Hidden Sockets

Discussion in 'Port Explorer' started by Loki, Jan 22, 2003.

Thread Status:
Not open for further replies.
  1. Loki

    Loki Registered Member

    Joined:
    May 26, 2002
    Posts:
    193
    Location:
    Lake Worth, Florida, USA
    Hello,

    Hi just a small request, when the port explorer icon is in the system tray would it be possible for it to flash or blink if there are any hidden sockets? Jason thanks for adding the mouse hover. :D

    Thanks
    Loki :cool:
     
  2. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hi Loki,
    wonder if the blinking would help: as i've constantly a few hidden sockets like the FW so it wouldn't add anything as it would keep on blinking, unless it would only blink after maximizing and back to tray in case of new hidden alerts, something like the alert signal in the FW and VisualZone for isntance. In such a case it would certainly add!
    I like the mouse over hovering too!
     
  3. Loki

    Loki Registered Member

    Joined:
    May 26, 2002
    Posts:
    193
    Location:
    Lake Worth, Florida, USA
    Hello Jooske,

    Well Port Explorer has finally decided Sygate Pro is ok and not a hidden socket. But you're right what I should have asked for is if there's a change after checking PE. Once you check then PE might reset and if a new socket goes hidden it could warn again. Something simple and easy.

    Thanks
    Loki :cool:

    P.S. Not to make Jason work any harder :D.
     
  4. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    It would be a good idea, if I could remove VALID red sockets from Port Explorer. Unfortunately I still havn't found an undocumented safe way of finding out if an application has a systray icon.

    I get a lot of reports already about red sockets on "safe" programs so making a flashing thing would probably alert users more :p . But if I can find a way to remove the safe red socket programs then a flashing alert would be good as in 99% of cases that would be a trojan port.

    -Jason-
     
  5. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Not always Jason, as i found this morning i lost connection, which i did not know, and hovering mouse over saw 7 hidden sockets in stead of the normal 3 and at the moment of opening the PE GUI they were all disappeared, only catched in a glimpse IE and OE had at least 1 hidden socket each, but the other 2 did not see that quick in the auto- refreshment; guess the disconnected processes had become hidden. Indeed my ISP has lost lots of the connectivity, mailserver, etc so this is not really strange here and which other sockets were hidden ... only autologging can tell :p
     
  6. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Jooske, Is it just me or have you posted around 200 messages in a week :D
    -Jason-
     
  7. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Don't know what kept you busy, i did not count, the users' most recent postings don't have a date choice to test that, but maybe the search engine can offer some help.

    Anyway, not sure what more was wrong as even the clipboard was among the hidden sockets, which is normally very suspicious, scanning clipboard content and the exe itself, nada, no modification either, so... hmmm keep controlling more often now. Yes, a blinking systray icon for unexpected new not excluded processes/sockets could be something.
    Wonder if this weekend's ZAPro upgrade to 3.5... is part of the many strange events.
     
  8. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Jooske, Did you totally uninstall ZA before doing the upgrade as I have read somewhere that this can cure the strange events. ZA's website has the complete uninstall instrutions.
     
  9. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hmmmmm must think.....
    You read the step by step disaster in another place so won't post that part here again. It does itself when installing the new version, but if it continues troubling i will uninstall it manually and re-install this one, of course.
    Maybe it does not like PE, one of the other pieces of deep digging security software. Due to being extremely occupied and this Zapro and my ISP adsl problems i still did not get the 1.350; Jason will be on the next if i ever come to this one if this continues this way :)
     
  10. wink

    wink Registered Member

    Joined:
    Dec 16, 2002
    Posts:
    52
    Hi Jooske,

    Just a short note about PE and ZAPro, I use both without any problems, so I doubt PE is the issue (ZAPro 3.5.169)

    Wink :)
     
  11. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Think the problem was more in some strange changes in ZaPro to get used on and connection problems on my ISP side. Of course i had to check extra why my IE and OE and clipboard and more all of a sudden were indicated as hidden, scan scan nothing specific found, fortunately.
    Hope to find out nice improvements in ZAPro 3.5.169.002 over the former, impression is it uses less RAM.
    Keeping more eyes on PE. It has always functioned together very fine, so i'm not really worried at all, just surprised about all happenings.
     
