Loading ...
Sorry, an error occurred while loading the content.
 

Re: [digsstv] Re: Easypal & Trojan loader detection & alternate program - GOOD NEWS!

Expand Messages
  • Alan
    ... From: AA0OI Subject: Re: [digsstv] Re: Easypal & Trojan loader detection & alternate program - GOOD NEWS! ... And Google Anitvirus false positives 73
    Message 1 of 24 , Feb 15, 2010
      ----- Original Message -----
      From: "AA0OI
      Subject: Re: [digsstv] Re: Easypal & Trojan loader detection & alternate
      program - GOOD NEWS!



      >Take EasyPal and do not unpack it and go to the internet and put it in
      >virus total http://www.virustotal.com/ it will run a virus check

      And Google "Anitvirus false positives"

      73 Alan G4ZFQ
    • utility_world
      I can confirm that there is something weird happening with EasyPal. The download detects clean, and the program was fine until about a week ago, after I d been
      Message 2 of 24 , Mar 15, 2010
        I can confirm that there is something weird happening with EasyPal.

        The download detects clean, and the program was fine until about a week ago, after I'd been using it a lot. Now every time EasyPal runs it creates a compressed file in its home folder called loop.zip. Norton tags this as a Trojan loader and "quarantines" it.

        The loop.zip can be deleted and it doesn't come back until EasyPal is run, then it's there again.

        I have a weird theory. If digi SSTV can transfer any files, is someone using it to pass malware?

        I don't want to go public with this until I have more information, but neither do I want EasyPal on my computer until I can resolve this issue.

        -hugh


        --- In digsstv@yahoogroups.com, "Howard Z" <Howard_Z@...> wrote:
        >
        > Yes, Easypal is a wonderful program,
        >
        > and Yes, Easypal has been infected with a virus/spyware/whatever for a very long time.
        >
      • Dave Jones
        Hi Hugh, I m running EasyPal 12/MAR/2010 on three computers running XP home, Vista HP, and Windows 7 HP. You did not mention your version or OS here or on
        Message 3 of 24 , Mar 16, 2010
          Hi Hugh,

          I'm running EasyPal 12/MAR/2010 on three computers running XP home, Vista HP, and Windows 7 HP.  You did not mention your version or OS here or on your blog at: http://mt-utility.blogspot.com/

          On each of my computers I have deleted the file "LOOP.ZIP", sent and received pictures, closed and restarted Easypal, re-booted the system and the file "LOOP.ZIP" does not come back.  Since this file keeps coming back on your system, I agree that there is something weird happening but it would seem that it is only with your system and may have nothing to do with EasyPal.  Could it be that the EasyPal install is being run each time?  Perhaps there is some sort of restore running on your computer.  If not, then there may be a virus on your system replicating files.

          The file "LOOP.ZIP" has been around for nearly three years and during that time Norton AV has not had a problem with this file.  Recent AV definitions from Norton are coming up with many false positives even on old files that Norton once scanned as OK.

          The file "LOOP.ZIP" only contains the file "LOOP.DLL".  It is only needed on some installations where a SDR requires a VAC.

          Any program that transfers files could pass malware.  The files sent with EasyPal are generally very small, perhaps 20 to 40 KB.  I should think that files that contain  malware are likely to be much larger than that.  However, it could easily provide a link to a web site or file on the web that is infected.  I have used EasyPal to send files that contain a test virus.  Some systems will catch it while others do not.  In cases of incomplete file transfer, corrupt image files may be stored.  An AV program may detect some of these files as Trojans, all false positives.

          Erik, VK4AES has worked very hard making changes with EasyPal to accommodate the AV and malware detection programs.  If you are not running the latest version, it may have issues with the current AV and malware detection programs.

          73 Dave KB4YZ

          utility_world wrote:
           

          I can confirm that there is something weird happening with EasyPal.

          The download detects clean, and the program was fine until about a week ago, after I'd been using it a lot. Now every time EasyPal runs it creates a compressed file in its home folder called loop.zip. Norton tags this as a Trojan loader and "quarantines" it.

          The loop.zip can be deleted and it doesn't come back until EasyPal is run, then it's there again.

          I have a weird theory. If digi SSTV can transfer any files, is someone using it to pass malware?

          I don't want to go public with this until I have more information, but neither do I want EasyPal on my computer until I can resolve this issue.

          -hugh




        • Utility World (Hugh Stegman)
          Thanks, Dave. Loop.zip has not come back since EasyPal was uninstalled. OS is Windows XP, Media Center Edtion, Version 2002, Service Pack 3. System Restore is
          Message 4 of 24 , Mar 16, 2010
            Thanks, Dave.

            Loop.zip has not come back since EasyPal was uninstalled.

            OS is Windows XP, Media Center Edtion, Version 2002, Service Pack 3.
            System Restore is turned off, since Norton blocks it anyway. The
            version of EasyPal is unavailable, since I deleted everything. I think
            it's the one before this recent one came out.

            I do know that Norton is giving the alarm on loop.dll, which it may be
            confusing with loop.exe, a file associated with Trojans. Someone on QRZ
            was talking about loop.dll being used with SDRs, as you say.

            My guess is that Norton is giving a false positive. This would
            certainly not be the first time, or even the first time this month.


            -hugh
          • AA0OI
            You should read the right up on Norton in the trade mags.. It is one of the biggest memory hogs and worst anti virus there is ( see Maxium PC)  many many
            Message 5 of 24 , Mar 16, 2010
              You should read the right up on Norton in the trade mags.. It is one of the biggest memory hogs and worst anti virus there is ( see Maxium PC)  many many false Postives not to mention they are being sued by many other companies for trade infringments..Try AVG or even MicroSofts new free anitvirus.. Norton (has not always been) but is the bottom of the barrel.. There is nothing wrong with EasyPal,, I've been running it (beta tester) from the day it came out..It runs fine on all 9 of my computers from windows 98 to windows 7 64 bit...
               
