ad: dxeng

EasyPal Alert

Discussion in 'Amateur Radio News' started by W2JUV, Jan 26, 2010.

Thread Status:
Not open for further replies.
ad: L-HROutlet
ad: l-assoc
ad: L-rfparts
ad: l-Waters
ad: l-gcopper
ad: l-innov
ad: Subscribe
ad: l-rl
  1. W2JUV

    W2JUV Ham Member QRZ Page

    This digital SSTV software can be downloaded from the KC1CS website, but
    beware, a Trojan Downloader comes with it. I have advised KC1CS by email of the problem. Hope it gets fixed.

    Al W2JUV
  2. KN4SA

    KN4SA XML Subscriber QRZ Page

    none found

    Hello OM. Are you sure you found a valid trojan on this ham's site? I downloaded, scanned and installed and scanned all installation files after installation. No virus, trojan or malware was found. Two days ago there was a problem with Google Adsense that was throwing false positives in many viruscan programs. This has now been fixed. Is this possibly what happened to you at his site. Perhaps there truly was a trojan and it has now been cleaned? I don't know, but at this time, my scanning programs show nothing.

    Thanks es 73,

  3. NA4IT

    NA4IT Ham Member QRZ Page

    Just scanned mine, no problems found...

    Scan "Shell extension scan" was finished.
    No infection was found during this scan
    Folders selected for scanning:;"C:\Program Files\EasyPal;"
    Scan started:;"Wednesday 01/27/10 2010 9:38:38 AM"
    Scan finished:;"Wednesday 01/27/10 2010 9:39:59 AM (1 minute(s) 21 second(s))"
    Total object scanned:;"1188"

    de NA4IT
  4. NJ3H

    NJ3H Ham Member QRZ Page

    Running Malware Bytes a couple of days ago, I also received a trojan message with the exe file. There just must be something the virus detectors are seeing and not liking. My 2ยข worth.

  5. W2JUV

    W2JUV Ham Member QRZ Page


    I confirm the posting from George NJ3H, the Trojan only shows up when I scan with MalwareBytes. Could be a quirk within MalwareBytes, who knows.
  6. KD7MSC

    KD7MSC Ham Member QRZ Page

    I have had EasyPal on this computer for about 6 months. Last week Avast found a Trojan in the EasyPal software and locked it in its chest. I deleted EasyPal and ran another scan and found nothing. I will be watching this thread because I would like to have EasyPal back.

  7. KA1MDA

    KA1MDA Ham Member QRZ Page

    I have also found the trojan in EasyPAL over a year ago. Malware bytes said it was some type of on-line-banking password stealing program. I deleted EasyPAL after that and tried downloading the latest release at that time, with the same results. I haven't used EasyPAL since. I posted something about it on either this or the other well-known ham forum, but got no additional information.

    It could be just a fluke with Malwarebytes, but in the past Malwarebytes has found spyware that other programs missed. Don't forget- many anti-virus programs do not check for malware or root kits- only viruses. I wonder if the author of EasyPAL may have reused a piece of existing code to save time, and that's where the malware got in..

    Also very curious here to find out what the final verdict is. At this point, I prefer to err on the safe side and believe Malwarebytes.

    Tom, KA1MDA
  8. K3LUE

    K3LUE Ham Member QRZ Page

    Malware programs often report exe files as a trojan. It's in the software that generates the report and it always sees an executable as a possible trojan.
  9. K3KO

    K3KO Ham Member QRZ Page


    So one should ignore it if a Malware program detects a virus in a .EXE file?
    Hardly makes sense. Why run the Malware program if you don't want to know?

    de K3ko
  10. NF9L

    NF9L Ham Member QRZ Page

    False Positive . . .

    I use this software everyday and no problems ever found . . .
    Last edited: Jan 27, 2010
  11. KC8VWM

    KC8VWM Premium Subscriber QRZ Page

    The way maleware works is it "redirects" your computer to download from another site but yet it gives you the impression and has the "apperance" the file is actually coming from the intended download site.

    You can check your PC using this freeware:

    Keep in mind most "virus scanners" will not detect maleware on your PC until the maleware attempts to install a virus on the PC.
  12. WA3MEJ

    WA3MEJ Ham Member QRZ Page

    TROJAN ...NOT!

    I have used this software since it was introduced and it has frequencly had a problem with being identified as having a TROJAN by various virus scanners. I might add I have dissassembled this program and have found NO I repeat NO Trojan.

  13. AG3Y

    AG3Y Ham Member QRZ Page

    What version are you using? If it is not the latest, which is Jan 2010 at the time of this post, try Dave's site and get the latest.

    I was having a "spyware" problem every time I prepared a pix file for transmission. The new version dos NOT do that !
  14. W4PC

    W4PC XML Subscriber QRZ Page

    This is called a 'false positive'. The way these programs work is they look for a 'digital fingerprint' in the EXE files. If something in the code matches the digital fingerprint, then it's reported as infected, even when it's not.

    If it's reported to the antivirus manufacture, they will add it to an omit list inside the scanning program.
  15. K5MOZ

    K5MOZ Ham Member QRZ Page

    What was found was a virus that attatches itself to one of the last used .exe files.
    This Virus variant has been running wild since the first of the year.
    If you get it your machine is at fault.
    Just redownload and all should be fine if you have your machine scanned properly.
  16. K5RG

    K5RG Ham Member QRZ Page

    avast! Internet Security Version 5 has a new feature called the Sandbox (process virtualization) which allows you to execute a program or browse the web within a completely safe environment. Might be one way to check out the false positives.
  17. KC8YHW

    KC8YHW Premium Subscriber QRZ Page

    ____ Gentleman, if you get a report of malware, key logger, or other trojans. What risks do you want to take. I do not ever connect my shack computer to the internet. I use a memory stick to move the new program to the shack. My net computer is a Linux box and I do not do online banking or purchases. Period. I do not want some pimple faced cellar dweller to have access to my bank accounts, 401k or any other info that a KEYSTROKE LOGGER program might send to that person.

    ____ It is all about risk management.
  18. AA8X

    AA8X Ham Member QRZ Page

    Yes, it has a virus

    I had to blow it off my computer because it has a virus.
    Bob, AA8X
  19. DF1PAW

    DF1PAW Ham Member QRZ Page

    I scanned it with Jotti's malware scan. 4 out of 20 scanners reported malware:
    See for details

    If you use Firefox you may report malicious websites. In the menu click help and then report web forgery. This will open a new page where you can report the website...

    vy 73,
    Andreas, DF1PAW
    Last edited: Jan 28, 2010
  20. KJ4EED

    KJ4EED Ham Member QRZ Page

    It would be nice to verify a file's checksum with a checksum from the author.

    C:\Downloads>fciv EasyPal05-JAN-2010.exe
    // File Checksum Integrity Verifier version 2.05.
    269f4abac7c0a8c9a238b911ef007d79 easypal05-jan-2010.exe

Thread Status:
Not open for further replies.

Share This Page