User contributions

(newest | oldest) View (newer 100 | older 100) (20 | 50 | 100 | 250 | 500)

19:04, 18 February 2008 (diff | hist) . . (+443)‎ . . N Params(link) ‎ (New page: {{AdvFileParam|params[link]}} A check whether a .lnk file points to the specified file, including a branch. ==Usage== params[link]=<parameters(string)> ===Examples=== params[link]=<sub...)
19:03, 18 February 2008 (diff | hist) . . (+625)‎ . . N Targetbranch(link) ‎ (New page: {{AdvFileParam|target[link]}} Checks the execution target of a shortcut (''.lnk'') file. ==Usage== target[link]=<filename> ===Example=== ===Description=== {{AlgoPrefix}} Reads a shortc...)
19:02, 18 February 2008 (diff | hist) . . (+542)‎ . . N Inilinkbranch ‎ (New page: {{AdvFileParam|inilinkbranch}} A check if a specific filename exists in an ini file, and if so, continues all further check operations on that file. ==Usage== inilinkbranch=<data(string)...)
19:01, 18 February 2008 (diff | hist) . . (+435)‎ . . N Ini ‎ (New page: {{AdvFileParam|ini}} A check if a specific string data exists in an ini file. ==Usage== ini=<data(string)> ===Examples=== ===Description=== Tests all values in all sections inside an '...)
19:00, 18 February 2008 (diff | hist) . . (+620)‎ . . N Ephex ‎ (New page: {{AdvFileParam|ephex}} Bytes with offset from entry point, ?? as wildcard allowed. ==Usage== ephex=<offset(int)>|<hh>[hh[hh[hh[hh]...]]] ===Examples=== ephex=0|558BEC83C4F0 Would dete...)
18:58, 18 February 2008 (diff | hist) . . (+658)‎ . . N Greptext(searcharea) ‎ (New page: {{AdvFileParam|greptext[searcharea]}} Searches in file in a defined range using regular expressions. ==Usage== greptext[searcharea]=<text(string)> ===Examples=== "greptext[searcharea]=...)
18:56, 18 February 2008 (diff | hist) . . (0)‎ . . Msg(info) ‎ (→‎Usage)
18:56, 18 February 2008 (diff | hist) . . (0)‎ . . Msg(crit) ‎ (→‎Examples)
18:56, 18 February 2008 (diff | hist) . . (0)‎ . . Msg(warn) ‎ (→‎Examples)
18:56, 18 February 2008 (diff | hist) . . (0)‎ . . Msg(warn) ‎ (→‎Examples)
18:56, 18 February 2008 (diff | hist) . . (0)‎ . . Msg(warn) ‎ (→‎Examples)
18:55, 18 February 2008 (diff | hist) . . (0)‎ . . Msg(info) ‎ (→‎Examples)
18:55, 18 February 2008 (diff | hist) . . (+9)‎ . . Findtext(searcharea) ‎ (→‎Examples)
18:55, 18 February 2008 (diff | hist) . . (+847)‎ . . N Findbinary(searcharea) ‎ (New page: {{AdvFileParam|findbinary[searcharea]}} Searches for hex pattern in file in range defined by textbegin and textend using the Boyer-Moore algorithm. ==Usage== findbinary[searcharea]=<text...)
18:52, 18 February 2008 (diff | hist) . . (+654)‎ . . N Findtext(searcharea) ‎ (New page: {{AdvFileParam|findtext[searcharea]}} Searches in file in a defined range using the Boyer-Moore algorithm. ==Usage== findtext[searcharea]=<text(string)> ===Examples=== findtext[searcha...)
18:51, 18 February 2008 (diff | hist) . . (+593)‎ . . N Section(searcharea) ‎ (New page: {{AdvFileParam|section[searcharea]}} Sets the start position and size for other ''searcharea'' operations copied from section position and size. ==Usage== section[searcharea]=<section na...)
18:50, 18 February 2008 (diff | hist) . . (+550)‎ . . N End(searcharea) ‎ (New page: {{AdvFileParam|end[searcharea]}} Sets the end position for other text* operations ==Usage== end[searcharea]=<offset(int)> ===Examples=== end[searcharea]=23836 ===Description=== Does n...)
