VOID EtEtwStatisticsInitialization(
VOID
)
{
EtEtwMonitorInitialization();
if (EtEtwEnabled)
{
ULONG sampleCount;
sampleCount = PhGetIntegerSetting(L"SampleCount");
PhInitializeCircularBuffer_ULONG(&EtDiskReadHistory, sampleCount);
PhInitializeCircularBuffer_ULONG(&EtDiskWriteHistory, sampleCount);
PhInitializeCircularBuffer_ULONG(&EtNetworkReceiveHistory, sampleCount);
PhInitializeCircularBuffer_ULONG(&EtNetworkSendHistory, sampleCount);
PhInitializeCircularBuffer_ULONG(&EtMaxDiskHistory, sampleCount);
PhInitializeCircularBuffer_ULONG(&EtMaxNetworkHistory, sampleCount);
PhRegisterCallback(
&PhProcessesUpdatedEvent,
EtEtwProcessesUpdatedCallback,
NULL,
&EtpProcessesUpdatedCallbackRegistration
);
PhRegisterCallback(
&PhNetworkItemsUpdatedEvent,
EtEtwNetworkItemsUpdatedCallback,
NULL,
&EtpNetworkItemsUpdatedCallbackRegistration
);
}
}
LOGICAL DllMain(
_In_ HINSTANCE Instance,
_In_ ULONG Reason,
_Reserved_ PVOID Reserved
)
{
if (Reason == DLL_PROCESS_ATTACH)
{
PPH_PLUGIN_INFORMATION info;
PluginInstance = PhRegisterPlugin(L"wj32.SetCriticalPlugin", Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Set process critical status";
info->Description = L"Adds Miscellaneous > Critical menu item.";
info->Author = L"wj32";
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackMenuItem),
MenuItemCallback,
NULL,
&MenuItemCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackProcessMenuInitializing),
ProcessMenuInitializingCallback,
NULL,
&ProcessMenuInitializingCallbackRegistration
);
}
return TRUE;
}
LOGICAL DllMain(
__in HINSTANCE Instance,
__in ULONG Reason,
__reserved PVOID Reserved
)
{
if (Reason == DLL_PROCESS_ATTACH)
{
PPH_PLUGIN_INFORMATION info;
PluginInstance = PhRegisterPlugin(L"Wj32.AvgCpuPlugin", Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Average CPU plugin";
info->Description = L"Adds a column to display average CPU times.";
info->Author = L"wj32";
PhRegisterCallback(PhGetPluginCallback(PluginInstance, PluginCallbackTreeNewMessage),
TreeNewMessageCallback, NULL, &TreeNewMessageCallbackRegistration);
PhRegisterCallback(PhGetGeneralCallback(GeneralCallbackProcessTreeNewInitializing),
ProcessTreeNewInitializingCallback, NULL, &ProcessTreeNewInitializingCallbackRegistration);
PhRegisterCallback(&PhProcessAddedEvent, ProcessAddedHandler, NULL, &ProcessAddedCallbackRegistration);
PhRegisterCallback(&PhProcessRemovedEvent, ProcessRemovedHandler, NULL, &ProcessRemovedCallbackRegistration);
PhRegisterCallback(&PhProcessesUpdatedEvent, ProcessesUpdatedHandler, NULL, &ProcessesUpdatedCallbackRegistration);
PhPluginSetObjectExtension(PluginInstance, EmProcessItemType, sizeof(PROCESS_EXTENSION),
ProcessItemCreateCallback, NULL);
}
return TRUE;
}
LOGICAL DllMain(
_In_ HINSTANCE Instance,
_In_ ULONG Reason,
_Reserved_ PVOID Reserved
)
{
switch (Reason)
{
case DLL_PROCESS_ATTACH:
{
PPH_PLUGIN_INFORMATION info;
PH_SETTING_CREATE settings[] =
{
{ IntegerSettingType, SETTING_NAME_AUTO_CHECK, L"1" },
{ StringSettingType, SETTING_NAME_LAST_CHECK, L"0" }
};
PluginInstance = PhRegisterPlugin(PLUGIN_NAME, Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Update Checker";
info->Author = L"dmex";
info->Description = L"Plugin for checking new Process Hacker releases via the Help menu.";
info->Url = L"http://processhacker.sf.net/forums/viewtopic.php?t=1121";
info->HasOptions = TRUE;
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackMainWindowShowing),
MainWindowShowingCallback,
NULL,
&MainWindowShowingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackMainMenuInitializing),
MainMenuInitializingCallback,
NULL,
&MainMenuInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackMenuItem),
MenuItemCallback,
NULL,
&PluginMenuItemCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackShowOptions),
ShowOptionsCallback,
NULL,
&PluginShowOptionsCallbackRegistration
);
PhAddSettings(settings, ARRAYSIZE(settings));
}
break;
}
return TRUE;
}
LOGICAL DllMain(
_In_ HINSTANCE Instance,
_In_ ULONG Reason,
_Reserved_ PVOID Reserved
)
{
switch (Reason)
{
case DLL_PROCESS_ATTACH:
{
PPH_PLUGIN_INFORMATION info;
PH_SETTING_CREATE settings[] =
{
{ IntegerPairSettingType, SETTING_NAME_WINDOW_POSITION, L"100,100" },
{ ScalableIntegerPairSettingType, SETTING_NAME_WINDOW_SIZE, L"@96|490,340" },
{ StringSettingType, SETTING_NAME_LISTVIEW_COLUMNS, L"" }
};
PluginInstance = PhRegisterPlugin(PLUGIN_NAME, Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Boot Entries Plugin";
info->Author = L"dmex";
info->Description = L"Plugin for viewing native Boot Entries via the Tools menu.";
info->HasOptions = FALSE;
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackLoad),
LoadCallback,
NULL,
&PluginLoadCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackUnload),
UnloadCallback,
NULL,
&PluginUnloadCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackMainMenuInitializing),
MainMenuInitializingCallback,
NULL,
&MainMenuInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackMenuItem),
MenuItemCallback,
NULL,
&PluginMenuItemCallbackRegistration
);
PhAddSettings(settings, ARRAYSIZE(settings));
}
break;
}
return TRUE;
}
LOGICAL DllMain(
__in HINSTANCE Instance,
__in ULONG Reason,
__reserved PVOID Reserved
)
{
switch (Reason)
{
case DLL_PROCESS_ATTACH:
{
PPH_PLUGIN_INFORMATION info;
PluginInstance = PhRegisterPlugin(L"ProcessHacker.OnlineChecks", Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Online Checks";
info->Author = L"wj32";
info->Description = L"Allows files to be checked with online services.";
info->HasOptions = FALSE;
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackLoad),
LoadCallback,
NULL,
&PluginLoadCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackShowOptions),
ShowOptionsCallback,
NULL,
&PluginShowOptionsCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackMenuItem),
MenuItemCallback,
NULL,
&PluginMenuItemCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackProcessMenuInitializing),
ProcessMenuInitializingCallback,
NULL,
&ProcessMenuInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackModuleMenuInitializing),
ModuleMenuInitializingCallback,
NULL,
&ModuleMenuInitializingCallbackRegistration
);
}
break;
}
return TRUE;
}
LOGICAL DllMain(
_In_ HINSTANCE Instance,
_In_ ULONG Reason,
_Reserved_ PVOID Reserved
)
{
switch (Reason)
{
case DLL_PROCESS_ATTACH:
{
PPH_PLUGIN_INFORMATION info;
PH_SETTING_CREATE settings[] =
{
{ IntegerPairSettingType, SETTING_NAME_TRACERT_WINDOW_POSITION, L"0,0" },
{ IntegerPairSettingType, SETTING_NAME_TRACERT_WINDOW_SIZE, L"600,365" },
{ IntegerPairSettingType, SETTING_NAME_PING_WINDOW_POSITION, L"0,0" },
{ IntegerPairSettingType, SETTING_NAME_PING_WINDOW_SIZE, L"420,250" },
{ IntegerSettingType, SETTING_NAME_PING_TIMEOUT, L"3e8" } // 1000 timeout.
};
PluginInstance = PhRegisterPlugin(PLUGIN_NAME, Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Network Tools";
info->Author = L"dmex, wj32";
info->Description = L"Provides ping, traceroute and whois for network connections.";
info->Url = L"http://processhacker.sf.net/forums/viewtopic.php?t=1117";
info->HasOptions = TRUE;
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackShowOptions),
ShowOptionsCallback,
NULL,
&PluginShowOptionsCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackMenuItem),
MenuItemCallback,
NULL,
&PluginMenuItemCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackNetworkMenuInitializing),
NetworkMenuInitializingCallback,
NULL,
&NetworkMenuInitializingCallbackRegistration
);
PhAddSettings(settings, ARRAYSIZE(settings));
}
break;
}
return TRUE;
}
LOGICAL DllMain(
_In_ HINSTANCE Instance,
_In_ ULONG Reason,
_Reserved_ PVOID Reserved
)
{
switch (Reason)
{
case DLL_PROCESS_ATTACH:
{
PPH_PLUGIN_INFORMATION info;
PH_SETTING_CREATE settings[] =
{
{ StringSettingType, SETTING_NAME_PERFMON_LIST, L"" }
};
PluginInstance = PhRegisterPlugin(SETTING_PREFIX, Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Performance Monitor Counters";
info->Author = L"dmex";
info->Description = L"Plugin for adding Performance Counters to the System Information window.";
info->HasOptions = TRUE;
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackLoad),
LoadCallback,
NULL,
&PluginLoadCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackUnload),
UnloadCallback,
NULL,
&PluginUnloadCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackShowOptions),
ShowOptionsCallback,
NULL,
&PluginShowOptionsCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackSystemInformationInitializing),
SystemInformationInitializingCallback,
NULL,
&SystemInformationInitializingCallbackRegistration
);
PhAddSettings(settings, _countof(settings));
}
break;
}
return TRUE;
}
LOGICAL DllMain(
__in HINSTANCE Instance,
__in ULONG Reason,
__reserved PVOID Reserved
)
{
switch (Reason)
{
case DLL_PROCESS_ATTACH:
{
PPH_PLUGIN_INFORMATION info;
PluginInstance = PhRegisterPlugin(L"ProcessHacker.UpdateChecker", Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Update Checker";
info->Author = L"dmex";
info->Description = L"Plugin for checking new Process Hacker releases via the Help menu.";
info->HasOptions = TRUE;
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackMainWindowShowing),
MainWindowShowingCallback,
NULL,
&MainWindowShowingCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackMenuItem),
MenuItemCallback,
NULL,
&PluginMenuItemCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackShowOptions),
ShowOptionsCallback,
NULL,
&PluginShowOptionsCallbackRegistration
);
{
PH_SETTING_CREATE settings[] =
{
{ IntegerSettingType, SETTING_AUTO_CHECK, L"1" },
};
PhAddSettings(settings, _countof(settings));
}
}
break;
}
return TRUE;
}
LOGICAL DllMain(
__in HINSTANCE Instance,
__in ULONG Reason,
__reserved PVOID Reserved
)
{
switch (Reason)
{
case DLL_PROCESS_ATTACH:
{
PPH_PLUGIN_INFORMATION info;
PluginInstance = PhRegisterPlugin(L"ProcessHacker.NetworkTools", Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Network Tools";
info->Author = L"wj32";
info->Description = L"Provides ping, traceroute and whois for network connections.";
info->HasOptions = FALSE;
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackLoad),
LoadCallback,
NULL,
&PluginLoadCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackShowOptions),
ShowOptionsCallback,
NULL,
&PluginShowOptionsCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackMenuItem),
MenuItemCallback,
NULL,
&PluginMenuItemCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackNetworkMenuInitializing),
NetworkMenuInitializingCallback,
NULL,
&NetworkMenuInitializingCallbackRegistration
);
}
break;
}
return TRUE;
}
LOGICAL DllMain(
_In_ HINSTANCE Instance,
_In_ ULONG Reason,
_Reserved_ PVOID Reserved
)
{
switch (Reason)
{
case DLL_PROCESS_ATTACH:
{
PPH_PLUGIN_INFORMATION info;
PH_SETTING_CREATE settings[] =
{
{ IntegerPairSettingType, SETTING_NAME_WINDOW_POSITION, L"350,350" },
{ IntegerPairSettingType, SETTING_NAME_WINDOW_SIZE, L"510,380" },
{ StringSettingType, SETTING_NAME_COLUMNS, L"" },
{ IntegerSettingType, SETTING_NAME_ALWAYSONTOP, L"0" },
{ IntegerSettingType, SETTING_NAME_AUTOSCROLL, L"1" },
{ IntegerSettingType, SETTING_NAME_MAX_ENTRIES, L"2048" }
};
PluginInstance = PhRegisterPlugin(PLUGIN_NAME, Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Debug View";
info->Author = L"dmex";
info->Description = L"Plugin for viewing Win32 debug output via the Tools menu.";
info->HasOptions = FALSE;
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackMainMenuInitializing),
MainMenuInitializingCallback,
NULL,
&MainMenuInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackMenuItem),
MenuItemCallback,
NULL,
&PluginMenuItemCallbackRegistration
);
PhAddSettings(settings, ARRAYSIZE(settings));
}
break;
}
return TRUE;
}
static VOID NTAPI LoadCallback(
_In_opt_ PVOID Parameter,
_In_opt_ PVOID Context
)
{
// Update settings
TaskbarIconType = PhGetIntegerSetting(SETTING_NAME_TASKBAR_ICON_TYPE);
// Get the TaskbarButtonCreated Id
TaskbarButtonCreatedMsgId = RegisterWindowMessage(L"TaskbarButtonCreated");
// Allow the TaskbarButtonCreated message to pass through UIPI.
