Announcement

**M-Force** · 10 October 2007, 17:46

What AV packages are triggered by nsProcess?

Hi,

is it still an issue that nsProcess is trigger AV packages as a trojan virus?
If so do you have a list of such AV packages?
I would like to check my installer for such problem.

**Whizz** · 10 October 2007, 20:26

I have not seen the problem since I re-compiled the source code myself, using my own compiler. Rather than using the distributed version from the download location. This is the distro version I use now.

When I was experimenting, I found that the following AV systems did trigger a false detection:

Panda
Macafee/NAI
BitDefender
F-Secure
Symantec/Norton

I did not have access to any other AV engines to test further. Actually 1 detection was too many!!!

Once I recompiled and the issue went away, then I did not test any further. Nor have I tried downloading to see if there was a newer version by the author.

I guess the original was being compiled with an non-fully patched version of MS:C++. I did no changes, just compiled and used the resultant file.

**99999999** · 24 April 2008, 23:29

Is there source code available for the nsProcess plugn?

**Whizz** · 25 April 2008, 05:24

As stated by CharlesB2 earlier in the thread. It is in the Archive on the Wiki page.

Did you read the whole of this thread?? I guess not.

**afisk** · 12 May 2008, 14:37

Do you have a link to your re-compiled DLL by any chance, Whizz? Maybe you could add it to the wiki? I don't do much Windows programming and don't have everything set up to compile my own. You can also reach me at "a" at my domain --- littleshoot.org. Would be a huge help. I'd even paypal you $10 -- seriously.

-Adam Fisk

**arantius** · 10 June 2008, 15:32

I've patched this plugin to add a CloseProcess method, a nicer alternative to KillProcess.

I offer no guarantees as to its quality, as C++ is not my primary skill. However, the updated nsProcess.c file is attached for anyone who might find it useful.

Attached Files

nsprocess.zip (4.1 KB, 1100 views)

**Ivan Andreevich** · 19 January 2009, 16:50

Any plans to make a version that could be used to kill processes by PID?

**skuallpa** · 1 February 2010, 15:02

Hello,

the plugin works well for normal build of nsis under x64. However, it failed to find processes for nsis unicode build

Do you have a solution for this?

Thanks in advance

**roderickm** · 17 February 2011, 12:24

Windows 7

Hello,

FYI, the FindProcess function works on Windows 7 - even when the process was started by a different user. Thanks!

**Afrow UK** · 17 February 2011, 12:25

It won't work on x64 Windows (unless it uses WMI).

Stu

**brainsucker** · 28 June 2011, 08:14

nsProcess 1.6 with NSIS UNICODE support

It actually works for me on Win7 x64, but I have UAC prompts disabled, mb this is the reason.

Please find NSIS UNICODE/ANSI version attached, I'm too lazy to rebuild installer so you'll have to rename nsProcessW.dll to nsProcess.dll manually.

It also contains new function _CloseProcess, which tries to close all windows first, waits for 3 seconds for process to exit (so it can save all data), and then terminates it.

Attached Files

nsProcess_1_6.7z (14.9 KB, 14209 views)

**mrjohn** · 18 August 2017, 08:20

Hi,for me this plugin doesn't work,I'm on W10x64 ,NSIS v3.02.1
Example code always returns value 6 for any process tested

There is other alternative to find a running process?

thanks!

**r2du-soft** · 19 August 2017, 06:27

Originally Posted by mrjohn View Post

Hi,for me this plugin doesn't work,I'm on W10x64 ,NSIS v3.02.1
Example code always returns value 6 for any process tested

There is other alternative to find a running process?

thanks!

hi my friend
also i have windows 10 x64
i tested,everything is right,Perhaps you are faced with this problem: in windows 10 Calc.exe process name is Calculator.exe you must edit example scrip!
if plugin not found process name return 603 and if find process return 0 !
this is nsProcess plugin return values:

HTML Code:

// Return codes are as follows:
//   0   = Success
//   601 = No permission to terminate process
//   602 = Not all processes terminated successfully
//   603 = Process was not currently running
//   604 = Unable to identify system type
//   605 = Unsupported OS
//   606 = Unable to load NTDLL.DLL
//   607 = Unable to get procedure address from NTDLL.DLL
//   608 = NtQuerySystemInformation failed
//   609 = Unable to load KERNEL32.DLL
//   610 = Unable to get procedure address from KERNEL32.DLL
//   611 = CreateToolhelp32Snapshot failed

if you have problem with nsProcess plugin,try this:

HTML Code:

	FindProcDLL::FindProc "Calculator.exe"
	MessageBox MB_OK "$R0"

if not found process return 0
and if found process return 1

**mrjohn** · 19 August 2017, 18:24

I've solved for my case using a simple trick:trying to open main exe file for append and catch error in case if it is running

**mrjohn** · 21 August 2017, 17:43

@r2du-soft: I've done test again, nsProcess 1.6 gives me always value 6 for any process tested,and your second solution gives always 0,dll downloaded from there

Announcement

nsProcess plugin

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment