[BUG]: Potential false-positive malware detection in 0.1.24 komorebic.exe and komorebic-no-console.exe #354

New Issue

Closed

opened 2026-01-05 14:49:57 +01:00 by adam · 5 comments

adam commented 2026-01-05 14:49:57 +01:00

Owner

Copy Link

Originally created by @maunzCache on GitHub (Apr 25, 2024).

Describe the bug
My employee notified me that there was a security alert for komorebic.exe and komorebic-no-console.exe when setting the autostart via komorebic enable-autostart --whkd.

The hash associated with the file is reported as malicious by major OSINT sources, reporting it as "W64.AIDetectMalware" and "Malicious".
The command involved appears to be related to creating a shortcut on the system using the path and arguments specified via the SHORTCUT_PATH, TARGET_PATH, and TARGET_ARGS environment variables.
This can be useful for automating link creation via PowerShell scripts.

We recommend contacting the user in question to establish the legality of this activity and carrying out a scan on the host. If it is not recognised, it is possible to proceed with cleaning the machine and proceeding with manual deletion of the file.

There is just a few hits on virustotal

scoop.sh version

• komorebi.exe https://www.virustotal.com/gui/file/a85f7eb3901233337cdace1a716dd652aaf61a9335da94ecc6cf7593c16e3a40 (0 Hits)
• komorebic.exe https://www.virustotal.com/gui/file/4e73cd94773ddb366b1508bf330b259b6a8ad993f0e4f5c8556395a70edc36a4 (1 Hit from Bkav Pro)
• komorebic-no-console.exe https://www.virustotal.com/gui/file/7db4bc77fc79c41aa6f2a09e682e596d603bcd34d5588084c86263c2c1c3b279 (4 Hits)

Edit: Same results for the winget version

To Reproduce
Steps to reproduce the behavior:

1. Install from scoop (scoop.sh) via the guide at https://lgug2z.github.io/komorebi/installation.html#scoop
2. Run komorebic enable-autostart --whkd from Powershell

Expected behavior
Everything is just fine.

Screenshots and Videos
Add screenshots and videos to help explain your problem.

Operating System

OS Name:                   Microsoft Windows 11 Pro
OS Version:                10.0.22631 Nicht zutreffend Build 22631

komorebic check Output

No KOMOREBI_CONFIG_HOME detected, defaulting to C:\Users\github-user

Looking for configuration files in C:\Users\github-user

Found komorebi.json; this file can be passed to the start command with the --config flag

Found C:\Users\github-user\.config\whkdrc; key bindings will be loaded from here when whkd is started, and you can start it automatically using the --whkd flag

Additional context
I don't think this is an actual issue but a few vendors marking this as trojan. However, it should be checked if the scoop version of komorebi was poisoned or not. I did not check this yet.

Originally created by @maunzCache on GitHub (Apr 25, 2024). **Describe the bug** My employee notified me that there was a security alert for komorebic.exe and komorebic-no-console.exe when setting the autostart via `komorebic enable-autostart --whkd`. > The hash associated with the file is reported as malicious by major OSINT sources, reporting it as "W64.AIDetectMalware" and "Malicious". The command involved appears to be related to creating a shortcut on the system using the path and arguments specified via the SHORTCUT_PATH, TARGET_PATH, and TARGET_ARGS environment variables. This can be useful for automating link creation via PowerShell scripts. > > We recommend contacting the user in question to establish the legality of this activity and carrying out a scan on the host. If it is not recognised, it is possible to proceed with cleaning the machine and proceeding with manual deletion of the file. There is just a few hits on virustotal scoop.sh version - komorebi.exe https://www.virustotal.com/gui/file/a85f7eb3901233337cdace1a716dd652aaf61a9335da94ecc6cf7593c16e3a40 (0 Hits) - komorebic.exe https://www.virustotal.com/gui/file/4e73cd94773ddb366b1508bf330b259b6a8ad993f0e4f5c8556395a70edc36a4 (1 Hit from Bkav Pro) - komorebic-no-console.exe https://www.virustotal.com/gui/file/7db4bc77fc79c41aa6f2a09e682e596d603bcd34d5588084c86263c2c1c3b279 (4 Hits) Edit: Same results for the winget version **To Reproduce** Steps to reproduce the behavior: 1. Install from scoop (scoop.sh) via the guide at https://lgug2z.github.io/komorebi/installation.html#scoop 2. Run `komorebic enable-autostart --whkd` from Powershell **Expected behavior** Everything is just fine. **Screenshots and Videos** ~Add screenshots and videos to help explain your problem.~ **Operating System** ``` OS Name: Microsoft Windows 11 Pro OS Version: 10.0.22631 Nicht zutreffend Build 22631 ``` **`komorebic check` Output** ``` No KOMOREBI_CONFIG_HOME detected, defaulting to C:\Users\github-user Looking for configuration files in C:\Users\github-user Found komorebi.json; this file can be passed to the start command with the --config flag Found C:\Users\github-user\.config\whkdrc; key bindings will be loaded from here when whkd is started, and you can start it automatically using the --whkd flag ``` **Additional context** I don't think this is an actual issue but a few vendors marking this as trojan. ~However, it should be checked if the scoop version of komorebi was poisoned or not. I did not check this yet.~

