ProcessHacker

[dmex]

Process Hacker is a feature-packed tool for manipulating processes and services on your computer.

To enable viewing the properties of all processes, goto "Hacker> Show Details for All Processes" on the menu

It supports:

* Running a program as almost any user, including SYSTEM, LOCAL SERVICE and NETWORK SERVICE.
* Viewing, terminating, suspending and resuming processes
* Viewing, controlling and deleting services
* Viewing/enabling/disabling/removing process privileges
* Viewing process groups
* Inspecting PE files (exe/dll/ocx/sys files)
* Viewing, terminating, suspending and resuming threads
* Viewing and closing process handles
* Viewing modules, finding the address of an exported function, changing page protection, reading memory and viewing file properties
* Viewing memory regions, changing page protection and reading and writing
* Searching through process memory, either using literal data or regular expressions
* Scanning for strings inside process memory
* Getting heap information
* Viewing DEP status and other additional information.

Heres just a few screen shots, There is quite a large amount of functionality and features available than whats shown here







If you find any bugs please do let me know

Home - Process Hacker

 

[Generator]

This will come in very handy, thanx for taking the time to do a 64 bit compile and many thanks on the whole for this dmex.

 

[KrullKitty]

 

[Dwarf]

A very neat tool.

 

[Antman]

Thank you. When will you post your compile of ResHacker?

 

[dmex]

Thank you. When will you post your compile of ResHacker?

If only the source-code was available

A google search has revealed "this one and only alternative"

Restorator 2007 Resource Editor - Restorator - Bome Software

 

[Antman]

If only the source-code was available ...

Locks are for honest people. :devil:

 

[Dark Nova Gamer]

This could be useful. Thanks! *just noticed this sub-forum*

 

[moinmoin]

If only the source-code was available

A google search has revealed "this one and only alternative"

Restorator 2007 Resource Editor - Restorator - Bome Software

Looks here another alternative and Freeware for x86 and x64
Anolis Resourcer

 

[dmex]

Looks here another alternative and Freeware for x86 and x64
Anolis Resourcer

That tool only shows resources like icons and images embedded within an executable, Reflector shows resources and the source-code within the executable plus its free

 

[Flavius]

Cool tool and I glad somebody compiled this tool for x64 systems but I have small warning for @dmex:

Replacing Task Manger with Process Hacker don't work for x64 systems because it only enter replacing for x32 registry code:

oryginal Process Hacker modifications:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
"Debugger"="\"H:\\Program Files (x86)\\Process Hacker\\ProcessHacker.exe\""

but should be:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
"Debugger"="\"H:\\Program Files (x86)\\Process Hacker\\ProcessHacker.exe\""

If you enter second fix to registry replacing Task Manager with Process Hacker work fine.Neverless this bug should be fix....

 

[wj32]

Cool tool and I glad somebody compiled this tool for x64 systems

(I have to thank dmex for getting me started the official native x64 port.) A pre-release x64-compatible release:

https://www.ohloh.net/p/processhacker/download?package=Process+Hacker

 

[Flavius]

Thanks .You have right -in version 1.4 this bug has been solved

 

[darkassain]

this is such a great tool
thanks dmex
this will accompany my tool-set along with Process Explorer which is what i use....

 

[wj32]

I have just released Process Hacker 1.4, available at both SourceForge and Ohloh.

 

[hdfrango]

thanks, works well, nice alternative to process explorer

 

[dmex]

Just some updates for everyone

Version 1.5 was released two days ago with the following changes:
NEW/IMPROVED:
-#2831605: "Add handle count by type to process properties handle tab"
-#2836706: "Signature Column in Processes"
-Improved kernel modules list
-Detects custom kernels
-Performance improvements
-KTM resource manager information
FIXED:
-Windows XP BSODs
-Incorrect drive letter resolving for file handles
-Linked token display on x64

We are currently working on Version 1.6 and have commited the following changes to date:
NEW/IMPROVED:
-Application Update system
FIXED:
-#2845427: "Indicator integer overflow"
-Critical: KProcessHacker denial-of-service security issues fixed affecting 32bit Windows users
-Incorrect menu items for System threads
-Crash when viewing error details in the event of a corrupt configuration file

 

[smarteyeball]

After you pointed out the handles tab to me in the other thread, an idea occurred to me.

Would it be possible to add a "open with Regedit" to the right-click context menu that allows you go directly to the key entry when selecting a Type>Key?

 

[dmex]

After you pointed out the handles tab to me in the other thread, an idea occurred to me.

Would it be possible to add a "open with Regedit" to the right-click context menu that allows you go directly to the key entry when selecting a Type>Key?

You already can

When you right-click a entry and go properties on the Handle tab, Click Properties again and it will open Regedit at that key

 

[smarteyeball]

Cool I didn't click on properties (obviously)

Feature wise, PH is shaping up to make Process explorer feel as limited as Task Manager.

Thanks again