Windows 8/10 中活动窗口的进程名称 [英] Name of process for active window in Windows 8/10
问题描述
以下示例可靠地返回了与活动窗口关联的进程的名称,但不适用于较新的现代/通用应用程序,因为它返回的是辅助进程的名称 WWAHost.exe(在 Windows 8 上)和 ApplicationFrameHost.exe 在 Windows 10 上,而不是应用程序的名称.
The following sample has reliably returned the name of the process that is associated with the active window, but does not work with the newer modern/universal apps because it returns the name of a helper process WWAHost.exe on Windows 8 and ApplicationFrameHost.exe on Windows 10 rather than the name of the app.
HWND active_window = GetForegroundWindow();
GetWindowThreadProcessId(active_window, &active_process_id);
HANDLE active_process = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, active_process_id);
GetProcessImageFileName(active_process, image_name, 512);
在 Windows 10 中,ApplicationFrameHost.exe 是创建窗口句柄的进程,也是 GetWindowThreadProcessId() 返回的进程,是否还有另一个 Win32 API 可用于获取活动的通用应用程序的活动进程?
With Windows 10 the ApplicationFrameHost.exe is the process that creates the window handles and is what gets returned by GetWindowThreadProcessId(), is there another Win32 API that can be used to get the active process of universal app that is active?
还尝试使用 GetApplicationUserModelId() 和 GetPackageFullName() 没有成功,因为它们分别返回 APPMODEL_ERROR_NO_APPLICATION 和 APPMODEL_ERROR_NO_PACKAGE 因为 active_process 句柄只是辅助进程,而不是活动应用程序的进程.
Also tried using GetApplicationUserModelId() and GetPackageFullName() with no success as they return APPMODEL_ERROR_NO_APPLICATION and APPMODEL_ERROR_NO_PACKAGE respectively because the active_process handle is just the helper process and not the process of the active application.
用于根据窗口的 hwnd 获取现代/通用应用程序的进程名称的任何其他 API,或以其他方式确定通用应用程序的进程名称处于活动状态.
Any other APIs to use to get the process name of a Modern/Universal application given the hwnd of the window, or otherwise figure out the process name of the universal app is active.
提前致谢!
推荐答案
当您想对此类内容进行逆向工程时,请务必使用 Spy++ 实用程序.包含在 Visual Studio 中,您需要 Common7Toolsspyxx_amd64.exe 中的 64 位版本.使用搜索">查找窗口"并将靶心拖动到 UWP 应用,例如天气".
Be sure to use the Spy++ utility when you want to reverse-engineer something like this. Included with Visual Studio, you need the 64-bit version in Common7Toolsspyxx_amd64.exe. Use Search > Find Window and drag the bullseye to a UWP app, like Weather.
您将看到使用 GetForegroundWindow() 找到的窗口,它至少有 3 个子窗口:
You'll see the window you'll find with GetForegroundWindow(), it has at least 3 child windows:
- ApplicationFrameTitleBarWindow
- ApplicationFrameInputSinkWindow
- Windows.Core.UI.CoreWindow,这是 UWP 应用程序的主机窗口,也是您感兴趣的窗口.右键单击它并选择属性"、进程"选项卡,单击进程 ID".这会将您带到您想了解的真正所有者流程.
因此,您只需要从已有的代码中执行额外的步骤,您只需枚举子窗口并查找具有不同所有者进程的子窗口.一些 C 代码,试图在不做太多假设和错误检查的情况下使其尽可能通用:
So you just need to make an extra step from the code you already have, you just have to enumerate the child windows and look for one with a different owner process. Some C code, trying to make it as universal as possible without making too many assumptions and not enough error checking:
#include <stdio.h>
#include <Windows.h>
typedef struct {
DWORD ownerpid;
DWORD childpid;
} windowinfo;
BOOL CALLBACK EnumChildWindowsCallback(HWND hWnd, LPARAM lp) {
windowinfo* info = (windowinfo*)lp;
DWORD pid = 0;
GetWindowThreadProcessId(hWnd, &pid);
if (pid != info->ownerpid) info->childpid = pid;
return TRUE;
}
int main()
{
Sleep(2000);
HWND active_window = GetForegroundWindow();
windowinfo info = { 0 };
GetWindowThreadProcessId(active_window, &info.ownerpid);
info.childpid = info.ownerpid;
EnumChildWindows(active_window, EnumChildWindowsCallback, (LPARAM)&info);
HANDLE active_process = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, info.childpid);
WCHAR image_name[MAX_PATH] = { 0 };
DWORD bufsize = MAX_PATH;
QueryFullProcessImageName(active_process, 0, image_name, &bufsize);
wprintf(L"%s
", image_name);
CloseHandle(active_process);
return 0;
}
天气程序的输出:
C:Program FilesWindowsAppsMicrosoft.BingWeather_4.5.168.0_x86__8wekyb3d8bbweMicrosoft.Msn.Weather.exe
C:Program FilesWindowsAppsMicrosoft.BingWeather_4.5.168.0_x86__8wekyb3d8bbwe Microsoft.Msn.Weather.exe
这篇关于Windows 8/10 中活动窗口的进程名称的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
