8. Understand CPU utilisation
Occasionally your PC will seem slow, as though something is using all your CPU time, but the regular CPU column won't display an obvious candidate. So what's going on?
Launch Task Manager, and click the Performance tab to see a graph of your CPU Usage History: it's pretty, but there's more to it than that. Click View and select Show Kernel Times (so it's checked). What you'll now see is two graph lines: one green, representing total CPU utilisation, and one red, representing the time consumed by the kernel.
When the green peaks are high, red peaks low then the culprit is a user mode process, probably just a regular application. But if the red peaks are consistently high then that shows your CPU time is being grabbed by something in the kernel, probably a driver, but perhaps also a Windows component, maybe even some deeply embedded malware.
FIND THE CULPRIT: Is a buggy driver grabbing too much CPU time? The Performance graph can offer useful clues
9. Create a dump file
If a program has locked up then you may able to use the Windows Debugging Tools to find out why.
Launch Task Manager first, click the Processes tab, right-click the hung process and select Create Dump File. When the process file has been written then Task Manager will give you its name and location.
Then launch the debugger WinDbg, and click File > Open Crash Dump File. Entering the analyze -hang command may tell you more about why a program has locked up, and if not then you can always use other debugger commands to tell you more about the process, its use of RAM, and so on (see the debugger documentation for details).
10. Control your services
If you need to stop or start a Windows service then you could launch the Services applet (services.msc). But why bother? In Windows Vista or 7 it's much quicker to do it from Task Manager. Just click the Services tab, right-click the service you need, and choose the Start or Stop option.
Be careful, though - stopping a critical Windows service can result in your PC locking up immediately (and tinkering with some third-party services is almost as serious). Don't try this unless you know exactly what you're doing.
11. Restart Explorer
Have the taskbar and desktop disappeared for no apparent reason? Explorer has probably crashed: press Ctrl+Shift+Esc and press the Processes tab to check for yourself. If Explorer.exe isn't listed then click File > New Task, type Explorer.exe and click OK to restart it.
Or, if Explorer won't start, your system is generally trashed and you'd like to reboot gracefully, then enter the command shutdown -r and your system should restart.
12. Discover system information
Launching Task Manager and clicking the Performance tab will reveal the total amount of RAM installed in your PC (check the Total in the Physical Memory box).
And the Up Time figure in the System Box tells you how long it's been since you last restarted Windows. The longer this is, the more likely that resource leaks or other issues will begin to cause problems. If your PC's been running for several days, and you're noticing odd behaviour, then consider rebooting - it just might help.
13. Monitor network utilisation
Click the Task Manager Networking tab and you'll see a graph that tracks your current network use over time. This can be useful if you've a network-hogging process that fires on a regular basis, for instance, as you should see a spike on the chart.
Click Options > Tab Always Active if you want Task Manager to keep collecting network usage data, even when the tab isn't displayed. Click View > Update Speed > Low to reduce the sampling time, which allows you to squeeze more minutes of activity onto a single screen. And click View > Network Adapter History to choose exactly what you'd like to graph: the bytes sent, received, or their total.
14. Talk to network users
If you're working on a networked PC then you may want to warn anyone browsing your system that you're about to reboot, close a process or do something else potentially dodgy. Click the Users tab to see who else is connected to your PC right now. By default you'll only see their user name - click Options > Show Full Account Name to see their network PC name, too. Then right-click a user and select Send Message to issue a warning, or Disconnect to kick them off immediately.
15. Use something better
Learning the Task Manager basics is important, as they'll let you diagnose problems on just about any PC. But the tool can only take you so far, and for really in-depth information and control over your applications you'll want to use something better. Process Explorer is the best known alternative and an excellent tool, but Process Hacker is also worth a look - if anything, it's even more powerful.
PRO TOOL: Process Hacker provides great control over everything running on your PC