Monday, May 31, 2010

Process Explorer: Windows Task manager alternative


Process Explorer v11.33 is a freeware from Microsoft showing information about which handles and DLLs process have opened or loaded. We all would hit Ctrl +alt+delete when PC hangs up and to kill the current process running and bring up the task manager. some power users may click CPU column twice to see which processes are sucking up most of the CPU's power. Alternatively we may scan the process list for suspicious items. Here i saw this pretty useful tool from Microsoft simplifying task manager and even gives more granular details about a process including its icon, command line, full mage path, memory statistics, user account, security attributes and more.
Process Explorer
Process explorer showing system information details in graphical representation

Process explorer with system information
Process explorer with system information
The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded.Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.
The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work. You can right -click and kill a process as in Task Manager, with the obligatory warning that killing a process can destabilize the system. Process Explorer's added ability to kill a process and all of its descendant processes may forestall stability problems. Process Explorer can also suspend a process's execution and resume it later. Say you've got a number-crunching utility that's tying up the CPU and you want to stop for a minute while you check your e-mail. With Process Explorer, you can suspend the app briefly without going through the hassle of shutting it down and starting all over again after checking your mail.


Task Manager helps you figure out what program a given process represents by displaying its internal description, if available. Process Explorer goes a step farther by adding the company name. Still puzzled? Double-click the process and click the "Strings" tab in the resulting properties dialog—it lists all text strings found embedded in the process's executable file. The properties dialog also reveals the full pathname and command-line for the process, lists and graphs performance statistics, and even displays TCP/IP activity.
Selecting the process corresponding to an on-screen window is a snap—just drag the utility's  icon onto the window. You can also enable a lower pane that lists all DLLs used by the selected process or all handles opened by that process. And a search option makes it easy to get a list of all programs currently using a specific DLL or identify which program is holding a certain file open.

Process explorer showing information about skype process running
Process explorer showing information about skype process running

Process explorer showing a process string
Process explorer showing a process string