ChangeWindowMessageFilter(TaskbarButtonCreatedMsgId, MSGFLT_ALLOW);
// Allow WM_COMMAND messages to pass through UIPI (Required for ThumbBar buttons if elevated...TODO: Review security.)
ChangeWindowMessageFilter(WM_COMMAND, MSGFLT_ALLOW);
// Set the process-wide AppUserModelID
SetCurrentProcessExplicitAppUserModelID(L"ProcessHacker2");
if (SUCCEEDED(CoCreateInstance(&CLSID_TaskbarList, NULL, CLSCTX_INPROC_SERVER, &IID_ITaskbarList3, &TaskbarListClass)))
{
if (!SUCCEEDED(ITaskbarList3_HrInit(TaskbarListClass)))
{
ITaskbarList3_Release(TaskbarListClass);
TaskbarListClass = NULL;
}
}
PhRegisterCallback(&PhProcessesUpdatedEvent, ProcessesUpdatedCallback, NULL, &ProcessesUpdatedCallbackRegistration);
}
VOID FileLogInitialization(
VOID
)
{
NTSTATUS status;
PPH_STRING fileName;
fileName = PhaGetStringSetting(SETTING_NAME_LOG_FILENAME);
if (fileName->Length != 0)
{
status = PhCreateFileStream(
&LogFileStream,
fileName->Buffer,
FILE_GENERIC_WRITE,
FILE_SHARE_READ,
FILE_OPEN_IF,
PH_FILE_STREAM_APPEND | PH_FILE_STREAM_UNBUFFERED
);
if (NT_SUCCESS(status))
{
PhRegisterCallback(
&PhLoggedCallback,
LoggedCallback,
NULL,
&LoggedCallbackRegistration
);
}
}
}
VOID EtInitializeDiskInformation(
VOID
)
{
LARGE_INTEGER performanceCounter;
EtDiskItemType = PhCreateObjectType(L"DiskItem", 0, EtpDiskItemDeleteProcedure);
EtDiskHashtable = PhCreateHashtable(
sizeof(PET_DISK_ITEM),
EtpDiskHashtableEqualFunction,
EtpDiskHashtableHashFunction,
128
);
InitializeListHead(&EtDiskAgeListHead);
PhInitializeFreeList(&EtDiskPacketFreeList, sizeof(ETP_DISK_PACKET), 64);
RtlInitializeSListHead(&EtDiskPacketListHead);
EtFileNameHashtable = PhCreateSimpleHashtable(128);
NtQueryPerformanceCounter(&performanceCounter, &EtpPerformanceFrequency);
EtDiskEnabled = TRUE;
// Collect all existing file names.
EtStartEtwRundown();
PhRegisterCallback(
&PhProcessesUpdatedEvent,
ProcessesUpdatedCallback,
NULL,
&ProcessesUpdatedCallbackRegistration
);
}
VOID PhRegisterThreadProvider(
__in PPH_THREAD_PROVIDER ThreadProvider,
__out PPH_CALLBACK_REGISTRATION CallbackRegistration
)
{
PhReferenceObject(ThreadProvider);
PhRegisterCallback(&PhProcessesUpdatedEvent, PhpThreadProviderCallbackHandler, ThreadProvider, CallbackRegistration);
}
LOGICAL DllMain(
_In_ HINSTANCE Instance,
_In_ ULONG Reason,
_Reserved_ PVOID Reserved
)
{
switch (Reason)
{
case DLL_PROCESS_ATTACH:
{
PPH_PLUGIN_INFORMATION info;
PluginInstance = PhRegisterPlugin(L"ProcessHacker.SecurityExplorer", Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Security Explorer";
info->Author = L"wj32";
info->Description = L"Manages LSA and SAM objects.";
info->HasOptions = FALSE;
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackLoad),
LoadCallback,
NULL,
&PluginLoadCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackMenuItem),
MenuItemCallback,
NULL,
&PluginMenuItemCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackMainWindowShowing),
MainWindowShowingCallback,
NULL,
&MainWindowShowingCallbackRegistration
);
}
break;
}
return TRUE;
}
LOGICAL DllMain(
_In_ HINSTANCE Instance,
_In_ ULONG Reason,
_Reserved_ PVOID Reserved
)
{
if (Reason == DLL_PROCESS_ATTACH)
{
PPH_PLUGIN_INFORMATION info;
PluginInstance = PhRegisterPlugin(PLUGIN_NAME, Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Live Kernel Dump Plugin";
info->Author = L"dmex";
info->Description = L"Create live kernel dumps via the Tools menu > 'Live Kernel Dump' menu.";
info->Url = L"";
info->HasOptions = FALSE;
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackMenuItem),
MenuItemCallback,
NULL,
&MenuItemCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackMainMenuInitializing),
MainMenuInitializingCallback,
NULL,
&MainMenuInitializingCallbackRegistration
);
}
return TRUE;
}
VOID NTAPI ThreadsContextCreateCallback(
_In_ PVOID Object,
_In_ PH_EM_OBJECT_TYPE ObjectType,
_In_ PVOID Extension
)
{
PPH_THREADS_CONTEXT threadsContext = Object;
PTHREAD_TREE_CONTEXT context = Extension;
memset(context, 0, sizeof(THREAD_TREE_CONTEXT));
context->Type = THREAD_TREE_CONTEXT_TYPE;
context->ProcessId = threadsContext->Provider->ProcessId;
PhRegisterCallback(
&threadsContext->Provider->ThreadAddedEvent,
ThreadAddedHandler,
context,
&context->AddedCallbackRegistration
);
}
LOGICAL DllMain(
_In_ HINSTANCE Instance,
_In_ ULONG Reason,
_Reserved_ PVOID Reserved
)
{
switch (Reason)
{
case DLL_PROCESS_ATTACH:
{
PPH_PLUGIN_INFORMATION info;
BOOLEAN isClient;
isClient = FALSE;
if (!GetModuleHandle(L"ProcessHacker.exe") || !WeGetProcedureAddress("PhLibImageBase"))
{
isClient = TRUE;
}
else
{
// WindowExplorer appears to be loading within Process Hacker. However, if there is
// already a server instance, the the hook will be active, and our DllMain routine
// will most likely be called before the plugin system is even initialized. Attempting
// to register a plugin would result in an access violation, so load as a client for now.
if (WeIsServerActive())
isClient = TRUE;
}
if (isClient)
{
// This DLL is being loaded not as a Process Hacker plugin, but as a hook.
IsHookClient = TRUE;
WeHookClientInitialization();
break;
}
PluginInstance = PhRegisterPlugin(PLUGIN_NAME, Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Window Explorer";
info->Author = L"wj32";
info->Description = L"View and manipulate windows.";
info->Url = L"http://processhacker.sf.net/forums/viewtopic.php?t=1116";
info->HasOptions = FALSE;
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackLoad),
LoadCallback,
NULL,
&PluginLoadCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackUnload),
UnloadCallback,
NULL,
&PluginUnloadCallbackRegistration
);
//PhRegisterCallback(
// PhGetPluginCallback(PluginInstance, PluginCallbackShowOptions),
// ShowOptionsCallback,
// NULL,
// &PluginShowOptionsCallbackRegistration
// );
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackMenuItem),
MenuItemCallback,
NULL,
&PluginMenuItemCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackMainMenuInitializing),
MainMenuInitializingCallback,
NULL,
&MainMenuInitializingCallbackRegistration
);
//PhRegisterCallback(
// PhGetGeneralCallback(GeneralCallbackProcessPropertiesInitializing),
// ProcessPropertiesInitializingCallback,
// NULL,
// &ProcessPropertiesInitializingCallbackRegistration
// );
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackProcessMenuInitializing),
ProcessMenuInitializingCallback,
NULL,
&ProcessMenuInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackThreadMenuInitializing),
ThreadMenuInitializingCallback,
NULL,
&ThreadMenuInitializingCallbackRegistration
);
{
static PH_SETTING_CREATE settings[] =
{
{ IntegerSettingType, SETTING_NAME_SHOW_DESKTOP_WINDOWS, L"0" },
{ StringSettingType, SETTING_NAME_WINDOW_TREE_LIST_COLUMNS, L"" },
{ IntegerPairSettingType, SETTING_NAME_WINDOWS_WINDOW_POSITION, L"100,100" },
{ IntegerPairSettingType, SETTING_NAME_WINDOWS_WINDOW_SIZE, L"690,540" }
};
PhAddSettings(settings, sizeof(settings) / sizeof(PH_SETTING_CREATE));
}
}
break;
case DLL_PROCESS_DETACH:
{
if (IsHookClient)
{
WeHookClientUninitialization();
}
}
break;
}
return TRUE;
}
INT_PTR CALLBACK EtpGpuNodesDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
switch (uMsg)
{
case WM_INITDIALOG:
{
ULONG i;
HFONT font;
PPH_STRING nodeString;
RECT labelRect;
RECT tempRect;
ULONG numberOfRows;
ULONG numberOfColumns;
WindowHandle = hwndDlg;
PhCenterWindow(hwndDlg, GetParent(hwndDlg));
PhInitializeLayoutManager(&LayoutManager, hwndDlg);
PhAddLayoutItem(&LayoutManager, GetDlgItem(hwndDlg, IDOK), NULL, PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
LayoutMargin = PhAddLayoutItem(&LayoutManager, GetDlgItem(hwndDlg, IDC_LAYOUT), NULL, PH_ANCHOR_ALL)->Margin;
PhRegisterCallback(&PhProcessesUpdatedEvent, ProcessesUpdatedCallback, NULL, &ProcessesUpdatedCallbackRegistration);
GraphHandle = PhAllocate(sizeof(HWND) * EtGpuTotalNodeCount);
CheckBoxHandle = PhAllocate(sizeof(HWND) * EtGpuTotalNodeCount);
GraphState = PhAllocate(sizeof(PH_GRAPH_STATE) * EtGpuTotalNodeCount);
font = (HFONT)SendMessage(hwndDlg, WM_GETFONT, 0, 0);
for (i = 0; i < EtGpuTotalNodeCount; i++)
{
nodeString = PhFormatString(L"Node %lu", i);
GraphHandle[i] = CreateWindow(
PH_GRAPH_CLASSNAME,
NULL,
WS_VISIBLE | WS_CHILD | WS_BORDER,
0,
0,
3,
3,
hwndDlg,
NULL,
NULL,
NULL
);
Graph_SetTooltip(GraphHandle[i], TRUE);
CheckBoxHandle[i] = CreateWindow(
WC_BUTTON,
nodeString->Buffer,
WS_VISIBLE | WS_CHILD | BS_AUTOCHECKBOX,
0,
0,
3,
3,
hwndDlg,
NULL,
NULL,
NULL
);
SendMessage(CheckBoxHandle[i], WM_SETFONT, (WPARAM)font, FALSE);
PhInitializeGraphState(&GraphState[i]);
PhDereferenceObject(nodeString);
}
// Calculate the minimum size.
numberOfRows = (ULONG)sqrt(EtGpuTotalNodeCount);
numberOfColumns = (EtGpuTotalNodeCount + numberOfRows - 1) / numberOfRows;
MinimumSize.left = 0;
MinimumSize.top = 0;
MinimumSize.right = 45;
MinimumSize.bottom = 60;
MapDialogRect(hwndDlg, &MinimumSize);
MinimumSize.right += (MinimumSize.right + GRAPH_PADDING) * numberOfColumns;
MinimumSize.bottom += (MinimumSize.bottom + GRAPH_PADDING) * numberOfRows;
GetWindowRect(GetDlgItem(hwndDlg, IDC_INSTRUCTION), &labelRect);
MapWindowPoints(NULL, hwndDlg, (POINT *)&labelRect, 2);
labelRect.right += GetSystemMetrics(SM_CXFRAME) * 2;
tempRect.left = 0;
tempRect.top = 0;
tempRect.right = 7;
tempRect.bottom = 0;
MapDialogRect(hwndDlg, &tempRect);
labelRect.right += tempRect.right;
if (MinimumSize.right < labelRect.right)
MinimumSize.right = labelRect.right;
SetWindowPos(hwndDlg, NULL, 0, 0, MinimumSize.right, MinimumSize.bottom, SWP_NOACTIVATE | SWP_NOMOVE | SWP_NOZORDER);
EtpLoadNodeBitMap();
}
break;
case WM_DESTROY:
{
ULONG i;
EtpSaveNodeBitMap();
PhUnregisterCallback(&PhProcessesUpdatedEvent, &ProcessesUpdatedCallbackRegistration);
for (i = 0; i < EtGpuTotalNodeCount; i++)
{
PhDeleteGraphState(&GraphState[i]);
}
PhFree(GraphHandle);
PhFree(CheckBoxHandle);
PhFree(GraphState);
PhDeleteLayoutManager(&LayoutManager);
}
break;
case WM_SIZE:
{
HDWP deferHandle;
RECT clientRect;
RECT checkBoxRect;
ULONG numberOfRows = (ULONG)sqrt(EtGpuTotalNodeCount);
ULONG numberOfColumns = (EtGpuTotalNodeCount + numberOfRows - 1) / numberOfRows;
ULONG numberOfYPaddings = numberOfRows - 1;
ULONG numberOfXPaddings = numberOfColumns - 1;
ULONG cellHeight;
ULONG y;
ULONG cellWidth;
ULONG x;
ULONG i;
PhLayoutManagerLayout(&LayoutManager);
deferHandle = BeginDeferWindowPos(EtGpuTotalNodeCount * 2);
GetClientRect(hwndDlg, &clientRect);
GetClientRect(GetDlgItem(hwndDlg, IDC_EXAMPLE), &checkBoxRect);
cellHeight = (clientRect.bottom - LayoutMargin.top - LayoutMargin.bottom - GRAPH_PADDING * numberOfYPaddings) / numberOfRows;
y = LayoutMargin.top;
i = 0;
for (ULONG row = 0; row < numberOfRows; ++row)
{
// Give the last row the remaining space; the height we calculated might be off by a few
// pixels due to integer division.
if (row == numberOfRows - 1)
cellHeight = clientRect.bottom - LayoutMargin.bottom - y;
cellWidth = (clientRect.right - LayoutMargin.left - LayoutMargin.right - GRAPH_PADDING * numberOfXPaddings) / numberOfColumns;
x = LayoutMargin.left;
for (ULONG column = 0; column < numberOfColumns; column++)
{
// Give the last cell the remaining space; the width we calculated might be off by a few
// pixels due to integer division.
if (column == numberOfColumns - 1)
cellWidth = clientRect.right - LayoutMargin.right - x;
if (i < EtGpuTotalNodeCount)
{
deferHandle = DeferWindowPos(
deferHandle,
GraphHandle[i],
NULL,
x,
y,
cellWidth,
cellHeight - checkBoxRect.bottom - CHECKBOX_PADDING,
SWP_NOACTIVATE | SWP_NOZORDER
);
deferHandle = DeferWindowPos(
deferHandle,
CheckBoxHandle[i],
NULL,
x,
y + cellHeight - checkBoxRect.bottom,
cellWidth,
checkBoxRect.bottom,
SWP_NOACTIVATE | SWP_NOZORDER
);
i++;
}
x += cellWidth + GRAPH_PADDING;
}
y += cellHeight + GRAPH_PADDING;
}
EndDeferWindowPos(deferHandle);
}
break;
case WM_SIZING:
{
PhResizingMinimumSize((PRECT)lParam, wParam, MinimumSize.right, MinimumSize.bottom);
}
break;
case WM_COMMAND:
{
switch (LOWORD(wParam))
{
case IDCANCEL:
case IDOK:
{
EndDialog(hwndDlg, IDOK);
}
break;
}
}
break;
case WM_NOTIFY:
{
NMHDR *header = (NMHDR *)lParam;
ULONG i;
switch (header->code)
{
case GCN_GETDRAWINFO:
{
PPH_GRAPH_GETDRAWINFO getDrawInfo = (PPH_GRAPH_GETDRAWINFO)header;
PPH_GRAPH_DRAW_INFO drawInfo = getDrawInfo->DrawInfo;
drawInfo->Flags = PH_GRAPH_USE_GRID;
SysInfoParameters->ColorSetupFunction(drawInfo, PhGetIntegerSetting(L"ColorCpuKernel"), 0);
for (i = 0; i < EtGpuTotalNodeCount; i++)
{
if (header->hwndFrom == GraphHandle[i])
{
PhGraphStateGetDrawInfo(
&GraphState[i],
getDrawInfo,
EtGpuNodesHistory[i].Count
);
if (!GraphState[i].Valid)
{
PhCopyCircularBuffer_FLOAT(&EtGpuNodesHistory[i], GraphState[i].Data1, drawInfo->LineDataCount);
GraphState[i].Valid = TRUE;
}
break;
}
}
}
break;
case GCN_GETTOOLTIPTEXT:
{
PPH_GRAPH_GETTOOLTIPTEXT getTooltipText = (PPH_GRAPH_GETTOOLTIPTEXT)header;
if (getTooltipText->Index < getTooltipText->TotalCount)
{
for (i = 0; i < EtGpuTotalNodeCount; i++)
{
if (header->hwndFrom == GraphHandle[i])
{
if (GraphState[i].TooltipIndex != getTooltipText->Index)
{
FLOAT gpu;
ULONG adapterIndex;
PPH_STRING adapterDescription;
gpu = PhGetItemCircularBuffer_FLOAT(&EtGpuNodesHistory[i], getTooltipText->Index);
adapterIndex = EtGetGpuAdapterIndexFromNodeIndex(i);
if (adapterIndex != -1)
{
adapterDescription = EtGetGpuAdapterDescription(adapterIndex);
if (adapterDescription && adapterDescription->Length == 0)
PhClearReference(&adapterDescription);
if (!adapterDescription)
adapterDescription = PhFormatString(L"Adapter %lu", adapterIndex);
}
else
{
adapterDescription = PhCreateString(L"Unknown Adapter");
}
PhMoveReference(&GraphState[i].TooltipText, PhFormatString(
L"Node %lu on %s\n%.2f%%\n%s",
i,
adapterDescription->Buffer,
gpu * 100,
((PPH_STRING)PhAutoDereferenceObject(PhGetStatisticsTimeString(NULL, getTooltipText->Index)))->Buffer
));
PhDereferenceObject(adapterDescription);
}
getTooltipText->Text = GraphState[i].TooltipText->sr;
break;
}
}
}
}
break;
}
}
break;
case UPDATE_MSG:
{
ULONG i;
for (i = 0; i < EtGpuTotalNodeCount; i++)
{
GraphState[i].Valid = FALSE;
GraphState[i].TooltipIndex = -1;
Graph_MoveGrid(GraphHandle[i], 1);
Graph_Draw(GraphHandle[i]);
Graph_UpdateTooltip(GraphHandle[i]);
InvalidateRect(GraphHandle[i], NULL, FALSE);
}
}
break;
}
return FALSE;
}
LOGICAL DllMain(
_In_ HINSTANCE Instance,
_In_ ULONG Reason,
_Reserved_ PVOID Reserved
)
{
switch (Reason)
{
case DLL_PROCESS_ATTACH:
{
PPH_PLUGIN_INFORMATION info;
PH_SETTING_CREATE settings[] =
{
{ IntegerSettingType, SETTING_NAME_VIRUSTOTAL_SCAN_ENABLED, L"0" },
{ IntegerSettingType, SETTING_NAME_VIRUSTOTAL_HIGHLIGHT_DETECTIONS, L"0" },
{ IntegerSettingType, SETTING_NAME_VIRUSTOTAL_DEFAULT_ACTION, L"0" }
};
PluginInstance = PhRegisterPlugin(PLUGIN_NAME, Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Online Checks";
info->Author = L"dmex, wj32";
info->Description = L"Allows files to be checked with online services.";
info->Url = L"https://wj32.org/processhacker/forums/viewtopic.php?t=1118";
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackLoad),
LoadCallback,
NULL,
&PluginLoadCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackOptionsWindowInitializing),
ShowOptionsCallback,
NULL,
&PluginShowOptionsCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackMenuItem),
MenuItemCallback,
NULL,
&PluginMenuItemCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackMainMenuInitializing),
MainMenuInitializingCallback,
NULL,
&MainMenuInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackProcessMenuInitializing),
ProcessMenuInitializingCallback,
NULL,
&ProcessMenuInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackModuleMenuInitializing),
ModuleMenuInitializingCallback,
NULL,
&ModuleMenuInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackServiceMenuInitializing),
ServiceMenuInitializingCallback,
NULL,
&ServiceMenuInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackProcessesUpdated),
ProcessesUpdatedCallback,
NULL,
&ProcessesUpdatedCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackGetProcessHighlightingColor),
ProcessHighlightingColorCallback,
NULL,
&ProcessHighlightingColorCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackProcessTreeNewInitializing),
ProcessTreeNewInitializingCallback,
NULL,
&ProcessTreeNewInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackModuleTreeNewInitializing),
ModuleTreeNewInitializingCallback,
NULL,
&ModulesTreeNewInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackServiceTreeNewInitializing),
ServiceTreeNewInitializingCallback,
NULL,
&ServiceTreeNewInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackTreeNewMessage),
TreeNewMessageCallback,
NULL,
&TreeNewMessageCallbackRegistration
);
PhPluginSetObjectExtension(
PluginInstance,
EmProcessItemType,
sizeof(PROCESS_EXTENSION),
ProcessItemCreateCallback,
ProcessItemDeleteCallback
);
PhPluginSetObjectExtension(
PluginInstance,
EmModuleItemType,
sizeof(PROCESS_EXTENSION),
ModuleItemCreateCallback,
ModuleItemDeleteCallback
);
PhPluginSetObjectExtension(
PluginInstance,
EmServiceItemType,
sizeof(PROCESS_EXTENSION),
ServiceItemCreateCallback,
ServiceItemDeleteCallback
);
PhAddSettings(settings, ARRAYSIZE(settings));
}
break;
}
return TRUE;
}
INT_PTR CALLBACK EtpGpuPageDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
LPPROPSHEETPAGE propSheetPage;
PPH_PROCESS_PROPPAGECONTEXT propPageContext;
PPH_PROCESS_ITEM processItem;
PET_GPU_CONTEXT context;
if (PhPropPageDlgProcHeader(hwndDlg, uMsg, lParam, &propSheetPage, &propPageContext, &processItem))
{
context = propPageContext->Context;
}
else
{
return FALSE;
}
switch (uMsg)
{
case WM_INITDIALOG:
{
ULONG sampleCount;
sampleCount = PhGetIntegerSetting(L"SampleCount");
context = PhAllocate(sizeof(ET_GPU_CONTEXT));
memset(context, 0, sizeof(ET_GPU_CONTEXT));
context->WindowHandle = hwndDlg;
context->Block = EtGetProcessBlock(processItem);
context->Enabled = TRUE;
context->GpuGroupBox = GetDlgItem(hwndDlg, IDC_GROUPGPU);
context->MemGroupBox = GetDlgItem(hwndDlg, IDC_GROUPMEM);
