Hi, i have made a simple program that gets all of the running processes on a computer and gets the text from their windows. It works, but sometimes it gives the wrong text. For example, i have notepad open, and it doesn't say the right text. To compile, you have to link it with the psapi library.
#include <windows.h>
#include <stdio.h>
#include <tchar.h>
#include <psapi.h>
#include <conio.h>
#include <iostream>
using namespace std;
int main()
{
SetConsoleTitle("Process list");
DWORD ProcessesIDs[50], cbNeeded, cProcesses;
unsigned int i;
TCHAR szProcessName[50] = TEXT("<unknown>");
if (!EnumProcesses( ProcessesIDs, sizeof(ProcessesIDs), &cbNeeded ))
return 0;
cProcesses = cbNeeded / sizeof(DWORD);
for ( i = 0; i < cProcesses; i++ )
{
HANDLE hProcess =
OpenProcess( PROCESS_QUERY_INFORMATION |
PROCESS_VM_READ, FALSE, ProcessesIDs[i] );
if (NULL != hProcess )
{
GetModuleBaseName( hProcess, NULL,
szProcessName, sizeof(szProcessName)/sizeof(TCHAR) );
}
HWND h = GetTopWindow(0 );
char WindowText[256];
while (h)
{
DWORD pid;
DWORD dwTheardId = GetWindowThreadProcessId( h,&pid);
if (pid == ProcessesIDs[i])
{
GetWindowTextA(h, WindowText, 256);
break;
}
h = GetNextWindow(h , GW_HWNDNEXT);
}
_tprintf(TEXT("Process name: %s, PID: %u \n"),
szProcessName, ProcessesIDs[i]);
_tprintf(TEXT("Window Text: %s\n\n"), WindowText);
CloseHandle(hProcess);
}
getch();
}Here's the output:
Process name: <unknown>, PID: 0
Window Text:
Process name: Æ’unknown>, PID: 4
Window Text:
Process name: smss.exe, PID: 464
Window Text:
Process name: smss.exe, PID: 532
Window Text:
Process name: winlogon.exe, PID: 556
Window Text:
Process name: services.exe, PID: 600
Window Text:
Process name: lsass.exe, PID: 612
Window Text:
Process name: svchost.exe, PID: 760
Window Text:
Process name: svchost.exe, PID: 848
Window Text:
Process name: svchost.exe, PID: 892
Window Text:
Process name: svchost.exe, PID: 944
Window Text:
Process name: svchost.exe, PID: 996
Window Text:
Process name: spoolsv.exe, PID: 1156
Window Text:
Process name: Explorer.EXE, PID: 1332
Window Text: M
Process name: ctfmon.exe, PID: 1376
Window Text: TF_FloatingLangBar_WndTitle
Process name: Abel.exe, PID: 1536
Window Text: TF_FloatingLangBar_WndTitle
Process name: AppleMobileDeviceService.exe, PID: 1564
Window Text: TF_FloatingLangBar_WndTitle
Process name: avgamsvr.exe, PID: 1580
Window Text: TF_FloatingLangBar_WndTitle
Process name: avgupsvc.exe, PID: 1676
Window Text: TF_FloatingLangBar_WndTitle
Process name: avgemc.exe, PID: 1704
Window Text: AVG E-mail Scanner
Process name: hphmon04.exe, PID: 1796
Window Text: CiceroUIWndFrame
Process name: avgcc.exe, PID: 1804
Window Text:
Process name: iTunesHelper.exe, PID: 1828
Window Text: DDE Server Window
Process name: jusched.exe, PID: 1836
Window Text: DDE Server Window
Process name: GoogleToolbarNotifier.exe, PID: 1932
Window Text: {A7E495BF-9589-4a6e-8479-DDA2D8D3C05F}
Process name: MDM.EXE, PID: 1944
Window Text: {A7E495BF-9589-4a6e-8479-DDA2D8D3C05F}
Process name: TweakRAM.exe, PID: 1980
Window Text:
Process name: TweakRAM.exe, PID: 2032
Window Text:
Process name: TweakRAM.exe, PID: 800
Window Text:
Process name: sqlwriter.exe, PID: 768
Window Text:
Process name: svchost.exe, PID: 932
Window Text:
Process name: svchost.exe, PID: 1172
Window Text:
Process name: HPHipm11.exe, PID: 2176
Window Text:
Process name: iPodService.exe, PID: 2324
Window Text:
Process name: wscntfy.exe, PID: 2388
Window Text:
Process name: wscntfy.exe, PID: 2600
Window Text:
Process name: wmplayer.exe, PID: 3108
Window Text:
Process name: firefox.exe, PID: 4796
Window Text:
Process name: notepad.exe, PID: 3972
Window Text: CiceroUIWndFrame
Process name: EnumProc.exe, PID: 4760
Window Text: Process list
Look at notepad.exe, the real text is "Untitled - Notepad"