Sysinternals Homepage
Forum Home Forum Home > Windows Discussions > Internals
  New Posts New Posts RSS Feed: Hey guys, The JOB is waiting for you!
  FAQ FAQ  Forum Search   Calendar   Register Register  Login Login

Hey guys, The JOB is waiting for you!
 Post Reply Post Reply Page  12>
Author
Message
  Topic Search Topic Search  Topic Options Topic Options
PROROOTECT View Drop Down
Senior Member
Senior Member
Avatar

Joined: 06 April 2008
Online Status: Offline
Posts: 298 		  Quote PROROOTECT Quote  Post ReplyReply Direct Link To This Post Topic: Hey guys, The JOB is waiting for you!
    Posted: 07 May 2009 at 10:39am
Maybe ... Just the job!
 
Experienced C# developer(s) needed - for Process Hacker. HELP WANTED!
 
 
 
 
PROROOTECT
I remember:GMER|RootRepeal|kX-Ray|Kernel Detective|XueTr|..Sarah ah! He remembers me:AntiVir|IMMUNET PROTECT|I'm a stranger HERE..
Back to Top
wj32 View Drop Down
Senior Member
Senior Member
Avatar

Joined: 16 January 2009
Location: Australia
Online Status: Offline
Posts: 607 		  Quote wj32 Quote  Post ReplyReply Direct Link To This Post Posted: 07 May 2009 at 11:50am
Just so everyone knows, I didn't pay PROROOTECT to put this up on various forums Wink. (Actually, I'm serious - I didn't ask PROROOTECT to do it either.)
MCTS: Windows Internals
Process Hacker, a free and open source process viewer.
Back to Top
PROROOTECT View Drop Down
Senior Member
Senior Member
Avatar

Joined: 06 April 2008
Online Status: Offline
Posts: 298 		  Quote PROROOTECT Quote  Post ReplyReply Direct Link To This Post Posted: 07 May 2009 at 2:38pm
Yes, I confirm this - this is my own initiative, because I think to help the developer of a great software ... ask for forgiveness. 

Edited by PROROOTECT - 07 May 2009 at 3:06pm
I remember:GMER|RootRepeal|kX-Ray|Kernel Detective|XueTr|..Sarah ah! He remembers me:AntiVir|IMMUNET PROTECT|I'm a stranger HERE..
Back to Top
GamingMasteR View Drop Down
Senior Member
Senior Member
Avatar

Joined: 10 August 2008
Online Status: Offline
Posts: 171 		  Quote GamingMasteR Quote  Post ReplyReply Direct Link To This Post Posted: 07 May 2009 at 5:24pm
I wish to help but i know nothing about .NET development :)
Back to Top
molotov View Drop Down
Moderator Group
Moderator Group
Avatar

Joined: 04 October 2006
Online Status: Offline
Posts: 17287 		  Quote molotov Quote  Post ReplyReply Direct Link To This Post Posted: 07 May 2009 at 5:50pm
Do not apply if you will be too busy to work on Process Hacker.
Sounds fun, and while I certainly understand the reason for it the possibility of the above prevents me from getting involved. Dead
Daily affirmation:
net helpmsg 4006
Back to Top
wj32 View Drop Down
Senior Member
Senior Member
Avatar

Joined: 16 January 2009
Location: Australia
Online Status: Offline
Posts: 607 		  Quote wj32 Quote  Post ReplyReply Direct Link To This Post Posted: 08 May 2009 at 8:02am
Originally posted by GamingMasteR

I wish to help but i know nothing about .NET development :)


If I knew C GUI programming then I would have coded PH entirely in C (not C++, I HATE C++). The only part of PH that is really .NET-based is the GUI. Have you looked inside the source code for KProcessHacker (kernel-mode driver)? It may contain things you could put in Kernel Detective Smile. BTW: How does Kernel Detective terminate processes? KPH scans for PsTerminateProcess.
MCTS: Windows Internals
Process Hacker, a free and open source process viewer.
Back to Top
GamingMasteR View Drop Down
Senior Member
Senior Member
Avatar

Joined: 10 August 2008
Online Status: Offline
Posts: 171 		  Quote GamingMasteR Quote  Post ReplyReply Direct Link To This Post Posted: 08 May 2009 at 9:36am

Smart Kill is the best termination method i've seen till now .

Enumerate the process's threads .

Kill every thread by inserting APC that will call PspExitThread to the current thread .

Don't insert the APC using normal KeInsertQueueApc routine because it could be hooked, use your own apc insertion method or use the unexported api KiInsertQueueApc .

There're more spices LOL



Edited by GamingMasteR - 08 May 2009 at 9:45am
Back to Top
dsolomon View Drop Down
Newbie
Newbie


Joined: 01 July 2007
Location: United States
Online Status: Offline
Posts: 15 		  Quote dsolomon Quote  Post ReplyReply Direct Link To This Post Posted: 06 June 2009 at 1:49am
What's the point of this project? What are the key features that differ this from Process Explorer?
 
If there are some key things missing in Process Explorer, Mark wants to know about it - submit them in the forum in the usual place.
--David Solomon
Coauthor, Windows Internals (Microsoft Press)
http://www.solsem.com
Back to Top
wj32 View Drop Down
Senior Member
Senior Member
Avatar

Joined: 16 January 2009
Location: Australia
Online Status: Offline
Posts: 607 		  Quote wj32 Quote  Post ReplyReply Direct Link To This Post Posted: 06 June 2009 at 3:51am
Originally posted by dsolomon

What's the point of this project? What are the key features that differ this from Process Explorer?
 
If there are some key things missing in Process Explorer, Mark wants to know about it - submit them in the forum in the usual place.


( Rant: )

Do you really think the only process viewer there should be is Process Explorer? Is there really no point in creating a process viewer since Process Explorer already exists?

For starters, Process Hacker is open source while Process Explorer is not. PH has advanced process termination while PE doesn't. PH highlights GUI threads. PH lets you enable/disable/remove privileges. PH lets you read/write memory. PH lets you unload modules. PH lets you change handle attributes. PH shows you all services and lets you modify them.

I don't think Mark is even looking at the Feature Requests topic. I'm not saying that Mark is obliged to update PE with new features, but your attitude is very frustrating (it's not just you though). You're saying I'm not allowed to create a new process viewer with the features I want in it - I need to use PE and post everything on a wishlist, even if the features I request will never be added.

Angry
MCTS: Windows Internals
Process Hacker, a free and open source process viewer.
Back to Top
GamingMasteR View Drop Down
Senior Member
Senior Member
Avatar

Joined: 10 August 2008
Online Status: Offline
Posts: 171 		  Quote GamingMasteR Quote  Post ReplyReply Direct Link To This Post Posted: 06 June 2009 at 4:15am
I agree with wj32, PH acts well on infected boxed than PE does !!
Back to Top
 Post Reply Post Reply Page  12>

Forum Jump Forum Permissions View Drop Down

Privacy Statement