Freebies Galore

vbimport

#101

I have not used the following a lot, but I was reading “fed up with Windows 10” and it came to mind.

Description
BlueScreenView scans all your minidump files created during ‘blue screen of death’ crashes, and displays the information about all crashes in one table. For each crash, BlueScreenView displays the minidump filename, the date/time of the crash, the basic crash information displayed in the blue screen (Bug Check Code and 4 parameters), and the details of the driver or module that possibly caused the crash (filename, product name, file description, and file version).
For each crash displayed in the upper pane, you can view the details of the device drivers loaded during the crash in the lower pane. BlueScreenView also mark the drivers that their addresses found in the crash stack, so you can easily locate the suspected drivers that possibly caused the crash.

http://www.nirsoft.net/utils/blue_screen_view.html


#102

^Still is a good tool :flower:

How could we forget? Oh, I know… They used to be used far more back in the day, Text editors that is.
Personally, I’ve used a commercial alternative for more than a decade and have more than 10 lifetime licenses for it, but that is not interesting apart from for telling you that I still use a text editor at least 10-20 times every day. Most every club.myce.com post is prepared in one and so on. Fwiw, here is a screenshot of the app:

Now, to get to a texteditor, you can tap your [WinKey] and type ‘notepad’, hit [Enter] and up comes the most retro and least usable of them all. That is an entry level text editor as entry level they come and I have a hard time doing anything but the most simple edits in it, that is how lacking it is in function.
So to cut a long and winding explanation short: If you are going to work with text like .ini .inf .txt .nfo .diz, whatever file extention containing text only, look elsewhere.
So what is missing from Notepad that comes with windows? It is actually everything and it is way easier to say what is included as that is the ability to work with text. Thats it apart from WordWrap-DisplayFont-Cut/Copy/Paste-Print-Load/Save. Wouldn’t it be nice if it did the very basic additional stuff as well such as syntax highlighting of HTML as well? Maybe even be able to format the text to 80 characters wide which is the default view if you wrap some text in code tags in here? We have come to expect a little bit more than what notepad offers, but microsoft is obsessed by selling you their Office package and so does not provide that. Fact is that notepad has changed very little since its introduction more than 20 years ago.

Because of it, there are a huge variety of text editors out there and I am just going to show you a couple. for more information, start here and you probably get my drift.

[B]Notepad++[/B]

Free open source text/code editor and Notepad replacement supporting several languages. While not being cross platform, if you use Windows, try this :slight_smile:
Based on the powerful editing component Scintilla, Notepad++ is written in C++ and uses pure Win32 API and STL which ensures a higher execution speed and smaller program size.
This is actually one of the editors most like UltraEdit, albeit not quite as powerful the zero pricetag makes it a worthy competitor. What I personally miss the most is the ‘Format Menu’.

[B]ATOM[/B]

According to the site, a hackable text editor for the 21st Century and goes on:
Atom is a text editor that’s modern, approachable, yet hackable to the core—a tool you can customize to do anything but also use productively without ever touching a config file.
I can go a long way in agreeing with them, even though this is by far the largest install for a text editor I’ve ever seen at more than 100MB. You can use it on MAC, Windows, or Linux so there is no need to swap your editor wherever you are

[B]VIM[/B] (VI iMproved)

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor ‘Vi’, with a more complete feature set.
This is an editor that has to be learned, but a very good alternative if you come from the Unix world

[B]GNU Emacs[/B]

Anyone around computers since yesteryear will probably have used Emacs at one time or another and so I wanted to mention one of the newer alternatives :slight_smile:
A extensible, customizable, cross-platform text editor with content-aware editing modes, including syntax coloring, for many file types. Full Unicode support for nearly all human scripts, all in all an entire ecosystem of functionality beyond text editing, including a project planner, mail and news reader, debugger interface, calendar, and more.
It will take some getting used to it, but i wanted to mention it as it is still around.







#103

I use NoteTab Light every day and it’s been my favourite text editor for years.


#104

^Looks very useful. Must give it a try.


#105

[QUOTE=Ibex;2772268]^Looks very useful. Must give it a try.[/QUOTE]

Yep, but lack of wildcard searching and limit in undo operation in the light edition are both notable cons.


