by T J Neale

Created on: January 23, 2008

What is running on your PC? Only Windows you hope. But why is there hard disk access your when you are doing nothing? And why does the system occasionally freeze for no apparent reason?

To answer these questions you need to understand what is meant by the Windows operating system, and how other applications can effect it.

All Window operating systems since good old DOS, are multi-tasking. That is, they can run more than one process at once. In a typical PC, with one processor, each process running takes turns at the CPU, access to the hard disk and other resources. The Windows system itself consists of multiple processes running at the same time.

Many programs when installed e.g. iTunes, will have a component running at start up. Often this corresponds to an icon in the system tray. Too many processes running and performance suffers. Hence the need to check periodically what is running.

Rogue processes due to spy-ware or virus infection may also be running. Spotting them is difficult, but worth a try if the normal anti-virus package has not prevented infection.

GETTING UNDER THE BONNET WITH TASK MANAGER

To run Task Manager press then select the Task Manager button. Alternatively right click the menu bar and select the Task Manager option.

The first tab on the task manager is the application tab. There should be one task here for each application on the menu bar i.e. application you have running.

The next tab is the processes tab. If you have never looked here before you will be in for a surprise. There are many background processes running on you PC. You can find out which process is hogging any particular resource by clicking on the column head, so ordering on that resource use.

The final tab is useful for gauging CPU and memory usage over time.

DOWNLOADS FROM MICROSOFT

For more detail on the processes running on your Windows PC you will need to visit Microsoft TechNet http://technet.microsoft.com/sysinternals/. Select the Process Utilities and download 'Process Explorer' and 'AutoRuns'.

Process Explorer shows information on the handles and DLL's a process has opened or loaded. Use it to work out the files and the application behind a process. This is not always obvious from the name given by Task Explorer.

Process Explorer's display consists of two sub-windows. The top window shows a list of the currently active processes, including the names of their owning accounts. The bottom window display depends on the mode that Process Explorer is in. If it is in handle mode, you will see the handles that the process selected in the top window has opened. If Process Explorer is in DLL mode, you will see the DLL's and memory-mapped files that the process has loaded.

Use the search function of Process Explorer to find which processes have particular handles opened or DLL's loaded.

AutoRuns shows the programs configured to run during system bootup and login in the order they are processed. Programs included are those in the startup folder, Run, RunOnce, and other Registry keys. AutoRuns can be configured to show a great deal of information regarding auto-starting processes. This allows you to decide if you really need the process running at startup.

MORE INFORMATION

For more information on processes likely to be found on a Windows system, see http://www.processlibrary.com/.

For more information on files in the Windows system and most common applications, the site http://www.file.net/ is very useful.

Learn more about this author, T J Neale.
Click here to send this author comments or questions.