2013-11-15
Windows Task Manager: A Troubleshooting Tool (Part Two)
In Part One, we have covered the basics of those three tabs, let's dive deeper into using Task Manager to identify and resolve problems on your Windows PC using the other three tabs.
Applications Tab
When you first open Task Manager, the Applications tab is the default tab displayed. This tab shows a list of the currently active applications--but only applications that are open on the taskbar (Figure 7). Programs that are running, but minimized to the System Tray--like Microsoft System Essentials and Yammer--will not appear on this list, and the Task Manager itself is also absent.
If you want to quit an application from this menu, just select the item under the Tasks list and click End Task.
But the most important aspect of the Applications tab is the Status column. This lets you know whether a program is running properly or not. Applications that are frozen or hung up will show "Not Responding." Odds are fair that if the program status is "Not Responding" in Task Manager, you also won't be able to interact with it or shut it down by normal means such as clicking the "X" in the upper right corner to close the window. In those instances, select the problem application and click the End Task button.
You will most likely get a pop-up window confirming that you want to terminate the "Not Responding" application. Occasionally, you run into an application that won't quit after the first try--or the second, or the third. That's when you switch to the Processes tab.
Processes Tab
The Processes tab is really the heart of Task Manager. This tab has the most useful information when it comes to troubleshooting and identifying issues, and it provides the most effective tools for resolving those issues.
First, let's go over the information that is displayed on the Processes tab. It shows five columns of information by default: Image Name (the process), User Name (the user account context the process is running in), CPU (the percentage of the processor being used by that process), Memory (the amount of system RAM being used by that process), and Description (a more understandable description of what the process is).
You can sort the processes using any of the columns--simply click the column that you want to use as the primary sort filter. If you click Image Name, the processes will be sorted alphabetically (or reverse alphabetically). Generally, you will want either to sort the processes alphabetically to make it easier to find a specific process, or to sort based on CPU or Memory to identify the processes that are hogging system resources.
For example, if your PC is slow and unresponsive, but all of the programs on the Applications tab appear to be running fine, you can sort the Processes tab based on the CPU or Memory column to see if a particular process is using up a huge chunk of the available resources. You might also be able to identify suspicious or malicious activity If you find processor or memory resources being consumed by processes that you don't recognize or can't make out which application they belong to.
First, though, click the checkbox at the bottom of the Processes tab next to "Show processes from all users." If you sort the Processes based on the CPU column, you will most likely notice that adding up the numbers of the processor percentage in use by the displayed processes does not match the CPU usage reported in the dashboard at the bottom of the Task Manager. That's because the Processes tab displays only the tabs running in the logged-in user's context by default--so system processes and processes from other users aren't shown unless you click this checkbox.
The CPU and Memory columns are the most useful ways to identify problem processes, especially if you have already tried End Task on the Applications tab and found that the program is too stubborn to shut down. Sort based on the CPU or Memory column to find the process hogging the system resources, select it, and click the End Process button at the bottom of the Processes tab. End Process is typically much more effective than End Task--even for tenacious processes.
The Processes tab also offers more customizability than the other tabs. Click View at the top of Task Manager, and choose Select Columns to see a list of all of the other information you can display in the Processes tab columns. One custom column I highly recommend adding is process ID--or PID. It will come in handy when trying to work with the Services tab because the Services can be filtered based on the associated PID to make it easier to match the processes and services that go together.
Another very handy column to add is Image Path Name. This column lists the path to the location of the executable for the process in question. This can help you determine what the actual application is that is behind an errant process, or help you locate where malware executables might be hidden on your system.
Services Tab
The Services tab is essentially a scaled-down version of the Services management console, something you can access by clicking the Services button at the bottom of the Services tab. A service is a program that is designed to perform a function and that can be called by other programs without user intervention. For example, the Print Spooler service can be used by various applications to queue items to be printed. This tab lists the service name, the PID, a description in more understandable language of what the service is or does, the current status of the service, and its group--assuming it's in one.
Each service will have a status of either "stopped" or "running." If you right-click on any of the services, you will see that there are really only three things you can do with it, and only one or two of the choices is available at a given time. If it is "running," you can stop it, and you also have an option to "Go to Process," but the "Start Service" option is grayed out because the service is already on. If the service is not running, you can click "Start Service," but the other options are grayed out because you can't stop a service that isn't running to begin with, and stopped processes aren't connected with any running processes.
Clicking "Go to Process" takes you to the associated PID on the Processes tab. However, if your Processes tab is sorted by CPU usage, memory, or some other dynamic column that changes frequently, the processes will likely be bouncing around too much for you to really use this tab. You should first sort the Processes tab based on PID (after you have followed the instructions under the Processes tab section to add the PID column) so that the processes are listed in numeric order.
If you sort the Services tab based on PID, you will see that a number of services can be associated with a single PID simultaneously. Ending the process will impact all of the services connected to that process. Using the two tabs together, though, you can find the services related to a problem process, and try stopping each service one at a time to isolate the problem without killing the process and impacting all of the associated services.
Stop each service one at a time, then monitor the Processes tab to see if the issue is resolved. Once you isolate the problem service, you can use the Image Path Name column on the Processes tab to help you identify the actual application causing the problem. Then, you can check with the developer to see if there is a patch or workaround for the issue you are having, or find an alternative program that doesn't have those issues, or simply uninstall it to resolve the problem.
Once you've found a particularly problematic service, you can click the Services button to open the full services management console where you can access the properties for the service and either disable it or change it to only start manually so you can see if that leaving that service off resolves your problem.
The Task Manager in Windows 7 is a powerful tool, and we have really only scratched the surface. It lets you monitor and optimize system and network performance. It lets you troubleshoot and resolve issues, and terminate stubborn software without rebooting.
Open it up and check it out. Poke around and see what Task Manager has to offer.
Applications Tab
When you first open Task Manager, the Applications tab is the default tab displayed. This tab shows a list of the currently active applications--but only applications that are open on the taskbar (Figure 7). Programs that are running, but minimized to the System Tray--like Microsoft System Essentials and Yammer--will not appear on this list, and the Task Manager itself is also absent.
If you want to quit an application from this menu, just select the item under the Tasks list and click End Task.
But the most important aspect of the Applications tab is the Status column. This lets you know whether a program is running properly or not. Applications that are frozen or hung up will show "Not Responding." Odds are fair that if the program status is "Not Responding" in Task Manager, you also won't be able to interact with it or shut it down by normal means such as clicking the "X" in the upper right corner to close the window. In those instances, select the problem application and click the End Task button.
You will most likely get a pop-up window confirming that you want to terminate the "Not Responding" application. Occasionally, you run into an application that won't quit after the first try--or the second, or the third. That's when you switch to the Processes tab.
Processes Tab
The Processes tab is really the heart of Task Manager. This tab has the most useful information when it comes to troubleshooting and identifying issues, and it provides the most effective tools for resolving those issues.
First, let's go over the information that is displayed on the Processes tab. It shows five columns of information by default: Image Name (the process), User Name (the user account context the process is running in), CPU (the percentage of the processor being used by that process), Memory (the amount of system RAM being used by that process), and Description (a more understandable description of what the process is).
You can sort the processes using any of the columns--simply click the column that you want to use as the primary sort filter. If you click Image Name, the processes will be sorted alphabetically (or reverse alphabetically). Generally, you will want either to sort the processes alphabetically to make it easier to find a specific process, or to sort based on CPU or Memory to identify the processes that are hogging system resources.
For example, if your PC is slow and unresponsive, but all of the programs on the Applications tab appear to be running fine, you can sort the Processes tab based on the CPU or Memory column to see if a particular process is using up a huge chunk of the available resources. You might also be able to identify suspicious or malicious activity If you find processor or memory resources being consumed by processes that you don't recognize or can't make out which application they belong to.
First, though, click the checkbox at the bottom of the Processes tab next to "Show processes from all users." If you sort the Processes based on the CPU column, you will most likely notice that adding up the numbers of the processor percentage in use by the displayed processes does not match the CPU usage reported in the dashboard at the bottom of the Task Manager. That's because the Processes tab displays only the tabs running in the logged-in user's context by default--so system processes and processes from other users aren't shown unless you click this checkbox.
The CPU and Memory columns are the most useful ways to identify problem processes, especially if you have already tried End Task on the Applications tab and found that the program is too stubborn to shut down. Sort based on the CPU or Memory column to find the process hogging the system resources, select it, and click the End Process button at the bottom of the Processes tab. End Process is typically much more effective than End Task--even for tenacious processes.
The Processes tab also offers more customizability than the other tabs. Click View at the top of Task Manager, and choose Select Columns to see a list of all of the other information you can display in the Processes tab columns. One custom column I highly recommend adding is process ID--or PID. It will come in handy when trying to work with the Services tab because the Services can be filtered based on the associated PID to make it easier to match the processes and services that go together.
Another very handy column to add is Image Path Name. This column lists the path to the location of the executable for the process in question. This can help you determine what the actual application is that is behind an errant process, or help you locate where malware executables might be hidden on your system.
Services Tab
The Services tab is essentially a scaled-down version of the Services management console, something you can access by clicking the Services button at the bottom of the Services tab. A service is a program that is designed to perform a function and that can be called by other programs without user intervention. For example, the Print Spooler service can be used by various applications to queue items to be printed. This tab lists the service name, the PID, a description in more understandable language of what the service is or does, the current status of the service, and its group--assuming it's in one.
Each service will have a status of either "stopped" or "running." If you right-click on any of the services, you will see that there are really only three things you can do with it, and only one or two of the choices is available at a given time. If it is "running," you can stop it, and you also have an option to "Go to Process," but the "Start Service" option is grayed out because the service is already on. If the service is not running, you can click "Start Service," but the other options are grayed out because you can't stop a service that isn't running to begin with, and stopped processes aren't connected with any running processes.
Clicking "Go to Process" takes you to the associated PID on the Processes tab. However, if your Processes tab is sorted by CPU usage, memory, or some other dynamic column that changes frequently, the processes will likely be bouncing around too much for you to really use this tab. You should first sort the Processes tab based on PID (after you have followed the instructions under the Processes tab section to add the PID column) so that the processes are listed in numeric order.
If you sort the Services tab based on PID, you will see that a number of services can be associated with a single PID simultaneously. Ending the process will impact all of the services connected to that process. Using the two tabs together, though, you can find the services related to a problem process, and try stopping each service one at a time to isolate the problem without killing the process and impacting all of the associated services.
Stop each service one at a time, then monitor the Processes tab to see if the issue is resolved. Once you isolate the problem service, you can use the Image Path Name column on the Processes tab to help you identify the actual application causing the problem. Then, you can check with the developer to see if there is a patch or workaround for the issue you are having, or find an alternative program that doesn't have those issues, or simply uninstall it to resolve the problem.
Once you've found a particularly problematic service, you can click the Services button to open the full services management console where you can access the properties for the service and either disable it or change it to only start manually so you can see if that leaving that service off resolves your problem.
The Task Manager in Windows 7 is a powerful tool, and we have really only scratched the surface. It lets you monitor and optimize system and network performance. It lets you troubleshoot and resolve issues, and terminate stubborn software without rebooting.
Open it up and check it out. Poke around and see what Task Manager has to offer.