VC如何通过托盘图标得到该所属进程
发表于:2024-11-12 作者:千家信息网编辑
千家信息网最后更新 2024年11月12日,这篇文章主要为大家展示了"VC如何通过托盘图标得到该所属进程",内容简而易懂,条理清晰,希望能够帮助大家解决疑惑,下面让小编带领大家一起研究并学习一下"VC如何通过托盘图标得到该所属进程"这篇文章吧。
千家信息网最后更新 2024年11月12日VC如何通过托盘图标得到该所属进程
这篇文章主要为大家展示了"VC如何通过托盘图标得到该所属进程",内容简而易懂,条理清晰,希望能够帮助大家解决疑惑,下面让小编带领大家一起研究并学习一下"VC如何通过托盘图标得到该所属进程"这篇文章吧。
本例以获取程序托盘图标位置为例
//根据需要还可以获取不少信息
代码一
//获取托盘区域数据RECT CTray::GetTrayRect(){ RECT rect = {0}; HWND hWnd = NULL; hWnd = FindTrayWnd(); if (hWnd != NULL) { if (!EnumNotifyWindow(rect,hWnd))//如果没在普通托盘区 { hWnd = FindNotifyIconOverflowWindow();//在溢出区(win7) if (hWnd != NULL) { EnumNotifyWindow(rect,hWnd); } } } return rect;}//枚举获取托盘区域位置bool CTray::EnumNotifyWindow(RECT &rect,HWND hWnd){ //RECT rect = {0}; bool bSuc = false; unsigned long lngPID = 0; long ret = 0,lngButtons = 0; long lngHwndAdr = 0,lngHwnd = 0;//,lngTextAdr,lngButtonID; HANDLE hProcess = NULL; LPVOID lngAddress = NULL,lngRect = NULL; if (hWnd != NULL) { ret = GetWindowThreadProcessId(hWnd, &lngPID); if(ret != 0 && lngPID != 0) { hProcess = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE,0,lngPID);// if (hProcess != NULL) { lngAddress = VirtualAllocEx(hProcess,0, 0x4096, MEM_COMMIT, PAGE_READWRITE); lngRect = VirtualAllocEx(hProcess,0,sizeof(RECT), MEM_COMMIT, PAGE_READWRITE); lngButtons = SendMessage(hWnd, TB_BUTTONCOUNT, 0, 0); //发送消息获取托盘button数量 if (lngAddress != NULL && lngRect != NULL) { for(int i=0 ;i< lngButtons;i++) { RECT rc = {0}; int j = i; ret = SendMessage(hWnd,TB_GETBUTTON,j,long(lngAddress));//发送消息获取托盘项数据起始地址 ret = ReadProcessMemory(hProcess, LPVOID(long(lngAddress) + 12),&lngHwndAdr,4,0); if(ret != 0 && lngHwndAdr != -1) { ret = ReadProcessMemory(hProcess, LPVOID(lngHwndAdr),&lngHwnd, 4,0);//获取句柄 if(ret != 0 && (HWND)lngHwnd == m_NotifyIconData.hWnd)// { ret = ::SendMessage(hWnd,TB_GETITEMRECT,(WPARAM)j,(LPARAM)lngRect); //发送消息获取托盘项区域数据 ret = ReadProcessMemory(hProcess,lngRect,&rc, sizeof(rc),0); //读取托盘区域数据 if(ret != 0) { CWnd::FromHandle(hWnd)->ClientToScreen(&rc); rect = rc; } bSuc = true;//在普通托盘区找到,在溢出区不再查找 break; } } } } if (lngAddress != NULL) { VirtualFreeEx( hProcess, lngAddress, 0x4096, MEM_DECOMMIT); VirtualFreeEx( hProcess, lngAddress, 0, MEM_RELEASE); } if (lngRect != NULL) { VirtualFreeEx( hProcess, lngRect, sizeof(RECT), MEM_DECOMMIT); VirtualFreeEx( hProcess, lngRect, 0, MEM_RELEASE); } CloseHandle(hProcess); } } } return bSuc;}//获取普通托盘区窗口句柄HWND CTray::FindTrayWnd(){ HWND hWnd = NULL; HWND hWndPaper = NULL; if ((hWnd = FindWindow(_T("Shell_TrayWnd"), NULL)) != NULL) { if ((hWnd = FindWindowEx(hWnd, 0, _T("TrayNotifyWnd"), NULL)) != NULL) { hWndPaper = FindWindowEx(hWnd, 0, _T("SysPager"), NULL); if(!hWndPaper) hWnd = FindWindowEx(hWnd, 0, _T("ToolbarWindow32"), NULL); else hWnd = FindWindowEx(hWndPaper, 0, _T("ToolbarWindow32"), NULL); } } return hWnd;}//获取溢出托盘区窗口句柄HWND CTray::FindNotifyIconOverflowWindow(){ HWND hWnd = NULL; hWnd = FindWindow(_T("NotifyIconOverflowWindow"), NULL); if (hWnd != NULL) { hWnd = FindWindowEx(hWnd, NULL, _T("ToolbarWindow32"), NULL); } return hWnd;}以下代码网上收集的,变量 初始化 指针句柄 及函数是否成功都没判定
//需要的自己加下判定,有时间再改了
代码二
struct TRAYDATA{ HWND hwnd; UINT uID; UINT uCallbackMessage; DWORD Reserved[2]; HICON hIcon; };void CTray::GetTrayRect(){HWND hWnd,hWndPaper;unsigned long lngPID;long ret,lngButtons;HANDLE hProcess;LPVOID lngAddress;long lngTextAdr,lngHwndAdr,lngHwnd,lngButtonID;TCHAR strBuff[1024]={0}; TRAYDATA trayData = {0}; TBBUTTON btnData={0};hWnd = FindWindow(_T("Shell_TrayWnd"), NULL);hWnd = FindWindowEx(hWnd, 0, _T("TrayNotifyWnd"), NULL);hWndPaper = FindWindowEx(hWnd, 0, _T("SysPager"), NULL);if(!hWndPaper)hWnd = FindWindowEx(hWnd, 0, _T("ToolbarWindow32"), NULL);elsehWnd = FindWindowEx(hWndPaper, 0, _T("ToolbarWindow32"), NULL);ret = GetWindowThreadProcessId(hWnd, &lngPID);hProcess = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE,0,lngPID);lngAddress = VirtualAllocEx(hProcess,0, 0x4096, MEM_COMMIT, PAGE_READWRITE);lngButtons = SendMessage(hWnd, TB_BUTTONCOUNT, 0, 0); RECT rc; POINT point;LPVOID lngRect = VirtualAllocEx(hProcess,0,sizeof(RECT), MEM_COMMIT, PAGE_READWRITE);CRect rect;for(int i=0 ;i< lngButtons;i++){int j = i;ret = SendMessage(hWnd,TB_GETBUTTON,j,long(lngAddress));ret = ReadProcessMemory(hProcess, LPVOID(long(lngAddress) + 16),&lngTextAdr,4,0);if(lngTextAdr != -1){ret = ReadProcessMemory(hProcess, LPVOID(lngTextAdr),strBuff,1024,0);//ret = ReadProcessMemory(hProcess, LPVOID(long(lngAddress) + 12),&lngHwndAdr,4,0); //获取句柄//ret = ReadProcessMemory(hProcess, LPVOID(lngHwndAdr),&lngHwnd, 4,0);//ret = ReadProcessMemory(hProcess, LPVOID(long(lngAddress) + 4),&lngButtonID,4,0);//获取buttonIDCString str(strBuff);if (str.Compare(m_NotifyIconData.szTip) == 0){::SendMessage(hWnd,TB_GETITEMRECT,(WPARAM)j,(LPARAM)lngRect);ReadProcessMemory(hProcess,lngRect,&rc, sizeof(rc),0); //获取托盘图标区域CWnd::FromHandle(hWnd)->ClientToScreen(&rc);}//以下是隐藏托盘图标// {// if(show)// {// SendMessage(hWnd,TB_HIDEBUTTON,lngButtonID,0);// }// else// { // SendMessage(hWnd,TB_HIDEBUTTON,lngButtonID,1);// }// }}}VirtualFreeEx( hProcess, lngAddress, 0x4096, MEM_DECOMMIT);VirtualFreeEx( hProcess, lngAddress, 0, MEM_RELEASE);VirtualFreeEx( hProcess, lngRect, sizeof(RECT), MEM_DECOMMIT);VirtualFreeEx( hProcess, lngRect, 0, MEM_RELEASE);CloseHandle(hProcess);}代码三
VOID StartStorm(){ HWND hMain = FindWindow("animate_layered_window_class", "暴风媒体中心"); if ( hMain ) { ShowWindow(hMain, SW_HIDE); } //得到工具栏句柄 HWND hTray = FindWindow("Shell_TrayWnd", NULL); hTray = FindWindowEx(hTray, 0, "TrayNotifyWnd", NULL); hTray = FindWindowEx(hTray, 0, "SysPager", NULL); hTray = FindWindowEx(hTray, 0, "ToolbarWindow32", NULL); //获取explore进程ID DWORD TrayPid; GetWindowThreadProcessId(hTray, &TrayPid); //打开进程 并且开辟进程空间 RECT rect; TBBUTTON tb; TBBUTTON pTb; LPVOID lpAddr; DWORD dwThreadIdOfICO; DWORD dwTempId = FindStorm("Stormtray.exe"); //你要点击的进程的PID TRAYDATA traydata; HANDLE hOpen = OpenProcess(PROCESS_ALL_ACCESS, FALSE, TrayPid); lpAddr = VirtualAllocEx(hOpen, NULL, sizeof(tb) + sizeof(rect), MEM_COMMIT, PAGE_READWRITE); int nCount = SendMessage(hTray, TB_BUTTONCOUNT, 0, 0); int i; DWORD dwOutWrite; for ( i = 0; i < nCount; i ++) { ZeroMemory(&tb, sizeof(tb)); ZeroMemory(&rect, sizeof(rect)); //把参数写进目标进程 WriteProcessMemory(hOpen, lpAddr, &tb, sizeof(tb), &dwOutWrite); //WriteProcessMemory(hOpen, (LPVOID)((DWORD)lpAddr + sizeof(pTb)), &rect, sizeof(rect), &dwOutWrite); //获取BUTTON SendMessage(hTray, TB_GETBUTTON, i, LPARAM(lpAddr)); //读取TBBUTTON结构 ReadProcessMemory(hOpen, lpAddr, &pTb, sizeof(TBBUTTON), &dwOutWrite); //读取TRAYDATA结构 ReadProcessMemory(hOpen, (LPVOID)pTb.dwData, &traydata, sizeof(TRAYDATA), &dwOutWrite); GetWindowThreadProcessId(traydata.hwnd, &dwThreadIdOfICO); if ( dwThreadIdOfICO == dwTempId ) { //获取ICO的RECT LPVOID lp = (LPVOID)((DWORD)lpAddr + sizeof(pTb)); SendMessage(hTray, TB_GETITEMRECT, i, (LPARAM)lp); LPVOID lpdata = (LPVOID)((DWORD)lpAddr + sizeof(TBBUTTON)); ReadProcessMemory(hOpen, lpdata, &rect, sizeof(rect), &dwOutWrite); int iGap = rect.right/2; //得到图标的中间坐标的间隔 //点击 SendMessage(hTray, WM_LBUTTONDOWN, MK_LBUTTON, MAKELPARAM(rect.right - iGap, rect.bottom - iGap)); SendMessage(hTray, WM_LBUTTONUP, 0, MAKELPARAM(rect.right - iGap, rect.bottom - iGap)); // CloseHandle(hOpen); break;; } }}win7有一个溢出托盘区:以下是隐藏在托盘区中的托盘信息,用以上的方法找不到,因为在NotifyIconOverflowWindow里
