Главная
Delphi Faq
базы даных
графика и игры
интернет и сеть
компоненты и классы
мультимедиа
ос и железо
программа и интерфейс
рабочий стол
синтаксис
технологии
файловая система
 
 



на главную
Получить список загруженных драйверов под NT
{
This code takes advantage of the undocumented NtQuerySystemInformation
API to obtain a list of loaded drivers under Windows NT.

Dieser Code verwendet die undokumentiere NtQuerySystemInformation API Funktion
um eine Liste aller geladenen Treiber unter Windows NT zu ermitteln.
}

const
DRIVER_INFORMATION = 11;

type
TPDWord = ^DWORD;

TDriverInfo = packed record
Address: Pointer;
Unknown1: DWORD;
Unknown2: DWORD;
EntryIndex: DWORD;
Unknown4: DWORD;
Name: array [0..MAX_PATH + 3] of Char;
end;

var
NtQuerySystemInformation: function (infoClass: DWORD;
buffer: Pointer;
bufSize: DWORD;
returnSize: TPDword): DWORD; stdcall = nil;

function GetDriverInfo: string;
var
temp, Index, numBytes, numEntries: DWORD;
buf: TPDword;
driverInfo: ^TDriverInfo;
begin
if @NtQuerySystemInformation = nil then
NtQuerySystemInformation := GetProcAddress(GetModuleHandle('ntdll.dll'),
'NtQuerySystemInformation');

// Obtain required buffer size
NtQuerySystemInformation(DRIVER_INFORMATION, @temp, 0, @numBytes);
// Allocate buffer
buf := AllocMem(numBytes * 2);

NtQuerySystemInformation(DRIVER_INFORMATION, buf, numBytes * 2, @numBytes);
numEntries := buf^;
driverInfo := Pointer(DWORD(buf) + 12);
Result := '';
for Index := 1 to numEntries do
begin
Result := Result + #0$D#0$A+'Address: $' + IntToHex(DWORD(driverInfo^.Address), 8) +
'Name: "' + (driverInfo^.Name) + '"';
Inc(driverInfo);
end;
Delete(Result, 1, 2);
FreeMem(buf);
end;

procedure TForm1.Button1Click(Sender: TObject);
begin
ListBox1.Items.Add(GetDriverInfo)
end;


// Thanks to Madshi for helping me translate from C++ Code
// Original Code (C++) :
// NtDriverList v1.0
// Copyright 1998, 1999 Yariv Kaplan
// WWW.INTERNALS.COM