English
define.h
资源名称:BAV.v2.rar [点击查看]
上传用户:chaoyu
上传日期:2013-04-28
资源大小:18k
文件大小:4k
源码类别:
杀毒
开发平台:
Visual C++
- #pragma once
- //////////////////////////////////////////////////////////////////////////
- //
- // ENUM
- //
- enum BAV_ACTION{ BA_SCAN, BA_ASK, BA_CLEAN, BA_DELETE};
- enum BAV_RESULT{ BR_EXCEPTION=-1, BR_NO_VIRUS, BR_WITH_VIRUS, BR_CLEARED, BR_CLEAR_FAILED, BR_DELETED, BR_DELETE_FAILED, BR_IGNORE};
- enum BAV_SIGN_TYPE { BS_PHY_FILE=0 /*physical file*/, BS_STRUCT_OFFSET /*offset of a struct*/ };
- enum BAV_SIGN_LOGIC_OPERATION { BL_EQUAL=0, BL_NOT_EQUAL };
- enum BAV_OBJ_TYPE {BO_PHY_FILE=0, BO_MEM_FILE, BO_BOOT_SECTOR};
- enum BAV_TREAT_TYPE { BT_SCANONLY, BT_RENAME, BT_DELETE }; //目前只有几种处理方法,实际会有很多。
- //////////////////////////////////////////////////////////////////////////
- //
- // KEY STRUCTS
- //
- typedef struct tagScanParam
- {
- // control the struct version
- INT nSize;
- // Using CString first, it support both ASCII and UNICODE.
- // We can replace it by any compatible class later.
- CString strPathName;
- // what action will be taken
- BAV_ACTION eAction;
- }SCAN_PARAM, *PSCAN_PARAM;
- class CScanObject;
- typedef struct tagScanRecord
- {
- // Virus ID, use this to query the name and other information
- DWORD dwVirusID;
- // how the infected file was treated
- BAV_RESULT eResult;
- // scan object
- CScanObject* pScanObject;
- // link to next record
- tagScanRecord* pNext;
- }SCAN_RECORD, *PSCAN_RECORD;
- typedef struct tagScanResults
- {
- // control the struct version
- INT nSize;
- // total objects count, include all files and other objects.
- DWORD dwObjCount;
- // total time used
- DWORD dwTime;
- // total count of records which will be displayed.
- DWORD dwRecCount;
- PSCAN_RECORD pScanRecords;
- }SCAN_RESULTS, *PSCAN_RESULTS;
- //////////////////////////////////////////////////////////////////////////
- //
- // VSIGNATURE
- //
- #define MAX_SIGNATURE_LEN 32
- // BAV_SIGN_TYPE.dwType == BS_PHY_FILE
- // dwSubType: 0
- // nOffset: offset in file
- // nSize: size of signature (in bytes)
- // eLogicOp: how the signature compare with the target
- // Signature: signatures array. max length is MAX_SIGNATURE_LEN defined above.
- // BAV_SIGN_TYPE.dwType == BS_STRUCT_OFFSET
- // dwSubType:
- #define BS_SUB_PE_BEGIN 0x00000100
- #define BS_SUB_NT_HEADERS (BS_SUB_PE_BEGIN+1)
- #define BS_SUB_ENTRY_POINT (BS_SUB_PE_BEGIN+2)
- #define BS_SUB_PE_END (BS_SUB_PE_BEGIN+0xFF)
- typedef struct tagVSIGNATURE
- {
- BAV_SIGN_TYPE eType;
- DWORD dwSubType;
- INT nOffset;
- INT nSize;
- BAV_SIGN_LOGIC_OPERATION eLogicOp;
- BYTE Signature[MAX_SIGNATURE_LEN];
- }VSIGNATURE, *PVSIGNATURE;
- typedef struct tagVTREATMENT
- {
- BAV_TREAT_TYPE eType;
- DWORD dwParam1;
- DWORD dwParam2;
- }VTREATMENT, *PVTREATMENT;
- typedef struct tagVRECORD
- {
- // control the struct version
- INT nSize;
- DWORD dwVirusID;
- DWORD dwSignCount;
- PVSIGNATURE pVSing[8];
- DWORD dwTreatCount;
- PVTREATMENT pVTreat[8];
- }VRECORD, *PVRECORD;
- #define MAX_SECTIONS 64
- #define MAX_IMPORTS 64
- // File Struct PE
- typedef struct tagFSPE
- {
- // control the struct version
- INT nSize;
- INT m_nSectionCount;
- INT m_nImportCount;
- bool m_bMZFile;
- bool m_bPEFile;
- PIMAGE_DOS_HEADER m_pImageDosHeader;
- PIMAGE_FILE_HEADER m_pFileHeader;
- PIMAGE_OPTIONAL_HEADER32 m_pOptionalHeader;
- PIMAGE_SECTION_HEADER m_aSectionHeaders[MAX_SECTIONS];
- PIMAGE_NT_HEADERS m_pNtHeaders;
- PIMAGE_IMPORT_DESCRIPTOR m_aImportDescriptors[MAX_IMPORTS];
- PIMAGE_EXPORT_DIRECTORY m_pExportDirectory;
- PIMAGE_RESOURCE_DIRECTORY m_pResourceDirectory;
- // common use
- LPBYTE m_pEntryPoint;
- }FSPE, *PFSPE;
