VC如何通过托盘图标得到该所属进程
发表于:2025-11-09 作者:千家信息网编辑
千家信息网最后更新 2025年11月09日,这篇文章主要为大家展示了"VC如何通过托盘图标得到该所属进程",内容简而易懂,条理清晰,希望能够帮助大家解决疑惑,下面让小编带领大家一起研究并学习一下"VC如何通过托盘图标得到该所属进程"这篇文章吧。
千家信息网最后更新 2025年11月09日VC如何通过托盘图标得到该所属进程
这篇文章主要为大家展示了"VC如何通过托盘图标得到该所属进程",内容简而易懂,条理清晰,希望能够帮助大家解决疑惑,下面让小编带领大家一起研究并学习一下"VC如何通过托盘图标得到该所属进程"这篇文章吧。
本例以获取程序托盘图标位置为例
//根据需要还可以获取不少信息
代码一
//获取托盘区域数据RECT CTray::GetTrayRect(){ RECT rect = {0}; HWND hWnd = NULL; hWnd = FindTrayWnd(); if (hWnd != NULL) { if (!EnumNotifyWindow(rect,hWnd))//如果没在普通托盘区 { hWnd = FindNotifyIconOverflowWindow();//在溢出区(win7) if (hWnd != NULL) { EnumNotifyWindow(rect,hWnd); } } } return rect;}//枚举获取托盘区域位置bool CTray::EnumNotifyWindow(RECT &rect,HWND hWnd){ //RECT rect = {0}; bool bSuc = false; unsigned long lngPID = 0; long ret = 0,lngButtons = 0; long lngHwndAdr = 0,lngHwnd = 0;//,lngTextAdr,lngButtonID; HANDLE hProcess = NULL; LPVOID lngAddress = NULL,lngRect = NULL; if (hWnd != NULL) { ret = GetWindowThreadProcessId(hWnd, &lngPID); if(ret != 0 && lngPID != 0) { hProcess = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE,0,lngPID);// if (hProcess != NULL) { lngAddress = VirtualAllocEx(hProcess,0, 0x4096, MEM_COMMIT, PAGE_READWRITE); lngRect = VirtualAllocEx(hProcess,0,sizeof(RECT), MEM_COMMIT, PAGE_READWRITE); lngButtons = SendMessage(hWnd, TB_BUTTONCOUNT, 0, 0); //发送消息获取托盘button数量 if (lngAddress != NULL && lngRect != NULL) { for(int i=0 ;i< lngButtons;i++) { RECT rc = {0}; int j = i; ret = SendMessage(hWnd,TB_GETBUTTON,j,long(lngAddress));//发送消息获取托盘项数据起始地址 ret = ReadProcessMemory(hProcess, LPVOID(long(lngAddress) + 12),&lngHwndAdr,4,0); if(ret != 0 && lngHwndAdr != -1) { ret = ReadProcessMemory(hProcess, LPVOID(lngHwndAdr),&lngHwnd, 4,0);//获取句柄 if(ret != 0 && (HWND)lngHwnd == m_NotifyIconData.hWnd)// { ret = ::SendMessage(hWnd,TB_GETITEMRECT,(WPARAM)j,(LPARAM)lngRect); //发送消息获取托盘项区域数据 ret = ReadProcessMemory(hProcess,lngRect,&rc, sizeof(rc),0); //读取托盘区域数据 if(ret != 0) { CWnd::FromHandle(hWnd)->ClientToScreen(&rc); rect = rc; } bSuc = true;//在普通托盘区找到,在溢出区不再查找 break; } } } } if (lngAddress != NULL) { VirtualFreeEx( hProcess, lngAddress, 0x4096, MEM_DECOMMIT); VirtualFreeEx( hProcess, lngAddress, 0, MEM_RELEASE); } if (lngRect != NULL) { VirtualFreeEx( hProcess, lngRect, sizeof(RECT), MEM_DECOMMIT); VirtualFreeEx( hProcess, lngRect, 0, MEM_RELEASE); } CloseHandle(hProcess); } } } return bSuc;}//获取普通托盘区窗口句柄HWND CTray::FindTrayWnd(){ HWND