Trojan .exe and zip.000 showing up in /private/tmp and private/var/folders

Similar Messages

• I am getting the following error message when I try to import photos into iPhoto from my camera: "/private/var/folders/GB/GBl4wh8-ELqUVMI5dO-ryU   TI/-Tmp-/iPhoto/DSCF2033.JPG".  Have already tried removing and reinstalling iPhoto to no avail.

  I am getting the following error message when I try to import photos into iPhoto from my camera: "/private/var/folders/GB/GBl4wh8-ELqUVMI5dO-ryU   TI/-Tmp-/iPhoto/DSCF2033.JPG".  Have already tried removing and reinstalling iPhoto to no avail.

  Does this happen if you try to Import to Library within iPhoto, or is it when you connect your camera (and which is set to automatically use iPhoto) that this error message occurs?
  If you open Image Capture > Preferences is iPhoto selected as the choice when a camera is connected?

• What is the diffeerence between  SAPinst_SP_WAS640.exe and WebAS640SP9.zip

  What is the difference between  SAPinst_SP_WAS640.exe and WebAS640SP9.zip
  Dies tge SAOubst_SP_WAS640.exe include MaxDB, and what is the latest version and file size ?

  Hello
  Check if following links help:
  [1.|http://www.symantec.com/connect/articles/understanding-difference-between-exe-and-msi]
  [2.|http://social.msdn.microsoft.com/forums/en-US/winformssetup/thread/89699824-706e-44ea-9578-8866e6dfd058/]
  Thanks
  Saurabh

• Memory leak in oracle.exe and mds.exe

  We are facing Memory leak in oue MDM server. Our environment details
  are as follows;
  MDM 5.5 SP5 ( Build 5.5.41.70)
  Oracle 10.2 patch 2
  windows server 2003 SP1
  XI 7.0 SP 9
  If server is running continuously 3-4 days then Nonpaged memory is
  getting exausted and server does not respond. Now we have to retart the
  windows server manually.
  If we see the task manager it is shows more than 200,000 handles for
  oracle.exe and more than 100,000 handles for mds.exe.
  1: Oracle.exe -- more than 200000 handles ( Approx >5000 is problem)
  2: Mds.exe -- more than 100000 handles ( Approx >5000 is problem)
  Since these applications are not releasing the handles properly so all
  nonpaged memory gets exausted and server stops responding.
  If we restart the mdm server, database and OracleserviceMDMD, then
  nonpaged memory is released. But some times even if we restart these
  services, we do not get nonpaged memory released. So we have to restart
  the windows server.
  please help me if anyone else have faced the same problem.
  regards
  Saurabh

  Closing as question is answered in MDM forum.

• Virus? Duplicate csrss.exe and winlogon.exe files outside Windows/System32

  Hi,
  My computer has been running extremely slowly while performing normal tasks (i.e. web browsing, typing).
  I found a second copy of 'csrss.exe', which as I understand is frequently a trojan. The copy is located in the following file path:
  C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd
  I also found two extra copies of 'winlogon.exe', at the following paths, as well as in Windows\System32:
  C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166
  C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500
  I ran the Norton antivirus scan, the Norton Power Eraser, a few csrss.exe-targeted scans, and spyware search & destroy, none of which detected a virus. I tried moving/renaming the file, but this is denied by the system.
  I used Windows Process Explorer, and the first time,  both csrss.exe & winlogon.exe were verified as system processes. This time I ran and the processes have no info (Version: n/a; Build Time: n/a; Path: [Error opening process]).
  I'm running Windows 7 Professional on a local domain.
  Thanks in advance for your advice.

  SOF
  The second copy is a backup and in that location probably normal.  I doubt malware is the cause of your system running slow more likely system corruption
  Please provide us with your Event Viewer administrative logs by following these steps:
  Click Start Menu
  Type eventvwr into Search programs and files (do not hit enter)
  Right click eventvwr.exe and click Run as administrator
  Expand Custom Views
  Click Administrative Events
  Right click Administrative Events
  Save all Events in Custom View As...
  Save them in a folder where you will remember which folder and save as Errors.evtx
  Go to where you saved Errors.evtx
  Right click Errors.evtx -> send to -> compressed (zipped) folder
  Upload the .zip file to Onedrive or a file sharing service and put a link to it in your next post
  If you have updated to win 8.1 and you get the error message "the system cannot find the file specified" it is a known problem.  The
  work around is to edit the registry.  If you are not comfortable doing this DONT.  If you are, backup the key before you do
  Press Win+"R" and input regedit
  Navigate to:
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels. Delete "Microsoft-Windows-DxpTaskRingtone/Analytic"
  Wanikiya and Dyami--Team Zigzag