#106

[QUOTE=Xercus;2772270]Yep, but lack of wildcard searching and limit in undo operation in the light edition are both notable cons.[/QUOTE] There is Perl Compatible Regular Expression search/replace in NoteTab Light, which is more powerful than DOS-style wildcards - I just used it five minutes ago!


#107

[QUOTE=DrageMester;2772273]There is Perl Compatible Regular Expression search/replace in NoteTab Light, which is more powerful than DOS-style wildcards - I just used it five minutes ago![/QUOTE]

From an advanced user’s perspective you are right of course, but simple * or ? is still basic functionality missing. It has many other pros though, like Clipbook libraries.


#108

The freeware can be started from the context menu of a folder or drive and shows you the size of this folder, including its subfolders in an Explorer-like fashion. Large folders can be identified at a glance thanks to the gradient bar displayed in the background. All scan results can be drilled down to file level and filters, e.g. for files of a certain type, can be applied. TreeSize Free will even scan smartphones and mobile devices.
This is what I was going to feature, but I found out that they had other freeware, so I’m linking to that page.

TreeSize Free is freeware for Windows XP and upwards.
Users of Windows 2000 can download the last compatible version (TreeSize Free V2.4) here: http://www.jam-software.de/treesize_free/TreeSizeFreeSetup_2000.exe.
Users of Windows 9x/ME can download the last compatible version (TreeSize Free V2.1) here: http://www.jam-software.de/treesize_free/TreeSizeFree_9x.zip
http://www.jam-software.de/freeware/?language=EN


#109

A friend of mine who unfortunately I haven’t seen in quite a while used the following program as one of the tools he used on every computer he built and repaired.

OCCT is free for personal use only !

http://www.ocbase.com/


#110

Ever searched using Microsofts search? Then you will know that there are files not reported and so on, and you will know it is way too slow.

With 28TB in far too many folders, this task could take hours, but then I found a lifesaver

Everything - http://voidtools.com/

Clocks in a little past 2 minutes after scanning more than 36.000.000 files.
From then, when you start typing, the result instantly show in the window as you type, narrowing in with each letter. A little logic in there makes it show ‘one-type’ as well when typing ‘one type’. Need to find files modified today?, you got it just type rc:today

It does happen once in a while that an error in everything.db causes the program to crash upon startup, but I simply delete everything.db and start it again and all is well. Sadly, only available to Windows, but does come in a portable version as well.

This is the only program I use for searching on all my computers; servers, laptops and workstations. Needless to say, quite a few USB storage media has the portable version on them. Simply can not live without, 'nuff said :slight_smile:



#111

In any teaching process, repetition is necessary to make learning stick :bigsmile: so please allow me to do a small recap on working with file resources.
This workshop started here with a follow up here.

Working with resources is interesting for among other things not have to right-click the file and choose ‘Run as Administrator’ every time or to avoid sending a touchy AV skyrocketing with false positives. The latter may be caused by packers as well, but that is a little too advanced subject to cover in greater detail without becoming too technical.

This time I have found an interesting candidate for you to work with. Unless there are questions, this is the last time we will revisit the Resource Hacker application in this thread :iagree: and I am going to collect a few loose threads to make you see that this does not have to be any advance task to undertake for you in the future. I will tech you how to cheat :stuck_out_tongue:
These are the downloads to be done but if you followed the two other tutorials, you do not need to download Resource Hacker unless you have deleted it of course…
Resource Hacker homepage - Portable version - Installer
FOX Calculator homepage - Application executable download
Foxcalc Resources

Our test application this time looks like this, you may want to start it before we start the tutorial to make sure the download went ok :slight_smile:

Quit the calculator if it is running, start Resource Hacker and drag and drop calculator.exe on the Resource Hacker window to open it.


As you can see there is nothing here, the FOX calculator does not have any resources at all, but nothing to worry about, this time we are going to add all resources ourselves :slight_smile:

Let us start off by adding an icon for the application. This is as far as I can tell where we hit a limitation in the Resource Hacker applicatiom as far as working with a mouse. The website states:

"ICON and CURSOR resources cannot be manipulated directly but are added, deleted, modified and extracted by using their respective ICONGROUP or CURSORGROUP. ICON and CURSOR can still be used but Resource Hackerâ„¢ will assume ICONGROUP or CURSORGROUP was intended."
In other words, not imported from a .ico source when none is present.
There is information on the homepage how to add it, but to not make this recap unnecessary complicated I have prepared the resource for you. Simply unpack the ‘Foxcalc_resources.zip’ archive to somewhere.
There are more files available, but for now we’ll concentrate on the icon resource.

