Process Hacker - easy manipulating processes and services on your computer

Process Hacker is a free and open source process viewer. This multi-purpose tool will assist you with debugging, malware detection and system monitoring. It includes powerful process termination, memory viewing/editing and other unique and specialized features.

Key features of Process Hacker:

Processes

• View processes in a tree view with highlighting.
• View detailed process statistics and performance graphs.
• Process tooltips are detailed and show context-specific information.
• Select multiple processes and terminate, suspend or resume them.
• (32-bit only) Bypass almost all forms of process protection.
• Restart processes.
• Empty the working set of processes.
• Set affinity, priority and virtualization.
• Create process dumps.
• Use over a dozen methods to terminate processes.
• Detach processes from debuggers.
• View process heaps.
• View GDI handles.
• Inject DLLs.
• View DEP status, and even enable/disable DEP.
• View environment variables.
• View and edit process security descriptors.
• View image properties such as imports and exports

Threads

• View thread start addresses and stacks with symbols.
• Threads are highlighted if suspended, or are GUI threads.
• Select multiple threads and terminate, suspend or resume them.
• Force terminate threads.
• View TEB addresses and view TEB contents.
•  (32-bit only) Find out what a thread is doing, and what objects it is waiting on.
• View and edit thread security descriptors

Tokens

• View full token details, including user, owner, primary group, session ID, elevation status, and more.
• View token groups.
• View privileges and even enable, disable or remove them.
• View and edit token security descriptors

Modules

• View modules and mapped files in one list.
• Unload DLLs.
• View file properties and open them in Windows Explorer

Memory

• View a virtual memory list.
• Read and modify memory using a hex editor.
• Dump memory to a file.
• Free or decommit memory.
• Scan for strings

Handles

• View process handles, complete with highlighting for attributes.
• Search for handles (and DLLs and mapped files).
• Close handles.
•  (32-bit only) Set handle attributes - Protected and Inherit.
• Granted access of handles can be viewed symbolically instead of plain hex numbers.
• View detailed object properties when supported.
• View and edit object security descriptors

Services

• View a list of all services.
• Create services.
• Start, stop, pause, continue or delete services.
• Edit service properties.
• View service dependencies and dependents.
• View and edit service security descriptors

Network

• View a list of network connections.
• Close network connections.
• Use tools such as whois, traceroute and ping

Compared with Process Explorer, Process Hacker:

• Implements all of the functionality offered by Process Explorer, plus more advanced features.
• Allows you to see what a thread is waiting on.
• Has advanced string scanning capabilities, as well as regular expression filtering.
• Highlights both relocated and .NET DLLs.
• Shows symbolic access masks (e.g. Read, Write), rather than just numbers (e.g. 0x12019f).
• Shows names for transaction manager objects and ETW registration objects.
• Shows detailed token information, as well as allowing privileges to be enabled and disabled.

Website: http://processhacker.sourceforge.net/

You may choose to download standard installer or portable version, not requiring installation, from the website links.