Process Hacker 2.8


Recommended Posts

5H17I.png

Process Hacker is a feature-packed tool for manipulating processes and services on your computer.

Key features of Process Hacker:

* A simple, customizable tree view with highlighting showing you the processes running on your computer.

* Detailed system statistics with graphs.

* Advanced features not found in other programs, such as detaching from debuggers, viewing GDI handles, viewing heaps, injecting and unloading DLLs, and more.

* Powerful process termination that bypasses security software and rootkits.

* View, edit and control services, including those not shown by the Services console.

* View and close network connections.

* Starts up almost instantly, unlike other programs.

* Many more features...

Compared with Process Explorer, Process Hacker:

* Implements almost all of the functionality offered by Process Explorer, plus more advanced features.

* Has advanced string scanning capabilities, as well as regular expression filtering.

* Allows you to see what a thread is waiting on.

* Highlights relocated and .NET DLLs.

* Allows you to connect to other sessions, just like Windows Task Manager can.

* Shows symbolic access masks (e.g. Read, Write), rather than just numbers (e.g. 0x12019f).

* Shows names for transaction manager objects and ETW registration objects.

* Shows detailed token information, as well as allowing privileges to be enabled and disabled.

* Shows information for POSIX processes.

* Starts around 5 times faster than Process Explorer.

* Has around 8 times less background CPU usage.

An almost complete feature list for Process Hacker 2:

General

* View detailed system information and performance graphs

* Configure Process Hacker to alert you when new processes are started, services are created, and other events

Processes

* View processes in a tree view with highlighting

* View detailed process statistics and performance graphs

* Process tooltips are detailed and show context-specific information

* Select multiple processes and terminate, suspend or resume them

* (32-bit only) Bypass almost all forms of process protection

* Restart processes

* Empty the working set of processes

* Set affinity, priority and virtualization

* Create process dumps

* Use over a dozen methods to terminate processes

* Detach processes from debuggers

* View process heaps

* View GDI handles

* Inject DLLs

* View DEP status, and even enable/disable DEP

* View environment variables

* View and edit process security descriptors

* View image properties such as imports and exports

Threads

* View thread start addresses and stacks with symbols

* Threads are highlighted if suspended, or are GUI threads

* Select multiple threads and terminate, suspend or resume them

* Force terminate threads

* View TEB addresses and view TEB contents

* (32-bit only) Find out what a thread is doing, and what objects it is waiting on

* View and edit thread security descriptors

Tokens

* View full token details, including user, owner, primary group, session ID, elevation status, and more

* View token groups

* View privileges and even enable, disable or remove them

* View and edit token security descriptors

Modules

* View modules and mapped files in one list

* Unload DLLs

* View file properties and open them in Windows Explorer

Memory

* View a virtual memory list

* Read and modify memory using a hex editor

* Dump memory to a file

* Free or decommit memory

* Scan for strings

Handles

* View process handles, complete with highlighting for attributes

* Search for handles (and DLLs and mapped files)

* Close handles

* (32-bit only) Set handle attributes - Protected and Inherit

* Granted access of handles can be viewed symbolically instead of plain hex numbers

* View detailed object properties when supported

* View and edit object security descriptors

Services

* View a list of all services

* Create services

* Start, stop, pause, continue or delete services

* Edit service properties

* View and edit service security descriptors

Network

* View a list of network connections

* Close network connections

2010-11-02 Process Hacker 2.8 released

New / Improved

* Better service list (including column selection)

* Added Peak Handles

* Process tree sorting is now preserved

* Save works for services and network connections

* Pausing now works correctly with the Network tab

* Added option to display inclusive CPU usages for

collapsed processes

* Added CLR tab to peview

* Added ability to destroy heaps

* Improved process tree list appearance

* Certain command line parameters are now propagated

Fixed

* Icon handling bugs

* Memory leaks

* Extended tooltips for WOW64 processes

Download Process Hacker 2.8

Home Page

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.