NirBlog

A few years ago, I released a small tool known as “NK2View” that allows the users to view the content of MS-Outlook AutoComplete file (the file with .nk2 extension) , which contains hundreds of  names and emails that the user send them one or more messages.

After releasing NK2View, I received many requests to add delete/edit features into NK2View and thus I added ‘Delete’ and ‘Add From Address Book’ options into this tool. However, these editing features were very limited and also didn’t work well in some NK2 files.  The limitations and problems with Nk2View led me to create a completely new tool that can fully edit  any NK2 file.

NK2Edit is the new NK2 editing tool that can edit any field in the NK2 file (Including the display name, the email address, the MS-Exchange address, the drop-down name, and more), delete unwanted records, add new records from the address book or by typing any email address/MS-Exchange address you need,  easily merge 2 or more NK2 files by using Copy & Paste, fix NK2 files that cannot be loaded by Outlook, and more…

As oppose to my previous NK2View utility, which made the changes  simply by removing and injecting bytes on the existing NK2 file, NK2Edit reads the entire NK2 file into memory, analyzes all records and fields, and then when you choose to save the file, it writes all records into the file, including all the changes that you made.  Writing the entire content into the file decreases the risk of getting a corrupted NK2 file and ensures that the NK2 file will be saved as healthy file that can be used by Outlook.

NK2Edit Main Window

NK2Edit also provides some unique features for advanced users, including the “Raw Text Edit Mode” which allows you to view and edit the records of NK2 file as a text file that looks like the .ini files of Windows.  NK2Edit also allows you to write simple scripts that add, remove or modify records in the NK2 file.

Raw Text Edit Mode

Nk2Edit License

As you may notice, the license conditions for using NK2Edit are different from other NirSoft utilities.  NK2Edit is completely free for personal use at your home, like all other NirSoft utilities. However, if you need to constantly use NK2Edit in your business/company, then you have the purchase commercial license.  The reason for this license change is the lesson I learned from my NK2View utility.  I found out that .NK2 file editing is highly needed by many companies and some of them requested my help and support for using NK2View.   So I found myself in a  ridiculous situation where I have to waste my time on supporting profitable companies, but without getting any payment from it, because NK2View is freeware and companies usually don’t send donations.

This “Free for personal use” license  is the best solution for my new NK2Edit utility, because it still provide a great and completely free product for all NirSoft users at home, but requires a payment for commercial companies that may need more support and features for using this tool in corporate environment. Hopefully, the income that I get NK2Edit licenses will also allow me to spend more time on development of my other freeware tools.

It’s also important to mention that there is no any change in the license of all other utilities of NirSoft, and you can freely use them in your business organization.

For more information about NK2Edit utility, click here.

Edit record window of NK2Edit

As you probably know, today is April 1st (April Fools’ Day), which is a day for hoaxes and practical jokes in many countries around the world.

As a popular Web site which receive dozens of email messages every day, I sometimes get very weird and somewhat funny messages that look like a  good hoax, although the people that sent these message didn’t have any intention to spoof me, and they really believed in what they wrote.

Today is a great day to publish the most weird and funny message that I received into my mailbox in the last few years.  Due to my commitment to the privacy of anyone that send me a private message, I cannot publish the original messages, so I’ll only publish the general content of these messages.

So here’s the summary for the weird messages:

1. People that request a refund for my freeware utilities:  Yes, it’s hard to believe, but even when I provide my utilities for free, I still get messages from people that ask me to issue a refund for the money that they never paid me. A typical message look like this: “I paid for your software and it doesn’t work for me, I want to know how to get a refund.”
   If you wonder how it’s possible that people who never paid me request to get a refund, here’s the answer. In fact, there are 2 kind of cases:
   • People who bought a product which is very similar to one of my utilities, and mistakenly think that my utility is the one that they paid for.
   • People who “bought” my software from a scam Web site that illegally sell my utilities.  These kind of scam Web sites, like MsnPass.Info that I also published in my Blog,   promise the users things that are not really accurate, like “100% password recovery for your hotmail account”, and request the user to pay for it. After the user pays, he redirected to download my software and find out that my software doesn’t work as promised.  After that, the user find my contact email in the help file of my software, and send me a message that ask for a refund because the software doesn’t work, without understanding that he simply paid for a scam Web site, and I’m not the right address for a refund….
2. People who blame me for distributing Trojans and Viruses:  As you may already know,  most Antivirus programs show false Virus/Trojan alerts for my utilities, especially for the utilities that extract passwords or other sensitive data from the operating system.
   Because I already warn about false virus alerts in my Web site and also posted about the problem in my Blog, most people understand that the Virus alerts are false and my software is clean from any Virus or Trojan.
   However, in rare cases there are people who believe  that the Virus alert is real, and blame me for creating evil Web site that installed Trojans on their machine.

