Windows Sysinternals Suite Build 2007.12.18
Build 2007.12.18
The Sysinternals Troubleshooting Utilities have been rolled up into a single Suite of tools. This file contains the individual troubleshooting tools and help files. It does not contain non-troubleshooting tools like the BSOD Screen Saver or NotMyFault. Microsoft acquired Sysinternals in July, 2006. Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows systems and applications. If you have a question about a tool or how to use them, please visit the Sysinternals Forum for answers and help from other users and our moderators.
The Suite is a bundling of the following selected Sysinternals Utilities:
* AccessChk: This tool shows you the accesses the user or group you specify has to files, Registry keys or Windows services.
* AccessEnum: This simple yet powerful security tool shows you who has what access to directories, files and Registry keys on your systems. Use it to find holes in your permissions.
* AdExplorer: Active Directory Explorer is an advanced Active Directory (AD) viewer and editor.
* AdInsight: An LDAP (Light-weight Directory Access Protocol) real-time monitoring tool aimed at troubleshooting Active Directory client applications.
* AdRestore: Undelete Server 2003 Active Directory objects.
* Autologon: Bypass password screen during logon.
* Autoruns: See what programs are configured to startup automatically when your system boots and you login. Autoruns also shows you the full list of Registry and file locations where applications can configure auto-start settings.
* BgInfo: This fully-configurable program automatically generates desktop backgrounds that include important information about the system including IP addresses, computer name, network adapters, and more.
* BlueScreen: This screen saver not only accurately simulates Blue Screens, but simulated reboots as well (complete with CHKDSK), and works on Windows NT 4, Windows 2000, Windows XP, Server 2003 and Windows 9x.
* CacheSet: CacheSet is a program that allows you to control the Cache Manager's working set size using functions provided by NT. It's compatible with all versions of NT.
* ClockRes: View the resolution of the system clock, which is also the maximum timer resolution
* Contig: Wish you could quickly defragment your frequently used files? Use Contig to optimize individual files, or to create new files that are contiguous.
* Ctrl2cap: This is a kernel-mode driver that demonstrates keyboard input filtering just above the keyboard class driver in order to turn caps-locks into control keys. Filtering at this level allows conversion and hiding of keys before NT even "sees" them. Ctrl2cap also shows how to use NtDisplayString() to print messages to the initialization blue-screen.
* DebugView: Another first from Sysinternals: This program intercepts calls made to DbgPrint by device drivers and OutputDebugString made by Win32 programs. It allows for viewing and recording of debug session output on your local machine or across the Internet without an active debugger.
* DiskExt: Display volume disk-mappings
* DiskView: Graphical disk sector utility
* Diskmon: This utility captures all hard disk activity or acts like a software disk activity light in your system tray.
* Du: View disk usage by directory
* EFSDump: View information for encrypted files
* Filemon: This monitoring tool lets you see all file system activity in real-time.
* Handle: This handy command-line utility will show you what files are open by which processes, and much more.
* Hex2dec: Convert hex numbers to decimal and vice versa.
* Junction: Create Win2K NTFS symbolic links
* LDMDump: Dump the contents of the Logical Disk Manager's on-disk database, which describes the partitioning of Windows 2000 Dynamic disks.
* ListDLLs: List all the DLLs that are currently loaded, including where they are loaded and their version numbers. Version 2.0 prints the full path names of loaded modules.
* LiveKd: Use Microsoft kernel debuggers to examine a live system.
* LoadOrder: See the order in which devices are loaded on your WinNT/2K system
* MoveFile: Allows you to schedule move and delete commands for the next reboot.
* LogonSessions: List the active logon sessions on a system.
* NewSID: Learn about the computer SID problem everybody has been talking about and get a free computer SID changer, NewSID.
* NTFSInfo: Use NTFSInfo to see detailed information about NTFS volumes, including the size and location of the Master File Table (MFT) and MFT-zone, as well as the sizes of the NTFS meta-data files.
* PageDefrag: Defragment your paging files and Registry hives!
* PendMoves: Enumerate the list of file rename and delete commands that will be executed the next boot
* Portmon: Monitor serial and parallel port activity with this advanced monitoring tool. It knows about all standard serial and parallel IOCTLs and even shows you a portion of the data being sent and received. Version 3.x has powerful new UI enhancements and advanced filtering capabilities.
* Process Explorer: Find out what files, registry keys and other objects processes have open, which DLLs they have loaded, and more. This uniquely powerful utility will even show you who owns each process.
* Process Monitor: Monitor file system, Registry, process, thread and DLL activity in real-time.
* ProcFeatures: This applet reports processor and Windows support for Physical Address Extensions and No Execute buffer overflow protection.
