VC如何通过托盘图标得到该所属进程
发表于:2025-01-25 作者:千家信息网编辑
千家信息网最后更新 2025年01月25日,这篇文章主要为大家展示了"VC如何通过托盘图标得到该所属进程",内容简而易懂,条理清晰,希望能够帮助大家解决疑惑,下面让小编带领大家一起研究并学习一下"VC如何通过托盘图标得到该所属进程"这篇文章吧。
千家信息网最后更新 2025年01月25日VC如何通过托盘图标得到该所属进程
这篇文章主要为大家展示了"VC如何通过托盘图标得到该所属进程",内容简而易懂,条理清晰,希望能够帮助大家解决疑惑,下面让小编带领大家一起研究并学习一下"VC如何通过托盘图标得到该所属进程"这篇文章吧。
本例以获取程序托盘图标位置为例
//根据需要还可以获取不少信息
代码一
//获取托盘区域数据RECT CTray::GetTrayRect(){ RECT rect = {0}; HWND hWnd = NULL; hWnd = FindTrayWnd(); if (hWnd != NULL) { if (!EnumNotifyWindow(rect,hWnd))//如果没在普通托盘区 { hWnd = FindNotifyIconOverflowWindow();//在溢出区(win7) if (hWnd != NULL) { EnumNotifyWindow(rect,hWnd); } } } return rect;}//枚举获取托盘区域位置bool CTray::EnumNotifyWindow(RECT &rect,HWND hWnd){ //RECT rect = {0}; bool bSuc = false; unsigned long lngPID = 0; long ret = 0,lngButtons = 0; long lngHwndAdr = 0,lngHwnd = 0;//,lngTextAdr,lngButtonID; HANDLE hProcess = NULL; LPVOID lngAddress = NULL,lngRect = NULL; if (hWnd != NULL) { ret = GetWindowThreadProcessId(hWnd, &lngPID); if(ret != 0 && lngPID != 0) { hProcess = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE,0,lngPID);// if (hProcess != NULL) { lngAddress = VirtualAllocEx(hProcess,0, 0x4096, MEM_COMMIT, PAGE_READWRITE); lngRect = VirtualAllocEx(hProcess,0,sizeof(RECT), MEM_COMMIT, PAGE_READWRITE); lngButtons = SendMessage(hWnd, TB_BUTTONCOUNT, 0, 0); //发送消息获取托盘button数量 if (lngAddress != NULL && lngRect != NULL) { for(int i=0 ;i< lngButtons;i++) { RECT rc = {0}; int j = i; ret = SendMessage(hWnd,TB_GETBUTTON,j,long(lngAddress));//发送消息获取托盘项数据起始地址 ret = ReadProcessMemory(hProcess, LPVOID(long(lngAddress) + 12),&lngHwndAdr,4,0); if(ret != 0 && lngHwndAdr != -1) { ret = ReadProcessMemory(hProcess, LPVOID(lngHwndAdr),&lngHwnd, 4,0);//获取句柄 if(ret != 0 && (HWND)lngHwnd == m_NotifyIconData.hWnd)// { ret = ::SendMessage(hWnd,TB_GETITEMRECT,(WPARAM)j,(LPARAM)lngRect); //发送消息获取托盘项区域数据 ret = ReadProcessMemory(hProcess,lngRect,&rc, sizeof(rc),0); //读取托盘区域数据 if(ret != 0) { CWnd::FromHandle(hWnd)->ClientToScreen(&rc); rect = rc; } bSuc = true;//在普通托盘区找到,在溢出区不再查找 break; } } } } if (lngAddress != NULL) { VirtualFreeEx( hProcess, lngAddress, 0x4096, MEM_DECOMMIT); VirtualFreeEx( hProcess, lngAddress, 0, MEM_RELEASE); } if (lngRect != NULL) { VirtualFreeEx( hProcess, lngRect, sizeof(RECT), MEM_DECOMMIT); VirtualFreeEx( hProcess, lngRect, 0, MEM_RELEASE); } CloseHandle(hProcess); } } } return bSuc;}//获取普通托盘区窗口句柄HWND CTray::FindTrayWnd(){ HWND hWnd = NULL; HWND hWndPaper = NULL; if ((hWnd = FindWindow(_T("Shell_TrayWnd"), NULL)) != NULL) { if ((hWnd = FindWindowEx(hWnd, 0, _T("TrayNotifyWnd"), NULL)) != NULL) { hWndPaper = FindWindowEx(hWnd, 0, _T("SysPager"), NULL); if(!hWndPaper) hWnd = FindWindowEx(hWnd, 0, _T("ToolbarWindow32"), NULL); else hWnd = FindWindowEx(hWndPaper, 0, _T("ToolbarWindow32"), NULL); } } return hWnd;}//获取溢出托盘区窗口句柄HWND CTray::FindNotifyIconOverflowWindow(){ HWND hWnd = NULL; hWnd = FindWindow(_T("NotifyIconOverflowWindow"), NULL); if (hWnd != NULL) { hWnd = FindWindowEx(hWnd, NULL, _T("ToolbarWindow32"), NULL); } return hWnd;}以下代码网上收集的,变量 初始化 指针句柄 及函数是否成功都没判定
//需要的自己加下判定,有时间再改了
代码二
struct TRAYDATA{ HWND hwnd; UINT uID; UINT uCallbackMessage; DWORD Reserved[2]; HICON hIcon; };void CTray::GetTrayRect(){HWND hWnd,hWndPaper;unsigned long lngPID;long ret,lngButtons;HANDLE hProcess;LPVOID lngAddress;long lngTextAdr,lngHwndAdr,lngHwnd,lngButtonID;TCHAR strBuff[1024]={0}; TRAYDATA trayData = {0}; TBBUTTON btnData={0};hWnd = FindWindow(_T("Shell_TrayWnd"), NULL);hWnd = FindWindowEx(hWnd, 0, _T("TrayNotifyWnd"), NULL);hWndPaper = FindWindowEx(hWnd, 0, _T("SysPager"), NULL);if(!hWndPaper)hWnd = FindWindowEx(hWnd, 0, _T("ToolbarWindow32"), NULL);elsehWnd = FindWindowEx(hWndPaper, 0, _T("ToolbarWindow32"), NULL);ret = GetWindowThreadProcessId(hWnd, &lngPID);hProcess = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE,0,lngPID);lngAddress = VirtualAllocEx(hProcess,0, 0x4096, MEM_COMMIT, PAGE_READWRITE);lngButtons = SendMessage(hWnd, TB_BUTTONCOUNT, 0, 0); RECT rc; POINT point;LPVOID lngRect = VirtualAllocEx(hProcess,0,sizeof(RECT), MEM_COMMIT, PAGE_READWRITE);CRect rect;for(int i=0 ;i< lngButtons;i++){int j = i;ret = SendMessage(hWnd,TB_GETBUTTON,j,long(lngAddress));ret = ReadProcessMemory(hProcess, LPVOID(long(lngAddress) + 16),&lngTextAdr,4,0);if(lngTextAdr != -1){ret = ReadProcessMemory(hProcess, LPVOID(lngTextAdr),strBuff,1024,0);//ret = ReadProcessMemory(hProcess, LPVOID(long(lngAddress) + 12),&lngHwndAdr,4,0); //获取句柄//ret = ReadProcessMemory(hProcess, LPVOID(lngHwndAdr),&lngHwnd, 4,0);//ret = ReadProcessMemory(hProcess, LPVOID(long(lngAddress) + 4),&lngButtonID,4,0);//获取buttonIDCString str(strBuff);if (str.Compare(m_NotifyIconData.szTip) == 0){::SendMessage(hWnd,TB_GETITEMRECT,(WPARAM)j,(LPARAM)lngRect);ReadProcessMemory(hProcess,lngRect,&rc, sizeof(rc),0); //获取托盘图标区域CWnd::FromHandle(hWnd)->ClientToScreen(&rc);}//以下是隐藏托盘图标// {// if(show)// {// SendMessage(hWnd,TB_HIDEBUTTON,lngButtonID,0);// }// else// { // SendMessage(hWnd,TB_HIDEBUTTON,lngButtonID,1);// }// }}}VirtualFreeEx( hProcess, lngAddress, 0x4096, MEM_DECOMMIT);VirtualFreeEx( hProcess, lngAddress, 0, MEM_RELEASE);VirtualFreeEx( hProcess, lngRect, sizeof(RECT), MEM_DECOMMIT);VirtualFreeEx( hProcess, lngRect, 0, MEM_RELEASE);CloseHandle(hProcess);}代码三
VOID StartStorm(){ HWND hMain = FindWindow("animate_layered_window_class", "暴风媒体中心"); if ( hMain ) { ShowWindow(hMain, SW_HIDE); } //得到工具栏句柄 HWND hTray = FindWindow("Shell_TrayWnd", NULL); hTray = FindWindowEx(hTray, 0, "TrayNotifyWnd", NULL); hTray = FindWindowEx(hTray, 0, "SysPager", NULL); hTray = FindWindowEx(hTray, 0, "ToolbarWindow32", NULL); //获取explore进程ID DWORD TrayPid; GetWindowThreadProcessId(hTray, &TrayPid); //打开进程 并且开辟进程空间 RECT rect; TBBUTTON tb; TBBUTTON pTb; LPVOID lpAddr; DWORD dwThreadIdOfICO; DWORD dwTempId = FindStorm("Stormtray.exe"); //你要点击的进程的PID TRAYDATA traydata; HANDLE hOpen = OpenProcess(PROCESS_ALL_ACCESS, FALSE, TrayPid); lpAddr = VirtualAllocEx(hOpen, NULL, sizeof(tb) + sizeof(rect), MEM_COMMIT, PAGE_READWRITE); int nCount = SendMessage(hTray, TB_BUTTONCOUNT, 0, 0); int i; DWORD dwOutWrite; for ( i = 0; i < nCount; i ++) { ZeroMemory(&tb, sizeof(tb)); ZeroMemory(&rect, sizeof(rect)); //把参数写进目标进程 WriteProcessMemory(hOpen, lpAddr, &tb, sizeof(tb), &dwOutWrite); //WriteProcessMemory(hOpen, (LPVOID)((DWORD)lpAddr + sizeof(pTb)), &rect, sizeof(rect), &dwOutWrite); //获取BUTTON SendMessage(hTray, TB_GETBUTTON, i, LPARAM(lpAddr)); //读取TBBUTTON结构 ReadProcessMemory(hOpen, lpAddr, &pTb, sizeof(TBBUTTON), &dwOutWrite); //读取TRAYDATA结构 ReadProcessMemory(hOpen, (LPVOID)pTb.dwData, &traydata, sizeof(TRAYDATA), &dwOutWrite); GetWindowThreadProcessId(traydata.hwnd, &dwThreadIdOfICO); if ( dwThreadIdOfICO == dwTempId ) { //获取ICO的RECT LPVOID lp = (LPVOID)((DWORD)lpAddr + sizeof(pTb)); SendMessage(hTray, TB_GETITEMRECT, i, (LPARAM)lp); LPVOID lpdata = (LPVOID)((DWORD)lpAddr + sizeof(TBBUTTON)); ReadProcessMemory(hOpen, lpdata, &rect, sizeof(rect), &dwOutWrite); int iGap = rect.right/2; //得到图标的中间坐标的间隔 //点击 SendMessage(hTray, WM_LBUTTONDOWN, MK_LBUTTON, MAKELPARAM(rect.right - iGap, rect.bottom - iGap)); SendMessage(hTray, WM_LBUTTONUP, 0, MAKELPARAM(rect.right - iGap, rect.bottom - iGap)); // CloseHandle(hOpen); break;; } }}win7有一个溢出托盘区:以下是隐藏在托盘区中的托盘信息,用以上的方法找不到,因为在NotifyIconOverflowWindow里