   I had a very extreme case of someone that blamed me  putting a backdoor inside my ‘ProduKey’ utility that allowed an hacker to take over his computer. He wrote me around 4 emails of science fiction stories where NirSoft is the most evil thing in the world.  From privacy reasons, I cannot publish these email messages, but this guy also chose to publish some of his Anti-NirSoft propaganda in a public forum, which you can find in the following links:

   http://www.annoyances.org/exec/forum/win2000/1229027114
   http://www.annoyances.org/exec/forum/win2000/1225682351

3. People who complain that my utilities are not freeware and require them to pay:  Yes, I got a few messages in the past that looked like this: “Your Web site is a scam, it says that the software is free, but when I download the software, I get a message that the trial period expired and ask me to pay for the software.”
   Do you wonder how is it possible ? Here’s the answer:
   There are people that install and use shareware zip products, like WinRar or Winzip as their default software to open zip files. When they download my utilities in zip file,  WinRar or Winzip, which is the default software to open zip file in their computer, show a message that their trial period expired. Some people that see this message, think that my software is the one that show the expired message…
4. People who complain that my Web site is down for many days: Sometimes I get a message that looks like “Your Web site is down for many days.  Are you going to bring your Web site back online,  or you closed your Web site completely ?”.  The people that sent this kind of message simply couldn’t access my Web site because they had a firewall or other security related software that blocked my Web site.
5. People who complain that I don’t have any download link on my Web site: All my utilities pages provide a download link in the bottom of the page, but sometimes there are visitors that cannot figure out that they have to scroll down the page in order to reach the download link. So I  get email messages that looks like “I browse into your Web site and I found many interesting utilities, but you don’t provide any link to download them. Is there  any way to download your software or your Web site is just a scam ?”
6. Call me 12341235 urgently, I need help in using your program: Some people think that if I provide my utilities for free, I also have to call them (and pay for the phone expenses too ?)  and personally explain them how to use my software, and most of them also write that it’s very urgent.
7. Please send me the password for myemail@email.com, it’s very urgent ! : Some people think that I’m a magician or a super-hacker that  can find the password of any email account, so they ask me to send them the password of the specified email urgently. Some of them ask me to send the lost password of their own email account.
   Some others, send me requests that looks like this one: “I think that my fiance is cheating on me and I need to check her email in order to get proofs.  Please send me the password for her email account as soon as possible. The email address is myemail@email.com”.
8. People who complain that the zip file disappear after download: Sometimes I get message like “You have a bug in your software – when I try download it, the file disappear immediately after I download it.”
   I also get messages like “I downloaded your software, but the zip file doesn’t contain any .exe file that I can run. Please fix the zip file in your Web site because I want to use your software”.
   Both of these problems occur because there is Antivirus software that runs in the background and delete the .zip file or the .exe file stored in the zip file.

That’s all for now. I just want to clarify that all the stories that I mentioned in this Blog post are based on real email messages that were sent by real people. It’s not a joke for April Fools’ Day.

The new versions of SmartSniff and SniffPass utilities allows you to capture network traffic with the version 3.x of Microsoft Network Monitor driver. This feature is especially useful for the users of Windows Vista, Windows 7, and Windows Server 2008, because the old version of Microsoft Network Monitor doesn’t support these operating systems.

Also, Microsoft Network Monitor 3 provide a new feature for Windows Vista/7/2008 users – it allows you to switch your Wifi adapter to ‘Monitor Mode’ (Only if the adapter supports this mode), which means that it can capture the traffic from other wireless networks around your location.

