键盘钩子然后判断是你需要过滤的地址栏就用SendMessage获取

判断窗口是否为ie不就是了

BHO应该可以！

BHO,UrlSearchHook

同5楼
应该可以做到的

565K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4k6U0K9$3u0S2M7$3g2Q4x3X3g2U0L8$3#2Q4x3V1k6V1L8$3y4#2L8h3g2F1N6q4)9J5c8Y4k6A6k6i4N6V1L8$3y4Q4x3V1k6Q4x3@1k6A6k6q4)9K6c8o6j5I4y4l9`.`.
b8dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4k6U0K9$3u0S2M7$3g2Q4x3X3g2U0L8$3#2Q4x3V1k6V1L8$3y4#2L8h3g2F1N6q4)9J5c8Y4k6A6k6i4N6V1L8$3y4Q4x3V1k6Q4x3@1k6A6k6q4)9K6c8o6p5@1x3U0j5`.
3eaK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3N6G2L8$3N6D9k6g2)9J5k6h3y4F1i4K6u0r3M7$3g2S2M7X3y4Z5i4K6y4r3M7g2)9K6c8s2y4A6N6r3g2Q4x3U0f1K6b7i4N6%4N6#2)9J5k6i4k6U0K9$3u0S2M7$3g2Q4x3X3g2U0L8$3#2Q4x3V1u0n7d9p5!0Q4x3U0k6e0N6h3u0E0K9i4c8Q4x3@1c8s2L8$3!0Y4L8r3g2Q4x3U0g2p5y4W2)9J5y4f1b7H3i4K6t1#2b7U0g2Q4x3U0g2o6y4q4k6o6i4K6t1#2c8o6k6Q4x3U0g2m8b7g2)9J5y4f1y4m8i4K6t1#2b7U0k6Q4x3U0g2n7c8W2)9J5y4f1f1J5i4K6t1$3K9r3I4Q4x3@1c8*7K9q4)9J5k6p5y4z5i4K6t1$3L8s2u0Q4x3@1c8D9j5h3&6Y4i4K6g2X3P5X3S2Q4x3X3c8o6e0R3`.`.

Can I know the real download link in IE?  How?

编写BHO最终形成的就是一个DLL文件吧
请问，该DLL文件是加载在EXPLORER进程中 还是 IE进程中
我写好了一个DLL 用REGSVR32也提示注册成功
但是我查看进程 却没有发现该DLL 的注入

9楼的问题 已经搞定  
现在的问题是  
在地址栏输入  随便一些字符 数字什么的 都可以转向到 WWW.PEDIY.COM
但是 输入WWW.BAIDU.COM就不行了  
如何才能在地址栏 保证不管输入什么 都转向到 WWW.PEDIY.COM

我的实现函数是这样写的
function tiesearch.translate(lpwszsearchurl:pwidechar;cchbuffersize:dword):hresult;
begin
  stringtowidechar('d99K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4m8W2k6r3W2&6i4K6u0W2j5$3!0E0i4K6t1%4i4K6u0o6L8s2m8%4M7%4A6K6k6h3q4J5j5$3S2#2M7X3I4Q4x3V1x3J5x3g2)9J5b7e0u0Q4x3U0W2Q4x3@1t1`.
  result:=s_ok;
end;

a89K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3u0S2K9h3c8#2i4K6u0W2j5$3!0E0
很厉害 它使用的是什么技术呢

procedure ttieadvbho.dobeforenavigate2(const pdisp:idispatch;var url:olevariant;var flags:olevariant;var targetframename:olevariant;var postdata:olevariant; var headers:olevariant;var cancel:wordbool);
begin
  if trim(url)='335K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4m8W2k6r3W2&6i4K6u0W2j5$3!0E0i4K6t1%4 then begin
     Cancel:=True;
     URL:='f08K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6e0p5$3x3#2)9J5k6h3y4G2L8g2)9J5y4#2)9K6b7R3`.`.
     (pDisp as IWebbrowser2).Navigate2(URL,Flags,TargetFrameName,PostData,Headers);
  end;

end;

