├── .gitignore
├── CHANGELOG.txt
├── CODE_OF_CONDUCT.txt
├── COPYRIGHT.txt
├── Command_line_reference.chm
├── FAQ.chm
├── How_do_you completely_kill_Process_Hacker.chm
├── Know TCPIP ports list.txt
├── LICENSE.txt
├── Main_Window.png
├── Overview.chm
├── PHREADME.md
├── ProcessHacker.exe.settings.xml
├── Process_Explorer_vs_Process_Hacker.chm
├── Process_searchbox_filter.txt
├── README.md
├── README.txt
├── Search_commands_reference.chm
├── Settings_Advanced.png
├── Settings_Graph.png
├── Settings_Highlighting.png
├── Setup_KProcessHacker_for_virtual_enveronment.chm
├── Terminator.txt
├── Terminator_rus.txt
├── Warning.txt
├── features.chm
├── gitlog.txt
├── hotkeys.txt
├── instruction.txt
├── notes.txt
├── ph.zip
├── plugins_install.txt
├── processhacker-3.0-bin.zip
├── processhacker-3.0-checksums.txt
├── processhacker-3.0-setup.exe
├── required.txt
├── settings.png
├── version
└── version.txt


/.gitignore:
--------------------------------------------------------------------------------
1 | desktop.ini
2 | .gitignore
3 | .git
4 | *-sdk.tar.gz
5 | *-src.tar.gz


--------------------------------------------------------------------------------
/CHANGELOG.txt:
--------------------------------------------------------------------------------
  1 | Process Hacker
  2 | 
  3 | 3.0
  4 |  * HIGHLIGHTS:
  5 |    * New Process Hacker setup.
  6 |    * New process properties handle search.
  7 |    * Added F11 hotkey for fullscreen System Information window.
  8 |  * OTHER CHANGES:
  9 | * Updated Updater plugin:
 10 |      * New design and layout.
 11 | * Updated WindowExplorer plugin:
 12 |      * Added Windows process properties page.
 13 |  * NOTE:
 14 |    * Support for Windows XP and Vista has been dropped. For those platforms, use Process Hacker 2.38.
 15 |    * This release has significant internal code changes. Please make sure all plugins are up-to-date.
 16 | 
 17 | 2.39
 18 |  * HIGHLIGHTS:
 19 |    * Improved compatibility with security and anti-cheat software
 20 |    * Added ability to edit process environment variables
 21 |    * Fixed .NET process detection
 22 |  * OTHER CHANGES:
 23 |    * Improved tooltip information for dllhost.exe
 24 |    * Removed Terminator
 25 |    * Updated DotNetTools plugin:
 26 |      * Fixed .NET assembly tab performance issues
 27 |      * Added extra .NET memory counters to the .NET performance tab
 28 |      * Added "Show sizes in bytes" checkbox to the .NET performance tab
 29 |      * Added right-click menu to the .NET assembly tab
 30 |    * Updated ExtendedTools plugin:
 31 |      * Fixed "No process" disk event bug
 32 |    * Updated HardwareDevices plugin:
 33 |      * Fixed incorrect drive letters
 34 |      * Fixed drive letter and panel clipping issue
 35 | 
 36 | 2.38
 37 |  * HIGHLIGHTS:
 38 |    * Added labels to indicate the maximum data point in each I/O graph
 39 |    * Graph grids now scale correctly when resized
 40 |    * Improved high DPI scaling
 41 |    * Added exploit mitigation policy information to process properties (Windows 8 and above)
 42 |    * Added File modified time and File size columns for processes and modules
 43 |    * Added Key modified time column for services
 44 |    * Clicking a tray icon now shows the pop-up UI (useful for touch-enabled devices)
 45 |    * The NetAdapters plugin has been renamed to HardwareDevices
 46 |      * This plugin shows network adapter and disk drive graphs
 47 |      * If you are manually upgrading, please delete NetAdapters.dll from the plugins folder
 48 |    * Updated UserNotes plugin:
 49 |      * Added "Collapse by default" option for processes
 50 |  * OTHER CHANGES:
 51 |    * Added "Start when I log on" option
 52 |    * Added "Not responding" text to tray icon rich pop-up for programs that are hung
 53 |    * Added right-click menu and double-click action for environment variables
 54 |    * Added dialog box to show long command line strings
 55 |    * Added Time stamp column for processes
 56 |    * Added -sysinfo command line parameter for opening System Information at startup
 57 |    * Added 32x32 icons for high DPI displays
 58 |    * Digital signature verification is now performed with very low I/O priority
 59 |    * Improved performance when handling a large number of threads, modules or handles
 60 |    * The pop-up UI no longer displays when double-clicking the tray icon
 61 |    * Fixed ASLR state being shown as N/A in process properties
 62 |    * Fixed multi monitor window placement bug
 63 |    * Fixed handle enumeration bug affecting processes with PID >= 65536
 64 |    * Fixed Interrupts being missing from the max CPU usage history
 65 |    * Updated ToolStatus plugin:
 66 |      * Added 32x32 icons for high DPI displays
 67 |      * Fixed status bar crash
 68 |  * NOTE:
 69 |    * This release has significant internal code changes. Please make sure all plugins are up-to-date.
 70 | 
 71 | 2.37
 72 |  * HIGHLIGHTS:
 73 |    * Updated for Windows 10
 74 |    * The "Include CPU (and other) usage of children in collapsed processes" option now aggregates memory and I/O statistics
 75 |    * Added regex search to "Find Handles or DLLs"
 76 |    * Added process exit codes to log
 77 |    * Fixed crash that occurred under some conditions when processes terminated
 78 |  * OTHER CHANGES:
 79 |    * Added warning when trying to search for handles when the system has too many handles open
 80 |    * Upgraded to PCRE2
 81 |    * Updated DotNetTools plugin:
 82 |      * Rewrite of .NET Performance statistics and AppDomain enumeration
 83 |    * Updated OnlineChecks plugin:
 84 |      * Fixed virusscan.jotti.org uploader
 85 |    * Updated NetAdapters plugin:
 86 |      * Added adapter details window
 87 |    * Updated ToolStatus plugin:
 88 |      * Added CPU, Memory and I/O graphs to the toolbar (not enabled by default)
 89 |      * Added toolbar and status bar customization, as well as a new theme
 90 |      * Added option to auto-hide the main menu
 91 |    * Updated UserNotes plugin:
 92 |      * Added individual process highlighting support
 93 | 
 94 | 2.36
 95 |  * HIGHLIGHTS:
 96 |    * New rich pop-up UI when hovering the cursor over a tray icon, showing the most active processes
 97 |    * Completely new Memory tab for processes, with heap, stack and working set usage
 98 |    * Process Hacker now takes 32-bit dumps of 32-bit processes on 64-bit Windows
 99 |      * NOTE: When using the portable (.zip) release, the entire archive must be extracted
100 |    * Updated DotNetTools plugin:
101 |      * Process Hacker now displays managed stack traces for 32-bit .NET processes on 64-bit Windows
102 |      * Fixed inaccurate stack traces when clicking Refresh
103 |      * Added AppDomain column for threads in .NET programs
104 |  * OTHER CHANGES:
105 |    * Added customizable bytes per row setting for memory editor
106 |    * Dramatically faster handle listing and search when running without administrative privileges
107 |    * Improved accuracy and speed of symbol resolution, especially when new modules are loaded
108 |    * Added trigger and delayed start information to service list
109 |    * Added file information to service list tooltips
110 |    * Balloon tips for process/service notifications are now clickable
111 |    * Added handle names for unnamed File objects
112 |    * Added I/O Priority to tray icon process menu
113 |    * Added warning for users who attempt to start the 32-bit version on 64-bit Windows
114 |    * Updated ExtendedServices plugin:
115 |      * Added service protection and SID information
116 |      * Added auto-elevation when saving recovery information, triggers and other service settings
117 |    * Updated ExtendedTools plugin:
118 |      * Added tray icon mini info window support
119 |      * Improved automatic GPU node selection
120 |    * Updated UserNotes plugin:
121 |      * Added tray icon mini info window support
122 |    * Fixed a bug in phsvc that caused hangs when automatically elevating actions
123 |    * Fixed hang when viewing handle security for certain File objects
124 |    * Fixed lack of information on startup when using slower refresh intervals
125 |    * Fixed Read/Write Address crash
126 |    * Fixed service non-polling mode on Windows 8 and above
127 |    * Fixed file dialog crash in Windows PE environments
128 |    * Fixed string scanning false positive case
129 |    * Fixed process window detection for Modern UI apps
130 |    * Fixed handle list selection bug when disabling "Hide unnamed handles"
131 |  * NOTE:
132 |    * This release has significant internal code changes. Please make sure all plugins are up-to-date.
133 | 
134 | 2.35
135 |  * NEW/IMPROVED:
136 |    * Added Load Time and Load Reason columns for modules (Windows 8 and above)
137 |    * Added handle names for Job and Section objects
138 |    * Added Read/Write Memory for Section objects (in process Handles tab)
139 |    * Added CF Guard (Control Flow Guard) column for processes and modules
140 |    * Added highlighting for AppContainer DLLs
141 |    * Added AppContainer and CF Guard image characteristics to peview
142 |    * Added Open Key and Open File Location menu items for services
143 |    * Set priority and I/O priority for multiple processes at once
144 |    * Support for up to 64 processors when setting process/thread affinity
145 |    * Updated ExtendedTools plugin:
146 |      * Added Disk and Network graphs for all processes
147 |    * Updated UserNotes plugin:
148 |      * Added ability to save I/O priority
149 |  * FIXED:
150 |    * Fixed memory editor copy bug
151 | 
152 | 2.34
153 |  * NEW/IMPROVED:
154 |    * Proper Unicode support
155 |    * CPU and GPU graphs are displayed in a grid now (thanks pavel_kv!)
156 |    * Start Task Manager now elevates when necessary
157 |    * Better names for memory regions in Memory tab (for PEBs, TEBs, thread stacks)
158 |    * Added tooltip information for user-mode driver framework (UMDF) host processes
159 |    * Added option to reduce row height (set ThinRows to 1 in settings.xml)
160 |    * Added NetAdapters plugin: adds graphs for selected network adapters to the System Information window
161 |    * Updated ExtendedTools plugin:
162 |      * Added GPU graphs for all processes
163 |      * Can now use the search box in the Disk tab
164 |      * Improved kernel logger handling
165 |  * FIXED:
166 |    * Fixed touch scrolling
167 |    * Fixed EtwRegistration object names for 64-bit Windows 8.1
168 |    * Fixed tray icons being clipped in high DPI environments
169 |    * Fixed crash in memory editor
170 |    * Fixed multi monitor window placement bug
171 | 
172 | 2.33
173 |  * NEW/IMPROVED:
174 |    * View digital signature information from process properties and peview
175 |    * Signatures for Windows 8 apps are now detected
176 |    * Improved file, key, process and thread handle properties
177 |    * Added DPI Awareness column
178 |    * Added new Windows 8.1 process protection information
179 |    * KProcessHacker is no longer needed for highlighting of GUI threads
180 |    * Added suspend count for threads on Windows 8.1
181 |    * Updated DotNetTools plugin:
182 |      * Improved .NET assembly enumeration timeout handling
183 |  * FIXED:
184 |    * Service start type and error control are never updated if modified outside of Process Hacker
185 | 
186 | 2.32
187 |  * NOTE:
188 |    * All executable files are now signed.
189 |  * NEW/IMPROVED:
190 |    * Updated for Windows 8.1
191 |    * Added progress display for thread stacks
192 |    * Updated ExtendedServices plugin:
193 |      * Added new trigger data types
194 |    * Updated NetworkTools plugin:
195 |      * Updated UI
196 |    * Updated OnlineChecks plugin:
197 |      * Added file analyzed prompt
198 |  * FIXED:
199 |    * Fixed handling of long symbol names
200 |    * Fixed Run As preventing Windows 8 apps from starting
201 |    * Fixed console host information for Windows 8.1
202 |    * Fixed reflected processes not terminating on Windows 8.1
203 |    * Fixed CPU frequency on Windows 8.1
204 | 
205 | 2.31
206 |  * NEW/IMPROVED:
207 |    * Updated ExtendedServices plugin:
208 |      * Fixed some bugs relating to Windows 8
209 |    * Updated OnlineChecks plugin:
210 |      * Added upload progress
211 |    * Updated UserNotes plugin:
212 |      * Fixed bug where process priorities were not actually saved
213 |  * FIXED:
214 |    * Fixed module list not updating properly
215 |    * DLL enumeration crash
216 | 
217 | 2.30
218 |  * NEW/IMPROVED:
219 |    * Added "Icon click toggles visibility" option
220 |    * Re-enabled powerful process termination on 32-bit Windows 8
221 |    * Updated UserNotes plugin:
222 |      * Added ability to save process priority
223 |      * Added "Only for processes with the same command line" option for process comments
224 |  * FIXED:
225 |    * Fixed crash on CPUs without SSE2
226 | 
227 | 2.29
228 |  * NEW/IMPROVED:
229 |    * Added App ID column for processes
230 |    * Added new ASLR information for Windows 8
231 |    * Added Restart to Boot Options and Hybrid Shutdown menu items for Windows 8
232 |    * Added ability to specify processes by their names and inject and unload DLLs in command line
233 |    * Removed 512 character limit when copying text
234 |    * Moved Terminator to Miscellaneous menu
235 |    * Updated default dbghelp.dll path for Windows SDK v8
236 |    * Updated ExtendedServices plugin:
237 |      * Added new triggers for Windows 8
238 |      * Fixed bug when restarting services
239 |    * Updated ExtendedTools plugin:
240 |      * Improved support for multiple GPUs (again)
241 |      * GPU column now respects "Include CPU usage of children" option
242 |    * Updated ToolStatus plugin:
243 |      * Fixed search box fonts
244 |      * Fixed controls not being properly hidden/removed from the window when disabled
245 |    * Updated WindowExplorer plugin:
246 |      * Fixed window list not displaying Modern UI windows
247 |  * FIXED:
248 |    * Fixed Load Count column sorting bug
249 |    * Fixed signature verification on Windows 8
250 |    * Fixed task scheduler information on Windows 8
251 |    * Fixed drag bug in tree list
252 |    * Fixed KProcessHacker bug affecting TmTx objects
253 |    * Fixed Run As feature on Windows 8
254 |    * Fixed bug where -settings parameter is not propagated
255 |    * Fixed tab key behavior on main window
256 |    * Fixed recognition of Modern UI windows
257 | 
258 | 2.28
259 |  * NEW/IMPROVED:
260 |    * peview now resolves .lnk targets
261 |    * Fixed Ctrl+A for processes, services and network connections and added Ctrl+A for other windows
262 |    * Changed confirmation prompts to select the destructive action by default
263 |    * Updated DotNetTools plugin:
264 |      * Fixed inaccurate stack traces for certain .NET programs
265 |    * Updated ExtendedTools plugin:
266 |      * Fixed network graph scaling
267 |    * Updated ToolStatus plugin:
268 |      * Added search box
269 |    * Updated Updater plugin
270 |  * FIXED:
271 |    * Fixed Verification Status column sorting bug in module list
272 |    * Fixed rare System Information crash
273 |    * Fixed bug in opening process handles
274 |    * Fixed freezing when viewing stack traces of certain system threads
275 | 
276 | 2.27
277 |  * NEW/IMPROVED:
278 |    * Updated OnlineChecks plugin:
279 |      * 2012-01-16: Updated VirusTotal uploader and added hash checking
280 |  * FIXED:
281 |    * Fixed Description column sorting bug
282 |    * Fixed notification icon bug
283 | 
284 | 2.26
285 |  * NEW/IMPROVED:
286 |    * Added option to show Commit Charge in system information summary view
287 |    * Added -priority and -selectpid command line options
288 |    * Updated ExtendedTools plugin:
289 |      * Improved support for multiple GPUs
290 |  * FIXED:
291 |    * Fixed 100% CPU when starting on some machines
292 | 
293 | 2.25
294 |  * NEW/IMPROVED:
295 |    * Improved CPU frequency calculation
296 |    * Updated ExtendedTools plugin:
297 |      * Added GPU node selection
298 |      * Fixed incorrect GPU usage calculation
299 |  * FIXED:
300 |    * Graph tooltip position with large cursors
301 |    * Fixed .NET process detection
302 |    * Fixed incorrect values in Bits column
303 | 
304 | 2.24
305 |  * NOTE:
306 |    * This release has significant internal code changes. Please make sure all plugins are up-to-date.
307 |  * NEW/IMPROVED:
308 |    * Completely new system information window
309 |    * Added option to scroll to new processes
310 |    * Added option to hide driver services
311 |    * Added menu item to copy individual cells
312 |    * Improved module scanning
313 |    * Added Start Task Manager menu item
314 |    * Added Image base to peview
315 |    * Updated ExtendedTools plugin:
316 |      * Added support for new system information window
317 |      * Added Disk, Network and GPU tray icons
318 |      * Added support for custom fonts in the Disk tab
319 |    * Updated Updater plugin:
320 |      * Added download speed
321 |      * Added remaining time
322 |  * FIXED:
323 |    * Fixed retrieval of version information for certain files
324 |    * Fixed driver file names on Windows XP
325 |    * Fixed Run As Administrator when used with complex commands
326 | 
327 | 2.23
328 |  * NEW/IMPROVED:
329 |    * Added display of token capabilities, user/device claims and security attributes
330 |    * Added ability to change token integrity levels
331 |    * Added Description column to service list
332 |    * Added option to reset all settings
333 |    * Made grid color darker
334 |    * Enabled multi-selection in the hidden processes window
335 |    * Added UserNotes plugin
336 |    * Updated ExtendedNotifications plugin:
337 |      * Added Growl support
338 |    * Updated ExtendedTools plugin:
339 |      * Added GPU monitoring
340 |      * Added rate columns for disk and network I/O
341 |  * FIXED:
342 |    * Fixed copying lists when plugin columns are enabled
343 |    * Freezing when viewing the tooltip for a process with a very long command line
344 |    * Disabled Hidden Processes feature on 64-bit systems
345 | 
346 | 2.22
347 |  * NEW/IMPROVED:
348 |    * Added highlighting for metro style apps
349 |    * Added Package Name column
350 |    * Added package name to process tooltip
351 |    * Improved .NET process detection
352 |    * Updated OS Context column for Windows 8
353 |    * Updated ExtendedTools plugin:
354 |      * Updated disk monitoring for Windows 8
355 |      * Updated memory list information for Windows 8
356 |    * Updated WindowExplorer plugin:
357 |      * Fixed hook support for low integrity processes
358 |  * FIXED:
359 |    * Fixed memory leaks
360 |    * Fixed bug preventing Interrupts/DPCs from being shown as the max. CPU process on 64-bit systems
361 |    * Fixed DEP Status column on 64-bit systems
362 | 
363 | 2.21
364 |  * NEW/IMPROVED:
365 |    * Added Private Bytes Delta, ASLR and Subsystem columns
366 |    * Added ASLR and Time Stamp columns to modules list
367 |    * Added check for debugger in Terminator
368 |  * FIXED:
369 |    * Fixed Show CPU Below 0.01 not respecting locale
370 |    * Fixed copying from network list
371 | 
372 | 2.20
373 |  * NEW/IMPROVED:
374 |    * Added support for managed thread stacks on x64
375 |    * Added column selection for handle list
376 |    * Added CPU column to threads list
377 |    * Improved module detection
378 |    * Added Ideal Processor to Threads tab
379 |    * Added pool usage and minimum/maximum working set columns
380 |    * Implemented Properties button for Thread handles
381 |    * Set descending sort as the default for most numeric columns
382 |    * Extended header context menu
383 |    * Removed tooltip text truncation
384 |    * Improved cycle-based CPU usage calculation
385 |    * Set default KProcessHacker security level to only allow connections when Process Hacker is running as administrator.
386 |      See README.txt for instructions on how to restore the old behavior.
387 |    * Added Updater plugin
388 |    * Updated DotNetTools plugin:
389 |      * Added managed symbol resolution for thread stacks
390 |    * Updated ExtendedTools plugin:
391 |      * Added Disk tab
392 |      * Added Hard Faults, Hard Faults Delta and Peak Threads columns to process tree list
393 |      * Added Firewall Status column
394 |  * FIXED:
395 |    * Fixed file name resolution bug
396 |    * Save settings on shutdown/logoff
397 |    * Fixed state highlighting bug
398 |    * Fixed command line propagation for -elevate
399 |    * Fixed tree list mouse wheel handling
400 |    * Fixed saving network list
401 | 
402 | 2.19
403 |  * NEW/IMPROVED:
404 |    * Added cycle-based CPU usage for Windows 7
405 |    * Added Show CPU Below 0.01
406 |    * Added OS Context column
407 |    * Rewrote graph drawing code for improved performance
408 |    * Optimized retrieval of cycle time and private working set information for Windows 7
409 |    * Added Open File Location to process context menu and reorganized some items
410 |    * Added checkboxes to Terminator
411 |  * FIXED:
412 |    * Crash when sorting by Time Stamp
413 |    * GDI handle leak in drag selection
414 | 
415 | 2.18
416 |  * NEW/IMPROVED:
417 |    * Completely rewritten tree list control:
418 |      * Process Name column is now fixed to the left
419 |      * Tooltips for column headers
420 |      * Improved performance
421 |      * Bug fixes
422 |    * Added more process tree list columns
423 |    * Added Time stamp column to network list
424 |    * Date/time display is now swapped (so time is shown before date)
425 |    * Added W3 terminator test
426 |    * Added DotNetTools plugin
427 |    * Updated ExtendedServices plugin:
428 |      * Disabled editing of required privileges for drivers
429 |    * Updated ExtendedTools plugin:
430 |      * Added ETW columns for processes and network connections
431 |    * Updated OnlineChecks plugin:
432 |      * Added Comodo Instant Malware Analysis
433 |    * Updated WindowExplorer plugin:
434 |      * Fixed hook bugs
435 |  * FIXED:
436 |    * Fixed Run As This User
437 |    * Verification Status sorting
438 | 
439 | 2.17
440 |  * NEW/IMPROVED:
441 |    * Added support for setting page priority
442 |    * Added elevation support for setting priority
443 |    * Added support for automatically using a settings file in the program directory (e.g. ProcessHacker.exe.settings.xml)
444 |    * Improved Run As mechanism
445 |    * Updated ExtendedServices plugin:
446 |      * Added support for editing triggers
447 |      * Added support for editing preshutdown time-out
448 |      * Added support for editing required privileges
449 |      * Added elevation support for restarting services
450 |    * Updated WindowExplorer plugin:
451 |      * Added more window properties
452 |  * FIXED:
453 |    * Handle leak
454 | 
455 | 2.16
456 |  * NEW/IMPROVED:
457 |    * Updated WindowExplorer plugin
458 |    * PE viewer: Added version string to CLR tab
459 |    * PE viewer: Added display of delay imports
460 |    * PE viewer: Added Load Config tab
461 |    * Improved wait analysis
462 |    * Added arrows to the service list to indicate whether a service is running
463 |  * FIXED:
464 |    * Fixed the IPv6-related workaround causing crashes
465 |    * Incorrect handling of window positions
466 | 
467 | 2.15
468 |  * NEW/IMPROVED:
469 |    * Updated ExtendedServices plugin
470 |    * Updated ToolStatus plugin
471 |    * Added DEP Status column
472 |    * Improved User Name column
473 |  * FIXED:
474 |    * Image file versions
475 |    * Workaround for an IPv6-related bug in Windows XP
476 |    * DPCs and Interrupts in System Information tooltips
477 |    * File dialog crash on Windows XP
478 |    * ExtendedTools plugin: WS Watch refresh bug
479 | 
480 | 2.14
481 |  * NEW/IMPROVED:
482 |    * ExtendedServices plugin: Option to add a Services menu for processes
483 |    * Command line support for setting process priority and I/O priority
484 |    * Improved termination of explorer.exe
485 |  * FIXED:
486 |    * Icon should restore the main window if it is minimized
487 |    * System Information window crashes
488 |    * Hide Processes From Other Users and Hide Signed Processes settings are now saved
489 |    * Font selection on Windows XP
490 |    * ToolStatus plugin: Always on Top status being reset by Find Window
491 |    * Service-related crashes
492 |    * WindowExplorer plugin: sorting in tree list
493 |    * Process minidump creation with old versions of dbghelp.dll
494 | 
495 | 2.13
496 |  * NEW/IMPROVED:
497 |    * Added copy support to PE viewer
498 |    * Added Connect Time, Disconnect Time and Last Input Time to session properties
499 |    * Added more working set counters to the Statistics tab
500 |  * FIXED:
501 |    * Column sort arrows
502 |    * CPU usage calculations
503 | 
504 | 2.12
505 |  * NEW/IMPROVED:
506 |    * Updated KProcessHacker for Windows 7 SP1
507 |    * Added elevation support for more actions
508 |    * Added ability to disable plugins
509 |    * Updated ToolStatus plugin
510 |    * Added Remote Control for sessions
511 |    * More command line options
512 |  * FIXED:
513 |    * Memory leaks
514 |    * Run As issues with different sessions
515 | 
516 | 2.11
517 |  * NEW/IMPROVED:
518 |    * Added WS Watch and other features to ExtendedTools plugin
519 |    * Added WindowExplorer plugin
520 |    * Properties for hidden processes
521 |    * Improved menus
522 |    * Debug console can now be closed without affecting the entire program
523 |  * FIXED:
524 |    * Always on Top issues
525 |    * Hang when setting DEP status of a terminating process
526 |    * Encoding bug in NetworkTools plugin
527 |    * LSA interfacing issues
528 |    * Creating dumps of self
529 | 
530 | 2.10
531 |  * NEW/IMPROVED:
532 |    * KProcessHacker is now signed, so it works on 64-bit systems. Thank you to the ReactOS Foundation.
533 |    * Added Run As Limited User
534 |    * Added CPU, private bytes and I/O history columns
535 |    * Added font selection
536 |    * Slightly improved highlighting configuration
537 |  * FIXED:
538 |    * High DPI support
539 |    * Multi-monitor support in graph tooltips
540 |    * DEP status retrieval
541 |    * ExtendedTools plugin crash
542 |    * Notification icon menu crash
543 |    * Memory leaks
544 |    * Other small bug fixes
545 | 
546 | 2.9
547 |  * NEW/IMPROVED:
548 |    * Added column selection for modules list
549 |    * Added wait analysis for 64-bit systems
550 |    * Added signature verification for modules
551 |    * Added ExtendedTools plugin (Vista and above only) with Disk and Network information
552 |    * Updated ExtendedNotifications plugin: added ability to log events to a file
553 |    * Updated ExtendedServices plugin: new tab on Vista and above
554 |    * Updated ToolStatus plugin: resolves ghost windows to hung windows
555 |    * Environment variables and current directory are now correctly shown for WOW64 processes
556 |    * I/O priority names are now used instead of numbers
557 |  * FIXED:
558 |    * Network list bug
559 |    * Memory leaks
560 | 
561 | 2.8
562 |  * NEW/IMPROVED:
563 |    * Better service list (including column selection)
564 |    * Added Peak Handles
565 |    * Process tree sorting is now preserved
566 |    * Save works for services and network connections
567 |    * Pausing now works correctly with the Network tab
568 |    * Added option to display inclusive CPU usages for collapsed processes
569 |    * Added CLR tab to peview
570 |    * Added ability to destroy heaps
571 |    * Improved process tree list appearance
572 |    * Certain command line parameters are now propagated
573 |  * FIXED:
574 |    * Icon handling bugs
575 |    * Memory leaks
576 |    * Extended tooltips for WOW64 processes
577 | 
578 | 2.7
579 |  * NEW/IMPROVED:
580 |    * Vastly improved startup time and lower memory usage
581 |    * Added Cycles and Cycles Delta columns
582 |    * Added option to disable address resolution for network connections
583 |    * Added Logon Time to session properties
584 |    * Added time stamp display to peview
585 |  * FIXED:
586 |    * ToolStatus layout problems
587 |    * .NET highlighting crashes
588 |    * Run As on Windows XP
589 | 
590 | 2.6
591 |  * NEW/IMPROVED:
592 |    * Sorting for most lists is now much faster
593 |    * Hide Signed Processes option
594 |    * Added plugin for uploading files to online virus scanners
595 |    * Added Network tools plugin
596 |    * Updated ExtendedServices plugin
597 |    * PE viewer now verifies checksums
598 |    * Performance improvements
599 |  * FIXED:
600 |    * Fixed service handle leak
601 | 
602 | 2.5
603 |  * NEW/IMPROVED:
604 |    * Unmap section views in Memory tab
605 |    * Plugin for extended service information (including recovery information, dependencies and dependents)
606 |  * FIXED:
607 |    * Critical bug for file dialogs on Windows XP
608 |    * Esc couldn't close Service Properties on open
609 |    * Small bug fixes
610 | 
611 | 2.4
612 |  * NEW/IMPROVED:
613 |    * Better Run As behaviour
614 |    * Show Processes From All Users option
615 |    * Can now unmap section views
616 |    * Control over thread affinity
617 |    * Window Title and Window Status columns
618 |    * Plugin for filtering notifications
619 |    * Plugin for toolbar and status bar
620 |    * Performance improvements
621 |  * FIXED:
622 |    * Memory leak
623 |    * SbieSupport plugin on 64-bit
624 |    * Crash when running under certain conditions
625 |    * Memory case-insensitive filter
626 |    * Process parent association bug
627 |  * REMOVED:
628 |    * Process database
629 | 
630 | 2.3
631 |  * NEW/IMPROVED:
632 |    * Can add processes to jobs
633 |    * Double-clicking in the system information graphs now opens information for the relevant process
634 |    * Setting I/O priority doesn't need KProcessHacker anymore
635 |    * Elevation for certain actions
636 |  * FIXED:
637 |    * HKCU key name resolution
638 |    * Network connection host resolution
639 |    * Information window resizing
640 |    * Log clearing
641 | 
642 | 2.2
643 |  * NEW/IMPROVED:
644 |    * Plugins support
645 |    * Can now unload 32-bit modules on 64-bit systems
646 |    * Tasks are shown in tooltips for taskeng.exe/taskhost.exe processes
647 |    * Run As can now start processes elevated
648 |    * Handle count by type
649 |    * Process priorities in notification icon menu
650 |    * CSV export
651 |    * Relative start times
652 |  * FIXED:
653 |    * Run and Run As shortcuts
654 |    * Command line handling
655 |    * Process tree selection
656 | 
657 | 2.1
658 |  * NEW/IMPROVED:
659 |    * Add Pause key shortcut to pause/resume updates
660 |    * Added Ctrl+Tab and Ctrl+Shift+Tab shortcuts
661 |    * Grid is a bit darker
662 |    * Checks for digital signatures and packing is now off by default and optional
663 |  * FIXED:
664 |    * MD5 calculation code for files was wrong
665 |    * Process record bugs
666 | 
667 | 2.0
668 |  * First release in the Process Hacker 2.x branch.
669 | 