  12. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Jooske indeed a strange problem since they were'nt showing as hidden before. Are all the outlook, etc, sockets showing as hidden or just some? Can you see the Outlook window?
    -Jason-
     
  13. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    It happened a few times more since. But i noticed too it was when i seem to have lost connection or my DNS:
    at those moments i can't collect emails nor surf around.
    I see all the sockets for Outlook Express (i don't use Outlook) red then and all those for Internet Explorer. I can access and see what there is already in OE and i guess the cached IE pages.
    Till now disconnect from internet and reconnect or a modem reset or in cases even a reboot helped to get back correctly.
    Not sure still if this is part of the new Zapro install, the general internet problems or my ISP having problems too more then often, so i am not intending to uninstall Zapro for isntance completely or make other big changes till all that part on internet is ok again.
    I'll pay more attention to it now.
     
  14. and

    and Guest

    >It would be a good idea, if I could remove VALID red sockets from Port Explorer.
    >Unfortunately I still havn't found an undocumented safe way of finding out if an application
    >has a systray icon.

    http://skyscraper.fortunecity.com/gigo/311/winprog/shellico.txt
     
  15. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    (UN)fortune city doesn't give access to the file; other ways to get to it?
     
  16. and

    and Guest

    //----------------------------------------------------------------------------
    // File: shellico.txt
    //----------------------------------------------------------------------------
    // You are allowed to distribute this document unmodified for free,
    // without paying me any fee.
    // The information in this document is provided AS IS,
    // without any warranties or guarantees.
    //
    // All undocumented Windows features used/described in this document
    // are discovered by me, Nick N. Repin.
    //
    // Copyright (c) Nikolay N. Repin (Nick N. Repin), 1998
    //----------------------------------------------------------------------------
    // Enumeration of all System Tray icons info.
    // [This file consist of several modules]
    //----------------------------------------------------------------------------

    //*********************************************************************
    // Part 1. Enumerates all Systray icons info and display icons.
    // Injectes itself into the Explorer's address space.
    //
    // Consist of 2 modules: sh.cpp & shdll.cpp.
    //*********************************************************************
    /
    //----------------------------------------------------------------------------
    // File: sh.cpp.
    // Compile & link with shdll.dll.
    // Run it in window, not in the full-screen mode.
    //
    // Creates the console, attached to the Explorer.
    // The icons info will be printed on this console.
    // Icons will be painted on the console window caption
    // at 200-pixels offset from the left.
    // Console will be automatically destroyed after 10 sec.
    //----------------------------------------------------------------------------

    #define STRICT
    #include <windows.h>
    #include <iostream.h>
    #include <conio.h>

    void _import SetTrayHook();

    void main(void)
    {
    SetTrayHook();

    Sleep(15000);

    SetTrayHook();
    }

    //----------------------------------------------------------------------------
    // File: shdll.cpp.
    // Compile in dll mode.
    //----------------------------------------------------------------------------

    #define STRICT
    #include <windows.h>
    #include <commctrl.h>
    #include <stdlib.h>

    bool IsNT()
    {
    OSVERSIONINFO v;
    v.dwOSVersionInfoSize=sizeof(OSVERSIONINFO);
    ::GetVersionEx(&v);
    return v.dwPlatformId==VER_PLATFORM_WIN32_NT;
    }

    bool isNT=IsNT();

    void _export SetTrayHook();
    void enumerateIcons();
    void out(char* p=0);
    LRESULT CALLBACK MsgProc(int,WPARAM,LPARAM);

