Process Hacker and Windows discussion

Search found 1562 matches

  • 1
  • 3
  • 4
  • 5
  • 6
  • 7
  • 79
by dmex
04 May 2019 09:42
Forum: Closed reports
Topic: Garbage strings
Replies: 5
Views: 1510

Re: Garbage strings

Hi, Process Hacker shows some garbage in modules tab, file name column for system process. It started happening at nightly week or two ago.
Hey,

Do you have the same problem with the latest nightly (v3.0.2404)?
by dmex
04 May 2019 07:39
Forum: Closed reports
Topic: Crash access violation
Replies: 3
Views: 1438

Re: Crash access violation

Version 3.0.2398 (9c7d5ea5)
Thanks! I've fixed the issue in the latest nightly build. You can download it using Help > Check for updates :thumbup:
https://github.com/processhacker/proces ... 3a0cbee719
by dmex
04 May 2019 05:43
Forum: Tips and Tutorials
Topic: Command line reference
Replies: 17
Views: 39740

Re: Command line reference

It could also have a deny ACL for a group that includes your userid, like 'Everyone', 'CONSOLE LOGIN' or 'INTERACTIVE'. I saw such an ACL on a game-anti-user process that was intended to keep every type of user from interacting with that process in any way. Pretty ugly. It's been a while since I us...
by dmex
28 Apr 2019 09:00
Forum: General Discussion
Topic: New User, questions - Waiting Connections
Replies: 1
Views: 2445

Re: New User, questions - Waiting Connections

Process name "Waiting Connections" - go to process [nothing happens] why do these appear? State - "close wait" what's happening there? The TCP connection is in the TIME-WAIT state (per the TCP/IP standards) waiting for the remote server to receive acknowledgment of the connection termination reques...
by dmex
20 Apr 2019 13:46
Forum: General Discussion
Topic: UWP Apps: Who is the user?
Replies: 8
Views: 3482

Re: UWP Apps: Who is the user?

You have a "TODO" comment within that section of code regarding LPAC on the Container tab. Does that specific part still have some work to do? The todo comment is a reminder to checkout why the TokenIsLessPrivilegedAppContainer token class added in Win10-1809 returns an object type mismatch status ...
by dmex
19 Apr 2019 12:36
Forum: General Discussion
Topic: UWP Apps: Who is the user?
Replies: 8
Views: 3482

Re: UWP Apps: Who is the user?

I've updated the nightly build with a new container tab showing the profile locations :thumbup:

Image
by dmex
18 Apr 2019 21:37
Forum: General Discussion
Topic: UWP Apps: Who is the user?
Replies: 8
Views: 3482

Re: UWP Apps: Who is the user?

Can "token" and "profile" be used interchangeably? No. 'User' and 'profile' can be used interchangeably because every user (including System) has a profile and every profile has/had a User but a Token is simply a object type. In my understanding, a security token is an id attached to a process whic...
by dmex
15 Apr 2019 20:53
Forum: General Discussion
Topic: UWP Apps: Who is the user?
Replies: 8
Views: 3482

Re: UWP Apps: Who is the user?

On the one hand, in PH's main screen, the "User name" column shows <my username> as the user. Yes, the process is running as that user. The "Token" page in the process properties shows (seemingly) conflicting information - "User" is shown as "microsoft.microsoftedge_8wekyb3d8bbwe (APP_CONTAINER)" "...
by dmex
15 Apr 2019 20:33
Forum: Closed reports
Topic: Tray icon layout not saved
Replies: 11
Views: 5009

Re: Tray icon layout not saved

workaround the first issue the guids are saved in the settings file and regenerated
Someone is already having that exact issue with running multiple instances:
http://forum.ru-board.com/topic.cgi?for ... art=3320#6

Yay for shell guid caching :sick:
by dmex
13 Apr 2019 04:40
Forum: Closed reports
Topic: Small bug in the autoupdate code of the beta channel?
Replies: 4
Views: 1720

Re: Small bug in the autoupdate code of the beta channel?