context->SharedGroupBox = GetDlgItem(hwndDlg, IDC_GROUPSHARED);
propPageContext->Context = context;
PhInitializeLayoutManager(&context->LayoutManager, hwndDlg);
PhInitializeGraphState(&context->GpuGraphState);
PhInitializeGraphState(&context->MemoryGraphState);
PhInitializeGraphState(&context->MemorySharedGraphState);
PhInitializeCircularBuffer_FLOAT(&context->GpuHistory, sampleCount);
PhInitializeCircularBuffer_ULONG(&context->MemoryHistory, sampleCount);
PhInitializeCircularBuffer_ULONG(&context->MemorySharedHistory, sampleCount);
GpuPropCreateGraphs(context);
GpuPropCreatePanel(context);
GpuPropUpdateInfo(context);
GpuPropUpdatePanel(context);
PhRegisterCallback(
&PhProcessesUpdatedEvent,
ProcessesUpdatedHandler,
context,
&context->ProcessesUpdatedRegistration
);
}
break;
case WM_DESTROY:
{
PhDeleteLayoutManager(&context->LayoutManager);
PhDeleteGraphState(&context->GpuGraphState);
PhDeleteGraphState(&context->MemoryGraphState);
PhDeleteGraphState(&context->MemorySharedGraphState);
PhDeleteCircularBuffer_FLOAT(&context->GpuHistory);
PhDeleteCircularBuffer_ULONG(&context->MemoryHistory);
PhDeleteCircularBuffer_ULONG(&context->MemorySharedHistory);
if (context->GpuGraphHandle)
DestroyWindow(context->GpuGraphHandle);
if (context->MemGraphHandle)
DestroyWindow(context->MemGraphHandle);
if (context->SharedGraphHandle)
DestroyWindow(context->SharedGraphHandle);
if (context->PanelHandle)
DestroyWindow(context->PanelHandle);
PhUnregisterCallback(&PhProcessesUpdatedEvent, &context->ProcessesUpdatedRegistration);
PhFree(context);
PhPropPageDlgProcDestroy(hwndDlg);
}
break;
case WM_SHOWWINDOW:
{
if (PhBeginPropPageLayout(hwndDlg, propPageContext))
PhEndPropPageLayout(hwndDlg, propPageContext);
}
break;
case WM_NOTIFY:
{
LPNMHDR header = (LPNMHDR)lParam;
switch (header->code)
{
case PSN_SETACTIVE:
context->Enabled = TRUE;
break;
case PSN_KILLACTIVE:
context->Enabled = FALSE;
break;
case GCN_GETDRAWINFO:
{
PPH_GRAPH_GETDRAWINFO getDrawInfo = (PPH_GRAPH_GETDRAWINFO)header;
PPH_GRAPH_DRAW_INFO drawInfo = getDrawInfo->DrawInfo;
if (header->hwndFrom == context->GpuGraphHandle)
{
if (PhGetIntegerSetting(L"GraphShowText"))
{
HDC hdc;
PhMoveReference(&context->GpuGraphState.Text, PhFormatString(
L"%.2f%%",
context->CurrentGpuUsage * 100
));
hdc = Graph_GetBufferedContext(context->GpuGraphHandle);
SelectObject(hdc, PhApplicationFont);
PhSetGraphText(hdc, drawInfo, &context->GpuGraphState.Text->sr,
&NormalGraphTextMargin, &NormalGraphTextPadding, PH_ALIGN_TOP | PH_ALIGN_LEFT);
}
else
{
drawInfo->Text.Buffer = NULL;
}
drawInfo->Flags = PH_GRAPH_USE_GRID;
PhSiSetColorsGraphDrawInfo(drawInfo, PhGetIntegerSetting(L"ColorCpuKernel"), 0);
PhGraphStateGetDrawInfo(&context->GpuGraphState, getDrawInfo, context->GpuHistory.Count);
if (!context->GpuGraphState.Valid)
{
PhCopyCircularBuffer_FLOAT(&context->GpuHistory, context->GpuGraphState.Data1, drawInfo->LineDataCount);
context->GpuGraphState.Valid = TRUE;
}
}
else if (header->hwndFrom == context->MemGraphHandle)
{
if (PhGetIntegerSetting(L"GraphShowText"))
{
HDC hdc;
PhMoveReference(&context->MemoryGraphState.Text, PhFormatString(
L"%s",
PhaFormatSize(UInt32x32To64(context->CurrentMemUsage, PAGE_SIZE), -1)->Buffer
));
hdc = Graph_GetBufferedContext(context->MemGraphHandle);
SelectObject(hdc, PhApplicationFont);
PhSetGraphText(
hdc,
drawInfo,
&context->MemoryGraphState.Text->sr,
&NormalGraphTextMargin,
&NormalGraphTextPadding,
PH_ALIGN_TOP | PH_ALIGN_LEFT
);
}
else
{
drawInfo->Text.Buffer = NULL;
}
drawInfo->Flags = PH_GRAPH_USE_GRID;
PhSiSetColorsGraphDrawInfo(drawInfo, PhGetIntegerSetting(L"ColorPhysical"), 0);
PhGraphStateGetDrawInfo(
&context->MemoryGraphState,
getDrawInfo,
context->MemoryHistory.Count
);
if (!context->MemoryGraphState.Valid)
{
ULONG i = 0;
for (i = 0; i < drawInfo->LineDataCount; i++)
{
context->MemoryGraphState.Data1[i] = (FLOAT)PhGetItemCircularBuffer_ULONG(&context->MemoryHistory, i);
}
if (EtGpuDedicatedLimit != 0)
{
PhDivideSinglesBySingle(
context->MemoryGraphState.Data1,
(FLOAT)EtGpuDedicatedLimit / PAGE_SIZE,
drawInfo->LineDataCount
);
}
context->MemoryGraphState.Valid = TRUE;
}
}
else if (header->hwndFrom == context->SharedGraphHandle)
{
if (PhGetIntegerSetting(L"GraphShowText"))
{
HDC hdc;
PhMoveReference(&context->MemorySharedGraphState.Text, PhFormatString(
L"%s",
PhaFormatSize(UInt32x32To64(context->CurrentMemSharedUsage, PAGE_SIZE), -1)->Buffer
));
hdc = Graph_GetBufferedContext(context->SharedGraphHandle);
SelectObject(hdc, PhApplicationFont);
PhSetGraphText(hdc, drawInfo, &context->MemorySharedGraphState.Text->sr,
&NormalGraphTextMargin, &NormalGraphTextPadding, PH_ALIGN_TOP | PH_ALIGN_LEFT);
}
else
{
drawInfo->Text.Buffer = NULL;
}
drawInfo->Flags = PH_GRAPH_USE_GRID;
PhSiSetColorsGraphDrawInfo(drawInfo, PhGetIntegerSetting(L"ColorPrivate"), 0);
PhGraphStateGetDrawInfo(
&context->MemorySharedGraphState,
getDrawInfo,
context->MemorySharedHistory.Count
);
if (!context->MemorySharedGraphState.Valid)
{
ULONG i = 0;
for (i = 0; i < drawInfo->LineDataCount; i++)
{
context->MemorySharedGraphState.Data1[i] = (FLOAT)PhGetItemCircularBuffer_ULONG(&context->MemorySharedHistory, i);
}
if (EtGpuSharedLimit != 0)
{
PhDivideSinglesBySingle(
context->MemorySharedGraphState.Data1,
(FLOAT)EtGpuSharedLimit / PAGE_SIZE,
drawInfo->LineDataCount
);
}
context->MemorySharedGraphState.Valid = TRUE;
}
}
}
break;
case GCN_GETTOOLTIPTEXT:
{
PPH_GRAPH_GETTOOLTIPTEXT getTooltipText = (PPH_GRAPH_GETTOOLTIPTEXT)lParam;
if (getTooltipText->Index < getTooltipText->TotalCount)
{
if (header->hwndFrom == context->GpuGraphHandle)
{
if (context->GpuGraphState.TooltipIndex != getTooltipText->Index)
{
FLOAT gpuUsage = PhGetItemCircularBuffer_FLOAT(
&context->GpuHistory,
getTooltipText->Index
);
PhMoveReference(&context->GpuGraphState.TooltipText, PhFormatString(
L"%.2f%%",
gpuUsage * 100
));
}
getTooltipText->Text = context->GpuGraphState.TooltipText->sr;
}
else if (header->hwndFrom == context->MemGraphHandle)
{
if (context->MemoryGraphState.TooltipIndex != getTooltipText->Index)
{
ULONG gpuMemory = PhGetItemCircularBuffer_ULONG(
&context->MemoryHistory,
getTooltipText->Index
);
PhMoveReference(&context->MemoryGraphState.TooltipText,
PhFormatSize(UInt32x32To64(gpuMemory, PAGE_SIZE), -1)
);
}
getTooltipText->Text = context->MemoryGraphState.TooltipText->sr;
}
else if (header->hwndFrom == context->SharedGraphHandle)
{
if (context->MemorySharedGraphState.TooltipIndex != getTooltipText->Index)
{
ULONG gpuSharedMemory = PhGetItemCircularBuffer_ULONG(
&context->MemorySharedHistory,
getTooltipText->Index
);
PhMoveReference(&context->MemorySharedGraphState.TooltipText,
PhFormatSize(UInt32x32To64(gpuSharedMemory, PAGE_SIZE), -1)
);
}
getTooltipText->Text = context->MemorySharedGraphState.TooltipText->sr;
}
}
}
break;
}
}
break;
case MSG_UPDATE:
{
GpuPropUpdateInfo(context);
GpuPropUpdateGraphs(context);
GpuPropUpdatePanel(context);
}
break;
case WM_SIZE:
{
GpuPropLayoutGraphs(context);
}
break;
}
return FALSE;
}
INT_PTR CALLBACK PhpLogDlgProc(
__in HWND hwndDlg,
__in UINT uMsg,
__in WPARAM wParam,
__in LPARAM lParam
)
{
switch (uMsg)
{
case WM_INITDIALOG:
{
ListViewHandle = GetDlgItem(hwndDlg, IDC_LIST);
PhSetListViewStyle(ListViewHandle, FALSE, TRUE);
PhSetControlTheme(ListViewHandle, L"explorer");
PhAddListViewColumn(ListViewHandle, 0, 0, 0, LVCFMT_LEFT, 140, L"Time");
PhAddListViewColumn(ListViewHandle, 1, 1, 1, LVCFMT_LEFT, 260, L"Message");
PhLoadListViewColumnsFromSetting(L"LogListViewColumns", ListViewHandle);
PhInitializeLayoutManager(&WindowLayoutManager, hwndDlg);
PhAddLayoutItem(&WindowLayoutManager, GetDlgItem(hwndDlg, IDC_LIST), NULL,
PH_ANCHOR_ALL);
PhAddLayoutItem(&WindowLayoutManager, GetDlgItem(hwndDlg, IDOK), NULL,
PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddLayoutItem(&WindowLayoutManager, GetDlgItem(hwndDlg, IDC_COPY), NULL,
PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddLayoutItem(&WindowLayoutManager, GetDlgItem(hwndDlg, IDC_SAVE), NULL,
PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddLayoutItem(&WindowLayoutManager, GetDlgItem(hwndDlg, IDC_AUTOSCROLL), NULL,
PH_ANCHOR_BOTTOM | PH_ANCHOR_LEFT);
PhAddLayoutItem(&WindowLayoutManager, GetDlgItem(hwndDlg, IDC_CLEAR), NULL,
PH_ANCHOR_BOTTOM | PH_ANCHOR_LEFT);
MinimumSize.left = 0;
MinimumSize.top = 0;
MinimumSize.right = 290;
MinimumSize.bottom = 150;
MapDialogRect(hwndDlg, &MinimumSize);
PhLoadWindowPlacementFromSetting(L"LogWindowPosition", L"LogWindowSize", hwndDlg);
Button_SetCheck(GetDlgItem(hwndDlg, IDC_AUTOSCROLL), BST_CHECKED);
PhRegisterCallback(&PhLoggedCallback, LoggedCallback, NULL, &LoggedRegistration);
PhpUpdateLogList();
ListView_EnsureVisible(ListViewHandle, ListViewCount - 1, FALSE);
}
break;
case WM_DESTROY:
{
PhSaveListViewColumnsToSetting(L"LogListViewColumns", ListViewHandle);
PhSaveWindowPlacementToSetting(L"LogWindowPosition", L"LogWindowSize", hwndDlg);
PhDeleteLayoutManager(&WindowLayoutManager);
PhUnregisterCallback(&PhLoggedCallback, &LoggedRegistration);
PhUnregisterDialog(PhLogWindowHandle);
PhLogWindowHandle = NULL;
}
break;
case WM_COMMAND:
{
switch (LOWORD(wParam))
{
case IDCANCEL:
case IDOK:
DestroyWindow(hwndDlg);
break;
case IDC_CLEAR:
{
PhClearLogEntries();
PhpUpdateLogList();
}
break;
case IDC_COPY:
{
PPH_STRING string;
ULONG selectedCount;
selectedCount = ListView_GetSelectedCount(ListViewHandle);
if (selectedCount == 0)
{
// User didn't select anything, so copy all items.
