static INT_PTR CALLBACK PhpProcessTerminatorDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
switch (uMsg)
{
case WM_INITDIALOG:
{
PPH_PROCESS_ITEM processItem = (PPH_PROCESS_ITEM)lParam;
PPH_STRING title;
HWND lvHandle;
HIMAGELIST imageList;
ULONG i;
PhCenterWindow(hwndDlg, GetParent(hwndDlg));
title = PhFormatString(
L"Terminator - %s (%u)",
processItem->ProcessName->Buffer,
(ULONG)processItem->ProcessId
);
SetWindowText(hwndDlg, title->Buffer);
PhDereferenceObject(title);
SetProp(hwndDlg, L"ProcessItem", (HANDLE)processItem);
lvHandle = GetDlgItem(hwndDlg, IDC_TERMINATOR_LIST);
PhAddListViewColumn(lvHandle, 0, 0, 0, LVCFMT_LEFT, 70, L"ID");
PhAddListViewColumn(lvHandle, 1, 1, 1, LVCFMT_LEFT, 280, L"Description");
ListView_SetExtendedListViewStyleEx(lvHandle, LVS_EX_FULLROWSELECT | LVS_EX_DOUBLEBUFFER | LVS_EX_INFOTIP | LVS_EX_LABELTIP | LVS_EX_CHECKBOXES, -1);
PhSetControlTheme(lvHandle, L"explorer");
imageList = ImageList_Create(16, 16, ILC_COLOR32, 0, 0);
ImageList_SetImageCount(imageList, 2);
PhSetImageListBitmap(imageList, CROSS_INDEX, PhInstanceHandle, MAKEINTRESOURCE(IDB_CROSS));
PhSetImageListBitmap(imageList, TICK_INDEX, PhInstanceHandle, MAKEINTRESOURCE(IDB_TICK));
for (i = 0; i < sizeof(PhTerminatorTests) / sizeof(TEST_ITEM); i++)
{
INT itemIndex;
BOOLEAN check;
itemIndex = PhAddListViewItem(
lvHandle,
MAXINT,
PhTerminatorTests[i].Id,
&PhTerminatorTests[i]
);
PhSetListViewSubItem(lvHandle, itemIndex, 1, PhTerminatorTests[i].Description);
PhSetListViewItemImageIndex(lvHandle, itemIndex, -1);
check = TRUE;
if (WSTR_EQUAL(PhTerminatorTests[i].Id, L"TT4") || WSTR_EQUAL(PhTerminatorTests[i].Id, L"M1"))
check = FALSE;
ListView_SetCheckState(lvHandle, itemIndex, check);
}
ListView_SetImageList(lvHandle, imageList, LVSIL_SMALL);
SetDlgItemText(
hwndDlg,
IDC_TERMINATOR_TEXT,
L"Double-click a termination method or click Run Selected."
);
}
break;
case WM_DESTROY:
{
RemoveProp(hwndDlg, L"ProcessItem");
}
break;
case WM_COMMAND:
{
INT id = LOWORD(wParam);
switch (id)
{
case IDCANCEL: // Esc and X button to close
case IDOK:
EndDialog(hwndDlg, IDOK);
break;
case IDC_RUNSELECTED:
{
if (PhShowConfirmMessage(hwndDlg, L"run", L"the selected terminator tests", NULL, FALSE))
{
HWND lvHandle;
ULONG i;
lvHandle = GetDlgItem(hwndDlg, IDC_TERMINATOR_LIST);
for (i = 0; i < sizeof(PhTerminatorTests) / sizeof(TEST_ITEM); i++)
{
if (ListView_GetCheckState(lvHandle, i))
{
if (PhpRunTerminatorTest(
hwndDlg,
i
))
break;
}
}
}
}
break;
}
}
break;
case WM_NOTIFY:
{
LPNMHDR header = (LPNMHDR)lParam;
if (header->hwndFrom == GetDlgItem(hwndDlg, IDC_TERMINATOR_LIST))
{
if (header->code == NM_DBLCLK)
{
LPNMITEMACTIVATE itemActivate = (LPNMITEMACTIVATE)header;
if (itemActivate->iItem != -1)
{
if (PhShowConfirmMessage(hwndDlg, L"run", L"the selected test", NULL, FALSE))
{
PhpRunTerminatorTest(
hwndDlg,
itemActivate->iItem
);
}
}
}
else if (header->code == LVN_ITEMCHANGED)
{
ULONG i;
BOOLEAN oneSelected;
oneSelected = FALSE;
for (i = 0; i < sizeof(PhTerminatorTests) / sizeof(TEST_ITEM); i++)
{
if (ListView_GetCheckState(header->hwndFrom, i))
{
oneSelected = TRUE;
break;
}
}
EnableWindow(GetDlgItem(hwndDlg, IDC_RUNSELECTED), oneSelected);
}
}
}
break;
}
return FALSE;
}
static VOID PhpRefreshProcessList(
_In_ HWND hwndDlg,
_In_ PCHOOSE_PROCESS_DIALOG_CONTEXT Context
)
{
NTSTATUS status;
HWND lvHandle;
PVOID processes;
PSYSTEM_PROCESS_INFORMATION process;
lvHandle = Context->ListViewHandle;
ListView_DeleteAllItems(lvHandle);
ImageList_RemoveAll(Context->ImageList);
if (!NT_SUCCESS(status = PhEnumProcesses(&processes)))
{
PhShowStatus(hwndDlg, L"Unable to enumerate processes", status, 0);
return;
}
ExtendedListView_SetRedraw(lvHandle, FALSE);