--------------------------------------------------------------------------------
/CODE_OF_CONDUCT.txt:
--------------------------------------------------------------------------------
 1 | Contributor Covenant Code of Conduct
 2 | 
 3 | Our Pledge
 4 | 
 5 | In the interest of fostering an open and welcoming environment, we as
 6 | contributors and maintainers pledge to making participation in our project and
 7 | our community a harassment-free experience for everyone, regardless of age,
 8 | body size, disability, ethnicity, sex characteristics, gender identity and
 9 | expression, level of experience, education, socio-economic status,
10 | nationality, personal appearance, race, religion, or sexual identity and
11 | orientation.
12 | 
13 | Our Standards
14 | 
15 | Examples of behavior that contributes to creating a positive environment
16 | include:
17 | 
18 | * Using welcoming and inclusive language
19 | * Being respectful of differing viewpoints and experiences
20 | * Gracefully accepting constructive criticism
21 | * Focusing on what is best for the community
22 | * Showing empathy towards other community members
23 | 
24 | Examples of unacceptable behavior by participants include:
25 | 
26 | * The use of sexualized language or imagery and unwelcome sexual attention
27 |   or advances
28 | * Trolling, insulting/derogatory comments, and personal or political attacks
29 | * Public or private harassment
30 | * Publishing others' private information, such as a physical or electronic
31 |   address, without explicit permission
32 | * Other conduct which could reasonably be considered inappropriate in a
33 |  professional setting
34 | 
35 | Our Responsibilities
36 | 
37 | Project maintainers are responsible for clarifying the standards of acceptable
38 | behavior and are expected to take appropriate and fair corrective action in
39 | response to any instances of unacceptable behavior.
40 | 
41 | Project maintainers have the right and responsibility to remove, edit, or
42 | reject comments, commits, code, wiki edits, issues, and other contributions
43 | that are not aligned to this Code of Conduct, or to ban temporarily or
44 | permanently any contributor for other behaviors that they deem inappropriate,
45 | threatening, offensive, or harmful.
46 | 
47 | Scope
48 | 
49 | This Code of Conduct applies both within project spaces and in public spaces
50 | when an individual is representing the project or its community. Examples of
51 | representing a project or community include using an official project e-mail
52 | address, posting via an official social media account, or acting as an
53 | appointed representative at an online or offline event. Representation of a
54 | project may be further defined and clarified by project maintainers.
55 | 
56 | Enforcement
57 | 
58 | Instances of abusive, harassing, or otherwise unacceptable behavior may be
59 | reported by contacting the project team at dmex04@gmail.com. All complaints
60 | will be reviewed and investigated and will result in a response that is deemed
61 | necessary and appropriate to the circumstances. The project team is obligated
62 | to maintain confidentiality with regard to the reporter of an incident.
63 | Further details of specific enforcement policies may be posted separately.
64 | 
65 | Project maintainers who do not follow or enforce the Code of Conduct in good
66 | faith may face temporary or permanent repercussions as determined by other
67 | members of the project's leadership.
68 | 
69 | Attribution
70 | 
71 | This Code of Conduct is adapted from the Contributor Covenant homepage,
72 | version 1.4, available at
73 | 
74 | https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
75 | 
76 | homepage:
77 | 
78 | https://www.contributor-covenant.org
79 | 
80 | For answers to common questions about this code of conduct, see
81 | 
82 | https://www.contributor-covenant.org/faq


