TechByter Worldwide

Listen to the Podcast


22 Sep 2023 - Podcast #850 - (16:44)

It's Like NPR on the Web

If you find the information TechByter Worldwide provides useful or interesting, please consider a contribution.

PayPal

Subscribe

22 September 2023

Jotti’s Malware Scan Averts Disasters

When somebody includes an attachment in an email, even somebody you know, it’s wise to check the file out before opening it. Even if your computer has an anti-malware application installed, getting a second or third opinion is a good idea. But how?

Jotti’s free malware scanner service allows you to scan suspicious files using multiple anti-virus programs. It’s an exceptionally bad idea to install more than one anti-malware application, but the Jotti Malware Scan shows files to 14 protective applications. You still have to decide what to do if 13 of the applications say the file is OK but one says it’s not. In most cases, a lopsided score like that means that one vendor is reporting a false positive. No security solution guarantees total protection.

Users can submit up 5 files at a time and each file can be up to 250MB in size. The service doesn’t ask for your name or email address, but Jotti does keep files that users send for scanning and then shares them with anti-malware organizations. This is done to improve detection accuracy of anti-malware products and it seems reasonable to me.

When you have a file that you’d like to check, just visit the Jotti website and upload the file. You’ll have the results in less than a minute.

Although it’s rare, you might have an antivirus application on your computer from one of the vendors used by Jotti. Yours might report an infected file, but Jotti’s could say the file is safe. Usually this means that the vendor found and fixed a false positive indicator, but your local copy hasn’t yet been updated. The online result is almost certainly using the latest version of the application.

 Click any small image for a full-size view. To dismiss the larger image, press ESC or tap outside the image.

TechByter ImageLet’s give Jotti a test drive. I started with the setup app for Angry IP Scanner, an open-source and cross-platform network scanner that scans IP addresses and ports. It’s used by network administrators and people who are just curious about what their computer is connected to. I expected this file to be clean, and it was.

TechByter ImageNext, I tried the installer for CoreTemp64, a utility that reports temperatures of the processor cores in the computer. The utility is ad supported, so I expected to see some warnings about that. Half of the tests reported the presence of adware or a potentially unwanted application. The other half reported nothing. Either of those answers is correct because some users might want to be warned about ads, but the installer doesn’t include any malware.

But what if you have a truly dangerous file. I certainly didn’t want to download an infected file, but there’s a way to trigger an antivirus warning using a file that’s totally safe. The EICAR test file is a computer file developed by the European Institute for Computer Antivirus Research (EICAR) and the Computer Antivirus Research Organization (CARO). It’s a COM file that contains a specific string that antivirus applications are designed to detect and treat as if the file actually was a virus: X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

The test file can be downloaded from the EICAR website. If you download and run the COM file, it will display “EICAR-STANDARD-ANTIVIRUS-TEST-FILE!” and halt. It’s likely that your computer’s antivirus application will catch the file, block it, and possibly delete it before you can upload it to Jotti.

TechByter Image TechByter ImageI tried to work around that by creating a text file that contained only the EICAR test string and was named EICAR-TEST.exe. When I tried to upload the file to Jotti, Windows Defender halted the copy operation and deleted the file. I opened Defender and selected Allow on device.

TechByter ImageThen I uploaded the file to Jotti and received the expected response: All 14 scanners reported a problem. All stated explicitly that it was the EICAR test file and three provided additional information that there was no virus.

Possibly the best feature of the Jotti Malware Scan is that there’s nothing to download, nothing to install. Just make a note of the URL as a bookmark in your browser or on the start page for browsers that have the feature. Then you can immediately submit any file for a quick analysis.

Jotti competes with Google’s VirusTotal, which is able to accept files larger than Jotti’s 250MB limit and also tests using more than 70 antivirus vendors. Many of those will probably be tiny companies you’ve never heard of and the process is much slower. Jotti’s analysis takes only a few seconds while you may need to wait five minutes or more to see the full report from VirusTotal. In a recent test, only 41 of the vendors used by VirusTotal responded. Connections for about two dozen timed out and a few reported that they were unable to process the file.

Unless you have time to wait for VirusTotal’s response and a need to have a file reviewed by the smaller vendors, Jotti is likely to provide accurate results faster.

Short Circuits

A Setting That Should Have No Effect Has Fixed A Windows Problem

“That’s not a bug; it’s a surprising feature.” Surprising features are one of the most endearing and enduring aspects of Windows. Recently I fixed a performance problem by changing a setting that should have had no effect.

I had been experiencing performance problems for several months on both my primary computer and a Microsoft Surface Pro. Overall performance was lagging on both computers. The mouse on the desktop system had delayed responses and applications opened slowly, but I couldn’t find any indications of a problem. Nothing was overworking the Core i9 CPU with eight cores and 16 logical processors or consuming more than about 10% of the system’s 64GB of RAM. There were no viruses or malware.

The Surface Pro was even worse. Sometimes it would stall for nearly a minute. Granted this computer has “only” an i7 CPU with four cores and eight logical processors, but what I was seeing shouldn’t be happening. The Task Manager showed no problems and no viruses or malware were present, but the computer acted like it had a Pentium 4 processor.

As it turned out, the solution involved using the Windows 11 configuration app, msconfig, to specify the number of processors that should be made available to the operating system. Windows 11 and Windows 10 both support multi-core processors and should activate all cores by default. Windows should manage the available CPU cores without assistance from the user. The Task Manager’s Performance tab showed 16 logical processors on the main computer and eight on the tablet.

 Click any small image for a full-size view. To dismiss the larger image, press ESC or tap outside the image.

