What's new in TaskExplorer 1.5.5c
May 4, 2024
- updated PHlib to version 3.0.7579
- and fixed issues introduced in 1.5.5
New in TaskExplorer 1.5.5 (May 3, 2024)
- Updated PHlib to version 3.0.7579.
New in TaskExplorer 1.5.3 (Oct 20, 2023)
- Updated PHlib to version 3.0.7270.
New in TaskExplorer 1.5.2 (May 2, 2023)
- This build fixes a BSOD bug on windows 10 LTSC 2019
New in TaskExplorer 1.5.1 (Dec 19, 2022)
- Added:
- Re added kernel debug log dumping
- Added more handle information
- Added option to block processes from starting using the driver
- Fixed:
- Fixed issue with opening job objects
New in TaskExplorer 1.5.0 (Dec 12, 2022)
- Changed:
- Made Qt6 Compatible
- Updated QWT library to v6.2
- Updated PHlib to version 3.0.5553
- Updated DotNET counter code
- Fixed:
- Fixed issues with GPU usage not being displayed proeprly
- Fixed memory leak in RPC Endpoint View
- Removed:
- Removed aility to unprotect protected processes
- Removed kernel debug log dumping (will be re added later)
New in TaskExplorer 1.4.1 (Mar 27, 2022)
- Fixed:
- fixed singleapp not working
- the xprocesshacker.sys driver is now signed with a new certificate and shoudl load on win 11
- Changed:
- updated PHlib to version 3.0.4706
New in TaskExplorer 1.4.0 (Oct 5, 2021)
- Added:
- added sandboxie tab with a lot of sandboxie related details
- added option to freeze and unfreeze entire jobs
- added "Original Impersonation Token" menu command to inspect the impersonation token of sandboxed thread
- added rpc view listing all rpc endpoints on the system
- added windows 11 detection
- Changed:
- replaced all icons
- updated PHlib to version 3.0.4365
- Fixed:
- fixed issue resolving kernel symbols introduced with 1.3
New in TaskExplorer 1.3.0 (Apr 12, 2021)
- Changed:
- changed memory search window layout
- on debug log start stop the lists are now reset
- updated MiscHelpers
- updated PHlib to version 3.0.3972
- updated QWT to version 6.1.6
- updated to use Visual studio 2019
- Fixed:
- fixed issues with hex string memory search
- fixed issue with updating token privileges
- fixed issues with disabled items in dark mode
- fixed race condition in etw initialization
New in TaskExplorer 1.2.9 (Oct 11, 2020)
- Added:
- Added highest thread CPU percentage to the CPU column
- Changed:
- Tree graph background in dark mode is also dark now
- Updated PHlib to version 3.0.3476
- Merged ASLR, DEP, CFG, CET columns into a joined mitigations column
New in TaskExplorer 1.2.8 (Jul 4, 2020)
- Added:
- "Original Token" button to inspect the original process token of sandboxed processes
- -- SbieDrv driver 5.42 or higher required
- Added command line option to start multiple instances
- Added driver file obfuscation and driver installation dialog
- Changed:
- Reorganized settings pages
- Improved sandboxie support implementation
- Fixed:
- Fixed excessive CPU usage in new process filter
- Fixed outdated data shown in token panel when no token could be obtained
New in TaskExplorer 1.2.7 (Jun 14, 2020)
- Added:
- Custom run dialog with the ability to inject a DLL when starting process
- Added process filter to process tree to improve usability
- Changed:
- description in the process column now shows for svchost.exe instances a list of hosted services
- esc key now closes the finder bar in lists
- app id column now displays the container id if its an app
- Fixed:
- run dialogs now execute on return press
- error with comctl32
- user connect/login window now hides the password
- fixed pid in process info window
- modern apps are now properly attributed to the their users
New in TaskExplorer 1.2.6 Pre-release (Jun 2, 2020)
- Added:
- Support for translations using the QtLinguist tool
New in TaskExplorer 1.2.5 (Jun 1, 2020)
- Added:
- Added debug view tab to see the debug output of individual process, when debug monitor is enabled
- Added kernel debug log option to xprocesshacker3 driver
- Changed:
- Sandboxie support needs to be enabled in the settings, as having it always on interfears with updating sandboxie
- Moved services tab to the general tab as a sub tab
- Moved environment tab to the general tab as a sub tab
- Merged system info tab kernel objects and main system tab
- Moved a lot of usefull generic code to MiscHelpers.dll
- Fixed:
- Fixed tab menu checks
- Fixed issue with system and task info window tabs
- Fixed issue process name label forcing panel size
- Fixed soem more minor ui glitches
New in TaskExplorer 1.2.1 (Apr 27, 2020)
- Added:
- the TCP/IP traffic graph now show additional plots with LAN traffic based on ETW data
- services can now be stoped from the process tree contect menu
- Changed:
- statis column now sorts not alphabetically but by list color
- reorganized the tool bar a bit and added a few shortcuts
- switched back to the custom installer due to "compatybility" issues
- Fixed:
- cpu affinity was not properly loaded from file
- fixed more tray opening issues
- fixed issue displaying .NET assembly informations
- fixed issues with list coloring when not allcolors were enabled
New in TaskExplorer 1.2 (Apr 20, 2020)
- Added:
- Option to configure process name display
- Pressing the refresh toolbar button now also clears the persistence when in hold mode
- Persistent Process Presets
- -- CPU, IO, Memory Priorities and CPU Affinity can be set persitence actoss process starts
- -- Processes are identifyed by path wildcard paths can be used
- -- The mechanism can also kill undesired processes swiftly
- add pe file viewer
- Sandboxie support, sandboxed prosesses are marked in yellow and the box thay belong to is provided in the tooltip
- Changed:
- more options on main window close
- -- Exit confirmation dialog can now be disabled
- by default symbols are not auto downloaded, upon selecting a thread the user will be prompted whether to download them of the internet
- updated PHlib to version 3.0.3014
- updated some default collors
- switched to Inno Setup as instller
- Fixed:
- fixed when opening from tray window sometimes being empty
New in TaskExplorer 1.1 (Jan 23, 2020)
- Added:
- added Dark Theme Support
- added ETW monitoring of the processProvider
- allows to capture all process cration events henc elisting of very short lived processes
- using ETW data to set image path and command line when the process closed before we could inspect it
- added option to keep processes listed indefinetly as long as thay have still running children.
- added functionality to find some types of hidden processes, also usefull to find some already terminated processes
- added tool bar button to switch between the tree view and a list view more convinient as the last choose list sort column is remembered
- Changed:
- the handle tab is now present twice once as it was and once providing only an open file list
- Fixed:
- handle types are now sorted properly i.e. "[All]" is first
- fixed bug where in the unifyed list view switching to tree view was not possible
- fixed issue with some values not being initialized in CWinMainModule
- fixed High DPI scaling issues
New in TaskExplorer 1.0.2 (Dec 24, 2019)
- Added:
- Setting for reverse DNS to disable it when desired
- When flushing dns cache the dns cache retention is reset as well
- Handle types are now sorted alphabetically
- Changed:
- Most "unknown" values now shows teh numeric value encountered
- Updated PHlib to version 3.0.2812
- Fixed:
- An issue with the DNS cache monitoring
- Fixed issue with etw event tracking for UDP traffic
- Fixed issue with thread service tag not being resolved properly
New in TaskExplorer 1.0.1 (Nov 15, 2019)
- Changed:
- Improved file handle info retrival
- Ewt monitoring button is now disabled when running without admin rights
- Fixed:
- Memory leak occuring when updating per process handle list
- Fixed issue with service to process association
New in TaskExplorer 0.9.75 (Sep 30, 2019)
- Added:
- priority columns now show text instead of numbers (except base priority)
- added cert display to process security sub tab
- ctrl+e now expands all process tree items
- added driver config window
- added verbose error's dialog
- added more status information
- Changed:
- reduced cpu usage of models
- reduced cpu usage of rate counters
- moved firewall status resolution to separate threa
- reworked thread enumeration to save cpu usage
- service and socket tabs are not longer updated when thay are not visible
- gpu per process stat update is now performed on a as needed basis
- massively reduced treeview cpu usage by adapting configuration
- Fixed:
- fixed an issue when on successfully changing priority still an error was reported
- when starting using UAC bypass the process ended up with lower priority; -- fixed by now always setting higher priority on startup
- fixed bug with gpu usage column display
- fixed issue "bring in front" was always disable din the process tree
- fixed issue where thread start addresses were resolved multiple times unnecessarily
- fixed crash issue when logging out users
- fixed service window not closing when ok was pressed
- fixed issue with service to process association
- fixed crash bug in reverse dns lookups on win 7
New in TaskExplorer 0.9.50 (Sep 26, 2019)
- Added:
- Critical status added to processes state string
- Critical processes / threads have an own list color
- Trying to terminate a critical process or thread wil now display an additional confirmation mesage
- Ctrl+c now copys the selected rows
- Formating for copying panels can be set in settings
- Added additional mitigation informations
- Added additional informations to geneal process info
- Details sub tab
- Security sub tab
- App subtab
- Added job id to job tab
- Added app infos to process general tab
- Changed:
- Resolving symbols for pool limits is only triggered once the kernel objects tab gets opened
- All priority settings have now an own groupe in the process tree
- No longer keeping a handle open to all threads when thay were not used recently
- Mitigation informtions are not more verbose
- Fixed:
- All unselected tabs are no longer unnececerly updated at startup
- Issue with private bytes displaying the wrong value
- Fixed crash bug in task menu action handling
- Fixed a minor issue with sid resolving