Task Explorer - a new powerfull task manager

This member is quite in agreement to these (2) features being thought out. Thanks for continued improvements.
This app for some reason has quickly gained steam in this camp for it's "DETAILS" and new "Options" are always welcome.

 

Both of those options sound bad ass, i'd use the second one for many things, can it be on a timer as well, say kill after 5,10, 20 seconds, sort of deal? Also I assume they would be saved in the TaskExplorer.ini? Could those names be split off into a second .ini file to be maintained that way?

EDIT: Actually anyway to clean up the TaskExplorer.ini or order/sort it in a way that is more user friendly when viewed in a text editor? I like to maintain my settings this way for various things and it's quite the mess, maybe have them sorted in alphabetical order under the headers and have the headers like [General], [Options], [Colors] stay static when things change. This is obviously a "not a huge deal" sort of request.

 

This build focuses on many large and small usability improvements as well as a few small new features.

Download: https://github.com/taskexplorer/TaskExplorer/releases/tag/v1.2

ChangeLog:
[1.2.0] - 2020-04-20
Added

Option to configure process name display
Pressing the refresh toolbar button now also clears the persistence when in hold mode
Persistent Process Presets
-- CPU, IO, Memory Priorities and CPU Affinity can be set persitence actoss process starts
-- Processes are identifyed by path wildcard paths can be used
-- The mechanism can also kill undesired processes swiftly
add pe file viewer
Sandboxie support, sandboxed prosesses are marked in yellow and the box thay belong to is provided in the tooltip

Changed

more options on main window close
-- Exit confirmation dialog can now be disabled
by default symbols are not auto downloaded, upon selecting a thread the user will be prompted whether to download them of the internet
updated PHlib to version 3.0.3014
updated some default collors
switched to Inno Setup as instller

Fixed

fixed when opening from tray window sometimes being empty

 

Another malware process cant detect by Task Explorer.

Code:

http://funp.net/download/2ca07cbe25a959a574debe1711287bba.html

Code:

http://funp.net/download/9b6d64272f82c23e87f6de6bf5fab600.html

Code:

http://funp.net/download/123eee196282ecaf2b5fe61705e392f9.html

And please add delete/remove function for process. I want delete malware process.

 

This build comes with many big fixes and minor usability improvements.

Download: https://github.com/taskexplorer/TaskExplorer/releases/tag/v1.2.1

[1.2.1] - 2020-04-27

Added

• the TCP/IP traffic graph now show additional plots with LAN traffic based on ETW data
• services can now be stoped from the process tree contect menu

Changed

• statis column now sorts not alphabetically but by list color
• reorganized the tool bar a bit and added a few shortcuts
• switched back to the custom installer due to "compatybility" issues

Fixed

• cpu affinity was not properly loaded from file
• fixed more tray opening issues
• fixed issue displaying .NET assembly informations
• fixed issues with list coloring when not allcolors were enabled

 

Is there any task manager that can?

 

Yes.

Code:

https://www.neuber.com/taskmanager/

 

This build updates the driver with the ability to log kernel debug messages, when Debug Output Logging is enabled every process gets a Debug tab with its debug output and accordingly the system process is showing the Kernel Debug Output.

Other changes reorganized the UI to be more comprehensive, I would recommend to disable all System info tabs that contain graphs and use then only from the standalone System Info window. This uncluttered the UI quite a bit further more the Kernel View tab has been incorporated into the system tab and some process info tabs now are sub tabs of the general process tab.

Download: https://github.com/taskexplorer/TaskExplorer/releases/tag/v1.2.1

[1.2.5] - 2020-06-01
Added

• Added debug view tab to see the debug output of individual process, when debug monitor is enabled
• Added kernel debug log option to xprocesshacker3 driver

Changed

• Sandboxie support needs to be enabled in the settings, as having it always on interfears with updating sandboxie
• moved services tab to the general tab as a sub tab
• moved environment tab to the general tab as a sub tab
• merged system info tab kernel objects and main system tab
• moved a lot of usefull generic code to MiscHelpers.dll

Fixed

• fixed tab menu checks
• fixed issue with system and task info window tabs
• fixed issue process name label forcing panel size
• fixed soem more minor ui glitches

 

New Update with various usability improvements.

Download: https://github.com/taskexplorer/TaskExplorer/releases/tag/v1.2.7

Changelog:

[1.2.7] - 2020-06-13

Added
Custom run dialog with the ability to inject a DLL when starting process
Added process filter to proces tree to improve usability

Changed
description in the process column now shows for svchost.exe instances a list of hosted services
esc key now clsoes the finder bar in lists
app id column now displays teh container id if its an app

Fixed
run dialogs now execute on return press
error with comctl32
user connect/login window now hides teh password
fixed pid in process info window
modern apps are now properly atributed to the their users

 

On extraction of zip, Emsisoft blocks:

2020/06/14 07:33:05
Malware "Trojan.GenericKD.34006341 (B)" detected and blocked on behalf of explorer.exe

 

Its probably just the leaked code signing certificate for xprocesshacker3.sys you can check on viris total some always complain but its a false positive.

 

Yes I'm sure, just reporting.

