46 lines
1022 B
C++
46 lines
1022 B
C++
#pragma once
|
|
|
|
|
|
typedef LONG NTSTATUS;
|
|
typedef LONG KPRIORITY;
|
|
|
|
#define STATUS_INFO_LENGTH_MISMATCH ((NTSTATUS)0xC0000004L)
|
|
#define SystemProcessesAndThreadsInformation 5
|
|
#define ProcessImageFileName 27
|
|
|
|
typedef NTSTATUS(NTAPI* ZWQUERYINFORMATIONPROCESS)(
|
|
IN HANDLE ProcessHandle,
|
|
ULONG ProcessInformationClass,
|
|
OUT PVOID ProcessInformation,
|
|
IN ULONG ProcessInformationLength,
|
|
OUT PULONG ReturnLength OPTIONAL
|
|
);
|
|
|
|
typedef BOOL(WINAPI* fnNotifyCallBack)(BOOL bCreate, DWORD dwPid, LPWSTR Path, DWORD PathLen);
|
|
|
|
|
|
class CProcessNotify
|
|
{
|
|
public:
|
|
CProcessNotify();
|
|
virtual ~CProcessNotify();
|
|
|
|
virtual BOOL Start(DWORD nEnumInterval, BOOL bNotifyCurrent, fnNotifyCallBack cb, BOOL bOnce);
|
|
virtual BOOL Finish();
|
|
virtual BOOL OnNotify(DWORD nPid, BOOL bCreate);
|
|
BOOL FinishPrivate();
|
|
protected:
|
|
BOOL m_bOnce;
|
|
HANDLE m_hThread;
|
|
HANDLE m_hQuit;
|
|
DWORD m_nEnumInterval;
|
|
BOOL m_bNotifyCurrent;
|
|
|
|
fnNotifyCallBack m_cb;
|
|
|
|
private:
|
|
static DWORD WINAPI ProcessNotifyProc(LPVOID pArg);
|
|
DWORD StartPrivate();
|
|
|
|
};
|