    HINSTANCE hInstance;
    HHOOK hHook=0;
    HWND SysTray=0;
    HWND NotifyWnd=0;
    DWORD dwExplorerThreadId=0,dwExplorerProcessId=0;

    char msg[256];
    HANDLE hCon=0;
    HWND wCon=0;

    BOOL WINAPI DllEntryPoint(HINSTANCE hInstDll,DWORD fdwReason,LPVOID)
    {
    switch(fdwReason) {
    case DLL_PROCESS_ATTACH:
    hInstance=hInstDll;
    break;
    case DLL_THREAD_ATTACH:
    break;
    case DLL_PROCESS_DETACH:
    break;
    case DLL_THREAD_DETACH:
    break;
    }
    return TRUE;
    }

    void SetTrayHook()
    {
    if(hHook==NULL) {
    SysTray=FindWindow("Shell_TrayWnd",NULL);
    NotifyWnd=FindWindowEx(SysTray,0,"TrayNotifyWnd",0);
    dwExplorerThreadId=GetWindowThreadProcessId(SysTray,
    &dwExplorerProcessId);
    hHook=SetWindowsHookEx(WH_CALLWNDPROC,HOOKPROC(MsgProc),
    hInstance,dwExplorerThreadId);
    //PostThreadMessage(dwExplorerThreadId,WM_NULL,0,0);
    }
    else {
    UnhookWindowsHookEx(hHook);
    hHook=NULL;
    }
    return;
    }

    bool isFirst=true;
    LRESULT CALLBACK MsgProc(int nCode,WPARAM wParam,LPARAM lParam)
    {
    if(isFirst) {
    isFirst=false;
    isNT=IsNT();
    SysTray=FindWindow("Shell_TrayWnd",NULL);
    NotifyWnd=FindWindowEx(SysTray,0,"TrayNotifyWnd",0);
    // To display messages
    AllocConsole();
    hCon=CreateFile("CONOUT$",GENERIC_READ|GENERIC_WRITE,
    FILE_SHARE_READ|FILE_SHARE_WRITE,NULL,OPEN_EXISTING,0,0);
    SetConsoleMode(hCon,ENABLE_PROCESSED_OUTPUT|ENABLE_WRAP_AT_EOL_OUTPUT);
    CONSOLE_SCREEN_BUFFER_INFO bi;
    GetConsoleScreenBufferInfo(hCon,&bi);
    bi.dwSize.Y=200;
    SetConsoleScreenBufferSize(hCon,bi.dwSize);
    SetConsoleTitle("Nick's console");
    wCon=FindWindow(0,"Nick's console");
    out("We are in the Explorer!\r\n");
    wsprintf(msg,"Console wnd=%X\r\n\r\n",wCon);
    out();

    enumerateIcons();

    Sleep(10000); // Wait 10 sec

    CloseHandle(hCon);
    FreeConsole();
    }
    return CallNextHookEx(hHook,nCode,wParam,lParam);
    }

    struct TWIconDataT {
    DWORD imageIndex; // image index, -1 if no image in iconList
    union {
    NOTIFYICONDATAW dw;
    NOTIFYICONDATAA da;
    };
    };

    typedef TWIconDataT* pTWIconDataT;

    struct TWIconsInfoT {
    int Cnt;
    pTWIconDataT* iconData;
    };

    struct TWDataT {
    DWORD unknown[7];
    TWIconsInfoT* iconsInfo;
    HIMAGELIST iconList;
    };

    typedef pTWIconDataT WINAPI (*COMCTL32_332_T) (TWIconsInfoT* info,int index);
    COMCTL32_332_T COMCTL32_332;

    void enumerateIcons()
    {
    // Load useful function
    HINSTANCE hLib=LoadLibrary("COMCTL32.DLL");
    COMCTL32_332=(COMCTL32_332_T) GetProcAddress(hLib,LPCSTR(332));

