Processes missing from list?

Started by phthisic, February 27, 2013, 05:26:19 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

phthisic

February 27, 2013, 05:26:19 PM
I'm hoping this is not something obvious that I have missed somewhere, but I can't seem to find anything about it.

For a while now, I have noticed that some processes do not appear in the Lasso processes list. I had assumed this was a known situation, possibly even by design. But since I now find myself occasionally opening other task managers to deal with missing processes, I came here hoping I'd find something.

Today, the processes that do not show are ntoskrnl.exe (really no need for it to be present, but curious as to why it isn't), AvastSvc.exe, and audiodg.exe.

I tried running as admin, installing as a service, and even running Lasso under system privileges (as well as the core), but it made no difference and they still do not appear.

Vs. 6.0.2.38
Microsoft MVP, Windows Shell (2004-2013)

edkiefer

#1
February 27, 2013, 06:55:00 PM
Quote from: phthisic on February 27, 2013, 05:26:19 PM
I'm hoping this is not something obvious that I have missed somewhere, but I can't seem to find anything about it.

For a while now, I have noticed that some processes do not appear in the Lasso processes list. I had assumed this was a known situation, possibly even by design. But since I now find myself occasionally opening other task managers to deal with missing processes, I came here hoping I'd find something.

Today, the processes that do not show are ntoskrnl.exe (really no need for it to be present, but curious as to why it isn't), AvastSvc.exe, and audiodg.exe.

I tried running as admin, installing as a service, and even running Lasso under system privileges (as well as the core), but it made no difference and they still do not appear.

Vs. 6.0.2.38
Make sure you have PL configured to "manage processes of all   users" ,that will show many more processes .

on Avast it maybe because it is a anti-virus , PL can't interact with them or they don't play nice .
Bitsum QA Engineer

phthisic

#2
February 27, 2013, 11:05:19 PM
Quote from: edkiefer on February 27, 2013, 06:55:00 PM
Make sure you have PL configured to "manage processes of all   users" ,that will show many more processes .

on Avast it maybe because it is a anti-virus , PL can't interact with them or they don't play nice .

Thanks. I always have it configured that way.

And you are right that Avast may have something special going on to hide from malware, but it does show up in other task managers. Audiodg.exe is a standard Microsoft process.
Microsoft MVP, Windows Shell (2004-2013)

hanemach_gt

#3
February 28, 2013, 01:09:07 AM
Processes of some protection software are not shown in the process list.

FAQ references:
[<a href="http://bitsum.com/docs/pl/faq.htm#where_security">Where is my security software process(es)? I do not see them listed!</a>]
[<a href="http://bitsum.com/docs/pl/faq.htm#cant_see_processes">I do not see some of my processes, why not?</a>]
<img src="[url="http://imageshack.com/a/img913/7827/On37F9.gif"]http://imageshack.com/a/img913/7827/On37F9.gif[/url]"/>

Jeremy Collake

#4
March 01, 2013, 01:59:59 AM Last Edit: March 22, 2013, 02:53:01 PM by Jeremy Collake
A few system processes are ignored. Processes not in the defined manage-able user context are ignored. This latter be changed in the runtime config (all users or not).

Certain security software has been seen to emit an infinite number of duplicate log events (one or more each refresh of the process info) when its processes are opened with mere read-only access. For a while I tried to work around the issue, but various products had various triggers, and it became quite tedious to even test. If the process was simply logged, it wouldn't be a problem, but the tamper detection systems on more than one security product were extremely dumb and had a big impact on system performance. Known task managers get an exemption from this. Whether or not Process Lasso's use of the NT Native API exacerbates the problem is unknown, but likely.

This is something I intend to revisit again, as perhaps things have changed, or perhaps I can make it work without triggering those tamper detection events. It is tedious though, all to display information about a few processes of security software, processes that should never be acted on anyway. Given the other task managers, and indeed Windows own improved task manager, it seems redundant and a large effort.

The first thing I am going to do (soon) is at least show these processes, even if absolutely no information is presented about them. In time, I'll then start filling in the process information as best I can without triggering a tamper detection event, something that will require lots of testing with annoying trial versions of security suites.

I will show the system processes in a similar way (name only).
Software Engineer. Bitsum LLC.
Print
Go Up Pages1
User actions