Process Explorer has an option which I have used recently called "Replace Task Manager.". Now, every time CTRL + ALT + DEL is pressed on my system Process explorer comes up. However unfortunately despite what the documentation says the option does not change to "Restore Task Manager.".
I have looked for all instances of the taskmgr.exe located on my computer and despite them clearly being the original taskmgr.exe file - running any of them opens the system internals process explorer. If I delete the process explorer file and attempt to open task manager I get a file not found error.
So could someone please inform me is there a registry hack or API call (I assume registry hack) that I can make to resolve this issue?
Delete the reg key;
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
Upgrade to the very latest version, 15.01, which appears to have fixed this bug.
Related
I created an MSI installer project in VS2015, set up everything, then added a file extension associtation with the "File Types Editor", assigned my extension to my application, as an Open command.
The COMMAND was the application from the "application folder", the EXTENSION was set, then the &OPEN was set as NAME=&Open, Arguments="%1" VERB=open. Nothing else.
I generated the .msi file, then started. At the end of the installation, I found out that in the registry Computer\HKEY_CLASSES_ROOT\\shell\open\command key there were two item, one is (Default) REG_SZ with value "myexe" "%1" as I expected
Unfortunately there was another item: "command", "REG_MULTI_SZ" and the Data was something weird, for example "LZ*a!t4(v=++Tt$)tOk_>[1jfrS!,nB`L6ciHLW!, "%1"" which I don't know what it is. When I delete the .msi file, and double click on a file with my registered extension, a popup dialog appears as "network resource cannot be found" and Windows wants my .msi installer back (browse dialog comes in)! I don't know how to prevent this unwanted situation. :( Any help would be highly appreciate!
Windows Installer uses so-called Darwin Descriptors to implement resiliency, wherein a corrupted installation can be repaired automatically. Your attempt to delete the .msi rather than to uninstall it acts like a corrupted installation, so the system attempts to fix it. However, since the .msi itself has been removed, it has to ask for help.
The short answer here is to suggest that you not worry about the exact values in the registry key. Since you're using an Extension table instead of a Registry table entry, the registry is an implementation detail; you should prefer to ignore such detail. Instead, if after a successful installation your program launches as expected upon double clicking the associated file, and it stops doing so after properly uninstalling your application, all is well.
I installed windows 10 on my computer.
Every time I restart my computer, my all new files disappear
and my desktop is empty!!!
Is it a bug or setting issues?
How can I restore my files back
Thanks in advance!
You somehow corrupted your explorer.exe or changed a registry setting :
If you corrupted explorer.exe, best bet is to do a repair or system restore.
To check if explorer.exe is set to your shell:
Ctrl+Alt+Del to bring up task manager. Click File>Run new Task.
Type REGEDIT, click ok.
Click the plus sign (navigate through) entries:
-HKEY_LOCAL_MACHINE
-SOFTWARE
-MICROSOFT
-WINDOWS NT
-CurrentVersion
Click the folder WINLOGON
in the box to your right, find the entry Shell.
If the data correspondig to it is not Explorer.exe, double click Shell and modify it to Explorer.exe.
Close the registry,
Ctrl+Alt+Del to bring up Task Manager.
File>New Task. Type explorer,
click ok.
I think something is gone wrong by the installation. You can look for the files in C:/users/"you username"/desktop if they arent show there you can try other users in the /user/ directory. Maybe you have a bit of luck and the files are stored by the wrong user by some weird reason.
In the most cases the best solution is to reinstal Windows 10. I think it is faster than looking for an solution. (when you havent install a lot of software)
How you can restore your windows (clean instal) it is explained in this video:
https://www.youtube.com/watch?v=qzTNjs8k15Q
Make sure you have an backup from your data ;-)
(sorry for bad english, iam from holland ;-) )
yes it looks like the installation process has not been taken place properly without any interruptions.
The most convenient solution in my experience is:-
1.search locally 'recovery options'through windows 10 search icon on the left bottom corner
2.click "get started" button under "reset my pc".
3.select the option "keep my files".
then once you are safely back in windows 7, again start the process of updating to windows 10 in a fresh manner WITH the pc plugged in to power and with a stable internet connection.
I have been trying to figure out how to programmatically identify the process that has a lock on a particular file. I've searched through the Win32 API and WMI, but so far I can't find anything. I know it's possible - Sysinternals is able to list every resource accessed/locked by every process on the system.
Can anyone drop me a hint?
You can use handle.exe from Sysinternals.
Something like:
> handle /accepteula C:\path\to\directory
...
program.exe pid: 1234 type: File 2E4: C:\path\to\directory
...
Thanks to https://stackoverflow.com/a/599268/367916 .
You could use Process Explorer from Microsoft
Download & unpack & run Process Explorer
Click Find menu and then click Find Handle or DLL... or press CTRL + F
Copy and paste path to locked folder of file
Click Search, you can kill process from main Process Explorer window
If you can limit yourself to new enough versions of Windows, the Restart Manager can tell you which process has a particular file open.
Because of the way Process Explorer works, I suspect that what you need to look for is a way of finding the file handles attached to a given process, and that you'll have to pull that list for each process in the system and look for your file within it.
