Lecture Notes: Process Management and Process Explorer

Overview

• Expanded on process management.
• Discussed tools for manipulating processes in Windows.
  • Task Manager
  • PowerShell commandlet get-process
  • Taskless Utility
  • Signals such as Control C

Introduction to Process Explorer

• A tool for managing processes in Windows not built-in, but downloadable from the Microsoft website.
• Supports specialists and system administrators.
• Offers detailed views and control over running processes:
  • Top window pane: View of active processes.
  • Bottom window pane: List of files used by a selected process.

Features of Process Explorer

• Search Functionality:

  • Search for processes using Ctrl + F or the binocular button.
  • Example: Searching for notepad.exe.
  • MUI files: Multilingual User Interface packages.

• Process Hierarchy:

  • Processes can be nested, indicating parent-child relationships.
  • Example: notepad.exe as a child of command.exe.

• Process Management Options:

  • Kill Process: Terminates the selected process.
  • Kill Process Tree: Ends the process and its descendants.
  • Restart: Stops and restarts a process.
    • Example: Restarting notepad.exe, changing its parent to proc.exp.exe.
  • Suspend: Pauses a process without terminating it.
    • Suspended processes do not use resources.
    • Can resume the process by selecting the resume option.

Additional Considerations

• Process Explorer provides monitoring information.
• Further details can be explored in Microsoft's documentation (linked in supplementary materials).
• More features to be explored in upcoming lessons.