adam added the bug label 2026-01-05 14:49:57 +01:00

adam closed this issue 2026-01-05 14:49:57 +01:00

adam commented 2026-01-05 14:49:57 +01:00

Author

Owner

Copy Link

@LGUG2Z commented on GitHub (Apr 25, 2024):

Unfortunately every few versions we get these false-positive alerts and have to submit the file to the Windows Defender website for the binaries to be manually checked before they are approved.

There is just no capacity to deal with false positives which do not block installations from WinGet, and even those I would not deal with if it were not for it's popularity as a distribution platform.

If you have employees using this software in a professional setting and it is (hopefully!) improving their productivity, a great way for any company to support the project at this point would be to identify a code signing certificate that meets their needs and then to make a donation to cover the cost of purchase for N years.

@LGUG2Z commented on GitHub (Apr 25, 2024): Unfortunately every few versions we get these false-positive alerts and have to submit the file to the Windows Defender website for the binaries to be manually checked before they are approved. There is just no capacity to deal with false positives which do not block installations from WinGet, and even those I would not deal with if it were not for it's popularity as a distribution platform. If you have employees using this software in a professional setting and it is (hopefully!) improving their productivity, a great way for any company to support the project at this point would be to identify a code signing certificate that meets their needs and then to make a donation to cover the cost of purchase for N years.

adam commented 2026-01-05 14:49:58 +01:00

Author

Owner

Copy Link

@maunzCache commented on GitHub (Apr 26, 2024):

i am sorry to hear that and must admit that i didn't do research on closed issues to find a similar case as this one.

Let me close this issue then. i will be able to solve my issues behind the curtains of my company.

Thank you for developing komorebi and taking your time into answering these issues.

@maunzCache commented on GitHub (Apr 26, 2024): i am sorry to hear that and must admit that i didn't do research on closed issues to find a similar case as this one. Let me close this issue then. i will be able to solve my issues behind the curtains of my company. Thank you for developing komorebi and taking your time into answering these issues.

adam commented 2026-01-05 14:49:58 +01:00

Author

Owner

Copy Link

@dia-lis-i commented on GitHub (Apr 14, 2025):

why did I get this when I executed komorebi from powershell?