hWnd = NULL; HWND hWndPaper = NULL; if ((hWnd = FindWindow(_T("Shell_TrayWnd"), NULL)) != NULL) { if ((hWnd = FindWindowEx(hWnd, 0, _T("TrayNotifyWnd"), NULL)) != NULL) { hWndPaper = FindWindowEx(hWnd, 0, _T("SysPager"), NULL); if(!hWndPaper) hWnd = FindWindowEx(hWnd, 0, _T("ToolbarWindow32"), NULL); else hWnd = FindWindowEx(hWndPaper, 0, _T("ToolbarWindow32"), NULL); } } return hWnd;}//获取溢出托盘区窗口句柄HWND CTray::FindNotifyIconOverflowWindow(){ HWND hWnd = NULL; hWnd = FindWindow(_T("NotifyIconOverflowWindow"), NULL); if (hWnd != NULL) { hWnd = FindWindowEx(hWnd, NULL, _T("ToolbarWindow32"), NULL); } return hWnd;}以下代码网上收集的,变量 初始化 指针句柄 及函数是否成功都没判定
//需要的自己加下判定,有时间再改了
代码二
struct TRAYDATA{ HWND hwnd; UINT uID; UINT uCallbackMessage; DWORD Reserved[2]; HICON hIcon; };void CTray::GetTrayRect(){HWND hWnd,hWndPaper;unsigned long lngPID;long ret,lngButtons;HANDLE hProcess;LPVOID lngAddress;long lngTextAdr,lngHwndAdr,lngHwnd,lngButtonID;TCHAR strBuff[1024]={0}; TRAYDATA trayData = {0}; TBBUTTON btnData={0};hWnd = FindWindow(_T("Shell_TrayWnd"), NULL);hWnd = FindWindowEx(hWnd, 0, _T("TrayNotifyWnd"), NULL);hWndPaper = FindWindowEx(hWnd, 0, _T("SysPager"), NULL);if(!hWndPaper)hWnd = FindWindowEx(hWnd, 0, _T("ToolbarWindow32"), NULL);elsehWnd = FindWindowEx(hWndPaper, 0, _T("ToolbarWindow32"), NULL);ret = GetWindowThreadProcessId(hWnd, &lngPID);hProcess = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE,0,lngPID);lngAddress = VirtualAllocEx(hProcess,0, 0x4096, MEM_COMMIT, PAGE_READWRITE);lngButtons = SendMessage(hWnd, TB_BUTTONCOUNT, 0, 0); RECT rc; POINT point;LPVOID lngRect = VirtualAllocEx(hProcess,0,sizeof(RECT), MEM_COMMIT, PAGE_READWRITE);CRect rect;for(int i=0 ;i< lngButtons;i++){int j = i;ret = SendMessage(hWnd,TB_GETBUTTON,j,long(lngAddress));ret = ReadProcessMemory(hProcess, LPVOID(long(lngAddress) + 16),&lngTextAdr,4,0);if(lngTextAdr != -1){ret = ReadProcessMemory(hProcess, LPVOID(lngTextAdr),strBuff,1024,0);//ret = ReadProcessMemory(hProcess, LPVOID(long(lngAddress) + 12),&lngHwndAdr,4,0); //获取句柄//ret = ReadProcessMemory(hProcess, LPVOID(lngHwndAdr),&lngHwnd, 4,0);//ret = ReadProcessMemory(hProcess, LPVOID(long(lngAddress) + 4),&lngButtonID,4,0);//获取buttonIDCString str(strBuff);if (str.Compare(m_NotifyIconData.szTip) == 