Process Explorer 15.2 Released With Autostart Locations

Microsoft have released Process Explorer 15.2 which adds Autostart locations – similar to the popular Autoruns utility but for active (running) processes.

Process Explorer is a much better alternative to the rather limited Windows Task Manager – it’s a tiny standalone (portable) program that does not need to be installed.

Process Explorer is part of the Windows Sysinternals suite of free programs available from Microsoft – see my earlier review here for a list of its advantages over Task Manager and how to use it.

The full changelog is shown below:

– Merges Autoruns functionality by adding a new Autostart Location column and property that indicates where the process is configured to automatically start or load from
– Adds a process timeline column that graphically depicts a process’s lifetime relative to other processes
– Adds .NET stack walking support to the thread stack dialog – no, me neither ;-)
– Uses the Windows 8 private ETW logger which enables better coexistence with other ETW-based tools. [ETW is ‘Event Tracing for Windows’]

The latter 2 changes are technical and likely to appeal mostly to programmers. The first two changes are of interest to more general users:

Autostart Location – This new feature is not displayed by default. To display it:

Open Process Explorer and in the menu bar select ‘View’ then choose ‘Select Columns’ to open the Select Columns window as shown below:

process explorer 1

It should open at the Process Image tab.

Tick the ‘Autostart Location’ tickbox then press OK – the new column will now be added at the right hand side of the Process Explorer window – I have widened the column in the example below:

process explorer 2

From this column you can easily see if a process is set to start/load automatically and, if so, where from.

Double click the process if you want to open its Properties and display the full Path and Autostart Location – pressing the ‘Explore’ button opens the containing folder or registry location.

Process Timeline – This new feature is also not displayed by default. To display it:

Open Process Explorer and in the menu bar select ‘View’ then choose ‘Select Columns’ to open the Select Columns window.

Select the Process Performance tab.

Tick the ‘Process Timeline’ tickbox then press OK – the new column will now be added at the right hand side of the Process Explorer window.

It makes it easy to compare the lifetime of a process with other processes – useful for tracking down a virus.

Download

Download Process Explorer (in a zip file) directly from Microsoft’s Sysinternals site here.

Share this:

Leave a reply