18:50, 18 February 2008 (diff | hist) . . (+190)‎ . . Begin(searcharea) ‎ (→‎Usage)
18:49, 18 February 2008 (diff | hist) . . (+371)‎ . . N Begin(searcharea) ‎ (New page: {{AdvFileParam|begin[searcharea]}} Sets the start position for other text* operations ==Usage== begin[searcharea]=<offset(int)> ===Examples=== ===Description=== ==See also== ===Simil...)
18:43, 18 February 2008 (diff | hist) . . (+16)‎ . . Exists(cert) ‎ (→‎Usage)
18:43, 18 February 2008 (diff | hist) . . (+402)‎ . . N Exists(authx509) ‎ (New page: {{AdvFileParam|exists[authx509]}} Checks whether file has any Authenticode attached. ==Usage== exists[authx509]=<flag(boolean)> ===Examples=== exists[authx509]=1 ===Description=== Che...)
18:42, 18 February 2008 (diff | hist) . . (+331)‎ . . N Exists(cert) ‎ (New page: {{AdvFileParam|exists[cert]}} Checks whether file has any Authenticode attached. ==Usage== exists[cert]=<flag(boolean)> ===Examples=== ===Description=== This is the just a more generic...)
18:42, 18 February 2008 (diff | hist) . . (+350)‎ . . N Authx509 ‎ (New page: {{AdvFileParam|authx509}} Checks the code signature of signable file formats. ==Usage== authx509=<field(string)>:<data(field)> ===Examples=== ===Description=== Checks the signature app...)
18:40, 18 February 2008 (diff | hist) . . (+510)‎ . . N Exists(version)! ‎ (New page: {{AdvFileParam|exists[version]!}} Detects whether the version resource is missing. ==Usage== exists[version]!=<flag(boolesn)> ===Examples=== ===Description=== Detects whether the versi...)
18:38, 18 February 2008 (diff | hist) . . (+471)‎ . . N Field(version) ‎ (New page: {{AdvFileParam|field[version]}} Checks if a version field contains the specified value. ==Usage== field[version]=<name(string)>|<value(string)> field[version]!=<name(string)>|<value(str...)
18:38, 18 February 2008 (diff | hist) . . (+53)‎ . . Md5(version) ‎ (→‎Description)
18:38, 18 February 2008 (diff | hist) . . (+53)‎ . . Md5(verpart1) ‎ (→‎Description)
18:38, 18 February 2008 (diff | hist) . . (+595)‎ . . N Md5(verpart2) ‎ (New page: {{AdvFileParam|md5[verpart2]}} A checksum over the ''Comments'', ''OriginalFilename'' and ''ProductName'' fields. ==Usage== md5[verpart2]=<nnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn> ===Examples=...)
18:37, 18 February 2008 (diff | hist) . . (+514)‎ . . N Md5(verpart1) ‎ (New page: {{AdvFileParam|md5[verpart1]}} A checksum over the ''FileDescription'', ''LegalCopyright'' and ''CompanyName'' fields. ==Usage== md5[verpart1]=<hash(string[32])> ===Examples=== ===Desc...)
18:36, 18 February 2008 (diff | hist) . . (+422)‎ . . N Md5(version) ‎ (New page: {{AdvFileParam|md5[version]}} A checksum of all version resource fields. ==Usage== md5[version]=<hash(string[32])> ===Examples=== ===Description=== A checksum of all version resource f...)
18:30, 18 February 2008 (diff | hist) . . (+1)‎ . . AlgoPrefix ‎
18:30, 18 February 2008 (diff | hist) . . (0)‎ . . AlgoPrefix ‎ (→‎Algorithms)
18:30, 18 February 2008 (diff | hist) . . (+3)‎ . . m AlgoPrefix ‎ (→‎Algorithms: fixed typo "power" => "powerful")
18:27, 18 February 2008 (diff | hist) . . (-53)‎ . . Md5(icon) ‎ (→‎Similar parameters)
18:27, 18 February 2008 (diff | hist) . . (+652)‎ . . N Md5(icon) ‎ (New page: {{AdvFileParam|md5[icon]}} A MD5 check of a an icon of the file (no specified icon means default icon) ==Usage== md5[icon]=<iconid(int/string)>-<hash(string[32])> ===Examples=== ===Des...)
18:26, 18 February 2008 (diff | hist) . . (+568)‎ . . N Md5(bitmap) ‎ (New page: {{AdvFileParam|md5[bitmap]}} A MD5 check of a bitmap resource of the file. ==Usage== md5[bitmap]=<resname(string)>-<hash(string[32])> ===Examples=== ===Description=== While at first lo...)
18:24, 18 February 2008 (diff | hist) . . (+21)‎ . . Md5(res) ‎ (→‎See also)
18:24, 18 February 2008 (diff | hist) . . (+21)‎ . . Exists(restype) ‎ (→‎See also)
18:24, 18 February 2008 (diff | hist) . . (+459)‎ . . N Exists(restype) ‎ (New page: {{AdvFileParam|exists[restype]}} Checks if a given resource type, identified by number, exists. ==Usage== exists[restype]=<typeid(int)> ===Examples=== ===Description=== Checks if a giv...)
18:22, 18 February 2008 (diff | hist) . . (+414)‎ . . N Count(restypes) ‎ (New page: {{AdvFileParam|count[restypes]}} Checks how many resource types do exist. ==Usage== count[restypes]=<count(int)> ===Examples=== ===Description=== Tests how many resource ''types'' do e...)
18:21, 18 February 2008 (diff | hist) . . (-53)‎ . . Size(res) ‎ (→‎Similar parameters)
18:20, 18 February 2008 (diff | hist) . . (+738)‎ . . N Size(res) ‎ (New page: {{AdvFileParam|size[res]}} The size of a specific resource of the file. ==Usage== size[res]=<resource type(string)>|<resource name(string)>|<size(int)> size[res]>=<resource type(string)...)
18:18, 18 February 2008 (diff | hist) . . (-13)‎ . . Md5(res) ‎ (→‎Similar parameters)
18:18, 18 February 2008 (diff | hist) . . (+552)‎ . . N Exists(res) ‎ (New page: {{AdvFileParam|exists[res]}} Checks if a resource with that name and of that type exists. ==Usage== exists[res]=<type(string)>|<name(string)> exists[res]!=<type(string)>|<name(string)> ...)
18:16, 18 February 2008 (diff | hist) . . (+555)‎ . . N Md5(res) ‎ (New page: {{AdvFileParam|md5[res]}} A MD5 check of a specific resource of the file. ==Usage== md5[res]=<resource type(string)>|<resource name(string)|<hash(text[32])> ===Examples=== ===Descripti...)
18:15, 18 February 2008 (diff | hist) . . (+542)‎ . . N Count(sections) ‎ (New page: {{AdvFileParam|count[sections]}} A check about the number of sections. ==Usage== count[sections]=<count(int)> count[sections]>=<count(int)> count[sections]<=<count(int)> ===Examples==...)
18:14, 18 February 2008 (diff | hist) . . (+2)‎ . . Md5(section) ‎ (→‎Usage)
18:14, 18 February 2008 (diff | hist) . . (+2)‎ . . Size(section) ‎ (→‎Usage)
18:14, 18 February 2008 (diff | hist) . . (+424)‎ . . N Size(section) ‎ (New page: {{AdvFileParam|size[section]}} A check of the size of one specific section ==Usage== size[section]=<sectionname(string)|size(int)> ===Examples=== size[section]=.text|37947 ===Descript...)
18:13, 18 February 2008 (diff | hist) . . (+390)‎ . . N Size(sections) ‎ (New page: {{AdvFileParam|size[sections]}} A check of the valid section part size of the file ==Usage== size[sections]=<size(int)> ===Examples=== ===Description=== Checks the size of all Portable...)
18:13, 18 February 2008 (diff | hist) . . (+477)‎ . . N Exists(section) ‎ (New page: {{AdvFileParam|exists[section]}} Checks if section with given name exists. ==Usage== exists[section]=<sectionname(string)> ===Examples=== exists[section]=.text exists[section]=CODE =...)
18:12, 18 February 2008 (diff | hist) . . (+543)‎ . . N Md5(section) ‎ (New page: {{AdvFileParam|md5[section]}} A MD5 check of the one section of the file ==Usage== md5[section]=<sectionname(string)>-<hash(text32)> ===Examples=== md5[section]=.text-1234567890ABCDEFA...)
