BAV.v2.rar define.h

www.pudn.com > BAV.v2.rar > define.h, change:2005-08-21,size:3640b
#pragma once 
 
////////////////////////////////////////////////////////////////////////// 
// 
// ENUM 
// 
 
enum BAV_ACTION{ BA_SCAN, BA_ASK, BA_CLEAN, BA_DELETE}; 
enum BAV_RESULT{ BR_EXCEPTION=-1, BR_NO_VIRUS, BR_WITH_VIRUS, BR_CLEARED, BR_CLEAR_FAILED, BR_DELETED, BR_DELETE_FAILED, BR_IGNORE}; 
 
enum BAV_SIGN_TYPE { BS_PHY_FILE=0 /*physical file*/, BS_STRUCT_OFFSET /*offset of a struct*/ }; 
enum BAV_SIGN_LOGIC_OPERATION { BL_EQUAL=0, BL_NOT_EQUAL }; 
enum BAV_OBJ_TYPE {BO_PHY_FILE=0, BO_MEM_FILE, BO_BOOT_SECTOR}; 
enum BAV_TREAT_TYPE { BT_SCANONLY, BT_RENAME, BT_DELETE }; //目前只有几种处理方法，实际会有很多。 
 
 
////////////////////////////////////////////////////////////////////////// 
// 
// KEY STRUCTS 
// 
 
typedef struct tagScanParam 
{ 
	// control the struct version 
	INT			nSize; 
 
	// Using CString first, it support both ASCII and UNICODE. 
	// We can replace it by any compatible class later. 
	CString		strPathName; 
 
	// what action will be taken 
	BAV_ACTION	eAction; 
 
}SCAN_PARAM, *PSCAN_PARAM; 
 
class CScanObject; 
typedef struct tagScanRecord 
{ 
	// Virus ID, use this to query the name and other information 
	DWORD			dwVirusID; 
 
	// how the infected file was treated 
	BAV_RESULT		eResult; 
 
	// scan object 
	CScanObject*	pScanObject; 
 
	// link to next record 
	tagScanRecord*	pNext; 
 
}SCAN_RECORD, *PSCAN_RECORD; 
 
typedef struct tagScanResults 
{ 
	// control the struct version 
	INT				nSize; 
 
	// total objects count, include all files and other objects. 
	DWORD			dwObjCount; 
 
	// total time used 
	DWORD			dwTime; 
 
	// total count of records which will be displayed. 
	DWORD			dwRecCount; 
 
	PSCAN_RECORD	pScanRecords; 
 
}SCAN_RESULTS, *PSCAN_RESULTS; 
 
 
////////////////////////////////////////////////////////////////////////// 
// 
// VSIGNATURE  
// 
 
#define MAX_SIGNATURE_LEN	32 
 
// BAV_SIGN_TYPE.dwType == BS_PHY_FILE 
// dwSubType:	0 
// nOffset:		offset in file 
// nSize:		size of signature (in bytes) 
// eLogicOp:	how the signature compare with the target 
// Signature:	signatures array. max length is MAX_SIGNATURE_LEN defined above. 
 
 
// BAV_SIGN_TYPE.dwType == BS_STRUCT_OFFSET 
// dwSubType:	 
#define BS_SUB_PE_BEGIN		0x00000100 
#define BS_SUB_NT_HEADERS	(BS_SUB_PE_BEGIN+1) 
#define BS_SUB_ENTRY_POINT	(BS_SUB_PE_BEGIN+2) 
#define BS_SUB_PE_END		(BS_SUB_PE_BEGIN+0xFF) 
 
typedef struct tagVSIGNATURE 
{ 
 
	BAV_SIGN_TYPE	eType; 
	DWORD			dwSubType; 
	INT				nOffset; 
	INT				nSize; 
	BAV_SIGN_LOGIC_OPERATION	eLogicOp; 
	BYTE			Signature[MAX_SIGNATURE_LEN]; 
 
}VSIGNATURE, *PVSIGNATURE; 
 
 
typedef struct tagVTREATMENT 
{ 
 
	BAV_TREAT_TYPE	eType; 
	DWORD			dwParam1; 
	DWORD			dwParam2; 
 
}VTREATMENT, *PVTREATMENT; 
 
 
typedef struct tagVRECORD 
{ 
	// control the struct version 
	INT				nSize; 
 
	DWORD			dwVirusID; 
	DWORD			dwSignCount; 
	PVSIGNATURE		pVSing[8]; 
	DWORD			dwTreatCount; 
	PVTREATMENT		pVTreat[8]; 
 
}VRECORD, *PVRECORD; 
 
 
#define MAX_SECTIONS	64 
#define MAX_IMPORTS		64 
 
// File Struct PE 
typedef struct tagFSPE 
{ 
	// control the struct version 
	INT				nSize; 
 
	INT				m_nSectionCount; 
	INT				m_nImportCount; 
	bool			m_bMZFile; 
	bool			m_bPEFile; 
 
	PIMAGE_DOS_HEADER			m_pImageDosHeader; 
	PIMAGE_FILE_HEADER			m_pFileHeader; 
	PIMAGE_OPTIONAL_HEADER32	m_pOptionalHeader; 
	PIMAGE_SECTION_HEADER		m_aSectionHeaders[MAX_SECTIONS]; 
	PIMAGE_NT_HEADERS			m_pNtHeaders; 
	PIMAGE_IMPORT_DESCRIPTOR	m_aImportDescriptors[MAX_IMPORTS]; 
	PIMAGE_EXPORT_DIRECTORY		m_pExportDirectory; 
	PIMAGE_RESOURCE_DIRECTORY	m_pResourceDirectory; 
 
	// common use 
	LPBYTE						m_pEntryPoint; 
}FSPE, *PFSPE;