Select the Action menu and choose ‘Add from a Resource file (*.res, *.dll, *.exe)’

Browse for ‘Icon Group_NEW_ICON.res’, select it,

check the box before ‘Icon Group’ and click ‘Import’

That adds our icon resource. You may want to hold on to the provided resource as you can use it for future projects. You can then simply replace the icon resources after adding it which you are allowed to do in Resource Hacker using your mouse only. You may have to save first and then reopen the file before being able to replace the icon, but you’ll soon enough get the hang of when that is necessary.
The sizes included in the resource are the full Windows 10 spec: 16x16, 32x32, 48x48, 256x256, 768x768.

O.k. since this file does not have any resources to begin with, we ought to add version info as we can make a remark thereof in this section.
Select the ‘Action’ menu again, but this time, select 'Add using ‘Script Template …’.


Select ‘VERSION_INFO’ in the drop down menu and click on ‘Add Resource’ as shown.

I have prepared the content below, all info taken from the calculator itself. As you can see, We are not about to steal the credit, we are just making a note of the fact that we have added a resource section to the file. You should change the Xercus name below to yours, that is it. The programming credit lies with Jeroen Van Der Zijp who should retain his copyright in the version info.
leave the following alone below: ‘FILEOS 0x4’, ‘FILETYPE 0x2’, ‘VALUE “Translation”, 0x0000 0x04E4’ for future projects you do as they only say that this is a 32-bit app which is language neutral (0x0000) and uses the 1252 (0x04E4) Multilingual charset. The actual data should be pretty straight forward to understand, but if anything is unclear, please ask
Copy the contents below and replace the default found in Resource Hacker.

1 VERSIONINFO
FILEVERSION 1,2,0,0
PRODUCTVERSION 1,2,0,0
FILEOS 0x4
FILETYPE 0x2
{
BLOCK "StringFileInfo"
{
    BLOCK "000004E4"
    {
        VALUE "CompanyName", "FOX-Toolkit"
        VALUE "FileDescription", "A Programmer's Desktop Calculator"
        VALUE "FileVersion", "1.2.0.0"
        VALUE "InternalName", "Calculator"
        VALUE "LegalCopyright", "© 2001, Jeroen van der Zijp"
        VALUE "LegalTrademarks", ""
        VALUE "OriginalFilename", "calculator.exe"
        VALUE "ProductName", "FOX Calculator"
        VALUE "ProductVersion", "1.2.0.0"
        VALUE "Comments", "Resources added 2016, Xercus"
        VALUE "Additional comment", "Download original from fox-toolkit.org. Private use only. "
    }
}

BLOCK "VarFileInfo"
{
    VALUE "Translation", 0x0000 0x04E4
}
}

Click the green ‘Play’ button or press [F5] to compile your script

O.k. Now let us add the manifest. Select the ‘Action’ menu again and select 'Add using ‘Script Template …’.

Select ‘MANIFEST’ in the drop down menu and click on ‘Add Resource’.

I do find it a tad over-complicating that the resource presented comes ‘defaulting’ to a styled or themed manifest discussed in the previous post, but since this file does not initialize ComCtl32.dll we are going to remove it. For some even small programs, adding this may actually cause them to fail, but by any means try, then check your work by means of SXSTrace.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
   <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
      <security>
         <requestedPrivileges>
            <requestedExecutionLevel
               level="asInvoker"
               uiAccess="False"/>
         </requestedPrivileges>
      </security>
   </trustInfo>
   <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
      <application>
         <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/>
         <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>
         <supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/>
         <supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/>
         <supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/>
      </application>
   </compatibility>
   <application xmlns="urn:schemas-microsoft-com:asm.v3">
      <windowsSettings>
         <dpiAware xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">true</dpiAware>
      </windowsSettings>
   </application>
</assembly>

