[go: up one dir, main page]
Menu

Tree [r6350] / 2.x / trunk /
 History

HTTPS svn://
HTTPS access

File Date Author Commit
 KProcessHacker 2015-05-30 dmex [r6000] ProcessHacker: Tidy up remaining svn:ignore;
 ProcessHacker 2016-01-31 wj32 [r6349] Remove unused files
 build 2015-12-07 xhmikosr [r6251] coverity.bat: update for MSVC 2015.
 doc 2011-08-26 wj32 [r4568] deleted Help.htm
 lib 2011-08-25 wj32 [r4534] patch by xhmikosr
 phlib 2016-01-31 wj32 [r6347] Remove message length limit in PhShowMessage
 plugins 2016-02-01 dmex [r6350] ToolStatus: Disabled theme combo options; Remov...
 tests 2015-12-16 dmex [r6263] Fixed solution include path inconsistencies
 tools 2016-01-30 dmex [r6346] ProcessHacker: Fixed peview grey backgrounds
 CHANGELOG.txt 2016-01-30 wj32 [r6345] Update OnlineChecks changelog and version number
 COPYRIGHT.txt 2015-02-17 xhmikosr [r5692] Bump copyright year.
 Doxyfile 2011-10-20 wj32 [r4746] updated Doxyfile
 HACKING.txt 2015-08-16 wj32 [r6184] Switch SDK version to 10.0.10240.0
 LICENSE.txt 2011-08-26 wj32 [r4577] patch by xhmikosr - remove Help.htm when upgrading
 ProcessHacker.sln 2015-08-16 wj32 [r6179] Upgrade all projects to VS 2015 (almost all by ...
 README.txt 2013-10-30 wj32 [r5510] * added signing scripts

Read Me

Process Hacker is a powerful free and open source process viewer.

== Getting started ==

Simply run ProcessHacker.exe to start Process Hacker. There are two
versions, 32-bit (x86) and 64-bit (x64). If you are not sure which
version to use, open Control Panel > System and check the "System
type". You cannot run the 32-bit version of Process Hacker on a
64-bit system and expect it to work correctly, unlike other programs.

== System requirements ==

Windows XP SP2 or higher, 32-bit or 64-bit.

== Settings ==

If you are running Process Hacker from a USB drive, you may want to
save Process Hacker's settings there as well. To do this, create a
blank file named "ProcessHacker.exe.settings.xml" in the same
directory as ProcessHacker.exe. You can do this using Windows Explorer:

1. Make sure "Hide extensions for known file types" is unticked in
   Tools > Folder options > View.
2. Right-click in the folder and choose New > Text Document.
3. Rename the file to ProcessHacker.exe.settings.xml (delete the ".txt"
   extension).

== Plugins ==

Plugins can be configured from Hacker > Plugins.

If you experience any crashes involving plugins, make sure they
are up to date.

The ExtendedTools plugin is only available for Windows Vista and
above. Disk and Network information provided by this plugin is
only available when running Process Hacker with administrative
rights.

== KProcessHacker ==

Process Hacker uses a kernel-mode driver, KProcessHacker, to
assist with certain functionality. This includes:

* Bypassing security software and rootkits in limited ways
* More powerful process and thread termination (*)
* Setting DEP status of processes
* Capturing kernel-mode stack traces
* More efficiently enumerating process handles
* Retrieving names for file handles
* Retrieving names for EtwRegistration objects
* Setting handle attributes

The feature(s) marked with an asterisk (*) are NOT available on 64-bit
versions of Windows.

Note that by default, KProcessHacker only allows connections from
processes with SeDebugPrivilege. To allow Process Hacker to show details
for all processes when it is not running as administrator:

1. In Registry Editor, navigate to:
   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KProcessHacker2
2. Under this key, create a key named Parameters if it does not exist.
3. Create a DWORD value named SecurityLevel and set it to 0.
4. Restart the KProcessHacker2 service (sc stop KProcessHacker2,
   sc start KProcessHacker2).