HOOK.DLL中:static AFX_EXTENSION_MODULE LogHookDLL = { NULL, NULL };HWND g_hWnd = NULL; //接收窗口
//HHOOK g_hLogHook = NULL; //钩子变量
HINSTANCE g_hInstance = NULL; //模块实例句柄
HWND g_hLastFocus = NULL; //记录上一次得到焦点的窗口句柄#pragma data_seg("myData")
static HHOOK g_hLogHook = NULL;
#pragma data_seg()
#pragma comment(linker,"/Section:SHARD_DATA,rws")extern "C" int APIENTRY
DllMain(HINSTANCE hInstance, DWORD dwReason, LPVOID lpReserved)
{
// Remove this if you use lpReserved
UNREFERENCED_PARAMETER(lpReserved); g_hInstance = hInstance; if (dwReason == DLL_PROCESS_ATTACH)
{
TRACE0("LOGHOOK.DLL Initializing!\n");
// Extension DLL one-time initialization
if (!AfxInitExtensionModule(LogHookDLL, hInstance))
return 0; // Insert this DLL into the resource chain
// NOTE: If this Extension DLL is being implicitly linked to by
// an MFC Regular DLL (such as an ActiveX Control)
// instead of an MFC application, then you will want to
// remove this line from DllMain and put it in a separate
// function exported from this Extension DLL. The Regular DLL
// that uses this Extension DLL should then explicitly call that
// function to initialize this Extension DLL. Otherwise,
// the CDynLinkLibrary object will not be attached to the
// Regular DLL's resource chain, and serious problems will
// result. new CDynLinkLibrary(LogHookDLL);
}
else if (dwReason == DLL_PROCESS_DETACH)
{
TRACE0("LOGHOOK.DLL Terminating!\n");
// Terminate the library before destructors are called
if (g_hLogHook != NULL)
UnhookWindowsHookEx(g_hLogHook); AfxTermExtensionModule(LogHookDLL);
}
return 1; // ok
}LRESULT CALLBACK JournalLogProc(int iCode,WPARAM wParam, LPARAM lParam)
{
if (iCode< 0 )
return CallNextHookEx(g_hLogHook,iCode,wParam,lParam);
if (iCode == HC_ACTION)
{
/*EVENTMSG *pEvt=(EVENTMSG *)lParam;
HWND hFocus; //保存当前活动窗口句柄
char szTitle[256]; //当前窗口名称
*/ if(pEvt->message==WM_LBUTTONDOWN || pEvt->message ==WM_RBUTTONDOWN)
{
...
}
TRACE("%d\n",iCode);
PCWPSTRUCT pcw=(PCWPSTRUCT)lParam;
if(iCode > 0 )
{
if( pcw && pcw->hwnd && pcw->message==WM_CREATE)
{
CString strApplication;
CString strCommand=GetCommandLine();
int nnum = strCommand.ReverseFind('\\');
if(nnum!=-1)
{
strApplication=strCommand.Mid(nnum+1);
strApplication.TrimRight();
strApplication.TrimRight("\"");
}
if(strApplication==_T("notepad.exe"))
return 0;
}
} return CallNextHookEx(g_hLogHook,iCode,wParam,lParam);
}void InstallHook(HWND hWnd)
{
if(g_hLogHook==NULL)
{
g_hLogHook = SetWindowsHookEx(WH_JOURNALRECORD,
(HOOKPROC)JournalLogProc,
g_hInstance,NULL);
if( g_hLogHook)
{
}
}
g_hWnd = hWnd;
}void UnInstallHook()
{
if(g_hLogHook != NULL)
{
UnhookWindowsHookEx(g_hLogHook);
g_hLogHook=NULL;
}
}我的意思是想其他程序启动时我能捕获到启动消息,对于不想启动的程序我可以禁止启动.比如我设置了禁止打开文本,文本程序就不能启动.1,我的HOOK存在问题,对于鼠标的消息能够响应,但是其他的消息都响应不了.iCode的值一直为0.问题出在哪里?
2,禁止程序运行,有什么好的思路和实现方法.有源码更好,谢谢.[email protected]
//HHOOK g_hLogHook = NULL; //钩子变量
HINSTANCE g_hInstance = NULL; //模块实例句柄
HWND g_hLastFocus = NULL; //记录上一次得到焦点的窗口句柄#pragma data_seg("myData")
static HHOOK g_hLogHook = NULL;
#pragma data_seg()
#pragma comment(linker,"/Section:SHARD_DATA,rws")extern "C" int APIENTRY
DllMain(HINSTANCE hInstance, DWORD dwReason, LPVOID lpReserved)
{
// Remove this if you use lpReserved
UNREFERENCED_PARAMETER(lpReserved); g_hInstance = hInstance; if (dwReason == DLL_PROCESS_ATTACH)
{
TRACE0("LOGHOOK.DLL Initializing!\n");
// Extension DLL one-time initialization
if (!AfxInitExtensionModule(LogHookDLL, hInstance))
return 0; // Insert this DLL into the resource chain
// NOTE: If this Extension DLL is being implicitly linked to by
// an MFC Regular DLL (such as an ActiveX Control)
// instead of an MFC application, then you will want to
// remove this line from DllMain and put it in a separate
// function exported from this Extension DLL. The Regular DLL
// that uses this Extension DLL should then explicitly call that
// function to initialize this Extension DLL. Otherwise,
// the CDynLinkLibrary object will not be attached to the
// Regular DLL's resource chain, and serious problems will
// result. new CDynLinkLibrary(LogHookDLL);
}
else if (dwReason == DLL_PROCESS_DETACH)
{
TRACE0("LOGHOOK.DLL Terminating!\n");
// Terminate the library before destructors are called
if (g_hLogHook != NULL)
UnhookWindowsHookEx(g_hLogHook); AfxTermExtensionModule(LogHookDLL);
}
return 1; // ok
}LRESULT CALLBACK JournalLogProc(int iCode,WPARAM wParam, LPARAM lParam)
{
if (iCode< 0 )
return CallNextHookEx(g_hLogHook,iCode,wParam,lParam);
if (iCode == HC_ACTION)
{
/*EVENTMSG *pEvt=(EVENTMSG *)lParam;
HWND hFocus; //保存当前活动窗口句柄
char szTitle[256]; //当前窗口名称
*/ if(pEvt->message==WM_LBUTTONDOWN || pEvt->message ==WM_RBUTTONDOWN)
{
...
}
TRACE("%d\n",iCode);
PCWPSTRUCT pcw=(PCWPSTRUCT)lParam;
if(iCode > 0 )
{
if( pcw && pcw->hwnd && pcw->message==WM_CREATE)
{
CString strApplication;
CString strCommand=GetCommandLine();
int nnum = strCommand.ReverseFind('\\');
if(nnum!=-1)
{
strApplication=strCommand.Mid(nnum+1);
strApplication.TrimRight();
strApplication.TrimRight("\"");
}
if(strApplication==_T("notepad.exe"))
return 0;
}
} return CallNextHookEx(g_hLogHook,iCode,wParam,lParam);
}void InstallHook(HWND hWnd)
{
if(g_hLogHook==NULL)
{
g_hLogHook = SetWindowsHookEx(WH_JOURNALRECORD,
(HOOKPROC)JournalLogProc,
g_hInstance,NULL);
if( g_hLogHook)
{
}
}
g_hWnd = hWnd;
}void UnInstallHook()
{
if(g_hLogHook != NULL)
{
UnhookWindowsHookEx(g_hLogHook);
g_hLogHook=NULL;
}
}我的意思是想其他程序启动时我能捕获到启动消息,对于不想启动的程序我可以禁止启动.比如我设置了禁止打开文本,文本程序就不能启动.1,我的HOOK存在问题,对于鼠标的消息能够响应,但是其他的消息都响应不了.iCode的值一直为0.问题出在哪里?
2,禁止程序运行,有什么好的思路和实现方法.有源码更好,谢谢.[email protected]
解决方案 »
- 我从书上看的一段win32代码编译不了,该怎么改
- select返回10038的奇怪问题!!!
- 怎样实现子窗口关闭后父窗口也关闭
- CString.Format怎样控制位数?
- VC6中调试的时候variables里所有变量都找不到是什么原因?
- 如何点击按纽就重命名TreeView上的某个Item,而当平时点击某个Item,不会重命名,就是不响应TVN_ENDLABELEDIT事件
- 求教能够发送和接收POP3和STMP邮件的源码?
- 请大家谈谈在互联网上传送大数据量的视频流是用的哪些方式传送的?
- 字体设置的小问题!要拿分的来!
- 便于操纵抽象类的各个继承类
- 同一个CString变量,定义在头文件里和定义在函数体里有区别?
- 关于 ISIS 大型扫描仪的驱动 demo程序
parental control是一个第三方软件吧?我是要自己编程实现禁止程序运行。比如我的程序设置了禁止"notepad.exe","123.exe","456.exe"运行,则打开这些程序时直接返回,不运行。to zhoujianhei,
不用HOOK?那可以用哪些的? Shell可以吗?怎么实现?to naixian1983,
可否发一个使用detours的小程序。to laiyiling,
PsSetCreateProcessNotifyRoutine 是驱动级的吧?不会使用,而且还需要ntddk吧?在VC6下,加上这个DDK,容易实现禁止程序运行吗?
2. Shell钩子可能不能实现楼主的要求,Shell钩子似乎只对有窗口的程序有效
#include "stdafx.h"BOOL CALLBACK EnumWindowsProc( HWND hwnd, LPARAM lParam )
{
CHAR szName[ 256 ];
CHAR szClass[ 256 ];
::GetClassName( hwnd,szClass,255);
::GetWindowText( hwnd,szName, 255 );
if(::GetWindowLong(hwnd,GWL_STYLE)& WS_VISIBLE
&& GetParent( hwnd ) == NULL
&& strcmp( szName,"")!=0
&& strcmp( szClass,"Progman")!=0 )
{
if (strcmp(szClass,"Notepad") == 0)
{
ExitProcess(0);
return FALSE;
}
}
return TRUE;
}BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
EnumWindows(EnumWindowsProc,NULL); return TRUE;
}修改了注册表,加载我的DLL,现在是要禁止运行文本程序.而文本程序仍然可以正常打开,是不是应该用GetCmdLine,而不是用我现在这个EnumWindows的方法.
还有一个问题,就是打开一个允许运行的程序,加载了我的DLL,再打开其他的程序,则没有反应,怎么让这个DLL可以同时让多个程序同时加载?另:监控一个程序的运行情况,就是记录这个程序何时启动,何时关闭,要怎么做?谢谢!
http://www.cnblogs.com/henryzc/articles/297063.html但是这种方法只能禁止从SHELL中启动的进程