Log in

View Full Version : Microsoft starts to mess with Sysinternals tools

JMI
November 28th, 2006, 01:24
Well Boys and Girls:

We knew it was bound to happen. M$ has started to "mess" with the original Systernals files. The following was posted in Exetools today by MarkusO:

http://www.exetools.com/forum/showthread.php?t=10401

"Today I checked if there where any updates for one or several of my Sysinternals tools. To my suprise, all Sysinternals tools have been rebuilt on November 1st, 2006.

I compared what was changed. It seems like most code is just a recompile with different compiler settings. Microsoft has also placed a giantic new EULA in each and every executable. (all *.EXE have about the 2x - 4x the size they had before)

When Microsoft took over Sysinternals, they just packed the old executables together with new licenses. Now it seems they are messing around.

If you still want to get the latest "Sysinternals" version of your beloved tools, you should do it quickly, since nobody knows how long the old links will be working."

MarkusO then pointed out that:

"Just go to the new Sysinternals homepage, grab a link (like http://download.sysinternals.com/Files/<blabla>.zip) and replace "download" with "www". This way you can still get the old (working... ) versions of the tools."

To make this process somewhat easier for those of you who might not have the patience to complie a list of the available files, here is one I put together from what others posted there and my additions to the list, comparing it to my own download of the Systernals site in August before they went M$ing. If you put this list in your favorite download manager, you can grab the files while they still remain available.

Code:


AccesChk v2.0.zip	http://www.sysinternals.com/Files/accesschk.zip

AccessEnum v1.32 (SRC).zip	http://www.sysinternals.com/Files/AccessEnumSource.zip

AccessEnum v1.32.zip	http://www.sysinternals.com/Files/AccessEnum.zip

Accvio.zip - http://www.sysinternals.com/Files/Accvio.zip

AdRestore v1.1 (SRC).zip	http://www.sysinternals.com/Files/AdRestoreSource.zip

AdRestore v1.1.zip	http://www.sysinternals.com/Files/AdRestore.zip

Autologon v2.1 (SRC).zip	http://www.sysinternals.com/Files/AutologonSource.zip

Autologon v2.1.zip	http://www.sysinternals.com/Files/Autologon.zip

Autoruns v8.53.zip	http://www.sysinternals.com/Files/Autoruns.zip

BgInfo v4.07.zip	http://www.sysinternals.com/Files/BgInfo.zip

BlueScreen Screen Saver v3.2.zip  http://www.sysinternals.com/Files/BlueScreen.zip