As per previous post, the theme part is stripped out and one section added.
Click the green ‘Play’ button or tap [F5] to compile your script

here is a short recap of the part in the CODE section above.
<trustInfo… to </trustInfo> - What privelege does our application need? (“asInvoker”, “highestAvailable”, “requireAdministrator”) I always add this section, even when it is default like here. This is where you avoid having to right-click and select ‘Run as Administrator’.
<compatibility… to </compatibility> - supported operating systems, from top to bottom Windows version (Vista, 7, 8, 8.1, 10). If this is not provided, the compatibility assistand is triggered.
<application… to </application> - should be used to opt out of Windows display scaling virtualization (true/false). This is as scaleable as is possible and does not at all need windows’ help. Try to resize the window and you will understand what I mean.

The above sections can be found separately as snippets and reused in future projects of your own or to create a favorite for reuse. There’s absolutely no need to reinvent the wheel :disagree: These are the extra text files found in the ‘Foxcalc_resources.zip’ archive. Start by opening ‘0read first.txt’ to get instructions thereof.

You are done, click the Diskette button or press [Ctrl]+[S] to save the program and then quit Resource Hacker.
Back in the folder where calculator.exe is, hit [F5] to refresh the window if needed, and you will see that it now has an icon :flower:


I dare say it’s appearance in windows comes forth as a little more inviting (large icons used above)

Now if you right-click calculator.exe and choose ‘Properties’, then select the ‘Details’ tab, you can see some of the details we added in the version information. Note that the comment we added does not show, it is in there though, just not displayed which is o.k.

Closing notes:


If you open the calculator.exe in an application like CFF Explorer and go to ‘Section Headers’ (above), you can see (if you compare to the original) that we have actually added a new .rsrc section to the file which is missing from the original. Now you can probably better understand why I say the resources is not part of the executable code… They may be be indirectly though, there are few limitations to this section :slight_smile:

The choice of files for these tutorials can be questioned of course, but was chosen due to having the correct features for the tutorial, more so than being real world examples.
The tutorial found on the Resource Hacker homepage does not seem to cover topics found in these three tutorials and so I thought why not the user/operating system point of view. :flower:


#112

When I was setting up our Microsoft Home Server 2011 a few years ago, I found out that Microsoft Security Essentials would not work. I know, weird, but true. In the early years of our internet expedition I used quite a few free antivirus and even bought System Suite for a couple of years, but I digress. A small program that I had used and gotten away from using W7 & W10 came to mind, Clamwin. It has been the one since our server’s birth.

ClamWin is a Free Antivirus program for Microsoft Windows 10 / 8 / 7 / Vista / XP / Me / 2000 / 98 and Windows Server 2012, 2008 and 2003.

http://www.clamwin.com/


#113

[QUOTE=beef barley;2772454]A small program that I had used and gotten away from using W7 & W10 came to mind, Clamwin. It has been the one since our server’s birth.

http://www.clamwin.com/[/QUOTE] Clamwin detects too many false positives for my taste. The free antivirus on Synology NAS is based on Clamwin, and I got fed up with it constantly finding new “viruses” in old files that didn’t actually contain a virus.

Even for free it’s not worth the money in my opinion.


#114

Before leaving the advanced part of this thread (I may return), I thought I would tell you just a little bit more. There is a common view that reverse engineering is malicious activity, but is it really? Not at all! Reverse engineering is absolutely clean, very important and by all means a noble art.
Reverse engineering should not be confused by cracking even though the latter touches into it. Since I can not put it better to words myself, please allow me to use a quote from the website where the programs I am going to present resides.

Analyzing complex software systems for which no source code is available has never been more important than today: From analyzing the growing flood of complex malware over re-engineering of legacy systems to the analysis of commercial software for security properties, the reverse engineering community was never busier than today.
Many programs are too complex to be fully understood by one person even if the source code is available. It is thus clear that fully understanding such programs is a very complex and difficult task.
So then, where do you start out? To be frank, starting out here is going to open a great void… One that can be crossed only by building stone on stone, one at a time, I keep thinking I am about half way. It can not be learned by all people as patience is going to let down everyone thinking that this has a fixed timeframe. This is a path forever winding towards infinity, a lifetime’s worth of attitude towards it all that will bring you very close to the ways of the true hacker and so you are if you are good enough. Not the dark knight preying on others, but the crusader - The fearless warrior going where you should not, only to bring you solutions how to protect yourself, how noble it is to actually undertake that task for the better for all :flower:
[I]…That is about as ‘Hollywood’ as I can manage to put it[/I] :bigsmile:

I would like to invite you on a short journey to the realm of analyzing code to give you just the tinyest information thereof for the very few who may be interested in actually changing their entire way of thinking brick by brick :iagree:. I am as I say, just giving you the absolute beginner’s glimpse and not explain too much, merely trying to trigger curiosity.

the site you should visit is http://www.zynamics.com (please accept any and all complaints about certificates, the site is safe as of now, but by all means, run in a sandbox as tomorrow is a new day of which I know nothing)
They have only two programs available seemingly, but there is a third one I really would like you to download and check out first:

[B]Hexer v1.4.0[/B] (You may want to right-click that link and choose “save as” to maybe avoid that the rar archive is rendered in you browser instead of producing the download requester. If not, save the page with the name of that rar-file :slight_smile: )
This is a cross platform Java application and will not work unless Java is installed. double-click the ‘Hexer.jar’ archive to start it.
If you check out the 'Byte distribution tab, you can tell many things actually, but most of all, you can pretty much tell if a file is packed or not.

As you can see above, for this file, the distribution of 00 bytes are almost 50% and that tells me for sure that this file has never seen a destructive packer at all (it may have been packed by UPX packer which is a non-destructive packer though). If that had been below say 10% or less, I would be certain at least parts of the file is packed (you can provide your own unpacking routine as part of your code to unpack data to another part of memory before accessing it). Some of todays compilers are way better at optimizing code though and so if that is the case, 10% would probably be ok…

Hinted about HiEV in this post (This post is a follow up to it), the ‘Structures’ tab is in fact a good application for you to learn where in the hex editor the various bytes or array of bytes resides, at least for the header. More than a tad of the complete picture lies in understanding what to change to what, this I learned by doing it the hard way, change, disassemble, change, disassemble, change - one byte at a time back in the day.

The important part here is that I was unable to get the highlighting to work unless both the main application window and the hex view window were maximized.
Expand the various entries in the ‘Structures’ pane and see the highlighting in the hex-view.

It is mostly a lie to say we read binary, we read hex for the most, but converting binary to hex is almost as fast as writing and so it is within limit to say that we do read binary though (it was our anchestors that did read binary only, we do to, just not as much)
Ready for some theory? Probably not, but here goes the needed 4-bits:

0000 - 0      0100 - 4      1000 - 8      1100 - C
0001 - 1      0101 - 5      1001 - 9      1101 - D
0010 - 2      0110 - 6      1010 - A      1110 - E
0011 - 3      0111 - 7      1011 - B      1111 - F

It is all down to the most significant let me expand it to make you see:

8-4-2-1 is the value for the binary placeholder for bits 0000 which ecuals
| | | | Hex 0 to Hex F (15) so in
0-1-0-1 we can se that the two bits with values 4 and 1 is set so we add that
        and get 5 which is the same for both decimal and hexadecimal numbers

Let me do a byte(8 bits) which is the notation we meet in a hex-editor and seems more than a tad more complicated:

128-64-32-16  8-4-2-1 - That gives us 255 possibillities which I am not going to
 |  |  |  |   | | | |   print out :)
 1 -1 -1 -0   1-0-1-1 = 128+64+32+8+2+1=235, but that is a REAL drag
 |  |  |  |   | | | |   (we have that because of our 10 fingers)
                        Now, there is a reason for the split, I will simplify
 8  4  2  1   8 4 2 1   and reuse that 8-4-2-1 scale on the first four bits:
     E           B    = 1110 1011 = EB = 235 In other words, the above 0-F is
                        everything that you have to pounder in your memory.

You will of course, in time learn every value 00-FF or 0-255 in our decimal system, but that only happens and is no goal, just another step :wink:
The effect of learning a conversion-table of just 16 entries is in other words all it takes to convert Binary to hex or vice versa at writing speed… How advanced :disagree:

Let the above be the very foundation… We are going to leave it behind for abstraction and a holistic view.

The two other tools presented at the site are holistic, abstracting the code and present it as objects, giving you the overview.

