Dancing Desktop

Here's another terribly useful application; it makes your desktop icons move around. Just run the application, select "Go" from the menu, and watch your icons jump around.  This application uses Win API calls to access another application's memory space.  To me this sounds like something only an administrator could do, but, through some limited testing, it appears Windows XP doesn't stop you.  The program uses psapi.dll to search for processes; I'm not sure this is a stock part of XP, or only comes with developer tools.  If the program doesn't run, you need it.

You can get the application here. Just run it, and a small application will appear in the top left corner of the screen. 

From the menu, select "Go" and all open windows will minimise, then the desktop icons will dance.  Closing the application will restore your icons to their original place.  Here's my desktop icons, dancing in the fires of hell; well not really, it's just a cool outer space image.

How does it work?

It is pretty simple actually.  Most windows controls receive their command instructions through windows messages.  Because of the way Windows is designed, any process can post message to another process's window.  That is what is happening here. 

It is not that straight forward though.  Some commands are simple, only passing ids or coordinates in the message.  Others pass a pointer to a structure.  These are the tricky messages.  But thanks the the VirtualAlloc API call, you can allocate a block of memory in another process's memory space, fill it with the appropriate data, then pass a pointer to that block of memory for it to use.  There is a bit of work locating the correct process and getting its handle; you need to use psapi.dll to do this, which may not be deployed in stock windows.

So how is this used to manipulate the desktop?  The desktop, at least in Windows XP, is just a ListView in icon mode.  Once you have found the process and the listview control, you can use any listview command to manipulate it.

The source is here.