Process Hacker Discussion Forum

Search found 147 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 8
by wfunction
17 Jul 2012 05:15
Forum: Completed
Topic: ObOpenObjectByName()?
Replies: 7
Views: 3791

Re: ObOpenObjectByName()?

Do you think it would be possible for you to include ObOpenObjectByPointer in the next version, if/when you send a new version of the driver for signing? The reason is, I've been hacking around and I've used ETW to find a pointer to \$MFT on a volume, but I can't open it in user-mode with anything m...
by wfunction
17 Jul 2012 02:54
Forum: Closed reports
Topic: [Plugin] [Bug] [ExtendedTools] Wrong handling of x64 pointer
Replies: 3
Views: 1885

[Plugin] [Bug] [ExtendedTools] Wrong handling of x64 pointer

Ignoring the fact that the 32-bit version of PH isn't meant to be run on an x64 system, it seems like the 32-bit version of ExtendedTools assumes that the structure for FileIo_Name for ETW is like struct FileIo_Name { PVOID FileObject; WCHAR Name[1]; }; which is incorrect, because it's really: struc...
by wfunction
16 Jul 2012 14:38
Forum: General Discussion
Topic: How to call FSCTL_FILE_PREFETCH?
Replies: 6
Views: 3036

Re: How to call FSCTL_FILE_PREFETCH?

I've seen that post, but it's not helpful... it's not the app that calls FSCTL_FILE_PREFETCH normally, but the system. So you'd need a kernel debugger (which I have no idea how to use).
by wfunction
16 Jul 2012 08:08
Forum: General Discussion
Topic: How to call FSCTL_FILE_PREFETCH?
Replies: 6
Views: 3036

How to call FSCTL_FILE_PREFETCH?

Do you guys happen to know what the I/O parameters to FSCTL_FILE_PREFETCH are? I can see this in WinIoCtl: typedef struct _FILE_PREFETCH { DWORD Type; DWORD Count; DWORDLONG Prefetch[1]; } FILE_PREFETCH, *PFILE_PREFETCH; typedef struct _FILE_PREFETCH_EX { DWORD Type; DWORD Count; PVOID Context; DWOR...
by wfunction
16 Jul 2012 04:18
Forum: Closed reports
Topic: Graphs should NOT depend on invalidated region
Replies: 6
Views: 1986

Re: Graphs should NOT depend on invalidated region

No, it's as real as the machine gets lol.

It's on Win7 without DWM, though.
by wfunction
16 Jul 2012 02:56
Forum: Closed reports
Topic: Graphs should NOT depend on invalidated region
Replies: 6
Views: 1986

Re: Graphs should NOT depend on invalidated region

Wat. :( Weird... thanks anyway.
by wfunction
15 Jul 2012 18:00
Forum: Closed reports
Topic: Graphs should NOT depend on invalidated region
Replies: 6
Views: 1986

Graphs should NOT depend on invalidated region

It seems like when I cover up the top part of the graphs in System Information with some window, they just assume the remaining part is the entire painting area, and shrink accordingly!
by wfunction
15 Jul 2012 17:57
Forum: Completed
Topic: Self-unpacking x64 in the x86 version?
Replies: 1
Views: 1564

Self-unpacking x64 in the x86 version?

I think it'd be nice if you could automatically embed the x64 version in the x86 version, and have it unpack automatically (if possible) when run. If it fails, then just run the x86 version. The way I've done it with my own programs is to use jobs, like: if (IsWOW64()) { HRSRC hRsrs = FindResource(N...
by wfunction
15 Jul 2012 03:38
Forum: General Discussion
Topic: Random freezes with multithreading
Replies: 7
Views: 3082

Re: Random freezes with multithreading

* Can you also get a few stack traces of the GUI and I/O threads while they're frozen, and with kernel-mode stacks? * What's the CPU usage like while it locks up? I haven't gotten a trace yet, but regarding the CPUs: It looks like it's mostly CPU #1 in all cases (it goes to 60% or higher). I tried ...
by wfunction
10 Jul 2012 14:00
Forum: General Discussion
Topic: Random freezes with multithreading
Replies: 7
Views: 3082

Re: Random freezes with multithreading

@dmex: That's what I suspected at first, but the sample program at the end of the question (which I wrote after first posting the question) doesn't load any icons from files whatsoever (just the default "information" icon, see the code), and it still exhibits the same problem! @wj32: Ditto...
by wfunction
10 Jul 2012 07:44
Forum: General Discussion
Topic: Random freezes with multithreading
Replies: 7
Views: 3082

Random freezes with multithreading

Since you guys (especially cough wj32) know so much about Windows, I thought I'd drop by and ask...
Do you happen to know might be causing this? http://stackoverflow.com/q/11336123/541686
by wfunction
03 Jun 2012 18:11
Forum: Closed reports
Topic: Bug PhOpenProcess
Replies: 4
Views: 1783

Re: Bug PhOpenProcess

Ah wow.. okay
by wfunction
23 Apr 2012 16:16
Forum: General Discussion
Topic: "1,356 kB"... per what?
Replies: 2
Views: 1550

Re: "1,356 kB"... per what?

Hmmmm okay.

It'd be nice if there was a way to make it /s I think, since by the time I stop and realize it's per interval (i.e. 0.5 s), it's already gone. :P
by wfunction
23 Apr 2012 16:14
Forum: Closed reports
Topic: Typing '?A' selects all processes
Replies: 3
Views: 1432

Re: Typing '?A' selects all processes

lol xD thanks
by wfunction
23 Apr 2012 00:36
Forum: General Discussion
Topic: "1,356 kB"... per what?
Replies: 2
Views: 1550

"1,356 kB"... per what?

The tray icons for CPU, GPU, disk, network, etc. usage say something like "R: 0, W: 28 kB"... but I can't tell what that means. Is that per second? Per interval? Average? I think it'd be nice if there were units somewhere. (If it auto-updated as you hover, that'd be even better. :D But I'm...
by wfunction
23 Apr 2012 00:33
Forum: Closed reports
Topic: Typing '?A' selects all processes
Replies: 3
Views: 1432

Typing '?A' selects all processes

I can't tell if this is a bug, a feature, or a bug I introduced in my own version of the code, but when you being typing inside a TreeListView, e.g. "Fa", suddenly everything gets highlighted when the "a" is typed.

Is this a bug?
by wfunction
22 Apr 2012 05:31
Forum: Closed reports
Topic: NvAPI_GetPerfDecreaseInfo null
Replies: 2
Views: 1266

Re: NvAPI_GetPerfDecreaseInfo null

Cool, that works too. :)
by wfunction
22 Apr 2012 04:19
Forum: Completed
Topic: Process Hacker as Service
Replies: 6
Views: 7767

Re: Process Hacker as Service

that works too lol.
by wfunction
22 Apr 2012 03:18
Forum: Closed reports
Topic: NvAPI_GetPerfDecreaseInfo null
Replies: 2
Views: 1266

NvAPI_GetPerfDecreaseInfo null

The code in output.c for the GfxPlugin doesn't check for NvAPI_GetPerfDecreaseInfo not existing (i.e. being NULL). (Or NvAPI_GetMemoryInfo or other functions for that matter.) This causes a crash on my system (NVIDIA GT 330M with driver 188.67), since NvAPI_GetPerfDecreaseInfo is NULL (but the other...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 8