Process Hacker v1.5 released

Process Hacker is a free and open source process viewer and memory editor with unique features such as powerful process termination and a Regex memory searcher. It can show services, processes and their threads, modules, handles and memory regions.

Version 1.5

New / Improved

  • #2831605 - "Add handle count by type to process properties handle tab"
  • #2836706 - "Signature Column in Processes"
  • Improved kernel modules list
  • Detects custom kernels
  • Performance improvements
  • KTM resource manager information

Fixed

  • Windows XP BSODs
  • Incorrect drive letter resolving for file handles
  • Linked token display on x64
JPEG - 26.9 kb

Key features of Process Hacker

  • A simple, customizable tree view with highlighting showing you the processes running on your computer.
  • Detailed performance graphs, a complete list of services and full control over them (start, stop, pause, resume and delete).
  • A list of network connections.
  • Comprehensive information for all processes: full process performance history, thread listing and stacks with dbghelp symbols, token information, module and mapped file information, virtual memory map, environment variables, handles, ...
  • Full control over all processes, even processes protected by rootkits or security software. Its kernel-mode driver has unique abilities which allows it to terminate, suspend and resume all processes and threads, including software like IceSword, avast! anti-virus, AVG Antivirus, COMODO Internet Security, etc. (just to name a few).
  • Find hidden processes and terminate them. Process Hacker detects processes hidden by simple rootkits such as Hacker Defender and FU.
  • Easy DLL injection and unloading - simply right-click a process and select "Inject DLL" to inject and right-click a module and select "Unload" to unload!

System Requirements

  • .NET Framework 2.0
  • Microsoft Windows XP SP2 or above, 32-bit or 64-bit. Please note that certain functionality including detection of hidden processes, full control over all processes and the ability to protect/unprotect processes is only available on 32-bit systems.

Post scriptum

Compliance Mandates

  • Forensics :

    PCI DSS 10.2, 12.9, A.1.4*, SOX DS7, HIPAA 164.308(a)(1) and (a)(6), FISMA IR-7, ISO 27001/27002 13.2.1, 13.2.3
    *Shared Hosting Providers Only


Related Articles

Enumeration
Forensics
Monitoring
Process Hacker