PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
pe_sieve_return_codes.h
Go to the documentation of this file.
1
5
6#pragma once
7
8// return codes for PE-sieve.exe:
t_pesieve_res
t_pesieve_res
Definition pe_sieve_return_codes.h:9
PESIEVE_NOT_DETECTED
@ PESIEVE_NOT_DETECTED
the process was scanned successfuly, and NO suspicious indicators are detected
Definition pe_sieve_return_codes.h:12
PESIEVE_DETECTED
@ PESIEVE_DETECTED
the process was scanned successfuly, and some suspicious indicators are detected
Definition pe_sieve_return_codes.h:13
PESIEVE_ERROR
@ PESIEVE_ERROR
the scan has failed, PE-sieve returned an error
Definition pe_sieve_return_codes.h:10
PESIEVE_INFO
@ PESIEVE_INFO
PE-sieve was deployed in the info mode (i.e. displaying help)
Definition pe_sieve_return_codes.h:11
Generated by doxygen 1.13.2