I don't know in Windows, but somebody might find useful to know that, in Linux, you can use the lsof command, or just search through the folders /proc/PROCESS_ID/fd and see what process has opened the file.
WhoLockMe is a nice right click windows explorer extension.
This article might be helpful to you.
It appears you are forced to search through the list of files for each process on the system using undocumented functions in ntdll.dll.
I have been trying to figure out how to programmatically identify the process that has a lock on a particular file. I've searched through the Win32 API and WMI, but so far I can't find anything. I know it's possible - Sysinternals is able to list every resource accessed/locked by every process on the system.
Can anyone drop me a hint?
You can use handle.exe from Sysinternals.
Something like:
> handle /accepteula C:\path\to\directory
...
program.exe pid: 1234 type: File 2E4: C:\path\to\directory
...
Thanks to https://stackoverflow.com/a/599268/367916 .
You could use Process Explorer from Microsoft
Download & unpack & run Process Explorer
Click Find menu and then click Find Handle or DLL... or press CTRL + F
Copy and paste path to locked folder of file
Click Search, you can kill process from main Process Explorer window
If you can limit yourself to new enough versions of Windows, the Restart Manager can tell you which process has a particular file open.
Because of the way Process Explorer works, I suspect that what you need to look for is a way of finding the file handles attached to a given process, and that you'll have to pull that list for each process in the system and look for your file within it.
I don't know in Windows, but somebody might find useful to know that, in Linux, you can use the lsof command, or just search through the folders /proc/PROCESS_ID/fd and see what process has opened the file.
WhoLockMe is a nice right click windows explorer extension.
This article might be helpful to you.
It appears you are forced to search through the list of files for each process on the system using undocumented functions in ntdll.dll.
This problem crops up every now and then at work. Our build machine can have it's files accessed via a normal windows file share. If someone browses a folder remotely on the machine, and leaves the window open overnight, then the build fails (as it has done now). The explorer window left opened points at one of the sub folders in the source tree. The build deletes the source, and does a clean checkout before building. The delete is failing.
Right now, I'd like to get the build to work. I'm logged in from home, and I'd rather not reboot the build machine. I'm unable to get hold of the person whose machine is looking and the files, and I can't remotely reboot their machine.
When a windows share has a lock, the locking process is System, so I don't think I can kill it, as with normal locks.
Does anyone know a way to release the lock on a shared folder without having to reboot the machine?
If you are admin on the server sharing the file over the network, you can use the Windows in-built feature:
Start → My Computer → Right-click → Manage gets you to the Computer
Management console
In the left nav, navigate to Systems Tools → Shared Folders
You can view Shares, Sessions & Open Files here. This allows you to find out who has opened which files from which workstations.
Right-click on an item in the list to be able to remove the file lock.
Hope this helps.
Found a solution.
Find the process using Process Explorer:
Download and extract procexp.exe
In Process Explorer use the "Find Handle or DLL..." command from the "Find" menu
Enter in the name of the directory which is having trouble deleting
A list of open files which match that name should be shown. Take some guesses and find which one is failing to be deleted. If the file is locked by a windows share, the process holding the file will be System
Note down the directory which was left open
Download and install the Unlocker (Warning: Link removed, as it contains malware)
Install Unlocker, disabling the option for Explorer extensions and other junk
Unlock the directory
Open up a cmd window, and navigate to C:\Program Files\Unlocker
From the cmd window, run Unlocker.exe "the-path-to-the-locked-folder"
A dialog will pop up confirming the lock release. Use the unlock button to unlock the file
Now the directory should be unlocked, and can now be deleted.
Try Process Hacker:
https://wj32.org/processhacker/
Process hacker is like Process Explorer on steroids.
To find the offending process, press CTRL+F or click the "Find Handles of DLLs" button and search for the file name.
Once you find the file in the find handles dialog, you can simply right click the file there and choose "close". (at least for v2.39.124)
Older versions had a "terminator" option in the context menu of the process.
Right click on the offending process --> Miscellaneous --> Terminator --> Select termination techniques. Note that some are possibly dangerous and may have unintended consequences.
I've had similar problems, and none of these suggestions I've seen above look suitable for automated overnight builds (as the original poster implied) because they all require manual effort to hunt down and kill the locks.
The only method I've tried that seems to work reliably is to remove the share itself, make the build, then add the share back. Here's one way of removing the share automatically:
D:\Projects>net share Projects /DELETE /Y
Users have open files on Projects. Continuing the operation will force the files closed.
Projects was deleted successfully.
(NOTE: Creating the share again automatically can be a pain if the privilege groups you need to give it are messy.)
The way i do it is by using both OpenFiles.exe and Handle.exe
You can run them in any order and you will have your resource fully unlocked.
OpenFiles: to disconnect File Sharing sessions
Handle.exe: to release any open handles (don't try to close handles belonging to pid4, since that's the system process)
You can automate this by using powershell, batch, or any language of your choice.
Another option is, starting from Windows Vista, to use the Windows tool built into the system:
monitor resources: perfmon.exe /res
Extracted from: Http://www.sysadmit.com/2017/06/windows-how-to-know-that-process-has-open-a-file.html