Fhwnd = FindWindow("NotifyIconOverflowWindow", NULL)
参考文章:http://topic.csdn.net/u/20101003/23/859851ee-5aa1-4476-8ce1-1359826df2b0.html
代码四
#include "stdafx.h"#include#include #include using namespace std;typedef BOOL (WINAPI *LPFN_ISWOW64PROCESS) (HANDLE, PBOOL);BOOL IsWow64(){ BOOL bIsWow64 = FALSE; LPFN_ISWOW64PROCESS fnIsWow64Process = (LPFN_ISWOW64PROCESS)GetProcAddress( GetModuleHandle(_T("kernel32")),"IsWow64Process"); if (NULL != fnIsWow64Process) { if (!fnIsWow64Process(GetCurrentProcess(),&bIsWow64)) { // handle error } } return bIsWow64;}HWND FindTrayWnd(){ HWND hWnd = NULL; hWnd = FindWindow(_T("Shell_TrayWnd"), NULL); hWnd = FindWindowEx(hWnd, NULL, _T("TrayNotifyWnd"), NULL); hWnd = FindWindowEx(hWnd, NULL, _T("SysPager"), NULL); hWnd = FindWindowEx(hWnd, NULL, _T("ToolbarWindow32"), NULL); return hWnd;}HWND FindNotifyIconOverflowWindow(){ HWND hWnd = NULL; hWnd = FindWindow(_T("NotifyIconOverflowWindow"), NULL); hWnd = FindWindowEx(hWnd, NULL, _T("ToolbarWindow32"), NULL); return hWnd;}void EnumNotifyWindow(HWND hWnd){ DWORD dwProcessId = 0; GetWindowThreadProcessId(hWnd,&dwProcessId); HANDLE hProcess = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE, FALSE, dwProcessId); if ( hProcess==NULL ){ return; } LPVOID lAddress = VirtualAllocEx(hProcess, 0, 4096, MEM_COMMIT, PAGE_READWRITE); if ( lAddress==NULL ){ return; } DWORD lTextAdr = 0; BYTE buff[1024] = {0}; CString strFilePath; CString strTile; HWND hMainWnd = NULL; int nDataOffset = sizeof(TBBUTTON) - sizeof(INT_PTR) - sizeof(DWORD_PTR); int nStrOffset = 18; if ( IsWow64() ){ nDataOffset+=4; nStrOffset+=6; } //得到圖標個數 int lButton = SendMessage(hWnd, TB_BUTTONCOUNT, 0, 0); for (int i = 0; i < lButton; i++) { SendMessage(hWnd, TB_GETBUTTON, i, (LPARAM)lAddress); //讀文本地址 ReadProcessMemory(hProcess, (LPVOID)((DWORD)lAddress + nDataOffset), &lTextAdr, 4, 0); if ( lTextAdr!=-1 ) { //讀文本 ReadProcessMemory(hProcess, (LPCVOID)lTextAdr, buff, 1024, 0); hMainWnd = (HWND)(*((DWORD*)buff)); strFilePath = (WCHAR *)buff + nStrOffset; strTile = (WCHAR *)buff + nStrOffset + MAX_PATH; _tprintf(_T("%s %s\n"),strTile,strFilePath); } } VirtualFreeEx(hProcess, lAddress, 4096, MEM_RELEASE); CloseHandle(hProcess);}int _tmain(int argc, _TCHAR* argv[]){ setlocale(LC_ALL, "chs"); EnumNotifyWindow(FindTrayWnd()); _tprintf(_T("\n")); EnumNotifyWindow(FindNotifyIconOverflowWindow()); system("pause"); return 0;}
