DescriptionJotti's malware scan
provides a wonderful service for those among us who are conscious of the crap that tends to accompany the files they download or otherwise obtain. Sadly enough, it tends to quickly become a bother to use: you can only check a single file at a time and can't queue a number of files ahead of time. Not only that, but you also have to select the file inside of your browser which tends to open a dozen clicks away from the file you want to scan. And when you finally have the file uploaded, it will kindly tell you the file has been scanned before. Argh!
Did you wait for it to upload just to hear THAT?
Last night, I got an idea: maybe I can improve this situation. I also emailed the author. And now it seems I received an email today that I have permission for this NANY app, and even some support from the author as I am the first one to start on such a project. And slowly, JottiQ was born. And it has grown to far more polished than I originally envisioned.Features
- the last letter of the name is a Q. Earth-shattering stuff right there; hold the presses!
- pretty much everything [url=http://virusscan.jotti.org/]Jotti's malware scan itself offers
- allows you to build a queue (duh) of files needing scanning
- uses Jotti's internal cache to speed up scans by avoiding the uploading of files that have already been scanned in the past
- lists scanners with detections at the top of their list in red
- if a file has only a few detections, a green bug (rather than a red one) shows you at a glance that it isn't a file one can immediately claim to be good or bad.
- allows you to open scan results in your browser
- rightclick files and click Scan with JottiQ
- upto three files can be scanned (processed) simultaneously.
- items that have been scanned and are deemed safe can automatically be removed from the queue.
the scanning of executables of running processes this feature was removed in v1.1.0
- an About dialog thanking everything and anything
- support for forks, a.k.a. Alternate Data Streams
- proxy servers
- connectivity tester for connection troubleshooting purposes
WHAT IS JOTTIQ?
JottiQ is a tool that makes it more convenient to use Jotti's malware scan,
which is an online service optimized for one-by-one scanning of files you do
Its purpose is that of an investigative tool, for when you do not trust a file
you came across but your current security software seems to think it is as
harmless a file as they come. It is not meant to replace your virus scanner,
nor is it meant to scan the heaps and heaps of nasty things that float around
on your computer because you are too cheap/lazy/picky to get software that is
meant for that purpose.
JottiQ is meant for a _low number of files_ that you do not trust more-so than
the rest of your computer. And I, the author of JottiQ, feel you should never
trust your own computer to begin with. But that is a story for another day. :-)
For more information, see the official JottiQ (NANY 2011) topic:
WOOO, I LOVE THIS LADY BUG
That's awesome. Glad you enjoy it. Now, if you are one of those rare few who
insists on showing gratitude for a freeware application like this, I'd like you
to remember a few things before you go nuts with that wallet of yours.
- JottiQ would not exist without Jotti's malware scan. It is that simple.
- Jotti (the author of the malware scan) does not accept donations, and only
has a few minor ads up on his site. He wishes for the service to remain
free. At present, the service is basically kept afloat by several parties
who pay for some other services, and the free Jotti's malware scan service
basically survives as a consequence of those other sources of income.
Are you in a position to order any sort of extended services from Jotti?
If so, please consider what he may do for you(r company), and in the
process help out an awesome free service to continue its existence.
So you tell me - who do you really love? No lying!
If you insist on supporting JottiQ (this application, not the online malware
scanner) then I will begrudgingly accept any donations made through the system
DonationCoder.com has in place for such acts of gratitude. While you are there,
you might even find another application of your liking, or worse, thank their
creators in a similar way! :-)
(And if you mean you love the lady bug ICON, well... there is a Credits section
at the bottom of this document with a link to the author who created it.)
Like so many applications nowadays, JottiQ does not stand merely on its own two
legs. In that way, it is much like a person, who stands by virtue of the local
cobbler to make the shoes, the tailor who makes the clothes, the supermarket
that allows us ignorance in the ways of the hunt. No, JottiQ is a sorry beast,
demanding the following of its environment in order for it to be a productive
member of the binary society that makes up a computer.
[ ] Windows XP or newer. Both 32-bit and 64-bit varieties are supported.
[X] Microsoft .NET Framework 4 Client Profile
This needs to be installed for JottiQ to work at all. If you already
have the far bigger all-in package of the .NET v4 Framework installed,
you should already have this.