I noticed the installer is downloaded in %TEMP%, but I have it redirected to a RAM disk that's created during the system start with ImDisk so instead of being the usual folder in AppData the env. variables point to T:\Temp. I've changed the paths from %TEMP% to a custom temporary directory which sh...
by dmex
09 Apr 2019 22:31
Forum: Closed reports
Topic: Tray icon layout not saved
Replies: 11
Views: 5009

Re: Tray icon layout not saved

Could I ask what was the cause of the problem? The shell requires unique Guids instead of a unique Id before persisting tray icon settings. The problem was related to how the shell caches the executable path with the guid and when there are two executables with different paths using the same guid; ...
by dmex
06 Apr 2019 16:59
Forum: Closed reports
Topic: Tray icon layout not saved
Replies: 11
Views: 5009

Re: Tray icon layout not saved

the tray icon layout is not being restored.
Fixed in latest nightly build :thumbup:
by dmex
06 Apr 2019 16:58
Forum: Completed
Topic: Numbers instead of graphs in Systray
Replies: 17
Views: 5802

Re: Numbers instead of graphs in Systray

PH's tray icons not always obey the position we drop them.
Fixed in latest nightly build :thumbup:
by dmex
05 Apr 2019 12:28
Forum: Feature Requests
Topic: New Column: AppContainer
Replies: 2
Views: 1521

Re: New Column: AppContainer

Essentially relating to the WIN://NOALLAPPPKG security attribute.
17763 (v1809) and above use the TokenIsLessPrivilegedAppContainer information class instead of the security attribute ;)
by dmex
04 Apr 2019 08:50
Forum: Bugs and Issues
Topic: Unable update binary files
Replies: 2
Views: 1307

Re: Unable update binary files

How can I update (remove) kprocesshacker.sys?
You might need to use the SC command from command prompt:

sc stop kprocesshacker3
sc delete kprocesshacker3
by dmex
31 Mar 2019 12:44
Forum: Feature Requests
Topic: Code-signing nightly
Replies: 5
Views: 1591

Re: Code-signing nightly

it become quite hard to have a working PH on your system. Could you please remedy You can always sign the binaries yourself but signing just makes it easier to detect and block the binary. provide us a 3.0 stable release? 3.0 is not stable enough for a release and it's also not possible to sign bui...
by dmex
31 Mar 2019 12:37
Forum: General Discussion
Topic: start debugger
Replies: 1
Views: 3816

Re: start debugger

In the Symbols-tab of the options window The symbol path is for locating symbols not the system debugger. I always receive the message "Unable to locate the debugger." You need a debugger installed. The debugger path and parameters are configured using the AeDebug registery key on Windows. If this ...
by dmex
24 Mar 2019 21:35
Forum: Antivirus reports
Topic: batch file kill MSASCuiL at startup
Replies: 1
Views: 1681

Re: batch file kill MSASCuiL at startup

I want to run this cmd command at startup through Process hacker

@echo off
C:\Windows\System32\cmd.exe /k TASKKILL /IM MSASCuiL.exe /F
/c
msascuil is a protected process and can not be killed via the command line.
by dmex
16 Mar 2019 20:28
Forum: Bugs and Issues
Topic: how to log activity
Replies: 4
Views: 1869

Re: how to log activity

Do you see any errors when opening command prompt and executing
wsl.exe dpkg-query -p init
?
by dmex
08 Mar 2019 23:52
Forum: Bugs and Issues
Topic: cant open process hacker
Replies: 4
Views: 1682

Re: cant open process hacker

How can i do all of that? i downloaded the build.zip file, now what?
Run \x64\ProcessHacker.exe or \x32\ProcessHacker.exe?
  • 1
  • 3
  • 4
  • 5
  • 6
  • 7
  • 79