Best Practices Enterprise Tech Featured Microsoft Tools

Top Ten Tips and Troubleshooting with Process Explorer Tool

Process Explorer tool from SysInternals, will give you a complete overview on what processes are currently running in your PC along with the details on who invoked it and how much system resources it is consuming. This tool will be very essential, if you want to identify which file or directory has a particular program opened. In this article, you will learn 10 best practices and tips which will help to use this tool better.

A process is a container for a set of resources, including one or more threads. A process never consumes a CPU. Its the thread inside the process which consumes the system resources like CPU, Memory etc. Each process at-least has one Thread.  Using this tool, you can also determine which thread of a process is consuming CPU.

Some of the benefits, this Tool gives you are..

  • Displays the Parent/Child Relationships of the Processes
  • Highlighting of different process based on their source and states.
  • Customize Columns to suit specific needs to analyze CPU performance, Threads, etc
  • Tons of Options to play around with..!

Tip 1:Process Explorer Parameters – Create a Startup Shortcut / Desktop Shortcut to this executable (procexp.exe) and add a parameter /t /e to it.

Process Explorer - Parameters

/t makes this executable run minimized and /e will make it run elevated. As most of the times, you want the system processes also.. it makes sense to run the tool elevated.

Process Explorer - System TrayWhen you invoke this shortcut, the Process Explorer will run in the System Tray as shown below. You can just double click to invoke them.

Tip 2: Configuring the Options – Goto Options Menu Item and Select Hide When Minimized and Allow only one instance. This will help you to just minimize the program, even when you click on the X close button. Sometimes, you tend to invoke the shortcut more than once, thinking that the Process Explorer is not running, selecting the Allow only one instance will help you not have multiple entries of Procexp inside the process explorer window.

Process Explorer - Hide When MinimizedTip 3: Configure Symbols – When you invoke any process and go-to the Threads Tab, you will observe a hexadecimal weird address in the Start Address Tab. These will not be helpful for you while troubleshooting. You will need to convert it to a meaninful message and thats where configuring the symbols will be useful.

Process Explorer - Hexa Thread DefinitionsGoto Options Tab, and click on Configure Symbols item.

Process Explorer - Configure Symbols

You will need to install the Windows Debugging Toolkit, so that you can configure the path of the dbghelp.dll file. Also, configure the Symbols path as both local and internet. For more information read here –

Process Explorer - Configure Symbol PathsOnce you do this, the hexa-decimal code will be converted to more meaningful message for effective understanding and troubleshooting. You can see in the Start Address column now.

Process Explorer - Meaningful Thread Definitions

Tip 4: Highlighting Colors – Goto Options Menu Item and Select, Configure highlighting. Using this option, you can customize the colors which you would like to assign for certain roles of processes. By default Pink color is associated for processes with one or more – win32 services, Yellow color for processes which uses .NET Framework, Light blue color for processes which are running with the same user account as the process explorer.

Configure Highlighting of ProcessesTip 5: Configure Difference highlighting Duration: Set the Duration to 5 or more seconds. This is an important tip, which will help you distinguish in the difference of the events. The color associations and the process will exist and run for 5 seconds. For example, every process which starts new is associated a green color and every process that stops gets a red. the processes will exist in the Process Explorer for at-least 5 seconds with the same color code, so that you can see them and diagnose the same.

Configuring highlighting DurationTip 6: Verifying Processes – When you double-click on any process it opens the properties dialog; this will give you the complete information of that particular process. Its Parent process, Who invoked it, At what time, What OS version is it (32/64 bit) etc. Just observe that, this executable is not verified no matter it comes from Microsoft Corporation. Verifying the processes will help you to determine whether this process is signed to run on this particular edition of the OS. For example, if your machine performance is sluggish, you might run the verify process and see if any of the executables like antivirus are not suited for your PC.

Analyzing a Process Image

Goto Options Tab and select on Verify Image Signatures. This will start the verification process. Now you click on any column and add a new column for Verified Signer. You will start seeing all the process along with the verified status.