TechByter ImageHowever, there is a setting in msconfig where the user can specify the number of processors. After starting msconfig, (1) select the Boot tab and (2) click Advanced Options. The checkbox for (3) Number of Processors will not be checked and the drop-down list will display “1”. The ability to select the number of processors is intended to be used when diagnosing a problem.

TechByter ImageBecause Windows should activate all processors by default, this setting should be used to limit the number of processors by selecting a number smaller than the maximum. The action that makes no sense is activating the function, (4) selecting the maximum number of processors, (5) clicking OK, and rebooting the computer.

This should have absolutely no effect because when the checkbox is unchecked, Windows automatically allocates all available processor threads for use.

TechByter ImageIn fact, the difference was obvious immediately and nearly astounding. Both computers ran considerably smoother than what I had become accustomed to. It’s important for me to note that this configuration should not be needed. The differences were well beyond any placebo effect. So if you’re seeing a performance problem that seemingly has no solution, making this change won’t hurt anything and it might solve the problem.

An Unexpected Benefit

I wasn’t expecting any significant changes in the CPU’s operating temperature, but there was a noticeable difference. The (A) current temperatures, depending on the amount of work the CPU is doing, had typically been in the upper 60s (°C), but they are now several degrees cooler. The real differences are in the (B) maximum values, though. Previously, every core consistently reported 100°C and now not all of the cores reach that temperature unless the computer is far more stressed. So to be clear, I still see all CPUs running at 100°C but not as often as expected.

This is true for the tablet, too. Operating temperatures are now far lower than they were and the back of the case no longer becomes uncomfortably hot. This is something that should not be happening, but it is. It may be the result of a bug introduced in a Windows 11 update, but I’m fairly certain that the changes are not the result of my overactive imagination.

11Clock Is A Better Clock For Windows 11

Windows 11 didn’t display seconds on the clock in the Task bar initially. That has been added and some other missing features have been restored. Windows 11 also limits the Task bar to a single row of icons, so the clock doesn’t display the name of the day now. That may eventually be changed, but Eleven Clock, is available now from the Microsoft Store and it’s free.

 Click any small image for a full-size view. To dismiss the larger image, press ESC or tap outside the image.

TechByter ImageMy preference is for the clock to display seconds and use 24 hours per day, to display the day name, and to show the date in YYYY-MM-DD format (four numbers for the year, two numbers for the month, and two numbers for the day). Eleven Clock accommodates those settings and quite a bit more.

TechByter Image TechByter ImageThe user can choose from common presets or their own preferred format. Display or hide seconds and day of the week, or even hide everything but the time. The clock’s size can be changed and so can the typeface. Multiple clocks can be added and they don’t always have to be in the lower right corner of the screen. The clock on my computer’s primary monitor is blue with black lettering and shows the time, day name, and date. On the secondary monitor, the time is shown in large numbers. The color of text and the background color should be changeable, but those settings don’t always work for me. The text color is adjustable on the main monitor, but the background color settings have no effect. Both text and background colors on the second monitor responded to the settings.

TechByter ImageClicking the clock, double-clicking, and clicking with the middle mouse button can have actions associated with them, but the actions don’t always work and, when they do work, the results are unsatisfactory. The default action for clicking the clock displays notifications, but there’s an option to copy the time and date. I was expecting something like “10 September 2023 at 7:11:02” but 11Clock places HTML and CSS code in the buffer (<p style="line-height:0.8"><span>18:39:58<br>Saturday<br>2023-09-09</span></p>).

There are settings to control the clock’s transparency, whether it remains visible when videos or websites are in full-screen mode, whether it remains on screen if you’ve set the Task bar to hide, and lots of other adjustments and tweaks. That some of the settings don’t work properly is an annoyance, but not a deal breaker.

Other current known issues are on the project’s GitHub page.

The developer is responsible for WinGetUI, which I mentioned in August.

To download 11Clock, visit the Microsoft Store or GitHub.

Laughable Scam Of The Week

Another in the occasional series of scams perpetrated by idiots.

Twenty Years Ago

Your Hard Disk Will Fail

Hard disk reliability is much better today than it was in 2003. It’s possible to use a disk drive for a decade or more without having it fail. But a disk drive can also fail after being in service for just five years. Or five days. My warning 20 years ago was more of a sure thing than it is today, but complacency is not your friend. I wrote:

A catastrophic drive failure should be nothing more than a moderate annoyance. The computer will be out of service until you obtain a new disk drive, install it, and format it. From that point forward, restoration of the applications may be as simple as restoring them from backup, along with the appropriate Registry data.

Or you may have elected not to back up applications. In that case, the programs must be reinstalled and, if you backed up the special settings files, restoring them from backup. If not, then you’ll need to configure each application so that it will work the way you want it to.

The rest should be a snap – restore all of the data from backup. You may have one or more “full” backup sets and one or more “differential” or “incremental” backup sets. Incremental backups (those that back up only the files that have changed since the previous backup) are faster, but the restoration process takes longer. I prefer differential backups between full backups because each differential backup captures all files that have changed since the previous full backup.

Or, if you don’t have a backup, you’ll be calling a company such as Drive Savers in Novato, California. You’ll then send them your disk drive, tell them what data you want to see again, wait a week (or just a day if you’re willing to pay for expedited service) and pay $1000 or more (sometimes a lot more) for a CD that contains the data you could have backed up.

If you can’t be bothered with backup, start saving money that you’ll pay Drive Savers—and keep this URL handy: www.DriveSavers.com. You will need it.