The name of this Open Source task manager doesn’t really fit. It is not just another process monitor. Perhaps THE Process Monitor would be a better name. I can already see your eyebrows rising. Better than Sysinternals Process Explorer? Well, yes. Better! Much better!
First to consider is its modern user interface, complete with ribbon and tabs. This UI doesn’t just look better; it is also more convenient than Process Explorer’s old style interface. But, of course, some fancy icons are not enough to remove the king from the throne.
I can’t discuss all of Yet Another Process Monitor’s (YAPM) features. Everyone’s opinion may differ regarding which features matter, but here are the features I like most:
Remote process management
YAPM supports two types of remote connections: through WMI (Windows Management Instrumentation) and via the YAPM Server. If you use WMI, not all features will be available. For example, you can’t kill a process tree or kill a process by method (see below). If you connect via the YAPM Server, you first have to install YAPM on the remote computer and then start the server on that machine using the Windows Start menu. You can find the remote function on the client through YAPM’s start button. You have to click “disconnect” first before you can connect to a remote machine. By default YAPM is connected to the local machine when you launch the tool. Make sure that the server and the client use the same port.
Tasks / Jobs / Services / Performance Monitoring
YAPM not only allows you to manage processes but also tasks, jobs, and services. Tasks are what you can see under Applications in the Windows Task Manager, a feature that Process Explorer lacks. Jobs group processes together so you can manage them as a single item (for example, you can kill a couple of processes in one go if you terminate the corresponding job). You can add a process to a job through its context menu. Moreover, you can use the tool to monitor all Windows performance counters.
Like Process Hacker, YAPM supports different kinds of kill methods. For instance, you can close all handles of the process or terminate all its threads. In some cases, this helps to get rid of the more persistent processes (malware for instance) that can’t be killed by a simple terminate command.
This feature allows you to view the DLLs that a process depends on. This can be helpful if you have to troubleshoot an application. Unfortunately, this feature seems to be working only on Windows XP and Vista but not on Windows 7.
YAPM comes with three search features. You’ll find the first one, a search box, right below the ribbon. This search box also appears in the task and the services tab. YAPM sorts processes as you type. Strangely, the hits are displayed at the end of the process pane and not at the top.
On the search tab, you’ll find more sophisticated search functions. You can limit your search to processes, modules, environment variables, services, handles, and windows. The search box also appears on this tab so that you can easily search within the search results.
The third search feature allows you to look for processes on Google. You can access this internet search function through the process’s context menu. This feature comes in handy if you detect suspicious processes on a machine.
YAPM also has network monitor that displays all TCP/IP connections. What’s nice about this feature is that you can locate the process to which a certain connection belongs by right-clicking the connection.
Just one further note: If you are trying YAPM on Vista or Windows 7, and you right-click a process, you have to hold the mouse button a few milliseconds longer than you are used to until the context menu shows up. (I observed this behavior under VMware Workstation. I didn’t have this problem with Windows XP.)