Process Explorer
What is Process Explorer?
Process Explorer is a free Windows task manager and system monitoring tool that details which programs in a user's system have a specific file or directory open.
Anyone can download the utility for free from Microsoft. Process Explorer provides more visual, in-depth reports than Windows Task Manager. It is part of the Sysinternals Process Utilities suite, which has a selection of tools to give IT more control and options for better Windows performance.
Process Explorer has two windows of colorful information. The top window shows a real-time list of active processes, a description of what the processes are doing, the CPU and memory usage, and the software company name. The processes are set up in a hierarchical view with parent processes on top and child processes beneath them. IT can customize what information the columns include based on preference. Likewise, IT professionals can organize the rows alphabetically or numerically. Process Explorer's top panel has line charts, color codes and symbols IT can customize, as well. The tool has an area that shows all dynamic link libraries (DLLs) and handles, icons, command lines, full image paths, memory statistics, security attributes and more.
The bottom window provides a zoomed-in look at the Windows processes, and it changes depending on what mode Process Explorer is in. Handle mode shows integer values used as identifiers, or handles, for the active processes and their threads, while DLL mode shows the DLLs and memory-mapped files that the process has loaded. The modes are specific to the type of data Process Explorer displays, so if IT wants to see a DLL-version problem, then Process Explorer should be in DLL mode.
The tools in Process Explorer offer targeted help such as Fast Search to locate a file quickly or the Kill Process option to shut down a complete process tree with one click. Hitting the space bar pauses the automatic updates so IT can monitor a process closely before it disappears. IT can easily locate files that get locked or lost in the sea of processes in the handle view. Process Explorer also uses VirusTotal to monitor potential malware from questionable processes. IT can add the VirusTotal column in options, and the column will show all the antivirus sites that flagged a process as a potential virus.
Process Explorer was one of many tools created by Winternals Software, which Microsoft then acquired and renamed Windows Sysinternals. Process Explorer is available for free download separate from the suite.