Fhwnd = FindWindow("NotifyIconOverflowWindow", NULL)
参考文章:http://topic.csdn.net/u/20101003/23/859851ee-5aa1-4476-8ce1-1359826df2b0.html
代码四
#include "stdafx.h"#include#include #include using namespace std;typedef BOOL (WINAPI *LPFN_ISWOW64PROCESS) (HANDLE, PBOOL);BOOL IsWow64(){ BOOL bIsWow64 = FALSE; LPFN_ISWOW64PROCESS fnIsWow64Process = (LPFN_ISWOW64PROCESS)GetProcAddress( GetModuleHandle(_T("kernel32")),"IsWow64Process"); if (NULL != fnIsWow64Process) { if (!fnIsWow64Process(GetCurrentProcess(),&bIsWow64)) { // handle error } } return bIsWow64;}HWND FindTrayWnd(){ HWND hWnd = NULL; hWnd = FindWindow(_T("Shell_TrayWnd"), NULL); hWnd = FindWindowEx(hWnd, NULL, _T("TrayNotifyWnd"), NULL); hWnd = FindWindowEx(hWnd, NULL, _T("SysPager"), NULL); hWnd = FindWindowEx(hWnd, NULL, _T("ToolbarWindow32"), NULL); return hWnd;}HWND FindNotifyIconOverflowWindow(){ HWND hWnd = NULL; hWnd = FindWindow(_T("NotifyIconOverflowWindow"), NULL); hWnd = FindWindowEx(hWnd, NULL, _T("ToolbarWindow32"), NULL); return hWnd;}void EnumNotifyWindow(HWND hWnd){ DWORD dwProcessId = 0; GetWindowThreadProcessId(hWnd,&dwProcessId); HANDLE hProcess = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE, FALSE, dwProcessId); if ( hProcess==NULL ){ return; } LPVOID lAddress = VirtualAllocEx(hProcess, 0, 4096, MEM_COMMIT, PAGE_READWRITE); if ( lAddress==NULL ){ return; } DWORD lTextAdr = 0; BYTE buff[1024] = {0}; CString strFilePath; CString strTile; HWND hMainWnd = NULL; int nDataOffset = sizeof(TBBUTTON) - sizeof(INT_PTR) - sizeof(DWORD_PTR); int nStrOffset = 18; if ( IsWow64() ){ nDataOffset+=4; nStrOffset+=6; } //得到圖標個數 int lButton = SendMessage(hWnd, TB_BUTTONCOUNT, 0, 0); for (int i = 0; i < lButton; i++) { SendMessage(hWnd, TB_GETBUTTON, i, (LPARAM)lAddress); //讀文本地址 ReadProcessMemory(hProcess, (LPVOID)((DWORD)lAddress + nDataOffset), &lTextAdr, 4, 0); if ( lTextAdr!=-1 ) { //讀文本 ReadProcessMemory(hProcess, (LPCVOID)lTextAdr, buff, 1024, 0); hMainWnd = (HWND)(*((DWORD*)buff)); strFilePath = (WCHAR *)buff + nStrOffset; strTile = (WCHAR *)buff + nStrOffset + MAX_PATH; _tprintf(_T("%s %s\n"),strTile,strFilePath); } } VirtualFreeEx(hProcess, lAddress, 4096, MEM_RELEASE); CloseHandle(hProcess);}int _tmain(int argc, _TCHAR* argv[]){ setlocale(LC_ALL, "chs"); EnumNotifyWindow(FindTrayWnd()); _tprintf(_T("\n")); EnumNotifyWindow(FindNotifyIconOverflowWindow()); system("pause"); return 0;}
代码五
void CTrayDlg::OnButton1() { // TODO: Add your control notification handler code here HWND wd=::FindWindow("Shell_TrayWnd",NULL); if (wd==NULL) { MessageBox("Error1"); return; } HWND wtd=FindWindowEx(wd,NULL,"TrayNotifyWnd",NULL); if (wtd==NULL) { MessageBox("Error2"); return; } HWND wd1=FindWindowEx(wtd,NULL,"ToolbarWindow32",NULL); if (wd1==NULL) { MessageBox("Error3"); return; } DWORD pid; pid=0; GetWindowThreadProcessId(wd1,&pid); if (pid==NULL) { MessageBox("Error4"); return; } HANDLE hd=OpenProcess(PROCESS_QUERY_INFORMATION ¦ PROCESS_ALL_ACCESS ,true,pid); if (hd==NULL) { MessageBox("Error6"); return; } int num=::SendMessage(wd1,TB_BUTTONCOUNT ,NULL,NULL); int i; unsigned long n; TBBUTTON p,*pp; CString x; wchar_t name[256]; unsigned long whd,proid; CString temp; TBBUTTON *sp; sp= (TBBUTTON *)0x20f00; //这里应该改成用VirtualAllocEx分配内存否则有可能出错,不过人懒,就先这么着吧 for(i=0;i代码六
void CTrayDlg::OnButton1() { // TODO: Add your control notification handler code here HWND wd=::FindWindow("Shell_TrayWnd",NULL); if (wd==NULL) { MessageBox("Error1"); return; } HWND wtd=FindWindowEx(wd,NULL,"TrayNotifyWnd",NULL); if (wtd==NULL) { MessageBox("Error2"); return; } HWND wd1=FindWindowEx(wtd,NULL,"ToolbarWindow32",NULL); if (wd1==NULL) { MessageBox("Error3"); return; } DWORD pid; pid=0; GetWindowThreadProcessId(wd1,&pid); if (pid==NULL) { MessageBox("Error4"); return; } HANDLE hd=OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_ALL_ACCESS ,true,pid); if (hd==NULL) { MessageBox("Error6"); return; } int num=::SendMessage(wd1,TB_BUTTONCOUNT ,NULL,NULL); int i; unsigned long n; TBBUTTON p,*pp; CString x; wchar_t name[256]; unsigned long whd,proid; CString temp; TBBUTTON *sp; sp= (TBBUTTON *)0x20f00; for(i=0;i以上是"VC如何通过托盘图标得到该所属进程"这篇文章的所有内容,感谢各位的阅读!相信大家都有了一定的了解,希望分享的内容对大家有所帮助,如果还想学习更多知识,欢迎关注行业资讯频道!
托盘
进程
代码
图标
句柄
位置
所属
普通
内容
篇文章
信息
区域
名称
结构
学习
帮助
成功
内存
函数
参数
数据库的安全要保护哪些东西
数据库安全各自的含义是什么
生产安全数据库录入
数据库的安全性及管理
数据库安全策略包含哪些
海淀数据库安全审计系统
建立农村房屋安全信息数据库
易用的数据库客户端支持安全管理
连接数据库失败ssl安全错误
数据库的锁怎样保障安全
针对网络安全审计
江苏进口软件开发处理方法
h2数据库主备同步
2019网络安全大会陶耀东
离线进入mc正版服务器
人民的名义软件开发公司
软件开发公司地址设在哪里
软件开发 县城
sql管理数据库教学视频
爱默生变频器服务器
数据库安全性保障
斑马网络技术有限公司英文名
如何将数据库数据取出来吗
无服务器执行环境
网络安全就业前景好找工作吗
软件开发首付款进哪个科目
2020网络安全前50强
戴尔服务器盘柜型号
上海软件开发中心待遇
启明星辰网络安全测试要多少钱
数据库学生管理图
计算机网络技术自我介绍介绍
苹果5无法激活无法接通服务器
网络安全手抄报文字内容很长
医药数字化网络安全管理
如何防止数据库删除
数据库arcgis添加
软件无法连接sql数据库
重庆小金牛网络技术有限公司
图床服务器
