Process Explorer
   HOME

TheInfoList



Click Here for Items Related To - Process Explorer
OR:
Process Explorer on:   [Wikipedia]   [Google]   [Amazon]

Process Explorer is a
freeware Freeware is software, most often proprietary, that is distributed at no monetary cost to the end user. There is no agreed-upon set of rights, license, or EULA that defines ''freeware'' unambiguously; every publisher defines its own rules for the f ...
task manager In operating systems, a task manager is a system monitor program used to provide information about the processes and applications running on a computer, as well as the general status of the computer. Some implementations can also be used to t ...
and
system monitor A system monitor is a Computer hardware, hardware or software component used to monitor system resources and performance in a computer system. Among the management issues regarding use of system monitoring tools are resource usage and privacy. ...
for
Microsoft Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...
created by
SysInternals Windows Sysinternals is a website that offers technical resources and utilities to manage, diagnose, troubleshoot, and monitor a Microsoft Windows environment. Originally, the Sysinternals website (formerly known as ntinternals) was created in 19 ...
, which has been acquired by
Microsoft Microsoft Corporation is an American multinational technology corporation producing computer software, consumer electronics, personal computers, and related services headquartered at the Microsoft Redmond campus located in Redmond, Washing ...
and re-branded as Windows Sysinternals. It provides the functionality of
Windows Task Manager Task Manager, previously known as Windows Task Manager, is a task manager, system monitor, and startup manager included with Microsoft Windows systems. It provides information about computer performance and running software, including name of r ...
along with a rich set of features for collecting information about
process A process is a series or set of activities that interact to produce a result; it may occur once-only or be recurrent or periodic. Things called a process include: Business and management *Business process, activities that produce a specific se ...
es running on the user's system. It can be used as the first step in debugging software or system problems. Process Explorer can be used to track down problems. For example, it provides a means to list or search for named resources that are held by a process or all processes. This can be used to track down what is holding a file open and preventing its use by another program. As another example, it can show the command lines used to start a program, allowing otherwise identical processes to be distinguished. Like Task Manager, it can show a process that is maxing out the CPU, but unlike Task Manager it can show which thread (with the callstack) is using the CPU – information that is not even available under a debugger.


History

Process Explorer began in the early Sysinternals days as two separate utilities, HandleEx and DLLView, which were merged in 2001. Until 2008, Process Explorer worked on
Windows 9x Windows 9x is a generic term referring to a series of Microsoft Windows computer operating systems produced from 1995 to 2000, which were based on the Windows 95 kernel and its underlying foundation of MS-DOS, both of which were updated in subs ...
,
Windows NT 4.0 Windows NT 4.0 is a major release of the Windows NT operating system developed by Microsoft and oriented towards businesses. It is the direct successor to Windows NT 3.51, which was released to manufacturing on July 31, 1996, and then to retail ...
and
Windows 2000 Windows 2000 is a major release of the Windows NT operating system developed by Microsoft and oriented towards businesses. It was the direct successor to Windows NT 4.0, and was Software release life cycle#Release to manufacturing (RTM), releas ...
. Versions of Process Explorer up to 12.04 work on Windows 2000; versions 14.0 and higher do not require credui.dll (which is only available since Windows XP/2003).
Windows XP Windows XP is a major release of Microsoft's Windows NT operating system. It was released to manufacturing on August 24, 2001, and later to retail on October 25, 2001. It is a direct upgrade to its predecessors, Windows 2000 for high-end and ...
is supported up to version 16.05. The current version runs on
Windows Vista Windows Vista is a major release of the Windows NT operating system developed by Microsoft. It was the direct successor to Windows XP, which was released five years before, at the time being the longest time span between successive releases of ...
and upwards. The
open source Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use the source code, design documents, or content of the product. The open-source model is a decentralized sof ...
software "Process Hacker" has been developed with the aim to replicate its functionality.


Features

* Hierarchical view of processes * Ability to display an icon and company name next to each process * Live CPU activity graph in the task bar * Ability to suspend selected process * Ability to raise the window attached to a process, thus "unhiding" it * Complete process tree can be killed * Interactively alter a service process's access security * Interactively set the priority of a process * Disambiguates service executables which perform multiple service functions. For example, when the pointer is placed over a svchost.exe, it will tell if it is the one performing automatic updates/secondary logon/etc., or the one providing RPC, or the one performing terminal services, and so on * There is an option (in a process's context menu) to verify a process in VirusTotal * There is an option to display DLLs loaded by process (View => Lower Pane View => DLLs); an option Show Lower Pane has to be switched on * There is an option to display processes' handles which includes named mutants, events, sockets, files, registry keys etc. (View => Lower Pane View => Handles); an option Show Lower Pane has to be switched on * In properties of a process a user can view the process's threads and threads' stack traces * There is a command to create a process dump (mini or full) (Process => Create Dump) * There is a Find command which allows for searching a handle or DLL which can be used to identify the process(es) holding a file lock * There is an option (in handle context menu) to close a selected handle * Version 15 added GPU monitoring


See also

* Activity Monitor * Ksysguard *
Process Lasso Process Lasso is Windows process automation and optimization software developed by Jeremy Collake of Bitsum Technologies. It features a graphical user interface that allows for automating various process related tasks, and several novel algorithm ...
*
Resource Monitor Resource Monitor, a utility in Windows Vista and later, displays information about the use of hardware (CPU, memory, disk, and network) and software (file handles and modules) resources in real time. Users can launch Resource Monitor by executin ...
*
Taskkill In computing, kill is a command that is used in several popular operating systems to send signals to running processes. Implementations Unix and Unix-like In Unix and Unix-like operating systems, kill is a command used to send a signal to a pr ...
*
Tasklist In computing, tasklist is a command available in Microsoft Windows and in the AROS shell. It is equivalent to the ps command in Unix and Unix-like operating systems and can also be compared with the Windows task manager ( taskmgr). Windows NT ...
*
Process Monitor Process Monitor is a tool from Windows Sysinternals, part of the Microsoft TechNet website. The tool monitors and displays in real-time all file system activity on a Microsoft Windows or Unix-like operating system. It combines two older tools, '' ...
– capturing file system and Registry activity. *
ProcDump ProcDump is a command-line application used for monitoring an application for CPU spikes and creating crash dumps during a spike. The crash dumps can then be used by an administrator or software developer to determine the cause of the spike. ProcD ...


References


External links


Process Explorer Official Webpage
Microsoft Retrieved on December 29, 2008

February 9, 2008

February 10, 2008
Process Explorer Guide for Newbies
{{Webarchive, url=https://web.archive.org/web/20100318020447/http://forum.sysinternals.com/forum_posts.asp?TID=10998 , date=2010-03-18 February 27, 2009
Sysinternals Suite at Microsoft Technet
Updated continuously as of August 2009 Utilities for Windows 2001 software Microsoft software