On my to do list now is figuring out whether or not I can do the same test I do in EnumWindows as in the WinEventHook callback; that is, check for WS_VISIBLE in addition to WS_BORDER. For some reason it looked like no EVENT_OBJECT_CREATE events had the WS_VISIBLE style,
That is also my observation (no WS_VISIBLE), and sounds fairly logic for such 'big' application.
Creating the window hidden allows for the application to prepare things quietly and out of sight from end-user.
I've attached another log, this time also adding the window flags in a more human readable form (output became a bit messy because of that).
That's also where i ended my endeavours. I have found no way of telling which window is (becoming) what exactly). The name change gives a few hints, but that is user configurable.
e.g. if user selects other starting page for a new tab, then you have no way of telling one window form the other (but i have not did a deep inspection for the windows).
I have not found a reverse method of telling if a window is a top-level window or otherwise. Enumwindows seems only possible in top-down manner, while afaik this requires a bottom-up approach.
so I had to remove the test for it; when it is removed things such as popup boxes will match the test listed in the original post if there is not a check for a title.
... which led me to believe that your (initial) filtering was too tight ;-)
Unfortunately, it looks like some programs create untitled windows, so it seems I can't distinguish those windows from popup boxes.
Exactly, not to mention .. then what ?
I'm a bit lost there, and msdn as well as SO where not able to provide any (at least for me) clear answers. You might also be interested in the (individual?) tabbed windows, in case they are indeed separate windows.
...but I came across a private API used by dwm-win32: RegisterShellHookWindowFunction. Since learning of this API I have found quite a number of questions involving it, far more than the other APIs.
Jedi seems to have a component for that,
here although i have no hands on experience.
I am wondering if the search results show some kind of selection for the most accessible API (i.e. there are fewer results for the other ones because they don't work properly or are harder to use).
The magic of the interwebs :-)
For my program to be able to retrieve the modulename, i have literally found one single page mentioning how to do that the way i wanted to (all others i found where copies of that same page, with the same coding mistakes
), and i had to use undocumented API. How to find undocumented API ?
(i found it to be a bit overkill to use toolhelp snapshot)
People seem not interrested in these kind of things anymore, so information on such topics disappears into oblivion :-(
For illustration, there was a very good forum on 2d/3d graphics and game programming (named flipcode) where people wrote really good papers on graphics/gaming related topics, e.g., how to write your own 3d engine, or your own renderer from scratch, how shading works etc. but that site is now defunct (luckily some of the content is archived).
And unfortunately there are many more of such sites that have perished :-(
Also on my list is producing a working example of code which uses SetWindowsHookEx. RegisterShellHookWindowFunction works the same way as it does under the hood, which implies to me it is the better API.
Perhaps
this example is able to shed a light on the topic ? No idea if that works for 64 bit though.
I found documentation WH_SHELL can run outside of the context of the hooked process (i.e. you provide a function in your executable, not a DLL) however my attempt at getting the hook to work in that manner was unfruitful.
I haven't had time to look further into that topic yet, as i'm rather busy. I'll try and see if i'm able to come up with something, but please don't hold your breath....
(and hopefully the links can keep you a bit busy
)