Process Hacker v18.104.22.168 released
Process Hacker is a feature-packed tool for manipulating processes and services on your computer. It can show you the threads (with symbols), modules, memory regions, handles and token of processes. It has detailed graphs that show CPU usage, memory usage and I/O activity. It can even change the DEP status of some processes and protect/unprotect them!
Process Hacker can read/write memory using a built-in hex editor and search through memory. It has a powerful run-as tool that can run programs as almost any user, including SYSTEM, LOCAL SERVICE and NETWORK SERVICE. Finally, its kernel-mode driver enables Process Hacker to show information for any process, even if it is protected by a rootkit.
Changes for this release :
- KProcessHacker can now perform process memory reading/writing
by itself and does not require MmCopyVirtualMemory
- KProcessHacker can now bypass all handle-opening protections
- Experimental process protection feature
- Ability to set handle flags such as protect-from-close and inherit
- Better highlighting
- Terminator test: TD1 (debugs a process and closes the debug object)
- Terminator test: TT3 (TT1 is now completely user-mode)
- Shows function file and line numbers where available
- Icon updating is now done on the shared thread to avoid the GUI
blocking when explorer.exe is suspended or is hanging
- #2785648 - "cursor down crashes PH"
- #2790404 - "System.InvalidOperationException"
- Incomplete or inaccurate thread call stacks
- Windows 7 BSOD
- Crash upon executing terminator test M1
- Unexpected actions being performed when a key was pressed in
the memory and handle lists
- Changed I/O tray icon tooltip from ROW to RWO
- Corrupted usernames
- .NET processes getting recognized as packed
- Start times like "20 centuries ago"
- Unable to change service configurations
- "Access denied" when changing DEP status or unloading a module
on Windows XP