    TWDataT* twd=(TWDataT*)GetWindowLong(NotifyWnd,0);

    wsprintf(msg,"Proc=%X, NotifyWnd=%X, data=%X\r\n",COMCTL32_332,
    NotifyWnd,twd);
    out();

    int cnt=twd->iconsInfo->Cnt; // icons count

    if(cnt==0) {
    out("No tray icons!\r\n");
    return;
    }

    wsprintf(msg,"Icons count=%d",cnt);
    out();

    int x=200; // Offset for icon painting

    for(int i=cnt-1;i>=0;i--) {
    wsprintf(msg,"\r\n\r\n# %d *****************\r\n",i); out();
    pTWIconDataT p=COMCTL32_332(twd->iconsInfo,i);
    wsprintf(msg,"ImageIndex=%d\r\n",p->imageIndex); out();
    wsprintf(msg,"hWnd=%X\r\n",p->dw.hWnd); out();
    wsprintf(msg,"uID=%d\r\n",p->dw.uID); out();
    wsprintf(msg,"uFlags=%d\r\n",p->dw.uFlags); out();
    wsprintf(msg,"uCallbackMessage=%d\r\n",p->dw.uCallbackMessage); out();
    wsprintf(msg,"hIcon=%X\r\n",p->dw.hIcon); out();
    memset(msg,0,sizeof(msg));
    strcpy(msg,"szTip=");
    if(isNT)
    wcstombs(msg+strlen(msg),p->dw.szTip,sizeof(p->dw.szTip)/2);
    else
    strcpy(msg+strlen(msg),p->da.szTip);
    out();

    HICON icon=ImageList_GetIcon(twd->iconList,p->imageIndex,ILD_NORMAL);
    wsprintf(msg,"Real icon=%X\r\n",icon);

    // Draw icon
    HDC dc=GetWindowDC(wCon);
    ImageList_Draw(twd->iconList,p->imageIndex,dc,x,4,ILD_NORMAL);
    ReleaseDC(wCon,dc);
    x+=30;
    }
    }

    void out(char* p)
    {
    DWORD dwWritten;
    if(p) strcpy(msg,p);
    WriteConsole(hCon,msg,strlen(msg),&dwWritten,0);
    }

    //*********************************************************************
    // Part 2. Console program to enumerate Systray icons info.
    // Windows95/98.
    //*********************************************************************

    #include <windows.h>
    #include <commctrl.h>
    #include <iostream.h>
    #include <stdlib.h>

    struct TWIconDataT {
    DWORD internalId; // image index, -1 if no image in iconList
    NOTIFYICONDATA d;
    };

    typedef TWIconDataT* pTWIconDataT;

    struct TWIconsInfoT {
    int Cnt;
    pTWIconDataT* iconData;
    };

    struct TWDataT {
    DWORD unknown[7];
    TWIconsInfoT* iconsInfo;
    HIMAGELIST iconList;
    };

    void main(void)
    {
    InitCommonControls();

    HWND stw=FindWindow("Shell_TrayWnd",0);
    if(!stw) {
    cout<<"System tray not found!"<<endl;
    return;
    }

    HWND tw=FindWindowEx(stw,0,"TrayNotifyWnd",0);
    if(!tw) {
    cout<<"TrayNotifyWnd not found!"<<endl;
    return;
    }
    TWDataT* twd=(TWDataT*)GetWindowLong(tw,0);
    if(!twd) {
    cout<<"Cannot get TrayNotifyWnd data! "<<GetLastError()<<endl;
    return;
    }

    // We cannot just read memory of another process

    DWORD idExplorer;
    GetWindowThreadProcessId(tw,&idExplorer);
    HANDLE hExplorer=OpenProcess(PROCESS_VM_READ,FALSE,idExplorer);
    if(!hExplorer) {
    cout<<"Cannot open Explorer process! "<<GetLastError()<<endl;
    return;
    }