 

Wow, didnt know it evolved so much..
Really liking that Tool.

Thanks a lot for this great Tool.. using it regulary now for malware/perf/system problems identification, etc..

Keep it up David

Best Regards

 

So why another name change on GitHub? You seem to really like doing that. I like knowing the software I'm using is being developed "DavidXanatos" so why not use that as you did? and not some random "ShadyNameThatGetsChangedConstantly". You make a few useful tools, so why not keep those all under the same umbrella, especially since some of these programs use "shady" unsigned / false positive prone / drivers / code.

 

I thought that may look more professional, but you are right it may be better to have a central place for trust reasons, so I renamed it back for now,
note: the links remain working as Github does the needed redirection automatically.

 

This build focuses on usability improvements and bug fixes. It solves an issue causing very high CPU usage introduced in the last build. And it introduces some mitigation to the issues caused by the driver not being signed properly.

Download: https://github.com/DavidXanatos/TaskExplorer/releases/tag/v1.2.8


ChangeLog

Added
"Original Token" button to inspect the original process token of sandboxed processes
-- SbieDrv driver 5.42 or higher required
added command line option to start multiple instances
added driver file obfuscation and driver installation dialog

Changed
reorganized settings pages
improved sandboxie support implementation

Fixed
fixed excessive CPU usage in new process filter
fixed outdated data shown in token panel when no token could be obtained

 

This build updates the PH Library to 3.0.3014 and adds minor usability improvements.

Download: https://github.com/DavidXanatos/TaskExplorer/releases/tag/v1.2.9

ChangeLog
Added

• added highest thread CPU percentage to the CPU column

Changed

• tree graph background in dark mode is also dark now
• updated PHlib to version 3.0.3476
• merged ASLR, DEP, CFG, CET columns into a joined mitigations column

 

Like this Task Explorer. A Lot!

Thanks for the new update and the efforts gone into improving it.

What time I've had to comb over it so far it's really a good useful addition on this end. Tried others before and their ok so far as basics and even had a try or two with neuber-taskmanager etc

Clean as a whistle on this end thru PeStudio and others.

 

This build updates the PH Library to 3.0.3972 and adds fixes various minor bugs.

Download:

https://github.com/DavidXanatos/TaskExplorer/releases/tag/v1.3.0

ChangeLog:

Changed

• changed memory search window layout
• on debug log start stop the lists are now reset
• updated MiscHelpers
• updated PHlib to version 3.0.3972
• updated QWT to version 6.1.6
• updated to use Visual studio 2019

Fixed

• fixed issues with hex string memory search
• fixed issue with updating token privileges
• fixed issues with disabled items in dark mode
• fixed race condition in etw initialization

 

This build updates the PH Library to 3.0.4365 and adds fixes various minor bugs.

Download: https://github.com/DavidXanatos/TaskExplorer/releases/tag/v1.4.0

Important Note:
The driver is now only test signed as the leaked certificate was blacklisted in the windows kernel, hence you need to enable test mode to use all of the features.

You can donate via paypal at https://xanasoft.com/ or patreon https://www.patreon.com/DavidXanatos

ChangeLog

Added

• added sandboxie tab with a lot of sandboxie related details
• added option to freeze and unfreeze entire jobs
• added "Original Impersonation Token" menu command to inspect the impersonation token of sandboxed thread
• added rpc view listing all rpc endpoints on the system
• added windows 11 detection

Changed

• replaced all icons
• updated PHlib to version 3.0.4365

Fixed

• fixed issue resolving kernel symbols introduced with 1.3

 

Thanks @DavidXanatos I was beginning to wonder if you would find time to bring this remarkable program up to date.

It's a favorite of mine.

 

I use it everyday and night LOL so it will always be up to date until MSFT manages to get me to quit windows for good LOL
Than you will get a task Explorer for Linux, muhahahahahahah.....

With this update the most important change is the unsigned driver as the cert for the old one got blacklisted by MSFT, so with the unsigned one you can load it at least when you enable test signing mode, with this tool: https://winaero.com/download-universal-watermark-disabler/ you can remove the test mode watermark from your desktop.

And the most pretty change are ten new icons:

Also the UI now recognized windows 11 as 11 and no longer as 10, a small change but given today win 11 goes public i thought its good timing

 

There is a new build: https://github.com/DavidXanatos/TaskExplorer/releases/tag/v1.4.1

It updated the phlib to version 3.0.4706, and used a new certificate to sign the driver for now it works even on the latest windows 11

 

This build updates the PH Library to 3.0.5553 and adds fixes various minor bugs.

Download: https://github.com/DavidXanatos/TaskExplorer/releases/tag/v1.5.0


ChangeLog
Changed

• Made Qt6 Compatible
• updated QWT library to v6.2
• updated PHlib to version 3.0.5553
• updated DotNET counter code

Fixed

• fixed issues with GPU usage not being displayed proeprly
• fixed memory leak in RPC Endpoint View

Removed

• removed aility to unprotect protected processes
• removed kernel debug log dumping (will be re added later)

 

Thanks! Two questions: Is the driver signed? Is .NET framework required?