When using this ‘Monitor Mode’ with SmartSniff, it won’t be able to capture the traffic from most of the wireless networks, simply because they are encrypted with WEP/WPA. However,  if there are some unencrypted wireless networks in your area,  SmartSniff will be able to capture and show the content of the transferred TCP/UDP packets.

SmartSniff with Network Monitor 3 driver

Another important feature added into the new version of  SmartSniff/SniffPass is the ‘Promiscuous Mode’ check box for WinPCap driver capture mode. In previous versions, these utilities always turned on the  ‘Promiscuous Mode’, but with many Wifi adapters, the capturing doesn’t work at all when using them in Promiscuous Mode.  Starting from these new version of SmartSniff/SniffPass, the Promiscuous Mode is turned off by default, and you can turn it on in the ‘Capture Options’ window when you need it.

NetRouteView is a new utility that can be used as alternative to the standard route utility (Route.exe) of Windows operating system. It displays the list of all routes on your current network, including the destination, mask, gateway, interface IP address, metric value, type, protocol, age (in seconds), interface name, and the MAC address.

It also allows you to modify, delete, and add new routes to your network adapters.

For more information about this new utility, click here.

NetRouteView

OperaPassView is a new password recovery utility that decrypts the content of the Opera Web browser password file (wand.dat) and displays the list of all Web site passwords stored in this file. You can easily select one or more passwords in the OperaPassView window, and then copy the passwords list to the clipboard and save it into text/html/csv/xml file.

Currently, OperaPassView cannot decrypt the passwords if they encrypted with the master password. I’ll possibly add support for master password in future versions.

For more information about OperaPassView, click here.

OperaPassView

The download page of NirLauncher package now also allows you to download all translations of the desired language in one zip file.  After you download the right translation package, you can extract it into the NirSoft subfolder of NirLauncher package, and then every utility that you run will be loaded with your language, as long as the translation for this utility is available.

The translations packs are automatically created and updated each time that a new versions of NirLauncher package is released.

For now, I added the translation packs for 10 languages only, but it’s possible that more languages will be added according to users requests.

When you search the content of files with Windows search, there are special plug-ins known as “IFilter” that allows Windows to search inside different file formats. For example: If you request to search for a string inside a Word document file (.doc extension),  the “Microsoft Office Filter” component (OffFilt.dll) is used for reading and parsing the Word document.

SearchFilterView is a new utility that allows you to easily view the list of IFilter components installed on your computer, as well as it allows you to add and remove the file extensions that are used for the specified IFilter.

SearchFilterView is available to download from here.

SearchFilterView

AppCrashView is a new utility that allows you to easily watch the application crashes that have been occurred in your system. There is one major drawback for this tool – it currently only works under Windows Vista, Windows 7, and Windows 2008, so most of Windows users cannot use it.  This utility relies  on the .wer files (W.E.R = Windows Error Reporting) created only by  the newer versions of Windows (Windows 7/Vista/2008), and thus older versions of Windows are not supported.

It’s possible that in future versions, I’ll also add support for Windows XP/2000/2003 by using Dr. Watson (Drwtsn32.exe) or other debug component that automatically captures the application crash information.

For more information about AppCrashView utility, click here.

New utility in NirSoft collection, ShellMenuNew, allows you to easily disable and enable menu items that are listed under the ‘New’ submenu of Explorer.

Explorer New Submenu

This utility was not specified in the utilities plans for 2010 that I posted a few weeks ago, simply because I created this utility within a few days without planning to create it before.

You can read more about this utility and download it in this ShellMenuNew web page.

ShellMenuNew

2 disk related utilities added to NirSoft in the last week. The first one, DiskCountersView, displays the system counters of each disk drive in your system, including the total number of read/write operations and the total number of read/write bytes. It also displays general drive information, like disk name, partition number, partition location, and so on.

DiskCountersView

The second utility, DiskSmartView, retrieves the S.M.A.R.T information (S.M.A.R.T = Self-Monitoring, Analysis, and Reporting Technology) from IDE/SATA disks. This information includes the disk model/firmware/serial number, cylinders/heads, power-on hours (POH), internal temperature, disk errors rate, and more. You can use the S.M.A.R.T information retrieved by DiskSmartView to find out whether there is any significant problem in your disk drive.

DiskSmartView

Both utilities are already included in the latest release of NirLauncher package at http://launcher.nirsoft.net