Both AutoRuns and Process Explorer are in our tool kits when we put on our Cloudeight Direct Computer Care hats and start helping others with their computers.
Here’s one example of how Process Explorer enabled TC to isolate and stop a process that was using 2.8 GB of ram on one of our Cloudeight Direct Computer Care customer’s computers. The gentleman had 4 GB of RAM installed on a Windows 7 computer. He had trimmed his startups and maintained his computer well – yet it was still running very slowly. Digging in with Windows Explorer and looking through his processes revealed nothing unusual. TC used Process Explorer to organize and examine the processes from the most resource hungry to the least. Right there at the top was the culprit – Windows Media Player Network service was running amok and using 2.8 GB or almost 3/4 of this computer’s RAM. We stopped the service and prevented it from running automatically then rebooted his computer – and presto! His computer had 3.1 GB of free RAM and it ran like new. Without Process Explorer he would have never been able to find the wayward service.
Here’s what the Sysinternals guys have to say about Process Explorer
Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.
The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you’ll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you’ll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.
The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.
Sysinternals’ Process Explorer
You can kill processes, suspend or restart process, check a process with VirusTotal, and more just by right-clicking on a process.
You can view a system summary (below) and see what’s going on with your System. I intentionally have too many programs running. Firefox was using almost a gigabyte of RAM total.
One Firefox process was using over 500 MB of RAM. See?
You can learn about your computer, its processes, and you can locate memory hogs easily, once you familiarize yourself with the program.
Process Explorer does not need to be installed. Just download the zip file, extract the files, and click on the application(exe). When you run the program, right-click the exe file and choose “Run as administrator” – it will save you time later. Process Explorer is a free 1.8 MB download – and it contains no tricky ware, no malware nothing but the good stuff — Sysinternals plays no games with download links either.
Process Explorer works with 32 and 64bit versions of Windows 7, Windows 8x and Windows 10 (all versions).