1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
|
::windows_targets::link!("amsi.dll" "system" fn AmsiCloseSession(amsicontext : HAMSICONTEXT, amsisession : HAMSISESSION) -> ());
::windows_targets::link!("amsi.dll" "system" fn AmsiInitialize(appname : ::windows_sys::core::PCWSTR, amsicontext : *mut HAMSICONTEXT) -> ::windows_sys::core::HRESULT);
::windows_targets::link!("amsi.dll" "system" fn AmsiNotifyOperation(amsicontext : HAMSICONTEXT, buffer : *const ::core::ffi::c_void, length : u32, contentname : ::windows_sys::core::PCWSTR, result : *mut AMSI_RESULT) -> ::windows_sys::core::HRESULT);
::windows_targets::link!("amsi.dll" "system" fn AmsiOpenSession(amsicontext : HAMSICONTEXT, amsisession : *mut HAMSISESSION) -> ::windows_sys::core::HRESULT);
::windows_targets::link!("amsi.dll" "system" fn AmsiScanBuffer(amsicontext : HAMSICONTEXT, buffer : *const ::core::ffi::c_void, length : u32, contentname : ::windows_sys::core::PCWSTR, amsisession : HAMSISESSION, result : *mut AMSI_RESULT) -> ::windows_sys::core::HRESULT);
::windows_targets::link!("amsi.dll" "system" fn AmsiScanString(amsicontext : HAMSICONTEXT, string : ::windows_sys::core::PCWSTR, contentname : ::windows_sys::core::PCWSTR, amsisession : HAMSISESSION, result : *mut AMSI_RESULT) -> ::windows_sys::core::HRESULT);
::windows_targets::link!("amsi.dll" "system" fn AmsiUninitialize(amsicontext : HAMSICONTEXT) -> ());
#[cfg(feature = "Win32_Foundation")]
::windows_targets::link!("kernel32.dll" "system" #[doc = "Required features: `\"Win32_Foundation\"`"] fn InstallELAMCertificateInfo(elamfile : super::super::Foundation:: HANDLE) -> super::super::Foundation:: BOOL);
pub type IAmsiStream = *mut ::core::ffi::c_void;
pub type IAntimalware = *mut ::core::ffi::c_void;
pub type IAntimalware2 = *mut ::core::ffi::c_void;
pub type IAntimalwareProvider = *mut ::core::ffi::c_void;
pub type IAntimalwareProvider2 = *mut ::core::ffi::c_void;
pub type IAntimalwareUacProvider = *mut ::core::ffi::c_void;
pub const AMSI_ATTRIBUTE_ALL_ADDRESS: AMSI_ATTRIBUTE = 8i32;
pub const AMSI_ATTRIBUTE_ALL_SIZE: AMSI_ATTRIBUTE = 7i32;
pub const AMSI_ATTRIBUTE_APP_NAME: AMSI_ATTRIBUTE = 0i32;
pub const AMSI_ATTRIBUTE_CONTENT_ADDRESS: AMSI_ATTRIBUTE = 3i32;
pub const AMSI_ATTRIBUTE_CONTENT_NAME: AMSI_ATTRIBUTE = 1i32;
pub const AMSI_ATTRIBUTE_CONTENT_SIZE: AMSI_ATTRIBUTE = 2i32;
pub const AMSI_ATTRIBUTE_QUIET: AMSI_ATTRIBUTE = 9i32;
pub const AMSI_ATTRIBUTE_REDIRECT_CHAIN_ADDRESS: AMSI_ATTRIBUTE = 6i32;
pub const AMSI_ATTRIBUTE_REDIRECT_CHAIN_SIZE: AMSI_ATTRIBUTE = 5i32;
