VOID PhGuiSupportInitialization(
VOID
)
{
HMODULE shell32Handle;
HMODULE shlwapiHandle;
HMODULE uxthemeHandle;
shell32Handle = LoadLibrary(L"shell32.dll");
shlwapiHandle = LoadLibrary(L"shlwapi.dll");
uxthemeHandle = LoadLibrary(L"uxtheme.dll");
if (WINDOWS_HAS_UAC)
ChangeWindowMessageFilter_I = PhGetModuleProcAddress(L"user32.dll", "ChangeWindowMessageFilter");
if (WINDOWS_HAS_IMMERSIVE)
IsImmersiveProcess_I = PhGetModuleProcAddress(L"user32.dll", "IsImmersiveProcess");
RunFileDlg = (PVOID)GetProcAddress(shell32Handle, (PSTR)61);
SetWindowTheme_I = (PVOID)GetProcAddress(uxthemeHandle, "SetWindowTheme");
IsThemeActive_I = (PVOID)GetProcAddress(uxthemeHandle, "IsThemeActive");
OpenThemeData_I = (PVOID)GetProcAddress(uxthemeHandle, "OpenThemeData");
CloseThemeData_I = (PVOID)GetProcAddress(uxthemeHandle, "CloseThemeData");
IsThemePartDefined_I = (PVOID)GetProcAddress(uxthemeHandle, "IsThemePartDefined");
DrawThemeBackground_I = (PVOID)GetProcAddress(uxthemeHandle, "DrawThemeBackground");
DrawThemeText_I = (PVOID)GetProcAddress(uxthemeHandle, "DrawThemeText");
GetThemeInt_I = (PVOID)GetProcAddress(uxthemeHandle, "GetThemeInt");
SHAutoComplete_I = (PVOID)GetProcAddress(shlwapiHandle, "SHAutoComplete");
SHCreateShellItem_I = (PVOID)GetProcAddress(shell32Handle, "SHCreateShellItem");
SHOpenFolderAndSelectItems_I = (PVOID)GetProcAddress(shell32Handle, "SHOpenFolderAndSelectItems");
SHParseDisplayName_I = (PVOID)GetProcAddress(shell32Handle, "SHParseDisplayName");
TaskDialogIndirect_I = PhGetModuleProcAddress(L"comctl32.dll", "TaskDialogIndirect");
}
PPH_STRING PhGetServiceNameFromTag(
_In_ HANDLE ProcessId,
_In_ PVOID ServiceTag
)
{
static PQUERY_TAG_INFORMATION I_QueryTagInformation = NULL;
PPH_STRING serviceName = NULL;
TAG_INFO_NAME_FROM_TAG nameFromTag;
if (!I_QueryTagInformation)
{
I_QueryTagInformation = PhGetModuleProcAddress(L"advapi32.dll", "I_QueryTagInformation");
if (!I_QueryTagInformation)
return NULL;
}
memset(&nameFromTag, 0, sizeof(TAG_INFO_NAME_FROM_TAG));
nameFromTag.InParams.dwPid = HandleToUlong(ProcessId);
nameFromTag.InParams.dwTag = PtrToUlong(ServiceTag);
I_QueryTagInformation(NULL, eTagInfoLevelNameFromTag, &nameFromTag);
if (nameFromTag.OutParams.pszName)
{
serviceName = PhCreateString(nameFromTag.OutParams.pszName);
LocalFree(nameFromTag.OutParams.pszName);
}
return serviceName;
}
ULONG UpdateDotNetTraceInfo(
_In_ PASMPAGE_QUERY_CONTEXT Context,
_In_ BOOLEAN ClrV2
)
{
static _EnableTraceEx EnableTraceEx_I = NULL;
ULONG result;
TRACEHANDLE sessionHandle;
PEVENT_TRACE_PROPERTIES properties;
PGUID guidToEnable;
if (!EnableTraceEx_I)
EnableTraceEx_I = PhGetModuleProcAddress(L"advapi32.dll", "EnableTraceEx");
if (!EnableTraceEx_I)
return ERROR_NOT_SUPPORTED;
result = StartDotNetTrace(&sessionHandle, &properties);
if (result != 0)
return result;
if (!ClrV2)
guidToEnable = &ClrRundownProviderGuid;
else
guidToEnable = &ClrRuntimeProviderGuid;
EnableTraceEx_I(
guidToEnable,
NULL,
sessionHandle,
1,
TRACE_LEVEL_INFORMATION,
CLR_LOADER_KEYWORD | CLR_STARTENUMERATION_KEYWORD,
0,
0,
NULL
);
result = ProcessDotNetTrace(Context);
ControlTrace(sessionHandle, NULL, properties, EVENT_TRACE_CONTROL_STOP);
PhFree(properties);
return result;
}
VOID PhpInitializeServiceNonPoll(
VOID
)
{
// Dynamically import the required functions.
