Free Computer Consultant Logo

Home>Free Tools>Process Explorer
 

Process Explorer

Task Manager The Way It Should Be

Process Explorer can best be described as being what Windows Task Manager should have been all along.

Many of you are likely aware of Windows Task Manager, and if you are, you are likely aware of its limitations too. In case you aren't familiar with it, Task Manager can be invoked by pressing Ctrl-Shift-Esc (three keys all at once) or by right clicking the task bar and selecting Task Manager from the context menu.

Windows Task Manager

Figure 1 - Windows Task Manager

As you can see in figure 1, many processes show up as "svchost.exe" with no further information. Or how about RWBA75.Exe - that looks like malware, doesn't it?

Now take a look at Process Explorer's output:

Microsoft Process Explorer

Figure 2 - Microsoft's Free Process Explorer

Here you can see, for instance, that RWBA75.exe is actually a sub process of NTRtScan.exe, which is identified as coming from Trend Micro, Inc., our Antivirus software provider.

You can also see that another svchost.exe has sub programs of rapimgr.exe, which you now see is part of ActiveSync for a PDA as is PKTray.exe. Since I don't have any programs from PKWare running that I know of, it's good to know why this program is running.

Find File Lock information as well

Perhaps you have tried to delete a file, like one of many in the Windows temporary directory, and found that you could not delete it because a program was using it. Figure 3 shows the error message displayed when that happens.

Error Dialog Box - Error Deleting File or Folder

Figure 3 - Error Dialog

Did you ever wonder what program?

In Process Explorer, under the Find Menu is "File handle or Dll". Enter the file name in question, in this case I used the file RWBA75.exe, and entered only RWBA75 and did a search. Figure 4 shows the findings.

Process Explorer Search Results

Figure 4 - File Handle or Dll Search Results

Here again, it's clear that RWBA75.exe is used by NTRtScan and can easily be tracked back to our Antivirus software.

Do you see how this could be helpful in identifying malware? And perhaps prevent you from killing a process or deleting a file that you should leave well enough alone?

Obtaining Process Explorer

Getting Process Explorer is fairly painless.

  1. Go over to Microsoft's website and download the zip file.
  2. Unzip the file, I recommend putting it in C:\Windows (or wherever Windows is installed).
  3. Create a shortcut on your Start Menu. If you don't know how to do this, there are many options. Open Windows Explorer, navigate to procexp.exe, then either drag and drop onto your Start button, or right click, select "send to" then "desktop" to create a shortcut on the desktop.

Process Explorer is a very handy tool to learn to use for tuning up your PC or searching for malware. And best of all, it's Free!

 

 

Home About Privacy Statement Contact Us Site Map

PCNow 30-Day Free Trial, Remote PC Access

ZoneAlarm Security Suite

Dragon Naturally Speaking Preferred 10 by Nuance

Save Money Buying Dell Online
Email Etiquette eBook
FREE Newsletter
Most Popular
Dell Computer Review
Clean PC
PC Slowing Down?
Video Download
Vista Upgrade
Wireless Network
Computer Security
Buying Guide
Computer Backup
Movie Theatre
Free Tools
Easy Photo Recovery
Free Music Downloads
Horror Stories
How To Videos
Make Money Online
Precious Gems
FREE Screensavers
SysClean
Cool Videos
Voice over IP (VoIP)
Articles Published
Problems and Solutions
Recommended Vendors
* Website *
SiteSearch
About
Privacy Statement
Disclosure
Contact Us
Links
Site Map

(C) 2008 FreeComputerConsultant.com, All Rights Reserved