              Garrett / AA0OI



              From: Utility World (Hugh Stegman) <utilityworld@...>
              To: digsstv@yahoogroups.com
              Sent: Tue, March 16, 2010 11:26:50 AM
              Subject: Re: [digsstv] Re: Easypal & Trojan loader detection & alternate program - GOOD NEWS!

               

              Thanks, Dave.

              Loop.zip has not come back since EasyPal was uninstalled.

              OS is Windows XP, Media Center Edtion, Version 2002, Service Pack 3.
              System Restore is turned off, since Norton blocks it anyway. The
              version of EasyPal is unavailable, since I deleted everything. I think
              it's the one before this recent one came out.

              I do know that Norton is giving the alarm on loop.dll, which it may be
              confusing with loop.exe, a file associated with Trojans. Someone on QRZ
              was talking about loop.dll being used with SDRs, as you say.

              My guess is that Norton is giving a false positive. This would
              certainly not be the first time, or even the first time this month.

              -hugh


            • David Myers
              This thread keeps surfacing thru the years. There is no problem with EasyPal, either in the Install or running of the program. Norton s is the problem and has
              Message 6 of 24 , Mar 16, 2010
                
                This thread keeps surfacing thru the years.
                 
                There is no problem with EasyPal, either in the Install or running of the program.  Norton's is the problem and has been for many years, not only with EasyPal, but other applications as well.
                 
                I service and repair computers, and over 90% of problems come from the Nortons installation. You can uninstall it, and then spend half an hour manualy deleting the rest of it's files spread throughout the computer and Registry. That's how badly produced it is....
                Google Norton Uninstall and have a look at the amount of programs that are produced to try to get rid of it!
                 
                Get rid of Nortons and you get rid of your problems.
                 
                Dave  VK2RD / VE3DFK
              • Utility World (Hugh Stegman)
                Everything said here about Norton is true, and I remember when it was so bad that it wouldn t even run right after a few updates. It s still a major resource
                Message 7 of 24 , Mar 17, 2010
                  Everything said here about Norton is true, and I remember when it was so
                  bad that it wouldn't even run right after a few updates. It's still a
                  major resource hog and produces false detections every day. It triggers
                  when Google Updater operates normally.

                  Unfortunately, it came pre-loaded on my last two computers. As you say,
                  it can be a major undertaking getting rid of all its left over crap
                  after an uninstall. Then there's the convenience thing of it just being
                  there, not that it's any good excuse to settle for a lousy product.

                  I probably need to be more careful about this when I go looking for
                  machines.

                  -hugh


                  David Myers wrote:

                  > I service and repair computers, and over 90% of problems come from the
                  > Nortons installation. You can uninstall it, and then spend half an hour
                  > manualy deleting the rest of it's files spread throughout the computer
                  > and Registry. That's how badly produced it is....
                • David Little
                  FWIW, Norton is probably one of the most persistent Viral infections in existence. The easiest way to remove it is not to install it. The second best method is
                  Message 8 of 24 , Mar 17, 2010
                    Message
                    FWIW, Norton is probably one of the most persistent Viral infections in existence.
                     
                    The easiest way to remove it is not to install it.
                     
                    The second best method is to reformat and reinstall the Operating System.
                     
                    It wasn't this way when Peter Norton wrote and distributed it...
                     
                    David
                    KD4NUE
                     
                     
                     
                    -----Original Message-----
                    From: digsstv@yahoogroups.com [mailto:digsstv@yahoogroups.com] On Behalf Of Utility World (Hugh Stegman)
                    Sent: Wednesday, March 17, 2010 12:28 PM
                    To: digsstv@yahoogroups.com
                    Subject: Re: [digsstv] Re: Easypal & Trojan loader detection & alternate program - GOOD NEWS!

                     

                    Everything said here about Norton is true, and I remember when it was so
                    bad that it wouldn't even run right after a few updates. It's still a
                    major resource hog and produces false detections every day. It triggers
                    when Google Updater operates normally.

                    Unfortunately, it came pre-loaded on my last two computers. As you say,
                    it can be a major undertaking getting rid of all its left over crap
                    after an uninstall. Then there's the convenience thing of it just being
                    there, not that it's any good excuse to settle for a lousy product.

                    I probably need to be more careful about this when I go looking for
                    machines.

                    -hugh

                    David Myers wrote:

                    > I service and repair computers, and over 90% of problems come from the
                    > Nortons installation. You can uninstall it, and then spend half an hour
                    > manualy deleting the rest of it's files spread throughout the computer
                    > and Registry. That's how badly produced it is....

                  • Utility World (Hugh Stegman)
                    Darn right it wasn t. Peter Norton is now a rich guy with a huge art collection, and as you are probably only too aware, Symantec bought the Norton brand and
                    Message 9 of 24 , Mar 17, 2010
                      Darn right it wasn't. Peter Norton is now a rich guy with a huge art
                      collection, and as you are probably only too aware, Symantec bought the
                      Norton brand and turned it into badly conceived bloatware. Then they
                      bought a perfectly good little software firewall from a company I don't
                      recall, bloated that up, and added it to the sodden mess.

                      Too bad. Like everyone else, I have the Pink Shirt Book still around
                      somewhere. Some of us also remember hacking physical disk sectors with
                      his editor and saving stupidly deleted files manually one at a time with
                      his undelete. Ah, the bygone days of computing.

                      -hugh


                      David Little wrote:

                      > It wasn't this way when Peter Norton wrote and distributed it...
                    Your message has been successfully submitted and would be delivered to recipients shortly.