转载自互联网:仅修改了软件打开自动屏蔽和隐藏窗体。
保存成相应文件,可以用VB6直接编译出exe,win7下依赖于winlogon的快捷键会被屏蔽;
若要恢复,可选开启图形界面后,点击释放按钮。
KeyboardLockFormModule.bas文件
Attribute VB_Name = "KeyboardLockFormModule"
Option Explicit
Private Declare Function GetAsyncKeyState Lib "user32" (ByVal vKey As Long) As Integer
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Const SYNCHRONIZE = &H100000
Private Const STANDARD_RIGHTS_REQUIRED = &HF0000
Public Const PROCESS_ALL_ACCESS = (STANDARD_RIGHTS_REQUIRED Or SYNCHRONIZE Or &HFFF)
Public Declare Function NtSuspendProcess Lib "ntdll.dll" (ByVal hProc As Long) As Long
Public Declare Function NtResumeProcess Lib "ntdll.dll" (ByVal hProc As Long) As Long
Declare Function OpenThread Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwThreadId As Long) As Long
Declare Function NtTerminateProcess Lib "ntdll" (ByVal hProc As Long, ByVal ExitCode As Long) As Long
Public Declare Function SendMessage Lib "user32" Alias "SendMessageA" (ByVal hWnd As Long, ByVal wMsg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long
Declare Function LookupPrivilegeValue Lib "advapi32.dll" Alias "LookupPrivilegeValueA" (ByVal lpSystemName As String, ByVal lpName As String, ByRef lpLuid As LARGE_INTEGER) As Long
Declare Function AdjustTokenPrivileges Lib "advapi32.dll" (ByVal TokenHandle As Long, ByVal DisableAllPrivileges As Long, ByRef NewState As TOKEN_PRIVILEGES, ByVal BufferLength As Long, ByRef PreviousState As Long, ByRef ReturnLength As Long) As Long
Declare Function GetCurrentProcess Lib "kernel32.dll" () As Long
Declare Function GetCurrentProcessId Lib "kernel32.dll" () As Long
Declare Function OpenProcessToken Lib "advapi32.dll" (ByVal ProcessHandle As Long, ByVal DesiredAccess As Long, ByRef TokenHandle As Long) As Long
Declare Function GetLastError Lib "kernel32.dll" () As Long
Type LARGE_INTEGER
LowPart As Long
HighPart As Long
End Type
Public Const ANYSIZE_ARRAY As Long = 1
Public Const SE_PRIVILEGE_ENABLED As Long = &H2
Public Const TOKEN_ADJUST_PRIVILEGES As Long = &H20
Public Const TOKEN_QUERY As Long = &H8
Type LUID_AND_ATTRIBUTES
LUID As LARGE_INTEGER
Attributes As Long
End Type
Type TOKEN_PRIVILEGES
PrivilegeCount As Long
Privileges(ANYSIZE_ARRAY) As LUID_AND_ATTRIBUTES
End Type
Private Declare Function CreateToolhelpSnapshot Lib "kernel32" Alias "CreateToolhelp32Snapshot" (ByVal lFlags As Long, ByVal lProcessID As Long) As Long
'获得系统快照中的第一个进程的信息
Private Declare Function ProcessFirst Lib "kernel32" Alias "Process32First" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
'获得系统快照中的下一个进程的信息
Private Declare Function ProcessNext Lib "kernel32" Alias "Process32Next" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
Private Type PROCESSENTRY32
dwSize As Long '结构大小
cntUsage As Long '此进程的引用计数
th32ProcessID As Long '进程ID
th32DefaultHeapID As Long '进程默认堆ID
th32ModuleID As Long '进程模块ID
cntThreads As Long '此进程开启的线程计数
th32ParentProcessID As Long '父进程ID
pcPriClassBase As Long '线程优先权
dwFlags As Long '保留
szExeFile As String * 260 '进程全名
End Type
Private Const TH32CS_SNAPPROCESS = &H2
Private Const TH32CS_SNAPmodule = &H8
Private Function GetWinlogonPID() As Long
GetWinlogonPID = 0
Dim lngResult As Long
Dim hSnapShot As Long
Dim hMSnapshot As Long
Dim strTreTxt As String
Dim lngRet As Long
Dim lngProcCount As Long
Dim strExe As String
Dim PEE As PROCESSENTRY32
hSnapShot = CreateToolhelpSnapshot(TH32CS_SNAPPROCESS, 0)
PEE.dwSize = Len(PEE)
lngResult = ProcessFirst(hSnapShot, PEE)
'建立进程快照,循环查找进程
Do While lngResult <> 0
strExe = Left(PEE.szExeFile, InStr(PEE.szExeFile, Chr(0)) - 1)
If LCase(strExe) = "winlogon.exe" Then '找到winlogon则返回
GetWinlogonPID = PEE.th32ProcessID
CloseHandle hSnapShot
Exit Function
End If
lngResult = ProcessNext(hSnapShot, PEE)
Loop
CloseHandle hSnapShot
End Function
Function EnableDebugPrivilege() As Boolean
Dim TP As TOKEN_PRIVILEGES
Dim hToken As Long, r As Long, e As Long
'提升进程权限
r = OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES Or TOKEN_QUERY, hToken)
e = GetLastError
If r And Not e Then
r = LookupPrivilegeValue(vbNullString, "SeDebugPrivilege", TP.Privileges(0).LUID)
e = GetLastError
If r And Not e Then
TP.PrivilegeCount = 1
TP.Privileges(0).Attributes = SE_PRIVILEGE_ENABLED
r = AdjustTokenPrivileges(hToken, False, TP, LenB(TP), 0, 0)
EnableDebugPrivilege = GetLastError = 0
Else
EnableDebugPrivilege = False
End If
Else
EnableDebugPrivilege = False
End If
Call CloseHandle(hToken)
End Function
Public Function SusWin() As Boolean '挂起winlogon进程
'注:若多次调用本函数,也需调用同样多的ResWin才能恢复进程!!
