我有程序挂钩所有应用程序事件。我的程序始终以管理员身份运行。 每当我试图获取事件时它只会挂钩来自课堂的事件 的 " olemainthreadwndclass" 即可。它在用户模式和管理模式的示例应用程序上正常工作。 复制到我的项目的相同代码不起作用。代码如下所示。
这是CMainFrame.cpp ..
IMPLEMENT_DYNAMIC(CMainFrame, CFrameWnd)
BEGIN_MESSAGE_MAP(CMainFrame, CFrameWnd)
ON_WM_CREATE()
END_MESSAGE_MAP()
void ShutdownMSAA()
{
UnhookWinEvent(hook);
UnhookWinEvent(HookCreateToHide);
UnhookWinEvent(HookNameChange);
UnhookWinEvent(HookFocus);
UnhookWinEvent(HookSysCapEnd);
UnhookWinEvent(HookSysForeGrnd);
CoUninitialize();
}
void CALLBACK HandleWinEvent(HWINEVENTHOOK tEmphook, DWORD event, HWND hwnd,
LONG idObject, LONG idChild,
DWORD dwEventThread, DWORD dwmsEventTime)
{
if(hwnd)
{
TCHAR szWinClassName[256];
if(GetClassName(hwnd, szWinClassName, sizeof(szWinClassName)/sizeof(TCHAR)-1))
{
CString szGetWindowsClass(szWinClassName);
if( szGetWindowsClass.CollateNoCase("SysTreeView32") != 0 &&
szGetWindowsClass.CollateNoCase("SysListView32") != 0 &&
szGetWindowsClass.CollateNoCase("msctls_statusbar32") != 0 &&
szGetWindowsClass.CollateNoCase("#32770") != 0 &&
szGetWindowsClass.CollateNoCase("OleMainThreadWndClass") != 0)
{
OutputDebugString("#########################");
CString szdwEventThread = "";
szdwEventThread.Format(": %ld",dwEventThread);
szGetWindowsClass += szdwEventThread;
OutputDebugString(szGetWindowsClass);
}
}
}
}
void InitializeMSAA()
{
CoInitialize(NULL);
g_hook = SetWinEventHook(
EVENT_SYSTEM_MENUSTART, EVENT_SYSTEM_MENUEND, 0, HandleWinEvent, 0, 0, WINEVENT_OUTOFCONTEXT | WINEVENT_SKIPOWNPROCESS);
HookCreateToHide = SetWinEventHook(EVENT_OBJECT_CREATE,EVENT_OBJECT_HIDE, 0,
HandleWinEvent, 0, 0, WINEVENT_OUTOFCONTEXT | WINEVENT_SKIPOWNPROCESS);
HookNameChange = SetWinEventHook(EVENT_OBJECT_NAMECHANGE, EVENT_OBJECT_NAMECHANGE, 0,
HandleWinEvent, 0, 0, WINEVENT_OUTOFCONTEXT | WINEVENT_SKIPOWNPROCESS);
HookFocus = SetWinEventHook(EVENT_OBJECT_FOCUS, EVENT_OBJECT_FOCUS, 0,
HandleWinEvent, 0, 0, WINEVENT_OUTOFCONTEXT | WINEVENT_SKIPOWNPROCESS);
HookSysCapEnd = SetWinEventHook(EVENT_SYSTEM_CAPTUREEND, EVENT_SYSTEM_CAPTUREEND, 0,
HandleWinEvent, 0, 0, WINEVENT_OUTOFCONTEXT | WINEVENT_SKIPOWNPROCESS);
HookSysForeGrnd = SetWinEventHook(EVENT_SYSTEM_FOREGROUND, EVENT_SYSTEM_FOREGROUND, 0,
HandleWinEvent, 0, 0, WINEVENT_OUTOFCONTEXT | WINEVENT_SKIPOWNPROCESS);
}
CMainFrame::CMainFrame():Obj_SecondaryClass(NULL)
{
AfxGetApp()->LoadIcon(IDI_ICON);
Obj_SecondaryClass = new SecondaryClass();
Obj_SecondaryClass->SetActive(TRUE);
}
CMainFrame::~CMainFrame()
{
Obj_SecondaryClass->SetActive(FALSE);
delete Obj_SecondaryClass;
}
int CMainFrame::OnCreate(LPCREATESTRUCT lpCreateStruct)
{
try
{
if(CFrameWnd::OnCreate(lpCreateStruct) == -1)
{
return -1;
}
EnterCriticalSection(&FirstCSec);
InitializeMSAA();
LeaveCriticalSection(&FirstCSec);
}
catch(...)
{
return -1;
}
return 0;
}
BOOL CMainFrame::PreCreateWindow(CREATESTRUCT& cs)
{
if(!CFrameWnd::PreCreateWindow(cs))
return FALSE;
cs.style = WS_OVERLAPPED | WS_CAPTION | FWS_ADDTOTITLE;
cs.dwExStyle &= ~WS_EX_CLIENTEDGE;
cs.lpszClass = AfxRegisterWndClass(0);
return TRUE;
}
void CMainFrame::OnSetFocus(CWnd* )
{
}
BOOL CMainFrame::OnCmdMsg(UINT nID, int nCode, void* pExtra, AFX_CMDHANDLERINFO* pHandlerInfo)
{
return CFrameWnd::OnCmdMsg(nID, nCode, pExtra, pHandlerInfo);
}
LRESULT CMainFrame::WindowProc(UINT message, WPARAM wParam, LPARAM lParam)
{
HANDLE hThread2;
DWORD dwSessionID;
switch(message)
{
case WM_NCACTIVATE :
break;
case WM_WINDOWS_LOGON :
break;
case WM_APPBLOCK :
MySelf::Me()->m_StatusOne = TRUE;
break;
case WM_UNAPPBLOCK:
MySelf::Me()->m_StatusTwo = FALSE;
break;
case WM_APPBLOCKMSG:
Obj_SecondaryClass->ChangeFunOne();
break;
case WM_DESTROY:
case WM_QUIT:
case WM_ENDSESSION:
PostQuitMessage(0);
break;
}
return CFrameWnd::WindowProc(message, wParam, lParam);
}
以下是MainApplication.cpp ..
MainApplication::MainApplication()
{
}
MainApplication theApp;
BOOL MainApplication::InitInstance()
{
InitializeCriticalSection(&g_cCritSec);
InitializeCriticalSection(&appBlocker_cCritSec);
INITCOMMONCONTROLSEX InitCtrls;
InitCtrls.dwSize = sizeof(InitCtrls);
InitCtrls.dwICC = ICC_WIN95_CLASSES;
InitCommonControlsEx(&InitCtrls);
CWinApp::InitInstance();
CMainFrame* pFrame = new CMainFrame;
if (!pFrame)
return FALSE;
m_pMainWnd = pFrame;
pFrame->LoadFrame(IDR_MAINFRAME,
WS_OVERLAPPEDWINDOW | FWS_ADDTOTITLE,
NULL,
NULL);
pFrame->ShowWindow(SW_HIDE);
pFrame->UpdateWindow();
return TRUE;
}
int MainApplication::ExitInstance()
{
return CWinApp::ExitInstance();
}
请支持我,提前致谢,
答案 0 :(得分:0)
这是因为请确保您的.exe在同一用户空间下运行。即,在.exe下运行的SYSTEM无法挂钩'User_Name' User下的事件。即使我们在.exe模式下"Run as Administrator"运行具有管理员权限的'User_Name' User模式,也始终只在'User_Name' User下运行。