#1148 Orphaned ctfmon.exe process created by Secure Desktop w KeyPromptFlag: 134217728

KeePass_2.x
closed
nobody
None
5
2013-08-12
2013-08-04
wellread1
No

Each time the Enter Master Key dialog is invoked on a secure desktop a new ctfmon.exe process is created and orphaned if the settings below are used. It is not necessary to open a database.

KeePass 2.23 (ZIP install, default settings modified as described)
Window Home Premium x64

Non-Default Settings:
1. Enter master key on secure desktop, checked
2. KeyPromptFlag: 134217728

Discussion

  • Dominik Reichl

    Dominik Reichl - 2013-08-12

    Thanks. I was able to reproduce this a few times (doesn't happen always on my machine).

    Unfortunately, I don't know why the automatic termination of the CtfMon.exe child processes (which are started by .NET/Windows when creating/switching to the secure desktop) fails sometimes on Windows 7.

    Thus I've now added code such that KeePass searches and terminates new CtfMon.exe child processes started by .NET/Windows, if they are not terminated automatically after a few seconds (since closing the secure desktop).

    Here's the latest development snapshot for testing:
    http://keepass.info/filepool/KeePass_130812.zip

    Best regards,
    Dominik

     
  • Dominik Reichl

    Dominik Reichl - 2013-08-12
    • status: open --> closed
     
  • wellread1

    wellread1 - 2013-08-12

    Thanks Dominik.

    I can confirm that the snapshot works great on all my the systems which all exhibited the symptoms.

    I verified that my other systems reliably exhibit the symptom. These are: Win Home Premium 7 x64 & x32 and WHS 2011 systems. Also it was not necessary to set the KeyPromptFlag. Pressing the reveal password button on the secure desktop was sufficient. However, if the KeyPromptFlag were set, one could easily accumulate many orphaned ctfmon processes over time.

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks