Process Explorer
In today's world, Process Explorer is a topic that occupies a central place in conversations and debates in society. Whether in terms of social, economic, political or cultural impact, Process Explorer has captured the attention of people of all ages and walks of life. The relevance and importance of Process Explorer extends globally, and its influence is felt in different areas of daily life. In this article, we will explore the different facets and perspectives surrounding Process Explorer, with the aim of deeply understanding its scope and its implications for the present and the future.
 | This article needs additional citations for verification. (June 2011) |
 Process Explorer v16.02 running on Windows 7 | |
| Original author(s) | Winternals Software |
|---|---|
| Developer(s) | Microsoft |
| Stable release | v17.05
/ July 26, 2023 |
| Operating system | Windows 8.1 / Windows Server 2012 and later |
| Type | Task manager and system monitor |
| License | Freeware |
| Website | learn |
Process Explorer is a freeware task manager and system monitor for Microsoft Windows created by SysInternals, which has been acquired by Microsoft and re-branded as Windows Sysinternals. It provides the functionality of Windows Task Manager along with a rich set of features for collecting information about processes running on the user's system. It can be used as the first step in debugging software or system problems.
Process Explorer can be used to track down problems. For example, it provides a means to list or search for named resources that are held by a process or all processes. This can be used to track down what is holding a file open and preventing its use by another program. As another example, it can show the command lines used to start a program, allowing otherwise identical processes to be distinguished. Like Task Manager, it can show a process that is maxing out the CPU, but unlike Task Manager it can show which thread (with the callstack) is using the CPU – information that is not even available under a debugger.
History
Process Explorer began in the early Sysinternals days as two separate utilities, HandleEx and DLLView, which were merged in 2001. Until 2008, Process Explorer worked on Windows 9x, Windows NT 4.0 and Windows 2000. Versions of Process Explorer up to 12.04 work on Windows 2000; versions 14.0 and higher do not require credui.dll (which is only available since Windows XP/2003). Windows XP is supported up to version 16.05. The current version runs on Windows Vista and upwards. The open source software "Process Hacker" has been developed with the aim to replicate its functionality.
Features
- Hierarchical view of processes
- Ability to display an icon and company name next to each process
- Live CPU activity graph in the task bar
- Ability to suspend selected process
- Ability to raise the window attached to a process, thus "unhiding" it
- Complete process tree can be killed
- Interactively alter a service process's access security
- Interactively set the priority of a process
- Disambiguates service executables which perform multiple service functions. For example, when the pointer is placed over a svchost.exe, it will tell if it is the one performing automatic updates/secondary logon/etc., or the one providing RPC, or the one performing terminal services, and so on
- There is an option (in a process's context menu) to verify a process in VirusTotal
- There is an option to display DLLs loaded by process (View → Lower Pane View → DLLs); an option Show Lower Pane has to be switched on
- There is an option to display processes' handles which includes named mutants, events, sockets, files, registry keys etc. (View → Lower Pane View → Handles); an option Show Lower Pane has to be switched on
- In properties of a process a user can view the process's threads and threads' stack traces
- There is a command to create a process dump (mini or full) (Process → Create Dump)
- There is a Find command which allows for searching a handle or DLL which can be used to identify the process(es) holding a file lock
- There is an option (in handle context menu) to close a selected handle
- Version 15 added GPU monitoring
See also
- Activity Monitor
- Ksysguard
- Process Lasso
- Resource Monitor
- Taskkill
- Tasklist
- Process Monitor – capturing file system and Registry activity.
- ProcDump
References
- ^ How to use Process Explorer, Microsoft's free, supercharged Task Manager alternative
- ^ Process Explorer, Part 2
- ^ RTM’d today: Windows Sysinternals Administrator's Reference
- ^ "Process Explorer - Windows Sysinternals". Archived from the original on 11 December 2015. Retrieved 26 January 2021.
{{cite web}}: CS1 maint: bot: original URL status unknown (link) - ^ Arntz, Pieter (9 November 2018). "Advanced tools: Process Hacker". Malwarebytes Labs. Retrieved 22 January 2022.
External links
- Process Explorer Official Webpage Microsoft Retrieved on December 29, 2008
- Using Process Explorer to tame svchost.exe - Advanced topics February 9, 2008
- Process Explorer Part 2 February 10, 2008
- Process Explorer Guide for Newbies Archived 2010-03-18 at the Wayback Machine February 27, 2009
- Sysinternals Suite at Microsoft Technet Updated continuously as of August 2009