back to article 'I wrote Task Manager': Ex-Microsoft programmer Dave Plummer spills the beans

The Microsoft developer who wrote Task Manager, along with other utilities and games, has popped up to "write this stuff down before I forget it all". A post on Reddit goes into detail about the tool, familiar to every Windows expert, which if you are lucky lets you terminate errant applications or processes, as well as …

  1. Anonymous Coward
    Anonymous Coward

    It hasn't been able to kill lots of stuff

    for over a decade. Server 2008/Windows 7 Task Manager has failed miserably many times to kill errant processes. Thankfully... the old reboot trick generally works but... there is a major deficieny in the whole thing and AFAIK, one that MS is just not interested in fixing or providing a better way of doing it.

    Thankfully, there is a way around it

    https://tweaks.com/windows/39559/kill-processes-from-command-prompt/

    this mostly works.

    1. jake Silver badge

      Re: It hasn't been able to kill lots of stuff

      Yes, we know.

      Did you read as far as the paragraph beginning "Plummer left Microsoft in 2003"?

      1. bombastic bob Silver badge
        Devil

        Re: It hasn't been able to kill lots of stuff

        Yeah, the article mentions that he left in 2003, which also explains this:

        "It is not Plummer's fault that Task Manager now opens in a near-useless minimalist mode"

        What are the chances that they get HIM back and put HIM in charge instead of 'those other guys' ???

        (Task manager has always rocked, in my opinion, until 'The Metro')

        1. Anonymous Coward
          Anonymous Coward

          Re: It hasn't been able to kill lots of stuff

          "What are the chances that they get HIM back and put HIM in charge instead of 'those other guys' ???"

          Not many, I think. They've since hired a dude who is has a weird obsession about new features in notepad ...

          1. baud Bronze badge

            Re: It hasn't been able to kill lots of stuff

            At least the new features in notepad are somewhat useful and don't degrade the existing functionalities

            1. A.P. Veening Silver badge

              Re: It hasn't been able to kill lots of stuff

              At least the new features in notepad are somewhat useful and don't degrade the existing functionalities mostly harmless

              FTFY ;)

      2. Robert Carnegie Silver badge

        Re: It hasn't been able to kill lots of stuff

        Is it fair to blame Task Manager deficiency for having to reboot the OS? The assumption seems to be that one process goes bad but the rest of the system is fine if the bad process is killed - but that may be not a good assumption, the system may really be in a sorry state needing rebooting, and the poor little processes are blamed unfairly. They may even be already gone.

    2. Blackjack Silver badge

      Re: It hasn't been able to kill lots of stuff

      The Command prompt has been becoming more and more powerful... how Linux like of them.

      In fact you can do stuff with the Command prompt Windows won't even let administrator accounts do.

      1. hitmouse

        Re: It hasn't been able to kill lots of stuff

        "The Command prompt has been becoming more and more powerful." ... how like all software

      2. kmedcalf

        Re: It hasn't been able to kill lots of stuff

        The command prompt has not changed in ages and ages. There are a few more console applications (command line applications) for doing things that there used to be, but NONE of them are part of cmd.exe -- they are all external programs that happen to have operate in "console" mode and use "command ling arguments", but they are not "a more powerful command line".

        cmd.exe has not changed in many decades.

        1. Blackjack Silver badge

          Re: It hasn't been able to kill lots of stuff

          What I wanted to say is that while before you could do a lot of stuff using a program with a GUI, like with the Task Manager, now you have to go to the "Windows Terminal" and write commands on it like on Linux.

          When you have to run more and more stuff from the command prompt is a shown that things have gotten worse.

          1. Anonymous Coward
            Anonymous Coward

            Re: It hasn't been able to kill lots of stuff

            For those that know how the command line is the mutts nuts.

      3. EnviableOne Silver badge

        Re: It hasn't been able to kill lots of stuff

        so powerfull, MS replaced it as the default shell with Powershell

    3. the Kris

      Re: It hasn't been able to kill lots of stuff

      Make sure to try to kill a process on the Details tab, it uses a "stronger" kill than on the Processes tab.

      1. Symon Silver badge
        Coat

        Re: It hasn't been able to kill lots of stuff

        Does it turn the kill up to -11 ?