PS C:\Users\Walid> komorebi
←[2m2025-04-14T18:21:03.766792Z←[0m ←[32m INFO←[0m ←[1mforeground_lock_timeout←[0m←[2m:←[0m ←[2mkomorebi::windows_api←[0m←[2m:←[0m current value of ForegroundLockTimeout is 2147483647
←[2m2025-04-14T18:21:03.767167Z←[0m ←[32m INFO←[0m ←[1mforeground_lock_timeout←[0m←[2m:←[0m ←[2mkomorebi::windows_api←[0m←[2m:←[0m updating value of ForegroundLockTimeout to 2147483647 in order to enable keyboard-driven focus updating
←[2m2025-04-14T18:21:03.778409Z←[0m ←[32m INFO←[0m ←[1mforeground_lock_timeout←[0m←[2m:←[0m ←[2mkomorebi::windows_api←[0m←[2m:←[0m updated value of ForegroundLockTimeout is now 0
←[2m2025-04-14T18:21:03.782001Z←[0m ←[32m INFO←[0m ←[2mkomorebi←[0m←[2m:←[0m creating window manager from static configuration file: C:\Users\Walid\komorebi.json
←[2m2025-04-14T18:21:03.783024Z←[0m ←[32m INFO←[0m ←[2mkomorebi::border_manager←[0m←[2m:←[0m purging known borders: []
←[2m2025-04-14T18:21:03.784048Z←[0m ←[32m INFO←[0m ←[2mkomorebi::static_config←[0m←[2m:←[0m loading applications.json from: C:\Users\Walid\applications.json
←[2m2025-04-14T18:21:03.790804Z←[0m ←[32m INFO←[0m ←[1minit←[0m←[2m:←[0m ←[2mkomorebi::window_manager←[0m←[2m:←[0m initialising
←[2m2025-04-14T18:21:03.889101Z←[0m ←[32m INFO←[0m ←[2mkomorebi::border_manager←[0m←[2m:←[0m listening
←[2m2025-04-14T18:21:03.890598Z←[0m ←[32m INFO←[0m ←[2mkomorebi::stackbar_manager←[0m←[2m:←[0m listening
←[2m2025-04-14T18:21:03.891718Z←[0m ←[32m INFO←[0m ←[2mkomorebi::transparency_manager←[0m←[2m:←[0m listening
←[2m2025-04-14T18:21:03.907284Z←[0m ←[32m INFO←[0m ←[2mkomorebi::monitor_reconciliator←[0m←[2m:←[0m created hidden window to listen for monitor-related events
←[2m2025-04-14T18:21:03.910992Z←[0m ←[32m INFO←[0m ←[2mkomorebi::monitor_reconciliator←[0m←[2m:←[0m listening
←[2m2025-04-14T18:21:03.912599Z←[0m ←[32m INFO←[0m ←[2mkomorebi::reaper←[0m←[2m:←[0m watching
←[2m2025-04-14T18:21:03.912664Z←[0m ←[32m INFO←[0m ←[2mkomorebi::reaper←[0m←[2m:←[0m listening
←[2m2025-04-14T18:21:03.912789Z←[0m ←[32m INFO←[0m ←[2mkomorebi::focus_manager←[0m←[2m:←[0m listening
←[2m2025-04-14T18:21:03.913272Z←[0m ←[32m INFO←[0m ←[2mkomorebi::theme_manager←[0m←[2m:←[0m listening
←[2m2025-04-14T18:21:03.913731Z←[0m ←[32m INFO←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m listening
←[2m2025-04-14T18:21:03.916338Z←[0m ←[32m INFO←[0m ←[2mkomorebi::process_command←[0m←[2m:←[0m listening on komorebi.sock
←[2m2025-04-14T18:21:27.492119Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"FocusChange" ←[3mwinevent←[0m←[2m=←[0m"SystemForeground" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m←[1mupdate_focused_workspace←[0m←[1m{←[0m←[3mfollow_focus←[0m←[2m=←[0mtrue ←[3mtrigger_focus←[0m←[2m=←[0mfalse←[1m}←[0m←[2m:←[0m ←[2mkomorebi::window_manager←[0m←[2m:←[0m updating
←[2m2025-04-14T18:21:27.495002Z←[0m ←[31mERROR←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m there is no container/window
←[2m2025-04-14T18:21:28.005709Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"TitleUpdate" ←[3mwinevent←[0m←[2m=←[0m"ObjectNameChange" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Home - Esplora file, exe: explorer.exe, class: CabinetWClass)
←[2m2025-04-14T18:21:28.017561Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"TitleUpdate" ←[3mwinevent←[0m←[2m=←[0m"ObjectNameChange" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Home - Esplora file, exe: explorer.exe, class: CabinetWClass)