代码五
void CTrayDlg::OnButton1() { // TODO: Add your control notification handler code here HWND wd=::FindWindow("Shell_TrayWnd",NULL); if (wd==NULL) { MessageBox("Error1"); return; } HWND wtd=FindWindowEx(wd,NULL,"TrayNotifyWnd",NULL); if (wtd==NULL) { MessageBox("Error2"); return; } HWND wd1=FindWindowEx(wtd,NULL,"ToolbarWindow32",NULL); if (wd1==NULL) { MessageBox("Error3"); return; } DWORD pid; pid=0; GetWindowThreadProcessId(wd1,&pid); if (pid==NULL) { MessageBox("Error4"); return; } HANDLE hd=OpenProcess(PROCESS_QUERY_INFORMATION ¦ PROCESS_ALL_ACCESS ,true,pid); if (hd==NULL) { MessageBox("Error6"); return; } int num=::SendMessage(wd1,TB_BUTTONCOUNT ,NULL,NULL); int i; unsigned long n; TBBUTTON p,*pp; CString x; wchar_t name[256]; unsigned long whd,proid; CString temp; TBBUTTON *sp; sp= (TBBUTTON *)0x20f00; //这里应该改成用VirtualAllocEx分配内存否则有可能出错,不过人懒,就先这么着吧 for(i=0;i代码六
void CTrayDlg::OnButton1() { // TODO: Add your control notification handler code here HWND wd=::FindWindow("Shell_TrayWnd",NULL); if (wd==NULL) { MessageBox("Error1"); return; } HWND wtd=FindWindowEx(wd,NULL,"TrayNotifyWnd",NULL); if (wtd==NULL) { MessageBox("Error2"); return; } HWND wd1=FindWindowEx(wtd,NULL,"ToolbarWindow32",NULL); if (wd1==NULL) { MessageBox("Error3"); return; } DWORD pid; pid=0; GetWindowThreadProcessId(wd1,&pid); if (pid==NULL) { MessageBox("Error4"); return; } HANDLE hd=OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_ALL_ACCESS ,true,pid); if (hd==NULL) { MessageBox("Error6"); return; } int num=::SendMessage(wd1,TB_BUTTONCOUNT ,NULL,NULL); int i; unsigned long n; TBBUTTON p,*pp; CString x; wchar_t name[256]; unsigned long whd,proid; CString temp; TBBUTTON *sp; sp= (TBBUTTON *)0x20f00; for(i=0;i以上是"VC如何通过托盘图标得到该所属进程"这篇文章的所有内容,感谢各位的阅读!相信大家都有了一定的了解,希望分享的内容对大家有所帮助,如果还想学习更多知识,欢迎关注行业资讯频道!
托盘
进程
代码
图标
句柄
位置
所属
普通
内容
篇文章
信息
区域
名称
结构
学习
帮助
成功
内存
函数
参数
数据库的安全要保护哪些东西
数据库安全各自的含义是什么
生产安全数据库录入
数据库的安全性及管理
数据库安全策略包含哪些
海淀数据库安全审计系统
建立农村房屋安全信息数据库
易用的数据库客户端支持安全管理
连接数据库失败ssl安全错误
数据库的锁怎样保障安全
服务器硬盘一般多少转
qphos数据库
工商银行自动数据库系统
上海综合网络技术应用范围
张店mes软件开发服务
如何增强服务器安全
久昌科技互联网
网络安全主题手抄报带底色
计算机网络技术实习目的和意义
依据网络安全法的判罚
怎么向幼儿讲网络安全小故事
奉化软件开发厂家
关于网络安全的名句
海口网络安全 备案
asp图片怎么传到数据库
上海交通银行软件开发待遇怎么样
jatd艺术认证数据库
软件开发招聘工作人员
将数据提交到数据库后台逻辑
牛掌网络技术有限公司招聘
数据库只查看视图的权限账号
牛掌网络技术有限公司
数据库转移地址的寻址方式
火绒能够给服务器防护吗
工业互联网数据库
电视认证服务器无响应怎么解决
安徽计算机网络技术专升本
西城区咨询软件开发价格信息
重庆网络安全海报
服务器数据库转移
