[chirp_users] Possible Virus

[The Doctor]

------- Original Message -------
On Friday, January 6th, 2023 at 08:24, g7jiq1 <g7jiq1 at gmail.com> wrote:

> I thought I would give the new chirp-next a try, but unfortunately my
> virus checker deletes the chirpwx.exe file saying it has a Heur.AdvMLB
> Heuristic Virus.
> 
> Has anyone else had this warning ?

As an experiment I grabbed the chirp-next-20230107-[win32.zip, installer.exe] files from
https://trac.chirp.danplanet.com/chirp_next/next-20230107/ and ran them through virustotal.com.

chirp-next-20230107-win32.zip (https://www.virustotal.com/gui/file/1166435ba1881327a13f115e0a0cf4b9e75067a188d023ae826dc7a44d4ddf0a)
detects on four different antivirus packages (Antiy-AVL, Gridinsoft (no cloud), Jiangmin, and
Zillya) out of 67.  chirpwx.exe is the file that seems to tweak those antivirus packages, as well
as the fact that chirp-next tries to determine if it's running in a debugging environment
and checks to see if there are any .dll files (Windows libraries) it needs that are missing.
This is not uncommon behavior, so as a heuristic it's bobbins.  I wouldn't worry about it.

As for chirp-next-20230107-installer.exe, it was already installed and scanned
(https://www.virustotal.com/gui/file/d4cec6f1171d56cfae3a1801355ee60df308c0d71a06b45e9321112447948666)
so there was pretty much zero wait time.  Out of 67 different antivirus packages, only two
(Antiy-AVL and SecureAge) triggered, and that was largely because the installed contacts
one other IP address on the Net to download a couple of dependencies.

4 out of 67 and 2 out of 67, respectively, pretty solidly suggest that there's nothing
malicious with the chirp-daily builds.

The Doctor [412/724/301/703/415/510]
WWW: https://drwho.virtadpt.net/
The old world is dying, and the new world struggles to be born. Now is the time of monsters.