This article is geared toward power users and IT professionals.

I’ve seen a million forum posts asking about unexplained system activity on Windows 7 machines, and I’d like to reply to them all, but in lieu of that I’m writing this article, because it’s easier. Plus, it feeds my ego.

Task Scheduler 2.0.

It’s easy to overlook Task Scheduler, since historically (XP/2000/2003) it wasn’t all that powerful, nor did it do anything unless you explicitly told it to. It was something cute you never found a practical use for. Windows 7, however, uses Task Scheduler rather prolifically (maybe not the best word, but you get the idea). It’s now a primary method of performing certain Windows functions; it syncs your offline files when you log on, it creates a restore point at startup, and checks group policy to see who should be allowed to send remote assistance invites, as examples.

A fresh default installation of Windows 7 will have several tasks set to run at regular intervals via Task Scheduler, many of which come up as rather anonymous and ominous “rundll32.exe” or “explorer.exe” in the process list — which makes Task Manager and Resource Monitor pretty much useless in identifying what the hell is going on.

Note that many third-party applications will have their own “always-on” processes for running scheduled tasks (infamously Java updater, for example), but assuming you’ve already torn your hair out eliminating all those as possible causes of your phantom activity, Task Scheduler is the place to look next.

If you want to see some interesting and useful data on what Task Scheduler does on your computer, open Task Scheduler (run “taskschd.msc”, also available under Administrative Tools), then hit the “Enable All Tasks History” link in the right-hand pane. This will keep a record of everything run by Task Scheduler. Check back in a day or two, or even a few hours, and see what’s been going on — or check right when you see unwanted HDD or processor activity, to see what is or was just running.

Although some of what Scheduler does is definitely necessary, much of it really isn’t (though “necessary” is subjective).

Just a few non-critical things Task Scheduler is currently doing behind your back, by default:

  • Creates a restore point daily after 10 minutes of idle time. If you notice your HDD steadily active after you’ve walked away from your computer for a while, this is one of the things it could be doing.
  • Weekly defrag of your hard drive(s) after 3 minutes of idle time — one more thing HDD activity during idle time could indicate.
  • Registry backup once every 10 days after 3 minutes idle time — yet another.
  • Google Update — If you have a Google product installed, such as Chrome or Google Desktop, this program runs once an hour every day. This technically seems like a better alternative than Google’s previous standalone and “always-on” updater process, but its presence and activities are also more hidden from us.
  • Runs several different processes meant to gather usage data in case you elected to participate in the “Microsoft Customer Experience Improvement Program.” If you didn’t opt-in, they allegedly do nothing, but they still run — every day.

That’s just a small sampling. Browse around the Task Scheduler tree and see what else you’ve been missing. These aren’t all bad things, mind you, but if you’re anything like me, you don’t like it when your computer decides to do stuff on its own; and you’re furthermore pretty selective about the things you want running on an automated schedule.

When viewing tasks in Task Scheduler, all settings appear to be grayed-out and uneditable. For some reason Microsoft saw fit to make the ability to edit these tasks slightly less obvious:

To change the schedule for a task (called a “Trigger” in Task Scheduler), or its “Conditions” (prerequisites such as required system idle time before a process will start), click the “Properties” link in the right-hand pane while a particular “Trigger” is displayed and highlighted in the middle pane. It’ll bring up a tabbed window where all settings are editable. Once there you can alternatively simply disable the trigger by unchecking the “Enabled” box at the bottom of the first tab.

Happy hunting.

Advertisements