DOC/XLS macro present checker
Tiny (about 3k) Win32 console utility for fast checking
Office97/2k and Office10 beta DOC/XLS files for *MACROSES*
present. Very useful for check incoming and stored documents for
"undesirable" macroses present that may contain unknown
or(and) "stealth" macro-viruses. Fast directory tree scanning!
Current version: 0.01
Advanced Process Shower for Win9x/Me
Small (about 9k) Win32 console utility for show Win32 processes
(include hidden system processes), Win16 tasks, Virtual Device
Drivers (VxDs) and all active DOS tasks. For each process print
its priority, number of threads, process name, process id and process
type. Very useful for analyzing system memory and identification
"unknown" and hidden processes (such as trojans, remote administration
tools, etc).
Current version: 0.3
HideExec for Win9x/Me/Nt/2k
Run specified program in "invisible mode", i.e. without creating window.
Useful for run in background mode window, console, dos and win16
applications.
Stdout to file reassigner/duplicator for Win9x/Me/Nt/2k
Log standard program output into file and also print it onto screen. Very
useful for command line executing NMAKE and getting correct screen and
log output.
Disk flusher
Flush all file buffers and caches on all drives. Also work in Nt/2k but
more effective in Dos/Win9x/Me.
NTFS alternate data stream (ADO) checker
Utility to check files on NTFS drives for alternate data streams (ADO)
present. ADO is NTFS's feature that make possible to store data in
another than main file named file's streams which can not be viewed by
standard WinNt/W2k utilities.
Cyrillic Win1251 to/from Dos866 text files convertor for Win32/Dos
Dos and Win32 utility for convert russian text files from/to Dos russian
code page letters (866) to/from windows code page letters (1251).
See sources!
Wnt/W2k VDM (Virtual Dos Machine) memory sections dumper
Get existing VDM (Virtual Dos Machine) memory sections under Wnt/W2K and
drop it to disk files (with "0", "1", etc names in current directory).
Uses undocumented Windows NT mechanism to section access.
See sources!
Wnt/W2k mailslots list
Get opened mailslots on the system ( Wnt/W2K ) and print its
names. Currently realeased as W32 console but easy portable to
Wnt/W2k driver.
See sources!
Open files enumerator for Win9x/Me sample
Get and print all currently open files list by all processes on all
drives.
See sources!
Get system swap file(s) list sample for Win9x/Me/Nt/2k
Get and print all system swap filenames.
See sources!
Quering SUBST drives sample for Win9x/Me/Nt/2k
Quering and print all SUBSTituted drives on system.
See sources!
Advanced Win32 Ring3->VxD Ring0 communication for W9x/Me
1. No DeviceIoControl.
2. Loading Win32 intermediate DLL into SHARED memory from VxD.
3. Original DOS Interrupt API like mechanism for Win32 R3 -> VxD fast
calling.
4. Win9x/Me low level programming tricks.
See sources!
Direct hard disk MBR sector read/write example from Win32 for W9x/Me
1. Working on all hardware configurations (include SCSI hard drives).
2. Fully compatible with W9x/Me method.
3. No VxDs, no IOS calling.
4. Uses original trick for Ring3 -> Ring0 switching under W9x/Me (system
safely mechanism).
See sources!
CreateProcess call from Ring0 sample
VxD direct Win32 CreateProcess call sample to run any application from
Ring0 on Win9x/Me.
See sources!
Create Ring3 thread from VxD sample
Create Ring3 thread from VxD and identifying thread by Ring0 thread
handle via PM callback trick on Win9x/Me.
See sources!
Plug'n'play device nodes enumerator sample for Win9x/Me
Recursive find and print to debug terminal (or SoftIce screen) all PNP
devices nodes and all its physical memory resources.
See sources!