17:02, 18 February 2008 (diff | hist) . . (+705)‎ . . N Md5(sections) ‎ (New page: {{AdvFileParam|md5[sections]}} A MD5 check of the valid section part of the file. ==Usage== md5[sections]=<hash(text[32])> ===Examples=== ===Description=== Calculates the MD5 hash of t...)
16:59, 18 February 2008 (diff | hist) . . (+551)‎ . . N Count(exports) ‎ (New page: {{AdvFileParam|count[exports]}} The number of exported functions. ==Usage== count[exports]=<size(int)> count[exports]>=<size(int)> count[exports]<=<size(int)> ===Examples=== count[ex...)
16:58, 18 February 2008 (diff | hist) . . (+479)‎ . . N Exists(export) ‎ (New page: {{AdvFileParam|exists[export]}} The name of an exported function. ==Usage== exists[export]=<functionname(string)> ===Examples=== exists[export]=DoSomethingBad This would test whether ...)
16:55, 18 February 2008 (diff | hist) . . (+4)‎ . . Md5(exports) ‎ (→‎See also)
16:53, 18 February 2008 (diff | hist) . . (+529)‎ . . N Md5(exports) ‎ (New page: {{AdvFileParam|md5[exports]}} A simple MD5 check of the alpha-sorted uppercase export list ==Usage== md5[exports]=<hash(text[32])> ===Examples=== md5[exports]=1234567890ABCDEFABCDEF123...)
16:51, 18 February 2008 (diff | hist) . . (+589)‎ . . N Crc32 ‎ (New page: {{AdvFileParam|crc32}} A simple CRC check of the whole file ==Usage== crc32=<hash(text[8])> ===Examples=== crc32=1234ABCD ===Description=== Compares the CRC32 hash of the file content...)
16:48, 18 February 2008 (diff | hist) . . (+591)‎ . . N Sizemd5 ‎ (New page: {{AdvFileParam|sizemd5}} A MD5 check of a specific part of the file ==Usage== sizemd5=<startoffset(int)>|<endoffset(int)>|<hash(text[32])> ===Examples=== sizemd=10|20|12345678901234567...)
16:47, 18 February 2008 (diff | hist) . . (0)‎ . . Endmd5 ‎ (→‎Usage)
16:47, 18 February 2008 (diff | hist) . . (+631)‎ . . N Endmd5 ‎ (New page: {{AdvFileParam|endmd5}} A MD5 check of the last bytes, optionally with an offset ==Usage== endmd5=<sizefromend(int)><|deltatoend(int)>|<hash(text[32])> ===Examples=== endmd5=2000|100|1...)
16:44, 18 February 2008 (diff | hist) . . (+499)‎ . . N Md5 ‎ (New page: {{AdvFileParam|md5}} A simple MD5 check of the whole file. ==Usage== md5=<hash(text[32])> ===Examples=== md5=123456789012345678901234567890AB ===Description=== This parameter compares...)
16:41, 18 February 2008 (diff | hist) . . (+510)‎ . . N Delenv ‎ (New page: {{AdvFileParam|delenv}} Deletes the environment variable with the given name. ==Usage== delenv=<name(string)> ===Examples=== delenv=greeting chkenv=greeting:Hello,delenv=greeting ===...)
16:40, 18 February 2008 (diff | hist) . . (+446)‎ . . N Clearenv ‎ (New page: {{AdvFileParam|clearenv}} Clears the environment completely. ==Usage== clearenv=<flag(boolean)> ===Examples=== clearenv=1 ===Description=== This ''flag'' has to be set to ''1'' to act...)
16:39, 18 February 2008 (diff | hist) . . (+439)‎ . . N Isenv ‎ (New page: {{AdvFileParam|isenv}} Checks if an environment variable is set. ==Usage== isenv=<name(string)> ===Examples=== isenv=greeting ===Description=== Checks if the environment variable name...)
16:38, 18 February 2008 (diff | hist) . . (+498)‎ . . N Chkenv ‎ (New page: {{AdvFileParam|chkenv}} Checks if the environment variable has the given value. ==Usage== chkenv=<name(string):value(string)> ===Examples=== chkenv=greeting:Hello chkenv=greeting:Hall...)
