Table of ContentsClose
Coder for Life

Utilities

A collection of tools that I developed while customizing the install of Windows 7 for the Lego Tivo. Most of these tools are fairly simple and straight-forward, however they save a lot of time when trying to perfect the install CD. Some are useful outside of this and could be used in a number of cases.

All of these are put into the public domain and come with no warranty. I would appreciate it if you gave me credit however.

The current programs are:

  • BatchResourceUpdater: automates extracting and updating resources from PE files (EXE, DLL, ...)
  • PEChecksum: displays and updates the checksum of PE files (EXE, DLL, ...)
  • img2bmp32: converts images to 32-bit BMP with pre-multiplied transparency (for Windows binaries)
  • expstart: changes the Start button image in-memory for Windows 7 instead of modifying the file
  • xdel: deletes files and directories even if you aren't allowed to
  • xregdelkey: deletes registry keys and subkeys even if you aren't allowed to
  • bcopy: copies a file using backup semantics (can copy to/from inaccessible files)
  • security: extracts and applies security information
  • AddCertToRegHive: adds a certificate to a registry hive file
  • BitDifference: compares two files byte-wise to see if they are the same
  • unblock: removes the unsafe security block from a file
  • DuplicateFileFinder: quickly finds duplicate files on your computer
  • hide: runs a command-line completely hidden from view
  • FirstUXRes: adapts the FirstUXRes animation with a new background
  • HexFileTime: displays or sets file creation/modification/accessed time in hex
  • FindLinks: finds all hard links to a specific file


MinGW Unicode Support

I wished these programs to be as small as possible, have the minimal number of dependencies, and be compiled for 32 and 64 bit platforms. I turned to the MinGW project but quickly found out that it did not fully support Unicode programs (specifically they did not support the Unicode main functions). I made wrappers for wmain / wWinMain so that MinGW could be used seamlessly with Unicode (WCHAR), regular (CHAR), or the ability to choose (TCHAR). The wrappers are provided below and the instructions for using them are in the files, you can also look at the programs I wrote for examples.

MinGW Unicode Main Wrapper (1.32 KB, updated 2012-11-08)

MinGW Unicode GUI Main Wrapper (1.75 KB, updated 2012-11-08)



BatchResourceUpdater

The BatchResourceUpdater (BRU) program automates extracting, updating, and removing of resources from PE and RES files. It uses an XML file to describe all the actions it should perform, manipulates the files, saves them, and updates the checksum of the files. This program is not fully tested so backup all files first. However, I have seen no problems yet.

This is meant to complement, not replace, programs such as ResourceHacker. BatchResourceUpdater provides you with no way of finding out which resources already exist and you can only view resources by extracting them. It does nothing special for string, menu, and dialog resource types. Instead you should use ResourceHacker to modify the resources, extract them, and then use BRU. Where BRU really shines is the automation - allowing you to 'instantly' apply resource changes if the binary changes (e.g. because of a Windows Update).

Features:

  • Extracts, adds, and removes resources from PE (EXE, DLL, OCX, SYS, DRV, MUI, ...) and RES files
  • XML file describes batch resource extracting / updating
  • Uses a custom made PE/RES file writer (haven't seen this fail yet, even when ResourceHacker fails)
  • Smart extracting/updating of:
    • BITMAP to/from BMP
    • ICON and GROUP_ICON to/from ICO
    • CURSOR and GROUP_CURSOR to/from CUR
  • Other resource types are copied as binary (works well for PNG, RCDATA, IMAGE, ANICURSOR, ...)
  • Automatically updates checksum on updated files

Updates:

  • 11/13/2011: Updated binaries and source project to only require .NET 2.0
  • 10/12/2011: Added the ability to extract, add, and remove resources from RES files
  • 10/11/2011:
    • Replaced the PE file writer with the one from the Windows 7 Boot Updater which results in a much smaller and faster program and works with files lacking a ".rsrc" section. It no longer attempts to use the built-in Windows API functions to update resources since they failed so often.
    • Fixed a bug where it would not extract to folders that did not exist yet
    • Fixed a bug where adding ICO/CUR entries to PE files would report failure and not create the group
  • 8/31/2010: Fixed a bug that corrupted the digital certificate on files
  • 8/1/2010: Added CPL, EFI, COM, AX, ACM, and IME to the acceptable PE extensions list

Need to clarify:

  • Any other resource types that should have special treatment?

