Best Process Viewers

This article was modified on 2012-10-05 15:49:39


If you look for an alternative to the classic Windows Task Manager read this article. I have featured several task viewers (all of them free) that does a better job than “traditional” Task Manager included in Microsoft Windows. Two of them are free and one is open-source. I ranked them based on my personal opinion but doubtless, all of them are useful so I recommend you to try all of them before you decide which one to use.
 
Starting with Microsoft Windows 95 I always used the "classic" CTRL+ALT+DEL keyboard combination. Although, you can perform several other tasks, I always use it for several objectives. What processes are running, view current resource usage (performance) and mainly to kill an unstable process. There are other better alternatives, such as these:
 
System Explorer logo
System Explorer
 
System Explorer is the first one on my list for the following reasons: accessibility and details of a process. It is the most friendly tool focused on helping and guiding the user in the right direction. The entire program is built on helping the user to find specific information about a process. If provides detailed info about tasks, modules, startups, services, drivers, connections and many others. Just like an antivirus setup, this utility will offer to perform a security scan.
 
System Explorer security check
 
It will compare the result with malicious process from his database. All you need is an Internet Connection and you can repeat this step whenever you want. It looks like this:
 
See results of security check
 
You can even check the results of the scan. To do this, choose "See the results of the security check" and a browser window will open with the results from your computer scan. You can view the statistics and scanned files.
 
System Explorer scan results
 
As I said, the greatest feature is the way that System Explorer provides more information about a specific process. You can check a process in several ways: (A) use his own database or Google search versus (B) check the file on VirusTotal.com or VirusScan.jotti.org
 
A. Use his own database or Google search
 
System Explorer has his own database with millions of scanned processes. Many of them were rated, or reviewed by different users. That's how you can check a process running on your PC - retrieve details from his own database of use Google search, see the images below:
 
System Explorer
 
To see the following results, select a process, perform a right-click on it, choose "File Info Search" and use "File Database". A second method with the same result would be to look at the bottom of the program, identify "See More Details" and click on it. It will take you to the same page:
 
ctfmon.exe database results
 
B. Check the file on VirusTotal.com or VirusScan.jotti.org
 
I didn't used VirusScan.jotti.org but VirusTotal is one of the best place to check or retrieve results about a file. They use multiple antivirus engines for this, I even wrote a separate article about this. That's how you can check a process on these resources:
 
Send files to VirusTotal service using System Explorer
 
If you use VirusTotal or VirusScan.jotti.org, on both of them it will upload the files that you want to check. That's how it looks, I have made screenshots with both services (Note: I have cut several parts to keep the images smaller):
 
ctfmon.exe results from VirusTotal database
 
Scan results from Virusscan.jotti database
 
Process Hacker logo
Process Hacker
 
Most likely Process Hacker has a great future. From what I noticed and tested it has a good chance to become the most popular process viewer or manager for Windows. The greatest advantage: it's an open-source project with a strong user community. It is also the most feature-rich tool from this area so you probably wonder why is on the second place. I believe that most users don't know that much about security, malware and other threats. Most of them end up in searching for processes that runs on their PCs. Inevitably, they land on security pages, forums, blogs that offer a description of processes that runs in Windows Task Manager. Finally they run such tools - as those found in this article. At the time that I wrote this article, Process Hacker looks and feels like a tool for advanced users:
 
Process Hacker
 
I would not know where to start but I liked the "Hidden Processes" feature. To access this feature, go to main menu, select "Tools" and choose "Hidden Processes". A new window will open, choose "Scan" and note the following message: "Processes highlighted red are hidden while those highlighted gray have ended".
 
Hidden Processes feature from Process Hacker
 
Another useful feature is in the same section - "Tools" and "Verify File Signature". This is useful when you want to check a file that pretends to come from a reputable company such as "Microsoft". Most malware tools will try to fool the victim by using names of well-known products, services or processes. This image does not contain all the steps - only a valid result of a file uploaded from my computer.
 
Process Hacker file signature result
 
I also liked "Network" section. It identifies the running processes and it shows if they connect to another Internet address. This is also useful as it allows you to identify malware easily. You can view and check the addresses to see if they are legit, trusted websites. If you see a Windows program such as "Paint" that connects to an IP address then you know for sure that your PC is infected.
 
Process Hacker network feature
 
One last thing, just like System Explorer, there is an option that allows you to check processes at other reputable sources. You can check them on VirusTotal.com, VirusScan.jotti.org and camas.comodo.com. I didn’t make a screenshot, you already know how they look.
 
Check file on VirusScan.jotti service using Process Hacker
 
Process Explorer logo
Process Explorer
 
The classic Windows Task Manager from Windows is the grandfather of all process viewers. Process Explorer is the first tool that had more features compared to the classic task manager. It was released for the first time in 1998 under the name NTHandlEx, soon after in HandleEx and back in 2001 as Process Explorer. It was developed by a company named Sysinternals.com that was acquired by Microsoft. This information was not necessary but almost all process managers were inspired by Process Explorer. It is easy to use but it has less features when compared to other task viewers. It does a better job and offers more info about running processes compared with the regular "Windows Task Manager" but as I said, System Explorer and Process Hacker are better. Here is an image with the latest version of Process Explorer:
 
Process Explorer
 
Note: there are other projects such as Yet Another (remote) Process Monitor (open source) or PrcView (freeware) but they seem abandoned (no newer versions released in last 3 years).
 


Follow HowToAnswer