CacheSet v1.0 (SRC).zip	http://www.sysinternals.com/Files/CacheSetSource.zip

CacheSet v1.0.zip	http://www.sysinternals.com/Files/CacheSet.zip

ClockRes v1.0.zip	http://www.sysinternals.com/Files/ClockRes.zip

Contig v1.53.zip	http://www.sysinternals.com/Files/Contig.zip

CPUMon v2.0.zip	http://www.sysinternals.com/Files/CpuMon.zip

Ctrl2Cap v3.0 (SRC).zip	http://www.sysinternals.com/Files/Ctrl2CapSource.zip

Ctrl2Cap v3.0.zip	http://www.sysinternals.com/Files/Ctrl2Cap.zip

DebugView v4.62.zip	http://www.sysinternals.com/Files/DebugViewNt.zip

DebugView9x		http://www.sysinternals.com/Files/DebugView9x.zip

DebugViewNt		http://www.sysinternals.com/Files/DebugViewNT.zip

Defrag.zip		http://www.sysinternals.com/Files/Defrag.zip

Diskkey.zip 		http://www.sysinternals.com/Files/Diskkey.zip

DiskExt v1.0 (with SRC).zip	http://www.sysinternals.com/Files/DiskExt.zip

Diskmon v2.01 for Win2KXP.zip  http://www.sysinternals.com/Files/DiskMon.zip

Diskmon v2.01 for WinNT.zip	http://www.sysinternals.com/Files/DiskMonNt.zip

DiskView v2.21.zip	http://www.sysinternals.com/Files/DiskView.zip

Du v1.3.zip	http://www.sysinternals.com/Files/Du.zip

EFSDump v1.02.zip	http://www.sysinternals.com/Files/EfsDump.zip

FAT32 for Windows NT 4.0 v1.06.zip	http://www.sysinternals.com/Files/Fat32.exe

Filemon v7.03 for Win32.zip	http://www.sysinternals.com/Files/FilemonNt.zip

Filemon v7.03 for Win64.zip	http://www.sysinternals.com/Files/Filemonamd64.zip

FilemonAmd64		http://www.sysinternals.com/Files/Filemonamd64.zip

Fmifs.zip		http://www.sysinternals.com/Files/fmifs.zip

Frob v1.6a.zip	http://www.sysinternals.com/Files/Frob.zip

Fundelete v2.02 (SRC).zip	http://www.sysinternals.com/Files/FundeleteSource.zip

Fundelete v2.02.exe	http://www.sysinternals.com/Files/Fundelete.exe

gpdisable.zip - http://www.sysinternals.com/Files/gpdisable.zip

Handle v3.2.zip	http://www.sysinternals.com/Files/Handle.zip

Hex2dec v1.0.zip	http://www.sysinternals.com/Files/Hex2dec.zip

Hostname v1.0.zip	http://www.sysinternals.com/Files/Hostname.zip

Junction v1.04 (SRC).zip	http://www.sysinternals.com/Files/JunctionSource.zip

Junction v1.04.zip	http://www.sysinternals.com/Files/Junction.zip

LDMDump v1.02.zip	http://www.sysinternals.com/Files/LdmDump.zip

ListDLLs v2.25.zip	http://www.sysinternals.com/Files/ListDlls.zip

LiveKd v3.0.zip	http://www.sysinternals.com/Files/LiveKd.zip

LoadOrder v1.0.zip	http://www.sysinternals.com/Files/LoadOrder.zip

LogonSessions v1.1.zip	http://www.sysinternals.com/Files/LogonSessions.zip

Native.zip 		http://www.sysinternals.com/Files/Native.zip

Netstatp (SRC).zip	http://www.sysinternals.com/Files/NetstatpSource.zip

NewSID v4.10.zip	http://www.sysinternals.com/Files/NewSid.zip

newsidsource.zip - http://www.sysinternals.com/Files/newsidsource.zip

notmyfault.zip - http://www.sysinternals.com/Files/notmyfault.zip

NTFS for Windows 98 v2.0 (Read-Only).exe  http://www.sysinternals.com/Files/NtfsWindows98.exe

NTFSCHK v1.0.exe	http://www.sysinternals.com/Files/NtfsChk.exe

NTFSDOS Professional v4.01 (Read-Only).zip	http://www.sysinternals.com/Files/NtfsDosProfessional.exe

NTFSDOS v3.02R+.zip	http://www.sysinternals.com/Files/NtfsDos.zip

NTFSFlp v1.0.zip	http://www.sysinternals.com/Files/NtfsFlp.zip

NTFSInfo v1.0 (SRC).zip	http://www.sysinternals.com/Files/NtfsInfoSource.zip

NTFSInfo v1.0.zip	http://www.sysinternals.com/Files/NtfsInfo.zip

NTRecover v1.0 (Read-Only).exe	http://www.sysinternals.com/Files/NtRecover.exe

PageDefrag v2.32.zip	http://www.sysinternals.com/Files/PageDefrag.zip

PendMoves and MoveFile v1.1.zip	http://www.sysinternals.com/Files/PendMoves.zip

physmem.zip 	 http://www.sysinternals.com/Files/physmem.zip

pipelist.zip 	 http://www.sysinternals.com/Files/pipelist.zip

PMon v1.0.zip	http://www.sysinternals.com/Files/PMon.zip

Portmon v3.02.zip	http://www.sysinternals.com/Files/PortMonNt.zip

Process Explorer v10.2 for Win32.zip	http://www.sysinternals.com/Files/ProcessExplorerNt.zip