process = PH_FIRST_PROCESS(processes);
do
{
INT lvItemIndex;
PPH_STRING name;
HANDLE processHandle;
PPH_STRING fileName = NULL;
HICON icon = NULL;
WCHAR processIdString[PH_INT32_STR_LEN_1];
PPH_STRING userName = NULL;
INT imageIndex;
if (process->UniqueProcessId != SYSTEM_IDLE_PROCESS_ID)
name = PhCreateStringFromUnicodeString(&process->ImageName);
else
name = PhCreateString(SYSTEM_IDLE_PROCESS_NAME);
lvItemIndex = PhAddListViewItem(lvHandle, MAXINT, name->Buffer, process->UniqueProcessId);
PhDereferenceObject(name);
if (NT_SUCCESS(PhOpenProcess(&processHandle, ProcessQueryAccess, process->UniqueProcessId)))
{
HANDLE tokenHandle;
PTOKEN_USER user;
if (!WINDOWS_HAS_IMAGE_FILE_NAME_BY_PROCESS_ID && process->UniqueProcessId != SYSTEM_PROCESS_ID)
PhGetProcessImageFileName(processHandle, &fileName);
if (NT_SUCCESS(PhOpenProcessToken(&tokenHandle, TOKEN_QUERY, processHandle)))
{
if (NT_SUCCESS(PhGetTokenUser(tokenHandle, &user)))
{
userName = PhGetSidFullName(user->User.Sid, TRUE, NULL);
PhFree(user);
}
NtClose(tokenHandle);
}
NtClose(processHandle);
}
if (process->UniqueProcessId == SYSTEM_IDLE_PROCESS_ID && !userName && PhLocalSystemName)
PhSetReference(&userName, PhLocalSystemName);
if (WINDOWS_HAS_IMAGE_FILE_NAME_BY_PROCESS_ID && process->UniqueProcessId != SYSTEM_PROCESS_ID)
PhGetProcessImageFileNameByProcessId(process->UniqueProcessId, &fileName);
if (process->UniqueProcessId == SYSTEM_PROCESS_ID)
fileName = PhGetKernelFileName();
if (fileName)
PhMoveReference(&fileName, PhGetFileName(fileName));
icon = PhGetFileShellIcon(PhGetString(fileName), L".exe", FALSE);
// Icon
if (icon)
{
imageIndex = ImageList_AddIcon(Context->ImageList, icon);
PhSetListViewItemImageIndex(Context->ListViewHandle, lvItemIndex, imageIndex);
DestroyIcon(icon);
}
// PID
PhPrintUInt32(processIdString, HandleToUlong(process->UniqueProcessId));
PhSetListViewSubItem(Context->ListViewHandle, lvItemIndex, 1, processIdString);
// User Name
PhSetListViewSubItem(Context->ListViewHandle, lvItemIndex, 2, PhGetString(userName));
if (userName) PhDereferenceObject(userName);
if (fileName) PhDereferenceObject(fileName);
} while (process = PH_NEXT_PROCESS(process));
PhFree(processes);
ExtendedListView_SortItems(lvHandle);
ExtendedListView_SetRedraw(lvHandle, TRUE);
}
static BOOLEAN PhpRunTerminatorTest(
_In_ HWND WindowHandle,
_In_ INT Index
)
{
NTSTATUS status;
PTEST_ITEM testItem;
PPH_PROCESS_ITEM processItem;
HWND lvHandle;
PVOID processes;
BOOLEAN success = FALSE;
LARGE_INTEGER interval;
processItem = (PPH_PROCESS_ITEM)GetProp(WindowHandle, L"ProcessItem");
lvHandle = GetDlgItem(WindowHandle, IDC_TERMINATOR_LIST);
if (!PhGetListViewItemParam(
lvHandle,
Index,
&testItem
))
return FALSE;
if (WSTR_EQUAL(testItem->Id, L"TT4"))
{
if (!PhShowConfirmMessage(
WindowHandle,
L"run",
L"the TT4 test",
L"The TT4 test may cause the system to crash.",
TRUE
))
return FALSE;
}
status = testItem->TestProc(processItem->ProcessId);
interval.QuadPart = -1000 * PH_TIMEOUT_MS;
NtDelayExecution(FALSE, &interval);
if (status == STATUS_NOT_SUPPORTED)
{
PPH_STRING concat;
concat = PhConcatStrings2(L"(Not available) ", testItem->Description);
PhSetListViewSubItem(lvHandle, Index, 1, concat->Buffer);
PhDereferenceObject(concat);
}
if (!NT_SUCCESS(PhEnumProcesses(&processes)))
return FALSE;
// Check if the process exists.
if (!PhFindProcessInformation(processes, processItem->ProcessId))
{
PhSetListViewItemImageIndex(lvHandle, Index, TICK_INDEX);
SetDlgItemText(WindowHandle, IDC_TERMINATOR_TEXT, L"The process was terminated.");
success = TRUE;
}
else
{
PhSetListViewItemImageIndex(lvHandle, Index, CROSS_INDEX);
}
PhFree(processes);
UpdateWindow(WindowHandle);
return success;
}