--------------------------------------------------------------------------------
/COPYRIGHT.txt:
--------------------------------------------------------------------------------
  1 | == Process Hacker ==
  2 | Process Hacker is licensed under the GNU GPL v3, with exceptions. A full
  3 | copy of the license is provided in LICENSE.txt.
  4 | 
  5 |     Copyright (C) 2009-2016 wj32 and various authors
  6 | 
  7 |     This program is free software: you can redistribute it and/or modify
  8 |     it under the terms of the GNU General Public License as published by
  9 |     the Free Software Foundation, either version 3 of the License, or
 10 |     (at your option) any later version.
 11 | 
 12 |     This program is distributed in the hope that it will be useful,
 13 |     but WITHOUT ANY WARRANTY; without even the implied warranty of
 14 |     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 15 |     GNU General Public License for more details.
 16 | 
 17 |     You should have received a copy of the GNU General Public License
 18 |     along with this program.  If not, see <http://www.gnu.org/licenses/>.
 19 | 
 20 | == Mini-XML ==
 21 | Process Hacker uses Mini-XML licensed under the following terms:
 22 | 
 23 |     The Mini-XML library and included programs are provided under the
 24 |     terms of the GNU Library General Public License (LGPL) with the
 25 |     following exceptions:
 26 | 
 27 |         1. Static linking of applications to the Mini-XML library
 28 |            does not constitute a derivative work and does not require
 29 |            the author to provide source code for the application, use
 30 |            the shared Mini-XML libraries, or link their applications
 31 |            against a user-supplied version of Mini-XML.
 32 | 
 33 |            If you link the application to a modified version of
 34 |            Mini-XML, then the changes to Mini-XML must be provided
 35 |            under the terms of the LGPL in sections 1, 2, and 4.
 36 | 
 37 |         2. You do not have to provide a copy of the Mini-XML license
 38 |            with programs that are linked to the Mini-XML library, nor
 39 |            do you have to identify the Mini-XML license in your
 40 |            program or documentation as required by section 6 of the
 41 |            LGPL.
 42 | 
 43 | == PCRE ==
 44 | Process Hacker uses Perl-Compatible Regular Expressions licensed under the
 45 | following terms:
 46 | 
 47 |     PCRE is a library of functions to support regular expressions whose syntax
 48 |     and semantics are as close as possible to those of the Perl 5 language.
 49 | 
 50 |     Release 8 of PCRE is distributed under the terms of the "BSD" licence, as
 51 |     specified below.
 52 | 
 53 |     Redistribution and use in source and binary forms, with or without
 54 |     modification, are permitted provided that the following conditions are met:
 55 | 
 56 |         * Redistributions of source code must retain the above copyright notice,
 57 |           this list of conditions and the following disclaimer.
 58 | 
 59 |         * Redistributions in binary form must reproduce the above copyright
 60 |           notice, this list of conditions and the following disclaimer in the
 61 |           documentation and/or other materials provided with the distribution.
 62 | 
 63 |         * Neither the name of the University of Cambridge nor the name of Google
 64 |           Inc. nor the names of their contributors may be used to endorse or
 65 |           promote products derived from this software without specific prior
 66 |           written permission.
 67 | 
 68 |     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 69 |     AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 70 |     IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 71 |     ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
 72 |     LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 73 |     CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 74 |     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 75 |     INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 76 |     CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 77 |     ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 78 |     POSSIBILITY OF SUCH DAMAGE.
 79 | 
 80 | == MD5 ==
 81 | Process Hacker uses a MD5 implementation licensed under the following terms:
 82 | 
 83 |     MD5 hash implementation and interface functions
 84 |     Copyright (c) 2003-2005, Jouni Malinen <jkmaline@cc.hut.fi>
 85 | 
 86 |     This program is free software; you can redistribute it and/or modify
 87 |     it under the terms of the GNU General Public License version 2 as
 88 |     published by the Free Software Foundation.
 89 | 
 90 | == SHA ==
 91 | Process Hacker uses a SHA implementation licensed under the following terms:
 92 | 
 93 |     Copyright 2004 Filip Navara
 94 |     Based on public domain SHA code by Steve Reid <steve@edmweb.com>
 95 | 
 96 |     This library is free software; you can redistribute it and/or
 97 |     modify it under the terms of the GNU Lesser General Public
 98 |     License as published by the Free Software Foundation; either
 99 |     version 2.1 of the License, or (at your option) any later version.
100 | 
101 |     This library is distributed in the hope that it will be useful,
102 |     but WITHOUT ANY WARRANTY; without even the implied warranty of
103 |     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
104 |     Lesser General Public License for more details.
105 | 
106 |     You should have received a copy of the GNU Lesser General Public
107 |     License along with this library; if not, write to the Free Software
108 |     Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
109 | 
110 | == Natural order string comparison ==
111 | Process Hacker uses "strnatcmp.c" licensed under the following terms:
112 | 
113 |     strnatcmp.c -- Perform 'natural order' comparisons of strings in C.
114 |     Copyright (C) 2000, 2004 by Martin Pool <mbp sourcefrog net>
115 | 
116 |     This software is provided 'as-is', without any express or implied
117 |     warranty.  In no event will the authors be held liable for any damages
118 |     arising from the use of this software.
119 | 
120 |     Permission is granted to anyone to use this software for any purpose,
121 |     including commercial applications, and to alter it and redistribute it
122 |     freely, subject to the following restrictions:
123 | 
124 |     1. The origin of this software must not be misrepresented; you must not
125 |      claim that you wrote the original software. If you use this software
126 |      in a product, an acknowledgment in the product documentation would be
127 |      appreciated but is not required.
128 |     2. Altered source versions must be plainly marked as such, and must not be
129 |      misrepresented as being the original software.
130 |     3. This notice may not be removed or altered from any source distribution.
131 | 
132 |     This code has been modified for Process Hacker.
133 | 


--------------------------------------------------------------------------------
/Command_line_reference.chm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/Command_line_reference.chm


--------------------------------------------------------------------------------
/FAQ.chm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/FAQ.chm


--------------------------------------------------------------------------------
/How_do_you completely_kill_Process_Hacker.chm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/How_do_you completely_kill_Process_Hacker.chm


