• Process Explorer 11.21 – update

    I’ve been really busy in the last two months, but now I’m back and I’ll go ahead with the analysis of Process Explorer.


    Always on top – used to put the main Process Explorer’s windows on top of all the others

    Replace Task Manager – Really interesting function. When selected, the Process Explorer will replace the original Task Manager. If you want to put the task manager back, just click again on the same option and it will be restored.

    Hide when minimized – when flagged, only the icon in the traybar will be displayed and not the icon in the taskbar.

    Allow only one instance – if enabled, it will prevent to open more than one Process Explorer at the same time.

    Confirm Kill – if checked, everytime you try to kill a process, you’ll be asked for confirmation

    CPU History in tray icon – when enabled you’ll see an icon in the traybar next to the clock with the CPU usage history

    I/O History tray icon – same than the previous option, but the I/O output will be shown

    Verify Image Signatures – If enabled, Process Explorer will checks if a process’ image has been digitally signed by a certificate authority that is trusted by the computer. The Process Explorer will show Trusted (if it’s signed and trusted), Unsigned, or “Not Verified” (if is not trusted).

    Configure Symbols – Taken from the Help file: ”

    on Windows NT and higher, if you want Process Explorer to resolve addresses for thread start addresses in the threads tab of the process properties dialog and the thread stack window then configure symbols by first downloading the Debugging Tools for Windows package from Microsoft’s web site and installing it in its default directory. Open the Configure Symbols dialog and specify the path to the dbghelp.dll that’s in the Debugging Tools directory and have the symbol engine download symbols on demand from Microsoft to a directory on your disk by entering a symbol server string for the symbol path. For example, to have symbols download to the c:symbols directory you would enter this string:


    ning in the Tray

    Configure Highlighting – Use it to define which colors you want to assign to every kind of processes

    Difference Highlight Duration Define how much time will the new processes appears in green and the closing/killed ones in red. The default is 1 second.

    Font… – Choose the font that the software will use.

    Next step is to describe the View and the Proces menus… Hope this will happen soon!

    Thank you.

    Please support us by using Babylon search engine

  • Process Explorer 11.21 (procexp)

    Hi All,

    today I’ll start a review of all the softwares I’ve mentioned some days ago, and I think that the “Process Explorer” is a very good start.

    Process Explorer has been created by Mark Russinovich, and is the best replacement for the original Microsoft Windows’ Task Manager.

    I’ve used process explorer for various years, and it helped me a lot to troubleshoot and solve a large number of issues.

    Process Explorer's appearance

    Process Explorer

    In this image we can see Process Explorer’s appearance:

    On the top part we have the standard Menu bar and Toolbar. The main window lists the processes running on the machine and the last window shows (depending on how you configure it) the DLLs or the Handles associated to the process we highlight.

    Now, let’s analyse the Menu Bar; we can see 8 menu items: File, Options, View, Process, Find, Handle, Users and Help. In this post I’ll explain the first two menus: File and Options, just to avoid to make it too long:


    Run: this will allow you to start an executable by writing its name in the proper field or by browsing your drives and double click on it.

    Runas: this will allow you to start an executable like the option “Run“, but before the program starts, you’ll be prompted for alternate credentials.

    Save: using this option will save the full content of both process window and the DLLs/Handles windows in TXT format.

    Save as: same as the previous option, but with the option to change the TXT filename.

    Shutdown: this will give you the opportunity to Logoff, Shutdown, Stand by, Lock or Restart your machine.

    Exit: use it to close the program.


    Always on top: put Process Explorer’s window on top of all the others.

    Replace Task Manager: replace the original Task Manager with the Process Explorer. Please note that the change can be reverted by choosing this option again.

    Hide when minimized: enabling this option will make the process explorer’s window disappear from the traybar when minimized (please note that the cpu usage monitor in the systray will remain – if enabled – and from there you’ll be able to restore it).

    Allow only one instance: allow or not to have more than one Process Explorer opened.

    Confirm Kill: ask confirmation when you try to kill a process.

    CPU History in Tray Icon: swap the  CPU history icon in the systray with the CPU Realtime usage icon.

    I/O History Tray Icon: enable/disable the I/O history icon in the systray.

    Verify Image Signatures: enable/disable will check or not if a specific process has a trusted signature (signed by a trusted root certificate authority).

    Configure symbols: this is to specify the path of the file dbghelp.dll. This is part of the Debugging tools for Windows, used by Process Explorer to identify the thread’s start addresses when you see the “threads” tab in the process’s properties.

    Configure Highlighting: specify colors for every different type of process.

    Difference Highlight Duration: this will change the amount of seconds (default 1) that new processes are shown in Green (started) or Red (killed/closed).

    Font: This is to change the default font used by Process Explorer.

    In the next post I’ll discuss the other options and in the last one I’ll give some tips and explanations on how to use it to solve specific issues.

    Have a good weekend!

  • A joke? Not really…

    Hi, yesterday I was giving remote support to a user with a colleague of mine. Suddenly something funny happened…

    Here’s the conversation between my Colleague and the User:

    (C): Ok, now to take back the control of your machine, just double click on the left mouse button.

    (U) “Click-Click”… Uhm.. No. It doesn’t work…

    (C) Ok, don’t worry, sometimes the machine needs more than a double click to recognize the command. Try clicking the mouse button for more than two times. It should work…

    (U) Ah, fine. “Click-click-click-click-click-click-click-CLOCK”…. … … … Yes, I have the control back… but … Sorry, how can I request a new mouse? I think I broke the left button”…

    What can I say? No comment, of course…