• Pre Build EXE and Installer Set Version

  So this topic comes up relatively often so I thought I'd make a new thread showing an example of how to make it work.  The problem is developers want a way to set the version of builds programmatically.  Luckily NI added some VIs for doing this.  Too bad you can't invoke them from the Pre-Build action of a build, because that information is read before the pre-build.  Here is an idea exchange discussing it.
  But I figured I could come with some kind of work around and I have two, and neither is perfect.  Attached is a simple project.  It contains a VI that runs reading the EXE version that it is running from once it is in an EXE.  The project has three build specifications, an EXE, and two installers.  The developer can set the Major, Minor, and Fix of the EXE, but the build version is set programmatically in the Pre-Build action.  The version of the installers will also be set to the version of the EXE.
  Attempt to build the EXE and a dialog will appear asking to enter the build version that should be used.  This could be determined some other way but this was the easiest for the demo.  If the EXE, and the Installers are already the correct version, where the build is the same as the one specified, and the installers are the same version as the EXE, then the build goes on like normal.  But if the build you enter is not the same as the current, it will abort the current build, change the versions, and then tell the operator to attempt to build again.  This time no prompt is seen and the build will work like normal with the version you set earlier.
  The downside to this method is you have to tell the developer to build again, I figured I could do that programmatically so I tried.  There is a constant on the BD of Prebuild Action VI.vi, and if it is set to True it will try to invoke a new build on its own.  The problem with this method is the build the user invoked is aborted and the user sees the error.  But the second build might have worked fine, but there isn't any feedback.
  In any case this is a sorta working way of setting EXE and Installer build versions from a pre-build VI.
  Unofficial Forum Rules and Guidelines - Hooovahh - LabVIEW Overlord
  If 10 out of 10 experts in any field say something is bad, you should probably take their opinion seriously.
  Attachments:
  Test EXE Version.zip ‏80 KB

  Bob_Schor wrote:
  I took your idea and "simplified" it a little
  Some may want the simplified version I understand.  But for me I wanted a more robust VI, one that would work if a project had multiple build specifications of applications, or multiple installers.  Some developers may have two applications one that is normal, and another with debugging turned on and I wanted the versioning to work consistently there by grabbing the newest version and using it.  And in all my cases, if there is an installer it should be the same version as the EXE.
  As for the getting around the error I think if I had enought time I could dig into the NI VIs to get rid of the error and show the progress of the new build.  The whole build process is a bunch of VIs, that augment the right click menus in the project so the source is there it is just taking time to understand it.
  Unofficial Forum Rules and Guidelines - Hooovahh - LabVIEW Overlord
  If 10 out of 10 experts in any field say something is bad, you should probably take their opinion seriously.

• When I start firefox, i get this message ( The instruction at "0x7b9c77a9" referenced memory at "0x7b9c77a9". The memory could not be "read" ) hs anyone any idea why? I have scanned with AVG and something simply called 'Trojan Remover' and they both fin

  when I start firefox, i get this message ( The instruction at "0x7b9c77a9" referenced memory at "0x7b9c77a9". The memory could not be "read" ) hs anyone any idea why? I have scanned with AVG and something simply called 'Trojan Remover' and they both find nothing.... any advice would be greatly welcomed.. thanks
  == This happened ==
  Every time Firefox opened
  == this morning 22/07/10

  Lyall,
  I have seen this before, a long time ago (several years), and I cannot
  remember how/if we resolved it.
  If this is an impotant issue to you, I suggest that you open a case with
  BEA support.
  Regards,
  Peter.
  Got a Question? Ask BEA at http://askbea.bea.com
  The views expressed in this posting are solely those of the author, and BEA
  Systems, Inc. does not endorse any of these views.
  BEA Systems, Inc. is not responsible for the accuracy or completeness of
  the
  information provided
  and assumes no duty to correct, expand upon, delete or update any of the
  information contained in this posting.
  Lyall Pearce wrote:
  The title says it all really.
  I see other posts getting replies.
  This is a rather important issue, I have seen another post with a similar problem.
  While not being a show-stopper it certainly raises concerns.
  The application works ok until the application exits (in both development and
  executable form)
  Apparently this did not happen with Tux 7.1
  It does with 8, I do not have 7.1 so I have no workaround.
  ..Lyall

