AV scanners and false positives

From time to time I receive sad/angry/informative messages from users that some antivirus scanner is reporting my programs as virus or trojan or suspicious file. Obviously those are “false positives” (the AV vendors are using this euphemism to replace “lies”). I have no idea why that happens. In the past I was publishing unsigned setup files, which could be part of the problem. But now everything is signed with my digital signature. The only reason for this to happen is the paranoid nature of some antivirus programs. Yesterday I had to deal with disappointed user who purchased my program just to see Nor**n saying it’s a virus and to stop the tool from working. I refunded the money, but no one could remove the bad taste feeling can’t be cured neither for me nor the user. According to nor**n, this tool is “suspicious” because is not very popular. Boy! I am writing niche software, I never intended to be popular with these tools. DrW*b directly says (lies) there is a virus in other of the tools I am publishing. Why? What virus? Kas***sky isn’t right now reporting any of my tools as virus, but it did that several times in the past… What is this? Why are antivirus programs lying about my programs?

Continue reading AV scanners and false positives