Process Hacker: NEW & BEST!

[PROROOTECT]

Many thanks, wj32!

I have a new REAL-TIME (and color) defense.

I take is that the colors of all processes in Process Hacker - are until its left edge of window. I need to put the PH window of left side of my monitor, and reduce somewhat the IE browser window.
I need to see a small part of PH window, to see at every moment the situation when I surf on the Internet.

Not forget: Options/Advanced/Verify signatures ...

Many possibilities in PH ... many!

... and one PROROOTECT

[PROROOTECT]

Process Hacker NEW version v1.3.7.5. Updated May 02, 2009.
2.43 Mb (C:\Program Files\Process Hacker).

CHANGELOG.txt:

NEW/IMPROVED:
* Decreased CPU usage
* Significantly less memory usage, especially when opening process properties
* Hides Process Hacker network connections by default
* Can close TCP connections
* 'Terminate Process Tree'
* Base Priority, Start Time, and CPU Time columns
... and many more NEW/IMPROVED and FIXED!


Look on Project Page: HELP WANTED!

Project Help Wanted:
Experienced C# developer(s) needed - for Process Hacker!
'We need *experienced* C# developers to manage Process Hacker.
You will be required to maintain Process Hacker for the next few monts, adding features and fixing bugs.
You must have experience with Windows internals, and possibly C programming and kernel-mode programming.
Do not apply if you are a beginner or wish to learn about programming.
Do not apply if you will be too busy to work on Process Hacker.
...
Designated contact: wj32.'


PROROOTECT

[PROROOTECT]

Hello wj32,

*** Yesterday, Process Hacker v1.3.7.5, after 5 hours:

* Error: An unhandled exception has occured in Process Hacker: ... I look on DIAGNOSTIC INFORMATION:

... KProcessHacker: PsTerminateProcess, PspTerminateThreadByPointer

PROCESS HACKER THREAD POOL:
Worked thread limit: 3
Busy worker threads: 1
Total busy worker threads: 1
Queued work items: 1
...
PRIMARY SHARED THREAD PROVIDER:
Count: 3
ProcessHacker.ProcessSystemProvider (Enabled: True, Busy: False, CreateThread: False
ProcessHacker.ServiceProvider

... and Process Hacker is disappear.
After this - I start again my Process Hacker - and it appear now, except all yellow entries (explorer.exe and my defenses and ProcessHacker.exe)

... And I start it again - all entries are OK.

*** Today:

* After some time, I see that the positions in yellow! Only these in yellow!
After closing and opening of the session, Tiny Watcher told me:
Registry entry HKLM\System\CurrentControlSet\Services\KProcessHacker\ImagePath (created)
I click on 'Confirm'.
I see Process Hacker window at the left corner (and at top) of the screen; or on the plain page.

I enlarged the small window, of course.

NOW - all OK ...

[PROROOTECT]

NEW version of Process Hacker v1.3.8.0.33 built on 22.05.2009.

* Many NEW/IMPROVED (like 'Experimental process protection feature') and FIXED features!

* Options/Advanced: I notched: 'Enable experimental features'; Apply, OK.

... Yes, in Advanced: all cases are notched.

* CPU load is reduced: now 0.76% (before: 0.78%).


P

[apathy]

I absolutely love Process Hacker, I've been a loyal user of Process Explorer which died on the vine. PH works well and lighter for me than PE. Matter of fact I've had to reconfigure PE every time I install it to show the colums that PH shows by default and in the order I like. Great Job!

[PROROOTECT]

* apathy: WE UNDERSTAND YOUR FEELINGS!

* wj32: Would it be possible to put all results in KB, instead of MB, please?

... and: Would it be possible to have the figure of Free Memory, in KB, in the bottom of the GUI, please?


Thank you for your reply,


P

[wj32]

Quote:

Originally Posted by apathy

I absolutely love Process Hacker, I've been a loyal user of Process Explorer which died on the vine. PH works well and lighter for me than PE. Matter of fact I've had to reconfigure PE every time I install it to show the colums that PH shows by default and in the order I like. Great Job!