    //Read tray window data
    TWDataT data;
    BOOL r=ReadProcessMemory(hExplorer,twd,&data,sizeof(data),0);
    if(!r) {
    cout<<"Cannot read tray window data! "<<GetLastError()<<endl;
    return;
    }

    cout<<"Image list="<<data.iconList<<endl;

    // Read icons info
    TWIconsInfoT iconsInfo;
    r=ReadProcessMemory(hExplorer,data.iconsInfo,&iconsInfo,
    sizeof(iconsInfo),0);
    if(!r) {
    cout<<"Cannot read icons info! "<<GetLastError()<<endl;
    return;
    }

    if(iconsInfo.Cnt==0) {
    cout<<"No tray icons!"<<endl;
    return;
    }
    else cout<<"Icons count="<<(iconsInfo.Cnt)<<endl;

    // Ok, now read pointers to icons data
    pTWIconDataT* ppIconData=new pTWIconDataT[iconsInfo.Cnt];
    r=ReadProcessMemory(hExplorer,iconsInfo.iconData,ppIconData,
    sizeof(pTWIconDataT)*iconsInfo.Cnt,0);
    if(!r) {
    cout<<"Cannot read pointers to icons data! "<<GetLastError()<<endl;
    return;
    }

    // Now read icons data itself
    pTWIconDataT pIconData=new TWIconDataT[iconsInfo.Cnt];
    for(int i=0;i<iconsInfo.Cnt;i++) {
    r=ReadProcessMemory(hExplorer,ppIconData,pIconData+i,
    sizeof(TWIconDataT),0);
    if(!r) {
    cout<<"Cannot read icon data #"<<i<<"! "<<GetLastError()<<endl;
    return;
    }
    }

    delete[] ppIconData;
    CloseHandle(hExplorer);

    // Now, add points to Nick's account for wasted 4 hour!!

    for(int i=iconsInfo.Cnt-1;i>=0;i--) {
    cout<<endl<<"# "<<i<<" *****************"<<endl;
    cout<<"internalId="<<(pIconData.internalId)<<endl;
    cout<<"hWnd="<<(pIconData.d.hWnd)<<endl;
    cout<<"uID="<<(pIconData.d.uID)<<endl;
    cout<<"uFlags="<<(pIconData.d.uFlags)<<endl;
    cout<<"uCallbackMessage="<<(pIconData.d.uCallbackMessage)<<endl;
    cout<<"hIcon="<<(pIconData.d.hIcon)<<endl;
    cout<<"szTip="<<(pIconData.d.szTip)<<endl;
    // Will not work
    //HICON icon=ImageList_GetIcon(data.iconList,pIconData.internalId,
    // ILD_NORMAL);
    //cout<<"Real icon="<<icon<<endl;
    }

    delete[] pIconData;
    }

    //*********************************************************************
    // Part 3. Console program to enumerate Systray icons info.
    // Windows NT 4.0.
    //*********************************************************************

    #include <windows.h>
    #include <commctrl.h>
    #include <iostream.h>
    #include <stdlib.h>

    struct TWIconDataT {
    DWORD internalId; // image index, -1 if no image in iconList
    NOTIFYICONDATAW d;
    };

    typedef TWIconDataT* pTWIconDataT;

    struct TWIconsInfoT {
    int Cnt;
    pTWIconDataT* iconData;
    };

    struct TWDataT {
    DWORD unknown[7];
    TWIconsInfoT* iconsInfo;
    HIMAGELIST iconList;
    };

    void main(void)
    {
    InitCommonControls();

    HWND stw=FindWindow("Shell_TrayWnd",0);
    if(!stw) {
    cout<<"System tray not found!"<<endl;
    return;
    }

    HWND tw=FindWindowEx(stw,0,"TrayNotifyWnd",0);
    if(!tw) {
    cout<<"TrayNotifyWnd not found!"<<endl;
    return;
    }
    TWDataT* twd=(TWDataT*)GetWindowLong(tw,0);
    if(!twd) {
    cout<<"Cannot get TrayNotifyWnd data! "<<GetLastError()<<endl;
    return;
    }

