VOID PhpAdvancedPageLoad(
_In_ HWND hwndDlg
)
{
HWND changeButton;
SetDlgItemCheckForSetting(hwndDlg, IDC_ENABLEWARNINGS, L"EnableWarnings");
SetDlgItemCheckForSetting(hwndDlg, IDC_ENABLEKERNELMODEDRIVER, L"EnableKph");
SetDlgItemCheckForSetting(hwndDlg, IDC_HIDEUNNAMEDHANDLES, L"HideUnnamedHandles");
SetDlgItemCheckForSetting(hwndDlg, IDC_ENABLESTAGE2, L"EnableStage2");
SetDlgItemCheckForSetting(hwndDlg, IDC_ENABLENETWORKRESOLVE, L"EnableNetworkResolve");
SetDlgItemCheckForSetting(hwndDlg, IDC_PROPAGATECPUUSAGE, L"PropagateCpuUsage");
SetDlgItemCheckForSetting(hwndDlg, IDC_ENABLEINSTANTTOOLTIPS, L"EnableInstantTooltips");
if (WindowsVersion >= WINDOWS_7)
SetDlgItemCheckForSetting(hwndDlg, IDC_ENABLECYCLECPUUSAGE, L"EnableCycleCpuUsage");
SetDlgItemInt(hwndDlg, IDC_SAMPLECOUNT, PhGetIntegerSetting(L"SampleCount"), FALSE);
SetDlgItemCheckForSetting(hwndDlg, IDC_SAMPLECOUNTAUTOMATIC, L"SampleCountAutomatic");
if (PhGetIntegerSetting(L"SampleCountAutomatic"))
EnableWindow(GetDlgItem(hwndDlg, IDC_SAMPLECOUNT), FALSE);
// Replace Task Manager
changeButton = GetDlgItem(hwndDlg, IDC_CHANGE);
if (PhGetOwnTokenAttributes().Elevated)
{
ShowWindow(changeButton, SW_HIDE);
}
else
{
SendMessage(changeButton, BCM_SETSHIELD, 0, TRUE);
}
{
HANDLE taskmgrKeyHandle = NULL;
ULONG disposition;
BOOLEAN success = FALSE;
BOOLEAN alreadyReplaced = FALSE;
// See if we can write to the key.
if (NT_SUCCESS(PhCreateKey(
&taskmgrKeyHandle,
KEY_READ | KEY_WRITE,
PH_KEY_LOCAL_MACHINE,
&TaskMgrImageOptionsKeyName,
0,
0,
&disposition
)))
{
success = TRUE;
}
if (taskmgrKeyHandle || NT_SUCCESS(PhOpenKey(
&taskmgrKeyHandle,
KEY_READ,
PH_KEY_LOCAL_MACHINE,
&TaskMgrImageOptionsKeyName,
0
)))
{
PhClearReference(&OldTaskMgrDebugger);
if (OldTaskMgrDebugger = PhQueryRegistryString(taskmgrKeyHandle, L"Debugger"))
{
alreadyReplaced = PathMatchesPh(OldTaskMgrDebugger);
}
NtClose(taskmgrKeyHandle);
}
if (!success)
EnableWindow(GetDlgItem(hwndDlg, IDC_REPLACETASKMANAGER), FALSE);
OldReplaceTaskMgr = alreadyReplaced;
Button_SetCheck(GetDlgItem(hwndDlg, IDC_REPLACETASKMANAGER), alreadyReplaced ? BST_CHECKED : BST_UNCHECKED);
}
}
NTSTATUS KphSetParameters(
_In_opt_ PWSTR DeviceName,
_In_ PKPH_PARAMETERS Parameters
)
{
NTSTATUS status;
HANDLE parametersKeyHandle = NULL;
PPH_STRING parametersKeyName;
ULONG disposition;
UNICODE_STRING valueName;
if (!DeviceName)
DeviceName = KPH_DEVICE_SHORT_NAME;
parametersKeyName = PhConcatStrings(
3,
L"System\\CurrentControlSet\\Services\\",
DeviceName,
L"\\Parameters"
);
status = PhCreateKey(
¶metersKeyHandle,
KEY_WRITE | DELETE,
PH_KEY_LOCAL_MACHINE,
¶metersKeyName->sr,
0,
0,
&disposition
);
PhDereferenceObject(parametersKeyName);
if (!NT_SUCCESS(status))
return status;
RtlInitUnicodeString(&valueName, L"SecurityLevel");
status = NtSetValueKey(parametersKeyHandle, &valueName, 0, REG_DWORD, &Parameters->SecurityLevel, sizeof(ULONG));
if (!NT_SUCCESS(status))
goto SetValuesEnd;
if (Parameters->CreateDynamicConfiguration)
{
KPH_DYN_CONFIGURATION configuration;
RtlInitUnicodeString(&valueName, L"DynamicConfiguration");
configuration.Version = KPH_DYN_CONFIGURATION_VERSION;
configuration.NumberOfPackages = 1;
if (NT_SUCCESS(KphInitializeDynamicPackage(&configuration.Packages[0])))
{
status = NtSetValueKey(parametersKeyHandle, &valueName, 0, REG_BINARY, &configuration, sizeof(KPH_DYN_CONFIGURATION));
if (!NT_SUCCESS(status))
goto SetValuesEnd;
}
}
// Put more parameters here...
SetValuesEnd:
if (!NT_SUCCESS(status))
{
// Delete the key if we created it.
if (disposition == REG_CREATED_NEW_KEY)
NtDeleteKey(parametersKeyHandle);
}
NtClose(parametersKeyHandle);
return status;
}