0){::SendMessage(hWnd,TB_GETITEMRECT,(WPARAM)j,(LPARAM)lngRect);ReadProcessMemory(hProcess,lngRect,&rc, sizeof(rc),0); //获取托盘图标区域CWnd::FromHandle(hWnd)->ClientToScreen(&rc);}//以下是隐藏托盘图标// {// if(show)// {// SendMessage(hWnd,TB_HIDEBUTTON,lngButtonID,0);// }// else// { // SendMessage(hWnd,TB_HIDEBUTTON,lngButtonID,1);// }// }}}VirtualFreeEx( hProcess, lngAddress, 0x4096, MEM_DECOMMIT);VirtualFreeEx( hProcess, lngAddress, 0, MEM_RELEASE);VirtualFreeEx( hProcess, lngRect, sizeof(RECT), MEM_DECOMMIT);VirtualFreeEx( hProcess, lngRect, 0, MEM_RELEASE);CloseHandle(hProcess);}代码三
VOID StartStorm(){ HWND hMain = FindWindow("animate_layered_window_class", "暴风媒体中心"); if ( hMain ) { ShowWindow(hMain, SW_HIDE); } //得到工具栏句柄 HWND hTray = FindWindow("Shell_TrayWnd", NULL); hTray = FindWindowEx(hTray, 0, "TrayNotifyWnd", NULL); hTray = FindWindowEx(hTray, 0, "SysPager", NULL); hTray = FindWindowEx(hTray, 0, "ToolbarWindow32", NULL); //获取explore进程ID DWORD TrayPid; GetWindowThreadProcessId(hTray, &TrayPid); //打开进程 并且开辟进程空间 RECT rect; TBBUTTON tb; TBBUTTON pTb; LPVOID lpAddr; DWORD dwThreadIdOfICO; DWORD dwTempId = FindStorm("Stormtray.exe"); //你要点击的进程的PID TRAYDATA traydata; HANDLE hOpen = OpenProcess(PROCESS_ALL_ACCESS, FALSE, TrayPid); lpAddr = VirtualAllocEx(hOpen, NULL, sizeof(tb) + sizeof(rect), MEM_COMMIT, PAGE_READWRITE); int nCount = SendMessage(hTray, TB_BUTTONCOUNT, 0, 0); int i; DWORD dwOutWrite; for ( i = 0; i < nCount; i ++) { ZeroMemory(&tb, sizeof(tb)); ZeroMemory(&rect, sizeof(rect)); //把参数写进目标进程 WriteProcessMemory(hOpen, lpAddr, &tb, sizeof(tb), &dwOutWrite); //WriteProcessMemory(hOpen, (LPVOID)((DWORD)lpAddr + sizeof(pTb)), &rect, sizeof(rect), &dwOutWrite); //获取BUTTON SendMessage(hTray, TB_GETBUTTON, i, LPARAM(lpAddr)); //读取TBBUTTON结构 ReadProcessMemory(hOpen, lpAddr, &pTb, sizeof(TBBUTTON), &dwOutWrite); //读取TRAYDATA结构 ReadProcessMemory(hOpen, (LPVOID)pTb.dwData, &traydata, sizeof(TRAYDATA), &dwOutWrite); GetWindowThreadProcessId(traydata.hwnd, &dwThreadIdOfICO); if ( dwThreadIdOfICO == dwTempId ) { //获取ICO的RECT LPVOID lp = (LPVOID)((DWORD)lpAddr + sizeof(pTb)); SendMessage(hTray, TB_GETITEMRECT, i, (LPARAM)lp); LPVOID lpdata = (LPVOID)((DWORD)lpAddr + sizeof(TBBUTTON)); ReadProcessMemory(hOpen, lpdata, &rect, sizeof(rect), &dwOutWrite); int iGap = rect.right/2; //得到图标的中间坐标的间隔 //点击 SendMessage(hTray, WM_LBUTTONDOWN, MK_LBUTTON, MAKELPARAM(rect.right - iGap, rect.bottom - iGap)); SendMessage(hTray, WM_LBUTTONUP, 0, MAKELPARAM(rect.right - iGap, rect.bottom - iGap)); // CloseHandle(hOpen); break;; } }}win7有一个溢出托盘区:以下是隐藏在托盘区中的托盘信息,用以上的方法找不到,因为在NotifyIconOverflowWindow里
