1、dll内hook无效，应该是GetCurrentThreadId对应的线程ID不对。

2、改由主程序Hook，暂时未完成。

source/hook/WeChats/CWxObject.cpp

@@ -38,6 +38,7 @@ CWxObject::CWxObject()
 	, m_hEjectThread(NULL)
 	, m_dwPathLen(0)
 	, m_bAttached(FALSE)
+	, m_hook(NULL)
 {
 
 }
@@ -53,6 +54,7 @@ CWxObject::CWxObject(DWORD dwProcId, LPCTSTR lpDynamicLibraryPath)
 	, m_hEjectThread(NULL)
 	, m_dwPathLen(0)
 	, m_bAttached(FALSE)
+	, m_hook(NULL)
 {
 	setInjectionObj(dwProcId, lpDynamicLibraryPath);
 }
@@ -87,6 +89,9 @@ CWxObject::~CWxObject()
 	// 注：必须在主窗口销毁前分离;
 	if (!m_bAttached)
 		DetachWxWnd();
+
+	if (m_hook)
+		UnhookWindowsHookEx(m_hook);
 }
 
 void CWxObject::setInjectionObj(DWORD dwProcId, LPCTSTR lpDynamicLibraryPath)
@@ -317,6 +322,13 @@ BOOL CWxObject::DetachWxWnd()
 	return 0;
 }
 
+BOOL CWxObject::SetHook()
+{
+	if (m_hook == NULL)
+		m_hook = SetWindowsHookEx(WH_CBT, HookProc, NULL, ::GetCurrentThreadId());
+	return 0;
+}
+
 BOOL CWxObject::EnumWindowsProc(HWND hwnd, LPARAM lParam)
 {
 	DWORD dwProcId = 0, dwThreadId;
@@ -341,4 +353,9 @@ BOOL CWxObject::EnumWindowsProc(HWND hwnd, LPARAM lParam)
     }
 
     return TRUE;
-}
+}
+
+LRESULT CWxObject::HookProc(int nCode, WPARAM wParam, LPARAM lParam)
+{
+	return LRESULT();
+}

source/hook/WeChats/CWxObject.h

@@ -52,7 +52,8 @@ private:
 	HANDLE			m_hInjectThread;
 	// жÔØÏ߳̾ä±ú;
 	HANDLE			m_hEjectThread;
-
+	// 
+	HHOOK			m_hook;
 public:
 	inline DWORD GetWxProcId() { return m_dwWxProcId; }
 	inline HWND GetWxMainWnd() { return m_hWxMainWnd; }
@@ -65,8 +66,10 @@ public:
 	BOOL FindWxLoginWnd();
 	BOOL Attach2MainWnd(CWnd *pMainWnd, BOOL bLoginWnd = FALSE);
 	BOOL DetachWxWnd();
+	BOOL SetHook();
 
 	static BOOL CALLBACK EnumWindowsProc(HWND hwnd, LPARAM lParam);
+	static LRESULT CALLBACK HookProc(int nCode, WPARAM wParam, LPARAM lParam);
 };
 
 #endif //__WX_OBJECT__

source/hook/hook/dllmain.cpp

@@ -1,6 +1,19 @@
 // dllmain.cpp : 定义 DLL 应用程序的入口点。
 #include "stdafx.h"
 
+HHOOK g_hook = NULL;
+LRESULT CALLBACK HookProc(int nCode, WPARAM wParam, LPARAM lParam)
+{
+	tagMSG* msg;
+	msg = (tagMSG*)lParam;
+	if (nCode == HCBT_MINMAX)
+	{
+		WriteTextLog(_T("窗口HCBT_MINMAX"));
+		return 1;
+	}
+
+	return CallNextHookEx(g_hook, nCode, wParam, lParam);
+}
 
 BOOL APIENTRY DllMain( HMODULE hModule,
                        DWORD  ul_reason_for_call,
@@ -12,7 +25,9 @@ BOOL APIENTRY DllMain( HMODULE hModule,
 	{
 	case DLL_PROCESS_ATTACH:
 		{
-			WriteTextLog(_T("dll已成功注入"));
+			if ( g_hook == NULL)
+				g_hook = SetWindowsHookEx(WH_CBT, HookProc, NULL, ::GetCurrentThreadId());
+			WriteTextLog(_T("dll已成功注入:%d"), ::GetCurrentThreadId());
 			WxInfo wxInfo;
 			GetWxInfo(wxInfo);
 		}
@@ -22,6 +37,8 @@ BOOL APIENTRY DllMain( HMODULE hModule,
 	case DLL_THREAD_DETACH:
 		break;
 	case DLL_PROCESS_DETACH:
+		if (g_hook)
+			UnhookWindowsHookEx(g_hook);
 		WriteTextLog(_T("dll已成功卸载"));
 		break;
 	default: