Jump to content

Task Manager (Windows)

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 168.182.1.254 (talk) at 15:49, 15 February 2011. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Template:Infobox Windows component Windows Task Manager is a task manager application included with Microsoft Windows NT family of operating systems that provides detailed information about computer performance and running applications, processes and CPU usage, commit charge and memory information, network activity and statistics, logged-in users, and system services. The Task Manager can also be used to set process priorities, processor affinity, forcibly terminate processes, and shut down, restart, hibernate or log off from Windows. Windows Task Manager was introduced with Windows NT 4.0. Previous versions of Windows NT included the Task List application, which had far fewer features. The task list was capable of listing currently running processes and killing them, or creating a new process.

Earlier versions of Microsoft Windows (Microsoft Windows 3.x, Windows 95, Windows 98) had a program known as tasks to display the programs currently running. This file was executed by running the taskman.exe file from the C:\Windows directory.[1]

Launching Task Manager

Task Manager on Windows XP.

The Task Manager can be launched using any of the following four methods:

  1. Using the context menu on the taskbar and selecting "Task Manager" (for WinXP/Vista) or "Start Task Manager" (for Windows 7).
  2. Using the key combination Ctrl+Shift+Esc.
  3. In Windows NT, Windows 2000, Windows Vista and Windows 7, use the key combination Ctrl+Alt+Del to open the Windows Security dialog, then click on "Task Manager". In Windows XP, Windows Vista and Windows 7, pressing Ctrl+Shift+Esc directly launches Task Manager, as does Ctrl+Alt+Delete if you have disabled the Welcome Screen.
  4. Starting "Taskmgr.exe" from a command line, GUI (located in C:\Windows\System32\taskmgr.exe) or a shortcut.

Property sheets

Applications

The Applications tab in Task Manager shows a list of programs currently running. A set of rules determines whether a process appears on this tab or not. Most applications that have a taskbar entry will appear on this tab, but this is not always the case.

Right-clicking any of the applications in the list allows (among other things) switching to that application, ending the application, and showing the process on the Processes tab that is associated with the application.

Choosing to End Task from the Applications tab causes a request to be sent to the application for it to terminate. This is different from what happens when End Process is chosen from the Processes tab.

Processes

The Processes tab shows a list of all running processes on the system. This list includes services and processes from other accounts. Prior to Windows XP, process names longer than 15 characters in length are truncated. [2]

Right-clicking a process in the list allows changing the priority the process has, setting processor affinity (setting which CPU(s) the process can execute on), and allows the process to be ended. Choosing to End Process will cause Windows to immediately kill the process. Choosing to "end Process Tree" will cause Windows to immediately kill the process, as well as all processes directly or indirectly started by that process. Unlike choosing End Task from the Applications tab, when choosing to End Process the program is not given warning nor a chance to clean up before ending. However, when a process that is running under a security context different than the one of the process which issued the call to TerminateProcess, the use of the KILL command line utility is required.[3]

By default the processes tab shows the user account the process is running under, the amount of CPU, and the amount of memory the process is currently consuming. There are many more columns that can be shown by choosing Select columns... from the View menu.

Performance

The performance tab shows overall statistics about the systems performance, most notably the overall amount of CPU usage and how much memory is being used. A chart of recent usage for both of these values is shown. Details about specific areas of memory are also shown.

There is an option to break the CPU usage graph into two sections; kernel mode time and user mode time. Many device drivers, and core parts of the operating system run in kernel mode, whereas user applications run in user mode. This option can be turned on by choosing Show kernel times from the View menu. When this option is turned on the CPU usage graph will show a green and a red area. The red area is the amount of time spent in kernel mode, and the green area shows the amount of time spent in user mode.

Networking

The Networking tab shows statistics relating to each of the network adapters present in the computer. By default the adapter name, percentage of network utilization, link speed and state of the network adapter are shown, along with a chart of recent activity. More options can be shown by choosing Select columns... from the View menu.

Users

The Users tab shows all users that currently have a session on the computer. On server computers there may be several users connected to the computer using Terminal Services. As of Windows XP, there may also be multiple users logged onto the computer at one time using the Fast User Switching feature. Users can be disconnected or logged off from this tab.