--------------------------------------------------------------------------------
/LICENSE.txt:
--------------------------------------------------------------------------------
  1 | Process Hacker is distributed under the GNU GPL version 3, with the
  2 | following exception:
  3 | 
  4 |     Permission is granted to dynamically (but not statically) link this
  5 |     program with independent modules, regardless of the license terms of
  6 |     these independent modules, provided that this program is not modified
  7 |     in any way. An independent module is a module which is not derived
  8 |     from or based on this program. If you modify this program, this
  9 |     additional permission no longer applies unless authorized by the
 10 |     copyright holders.
 11 | 
 12 |                     GNU GENERAL PUBLIC LICENSE
 13 |                        Version 3, 29 June 2007
 14 | 
 15 |  Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
 16 |  Everyone is permitted to copy and distribute verbatim copies
 17 |  of this license document, but changing it is not allowed.
 18 | 
 19 |                             Preamble
 20 | 
 21 |   The GNU General Public License is a free, copyleft license for
 22 | software and other kinds of works.
 23 | 
 24 |   The licenses for most software and other practical works are designed
 25 | to take away your freedom to share and change the works.  By contrast,
 26 | the GNU General Public License is intended to guarantee your freedom to
 27 | share and change all versions of a program--to make sure it remains free
 28 | software for all its users.  We, the Free Software Foundation, use the
 29 | GNU General Public License for most of our software; it applies also to
 30 | any other work released this way by its authors.  You can apply it to
 31 | your programs, too.
 32 | 
 33 |   When we speak of free software, we are referring to freedom, not
 34 | price.  Our General Public Licenses are designed to make sure that you
 35 | have the freedom to distribute copies of free software (and charge for
 36 | them if you wish), that you receive source code or can get it if you
 37 | want it, that you can change the software or use pieces of it in new
 38 | free programs, and that you know you can do these things.
 39 | 
 40 |   To protect your rights, we need to prevent others from denying you
 41 | these rights or asking you to surrender the rights.  Therefore, you have
 42 | certain responsibilities if you distribute copies of the software, or if
 43 | you modify it: responsibilities to respect the freedom of others.
 44 | 
 45 |   For example, if you distribute copies of such a program, whether
 46 | gratis or for a fee, you must pass on to the recipients the same
 47 | freedoms that you received.  You must make sure that they, too, receive
 48 | or can get the source code.  And you must show them these terms so they
 49 | know their rights.
 50 | 
 51 |   Developers that use the GNU GPL protect your rights with two steps:
 52 | (1) assert copyright on the software, and (2) offer you this License
 53 | giving you legal permission to copy, distribute and/or modify it.
 54 | 
 55 |   For the developers' and authors' protection, the GPL clearly explains
 56 | that there is no warranty for this free software.  For both users' and
 57 | authors' sake, the GPL requires that modified versions be marked as
 58 | changed, so that their problems will not be attributed erroneously to
 59 | authors of previous versions.
 60 | 
 61 |   Some devices are designed to deny users access to install or run
 62 | modified versions of the software inside them, although the manufacturer
 63 | can do so.  This is fundamentally incompatible with the aim of
 64 | protecting users' freedom to change the software.  The systematic
 65 | pattern of such abuse occurs in the area of products for individuals to
 66 | use, which is precisely where it is most unacceptable.  Therefore, we
 67 | have designed this version of the GPL to prohibit the practice for those
 68 | products.  If such problems arise substantially in other domains, we
 69 | stand ready to extend this provision to those domains in future versions
 70 | of the GPL, as needed to protect the freedom of users.
 71 | 
 72 |   Finally, every program is threatened constantly by software patents.
 73 | States should not allow patents to restrict development and use of
 74 | software on general-purpose computers, but in those that do, we wish to
 75 | avoid the special danger that patents applied to a free program could
 76 | make it effectively proprietary.  To prevent this, the GPL assures that
 77 | patents cannot be used to render the program non-free.
 78 | 
 79 |   The precise terms and conditions for copying, distribution and
 80 | modification follow.
 81 | 
 82 |                        TERMS AND CONDITIONS
 83 | 
 84 |   0. Definitions.
 85 | 
 86 |   "This License" refers to version 3 of the GNU General Public License.
 87 | 
 88 |   "Copyright" also means copyright-like laws that apply to other kinds of
 89 | works, such as semiconductor masks.
 90 | 
 91 |   "The Program" refers to any copyrightable work licensed under this
 92 | License.  Each licensee is addressed as "you".  "Licensees" and
 93 | "recipients" may be individuals or organizations.
 94 | 
 95 |   To "modify" a work means to copy from or adapt all or part of the work
 96 | in a fashion requiring copyright permission, other than the making of an
 97 | exact copy.  The resulting work is called a "modified version" of the
 98 | earlier work or a work "based on" the earlier work.
 99 | 
100 |   A "covered work" means either the unmodified Program or a work based
101 | on the Program.
102 | 
103 |   To "propagate" a work means to do anything with it that, without
104 | permission, would make you directly or secondarily liable for
105 | infringement under applicable copyright law, except executing it on a
106 | computer or modifying a private copy.  Propagation includes copying,
107 | distribution (with or without modification), making available to the
108 | public, and in some countries other activities as well.
109 | 
110 |   To "convey" a work means any kind of propagation that enables other
111 | parties to make or receive copies.  Mere interaction with a user through
112 | a computer network, with no transfer of a copy, is not conveying.
113 | 
114 |   An interactive user interface displays "Appropriate Legal Notices"
115 | to the extent that it includes a convenient and prominently visible
116 | feature that (1) displays an appropriate copyright notice, and (2)
117 | tells the user that there is no warranty for the work (except to the
118 | extent that warranties are provided), that licensees may convey the
119 | work under this License, and how to view a copy of this License.  If
120 | the interface presents a list of user commands or options, such as a
121 | menu, a prominent item in the list meets this criterion.
122 | 
123 |   1. Source Code.
124 | 
125 |   The "source code" for a work means the preferred form of the work
126 | for making modifications to it.  "Object code" means any non-source
127 | form of a work.
128 | 
129 |   A "Standard Interface" means an interface that either is an official
130 | standard defined by a recognized standards body, or, in the case of
131 | interfaces specified for a particular programming language, one that
132 | is widely used among developers working in that language.
133 | 
134 |   The "System Libraries" of an executable work include anything, other
135 | than the work as a whole, that (a) is included in the normal form of
136 | packaging a Major Component, but which is not part of that Major
137 | Component, and (b) serves only to enable use of the work with that
138 | Major Component, or to implement a Standard Interface for which an
139 | implementation is available to the public in source code form.  A
140 | "Major Component", in this context, means a major essential component
141 | (kernel, window system, and so on) of the specific operating system
142 | (if any) on which the executable work runs, or a compiler used to
143 | produce the work, or an object code interpreter used to run it.
144 | 
145 |   The "Corresponding Source" for a work in object code form means all
146 | the source code needed to generate, install, and (for an executable
147 | work) run the object code and to modify the work, including scripts to
148 | control those activities.  However, it does not include the work's
149 | System Libraries, or general-purpose tools or generally available free
150 | programs which are used unmodified in performing those activities but
151 | which are not part of the work.  For example, Corresponding Source
152 | includes interface definition files associated with source files for
153 | the work, and the source code for shared libraries and dynamically
154 | linked subprograms that the work is specifically designed to require,
155 | such as by intimate data communication or control flow between those
156 | subprograms and other parts of the work.
157 | 
158 |   The Corresponding Source need not include anything that users
159 | can regenerate automatically from other parts of the Corresponding
160 | Source.
161 | 
162 |   The Corresponding Source for a work in source code form is that
163 | same work.
164 | 
165 |   2. Basic Permissions.
166 | 
167 |   All rights granted under this License are granted for the term of
168 | copyright on the Program, and are irrevocable provided the stated
169 | conditions are met.  This License explicitly affirms your unlimited
170 | permission to run the unmodified Program.  The output from running a
171 | covered work is covered by this License only if the output, given its
172 | content, constitutes a covered work.  This License acknowledges your
173 | rights of fair use or other equivalent, as provided by copyright law.
174 | 
175 |   You may make, run and propagate covered works that you do not
176 | convey, without conditions so long as your license otherwise remains
177 | in force.  You may convey covered works to others for the sole purpose
178 | of having them make modifications exclusively for you, or provide you
179 | with facilities for running those works, provided that you comply with
180 | the terms of this License in conveying all material for which you do
181 | not control copyright.  Those thus making or running the covered works
182 | for you must do so exclusively on your behalf, under your direction
183 | and control, on terms that prohibit them from making any copies of
184 | your copyrighted material outside their relationship with you.
185 | 
186 |   Conveying under any other circumstances is permitted solely under
187 | the conditions stated below.  Sublicensing is not allowed; section 10
188 | makes it unnecessary.
189 | 
190 |   3. Protecting Users' Legal Rights From Anti-Circumvention Law.
191 | 
192 |   No covered work shall be deemed part of an effective technological
193 | measure under any applicable law fulfilling obligations under article
194 | 11 of the WIPO copyright treaty adopted on 20 December 1996, or
195 | similar laws prohibiting or restricting circumvention of such
196 | measures.
197 | 
198 |   When you convey a covered work, you waive any legal power to forbid
199 | circumvention of technological measures to the extent such circumvention
200 | is effected by exercising rights under this License with respect to
201 | the covered work, and you disclaim any intention to limit operation or
202 | modification of the work as a means of enforcing, against the work's
203 | users, your or third parties' legal rights to forbid circumvention of
204 | technological measures.
205 | 
206 |   4. Conveying Verbatim Copies.
207 | 
208 |   You may convey verbatim copies of the Program's source code as you
209 | receive it, in any medium, provided that you conspicuously and
210 | appropriately publish on each copy an appropriate copyright notice;
211 | keep intact all notices stating that this License and any
212 | non-permissive terms added in accord with section 7 apply to the code;
213 | keep intact all notices of the absence of any warranty; and give all
214 | recipients a copy of this License along with the Program.
215 | 
216 |   You may charge any price or no price for each copy that you convey,
217 | and you may offer support or warranty protection for a fee.
218 | 
219 |   5. Conveying Modified Source Versions.
220 | 
221 |   You may convey a work based on the Program, or the modifications to
222 | produce it from the Program, in the form of source code under the
223 | terms of section 4, provided that you also meet all of these conditions:
224 | 
225 |     a) The work must carry prominent notices stating that you modified
226 |     it, and giving a relevant date.
227 | 
228 |     b) The work must carry prominent notices stating that it is
229 |     released under this License and any conditions added under section
230 |     7.  This requirement modifies the requirement in section 4 to
231 |     "keep intact all notices".
232 | 
233 |     c) You must license the entire work, as a whole, under this
234 |     License to anyone who comes into possession of a copy.  This
235 |     License will therefore apply, along with any applicable section 7
236 |     additional terms, to the whole of the work, and all its parts,
237 |     regardless of how they are packaged.  This License gives no
238 |     permission to license the work in any other way, but it does not
239 |     invalidate such permission if you have separately received it.
240 | 
241 |     d) If the work has interactive user interfaces, each must display
242 |     Appropriate Legal Notices; however, if the Program has interactive
243 |     interfaces that do not display Appropriate Legal Notices, your
244 |     work need not make them do so.
245 | 
246 |   A compilation of a covered work with other separate and independent
247 | works, which are not by their nature extensions of the covered work,
248 | and which are not combined with it such as to form a larger program,
249 | in or on a volume of a storage or distribution medium, is called an
250 | "aggregate" if the compilation and its resulting copyright are not
251 | used to limit the access or legal rights of the compilation's users
252 | beyond what the individual works permit.  Inclusion of a covered work
253 | in an aggregate does not cause this License to apply to the other
254 | parts of the aggregate.
255 | 
256 |   6. Conveying Non-Source Forms.
257 | 
258 |   You may convey a covered work in object code form under the terms
259 | of sections 4 and 5, provided that you also convey the
260 | machine-readable Corresponding Source under the terms of this License,
261 | in one of these ways:
262 | 
263 |     a) Convey the object code in, or embodied in, a physical product
264 |     (including a physical distribution medium), accompanied by the
265 |     Corresponding Source fixed on a durable physical medium
266 |     customarily used for software interchange.
267 | 
268 |     b) Convey the object code in, or embodied in, a physical product
269 |     (including a physical distribution medium), accompanied by a
270 |     written offer, valid for at least three years and valid for as
271 |     long as you offer spare parts or customer support for that product
272 |     model, to give anyone who possesses the object code either (1) a
273 |     copy of the Corresponding Source for all the software in the
274 |     product that is covered by this License, on a durable physical
275 |     medium customarily used for software interchange, for a price no
276 |     more than your reasonable cost of physically performing this
277 |     conveying of source, or (2) access to copy the
278 |     Corresponding Source from a network server at no charge.
279 | 
280 |     c) Convey individual copies of the object code with a copy of the
281 |     written offer to provide the Corresponding Source.  This
282 |     alternative is allowed only occasionally and noncommercially, and
283 |     only if you received the object code with such an offer, in accord
284 |     with subsection 6b.
285 | 
286 |     d) Convey the object code by offering access from a designated
287 |     place (gratis or for a charge), and offer equivalent access to the
288 |     Corresponding Source in the same way through the same place at no
289 |     further charge.  You need not require recipients to copy the
290 |     Corresponding Source along with the object code.  If the place to
291 |     copy the object code is a network server, the Corresponding Source
292 |     may be on a different server (operated by you or a third party)
293 |     that supports equivalent copying facilities, provided you maintain
294 |     clear directions next to the object code saying where to find the
295 |     Corresponding Source.  Regardless of what server hosts the
296 |     Corresponding Source, you remain obligated to ensure that it is
297 |     available for as long as needed to satisfy these requirements.
298 | 
299 |     e) Convey the object code using peer-to-peer transmission, provided
300 |     you inform other peers where the object code and Corresponding
301 |     Source of the work are being offered to the general public at no
302 |     charge under subsection 6d.
303 | 
304 |   A separable portion of the object code, whose source code is excluded
305 | from the Corresponding Source as a System Library, need not be
306 | included in conveying the object code work.
307 | 
308 |   A "User Product" is either (1) a "consumer product", which means any
309 | tangible personal property which is normally used for personal, family,
310 | or household purposes, or (2) anything designed or sold for incorporation
311 | into a dwelling.  In determining whether a product is a consumer product,
312 | doubtful cases shall be resolved in favor of coverage.  For a particular
313 | product received by a particular user, "normally used" refers to a
314 | typical or common use of that class of product, regardless of the status
315 | of the particular user or of the way in which the particular user
316 | actually uses, or expects or is expected to use, the product.  A product
317 | is a consumer product regardless of whether the product has substantial
318 | commercial, industrial or non-consumer uses, unless such uses represent
319 | the only significant mode of use of the product.
320 | 
321 |   "Installation Information" for a User Product means any methods,
322 | procedures, authorization keys, or other information required to install
323 | and execute modified versions of a covered work in that User Product from
324 | a modified version of its Corresponding Source.  The information must
325 | suffice to ensure that the continued functioning of the modified object
326 | code is in no case prevented or interfered with solely because
327 | modification has been made.
328 | 
329 |   If you convey an object code work under this section in, or with, or
330 | specifically for use in, a User Product, and the conveying occurs as
331 | part of a transaction in which the right of possession and use of the
332 | User Product is transferred to the recipient in perpetuity or for a
333 | fixed term (regardless of how the transaction is characterized), the
334 | Corresponding Source conveyed under this section must be accompanied
335 | by the Installation Information.  But this requirement does not apply
336 | if neither you nor any third party retains the ability to install
337 | modified object code on the User Product (for example, the work has
338 | been installed in ROM).
339 | 
340 |   The requirement to provide Installation Information does not include a
341 | requirement to continue to provide support service, warranty, or updates
342 | for a work that has been modified or installed by the recipient, or for
343 | the User Product in which it has been modified or installed.  Access to a
344 | network may be denied when the modification itself materially and
345 | adversely affects the operation of the network or violates the rules and
346 | protocols for communication across the network.
347 | 
348 |   Corresponding Source conveyed, and Installation Information provided,
349 | in accord with this section must be in a format that is publicly
350 | documented (and with an implementation available to the public in
351 | source code form), and must require no special password or key for
352 | unpacking, reading or copying.
353 | 
354 |   7. Additional Terms.
355 | 
356 |   "Additional permissions" are terms that supplement the terms of this
357 | License by making exceptions from one or more of its conditions.
358 | Additional permissions that are applicable to the entire Program shall
359 | be treated as though they were included in this License, to the extent
360 | that they are valid under applicable law.  If additional permissions
361 | apply only to part of the Program, that part may be used separately
362 | under those permissions, but the entire Program remains governed by
363 | this License without regard to the additional permissions.
364 | 
365 |   When you convey a copy of a covered work, you may at your option
366 | remove any additional permissions from that copy, or from any part of
367 | it.  (Additional permissions may be written to require their own
368 | removal in certain cases when you modify the work.)  You may place
369 | additional permissions on material, added by you to a covered work,
370 | for which you have or can give appropriate copyright permission.
371 | 
372 |   Notwithstanding any other provision of this License, for material you
373 | add to a covered work, you may (if authorized by the copyright holders of
374 | that material) supplement the terms of this License with terms:
375 | 
376 |     a) Disclaiming warranty or limiting liability differently from the
377 |     terms of sections 15 and 16 of this License; or
378 | 
379 |     b) Requiring preservation of specified reasonable legal notices or
380 |     author attributions in that material or in the Appropriate Legal
381 |     Notices displayed by works containing it; or
382 | 
383 |     c) Prohibiting misrepresentation of the origin of that material, or
384 |     requiring that modified versions of such material be marked in
385 |     reasonable ways as different from the original version; or
386 | 
387 |     d) Limiting the use for publicity purposes of names of licensors or
388 |     authors of the material; or
389 | 
390 |     e) Declining to grant rights under trademark law for use of some
391 |     trade names, trademarks, or service marks; or
392 | 
393 |     f) Requiring indemnification of licensors and authors of that
394 |     material by anyone who conveys the material (or modified versions of
395 |     it) with contractual assumptions of liability to the recipient, for
396 |     any liability that these contractual assumptions directly impose on
397 |     those licensors and authors.
398 | 
399 |   All other non-permissive additional terms are considered "further
400 | restrictions" within the meaning of section 10.  If the Program as you
401 | received it, or any part of it, contains a notice stating that it is
402 | governed by this License along with a term that is a further
403 | restriction, you may remove that term.  If a license document contains
404 | a further restriction but permits relicensing or conveying under this
405 | License, you may add to a covered work material governed by the terms
406 | of that license document, provided that the further restriction does
407 | not survive such relicensing or conveying.
408 | 
409 |   If you add terms to a covered work in accord with this section, you
410 | must place, in the relevant source files, a statement of the
411 | additional terms that apply to those files, or a notice indicating
412 | where to find the applicable terms.
413 | 
414 |   Additional terms, permissive or non-permissive, may be stated in the
415 | form of a separately written license, or stated as exceptions;
416 | the above requirements apply either way.
417 | 
418 |   8. Termination.
419 | 
420 |   You may not propagate or modify a covered work except as expressly
421 | provided under this License.  Any attempt otherwise to propagate or
422 | modify it is void, and will automatically terminate your rights under
423 | this License (including any patent licenses granted under the third
424 | paragraph of section 11).
425 | 
426 |   However, if you cease all violation of this License, then your
427 | license from a particular copyright holder is reinstated (a)
428 | provisionally, unless and until the copyright holder explicitly and
429 | finally terminates your license, and (b) permanently, if the copyright
430 | holder fails to notify you of the violation by some reasonable means
431 | prior to 60 days after the cessation.
432 | 
433 |   Moreover, your license from a particular copyright holder is
434 | reinstated permanently if the copyright holder notifies you of the
435 | violation by some reasonable means, this is the first time you have
436 | received notice of violation of this License (for any work) from that
437 | copyright holder, and you cure the violation prior to 30 days after
438 | your receipt of the notice.
439 | 
440 |   Termination of your rights under this section does not terminate the
441 | licenses of parties who have received copies or rights from you under
442 | this License.  If your rights have been terminated and not permanently
443 | reinstated, you do not qualify to receive new licenses for the same
444 | material under section 10.
445 | 
446 |   9. Acceptance Not Required for Having Copies.
447 | 
448 |   You are not required to accept this License in order to receive or
449 | run a copy of the Program.  Ancillary propagation of a covered work
450 | occurring solely as a consequence of using peer-to-peer transmission
451 | to receive a copy likewise does not require acceptance.  However,
452 | nothing other than this License grants you permission to propagate or
453 | modify any covered work.  These actions infringe copyright if you do
454 | not accept this License.  Therefore, by modifying or propagating a
455 | covered work, you indicate your acceptance of this License to do so.
456 | 
457 |   10. Automatic Licensing of Downstream Recipients.
458 | 
459 |   Each time you convey a covered work, the recipient automatically
460 | receives a license from the original licensors, to run, modify and
461 | propagate that work, subject to this License.  You are not responsible
462 | for enforcing compliance by third parties with this License.
463 | 
464 |   An "entity transaction" is a transaction transferring control of an
465 | organization, or substantially all assets of one, or subdividing an
466 | organization, or merging organizations.  If propagation of a covered
467 | work results from an entity transaction, each party to that
468 | transaction who receives a copy of the work also receives whatever
469 | licenses to the work the party's predecessor in interest had or could
470 | give under the previous paragraph, plus a right to possession of the
471 | Corresponding Source of the work from the predecessor in interest, if
472 | the predecessor has it or can get it with reasonable efforts.
473 | 
474 |   You may not impose any further restrictions on the exercise of the
475 | rights granted or affirmed under this License.  For example, you may
476 | not impose a license fee, royalty, or other charge for exercise of
477 | rights granted under this License, and you may not initiate litigation
478 | (including a cross-claim or counterclaim in a lawsuit) alleging that
479 | any patent claim is infringed by making, using, selling, offering for
480 | sale, or importing the Program or any portion of it.
481 | 
482 |   11. Patents.
483 | 
484 |   A "contributor" is a copyright holder who authorizes use under this
485 | License of the Program or a work on which the Program is based.  The
486 | work thus licensed is called the contributor's "contributor version".
487 | 
488 |   A contributor's "essential patent claims" are all patent claims
489 | owned or controlled by the contributor, whether already acquired or
490 | hereafter acquired, that would be infringed by some manner, permitted
491 | by this License, of making, using, or selling its contributor version,
492 | but do not include claims that would be infringed only as a
493 | consequence of further modification of the contributor version.  For
494 | purposes of this definition, "control" includes the right to grant
495 | patent sublicenses in a manner consistent with the requirements of
496 | this License.
497 | 
498 |   Each contributor grants you a non-exclusive, worldwide, royalty-free
499 | patent license under the contributor's essential patent claims, to
500 | make, use, sell, offer for sale, import and otherwise run, modify and
501 | propagate the contents of its contributor version.
502 | 
503 |   In the following three paragraphs, a "patent license" is any express
504 | agreement or commitment, however denominated, not to enforce a patent
505 | (such as an express permission to practice a patent or covenant not to
506 | sue for patent infringement).  To "grant" such a patent license to a
507 | party means to make such an agreement or commitment not to enforce a
508 | patent against the party.
509 | 
510 |   If you convey a covered work, knowingly relying on a patent license,
511 | and the Corresponding Source of the work is not available for anyone
512 | to copy, free of charge and under the terms of this License, through a
513 | publicly available network server or other readily accessible means,
514 | then you must either (1) cause the Corresponding Source to be so
515 | available, or (2) arrange to deprive yourself of the benefit of the
516 | patent license for this particular work, or (3) arrange, in a manner
517 | consistent with the requirements of this License, to extend the patent
518 | license to downstream recipients.  "Knowingly relying" means you have
519 | actual knowledge that, but for the patent license, your conveying the
520 | covered work in a country, or your recipient's use of the covered work
521 | in a country, would infringe one or more identifiable patents in that
522 | country that you have reason to believe are valid.
523 | 
524 |   If, pursuant to or in connection with a single transaction or
525 | arrangement, you convey, or propagate by procuring conveyance of, a
526 | covered work, and grant a patent license to some of the parties
527 | receiving the covered work authorizing them to use, propagate, modify
528 | or convey a specific copy of the covered work, then the patent license
529 | you grant is automatically extended to all recipients of the covered
530 | work and works based on it.
531 | 
532 |   A patent license is "discriminatory" if it does not include within
533 | the scope of its coverage, prohibits the exercise of, or is
534 | conditioned on the non-exercise of one or more of the rights that are
535 | specifically granted under this License.  You may not convey a covered
536 | work if you are a party to an arrangement with a third party that is
537 | in the business of distributing software, under which you make payment
538 | to the third party based on the extent of your activity of conveying
539 | the work, and under which the third party grants, to any of the
540 | parties who would receive the covered work from you, a discriminatory
541 | patent license (a) in connection with copies of the covered work
542 | conveyed by you (or copies made from those copies), or (b) primarily
543 | for and in connection with specific products or compilations that
544 | contain the covered work, unless you entered into that arrangement,
545 | or that patent license was granted, prior to 28 March 2007.
546 | 
547 |   Nothing in this License shall be construed as excluding or limiting
548 | any implied license or other defenses to infringement that may
549 | otherwise be available to you under applicable patent law.
550 | 
551 |   12. No Surrender of Others' Freedom.
552 | 
553 |   If conditions are imposed on you (whether by court order, agreement or
554 | otherwise) that contradict the conditions of this License, they do not
555 | excuse you from the conditions of this License.  If you cannot convey a
556 | covered work so as to satisfy simultaneously your obligations under this
557 | License and any other pertinent obligations, then as a consequence you may
558 | not convey it at all.  For example, if you agree to terms that obligate you
559 | to collect a royalty for further conveying from those to whom you convey
560 | the Program, the only way you could satisfy both those terms and this
561 | License would be to refrain entirely from conveying the Program.
562 | 
563 |   13. Use with the GNU Affero General Public License.
564 | 
565 |   Notwithstanding any other provision of this License, you have
566 | permission to link or combine any covered work with a work licensed
567 | under version 3 of the GNU Affero General Public License into a single
568 | combined work, and to convey the resulting work.  The terms of this
569 | License will continue to apply to the part which is the covered work,
570 | but the special requirements of the GNU Affero General Public License,
571 | section 13, concerning interaction through a network will apply to the
572 | combination as such.
573 | 
574 |   14. Revised Versions of this License.
575 | 
576 |   The Free Software Foundation may publish revised and/or new versions of
577 | the GNU General Public License from time to time.  Such new versions will
578 | be similar in spirit to the present version, but may differ in detail to
579 | address new problems or concerns.
580 | 
581 |   Each version is given a distinguishing version number.  If the
582 | Program specifies that a certain numbered version of the GNU General
583 | Public License "or any later version" applies to it, you have the
584 | option of following the terms and conditions either of that numbered
585 | version or of any later version published by the Free Software
586 | Foundation.  If the Program does not specify a version number of the
587 | GNU General Public License, you may choose any version ever published
588 | by the Free Software Foundation.
589 | 
590 |   If the Program specifies that a proxy can decide which future
591 | versions of the GNU General Public License can be used, that proxy's
592 | public statement of acceptance of a version permanently authorizes you
593 | to choose that version for the Program.
594 | 
595 |   Later license versions may give you additional or different
596 | permissions.  However, no additional obligations are imposed on any
597 | author or copyright holder as a result of your choosing to follow a
598 | later version.
599 | 
600 |   15. Disclaimer of Warranty.
601 | 
602 |   THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
603 | APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
604 | HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
605 | OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
606 | THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
607 | PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
608 | IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
609 | ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
610 | 
611 |   16. Limitation of Liability.
612 | 
613 |   IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
614 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
615 | THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
616 | GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
617 | USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
618 | DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
619 | PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
620 | EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
621 | SUCH DAMAGES.
622 | 
623 |   17. Interpretation of Sections 15 and 16.
624 | 
625 |   If the disclaimer of warranty and limitation of liability provided
626 | above cannot be given local legal effect according to their terms,
627 | reviewing courts shall apply local law that most closely approximates
628 | an absolute waiver of all civil liability in connection with the
629 | Program, unless a warranty or assumption of liability accompanies a
630 | copy of the Program in return for a fee.
631 | 
632 |                      END OF TERMS AND CONDITIONS
633 | 
634 |             How to Apply These Terms to Your New Programs
635 | 
636 |   If you develop a new program, and you want it to be of the greatest
637 | possible use to the public, the best way to achieve this is to make it
638 | free software which everyone can redistribute and change under these terms.
639 | 
640 |   To do so, attach the following notices to the program.  It is safest
641 | to attach them to the start of each source file to most effectively
642 | state the exclusion of warranty; and each file should have at least
643 | the "copyright" line and a pointer to where the full notice is found.
644 | 
645 |     <one line to give the program's name and a brief idea of what it does.>
646 |     Copyright (C) <year>  <name of author>
647 | 
648 |     This program is free software: you can redistribute it and/or modify
649 |     it under the terms of the GNU General Public License as published by
650 |     the Free Software Foundation, either version 3 of the License, or
651 |     (at your option) any later version.
652 | 
653 |     This program is distributed in the hope that it will be useful,
654 |     but WITHOUT ANY WARRANTY; without even the implied warranty of
655 |     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
656 |     GNU General Public License for more details.
657 | 
658 |     You should have received a copy of the GNU General Public License
659 |     along with this program.  If not, see <http://www.gnu.org/licenses/>.
660 | 
661 | Also add information on how to contact you by electronic and paper mail.
662 | 
663 |   If the program does terminal interaction, make it output a short
664 | notice like this when it starts in an interactive mode:
665 | 
666 |     <program>  Copyright (C) <year>  <name of author>
667 |     This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
668 |     This is free software, and you are welcome to redistribute it
669 |     under certain conditions; type `show c' for details.
670 | 
671 | The hypothetical commands `show w' and `show c' should show the appropriate
672 | parts of the General Public License.  Of course, your program's commands
673 | might be different; for a GUI interface, you would use an "about box".
674 | 
675 |   You should also get your employer (if you work as a programmer) or school,
676 | if any, to sign a "copyright disclaimer" for the program, if necessary.
677 | For more information on this, and how to apply and follow the GNU GPL, see
678 | <http://www.gnu.org/licenses/>.
679 | 
680 |   The GNU General Public License does not permit incorporating your program
681 | into proprietary programs.  If your program is a subroutine library, you
682 | may consider it more useful to permit linking proprietary applications with
683 | the library.  If this is what you want to do, use the GNU Lesser General
684 | Public License instead of this License.  But first, please read
685 | <http://www.gnu.org/philosophy/why-not-lgpl.html>.
686 | 