[B]BinDiff[/B]
The file requires IDA (The Interactive DisAssembler) to be installed, but there is a freeware available [B]here[/B]


As you can see from the linked screenshot on their site, the differences are easily spotted and even if you are not technical at all, noticing the two red boxes in the ‘Primary’ listing along with arrows should give you an idea of what’s going on. The listing is not usually as small as here though :slight_smile:


zoomed in to readability of course reveals the disassembly… Learning to read disassembly will take a long time, but not impossible.
Visualizing the code in this way is in fact a great first view to not have to go through the code at all and can pretty much help you locate the malicious code quickly.

[B]BinNavi[/B]
This tool is actually a full reverse engineering tool. Just like BinDiff, it comes with a holistic graphical overview, but naturally (it is a reversing tool), you will get your hands dirty with assembly code right from the start. Personally, I find working in a debugger like OllyDebug more to my liking, but this is good for retaining the overview at all times :flower:

I would recommend to read a few tutorials for IDA to get initial information of the disassembly process and explanation how to read the output.

And with that, I sign out of the advanced part and go back to present ordinary tools for a while :cool:

For the advanced out there, I know I did not actually tell much, but that is on purpose to just give the ‘absolute beginners’ overview by presenting a few tool as mentioned in the introduction. The reason for the tool-oriented information is of course the nature of the thread where the post(s) reside :stuck_out_tongue:




#115

There is no way I’m going to say that I understood 99% of the read Xercus, even reading through twice and I will read through again. I hate being stuck right at the beginning, but I have a question and that is where I’m at. Reverse engineering to me means that you have a finished item and you follow it all the way back until you can produce the item from scratch. I get when you have the code, but how do you start from the program when you don’t have the code? I think I see with something physical, you take it apart in reverse order from the way it was built. Might be a stupid question, but like I say I’m stuck at the start.


#116

I think you got it right :slight_smile: Reverse engineering is really that, following the executable file back to it’s ‘source-code’ which in this case is the disassembled assembly language source listing. In day to day work with executable code, we are generally not trying to dump and rebuild the full source back into a working assembly source that can be assembled again…
What is interesting is to reverse the malicious part of the code to figure out how it works, if it encrypts files, try to figure out how it encrypts with a goal of creating a decrypter and so forth. To analyze say malware embedded inside a program, it is not in your interest to have the host reversed, only the routine to be able to analyze how it works and fully understand it. That is what you can see in the first screenshot for BinDiff above. We can, just for the example, pretend that the Primary is the infected host and the secondary is the original executable from the programmer. Naturally, the two red boxes on the top would be our target code, not the host.

For complete reversing back to editable/compileable source, there are more than a few ‘decompilers’ out there trying to aid you in the task of getting the true source back for higher level languages such as Delphi, .NET, VB5/6, Java etc. if you have lost your own source code.
We have to be very careful though and check that the legal bit is cleared. Doing this is half way to stealing somebody’s work and if it is copyrighted material, we are no better than the crackers. It is of course a real life-saver for the rightful owner of the program (the programmer/company). One such program for decompiling programs created in the Delphi language which is free, is IDR (Interactive Delphi Reconstructor).

If the legal bit IS cleared, this is indeed the best way when it comes to old programs to be able to help companies with getting them to work in a new OS. I still keep an installation of all older versions Visual Studio 6 -› 2015 just because I meet old VB5 and VB6 programs that are in need of an overhaul. I do not enjoy working with Visual Basic, so after cleaning out the flaws left by the decompiling process in VB6, I use some conversion features found in older versions of Visual Studio to convert the source to say VB.NET in Visual Studio 2008 before manually converting it to 2013/2015 format This process is pretty straight forward for small programs, but is complicated if the file contains 3rd-party code or is large.
After that I can update the program if needed. what I in reality do is take over the program development since the programmer is out of business or have abandoned the program and so if at all possible, I contact the programmer to get his permission to do so. More often than not, this permission is granted.