ProcFeatures v1.1 (with SRC).zip	http://www.sysinternals.com/Files/procfeatures.zip

PsExec v1.72.zip	http://www.sysinternals.com/Files/PsExec.zip

PsFile v1.01.zip	http://www.sysinternals.com/Files/PsFile.zip

PsGetSid v1.42.zip	http://www.sysinternals.com/Files/PsGetSid.zip

PsInfo v1.73.zip	http://www.sysinternals.com/Files/PsInfo.zip

PsKill v1.11.zip	http://www.sysinternals.com/Files/PsKill.zip

PsList v1.27.zip	http://www.sysinternals.com/Files/PsList.zip

PsLoggedOn v1.32 (SRC).zip	  http://www.sysinternals.com/Files/PsLoggedOnSource.zip

PsLoggedOn v1.32.zip	http://www.sysinternals.com/Files/PsLoggedOn.zip

PsLogList v2.63.zip	http://www.sysinternals.com/Files/PsLogList.zip

PsPasswd v1.21.zip	http://www.sysinternals.com/Files/PsPasswd.zip

PsService v2.2.zip	http://www.sysinternals.com/Files/PsService.zip

PsShutdown v2.51.zip	http://www.sysinternals.com/Files/PsShutdown.zip

PsSuspend v1.05.zip	http://www.sysinternals.com/Files/PsSuspend.zip

PsTools v2.34.zip	http://www.sysinternals.com/Files/PsTools.zip

RegDelNull v1.1.zip	http://www.sysinternals.com/Files/Regdellnull.zip

Reghide.zip  		http://www.sysinternals.com/Files/reghide.zip

Regjump v1.01.zip	http://www.sysinternals.com/Files/Regjump.zip

Regmon v7.03.zip	http://www.sysinternals.com/Files/RegmonNt.zip

Remote Recover v2.0 (Read-Only).exe	http://www.sysinternals.com/Files/RemoteRecover.exe

RootkitRevealer v1.7.zip	http://www.sysinternals.com/Files/RootkitRevealer.zip

SDelete v1.51 (SRC).zip	http://www.sysinternals.com/Files/SDeleteSource.zip

SDelete v1.51.zip	http://www.sysinternals.com/Files/SDelete.zip

Secdemosource.zip 	http://www.sysinternals.com/Files/secdemosource.zip

Secdemo.zip 		http://www.sysinternals.com/Files/secdemo.zip

ShareEnum v1.6 (SRC).zip	http://www.sysinternals.com/Files/ShareEnumSource.zip

ShareEnum v1.6.zip	http://www.sysinternals.com/Files/ShareEnum.zip

Sigcheck v1.3.zip	http://www.sysinternals.com/Files/Sigcheck.zip

Streams v1.53.zip	http://www.sysinternals.com/Files/Streams.zip

Strings v2.3.zip	http://www.sysinternals.com/Files/Strings.zip

Sync v2.2.zip		http://www.sysinternals.com/Files/Sync.zip

TCPView v2.4.zip	http://www.sysinternals.com/Files/TcpView.zip

TDIMon v1.01.zip	http://www.sysinternals.com/Files/TdiMonNt.zip

testlimit.zip  		http://www.sysinternals.com/Files/testlimit.zip

Tokenmon v1.01 (SRC).zip	http://www.sysinternals.com/Files/TokenmonSource.zip

Tokenmon v1.01.zip	http://www.sysinternals.com/Files/Tokenmon.zip

TVCache.zip		http://www.sysinternals.com/Files/TVCache.zip

VCMon.zip 		http://www.sysinternals.com/Files/VCMon.zip

VCMonsource.zip 	http://www.sysinternals.com/Files/VCMonsource.zip

VXDMon.zip 		http://www.sysinternals.com/Files/VXDMon.zip

VXDMonsource.zip	http://www.sysinternals.com/Files/VxDMonsource.zip

VolumeId v2.0.zip	http://www.sysinternals.com/Files/VolumeId.zip

Whois v1.01.zip	http://www.sysinternals.com/Files/Whois.zip

Winobj v2.15.zip	http://www.sysinternals.com/Files/WinObj.zip

ZoomIt v1.15.zip	http://www.sysinternals.com/Files/ZoomIt.zip


Copy this list to your favorite text editor and copy all the URL's you want to a download manager and get them all (or all you want).

