False Positive

[V. Chem]

One of your sources is flagging applications built with the launch4j jar wrapper. Attached is a simple application that demonstrates this.

http://launch4j.sourceforge.net/ 

https://www.virustotal.com/file/4e478d48f28d3f91e755a9f4f8762d1741c16e54072c653d64912f3459e98f6e/analysis/1342618953/ 

Antiy-AVL

Trojan/Win32.Ruftar.gen

[V. Chem]

Does anyone have contact information for Antiy ? I have tried two different email addresses and have not received a response.

[Richard Harris]

My apologies, I know of no one by that name.  However, a Google Search for Anity-AVL turns up several anti-virus sites including a Twitter account for  http://twitter.com/antiylabs/  that has a link address for   http://www.antiy.net  Hope this helps, 
Richard O Harris

On Sat, Jul 21, 2012 at 1:13 AM, V. Chem <prov...@gmail.com> wrote:

Does anyone have contact information for Antiy ? I have tried two different email addresses and have not received a response.

--
Choose a file, check it with more than 40 antivirus, fast and easy: http://www.virustotal.com

--

Sincerely,

Richard O Harris

http://rickinjaxfl.blogspot.com/
http://www.triond.com/users/Richard+O+Harris
www.stumbleupon.com/stumbler/rickinjaxfl
www.facebook.com/rickinjaxfl
www.twitter.com/rickinjaxfl
http://www.bukisa.com/people/RickH
www.twitter.com/rickinjaxfl
http://www.bukisa.com/people/RickH

[V. Chem]

Thanks for your input. As you might imagine, I have already located antiy.com and antiy.net and emailed them at their listed contact addresses. So far there has been no response. This is the procedure virus total recommends in their FAQ. However, Antiy does not seem interested in participating in this process.

On Sunday, July 22, 2012 1:05:13 AM UTC+5:45, Richard Harris wrote:

My apologies, I know of no one by that name.  However, a Google Search for Anity-AVL turns up several anti-virus sites including a Twitter account for  http://twitter.com/antiylabs/  that has a link address for   http://www.antiy.net  Hope this helps, 
Richard O Harris

Does anyone have contact information for Antiy ? I have tried two different email addresses and have not received a response.

--
Choose a file, check it with more than 40 antivirus, fast and easy: http://www.virustotal.com

[Richard Harris]

I completely understand your frustration. I did a little more research today using the Inspect element tool on the Anity Twitter page and found this was actually copyrighted in 2009 by http://280atlas.com by one  Sean Kinsey, oyv...@kinsey.no. You may also find these two sites useful   https://dev.twitter.com/search/twitter_development_talk/anity  and
https://singpolyma.net/actionstream/showing-http280atlas-com-to-geek-friends-yup-its-disgusting-and-we-hate-it/  Wish I could give you more of an answer but I am just not tech savvy enough to go any further.  Hope you get it all worked out soon.

Sincerely,

Richard O Harris

Sincerely,

Richard O Harris

[V. Chem]

In the end the simplest solution was to re-pack the exe with UPX. This does not inspire much confidence in these antivirus groups. If a simple repacking is all it takes to bypass these scanners....

 Thanks again for your input Richard. 

On Monday, July 23, 2012 12:21:47 AM UTC+5:45, Richard Harris wrote:

I completely understand your frustration. I did a little more research today using the Inspect element tool on the Anity Twitter page and found this was actually copyrighted in 2009 by http://280atlas.com by one  Sean Kinsey, oyv...@kinsey.no. You may also find these two sites useful   https://dev.twitter.com/search/twitter_development_talk/anity  and
https://singpolyma.net/actionstream/showing-http280atlas-com-to-geek-friends-yup-its-disgusting-and-we-hate-it/  Wish I could give you more of an answer but I am just not tech savvy enough to go any further.  Hope you get it all worked out soon.

Sincerely,

Richard O Harris

[Richard Harris]

Thanks for letting me know  your final solution. You are right, it is scary how such a simple change can create a virus. Thank you for bringing it to my attention.