#117

As a clarification and a small hint to make learning the conversion table quicker, there was even an idea behind creating the four columns, but I forgot to mention it:

Note that the 00, 01, 10 and 11 columns marked in red above are the ones that change to tell us where we are 0-3, 4-7, 8-B(11) or C(12)-F(15). The other part of the column outside the red marking repeats the 00, 01, 10, 11 pattern. I do not know how to formulate that as a rule to you, but if you somehow get to learn the top row 0=0000, 4=0100, 8=1000, C=1100, learning the rest should become a little easier. :flower:

For additional information about the hexadecimal number system, go to https://en.wikipedia.org/wiki/Hexadecimal - The binary number system only contains 0 and 1 and so should not require further introduction, but to get confused, go here: https://en.wikipedia.org/wiki/Binary_number :bigsmile:



#118

Simple Duplicate Finder

It is not too often I find golden nuggets on the net, but this duplicate file finder software simply is amazing.

I have a RAID 6 totalling 28TB storage. Currently this setup has more than 36 000 000 files on it and as a consequence, most programs in this category will ultimately fail as they were not designed with homongous systems like mine in mind. Not so with this little gem.

Simple Duplicate Finder will happily churn on, doing its business for days before finally presenting the results in a clean and simple fashion with no bells and whistles attached

The best part about it still has to be that, amazingly I may add, it is absolutely free for non-commercial use and is completely free from any nag-screens or other types of anoyances.

The odd part is that there’s no information or link to the homepage provided and there¨s no standard menus and no “About” describing who made it. I had to check out the resource section of the executable file to find the information:

CompanyName: 12oClocker Software
FileDescription: Simple Duplicate Finder
FileVersion: 1.2.0.3
InternalName: Simple Duplicate Finder
LegalCopyright: Copyright© 12oClocker Software.
OriginalFilename: DupFinder.exe
ProductName: Simple Duplicate Finder
ProductVersion: 1.2.0.3

Searching for the company on the net, I was able to dig up the description for the program. which follows this section. I was also able to find the two old addresses for the file, but none of them works.
http://brooksyounce.tripod.com/Soft-DupFinder.htm
http://www.12oclocker.com
I was able to download version 3.0 which was relased as Brooks Younce Software, and I read in a thread that the program apparently changed name of the software to “Smart Duplicate Finder” for a brief periode while it was hosted on 120clocker.com, but I have not found any proof thereof. Version 3.0 does not add any obvious new features, but it seem to be genuine and so I’ll keep it, reneamed as “DupFinder3.0.exe”. Recently, I even found v3.5 hiding on a Hiren’s Boot CD and so I included that as well as "DupFinder3.5.exe. This is also released as Brooks Younce Software. For the record: Version 3.0 and 3.5 includes ‘About’ info.

As mentioned, three versions, all in an archive small enough to be hosted on this server :flower:

Note:
There is a [B]fake program[/B] which is mentioned by the author in versions.txt hxxp://www.simpleduplicatefinder.com - It may look like an updated version, but the version offered for download as of April 2015 is v1.1.7 and so according to standard version schemes, this is not the same program at all.

The code section below consist of a description from the old Tripod page which I found using web.archive.org, followed by formatted versions of the orignal text files found in the archive.

http://web.archive.org/web/20071123075538/http://brooksyounce.tripod.com/Soft-DupFinder.htm

Simple Duplicate Finder is a simple to use program that can search and locate
duplicate and empty files in any folder or drive. It automatically searches all
files in all subdirectories. Duplicate files are based on byte for byte
comparisons (100% accurate), for comparing large files you can select "Fast
Searching" which compares the first and last 10 megabytes of large files, to
increase speed (99% accurate). This program is great for cleaning up disk space
in your picture folders, or documents folders, or download folders. You can
also specify to only search for jpg files or mp3 files, or any other type of
specific file type!

WARNING:
         Do not delete files if you do not know what they are! It is NOT
         recommended that you search your system directory and delete all the
         duplicate files it contains; since your operating system may need
         those files!

Features and Details:
• Multithreading operation to provide extremely fast search results.
• FASTER Duplicate File Searching than any other program of its kind!
• Fast Search mode allows extremely fast byte comparisons on large files.
• Search Across Multiple Directories and Drives.
• Search for All File Type or Narrow your Search to Specific File types only!
• Also can locate and delete empty files.
• Double Click a file in the tree list to display a detailed information dialog.
• Ability to Delete Selected Original Files.
• Sort by Modify or Creation Date during search.

