lunes, 27 de abril de 2009

Tools: Process Hacker

Process Hacker is a feature-packed tool for manipulating processes and services on your computer.
It can show you the threads (with symbols), modules, memory regions, handles and token of processes. It has detailed graphs that show CPU usage, memory usage and I/O activity. It can even change the DEP status of some processes and protect/unprotect them!
Process Hacker can read/write memory using a built-in hex editor and search through memory. It has a powerful run-as tool that can run programs as almost any user, including SYSTEM, LOCAL SERVICE and NETWORK SERVICE. Finally, its kernel-mode driver enables Process Hacker to show information for any process, even if it is protected by a rootkit.

Key features of Process Hacker:
- A simple, customizable tree view with highlighting showing you the processes running on your computer.
- Detailed performance graphs.
- A complete list of services and full control over them (start, stop, pause, resume and delete).
- A list of network connections.
- Comprehensive information for all processes: full process performance history, thread listing and stacks with dbghelp symbols, token information, module and mapped file information, virtual memory map, environment variables, handles, ...
- Full control over all processes1, even processes protected by rootkits or security software. Its kernel-mode driver has unique abilities which allows it to terminate, suspend and resume all processes and threads, including software like IceSword, avast! anti-virus, AVG Antivirus, COMODO Internet Security, etc. (just to name a few).
- Find hidden processes and terminate them. Process Hacker detects processes hidden by simple rootkits such as Hacker Defender and FU.
- Easy DLL injection and unloading2 - simply right-click a process and select "Inject DLL" to inject and right-click a module and select "Unload" to unload!
- Many more features...

System Requirements
.NET Framework 2.0
Microsoft Windows XP SP2 or above, 32-bit

No hay comentarios: