From time to time I get an email asking me if one of my programs contains a virus, because antivirus XYZ is saying so.

If you are about to do the same, please don't and read my answer here:

Short version:

No. But will you believe me ?

Long version:

I don't distribute on my pages programs containing any kind of malware or other nasty things.

I write programs for myself, and sometimes I release them as freeware.

And ... no ... I don't want to spend my time signaling all the false positives to the AV makers, it's not my fault if their software is wrong.

Sending a specific version of your program to them can sometimes remove the false alarm. They add some kind of signature to their internal "exclude" list, or sometimes they do something smarter, but anyway the process is immaterial here.

Then, I release a new version of the program. The exe is changed and doesn't validate anymore with their old exclude list, the AV engine find it suspicious again, and we are back again to square 1.

Mind you, all of the above is the best case scenario: when they are responsive and when they don't forget about your exclusion in a successive AV signatures update, forcing you to contact them again.

Really, I will not bother with that.

As Jeremy Collake eloquently once wrote: "anti-virus companies can push products right out of the market, without care or concern".

Fortunately I'm not in any "market" so they can't damage me, only their users.

I'm not suggesting you to ignore what your AV tells you.

An updated AV can be useful, and not all are so paranoid (actually some are usually good: Nod32, Kaspersky, Avast are the firsts coming to mind).

But you shouldn't believe in them blindly when the says "virus found" and you should try to understand that "suspicious" is different from "it is a virus".

Anyway it's a lot better to believe in what you can verify by yourself.

You are welcome to analyze my software in any way you see fit, just don't alter it in any way.

In general, try suspect programs in a virtual machine (VMWare, Virtual PC, VirtualBox), if you can.

Log their access to the registry and to the filesystem using specific tools like the ones from SysInternals (by the great Mark Russovich now part of the Microsoft family), and use programs like Sandboxie and the like to shield your actual machine from the software you are trying.

Closing thoughts:

When sometimes I read in a forum or a blog: "I hear what the author says but I don't trust him, I prefer to not use this program and believe what my antivirus says" ... I admit I found this really depressing.

I can understand it, to some extent.

But it's nevertheless sad to realize how the questionable opinion of piece of software with so little intelligence is held in so high regard.

Should be only one of many tools, not a magic oracle making decisions for yourself.