• I cant uninstall my itunes off my computer, i have followed instructions and i still have errors, including error 2330 and redundance cyclic. the only software i have left is itunes.exe and file es.lproj which is located in the ituneshelpresources folder

  I cant uninstall my itunes off my computer, i have followed instructions and i still have errors, including error 2330 and redundance cyclic. the only software i have left is itunes.exe and file es.lproj which is located in the ituneshelpresources folder. i recently installed a second hard drive and that let me uninstall everything. I just want to get itunes off my computer and reinstall itunes, i have deleted everything i can and i ran "chkdsk" this did nothing. I would have just updated the oild itunes to the newest version but it didnt ley me do that. installing/ uninstalling or deleting just lets me get half way and shows me these errors. Please help, thank you.
  JPHowarth

  the only software i have left is itunes.exe and file es.lproj which is located in the ituneshelpresources folder.
  If the chkdsk isn't fixing the damage, and those are the only iTunes that can't be deleted, try renaming the "iTunes" folder that they are contained in (in your Program files) to iTunesOLD.
  Now try another install. Does it go through without the 2330 this time?

• Where can I download certutil.exe and the NSS Utils for Windows

  I know many people struggle to find Certutil.exe and the rest of the NSS Utils so I have compiled version 3.14.2, using the same method I previously posted here https://support.mozilla.org/en-US/questions/687296 but this time with Visual C++ 2010 (x86)
  YOU WILL NEED VISUAL C++ 2010 REDISTRIBUTABLE INSTALLED to run these executables.
  The zip file can be downloaded from ....
  (Link to file removed)
  Hope this helps

  When you compile certutil there should be a whole raft of other exe and all the dll files you need. the dll files need to be either in c:\windows\system32 or in the same folder as certutil.exe.
  Hope this helps.

• Links to exe and back to menu builder not working

  I have read through all of the messages in the Forum and have
  seen similar questions on this topic but no actual answers for this
  precise situation. I apologize if I've just missed it. I'm fairly
  new to Captivate and am using version 2. I am building a project
  that will have 15 - 20 standalone .exe files.
  This client is one of of the very few that does not have
  Flash Player and will not due to security reasons. We will publish
  and play from a DVD/CD.
  The problem -
  I need to have a course menu to link to each exe and then
  link back from each exe to the main menu.
  I have built a sample menu builder and exported it as an exe.
  The links to the other files from this main menu work; however, I
  cannot get the links in the separate exe files to access the main
  menu exe (i.e. menu builder file). I either get a blank browser
  window or other url window, or nothing happens and the screen just
  stays there. The same thing will happen if I'm using the menu in
  the skins feature.
  I have ensured that all my files are in the same folder. I
  have variations on the link, such as "relative" links as suggested
  (i.e., removing path information and including only the file name).
  I'm not sure Captivate Player will help because it sounds
  like that is more for Web applications.
  Please help!
  Thanks
  lahkab

  Hi Don
  Sure thing. The weird part of this is that it will require
  using both MenuBuilder and Captivate to accomplish it. As you have
  seen, Captivate likes to open things by feeding into HTTP. So
  often, you wish to open a Word Document or a .PDF and you see a
  browser open. The bizarre part of all this, is that if you look at
  the address bar of the browser that opens, the path and filename
  are correct! You click there and press Enter and by golly it loads
  up. Go figure.
  So here goes.
  1. Note the exact file name you wish to open. Perhaps
  "Menu.EXE".
  2. Open MenuBuilder and create a new totally blank project.
  3. Set your width and height by clicking Options > Project
  Options. I think the smallest you can go is 320 wide and 200 high.
  4. Click Insert > Clickbox.
  5. For the link part, just type "Menu.EXE" (or whatever you
  noted in step 1) Note that you should not enter any path. JUST the
  file name. You might also click to place a check mark in the "Save
  file with project" check box, just to be on the safe side.
  6. Export the project as a Flash SWF.
  7. Close MenuBuilder and open your Captivate project.
  8. Edit the slide where your user will click to open the .EXE
  and click Insert > Animation...
  9. Insert the .SWF you created using MenuBuilder. Position it
  over where you wish your user to click.
  10. Publish your Captivate and test the link.
  In case it will help, I've got a zip containing all the files
  so you can see them in action (I included the source). No cloak and
  dagger with this next part, just conserving bandwidth, as I'm
  limited with this service and I don't wish everyone and their
  brother to use it all up just looking to see. Shoot me an E-Mail
  message to captiv8r (at) kc (dot) rr (dot) com and I'll send you a
  link to download the files for you to play with.
  Hopefully something here is helpful... Rick

• What is Firefox Setup 3.6.10(2).exe and is it necessary?