string = PhpGetStringForSelectedLogEntries(TRUE);
PhSetStateAllListViewItems(ListViewHandle, LVIS_SELECTED, LVIS_SELECTED);
}
else
{
string = PhpGetStringForSelectedLogEntries(FALSE);
}
PhSetClipboardStringEx(hwndDlg, string->Buffer, string->Length);
PhDereferenceObject(string);
SetFocus(ListViewHandle);
}
break;
case IDC_SAVE:
{
static PH_FILETYPE_FILTER filters[] =
{
{ L"Text files (*.txt)", L"*.txt" },
{ L"All files (*.*)", L"*.*" }
};
PVOID fileDialog;
fileDialog = PhCreateSaveFileDialog();
PhSetFileDialogFilter(fileDialog, filters, sizeof(filters) / sizeof(PH_FILETYPE_FILTER));
PhSetFileDialogFileName(fileDialog, L"Process Hacker Log.txt");
if (PhShowFileDialog(hwndDlg, fileDialog))
{
NTSTATUS status;
PPH_STRING fileName;
PPH_FILE_STREAM fileStream;
PPH_STRING string;
fileName = PhGetFileDialogFileName(fileDialog);
PhaDereferenceObject(fileName);
if (NT_SUCCESS(status = PhCreateFileStream(
&fileStream,
fileName->Buffer,
FILE_GENERIC_WRITE,
FILE_SHARE_READ,
FILE_OVERWRITE_IF,
0
)))
{
PhWritePhTextHeader(fileStream);
string = PhpGetStringForSelectedLogEntries(TRUE);
PhWriteStringAsAnsiFileStreamEx(fileStream, string->Buffer, string->Length);
PhDereferenceObject(string);
PhDereferenceObject(fileStream);
}
if (!NT_SUCCESS(status))
PhShowStatus(hwndDlg, L"Unable to create the file", status, 0);
}
PhFreeFileDialog(fileDialog);
}
break;
}
}
break;
case WM_NOTIFY:
{
LPNMHDR header = (LPNMHDR)lParam;
switch (header->code)
{
case LVN_GETDISPINFO:
{
NMLVDISPINFO *dispInfo = (NMLVDISPINFO *)header;
PPH_LOG_ENTRY entry;
entry = PhGetItemCircularBuffer_PVOID(&PhLogBuffer, ListViewCount - dispInfo->item.iItem - 1);
if (dispInfo->item.iSubItem == 0)
{
if (dispInfo->item.mask & LVIF_TEXT)
{
SYSTEMTIME systemTime;
PPH_STRING dateTime;
PhLargeIntegerToLocalSystemTime(&systemTime, &entry->Time);
dateTime = PhFormatDateTime(&systemTime);
wcsncpy_s(dispInfo->item.pszText, dispInfo->item.cchTextMax, dateTime->Buffer, _TRUNCATE);
PhDereferenceObject(dateTime);
}
}
else if (dispInfo->item.iSubItem == 1)
{
if (dispInfo->item.mask & LVIF_TEXT)
{
PPH_STRING string;
string = PhFormatLogEntry(entry);
wcsncpy_s(dispInfo->item.pszText, dispInfo->item.cchTextMax, string->Buffer, _TRUNCATE);
PhDereferenceObject(string);
}
}
}
break;
}
}
break;
case WM_SIZE:
{
PhLayoutManagerLayout(&WindowLayoutManager);
}
break;
case WM_SIZING:
{
PhResizingMinimumSize((PRECT)lParam, wParam, MinimumSize.right, MinimumSize.bottom);
}
break;
case WM_PH_LOG_UPDATED:
{
PhpUpdateLogList();
}
break;
}
return FALSE;
}
LOGICAL DllMain(
_In_ HINSTANCE Instance,
_In_ ULONG Reason,
_Reserved_ PVOID Reserved
)
{
switch (Reason)
{
case DLL_PROCESS_ATTACH:
{
PPH_PLUGIN_INFORMATION info;
PluginInstance = PhRegisterPlugin(PLUGIN_NAME, Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Extended Notifications";
info->Author = L"wj32";
info->Description = L"Filters notifications.";
info->Url = L"https://wj32.org/processhacker/forums/viewtopic.php?t=1112";
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackLoad),
LoadCallback,
NULL,
&PluginLoadCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackOptionsWindowInitializing),
ShowOptionsCallback,
NULL,
&PluginShowOptionsCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackNotifyEvent),
NotifyEventCallback,
NULL,
&NotifyEventCallbackRegistration
);
{
static PH_SETTING_CREATE settings[] =
{
{ IntegerSettingType, SETTING_NAME_ENABLE_GROWL, L"0" },
{ StringSettingType, SETTING_NAME_LOG_FILENAME, L"" },
{ StringSettingType, SETTING_NAME_PROCESS_LIST, L"\\i*" },
{ StringSettingType, SETTING_NAME_SERVICE_LIST, L"\\i*" }
};
PhAddSettings(settings, sizeof(settings) / sizeof(PH_SETTING_CREATE));
}
ProcessFilterList = PhCreateList(10);
ServiceFilterList = PhCreateList(10);
}
break;
}
return TRUE;
}
LOGICAL DllMain(
__in HINSTANCE Instance,
__in ULONG Reason,
__reserved PVOID Reserved
)
{
switch (Reason)
{
case DLL_PROCESS_ATTACH:
{
PPH_PLUGIN_INFORMATION info;
// Register your plugin with a unique name, otherwise it will fail.
PluginInstance = PhRegisterPlugin(L"ProcessHacker.SamplePlugin", Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Sample Plugin";
info->Author = L"Someone";
info->Description = L"Description goes here";
info->HasOptions = TRUE;
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackLoad),
LoadCallback,
NULL,
&PluginLoadCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackShowOptions),
ShowOptionsCallback,
NULL,
&PluginShowOptionsCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackMenuItem),
MenuItemCallback,
NULL,
&PluginMenuItemCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackMainWindowShowing),
MainWindowShowingCallback,
NULL,
&MainWindowShowingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackGetProcessHighlightingColor),
GetProcessHighlightingColorCallback,
NULL,
&GetProcessHighlightingColorCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackGetProcessTooltipText),
GetProcessTooltipTextCallback,
NULL,
&GetProcessTooltipTextCallbackRegistration
);
// Add some settings. Note that we cannot access these settings
// in DllMain. Settings must be added in DllMain.
{
static PH_SETTING_CREATE settings[] =
{
// You must prepend your plugin name to the setting names.
{ IntegerSettingType, L"ProcessHacker.SamplePlugin.SomeInteger", L"1234" },
{ StringSettingType, L"ProcessHacker.SamplePlugin.SomeString", L"my string" }
};
PhAddSettings(settings, sizeof(settings) / sizeof(PH_SETTING_CREATE));
}
}
break;
}
return TRUE;
}
INT_PTR CALLBACK PhpProcessThreadsDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
LPPROPSHEETPAGE propSheetPage;
PPH_PROCESS_PROPPAGECONTEXT propPageContext;
PPH_PROCESS_ITEM processItem;
PPH_THREADS_CONTEXT threadsContext;
HWND tnHandle;
if (PhpPropPageDlgProcHeader(hwndDlg, uMsg, lParam,
&propSheetPage, &propPageContext, &processItem))
{
threadsContext = (PPH_THREADS_CONTEXT)propPageContext->Context;
if (threadsContext)
tnHandle = threadsContext->ListContext.TreeNewHandle;
}
else
{
return FALSE;
}
switch (uMsg)
{
case WM_INITDIALOG:
{
threadsContext = propPageContext->Context =
PhAllocate(PhEmGetObjectSize(EmThreadsContextType, sizeof(PH_THREADS_CONTEXT)));
// The thread provider has a special registration mechanism.
threadsContext->Provider = PhCreateThreadProvider(
processItem->ProcessId
);
PhRegisterCallback(
&threadsContext->Provider->ThreadAddedEvent,
ThreadAddedHandler,
threadsContext,
&threadsContext->AddedEventRegistration
);
PhRegisterCallback(
&threadsContext->Provider->ThreadModifiedEvent,
ThreadModifiedHandler,
threadsContext,
&threadsContext->ModifiedEventRegistration
);
PhRegisterCallback(
&threadsContext->Provider->ThreadRemovedEvent,
ThreadRemovedHandler,
threadsContext,
&threadsContext->RemovedEventRegistration
);
PhRegisterCallback(
&threadsContext->Provider->UpdatedEvent,
ThreadsUpdatedHandler,
threadsContext,
&threadsContext->UpdatedEventRegistration
);
PhRegisterCallback(
&threadsContext->Provider->LoadingStateChangedEvent,
ThreadsLoadingStateChangedHandler,
threadsContext,
&threadsContext->LoadingStateChangedEventRegistration
);
threadsContext->WindowHandle = hwndDlg;
// Initialize the list.
tnHandle = GetDlgItem(hwndDlg, IDC_LIST);
BringWindowToTop(tnHandle);
PhInitializeThreadList(hwndDlg, tnHandle, &threadsContext->ListContext);
TreeNew_SetEmptyText(tnHandle, &EmptyThreadsText, 0);
PhInitializeProviderEventQueue(&threadsContext->EventQueue, 100);
// Use Cycles instead of Context Switches on Vista and above, but only when we can
// open the process, since cycle time information requires sufficient access to the
// threads.
if (WINDOWS_HAS_CYCLE_TIME)
{
HANDLE processHandle;
PROCESS_EXTENDED_BASIC_INFORMATION extendedBasicInfo;
// We make a distinction between PROCESS_QUERY_INFORMATION and PROCESS_QUERY_LIMITED_INFORMATION since
// the latter can be used when opening audiodg.exe even though we can't access its threads using
// THREAD_QUERY_LIMITED_INFORMATION.
if (processItem->ProcessId == SYSTEM_IDLE_PROCESS_ID)
{
threadsContext->ListContext.UseCycleTime = TRUE;
}
else if (NT_SUCCESS(PhOpenProcess(&processHandle, PROCESS_QUERY_INFORMATION, processItem->ProcessId)))
{
threadsContext->ListContext.UseCycleTime = TRUE;
NtClose(processHandle);
}
else if (NT_SUCCESS(PhOpenProcess(&processHandle, PROCESS_QUERY_LIMITED_INFORMATION, processItem->ProcessId)))
{
threadsContext->ListContext.UseCycleTime = TRUE;
// We can't use cycle time for protected processes (without KProcessHacker).