--------------------------------------------------------------------------------
/Main_Window.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/Main_Window.png


--------------------------------------------------------------------------------
/Overview.chm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/Overview.chm


--------------------------------------------------------------------------------
/PHREADME.md:
--------------------------------------------------------------------------------
 1 | [![Build status](https://img.shields.io/appveyor/ci/processhacker/processhacker.svg?style=for-the-badge)](https://ci.appveyor.com/project/processhacker/processhacker)
 2 | [![Build contributors](https://img.shields.io/github/contributors/processhacker/processhacker.svg?style=for-the-badge&color=blue)](https://github.com/processhacker/processhacker/graphs/contributors)
 3 | [![Licence](https://img.shields.io/badge/license-GPLv3-blue.svg?style=for-the-badge)](https://www.gnu.org/licenses/gpl-3.0.en.html)
 4 | [![Github stats](https://img.shields.io/github/downloads/processhacker/processhacker/total.svg?style=for-the-badge&color=red)](https://somsubhra.com/github-release-stats/?username=processhacker&repository=processhacker)
 5 | [![SourceForge stats](https://img.shields.io/sourceforge/dt/processhacker.svg?style=for-the-badge&color=red)](https://sourceforge.net/projects/processhacker/files/stats/timeline?dates=2008-10-01%20to%202020-09-01&period=monthly)
 6 | 
 7 | <img align="left" src="https://raw.githubusercontent.com/processhacker/processhacker/master/ProcessHacker/resources/ProcessHacker.png" width="128" height="128"> 
 8 | 
 9 | ## Process Hacker
10 | 
11 | A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.
12 | 
13 | [Project Website](https://processhacker.sourceforge.io/) - [Project Downloads](https://processhacker.sourceforge.io/downloads.php)
14 | 
15 | ## System requirements
16 | 
17 | Windows 7 or higher, 32-bit or 64-bit.
18 | 
19 | ## Features
20 | 
21 | * A detailed overview of system activity with highlighting.
22 | * Graphs and statistics allow you quickly to track down resource hogs and runaway processes.
23 | * Can't edit or delete a file? Discover which processes are using that file.
24 | * See what programs have active network connections, and close them if necessary.
25 | * Get real-time information on disk access.
26 | * View detailed stack traces with kernel-mode, WOW64 and .NET support.
27 | * Go beyond services.msc: create, edit and control services.
28 | * Small, portable and no installation required.
29 | * 100% [Free Software](https://www.gnu.org/philosophy/free-sw.en.html) ([GPL v3](https://www.gnu.org/licenses/gpl-3.0.en.html))
30 | 
31 | 
32 | ## Building the project
33 | 
34 | Requires Visual Studio (2019 or later).
35 | 
36 | Execute `build_release.cmd` located in the `build` directory to compile the project or load the `ProcessHacker.sln` and `Plugins.sln` solutions if you prefer building the project using Visual Studio.
37 | 
38 | You can download the free [Visual Studio Community Edition](https://www.visualstudio.com/vs/community/) to build the Process Hacker source code.
39 | 
40 | ## Enhancements/Bugs
41 | 
42 | 
43 | Please use the [GitHub issue tracker](https://github.com/processhacker2/processhacker/issues)
44 | for reporting problems or suggesting new features.
45 | 
46 | 
47 | ## Settings
48 | 
49 | If you are running Process Hacker from a USB drive, you may want to
50 | save Process Hacker's settings there as well. To do this, create a
51 | blank file named "ProcessHacker.exe.settings.xml" in the same
52 | directory as ProcessHacker.exe. You can do this using Windows Explorer:
53 | 
54 | 1. Make sure "Hide extensions for known file types" is unticked in
55 |    Tools > Folder options > View.
56 | 2. Right-click in the folder and choose New > Text Document.
57 | 3. Rename the file to ProcessHacker.exe.settings.xml (delete the ".txt"
58 |    extension).
59 | 
60 | ## Plugins
61 | 
62 | Plugins can be configured from Hacker > Plugins.
63 | 
64 | If you experience any crashes involving plugins, make sure they
65 | are up to date.
66 | 
67 | Disk and Network information provided by the ExtendedTools plugin is
68 | only available when running Process Hacker with administrative
69 | rights.
70 | 
71 | ## KProcessHacker
72 | 
73 | Process Hacker uses a kernel-mode driver, KProcessHacker, to
74 | assist with certain functionality. This includes:
75 | 
76 | * Capturing kernel-mode stack traces
77 | * More efficiently enumerating process handles
78 | * Retrieving names for file handles
79 | * Retrieving names for EtwRegistration objects
80 | * Setting handle attributes
81 | 
82 | Note that by default, KProcessHacker only allows connections from
83 | processes with administrative privileges (SeDebugPrivilege). To allow Process Hacker 
84 | to show details for all processes when it is not running as administrator:
85 | 
86 | 1. In Registry Editor, navigate to:
87 |    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KProcessHacker3
88 | 2. Under this key, create a key named Parameters if it does not exist.
89 | 3. Create a DWORD value named SecurityLevel and set it to 2. If you are
90 |    not using an official build, you may need to set it to 0 instead.
91 | 4. Restart the KProcessHacker3 service (sc stop KProcessHacker3,
92 |    sc start KProcessHacker3).
93 | 


