Windows Administration: Difference between revisions
No edit summary |
(Patch file version resource) |
||
| Line 59: | Line 59: | ||
Device type: 7 number: 0 partition: 1 |
Device type: 7 number: 0 partition: 1 |
||
--> \\.\PhysicalDrive0 |
--> \\.\PhysicalDrive0 |
||
</source> |
|||
== Patch file version resource == |
|||
Some windows file have a specific resource record that stores release information on that specific file (like file version, company name, etc ). One can see this record by using the ''NT Explorer'' → '''right click''' → '''properties''' → '''Version''' panel. |
|||
It is quite easy to change the content of this record by using an ''Hex Editor'' such as ''UltraEdit''. Just look for either of the hex string below in the file: |
|||
<source lang="c"> |
|||
560053005F00560045005200530049004F004E005F0049004E0046004F00 // V.S._.V.E.R.S.I.O.N._.I.N.F.O. |
|||
460069006C006500560065007200730069006F006E // F.i.l.e.V.e.r.s.i.o.n. |
|||
</source> |
|||
Note that the version number (''file version'') given at the top of the ''Version'' panel is actually coded in hex. The example below gives a file version '''1.2.3.4'''. |
|||
<source lang="c"> |
|||
xx xx xx xx xx xx xx xx xx xx 56 00 53 00 5F 00 // xxxxxxxxxxV.S._. |
|||
56 00 45 00 52 00 53 00 49 00 4F 00 4E 00 5F 00 // V.E.R.S.I.O.N._. |
|||
49 00 4E 00 46 00 4F 00 xx xx xx xx xx xx xx xx // I.N.F.O.xxxxxxxx |
|||
xx xx xx xx 02 00 01 00 04 00 03 00 xx xx xx xx // xxxx........xxxx |
|||
</source> |
</source> |
||
Revision as of 08:05, 22 July 2009
Device Management
View and Delete Unused Devices
Open a cmd.exe console:
> set devmgr_show_nonpresent_devices=1
> devmgmt.msc
In the Device Management Console, select show hidden devices. Unused devices are grayed out.
Convert Logical Drive Letter to PhysicalDrive
The following C program illustrates what Win32 API to use to convert a logical drive letter like C: to the corresponding PhysicalDrive specification.
#include <stdio.h>
#include <w32api/wtypes.h>
#include <w32api/ddk/ntdddisk.h>
int main()
{
HANDLE hDeviceHandle = NULL;
char drive[] = {'\\', '\\', '.', '\\', 'A', ':', 0};
DWORD driveMask = GetLogicalDrives();
for(int i = 0; i < 26; i++)
{
drive[4] = 'A' + i;
printf("Drive: %s\n", drive);
hDeviceHandle = CreateFile(drive , 0, 0, NULL,
OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL, NULL);
if (hDeviceHandle != (HANDLE)-1)
{
STORAGE_DEVICE_NUMBER sdn;
DWORD returned;
if (DeviceIoControl(
hDeviceHandle,IOCTL_STORAGE_GET_DEVICE_NUMBER,NULL ,0,&sdn,sizeof(sdn),&returned,NULL));
{
printf("\tDevice type: %d number: %d partition: %d\n",sdn.DeviceType,
sdn.DeviceNumber, sdn.PartitionNumber);
if(sdn.DeviceType == 7)
printf("\t-->\t\\\\.\\PhysicalDrive%d\n",sdn.DeviceNumber);
}
}
}
return 0;
}
Compile with:
% gcc logicalToPhysicalDrive.cpp
Example of output:
Drive: \\.\C:
Device type: 7 number: 0 partition: 1
--> \\.\PhysicalDrive0
Patch file version resource
Some windows file have a specific resource record that stores release information on that specific file (like file version, company name, etc ). One can see this record by using the NT Explorer → right click → properties → Version panel.
It is quite easy to change the content of this record by using an Hex Editor such as UltraEdit. Just look for either of the hex string below in the file:
560053005F00560045005200530049004F004E005F0049004E0046004F00 // V.S._.V.E.R.S.I.O.N._.I.N.F.O.
460069006C006500560065007200730069006F006E // F.i.l.e.V.e.r.s.i.o.n.
Note that the version number (file version) given at the top of the Version panel is actually coded in hex. The example below gives a file version 1.2.3.4.
xx xx xx xx xx xx xx xx xx xx 56 00 53 00 5F 00 // xxxxxxxxxxV.S._.
56 00 45 00 52 00 53 00 49 00 4F 00 4E 00 5F 00 // V.E.R.S.I.O.N._.
49 00 4E 00 46 00 4F 00 xx xx xx xx xx xx xx xx // I.N.F.O.xxxxxxxx
xx xx xx xx 02 00 01 00 04 00 03 00 xx xx xx xx // xxxx........xxxx