Process Hacker is a tool for viewing and manipulating processes and their threads, modules, memory and handles, and viewing and editing services. It can also search through process memory:

* for a sequence of bytes,
* using regular expressions,
* for strings, or
* for heap blocks

It can run programs as another user or as SYSTEM, LOCAL SERVICE or NETWORK SERVICE if you have administator privileges. This is achieved using a helper program which is installed as a system service (similar to PsExec).

It loads symbols from various libraries automatically and uses them when displaying the call stacks of threads (just like Process Explorer). It also has a disassembler derived from OllyDbg's which can be accessed when viewing PE files' exports.

Changelog:
* SUMMARY: This version adds many small but useful features. It is also more useful when trying to fight malware, thanks to digital signature verification and packed executable detection.

* NEW:
* "Free" and "Decommit" actions for memory regions
* "Description" column for processes
* Current Directory for processes automatically updates
* Can now display the file names of DRM-protected processes (like audiodg.exe)
* Now displays thread information under the thread list
* Module file name info for thread start addresses and stack traces
* Highlighting for .NET processes and packed executables
* Shows CPU usage and physical memory usage in the status bar
* "Reload Struct Definitions" menu item
* Struct Searcher - displays addresses which match the specified struct definition
* Ability to unload remote modules (by remote thread injection)
* New float and double types for structs
* Special tooltip info for rundll32.exe
* Verifies file signatures (and detects Windows components by checking the files' owners and ACLs)
* Highlights processes which have invalid signatures or are pretending to be system processes
* Better method for suspending/resuming processes

* FIXED:
* System information window resizing
* "Overflow error" exceptions
* Problems with the search button
* Process properties for DPCs and Interrupts
* Disabled expanding of processes when double-clicking them
* Now shows non-existent parent PIDs
* build-and-clean script is now XP compatible
* Redrawing problems with the lists in the process window

Program Information Category: Tools and Utilities Type: Free Version: 1.3.1.0 Size: 750KB Works on: Windows Product page: here