Antivirus False positive in my executable

Question

I just ran into an annoying problem. Suddenly Avira AntiVir started to flag one executable from my software as being a virus.

As the default act

Answer 1

In Free Pascal/Lazarus groups and bugtracker, such messages happen nearly every release and/or month.

We generally advise users to ignore all "generic" or "heuristic" scanning types, and stick to signature based scanning (as most corporate virusscanners do).

This because it is nearly always an heuristic alarms, never specific malware. This can be readily seen in the fact that the detected "virus/trojan" is nearly always of the "generic" type. Usually the virusscanners are also typical "home" virusscanners, or home editions of general virusscanners (Norton used to be particularly bad, nowadays it mostly the smaller scale "cheap" home use scanners)

However we communicate mostly with developers, and already have trouble getting this message across. I can imagine, when distributing to clueless end-users, this is a real difficult message to communicate.

Still, there is no other way.