{"id":9847,"date":"2015-07-28T19:36:47","date_gmt":"2015-07-28T23:36:47","guid":{"rendered":"http:\/\/thundercloud.net\/infoave\/new\/?p=9847"},"modified":"2015-07-28T19:36:47","modified_gmt":"2015-07-28T23:36:47","slug":"exploring-windows-processes-with-process-explorer","status":"publish","type":"post","link":"https:\/\/www.thundercloud.net\/infoave\/new\/exploring-windows-processes-with-process-explorer\/","title":{"rendered":"Exploring Windows processes with Process Explorer"},"content":{"rendered":"
\n

Exploring Windows processes with\u00a0Process Explorer<\/h1>\n
<\/div>\n<\/header>\n
\n
\n
Today, we’re featuring another program from Microsoft Tech Net’s Sysinterals.<\/div>\n
<\/div>\n
Sysinternals makes several great utilities for Windows and a couple of them we use all the time when we’re doing computer repair. One of them is Autoruns, and another is Process Explorer. Today we\u2019re featuring Process Explorer.<\/div>\n<\/div>\n

Both AutoRuns and Process Explorer are in our tool kits when we put on our\u00a0Cloudeight Direct Computer Care<\/a><\/span>\u00a0hats and start helping others with their computers.<\/p>\n

Here\u2019s one example of how Process Explorer enabled TC to isolate and stop a process that was using 2.8 GB of ram on one of our Cloudeight Direct Computer Care customer\u2019s computers. The gentleman had 4 GB of RAM installed on a Windows 7 computer. He had trimmed his startups and maintained his computer well \u2013 yet it was still running very slowly. Digging in with Windows Explorer and looking through his processes revealed nothing unusual. TC installed Process Explorer and organized the process from the most resource hungry to the least. Right there at the top was the culprit \u2013 Windows Media Player Server service was running amok and using 2.8 GB or almost 3\/4 of this computer’s RAM. \u00a0TC stopped the service and prevented it from running automatically then rebooted his computer \u2013 and presto! His computer had 3.1 GB of free RAM and it ran like new. Without Process Explorer he would have never been able to find the wayward service.<\/p>\n

Here\u2019s what the Sysinternals guys have to say about Process Explorer<\/p>\n

\u201cEver wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.<\/em><\/p>\n

The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you\u2019ll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you\u2019ll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.<\/em><\/p>\n

The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.\u201d<\/em><\/p>\n

\"Cloudeight
\nSysinternals\u2019 Process Explorer<\/em><\/p>\n

Like Sysinternals AutoRuns, Process Explorer does not need to be installed.\u00a0Just download the zip file<\/a><\/strong><\/span>, extract the files, and click on its executable (exe). If you\u2019re running Vista, Windows 7 or Windows 8, right-click the exe file and choose \u201cRun as administrator\u201d \u2013 it will save you time later. Process Explorer is a free 1.07 MB download – and it contains no tricky ware, no malware — \u00a0Sysinternals plays no games with download links either.<\/p>\n

Process Explorer works with 32 and 64bit versions of Window XP, Vista, Windows 7, Windows 8x and Windows 10.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

Exploring Windows processes with\u00a0Process Explorer Today, we’re featuring another program from Microsoft Tech Net’s Sysinterals. Sysinternals makes several great utilities for Windows and a couple of them we use all the time when we’re doing computer repair. One of them is Autoruns, and another is Process Explorer. Today we\u2019re featuring Process Explorer. Both AutoRuns and Process Explorer are\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,10],"tags":[],"_links":{"self":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/9847"}],"collection":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/comments?post=9847"}],"version-history":[{"count":1,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/9847\/revisions"}],"predecessor-version":[{"id":9848,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/9847\/revisions\/9848"}],"wp:attachment":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media?parent=9847"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/categories?post=9847"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/tags?post=9847"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}