]、。·ˉˇ¨〃々—~‖…’”〕〉》」』〗】∶!"'),.:;?]` 我这里有FileMon的源程序,你需要可以问我要,
不过这个问题只有10分.......
The heart of Filemon is in the virtual device driver, Filevxd.vxd. It is dynamically loaded, and in its initialization it installs a file system filter via
the VxD service, IFSMGR_InstallFileSystemApiHook, to insert itself onto the call chain of all file system requests.
When Filemon sees an open, create or close call, it updates an internal hash table that serves as the mapping between internal file handles
and file path names. Whenever it sees calls that are handle based, it looks up the handle in the hash table to obtain the full name for
display. If a handle-based access references a file opened before Filemon started, Filemon will fail to find the mapping in it hash table and
will simply present the handle's value instead.
Information on accesses is dumped into an ASCII buffer that is periodically copied up to the GUI for it to print in its listbox