On August 26 2004, exactly 15 years ago, I purchased the nirsoft.net domain.
NirSoft Web site was actually  established around 2 – 3 years earlier, but it was hosted in some free hosting services and it was very hard
to keep the Web site alive, because all these free hosting services suspended NirSoft Web site after some time, saying that it had too much traffic…

Today, there are still a few tools on nirsoft.net that were originally released on 2001-2003 (Before nirsoft.net domain was purchased) – NirCmd, IECookiesView, Mail PassView, Dialupass, and maybe a few others.
If you want to see the NirSoft homepage from 15 years ago, you can take a look at the web.archive.org Web site, there is a copy of NirSoft homepage from September 2004:

nirsoft.net from Septermber 2004

For the 15th birthday of nirsoft.net domain – you get a small surprise: A Web page with new Pre-release tools.
These tools are still in development stage , and they still don’t have separated Web page, unique icons, help file, translations, and so on.
If you choose to download and try to use them  – do it very carefully !

You can find the Pre-release Web page in the following link:

NirSoft Pre-release Tools

As you probably already know, there are 14 new tools that I published in RSS feed and in the “What’s New” section of NirSoft homepage.

By looking in the statistics of nirsoft.net Web site, I found out there was one major Reddit Web page that published the links to all 14 tools a few days before I published them, created by people who managed to find all links from the  NirSoft Easter Egg challenge:

New tools from Nirsoft, hidden for Easter

Well done !

And here’s the links to all 14 NirSoft new tools:















At this moment there are 10+ completely new tools hidden in NirSoft Web site. There is no any link to these new tools in NirSoft or in any other Web site.
In order to find these new tools, you need to have some programming knowledge, understanding of Web technology, and other skills.
If you don’t have the ability to find the new tools, you don’t have to worry. All new tools will be published officially in Nirsoft Web site on 01/04/2018 (and this is not a joke of April Fools’ Day, the new tools are real)

First Stage – Finding the first tool.

Here’s the instructions for finding the first new tool hidden in NirSoft Web site:

In the .exe file of the following tools there is an hidden message:
USBDeview, NetworkUsageView, FileTypesMan, LastActivityView, WifiHistoryView, ControlMyMonitor, CSVFileView, TimeZonesView, UninstallView, DevManView, TaskSchedulerView, SoundVolumeView

You can download a zip file with .exe files of all these tools from here.

In order to decrypt the message, you have to XOR all bytes of every .exe file with 0x7f (127) and then search for a short message in English.
It’s recommended to start the search from the end of the file and then move backwards, because the message is stored in the second half of the file.
Also, when there are 32-bit and 64-bit versions of the same tool, it’s recommended to use the 32-bit executable file.

In all tools except of one, the message is a short quote that somewhat represents my own personal worldview.
Only in one tool you’ll find the real thing you’re looking for – a link to a Web page that contains a new tool !
Be aware that the hidden message only contains the html page of the URL, but you can easily find the actual URL because like all NirSoft tools –  it’s located
under https://www.nirsoft.net/utils

Second Stage – Finding all other tools

Inside the Web page of the first tool, there is a clue that can lead you to the next tool.
In order to find it, you need some understanding of Web technology (I mean – you have to look inside the HTML of this Web page).
If you find the second tool, then like in the first tool, the Web page of the second tool contains a clue that can lead you to the next new tool. Like in the first tool, the other clues contain only the html page, so you have to add the html page string to https://www.nirsoft.net/utils/

By looking for clues on every Web page of a new tool, you can eventually reach 10+ new NirSoft tools !

Be aware that the clues gradually become harder and more tricky and require different abilities (For example: Using NirSoft tools to decrypt encrypted information), so it’s possible that at some point you won’t be able to find the next tool. Also, in some of the clues there is an hint of  TV shows and movies (Just for fun…).

Share the links with others !

If you find the URL of one or more tools, you are welcomed to publish the links in any way you like  – Facebook, Twitter, Forums, Blog, YouTube, and so on
(except of publishing the links in comments to this Blog post… )

Maybe you’ll be the first one in the world who write about the new tools before anyone else !

