Guides & Troubleshooting
Step-by-step solutions and best practices
Learn how to use Process Hacker effectively with our comprehensive guides. Find solutions to common issues and discover best practices for Windows system monitoring and process management.
Getting Started
Initial Setup
-
1
Install Process Hacker
Download and install Process Hacker from the download page. Run the installer as Administrator for full functionality.
-
2
Configure Antivirus
If your antivirus flags Process Hacker, add it to the exclusion list. This is a false positive - Process Hacker is legitimate open-source software.
-
3
Launch with Administrator Rights
Right-click Process Hacker and select "Run as Administrator" to access all features, including process termination and service management.
-
4
Explore the Interface
Familiarize yourself with the main process list, system information panel, and resource graphs. Customize columns and views to match your needs.
Basic Operations
Viewing Process Details
Double-click any process to open the Properties dialog, showing detailed information about:
- Process ID, parent process, and command line
- Memory usage and virtual memory statistics
- Loaded modules and DLLs
- Open handles and file locks
- Thread information and CPU usage
Filtering Processes
Use the search box to filter processes by name. Use the filter menu to filter by CPU usage, memory consumption, or other criteria.
Terminating Processes
Right-click a process and select "Terminate" or "Terminate Tree" to stop it. Use caution when terminating system processes.
Common Issues & Solutions
Process Hacker Won't Start
Solution 1: Check Administrator Rights
Process Hacker requires administrator privileges for full functionality. Right-click the executable and select "Run as Administrator".
Solution 2: Antivirus Blocking
Some antivirus software may block Process Hacker from running. Add Process Hacker to your antivirus exclusion list.
See Antivirus section below →Solution 3: Corrupted Installation
Uninstall Process Hacker, download a fresh copy, verify the SHA checksum, and reinstall.
Cannot Terminate a Process
Solution 1: Run as Administrator
Some processes require administrator privileges to terminate. Ensure Process Hacker is running with administrator rights.
Solution 2: Use Terminate Tree
If a process won't terminate, try "Terminate Tree" to kill the process and all its child processes.
Solution 3: Protected Process
Some Windows system processes are protected and cannot be terminated. This is normal security behavior.
High CPU Usage
Solution 1: Update Frequency
Reduce the update frequency in Settings → Options → Update Interval. Lower update frequencies reduce CPU usage.
Solution 2: Disable Unnecessary Features
Disable features you don't need, such as network monitoring or detailed handle tracking, to reduce resource usage.
Solution 3: Close Unused Views
Close additional windows and views you're not actively using to reduce CPU overhead.
Missing Process Information
Solution 1: Refresh the View
Press F5 or use View → Refresh to update the process list and reload information.
Solution 2: Administrator Rights
Some process details require administrator privileges. Run Process Hacker as Administrator.
Solution 3: Protected Processes
Windows protected processes may show limited information. This is expected behavior for security reasons.
Network Connections Not Showing
Solution 1: Enable Network Monitoring
Go to View → Show Network to enable network connection monitoring.
Solution 2: Administrator Rights
Network monitoring requires administrator privileges. Run Process Hacker as Administrator.
Solution 3: Firewall Interference
Some firewalls may interfere with network monitoring. Temporarily disable the firewall to test, or add Process Hacker to firewall exceptions.
Handling Antivirus Warnings
Understanding False Positives
Process Hacker may be flagged by antivirus software as potentially unwanted or suspicious. This is a false positive - Process Hacker is legitimate, open-source software with no malicious code.
Antivirus software uses heuristic detection that flags programs using advanced system APIs, which Process Hacker legitimately uses for system monitoring. The same APIs are sometimes used by malware, causing false alarms.
Step-by-Step: Adding to Antivirus Exclusions
Windows Defender
- Open Windows Security (Windows Defender)
- Go to Virus & threat protection
- Click "Manage settings" under Virus & threat protection settings
- Scroll to Exclusions and click "Add or remove exclusions"
- Click "Add an exclusion" → "Folder" or "File"
- Navigate to Process Hacker installation directory and add it
Other Antivirus Software
The process varies by antivirus software, but generally:
- Open your antivirus software settings
- Look for "Exclusions", "Exceptions", or "Whitelist" section
- Add Process Hacker installation folder or executable
- Save settings and restart Process Hacker if needed
Reporting False Positives
Help improve antivirus detection by reporting false positives to your antivirus vendor. This helps them improve their detection algorithms.
Information to Include
- Process Hacker version and download source
- SHA-256 checksum of the file
- Digital signature information
- Link to Process Hacker source code repository
- Explanation that Process Hacker is legitimate open-source software
Verifying Legitimacy
If you're concerned about Process Hacker's legitimacy, verify it using these methods:
- Verify the SHA-256 checksum matches the official release
- Check the digital signature in file properties
- Review the open-source code on GitHub
- Download only from official sources (see download page)
Best Practices
Security
- • Always download from official sources
- • Verify SHA checksums before installation
- • Run as Administrator only when needed
- • Be cautious when terminating processes
- • Keep Process Hacker updated
Performance
- • Adjust update frequency based on needs
- • Close unused views and windows
- • Disable unnecessary monitoring features
- • Use filters to reduce displayed processes
- • Monitor resource usage of Process Hacker itself
Usage
- • Learn what processes are safe to terminate
- • Use process tree view to understand relationships
- • Export data for analysis and reporting
- • Customize columns for your workflow
- • Use search and filters effectively
Troubleshooting
- • Check administrator rights first
- • Verify antivirus exclusions
- • Review event logs for errors
- • Test with portable version if needed
- • Consult documentation and community
Advanced Usage
Memory Leak Detection
Use Process Hacker to identify memory leaks by monitoring process memory usage over time.
- Open Process Hacker and select the process to monitor
- View the Memory tab in the Properties dialog
- Monitor "Private Bytes" and "Working Set" over time
- Look for steady increases without corresponding decreases
- Use the graph view to visualize memory growth trends
Handle Leak Detection
Detect handle leaks by monitoring the number of open handles per process.
- Enable handle monitoring in View → Show Handles
- Monitor the handle count column for processes
- Watch for processes with unusually high handle counts
- Investigate handle types to identify the source
- Use handle closing features carefully to test fixes
Network Monitoring
Monitor network connections to identify suspicious activity or bandwidth usage.
- Enable network monitoring in View → Show Network
- View active connections per process
- Monitor bandwidth usage and connection states
- Identify processes making unexpected connections
- Export network data for analysis
Service Management
Manage Windows services with detailed dependency information.
- Open the Services tab in Process Hacker
- View service status, startup type, and dependencies
- Start, stop, pause, or restart services
- Modify service startup types
- View service process relationships