Verified Processes

Tip 7: Process Identification – Sometimes, there could be many processes running on your PC (for example, many instances of a same application), In this case it would be difficult to identify the associated process entry in Process Explorer. Thats where exactly, this magnifier comes to your help. Hold the magnifier button, and that will show you all the other windows executing on your PC. Just drop the magnifier on a window which you wanted to identify and that appropriate process would get high-lighted in the Process Explorer.

Magnifier Process Identifier

Tip 8: DLL/Header View – Selecting a Process, and pressing Cntl+D will show the DLL view in the hidden tab. Cntl + H will show the headers which are currently accessed by the process. This will be helpful to understand the components used by a process. You can also choose to search a dll or a Header using the Search option. For eg: If you ever encountered a failed delete action by your process, searching for ‘delete’ will give you more information on what gets called and which file did your process try to delete. You can hover over any process in Process explorer, this will get you all the win32 services running in it.

Cntl+D for DLL View –

Process Explorer - DLL View

Cntl+H for Header View –

Process Explorer - Headers View

Tip 9: Performance Graphs – Double-clicking the graph in the icon bar, will open the performance graph. The red color showcases the kernel mode and the green signifies the transition of Kernel and User mode. If you are running a multi-core PC, choose to ‘show One Graph per CPU’. This will help you manage tasks and also enables you to take a decision to set affinity for a process to a single CPU. (You can right click on a process, Set Affinity to just any of the CPU)

Set Processor Affinity

System Information - Performance Graph

Tip 10: Configure Columns – In the explorer window, Right click on a column header and add new columns. To identify an executable or a process performance, you need to add Threads, CPU Usage, Context Switch Delta and CPU Cycles Delta. This will help you identify which process has more threads and is consuming high CPU usage. Based upon your analysis, you can choose to terminate it for system performance.

Process Performance

Are you aware of any other worthwhile tip on this tool? If yes, drop in as a comment here and I shall feature it in this article appropriately!

Also read about the other SysInternals Tools here  –

Best Practices Microsoft Windows Installer, Application Compatibility and Deployments

Springboard Series Virtual Roundtable: Migrating from Internet Explorer 6 to IE8

Join the Springboard Series Team live at 9:00 AM Pacific Time on Thursday, September 30, 2010 for a virtual, interactive roundtable discussion on migration strategies, standards, and support for organizations moving from Internet Explorer 6 to Internet Explorer 8.

As organizations deploy Windows 7, many still depend on web applications that were designed for Internet Explorer 6. Will they still work, and what can you do when they don’t? Join a panel of IT Professionals, Microsoft specialists and technical experts to discuss best practices to simplify and accelerate the migration to Internet Explorer 8. Topics will include an explanation of the causes of and solutions for application compatibility issues (including policy, code, and virtualization solutions), an introduction to tools, and a review of best practices.

Ask your questions live during the event with the online tool – or submit your questions in advance to

Find answers to your Windows client OS deployment and management questions with resources, tools, and tested guidance from the Springboard Series on TechNet.

Missed a previous Springboard Series Virtual Roundtable? Watch them on demand.

You would also be interested in reading –

General How-to Microsoft

How to Set Default Programs for File Extension Associations in Windows

When you have multiple browsers or media players on a single machine, the latest software you installed takes all the Default Program file Associations.  For instance, when you install Winamp Player on Windows, the .mp3 files by default will play on Winamp and not Windows media player. Basically, the File extension associations gets over-ridden when a new software is installed.

Some of the programs do prompt to the user, however most of the programs do not. For eg: If you have installed another web browser in addition to Internet Explorer, you can specify that you want to use that browser as your default program for opening web based content instead of Internet Explorer when the program is launched for the first time. You usually get the dialog ‘Do you want Chrome to be your default Browser?’

Now when you face a similar situation like this and want to change the default associations back, here are few of the methods you can use –

Option 1: Set Default Programs in Control Panel

Open Control Panel, and select Programs. Here you will find option to set the Default Programs (as shown below)

Set Default Program in the Control Panel

When you open the Set Default Programs, you will see the list of all the softwares installed and you can choose which Program you want to set as default. In this example, let us choose Internet Explorer and Set this program as default for all the internet shortcuts,  HTML files and other files normally viewed on a browser.

Set Default Program in the Control Panel

You can also choose, selective application types or file extensions to associate with a program. For example, in this below screenshot you will see, how specific a file type can be assigned a program.

Set Default Program for Specific File extension

Option 2: Associating a file extension Using the right click menu Option

Select the file which you want to associate, right-click on it, and select the Open With Menu Item and Click on Choose Default Program.

Choose Default Program - Right Click MenuThis will list all the available softwares/programs for this program. You can choose a program here and click on OK button. Ensure that, you select the Check box “Always use the selected Program to open this kind of file”.

Set Default Program - Right Click Menu

Option 3: Registry Key Association

If your application uses special file extensions, you might want to register them so that the application gets started when the icon associated with the file gets double-clicked. Read this article to know more – How to register a File Extension in Windows? (This is for an advanced User)

You will also be interested to read –

General How-to Microsoft

Adding Artistic Effects to an Image in Office 2010

Office 2010 offers an excellent image editing feature, which would help us do a lot of stuffs with images. In the previous post, we saw how to remove the background from a picture and create a Portable Network Graphics (PNG) image. In this short tip, we will look at how to add Artistic Effects to an Image.

Step 1: Insert an image into any of the office Suite products. In this example, I will use the Word 2010.

Step 2: Double-click on the image; this will give you a separate picture Editing Menu Bar (as shown below)

Step 3: Click on the Artistic Effects button. This will give you all the shades and effects available for the image; When you hover the mouse over each of the effect, you can have a preview of the effect as applied on the image.
Artistic Effects on an Image - Office 2010
Step 4: Just select the effect and click on it. The desired effect would’ve applied on the image.
Applied Artistic Effects on an Image - Office 2010

To know how to remove the background of a picture and create a PNG image, do read this article!

You also have other image options to set the color tones and saturation in the Color menu (as shown below)
Color Menu in Image editing - Office 2010
You can also increase the sharpness, brightness and contrast of the image with the live preview.
Image Correction Menu in Image editing - Office 2010

If you have not tried the Office 2010 Version yet, Download it and Give it a shot. I’m sure, you would love it!

How-to Microsoft

Windows Phone 7 – Application Submission and Certification Process

When your application is developed and ready for publication, it must go through the certification process before it is eligible for listing in the Windows Phone Marketplace.

The certification process involves static validation and automated testing of the application to verify that it meets all the policies and requirements. A Simplified Illustration of the Windows Phone 7 Application Submission and Certification Process is shown below.

This Document provides the policies and technical requirements that a Windows Phone 7 Application or Game must meet to pass certification and to be eligible for listing in Windows Phone Marketplace.

For further information on Documentation and Softwares for Developing for Windows Phone 7 Series, Read this article

How-to Microsoft

Free ebook – Windows PowerShell v2: The Administrator Crash Course

Microsoft is adding PowerShell to more and more products, and going forward, the company’s plan is to incorporate PowerShell throughout all of its business products as a baseline administrative layer.

The Administrator Crash Course: Windows PowerShell v2For windows administrators who are new to PowerShell, Microsoft MVP Don Jones offers a new book from Realtime Publishers entitled The Administrator Crash Course: Windows PowerShell v2. Covering the most crucial elements of PowerShell v2, Don has constructed a set of practical tips and practice exercises that will get you up to speed in a matter of weeks. Each course section is designed to be reviewed in under an hour, so it’s a perfect way to quickly learn how to begin using PowerShell v2!

Download this Free ebook Guide to start your learning with PowerShell.

If you’re ready to get started in PowerShell, and have no experience, this is the crash course for you!

Note: You will need to create a profile in Realtime Nexus (The Digital Library for IT Pros) when you click the above link.

Courtesy: Realtime Nexus Windows Administration

You would also be interested in downloading these e-books:

If you are interested in some more Free Books/Magazines –

IT – Software & Development – Ebooks / White Papers from TradePubBrowse through this extensive list of free IT – Software & Development magazines, white papers, downloads and podcasts to find the titles that best match your skills; topics include web development, programming, software design and application software. Simply complete the application form and submit it. All are absolutely free to professionals who qualify. – Browse through the collection here

msigeek has joined hands with to offer you a new, exciting, and entirely free professional resource. Visit us today to browse our selection of complimentary IT-related magazines, white papers, webinars, podcasts, and more across 34 industry sectors. Try it today!


How to get an Inventory of all the Installed Device Drivers in a Machine?

Consider a scenario, where you need to take an inventory of all the Device drivers installed on your machine. This information will be very essential to identify the vendor details, Driver files and other important stats. Driverquery command will exactly help us in this purpose.

Running the Driverquery command in the Command Prompt will list out all the drivers installed on the machine. (Run the Command Prompt in Administrator Context)

Driverquery Command - Listing all the Drivers in a machine

If you want a compact record of installed drivers in a reporting format, use this command with appropriate switches. As we saw above, DriverQuery command gives all the information; You can modify the output of the command with a variety of switches, and you can redirect the output of the command to a file so that you can load it in another program.

You can use the /v switch to produce a detailed verbose information, and add the /Fo switch with the CSV parameter to generate the output in the csv (Comma Seperated Value) format. – driverquery /v /fo csv > drvlist.csv

Inventory of Installed Drivers in a Machine

Further, Opening this file Driverlist.csv in Excel will give you a highly detailed list of all your hardware. (as shown below – Click the image for ful size)

List of Installed Drivers in CSV Format - Driverquery

Similarly, using the /SI switch to get all the information on the signed drivers installed on the machine.

Inventory of Installed Signed Drivers - DriverQuery

Signed Device Drivers Information

DriverStore is a new and a central location in Windows Vista and Windows 7 where all the driver files will be stored., before they are copied to their final destination during the device driver installation. – Read more to Understand better

For a full list of the switches available for the Driverquery command., run the driverquery with a /? switch.

Driverquery with Help Syntax

You would also be interested in reading –

Enterprise Tech How-to Microsoft Tools

How to Enable Data Collection (RACTask) for Reliability Monitor Tool

Reliability Monitor is an advanced tool that measures hardware and software problems and other changes to your computer. Reliability Analysis Component (RAC) aggregates, analyzes and correlates problems at the operating system and application levels. The location of Reliability Monitor data files is stored in the registry. If the monitor does not show data to you, then you will need to Enable the Data Collection Task.

To learn more on How you can measure Hardware and Software problems using Reliability Monitor in Windows 7 – Read this article

Reliability Monitor uses data provided by the RACTask scheduled task. Reliability Monitor will start displaying a Stability Index rating and specific event information 24 hours after system installation.

The RACTask scheduled task runs by default after the operating system is installed. If it is disabled, it must be enabled manually from the Task Scheduler snap-in for Microsoft Management Console (MMC).

Step 1: Start the Task Scheduler. you can run taskschd.msc in the searchbox, and then press ENTER (or) Right click on the My Computer, and then select the Manage option. Choose Task Scheduler.

Computer Management

Step 2: In the navigation pane, expand Task Scheduler Library, expand Microsoft, expand Windows, and click RAC.
Choose RAC in Task Scheduler
Step 3: Right-click RAC, click View, and click Show Hidden Tasks.
Show Hidden Tasks for RAC - Task Scheduler
Step 4: Click RACtask in the results pane. On the Action menu, click Enable.
How to Enable Data Collection for Reliability Monitor Tool

To learn more on How you can measure Hardware and Software problems using Reliability Monitor in Windows 7 – Read this article

Enterprise Tech How-to Microsoft

Open Command Window (cmd) / Program as an Administrator in Windows 7

Consider you have a situation where, you need to work with applications which needs administrator privileges. Just invoking the application shortcut / command window will not help in Windows 7, as you will be running in as a Standard User. (Read User Account Control to understand more in detail). You will need to launch the program in an elevated context to run it as an administrator. A simple right-click on the program/shortcut and choose ‘Run As Administrator’.

However, you cannot follow this method all-time. Especially, when you need to this more frequent. Here is a simple technique (using Application Shortcuts) which will help you in elevating programs.

If you want to implement this alongside the executable itself, you will need to create a RunasAdmin or RunAsInvoker Shim for this purpose. – Read this Article for more information.

Step 1: Create a Shortcut for the application. You can either use Pinning feature, where you can pin an application to the start-menu or the task-bar. You can also create it on the desktop.  In this example, Let’s choose a Command Window (cmd). (You can use this technique for any application)

Step 2: Right Click and goto the properties of the Command Prompt, Select the ‘Shortcut’ tab.

Step 3: Goto Advanced Tab, And select the ‘Run As Administrator’ checkbox in the Advanced Properties.

This will ensure that, this shortcut will run the program in elevated context all the time. You can always invoke the other default shortcut from the start menu, to launch the application in the standard User mode (if you really need to).

How-to Microsoft Windows Installer, Application Compatibility and Deployments

Application Compatibility Toolkit 5.5 Guides, How To Tutorials

Microsoft Application Compatibility Toolkit is a lifecycle management tool that assists in assessing compatibility issues in your overall application/device/computer portfolio.  This tool helps in,

  1. Gathering Inventory for software, hardware, and device assets
  2. Compatibility evaluation and Get Vendor Support Statements
  3. Recommendations for fixing applications
  4. Tools to apply compatibility fixes or “shims” to applications

The Application Compatiblity process can be easily defined in 3 Steps – Collect-Analyze and Mitigate.

To facilitate Readers/ People who plan their first steps towards Application Compatibility, I have written these 6 Part Series on various tools which are a part of the ACT. These articles will provide information on how to start the appcompat process in an organization (or even as an individual) and fix applications!

Application Compatibility Process (ACT 5.5)

Install and Setup the Application Compatibility Environment

This article will give you detailed instructions on how you can setup up the ACT 5.5 Environment, configure the Application Compatibility Manager and start the AppCompat Process. This is the first step towards solving Application Compatibility Issues with Windows 7.

Creating and Deploying a Data Collection Package (DCP)

In this article, we will look at how to Create and Deploy a Data Collection Package (DCP) to gather inventory for software, hardware, and device assets. This package will start the ACT Data Collector Service to monitor the machine State. You will also learn options to schedule the Data Collection.

How to Analyze the Application Reports Collected?

In this article, we will look at how to categorize and prioritize applications in the ACT report which we get from the Data Collection Packages. We will also look at how to send/receive reports to get hints and support from the Community on solving AppCompat Issues.

Testing your applications as a Standard User

During Develop / Deploy phase of an application, its very important to test the functionality of an app as a Standard User. Especially when the organization has a locked-down environment. Standard User Analyzer tool exactly helps you in this purpose!

Identify Website Issues with Internet Explorer Compatibility Test Tool

This Tool collects your Web-based issues from Internet Explorer 7 / Internet Explorer 8, uploads the data to the ACT Log Processing Service, and gives the details about discovered compatibility issues. It also provides you links for more information about each of this compatibility issues.

Creating Shims to Fix Broken Applications

This article explains the Compatibility Administrator tool which enables you to resolve many of your potential application compatibility issues. It also explains you on how to create customized compatibility fixes, modes, AppHelp messages, and compatibility databases.

Shims for Specific scenarios:

Do lemme’ know your comments and Thoughts.!