16:36, 18 February 2008 (diff | hist) . . (+411)‎ . . N Setenv ‎ (New page: {{AdvFileParam|setenv}} Sets a global environment variable. ==Usage== setenv=<name(string)>:<value(string)> ===Examples=== setenv=greeting:Hello ===Description=== This parameter can b...)
16:32, 18 February 2008 (diff | hist) . . (+467)‎ . . N Skipcount ‎ (New page: {{AdvFileParam|skipcount}} Skips the next X lines if reached. ==Usage== skipcount=<linecount(int)> ===Examples=== skipcount=5 To skip the next 5 lines. ===Description=== Often used i...)
16:19, 18 February 2008 (diff | hist) . . (+778)‎ . . N Modunload ‎ (New page: {{AdvFileParam|modunload}} Tries to unload DLL through API from specified process. ==Usage== modunload=<filename(string)> ===Examples=== modunload=<$WINDIR>\notepad.exe Tries to unloa...)
16:15, 18 February 2008 (diff | hist) . . (+620)‎ . . N Ignore ‎ (New page: {{AdvFileParam|ignore}} Tells the scanner to break if it is of a given type. ==Usage== ignore=<scanner-id(byte)>[+scanner-id(byte)[+scanner-id(byte)]] ===Examples=== ignore=0+2 ===Des...)
16:12, 18 February 2008 (diff | hist) . . (+564)‎ . . N Silentregreboot ‎ (New page: {{AdvFileParam|silentregreboot}} If set (as last parameter), it will write the registry setting to scan on reboot. ==Usage== silentregreboot=<flag(boolean)> ===Examples=== silentregreb...)
16:11, 18 February 2008 (diff | hist) . . (-3)‎ . . Flagifnofile ‎ (→‎Description)
16:10, 18 February 2008 (diff | hist) . . (+608)‎ . . N Askregreboot ‎ (New page: {{AdvFileParam|askregreboot}} ==Usage== askregreboot=<flag(boolean)> ===Examples=== askregreboot=something ===Description=== If set (as last parameter), it will ask if it should write...)
16:06, 18 February 2008 (diff | hist) . . (+1,094)‎ . . N Build ‎ (New page: {{AdvFileParam|build}} Checks the build number ==Usage== build=<build number> build!=<build number> build>=<build number> build<=<build number> ===Examples=== build>=20070830 This ...)
16:00, 18 February 2008 (diff | hist) . . (+621)‎ . . N Flagifnofile ‎ (New page: {{AdvFileParam|flagifnofile}} Determines if entry should be flagged if no file present. ==Usage== flagifnofile=<flag(boolean)> ===Examples=== flagifnofile=0 flagifnofile=1 ===Descrip...)
15:57, 18 February 2008 (diff | hist) . . (+606)‎ . . N Attribs ‎ (New page: {{AdvFileParam|attribs}} Checks if file attributes are set or not set. ==Usage== attribs=<attrib(char)>modifier(char)[attrib(char)modifier(char)[...]] ===Examples=== attribs=H+R+S+ ==...)
15:53, 18 February 2008 (diff | hist) . . (+595)‎ . . N Size(file) ‎ (New page: {{AdvFileParam|filesize}} Defines which size the scanned file must have ==Usage== filesize=<size(int)> filesize>=<size(int)> filesize<=<size(int)> ===Examples=== filesize=18373 file...)
15:50, 18 February 2008 (diff | hist) . . (+145)‎ . . N Category:Advanced file parameters ‎ (New page: This category lists all advanced file parameters provided by file ''AdvCheck.dll'' and used to verify file contents.)
15:49, 18 February 2008 (diff | hist) . . (0)‎ . . Filename ‎ (→‎See also: alpha-sorted)
15:48, 18 February 2008 (diff | hist) . . (+556)‎ . . N Filepath ‎ (New page: {{AdvFileParam|filepath}} Checks if the file path (no filename) is of the given value. ==Usage== filepath=<path(string)> ===Examples=== filepath=<$WINDIR>\ ===Description=== Tests whe...)