    // We cannot just read memory of another process

    DWORD idExplorer;
    GetWindowThreadProcessId(tw,&idExplorer);
    HANDLE hExplorer=OpenProcess(PROCESS_VM_READ,FALSE,idExplorer);
    if(!hExplorer) {
    cout<<"Cannot open Explorer process! "<<GetLastError()<<endl;
    return;
    }

    //Read tray window data
    TWDataT data;
    BOOL r=ReadProcessMemory(hExplorer,twd,&data,sizeof(data),0);
    if(!r) {
    cout<<"Cannot read tray window data! "<<GetLastError()<<endl;
    return;
    }

    cout<<"Image list="<<data.iconList<<endl;

    // Read icons info
    TWIconsInfoT iconsInfo;
    r=ReadProcessMemory(hExplorer,data.iconsInfo,&iconsInfo,
    sizeof(iconsInfo),0);
    if(!r) {
    cout<<"Cannot read icons info! "<<GetLastError()<<endl;
    return;
    }

    if(iconsInfo.Cnt==0) {
    cout<<"No tray icons!"<<endl;
    return;
    }
    else cout<<"Icons count="<<(iconsInfo.Cnt)<<endl;

    // Ok, now read pointers to icons data
    pTWIconDataT* ppIconData=new pTWIconDataT[iconsInfo.Cnt];
    r=ReadProcessMemory(hExplorer,iconsInfo.iconData,ppIconData,
    sizeof(pTWIconDataT)*iconsInfo.Cnt,0);
    if(!r) {
    cout<<"Cannot read pointers to icons data! "<<GetLastError()<<endl;
    return;
    }

    // Now read icons data itself
    pTWIconDataT pIconData=new TWIconDataT[iconsInfo.Cnt];
    for(int i=0;i<iconsInfo.Cnt;i++) {
    r=ReadProcessMemory(hExplorer,ppIconData,pIconData+i,
    sizeof(TWIconDataT),0);
    if(!r) {
    cout<<"Cannot read icon data #"<<i<<"! "<<GetLastError()<<endl;
    return;
    }
    }

    delete[] ppIconData;
    CloseHandle(hExplorer);

    // Now, add points to Nick's account for wasted 4 hour!!

    for(int i=iconsInfo.Cnt-1;i>=0;i--) {
    cout<<endl<<"# "<<i<<" *****************"<<endl;
    cout<<"internalId="<<(pIconData.internalId)<<endl;
    cout<<"hWnd="<<(pIconData.d.hWnd)<<endl;
    cout<<"uID="<<(pIconData.d.uID)<<endl;
    cout<<"uFlags="<<(pIconData.d.uFlags)<<endl;
    cout<<"uCallbackMessage="<<(pIconData.d.uCallbackMessage)<<endl;
    cout<<"hIcon="<<(pIconData.d.hIcon)<<endl;
    char buf[64];
    wcstombs(buf,pIconData.d.szTip,sizeof(buf));
    cout<<"szTip="<<buf<<endl;
    // Will not work
    //HICON icon=ImageList_GetIcon(data.iconList,pIconData.internalId,
    // ILD_NORMAL);
    //cout<<"Real icon="<<icon<<endl;
    }

    delete[] pIconData;
    }

    //- EOF: shellico.txt ---------------------------------------------------------

    //----------------------------------------------------------------------------
    // File: shico2k.cpp
    //----------------------------------------------------------------------------
    // You are allowed to distribute this document unmodified for free,
    // without paying me any fee.
    // The information in this document is provided AS IS,
    // without any warranties or guarantees.
    //
    // All undocumented Windows features used/described in this document
    // are discovered by me, Nick N. Repin.
    //
    // Copyright (c) Nikolay N. Repin (Nick N. Repin), 1999
    //----------------------------------------------------------------------------
    //
    // Enumerating systray icons for Win2000.
    //
    //----------------------------------------------------------------------------

