Ever wonder what all of those mysteriously-named Windows “processes” are doing, and how they got loaded on your computer in the first place? Use the helpful ProcessLibrary.com to find out.
Control-ALT-Delete used to perform a very simple, but (sadly) vital function: rebooting your Windows computer. In recent versions of Windows, pressing Control-ALT-Delete now brings up the Windows Task Manager, which offers alternatives to handling misbehaving software without the brute force approach of a hard reboot.
The Task Manager has four views: Applications, Processes, Performance and Networking. The Applications view shows you currently running programs. Use the “End Task” button on this view to kill a program that isn’t working as expected—or to get rid of a “mousetrapped” browser that’s repeatedly displaying an offensive web site.
The Performance and Networking views offer interesting statistics, but aren’t really useful unless you’re a serious Windows geek.
It’s the Processes view that offers the most insight into what’s going on with your computer. Unfortunately, it also displays information in maddeningly cryptic fashion, showing “Image Name,” “User Name,” “CPU” and “Usage” details. Two of these offer the most meaningful information: Image Name is the name of a process that’s currently running in memory, and CPU shows you how much capacity of your computer’s central processing unit is being consumed by the process.
If your computer is sluggish, the processes view will tell you which process is hogging your system resources. Use the “End Process” button to kill it. Be careful, though—killing some processes could lock up your computer and potentially result in loss of data.
Problem is, it’s almost impossible to determine what most processes are from their image names. I’m convinced that the people who write Windows processes are highly trained in the art of obfuscation. Some of the more common processes include lsass.exe, alg.exe, svchost.exe, csrss.exe and smss.exe. And there’s no “properties” information to tell you anything about what these things are doing or how they got started in the first place.
Enter ProcessLibrary.com. This searchable database makes it easy to find information about even the most obscure process running on your computer. Take lsass.exe, for example. If your computer uses a current version of Windows XP, this process is almost certainly running. What is it?
Local Security Authority Service. “This is a system process of the Microsoft Windows security mechanisms. It specifically deals with local security and login policies.” In addition to this description, ProcessLibrary.com also tells you the author of the process, and whether it’s associated with the operating system or a particular piece of software.
Even more importantly, it also indicates whether the process is something nasty, like a virus, Trojan or spyware, and assigns the process a security risk from zero to five.
ProcessLibrary.com isn’t an altruistic effort—it’s the work of a company called UniBlue that sells a program called WinTasks Pro that’s designed, surprise surprise, to help you deal with or eliminate nasty processes. Nonetheless, the amount and quality of information offered on the site makes it a worthwhile resource.
ProcessLibrary also has a DLL Search that’s useful for decoding cryptic error messages.
Other sources for this type of information include Sysinfo.org’s Startup Applications List and Task List Programs from Answers That Work. Google’s specialized Microsoft search is also another great resource for finding information about startup processes, from these sites and many others.
NOTE: Article links often change. In case of a bad link, use the publication’s search facility, which most have, and search for the headline.