[X] Microsoft Visual C++ 2010 Redistributable Package (x86)
This needs to be installed on both 32-bit AND 64-bit systems for the
file context menu to work as one would expect.
[X] 64-bit: Microsoft Visual C++ 2010 Redistributable Package (x64)
This needs to be installed ONLY on 64-bit systems for the file context
menu to work as one would expect.
(The installer will make sure that items marked with a [X] are met, and where
possible offer to install them for you as a part of the ride. In case you get
JottiQ through an archive only, it is your responsibility to make sure these
requirements are met.)
Do you have all those things, and JottiQ still lies around on your couch,
unwilling to go to work and rather act like a dead corpse? Leave a message at
the official JottiQ topic on DonationCoder.com and we may just find the magic
words to breathe life into this cutesy lady bug. :-)
Compatibility release. Jotti is undergoing some changes so we must too.
Upgrading is highly recommended; previous versions of JottiQ may break or
otherwise show reduced functionality as Jotti improves his service.
Any new version released suffers from a few hiccups, and v1.1.0 was no
different. Thankfully, all this release does is pat the proverbial belly.
Added: A setting that, if enabled, lessens the scrutiny given to the
remote server of Jotti's malware scan to determine its authenticity.
'Ignore certain SSL certificate errors' is only useful on a few
specific configurations, and should not be enabled unless you get an
error like the following in the Connectivity Test:
'The underlying connection was closed: Could not establish trust
relationship for the SSL/TLS secure channel.'
Changed: dcuhelper.exe was updated to v1.10.01 released on July 12, 2011.
Six months after the official release, it is time for a well-deserved
update. Sadly, there isn't much one can improve in a tool with a simple
purpose. However, I hope this new version will entertain.
Added: Forks support. Also known as 'Alternative Data Streams', these
are a well-hidden feature of the NTFS filesystem which provide for
equally well-hidden pseudo-files attached to existing files. Most
programs are unable to read them, no less act on them - which makes
this a feature that truly improves Jotti's malware scan.
Added: Proxy server support.
Added: Connectivity test for troubleshooting issues. Some beta-testers
for this version had problems with proxy server support, but it will
hopefully prove useful for all parties.
Added: A builtin 'whitelist' for forks. The feature is sometimes used
for legitimate reasons, and one of those affects nearly every file
downloaded. The whitelist exists for speeding up processing only;
security-minded (distrusting?) individuals are free to enable the
option that forces these whitelisted forks to appear in the queue.
Added: A 'whitelist fork by name' option. If the precise comparisons on
a possibly whitelisted fork prove troublesome, this enables one to
consider the fork safe by proxy of its name. This feature as a work-
around for 'Zone.Identifier' forks encoded in different formats than
I have been able to test with - so if one finds a 'Zone.Identifier'
fork that is not whitelisted, I request that this forks is saved to a
file and sent to me at: jottiq-whitelist (at) whitehat.dcmembers.com
so I may inspect it and if is found safe, add it to the whitelist in
the next version. TL;DR? Don't enable unless you know you need it.
Added: The queue context menu now offers an Actions sub-menu. These
contain actions that affect the selected objects (files and/or forks)
in the queue physically. There are currently two items in this menu:
- Delete Object(s): This either deletes the selected file(s)
permanently, or it removes the selected fork(s) from the file.
Do note that deleting a file also deletes its forks, but that
deleting a fork on a file leaves the latter intact. I remain of
the opinion that JottiQ is an investigative tool rather than a
cleaner, but... the peoples wishes are clear and forks are hard
to delete, so deleting files is a logical consequence.
- Save Fork As: This saves the contents of a fork to a file. This
does not work for ordinary files as it would be a mere 'Copy'
operation that may or may not bring expectations along with it;
instead it is to be used as an inspection utility for a resource
otherwise difficult to examine.
Added: An 'Add file(s)' feature is now available in the toolbar. It
completely slipped my attention in the 1.0.x versions, for which
my apologies. Rather late than never.
Removed: The 'Add Running Processes' functionality is no longer present.
