学步园

作为一个杀毒软件，必须扫描所有的驱动，才能检测到所有的驱动层病毒！

微软的.net framework4.0提供了关于驱动访问的类，

启动VS2010，

创建一个CLR工程如下

 

 

具体核心代码如下，详情见代码注释

 

#pragma once</p> <p>namespace yincheng {</p> <p> using namespace System;<br /> using namespace System::ComponentModel;<br /> using namespace System::Collections;<br /> using namespace System::Windows::Forms;<br /> using namespace System::Data;<br /> using namespace System::Drawing;</p> <p> /// <summary><br /> /// Form1 摘要<br /> ///<br /> /// 警告: 如果更改此类的名称，则需要更改<br /> /// 与此类所依赖的所有 .resx 文件关联的托管资源编译器工具的<br /> /// “资源文件名”属性。否则，<br /> /// 设计器将不能与此窗体的关联<br /> /// 本地化资源正确交互。<br /> /// </summary><br /> public ref class Form1 : public System::Windows::Forms::Form<br /> {<br /> public:<br /> Form1(void)<br /> {<br /> InitializeComponent();<br /> //<br /> //TODO: 在此处添加构造函数代码<br /> //<br /> }</p> <p> protected:<br /> /// <summary><br /> /// 清理所有正在使用的资源。<br /> /// </summary><br /> ~Form1()<br /> {<br /> if (components)<br /> {<br /> delete components;<br /> }<br /> }</p> <p> protected:<br /> private: System::ServiceProcess::ServiceController^ serviceController1;<br /> private: System::Windows::Forms::Button^ button1;<br /> private: System::Windows::Forms::Button^ button2;<br /> private: System::Windows::Forms::Button^ button3;<br /> private: System::Windows::Forms::Button^ button4;<br /> private: System::Windows::Forms::ListView^ listView1;<br /> private: System::Windows::Forms::ColumnHeader^ columnHeader1;<br /> private: System::Windows::Forms::ColumnHeader^ columnHeader2;<br /> private: System::Windows::Forms::ColumnHeader^ columnHeader3;</p> <p> private:<br /> /// <summary><br /> /// 必需的设计器变量。<br /> /// </summary><br /> System::ComponentModel::Container ^components;</p> <p>#pragma region Windows Form Designer generated code<br /> /// <summary><br /> /// 设计器支持所需的方法 - 不要<br /> /// 使用代码编辑器修改此方法的内容。<br /> /// </summary><br /> void InitializeComponent(void)<br /> {<br /> this->serviceController1 = (gcnew System::ServiceProcess::ServiceController());<br /> this->button1 = (gcnew System::Windows::Forms::Button());<br /> this->button2 = (gcnew System::Windows::Forms::Button());<br /> this->button3 = (gcnew System::Windows::Forms::Button());<br /> this->button4 = (gcnew System::Windows::Forms::Button());<br /> this->listView1 = (gcnew System::Windows::Forms::ListView());<br /> this->columnHeader1 = (gcnew System::Windows::Forms::ColumnHeader());<br /> this->columnHeader2 = (gcnew System::Windows::Forms::ColumnHeader());<br /> this->columnHeader3 = (gcnew System::Windows::Forms::ColumnHeader());<br /> this->SuspendLayout();<br /> //<br /> // button1<br /> //<br /> this->button1->Location = System::Drawing::Point(5, 2);<br /> this->button1->Name = L"button1";<br /> this->button1->Size = System::Drawing::Size(93, 23);<br /> this->button1->TabIndex = 1;<br /> this->button1->Text = L"获取驱动程序";<br /> this->button1->UseVisualStyleBackColor = true;<br /> this->button1->Click += gcnew System::EventHandler(this, &Form1::button1_Click);<br /> //<br /> // button2<br /> //<br /> this->button2->Location = System::Drawing::Point(102, 2);<br /> this->button2->Name = L"button2";<br /> this->button2->Size = System::Drawing::Size(93, 23);<br /> this->button2->TabIndex = 2;<br /> this->button2->Text = L"启动驱动程序";<br /> this->button2->UseVisualStyleBackColor = true;<br /> this->button2->Click += gcnew System::EventHandler(this, &Form1::button2_Click);<br /> //<br /> // button3<br /> //<br /> this->button3->Location = System::Drawing::Point(199, 2);<br /> this->button3->Name = L"button3";<br /> this->button3->Size = System::Drawing::Size(93, 23);<br /> this->button3->TabIndex = 3;<br /> this->button3->Text = L"暂停驱动程序";<br /> this->button3->UseVisualStyleBackColor = true;<br /> this->button3->Click += gcnew System::EventHandler(this, &Form1::button3_Click);<br /> //<br /> // button4<br /> //<br /> this->button4->Location = System::Drawing::Point(296, 2);<br /> this->button4->Name = L"button4";<br /> this->button4->Size = System::Drawing::Size(93, 23);<br /> this->button4->TabIndex = 4;<br /> this->button4->Text = L"停止驱动程序";<br /> this->button4->UseVisualStyleBackColor = true;<br /> this->button4->Click += gcnew System::EventHandler(this, &Form1::button4_Click);<br /> //<br /> // listView1<br /> //<br /> this->listView1->Anchor = static_cast<System::Windows::Forms::AnchorStyles>((((System::Windows::Forms::AnchorStyles::Top | System::Windows::Forms::AnchorStyles::Bottom)<br /> | System::Windows::Forms::AnchorStyles::Left)<br /> | System::Windows::Forms::AnchorStyles::Right));<br /> this->listView1->Columns->AddRange(gcnew cli::array< System::Windows::Forms::ColumnHeader^ >(3) {this->columnHeader1, this->columnHeader2,<br /> this->columnHeader3});<br /> this->listView1->FullRowSelect = true;<br /> this->listView1->GridLines = true;<br /> this->listView1->Location = System::Drawing::Point(5, 28);<br /> this->listView1->Name = L"listView1";<br /> this->listView1->Size = System::Drawing::Size(1158, 319);<br /> this->listView1->TabIndex = 5;<br /> this->listView1->UseCompatibleStateImageBehavior = false;<br /> this->listView1->View = System::Windows::Forms::View::Details;<br /> //<br /> // columnHeader1<br /> //<br /> this->columnHeader1->Text = L"　驱动程序名称";<br /> this->columnHeader1->Width = 110;<br /> //<br /> // columnHeader2<br /> //<br /> this->columnHeader2->Text = L"　驱动程序显示说明";<br /> this->columnHeader2->Width = 140;<br /> //<br /> // columnHeader3<br /> //<br /> this->columnHeader3->Text = L" 　 驱动程序状态";<br /> this->columnHeader3->Width = 180;<br /> //<br /> // Form1<br /> //<br /> this->AutoScaleDimensions = System::Drawing::SizeF(6, 12);<br /> this->AutoScaleMode = System::Windows::Forms::AutoScaleMode::Font;<br /> this->ClientSize = System::Drawing::Size(1166, 349);<br /> this->Controls->Add(this->listView1);<br /> this->Controls->Add(this->button4);<br /> this->Controls->Add(this->button3);<br /> this->Controls->Add(this->button2);<br /> this->Controls->Add(this->button1);<br /> this->Name = L"Form1";<br /> this->StartPosition = System::Windows::Forms::FormStartPosition::CenterScreen;<br /> this->Text = L"演示windows7下启动停止系统驱动程序-CSDN著名技术专家尹成的杰作";<br /> this->Load += gcnew System::EventHandler(this, &Form1::Form1_Load);<br /> this->ResumeLayout(false);</p> <p> }<br /> #pragma endregion<br /> //获取驱动程序<br /> private: System::Void button1_Click(System::Object^ sender, System::EventArgs^ e) {<br /> array<System::ServiceProcess::ServiceController^>^ MyServices;<br /> int i;<br /> array<String^>^ MyItems=gcnew array<String^>(3);<br /> System::ServiceProcess::ServiceController^ MyService;<br /> this->listView1->Items->Clear();<br /> MyServices=this->serviceController1->GetDevices();<br /> for(i=0;i<MyServices->Length;i++)<br /> {<br /> MyItems[0]=MyServices[i]->ServiceName;<br /> MyItems[1]=MyServices[i]->DisplayName;<br /> switch(MyServices[i]->Status)<br /> {<br /> case System::ServiceProcess::ServiceControllerStatus::ContinuePending:<br /> MyItems[2]="服务即将继续";<br /> break;<br /> case System::ServiceProcess::ServiceControllerStatus::Paused:<br /> MyItems[2]="服务已暂停";<br /> break;<br /> case System::ServiceProcess::ServiceControllerStatus::PausePending:<br /> MyItems[2]="服务即将暂停";<br /> break;<br /> case System::ServiceProcess::ServiceControllerStatus::Running:<br /> MyItems[2]="服务正在运行";<br /> break;<br /> case System::ServiceProcess::ServiceControllerStatus::StartPending:<br /> MyItems[2]="服务正在启动";<br /> break;<br /> case System::ServiceProcess::ServiceControllerStatus::Stopped:<br /> MyItems[2]="服务未运行";<br /> break;<br /> case System::ServiceProcess::ServiceControllerStatus::StopPending:<br /> MyItems[2]="服务正在停止";<br /> break;<br /> }<br /> this->listView1->Items->Add(gcnew ListViewItem(MyItems));<br /> }<br /> }<br /> //启动驱动程序<br /> private: System::Void button2_Click(System::Object^ sender, System::EventArgs^ e) {<br /> String^ MyName;<br /> System::ServiceProcess::ServiceController^ MyService;<br /> try<br /> {<br /> MyName=this->listView1->SelectedItems[0]->SubItems[0]->Text;<br /> MyService=gcnew System::ServiceProcess::ServiceController(MyName);<br /> if(MyService->Status==System::ServiceProcess::ServiceControllerStatus:: Stopped)<br /> {<br /> MyService->Start();<br /> this->button1_Click(nullptr,nullptr);<br /> }<br /> else<br /> MessageBox::Show("该驱动程序不能被启动","信息提示",MessageBoxButtons::OK, MessageBoxIcon::Information);<br /> }<br /> catch(Exception^ MyEx)<br /> {<br /> MessageBox::Show(MyEx->Message,"信息提示",MessageBoxButtons::OK, MessageBoxIcon::Information);<br /> }<br /> }<br /> //暂停驱动程序<br /> private: System::Void button3_Click(System::Object^ sender, System::EventArgs^ e) {<br /> String^ MyName;<br /> System::ServiceProcess::ServiceController^ MyService;<br /> try<br /> {<br /> MyName=this->listView1->SelectedItems[0]->SubItems[0]->Text;<br /> MyService=gcnew System::ServiceProcess::ServiceController(MyName);<br /> if(MyService->Status==System::ServiceProcess::ServiceControllerStatus:: Running)<br /> {<br /> MyService->Pause();<br /> this->button1_Click(nullptr,nullptr);<br /> }<br /> else<br /> MessageBox::Show("该驱动程序不能被暂停","信息提示",MessageBoxButtons::OK, MessageBoxIcon::Information);<br /> }<br /> catch(Exception^ MyEx)<br /> {<br /> MessageBox::Show(MyEx->Message,"信息提示",MessageBoxButtons::OK, MessageBoxIcon::Information);<br /> }<br /> }<br /> //停止驱动程序<br /> private: System::Void button4_Click(System::Object^ sender, System::EventArgs^ e) {<br /> String^ MyName;<br /> System::ServiceProcess::ServiceController^ MyService;<br /> try<br /> {<br /> MyName=this->listView1->SelectedItems[0]->SubItems[0]->Text;<br /> MyService=gcnew System::ServiceProcess::ServiceController(MyName);<br /> if(MyService->Status==System::ServiceProcess::ServiceControllerStatus:: Running)<br /> {<br /> MyService->Stop();<br /> this->button1_Click(nullptr,nullptr);<br /> }<br /> else<br /> MessageBox::Show("该驱动程序不能被停止","信息提示",MessageBoxButtons::OK, MessageBoxIcon::Information);<br /> }<br /> catch(Exception^ MyEx)<br /> {<br /> MessageBox::Show(MyEx->Message,"信息提示",MessageBoxButtons::OK, MessageBoxIcon::Information);<br /> }<br /> }<br /> private: System::Void Form1_Load(System::Object^ sender, System::EventArgs^ e) {<br /> }<br /> };<br /> }</p> <p>

 

 

具体运行效果如下