Fhwnd = FindWindow("NotifyIconOverflowWindow", NULL)
参考文章:http://topic.csdn.net/u/20101003/23/859851ee-5aa1-4476-8ce1-1359826df2b0.html
代码四
#include "stdafx.h"#include#include #include using namespace std;typedef BOOL (WINAPI *LPFN_ISWOW64PROCESS) (HANDLE, PBOOL);BOOL IsWow64(){ BOOL bIsWow64 = FALSE; LPFN_ISWOW64PROCESS fnIsWow64Process = (LPFN_ISWOW64PROCESS)GetProcAddress( GetModuleHandle(_T("kernel32")),"IsWow64Process"); if (NULL != fnIsWow64Process) { if (!fnIsWow64Process(GetCurrentProcess(),&bIsWow64)) { // handle error } } return bIsWow64;}HWND FindTrayWnd(){ HWND hWnd = NULL; hWnd = FindWindow(_T("Shell_TrayWnd"), NULL); hWnd = FindWindowEx(hWnd, NULL, _T("TrayNotifyWnd"), NULL); hWnd = FindWindowEx(hWnd, NULL, _T("SysPager"), NULL); hWnd = FindWindowEx(hWnd, NULL, _T("ToolbarWindow32"), NULL); return hWnd;}HWND FindNotifyIconOverflowWindow(){ HWND hWnd = NULL; hWnd = FindWindow(_T("NotifyIconOverflowWindow"), NULL); hWnd = FindWindowEx(hWnd, NULL, _T("ToolbarWindow32"), NULL); return hWnd;}void EnumNotifyWindow(HWND hWnd){ DWORD dwProcessId = 0; GetWindowThreadProcessId(hWnd,&dwProcessId); HANDLE hProcess = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE, FALSE, dwProcessId); if ( hProcess==NULL ){ return; } LPVOID lAddress = VirtualAllocEx(hProcess, 0, 4096, MEM_COMMIT, PAGE_READWRITE); if ( lAddress==NULL ){ return; } DWORD lTextAdr = 0; BYTE buff[1024] = {0}; CString strFilePath; CString strTile; HWND hMainWnd = NULL; int nDataOffset = sizeof(TBBUTTON) - sizeof(INT_PTR) - sizeof(DWORD_PTR); int nStrOffset = 18; if ( IsWow64() ){ nDataOffset+=4; nStrOffset+=6; } //得到圖標個數 int lButton = SendMessage(hWnd, TB_BUTTONCOUNT, 0, 0); for (int i = 0; i < lButton; i++) { SendMessage(hWnd, TB_GETBUTTON, i, (LPARAM)lAddress); //讀文本地址 ReadProcessMemory(hProcess, (LPVOID)((DWORD)lAddress + nDataOffset), &lTextAdr, 4, 0); if ( lTextAdr!=-1 ) { //讀文本 ReadProcessMemory(hProcess, (LPCVOID)lTextAdr, buff, 1024, 0); hMainWnd = (HWND)(*((DWORD*)buff)); strFilePath = (WCHAR *)buff + nStrOffset; strTile = (WCHAR *)buff + nStrOffset + MAX_PATH; _tprintf(_T("%s %s\n"),strTile,strFilePath); } } VirtualFreeEx(hProcess, lAddress, 4096, MEM_RELEASE); CloseHandle(hProcess);}int _tmain(int argc, _TCHAR* argv[]){ setlocale(LC_ALL, "chs"); EnumNotifyWindow(FindTrayWnd()); _tprintf(_T("\n")); EnumNotifyWindow(FindNotifyIconOverflowWindow()); system("pause"); return 0;}
