PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
dll_main.cpp
Go to the documentation of this file.
1
5
6#include <windows.h>
7#include <string>
8#include <iostream>
9
10#define PESIEVE_EXPORTS
11#include <pe_sieve_api.h>
12
13BOOL WINAPI DllMain (HANDLE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
14{
15 switch (fdwReason)
16 {
17 case DLL_PROCESS_ATTACH:
18 case DLL_THREAD_ATTACH:
19 case DLL_THREAD_DETACH:
20 case DLL_PROCESS_DETACH:
21 break;
22 }
23 return TRUE;
24}
25
DllMain
BOOL WINAPI DllMain(HANDLE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
Definition dll_main.cpp:13
pe_sieve_api.h
The API: definitions of the exported elements that are accessible from PE-sieve DLL.
Generated by doxygen 1.13.2