QJot editor may be malware! Beware!

  • Thread starter Thread starter ECS
  • Start date Start date
E

ECS

Found a freebie editor called QJOT.EXE and it is very good ... on the
surface of it all. But, my virus and firewall clients BOTH yelled
bloody murder that my Firefox homepage was being attempted for
hijacking. QJOT is available from www.xtort.com ... hmmm, don't
even like that domain name.
 
Found a freebie editor called QJOT.EXE and it is very good ... on the
surface of it all. But, my virus and firewall clients BOTH yelled
bloody murder that my Firefox homepage was being attempted for
hijacking. QJOT is available from www.xtort.com ... hmmm, don't
even like that domain name.
Click to expand...

Xtort.com is a reputable site. It's all too easy to get blind-sided by
malware or spyware, and false positives are always a possibility.

-- Bob
 
ECS wrote in
Found a freebie editor called QJOT.EXE and it is very good ... on the
surface of it all. But, my virus and firewall clients BOTH yelled
bloody murder that my Firefox homepage was being attempted for
hijacking. QJOT is available from www.xtort.com ... hmmm, don't
even like that domain name.
Click to expand...

I tested this software a while back while searching for a word processor.

I finally settled on Abiword, but Qjot, along with several others being
tested were all on my machine for a couple weeks.

Nary a peep from *any* of them according to Kerio and Ethereal.

It's something else.
 
Hello,

As the owner of both the xtort.net domain, and all the sofware on that
site, including qjot.exe, I can attest that there are no attempts by
any of the software on my site to dial out or display ads, or hijack
start pages, or make any changs to the users settings, or other wise do
any malicious shit. All the registry changes are in the
HKEY_CURRENT_USER\Software/xtort key, and are mainly to do with MRU
documents. The rest of the user settings are persisted to an ini file.
All I can do is to give you my word on this!

I have no explanation as to why firewalls would detect it, this is
obviously a false positive. As for the Firefox browser hompage
hijacking, it definitely is not my app that is doing that. The only
time my app would ever try to connect to any website, is when the user
goes to either the "home"or 'donate" options under the "help"menu.

This is a big mystery to me, but the last thing I would ever do is to
mess with anyone's box.

I am still curious as to all the other processes in the taskmanager
while this hijacking was being attempted.
 
Not .com!
http://www.xtort.net/xtort/qjot.php

Download:
http://xtort.net/apps/qjot.exe
I can't get the download link to work though. Al I get is a
black page saying that someone called Hal doesn't allow me
access, which someone called Dave regrets.

Frank
Click to expand...
< quote >
The document has moved [A
HREF="http://www.xtort.net/404/403.php"]here[/A]
< /quote >

which gives the er, cute, "restricted access". Can't tell if
it's intentional or a f*-up. xtort uses too much .js for my
taste. :(

J
 
The answer, at last! Thanx to this last post, the false
positives I was getting were apparently caused by javascript
..js files. Once removed, have not had any problem with QJOT.
===============================================================
Not .com!
http://www.xtort.net/xtort/qjot.php

Download:
http://xtort.net/apps/qjot.exe
I can't get the download link to work though. Al I get is a
black page saying that someone called Hal doesn't allow me
access, which someone called Dave regrets.

Frank
Click to expand...
< quote >
The document has moved [A
HREF="http://www.xtort.net/404/403.php"]here[/A]
< /quote >

which gives the er, cute, "restricted access". Can't tell if
it's intentional or a f*-up. xtort uses too much .js for my
taste. :(

J
Click to expand...
 
Back
Top