public ListViewItem FormatRegistryMessage(FilterAPI.MessageSendData messageSend)
{
ListViewItem lvItem = new ListViewItem();
try
{
string userName = string.Empty;
string processName = string.Empty;
FilterAPI.DecodeUserName(messageSend.Sid, out userName);
FilterAPI.DecodeProcessName(messageSend.ProcessId, out processName);
string[] listData = new string[listView_Message.Columns.Count];
int col = 0;
listData[col++] = messageSend.MessageId.ToString();
listData[col++] = FormatDateTime(messageSend.TransactionTime);
listData[col++] = userName;
listData[col++] = processName + " (" + messageSend.ProcessId + ")";
listData[col++] = messageSend.ThreadId.ToString();
listData[col++] = GetRegCallbackClassName(messageSend);
listData[col++] = messageSend.FileName;
listData[col++] = FilterMessage.FormatStatus(messageSend.Status);
listData[col++] = RegistryHandler.FormatDescription(messageSend);
lvItem = new ListViewItem(listData, 0);
if (messageSend.Status >= (uint)NtStatus.Status.Error)
{
lvItem.BackColor = Color.LightGray;
lvItem.ForeColor = Color.Red;
}
else if (messageSend.Status > (uint)NtStatus.Status.Warning)
{
lvItem.BackColor = Color.LightGray;
lvItem.ForeColor = Color.Yellow;
}
if (GlobalConfig.EnableLogTransaction)
{
FilterMessage.LogTrasaction(listData);
}
AddItemToList(lvItem);
}
catch (Exception ex)
{
EventManager.WriteMessage(445, "GetFilterMessage", EventLevel.Error, "Add callback message failed." + ex.Message);
lvItem = null;
}
return(lvItem);
}
public ListViewItem FormatProcessInfo(FilterAPI.PROCESS_INFO processInfo)
{
ListViewItem lvItem = new ListViewItem();
try
{
string userName = string.Empty;
FilterAPI.DecodeUserName(processInfo.Sid, out userName);
string[] listData = new string[listView_Message.Columns.Count];
int col = 0;
listData[col++] = processInfo.MessageId.ToString();
listData[col++] = ((FilterAPI.FilterCommand)processInfo.MessageType).ToString();
listData[col++] = userName;
listData[col++] = processInfo.ImageFileName + " (" + processInfo.ProcessId + ")";
listData[col++] = processInfo.ThreadId.ToString();
listData[col++] = FormatDescription(processInfo);
lvItem = new ListViewItem(listData, 0);
if (processInfo.Status >= (uint)NtStatus.Status.Error)
{
lvItem.BackColor = Color.LightGray;
lvItem.ForeColor = Color.Red;
}
else if (processInfo.Status > (uint)NtStatus.Status.Warning)
{
lvItem.BackColor = Color.LightGray;
lvItem.ForeColor = Color.Yellow;
}
if (GlobalConfig.EnableLogTransaction)
{
FilterMessage.LogTrasaction(listData);
}
AddItemToList(lvItem);
}
catch (Exception ex)
{
EventManager.WriteMessage(445, "GetFilterMessage", EventLevel.Error, "Add callback message failed." + ex.Message);
lvItem = null;
}
return(lvItem);
}