Dim hP As Long
hP = OpenProcess(PROCESS_ALL_ACCESS, 0, GetWinlogonPID)
If hP = 0 Then
SusWin = False
Exit Function
End If
SusWin = (NtSuspendProcess(hP) >= 0)
CloseHandle hP
End Function
Public Function ResWin() As Boolean '恢复winlogon进程
Dim hP As Long
hP = OpenProcess(PROCESS_ALL_ACCESS, 0, GetWinlogonPID)
If hP = 0 Then
ResWin = False
Exit Function
End If
ResWin = (NtResumeProcess(hP) >= 0)
CloseHandle hP
End Function
keyboardlock文件
Type=Exe
Form=KeyboardLockForm.frm
Reference=*\G{00020430-0000-0000-C000-000000000046}#2.0#0#C:\Windows\SysWOW64\stdole2.tlb#OLE Automation
Module=KeyboardLockFormModule; KeyboardLockFormModule.bas
IconForm="KeyboardLockForm"
Startup="KeyboardLockForm"
ExeName32="KeyboardLock.exe"
Command32=""
Name="KeyboardLock"
HelpContextID="0"
CompatibleMode="0"
MajorVer=1
MinorVer=0
RevisionVer=0
AutoIncrementVer=0
ServerSupportFiles=0
VersionCompanyName="1.0"
CompilationType=0
OptimizationType=0
FavorPentiumPro(tm)=0
CodeViewDebugInfo=-1
NoAliasing=0
BoundsCheck=0
OverflowCheck=0
FlPointCheck=0
FDIVCheck=0
UnroundedFP=0
StartMode=0
Unattended=0
Retained=0
ThreadPerObject=0
MaxNumberOfThreads=1
[MS Transaction Server]
AutoRefresh=1
KeyboardLockForm文件
VERSION 5.00
Begin VB.Form KeyboardLockForm
BorderStyle = 1 'Fixed Single
Caption = "只能在WinVista或Win7中使用!!"
ClientHeight = 2775
ClientLeft = 45
ClientTop = 330
ClientWidth = 4875
LinkTopic = "KeyboardLockForm"
MaxButton = 0 'False
MinButton = 0 'False
ScaleHeight = 2775
ScaleWidth = 4875
StartUpPosition = 3 '窗口缺省
'下面这句默认隐藏窗体,若要显示,删除这一句
Visible = 0 'False
Begin VB.CommandButton Command2
Caption = "恢复Winlogon"
Height = 735
Left = 600
TabIndex = 1
Top = 1440
Width = 3495
End
Begin VB.CommandButton Command1
Caption = "挂起Winlogon"
Height = 735
Left = 600
TabIndex = 0
Top = 480
Width = 3495
End
End
Attribute VB_Name = "KeyboardLockForm"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Private Sub Command1_Click()
If SusWin() = False Then MsgBox "挂起失败!"
End Sub
Private Sub Command2_Click()
If ResWin() = False Then MsgBox "恢复失败!"
End Sub
Private Sub Form_Load()
'打开程序直接禁用
Call Command1_Click
If EnableDebugPrivilege = False Then
'打开Winlogon进程需获得SeDebug权限
'否则OpenProcess会失败
MsgBox "提权失败!", vbCritical
Unload Me
End If
End Sub