←[2m2025-04-14T18:21:28.020044Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"TitleUpdate" ←[3mwinevent←[0m←[2m=←[0m"ObjectNameChange" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Home - Esplora file, exe: explorer.exe, class: CabinetWClass)
←[2m2025-04-14T18:21:28.048188Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"TitleUpdate" ←[3mwinevent←[0m←[2m=←[0m"ObjectNameChange" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Home - Esplora file, exe: explorer.exe, class: CabinetWClass)
←[2m2025-04-14T18:21:28.198986Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"Show" ←[3mwinevent←[0m←[2m=←[0m"ObjectShow" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m←[1mfocus_window←[0m←[1m{←[0m←[3midx←[0m←[2m=←[0m0←[1m}←[0m←[2m:←[0m ←[2mkomorebi::container←[0m←[2m:←[0m focusing window
←[2m2025-04-14T18:21:28.205095Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"Show" ←[3mwinevent←[0m←[2m=←[0m"ObjectShow" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m←[1mfocus_container←[0m←[1m{←[0m←[3midx←[0m←[2m=←[0m1←[1m}←[0m←[2m:←[0m ←[2mkomorebi::workspace←[0m←[2m:←[0m focusing container
←[2m2025-04-14T18:21:28.212380Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"Show" ←[3mwinevent←[0m←[2m=←[0m"ObjectShow" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m←[1mupdate_focused_workspace←[0m←[1m{←[0m←[3mfollow_focus←[0m←[2m=←[0mfalse ←[3mtrigger_focus←[0m←[2m=←[0mfalse←[1m}←[0m←[2m:←[0m ←[2mkomorebi::window_manager←[0m←[2m:←[0m updating
←[2m2025-04-14T18:21:28.302547Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"Show" ←[3mwinevent←[0m←[2m=←[0m"ObjectShow" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Home - Esplora file, exe: explorer.exe, class: CabinetWClass)
←[2m2025-04-14T18:21:43.445838Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"TitleUpdate" ←[3mwinevent←[0m←[2m=←[0m"ObjectNameChange" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Download - Esplora file, exe: explorer.exe, class: CabinetWClass)
←[2m2025-04-14T18:21:43.471029Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"TitleUpdate" ←[3mwinevent←[0m←[2m=←[0m"ObjectNameChange" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Download - Esplora file, exe: explorer.exe, class: CabinetWClass)
←[2m2025-04-14T18:21:53.650446Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"FocusChange" ←[3mwinevent←[0m←[2m=←[0m"SystemForeground" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m←[1mupdate_focused_workspace←[0m←[1m{←[0m←[3mfollow_focus←[0m←[2m=←[0mtrue ←[3mtrigger_focus←[0m←[2m=←[0mfalse←[1m}←[0m←[2m:←[0m ←[2mkomorebi::window_manager←[0m←[2m:←[0m updating
←[2m2025-04-14T18:21:53.655677Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"FocusChange" ←[3mwinevent←[0m←[2m=←[0m"SystemForeground" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m←[1mfocus_window←[0m←[1m{←[0m←[3midx←[0m←[2m=←[0m0←[1m}←[0m←[2m:←[0m ←[2mkomorebi::container←[0m←[2m:←[0m focusing window
←[2m2025-04-14T18:21:53.662380Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"FocusChange" ←[3mwinevent←[0m←[2m=←[0m"SystemForeground" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m←[1mfocus_container←[0m←[1m{←[0m←[3midx←[0m←[2m=←[0m1←[1m}←[0m←[2m:←[0m ←[2mkomorebi::workspace←[0m←[2m:←[0m focusing container
←[2m2025-04-14T18:21:53.666880Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"FocusChange" ←[3mwinevent←[0m←[2m=←[0m"SystemForeground" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Download - Esplora file, exe: explorer.exe, class: CabinetWClass)

@dia-lis-i commented on GitHub (Apr 14, 2025): why did I get this when I executed komorebi from powershell? PS C:\Users\Walid> komorebi ←[2m2025-04-14T18:21:03.766792Z←[0m ←[32m INFO←[0m ←[1mforeground_lock_timeout←[0m←[2m:←[0m ←[2mkomorebi::windows_api←[0m←[2m:←[0m current value of ForegroundLockTimeout is 2147483647 ←[2m2025-04-14T18:21:03.767167Z←[0m ←[32m INFO←[0m ←[1mforeground_lock_timeout←[0m←[2m:←[0m ←[2mkomorebi::windows_api←[0m←[2m:←[0m updating value of ForegroundLockTimeout to 2147483647 in order to enable keyboard-driven focus updating ←[2m2025-04-14T18:21:03.778409Z←[0m ←[32m INFO←[0m ←[1mforeground_lock_timeout←[0m←[2m:←[0m ←[2mkomorebi::windows_api←[0m←[2m:←[0m updated value of ForegroundLockTimeout is now 0 ←[2m2025-04-14T18:21:03.782001Z←[0m ←[32m INFO←[0m ←[2mkomorebi←[0m←[2m:←[0m creating window manager from static configuration file: C:\Users\Walid\komorebi.json ←[2m2025-04-14T18:21:03.783024Z←[0m ←[32m INFO←[0m ←[2mkomorebi::border_manager←[0m←[2m:←[0m purging known borders: [] ←[2m2025-04-14T18:21:03.784048Z←[0m ←[32m INFO←[0m ←[2mkomorebi::static_config←[0m←[2m:←[0m loading applications.json from: C:\Users\Walid\applications.json ←[2m2025-04-14T18:21:03.790804Z←[0m ←[32m INFO←[0m ←[1minit←[0m←[2m:←[0m ←[2mkomorebi::window_manager←[0m←[2m:←[0m initialising ←[2m2025-04-14T18:21:03.889101Z←[0m ←[32m INFO←[0m ←[2mkomorebi::border_manager←[0m←[2m:←[0m listening ←[2m2025-04-14T18:21:03.890598Z←[0m ←[32m INFO←[0m ←[2mkomorebi::stackbar_manager←[0m←[2m:←[0m listening ←[2m2025-04-14T18:21:03.891718Z←[0m ←[32m INFO←[0m ←[2mkomorebi::transparency_manager←[0m←[2m:←[0m listening ←[2m2025-04-14T18:21:03.907284Z←[0m ←[32m INFO←[0m ←[2mkomorebi::monitor_reconciliator←[0m←[2m:←[0m created hidden window to listen for monitor-related events ←[2m2025-04-14T18:21:03.910992Z←[0m ←[32m INFO←[0m ←[2mkomorebi::monitor_reconciliator←[0m←[2m:←[0m listening ←[2m2025-04-14T18:21:03.912599Z←[0m ←[32m INFO←[0m ←[2mkomorebi::reaper←[0m←[2m:←[0m watching ←[2m2025-04-14T18:21:03.912664Z←[0m ←[32m INFO←[0m ←[2mkomorebi::reaper←[0m←[2m:←[0m listening ←[2m2025-04-14T18:21:03.912789Z←[0m ←[32m INFO←[0m ←[2mkomorebi::focus_manager←[0m←[2m:←[0m listening ←[2m2025-04-14T18:21:03.913272Z←[0m ←[32m INFO←[0m ←[2mkomorebi::theme_manager←[0m←[2m:←[0m listening ←[2m2025-04-14T18:21:03.913731Z←[0m ←[32m INFO←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m listening ←[2m2025-04-14T18:21:03.916338Z←[0m ←[32m INFO←[0m ←[2mkomorebi::process_command←[0m←[2m:←[0m listening on komorebi.sock ←[2m2025-04-14T18:21:27.492119Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"FocusChange" ←[3mwinevent←[0m←[2m=←[0m"SystemForeground" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m←[1mupdate_focused_workspace←[0m←[1m{←[0m←[3mfollow_focus←[0m←[2m=←[0mtrue ←[3mtrigger_focus←[0m←[2m=←[0mfalse←[1m}←[0m←[2m:←[0m ←[2mkomorebi::window_manager←[0m←[2m:←[0m updating ←[2m2025-04-14T18:21:27.495002Z←[0m ←[31mERROR←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m there is no container/window ←[2m2025-04-14T18:21:28.005709Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"TitleUpdate" ←[3mwinevent←[0m←[2m=←[0m"ObjectNameChange" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Home - Esplora file, exe: explorer.exe, class: CabinetWClass) ←[2m2025-04-14T18:21:28.017561Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"TitleUpdate" ←[3mwinevent←[0m←[2m=←[0m"ObjectNameChange" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Home - Esplora file, exe: explorer.exe, class: CabinetWClass) ←[2m2025-04-14T18:21:28.020044Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"TitleUpdate" ←[3mwinevent←[0m←[2m=←[0m"ObjectNameChange" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Home - Esplora file, exe: explorer.exe, class: CabinetWClass) ←[2m2025-04-14T18:21:28.048188Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"TitleUpdate" ←[3mwinevent←[0m←[2m=←[0m"ObjectNameChange" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Home - Esplora file, exe: explorer.exe, class: CabinetWClass) ←[2m2025-04-14T18:21:28.198986Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"Show" ←[3mwinevent←[0m←[2m=←[0m"ObjectShow" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m←[1mfocus_window←[0m←[1m{←[0m←[3midx←[0m←[2m=←[0m0←[1m}←[0m←[2m:←[0m ←[2mkomorebi::container←[0m←[2m:←[0m focusing window ←[2m2025-04-14T18:21:28.205095Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"Show" ←[3mwinevent←[0m←[2m=←[0m"ObjectShow" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m←[1mfocus_container←[0m←[1m{←[0m←[3midx←[0m←[2m=←[0m1←[1m}←[0m←[2m:←[0m ←[2mkomorebi::workspace←[0m←[2m:←[0m focusing container ←[2m2025-04-14T18:21:28.212380Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"Show" ←[3mwinevent←[0m←[2m=←[0m"ObjectShow" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m←[1mupdate_focused_workspace←[0m←[1m{←[0m←[3mfollow_focus←[0m←[2m=←[0mfalse ←[3mtrigger_focus←[0m←[2m=←[0mfalse←[1m}←[0m←[2m:←[0m ←[2mkomorebi::window_manager←[0m←[2m:←[0m updating ←[2m2025-04-14T18:21:28.302547Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"Show" ←[3mwinevent←[0m←[2m=←[0m"ObjectShow" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Home - Esplora file, exe: explorer.exe, class: CabinetWClass) ←[2m2025-04-14T18:21:43.445838Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"TitleUpdate" ←[3mwinevent←[0m←[2m=←[0m"ObjectNameChange" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Download - Esplora file, exe: explorer.exe, class: CabinetWClass) ←[2m2025-04-14T18:21:43.471029Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"TitleUpdate" ←[3mwinevent←[0m←[2m=←[0m"ObjectNameChange" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Download - Esplora file, exe: explorer.exe, class: CabinetWClass) ←[2m2025-04-14T18:21:53.650446Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"FocusChange" ←[3mwinevent←[0m←[2m=←[0m"SystemForeground" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m←[1mupdate_focused_workspace←[0m←[1m{←[0m←[3mfollow_focus←[0m←[2m=←[0mtrue ←[3mtrigger_focus←[0m←[2m=←[0mfalse←[1m}←[0m←[2m:←[0m ←[2mkomorebi::window_manager←[0m←[2m:←[0m updating ←[2m2025-04-14T18:21:53.655677Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"FocusChange" ←[3mwinevent←[0m←[2m=←[0m"SystemForeground" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m←[1mfocus_window←[0m←[1m{←[0m←[3midx←[0m←[2m=←[0m0←[1m}←[0m←[2m:←[0m ←[2mkomorebi::container←[0m←[2m:←[0m focusing window ←[2m2025-04-14T18:21:53.662380Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"FocusChange" ←[3mwinevent←[0m←[2m=←[0m"SystemForeground" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m←[1mfocus_container←[0m←[1m{←[0m←[3midx←[0m←[2m=←[0m1←[1m}←[0m←[2m:←[0m ←[2mkomorebi::workspace←[0m←[2m:←[0m focusing container ←[2m2025-04-14T18:21:53.666880Z←[0m ←[32m INFO←[0m ←[1mprocess_event←[0m←[1m{←[0m←[3mevent←[0m←[2m=←[0m"FocusChange" ←[3mwinevent←[0m←[2m=←[0m"SystemForeground" ←[3mhwnd←[0m←[2m=←[0m1050628←[1m}←[0m←[2m:←[0m ←[2mkomorebi::process_event←[0m←[2m:←[0m processed: (hwnd: 1050628, title: Download - Esplora file, exe: explorer.exe, class: CabinetWClass)

adam commented 2026-01-05 14:49:58 +01:00

Author

Owner

Copy Link

@dia-lis-i commented on GitHub (Apr 14, 2025):

I tried to run Rkill and it detected it as malware

@dia-lis-i commented on GitHub (Apr 14, 2025): I tried to run Rkill and it detected it as malware

adam commented 2026-01-05 14:49:58 +01:00

Author

Owner

Copy Link

@LGUG2Z commented on GitHub (Apr 14, 2025):

Please do not necropost.

why did I get this when I executed komorebi from powershell?

These are process logs - this is what gets emitted to the console when the komorebi.exe binary is run as a foreground process in a terminal.

Rkill

I don't have any opinion on such questionable software for which the source code is not made available for inspection. komorebi does not contain any malware and consistently passes malware and antivirus checks as part of the submission and inclusion of every new version on the WinGet package registry.

@LGUG2Z commented on GitHub (Apr 14, 2025): Please do not necropost. > why did I get this when I executed komorebi from powershell? These are process logs - this is what gets emitted to the console when the `komorebi.exe` binary is run as a foreground process in a terminal. > Rkill I don't have any opinion on such questionable software for which the source code is not made available for inspection. komorebi does not contain any malware and consistently passes malware and antivirus checks as part of the submission and inclusion of every new version on the WinGet package registry.

adam referenced this issue 2026-01-05 14:53:18 +01:00

[PR #354] [MERGED] chore(deps): bump ctrlc from 3.2.4 to 3.2.5 #883

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

gh-pages

dependabot/cargo/reqwest-0.13.1

dependabot/github_actions/actions/upload-artifact-6

dependabot/github_actions/actions/download-artifact-7

feature/stack-force-disable-transparency

feature/multi-monitor-scrolling

feature/scrolling-without-fallback

feature/nirily

feature/floating-over-monocle

feature/break-monocle-on-ws-move

feature/komorebi-shortcuts

feature/drop-empty-containers

feature/custom-themes

feature/spawn-loc

more-dep-inj-wip

feature/icon-fallbacks

feature/locked-containers

feature/testable-monitor-reconciliator

feature/more-monitor-vibes

feature/monitors-and-vibes

feature/fix-test

feature/devperf

feature/reaper-redux

feature/rust-2024

feature/egui-0.31

feature/workspace-layers

feature/windows-rs-0-62

feature/windows-rs-0-59

feature/monitor-serial-number-ids

update-deps

feature/icul

feat(wm)/reset-initial-workspace-rules

feature/floating-permaborders

feature/tacky2

feature/mff-cursor-top-left

feature/tacky-borders

feature/monitor-idx-in-direction-redux

feature/aarch64

feature/reduce-notifications

feature/bar-native-positioning

feature/floating-applications

prep/v0.1.29

feature/komorebi-status-bar

feature/display-index-extension

feature/azin

feature/animated-move

ignore-old-events

fix/ahk-arg-list

monitor-prealloc

docs/v0.1.26-fixes

feature/komorebi-gui

feature/monocle-changes

feature/stackbar-manager

feature/undraw-unfocused-on-stackbar-move

feature/monitor-madness

feature/cmd-thread

feature/alt-tab-knowledge

feature/close-vs-destroy

feature/workspace-reconciliator

feature/border-manager

feature/komoborders

feature/focus-on-raise

feature/egui

feature/polyform

feature/windows-rs-0-56

feature/fix-cross-monitor-regression

feature/border-style-config

feature/stackbar

feature/composite-rules

feature/notopmost

docs/v0.1.22

raggi/dont-move-due-to-unrelated-window

feature/komorebi-client

master-after-678-with-config-changes

master-after-678

fix/skip-ser-if-none-only

docs/v0.1.21

feature/mkdocs

hotfix/logfile

animate-window-move

feature/foreground-lock-timeout

feature/static-config

fix/monitor-idx-in-direction-with-height-checks

feature/manage-override-float-rules

fix/multiple-tcp-connections

fix/unreal-engine

feature/dpi-awareness

feature/komokana

feature/bar

feature/unfailing-window-serialization

feature/remove-titlebars

feature/expand-windows-api

v0.1.39

nightly

v0.1.38

v0.1.37

v0.1.36

v0.1.35

v0.1.34

v0.1.33

v0.1.32

v0.1.31

v0.1.30

v0.1.29

v0.1.28

v0.1.27

v0.1.26

v0.1.25

v0.1.24

v0.1.23

v0.1.22

v0.1.21

v0.1.20

v0.1.19

v0.1.18

v0.1.17

v0.1.16

v0.1.15

v0.1.14

v0.1.13

v0.1.12

v0.1.11

v0.1.10

v0.1.9

v0.1.8

v0.1.7

v0.1.6

v0.1.5

v0.1.4

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels

0.1.36

apps-behaving-badly

bug

bug

cannot-reproduce

documentation

enhancement

github_actions

i-am-stuck

i-will-definitely-work-on-this

i-will-not-work-on-this

i-will-probably-work-on-this

komorebi

komorebi-bar

komorebic

performance

pull-request

Mirrored from GitHub Pull Request

translation

No Label bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

adam

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/komorebi#354