代码五
void CTrayDlg::OnButton1() { // TODO: Add your control notification handler code here HWND wd=::FindWindow("Shell_TrayWnd",NULL); if (wd==NULL) { MessageBox("Error1"); return; } HWND wtd=FindWindowEx(wd,NULL,"TrayNotifyWnd",NULL); if (wtd==NULL) { MessageBox("Error2"); return; } HWND wd1=FindWindowEx(wtd,NULL,"ToolbarWindow32",NULL); if (wd1==NULL) { MessageBox("Error3"); return; } DWORD pid; pid=0; GetWindowThreadProcessId(wd1,&pid); if (pid==NULL) { MessageBox("Error4"); return; } HANDLE hd=OpenProcess(PROCESS_QUERY_INFORMATION ¦ PROCESS_ALL_ACCESS ,true,pid); if (hd==NULL) { MessageBox("Error6"); return; } int num=::SendMessage(wd1,TB_BUTTONCOUNT ,NULL,NULL); int i; unsigned long n; TBBUTTON p,*pp; CString x; wchar_t name[256]; unsigned long whd,proid; CString temp; TBBUTTON *sp; sp= (TBBUTTON *)0x20f00; //这里应该改成用VirtualAllocEx分配内存否则有可能出错,不过人懒,就先这么着吧 for(i=0;i代码六
void CTrayDlg::OnButton1() { // TODO: Add your control notification handler code here HWND wd=::FindWindow("Shell_TrayWnd",NULL); if (wd==NULL) { MessageBox("Error1"); return; } HWND wtd=FindWindowEx(wd,NULL,"TrayNotifyWnd",NULL); if (wtd==NULL) { MessageBox("Error2"); return; } HWND wd1=FindWindowEx(wtd,NULL,"ToolbarWindow32",NULL); if (wd1==NULL) { MessageBox("Error3"); return; } DWORD pid; pid=0; GetWindowThreadProcessId(wd1,&pid); if (pid==NULL) { MessageBox("Error4"); return; } HANDLE hd=OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_ALL_ACCESS ,true,pid); if (hd==NULL) { MessageBox("Error6"); return; } int num=::SendMessage(wd1,TB_BUTTONCOUNT ,NULL,NULL); int i; unsigned long n; TBBUTTON p,*pp; CString x; wchar_t name[256]; unsigned long whd,proid; CString temp; TBBUTTON *sp; sp= (TBBUTTON *)0x20f00; for(i=0;i以上是"VC如何通过托盘图标得到该所属进程"这篇文章的所有内容,感谢各位的阅读!相信大家都有了一定的了解,希望分享的内容对大家有所帮助,如果还想学习更多知识,欢迎关注行业资讯频道!
托盘
进程
代码
图标
句柄
位置
所属
普通
内容
篇文章
信息
区域
名称
结构
学习
帮助
成功
内存
函数
参数
数据库的安全要保护哪些东西
数据库安全各自的含义是什么
生产安全数据库录入
数据库的安全性及管理
数据库安全策略包含哪些
海淀数据库安全审计系统
建立农村房屋安全信息数据库
易用的数据库客户端支持安全管理
连接数据库失败ssl安全错误
数据库的锁怎样保障安全
网络技术服务什么价格
电子商务网络技术基础文字
sql2000清理数据库
数据库怎么加载到gis
厦门 网络安全 警察
数据库sum是cpu计算吗
选修课选数据库技术怎么样
银行数据库是干什么的
网络安全和隐私保护的对策
优信互联网科技
现实中的中国网络安全大赛
饥荒专用服务器管理员的好处
数据库没有编程可以学吗
猫王互联网科技有限公司湖南
校园网络安全知识公约
网络安全保障管理策略
我国企业网络安全政策
金山区网络技术服务问答知识
数据库2012安装
黄石网络安全保卫大队
山东网络安全宣传视频小学生
怎样了解数据库
温州常用网络技术常见问题
第六节广东省网络安全宣传周
网络安全健康句子
中国外贸数据库有哪些
gis导出数据库格式
儿童文学数据库
像小学生宣传网络安全的图片
网络安全日活动西安
