Thanks for your reply.
A fresh install with a genuine Windows DVD, no other software installed, only the latest Laz download.
If I remove all the code for http access, I don't get that virus alert. That is, removing the opensslsockets and fphttpclient units and of course rem out my code that uses them.