Some of these files are outdated by updates which apparently work on multiple systems, such a Debugview, Filemon, and Regmon, but they are included for the sake of completion of potential files still available.

By the way, M$ is offering a packed zip file of the "New" versions of these tools. This file contains all the individual (New Compiled, bloated) tools and help files:

http://download.sysinternals.com/Files/SysinternalsSuite.zip

(notice the "download" where the "www" is/should be to get the "original" files.) The "download.systernals.com" link is now part of M$ technet.

You've been warned. Get em while you can.

Regards,
Woodmann
November 28th, 2006, 01:47
GONE.

Who has them archived? Pre $MS perhaps.

Send me a PM . I want to host these tools so that everyone
can still have access to use them.

Woodmann
JMI
November 28th, 2006, 02:01
Question one:

Are you SURE you're using the correct link? Just one example, I just tried:

http://www.sysinternals.com/Files/accesschk.zip

again and it works file.

Question Two:

I have all the files from August and again from today. Sometime tonight or tomorrow I'll upload them to the Server. Do you want to create a folder you would prefer I upload into?

Regards,
WaxfordSqueers
November 28th, 2006, 02:21
Quote:
[Originally Posted by JMI;62660]To make this process somewhat easier for those of you who might not have the patience to complie a list of the available files, here is one I put together from what others posted there and my additions to the list,
Thanks JMI for the headsup and the list.
Kayaker
November 28th, 2006, 02:44
I have them all from the day after the "announcement" because, yes, "We knew it was bound to happen". I will double check they match my cache once it's all set up.
fr33ke
November 28th, 2006, 03:52
Thanks, links work fine here. I don't know if and when I'll need them, but I'm sure it will come in handy.
martin
November 28th, 2006, 07:21
There was some discussion about this on the Active Directory list, and Russinovich responded:

"The growth is primarily due to the EULA. We've come up with a way to shrink
it and so the sizes will decrease as we update the tools."

http://www.activedir.org/ma/default.aspx?msg=15842
reverser
November 28th, 2006, 07:35
Heh, Russinovich releases new version of his tools and suddenly they've been "messed with by M$". Gotta love sensionalists.
JMI
November 28th, 2006, 12:47
If you think files suddenly 2x-4x times larger is a "small" thing, you are, of course entitled to use the "new" versions of the software. And "of course" IF it were JUST THE NEW EULA, one would expect the "increase" to be relatively the same throughout the tools. Here's just a few examples:

accesschk "original" = 53,248 kb vs. "new" accesschk = 156,712 kb.
du "original"= 36,864 kb vs. "new" du = 154,424 kb.
accessEnum "original" = 61,497 vs. "new" accessNum = 166,712 kb.
LiveKD "original = 147,456 vs. "new" LiveKD = 383,800 kb.
ShareEnum "original" = 159,795 vs. "new" ShareEnum = 260,976
Strings "original" = 40,960 vs. "new" Strings = 154,424

It sure smells like something is going on besides a "new" EULA to explain the varance in increase among these random examples, don't ya think? After all the EULA should be the same in each, isn't it????

Mark's "original" EULA was 7,005 kb and a seperate file. You do the math. M$ EULA has got to be "over" a 100,000 kb but it should be the same, while these vary substantially.

But hey, if YOU want to "rely" on M$ being trustworthy with these new tools versions, you go right ahead and just use the "new" ones.

