SYSREVEAL

Here is the February 2012 issue of VB Magazine.

Here is the January 2012 issue of VB Magazine.

Here is the December issue of VB Magazine.

Here is the October issue of VB Magazine.

Here is the September issue of VB Magazine.

For a reader named Thanh, I just uploaded the latest magazine of VB100 (August 2011).

As a Chinese, I noticed two Chinese Anti-virus companies: Qihoo and Rising are also in the list. According to the test results, they are surely not in the same level.

Qihoo is rising, while Rising is sinking.

(continue reading…)

Actually in most cases, we don’t need to use the mighty sword like SysTracer or FileMon to know what’s happening in your file system. So why not choose the very light weight tool DirMon?

Major features:

• Support all Windows NT platforms: Windows 2000 ~ windows 7 both 32-bit and 64-bit
• Light weight and easy to use, no administrator privilege needed.
• Monitor all changes in a directory with flexible options.

Change history:

v1.0.1 (2011-08-05)

• Support both Chinese and English

Please download the latest version of DirMon here.

Download here

(continue reading…)

Structured Exception Handling (SEH) is a very important mechanism in Windows operating system. The most famous article describing SEH in Windows 32 bits is from Windows wizard Matt Pietrek: A Crash Course on the Depths of Win32™ Structured Exception Handling .

On the x64, Microsoft changes its way to handle exception. You could still use __try and __except to catch and handle exceptions, but the internal implements are totally changed by Microsoft. There are still some good articles talking about the x64 SEH:

A good article for major concepts:  Exceptional Behavior – x64 Structured Exception Handling

Series of articles in depth:  Programming against the x64 exception handling support

So why should we learn these details if we could still use __try and __except to handle all exceptions? The answer is: when you port your code from 32-bit to 64-bit, your SEH might not work if your code is dynamically generated. You have to use new Win64 APIs RtlInstallFunctionTableCallback and RtlAddFunctionTable to manually handle your code exceptions. Furthermore, some PE packers might not work when processing Win64 PE files since they could not take advantage of Win32 SEH tricks any more.

这是一个在Windows下运行的iPhone/iPad GPS日志查看器，开发这个小东西花了我两个晚上。原始想法来源于iPhoneTracker，关于这个软件的实现原理和常见问题都可以在前面那个网址上查到。区别在于iPhoneTracker是运行在MAC OS上的，我这个程序是运行在Windows下的，当然前提是您曾经使用过iTunes进行了备份。

iAppleTracker的下载地址请点这里。

程序主界面：

查询后的结果：

(continue reading…)