Windows troubleshooting made easier with Process Explorer

By TheGeek on December 31, 2008 under Windows

Hi! If you are new here, you might want to subscribe to the RSS feed for updates on this topic.

Sysinternals’ free utility Process Explorer makes Windows troubleshooting a lot easier.

You must have hated the limited capabilities of Windows’ built-in Task Manager when it comes to drilling down to figure out that Windows issue that’s slowing down your computer. You must have hated the very limited information the “Processes” tab on Task Manager provides about processes. I’m not sure about you but I hated it until I started using Process Explorer.

Windows troubleshooting with Process Explorer

Process Explorer is a fantastic Windows Task Manager alternative that gives you quite a lot of information about the processes and dependencies that makes Windows troubleshooting a breeze. Download Process Explorer. There is no installation involved, so go ahead and create a desktop shortcut or a Quick Launch Bar shortcut for easy access. Launch ProcExp.exe to launch Process Explorer.

There are bunch of things that you can do better with Process Explorer than with Windows Task Manager. You can examine the processes that are stealing CPU cycles, finding out which files are open by which process, find the process dependencies (which process depends on the other) etc.

Identify misbehaving processes

Identify misbehaving processes with Process Explorer

Click on the “CPU” column to sort it descending (see the downward pointing arrow at the top of the CPU column). The processes that are taking more CPU cycles will be displayed at the top.

Suspend a process with Process Explorer

Select the processes and the bottom portion of the Process Explorer window displays more information about the selected process. If the process is taking more CPU cycles than it deserves (take a guess) you can either kill the process or you can suspend the process temporarily. This helps you to see if the chosen process could be the culprit. If not then you can use the “Restart” menu option to restart the suspended process and move on with the next process in line. If, for sure, you think the process is the culprit you can obviously use the “Kill Process” menu option to kill the process and get your CPU processing back to normal.

Find out more about a suspicious process

Find out more about a process using Process Explorer's Properties window

If the information displayed at the lower panel is not sufficient enough for you to identify the process as being culprit you can right-click on the Process name at the top pane and click on the “Properties” to reveal more about the process including performance, performance graph, TCP/IP, security, environment, threads etc.

Search Online for extra information about a process

Search Online for extra information on the processes

If you are still not sure about the process you can right-click on a process and click “Search Online…” menu option to search online for extra information about the process.

Tips on identifying suspicious processes

Any process that has a weird name might be suspicious, like for example, exwyup.exe.
Any process that doesn’t have a decent Description or Company Name could be an obvious suspect.
Any process with a “C:\Temp” or “C:\Windows\Temp” on the “Command Line” column would draw the attention to be suspicious. (Click on “View” >> “Select Columns…” to select “Command Line” column to be displayed).
Processes like services.exe, winlogon.exe, smss.exe, alg.exe are safe.

Replace Task Manager with Process Explorer

Replace Task Manager option at Process Explorer

If you are like me who don’t use the built-in Task Manager at all and would rather prefer to use Process Explorer instead then Process Explorer has a “Replace Task Manager” option under the “Options” menu which will replace Task Manager with Process Explorer so the next time when you try the “got-used-way” of launching Task Manager Windows will launch Process Explorer instead.

No doubt, Process Explorer is a great tool for Windows troubleshooting to see the processes that might be causing issues. It might take a little get-used-to but once you get a little familiar you’ll find it a lot better than the Windows’ built-in Task Manager. I hope you can make use of this free tool from Microsoft to make your life in front of the PC a bit easier. If you have any questions/comments regarding this article please let us know in comments.

Download Process Explorer from TechNet.

Technorati Tags: Windows Troubleshooting,Process Explorer,ProcessExplorer,Task Manager Replacement,Task Manager Alternative,How To,Windows Vista,Windows XP

Wishing you all a very Happy New Year 2009!

Spread the word

You might be interested to read these as well

Tweet This: Send This Page to Twitter

If you find this article useful then you may find other articles on DemoGeek.com useful to you. Don't miss out on the best quality articles on DemoGeek.com.
Subscribe to our free RSS feed to keep up with what's happening at DemoGeek.com.

Print This

2 comments so far

Elaine
#1

January 2nd, 2009 at 3:22 pm
Well explained Geek! I’ve read about Process Explorer before but none of those were as good explanation as this. Great job!
Dianne
#2

February 2nd, 2009 at 4:02 pm
Very interesting to know about Process Explorer that too in so much detail. Thank you. The only thing I hate about Process Explorer is that when you minimize it to your System Tray it just have a weird color combination (green and red) on a dark background which makes it quite hard to visualize.