14 DAY TRIAL // If you need to take a look at system performance Task Manager is generally the first to check. It provides a neat perspective of how much CPU or RAM each running process is using. But despite its pervasive view over processes, running applications, services (on Vista), performance graphs and networking information third-party software will always pop up, decided to offer if not a tad more at least something different.
A different presentation of running processes as well as slightly more information and a few extra features are usually enough to scrap the Windows utility and appeal to a third-party instrument. Process Hacker is just that: a third-party alternative to Windows' built-in process manager.
The application is free of charge and is designed to display all processes, services and network connections currently exploiting your computer. On top of this, Process Hacker is also portable, so there is no need for installation and it can offer its services on any computer nice and easy.
It comes with a neat and quite simple interface built from three tabs for toggling between process, services and network connections view and only two menus. A rather simple look but the focus is on the information displayed and not on the wrapping.
Listing running processes may seem overwhelming if you are not used to reading process details. However, you do not have to be a Jedi master to interpret all details it provides and a novice could gain grip on the data in a short time. The process window exposes absolutely all processes currently running on the system as a tree, which includes the items started by parent processes.
It is a comprehensive view that includes valuable details on each item's footprint on system resources (both RAM and CPU), PID number, username it belongs to plus a brief description so you can pinpoint the application exactly. More than this, all of them are color-coded. The color code comes with double functionality: first it can act as a guiding mark and second it is Process Hacker's way of telling you a little something. Each color marks a specific particularity of the process: new object, own process, system, service, .NET, job or debugged processes as well as tagging packed/dangerous processes. If the default colors do not suit you these can be changed from the Options menu of the application.
The Context menu of the Process window provides a set of choices for handling the selected item. The basic functions for terminating its activity or setting priority are there but some other alternatives are present as well. You can change CPU affinity or google a specific process directly from the software, which are the least surprising given that most third-party process managers include them in the feature list.
However, more exotic choices come under the form of Terminator, an instrument that brings a set of options for shutting down the process, creating a remote thread in the process to kill it, dismissing the process threads or modifying threads with invalid contexts or closing the process handles.
Additionally it can also help you write garbage to the process memory regions or set page protection of the process memory regions to PAGE_NOACCESS. To sum it up briefly, Terminator provides several methods to terminate the activity of a selected process. Another option provided by this context menu is launching the process as another computer user.
The Properties panel for a process can be accessed either from the context menu or by double-clicking the item. The window popping up is multi-tabbed and supplies advanced details regarding the chosen process. This is an area that newbies had better stay away from as it involves changing the normal parameters of modules, tampering with process threads, its virtual memory regions or services it runs under. It is a complete view over a process' goings on and beyond the reporting feature it will also supply basic info on the item and its image file or performance details.
In the lower part of the application you will find the total number of processes active on the system, CPU load, and RAM used. If the last two bits of info are accurate, when reading the number of processes the application fails to get it right. During our testing it always showed two processes more than Task Manager or any other process manager we faced it with. However, the listing is accurate and there is nothing more besides the real items.
Also, regarding the color code for applying process tags, Process Hacker also fails to accurately pinpoint dangerous or potentially dangerous items. The Bat! and Total Commander were among the dangerous processes. Of course, an advanced user recognizes suspicious items in a glance and would not rely on the color coding provided by the application.
The Services window is not as jam-packed with information as Processes, but it is a valuable component of the application as it displays all services registered to the system allowing you full control over the way they start. Each of them comes with a brief description as well as type (a feature unavailable in Task Manager). The Properties window permits changing the type of the service (Kernel, File System Driver, share process or interactive process) and its start type, and associating it to a different account.
As you probably expected, Network information exhibits all processes communicating or in stand-by, complete with details on the remote end, protocol used and state of the connection. There is no other option available and viewing communication state is all you can do. However, it is a permeating look that can root out unauthorized connections and the address at the other end.
If all this is not enough, Process Hacker brings a few more features. The Hacker menu contains System Information, which unfolds usage graphs for CPU and RAM. I/O operations are present, as well as stats for file cache, kernel pools, page faults, CPU or RAM. This section is not for the faint-hearted as it presents hard-core details on system activity and especially on its current performance.
Compared to all of the above, the Options menu is the most accessible for any type of user. This is where you get to make the overall settings for the application to work to your advantage. You can change the default process search page, set the update interval, configure the program to run with Windows and start in system tray, enable the display of user/group domains or the experimental kernel-mode driver (allows the application to bypass security software and display all handles).
Yet another particular option available in Process Hacker is the notification system present in the context menu of the tray icon. The app can notify whenever a new process starts, or a service begins activity as well as when a new service is detected, stopped or deleted.
Process Hacker makes for a great manager of computer activity but it has its flaws. These are not to affect computer experts but middle-weight ones will definitely feel the need of a correction. On the bright side, it is abundant in details on running processes and allows a pretty large set of actions for manipulating them.
The Good
The Context menu in Process view contains everything you should need to efficiently manage an item. And if deeper access is needed, suffice it to access its Properties window.
The application has not forgotten Network connections and it will display all the intel necessary to cut short communication with the outside.
The Notification system can come in handy should a malicious file execute without your knowing.
The Bad
Detecting dangerous items is also on the downside as the app color coded as dangerous law-abiding processes.
For the average Joe this is more than he can handle and this reason alone is enough to keep most users away from Process Hacker.
The Truth
It has a few flaws but an experienced user would not trip on trivialities and would skip straight to the fun part. Process Hacker is a good tool to have as an alternative to Task Manager in Windows in case you learn how processes function and how to handle their modules and threads.
Given the high level of information presented and the process tampering possibilities, the average user cannot go deeper than the main tabs of the software where the listing of the items is made. As for processes, the Properties window is far too complicated even for a middle-weight user.