NotifyServiceStatusChangeW_I = PhGetModuleProcAddress(L"advapi32.dll", "NotifyServiceStatusChangeW");
if (!NotifyServiceStatusChangeW_I)
return;
PhpNonPollActive = TRUE;
PhpNonPollGate = 1; // initially the gate should be open since we only just initialized everything
PhpNonPollThreadHandle = PhCreateThread(0, PhpServiceNonPollThreadStart, NULL);
if (!PhpNonPollThreadHandle)
{
PhpNonPollActive = FALSE;
return;
}
}
INT_PTR CALLBACK EtpModuleServicesDlgProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
switch (uMsg)
{
case WM_INITDIALOG:
{
PMODULE_SERVICES_CONTEXT context = (PMODULE_SERVICES_CONTEXT)lParam;
ULONG win32Result;
PQUERY_TAG_INFORMATION I_QueryTagInformation;
TAG_INFO_NAMES_REFERENCING_MODULE namesReferencingModule;
PPH_LIST serviceList;
PPH_SERVICE_ITEM *serviceItems;
HWND serviceListHandle;
RECT rect;
PPH_PROCESS_ITEM processItem;
PPH_STRING message;
PhCenterWindow(hwndDlg, GetParent(hwndDlg));
I_QueryTagInformation = PhGetModuleProcAddress(L"advapi32.dll", "I_QueryTagInformation");
if (!I_QueryTagInformation)
{
PhShowError(hwndDlg, L"Unable to query services because the feature is not supported by the operating system.");
EndDialog(hwndDlg, IDCANCEL);
return FALSE;
}
memset(&namesReferencingModule, 0, sizeof(TAG_INFO_NAMES_REFERENCING_MODULE));
namesReferencingModule.InParams.dwPid = HandleToUlong(context->ProcessId);
namesReferencingModule.InParams.pszModule = context->ModuleName;
win32Result = I_QueryTagInformation(NULL, eTagInfoLevelNamesReferencingModule, &namesReferencingModule);
if (win32Result == ERROR_NO_MORE_ITEMS)
win32Result = 0;
if (win32Result != 0)
{
PhShowStatus(hwndDlg, L"Unable to query services", 0, win32Result);
EndDialog(hwndDlg, IDCANCEL);
return FALSE;
}
serviceList = PhCreateList(16);
if (namesReferencingModule.OutParams.pmszNames)
{
PPH_SERVICE_ITEM serviceItem;
PWSTR serviceName;
ULONG nameLength;
serviceName = namesReferencingModule.OutParams.pmszNames;
while (TRUE)
{
nameLength = (ULONG)PhCountStringZ(serviceName);
if (nameLength == 0)
break;
if (serviceItem = PhReferenceServiceItem(serviceName))
PhAddItemList(serviceList, serviceItem);
serviceName += nameLength + 1;
}
LocalFree(namesReferencingModule.OutParams.pmszNames);
}
serviceItems = PhAllocateCopy(serviceList->Items, serviceList->Count * sizeof(PPH_SERVICE_ITEM));
PhDereferenceObject(serviceList);
serviceListHandle = PhCreateServiceListControl(hwndDlg, serviceItems, serviceList->Count);
// Position the control.