* PsExec: Execute processes with limited-user rights.
* PsFile: See what files are opened remotely.
* PsGetSid: Displays the SID of a computer or a user.
* PsInfo: Obtain information about a system.
* PsKill: Terminate local or remote processes.
* PsList: Show information about processes and threads.
* PsLoggedOn: Show users logged on to a system
* PsLogList: Dump event log records.
* PsPasswd: Changes account passwords.
* PsService: View and control services.
* PsShutdown: Shuts down and optionally reboots a computer.
* PsSuspend: Suspend and resume processes.
* PsTools: The PsTools suite includes command-line utilities for listing the processes running on local or remote computers, running processes remotely, rebooting computers, dumping event logs, and more.
* RegDelNull: Scan for and delete Registry keys that contain embedded null-characters that are otherwise undeleteable by standard Registry-editing tools.
* RegHide: Creates a key called "HKEY_LOCAL_MACHINESoftwareSysinternalsCan't touch me!0" using the Native API, and inside this key it creates a value.
* Regjump: Jump to the registry path you specify in Regedit.
* Regmon: This monitoring tool lets you see all Registry activity in real-time.
* RootkitRevealer: Scan your system for rootkit-based malware
* SDelete: Securely overwrite your sensitive files and cleanse your free space of previously deleted files using this DoD-compliant secure delete program.
* ShareEnum: Scan file shares on your network and view their security settings to close security holes.
* Sigcheck: Dump file version information and verify that images on your system are digitally signed.
* Streams: Reveal NTFS alternate streams
* Strings: Search for ANSI and UNICODE strings in binaryimages.
* Sync: Flush cached data to disk
* TCPView: Active socket command-line viewer.
* VolumeId: Set Volume ID of FAT or NTFS drives
* Whois: See who owns an Internet address.
* Winobj: The ultimate Object Manager namespace viewer is here.
* ZoomIt: Presentation utility for zooming and drawing on the screen.
What's New (December 18th, 2007):
* Updated Autoruns to version 9.0
* Updated PsExec to version 1.93
官方站点:http://www.microsoft.com/technet/sysinternals/utilities/sysinternalssuite.mspx
D900变板儿砖1小时惊魂记
由于D900一直没有在大陆发售,所以也就没有官方的简体中文ROM,因为是05年的机型也就享受不到官方的WM6ROM,这么强悍的机器就这样一直在用着,从买来到现在就完整的看过一部录像,因为转换格式太耗费时间。一年多过去了,D900不知道刷过多少次ROM,估计有上百次了,也从来没有出现过问题,今天却让我大冒冷汗。
因为买了块新的3200毫安电池,所以刷机的时候都是用之前的原装电池来刷,今天得知有最新的ROM,赶紧下载准备刷机,换下新电池安装上旧电池,与以往一
安装 Windows Vista SP1 RC1 - 晒图
早先得知 MSDN 订阅用户可以获取一个工具,从而能够从 Windows Update 下载并安装 Vista SP1 RC1,于是开始了更新旅程。上个星期天通过工具对系统进行了自动修改,之后从 Windows Update 下载到3个更新之后便没有动静了,并没有得到 SP1 RC1 更新。今天总算有些空闲,整个又是微软补丁发布日,于是重新执行了更新检查,获得到12月份的安全更新,同时发现微软已经开始将 Office 2007 SP1 推送给用户,200多兆,网络不是很稳定耗去不少时间。在更新之后重启了计算机提示有一个新的更新,一看!哈哈!是Vista SP1 RC1,直接通过执行更新。系统开始进行下载前的检查,之后发现这个更新才有50多兆,呵呵不是所谓的1G多,可能与系统当前状态和组件有关。又开始了漫长了下载,在48%左右发现更新包的容量又变成了70多兆,够奇怪的!在下载过程中发现硬盘读取很频繁,经过漫长的等待(如果找个10M光缆专线,也不至于这样,该死的公司宽带!)终于下载完毕。出现了安装向导界面!
老样子接受许可协议。
友情提示,安装过程的注意事项。
开始安装 Vista SP1 RC1 耗去大概20分钟左右。
因为系统运行中有些文件被锁定,所以需要在完成安装后重新启动进行更新配置,大概用去了15分钟左右,中间启动过一次,之后更新便完成了,查看一下系统信息,并运行Winver查看系统版本,已经更新为Service Pack 1, v.668。
刚刚装上没有太大的变化,不过感觉系统运行速度较之前有了明显的提升,其他的漫漫体验……
有关 Windows Vista SP1 RC1 的相关文档可以从这里获取:http://www.microsoft.com/downloads/details.aspx?familyid=E71F0083-1013-4F9C-A3F9-C56E7120A5E9&displaylang=en