Features it will never have:

It is written in C++/CLR and requires .NET 2.0 and Visual C++ 2010 SP1 runtimes (download x86 / x64). The PE/RES file-modifying code and ICO/CUR manipulators are written in C++ and do not require any libraries.

BatchResourceUpdater (32-bit) (85.5 KB, updated 2012-11-08)

BatchResourceUpdater (64-bit) (101 KB, updated 2012-11-08)

Read Me (1.84 KB, updated 2012-11-08)

Tests and Example 1 (4.76 MB, updated 2012-11-08)

Example 2 (17.53 MB, updated 2012-11-08)

Source Code (48.72 KB, updated 2012-11-08)



PEChecksum

Display and updates the checksum on PE files (EXE, DLL, OCX, SYS, DRV, MUI, ...). It works with 32 and 64 bit files. The checksum needs to be updated on critical Windows file if their resources (or other things) are changed. All command line arguments are treated as files to update checksums for. It is written in C.

PEChecksum (32-bit) (7.5 KB, updated 2012-11-08)

PEChecksum (64-bit) (15.5 KB, updated 2012-11-08)

PEChecksum Source Code (44.23 KB, updated 2012-11-08)



img2bmp32

Converts many image formats (GIF, JPEG, PNG, TIFF, WMF, EMF, BMP, and ICO) to 32-bit BMP with am alpha channel. The alpha channel is pre-multiplied which is required for Windows BITMAP resources. Programs like GIMP don't do the pre-multiply step and cause the images to display very oddly when used. All command line arguments are treated as images to convert to BMP. The files are renamed to have the "bmp" extension. It is written in Visual C++ CLR and requires .NET 2.0 and Visual C++ 2008 runtimes (download: x86 / x64).

Bug fixes:

  • Header information had wrong size of bitmap data (although this is apparently ignored)

img2bmp32 (32-bit) (35.5 KB, updated 2012-11-08)

img2bmp32 (64-bit) (44 KB, updated 2012-11-08)

img2bmp32 Source Code (18.56 KB, updated 2012-11-08)



expstart

Allows the Start Button to be replaced in Windows 7 while not causing "unknown publisher" errors seen when directly replacing the resources in explorer.exe.

It works by replacing explorer.exe as the startup program for the user, starting explorer.exe in a suspended state, replacing the necessary resources in memory (not on disk), and then allowing explorer.exe to resume as normal. One additional hurdle I ran into is that if explorer.exe does not think it is the normal startup program it acts weird, so every boot up the registry is updated a couple times to trick it. Because of this additional trick, if explorer.exe crashes you will have to restart it using expstart.exe. It is written in C.

How to use it:

  1. Download expstart.exe (either 32 or 64 bit version, depending on your system)
  2. Update resources BITMAP:6801-6812 in expstart.exe:
    • Use ResourceHacker or similar program to modify the resources of expstart.exe
    • Must be identical sizes
    • Must be 32-bit pre-multiplied alpha BMPs (you can use img2bmp32 to convert to BMP properly)
  3. Put the modified expstart.exe into the C:\Windows folder
  4. Run install.reg from the zip file
  5. Restart (or kill explorer.exe and start expstart.exe)

To Uninstall: Run uninstall.reg from the zip file and restart

Explorer Starter (expstart) (32-bit) (201.54 KB, updated 2012-11-08)

Explorer Starter (expstart) (64-bit) (205.17 KB, updated 2012-11-08)

Source Code (72.15 KB, updated 2012-11-08)



xdel

Deletes files and folders even if you aren't allowed to. It even supports wildcard expressions. This is essentially TAKEOWN, ICACLS, then RD or DEL in succession, however this is much more reliable and stronger. DEL/RD fail to delete some files even if you have permissions and the file matching performed xdel is better, especially since TAKEOWN and ICACLS have broken wildcard pattern matching. Written in C. All command line arguments are treated as files, folders, or wildcard expressions to delete. Wildcard expressions automatically recurse into subfolders. The program reports the total number of files deleted and their combined size. You must have administrator privileges to delete protected files and you may need to elevate.

Fixes:

  • 7/31/2010:
    • Added built-in support for taking ownership and granting access:
      • Improved speed
      • Not dependent on utilities TAKEOWN and ICACLS
      • No more system-wide flashing wait cursor
    • Improved handling of read-only files
  • 3/14/2010:
    • Now works if your username has spaces
    • Converted to C from C++ so the 64-bit version does not require some random GCC DLL
    • Now can be compiled with or without Unicode support

xdel (32-bit) (17.5 KB, updated 2012-11-08)

xdel (64-bit) (27 KB, updated 2012-11-08)

xdel Source Code (42.1 KB, updated 2012-11-08)



xregdelkey

Deletes registry keys (and their subkeys) even if you don't have permission to. Written in C. All command line arguments are treated as keys. The root keys can be in short or long form (e.g. HKLM or HKEY_LOCAL_MACHINE). You must have administrator privileges to delete protected keys and you may need to elevate.

xregdelkey (32-bit) (11 KB, updated 2012-11-08)

xregdelkey (64-bit) (18 KB, updated 2012-11-08)

xregdelkey Source Code (17.33 KB, updated 2012-11-08)



bcopy

Copies a file even if you aren't allowed to read the source or write to the destination. It uses backup semantics, BackupRead, and BackupWrite. Written in C. The command line must be a source and destination. One day I may add directory and wildcard support. You must have administrator privileges to use backup semantics and you may need to elevate. Note this does not have the ability to copy in-use files, you need a program like Unlocker to copy those.

This replaces a previous utility I had called xrepl. This works MUCH better than xrepl: doesn't require the destination file to already exist, much simpler and straightforward, and doesn't give up for stupid reasons like unknown SID values. However, if you wish to look at xrepl to learn about some Windows security stuff you can read about and download it here.

bcopy (32-bit) (11 KB, updated 2012-11-08)

bcopy (64-bit) (17.5 KB, updated 2012-11-08)

bcopy Source Code (16.29 KB, updated 2012-11-08)



security

Extracts and applies security informtaion from a file and stores it in a binary file. Only deals with owner and DACL information. Written in C. You must have administator privileges to change owners and some other security information and you may need to elevate. Command line:

  1. security /extract file secinfo.bin
  2. security /apply secinfo.bin file

security (32-bit) (10 KB, updated 2012-11-08)

security (64-bit) (16.5 KB, updated 2012-11-08)

security Source Code (14.37 KB, updated 2012-11-08)



AddCertToRegHive

Adds a certificate to an off-line registry hive. This means you can add a certificate to install.wim so that on first boot it is available or to another system that is currently off. It only supports the local machine stores. Written in C. You will probably need administator privileges to use this tool and you may need to elevate. Command line:

  1. AddCertToRegHive hive crt.cer [/CRL crl.crl] [/Store store]

Where:

  • hive is a registry hive for HKLM\SOFTWARE found at Windows\System32\config\SOFTWARE
  • crt.cer is the certificate to import
  • crl.crl is the optional CRL to also import
  • store is the store to import to, defaults to ROOT

Fixes:

  • 9/5/2010: Added support for importing CRLs

AddCertToRegHive (32-bit) (13 KB, updated 2012-11-08)

AddCertToRegHive (64-bit) (19 KB, updated 2012-11-08)

AddCertToRegHive Source Code (17.59 KB, updated 2012-11-08)



BitDifference

Compares two files byte-wise to see if they are the same. If the files are different sizes it checks the files up till the end of one of the files and reports any differences or which file is shorter. Written in C. Command line arguments are the two files to compare. Additionally you can specify an offset within each file to start searching from. Run the program without arguments for how.

Fixes:

  • 3/6/2011: Added support for specifying offsets to start at within each file
  • Made it so you can use this in a batch file by giving meaningful error codes

BitDifference (32-bit) (12.5 KB, updated 2012-11-08)

BitDifference (64-bit) (15 KB, updated 2012-11-08)

BitDifference Source Code (14.8 KB, updated 2012-11-08)



unblock

Removes the "Are you sure you want to run this software?" security warning from files that have been downloaded or copied from a network share. Written in C. Command line arguments are the files you want to unblock or directories to unblock every file in. Doesn't accept wildcards.

