Domain: jotti.org
Stories and comments across the archive that link to jotti.org.
Comments · 11
-
In other words
The FBI will soon be releasing a link to Jotti.
-
Re:Microsoft
I checked them against Jotti's site and most of them came back positive, including AVG and Avast (I set MSSE to prompt for action and to not automatically delete suspected files). No idea when those two added the trojan to their databases, but they certainly weren't detected by either of those programs during full system scans before last year when I switched to MSSE.
-
AVG + Common sense
I use AVG's free edition for on-access scanning, just for a little extra protection, because I am generally able to avoid getting infected with anything. (Even if something does slip by me, I can often track it down through a service it installs, entry in startup lists, or running processes.)
If I'm downloading something that has a big potential for being a virus (e.g. a no-CD crack), I'll scan it manually with AVG, and also upload it to a scanning service like virusscan.jotti.org or virustotal.com, which take a file and put it through a number of anti-virus products.
Natually, AVG has also been making it harder to find the free edition. They, of course, want you to buy the full AVG Internet Security package. (To find AVG Free, you have to go to free.avg.com, and look for the less-flashy, more hidden buttons.) -
Or Jotti Re:Upload to virustotal.com
I agree, virustotal answers the original question of an online-resource to check a file. A similar scanning service is http://virusscan.jotti.org/. Remember, take the answers with a grain of salt. These are both multi-scanner services, in which the file is examined by multiple virus-scanning software packages.
-
Re:...uneducated Mac fanboyism...
that's why you: -first read all torrent comments and see if someone has labeled it as infected -wait a week or two and scan with various AV software or use http://www.virustotal.com/ and http://virusscan.jotti.org/ (let suckers train the AV software) -always look first for serials, and (as mentioned) get demo from official site. keygens are easier to scan than whole program, because of size. -run in sandbox or something.
-
Re:Clam AV
I NEVER run background scanning on a virus program. It's a needless system overhead. When I get something new that might be suspicious, I simply run it on that specific program.
If that's why you install anti-virus, why bother installing anything at all? Try Online Malware Scan instead. That runs the submitted file through:
A-Squared, AntiVir, ArcaVir, Avast, AVG Antivirus, BitDefender, ClamAV, CPsecure, Dr. Web, F-Prot Antivirus, F-Secure Anti-Virus, G Data, Ikarus, Kaspersky Anti-Virus, NOD32, Norman Virus Control, Panda Antivirus, Sophos Antivirus, VirusBuster, and VBA32.
Also, Dr Web CureIt! is a good thing to run occasionally.
-
Re:DOS
I use Eset Nod32, and, with the latest updates, it comes up with zero infected files. Maybe you should post the names of the infected files, or scan them with an aggregate scanner.
-
Re:Thats what they get
http://virusscan.jotti.org/ is great for scanning the cracked files, it even accepts zipped files (.rar).
for the most part though, the pirates do this to be the "best/fastest" on the "scene". To distribute a crack with a virus would destroy their reputation. -
It is NOT an exploit on Google
I seriously doubt that a single individual has the ability to make a change on production boxes
I, too, think that Google wasn't probably hacked,
For the simple reason that it affects other search engines too :
keywords : "Bayesian networks and decision graphs Finn rapidshare"
(as seen on TFA - someone is looking for pirate copies of a book on rapid share, and misstypes the request, forgetting to use "inurl:" or "site:")
Results :
- You guess it, no copies of this book on Rapidshare.... (it would be a copyright violation, even in Switzerland were the website is hosted.
Besides, according to Swiss copyrights law, you are free, as a student, to go into your faculty's library take Finn's book and photocopy the chapters in Finn's book you need, because the universities are paying whatever is needed to make the books publicly available to their patrons) ...but a lot of chinese spam keyword-overloaded pages :
- Google (.cn only)
- MSN (.cn only)
- Yahoo (not all .cn but some)
- Search.com (not all .cn but some)
All those pages redirect to a page that start downloading an ActiveX installer containing a Trojan (...according to my clamav scan and to http://virusscan.jotti.org/ )
Note that google's pages are subtely different, they feature entries with non-ASCII DNS names.
So two probabilities :
- either google got hacked, and absolutely everybody else are in fact using google's search result instead of having their own database and engine.
- or it's probably another spamdexing attempt, operated by a zombie net.
With a ugly quick script :for ip in $((for url in `lynx -dump "http://search.live.com/results.aspx?q=Bayesian+networks+and+decision+graphs+Finn+rapidshare&count=1000" | grep -Eo '[[:alnum:].]*\.cn$'`; do ping -c 1 $url; done) | grep -Po '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}' | sort -u); do echo $ip : ; whois $ip | grep netname; done
we see that all those sites point to a couple of machine of some german hosting company.
So perhaps, their server got hacked and subsequently got involved into some spamdexing scheme.
Some one should call them. -
Re:Open source crack? Interesting.
The mirrors change fairly regularly. Just google "antiwpa.tk" to find one. The full source code is available for download on the site.
The forum usually has up to date info.
You need a valid OEM (or retail, if that's the cd your using) key. Hint: google "system locked preinstallation". If you use one from a keygen WGA will likely fail.
In case of a bad mirror, make sure to run it through Online malware scan. That scans with AntiVir, ArcaVir, Avast, AVG Antivirus, BitDefender, ClamAV, Dr.Web, F-Prot Antivirus, F-Secure Anti-Virus, Fortinet, Kaspersky Anti-Virus, NOD32, Norman Virus Control, Panda Antivirus, Rising Antivirus, VirusBuster, and VBA32. If you got it from a good mirror it will be clean.
Moderaters: please either ignore this post or mod it down (offtopic, troll, or flamebait). Please do not mod up. -
Re:SysInternals'
submit the files to http://virusscan.jotti.org/ they submit it to the competant anti-viruses (read: not symantec and mccaffee), and more than likely one of them will already detect it and tell you what you were dealing with