--------------------------------------------------------------------------------
/ProcessHacker.exe.settings.xml:
--------------------------------------------------------------------------------
  1 | <settings>
  2 | <setting name="AllowOnlyOneInstance">0</setting>
  3 | <setting name="CloseOnEscape">0</setting>
  4 | <setting name="DbgHelpSearchPath">SRV*C:\Symbols*http://msdl.microsoft.com/download/symbols</setting>
  5 | <setting name="DbgHelpUndecorate">1</setting>
  6 | <setting name="DisabledPlugins">CommonUtil.dll|ExtraPlugins.dll|FirewallMonitorPlugin.dll|ForceShutdownPlugin.dll|HexPidPlugin.dll|NetAdapters.dll|LiveDumpPlugin.dll|NetExtrasPlugin.dll|SbieSupport.dll</setting>
  7 | <setting name="ElevationLevel">1</setting>
  8 | <setting name="EnableAdvancedOptions">1</setting>
  9 | <setting name="EnableCycleCpuUsage">0</setting>
 10 | <setting name="EnableInstantTooltips">1</setting>
 11 | <setting name="EnableKph">1</setting>
 12 | <setting name="EnableKphWarnings">0</setting>
 13 | <setting name="EnableHandleSnapshot">1</setting>
 14 | <setting name="EnableNetworkResolve">1</setting>
 15 | <setting name="EnableNetworkResolveDoH">1</setting>
 16 | <setting name="EnablePlugins">1</setting>
 17 | <setting name="EnableServiceNonPoll">0</setting>
 18 | <setting name="EnableStage2">1</setting>
 19 | <setting name="EnableServiceStage2">1</setting>
 20 | <setting name="EnableStartAsAdmin">1</setting>
 21 | <setting name="EnableWarnings">1</setting>
 22 | <setting name="EnableWindowText">1</setting>
 23 | <setting name="EnableThemeSupport">0</setting>
 24 | <setting name="EnableTooltipSupport">1</setting>
 25 | <setting name="EnableSafeDefaultPlugins">0</setting>
 26 | <setting name="EnableSecurityAdvancedDialog">1</setting>
 27 | <setting name="EnableLinuxSubsystemSupport">1</setting>
 28 | <setting name="EnableVersionSupport">1</setting>
 29 | <setting name="EnvironmentTreeListColumns"></setting>
 30 | <setting name="EnvironmentTreeListSort">0,0</setting>
 31 | <setting name="EnvironmentTreeListFlags">1</setting>
 32 | <setting name="FindObjRegex">1</setting>
 33 | <setting name="FindObjTreeListColumns"></setting>
 34 | <setting name="FileBrowseExecutable">%SystemRoot%\explorer.exe /select,&quot;%s&quot;</setting>
 35 | <setting name="FirstRun">0</setting>
 36 | <setting name="Font"></setting>
 37 | <setting name="ForceNoParent">1</setting>
 38 | <setting name="KphBuildNumber">1db1</setting>
 39 | <setting name="KphServiceName"></setting>
 40 | <setting name="HandleTreeListColumns"></setting>
 41 | <setting name="HandleTreeListSort">0,1</setting>
 42 | <setting name="HandleTreeListFlags">3</setting>
 43 | <setting name="HiddenProcessesMenuEnabled">1</setting>
 44 | <setting name="HiddenProcessesListViewColumns"></setting>
 45 | <setting name="HideDriverServices">0</setting>
 46 | <setting name="HideFreeRegions">1</setting>
 47 | <setting name="HideOnClose">1</setting>
 48 | <setting name="HideOnMinimize">1</setting>
 49 | <setting name="HideOtherUserProcesses">0</setting>
 50 | <setting name="HideSignedProcesses">0</setting>
 51 | <setting name="HideWaitingConnections">0</setting>
 52 | <setting name="HighlightingDuration">3e8</setting>
 53 | <setting name="IconSettings">1|1|</setting>
 54 | <setting name="IconNotifyMask">c</setting>
 55 | <setting name="IconProcesses">f</setting>
 56 | <setting name="IconSingleClick">1</setting>
 57 | <setting name="IconTogglesVisibility">1</setting>
 58 | <setting name="JobListViewColumns"></setting>
 59 | <setting name="LogEntries">200</setting>
 60 | <setting name="LogListViewColumns"></setting>
 61 | <setting name="MainWindowAlwaysOnTop">0</setting>
 62 | <setting name="MainWindowClassName">MainWindowClassName</setting>
 63 | <setting name="MainWindowOpacity">0</setting>
 64 | <setting name="MainWindowState">1</setting>
 65 | <setting name="MainWindowTabRestoreEnabled">0</setting>
 66 | <setting name="MainWindowTabRestoreIndex">0</setting>
 67 | <setting name="MaxSizeUnit">2</setting>
 68 | <setting name="MemEditBytesPerRow">10</setting>
 69 | <setting name="MemEditGotoChoices"></setting>
 70 | <setting name="MemFilterChoices"></setting>
 71 | <setting name="MemResultsListViewColumns"></setting>
 72 | <setting name="MemoryListFlags">3</setting>
 73 | <setting name="MemoryTreeListColumns"></setting>
 74 | <setting name="MemoryTreeListSort">0,0</setting>
 75 | <setting name="MemoryReadWriteAddressChoices"></setting>
 76 | <setting name="MiniInfoWindowClassName">MiniInfoWindowClassName</setting>
 77 | <setting name="MiniInfoWindowEnabled">1</setting>
 78 | <setting name="MiniInfoWindowOpacity">0</setting>
 79 | <setting name="MiniInfoWindowPinned">0</setting>
 80 | <setting name="MiniInfoWindowRefreshAutomatically">1</setting>
 81 | <setting name="ModuleTreeListFlags">1</setting>
 82 | <setting name="ModuleTreeListColumns"></setting>
 83 | <setting name="ModuleTreeListSort">0,0</setting>
 84 | <setting name="NetworkTreeListColumns"></setting>
 85 | <setting name="NetworkTreeListSort">0,1</setting>
 86 | <setting name="NoPurgeProcessRecords">0</setting>
 87 | <setting name="OptionsWindowAdvancedColumns">@96|0,0,200|1,1,100|2,2,200|3,3,200</setting>
 88 | <setting name="OptionsWindowAdvancedFlags">0</setting>
 89 | <setting name="PageFileListViewColumns"></setting>
 90 | <setting name="PluginsDirectory">plugins</setting>
 91 | <setting name="ProcessServiceListViewColumns"></setting>
 92 | <setting name="ProcessTreeColumnSetConfig"></setting>
 93 | <setting name="ProcessTreeListColumns">@96|0,0,200|1,1,50|2,2,45|3,3,70|4,4,70|5,5,140|6,6,180</setting>
 94 | <setting name="ProcessTreeListSort">0,0</setting>
 95 | <setting name="ProcessTreeListNameDefault">1</setting>
 96 | <setting name="ProcPropPage">General</setting>
 97 | <setting name="ProcStatPropPageGroupListViewColumns"></setting>
 98 | <setting name="ProcStatPropPageGroupListViewSort">0,0</setting>
 99 | <setting name="ProcStatPropPageGroupStates"></setting>
100 | <setting name="ProgramInspectExecutables">peview.exe &quot;%s&quot;</setting>
101 | <setting name="PropagateCpuUsage">1</setting>
102 | <setting name="RunAsEnableAutoComplete">0</setting>
103 | <setting name="RunAsProgram"></setting>
104 | <setting name="RunAsUserName"></setting>
105 | <setting name="RunFileDlgState">0</setting>
106 | <setting name="SampleCount">3c0</setting>
107 | <setting name="SampleCountAutomatic">1</setting>
108 | <setting name="ScrollToNewProcesses">0</setting>
109 | <setting name="SearchEngine">https://www.google.com/search?q=&quot;%s&quot;</setting>
110 | <setting name="SegmentHeapListViewColumns"></setting>
111 | <setting name="SegmentHeapListViewSort">0,1</setting>
112 | <setting name="ServiceWindowPosition">0,0</setting>
113 | <setting name="ServiceListViewColumns"></setting>
114 | <setting name="ServiceTreeListColumns"></setting>
115 | <setting name="ServiceTreeListSort">0,1</setting>
116 | <setting name="SessionShadowHotkey">106,2</setting>
117 | <setting name="ShowPluginLoadErrors">1</setting>
118 | <setting name="ShowCommitInSummary">0</setting>
119 | <setting name="ShowCpuBelow001">0</setting>
120 | <setting name="ShowHexId">0</setting>
121 | <setting name="StartHidden">1</setting>
122 | <setting name="SysInfoWindowAlwaysOnTop">0</setting>
123 | <setting name="SysInfoWindowOneGraphPerCpu">0</setting>
124 | <setting name="SysInfoWindowSection"></setting>
125 | <setting name="SysInfoWindowState">1</setting>
126 | <setting name="ThinRows">0</setting>
127 | <setting name="ThreadTreeListColumns"></setting>
128 | <setting name="ThreadTreeListSort">1,2</setting>
129 | <setting name="ThreadTreeListFlags">0</setting>
130 | <setting name="ThreadStackTreeListColumns"></setting>
131 | <setting name="TokenGroupsListViewColumns"></setting>
132 | <setting name="TokenGroupsListViewStates"></setting>
133 | <setting name="TokenGroupsListViewSort">1,2</setting>
134 | <setting name="TokenSplitterEnable">0</setting>
135 | <setting name="TokenSplitterPosition">150</setting>
136 | <setting name="TokenPrivilegesListViewColumns"></setting>
137 | <setting name="TreeListBorderEnable">0</setting>
138 | <setting name="TreeListCustomColorsEnable">0</setting>
139 | <setting name="TreeListCustomColorText">0</setting>
140 | <setting name="TreeListCustomColorFocus">0</setting>
141 | <setting name="TreeListCustomColorSelection">0</setting>
142 | <setting name="UpdateInterval">3e8</setting>
143 | <setting name="WmiProviderEnableHiddenMenu">1</setting>
144 | <setting name="WmiProviderListViewColumns"></setting>
145 | <setting name="ColorNew">ff7f</setting>
146 | <setting name="ColorRemoved">283cff</setting>
147 | <setting name="UseColorOwnProcesses">1</setting>
148 | <setting name="ColorOwnProcesses">aaffff</setting>
149 | <setting name="UseColorSystemProcesses">1</setting>
150 | <setting name="ColorSystemProcesses">ffccaa</setting>
151 | <setting name="UseColorServiceProcesses">1</setting>
152 | <setting name="ColorServiceProcesses">ffffcc</setting>
153 | <setting name="UseColorJobProcesses">1</setting>
154 | <setting name="ColorJobProcesses">3f85cd</setting>
155 | <setting name="UseColorWow64Processes">1</setting>
156 | <setting name="ColorWow64Processes">8f8fbc</setting>
157 | <setting name="UseColorDebuggedProcesses">1</setting>
158 | <setting name="ColorDebuggedProcesses">ffbbcc</setting>
159 | <setting name="UseColorElevatedProcesses">1</setting>
160 | <setting name="ColorElevatedProcesses">aaff</setting>
161 | <setting name="UseColorHandleFiltered">1</setting>
162 | <setting name="ColorHandleFiltered">0</setting>
163 | <setting name="UseColorImmersiveProcesses">1</setting>
164 | <setting name="ColorImmersiveProcesses">cbc0ff</setting>
165 | <setting name="UseColorPicoProcesses">1</setting>
166 | <setting name="ColorPicoProcesses">ff8000</setting>
167 | <setting name="UseColorSuspended">1</setting>
168 | <setting name="ColorSuspended">777777</setting>
169 | <setting name="UseColorDotNet">1</setting>
170 | <setting name="ColorDotNet">ffde</setting>
171 | <setting name="UseColorPacked">1</setting>
172 | <setting name="ColorPacked">9314ff</setting>
173 | <setting name="UseColorLowImageCoherency">1</setting>
174 | <setting name="ColorLowImageCoherency">ff14b9</setting>
175 | <setting name="UseColorGuiThreads">1</setting>
176 | <setting name="ColorGuiThreads">77ffff</setting>
177 | <setting name="UseColorRelocatedModules">1</setting>
178 | <setting name="ColorRelocatedModules">80c0ff</setting>
179 | <setting name="UseColorProtectedHandles">1</setting>
180 | <setting name="ColorProtectedHandles">777777</setting>
181 | <setting name="UseColorInheritHandles">1</setting>
182 | <setting name="ColorInheritHandles">ffff77</setting>
183 | <setting name="UseColorServiceDisabled">1</setting>
184 | <setting name="ColorServiceDisabled">6d6d6d</setting>
185 | <setting name="UseColorServiceStop">1</setting>
186 | <setting name="ColorServiceStop">6d6d6d</setting>
187 | <setting name="UseColorUnknown">1</setting>
188 | <setting name="ColorUnknown">8080ff</setting>
189 | <setting name="UseColorSystemThreadStack">0</setting>
190 | <setting name="ColorSystemThreadStack">ffccaa</setting>
191 | <setting name="UseColorUserThreadStack">0</setting>
192 | <setting name="ColorUserThreadStack">aaffff</setting>
193 | <setting name="GraphShowText">1</setting>
194 | <setting name="GraphColorMode">0</setting>
195 | <setting name="ColorCpuKernel">ff00</setting>
196 | <setting name="ColorCpuUser">ff</setting>
197 | <setting name="ColorIoReadOther">ffff</setting>
198 | <setting name="ColorIoWrite">ff0077</setting>
199 | <setting name="ColorPrivate">77ff</setting>
200 | <setting name="ColorPhysical">ff8000</setting>
201 | <setting name="dmex.AtomTablePlugin.ListViewColumns"></setting>
202 | <setting name="dmex.DbgView.WindowColumns"></setting>
203 | <setting name="dmex.DbgView.AlwaysOnTop">0</setting>
204 | <setting name="dmex.DbgView.AutoScroll">1</setting>
205 | <setting name="dmex.DbgView.MaxEntries">2048</setting>
206 | <setting name="dmex.DnsCachePlugin.WindowColumns"></setting>
207 | <setting name="ProcessHacker.DotNetTools.AsmTreeListColumns"></setting>
208 | <setting name="ProcessHacker.DotNetTools.AsmTreeListFlags">0</setting>
209 | <setting name="ProcessHacker.DotNetTools.DotNetCategoryIndex">5</setting>
210 | <setting name="ProcessHacker.DotNetTools.DotNetListColumns"></setting>
211 | <setting name="ProcessHacker.DotNetTools.DotNetListSort"></setting>
212 | <setting name="ProcessHacker.DotNetTools.DotNetListGroupStates"></setting>
213 | <setting name="ProcessHacker.ExtendedNotifications.LogFileName"></setting>
214 | <setting name="ProcessHacker.ExtendedNotifications.ProcessList">\i*</setting>
215 | <setting name="ProcessHacker.ExtendedNotifications.ServiceList">\i*</setting>
216 | <setting name="ProcessHacker.ExtendedServices.EnableServicesMenu">1</setting>
217 | <setting name="ProcessHacker.ExtendedTools.DiskTreeListColumns">@96|0,0,100|1,1,400|2,2,105|3,3,70|4,4,70|5,5,70|6,6,70</setting>
218 | <setting name="ProcessHacker.ExtendedTools.DiskTreeListSort">4,2</setting>
219 | <setting name="ProcessHacker.ExtendedTools.EnableGpuPerformanceCounters">0</setting>
220 | <setting name="ProcessHacker.ExtendedTools.EnableDiskExt">1</setting>
221 | <setting name="ProcessHacker.ExtendedTools.EnableEtwMonitor">1</setting>
222 | <setting name="ProcessHacker.ExtendedTools.EnableGpuMonitor">1</setting>
223 | <setting name="ProcessHacker.ExtendedTools.EnableSysInfoGraphs">1</setting>
224 | <setting name="ProcessHacker.ExtendedTools.GpuNodeBitmap">01000000</setting>
225 | <setting name="ProcessHacker.ExtendedTools.GpuLastNodeCount">0</setting>
226 | <setting name="ProcessHacker.ExtendedTools.UnloadedListColumns"></setting>
227 | <setting name="ProcessHacker.ExtendedTools.ModuleServiceListColumns"></setting>
228 | <setting name="ProcessHacker.ExtendedTools.WsWatchListColumns"></setting>
229 | <setting name="ProcessHacker.ExtendedTools.EnableFahrenheit">0</setting>
230 | <setting name="ProcessHacker.ExtendedTools.FwTreeColumns">@96|0,0,140|1,1,70|2,3,60|3,2,35|4,15,180|5,6,83|6,8,50|7,7,70|8,11,98|9,10,50|10,12,219|11,4,60|12,5,60|13,14,100|14,13,100|16,9,80</setting>
231 | <setting name="ProcessHacker.ExtendedTools.FwTreeSort">0,0</setting>
232 | <setting name="ProcessHacker.ExtendedTools.FwIgnorePortScan">0</setting>
233 | <setting name="dmex.UefiFirmwareEntriesPlugin.ListViewColumns"></setting>
234 | <setting name="ProcessHacker.GrowlNotifications.EnableGrowl">0</setting>
235 | <setting name="ProcessHacker.HardwareDevices.EnableNDIS">1</setting>
236 | <setting name="ProcessHacker.HardwareDevices.NetworkList"></setting>
237 | <setting name="ProcessHacker.HardwareDevices.NetworkListColumns"></setting>
238 | <setting name="ProcessHacker.HardwareDevices.NetworkListSort"></setting>
239 | <setting name="ProcessHacker.HardwareDevices.DiskList"></setting>
240 | <setting name="ProcessHacker.HardwareDevices.DiskListColumns"></setting>
241 | <setting name="ProcessHacker.HardwareDevices.SmartListColumns"></setting>
242 | <setting name="ProcessHacker.NetworkTools.AddressHistory"></setting>
243 | <setting name="ProcessHacker.NetworkTools.PingMinScaling">1f4</setting>
244 | <setting name="ProcessHacker.NetworkTools.PingSize">32</setting>
245 | <setting name="ProcessHacker.NetworkTools.TracertTreeColumns"></setting>
246 | <setting name="ProcessHacker.NetworkTools.TracertTreeSort">0,1</setting>
247 | <setting name="ProcessHacker.NetworkTools.TracertMaxHops">14</setting>
248 | <setting name="ProcessHacker.NetworkTools.GeoDbPath">GeoLite2-Country.mmdb</setting>
249 | <setting name="ProcessHacker.NetworkTools.EnableExtendedTcpStats">1</setting>
250 | <setting name="dmex.NvGpuPlugin.EnableFahrenheit">0</setting>
251 | <setting name="dmex.ObjectManagerPlugin.WindowColumns"></setting>
252 | <setting name="ProcessHacker.OnlineChecks.EnableVirusTotalScanning">1</setting>
253 | <setting name="ProcessHacker.OnlineChecks.VirusTotalHighlightDetection">0</setting>
254 | <setting name="ProcessHacker.OnlineChecks.VirusTotalDefautAction">0</setting>
255 | <setting name="dmex.PerfMonPlugin.PerfMonList"></setting>
256 | <setting name="dmex.PipeEnumPlugin.ListViewColumns"></setting>
257 | <setting name="dmex.PoolMonPlugin.TreeViewColumns"></setting>
258 | <setting name="dmex.PoolMonPlugin.TreeViewSort">0,0</setting>
259 | <setting name="dmex.ProductPolicyPlugin.ListViewColumns"></setting>
260 | <setting name="dmex.ReparseEnumPlugin.ReparseListViewColumns"></setting>
261 | <setting name="dmex.ReparseEnumPlugin.ObjidListViewColumns"></setting>
262 | <setting name="dmex.ReparseEnumPlugin.SdListViewColumns"></setting>
263 | <setting name="dmex.ServiceBackupRestorePlugin.RegFileFormat">2</setting>
264 | <setting name="dmex.TaskbarExtPlugin.IconType">4</setting>
265 | <setting name="ProcessHacker.ToolStatus.Config">1f</setting>
266 | <setting name="ProcessHacker.ToolStatus.ToolbarDisplayStyle">1</setting>
267 | <setting name="ProcessHacker.ToolStatus.SearchBoxDisplayMode">0</setting>
268 | <setting name="ProcessHacker.ToolStatus.TaskbarDisplayStyle">0</setting>
269 | <setting name="ProcessHacker.ToolStatus.RebarConfig"></setting>
270 | <setting name="ProcessHacker.ToolStatus.ToolbarButtonConfig"></setting>
271 | <setting name="ProcessHacker.ToolStatus.StatusbarConfig"></setting>
272 | <setting name="ProcessHacker.ToolStatus.ToolbarGraphConfig"></setting>
273 | <setting name="ProcessHacker.UpdateChecker.PromptStart">1</setting>
274 | <setting name="ProcessHacker.UpdateChecker.ChangelogListColumns"></setting>
275 | <setting name="ProcessHacker.UpdateChecker.ChangelogListSort"></setting>
276 | <setting name="ProcessHacker.UpdateChecker.UpdateMode">0</setting>
277 | <setting name="ProcessHacker.UpdateChecker.UpdateAvailable">0</setting>
278 | <setting name="ProcessHacker.UpdateChecker.UpdateData"></setting>
279 | <setting name="ProcessHacker.UserNotes.DatabasePath">usernotesdb.xml</setting>
280 | <setting name="ProcessHacker.UserNotes.ColorCustomList"></setting>
281 | <setting name="dmex.WaitChainPlugin.TreeListColumns"></setting>
282 | <setting name="ProcessHacker.WindowExplorer.ShowDesktopWindows">0</setting>
283 | <setting name="ProcessHacker.WindowExplorer.WindowTreeListColumns"></setting>
284 | <setting name="ProcessHacker.WindowExplorer.WindowsPropertyColumns"></setting>
285 | <setting name="ProcessHacker.WindowExplorer.WindowsPropListColumns"></setting>
286 | <setting name="ProcessHacker.WindowExplorer.WindowsPropStorageColumns"></setting>
287 | <setting name="ProcessHacker.WindowExplorer.EnableAlternateEnumWindow">0</setting>
288 | </settings>


--------------------------------------------------------------------------------
/Process_Explorer_vs_Process_Hacker.chm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/Process_Explorer_vs_Process_Hacker.chm


--------------------------------------------------------------------------------
/Process_searchbox_filter.txt:
--------------------------------------------------------------------------------
 1 | Filters are available in the search dialog panel Process:
 2 | 
 3 | BadSignature - process have bad signature (posible virus or corruptes)
 4 | Distrust -
 5 | Expired - signature expired
 6 | Full -
 7 | IsBeingDebugged - is debugged
 8 | IsDotNet - .NET processes
 9 | IsElevated - Elevated  processes
10 | IsImmersive -
11 | IsInJob - process is job
12 | IsInSignificantJob - trusted job processes
13 | IsPacked - process include executable modules as resource
14 | IsPicoProcess - Linux subsystem processes (Win10)
15 | IsProtectedProcess - Protected process (as OS kernel)
16 | IsSecureProcess -
17 | IsSuspended - process is paused
18 | IsWow64 - 32-bit processes running on WOW64
19 | Limited -
20 | NoSignature - process don't have signature
21 | Revoked  -
22 | SecuritySettings -
23 | Trusted - any signed and trusted processes
24 | Unknown - unknown processes (like Interrupts, System)
25 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | [![Build status](https://img.shields.io/appveyor/ci/processhacker/processhacker.svg?style=for-the-badge)](https://ci.appveyor.com/project/processhacker/processhacker)
  2 | [![Build contributors](https://img.shields.io/github/contributors/processhacker/processhacker.svg?style=for-the-badge&color=blue)](https://github.com/processhacker/processhacker/graphs/contributors)
  3 | [![Licence](https://img.shields.io/badge/license-GPLv3-blue.svg?style=for-the-badge)](https://www.gnu.org/licenses/gpl-3.0.en.html)
  4 | [![Github stats](https://img.shields.io/github/downloads/processhacker/processhacker/total.svg?style=for-the-badge&color=red)](https://github.com/processhacker/processhacker/releases)
  5 | [![SourceForge stats](https://img.shields.io/sourceforge/dt/processhacker.svg?style=for-the-badge&color=red)](https://sourceforge.net/projects/processhacker/)
  6 | 
  7 | <img align="left" src="https://raw.githubusercontent.com/processhacker/processhacker/master/ProcessHacker/resources/ProcessHacker.png" width="128" height="128">
  8 | 
  9 | ## Process Hacker
 10 | 
 11 | A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.
 12 | 
 13 | [Project Website](https://processhacker.sourceforge.io/) - [Project Downloads](https://processhacker.sourceforge.io/downloads.php)
 14 | 
 15 | ## System requirements
 16 | 
 17 | Windows 7 or higher, 32-bit or 64-bit.
 18 | 
 19 | ## Features
 20 | 
 21 | * A detailed overview of system activity with highlighting.
 22 | * Graphs and statistics allow you quickly to track down resource hogs and runaway processes.
 23 | * Can't edit or delete a file? Discover which processes are using that file.
 24 | * See what programs have active network connections, and close them if necessary.
 25 | * Get real-time information on disk access.
 26 | * View detailed stack traces with kernel-mode, WOW64 and .NET support.
 27 | * Go beyond services.msc: create, edit and control services.
 28 | * Small, portable and no installation required.
 29 | * 100% [Free Software](http://www.gnu.org/philosophy/free-sw.en.html) ([GPL v3](http://www.gnu.org/licenses/gpl-3.0.en.html))
 30 | 
 31 | 
 32 | ## Building the project
 33 | 
 34 | 
 35 | Requires Visual Studio (2019 or later).
 36 | 
 37 | Execute `build_release.cmd` located in the `build` directory to compile the project or load the `ProcessHacker.sln` and `Plugins.sln` solutions if you prefer building the project using Visual Studio.
 38 | 
 39 | You can download the free [Visual Studio Community Edition](https://www.visualstudio.com/vs/community/) to build the Process Hacker source code.
 40 | 
 41 | ## Additional information
 42 | 
 43 | 
 44 | You cannot run the 32-bit version of Process Hacker on a 64-bit system and expect it to work correctly, unlike other programs.
 45 | 
 46 | 
 47 | ## Enhancements/Bugs
 48 | 
 49 | 
 50 | Please use the [GitHub issue tracker](https://github.com/processhacker2/processhacker/issues)
 51 | for reporting problems or suggesting new features.
 52 | 
 53 | 
 54 | ## Settings
 55 | 
 56 | If you are running Process Hacker from a USB drive, you may want to
 57 | save Process Hacker's settings there as well. To do this, create a
 58 | blank file named "ProcessHacker.exe.settings.xml" in the same
 59 | directory as ProcessHacker.exe. You can do this using Windows Explorer:
 60 | 
 61 | 1. Make sure "Hide extensions for known file types" is unticked in
 62 |    Tools > Folder options > View.
 63 | 2. Right-click in the folder and choose New > Text Document.
 64 | 3. Rename the file to ProcessHacker.exe.settings.xml (delete the ".txt"
 65 |    extension).
 66 | 
 67 | ## Plugins
 68 | 
 69 | Plugins can be configured from Hacker > Plugins.
 70 | 
 71 | If you experience any crashes involving plugins, make sure they
 72 | are up to date.
 73 | 
 74 | Disk and Network information provided by the ExtendedTools plugin is
 75 | only available when running Process Hacker with administrative
 76 | rights.
 77 | 
 78 | ## KProcessHacker
 79 | 
 80 | Process Hacker uses a kernel-mode driver, KProcessHacker, to
 81 | assist with certain functionality. This includes:
 82 | 
 83 | * Capturing kernel-mode stack traces
 84 | * More efficiently enumerating process handles
 85 | * Retrieving names for file handles
 86 | * Retrieving names for EtwRegistration objects
 87 | * Setting handle attributes
 88 | 
 89 | Note that by default, KProcessHacker only allows connections from
 90 | processes with administrative privileges (SeDebugPrivilege). To allow Process Hacker
 91 | to show details for all processes when it is not running as administrator:
 92 | 
 93 | 1. In Registry Editor, navigate to:
 94 |    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KProcessHacker3
 95 | 2. Under this key, create a key named Parameters if it does not exist.
 96 | 3. Create a DWORD value named SecurityLevel and set it to 2. If you are
 97 |    not using an official build, you may need to set it to 0 instead.
 98 | 4. Restart the KProcessHacker3 service (sc stop KProcessHacker3,
 99 |    sc start KProcessHacker3).
100 | 


--------------------------------------------------------------------------------
/README.txt:
--------------------------------------------------------------------------------
 1 | Process Hacker is a powerful free and open source process viewer.
 2 | 
 3 | ## Getting started
 4 | 
 5 | Simply run ProcessHacker.exe to start Process Hacker. There are two
 6 | versions, 32-bit (x86) and 64-bit (x64). If you are not sure which
 7 | version to use, open Control Panel > System and check the "System
 8 | type". You cannot run the 32-bit version of Process Hacker on a
 9 | 64-bit system and expect it to work correctly, unlike other programs.
10 | 
11 | ## System requirements
12 | 
13 | Windows 7 or higher, 32-bit or 64-bit.
14 | 
15 | ## Settings
16 | 
17 | If you are running Process Hacker from a USB drive, you may want to
18 | save Process Hacker's settings there as well. To do this, create a
19 | blank file named "ProcessHacker.exe.settings.xml" in the same
20 | directory as ProcessHacker.exe. You can do this using Windows Explorer:
21 | 
22 | 1. Make sure "Hide extensions for known file types" is unticked in
23 |    Tools > Folder options > View.
24 | 2. Right-click in the folder and choose New > Text Document.
25 | 3. Rename the file to ProcessHacker.exe.settings.xml (delete the ".txt"
26 |    extension).
27 | 
28 | ## Plugins
29 | 
30 | Plugins can be configured from Hacker > Plugins.
31 | 
32 | If you experience any crashes involving plugins, make sure they
33 | are up to date.
34 | 
35 | The ExtendedTools plugin is only available for Windows Vista and
36 | above. Disk and Network information provided by this plugin is
37 | only available when running Process Hacker with administrative
38 | rights.
39 | 
40 | ## KProcessHacker
41 | 
42 | Process Hacker uses a kernel-mode driver, KProcessHacker, to
43 | assist with certain functionality. This includes:
44 | 
45 | * Capturing kernel-mode stack traces
46 | * More efficiently enumerating process handles
47 | * Retrieving names for file handles
48 | * Retrieving names for EtwRegistration objects
49 | * Setting handle attributes
50 | 
51 | Note that by default, KProcessHacker only allows connections from
52 | processes with SeDebugPrivilege. To allow Process Hacker to show details
53 | for all processes when it is not running as administrator:
54 | 
55 | 1. In Registry Editor, navigate to:
56 |    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KProcessHacker3
57 | 2. Under this key, create a key named Parameters if it does not exist.
58 | 3. Create a DWORD value named SecurityLevel and set it to 2. If you are
59 |    not using an official build, you may need to set it to 0 instead.
60 | 4. Restart the KProcessHacker3 service (sc stop KProcessHacker3,
61 |    sc start KProcessHacker3).
62 | 


--------------------------------------------------------------------------------
/Search_commands_reference.chm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/Search_commands_reference.chm


--------------------------------------------------------------------------------
/Settings_Advanced.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/Settings_Advanced.png


--------------------------------------------------------------------------------
/Settings_Graph.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/Settings_Graph.png


--------------------------------------------------------------------------------
/Settings_Highlighting.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/Settings_Highlighting.png


--------------------------------------------------------------------------------
/Setup_KProcessHacker_for_virtual_enveronment.chm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/Setup_KProcessHacker_for_virtual_enveronment.chm


--------------------------------------------------------------------------------
/Terminator.txt:
--------------------------------------------------------------------------------
 1 | dmex
 2 | Feb 27, 2021
 3 | 
 4 | @Almighty188
 5 | 
 6 | The plugin was fixed.
 7 | 
 8 | What did Valve Corporation do?
 9 | 
10 | They were permanently banning users from Steam after they used the terminator
11 | since most options trigger VAC.
12 | 
13 | TP2 creates a remote thread with ExitProcess but remote threads are banned.
14 | TT2 changes the remote thread context to ExitProcess but changing thread
15 |     context is banned.
16 | CH1 duplicates and closes remote handles but duplicating handles is banned.
17 | TD1 enables debug mode and immediately closes the debug object terminating
18 |     the process but debugging is banned.
19 | M1 writes zeros to the entire process (memset) but writing anything to memory
20 |    is banned.
21 | M2 changes the memory access to NOACCESS but blocking memory access is banned.
22 | 
23 | It doesn't matter that a remote thread is created with the ExitProcess
24 | address. Merely creating a thread triggered the bans without regard for the
25 | purpose and it's the same problem with the other termination options.
26 | 
27 | There was zero consideration given to tools like Terminator that can only
28 | terminate processes when they designed the anti-cheat so anything a third
29 | party process was doing to their process would trigger VAC and get you banned.
30 | 
31 | If Valve were using the ObRegisterCallbacks function then none of this would
32 | be an issue because those methods would be blocked and would not trigger those
33 | cheating checks but they refuse to use that function (as other vendors have
34 | done successfully) so we're in this position where the Terminator plugin had
35 | to be archived just so users wouldn't get their accounts permanently banned
36 | for trying to terminate their processes.
37 | 
38 | The other problem that caused this is related to faulty network drivers...
39 | Processes that use socket connections can deadlock and never terminate or exit
40 | because the network driver doesn't handle some network device IRPs correctly
41 | and some users who were unable to terminate the process (Steam and/or games)
42 | would then attempt to use the Terminator plugin - which would also fail
43 | because of the hung IRP blocking process termination - but were immediately
44 | banned from Steam.
45 | 
46 | None of the things they've done prevents or stops cheating. All they've done
47 | instead is destroy tools like Terminator used to fight malware.


--------------------------------------------------------------------------------
/Terminator_rus.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/Terminator_rus.txt


--------------------------------------------------------------------------------
/Warning.txt:
--------------------------------------------------------------------------------
 1 | Интересное - считается время ЦП использованное задачей и РН показывает
 2 | большую его величину чем ожидает наблюдатель:
 3 | 
 4 | dmex
 5 | 
 6 | "Sebastian
 7 | 
 8 | processhacker seems to display the processor time which is at least 2 times
 9 | higher"
10 | 
11 | Task Manager (and PE) calculate the CPU usage based on the number of CPU
12 | cycles which is disabled by default in Process Hacker... You can enable Cycle
13 | based calculation in Process Hacker via the View menu and selecting Show CPU
14 | Below 0.01.
15 | 
16 | This is disabled by default since most CPU frequency throttling
17 | implementations (e.g. SpeedStep, AMDs Cool'n'Quiet, Dynamic voltage scaling)
18 | can sometimes cause the number of cycles to be calculated as a higher
19 | percentage of available cycles per second and thus greatly(!) skew the
20 | displayed utilization - this has been a major issue for Task Manager and
21 | Process Explorer on some machines"
22 | 
23 | Комментарий:
24 | 
25 | Смысл ситуации прост - TaskManager и PE неправильно cчитают время!
26 | 
27 | Они считают время в течении которого задача использует процессор по формуле
28 | "время равно количеству использованных задачей циклов CPU делённому на
29 | тактовую частоту CPU" считая тактовую частоту CPU постоянной, что бывает не
30 | всегда.
31 | 
32 | Современные процессоры сильно греются и поэтому используют режим работы с
33 | переменной тактовой частотой для уменьшения нагрева кристалла. Это позволило
34 | уменьшить тепловыделение CPU в несколько раз, но породило проблему
35 | правильности измерения времени, поскольку формула "время равно количеству
36 | использованных задачей циклов CPU делённому на тактовую частоту CPU" в случае
37 | переменной тактовой частоты CPU не применима.
38 | 
39 | PH измеряет время выполнения задачи с использованием системного таймера. Этот
40 | метод обеспечивает минимальную ошибку измерения и не зависит от текущего
41 | режима работы CPU.


--------------------------------------------------------------------------------
/features.chm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/features.chm


--------------------------------------------------------------------------------
/hotkeys.txt:
--------------------------------------------------------------------------------
 1 | Please, visible hotkeys list:
 2 | 
 3 | Ctrl-C - Copy
 4 | Ctrl-F - Find handles or DLLs
 5 | Ctrl-I - View System Information window
 6 | Ctrl-K - Search process (Your can use process name, services or driver display name, binary path (full or partially) or regexp)
 7 | Ctrl-L - Log
 8 | Ctrl-M - Search online
 9 | Ctrl-P - Past in to editable dialog/input field
10 | Ctrl-R - Run
11 | Ctrl-S - Save
12 | Ctrl-Enter - Open file location
13 | Ctrl-Shift-R - Run as
14 | Del - Terminate process or Close handles
15 | Shift-Del - Terminate process tree
16 | Enter - Properties or in dialog Ok
17 | Esc - Close any window or dialog
18 | F5 - Refresh
19 | F6 - Refresh automatically
20 | F11 - System Information full screen
21 | 
22 | Alt-T-S - Main menu - Tools menu - System menu
23 | Alt-T-S-A - Atom Table
24 | Alt-T-S-D - DNS Cache Table
25 | Alt-T-S-F - Firewall Table
26 | Alt-T-S-w - Firmware Table
27 | Alt-T-S-O - Object Manager
28 | Alt-T-S-l - Pool Table
29 | Alt-T-S-P - Product Policy
30 | Alt-T-S-R - Running Object Table
31 | Alt-T-E - Main menu - Tools menu - Security Explorer
32 | Alt-H-t - Main menu - Hacker menu - Run as trusted installer...
33 | 
34 | Systray - Computer contents menu
35 | 
36 | o  - Force reboot
37 | c  - Force shut down
38 | 
39 | Not trivial hotkeys:
40 | 
41 | Ctrl-Tab then Ctrl-Shift-Tab - return to Process window in to process search
42 |                                field
43 | Ctrl-Tab - go to next tab
44 | Ctrl-Shift-Tab - go to prev tab


--------------------------------------------------------------------------------
/instruction.txt:
--------------------------------------------------------------------------------
1 | About dbghelp.dll:
2 | 
3 | Just download this DLL some version whats and your OS and copy to
4 | 
5 |    x64 DLL - C:\WINDOWS\system32\
6 |    x86 DLL - C:\WINDOWS\SysWOW64\
7 | 
8 | if Process Hacker can't create process dump.