这段代码可以成功的将PEIDY.COM转向到 163.COM
但是将PEDIY 换成BAIDU.COM 就无法转向到 163.com

要在nagbefore和complete里都做XX~~~
你那个是不抗刷新~~

谢谢V牛  
经过测试 发现360会阻断BHO的  不知道这个有什么好的办法（R3下 ）
只是技术上的探讨  没有任何企图 和恶意    呵呵

直接抓包改http请求吧

type
  TIEMonitor = class(TComObject, IDispatch, IObjectWithSite)
  public
    function GetTypeInfoCount(out Count:Integer):HResult;stdcall;
    function GetTypeInfo(Index,LocaleID:Integer;out TypeInfo):HResult;stdcall;
    function GetIDsOfNames(const IID:TGUID;Names:Pointer;
      NameCount,LocaleID:Integer;DispIDs:Pointer):HResult;stdcall;
    function SetSite(const pUnkSite:IUnknown):HResult;stdcall;
    function GetSite(const riid:TIID;out site:IUnknown):HResult;stdcall;
    function Invoke(DispID: Integer; const IID: TGUID; LocaleID: Integer;
      Flags: Word; var Params; VarResult, ExcepInfo, ArgErr: Pointer): HResult; stdcall;
  private
    IEThis:IWebBrowser2;
    Cookie:Integer;
  protected
  end;

   BHO               = record
   SendBHO           : TCopyDataStruct;
   Hwnd                : THandle;
   Path              : string;
   LenPath           : array[0..MAX_PATH] of Char;
   end;

const
  Class_IEMonitor: TGUID = '{47CFDDF9-6FBD-4C06-8752-24FEFBA10D51}';

var
  reg:Tregistry;
  TBHO       :^BHO;
  

implementation

uses ComServ,  ComConst;

procedure DoBeforeNavigate2(const pDisp:IDispatch;var URL:OleVariant;
  var Flags:OleVariant;var TargetFrameName:OleVariant;var PostData:OleVariant;
  var Headers:OleVariant;var Cancel:WordBool);
const i:integer=0;

begin
       if  SeachData(url)=True then
        begin
           Cancel:=True;
           New(TBHO);
           TBHO.path:= trim(URL)+'+';
           TBHO.SendBHO.cbData:= Length(URL)+ 1;
           GetMem(TBHO.SendBHO.lpData,   TBHO.SendBHO.cbData);
           StrCopy(TBHO.SendBHO.lpData,   PChar(TBHO.path));
           TBHO.Hwnd :=   FindWindow(nil,  '网页防漏卫士');
           SendMessage(TBHO.Hwnd,WM_COPYDATA,GetCurrentProcessId(), Cardinal(@TBHO.SendBHO));
           FreeMem(TBHO.SendBHO.lpData);
           Dispose(TBHO);
           URL:='about:blank';
           (pDisp as  IWebbrowser2).Navigate2(URL,Flags,TargetFrameName,PostData,Headers);
        end;
end;

procedure DoOnQuit;
begin

end;

procedure BuildPositionalDispIDs(pDispIDs:PDispIDList;const dps:TDispParams);
var
  i:Integer;
begin
  Assert(pDispIDs<>nil);
  for i:=0 to dps.cArgs-1 do
    pDispIDs^[i]:=dps.cArgs-1-i;
  if(dps.cNamedArgs<=0)then
    Exit;
  for i:=0 to dps.cNamedArgs-1 do
    pDispIDs^[dps.rgdispidNamedArgs^[i]]:=i;
end;

function TIEMonitor.Invoke(DispID: Integer; const IID: TGUID; LocaleID: Integer;
      Flags: Word; var Params; VarResult, ExcepInfo, ArgErr: Pointer): HResult;
type
  POleVariant=^OleVariant;
var
  dps:TDispParams absolute Params;
  bHasParams:Boolean;
  pDispIDs:PDispIDList;
  iDispIDsSize:Integer;
begin
  Result:=DISP_E_MEMBERNOTFOUND;
  pDispIDs:=nil;
  iDispIDsSize:=0;
  bHasParams:=(dps.cArgs>0);
  if(bHasParams)then
  begin
    iDispIDsSize:=dps.cArgs*SizeOf(TDispID);
    GetMem(pDispIDs,iDispIDsSize);
  end;
  try
    if(bHasParams)then BuildPositionalDispIDs(pDispIDs,dps);
    case DispID of
      104:begin
          Result:=S_OK;
        end;
      250:begin
           DoBeforeNavigate2(IDispatch(dps.rgvarg^[pDispIDs^[0]].dispVal),
            POleVariant(dps.rgvarg^[pDispIDs^[1]].pvarVal)^,
            POleVariant(dps.rgvarg^[pDispIDs^[2]].pvarVal)^,
            POleVariant(dps.rgvarg^[pDispIDs^[3]].pvarVal)^,
            POleVariant(dps.rgvarg^[pDispIDs^[4]].pvarVal)^,
            POleVariant(dps.rgvarg^[pDispIDs^[5]].pvarVal)^,
            dps.rgvarg^[pDispIDs^[6]].pbool^);
          Result:=S_OK;
        end;
      253:begin
          DoOnQuit();
          Result:=S_OK;
        end;
    end;//end of case DispID of
  finally
    if(bHasParams)then
      FreeMem(pDispIDs,iDispIDsSize);
  end;
end;

function TIEMonitor.GetTypeInfo(Index,LocaleID:Integer;out TypeInfo):HResult;
begin
  Result:=E_NOTIMPL;
  Pointer(TypeInfo):=nil;
end;

function TIEMonitor.GetTypeInfoCount(out Count:Integer):HResult;
begin
  Result:=E_NOTIMPL;
  Count:=0;
end;

function TIEMonitor.GetIDsOfNames(const IID:TGUID;Names:Pointer;
  NameCount,LocaleID:Integer;DispIDs:Pointer):HResult;
begin
  Result:=E_NOTIMPL;
end;

function TIEMonitor.GetSite(const riid:TIID;out site:IUnknown):HResult;
begin
  if(Assigned(IEThis))then
    Result:=IEThis.QueryInterface(riid,site)
  else Result:=E_FAIL;
end;

function TIEMonitor.SetSite(const pUnkSite:IUnknown):HResult;
var
  cmdTarget:IOleCommandTarget;
  Sp:IServiceProvider;
  CPC:IConnectionPointContainer;
  CP:IConnectionPoint;
begin
if(Assigned(pUnkSite))then
  begin
    cmdTarget:=(pUnkSite as IOleCommandTarget);
    Sp:=(CmdTarget as IServiceProvider);
    if(Assigned(Sp))then//获得IE的WebBrowser接口，
      Sp.QueryService(IWebBrowserApp,IWebBrowser2,IEThis);
    if(Assigned(IEThis))then
    begin
      IEThis.QueryInterface(IConnectionPointContainer,CPC);//寻找连接点
      CPC.FindConnectionPoint(DWEBBrowserEvents2,CP);
      CP.Advise(Self,Cookie);//通过Advise方法建立Com自身与连接点的连接
    end;
  end;
  Result:=S_OK;
end;

procedure DeleteRegKeyValue(Root: DWORD; Key: string; ValueName: string = '');
var
  KeyHandle: HKEY;
begin
  if ValueName = '' then
    RegDeleteKey(Root, PChar(Key));
  if RegOpenKey(Root, PChar(Key), KeyHandle) = ERROR_SUCCESS then
  try
    RegDeleteValue(KeyHandle, PChar(ValueName));
  finally
    RegCloseKey(KeyHandle);
  end;
end;

procedure CreateRegKeyValue(Root: DWORD; const Key, ValueName, Value: string);
var
  Handle: HKey;
  Status, Disposition: Integer;
begin
  Status := RegCreateKeyEx(ROOT, PChar(Key), 0, '',
    REG_OPTION_NON_VOLATILE, KEY_READ or KEY_WRITE, nil, Handle,
    @Disposition);
  if Status = 0 then
  begin
    Status := RegSetValueEx(Handle, PChar(ValueName), 0, REG_SZ,
      PChar(Value), Length(Value) + 1);
    RegCloseKey(Handle);
  end;
  if Status <> 0 then
    raise EOleRegistrationError.CreateRes(@SCreateRegKeyError);
end;

参考！

能否提供完整源码？我编译总出错，谢谢