unblock (32-bit) (10.5 KB, updated 2012-11-08)

unblock (64-bit) (17 KB, updated 2012-11-08)

unblock Source Code (17.71 KB, updated 2012-11-08)



DuplicateFileFinder

Quickly finds duplicate files on your computer. It does this by first iterating all files in the search paths. Any files that have unique filesizes are removed right away as they could have no duplicate. Then the partial MD5 hash is calculated for each file (a partial hash greatly speeds up the program for larger files and does not really increase the number of false matches). Then all files having the same hash are compared byte-wise to see if they are actually identical. Written in C. Command line arguments are the paths to search, if none are given this defaults to the Documents, Pictures, Music, and Videos folders for the current user. Saves all matches into a text file and displays progress in standard output.

Bug fixes:

  • Converted to C from C++ so the 64-bit version does not require some random GCC DLL

DuplicateFileFinder (32-bit) (19.5 KB, updated 2012-11-08)

DuplicateFileFinder (64-bit) (28.5 KB, updated 2012-11-08)

DuplicateFileFinder Source Code (117.78 KB, updated 2012-11-08)



hide

Runs a command-line completely hidden from view. This allows you to run batch files or command-line programs without the big black box showing up on the screen. The downside is if the program asks for input it will wait forever. Written in C. The command line is the entire command to run. To have support for input/output redirection you must invoke CMD like so:

  1. hide cmd /c dir >output.txt

hide (32-bit) (6.5 KB, updated 2012-11-08)

hide (64-bit) (13.5 KB, updated 2012-11-08)

hide Source Code (10.77 KB, updated 2012-11-08)



FirstUXRes

Adapts the FirstUXRes animation (see Windows\System32\oobe\FirstUXRes.WIM in install.wim) during the first boot to have a different background. The default animation has a solid black background, and using an algorithm from GIMP to replace a color with alpha and places a new background is behind the animation. The animation is 340x68 pixels and is placed at 342x579 on top of FirstUXBackground.bmp that you provide (1024x768). To use this program you need to copy the area from 342x579 to 682x647 into a seperate image file (BMP, GIF, JPEG, PNG, TIFF, WMF, EMF, or ICO), then run this program like:

  1. FirstUXRes <new background> <folder with originals> <folder to save new animation files> FirstUXRes new-background.bmp originals out

It is written in Visual C++ CLR and requires .NET 2.0 and Visual C++ 2008 runtimes (download: x86 / x64).

FirstUXRes (32-bit) (38.5 KB, updated 2012-11-08)

FirstUXRes (64-bit) (46 KB, updated 2012-11-08)

FirstUXRes Source Code [includes original animation] (653.14 KB, updated 2012-11-08)



HexFileTime

Displays or sets the file creation/modification/access time using hex notation. The hex values are 64-bit integers (sometimes written as two 32-bit integers of high and low parts) that are fairly portable. Run the program on a file to get the hex values you want and then set those values on another file. Written in C. The command line is the file to display or set first, then if you are setting the creation, modification, and access times. If you don't want to set a particular value, you must have the argument but just make it something invalid (like 'X').

HexFileTime (32-bit) (9.5 KB, updated 2012-11-08)

HexFileTime (64-bit) (15.5 KB, updated 2012-11-08)

HexFileTime Source Code (14.23 KB, updated 2012-11-08)



FindLinks

Finds all the hard links to a file. This is used extensively by Windows system files, winsxs, and many other system places. Written in C. The command line is the file to examine. In Windows XP only basic information and not the actual file names of the links is retrieved, in Windows Vista and newer all the names are retrieved. Note: If you have Windows 64-bit you MUST use the 64-bit version since Windows 64-bit manipulates file paths invisibily for 32-bit programs.

FindLinks (32-bit) (8.5 KB, updated 2012-11-08)

FindLinks (64-bit) (15 KB, updated 2012-11-08)

FindLinks Source Code (19.77 KB, updated 2012-11-08)

Comments

0 Responses to 'Utilities' Feed for this Entry

There are currently no comments.


Leave a Reply >
Note: If you are having a problem with Windows 7 Boot Updater read the troubleshooting list first!.
If your question has already been answered there or in the comments it will be deleted.
Automatically creates links and paragraphs.
Many HTML tags are supported.
Use <code language=""></code> for code.
Language can be dos, java, php, c, ...
(not published)