Use C # To shield system hotkeys (including disabling Task Manager)

Generally, a hook is used to obtain the system's buttons or mouse actions, and then perform custom actions before the system responds, or directly truncate the message, this is the principle of shielding system hotkeys. First, call the DLL file of the operating system and introduce the namespace using system. runtime. interopservices; call the dynamic link library of the operating system [dllimport ("user32.dll", charset = charset. auto, setlasterror = true)] public static extern intptr setwindowshookexw (INT idhook, hookhandlerdelegate lpfn, intptr hmod, uint dwthreadid); the first parameter indicates the hook ID (13 indicates the keyboard hook, 14 indicates the mouse hook). The second parameter is a function pointer pointing to the function to be executed by the hook. The third parameter is a pointer to the process block, the fourth parameter is set to 0 by default. Reference a method to obtain the process block pointer [dllimport ("kernel32.dll", charset = charset. auto, setlasterror = true)] public static extern intptr getmodulehandle (string modulename); next we construct a hook (take the keyboard hook as an example) to define constants: public const int wm_keydown = 0x0100; Public const int wh_keyboard_ll = 13; Public const int wm_syskeydown = 0x0104; defines the struct for storing key information: public struct KBDLLHOOKSTRUCT {public int vkcode; public int scancode; Public int flags; Pu BLIC int time; Public int dwextrainfo;} defines a function pointer: Public Delegate int hookhandlerdelegate (INT ncode, intptr wparam, ref KBDLLHOOKSTRUCT lparam); declares a function pointer pointing to the execution function: private hookhandlerdelegate proc; construct the hook: Proc = new hookhandlerdelegate (hookcallback); Using (process curpro = process. getcurrentprocess () using (processmodule curmod = curpro. mainmodule) {setwindowshookexw (wh_keyboard_ll, Proc, getmodule Handle (curmod. modulename), 0);} Here, hookcallback is the function executed by the hook. I wrote this: Private int hookcallback (INT ncode, intptr wparam, ref KBDLLHOOKSTRUCT lparam) {If (ncode> = 0 & (wparam = (intptr) wm_keydown | wparam = (intptr) wm_syskeydown) {If (lparam. vkcode = 91 | lparam. vkcode = 164 | lparam. vkcode = 9 | lparam. vkcode = 115) {return 1;} else {return 0;} return 0;} Here, 1 indicates that the message is terminated, that is, no response is returned. 0 indicates that the Message continues. Here, 91,164, or 9,115, is the accesskey ID of the keyboard, which indicates that these buttons are blocked. The system hotkeys can be completely shielded here, but this method cannot block CTRL + ALT + DEL, that is, the key combination of the task manager popped up, in this way, the screen lock still cannot be achieved. Here is a very simple method: filestream myfs = new filestream (environment. expandenvironmentvariables ("% WINDIR % system32 askmgr.exe"), filemode. open); byte [] mybyte = new byte [(INT) myfs. length]; myfs. write (mybyte, 0, (INT) myfs. length); that is, you can use a binary stream to open the task manager. In this way, the system considers that the task manager has been opened, and CTRL + ALT + DEL will not pop up the task manager window, obviously, the task manager has been opened, but it will not be seen on the form interface. Address: http://blog.csdn.net/maidou0921/article/details/4279291