Process Hacker and Windows discussion

 
rea

unable to create minidump

25 Aug 2019 03:31

hello, so a couple of days ago i was able to create a dump file on an elevated process, but when i try to create a dump file on the same process again, it gives me the errors "A driver attached to the system is not functioning" or "the handle is invalid". I dont know what the problem is since i checked the kprocesshacker3 driver seems to be working fine, im new to this so any help would be appreciated thanks.
 
User avatar
viksoftru
Member
Posts: 618
Joined: 15 Aug 2011 06:01
OS: Win7 (Live! DVD), BSD
Location: Russia

Re: unable to create minidump

26 Aug 2019 03:31

Do Your have dbgcore.dll in to Process Hacker dir? Your can use latest signed dbgcore.dll (retrieved on to Windows Platform SDK 10 v10.0.18362.0) and just unpack dbgcore_dll_x86_x64_v10.0.18362.1_signed.7z (7-Zip 19.00, /LZMA, MAXIMUM. /SOLID) in to Process Hacker dir and restart Process Hacker. This archive included both x86 and AMD64 edition dbgcore.dll and have directory tree:

./x64/dbgcore.dll - v10.0.18362.1, 64 bit edition, place in to some dir whats located ProcessHacker.exe x64 (needed for x64 edition only)
./x64/x86/dbgcore.dll - v10.0.18362.1, 32 bit edition, place in to some dir whats located ProcessHacker.exe x86 (needed for x86 edition only)
./x86/dbgcore.dll - v10.0.18362.1, 32 bit edition, place in to some dir whats located ProcessHacker.exe x86 (needed for x86 edition only)


This DLL tested in to Windows 7 SP1 - Windows 10 RS 6 x86 and AMD64 and test is success.
dbgcore_dll_x86_x64_v10.0.18362.1_signed.7z
(121.98 KiB) Downloaded 81 times
 
rea

Re: unable to create minidump

27 Aug 2019 04:36

Thanks for the help, but unfortunately it still didnt work. Im still getting the same error, i even tried using your custom build of PH and still didnt work
 
User avatar
viksoftru
Member
Posts: 618
Joined: 15 Aug 2011 06:01
OS: Win7 (Live! DVD), BSD
Location: Russia

Re: unable to create minidump

27 Aug 2019 10:19

Probably everything is set up "automatically" and the driver is not running. Is there a plus sign in the title of your copy of the pH after the username? Just in case, check the driver settings:

Note that by default, KProcessHacker only allows connections from processes with SeDebugPrivilege. To allow Process Hacker to show details for all processes when it is not running as administrator:

1. In Registry Editor, navigate to:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KProcessHacker3
2. Under this key, create a key named Parameters if it does not exist.
3. Create a DWORD value named SecurityLevel and set it to 2. If you are not using an official build, you may need to set it to 0 instead.
4. Restart the KProcessHacker3 service (sc stop KProcessHacker3, sc start KProcessHacker3).

Notes: OS command's, like sc needed run use CMD console ("DOS command prompt", "Command prompt"< also Yor can run it use Win+R -> cmd /k <some commands> -> Enter , then use command "exit' and press Enter for close console session).
 
User avatar
dmex
Admin
Posts: 1562
Joined: 17 Jan 2011 05:43
Location: Australia

Re: unable to create minidump

08 Dec 2019 12:07

Fixed in the nightly build :thumbup: