Process Hacker 是一款强大的处理程序查看管理、系统监视和内存编辑工具,支持查看管理处理程序、服务、执行绪、模块、控制代码以及内存区域数据等信息; 支持显示系统服务项目,处理程序数以及其执行绪数、模块数和内存占用;支持定位处理程序的文件位置,查看处理程序程序的属性,轻松终止或者重启该处理程序服务。 除此之外也支持网络连接程序的检测功能。
Process Hacker 可用来取代 Windows 工作管理员的进程管理程序,Process Hacker 可帮用户查看和管理其电脑的进程与它们的执行绪、模块和内存。
底下为 Process Hacker 的一些主要功能:
- 简单、可定制的树状查看来醒目显示在您的电脑上执行的进程。
- 详细的性能图表。
- 服务的完整列表和完全控制它们(启动、停止、暂停、继续和删除)。
- 网络连线列表。
- 所有进程的全面信息:全进程的性能历程记录、执行绪列表和具有 dbghelp 符号的堆叠、权杖信息、模块和对应文件信息、虚拟内存映射、环境变量、控制代码…
- 完全控制所有 processes1,即使其受到木马后门或安全软件的保护。 其核心模式驱动程序具有独特的能力,使它能终止、暂停和继续所有进程线程,包含软件(如IceSword、avast)、COMODO网络安全、AVG防毒等等(仅举几例))。
- 寻找隐藏的进程并终止它们。 Process Hacker 能侦测出被简单的 rootkit(如:Hacker Defender 和 FU)所隐藏的进程。
- 简单的 DLL 注入和卸载 – 只需对进程按鼠标右键并选择 [注入 DLL] 来注入,对模块按鼠标右键并选择 [卸载] 来卸载!
Process Hacker 原文简介:
Process Hacker is a feature-packed tool for manipulating processes and services on your computer. Process Hacker is an application which helps users to view and manage the processes and their threads, modules and memory from their computers.
Key features:
- · A simple, customizable tree view with highlighting showing you the processes running on your computer.
- · Detailed performance graphs.
- · A complete list of services and full control over them (start, stop, pause, resume and delete).
- · A list of network connections.
- · Comprehensive information for all processes: full process performance history, thread listing and stacks with dbghelp symbols, token information, module and mapped file information, virtual memory map, environment variables, handles,…
- · Full control over all processes1, even processes protected by rootkits or security software. Its kernel-mode driver has unique abilities which allows it to terminate, suspend and resume all processes and threads, including software like IceSword, avast! anti-virus, AVG Antivirus, COMODO Internet Security, etc. (just to name a few).
- · Find hidden processes and terminate them. Process Hacker detects processes hidden by simple rootkits such as Hacker Defender and FU.
- · Easy DLL injection and unloading2 – simply right-click a process and select “Inject DLL” to inject and right-click a module and select “Unload” to unload!