GetWindowRect(GetDlgItem(hwndDlg, IDC_SERVICES_LAYOUT), &rect);
MapWindowPoints(NULL, hwndDlg, (POINT *)&rect, 2);
MoveWindow(serviceListHandle, rect.left, rect.top, rect.right - rect.left, rect.bottom - rect.top, FALSE);
ShowWindow(serviceListHandle, SW_SHOW);
if (processItem = PhReferenceProcessItem(context->ProcessId))
{
message = PhFormatString(L"Services referencing %s in %s:", context->ModuleName, processItem->ProcessName->Buffer);
PhDereferenceObject(processItem);
}
else
{
message = PhFormatString(L"Services referencing %s:", context->ModuleName);
}
SetDlgItemText(hwndDlg, IDC_MESSAGE, message->Buffer);
PhDereferenceObject(message);
}
break;
case WM_COMMAND:
{
switch (LOWORD(wParam))
{
case IDCANCEL:
case IDOK:
EndDialog(hwndDlg, IDOK);
break;
}
}
break;
}
return FALSE;
}
HBITMAP ToolbarGetImage(
_In_ INT CommandID
)
{
static INT cx = 0;
static INT cy = 0;
if (!cx)
{
cx = GetSystemMetrics(SM_CXSMICON);
}
if (!cy)
{
cy = GetSystemMetrics(SM_CYSMICON);
}
switch (CommandID)
{
case PHAPP_ID_VIEW_REFRESH:
{
HBITMAP toolbarBitmap = NULL;
if (ToolStatusConfig.ModernIcons)
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_ARROW_REFRESH_MODERN));
}
else
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_ARROW_REFRESH));
}
if (!toolbarBitmap)
{
toolbarBitmap = LoadImage(
PluginInstance->DllBase,
MAKEINTRESOURCE(IDB_ARROW_REFRESH_BMP),
IMAGE_BITMAP,
0, 0, 0
);
}
return toolbarBitmap;
}
break;
case PHAPP_ID_HACKER_OPTIONS:
{
HBITMAP toolbarBitmap = NULL;
if (ToolStatusConfig.ModernIcons)
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_COG_EDIT_MODERN));
}
else
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_COG_EDIT));
}
if (!toolbarBitmap)
{
toolbarBitmap = LoadImage(
PluginInstance->DllBase,
MAKEINTRESOURCE(IDB_COG_EDIT_BMP),
IMAGE_BITMAP,
0, 0, 0
);
}
return toolbarBitmap;
}
break;
case PHAPP_ID_HACKER_FINDHANDLESORDLLS:
{
HBITMAP toolbarBitmap = NULL;
if (ToolStatusConfig.ModernIcons)
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_FIND_MODERN));
}
else
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_FIND));
}
if (!toolbarBitmap)
{
toolbarBitmap = LoadImage(
PluginInstance->DllBase,
MAKEINTRESOURCE(IDB_FIND_BMP),
IMAGE_BITMAP,
0, 0, 0
);
}
return toolbarBitmap;
}
break;
case PHAPP_ID_VIEW_SYSTEMINFORMATION:
{
HBITMAP toolbarBitmap = NULL;
if (ToolStatusConfig.ModernIcons)
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_CHART_LINE_MODERN));
}
else
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_CHART_LINE));
}
if (!toolbarBitmap)
{
toolbarBitmap = LoadImage(
PluginInstance->DllBase,
MAKEINTRESOURCE(IDB_CHART_LINE_BMP),
IMAGE_BITMAP,
0, 0, 0
);
}
return toolbarBitmap;
}
break;
case TIDC_FINDWINDOW:
{
HBITMAP toolbarBitmap = NULL;
if (ToolStatusConfig.ModernIcons)