It was determined to be an inappropriate feature that only delivered
half work, and to boot the reason why Jotti's malware scan suffers
such ungodly waiting times during the waking hours of the western
world ever since JottiQ's release.
Fixed: No more crash when down-sizing the amount of worker-threads.
Fixed: Legibility of items on right pane could suffer in certain colour
configurations; now it uses proper system colours where applicable.
Fixed: Zero-byte items were not being removed by the manual nor automatic
'Remove safe items' features.
Fixed: Deleting items from the queue while it was being processed no
longer makes the worker-thread go M.I.A. until it finishes its work
off the screen; it now terminates and moves on to the next item in
the list as soon as possible.
Changed: Uploading should be a little bit more efficient now.
Changed: Fancy progress bars that show upload progress are now in place
as opposed a boring textual description.
Changed: Redesigned the Settings window with clearly named sections and
recognizable icons in order to make JottiQ configuration more
Changed: The instruction text in the main screen no longer suggests
one to 'start processing' when processing is already enabled.
1) The installer can only delete settings for the current user. This is not
something that I have any feasible way of changing, and in general all
programs suffer this issue at uninstallation time. Although I do welcome
any and all suggestions on the topic, I doubt this will change. (This
includes the shell context menu option, if it was installed per-user.)
2) The installer component 'Explorer Integration affects All Users' determines
the creation of the 'MachineInstallation' file. By default it is off,
allowing every user to determine the presence of a file context menu for
themselves (and also avoiding nasty UAC dialogs in the process.) Once
this file is present, one needs Administrator rights in order to turn the
file context menu on or off.
Given point 1), if you install to make JottiQ available to multiple users,
it is recommended to install with this setting turned on so that any
registry pollution stays at a minimum. (Unless of course you are willing
to manually turn off the file context menu for every single user
beforehand. Of course, the best option is to never uninstall JottiQ!)
4) You may be instructed to reboot by the uninstaller. Or by the installer
if/when you are upgrading JottiQ to a new version. This is most likely
because explorer still has the shell extension loaded, and killing
explorer the hard way and restarting it is a very user-unfriendly task.
As such postponing the deletion or replacement operation till reboot-time
is the user-friendliest alternative. This is unlikely to change in future
versions as it is a long-standing Windows issue for not having a feasible
method to tell Explorer to unload its shell extensions.
JottiQ is the brainchild and creation of Jan Wester. Now with the formalities
out of the way, let's carry on to the credits that actually count.
The list below is a rough and partial listing of the various credits that are
given in the 'About JottiQ' dialog. For the full list, with all links in all
their ease and glory, have a look there.
* Jotti for Jotti's malware scan and going out of his way to support this
application after I contacted him with the idea I had @
* Vladi for the awesome lady bug icon @
* Ath for his work on the official JottiQ installer @
* Raymond Chen for his awesome blog @
* Lukas von Hohnhorst who gave me permission to use his magnifying glass @
* DonationCoder.com as a whole @
* Mark James for his excellent Silk Icon Set @
* Fat Cow Webhosting for their wonderful Farm-Fresh Web Icons @
* Smaller Animals Software for their CtxMenu example that saved me oodles of
time rather than having to spend time to figure out all details on my own @
* stackoverflow.com for solving those issues I have before I have them @
Either download the installer and do as it says, or get the .7z archive and extract that to some place of your liking. In the latter case, make sure you meet the Requirements as lined out in the Readme.txt.Using the Application
Start the application. Make sure you agree with the privacy agreement. From then on forth, just drag and drop files onto JottiQ to have them scanned. (Make sure processing is turned on - the lightbulb must be on!) Additionally, some settings are hidden away in the Settings window (wrench icon, or press F6). Among them is a way to have JottiQ appear in the file context menu so you don't have to drag and drop stuff unnecessarily.Uninstallation
In case you used the installer, go where all uninstallers hide (Control Panel, then Program Features/Add and Remove Programs/whatever name your OS gives to it) and select JottiQ in there. Or, if you extracted the archive, you can simply delete the files. Make sure you deselect the file context menu option first so no junk stays behind in your registry. See the Known Issues section in the readme for some additional gotchas for you neat&clean freaks.Screenshot