Windows notes - health and statistics

From Helpful
(Redirected from Process Explorer notes)
Jump to navigation Jump to search
Some fragmented windows-related notes (mostly admin stuff)

Windows admin notes

Windows notes - health and statistics|

Special windows variables · special windows folders

Command line windows

Windows and links

Windows user interface tweaks

Troubleshooting when windows spontaneously reboots

Making your windows installation smaller

something taking 100% CPU on windows

TODO: Cleanup

This article/section is a stub — probably a pile of half-sorted notes and is probably a first version, is not well-checked, so may have incorrect bits. (Feel free to ignore, or tell me)


Everyday

Overview of space use

WinDirStat

WinDirStat and WizTree, and other tools like it, show space usage visually (in a squarified treemap), which is a quick way to see what's eating your space - specifically noticing the large stuff and not getting distracted by details.


There is a portable variant of WinDirStat, useful for "This USB stick has my debugging tools" use.

WinDirStat: https://windirstat.net/


WizTree can be considerably faster when you are an administrator on the host (it can then read the filesystem index, rather than walk the filesystem) - if not it does the equivalent of WinDirStat and the likes.

WizTree: https://diskanalyzer.com/


Also, SpaceMonger, SpaceSniffer, etc.


Task Manager, Resource Monitor

Most people know Task Manager, as a general "what things are running, how busy are CPU, disk, network, how much memory is being used "

You might like to know about its keyboard shortcut: CtrlShiftEsc


Not everyone is aware that the also-standard Resource Monitor (which can be launched from task manager (Performance tab)) gives more detailed answers to questions like which program is connected to what, reading what file, etc, and (so) e.g. helps answers questions like "what is making my drive churn right now".

(Also being runnable via perfmon.exe /res suggests Resource Monitor is a new interface around the much older and in itself clunker Performance monitor)



Health

Event viewer

Reads out windows's event logs, which are


While you could use it for more general-purpose logging, not a lot of software does, so it's mostly used by windows itself, a lot of it is more about installation and update logs, and some basic audit trials, messages from services and drivers.

When windows misbehaves, it's worth checking for that last one.


gsmartcontrol

Reads out storage's SMART registers

https://gsmartcontrol.shaduri.dev/


speedfan

Reads out temperatures, fan speeds, and SMART registers

https://www.almico.com/speedfan.php

Debugging

Autoruns

Autoruns


Autoruns is a program that summarizes of things that are automatically loaded and started (from most possible sources, so more exhaustive than something like msconfig), as well as some plugin style things (things added to right-click menus for files), and also allows you to disable loading most of them.


Useful e.g. to figure out why initial login takes so long

You can disable things here, but for all apps that have their own "start with windows"-like setting, use that app's sett as it tends to survive through updates.


See also


Process explorer

Process Explorer (procexp) is basically a more detailed variant of Windows's own Task Manager.

It's more of a power user's toy, interesting for some specific debugging tasks - and to power users who like information overload.


Finding process that has a file open

"Find Handle or DLL" (Ctrl-Shift-F) allows you to look for handles, which include open files, by name.

It's slow, but it's great for things like "which program is the reason I can't delete this file?"


Finding process that owns a particular window


See also

Process Monitor

Process Monitor (procmon) monitors

  • file accesses (open, close, create, etc.)
  • registry accesses

as they happen, per process, so is a good tool to see what a process is up to.

Perhaps more interesting to security.



https://learn.microsoft.com/en-us/sysinternals/downloads/procmon