Regards,
reverser
November 28th, 2006, 14:17
Well, why don't you check what exactly is different before accusing people out of blue? I've checked accesschk out of curiosity, and didn't find any substantial changes besides the EULA text (and yes, it's a 100KB rtf). If you seriously think Mark has inserted some harmful code just because his company was bought, how about proving it? That's a pretty serious accusation and I doubt he would risk his reputation by doing something silly like that.
But then again, this is Internet, who cares about proof here... Just find a target big enough and you're suddenly a hero :/
Kayaker
November 28th, 2006, 15:29
I seriously doubt anyone thinks the new versions might have harmful code in them. That thought would be ludicrous, what would be the point of running Windows at all then? The truly paranoid might think some 'features' or system information might be missing or now "hidden" by some of the utils now that MS has some control over them. I highly doubt that too, but if so, who really cares? Hedge your bets and make your own versions if you're all that concerned.

The variability in size is probably also due to different compiler settings, and yeah maybe even updates (or downdates) to the code. While I'll stick with the "original" versions until I feel the need to do otherwise, I'd just as soon have any possible bugfixes and enhancements from the Sysinternals crew than worry about a EULA or few hundred KB size increase of these already small apps. Yes, it's just anti-MS sentiment rearing its ugly head again
JMI
November 28th, 2006, 18:19
And some of us who are neither M$ haters nor paranoid might have reason to "prefer" smaller, more compact software which is not "bloated" with a 100,000 kb EULA. And it is neither paranoid nor M$ hating to suspect, now that M$ has some control over the products, that THEY will decide the ultimate direction of the tools into the future. Afterall, they DO own it now and get final say on what might be included and what might not be.

This has nothing to do with concern they have put something evil in the software, only a "reasonable" concern that as things go forward they will more tightly control what may be included and what may not be included. This is the nature of how they operate with products they have acquired and not mere "speculation". The Boss gets to have his way, as it should be when the Boss pays the bills.

It is consistent with this concept that the Systernals guys will not have the "same" freedom they had as independent developers to do whatever THEY want with their tools. If this were not true, all of us would have been rejoicing that their company was "acquired," especially if we truely believed they would now be MORE free to share M$ secrets with the "rest of us." But that is not the way of life, nor M$, or there would have been no need for Systernals in the first place.

Regards,
LLXX
November 28th, 2006, 22:21


Reminds me of the old Asm vs HLL debate, in which one of the arguments on the HLL side was "compilers will eventually optimise code to such an extent that there will be no need to use Asm".

Well, it seems compilers have gotten worse. Just look at the sizes of the runtime crap that gets injected into every executable, and compare between e.g. MSC '97 and the latest Visual Studio. I've seen a tenfold difference
Aimless
November 29th, 2006, 03:56
Hell,

If I was getting paid the amount M$ pays to employees, and to "SPECIAL" employees like Mark, i'd not mind if my exe bloated to 200x. I mean, who has time to listen to the gripes of the users when i'd rather be relaxing in my Microsoft sponsered vacation in bahamas? Hey mark, if you're there try the "Beijing-Chan" hotel. You'll have to "search" for it though.

have Phun
TQN
November 29th, 2006, 10:51
As I know, before join MS, all the Mark's tool was compiled with VC++ 6, and now they are compiled with native VC++ of VS 2005. Many security and native .NET code were added.
disavowed
November 29th, 2006, 18:45
Quote:
[Originally Posted by LLXX;62690]Well, it seems compilers have gotten worse. Just look at the sizes of the runtime crap that gets injected into every executable, and compare between e.g. MSC '97 and the latest Visual Studio. I've seen a tenfold difference