  What is the function of Firefox Setup 3.6.10(2).exe and is it necessary?
  When I logged into Windows Live Hotmail today, I received a message to upgrade my Firefox browser by installing this programme. I am unable to find out any information about it on the Mozilla website.
  I have downloaded to file, but am hesitant about installing it until I know more about it.

  Your above posted system details show outdated plugin(s) with known security and stability risks.
  *Next Generation Java Plug-in 1.6.0_16 for Mozilla browsers
  Update the [[Java]] plugin to the latest version.
  *http://java.sun.com/javase/downloads/index.jsp (Java Platform: Download JRE)

• Why can't I download .exe and .reg files?

  Hi! I hope you can help me in my computer problem. I have trouble downloading .exe and .reg files. I'm not sure but it must have been for some weeks now that I had this problem. When I download these files, the Downloads Window of Firefox will appear, but will show that the download is "cancelled." I click the retry button and it starts to download, but after the download completes, the file doesn't appear on the designated Download folder. I tried searching for it in the desktop it but it still doesn't show. What can I do to fix this problem? Thanks in advance for all the help! :)

  As indicated you can right click 'alarm clock 1' on http://www.pacdv.com/sounds/domestic_sounds.html to download it.
  I must admit that this is silly especially if you have already gone to the full link and listened to the file. In this case it will have already been downloaded but finding it is tedious - I suspect it is only in RAM - not one of Safari's good points!
  I hope this helps.

• I looked up the blank screen issue with itunes on my windows PC, and followed the directions with the autorun.exe and all that but my comp has Bonjour (which is by apple) so now how do I fix Itunes?  Thanks

  Hi,
    I'm getting the blank screen in my itunes store.  I followed the help script here Can't connect to the iTunes Store - Apple Support and downloaded the autoruns,exe but it just shows my comp has Bonjour (which is apple).  But now what?  How do I fix the blank screen?
  Thanks!

  Hello there, livviboobear.
  It sounds like your error message is in regards to having installed an older version of iTunes on your computer. The following Knowledge Base article offers up the step-by-step on how to properly uninstall iTunes:
  Removing and reinstalling iTunes and other software components for Windows Vista, Windows 7, or Windows 8
  http://support.apple.com/kb/HT1923
  Once uninstall, follow the link in the article to get to the most current version of the iTunes installer.
  In regards to the screen on your phone, this article explains how to resolve it:
  If you can't update or restore your iOS device
  http://support.apple.com/kb/HT1808
  Thanks for reaching out to Apple Support Communities.
  Cheers,
  Pedro.

• Oradba.exe and ORA-12638

  what is oradba.exe and what does it do?
  it does not appear to be documented anywhere (on tahiti, it only shows up in an unrelated directory listing example.
  i ran it with a healthy database, got errors about not being able to add a group and a user -- so I'm sure it's related to OS authentication and the ORA_DBA group
  after running it (but not before) I was unable to connect to the database with any tools (other than the home page), getting ORA-12638 until i commented out SQLNET.AUTHENTICATION_SERVICES = (NTS) in sqlnet.ora

  its the bit that creates the ORA_DBA group on windows

• EXE and PIF files

  I think i got this exe and pif files on my mac after unsuccessful installation of windows.  I don't exactly know where I got this.
  Is it safe to delete all this files? Does my mac need this files to run its operating system? There are over 48,000 exe and pif on my mac. And I think its accumulating almost my HD space.

  So does it mean i can delete it? I'm afraid that it like an important file because of its name. Some of it is:
  yyxb.exe
  yjgyym.exe
  yyjovx.exe
  yydc.exe
  and thousands of it on my main folder and macintosh hd.
  So is it safe to delete those exe?
  How about those pif files?