New in Tiny Watcher 1.11 (Oct 31, 2006)
- New action "Volatile": available for changed registry entries and files, it allows to mark an item as "volatile". No further warning will be generated when this item changes again in the future.
- "Confirm" action is now available for a process file that cannot be accessed. Big thanks to Gary P. Simmons, and John J. Zahn for mentioning the problem to me.
- "Confirm" action is now available for a process which executable file path cannot be obtained (still not sure that the case will happen, though; please contact me if you see one).
- "Registry" action now pilots regedit.exe to find the relevant key (very convenient).
- "Explorer" action now automatically selects the file when the explorer opens (big thanks to Luke Hamburg for suggestion).
- Contextual menu if right-clic on an item in the warning list.
- New action "Show content" (in contextual menu only). Shows a file's content. The command is customizable from the Options window (default is running notepad).
- "Explorer" and "Show content" propose a popup menu for selection if more than one file path is mentioned in the warning (before that the first file was taken by default).
- Added ".../system32/drivers/etc/hosts" file to scanned files. Some malware are known to modify this file to "forbid" access to popular antivirus websites.
- "Remove" action on a running process terminates it brutally (added because some malwares block the opening of the Task Manager).
- Warning list table now remembers the width of each column (thanks Luke Hamburg for suggestion).
- "Select all" button instead of "Confirm all". To do a "Confirm all", click "Select all", then "Confirm".
- Explorer button is not "greyed" anymore even if no path is found in warning message (path defaults to "C:").
- Machine refuses to shutdown when watcher is open (problem list or systray icon).
- "=" in a file name makes watcher give "file created" warning endlessly.
- Special characters in a file name makes watcher give "file created" warning endlessly (followed by an error message if user "confirms" the warning).
- Systematic crash after error message (t_util.cpp, line 908) if Watcher.ini contains a line like entry=" (only one opening quote, empty string). Thanks a lot, Mister Barn! :)
- Files which were in ignore list once were staying ignored even if removed from the list.
- Problems when running 2 instances together (and error message main.cpp, line 194). Now shows a regular error message "Watcher is already running".
- Abusive error message if user uses the ENTER key over the systray icon (instead of space or mouse click).
- Abusive error message (chkTask.cpp, line 141) when a scheduled task has no executable path (ignore was continuing fine). Thanks to Doug for signaling the problem.
- Abusive error message (chkFile.cpp, line 389) when choosing "Disable" on a new directory (ignore was continuing fine).
- Abusive error message (t_util.cpp, line 252) when selecting a warning that contains a path with redundant "/" or "" (like "C:Windowsfoo.bat").