Great to see that you like it, but it's absolutely not true that PH is lighter than PE (I like to be honest ). You can see that it takes around 2 times more memory than PE. But, if you think it's lighter, then that's your subjective experience...

[wj32]

Quote:

Originally Posted by PROROOTECT

* apathy: WE UNDERSTAND YOUR FEELINGS!

* wj32: Would it be possible to put all results in KB, instead of MB, please?

... and: Would it be possible to have the figure of Free Memory, in KB, in the bottom of the GUI, please?


Thank you for your reply,


P

This is a bit of an issue because if you go to Options > Max. Size Unit and change it to kB all sizes will appear in kB, even total memory and things like that. Not good... I'll try to have a better system for the next version.

Free Memory: I'll try to add a system where you can choose what stats will be displayed in the statusbar.

[PROROOTECT]

wj32, I appreciate very much your honest and detailled answers.

* What fun to have the data in KB!
It would be nice to default - only in Kb (save only letter K, and only in columns head-line as eg 'Working Set(K)' to lower this Working Set ...).

* I believe in you, you will reduce the Working Set value in the coming versions.

* Your default colors are perfect - I put this same colors in PE, then PE is now significantly better than before.

* In the status bar I like to have the Free Memory (in K) and Non-Paged Usage (in K). And of course Processes, Threads and Handles.

* Process Hacker - File size 1514 K.
Process Explorer - File size 3466 K.



P

[Meriadoc]

Process Hacker is very strong and certainly rivals Process Explorer, have not had a process that I cannot suspend or terminate with PH (unlike PE) - nice work in PH wj32.

[wj32]

Quote:

Originally Posted by Meriadoc

Process Hacker is very strong and certainly rivals Process Explorer, have not had a process that I cannot suspend or terminate with PH (unlike PE) - nice work in PH wj32.

Thanks, I appreciate the feedback!

[HAN]

Just tried 1.4 on a healthy XP Pro SP3 box. Got a huge BSOD. Always ran fine before...

**EDIT**
Just reloaded 1.39 and it's fine.

Here is my BSOD

[PROROOTECT]

Hi,

Maybe your CPU has many Farenheit degrees. Hot thread here.

Maybe clean your Temporary Internet Files and other junk files ... and services & processes.

It's nothing,OK.?

P.

[wj32]

Quote:

Originally Posted by HAN

Just tried 1.4 on a healthy XP Pro SP3 box. Got a huge BSOD. Always ran fine before...

**EDIT**
Just reloaded 1.39 and it's fine.

Here is my BSOD

Could you please send me the crash dump?

EDIT: Never mind, just discovered the bug and fixed it...

Can you please try out the latest version at Ohloh? http://www.ohloh.net/p/processhacker...Process+Hacker

[PROROOTECT]

I confirm that start of 'Process Hacker' is a little harder each time (all versions ...). First is the frame of GUI, then the interior; each times (also after restart of Windows).
All Options I have with original values (General tab: ticked 'Float child windows' - but in Advanced tab I ticked all).

ProcessHacker.exe:

Pvt Memory 39.84 MB
CPU 0.76
Working Set 42.8 MB
Virtual Size 176.21 MB
Handles 424
Threads 17
I/O R+O 136 B/s - displayed continuously
I/O Total 136 B/s - displayed continuously
GDI H. 162 - 172
User H. 72

Yes, I/O Delta Other Bytes are displayed continuously ...

... and after time, Network tab does nothing. But after restart of Process Hacker, I have Network OK.


P.

[HAN]

Quote:

Can you please try out the latest version at Ohloh?

As I type this, I'm running version 1.5 Release 1732 and it's doing great! Thanks for getting it going again so quickly!

[PROROOTECT]

Hey, NO problem with Network tab - after deleted the clt Test!


Process Hacker (Rock!) v1.5.0.0 modified Today 22/08/2009 ; now you have a good link on my Signature (for Ohloh page).

I downloaded PORTABLE version - bin.zip.

New/Improved:

Improved kernel modules list
Detects custom kernels
KTM resource manager information

Fixed:

WindowsXP BSODs
Linked token display on x64

""""""""""""""""""""""""

The GNU General Public Licence is a free, copyleft licence for software and other kinds of works.
When we speak of free software, we are referring to freedom, not price. ... (read in GNU General Public Licence).
...

Process Hacker has certain functionnality only available on 32-bit systems:
Bypassing rootkits and security software when accessing processes, threads, and other objects,
Viewing hidden processes ... (read in Readme.txt).


P.

[PROROOTECT]

Helo wj32,

I'd like this: viewing (& hightlighting) hidden processes in Processes tab, please.


P.

[PROROOTECT]

... aaaaa ... NEW Process Hacker!

created 4/09/2009, 19:44 - already 8 minutes ago ...

NEW/IMPROVED:

Add Port and IP Address columns to Network tab!
Displays IPv6 network connections!
Two new TERMINATOR TESTS!
... and many improved and fixed.

On my Process Hacker: I/O R+O: 192 B/s .


PROROOTECT always living

[PROROOTECT]

Hello wj32,

Process Hacker v1.6-r1842:

Network: nothing intercepted (empty space). Tabs: Process, Local Address, Local Port, Remote Address, Remote Port, Protocol, State.

I/O R+O (Other Bytes): 204 B/s continuous, without interruptions.

Shared WS: 0 B.

(Process Explorer- Shared WS: 5524 KB, I/O R+O: nothing).


P.

[PROROOTECT]

OK., latest version STABLE: look on Sourceforge link: http://processhacker.sourceforge.net/

On ohloh link: you have ALSO unstable releases.

I modified my link on my Signature for Sourceforge stable versions.

P.

[PROROOTECT]

Process Hacker get new Set!

Smaller, simpler, faster!

Now, without toolbar, ProcessHacker.exe:

Pvt Memory: 40.25 MB
Working Set: 40.17 MB
Shared WS: 0 Mb
Handles: 272
Threads: 12
I/O R+O: 192 B/s
GDI H.: 194 - 204
USER H.: 79 .

(Process Explorer procexp.exe:

Shared WS: 5.16 MB
Handles:381
Threads: 10 ).

You are on the way to victory!


P.

[wj32]

Just so you know, PROROOTECT, I am reading all of your feedback. I just haven't posted anything yet . What I want to say is this: the resource usage of programs is not important. Use programs, don't just monitor their resource consumption.

[PROROOTECT]

I found ProcessHacker.ni.exe , with these tools:

* GMER/Files tab: C\Windows\assembly\NativeImages_v2.0.50727_32\processhacker\0c62fada ... : processhacker.ni.exe

* ESET SysInspector/File Details: C\Windows\assembly\nativeimages ... : processhacker.ni.exe
Status: Unknown (6; on Red)
Company: wj32
Internal Name: ProcessHacker.exe, linked to processhacker.ni.exe

* Kernel Detective: Libraries tab: C\Windows\assembly\ ... : processhacker.ni.exe

* SpyDllRemover: (on yellow: Need Analysis):
Name: ProcessHacker.ni.exe
Company: wj32
File size: 7304 KB
File Date: 05-09-2009
File Path: C\Windows\assembly\ ... : processhacker.ni.exe

""""""""""""""""""

Yes I see, Assembly folder - is the folder of .NET Assemblies.
But wj32 is warmly invited to give more explanations - in a language for us laymen ...


PROROOTECT

[wj32]

ProcessHacker.ni.exe is the native image of ProcessHacker.exe. .NET assemblies are not yet compiled to native code, but to give a speed boost assemblies can be pre-compiled.