Process Explorer

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Process Explorer
Process Explorer Screenshot.png
Process Explorer v16.02 running on Windows 7
Original author(s) Sysinternals
Developer(s) Microsoft
Stable release v16.04 / September 12, 2014; 4 days ago (2014-09-12)
Operating system Windows XP and later
Type Task manager and system monitor
License Freeware
Website technet.microsoft.com/sysinternals/

Process Explorer is a freeware task manager and system monitor for Microsoft Windows created by Sysinternals, which has been acquired by Microsoft. It provides the functionality of Windows Task Manager along with a rich set of features for collecting information about processes running on the user's system. It can be used as the first step in debugging software or system problems.

Process Explorer can be used to track down problems. For example, it provides a means to list or search for named resources that are held by a process or all processes. This can be used to track down what is holding a file open and preventing its use by another program. Or as another example, it can show the command lines used to start a program, allowing otherwise identical processes to be distinguished. Or like Task Manager, it can show a process that is maxing out the CPU, but unlike Task Manager it can show which thread (with the callstack) is using the CPU – information that is not even available under a debugger.

History[edit]

Process Explorer began in the early Sysinternals days as two separate utilities, HandleEx and DLLView, which were merged in 2001.[1] Until 2008, Process Explorer worked on Windows 9x, Windows NT 4.0 and Windows 2000. Versions of Process Explorer up to 12.0 work on Windows 2000; versions 12.04 and higher do not (version 12.04 requires credui.dll and so doesn't work on Windows 2000). The current version runs on Windows XP and upwards. Version 15 added GPU monitoring for Windows Vista and later.

Features[edit]

  • Hierarchical view of processes.
  • Ability to display an icon and company name next to each process.
  • Live CPU activity graph in the task bar.
  • Ability to suspend selected process.
  • Ability to raise the window attached to a process, thus "unhiding" it.
  • Complete process tree can be killed.
  • Interactively alter a service process' access security
  • Interactively set the priority of a process
  • Disambiguates service executables which perform multiple service functions. For example, when the pointer is placed over a svchost.exe, it will tell if it is the one performing automatic updates/secondary logon/etc., or the one providing RPC, or the one performing terminal services, and so on.

See also[edit]

References[edit]

External links[edit]