A few months ago I had an idea to add ‘Easter Eggs’ into a few tools and then publish the information about how to activate them before Easter holiday.
I didn’t want to spend too much time on it or to bloat the size of the .exe file, so I made something very simple – painting the main window of the tool
in multiple colors when pressing a specific combination of keys.

Currently there are 15 tools that have this ‘Easter Egg’ feature, the idea is the same in all of them, but in every tool the colors effect is a little different.

How to activate

In order to activate the ‘Easter Egg’ follow the instructions below:

  • Hold down the Ctrl and Shift key while the tool is in focus.
  • Type the following sequence of letters: C L R
  • In some tools you should type the following sequence of letters instead: C O L O R S
  • Pressing the same key combination again will switch the tool back to normal colors.

Warning: If you have shortcut keys on your system with combination of Ctrl+Shift and one of the specified letters (C O L O R S), you should turn them off
before trying the Easter Egg key combination… Otherwise, you’ll activate these shortcut keys instead of NirSoft Easter Egg.
Also, before trying the Easter Egg key combination, you should check if any menu item uses Ctrl+Shift and one of the specified letters as shortcut key and
if you find it, it means that the Easter Egg key combination is not available on this tool.

Here’s some examples for NirSoft tools after activating the Easter Egg:

After playing with painting NirSoft tools in colors, I had a new idea for another kind of ‘Easter Eggs’, much more serious than some colors in a window.
In the next few days you’ll see the result of this new idea, I’ll publish all information about it in this Blog when it’s ready.
You can find a first hint inside one of the above screenshots…

ControlMyMonitor is a new tool that allows you view and modify the settings of your monitor (Also known as ‘VCP Features’), like brightness, contrast, sharpness, red/green/blue color balance, and more… You can modify the monitor settings from the GUI and from command-line. You can also export all settings of your monitor into a configuration file and then later load the same configuration back into your monitor.


You can download this new tool from this Web page.

InstalledPackagesView is a new tool for Windows that displays the list of all software packages installed on your system with Windows Installer, and lists the files, Registry keys, and .NET Assemblies associated with them. For every installed software, the following information is displayed: Display Name, Display Version, Install Date, Registry Time, Estimated Size, Install Location, Install Source, MSI Filename (In C:\Windows\Installer), and more…
You can watch the installed software packages information from your local system or from another system on external hard-drive.


You can download this new tool from this Web page

NetworkCountersWatch is a new tool for Windows that displays system counters for every network interface on your system. The system counters include the number of incoming/outgoing bytes, number of incoming/outgoing packets, number of broadcast packets, and more. You can also initialize all counters to zero at any time in order to watch the network counters for specific event. NetworkCountersWatch also calculates and displays the current download speed and upload speed on your network interface.



You can download this new tool from this Web page.

RegistryChangesView is a new tool for Windows that allows you to take a snapshot of Windows Registry and later compare it with another Registry snapshots, with the current Registry or with Registry files stored in a shadow copy created by Windows. When comparing 2 Registry snapshots, you can see the exact changes made in the Registry between the 2 snapshots, and optionally export the Registry changes into a standard .reg file of RegEdit.


You can download RegistryChangesView from this Web page.

NetworkUsageView is a new tool that extracts and displays the network usage information stored in the SRUDB.dat database of Windows 8 and Windows 10. The network usage data is collected every hour by Windows operating systems and includes the following information: The name and description of the service or application, the name and SID of the user, the network adapter, and the total number of bytes sent and received by the specified service/application.


You can download this new tool from this Web page.


UninstallView is a new tool for Windows that collects information about all programs installed on your system and displays the details of the installed programs in one table. You can use it to get installed programs information for your local system, for remote computer on your network, and for external hard-drive plugged to your computer. It also allows you to easily uninstall a software on your local computer and remote computer (Including quiet uninstall if the installer supports it).

UninstallView is designed to replace the old MyUninstaller tool.



You can download the new UninstallView utility from this Web page.