Hard drive space is "cheaper than" processing speed (yes, I know they can't be compared directly since they are very different entities). However, because HD space is relatively cheap, better compilers will optimize for speed as opposed to size. As such, it's not surprising that newer compilers will generate larger executables.
The other factor is security enhancements. Examples:
1. Using the /GS switch (http://msdn2.microsoft.com/en-us/library/8dbf701c.aspx) adds more code to a binary.
2. Perhaps older versions of SysInternals tools were using insecure functions like strcat(...) instead of strcat_s(...). By replacing insecure functions with more secure functions, your code size typically increases.
reverser
November 29th, 2006, 18:52
Most of the code increase is explained by they new EULA, which, as I mentioned, is an RTF text just around 100KB in size.
disavowed
November 29th, 2006, 23:18
Yes, I realize that
I was addressing LLXX's quoted comment.
Aimless
November 30th, 2006, 00:44
Quote:
[Originally Posted by disavowed;62740]Hard drive space is "cheaper than" processing speed ...However, because HD space is relatively cheap, better compilers will optimize for speed as opposed to size...As such, it's not surprising that newer compilers will generate larger executables.


So does this mean when we have terabyte disks available, MS compilers will optimze executables to "just" 1 GB?

Peace,

Have Phun
CluelessNoob
November 30th, 2006, 13:41
Quote:
[Originally Posted by Aimless;62753]So does this mean when we have terabyte disks available, MS compilers will optimze executables to "just" 1 GB?


If by executables you mean the typical "Hello, world" application then I'd say you are right on target.

Anything substantial would undoubtedly require significantly more storage.


Quote:
[Originally Posted by disavowed]Hard drive space is "cheaper than" processing speed (yes, I know they can't be compared directly since they are very different entities). However, because HD space is relatively cheap, better compilers will optimize for speed as opposed to size.


The end game being to create the worlds fastest application by generating code of inifinte size?
Silver
December 1st, 2006, 14:27
Quote:
The end game being to create the worlds fastest application by generating code of inifinte size?


Lookup tables for every possible outcome of your code. No more precalc times needed, everything is now O(log n) through hash tables... Well it's an idea, although not necessarily a good one.
LLXX
December 1st, 2006, 23:35
Quote:
[Originally Posted by CluelessNoob;62783]If by executables you mean the typical "Hello, world" application then I'd say you are right on target.
One really does begin to wonder why a compiler output forty-thousand bytes for that when twenty-one would've been sufficient. (b4 09 ba 08 01 cd 21 c3 48 65 6c 6c 6f 20 77 6f 72 6c 64 21 24 I've practically memorised that thing and yes, I still know how to write in ML )

True story. Seeing that for the first time was what got me into Asm and really provoked me into thinking how efficient software could be and why exactly were the compilers doing it wrong.
Kayaker
December 2nd, 2006, 00:04
You might be interested then, or already know about
(saw this on Matt Pietrik's blog)

..write the smallest PE file that downloads a file from the Internet and executes it..
http://www.phreedom.org/solar/code/tinype/
LLXX
December 5th, 2006, 06:21
Now that's a clever program. Doesn't work on my 98SE system though... just GPFs explorer and the kernel.
disavowed
December 6th, 2006, 11:28
Quote:
[Originally Posted by LLXX;62866]Doesn't work on my 98SE system though

Are you seriously still using 98?!
blabberer
December 7th, 2006, 06:50
Quote:

Are you seriously still using 98?!


i'm seriously still using windows 95

what would you run on cyrix 32 mb 166 mhz ?
CluelessNoob
December 7th, 2006, 08:55
Quote:
[Originally Posted by blabberer;62948]i'm seriously still using windows 95

what would you run on cyrix 32 mb 166 mhz ?


Probably an older Linux distro, Slackware 0.99 ran great on my 66MHz 486-DX2 with 32MB of DRAM.

Also Coherent 3 or 4, but its doubtful there are more than a dozen people alive who remember Coherent.
LLXX
December 8th, 2006, 03:30
Quote:
[Originally Posted by disavowed;62889]Are you seriously still using 98?!
Of course, for the things that don't need (or can't be done in) XP.
davealover
December 30th, 2006, 11:59
Quote:
[Originally Posted by blabberer;62948]i'm seriously still using windows 95

what would you run on cyrix 32 mb 166 mhz ?


Hi all.

Still using it with i486DX4 100Mhz, 20Mbytes memory!