static INT_PTR CALLBACK PhpProcessTerminatorDlgProc( _In_ HWND hwndDlg, _In_ UINT uMsg, _In_ WPARAM wParam, _In_ LPARAM lParam ) { switch (uMsg) { case WM_INITDIALOG: { PPH_PROCESS_ITEM processItem = (PPH_PROCESS_ITEM)lParam; PPH_STRING title; HWND lvHandle; HIMAGELIST imageList; ULONG i; PhCenterWindow(hwndDlg, GetParent(hwndDlg)); title = PhFormatString( L"Terminator - %s (%u)", processItem->ProcessName->Buffer, (ULONG)processItem->ProcessId ); SetWindowText(hwndDlg, title->Buffer); PhDereferenceObject(title); SetProp(hwndDlg, L"ProcessItem", (HANDLE)processItem); lvHandle = GetDlgItem(hwndDlg, IDC_TERMINATOR_LIST); PhAddListViewColumn(lvHandle, 0, 0, 0, LVCFMT_LEFT, 70, L"ID"); PhAddListViewColumn(lvHandle, 1, 1, 1, LVCFMT_LEFT, 280, L"Description"); ListView_SetExtendedListViewStyleEx(lvHandle, LVS_EX_FULLROWSELECT | LVS_EX_DOUBLEBUFFER | LVS_EX_INFOTIP | LVS_EX_LABELTIP | LVS_EX_CHECKBOXES, -1); PhSetControlTheme(lvHandle, L"explorer"); imageList = ImageList_Create(16, 16, ILC_COLOR32, 0, 0); ImageList_SetImageCount(imageList, 2); PhSetImageListBitmap(imageList, CROSS_INDEX, PhInstanceHandle, MAKEINTRESOURCE(IDB_CROSS)); PhSetImageListBitmap(imageList, TICK_INDEX, PhInstanceHandle, MAKEINTRESOURCE(IDB_TICK)); for (i = 0; i < sizeof(PhTerminatorTests) / sizeof(TEST_ITEM); i++) { INT itemIndex; BOOLEAN check; itemIndex = PhAddListViewItem( lvHandle, MAXINT, PhTerminatorTests[i].Id, &PhTerminatorTests[i] ); PhSetListViewSubItem(lvHandle, itemIndex, 1, PhTerminatorTests[i].Description); PhSetListViewItemImageIndex(lvHandle, itemIndex, -1); check = TRUE; if (WSTR_EQUAL(PhTerminatorTests[i].Id, L"TT4") || WSTR_EQUAL(PhTerminatorTests[i].Id, L"M1")) check = FALSE; ListView_SetCheckState(lvHandle, itemIndex, check); } ListView_SetImageList(lvHandle, imageList, LVSIL_SMALL); SetDlgItemText( hwndDlg, IDC_TERMINATOR_TEXT, L"Double-click a termination method or click Run Selected." ); } break; case WM_DESTROY: { RemoveProp(hwndDlg, L"ProcessItem"); } break; case WM_COMMAND: { INT id = LOWORD(wParam); switch (id) { case IDCANCEL: // Esc and X button to close case IDOK: EndDialog(hwndDlg, IDOK); break; case IDC_RUNSELECTED: { if (PhShowConfirmMessage(hwndDlg, L"run", L"the selected terminator tests", NULL, FALSE)) { HWND lvHandle; ULONG i; lvHandle = GetDlgItem(hwndDlg, IDC_TERMINATOR_LIST); for (i = 0; i < sizeof(PhTerminatorTests) / sizeof(TEST_ITEM); i++) { if (ListView_GetCheckState(lvHandle, i)) { if (PhpRunTerminatorTest( hwndDlg, i )) break; } } } } break; } } break; case WM_NOTIFY: { LPNMHDR header = (LPNMHDR)lParam; if (header->hwndFrom == GetDlgItem(hwndDlg, IDC_TERMINATOR_LIST)) { if (header->code == NM_DBLCLK) { LPNMITEMACTIVATE itemActivate = (LPNMITEMACTIVATE)header; if (itemActivate->iItem != -1) { if (PhShowConfirmMessage(hwndDlg, L"run", L"the selected test", NULL, FALSE)) { PhpRunTerminatorTest( hwndDlg, itemActivate->iItem ); } } } else if (header->code == LVN_ITEMCHANGED) { ULONG i; BOOLEAN oneSelected; oneSelected = FALSE; for (i = 0; i < sizeof(PhTerminatorTests) / sizeof(TEST_ITEM); i++) { if (ListView_GetCheckState(header->hwndFrom, i)) { oneSelected = TRUE; break; } } EnableWindow(GetDlgItem(hwndDlg, IDC_RUNSELECTED), oneSelected); } } } break; } return FALSE; }
