Welcome to mirror list, hosted at ThFree Co, Russian Federation.

scanreply.h « include - github.com/taviso/loadlibrary.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/include/scanreply.h
blob: be100db8f77e97728989be070b752efe46bfc521 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56

#ifndef __SCANREPLY_H
#define __SCANREPLY_H
#pragma once
#pragma pack(push, 1)

// These are just guesses based on observed behaviour.
enum {
    SCAN_FILENAME        = 1 << 8,
    SCAN_ENCRYPTED       = 1 << 6,
    SCAN_MEMBERNAME      = 1 << 7,
    SCAN_FILETYPE        = 1 << 9,
    SCAN_TOPLEVEL        = 1 << 18,
    SCAN_PACKERSTART     = 1 << 19,
    SCAN_PACKEREND       = 1 << 12,
    SCAN_ISARCHIVE       = 1 << 16,
    SCAN_VIRUSFOUND      = 1 << 27,
    SCAN_CORRUPT         = 1 << 13,
    SCAN_UNKNOWN         = 1 << 15, // I dunno what this means
};

typedef struct _SCANSTRUCT {
    DWORD field_0;
    DWORD Flags;
    PCHAR FileName;
    CHAR  VirusName[28];
    DWORD field_28;
    DWORD field_2C;
    DWORD field_30;
    DWORD field_34;
    DWORD field_38;
    DWORD field_3C;
    DWORD field_40;
    DWORD field_44;
    DWORD field_48;
    DWORD field_4C;
    DWORD FileSize;
    DWORD field_54;
    DWORD UserPtr;
    DWORD field_5C;
    PCHAR MaybeFileName2;
    PWCHAR StreamName1;
    PWCHAR StreamName2;
    DWORD field_6C;
    DWORD ThreatId;             // Can be passed back to GetThreatInfo
} SCANSTRUCT, *PSCANSTRUCT;

typedef struct _SCAN_REPLY {
    DWORD   (*EngineScanCallback)(PSCANSTRUCT this);
    DWORD   field_4;
    DWORD   UserPtr;
    DWORD   field_C;
} SCAN_REPLY, *PSCAN_REPLY;

#pragma pack(pop)
#endif // __SCANREPLY_H
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-29 15:04:30 +0300