Julian GW4JBQ

Hi Gary,

 Really good to hear you again


On 30 Mar 2020, at 01:25, Gary Hinson <Gary@...> wrote:

Not so weird, Darl.


Antivirus programs tread a fine line on sensitivity: if too sensitive (with the preamp set to TURBO!), they can sound the alert on totally innocuous programs.  Everything seems scary. 


If too lax/laid-back, they can fail to sound the alert on nasty programs.  They are as deaf to trouble as certain Eastern European operators with huge power amplifiers and vestigial ears.


We’ve seen a slew of postings here in the past week or so about both McAfee and Windows Defender alerting on (and, it seems, quarantining) Logger32.exe.  Maybe everyone is a bit on edge with COVID-19.


I’m virtually certain it is a false alarm.  If you’re worried, check it out by uploading Logger32.exe to and make what you will of the results.  It is not uncommon to see a handful of antivirus programs sound the alert on relatively rare executables such as this: “a handful” means “a few” as in “a minority” or “a small minority”, often just obscure antivirus packages but sometimes (as now) one or two of the main players too.  Do ya feel lucky, punk?


The preferred solution is to report this a false alarm to the relevant antivirus supplier, and they’ll put their best egg-heads on the case.  They have high isolation labs for testing suspect programs.  Maybe they even have radios and dummy loads.  I don’t think they wear face masks though.  If they agree that this is a false alarm, they will normally code and push out an update to their antivirus signatures as soon as practicable (sometimes within hours, more often within days since we Logger32ites are so rare and ‘special’).


Meanwhile*, you may be able to manually configure your antivirus program to ignore (“exclude”) Logger32.exe, perhaps even the whole Logger32 directory.  You may need to restore Logger32.exe from the quarantine area, if it wasn’t deleted.  If it was deleted, you’ll need to download, reinstall and re-update Logger32 from … but if you haven’t updated or reconfigured the antivirus program, it will spring lithely into action once more, quarantining or deleting the latest update once again.


You could also replace your antivirus program with a “better” one”.  Good luck figuring out which ones are “better”.  There’s plenty of choice out there.  The big brand commercial suppliers with big marketing budgets generally battle it out at the top of all the comparative rankings (funny, that) but even the obscure providers (including freeware ones) generally do OK.  The main advantage of the commercial products is more timely customer support, in theory, for incidents just like this.  In practice, the suppliers are always working under pressure, especially now I guess with COVID-19.


As a last resort, you can turn off your antivirus programs completely and live dangerously, doing the IT equivalent of sharing personal space and bodily fluids with large crowds of people right now.  It’s definitely not to be recommended. 


Hinson tip: whatever else you do, make sure you have recent offline backups of anything important, such as your log (preferably a full ADIF export).  That way, if it all goes horribly wrong, you haven’t lost everything, except perhaps a few hours, maybe a few QSOs and some dignity.  Chalk it up to experience.  [And don’t ask me how I know this.]



Gary   ZL2iFB


* Don’t forget to remove the exclusion once the antivirus program is updated to stop false-alarming.  It is unlikely but possible that a future update to Logger32 or the associated utilities and documentation might be infected with something nasty, in which case you’ll be glad of the alert.




Gary Hinson


IsecT Limited

My blog

Information security

ISO/IEC 27001 standards

Security metrics

Security policies



From: <> On Behalf Of Darl DEEDS
Sent: 30 March 2020 10:08
Subject: Re: [hamlogger] LOGGER 32


I woke up this morning and turned on my monitor, computer was already on, and found Logger gone, no shortcut nor in my program directory, although it was still in the hard drive minus the exe. program. Same as you Tom.


I haven’t changed anything for weeks except updating to the newest version automatically.


I do not use MacAfee. I only have Microsoft Defender installed.


It took a while but I finally got it to reinstall and nothing was lost.


Very weird that an overnight virus scan would remove it. Defender did show several items quarantined including Logger.exe


Darl  NA8W


From: Tom Wylie
Sent: Sunday, March 29, 2020 15:49
Subject: [hamlogger] LOGGER 32


After quitting the contest tonight It was my intention to import my contest logs into Logger 32 as normal,  however, I noticed that my shortcut no longer works and says that the EXE file it refers to has been removed.    I went into the Logger 32 folder and sure enough there is no EXE file.


I ran a virus check and found that yesterday morning I seemed to have picked up a trojan    Occamy.C   which has latched onto my Logger32 EXE file and it has been quarantined in my computer.   I cant remember when I last updated Logger 32 but feel it was in the past couple of days via an auto update.      Can anybody throw any light on this?  Can I merely dump the .exe file and download a fresh on from the main site.   I have backed up my logs.









Sent from Mail for Windows 10



Join to automatically receive all group messages.