www.gusucode.com > VC++ 系统进程管理器源码-源码程序 > VC++ 系统进程管理器源码-源码程序/code/Src_EvilSword/KernelEnum.cpp
//Download by http://www.NewXing.com
// KernelEnum.cpp : implementation file
//
#include "stdafx.h"
#include "EvilSword.h"
#include "KernelEnum.h"
#include <Psapi.h>
#include "resource.h"
#pragma comment ( lib, "psapi.lib" )
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
/////////////////////////////////////////////////////////////////////////////
// CKernelEnum dialog
CKernelEnum::CKernelEnum(CWnd* pParent /*=NULL*/)
: CDialog(CKernelEnum::IDD, pParent)
{
//{{AFX_DATA_INIT(CKernelEnum)
// NOTE: the ClassWizard will add member initialization here
//}}AFX_DATA_INIT
}
void CKernelEnum::DoDataExchange(CDataExchange* pDX)
{
CDialog::DoDataExchange(pDX);
//{{AFX_DATA_MAP(CKernelEnum)
DDX_Control(pDX, IDC_LIST1, m_kernel);
//}}AFX_DATA_MAP
}
BEGIN_MESSAGE_MAP(CKernelEnum, CDialog)
//{{AFX_MSG_MAP(CKernelEnum)
ON_WM_SHOWWINDOW()
ON_NOTIFY(NM_RCLICK, IDC_LIST1, OnRclickList1)
ON_COMMAND(ID_UPDATE, OnUpdate)
//}}AFX_MSG_MAP
END_MESSAGE_MAP()
/////////////////////////////////////////////////////////////////////////////
// CKernelEnum message handlers
BOOL CKernelEnum::OnInitDialog()
{
CDialog::OnInitDialog();
// TODO: Add extra initialization here
m_kernel.InsertColumn(0,"驱动名");
m_kernel.InsertColumn(1,"基地址");
m_kernel.InsertColumn(2,"驱动路径");
//设置样式让其有表格
m_kernel.SetExtendedStyle(m_kernel.GetExtendedStyle()|LVS_EX_FULLROWSELECT|LVS_EX_GRIDLINES);
return TRUE; // return TRUE unless you set the focus to a control
// EXCEPTION: OCX Property Pages should return FALSE
}
void CKernelEnum::ListKernelModules()
{
//接收返回的内核驱动的基地址
LPVOID pImageBase[400];
//接收返回的字节数
DWORD nReturn=0;
//枚举设备驱动
BOOL isSuccess=EnumDeviceDrivers(pImageBase,sizeof(pImageBase),&nReturn);
if (isSuccess==0)
{
AfxMessageBox(TEXT("驱动枚举失败"));
return;
}
//格式化驱动加载基址
CString szText;
//筛选不合格的地址
static int nNum=0;
//nReturn/sizeof(LPVOID)为驱动枚举的个数
for (UINT i=0;i<((nReturn)/sizeof(LPVOID));i++)
{
//筛选内核地址
if (pImageBase[i]<(LPVOID)0x80000000)
{
nNum++;
continue;
}
//接收驱动名
char szDriverName[100];
//接收路径 最大为260
char szDriverFilePath[MAX_PATH];
//得到驱动名
GetDeviceDriverBaseName(pImageBase[i],szDriverName,100);
m_kernel.InsertItem(i,szDriverName);
//基地址
szText.Format("0x%08X",pImageBase[i]);
m_kernel.SetItemText(i,1,szText);
//得到驱动的路径
GetDeviceDriverFileName(pImageBase[i],szDriverFilePath,MAX_PATH);
m_kernel.SetItemText(i,2,szDriverFilePath);
}
szText.Format("当前驱动数为: %d",(nReturn)/sizeof(LPVOID)-nNum);
nNum=0;
//显示进程数
::SetDlgItemText(AfxGetMainWnd()->m_hWnd,STATIC_TISHI,szText);
}
void CKernelEnum::OnShowWindow(BOOL bShow, UINT nStatus)
{
CDialog::OnShowWindow(bShow, nStatus);
// TODO: Add your message handler code here
//删除全部的项目 起到刷新的作用
m_kernel.DeleteAllItems();
if (bShow==TRUE)
{
//枚举内核模块
ListKernelModules();
//宽度对齐等
m_kernel.SetColumnWidth(0,LVSCW_AUTOSIZE_USEHEADER);
m_kernel.SetColumnWidth(1,LVSCW_AUTOSIZE_USEHEADER);
m_kernel.SetColumnWidth(2,LVSCW_AUTOSIZE_USEHEADER);
}
}
void CKernelEnum::OnRclickList1(NMHDR* pNMHDR, LRESULT* pResult)
{
// TODO: Add your control notification handler code here
POINT pt;
//获取鼠标光标的位置
GetCursorPos(&pt);
CMenu menu;
//加载菜单资源
menu.LoadMenu(CG_IDR_POPUP_KERNEL_ENUM);
//弹出
menu.GetSubMenu(0)->TrackPopupMenu(TPM_LEFTALIGN,pt.x,pt.y,this);
*pResult = 0;
}
void CKernelEnum::OnUpdate()
{
// TODO: Add your command handler code here
m_kernel.DeleteAllItems();
ListKernelModules();
//宽度对齐等
m_kernel.SetColumnWidth(0,LVSCW_AUTOSIZE_USEHEADER);
m_kernel.SetColumnWidth(1,LVSCW_AUTOSIZE_USEHEADER);
m_kernel.SetColumnWidth(2,LVSCW_AUTOSIZE_USEHEADER);
}