Provided by: grokevt_0.4.1-7ubuntu1_all bug

NAME
       grokevt-ripdll - A tool for extracting message resources from a PE-formatted file.


SYNOPSIS
       grokevt-ripdll  input-dll  output-db  .SH DESCRIPTION grokevt-ripdll parses a PE-formatted
       file (modern .exe and .dll files are examples PE-formatted files) and extracts all message
       resources.  These  resources are then stored in a Berkeley-style database file, which maps
       relative virtual addresses (RVAs) to the message resources themselves. These RVAs are what
       can  be found in a windows event log file (.evt extension) to reference the proper message
       resource.  This utility is not intended to be used directly by end-users.  It is  used  by
       grokevt-builddb(1) to extract resources from all DLL/EXEs referenced in the registry.


ARGUMENTS
       input-dll
              This is the PE formatted file to extract resources from. (It doesn't need to have a
              .dll extension, but it is most commonly used on DLLs.)

       output-db
              The database file to store the  RVA->message  mapping  in.  If  this  file  already
              exists,  it  will  be overwritten.  To extract the entries stored in this database,
              see grokevt-dumpmsgs(1).


BUGS
       Probably a few. This script has not been extensively tested with some guest  platforms  or
       with non-english systems.

       The  documentation  used  as  a  reference  for PE formatted files was not complete or not
       completely accurate in places. Much guess-and-check took place.


CREDITS
       Original PE header code borrowed from the pymavis project.  For more information, see:

                 http://www.mplayerhq.hu/~arpi/pymavis/

       Message resource parsing added by Timothy D. Morgan.

       Copyright (C) 2005-2007 Timothy D. Morgan

       Copyright (C) 2004 A'rpi


LICENSE
       Please see the file "LICENSE" included with this software distribution.

       This program is distributed in the hope that it will be useful, but WITHOUT ANY  WARRANTY;
       without  even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
       See the GNU General Public License version 3 for more details.


SEE ALSO
       grokevt(7) grokevt-addlog(1)  grokevt-builddb(1)  grokevt-dumpmsgs(1)  grokevt-findlogs(1)
       grokevt-parselog(1)