Tiny Footprint mode

Task Manager has a user interface that shows comprehensive details of tasks running. As well as this mode it also has an alternative interface without any menu options or tabs. This just shows which applications are running and is the same information that would be seen on the Applications tab when the comprehensive details are shown. This is called the Tiny Footprint Mode. By double-clicking on certain areas (Which ones?) in the Task Manager you can switch between the two modes.[4]

Windows Vista changes

Windows Task Manager has been updated in Windows Vista with new features, including:

  • A "Services" tab to view and/or modify currently running services and start and stop any service as well as enable/disable the UAC file and registry virtualization of a process.
  • New "Description" column to see the full name and path of a process and its DEP and virtualization status.
  • By right-clicking on any process, it is possible to directly open the Properties of the process executable or the directory (folder) containing the process.
  • The Task Manager has also been made less vulnerable to attack from remote sources or viruses as it must be operating under administrative rights to carry out certain tasks, such as logging off other connected users or sending messages. The user must go into the "Processes" tab and click "Show processes from other users" in order to verify administrative rights and unlock these privileges. Showing processes from all users requires all users including administrators to accept a UAC prompt, unless UAC is disabled. If the user is not an administrator, they must enter a password for an administrator account when prompted to proceed.
  • By right-clicking on any running process, it is possible to create a dump. This feature can be useful if an application or a process is not responding, so that the dump file can be opened in a debugger to get more information.
  • The Shutdown menu containing Standby, Hibernate, Turn off, Restart, Log Off and Switch User has been removed.
  • The Performance tab shows the system uptime.

Security issues

Task Manager is a common target of computer viruses and other forms of malware; typically malware will close the Task Manager as soon as it is started, so as to hide itself from users. Variants of the Zotob and Spybot worms have used this technique, for example.[5] Using Group Policy, it is possible to disable the Task Manager. Many types of malware also enable this policy setting in the registry. Rootkits can prevent themselves from getting listed in the Task Manager, thereby preventing their detection and termination using it.

Terminology

Applications tab

  • Task manager defines Application or Task as a window owned by a specific thread. Not all windows are shown in this view. For example, modal dialogs (windows for which there is not a separate thread) do not appear. This is why many dialogs and error messages are not shown. The term Task used in the first column can be confusing, as there is no inherent concept of Tasks on Windows Operating System, except those configured in the Task Scheduler to run periodically.
  • The Status column shows the status of the thread that owns a window, in terms of windows message processing. When the status of an application appears as Running this indicates that the thread is responsive to windows messages. When the status appears as Not Responding it means that the thread is not, at the moment, responsive to windowing messages. It could be waiting (sometimes referred to as "blocked") for other events such as I/O requests, or executing compute-bound code.

Processes tab

  • The Mem Usage column on the Processes tab is actually the process' working set. The process has little or no direct control over its working set, which turns this column useless to determine how much memory a process is consuming.
  • The VM Size column (not shown by default) is not the amount of virtual memory used by the process; it is actually the process' private bytes.
  • The CPU column is calculated by trimming the CPU consumption to fit in a two-digit fashion, which can be inaccurate. A process consuming 0.9% of CPU will be reported as 00 in Task Manager.
  • The System Idle Process is the first process that is created when Windows is loaded, and it always has a process ID of 0. There is one thread in the System Idle Process for each CPU in the system. When the CPU has no other work to do, the Windows scheduler selects the CPU's corresponding idle thread for execution. The accumulated CPU time of this process therefore shows the total CPU time that has not been used. In early versions of Windows NT the idle threads were short idle loops consisting primarily of a "halt" instruction; in later Windows versions, the idle threads invoke more sophisticated methods of CPU power management.

The layout can be configured by the user by selecting "View" then "Select Columns..." from the menu. Up to thirty different columns (depending on the version of Windows) can be selected for display including various memory and I/O options and the number of handles and threads in use.

Performance tab

  • Interrupts and DPC time are shown on the CPU graph, which may lead to the confusing situation where the Performance tab shows significant CPU usage, while the Processes tab shows the system is completely idle.
  • Prior to Windows Vista, the second graph was named PF Usage and Page File Usage History, when in fact it represented Commit Charge and Commit Charge History.
  • Windows Memory Manager optimizes physical memory to achieve best performance by implementing a shared memory mechanism. Mapped files such as DLLs used by multiple processes are instantiated one single time in physical memory, and then shared across all referring processes. As memory consumption is accounted individually for each process, the total of all process working sets will commonly be larger than the actual total memory being used.

Tasks under Windows 9x

A Close Program dialog box comes up when Ctrl+Alt+Del is pressed in Windows 9x. Also, in Windows 9x, there is a program called Tasks (TASKMAN.EXE) located in the Windows directory. TASKMAN.EXE is rudimentary and has fewer features. The System Monitor utility in Windows 9x contains process and network monitoring functionality similar to that of the Windows Task Manager. (Also, Tasks program is called by clicking twice on desktop if Explorer process is down.)

See also

References

  1. ^ Computer Hope web site.
  2. ^ Magic 15 with GetProcessesByName on Windows 2000
  3. ^ http://support.microsoft.com/kb/155075
  4. ^ "Task Manager Menu Bar and Tabs Are Not Visible", Help and Support, Microsoft, 2007-05-07, retrieved 2007-08-07
  5. ^ Task Manager, MSCONFIG, or REGEDIT disappears while opening