Maximus5
commented
9 years ago I see a lot of "javaw.exe" starts.
Run ProcessExplorer and check explorer.exe (all instances, it many). Are there ConEmuHk* dll loaded?
Closed Helfull closed 9 years ago
Maximus5
commented
9 years ago I see a lot of "javaw.exe" starts.
Run ProcessExplorer and check explorer.exe (all instances, it many). Are there ConEmuHk* dll loaded?
Maximus5
commented
9 years ago And show contents of your HKEY_CURRENT_USER\SOFTWARE\ConEmu. I'm interested in all DefTerm-* values.
Helfull
commented
9 years ago Schlüsselname: HKEY_CURRENT_USER\SOFTWARE\ConEmu
Klassenname: <KEINE KLASSE>
Letzter Schreibzugriff: 11.08.2015 - 20:33
Wert 0
Name: DefTerm-Enabled
Typ: REG_DWORD
Daten: 0x1
Wert 1
Name: DefTerm-Agressive
Typ: REG_DWORD
Daten: 0x1
Wert 2
Name: DefTerm-NoInjects
Typ: REG_DWORD
Daten: 0
Wert 3
Name: DefTerm-NewWindow
Typ: REG_DWORD
Daten: 0
Wert 4
Name: DefTerm-Confirm
Typ: REG_DWORD
Daten: 0x1
Wert 5
Name: DefTerm-Flags
Typ: REG_DWORD
Daten: 0x606
Wert 6
Name: DefTerm-ConEmuExe
Typ: REG_SZ
Daten: E:\ConEmu\ConEmu64.exe
Wert 7
Name: DefTerm-BaseDir
Typ: REG_SZ
Daten: E:\ConEmu\ConEmu
Wert 8
Name: DefTerm-Config
Typ: REG_SZ
Daten:
Wert 9
Name: DefTerm-AppList
Typ: REG_MULTI_SZ
Daten: explorer.exe
cmd.exe
Wert 10
Name: ConEmuStartShortcut64Installed
Typ: REG_DWORD
Daten: 0x1
Wert 11
Name: UninstallShortcutInstalled
Typ: REG_DWORD
Daten: 0x1
Wert 12
Name: ConEmuDesktopShortcut64Installed
Typ: REG_DWORD
Daten: 0x1
Wert 13
Name: ConEmuDesktopShortcutFolder
Typ: REG_DWORD
Daten: 0x1nothing to find about the ConEmuHk
Maximus5
commented
9 years ago Run following and attach log file
E:\ConEmu\ConEmu64.exe -log -setdefterm -exit1:03:25.719 ConEmu 150728[64] log[1]
1:03:25.719 Startup info
OsVer: 10.0.10240.x64, Product: 1, SP: 0.0, Suite: 0x100, SM_SERVERR2: 0
CSDVersion: , ReactOS: 0 (), Rsrv: 0
DBCS: 0, WINE: 0, PE: 0, Remote: 0, ACP: 1252, OEMCP: 850, Admin: 1
Desktop: WinSta0\Default; BPP: 32
Title: E:\ConEmu\ConEmu64.exe
Size: {0,0},{0,0}
Flags: 0x00000401, ShowWindow: 1, ConHWnd: 0x00000000
Handles: 0x00000000, 0x00010001, 0x00000000
Active HKL: 0x0000000004070407
GetKeyboardLayoutList: 0x0000000004070407 0x0000000004090409
CmdLine: "E:\ConEmu\ConEmu64.exe" -log -setdefterm -exit
ExecMod: E:\ConEmu\ConEmu64.exe
WorkDir: E:\ConEmu
PathEnv: E:\Python\;E:\Python\Scripts;C:\ProgramData\Oracle\Java\javapath;E:\Ruby21\bin;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;E:\Git\cmd;E:\php;C:\ProgramData\ComposerSetup\bin;E:\vagrant\bin;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\Microsoft SDKs\TypeScript\1.0\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Users\Helfull\AppData\Roaming\Composer\vendor\bin;C:\Program Files (x86)\Skype\Phone\;E:\Node\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;E:\Git\bin;C:\Users\Helfull\AppData\Roaming\npm
ConFont: 0 Lucida Console 00 Consolas
CMD's AutoRuns: {not defined}
Foreground: x00010140 {-1920,0}-{3200,1080} 'Progman' - Program Manager
Cursor: {-1437,943}
Display: bpp=32, planes=1, align=1, vrefr=60, shade=x00000000, rast=x00007E99, dpi=96x96, per-mon-dpi=1
Monitors (dpi: WholeDesktop, Effective, Angular, RAW):
00010001: {0,0}-{1920,1080} (1920x1080), Working: {0,0}-{1920,1040} (1920x1040), dpi: {96,96};{96,96};{91,91};{92,92} `\\.\DISPLAY1` <<== Primary
00010003: {-1920,0}-{0,1080} (1920x1080), Working: {-1920,0}-{0,1040} (1920x1040), dpi: {96,96};{96,96};{94,94};{95,95} `\\.\DISPLAY2`
00010005: {1920,0}-{3200,1024} (1280x1024), Working: {1920,0}-{3200,984} (1280x984), dpi: {96,96};{96,96};{85,85};{86,86} `\\.\DISPLAY3`
Modules:
0000000140000000-0000000140255FFF 256000 E:\ConEmu\ConEmu64.exe
00007FFB33D90000-00007FFB33F50FFF 1C1000 C:\WINDOWS\SYSTEM32\ntdll.dll
00007FFB33850000-00007FFB338FCFFF AD000 C:\WINDOWS\system32\KERNEL32.DLL
00007FFB31260000-00007FFB3143CFFF 1DD000 C:\WINDOWS\system32\KERNELBASE.dll