        1. Andy Landy

          Re: It hasn't been able to kill lots of stuff

          no, just -9

          1. khjohansen

            Re: It hasn't been able to kill lots of stuff

            ... needed exactly 9 upvotes ;)

    4. Anonymous Coward
      Anonymous Coward

      Re: It hasn't been able to kill lots of stuff

      Indeed. The number of times Windows has told me I don't have access to terminate something - I have ADMIN access. I OWN you. My Linux machines don't give me this kind of back-talk!

      1. boltar Silver badge

        Re: It hasn't been able to kill lots of stuff

        "My Linux machines don't give me this kind of back-talk!"

        Good luck trying to kill init/systemd even with -9. And on MacOS these days root is no longer all powerful which is a double edged sword IMO.

        1. HAL-9000
          Trollface

          Re: It hasn't been able to kill lots of stuff

          Systemd is a 'virus', we can agree on that. If I was deranged (which I clearly am not), I would get on a plane to Germany find that Lennart and give him a piece of my mind... let that be a lesson to you

          1. jake Silver badge

            Re: It hasn't been able to kill lots of stuff

            systemd is not a virus. For one thing, it doesn't reproduce itself. Yet.

            What it is is a cancer. It takes root in its host, eats massive quantities of resources as it grows, spreads unchecked into areas unrelated to the initial infection, and refuses to die unless physically removed from the system, all the while doing absolutely nothing of benefit to the host.

    5. Roland6 Silver badge

      Re: It hasn't been able to kill lots of stuff

      There was and still is one 'big' defincency in Task Manager, you can only kill one process at a time. I seem to remember to kill some rootkits and some other pernicious malware, it was necessary to kill 2~3 processes at pretty much the same time to prevent resurrection.

      I forget which third-party TM replacement(s) did permit this - I just pop over to Bleeping Computer as and when I have need of such tools.

      1. Anonymous Coward
        Anonymous Coward

        Re: kill 2~3 processes at pretty much the same

        I boot Linux off a USB drive and rename the files before rebooting back into windows to see if I got everything. Rename instead of delete in case I make a mistake. ;-)

        I have found it good to note the creation times of the originally created malware files. I ended up looking for all files created at about that same time to find all of one malware's files. The AV software was "deleting" it but it kept coming back on the next reboot.

      2. Tokinabo

        Re: It hasn't been able to kill lots of stuff

        you can select multiple processes to be killed!

        from the task manager, in the 'performance' tab, at the bottom, open the 'open resource monitor' app.

        from there, in the 'overview' tab, just hold your shift key and select.

        it's also handy to know that if you check the row instead, the process will be moved to the top row.

        the first time that happened to me, i kind of panic a little: uuh, waydidigo!?

  2. Throatwarbler Mangrove Silver badge
    Windows

    NT vs 9x

    I remember whacking an errant process in NT 4 Workstation using the Task Manager and hearing the expression of awe from a cow-orker who was used to using Windows 9x and its lamentable process control.

  3. aidanstevens

    Space Cadet pinball

    Debuted in Windows 95, I believe.

    1. Annihilator Silver badge

      Re: Space Cadet pinball

      Yep, was part of the Microsoft Plus! (their exclamation mark - not mine) pack from memory that was often bolted on to the side of Win95.

      1. Ilgaz

        Re: Space Cadet pinball

        I bet drive space 3 coming with plus 95 was his work too. That was ages ahead of drive space for DOS

        1. Anonymous Coward
          Anonymous Coward

          Re: Space Cadet pinball

          Wasn't there some legal stuff about drivespace? Copied from some other product?

          1. Robert Carnegie Silver badge

            Re: DoubleSpace

            Wikipedia’s article is titled “DriveSpace”. The order of events seems to have been: VertiSoft produced separate product DoubleDisk, then Microsoft bought it in to bundle or integrate as DoubleSpace, then Stac Electronics sued about patents and won, then Microsoft released DriveSpace which was the same thing as DoubleSpace but presumably less patent infringy.

      2. Blackjack Silver badge

        Re: Space Cadet pinball

        Microsoft Plus! for Windows 95 simply know as Microsoft Plus by many back then.

        I remember some CDs with Plus had a virus due to a factory in Mexico not caring to install an antivirus in their computers.

    2. jelabarre59 Silver badge

      Re: Space Cadet pinball

      LGR {Lazy Game Reviews} has a video about the game it was adapted from, "Full Tilt! Pinball" (Cinematronics/Maxis). Apparently the full Maxis version could even handle higher resolutions.

  4. chivo243 Silver badge
    Windows

    Today's Taskmanager

    Isn't your daddy's Taskmanager! It was faster to reboot 2012r2 than fuddle with killing processes. TBH, I didn't have issues with Win7.

    1. Lomax

      Re: Today's Taskmanager

      Good old Seven; the last version of Windows that was compatible with my neocortex - and with my ethics.

    2. boltar Silver badge

      Re: Today's Taskmanager

      "It was faster to reboot 2012r2 than fuddle with killing processes"

      That tells you all you need to know about the low level design of recent versions of Windows.

      1. dnicholas Bronze badge

        Re: Today's Taskmanager

        I'm actually amazed at the boot times of Server 16 onward. Sometimes I have to double check servers actually rebooted

        1. AVee
          Facepalm

          Re: Today's Taskmanager

          And even more amazing, they even included the "XBox Live Game Save Service" for all your gaming needs...

        2. boltar Silver badge

          Re: Today's Taskmanager

          That's all well and good, but you dont want to be rebooting mission critical servers AT ALL. I've seen linux servers run 24/7/365 for years with updates done on the fly, but Windows does well to last a few weeks without requiring rebooting.

  5. Brian Miller Silver badge

    Why wasn't it in by design?

    The one thing I couldn't understand about Windows was why didn't they design in so many good ideas from Unix land? After all, they had Xenix. Apparently they ignored Xenix completely during the development of all of the Windows incarnations. "kill -9" should have a song written about it.

    1. Charlie Clark Silver badge

      Re: Why wasn't it in by design?

      In many ways NT was already beyond unix when it started: Xenix was supposed to be able to run on the NT kernel. So, the OS could always do that kind of stuff, it just didn't provide the tools for the users. But it says a lot about Dave Cutler, who many credit with most of the better ideas in Windows NT, that he knew a good thing when he saw it. Sadly, however, we never really got Windows NT on DEC Alpha (yes, it was released…), so Microsoft was forced to cripple NT so it would run faster on Intel's less capable silicon.

      1. jake Silver badge

        Re: Why wasn't it in by design?

        1) Xenix was just AT&T UNIX source rebranded by Microsoft and offered to other companies "as is" to port to their hardware of choice. Microsoft was essentially a reseller of AT&T source code licenses ... I seriously doubt AT&T would have allowed Redmond to ship it embedded in NT.

        2) Cutler has hated UNIX since the year dot. Xenix was never going to get into NT as long as he had anything to do with it.

        1. Dan 55 Silver badge

          Re: Why wasn't it in by design?

          The Microsoft POSIX subsystem did though.

          1. Gene Cash Silver badge

            Re: Why wasn't it in by design?

            ISTR that POSIX was in Windows to satisfy some gov't contract... and so it was the bare minimum to pass the standard.

            1. Loyal Commenter Silver badge

              Re: Why wasn't it in by design?

              To be fair, "the bare minimum to pass the standard" is exactly what, as a developer, one should be producing. Failing to fully implement the "minimum", or going off-piste and adding your own "features" isn't exactly good practice if you want to build reliable standards-compliant software.

              (this is not an endorsement or otherwise of how MS implemented POSIX in NT, just an observation)

              1. Loyal Commenter Silver badge

                Re: Why wasn't it in by design?

                (conversely, if your specification contains "optional" parts, then it’s not a good specification, because you'll never know, for a sample implementation, whether those parts have been implemented or not)

                1. Loyal Commenter Silver badge

                  Re: Why wasn't it in by design?

                  Why the downvote here?

                  Here is an example - imagine there is a public specification that says how some software should act. Imagine it has a part, marked optional, that if the function Wibble() is called, the software may produce the output "wobble".

                  Imagine then, that I am writing something that calls software produced to this specification. I don't know what specific implementation I will be calling. What will happen if my software calls on the the unknown implementation to wibble?

                  Will it wobble, or will it fall over?

                  In all seriousness though, optional parts to public specifications mean that the functionality specified by them cannot be trusted to exist, or be fully implemented, so cannot be reliably consumed, making them pointless. I know there are cases where this may be needed, in which case producers have to have a mechanism for publishing their capabilities. In general, though, when you're talking about an open standard, optional parts are bad, because people, who usually get paid for their time, aren't going to bother with them. Unless they are necessary. In which case, why are they optional, and are they properly specified?

