delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2017/06/28/12:58:21

X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:mime-version:in-reply-to:references:from:date
:message-id:subject:to:content-type; q=dns; s=default; b=kt77k5G
yhJxrk1ORNXbp7gY5XVald9WfS9Abfd0TSLhjHiSVmYJVCMy/v7TD2vyegZrZaH7
12AK2XttAzRqgDBpTO/Yq3YhEyo7V3+l3gsUd6Th8h60zlHaz8vMx+tCGNSJZL7v
fLnilMKRgpYAqPS6dunzBbHfnws+sedDHiNg=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:mime-version:in-reply-to:references:from:date
:message-id:subject:to:content-type; s=default; bh=7pI3eo8E/mHU0
W9v34zP33itoM8=; b=aJbMQsUmCQ6GG3GcYKFEjBtit0zDPY0XTl/3v48q7BrIk
hGnEFZ/Agdio72IWVcMMENeMgMuCLsuddXaVYSm60ghcytb6vvm6zGwLlNwkAVXc
BvXHuY+Fq4xBbUjG+D/1kPuXkkh7uPONhYsmPVE7l+aLBEWbpV99rM/cI9443o=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM,SPF_PASS autolearn=no version=3.3.2 spammy=tired, replies, folders, Sincerely
X-HELO: mail-wm0-f41.google.com
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to; bh=2TG5Nm+xeuYZiAOEF4RjW8uvPDUxVVp2ag/TWIYCiNo=; b=FBf7iszOLkZm2MYjvpiPS2k+s59doDaBDZZqERMHn6GFsyT9DpFduGHs+ud0as4c11 XKz92u7GBhHrwUk2Z+fzbdyGVzHt8i9vMKRL+7CYRWTJSUe5Del8CH+1mvMRFl7ObuO+ 2cN7z4rlslpgltaKxgzVnQYj8KNFryOLM7Y2kUyTKCgrgQ57usaHp4AXGe5pZFsm/4Os OlYm7f3QzKzpWjbW20toW3QhHNKGLs8KO0vLX5vbj6aiBTH2g6SexmmluDf9PY2rj92R T2cDtgcnZ2YtkJgMlWJUTOEh5DF1FIh9V4ATOuMR1JzPAxDl7LGIusq5VogWw+i5hzaW bhJA==
X-Gm-Message-State: AKS2vOyxKSxvctnbPh5ubmCGnPw3H8F6y9MDVnDSliGM39hStSPd+xxU bt5xXYnon6uAn7rFUQkrD5XxNzqfztgjlaQ=
X-Received: by 10.28.139.145 with SMTP id n139mr8666189wmd.53.1498669084558; Wed, 28 Jun 2017 09:58:04 -0700 (PDT)
MIME-Version: 1.0
In-Reply-To: <CAPXRkNFK=2b8Gjmb4ckCOXPGh_DFn6r2jRbxHMi3pNLn4cBSFg@mail.gmail.com>
References: <CAPXRkNH7QPGrSVtiwLvZ9ZF3rmEGy=Q4R3VxwY=JU0SBZVZH+A AT mail DOT gmail DOT com> <CACoZoo12-507_9K7cFQm8DsCOKNF1dzWesMFF=+c1j=JrANY0g AT mail DOT gmail DOT com> <CAPXRkNFK=2b8Gjmb4ckCOXPGh_DFn6r2jRbxHMi3pNLn4cBSFg AT mail DOT gmail DOT com>
From: Erik Soderquist <ErikSoderquist AT gmail DOT com>
Date: Wed, 28 Jun 2017 12:58:03 -0400
Message-ID: <CACoZoo1zYx-k0jpObPnqSs=f0Wnqgr=di+j8oZ4Ni2Z=KE_obg@mail.gmail.com>
Subject: Re: XLanuch.exe is a Trojan-It allows remote control of my pc without my knowledge or permission [Reference Link]
To: cygwin <cygwin AT cygwin DOT com>
X-IsSubscribed: yes 

On Wed, Jun 28, 2017 at 12:48 PM, Sagar Kapadia wrote:
> Hi Erik,
> Thanks for your reply. I could not find the file in the windows
> directory or its sub folders. However, I saw the xlaunch configuration
> screen on my pc. It came up on its own. I tired killing it but it
> would start again.

That indicates something else on your machine is launching it, and
deleting it only blocked whatever else is on your machine from
starting it again.  No program, no matter how complicated, can
magically start itself; something else must always start it.  Virus
and trojan programs typically do this by running several different
very small programs that watch each other, and when any one program
from the malaicious package is killed, the others restart it.

> I installed it over a year ago, and I dont remember which mirror I
> used. However, I did use the standard installer.

This being new behavior after being installed over a year also points
to something else trying to use xlaunch rather than xlaunch itself
being the problem.

> By the way, I did not quite understand about top posting .

http://linux.sgms-centre.com/misc/netiquette.php#toppost

> I am replying only to you . If you permit, I will
> reply to the list too
> Sincerely,
> Sagar

Everything I've said has already been posted to the list; you need to
be subscribed to the list for the replies to come to you as a normal
practice, and it is highly recommended when posting to possible
problem to be subscribed at least as long as the problem is being
addressed.

-- Erik

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019