pub const AMSI_ATTRIBUTE_SESSION: AMSI_ATTRIBUTE = 4i32;
pub const AMSI_RESULT_BLOCKED_BY_ADMIN_END: AMSI_RESULT = 20479i32;
pub const AMSI_RESULT_BLOCKED_BY_ADMIN_START: AMSI_RESULT = 16384i32;
pub const AMSI_RESULT_CLEAN: AMSI_RESULT = 0i32;
pub const AMSI_RESULT_DETECTED: AMSI_RESULT = 32768i32;
pub const AMSI_RESULT_NOT_DETECTED: AMSI_RESULT = 1i32;
pub const AMSI_UAC_MSI_ACTION_INSTALL: AMSI_UAC_MSI_ACTION = 0i32;
pub const AMSI_UAC_MSI_ACTION_MAINTENANCE: AMSI_UAC_MSI_ACTION = 3i32;
pub const AMSI_UAC_MSI_ACTION_MAX: AMSI_UAC_MSI_ACTION = 4i32;
pub const AMSI_UAC_MSI_ACTION_UNINSTALL: AMSI_UAC_MSI_ACTION = 1i32;
pub const AMSI_UAC_MSI_ACTION_UPDATE: AMSI_UAC_MSI_ACTION = 2i32;
pub const AMSI_UAC_REQUEST_TYPE_AX: AMSI_UAC_REQUEST_TYPE = 3i32;
pub const AMSI_UAC_REQUEST_TYPE_COM: AMSI_UAC_REQUEST_TYPE = 1i32;
pub const AMSI_UAC_REQUEST_TYPE_EXE: AMSI_UAC_REQUEST_TYPE = 0i32;
pub const AMSI_UAC_REQUEST_TYPE_MAX: AMSI_UAC_REQUEST_TYPE = 5i32;
pub const AMSI_UAC_REQUEST_TYPE_MSI: AMSI_UAC_REQUEST_TYPE = 2i32;
pub const AMSI_UAC_REQUEST_TYPE_PACKAGED_APP: AMSI_UAC_REQUEST_TYPE = 4i32;
pub const AMSI_UAC_TRUST_STATE_BLOCKED: AMSI_UAC_TRUST_STATE = 2i32;
pub const AMSI_UAC_TRUST_STATE_MAX: AMSI_UAC_TRUST_STATE = 3i32;
pub const AMSI_UAC_TRUST_STATE_TRUSTED: AMSI_UAC_TRUST_STATE = 0i32;
pub const AMSI_UAC_TRUST_STATE_UNTRUSTED: AMSI_UAC_TRUST_STATE = 1i32;
pub const CAntimalware: ::windows_sys::core::GUID = ::windows_sys::core::GUID::from_u128(0xfdb00e52_a214_4aa1_8fba_4357bb0072ec);
pub type AMSI_ATTRIBUTE = i32;
pub type AMSI_RESULT = i32;
pub type AMSI_UAC_MSI_ACTION = i32;
pub type AMSI_UAC_REQUEST_TYPE = i32;
pub type AMSI_UAC_TRUST_STATE = i32;
#[repr(C)]
pub struct AMSI_UAC_REQUEST_AX_INFO {
pub ulLength: u32,
pub lpwszLocalInstallPath: ::windows_sys::core::PWSTR,
pub lpwszSourceURL: ::windows_sys::core::PWSTR,
}
impl ::core::marker::Copy for AMSI_UAC_REQUEST_AX_INFO {}
impl ::core::clone::Clone for AMSI_UAC_REQUEST_AX_INFO {
fn clone(&self) -> Self {
*self
}
}
#[repr(C)]
pub struct AMSI_UAC_REQUEST_COM_INFO {
pub ulLength: u32,
pub lpwszServerBinary: ::windows_sys::core::PWSTR,
pub lpwszRequestor: ::windows_sys::core::PWSTR,
pub Clsid: ::windows_sys::core::GUID,
}
impl ::core::marker::Copy for AMSI_UAC_REQUEST_COM_INFO {}
impl ::core::clone::Clone for AMSI_UAC_REQUEST_COM_INFO {
fn clone(&self) -> Self {
*self
}
}
#[repr(C)]
#[doc = "Required features: `\"Win32_Foundation\"`"]
#[cfg(feature = "Win32_Foundation")]
pub struct AMSI_UAC_REQUEST_CONTEXT {
pub ulLength: u32,
pub ulRequestorProcessId: u32,
pub UACTrustState: AMSI_UAC_TRUST_STATE,
pub Type: AMSI_UAC_REQUEST_TYPE,
pub RequestType: AMSI_UAC_REQUEST_CONTEXT_0,
pub bAutoElevateRequest: super::super::Foundation::BOOL,
}
#[cfg(feature = "Win32_Foundation")]
impl ::core::marker::Copy for AMSI_UAC_REQUEST_CONTEXT {}
#[cfg(feature = "Win32_Foundation")]
impl ::core::clone::Clone for AMSI_UAC_REQUEST_CONTEXT {
fn clone(&self) -> Self {
*self
}
}
#[repr(C)]
#[doc = "Required features: `\"Win32_Foundation\"`"]
#[cfg(feature = "Win32_Foundation")]
pub union AMSI_UAC_REQUEST_CONTEXT_0 {
pub ExeInfo: AMSI_UAC_REQUEST_EXE_INFO,
pub ComInfo: AMSI_UAC_REQUEST_COM_INFO,
pub MsiInfo: AMSI_UAC_REQUEST_MSI_INFO,
pub ActiveXInfo: AMSI_UAC_REQUEST_AX_INFO,
pub PackagedAppInfo: AMSI_UAC_REQUEST_PACKAGED_APP_INFO,
}
#[cfg(feature = "Win32_Foundation")]
impl ::core::marker::Copy for AMSI_UAC_REQUEST_CONTEXT_0 {}
#[cfg(feature = "Win32_Foundation")]
impl ::core::clone::Clone for AMSI_UAC_REQUEST_CONTEXT_0 {
fn clone(&self) -> Self {
*self
}
}
#[repr(C)]
pub struct AMSI_UAC_REQUEST_EXE_INFO {
pub ulLength: u32,
pub lpwszApplicationName: ::windows_sys::core::PWSTR,
pub lpwszCommandLine: ::windows_sys::core::PWSTR,
pub lpwszDLLParameter: ::windows_sys::core::PWSTR,
}
impl ::core::marker::Copy for AMSI_UAC_REQUEST_EXE_INFO {}
impl ::core::clone::Clone for AMSI_UAC_REQUEST_EXE_INFO {
fn clone(&self) -> Self {
*self
}
}
#[repr(C)]
pub struct AMSI_UAC_REQUEST_MSI_INFO {
pub ulLength: u32,
pub MsiAction: AMSI_UAC_MSI_ACTION,
pub lpwszProductName: ::windows_sys::core::PWSTR,
pub lpwszVersion: ::windows_sys::core::PWSTR,
pub lpwszLanguage: ::windows_sys::core::PWSTR,
pub lpwszManufacturer: ::windows_sys::core::PWSTR,
pub lpwszPackagePath: ::windows_sys::core::PWSTR,
pub lpwszPackageSource: ::windows_sys::core::PWSTR,
pub ulUpdates: u32,
pub ppwszUpdates: *mut ::windows_sys::core::PWSTR,
pub ppwszUpdateSources: *mut ::windows_sys::core::PWSTR,
}
impl ::core::marker::Copy for AMSI_UAC_REQUEST_MSI_INFO {}
impl ::core::clone::Clone for AMSI_UAC_REQUEST_MSI_INFO {
fn clone(&self) -> Self {
*self
}
}
#[repr(C)]
pub struct AMSI_UAC_REQUEST_PACKAGED_APP_INFO {
pub ulLength: u32,
pub lpwszApplicationName: ::windows_sys::core::PWSTR,
pub lpwszCommandLine: ::windows_sys::core::PWSTR,
pub lpPackageFamilyName: ::windows_sys::core::PWSTR,
pub lpApplicationId: ::windows_sys::core::PWSTR,
}
impl ::core::marker::Copy for AMSI_UAC_REQUEST_PACKAGED_APP_INFO {}
impl ::core::clone::Clone for AMSI_UAC_REQUEST_PACKAGED_APP_INFO {
fn clone(&self) -> Self {
*self
}
}
pub type HAMSICONTEXT = isize;
pub type HAMSISESSION = isize;
|