--------------------------------------------------------------------------------
/notes.txt:
--------------------------------------------------------------------------------
  1 | * Option to disable tray mini window
  2 | 
  3 |   This has been added as a setting. You'll have to download the latest dev
  4 |   build and change MiniInfoWindowEnabled to 0 in your settings.xml file
  5 |   (%AppData%\Process Hacker 2) or processhacker.settings.xml in to $INSTDIR .
  6 | 
  7 | Notes:
  8 | 
  9 | * Tray mini window is enabled by default.
 10 | 
 11 | * New Your can use Perl-style regexp for find handles and dlls window soon.
 12 | 
 13 | * Toolbar button "Show Details for All Processes"
 14 | 
 15 |     this toolbar button is hidden when you're already running with
 16 |     elevated privileges (user use admin's account than mark as "<username>+"
 17 |     in to main window title).
 18 | 
 19 | * The official repository for Process Hacker Your can find on to GitHub:
 20 | 
 21 |           https://github.com/processhacker/processhacker
 22 | 
 23 | * Kernel mode driver KProcessHacker has four security level parameter store in
 24 |   to "SecurityLevel" (Reg_Dword) value whats needed for check Process Hacker
 25 |   binary signature and user privileges:
 26 | 
 27 |   00000000 - None, all clients are allowed, no security, recomended for non
 28 |              official build
 29 |   00000001 - Privilege Check, require SeDebugPrivilege
 30 |   00000002 - SignatureCheck, require trusted signature
 31 |   00000003 - Signature and Privilege Check, require trusted signature and
 32 |              SeDebugPrivilege. This is maximum security level.
 33 | 
 34 |   By default parameters "SecurityLevel" is set to hight security level - 2.
 35 | 
 36 | * For non-signed build please, alwayse set setting name "EnableKphWarnings"
 37 |   in to settings.xml (ProcessHacker.exe.settings.xml for portable copy) up
 38 |   to "0":
 39 | 
 40 |      <setting name="EnableKphWarnings">0</setting>
 41 | 
 42 |   Also run as user is the member Administrators group "updkph.cmd":
 43 | 
 44 |   @echo off
 45 |   @setlocal
 46 |   @sc stop KProcessHacker3
 47 |   @if defined PROCESSOR_ARCHITEW6432 (set reg="%systemroot%\sysnative\reg.exe"
 48 |      ) else (
 49 |      set reg=reg)
 50 |   @reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\KProcessHacker3\Parameters" /v "SecurityLevel" /t REG_DWORD /d 0 /f
 51 |   @sc start KProcessHacker3
 52 |   @exit
 53 | 
 54 | * Terminator:
 55 | 
 56 |   WARNING! Current plug-in code is incompatible in to commit Git 4e7fb3827 or newer! See https://github.com/processhacker/plugins-extra/issues/83 for details.
 57 | 
 58 |   Plug-in Terminator is already required whats user have "SeDebugPrivilege" and dinamically load driver KPH2. User don't needed installation this driver!
 59 | 
 60 | * MainWindowTabRestoreEnabled option:
 61 | 
 62 |   MainWindowTabRestoreEnabled=[0|1], logically, enable auto save latest main
 63 |   window tab index and restored is after next Process Hacker startup. Main
 64 |   window tab index is:
 65 | 
 66 |     0 - Process tab
 67 |     1 - Services tab
 68 |     2 - Network tab
 69 |     3 - Disk tab
 70 |     4 - Firewall tab
 71 | 
 72 | * Services highlighting color and options for Services tab:
 73 | 
 74 |     "UseColorServiceStop" - enable/disable highlight service in to "Stop pending" state. By default is "Enabled" ("1").
 75 |     "ColorServiceStop" - by default this color is 0x6d6d6d
 76 |     "UseColorUnknown" - enable/disable highlight untrusted service, by default is "Enabled" ("1").
 77 |     "ColorUnknown" - by default this color is 0x507fff
 78 | 
 79 | * Apiset memory features exist only for Windows 8 / Server 2012 or neever Microsoft OS
 80 | 
 81 | * DPI Awareness Extras:
 82 | 
 83 |   Adds a "DPI awareness extended" column to the process tree which
 84 | 
 85 |     1. Shows additional info about DPI awareness
 86 |     2. Works for Windows versions before 8.1 (before GetProcessDpiAwareness was introduced)
 87 | 
 88 |   Flags
 89 | 
 90 |     Flags are shown in parenthesis after the awareness. They consists of a letter followed by a status which is one of
 91 | 
 92 |     "+" The flag is on
 93 |     "-" The flag is off
 94 |     "?" The status is unknown
 95 | 
 96 |     Currently the following flags are shown
 97 | 
 98 |     F The DPI awareness is forced by the system, may be due to compatibility settings or desktop-composition being disabled.
 99 | 
100 |     Known limitations
101 | 
102 |     On Windows 8.1+ the DPI awareness of processes on other sessions/window stations (possibly even desktops) arealways shown as Unaware, this is due to a limitation of GetProcessDpiAwareness


--------------------------------------------------------------------------------
/ph.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/ph.zip


--------------------------------------------------------------------------------
/plugins_install.txt:
--------------------------------------------------------------------------------
  1 | All Process Hacker files must be placed in to tree according in to this list
  2 | (otherwise their location is not allowed and will result in errors when the
  3 | program starts (plugin search path is fixed, any subdirectories are ignored)):
  4 | 
  5 | %LOCALAPPDATA%/Process Hacker/GeoLite2-Country.mmdb - installed as external
  6 |      file (location in some dir then Setup) or download use Network Tools v1.80
  7 |      (for Process Hacker v3.0.0.268 or newer) plug-in.
  8 | ./ --- program root folder, use any location
  9 | ./capslist.txt
 10 | ./CHANGELOG.txt
 11 | ./COPYRIGHT.txt
 12 | ./CustomCmdTool.exe
 13 | ./etwguids.txt
 14 | ./kprocesshacker.sys
 15 | ./LICENSE.txt
 16 | ./peview.exe
 17 | ./ProcessHacker.exe
 18 | ./ProcessHacker.exe.manifest
 19 | ./ProcessHacker.sig
 20 | ./README.md
 21 | ./x86/Plugins/DotNetTools.dll - only for x64 edition copy to this folder x86 DLL
 22 | ./x86/Plugins/ExtendedTools.dll - only for x64 edition copy to this folder x86 DLL
 23 | ./x86/ProcessHacker.exe - only for x64 edition copy to this folder x86 EXE
 24 | ./plugins/plugindata/kprocesshacker2_x32.sys - only for x86 OS, required for
 25 |                                                TerminatorPlugin
 26 | ./plugins/plugindata/kprocesshacker2_x64.sys - only for x64 OS, required for
 27 |                                                TerminatorPlugin
 28 | ./plugins/ - all plug-ins can located here (*.dll)
 29 | ./plugins/AtomTablePlugin.dll
 30 | ./plugins/AvgCpuPlugin.dll
 31 | ./plugins/DbgViewPlugin.dll
 32 | ./plugins/DnsCachePlugin.dll
 33 | ./plugins/DotNetTools.dll
 34 | ./plugins/DpiAwarenessExtPlugin.dll
 35 | ./plugins/ExtendedNotifications.dll
 36 | ./plugins/ExtendedServices.dll
 37 | ./plugins/ExtendedTools.dll
 38 | ./plugins/ExtraCpuGraphsPlugin.dll
 39 | ./plugins/FirmwarePlugin.dll
 40 | ./plugins/GrowlNotifications.dll
 41 | ./plugins/HardwareDevices.dll
 42 | ./plugins/MemoryExtPlugin.dll - only for Windows 10
 43 | ./plugins/NetworkTools.dll
 44 | ./plugins/NvGpuPlugin.dll
 45 | ./plugins/ObjectManagerPlugin.dll
 46 | ./plugins/OnlineChecks.dll
 47 | ./plugins/PerfMonPlugin.dll
 48 | ./plugins/PipeEnumPlugin.dll
 49 | ./plugins/PoolMonPlugin.dll
 50 | ./plugins/ProductPolicyPlugin.dll
 51 | ./plugins/ReparseEnumPlugin.dll
 52 | ./plugins/ROTViewerPlugin.dll
 53 | ./plugins/SecurityExplorer.dll
 54 | ./plugins/ServiceBackupRestorePlugin.dll
 55 | ./plugins/SetCriticalPlugin.dll
 56 | ./plugins/TaskbarExtPlugin.dll
 57 | ./plugins/TerminatorPlugin.dll - require SeDebugPrivilege
 58 | ./plugins/ToolStatus.dll
 59 | ./plugins/TrustedInstallerPlugin.dll
 60 | ./plugins/Updater.dll
 61 | ./plugins/UserNotes.dll
 62 | ./plugins/WaitChainPlugin.dll
 63 | ./plugins/WindowExplorer.dll
 64 | 
 65 | Deleted plug-ins:
 66 | 
 67 |  BootEntriesPlugin.dll - then replaced FirmwarePlugin.dll
 68 |  CommonUtil.dll - deleted in to v3.0.5411.884
 69 |  ExtraPlugins.dll - deleted in to v3.0.5585.1058 then not longer needed
 70 |  FirewallMonitorPlugin.dll - removed in v3.0.8103.3576 Git-2ccb6a61, then replaced ExtendedTools plugin.
 71 |  ForceShutdownPlugin.dll - deleted in to v3.0.7307.2780 Git-10592432
 72 |  HexPidPlugin.dll - deleted in to v3.0.6628.2101 then not longer needed
 73 |  LiveDumpPlugin.dll - deleted in to v3.0.7816.3289 Git-4e59db73
 74 |  NetAdapters.dll - blacklisted, legacy, deleted in to v2.38 (?)
 75 |  NetExtrasPlugin.dll - then NetworkTools.dll v1.8 already included custom
 76 |   Tracert, Ping, WhoIs and Country column support and this plug-in is don't
 77 |   needed, disabled in v3.0.7984.3457 Git-829aaca3
 78 |  SbieSupport.dll - disabled in v3.0.6509.1982 Git-f0b96b18 (see Issues #233
 79 |  - SBIE2035: Out of memory), disabled in to source
 80 | 
 81 |  Starting in to v3.0.8087.3560 Git-4dfd0bcf plug-ins block list moved to
 82 |  *.settings.xml. Goto Options, General, check Show advanced options
 83 |  (experimental) and add to paramerer "DisabledPlugins" string:
 84 | 
 85 |  CommonUtil.dll|ExtraPlugins.dll|FirewallMonitorPlugin.dll|ForceShutdownPlugin.dll|HexPidPlugin.dll|NetAdapters.dll|LiveDumpPlugin.dll|NetExtrasPlugin.dll|SbieSupport.dll
 86 | 
 87 |  then press OK and restart Process Hacker.
 88 | 
 89 | Also deleted:
 90 | 
 91 |  GeoLite2-City.mmdb - replaced on GeoLite2-Country.mmdb in v3.0(r357)
 92 |  ./plugins/kph2/dir then driver kprocesshacker2_x*.sys moved to
 93 |  ./plugins/plugindata/ (v3.0(r400) Plugins-Extra Git-d3848f8155).
 94 | 
 95 | Notes:
 96 | 
 97 | 1. If You on system don't installed Debugging Tools for Windows (Debuggers And
 98 |    Tools) and You don't like install this just copy dbghelp.dll located in to
 99 |    DLL dir (see ./DLL/readme.txt for details and installation instructions).
100 | 
101 | 2. Old plug-ins is not compatible on PH v3.0 and required update.
102 | 
103 | Search Path Used by Windows to Locate a DLL (source - MSDN)
104 | -----------------------------------------------------------
105 | 
106 | With both implicit and explicit linking, Windows first searches for
107 | "known DLLs", such as Kernel32.dll and User32.dll. Windows then searches
108 | for the DLL's in the following sequence:
109 | 
110 | - The directory where the executable module for the current process is located.
111 | - The current directory.
112 | - The Windows system directory. The GetSystemDirectory function retrieves the
113 |   path of this directory.
114 | - The Windows directory. The GetWindowsDirectory function retrieves the path
115 |   of this directory.
116 | - The directories listed in the PATH environment variable.
117 | 
118 |   The LIBPATH environment variable is not used.
119 | 
120 | NOTES!
121 | 
122 | All used plug-ins required update and rebuild use latest Process Hacker SDK.
123 | 
124 | Any old plug-ins are not compatible with new versions of Process Hacker, and
125 | their use will lead to a crash of his completing the task.
126 | 
127 | Security Explorer plugin can cause crashes Process Hacker on Windows 10, so
128 | the OS is recommended to disable it. If you are using Windows 8.x and you have
129 | problems caused by plug-in Security Explorer, open the Hacker menu -> Plugins
130 | …, locate the Security Explorer plug-ins list and click the Disabled button
131 | and then to apply the changes in the settings restart Process Hacker.
132 | 
133 | Sandboxie support plug-in
134 | 
135 | You can also disable any other plug-in, but disable plug-ins is recommended
136 | only if the plug-in is causing problems.
137 | 
138 | Terminator plugin is designed exclusively for the crash of the processes and
139 | threads that can not be completed in the normal way, but you must remember
140 | that the abnormal termination of the process (thread) treated their data is
141 | not stored that can lead to unpredictable errors in the work of others beyond
142 | their processes (threads ).


--------------------------------------------------------------------------------
/processhacker-3.0-bin.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/processhacker-3.0-bin.zip


--------------------------------------------------------------------------------
/processhacker-3.0-checksums.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/processhacker-3.0-checksums.txt


--------------------------------------------------------------------------------
/processhacker-3.0-setup.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/processhacker-3.0-setup.exe


--------------------------------------------------------------------------------
/required.txt:
--------------------------------------------------------------------------------
 1 | Required external system components:
 2 | 
 3 | Plug-ins minimal OS version required for Process Hacker v3.0 Windows 7/
 4 | Server 2008 R2 and installed MS KB2533623.
 5 | 
 6 | If You don't have "dbgcore.dll" in to Process Hacker directory (see
 7 | "plugins_install.txt" for details) then any create dump operation call Access
 8 | Violation (AV) and crash Process Hacker process.
 9 | 
10 | If Your like use GeoIP features go to menu "Tools" -> "Network tools" ->
11 | "GeoIP database updates..." press "Download" then press "Restart" button,
12 | after Process Hacker restart go to Network tabs and add "Country" column in
13 | to column set.
14 | 
15 | Search Path Used by Windows to Locate a DLL
16 | -------------------------------------------
17 | 
18 | With both implicit and explicit linking, Windows first searches for
19 | "known DLLs", such as Kernel32.dll and User32.dll. Windows then searches
20 | for the DLL's in the following sequence:
21 | 
22 | - The directory where the executable module for the current process is located.
23 | - The current directory.
24 | - The Windows system directory. The GetSystemDirectory function retrieves the
25 |   path of this directory.
26 | - The Windows directory. The GetWindowsDirectory function retrieves the path
27 |   of this directory.
28 | - The directories listed in the PATH environment variable.
29 | 
30 | Note
31 | 
32 |   The LIBPATH environment variable is not used.


--------------------------------------------------------------------------------
/settings.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/VictorVG/ph/9218becd7cb180a8da8869c9291dcb42ed6fd73a/settings.png


--------------------------------------------------------------------------------
/version:
--------------------------------------------------------------------------------
1 | 3.0.8912.4385 Git-067476b4


--------------------------------------------------------------------------------
/version.txt:
--------------------------------------------------------------------------------
1 | 3.0.8912.4385 Git-067476b4


--------------------------------------------------------------------------------