-
-
[求助]使用VirtualAllocEx等API导致金山毒霸显示系统防御对话框的问题
-
发表于:
2012-4-30 03:05
4523
-
[求助]使用VirtualAllocEx等API导致金山毒霸显示系统防御对话框的问题
// 枚举获取托盘图标区域位置
BOOL CTrayIcon::EnumNotifyWindow(HWND hWnd, RECT &rect)
{
BOOL bSuc = FALSE;
DWORD dwProcessId = 0, dwThreadId = 0, dwDesiredAccess;
HANDLE hProcess;
LPVOID lpBuffer;
int nButtons;
HWND hOwnerWnd = NULL;
if (NULL == hWnd)
return FALSE;
dwThreadId = ::GetWindowThreadProcessId(hWnd, &dwProcessId);
if (0 == dwProcessId || 0 == dwThreadId)
return FALSE;
dwDesiredAccess = PROCESS_ALL_ACCESS|PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE;
hProcess = ::OpenProcess(dwDesiredAccess, 0, dwProcessId);
if (NULL == hProcess)
return FALSE;
lpBuffer = ::VirtualAllocEx(hProcess, 0, 1024, MEM_COMMIT, PAGE_READWRITE);
if (lpBuffer != NULL)
{
nButtons = ::SendMessage(hWnd, TB_BUTTONCOUNT, 0, 0); // 获取托盘图标数量
for (int i = 0; i < nButtons; i++)
{
RECT rc = {0};
TBBUTTON stButton = {0};
TRAYDATA stTrayData = {0};
::SendMessage(hWnd, TB_GETBUTTON, i, (LPARAM)lpBuffer); // 获取第i个托盘图标信息
BOOL bRet = ::ReadProcessMemory(hProcess, lpBuffer, &stButton, sizeof(TBBUTTON), 0);
bRet = ::ReadProcessMemory(hProcess, (LPVOID)stButton.dwData, &stTrayData, sizeof(TRAYDATA), 0);
if (bRet != 0 && stTrayData.hwnd == m_stNotifyIconData.hWnd)
{
::SendMessage(hWnd, TB_GETITEMRECT, (WPARAM)i, (LPARAM)lpBuffer); // 获取第i个托盘图标区域
bRet = ::ReadProcessMemory(hProcess, lpBuffer, &rc, sizeof(rc),0); // 读取托盘图标区域
if (bRet != 0)
{
::ClientToScreen(hWnd, (LPPOINT)&rc);
::ClientToScreen(hWnd, ((LPPOINT)&rc)+1);
rect = rc;
}
bSuc = TRUE;
break;
}
}
}
if (lpBuffer != NULL)
::VirtualFreeEx(hProcess, lpBuffer, 0, MEM_RELEASE);
::CloseHandle(hProcess);
return bSuc;
}
代码如上,功能只是想获取一下托盘图标区域位置。
在鼠标移到托盘图标上时弹出一个窗口,启动一个计时器,获取鼠标当前位置,获取托盘图标区域位置,检测鼠标是否已离开托盘图标区域位置,是则关闭窗口。具体类似QQ来消息时鼠标移到QQ图标上面显示的消息盒子窗口。
如何修改代码避免金山毒霸的主动防御提示?
http://bbs.code.ijinshan.com/attachments/month_1204/1204300258f83c0f0b3c11c5a0.jpg
http://bbs.code.ijinshan.com/attachments/month_1204/12043003005be5228f0e98e9db.jpg
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课