if (NT_SUCCESS(PhGetProcessExtendedBasicInformation(processHandle, &extendedBasicInfo)) && extendedBasicInfo.IsProtectedProcess)
{
threadsContext->ListContext.UseCycleTime = FALSE;
}
NtClose(processHandle);
}
}
if (processItem->ServiceList && processItem->ServiceList->Count != 0 && WINDOWS_HAS_SERVICE_TAGS)
threadsContext->ListContext.HasServices = TRUE;
PhEmCallObjectOperation(EmThreadsContextType, threadsContext, EmObjectCreate);
if (PhPluginsEnabled)
{
PH_PLUGIN_TREENEW_INFORMATION treeNewInfo;
treeNewInfo.TreeNewHandle = tnHandle;
treeNewInfo.CmData = &threadsContext->ListContext.Cm;
treeNewInfo.SystemContext = threadsContext;
PhInvokeCallback(PhGetGeneralCallback(GeneralCallbackThreadTreeNewInitializing), &treeNewInfo);
}
PhLoadSettingsThreadList(&threadsContext->ListContext);
PhThreadProviderInitialUpdate(threadsContext->Provider);
PhRegisterThreadProvider(threadsContext->Provider, &threadsContext->ProviderRegistration);
SET_BUTTON_ICON(IDC_OPENSTARTMODULE, PH_LOAD_SHARED_ICON_SMALL(MAKEINTRESOURCE(IDI_FOLDER)));
}
break;
case WM_DESTROY:
{
PhEmCallObjectOperation(EmThreadsContextType, threadsContext, EmObjectDelete);
PhUnregisterCallback(
&threadsContext->Provider->ThreadAddedEvent,
&threadsContext->AddedEventRegistration
);
PhUnregisterCallback(
&threadsContext->Provider->ThreadModifiedEvent,
&threadsContext->ModifiedEventRegistration
);
PhUnregisterCallback(
&threadsContext->Provider->ThreadRemovedEvent,
&threadsContext->RemovedEventRegistration
);
PhUnregisterCallback(
&threadsContext->Provider->UpdatedEvent,
&threadsContext->UpdatedEventRegistration
);
PhUnregisterCallback(
&threadsContext->Provider->LoadingStateChangedEvent,
&threadsContext->LoadingStateChangedEventRegistration
);
PhUnregisterThreadProvider(threadsContext->Provider, &threadsContext->ProviderRegistration);
PhSetTerminatingThreadProvider(threadsContext->Provider);
PhDereferenceObject(threadsContext->Provider);
PhDeleteProviderEventQueue(&threadsContext->EventQueue);
if (PhPluginsEnabled)
{
PH_PLUGIN_TREENEW_INFORMATION treeNewInfo;
treeNewInfo.TreeNewHandle = tnHandle;
treeNewInfo.CmData = &threadsContext->ListContext.Cm;
PhInvokeCallback(PhGetGeneralCallback(GeneralCallbackThreadTreeNewUninitializing), &treeNewInfo);
}
PhSaveSettingsThreadList(&threadsContext->ListContext);
PhDeleteThreadList(&threadsContext->ListContext);
PhFree(threadsContext);
PhpPropPageDlgProcDestroy(hwndDlg);
}
break;
case WM_SHOWWINDOW:
{
if (!propPageContext->LayoutInitialized)
{
PPH_LAYOUT_ITEM dialogItem;
dialogItem = PhAddPropPageLayoutItem(hwndDlg, hwndDlg,
PH_PROP_PAGE_TAB_CONTROL_PARENT, PH_ANCHOR_ALL);
PhAddPropPageLayoutItem(hwndDlg, GetDlgItem(hwndDlg, IDC_LIST),
dialogItem, PH_ANCHOR_ALL);
#define ADD_BL_ITEM(Id) \
PhAddPropPageLayoutItem(hwndDlg, GetDlgItem(hwndDlg, Id), dialogItem, PH_ANCHOR_LEFT | PH_ANCHOR_BOTTOM)
// Thread details area
{
ULONG id;
for (id = IDC_STATICBL1; id <= IDC_STATICBL11; id++)
ADD_BL_ITEM(id);
// Not in sequence
ADD_BL_ITEM(IDC_STATICBL12);
}
PhAddPropPageLayoutItem(hwndDlg, GetDlgItem(hwndDlg, IDC_STARTMODULE),
dialogItem, PH_ANCHOR_LEFT | PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
PhAddPropPageLayoutItem(hwndDlg, GetDlgItem(hwndDlg, IDC_OPENSTARTMODULE),
dialogItem, PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
ADD_BL_ITEM(IDC_STARTED);
ADD_BL_ITEM(IDC_KERNELTIME);
ADD_BL_ITEM(IDC_USERTIME);
ADD_BL_ITEM(IDC_CONTEXTSWITCHES);
ADD_BL_ITEM(IDC_CYCLES);
ADD_BL_ITEM(IDC_STATE);
ADD_BL_ITEM(IDC_PRIORITY);
ADD_BL_ITEM(IDC_BASEPRIORITY);
ADD_BL_ITEM(IDC_IOPRIORITY);
ADD_BL_ITEM(IDC_PAGEPRIORITY);
ADD_BL_ITEM(IDC_IDEALPROCESSOR);
PhDoPropPageLayout(hwndDlg);
propPageContext->LayoutInitialized = TRUE;
}
}
break;
case WM_COMMAND:
{
INT id = LOWORD(wParam);
switch (id)
{
case ID_SHOWCONTEXTMENU:
{
PhShowThreadContextMenu(hwndDlg, processItem, threadsContext, (PPH_TREENEW_CONTEXT_MENU)lParam);
}
break;
case ID_THREAD_INSPECT:
{
PPH_THREAD_ITEM threadItem = PhGetSelectedThreadItem(&threadsContext->ListContext);
if (threadItem)
{
PhReferenceObject(threadsContext->Provider);
PhShowThreadStackDialog(
hwndDlg,
threadsContext->Provider->ProcessId,
threadItem->ThreadId,
threadsContext->Provider
);
PhDereferenceObject(threadsContext->Provider);
}
}
break;
case ID_THREAD_TERMINATE:
{
PPH_THREAD_ITEM *threads;
ULONG numberOfThreads;
PhGetSelectedThreadItems(&threadsContext->ListContext, &threads, &numberOfThreads);
PhReferenceObjects(threads, numberOfThreads);
if (PhUiTerminateThreads(hwndDlg, threads, numberOfThreads))
PhDeselectAllThreadNodes(&threadsContext->ListContext);
PhDereferenceObjects(threads, numberOfThreads);
PhFree(threads);
}
break;
case ID_THREAD_SUSPEND:
{
PPH_THREAD_ITEM *threads;
ULONG numberOfThreads;
PhGetSelectedThreadItems(&threadsContext->ListContext, &threads, &numberOfThreads);
PhReferenceObjects(threads, numberOfThreads);
PhUiSuspendThreads(hwndDlg, threads, numberOfThreads);
PhDereferenceObjects(threads, numberOfThreads);
PhFree(threads);
}
break;
case ID_THREAD_RESUME:
{
PPH_THREAD_ITEM *threads;
ULONG numberOfThreads;
PhGetSelectedThreadItems(&threadsContext->ListContext, &threads, &numberOfThreads);
PhReferenceObjects(threads, numberOfThreads);
PhUiResumeThreads(hwndDlg, threads, numberOfThreads);
PhDereferenceObjects(threads, numberOfThreads);
PhFree(threads);
}
break;
case ID_THREAD_AFFINITY:
{
PPH_THREAD_ITEM threadItem = PhGetSelectedThreadItem(&threadsContext->ListContext);
if (threadItem)
{
PhReferenceObject(threadItem);
PhShowProcessAffinityDialog(hwndDlg, NULL, threadItem);
PhDereferenceObject(threadItem);
}
}
break;
case ID_THREAD_PERMISSIONS:
{
PPH_THREAD_ITEM threadItem = PhGetSelectedThreadItem(&threadsContext->ListContext);
PH_STD_OBJECT_SECURITY stdObjectSecurity;
PPH_ACCESS_ENTRY accessEntries;
ULONG numberOfAccessEntries;
if (threadItem)
{
stdObjectSecurity.OpenObject = PhpThreadPermissionsOpenThread;
stdObjectSecurity.ObjectType = L"Thread";
stdObjectSecurity.Context = threadItem->ThreadId;
if (PhGetAccessEntries(L"Thread", &accessEntries, &numberOfAccessEntries))
{
PhEditSecurity(
hwndDlg,
PhaFormatString(L"Thread %u", HandleToUlong(threadItem->ThreadId))->Buffer,
PhStdGetObjectSecurity,
PhStdSetObjectSecurity,
&stdObjectSecurity,
accessEntries,
numberOfAccessEntries
);
PhFree(accessEntries);
}
}
}
break;
case ID_THREAD_TOKEN:
{
NTSTATUS status;
PPH_THREAD_ITEM threadItem = PhGetSelectedThreadItem(&threadsContext->ListContext);
HANDLE threadHandle;
if (threadItem)
{
if (NT_SUCCESS(status = PhOpenThread(
&threadHandle,
ThreadQueryAccess,
threadItem->ThreadId
)))
{
PhShowTokenProperties(
hwndDlg,
PhpOpenThreadTokenObject,
(PVOID)threadHandle,
NULL
);
NtClose(threadHandle);
}
else
{
PhShowStatus(hwndDlg, L"Unable to open the thread", status, 0);
}
}
}
break;
case ID_ANALYZE_WAIT:
{
PPH_THREAD_ITEM threadItem = PhGetSelectedThreadItem(&threadsContext->ListContext);
if (threadItem)
{
PhReferenceObject(threadsContext->Provider->SymbolProvider);
PhUiAnalyzeWaitThread(
hwndDlg,
processItem->ProcessId,
threadItem->ThreadId,
threadsContext->Provider->SymbolProvider
);
PhDereferenceObject(threadsContext->Provider->SymbolProvider);
}
}
break;
case ID_PRIORITY_TIMECRITICAL:
case ID_PRIORITY_HIGHEST:
case ID_PRIORITY_ABOVENORMAL:
case ID_PRIORITY_NORMAL:
case ID_PRIORITY_BELOWNORMAL:
case ID_PRIORITY_LOWEST:
case ID_PRIORITY_IDLE:
{
PPH_THREAD_ITEM threadItem = PhGetSelectedThreadItem(&threadsContext->ListContext);
if (threadItem)
{
ULONG threadPriorityWin32;
switch (id)
{
case ID_PRIORITY_TIMECRITICAL:
threadPriorityWin32 = THREAD_PRIORITY_TIME_CRITICAL;
break;
case ID_PRIORITY_HIGHEST:
threadPriorityWin32 = THREAD_PRIORITY_HIGHEST;
break;
case ID_PRIORITY_ABOVENORMAL:
threadPriorityWin32 = THREAD_PRIORITY_ABOVE_NORMAL;
break;
case ID_PRIORITY_NORMAL:
threadPriorityWin32 = THREAD_PRIORITY_NORMAL;
break;
case ID_PRIORITY_BELOWNORMAL:
threadPriorityWin32 = THREAD_PRIORITY_BELOW_NORMAL;
break;
case ID_PRIORITY_LOWEST:
threadPriorityWin32 = THREAD_PRIORITY_LOWEST;
break;
case ID_PRIORITY_IDLE:
threadPriorityWin32 = THREAD_PRIORITY_IDLE;
break;
}
PhReferenceObject(threadItem);
PhUiSetPriorityThread(hwndDlg, threadItem, threadPriorityWin32);
PhDereferenceObject(threadItem);
}
}
break;
case ID_IOPRIORITY_VERYLOW:
case ID_IOPRIORITY_LOW:
case ID_IOPRIORITY_NORMAL:
case ID_IOPRIORITY_HIGH:
{
PPH_THREAD_ITEM threadItem = PhGetSelectedThreadItem(&threadsContext->ListContext);
if (threadItem)
{
IO_PRIORITY_HINT ioPriority;
switch (id)
{
case ID_IOPRIORITY_VERYLOW:
ioPriority = IoPriorityVeryLow;
break;
case ID_IOPRIORITY_LOW:
ioPriority = IoPriorityLow;
break;
case ID_IOPRIORITY_NORMAL:
ioPriority = IoPriorityNormal;
break;
case ID_IOPRIORITY_HIGH:
ioPriority = IoPriorityHigh;
break;
}
PhReferenceObject(threadItem);
PhUiSetIoPriorityThread(hwndDlg, threadItem, ioPriority);
PhDereferenceObject(threadItem);
}
}
break;
case ID_PAGEPRIORITY_VERYLOW:
case ID_PAGEPRIORITY_LOW:
case ID_PAGEPRIORITY_MEDIUM:
case ID_PAGEPRIORITY_BELOWNORMAL:
case ID_PAGEPRIORITY_NORMAL:
{
PPH_THREAD_ITEM threadItem = PhGetSelectedThreadItem(&threadsContext->ListContext);
if (threadItem)
{
ULONG pagePriority;
switch (id)
{
case ID_PAGEPRIORITY_VERYLOW:
pagePriority = MEMORY_PRIORITY_VERY_LOW;
break;
case ID_PAGEPRIORITY_LOW:
pagePriority = MEMORY_PRIORITY_LOW;
break;
case ID_PAGEPRIORITY_MEDIUM:
pagePriority = MEMORY_PRIORITY_MEDIUM;
break;
case ID_PAGEPRIORITY_BELOWNORMAL:
pagePriority = MEMORY_PRIORITY_BELOW_NORMAL;
break;
case ID_PAGEPRIORITY_NORMAL:
pagePriority = MEMORY_PRIORITY_NORMAL;
break;
}
PhReferenceObject(threadItem);
PhUiSetPagePriorityThread(hwndDlg, threadItem, pagePriority);
PhDereferenceObject(threadItem);
}
}
break;
case ID_THREAD_COPY:
{
PPH_STRING text;
text = PhGetTreeNewText(tnHandle, 0);
PhSetClipboardString(tnHandle, &text->sr);
PhDereferenceObject(text);
}
break;
case IDC_OPENSTARTMODULE:
{
PPH_THREAD_ITEM threadItem = PhGetSelectedThreadItem(&threadsContext->ListContext);
if (threadItem && threadItem->StartAddressFileName)
{
PhShellExploreFile(hwndDlg, threadItem->StartAddressFileName->Buffer);
}
}
break;
}
}
break;
case WM_NOTIFY:
{
LPNMHDR header = (LPNMHDR)lParam;
switch (header->code)
{
case PSN_SETACTIVE:
break;
case PSN_KILLACTIVE:
// Can't disable, it screws up the deltas.
break;
}
}
break;
case WM_PH_THREADS_UPDATED:
{
ULONG upToRunId = (ULONG)wParam;
BOOLEAN firstRun = !!lParam;
PPH_PROVIDER_EVENT events;
ULONG count;
ULONG i;
events = PhFlushProviderEventQueue(&threadsContext->EventQueue, upToRunId, &count);
if (events)
{
TreeNew_SetRedraw(tnHandle, FALSE);
for (i = 0; i < count; i++)
{
PH_PROVIDER_EVENT_TYPE type = PH_PROVIDER_EVENT_TYPE(events[i]);
PPH_THREAD_ITEM threadItem = PH_PROVIDER_EVENT_OBJECT(events[i]);
switch (type)
{
case ProviderAddedEvent:
PhAddThreadNode(&threadsContext->ListContext, threadItem, firstRun);
PhDereferenceObject(threadItem);
break;
case ProviderModifiedEvent:
PhUpdateThreadNode(&threadsContext->ListContext, PhFindThreadNode(&threadsContext->ListContext, threadItem->ThreadId));
break;
case ProviderRemovedEvent:
PhRemoveThreadNode(&threadsContext->ListContext, PhFindThreadNode(&threadsContext->ListContext, threadItem->ThreadId));
break;
}
}
PhFree(events);
}
PhTickThreadNodes(&threadsContext->ListContext);
if (count != 0)
TreeNew_SetRedraw(tnHandle, TRUE);
if (propPageContext->PropContext->SelectThreadId)
{
PPH_THREAD_NODE threadNode;
if (threadNode = PhFindThreadNode(&threadsContext->ListContext, propPageContext->PropContext->SelectThreadId))
{
if (threadNode->Node.Visible)
{
TreeNew_SetFocusNode(tnHandle, &threadNode->Node);
TreeNew_SetMarkNode(tnHandle, &threadNode->Node);
TreeNew_SelectRange(tnHandle, threadNode->Node.Index, threadNode->Node.Index);
TreeNew_EnsureVisible(tnHandle, &threadNode->Node);
}
}
propPageContext->PropContext->SelectThreadId = NULL;
}
PhpUpdateThreadDetails(hwndDlg, threadsContext, FALSE);
}
break;
case WM_PH_THREAD_SELECTION_CHANGED:
{
PhpUpdateThreadDetails(hwndDlg, threadsContext, TRUE);
}
break;
}
return FALSE;
}
LOGICAL DllMain(
__in HINSTANCE Instance,
__in ULONG Reason,
__reserved PVOID Reserved
)
{
switch (Reason)
{
case DLL_PROCESS_ATTACH:
{
PPH_PLUGIN_INFORMATION info;
PluginInstance = PhRegisterPlugin(L"ProcessHacker.ExtendedTools", Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L"Extended Tools";
info->Author = L"wj32";
info->Description = L"Extended functionality for Windows Vista and above, including ETW monitoring, GPU monitoring and a Disk tab.";
info->HasOptions = TRUE;
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackLoad),
LoadCallback,
NULL,
&PluginLoadCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackUnload),
UnloadCallback,
NULL,
&PluginUnloadCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackShowOptions),
ShowOptionsCallback,
NULL,
&PluginShowOptionsCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackMenuItem),
MenuItemCallback,
NULL,
&PluginMenuItemCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackTreeNewMessage),
TreeNewMessageCallback,
NULL,
&PluginTreeNewMessageCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackMainWindowShowing),
MainWindowShowingCallback,
NULL,
&MainWindowShowingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackProcessPropertiesInitializing),
ProcessPropertiesInitializingCallback,
NULL,
&ProcessPropertiesInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackHandlePropertiesInitializing),
HandlePropertiesInitializingCallback,
NULL,
&HandlePropertiesInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackProcessMenuInitializing),
ProcessMenuInitializingCallback,
NULL,
&ProcessMenuInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackThreadMenuInitializing),
ThreadMenuInitializingCallback,
NULL,
&ThreadMenuInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackModuleMenuInitializing),
ModuleMenuInitializingCallback,
NULL,
&ModuleMenuInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackProcessTreeNewInitializing),
ProcessTreeNewInitializingCallback,
NULL,
&ProcessTreeNewInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackNetworkTreeNewInitializing),
NetworkTreeNewInitializingCallback,
NULL,
&NetworkTreeNewInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackSystemInformationInitializing),
SystemInformationInitializingCallback,
NULL,
&SystemInformationInitializingCallbackRegistration
);
PhRegisterCallback(
&PhProcessesUpdatedEvent,
ProcessesUpdatedCallback,
NULL,
&ProcessesUpdatedCallbackRegistration
);
PhRegisterCallback(
&PhNetworkItemsUpdatedEvent,
NetworkItemsUpdatedCallback,
NULL,
&NetworkItemsUpdatedCallbackRegistration
);
InitializeListHead(&EtProcessBlockListHead);
InitializeListHead(&EtNetworkBlockListHead);
PhPluginSetObjectExtension(
PluginInstance,
EmProcessItemType,
sizeof(ET_PROCESS_BLOCK),
ProcessItemCreateCallback,
ProcessItemDeleteCallback
);
PhPluginSetObjectExtension(
PluginInstance,
EmNetworkItemType,
sizeof(ET_NETWORK_BLOCK),
NetworkItemCreateCallback,
NetworkItemDeleteCallback
);
{
static PH_SETTING_CREATE settings[] =
{
{ StringSettingType, SETTING_NAME_DISK_TREE_LIST_COLUMNS, L"" },
{ IntegerPairSettingType, SETTING_NAME_DISK_TREE_LIST_SORT, L"4,2" }, // 4, DescendingSortOrder
{ IntegerSettingType, SETTING_NAME_ENABLE_ETW_MONITOR, L"1" },
{ IntegerSettingType, SETTING_NAME_ENABLE_GPU_MONITOR, L"1" },
{ StringSettingType, SETTING_NAME_GPU_NODE_BITMAP, L"01000000" }
};
PhAddSettings(settings, sizeof(settings) / sizeof(PH_SETTING_CREATE));
}
}
break;
}
return TRUE;
}
INT_PTR CALLBACK EtwDiskNetworkPageDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
LPPROPSHEETPAGE propSheetPage;
PPH_PROCESS_PROPPAGECONTEXT propPageContext;
PPH_PROCESS_ITEM processItem;
PET_DISKNET_CONTEXT context;
if (PhPropPageDlgProcHeader(hwndDlg, uMsg, lParam, &propSheetPage, &propPageContext, &processItem))
{
context = propPageContext->Context;
}
else
{
return FALSE;
}
switch (uMsg)
{
case WM_INITDIALOG:
{
ULONG sampleCount;
// We have already set the group boxes to have WS_EX_TRANSPARENT to fix
// the drawing issue that arises when using WS_CLIPCHILDREN. However
// in removing the flicker from the graphs the group boxes will now flicker.
// It's a good tradeoff since no one stares at the group boxes.
PhSetWindowStyle(hwndDlg, WS_CLIPCHILDREN, WS_CLIPCHILDREN);
sampleCount = PhGetIntegerSetting(L"SampleCount");
context = PhAllocateZero(sizeof(ET_DISKNET_CONTEXT));
context->WindowHandle = hwndDlg;
context->Block = EtGetProcessBlock(processItem);
context->Enabled = TRUE;
context->DiskGroupBox = GetDlgItem(hwndDlg, IDC_GROUPDISK);
context->NetworkGroupBox = GetDlgItem(hwndDlg, IDC_GROUPNETWORK);
propPageContext->Context = context;
PhInitializeLayoutManager(&context->LayoutManager, hwndDlg);
PhInitializeGraphState(&context->DiskGraphState);
PhInitializeGraphState(&context->NetworkGraphState);
PhInitializeCircularBuffer_ULONG64(&context->DiskReadHistory, sampleCount);
PhInitializeCircularBuffer_ULONG64(&context->DiskWriteHistory, sampleCount);
PhInitializeCircularBuffer_ULONG64(&context->NetworkSendHistory, sampleCount);
PhInitializeCircularBuffer_ULONG64(&context->NetworkReceiveHistory, sampleCount);
EtwDiskNetworkCreateGraphs(context);
EtwDiskNetworkCreatePanel(context);
EtwDiskNetworkUpdateInfo(context);
EtwDiskNetworkUpdatePanel(context);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackProcessProviderUpdatedEvent),
EtwDiskNetworkUpdateHandler,
context,
&context->ProcessesUpdatedRegistration
);
PhInitializeWindowTheme(hwndDlg, !!PhGetIntegerSetting(L"EnableThemeSupport"));
}
break;
case WM_DESTROY:
{
PhDeleteLayoutManager(&context->LayoutManager);
PhDeleteGraphState(&context->DiskGraphState);
PhDeleteGraphState(&context->NetworkGraphState);
PhDeleteCircularBuffer_ULONG64(&context->DiskReadHistory);
PhDeleteCircularBuffer_ULONG64(&context->DiskWriteHistory);
PhDeleteCircularBuffer_ULONG64(&context->NetworkSendHistory);
PhDeleteCircularBuffer_ULONG64(&context->NetworkReceiveHistory);
if (context->DiskGraphHandle)
DestroyWindow(context->DiskGraphHandle);
if (context->NetworkGraphHandle)
DestroyWindow(context->NetworkGraphHandle);
if (context->PanelHandle)
DestroyWindow(context->PanelHandle);
PhUnregisterCallback(PhGetGeneralCallback(GeneralCallbackProcessProviderUpdatedEvent), &context->ProcessesUpdatedRegistration);
PhFree(context);
}
break;
case WM_SHOWWINDOW:
{
if (PhBeginPropPageLayout(hwndDlg, propPageContext))
PhEndPropPageLayout(hwndDlg, propPageContext);
}
break;
case WM_NOTIFY:
{
LPNMHDR header = (LPNMHDR)lParam;
switch (header->code)
{
case PSN_SETACTIVE:
context->Enabled = TRUE;
break;
case PSN_KILLACTIVE:
context->Enabled = FALSE;
break;
case GCN_GETDRAWINFO:
{
PPH_GRAPH_GETDRAWINFO getDrawInfo = (PPH_GRAPH_GETDRAWINFO)header;
PPH_GRAPH_DRAW_INFO drawInfo = getDrawInfo->DrawInfo;
if (header->hwndFrom == context->DiskGraphHandle)
{
if (PhGetIntegerSetting(L"GraphShowText"))
{
HDC hdc;
PhMoveReference(&context->DiskGraphState.Text, PhFormatString(
L"R: %s, W: %s",
PhaFormatSize(context->CurrentDiskRead, ULONG_MAX)->Buffer,
PhaFormatSize(context->CurrentDiskWrite, ULONG_MAX)->Buffer
));
hdc = Graph_GetBufferedContext(context->DiskGraphHandle);
SelectObject(hdc, PhApplicationFont);
PhSetGraphText(hdc, drawInfo, &context->DiskGraphState.Text->sr,
&NormalGraphTextMargin, &NormalGraphTextPadding, PH_ALIGN_TOP | PH_ALIGN_LEFT);
}
else
{
drawInfo->Text.Buffer = NULL;
}
drawInfo->Flags = PH_GRAPH_USE_GRID_X | PH_GRAPH_USE_GRID_Y | PH_GRAPH_LABEL_MAX_Y | PH_GRAPH_USE_LINE_2;
PhSiSetColorsGraphDrawInfo(drawInfo, PhGetIntegerSetting(L"ColorIoReadOther"), PhGetIntegerSetting(L"ColorIoWrite"));
PhGraphStateGetDrawInfo(&context->DiskGraphState, getDrawInfo, context->DiskReadHistory.Count);
if (!context->DiskGraphState.Valid)
{
FLOAT max = 0;
for (ULONG i = 0; i < drawInfo->LineDataCount; i++)
{
FLOAT data1;
FLOAT data2;
context->DiskGraphState.Data1[i] = data1 = (FLOAT)PhGetItemCircularBuffer_ULONG64(&context->DiskReadHistory, i);
context->DiskGraphState.Data2[i] = data2 = (FLOAT)PhGetItemCircularBuffer_ULONG64(&context->DiskWriteHistory, i);
if (max < data1 + data2)
max = data1 + data2;
}
// Minimum scaling of 1 MB.
//if (max < 1024 * 1024)
// max = 1024 * 1024;
if (max != 0)
{
// Scale the data.
PhDivideSinglesBySingle(
context->DiskGraphState.Data1,
max,
drawInfo->LineDataCount
);
PhDivideSinglesBySingle(
context->DiskGraphState.Data2,
max,
drawInfo->LineDataCount
);
}
drawInfo->LabelYFunction = PhSiSizeLabelYFunction;
drawInfo->LabelYFunctionParameter = max;
context->DiskGraphState.Valid = TRUE;
}
}
else if (header->hwndFrom == context->NetworkGraphHandle)
{
if (PhGetIntegerSetting(L"GraphShowText"))
{
HDC hdc;
PhMoveReference(&context->NetworkGraphState.Text, PhFormatString(
L"R: %s, S: %s",
PhaFormatSize(context->CurrentNetworkReceive, ULONG_MAX)->Buffer,
PhaFormatSize(context->CurrentNetworkSend, ULONG_MAX)->Buffer
));
hdc = Graph_GetBufferedContext(context->NetworkGraphHandle);
SelectObject(hdc, PhApplicationFont);
PhSetGraphText(hdc, drawInfo, &context->NetworkGraphState.Text->sr,
&NormalGraphTextMargin, &NormalGraphTextPadding, PH_ALIGN_TOP | PH_ALIGN_LEFT);
}
else
{
drawInfo->Text.Buffer = NULL;
}
drawInfo->Flags = PH_GRAPH_USE_GRID_X | PH_GRAPH_USE_GRID_Y | PH_GRAPH_LABEL_MAX_Y | PH_GRAPH_USE_LINE_2;
PhSiSetColorsGraphDrawInfo(drawInfo, PhGetIntegerSetting(L"ColorIoReadOther"), PhGetIntegerSetting(L"ColorIoWrite"));
PhGraphStateGetDrawInfo(&context->NetworkGraphState, getDrawInfo, context->NetworkSendHistory.Count);
if (!context->NetworkGraphState.Valid)
{
FLOAT max = 0;
for (ULONG i = 0; i < drawInfo->LineDataCount; i++)
{
FLOAT data1;
FLOAT data2;
context->NetworkGraphState.Data1[i] = data1 = (FLOAT)PhGetItemCircularBuffer_ULONG64(&context->NetworkReceiveHistory, i);
context->NetworkGraphState.Data2[i] = data2 = (FLOAT)PhGetItemCircularBuffer_ULONG64(&context->NetworkSendHistory, i);
if (max < data1 + data2)
max = data1 + data2;
}
// Minimum scaling of 1 MB.
//if (max < 1024 * 1024)
// max = 1024 * 1024;
if (max != 0)
{
// Scale the data.
PhDivideSinglesBySingle(
context->NetworkGraphState.Data1,
max,
drawInfo->LineDataCount
);
PhDivideSinglesBySingle(
context->NetworkGraphState.Data2,
max,
drawInfo->LineDataCount
);
}
drawInfo->LabelYFunction = PhSiSizeLabelYFunction;
drawInfo->LabelYFunctionParameter = max;
context->NetworkGraphState.Valid = TRUE;
}
}
}
break;
case GCN_GETTOOLTIPTEXT:
{
PPH_GRAPH_GETTOOLTIPTEXT getTooltipText = (PPH_GRAPH_GETTOOLTIPTEXT)lParam;
if (getTooltipText->Index < getTooltipText->TotalCount)
{
if (header->hwndFrom == context->DiskGraphHandle)
{
if (context->DiskGraphState.TooltipIndex != getTooltipText->Index)
{
ULONG64 diskRead = PhGetItemCircularBuffer_ULONG64(
&context->DiskReadHistory,
getTooltipText->Index
);
ULONG64 diskWrite = PhGetItemCircularBuffer_ULONG64(
&context->DiskWriteHistory,
getTooltipText->Index
);
PhMoveReference(&context->DiskGraphState.TooltipText, PhFormatString(
L"R: %s\nW: %s\n%s",
PhaFormatSize(diskRead, ULONG_MAX)->Buffer,
PhaFormatSize(diskWrite, ULONG_MAX)->Buffer,
((PPH_STRING)PH_AUTO(PhGetStatisticsTimeString(NULL, getTooltipText->Index)))->Buffer
));
}
getTooltipText->Text = PhGetStringRef(context->DiskGraphState.TooltipText);
}
else if (header->hwndFrom == context->NetworkGraphHandle)
{
if (context->NetworkGraphState.TooltipIndex != getTooltipText->Index)
{
ULONG64 networkSend = PhGetItemCircularBuffer_ULONG64(
&context->NetworkSendHistory,
getTooltipText->Index
);
ULONG64 networkReceive = PhGetItemCircularBuffer_ULONG64(
&context->NetworkReceiveHistory,
getTooltipText->Index
);
PhMoveReference(&context->NetworkGraphState.TooltipText, PhFormatString(
L"S: %s\nR: %s\n%s",
PhaFormatSize(networkSend, ULONG_MAX)->Buffer,
PhaFormatSize(networkReceive, ULONG_MAX)->Buffer,
((PPH_STRING)PH_AUTO(PhGetStatisticsTimeString(NULL, getTooltipText->Index)))->Buffer
));
}
getTooltipText->Text = PhGetStringRef(context->NetworkGraphState.TooltipText);
}
}
}
break;
}
}
break;
case ET_WM_UPDATE:
{
if (context->Enabled)
{
EtwDiskNetworkUpdateInfo(context);
EtwDiskNetworkUpdateGraphs(context);
EtwDiskNetworkUpdatePanel(context);
}
}
break;
case WM_SIZE:
{
EtwDiskNetworkLayoutGraphs(context);
}
break;
}
return FALSE;
}
INT_PTR CALLBACK PhpProcessStatisticsDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
LPPROPSHEETPAGE propSheetPage;
PPH_PROCESS_PROPPAGECONTEXT propPageContext;
PPH_PROCESS_ITEM processItem;
PPH_STATISTICS_CONTEXT statisticsContext;
if (PhpPropPageDlgProcHeader(hwndDlg, uMsg, lParam,
&propSheetPage, &propPageContext, &processItem))
{
statisticsContext = (PPH_STATISTICS_CONTEXT)propPageContext->Context;
}
else
{
return FALSE;
}
switch (uMsg)
{
case WM_INITDIALOG:
{
statisticsContext = propPageContext->Context =
PhAllocate(sizeof(PH_STATISTICS_CONTEXT));
statisticsContext->WindowHandle = hwndDlg;
statisticsContext->Enabled = TRUE;
statisticsContext->ProcessHandle = NULL;
// Try to open a process handle with PROCESS_QUERY_INFORMATION access for
// WS information.
PhOpenProcess(
&statisticsContext->ProcessHandle,
PROCESS_QUERY_INFORMATION,
processItem->ProcessId
);
PhRegisterCallback(
&PhProcessesUpdatedEvent,
StatisticsUpdateHandler,
statisticsContext,
&statisticsContext->ProcessesUpdatedRegistration
);
PhpUpdateProcessStatistics(hwndDlg, processItem, statisticsContext);
}
break;
case WM_DESTROY:
{
PhUnregisterCallback(
&PhProcessesUpdatedEvent,
&statisticsContext->ProcessesUpdatedRegistration
);
if (statisticsContext->ProcessHandle)
NtClose(statisticsContext->ProcessHandle);
PhFree(statisticsContext);
PhpPropPageDlgProcDestroy(hwndDlg);
}
break;
case WM_SHOWWINDOW:
{
if (!propPageContext->LayoutInitialized)
{
PPH_LAYOUT_ITEM dialogItem;
dialogItem = PhAddPropPageLayoutItem(hwndDlg, hwndDlg,
PH_PROP_PAGE_TAB_CONTROL_PARENT, PH_ANCHOR_ALL);
PhDoPropPageLayout(hwndDlg);
propPageContext->LayoutInitialized = TRUE;
}
}
break;
case WM_COMMAND:
{
switch (LOWORD(wParam))
{
case IDC_DETAILS:
{
PhShowHandleStatisticsDialog(hwndDlg, processItem->ProcessId);
}
break;
}
}
break;
case WM_NOTIFY:
{
LPNMHDR header = (LPNMHDR)lParam;
switch (header->code)
{
case PSN_SETACTIVE:
statisticsContext->Enabled = TRUE;
break;
case PSN_KILLACTIVE:
statisticsContext->Enabled = FALSE;
break;
}
}
break;
case WM_PH_STATISTICS_UPDATE:
{
PhpUpdateProcessStatistics(hwndDlg, processItem, statisticsContext);
}
break;
}
return FALSE;
}
LOGICAL DllMain(
_In_ HINSTANCE Instance,
_In_ ULONG Reason,
_Reserved_ PVOID Reserved
)
{
switch (Reason)
{
case DLL_PROCESS_ATTACH:
{
PPH_PLUGIN_INFORMATION info;
PH_SETTING_CREATE settings[] =
{
{ StringSettingType, SETTING_NAME_ASM_TREE_LIST_COLUMNS, L"" },
{ IntegerSettingType, SETTING_NAME_DOT_NET_CATEGORY_INDEX, L"5" },
{ StringSettingType, SETTING_NAME_DOT_NET_COUNTERS_COLUMNS, L"" },
{ IntegerSettingType, SETTING_NAME_DOT_NET_SHOW_BYTE_SIZE, L"1" }
};
PluginInstance = PhRegisterPlugin(PLUGIN_NAME, Instance, &info);
if (!PluginInstance)
return FALSE;
info->DisplayName = L".NET Tools";
info->Author = L"dmex, wj32";
info->Description = L"Adds .NET performance counters, assembly information, thread stack support, and more.";
info->Url = L"https://wj32.org/processhacker/forums/viewtopic.php?t=1111";
info->HasOptions = FALSE;
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackLoad),
LoadCallback,
NULL,
&PluginLoadCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackUnload),
UnloadCallback,
NULL,
&PluginUnloadCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackShowOptions),
ShowOptionsCallback,
NULL,
&PluginShowOptionsCallbackRegistration
);
//PhRegisterCallback(
// PhGetPluginCallback(PluginInstance, PluginCallbackMenuItem),
// MenuItemCallback,
// NULL,
// &PluginMenuItemCallbackRegistration
// );
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackTreeNewMessage),
TreeNewMessageCallback,
NULL,
&PluginTreeNewMessageCallbackRegistration
);
PhRegisterCallback(
PhGetPluginCallback(PluginInstance, PluginCallbackPhSvcRequest),
PhSvcRequestCallback,
NULL,
&PluginPhSvcRequestCallbackRegistration
);
//PhRegisterCallback(
// PhGetGeneralCallback(GeneralCallbackMainWindowShowing),
// MainWindowShowingCallback,
// NULL,
// &MainWindowShowingCallbackRegistration
// );
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackProcessPropertiesInitializing),
ProcessPropertiesInitializingCallback,
NULL,
&ProcessPropertiesInitializingCallbackRegistration
);
//PhRegisterCallback(
// PhGetGeneralCallback(GeneralCallbackProcessMenuInitializing),
// ProcessMenuInitializingCallback,
// NULL,
// &ProcessMenuInitializingCallbackRegistration
// );
//PhRegisterCallback(
// PhGetGeneralCallback(GeneralCallbackThreadMenuInitializing),
// ThreadMenuInitializingCallback,
// NULL,
// &ThreadMenuInitializingCallbackRegistration
// );
//PhRegisterCallback(
// PhGetGeneralCallback(GeneralCallbackModuleMenuInitializing),
// ModuleMenuInitializingCallback,
// NULL,
// &ModuleMenuInitializingCallbackRegistration
// );
//PhRegisterCallback(
// PhGetGeneralCallback(GeneralCallbackProcessTreeNewInitializing),
// ProcessTreeNewInitializingCallback,
// NULL,
// &ProcessTreeNewInitializingCallbackRegistration
// );
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackThreadTreeNewInitializing),
ThreadTreeNewInitializingCallback,
NULL,
&ThreadTreeNewInitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackThreadTreeNewUninitializing),
ThreadTreeNewUninitializingCallback,
NULL,
&ThreadTreeNewUninitializingCallbackRegistration
);
PhRegisterCallback(
PhGetGeneralCallback(GeneralCallbackThreadStackControl),
ThreadStackControlCallback,
NULL,
&ThreadStackControlCallbackRegistration
);
PhPluginSetObjectExtension(
PluginInstance,
EmThreadItemType,
sizeof(DN_THREAD_ITEM),
ThreadItemCreateCallback,
ThreadItemDeleteCallback
);
InitializeTreeNewObjectExtensions();
PhAddSettings(settings, ARRAYSIZE(settings));
}
break;
}
return TRUE;
}