static VOID PhpRefreshProcessList( _In_ HWND hwndDlg, _In_ PCHOOSE_PROCESS_DIALOG_CONTEXT Context ) { NTSTATUS status; HWND lvHandle; PVOID processes; PSYSTEM_PROCESS_INFORMATION process; lvHandle = Context->ListViewHandle; ListView_DeleteAllItems(lvHandle); ImageList_RemoveAll(Context->ImageList); if (!NT_SUCCESS(status = PhEnumProcesses(&processes))) { PhShowStatus(hwndDlg, L"Unable to enumerate processes", status, 0); return; } ExtendedListView_SetRedraw(lvHandle, FALSE); process = PH_FIRST_PROCESS(processes); do { INT lvItemIndex; PPH_STRING name; HANDLE processHandle; PPH_STRING fileName = NULL; HICON icon = NULL; WCHAR processIdString[PH_INT32_STR_LEN_1]; PPH_STRING userName = NULL; INT imageIndex; if (process->UniqueProcessId != SYSTEM_IDLE_PROCESS_ID) name = PhCreateStringFromUnicodeString(&process->ImageName); else name = PhCreateString(SYSTEM_IDLE_PROCESS_NAME); lvItemIndex = PhAddListViewItem(lvHandle, MAXINT, name->Buffer, process->UniqueProcessId); PhDereferenceObject(name); if (NT_SUCCESS(PhOpenProcess(&processHandle, ProcessQueryAccess, process->UniqueProcessId))) { HANDLE tokenHandle; PTOKEN_USER user; if (!WINDOWS_HAS_IMAGE_FILE_NAME_BY_PROCESS_ID && process->UniqueProcessId != SYSTEM_PROCESS_ID) PhGetProcessImageFileName(processHandle, &fileName); if (NT_SUCCESS(PhOpenProcessToken(&tokenHandle, TOKEN_QUERY, processHandle))) { if (NT_SUCCESS(PhGetTokenUser(tokenHandle, &user))) { userName = PhGetSidFullName(user->User.Sid, TRUE, NULL); PhFree(user); } NtClose(tokenHandle); } NtClose(processHandle); } if (process->UniqueProcessId == SYSTEM_IDLE_PROCESS_ID && !userName && PhLocalSystemName) PhSetReference(&userName, PhLocalSystemName); if (WINDOWS_HAS_IMAGE_FILE_NAME_BY_PROCESS_ID && process->UniqueProcessId != SYSTEM_PROCESS_ID) PhGetProcessImageFileNameByProcessId(process->UniqueProcessId, &fileName); if (process->UniqueProcessId == SYSTEM_PROCESS_ID) fileName = PhGetKernelFileName(); if (fileName) PhMoveReference(&fileName, PhGetFileName(fileName)); icon = PhGetFileShellIcon(PhGetString(fileName), L".exe", FALSE); // Icon if (icon) { imageIndex = ImageList_AddIcon(Context->ImageList, icon); PhSetListViewItemImageIndex(Context->ListViewHandle, lvItemIndex, imageIndex); DestroyIcon(icon); } // PID PhPrintUInt32(processIdString, HandleToUlong(process->UniqueProcessId)); PhSetListViewSubItem(Context->ListViewHandle, lvItemIndex, 1, processIdString); // User Name PhSetListViewSubItem(Context->ListViewHandle, lvItemIndex, 2, PhGetString(userName)); if (userName) PhDereferenceObject(userName); if (fileName) PhDereferenceObject(fileName); } while (process = PH_NEXT_PROCESS(process)); PhFree(processes); ExtendedListView_SortItems(lvHandle); ExtendedListView_SetRedraw(lvHandle, TRUE); }
static BOOLEAN PhpRunTerminatorTest( _In_ HWND WindowHandle, _In_ INT Index ) { NTSTATUS status; PTEST_ITEM testItem; PPH_PROCESS_ITEM processItem; HWND lvHandle; PVOID processes; BOOLEAN success = FALSE; LARGE_INTEGER interval; processItem = (PPH_PROCESS_ITEM)GetProp(WindowHandle, L"ProcessItem"); lvHandle = GetDlgItem(WindowHandle, IDC_TERMINATOR_LIST); if (!PhGetListViewItemParam( lvHandle, Index, &testItem )) return FALSE; if (WSTR_EQUAL(testItem->Id, L"TT4")) { if (!PhShowConfirmMessage( WindowHandle, L"run", L"the TT4 test", L"The TT4 test may cause the system to crash.", TRUE )) return FALSE; } status = testItem->TestProc(processItem->ProcessId); interval.QuadPart = -1000 * PH_TIMEOUT_MS; NtDelayExecution(FALSE, &interval); if (status == STATUS_NOT_SUPPORTED) { PPH_STRING concat; concat = PhConcatStrings2(L"(Not available) ", testItem->Description); PhSetListViewSubItem(lvHandle, Index, 1, concat->Buffer); PhDereferenceObject(concat); } if (!NT_SUCCESS(PhEnumProcesses(&processes))) return FALSE; // Check if the process exists. if (!PhFindProcessInformation(processes, processItem->ProcessId)) { PhSetListViewItemImageIndex(lvHandle, Index, TICK_INDEX); SetDlgItemText(WindowHandle, IDC_TERMINATOR_TEXT, L"The process was terminated."); success = TRUE; } else { PhSetListViewItemImageIndex(lvHandle, Index, CROSS_INDEX); } PhFree(processes); UpdateWindow(WindowHandle); return success; }