https://wiki.catug.org/w/index.php?action=history&feed=atom&title=Jotti%27s_malware_scanJotti's malware scan - Revision history2026-05-01T09:09:04ZRevision history for this page on the wikiMediaWiki 1.39.1https://wiki.catug.org/w/index.php?title=Jotti%27s_malware_scan&diff=1408&oldid=prevN Reid: clarify2014-06-28T10:07:16Z<p>clarify</p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 10:07, 28 June 2014</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1">Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>You may wish to obtain a second opinion about an email attachment, even if you have [[Anti-Virus Software for Macintosh]] and it does not report an infection. </div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>You may wish to obtain a second opinion about an email attachment, even if you have [[Anti-Virus Software for Macintosh]] and it does not report an infection. </div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>[http://virusscan.jotti.org/en Jotti's malware scan] will <del style="font-weight: bold; text-decoration: none;">upload </del>the file <del style="font-weight: bold; text-decoration: none;">and run it </del>through several scanners. </div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">Upload it to </ins>[http://virusscan.jotti.org/en Jotti's malware scan]<ins style="font-weight: bold; text-decoration: none;">. This website </ins>will <ins style="font-weight: bold; text-decoration: none;">run </ins>the file through several scanners <ins style="font-weight: bold; text-decoration: none;">and show the results of them all</ins>. </div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>=Case study=</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>=Case study=</div></td></tr>
</table>N Reidhttps://wiki.catug.org/w/index.php?title=Jotti%27s_malware_scan&diff=1404&oldid=prevN Reid: /* Case study */ image2014-06-23T11:31:54Z<p><span dir="auto"><span class="autocomment">Case study: </span> image</span></p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 11:31, 23 June 2014</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l17">Line 17:</td>
<td colspan="2" class="diff-lineno">Line 17:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Attached to the email was a Zip file, containing an EXE file. So it was obviously not a letter. Now normally I would simply delete an email like this and go along my merry way, but I happened to have a few minutes to satisfy my curiosity as to the actual contents of this likely malicious message. So I fired up Kaspersky, which came free with Parallels last year. Scanned the file, both zipped and unzipped with no infection found. Slightly incredulous, I then launched ClamXav and repeated the scans with the same negative result. Refusing to disbelieve my instinct that this was one of the millions of malicious emails circulated to unwitting Windows users daily, I found a great, simple website called Jotti's Malware Scan. </div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Attached to the email was a Zip file, containing an EXE file. So it was obviously not a letter. Now normally I would simply delete an email like this and go along my merry way, but I happened to have a few minutes to satisfy my curiosity as to the actual contents of this likely malicious message. So I fired up Kaspersky, which came free with Parallels last year. Scanned the file, both zipped and unzipped with no infection found. Slightly incredulous, I then launched ClamXav and repeated the scans with the same negative result. Refusing to disbelieve my instinct that this was one of the millions of malicious emails circulated to unwitting Windows users daily, I found a great, simple website called Jotti's Malware Scan. </div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>Here was the result of their scan of the unzipped file...</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>Here was the result of their scan of the unzipped file...<ins style="font-weight: bold; text-decoration: none;"><br/></ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">[[File:Jotti's malware scan.jpeg|alt=Screen capture showing scan result]]</ins></div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br/></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>So, just fyi, don't ignore your instincts, and don't necessarily trust a clean virus scan.</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>So, just fyi, don't ignore your instincts, and don't necessarily trust a clean virus scan.</div></td></tr>
</table>N Reidhttps://wiki.catug.org/w/index.php?title=Jotti%27s_malware_scan&diff=1402&oldid=prevN Reid: create article from Man-Min2014-06-23T11:27:41Z<p>create article from Man-Min</p>
<p><b>New page</b></p><div>You may wish to obtain a second opinion about an email attachment, even if you have [[Anti-Virus Software for Macintosh]] and it does not report an infection. <br />
<br />
[http://virusscan.jotti.org/en Jotti's malware scan] will upload the file and run it through several scanners. <br />
<br />
=Case study=<br />
Hello folks,<br />
<br />
I'm passing this along for educational value. I received, last night, and email with the following message: <br />
<br />
"Notice to appear in court,<br />
<br />
You may find the detailed pretrial notice attached to this letter.<br />
<br />
Recording secretary,<br />
Diana Mason"<br />
<br />
Attached to the email was a Zip file, containing an EXE file. So it was obviously not a letter. Now normally I would simply delete an email like this and go along my merry way, but I happened to have a few minutes to satisfy my curiosity as to the actual contents of this likely malicious message. So I fired up Kaspersky, which came free with Parallels last year. Scanned the file, both zipped and unzipped with no infection found. Slightly incredulous, I then launched ClamXav and repeated the scans with the same negative result. Refusing to disbelieve my instinct that this was one of the millions of malicious emails circulated to unwitting Windows users daily, I found a great, simple website called Jotti's Malware Scan. <br />
<br />
Here was the result of their scan of the unzipped file...<br />
<br />
So, just fyi, don't ignore your instincts, and don't necessarily trust a clean virus scan.<br />
<br />
in His service,<br />
David Burke<br />
<br />
=External links=<br />
* http://virusscan.jotti.org/en<br />
<br />
=Credits=<br />
Recommended on the [[Mac-Ministry List]] by David Burke in June 2014<br />
<br />
[[Category:Websites]]</div>N Reid