It can show you the threads (with symbols), modules, memory regions, handles and token of processes. It has detailed graphs that show CPU usage, memory usage and I/O activity. It can even change the DEP status of some processes and protect/unprotect them!
Process Hacker can read/write memory using a built-in hex editor and search through memory. It has a powerful run-as tool that can run programs as almost any user, including SYSTEM, LOCAL SERVICE and NETWORK SERVICE. Finally, its kernel-mode driver enables Process Hacker to show information for any process, even if it is protected by a rootkit.
Key features of Process Hacker:
- A simple, customizable tree view with highlighting showing you the processes running on your computer.
- Detailed performance graphs.
- A complete list of services and full control over them (start, stop, pause, resume and delete).
- A list of network connections.
- Comprehensive information for all processes: full process performance history, thread listing and stacks with dbghelp symbols, token information, module and mapped file information, virtual memory map, environment variables, handles, ...
- Full control over all processes1, even processes protected by rootkits or security software. Its kernel-mode driver has unique abilities which allows it to terminate, suspend and resume all processes and threads, including software like IceSword, avast! anti-virus, AVG Antivirus, COMODO Internet Security, etc. (just to name a few).
- Find hidden processes and terminate them. Process Hacker detects processes hidden by simple rootkits such as Hacker Defender and FU.
- Easy DLL injection and unloading2 - simply right-click a process and select "Inject DLL" to inject and right-click a module and select "Unload" to unload!
- Many more features...
.NET Framework 2.0
Microsoft Windows XP SP2 or above, 32-bit