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_APPLICATION_MODERN));
}
else
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_APPLICATION));
}
if (!toolbarBitmap)
{
toolbarBitmap = LoadImage(
PluginInstance->DllBase,
MAKEINTRESOURCE(IDB_APPLICATION_BMP),
IMAGE_BITMAP,
0, 0, 0
);
}
return toolbarBitmap;
}
break;
case TIDC_FINDWINDOWTHREAD:
{
HBITMAP toolbarBitmap = NULL;
if (ToolStatusConfig.ModernIcons)
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_APPLICATION_GO_MODERN));
}
else
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_APPLICATION_GO));
}
if (!toolbarBitmap)
{
toolbarBitmap = LoadImage(
PluginInstance->DllBase,
MAKEINTRESOURCE(IDB_APPLICATION_GO_BMP),
IMAGE_BITMAP,
0, 0, 0
);
}
return toolbarBitmap;
}
break;
case TIDC_FINDWINDOWKILL:
{
HBITMAP toolbarBitmap = NULL;
if (ToolStatusConfig.ModernIcons)
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_CROSS_MODERN));
}
else
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_CROSS));
}
if (!toolbarBitmap)
{
toolbarBitmap = LoadImage(
PluginInstance->DllBase,
MAKEINTRESOURCE(IDB_CROSS_BMP),
IMAGE_BITMAP,
0, 0, 0
);
}
return toolbarBitmap;
}
break;
case PHAPP_ID_VIEW_ALWAYSONTOP:
{
HBITMAP toolbarBitmap = NULL;
if (ToolStatusConfig.ModernIcons)
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_APPLICATION_GET_MODERN));
}
else
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_APPLICATION_GET));
}
if (!toolbarBitmap)
{
toolbarBitmap = LoadImage(
PluginInstance->DllBase,
MAKEINTRESOURCE(IDB_APPLICATION_GET_BMP),
IMAGE_BITMAP,
0, 0, 0
);
}
return toolbarBitmap;
}
break;
case TIDC_POWERMENUDROPDOWN:
{
HBITMAP toolbarBitmap = NULL;
if (ToolStatusConfig.ModernIcons)
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_POWER_MODERN));
}
else
{
toolbarBitmap = LoadImageFromResources(cx, cy, MAKEINTRESOURCE(IDB_POWER));
}
if (!toolbarBitmap)
{
toolbarBitmap = LoadImage(
PluginInstance->DllBase,
MAKEINTRESOURCE(IDB_POWER_BMP),
IMAGE_BITMAP,
0, 0, 0
);
}
return toolbarBitmap;
}
break;
case PHAPP_ID_HACKER_SHOWDETAILSFORALLPROCESSES:
{
HBITMAP toolbarBitmap = NULL;
HICON shieldIcon = NULL;
_LoadIconMetric loadIconMetric = NULL;
// It is necessary to use LoadIconMetric because otherwise the icons are at the wrong
// resolution and look very bad when scaled down to the small icon size.
loadIconMetric = (_LoadIconMetric)PhGetModuleProcAddress(L"comctl32.dll", "LoadIconMetric");
if (loadIconMetric && SUCCEEDED(loadIconMetric(NULL, IDI_SHIELD, LIM_SMALL, &shieldIcon)))
{
toolbarBitmap = PhIconToBitmap(
shieldIcon,
cx,
cy
);
DestroyIcon(shieldIcon);
}
return toolbarBitmap;
}
break;
}
return NULL;
}
INT_PTR CALLBACK PhSipMemoryDialogProc(
_In_ HWND hwndDlg,
_In_ UINT uMsg,
_In_ WPARAM wParam,
_In_ LPARAM lParam
)
{
switch (uMsg)
{
case WM_INITDIALOG:
{
static BOOL (WINAPI *getPhysicallyInstalledSystemMemory)(PULONGLONG) = NULL;
PPH_LAYOUT_ITEM graphItem;
PPH_LAYOUT_ITEM panelItem;
PhSipInitializeMemoryDialog();
MemoryDialog = hwndDlg;
PhInitializeLayoutManager(&MemoryLayoutManager, hwndDlg);
PhAddLayoutItem(&MemoryLayoutManager, GetDlgItem(hwndDlg, IDC_TOTALPHYSICAL), NULL, PH_ANCHOR_LEFT | PH_ANCHOR_TOP | PH_ANCHOR_RIGHT | PH_LAYOUT_FORCE_INVALIDATE);
graphItem = PhAddLayoutItem(&MemoryLayoutManager, GetDlgItem(hwndDlg, IDC_GRAPH_LAYOUT), NULL, PH_ANCHOR_ALL);
MemoryGraphMargin = graphItem->Margin;
panelItem = PhAddLayoutItem(&MemoryLayoutManager, GetDlgItem(hwndDlg, IDC_LAYOUT), NULL, PH_ANCHOR_LEFT | PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM);
SendMessage(GetDlgItem(hwndDlg, IDC_TITLE), WM_SETFONT, (WPARAM)MemorySection->Parameters->LargeFont, FALSE);
SendMessage(GetDlgItem(hwndDlg, IDC_TOTALPHYSICAL), WM_SETFONT, (WPARAM)MemorySection->Parameters->MediumFont, FALSE);
if (!getPhysicallyInstalledSystemMemory)
getPhysicallyInstalledSystemMemory = PhGetModuleProcAddress(L"kernel32.dll", "GetPhysicallyInstalledSystemMemory");
InstalledMemory = 0;
if (getPhysicallyInstalledSystemMemory && getPhysicallyInstalledSystemMemory(&InstalledMemory))
{
SetDlgItemText(hwndDlg, IDC_TOTALPHYSICAL,
PhaConcatStrings2(PhaFormatSize(InstalledMemory * 1024, -1)->Buffer, L" installed")->Buffer);
}
else
{
SetDlgItemText(hwndDlg, IDC_TOTALPHYSICAL,
PhaConcatStrings2(PhaFormatSize(UInt32x32To64(PhSystemBasicInformation.NumberOfPhysicalPages, PAGE_SIZE), -1)->Buffer, L" total")->Buffer);
}
MemoryPanel = CreateDialog(
PhInstanceHandle,
MAKEINTRESOURCE(IDD_SYSINFO_MEMPANEL),
hwndDlg,
PhSipMemoryPanelDialogProc
);
ShowWindow(MemoryPanel, SW_SHOW);
PhAddLayoutItemEx(&MemoryLayoutManager, MemoryPanel, NULL, PH_ANCHOR_LEFT | PH_ANCHOR_RIGHT | PH_ANCHOR_BOTTOM, panelItem->Margin);
CommitGraphHandle = CreateWindow(
PH_GRAPH_CLASSNAME,
NULL,
WS_VISIBLE | WS_CHILD | WS_BORDER,
0,
0,
3,
3,
MemoryDialog,
(HMENU)IDC_COMMIT,
PhInstanceHandle,
NULL
);
Graph_SetTooltip(CommitGraphHandle, TRUE);
PhysicalGraphHandle = CreateWindow(
PH_GRAPH_CLASSNAME,
NULL,
WS_VISIBLE | WS_CHILD | WS_BORDER,
0,
0,
3,
3,
MemoryDialog,
(HMENU)IDC_PHYSICAL,
PhInstanceHandle,
NULL
);
Graph_SetTooltip(PhysicalGraphHandle, TRUE);
PhSipUpdateMemoryGraphs();
PhSipUpdateMemoryPanel();
}
break;
case WM_DESTROY:
{
PhDeleteLayoutManager(&MemoryLayoutManager);
}
break;
case WM_SIZE:
{
PhLayoutManagerLayout(&MemoryLayoutManager);
PhSipLayoutMemoryGraphs();
}
break;
case WM_NOTIFY:
{
NMHDR *header = (NMHDR *)lParam;
if (header->hwndFrom == CommitGraphHandle)
{
PhSipNotifyCommitGraph(header);
}
else if (header->hwndFrom == PhysicalGraphHandle)
{
PhSipNotifyPhysicalGraph(header);
}
}
break;
}
return FALSE;
}
