windows deep internals: CfgMgr32.dll!CM_Register_Notification registered callbacks

Declaration of CM_Register_Notification:

CMAPI CONFIGRET CM_Register_Notification(
  PCM_NOTIFY_FILTER   pFilter,
  PVOID               pContext,
  PCM_NOTIFY_CALLBACK pCallback,
  PHCMNOTIFICATION    pNotifyContext
);

It`s easy to recover structures stored in EventSystemClientList:

field	32bit offset	64bit offset
WORD - signature 0xF097	0	0
LIST_ENTRY	0xC	0x18
CM_NOTIFY_FILTER	0x24	0x40
pCallback	0x1c4	0x1e0

sample of output on windows w10 build 18898:

cfgmgr32.dll!EventSystemClientList at 00007FFA577A6810: 000001A570E25718
 client[0] callback 00007FFA564F95B0 C:\Windows\SYSTEM32\umpoext.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {4D1E55B2-F16F-11CF-88CB-001111000030} (DEVINTERFACE_HID)
 client[1] callback 00007FFA564FEDE0 C:\Windows\SYSTEM32\umpoext.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {45BD8344-7ED6-49CF-A440-C276C933B053} (DEVICE_ENERGY_METER)
 client[2] callback 00007FFA564FEDE0 C:\Windows\SYSTEM32\umpoext.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {E849804E-C719-43D8-AC88-96B894C191E2} (DEVICE_POWER_METER)
 client[3] callback 00007FFA58906710 C:\Windows\System32\sechost.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {1CA05180-A699-450A-9A0C-DE4FBE3DDD89} (DISPLAY_DEVICE_ARVIVAL)
 client[4] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {0850302A-B344-4FDA-9BE9-90576B8D46F0} (BTHPORT_DEVICE_INTERFACE)
 client[5] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {0850302A-B344-4FDA-9BE9-90576B8D46F0} (BTHPORT_DEVICE_INTERFACE)
 client[6] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {0850302A-B344-4FDA-9BE9-90576B8D46F0} (BTHPORT_DEVICE_INTERFACE)
 client[7] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {50DD5230-BA8A-11D1-BF5D-0000F805F530} (DEVINTERFACE_SMARTCARD_READER)
 client[8] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {121D8161-866D-4A24-BA58-9058940C0D47}
 client[9] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {97F115C8-599A-4153-8894-D2D12899918A} (SENSOR_TYPE_AMBIENT_LIGHT)
 client[10] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {A7029AAC-77DD-4DDD-959B-054F5574F4FB}
 client[11] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {DB524086-BA90-4E1E-BE42-894E94ECF289}
 client[12] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {E5323777-F976-4F5B-9B55-B94699C46E44} (KSCATEGORY_VIDEO_CAMERA)
 client[13] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {24E552D7-6523-47F7-A647-D3465BF1F5CA} (KSCATEGORY_SENSOR_CAMERA)
 client[14] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {4D1E55B2-F16F-11CF-88CB-001111000030} (DEVINTERFACE_HID)
 client[15] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {3336E5E4-018A-4669-84C5-BD05F3BD368B} (DEVINTERFACE_GNSS)
 client[16] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {00F40965-E89D-4487-9890-87C3ABB211F4} (BTH_DEVICE_INTERFACE)
 client[17] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {50DD5230-BA8A-11D1-BF5D-0000F805F530} (DEVINTERFACE_SMARTCARD_READER)
 client[18] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {121D8161-866D-4A24-BA58-9058940C0D47}
 client[19] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {C2FB0F5F-E2D2-4C78-BCD0-352A9582819D} (SENSOR_TYPE_ACCELEROMETER_3D)
 client[20] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {17A665C0-9063-4216-B202-5C7A255E18CE} (SENSOR_CATEGORY_LIGHT)
 client[21] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {CA19690F-A2C7-477D-A99E-99EC6E2B5648} (SENSOR_CATEGORY_BIOMETRIC)
 client[22] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {CD09DAF1-3B2E-4C3D-B598-B5E5FF93FD46} (SENSOR_CATEGORY_MOTION)
 client[23] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {C2FB0F5F-E2D2-4C78-BCD0-352A9582819D} (SENSOR_TYPE_ACCELEROMETER_3D)
 client[24] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {4F40006F-B933-4550-B532-2B58CEE614D3}
 client[25] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {34D14BE3-DEE4-41C8-9AE7-6B174977C192} (HV_FCOPY_GUID)
 client[26] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {57164F39-9115-4E78-AB55-382F3BD5422D}
 client[27] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {A9A0F4E7-5A45-4D96-B827-8A841E8C03E6}
 client[28] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {276AACF4-AC15-426C-98DD-7521AD3F01FE}
 client[29] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {0E0B6031-5213-4934-818B-38D90CED39DB} (HV_SHUTDOWN_GUID)
 client[30] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {9527E630-D0AE-497B-ADCE-E80AB0175CAF}
 client[31] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {999E53D4-3D5C-4C3E-8779-BED06EC056E1} (HV_GUID_VM_SESSION_SERVICE_ID)
 client[32] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {35FA2E29-EA23-4236-96AE-3A6EBACBA440}
 client[33] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {53F56307-B6BF-11D0-94F2-00A0C91EFB8B} (DEVINTERFACE_DISK)
 client[34] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {C1E9BC6D-1DAE-421A-9369-CC7FF0D6E359} (DEVINTERFACE_BUSENUM_MTPBTH)
 client[35] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {0850302A-B344-4FDA-9BE9-90576B8D46F0} (BTHPORT_DEVICE_INTERFACE)
 client[36] callback 00007FFA53AF7F00 c:\windows\system32\systemeventsbrokerserver.dll
  CM_NOTIFY_FILTER.FilterType: 0
  CM_NOTIFY_FILTER.Flags:      0
  DeviceInterface: {4D1E55B2-F16F-11CF-88CB-001111000030} (DEVINTERFACE_HID)

windows deep internals

пятница, 31 мая 2019 г.

CfgMgr32.dll!CM_Register_Notification registered callbacks

Комментариев нет:

Отправить комментарий

пятница, 31 мая 2019 г.

CfgMgr32.dll!CM_Register_Notification registered callbacks

Комментариев нет:

Отправить комментарий

пятница, 31 мая 2019 г.