A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc.
Project Website - Project Downloads
Windows 7 or higher, 32-bit or 64-bit.
- A detailed overview of system activity with highlighting.
- Graphs and statistics allow you quickly to track down resource hogs and runaway processes.
- Can't edit or delete a file? Discover which processes are using that file.
- See what programs have active network connections, and close them if necessary.
- Get real-time information on disk access.
- View detailed stack traces with kernel-mode, WOW64 and .NET support.
- Go beyond services.msc: create, edit and control services.
- Small, portable and no installation required.
- 100% Free Software (MIT)
Requires Visual Studio (2019 or later).
Execute build_release.cmd located in the build directory to compile the project or load the ProcessHacker.sln and Plugins.sln solutions if you prefer building the project using Visual Studio.
You can download the free Visual Studio Community Edition to build the Process Hacker source code.
Please use the GitHub issue tracker for reporting problems or suggesting new features.
If you are running System Informer from a USB drive, you may want to save System Informer's settings there as well. To do this, create a blank file named "SystemInformer.exe.settings.xml" in the same directory as SystemInformer.exe. You can do this using Windows Explorer:
- Make sure "Hide extensions for known file types" is unticked in Tools > Folder options > View.
- Right-click in the folder and choose New > Text Document.
- Rename the file to SystemInformer.exe.settings.xml (delete the ".txt" extension).
Plugins can be configured from Informer > Plugins.
If you experience any crashes involving plugins, make sure they are up to date.
Disk and Network information provided by the ExtendedTools plugin is only available when running System Informer with administrative rights.
System Informer uses a kernel-mode driver, KSystemInformer, to assist with certain functionality. This includes:
- Capturing kernel-mode stack traces
- More efficiently enumerating process handles
- Retrieving names for file handles
- Retrieving names for EtwRegistration objects
- Setting handle attributes
Note that by default, KSystemInformer only allows connections from processes with administrative privileges (SeDebugPrivilege). To allow System Informer to show details for all processes when it is not running as administrator:
- In Registry Editor, navigate to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KSystemInformer
- Under this key, create a key named Parameters if it does not exist.
- Create a DWORD value named SecurityLevel and set it to 2. If you are not using an official build, you may need to set it to 0 instead.
- Restart the KSystemInformer service (sc stop KSystemInformer, sc start KSystemInformer).