00007FFB2EEF0000-00007FFB2EF67FFF 78000 C:\WINDOWS\system32\apphelp.dll
00007FFB33900000-00007FFB33A4DFFF 14E000 C:\WINDOWS\system32\USER32.dll
00007FFB319A0000-00007FFB31B25FFF 186000 C:\WINDOWS\system32\GDI32.dll
00007FFB33CE0000-00007FFB33D85FFF A6000 C:\WINDOWS\system32\ADVAPI32.dll
00007FFB33710000-00007FFB337ACFFF 9D000 C:\WINDOWS\system32\msvcrt.dll
00007FFB33B30000-00007FFB33B8AFFF 5B000 C:\WINDOWS\system32\sechost.dll
00007FFB31BF0000-00007FFB31D15FFF 126000 C:\WINDOWS\system32\RPCRT4.dll
00007FFB32010000-00007FFB33530FFF 1521000 C:\WINDOWS\system32\SHELL32.dll
00007FFB30900000-00007FFB30F28FFF 629000 C:\WINDOWS\system32\windows.storage.dll
00007FFB316C0000-00007FFB3193BFFF 27C000 C:\WINDOWS\system32\combase.dll
00007FFB33A60000-00007FFB33AB0FFF 51000 C:\WINDOWS\system32\shlwapi.dll
00007FFB30810000-00007FFB3081EFFF F000 C:\WINDOWS\system32\kernel.appcore.dll
00007FFB30840000-00007FFB308F2FFF B3000 C:\WINDOWS\system32\shcore.dll
00007FFB307A0000-00007FFB307E9FFF 4A000 C:\WINDOWS\system32\powrprof.dll
00007FFB307F0000-00007FFB30802FFF 13000 C:\WINDOWS\system32\profapi.dll
00007FFB33B90000-00007FFB33CD0FFF 141000 C:\WINDOWS\system32\ole32.dll
00007FFB315E0000-00007FFB316B6FFF D7000 C:\WINDOWS\system32\COMDLG32.dll
00007FFB31B30000-00007FFB31BEDFFF BE000 C:\WINDOWS\system32\OLEAUT32.dll
00007FFB2D670000-00007FFB2D679FFF A000 C:\WINDOWS\SYSTEM32\VERSION.dll
00007FFB2D110000-00007FFB2D383FFF 274000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43\COMCTL32.dll
00007FFB2EC30000-00007FFB2EC52FFF 23000 C:\WINDOWS\SYSTEM32\WINMM.dll
00007FFB26310000-00007FFB26326FFF 17000 C:\WINDOWS\SYSTEM32\NETAPI32.dll
00007FFB2EBD0000-00007FFB2EBFBFFF 2C000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll
00007FFB30F90000-00007FFB30FD3FFF 44000 C:\WINDOWS\system32\cfgmgr32.dll
00007FFB2CCE0000-00007FFB2CCF5FFF 16000 C:\WINDOWS\SYSTEM32\wkscli.dll
00007FFB2F9F0000-00007FFB2FA15FFF 26000 C:\WINDOWS\SYSTEM32\srvcli.dll
00007FFB2FA20000-00007FFB2FA2BFFF C000 C:\WINDOWS\SYSTEM32\netutils.dll
00007FFB306D0000-00007FFB306F7FFF 28000 C:\WINDOWS\SYSTEM32\bcrypt.dll
00007FFB2F070000-00007FFB2F096FFF 27000 C:\WINDOWS\SYSTEM32\DEVOBJ.dll
00007FFB2CD00000-00007FFB2CD17FFF 18000 C:\WINDOWS\SYSTEM32\SAMCLI.DLL
00007FFB315A0000-00007FFB315D5FFF 36000 C:\WINDOWS\system32\IMM32.DLL
00007FFB31440000-00007FFB3159BFFF 15C000 C:\WINDOWS\system32\MSCTF.dll
00007FFB2F0A0000-00007FFB2F135FFF 96000 C:\WINDOWS\system32\uxtheme.dll
00007FFB2EDC0000-00007FFB2EDE1FFF 22000 C:\WINDOWS\SYSTEM32\dwmapi.dll
1:03:25.724 AppUserModelID was not changed due to special switches absence
1:03:25.726 Settings::LoadSettings [reg]
1:03:25.730 Loaded pos: {2302,442}, size: {80,26}
1:03:25.743 DPI initialized to {96,96}
1:03:25.790 SettingsLoaded
1:03:25.793 DefTerm setup: PID=1728, explorer.exeSo, check your explorer.exe. ConEmuHk must be there.
Helfull
commented
9 years ago how to check that? cant find anything within procmon, can you give me a filter option to set to find it?
Maximus5
commented
9 years ago I said ProcessExplorer http://conemu.github.io/en/ProcessExplorer.html
Helfull
commented
9 years ago ok found it, its there
Maximus5
commented
9 years ago Than, what happens when you run cmd from Win+R?
Helfull
commented
9 years ago the default cmd.exe terminal shows up without conemu
Helfull
commented
9 years ago i tried to build it and got some errors on run the dumps are here https://dl.dropboxusercontent.com/u/72770478/dmps.zip
Maximus5
commented
9 years ago Dumps are almost useless without your binaries and pdb files. Later I will commit some changes and will ask you to redo build/tests/dumps.
Helfull
commented
9 years ago Wokring after a clean install of version 150814 alpha
here is the PML from procmon
https://dl.dropboxusercontent.com/u/72770478/Logfile.PML