Using Process Explorer for Windows 7

February 2, 2011, By Christian Cawley

Keeping track of everything that is running on your PC isn’t usually necessary – Windows will do it for you. But if you suspect that your computer might be the victim of a security breach (such as a virus/worm or Trojan) then knowing exactly what applications, utilities, processes and services are running is vital.

Tracking these down can be tricky; often the best way is to use some auditing software but thanks to a Microsoft there are two useful utilities that will display the currently running processes. One of these is built into Windows while the other is available as a download.

Using Process Explorer for Windows 7

Checking Running Processes in Windows 7

The default method is easiest, although you might find that a few bits of information are lacking with this.

With Task Manager you can view various bits of information about what applications and processes are currently running on your PC as well as checking the performance of your CPU core(s) and memory.

You can open Task Manager by right-clicking the Windows taskbar and selecting Start Task Manager, or press CTRL+ALT+DEL to find the same option. With this tool open, you can observe open software in the Applications tab (and use the End Task button to force any frozen or unresponsive apps to close) and find running Processes on the appropriate tab. End Process will attempt to close the currently selected item, something you should only do if you know that the process is invalid or causing problems (such as maxing-out the CPU, represented by the number 99 in the CPU column).

If you’re using Task Manager to track down an intrusion then the Services tab should also be checked. In this situation you will probably be cross-referencing running processes and software on Google, which should provide you with all of the answers you need.

Using Process Explorer for Windows

Of course Task Manager doesn’t offer answers to everything. For a more comprehensive look at what your PC is currently doing, you need a utility like Process Explorer, available free from technet.microsoft.com.

With Process Explorer installed you can check various details such as the current CPU and memory commitment of a specific process (as with Task Manager) as well as perform more advanced monitoring like forcing a process to Restart or Suspend or even perform a search for the process on the web by right-clicking the item and choosing Search online….

Most importantly, Process Explorer can be used to track the exact file location of a specific process. This can be found by hovering the mouse pointer over the process name, where a tooltip will display both the command line instruction for the process as well as its location within the directory structure of your disk partition.

© 2008-2012 DeviceMag.com - All rights reserved | Privacy Policy