|
|
|
A Better, and Free, Way to See What's Running
Program: Process Explorer
Author: Mark Russinovich, SysInternals
Website: www.SysInternals.com
A good thing came out of Mark Russinovich's discovery of the Sony BMG music CD rootkits. I found his SysInternals.com web site and his free program Process Explorer.
In my article svchost.exe - What is it and why are so many copies running?, I discussed viewing running processes with Task Manager and WinPatrol. Task Manager is part of everyone's Windows XP, and is an improvement over the version that comes up with Control-Alt-Delete in Windows 98 and Windows Me.
WinPatrol is a free third-party program that will allow you to see and control startup programs, processes and more, as well as providing protection for some security-critical files like the Hosts file in Windows. The Hosts file is used to specify exact IP addresses for specific computers -- such as www.yourbanksname.com.
Process Explorer will tell you far, far more about the running programs than does Task Manager. Even better, it does not hog the screen like TM does and it doesn't seem to give artificial 100% usage numbers like TM does.
SysInternals provides three versions of this neat freeware product. There is one for the Windows 9x series -- Windows 95, Windows 98 and Windows Me. There is a second version for Windows 2000, Windows NT, Windows XP, and Windows 2003 Server. And, finally, there is a 64-bit version for folks running the 64-bit Windows XP or 64-bit Windows 2003 Server.
The programs do not need "installation" -- they just need unzipping. Just unzip the files into the directory of your choice. Then, you can create a shortcut on your Desktop or in the Start Menu.
Obviously, you only need one of these for any given computer. So, I downloaded all three, unzipped them into different directories, and copied them to my USB flash drive. All I have to do is plug the flash drive into a computer and run the appropriate version directly from the flash drive.
Let's take a look at the program as it runs. It does provide a lot of information and shows all of the programs and processes running, so it has a long scroll bar. Rather than embedd such large images into this page, I'm putting smaller images — click on the image for the full picture in a new window.
When you start Process Explorer, you get a view like this. You can click on the headers Process, PID, CPU, Description and Company to resort the columns. Be sure to click on Process 3 or 4 times — Process Explorer provides alternate views as well as sorting.
Click on image for complete, larger picture
In this image, I want you to notice that I've selected "firefox.exe". As long as it is selected, there is a lot of additional information at the bottom of the window (notice the position of the scroll bar). Also, since the CPU usage of each program is constantly varying, your selected program will be highlighted and you can spot it easily as it moves (Moves? I usually sort the CPU column, so the programs are constantly changing lines.)
Click on image for complete, larger picture
This final image shows the bottom of the Process Explorer window and the scrolling CPU Usage graph that is in the Windows Status Bar. Notice that the bottom of the window shows the total CPU Usage, the Commit Charge (the percent of total RAM and virtual memory that is being used by all running programs and Windows itself) and the number of Processes running (programs and Windows services).
Thanks, Mark, for providing this cool program and making it available as freeware.
Link to this page — just add this code to your web page!
<a href="http://www.terryscomputertips.com/computers/a-better-way-to-see-whats-running.php">A Better, and Free, Way to See What's Running</a>
Copyright © 2006 Terry A. Stockdale. All rights reserved.
|
|