• Tip: Original Files are determined by Modify/Creation Date sort method,
if it was created/modified first, it is considered the original file.

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

                                 ==============
                                 == Help.txt ==
                                 ==============

------------------General Help----------------------
[Require Match:]
This is the percentage the file must match to be considered a duplicate.

Example: if you enter 99.5, any file with contents are equal by 99.5% or
         greater will be considered a Duplicate match.

This comes in handy, because microsoft's camera import will insert meta data
into your video and picture files, setting the percentage to 99.0 or 99.5% will
find those files which only have a few bytes difference.


[File sizes must match]
  When using a percentage match of less than 100%, this allows the file sizes to
  be different, but the file sizes must still be within the percentage range set
  by the "Required Match %"...

  Example: With a 100byte file, and Require Match of 99%, you could have 1 byte
           in size difference.


[Extension Filter:]
  Leave blank to search all files, type ".jpg" to search for jpeg files, type
  ".mov" to search for mov files, ect...


------------------Result List----------------------

Match Field:
  Displays the percentage of the file that matched the original file.

Dif Bytes:
  Displays the total number of bytes that were different between the files.

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

                               =================
                               == License.txt ==
                               =================

Copyright © 2012

This software is provided 'as-is', without any express or implied warranty.
- In no event will the authors be held liable for any damages arising from the
  use of this software. The software is free for personal use.
- Commercial use must obtain a license.

This software is also subject to the following restrictions:
1. The origin of this software must not be misrepresented; you must not claim
   that you wrote the original software.
2. This notice may not be removed or altered from any distribution.
3. This software may not be sold for profit, and may not be used for profit
   making purposes.
4. If this software is to be sold for profit; written permission must be
   obtained from the software authors in advance.

By using this software, you agree to all of these terms, if you do not agree,
do not install or use this software.

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

                               =================
                               == Version.txt ==
                               =================

----Version 1.0.0.0----
% Initial Release

----Version 1.1.0.0----
+ Added percentage match ability, this superceeds smart jpeg search feature.
+ Added Extension filter to search only for specific file types.
# Bugfix, empty directory search could cause previous version to hang.
* Updated program icon to be compatable with olders versions of windows.

----Version 1.2.0.0----
* Code optimization for increased speed.
+ Added ability to compare files which sizes are not identical, but within
  percentage match.
# Total progress now still displayed during a large file compare.

----Version 1.2.0.1----
# Fixed a sort problem where text could be incorrect for an item

----Version 1.2.0.2----
* Increased sort speed

----Version 1.2.0.3----
* Renamed program to "Simple Duplicate Finder" since someone stole my other
  program name. 


Simple_Duplicate_Finder.zip (272 KB)


#119

Now I understood that, you do not go all the way back, like I thought. I do not know if there is an answer to this question, but here goes. Is there a place in the code where these people like to place there code?

Also thank you for the above mentioned program.

The jury is still out on whether the following program works properly in Windows 10 as far as I’m concerned. I have had thoughts about kicking it into touch a few times, but for some reason I have not so far.

Personal Software Inspector is a free computer security solution that identifies vulnerabilities in applications on your private PC. Vulnerable programs can leave your PC open to attacks, against which your antivirus solution may not be effective. Simply put, it scans software on your system and identifies programs in need of security updates to safeguard your PC against cybercriminals. It then supplies your computer with the necessary software security updates to keep it safe.
http://www.majorgeeks.com/files/details/secunia_personal_software_inspector_(psi).html


#120

Did I miss the original name and do you know it?

Renamed program to “Simple Duplicate Finder” since someone stole my other program name

I would be really interested on your thoughts on this one?

I know this does not mean better, but the only reason I bring it up is the fact that it is current and looks like they still update it.

I did not want to post this out of context, so I found this

These are just a few of the options, though. There are roughly 2.7 billion duplicate finder applications per human on the planet (yes, we counted), so you may find others that have different advantages. These are the ones that we think are most worth your attention of the ones we explored. If you have suggestions for something different, sound off in the comments!

at the end of this.

I found the number interesting and regarding the name question I found this interesting.

[B]Duplicate Files Finder[/B] is another solid, if simplistic option. While it doesn’t have a ton of unique features (it’s not even the only app [I]with this name[/I]), it’s easily one of the fastest.