    #include <windows.h>
    #include <commctrl.h>

    //******************************************************************
    // Note: all the code below must be executed in the context of the
    // explorer.exe.
    //******************************************************************

    typedef struct {
    DWORD u1;
    HWND hwnd; // Window which handles requests about systray icons,
    // may be, it's the handle of "TrayNotifyWnd".
    DWORD u2;
    HIMAGELIST hIList; // Image list which contains icons itself.
    } TrayDataT, *pTrayDataT;

    // Same as NOTIFYICONDATA
    typedef struct {
    HWND hwnd;
    UINT uID;
    DWORD uCallbackMessage;
    DWORD uFlags;
    } IconInfoT, *pIconInfoT;

    // Structure to pass requests about systray icons.
    typedef struct {
    DWORD sz;
    DWORD dwFlags;
    DWORD p2;
    int iImage;
    DWORD p3;
    pIconInfoT pIconInfo;
    LPWSTR pTip;
    DWORD szTip;
    } ControlDataT, *pControlDataT;
    //---------------------------------------------------------------------------
    // Returns number of icons on systray.
    int getIconCount(pTrayDataT pData)
    {
    return SendMessageW(pData->hwnd,0x418,0,0);
    }
    //---------------------------------------------------------------------------
    // Returns pointer to IconInfoT struct. iIndex is icon index, from zero
    // to getIconCount()-1. bFlag must be true.
    pIconInfoT getIconInfo(pTrayDataT pData,int iIndex,bool bFlag)
    {
    ControlDataT s;
    s.sz=sizeof(s);
    s.dwFlags=bFlag ? 0x80000010 : 0x10;
    s.pIconInfo=0;
    SendMessageW(pData->hwnd,0x43F,iIndex,LPARAM(&s));
    return s.pIconInfo;
    }
    //---------------------------------------------------------------------------
    // Returns index of icon image in the image list.
    int getImageIndex(pTrayDataT pData,int iIndex)
    {
    ControlDataT s;
    s.sz=sizeof(s);
    s.dwFlags=0x80000001;
    SendMessageW(pData->hwnd,0x43F,iIndex,LPARAM(&s));
    return s.iImage;
    }
    //---------------------------------------------------------------------------
    // Sets tip for icon.
    void setTip(pTrayDataT pData,int iIndex,LPWSTR pTip)
    {
    ControlDataT s;
    s.sz=sizeof(s);
    s.dwFlags=0x80000002;
    s.pTip=pTip;
    s.szTip=MAXDWORD;
    SendMessageW(pData->hwnd,0x440,iIndex,LPARAM(&s));
    }
    //---------------------------------------------------------------------------
    // Gets tip for icon.
    void getTip(pTrayDataT pData,int iIndex,LPWSTR pTip,DWORD szTip)
    {
    ControlDataT s;
    s.sz=sizeof(s);
    s.dwFlags=0x80000002;
    s.pTip=pTip;
    s.szTip=szTip;
    SendMessageW(pData->hwnd,0x43F,iIndex,LPARAM(&s));
    }
    //---------------------------------------------------------------------------
    void enumerate()
    {
    // As usually.
    HWND hTrayNotifyWnd=
    FindWindowEx(FindWindow("Shell_TrayWnd",0),0,"TrayNotifyWnd",0);
    pTrayDataT pData=(pTrayDataT) GetWindowLong(hTrayNotifyWnd,0);

    int cnt=getIconCount(pData);
    for(int i=cnt-1;i>=0;i--) {
    pIconInfoT pInfo=getIconInfo(pData,i,true);
    int imageIndex=getImageIndex(pData,i);
    // ImageList_GetIcon(pData->hIList,imageIndex,....)
    // getTip(...)
    }
    }
    //---------------------------------------------------------------------------
    //- EOF: shico2k.cpp --------------------------------------------------------
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.