Archive for March, 2010

As you probably know, today is April 1st (April Fools’ Day), which is a day for hoaxes and practical jokes in many countries around the world.

As a popular Web site which receive dozens of email messages every day, I sometimes get very weird and somewhat funny messages that look like a  good hoax, although the people that sent these message didn’t have any intention to spoof me, and they really believed in what they wrote.

Today is a great day to publish the most weird and funny message that I received into my mailbox in the last few years.  Due to my commitment to the privacy of anyone that send me a private message, I cannot publish the original messages, so I’ll only publish the general content of these messages.

So here’s the summary for the weird messages:

  1. People that request a refund for my freeware utilities:  Yes, it’s hard to believe, but even when I provide my utilities for free, I still get messages from people that ask me to issue a refund for the money that they never paid me. A typical message look like this: “I paid for your software and it doesn’t work for me, I want to know how to get a refund.”
    If you wonder how it’s possible that people who never paid me request to get a refund, here’s the answer. In fact, there are 2 kind of cases:

    • People who bought a product which is very similar to one of my utilities, and mistakenly think that my utility is the one that they paid for.
    • People who “bought” my software from a scam Web site that illegally sell my utilities.  These kind of scam Web sites, like MsnPass.Info that I also published in my Blog,   promise the users things that are not really accurate, like “100% password recovery for your hotmail account”, and request the user to pay for it. After the user pays, he redirected to download my software and find out that my software doesn’t work as promised.  After that, the user find my contact email in the help file of my software, and send me a message that ask for a refund because the software doesn’t work, without understanding that he simply paid for a scam Web site, and I’m not the right address for a refund….
  2. People who blame me for distributing Trojans and Viruses:  As you may already know,  most Antivirus programs show false Virus/Trojan alerts for my utilities, especially for the utilities that extract passwords or other sensitive data from the operating system.
    Because I already warn about false virus alerts in my Web site and also posted about the problem in my Blog, most people understand that the Virus alerts are false and my software is clean from any Virus or Trojan.
    However, in rare cases there are people who believe  that the Virus alert is real, and blame me for creating evil Web site that installed Trojans on their machine.

    I had a very extreme case of someone that blamed me  putting a backdoor inside my ‘ProduKey’ utility that allowed an hacker to take over his computer. He wrote me around 4 emails of science fiction stories where NirSoft is the most evil thing in the world.  From privacy reasons, I cannot publish these email messages, but this guy also chose to publish some of his Anti-NirSoft propaganda in a public forum, which you can find in the following links:

  3. People who complain that my utilities are not freeware and require them to pay:  Yes, I got a few messages in the past that looked like this: “Your Web site is a scam, it says that the software is free, but when I download the software, I get a message that the trial period expired and ask me to pay for the software.”
    Do you wonder how is it possible ? Here’s the answer:
    There are people that install and use shareware zip products, like WinRar or Winzip as their default software to open zip files. When they download my utilities in zip file,  WinRar or Winzip, which is the default software to open zip file in their computer, show a message that their trial period expired. Some people that see this message, think that my software is the one that show the expired message…
  4. People who complain that my Web site is down for many days: Sometimes I get a message that looks like “Your Web site is down for many days.  Are you going to bring your Web site back online,  or you closed your Web site completely ?”.  The people that sent this kind of message simply couldn’t access my Web site because they had a firewall or other security related software that blocked my Web site.
  5. People who complain that I don’t have any download link on my Web site: All my utilities pages provide a download link in the bottom of the page, but sometimes there are visitors that cannot figure out that they have to scroll down the page in order to reach the download link. So I  get email messages that looks like “I browse into your Web site and I found many interesting utilities, but you don’t provide any link to download them. Is there  any way to download your software or your Web site is just a scam ?”
  6. Call me 12341235 urgently, I need help in using your program: Some people think that if I provide my utilities for free, I also have to call them (and pay for the phone expenses too ?)  and personally explain them how to use my software, and most of them also write that it’s very urgent.
  7. Please send me the password for, it’s very urgent ! : Some people think that I’m a magician or a super-hacker that  can find the password of any email account, so they ask me to send them the password of the specified email urgently. Some of them ask me to send the lost password of their own email account.
    Some others, send me requests that looks like this one: “I think that my fiance is cheating on me and I need to check her email in order to get proofs.  Please send me the password for her email account as soon as possible. The email address is”.
  8. People who complain that the zip file disappear after download: Sometimes I get message like “You have a bug in your software – when I try download it, the file disappear immediately after I download it.”
    I also get messages like “I downloaded your software, but the zip file doesn’t contain any .exe file that I can run. Please fix the zip file in your Web site because I want to use your software”.
    Both of these problems occur because there is Antivirus software that runs in the background and delete the .zip file or the .exe file stored in the zip file.

That’s all for now. I just want to clarify that all the stories that I mentioned in this Blog post are based on real email messages that were sent by real people. It’s not a joke for April Fools’ Day.

The new versions of SmartSniff and SniffPass utilities allows you to capture network traffic with the version 3.x of Microsoft Network Monitor driver. This feature is especially useful for the users of Windows Vista, Windows 7, and Windows Server 2008, because the old version of Microsoft Network Monitor doesn’t support these operating systems.

Also, Microsoft Network Monitor 3 provide a new feature for Windows Vista/7/2008 users – it allows you to switch your Wifi adapter to ‘Monitor Mode’ (Only if the adapter supports this mode), which means that it can capture the traffic from other wireless networks around your location.

When using this ‘Monitor Mode’ with SmartSniff, it won’t be able to capture the traffic from most of the wireless networks, simply because they are encrypted with WEP/WPA. However,  if there are some unencrypted wireless networks in your area,  SmartSniff will be able to capture and show the content of the transferred TCP/UDP packets.

SmartSniff with Network Monitor 3 driver

SmartSniff with Network Monitor 3 driver

Another important feature added into the new version of  SmartSniff/SniffPass is the ‘Promiscuous Mode’ check box for WinPCap driver capture mode. In previous versions, these utilities always turned on the  ‘Promiscuous Mode’, but with many Wifi adapters, the capturing doesn’t work at all when using them in Promiscuous Mode.  Starting from these new version of SmartSniff/SniffPass, the Promiscuous Mode is turned off by default, and you can turn it on in the ‘Capture Options’ window when you need it.

NetRouteView is a new utility that can be used as alternative to the standard route utility (Route.exe) of Windows operating system. It displays the list of all routes on your current network, including the destination, mask, gateway, interface IP address, metric value, type, protocol, age (in seconds), interface name, and the MAC address.

It also allows you to modify, delete, and add new routes to your network adapters.

For more information about this new utility, click here.