. This servlet is called from a pl/sql programming. During this process, few of the people are not getting the emails. But the exact information is un known. But it writes to the oc4j log. we could only see entries like below for that particular day,
    11/06/04 19:06:44 Session
    11/06/04 19:07:02 Session
    11/06/04 19:07:24 Session
    11/06/04 19:07:27 Session
    [060411_111057028][][ERROR] Could not create an image. Set html-image-dir and html-image-base-uri correctly.
    [060411_111058371][][ERROR] Could not create an image. Set html-image-dir and html-image-base-uri correctly.
    [060411_111105559][][ERROR] Could not create an image. Set html-image-dir and html-image-base-uri correctly.
    [060411_111108074][][ERROR] Could not create an image. Set html-image-dir and html-image-base-uri correctly.
    [060411_111109590][][ERROR] Could not create an image. Set html-image-dir and html-image-base-uri correctly.
    [060411_111133949][][ERROR] Could not create an image. Set html-image-dir and html-image-base-uri correctly.
    [060411_111134933][][ERROR] Could not create an image. Set html-image-dir and html-image-base-uri correctly.
    Other than these entries there is nothing else written to the log. I am neither an expert in the application server nor a java programmer. If anybody can guess at the problem, please do it.
    Thanks,
    Suresh.

    "Could not create an image. Set html-image-dir and html-image-base-uri correctly."
    Probably a custom message generated by the servlet. Do you have some kind of installation
    manual that goes along with the set-up. I am not a clairvoyant but it looks like the application
    is expecting you to set a certain directory in which images are contained. Or it could be you
    have set the directory, but forgot to add the right image.

  • Aperture writing to the console log

    The Console application receives a lot of messages from Aperture, whenever I am doing anything.
    The Console entry usually looks like (95%)
    +1/26/11 5:45:29 PM [0x0-0x495495].com.apple.Aperture[30958] Wed Jan 26 17:45:29 mymachine.local Aperture[30958] <Error>: CGBitmapContextGetBitsPerComponent: invalid context 0x13d5f68b0+
    or I intermittently receive (5%)
    +1/26/11 5:41:49 PM [0x0-0x495495].com.apple.Aperture[30958] This isn't a bitmap context. Forcing destination format to ARGB_8 for CGContext.+
    There can be anywhere from 8 to 20 entries per second. It makes trying to update faces slow to a crawl.
    I have Aperture 3.1.1.
    My Aperture library is on an internal soft RAID, composed of three disks (I left the primary disk as the OS/application disk).
    Any suggestions would be appreciated.
    Message was edited by: GateGuy

    Try System.out.println("\033[32mTest\033[0m"); If it works, google for Ansi control codes.

  • What happened to the console logs in netweaver?

    Our team just upgraded to using NetWeaver version of the portal and the team that set the server up are saying console logs no longer exist?
    Why would SAP get rid of System.out?
    Is there a configuration change the team that set the server up needs to make to have it start logging standard out?
    Stephen

    Hi,
    Open VIsualAdministrator (\usr\sap\J2E\JC00\j2ee\admin\go.bat)
    2.Go to services->LogConfigurator
    Select "Locations" tab
    3. Select "ROOTLOCATION" ->System ->out and set the serverity to ALL
    Now you can see Syste,.out under C:\usr\sap\J2E\JC00\j2ee\cluster\server0\log\defaultTrace.0.trc
    Regards, VIP

  • WHere are the console logs in NW04 EP6?

    I just installed WAS 640 Sp9 and EP6 with the latest patch and I cannot find the disp + server console logs?
    Thanks
    Jeremy

    Hi all,
    Sorry for the late response.
    The WebAS Java 6.40 logs can be found in /usr/sap/<SID>/<INSTANCE>/j2ee/cluster/server<N>/log.
    The /usr/sap/<SID>/<INSTANCE>/work directory contains the logs of the Startup Framework.
    Best regards,
    Vladimir

  • Where does the console log reside?

    I am having to rewrite several scripts due to changes in Leopard.
    I cannot find the location of "console.log" - any help would be appreciated.
    -James
    Message was edited by: James Sprouls ACHDS

    foilpan wrote:
    on a related note, has anyone had any success generating asl queries via shell? i've looked into it but not that deeply. the asl.conf man page seems to indicate it's possible, but i'm not sure how.
    Try man syslog. I'm not sure where to look for all the keywords, but I got this to work first time:
    macbook:~ michaelc$ syslog -k Sender ntpd
    Sun Dec 2 17:07:20 macbook ntpd[24] <Notice>: time reset +1.377290 s
    Sun Dec 2 22:12:49 macbook ntpd[24] <Notice>: time reset +0.644079 s
    Mon Dec 3 15:40:53 macbook ntpd[24] <Notice>: time reset -0.302815 s
    Note that syslog with no arguments gives you everything

Maybe you are looking for

  • Slow loading of System Preferences with Yosemite?

    I noticed that with the implementation of Yosemite I see about about a 20 second delay when I select System Preferences.  All other aspects of Yosemite system functions seem to be running as they were under Mavericks.  Not a critical issue I am just

  • Park the incoming invoice without PO#.

    Hi All, I have a issue where i need to  park the incoming invoice without PO#. I found one BAPI 'BAPI_INCOMINGINVOICE_PARK', but when I checked it, It is asking for PO#. Is there any BAPI, or FM which can serve the purpose. Please help me on this iss

  • Schedule Annual Jobs

    Hi, Initially, the start date was configured as 09-01-2008 however we seems to be getting it this current month (Oct 2014). That's why I had changed it to 09-01-2015 which is a future date. My concern is that, would this resolved the current issue an

  • Table for system status for an order

    Hi Gurus, we are displaying a report in which list of orders we are displaying in that system status also we need to dispaly for that the logic we have used is take OBJNR from AUFK by passing AUFNR and get all the active status for that AUFNR by pass

  • Multiple Consumer Object per Streaming Connection in AIR2.0

    HI, we require streaming server setup for our project. We are trying to minimize number of connections to the streaming server. My query is "If we have multiple Consumer object instance with same channel and destination, will all the Consumer instanc