        2. Charlie Clark Silver badge

          Re: Why wasn't it in by design?

          Cutler has hated UNIX since the year dot. Xenix was never going to get into NT as long as he had anything to do with it.

          It wasn't about getting into NT, but NT being able to run other OSes on top, just as Windows was initially. This is where NT borrowed some of the good things from OS/2

        3. boltar Silver badge

          Re: Why wasn't it in by design?

          "Cutler has hated UNIX since the year dot."

          Those who don't/can't understand something often despise it. Sadly he never learnt a lot of lessons a supposed OS kernel expert should have from Unix meaning NT (particularly 3.x) was frankly an unreliable memory and CPU hogging underpowered dog in comparison and has its backside whipped on the server side for decades. Even now you're far less likely to find windows running mission critical systems in the server room compared to linux.

          1. earl grey Silver badge
            Trollface

            Re: Why wasn't it in by design?

            backside whipped on the server

            i thought the only thing that got whipped was the Llama's ass.

      2. s2bu

        Re: Why wasn't it in by design?

        I had the very last (publicly) released build of 2000 for Alpha installed on one of my DECs once. It worked really well and even had the FX!32 stuff built in so it could run Intel apps (obviously not as fast as native Alpha apps). Of course the first thing I did on it was run Pinball....

        1. Charlie Clark Silver badge

          Re: Why wasn't it in by design?

          Somewhere on El Reg is a nice story of how Intel got Microsoft to delay versions of NT/2000 for Alpha, which helped kill it.

    2. W.S.Gosset Silver badge

      unix

      Windows NT was POSIX-compliant from the get-go. To be clear: any (grownup) Unix app could be cross-compiled with only compiler-driven porting. AKA tweaking microscopies, no restructuring.

      Cf. Cygwin.

      .

      N.B.: all MSWindows versions descended from NT (XP downwards (in every sense of the word except security)) are built on the NT kernel. Updated internally but architecturally conformant. Yes, including Win10.

      1. jake Silver badge

        Re: unix

        "To be clear: any (grownup) Unix app could be cross-compiled with only compiler-driven porting. AKA tweaking microscopies, no restructuring."

        In theory. Reality, however ...

      2. Roland6 Silver badge

        Re: unix

        >Windows NT was POSIX-compliant from the get-go. To be clear: any (grownup) Unix app could be cross-compiled with only compiler-driven porting. AKA tweaking microscopies, no restructuring.

        Yes, lip service/bare minimum compliance.

        The POSIX-compliance was to allow Unix app's to be cross-comiled to run on Windows using the cygwin 'shell'. However, POSIX-compliant Windows applications...

        Hence the POSIX-compliance enabled Windows to tick the procurement POSIX requirement which was placed on the OS and not on the applications that ran on the OS. Thus enabling government to procure Windows PC's complete with MS Office - a proprietary solution using proprietary OS interfaces, whilst satisfying the Open Systems requirement...

    3. Anonymous Coward
      Anonymous Coward

      Re: Why wasn't it in by design?

      You're welcome.

      Monzy - Kill -9:

      https://www.youtube.com/watch?v=0rG74rG_ubs

      NSFW, BTW. Oh, right, no one is at work these days!

      1. Anonymous Coward
        Anonymous Coward

        Re: Why wasn't it in by design?

        Well some of us are.

        Those front lines need their support and the supports need servicing despite what most would think.

        You'll find me in the back room properly masked and watching systems "very" slowly stabilize after being adjusted back into compliance.

    4. Anonymous Coward
      Anonymous Coward

      Re: Why wasn't it in by design?

      Monzy wrote a song called Kill Dash Nine: https://www.last.fm/music/Monzy/+tracks

  6. Stuart Halliday
    Thumb Up

    If you're not using Sysinternals stuff, you're not a IT person....

    1. Scott 26

      At least MSFT knew a good thing when they saw it - acquired wininternals, and picked up Mark Russinovich in the process.....

    2. Boothy

      I always suspected, after first seeing the updated TM in Win 10, and knowing that MS now owned Sysinternals (which I'd used for years) that they'd basically borrowed some of the functionality from Process Explorer to put into the new TM. Like the tree view on the Process tab.

      I still install Sysinternals suite on every machine I use though, and often have Process Explorer run on startup, with tray icons for CPU and IO, as it's so much better than TM, imho anyway.

      Also glad that so far at least, MS don't seem to have messed with Sysinternals.

    3. Daniel Garcia 2

      There is a lot more IT than Windows' drama.

      Do you mean "not a filthy Windows IT person" perchance?

  7. Annihilator Silver badge

    “ According to Plummer, many users do not appreciate the full capabilities of his utility, which can be used to launch applications without using the Shell (a life-saver in some circumstances). File - Run new task is the option for this.“

    Definitely used this under Win9x. Explorer windows had a habit of crashing and taking the whole desktop/explorer environment with it. Getting Task Manager open and running a new task of explorer.exe was an absolute lifesaver.

    1. Boothy

      Indeed, I'd forgotten about doing that. Long time since I've used 9x machine, but I can remember having to restart explorer.exe many time. It surprised some of my colleagues at the time, they hadn't realised that you could do that.

      1. Annihilator Silver badge

        To be honest I'd forgotten about it too until reading the article, but I recall now that it was quite a regular occurrence. Things like a damaged CD in a drive becoming stuck/unresponsive was enough to kill the explorer window and take the whole she-bang with it.

    2. Anonymous Coward
      Anonymous Coward

      @Annihilator Quote: "Definitely used this under Win9x. Explorer windows had a habit of crashing...."

      ....Yup, been there, done that...and that was EXACTLY what drove me to Red Hat v5.2 in January 1999. Twentysome years, and never looked back!!

    3. EnviableOne Silver badge

      cant upvote this enough, the amount of times i've killed explorer and run a new instance .....

      MS need a few of these old heads back in the team, to get them back on track

    4. Loyal Commenter Silver badge

      Not just 9X, I'm sure I've done this under XP before, and possibly under 7 as well.

  8. Anonymous Coward
    Anonymous Coward

    Ctrl-Shift-Esc

    Why would you make something functionally useful a secret? Welcome to the mindset of a Microshit employee!

    1. jake Silver badge

      Re: Ctrl-Shift-Esc

      It wasn't a secret. I learned about it in the early days of NT4.

    2. Anonymous Coward
      Anonymous Coward

      Re: Ctrl-Shift-Esc

      I don't know the ingredients required to make a cake. That doesn't mean they're a secret, just I've never bothered looking into it.

      1. Anonymous Coward
        Anonymous Coward

        Re: Ctrl-Shift-Esc

        "I don't know the ingredients required to make a cake."

        And you will never know. They will not allow you to both know this and live. You have chosen wisely.

    3. I am the liquor

      Re: Ctrl-Shift-Esc

      You may have misread that paragraph. The secret code was in the communication between the old and new task manager instances, to work out if the old one has stopped responding. The keystroke wasn't secret.

    4. Anonymous Coward
      Anonymous Coward

      Re: Ctrl-Shift-Esc

      Microshit !! HAHAHA! That's so funny! Did you think that one up yourself?

    5. Roland6 Silver badge

      Re: Ctrl-Shift-Esc

      >Why would you make something functionally useful a secret?

      MS effectively made all keyboard shortcuts 'secret' when they stop publishing manuals and downgraded the status of keyboard shortcuts - encouraging users to simply point and click.

      Funny, how they have now downgraded point-and-click and hidden/got rid of menus, by encouraging the use of search - user needs to both point-and-click and type - which even on the latest edition of W10 still fails to find some of the tools listed on the XP/W7 accessories, system tools and administrator tools menus, effectively making some of these tools 'secret' as either you have to know their name or know where to find them via explorer.

  9. Sparkus

    ctl-shift-esc continues to work, it's my second favorite three fingered salute......

    1. Anonymous Coward
      Anonymous Coward

      And your first favorite should be Alt + Ctrl + Del.

      Truth be told when the pc lags hard, Ctrl + Shift + Esc will become unresponsive. Meanwhile, Alt + Ctrl + Del may still response with something* when lagging really bad.

      *anywhere from blackscreen, color background, to Alt + Ctrl + Del menu.

      1. Flightmode
        Windows

        Win + Shift + S to trigger Snip & Sketch is probably my favourite three-finger-combo. Then again, I manage networks these days, not PCs these days.

      2. Pascal Monett Silver badge

        Sorry, but I use Windows 7

        I don't need to use Ctrl-Alt-Del nearly as much as when I used XP.

        Ctrl-Shift-Esc, however, I have just learned and I will treasure the knowledge.

    2. jelabarre59 Silver badge

      MSWin usually gets my ONE-fingered salute...

  10. Someone Else Silver badge
    Trollface

    TaskManager...Meh...

    SysInternals FTW!

    1. Peter2 Silver badge

      Re: TaskManager...Meh...

      But note that process monitor from Sysinternals (while an invaluable tool) only became necessary after this chap finished with Task Manager and somebody else fucked it up.

      At least I assume that's why if I kill a process in SysInternals's Process Explorer then it dies with no questions asked but doesn't in Task Manager.

  11. mickaroo

    Pinball Wizard

    I had forgotten Pinball.

    I used to lose interest being unproductive playing Solitaire, but I could be unproductive playing Pinball for hours.

    1. Anonymous Coward
      Anonymous Coward

      Re: Pinball Wizard

      Sadly, years later, I no longer can get those high double digit mega-scores. These days I have trouble getting up to 10M. I believe it's Microsoft's fault, or something...

      1. jelabarre59 Silver badge

        Re: Pinball Wizard

        Sadly, years later, I no longer can get those high double digit mega-scores.

        I'd have trouble with it simply because of my computer layout. I used to play Space Cadet Pinball on my Pentium 133mHz Micron laptop, and by holding the laptop just right you could use your thumbs on the "flippers" quite easily. And if you got the ball just right into the "hyperspace portal" it would repeatedly bounce right back in multiple times, racking up high scores quickly.

    2. BenDwire Bronze badge

      Re: Pinball Wizard

      I used to love playing that game too ... maybe it's time to see if it can be made to run under Wine?

    3. steviebuk Silver badge

      Re: Pinball Wizard

      Hearts was my favourite

  12. Unicornpiss Silver badge
    Pint

    Kudos to a skilled programmer..

    ..but I still will always feel that Process Explorer is the app that should be included with Windows, not Task Manager.

    1. Boothy

      Re: Kudos to a skilled programmer..

      Especially seen as they own it these days.

      Perhaps they could add it in as an optional component in the new Power Toys?

  13. the Kris
    FAIL

    He also offered some tips. "If Task Manager ever hangs or crashes, start another by pressing ctrl-shift-esc," he said. This requests a "secret code" from the existing instance, and if not received, starts another one; and this works to launch the utility even "if the Shell/Explorer is dead".

    Some 20 years ago I had a non-responsive Task Manager, on a live production system, and I needed it bad...

    It was NOT possible to start a second instance.

  14. steviebuk Silver badge

    Always been a bit...

    ..shit. Maybe I'm biased as I love Process Explorer or "Super Task Manager" as David Solomon used to call it. One of the reasons Mark Russinovich and Bryce Cogswell wrote it is because of how poor Task Manager is at showing anything useful.

    Take for example The Case Of the Pausing Explorer that we had at work way back in 2011 in XP. Explorer would freeze when trying to access network drives, for about 5-10mins then suddenly all files would appear. Not being given time to troubleshoot I was told to just "Rebuild the laptop". I argued that isn't fixing the issue, we've already seen it comes back. All Task Manager showed was Explorer running at 50%.

    Eventually I convinced my boss to let me look. Fired up Process Explorer on a laptop with the issue. Again could see Explorer at 50% but Process Explorer would allow you to view what .dlls that process was actually running. And there it was. Within Explorer was a .dll from PGP running at 50% or more. The encryption software that we ran on the laptops.

    Turns out all the .dll was doing was scanning the network for encrypted files so it could change their icon to show they were encrypted. We didn't encrypt files just the whole OS so was pointless. Looked up the .dll, found PGP mentioned the issue we were having and that it was safe to disable the .dll.

    Once disabled on an affected machine, problem solved in less than a min, compared to having to rebuild the system that I'd been forced to do for over a month by the PHB.

    1. Korev Silver badge
      Pint

      Re: Always been a bit...

      Good Geek Skills Sir -->

  15. Anonymous Coward
    Anonymous Coward

    Beware of Sysinternals Process Explorer

    Process Explorer was excellent until version 16.31, from which it constantly attempts to communicate with several hosts, apparently for telemetry. I was totally surprised to see that when I upgraded to that version (there's no mention of it anywhere) and ever since I have it fully blocked it in my firewall. Apparently, even for the best free utilities we still are the product :-(

    1. illiad

      Re: Beware of Sysinternals Process Explorer

      oldversion to the rescue!!

      http://www.oldversion.com/windows/process-explorer/

      I have been using version 12.04 for decades, it even works ok on win 10 up to march 15, when work had to go lockdown... I use a *reliable* windows at home, guess which!! :)

      I am sure if plummer can release his stuff or better us oldies would love it... :)

    2. steviebuk Silver badge

      Re: Beware of Sysinternals Process Explorer

      Are you sure? Mark is still in control of this and wouldn't be happy. I only see it with a net connection first time I ran it but that is, I assume, because I have the symbols pointing to the MS server.

      1. Anonymous Coward
        Anonymous Coward

        Re: Beware of Sysinternals Process Explorer

        Of course I am sure. 99% of Windows users can't see it because they don't use per-application firewalls or are using automatic modes. I am using ESET Internet Security in interactive mode (not automatic, not learning modes) so I don't allow any app sending any packet unless I explicitly make a new rule for it. I have the deepest respect for Mark, his utilities saved millions of our asses countless times for decades, and if he is aware of this, I am guessing high management forced it on his (and our) throat.

        1. steviebuk Silver badge

          Re: Beware of Sysinternals Process Explorer

          You can view the process explorer process and see what tcp connections its making but I see none. Obviously its possible they are hiding the connections. Only connections I see it make are for virus verifier and the driver checks.

        2. steviebuk Silver badge

          Re: Beware of Sysinternals Process Explorer

          From their forums

          "We have most definitely not added any telemetry to Process Explorer. The main change in the latest version was to resolve an issue with using the wrong icons. In the last year or so all changes to Process Explorer have been bugfixes only.

          Could you tell me what telemetry you think you are seeing?

          MarkC(MSFT)"

          Would like to see the evidence you have to I can update the post.

        3. steviebuk Silver badge

          Re: Beware of Sysinternals Process Explorer

          There is nothing. No new telemetry. I've installed ESET on a clean VM. Run the latest Process Explorer and nothing. No attempts at connections out.

          The only time you'll see it attempt to connect out is when it goes to

          status.thawte.com

          Which, I believe is the signature check and if you do VirusTotal checks.

    3. Pascal Monett Silver badge

      Re: Beware of Sysinternals Process Explorer

      I use Process Hacker.

      I am not aware that it phones home. It works flawlessly, however.

      1. steviebuk Silver badge

        Re: Beware of Sysinternals Process Explorer

        Process Hacker is also good.

  16. Maximum Delfango
    IT Angle

    It must be weird working on low-level Windows...

    Because, although I bet there's some really clever stuff going on in the kernel and driver layers, and I bet there's some really well written code in there, it's all for naught as the lawyers insist on adding dollops of DRM on top, and the applications group releases Teams - a product so bad, slow and clunky that I don't think it actually matters what's running underneath it.

  17. Packet

    Loved reading this - Task Manager was my favourite, NT4 onwards.

    And yes, in later versions, it just became unwieldy and in 8 onwards - useless junk taking up too much room. (And what really grinds my gears is you can't have it auto startup minimized in windows 8 onwards)

    But at least till Windows 2003, even Windows 7, very very good.

  18. Danny 2 Silver badge

    "write this stuff down before I forget it all"

    Personal motto, and I think it should be a national motto, or at least an El Reg Motto. Who was I writing about?

  19. thx135

    ''I wrote Task Manager'

    So you developed Task Manager and Space Cadet Pinball rewrite. In my sysadmin book that is Legendary!

  20. devTrail Bronze badge

    Inadequate

    I can bet he was almost the only developer in an under-resourced project. With the usual priorities set by marketing managers used to their monopolistic power they spent a lot more time turning word in a bug/backdoor prone macro engine than delivering a proper tool to manage the machines. The crazy thing is that even on servers versions of Windows that was the only tool available. Wherever I could I copied ProcessExplorer, but when you have to search for bugs in applications running on dozens of VMs set up by monkeys able to do only the basic clones it was rarely available.

  21. bigtreeman

    disk doubler

    Wasn't disk compression stolen from a competitor and the ensuing legal battle went for years, while Micro$oft continued to reap the profits.

    System Normal All Fucked Up

    This is how MS got big and rich

    I used DrDos 6.0 with 'superstor' compression a couple of years earlier

    MS was never the innovator, always the thief and always the winner.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020