15:48, 18 February 2008 (diff | hist) . . (+574)‎ . . N Fullpath ‎ (New page: {{AdvFileParam|fullpath}} Checks if the full path (filename and path) is of the given value. ==Usage== fullpath=<path(string)> ===Examples=== filepath=<$WINDIR>\blubbels.txt ===Descri...)
15:44, 18 February 2008 (diff | hist) . . (0)‎ . . m ProgramFile ‎
15:44, 18 February 2008 (diff | hist) . . (+645)‎ . . N Filename ‎ (New page: {{AdvFileParam|filename}} Defines filename for Directory command check. ==Usage== filename=<filename(string)> ===Examples=== filename=<$WINDIR>\malware.exe ===Description=== Sets the ...)
15:43, 18 February 2008 (diff | hist) . . (0)‎ . . Directory ‎ (→‎Description)
15:38, 18 February 2008 (diff | hist) . . (+1)‎ . . Template:AdvFileParam ‎
15:38, 18 February 2008 (diff | hist) . . (+27)‎ . . Msg(info) ‎
15:38, 18 February 2008 (diff | hist) . . (+27)‎ . . Msg(warn) ‎
15:38, 18 February 2008 (diff | hist) . . (+27)‎ . . Msg(crit) ‎
15:36, 18 February 2008 (diff | hist) . . (+519)‎ . . N Msg(crit) ‎ (New page: Displays a message when reached, failing the test. ==Usage== msg[crit]=<text(string)> ===Examples=== msg[crit]="Fatal Example Error!" Please not that as part of quoted [[Advanced file...)
15:36, 18 February 2008 (diff | hist) . . (+508)‎ . . N Msg(info) ‎ (New page: Displays a message when reached, fulfilling the test. ==Usage== msg[info]=<text(string)> ===Examples=== msg[crit]="Just FYI." Please not that as part of quoted [[Advanced file paramet...)
15:36, 18 February 2008 (diff | hist) . . (+680)‎ . . N Msg(warn) ‎ (New page: Displays a message when reached, allowing you to choose to continue or cancel. ==Usage== msg[warn]=<text(string)> ===Examples=== msg[crit]="Do you really want to continue this silly ex...)
15:10, 18 February 2008 (diff | hist) . . (+492)‎ . . Target(link) ‎
15:06, 18 February 2008 (diff | hist) . . (+1)‎ . . Template:AdvFileParam ‎
15:06, 18 February 2008 (diff | hist) . . (+98)‎ . . N File:Icon wrong title.png ‎ (An icon describing an article name that has not the correct syntax, due to technical restrictions.) (current)
15:01, 18 February 2008 (diff | hist) . . (+764)‎ . . N Template:AdvFileParam ‎ (New page: <div id="Template_AdvFileParam"> {|{{Bausteindesign1}} | style="width: 25px; vertical-align: top; padding-top: 2px;" | 25px | The proper syntax of this [[Adva...)
14:58, 18 February 2008 (diff | hist) . . (-2)‎ . . Template:Outdated SBI ‎ (current)
14:56, 18 February 2008 (diff | hist) . . (+29)‎ . . N Target(link) ‎ (New page: {{AdvFileParam|target[link]}})
14:07, 18 February 2008 (diff | hist) . . (+724)‎ . . N MoveFile ‎ (New page: Renames/moves a file. ==Usage== MoveFile:<source filename>,<destination filename>[,advanced file parameters] ===Examples=== ===Description=== This command renames files. # The first p...)
14:03, 18 February 2008 (diff | hist) . . (+1,082)‎ . . N WinSecCenter ‎ (New page: Identifies ''Windows Security Center'' entries. ==Usage== WinSecCenter:<type>,<field>,<data> ===Examples=== WinSecCenter:"av","guid","{3207EF9A-E64B-40A0-B897-3F2B9D794816}" Detects a...)
13:57, 18 February 2008 (diff | hist) . . (+1,707)‎ . . N NTFile ‎ (New page: Identifies files, using the Windows NT native mode, to avoid rootkit hiding in Windows 32 mode. ==Usage== NTFile:<description>,<filename>[,advanced file parameters] ===Examples=== See [...)

(newest | oldest) View (newer 100 | older 100) (20 | 50 | 100 | 250 | 500)

User contributions

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools