NirBlog

If you work on Windows XP, you probably already familiar with the animated search puppy that show its unessential tricks while you make a search. However, this puppy has a small “feature” that many people don’t know about.
If you make a search, and then leave the search window opened without touching it for a long time, the search puppy get tired and goes to sleep….

Good Night !

While looking into the cache folder of Google Chrome Web browser, I found out that the file structure inside this folder looks a little familiar.
Similar to the cache of Mozilla/Firefox browsers, it has 3 data files, numbered from 1 to 3, when file number 1 is the smallest file, and the largest file is file number 3. It also has a cache map file, which numbered as ‘0’, and other files with hexadecimal numbers which contains the binary content of some cached files.

Here’s an example for the file structure in the cache folder of Chrome:

And here’s the cache folder of Firefox:

After looking more deeply into the cache folder of Chrome, I found out that the internal structures of the cache files are a little different from the structures of Firefox, but it still was very easy to figure out how to read these files, and you can see the result in my new ChromeCacheView utility.

It seems that there is a weird bug in beta 2 release of Internet Explorer 8.
When browsing into the main page of NirSoft Web site, the transition effect stops in the middle of the transition process, and the user may think that the Web browser just hang. However, after resizing the window a little, everything returns back to normal.

Here’s an example of how my site may look when browsing it with IE8:

Messages like “You have a Virus in your software” are received into my Inbox on daily basis, and a lots of them comes from AVG Antivirus. So I decided to check the current status of AVG false positives, by scanning the utilities folder of my site.
First, I copied the utils folder of my site into a new place (I don’t really want that AVG will touch my original site folder…), and then I allowed AVG Antivirus to scan the folder.
After AVG finished the scan, it splited the scan result into 2 categories: Infections and Spyware.
Most of the alerts on my utilities folder appeared under the ‘Spyware’ section.
I really would want to understand what is going in the minds of AVG guys when they decided to detect my software as Spyware.

Anyway, I used my own SysExporter utility to grab the scan result from AVG and display it as HTML. Luckily, SysExporter is not detected as infection by AVG, otherwise, it wouldn’t allow me to run and use it.
So here’s the AVG “False Positive” list, the Spyware section:

And this one is the Infections section:

And finally, here’s another issue with AVG and other Antivirus software:
When you exit from the Antivirus software, it won’t display any Virus/Trojan/Spyware warning, but the service of the Antivirus is still running in the background, and prohibits you from running any file that is detected as infected.
This mean that if you try to run one of my tools that are detected as Spyware/Virus while AVG application is not running, you’ll get the following error message:
“Windows cannot access the specified device, path, or file. You may not have the appropriate permission to access the item”.

Most people that get this kind of error, think that there is a bug in my software, and don’t know that the Antivirus is the one that cause the problem.

I added 2 new options to OpenedFilesView that allows you to hide system files when you don’t really want to watch them:

• Hide System Process Files: Hide all files opened by ‘System’ process.
• Hide Svchost Files: Hide all files opened by svchost process.

Choosing the above 2 option can decrease the size of opened files list by dozens of items, and allow you to only watch the opened files of non-system applications. These options are available starting from version 1.25 of OpenedFilesView.

While watching a video in Microsoft Web site, I accidently discovered that my WebVideoCap tool cannot capture the video.
I don’t remember that I received any complaint about this problem, but this is somewhat make sense – because Microsoft is probably one of very few Web sites that uses Silverlight to play a video.
After looking into it with a sniffer, I found out that Silverlight streams are very similar to MMS that WebVideoCap already supports, so with a very small change in the code, I managed to make it work.
In the bottom line, starting from version 1.33, WebVideoCap can also capture the Silverlight videos in Microsoft Web site.

Starting from version 1.50 of CurrPorts utility, there is a new option: “Display Port In Address”.
If you turn on this option, the local/remote addresses columns will also display the port number,in address:port format.

If you turn on this option, the port columns are not needed anymore, so you can go to ‘Column Settings’ and remove them.

Many users requested that Volumouse will display a simple “On Screen Display” indicator, like the one that appears when changing the volume in modern TV and monitors.

So here it comes… It’s very simple for now, but I’ll probably make it better in future versions:

If you want to use this feature, download the latest version of Volumouse, and in the ‘Indicator Type’ option, choose ‘On Screen Display’.