---------- Forwarded message --------- From: Uwe, DG2YCB via Wsjt-x-improved-community < wsjt-x-improved-commun...@lists.sourceforge.net> Date: Thu, 15 May 2025 at 13:05 Subject: Re: [Wsjt-x-improved-community] False positive virus alerts To: Wsjt Improved <wsjt-x-improved-commun...@lists.sourceforge.net>
By the way: The page where each of you can *report false-positive virus alerts to Microsoft *is this one: *https://www.microsoft.com/en-us/wdsi/filesubmission <https://www.microsoft.com/en-us/wdsi/filesubmission>* The other providers of antivirus software certainly have a similar website. 73 de DG2YCB, Uwe ________________________________________ German Amateur Radio Station DG2YCB Dr. Uwe Risse eMail: dg2...@gmx.de Info: www.qrz.com/db/DG2YCB Am 14.05.2025 um 10:16 schrieb Uwe, DG2YCB: Dear Users, In the past days I received some emails telling me that some antivirus software gave alerts for the latest WSJT-X Improved Windows installer. I can assure you that no program compiled by me has ever contained any virus or Trojan. In addition, every file on SourceForge is scanned again for viruses. This leaves only the minimal theoretical risk of a so-called man-in-the-middle attack, i.e. someone intervening during the download and injecting malicious code. With https connections, however, the probability of this happening is as low as being hit by a comet today. *The procedure for such false positives is always the same: Please contact the antivirus software providers concerned and ask them to scan the file in question. So far, not a single real virus has ever been detected in any program compiled on my computers* (i.e. all WSJT-X, WSJT-X Improved or JTDX Improved programs of the last 3 years). The reliability of antivirus programs has diminished considerably in recent times. Instead of scanning themselves, other criteria are simply used nowadays. If the file is from companies such as Microsoft, etc., it is classified as harmless. If the provider is not on such lists, the program is already “suspicious”. If then the program also has to communicate via TCP or UDP, it is immediately classified as virus-infected, regardless of whether it actually contains a virus or not. I probably don't need to mention what I think of this, because conversely, it also means that such antivirus software is just as unlikely to detect real threats. Remember: With WSJT-X (or WSJT-X Improved, but that's just an extended version of it), PSK Reporter has to communicate over the Internet. For the connection to JTAlerts and to the logging software we need communication via UDP. The radio must be connected via COM ports. In addition, we have shared memory usage between wsjtx.exe, qmap.exe and jt9.exe. It's no wonder that antivirus programs initially classify this as “suspicious”. But now comes the important difference: In the past, these providers really scanned such program files (and then came to the correct result: everything is virus-free), nowadays it is simply classified as supposedly contaminated with viruses. And the thousands of users of such antivirus software are so stupid that they still trust them, hi. *Again, the only solution to this is for you users to send the files in question to these providers for analysis (with the suspicion of a false positive alert). Preferably dozens or hundreds of you should do that! * This is the only way to finally stop this nonsense. 73 de DG2YCB, Uwe ________________________________________ German Amateur Radio Station DG2YCB Dr. Uwe Risse eMail: dg2...@gmx.de Info: www.qrz.com/db/DG2YCB _______________________________________________ Wsjt-x-improved-community mailing list wsjt-x-improved-commun...@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wsjt-x-improved-community
_______________________________________________ wsjt-devel mailing list wsjt-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wsjt-devel
