@Servo_GlassWire @Ken_GlassWire
So.
crashes still happening like in 204 version with same dll specified.
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> - <System> <Provider Name="Application Error" /> <EventID Qualifiers="0">1000</EventID> <Version>0</Version> <Level>2</Level> <Task>100</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2020-06-20T13:24:44.0553303Z" /> <EventRecordID>29018</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>antiqueV</Computer> <Security /> </System> - <EventData> <Data>GWCtlSrv.exe</Data> <Data>2.2.210.0</Data> <Data>5eea16e3</Data> <Data>ucrtbase.dll</Data> <Data>10.0.19041.1</Data> <Data>587bd36d</Data> <Data>c0000409</Data> <Data>0009eddb</Data> <Data>175c</Data> <Data>01d645bebedfdbab</Data> <Data>C:\Program Files (x86)\GlassWire\GWCtlSrv.exe</Data> <Data>C:\WINDOWS\System32\ucrtbase.dll</Data> <Data>616ee384-8ff1-429f-8e1d-0007d8ece353</Data> <Data /> <Data /> </EventData> </Event>
(by the way the code formatting is not working for our widnows event, on discourse)
list of the programs that might interferrred .
- kaspersky total protection
- nextcloud
- multiple instances of skype
- riot.im
- session loki messenger
- tutanota desktop
- termius with several ssh connections activated
- onedrive
- dropbox
- backup from google which is the old google drive
- boxcryptor
- tresorit
- backblaze backup solution
- mattermost
- wire messenger
- proton vpn software
- protonmail bridge software
- multiple instances of thunderbird
- microsoft outlook
- firefox up to date
- vivaldi up to date
- brave software up to date
- edge chromium stable up to date
- edge canary version
- terminus terminal with some ssh connection running
- telegram messenger
- signal messenger
- real vnc viewer
- libry app
- jetbrains toolbox
- jetbrains different IDE
- nzxt CAM
- virtualbox
- desktop for windows relying on WSL v2
- WSL v2
- standard notes
- crytpee webapp installed with edge chromium
- process hacker nightly build
- apache netbeans 12.0
- rocket.chat
- rainmeter
- ultracopier
- 1password
- bitwarden
- gitter.im
- keybase
- steam
- boinc client
- apple mobile services coming from itunes installation
- shadow launcher from blade.tech
- logitech services
- sublime text
- vscode
- vscodium
- brackets
- and this host is connected to 2 differents subnets
What I can say is that process hacker with the nightly builds is making services go a little up in terms of cpu usage which is immediately resorbed when it is closed but that’s mainly due to refresh rate of the list of process and their statistics that services.exe needs to refresh.
the most probably impact here are:
- kasperky
- the vmmem process from wsl2 for docker
- the different messenger apps
- maybe some browsers
- maybe processhacker
- protonvpn.
- termius
- maybe the cloud storage solution who needs to try several times in the example of dropbox because of dns blocking of trackers
And all those software specified above are yes running at the same time.
that’s glasswire restarting.
glasswire is going from 10 -45%
The lowest is at 8% and it’s still in I/O haeavy duty of 3-13MB/s
So where is the log option because I don’t see it.
the options of glasswire activated are
- Apllication info monitor
- remote glasswire connections
- virustotal scan result
- first network activity
- system file monitor
That’s all.