OK, I admit it, I’m a geek. And part of the reason I say that is because I actually have Process Explorer as an auto-start entry on my two primary machines. It runs automatically whenever I boot up. Not only do I find that I refer to it that often, but I’m just the kind of person who likes to know what’s going on inside his computer. You know, a geek.
Now, you may not need or even want to know what’s going on under the hood. Let’s face it, for most computer users you shouldn’t have to. Computers are supposed to “just work”, and you should never need to be bothered with things like processes or resource utilization or what not.
And we all know how well that’s working.
This is where process explorer comes in. Process Explorer – or frequently just “procexp” – provides a window into the world of all the programs running on your computer, and offers up a level of detailed information that Task Manager could never hope to approach.
Become a Patron of Ask Leo! and go ad-free!
It’s difficult to begin to enumerate the types of things you can do with Process Explorer; it’s like a swiss-army knife of system utilities; it has many, many potential uses.
When you fire it up,you’ll get exactly what you might expect which is a list of the processes running on your machine:
Unlike Task Manager, the list is complete and includes all tasks running on your system. The “hierarchical” view (click on the “Process” column header to change the view from alphabetical to hierarchical) shows which tasks were started by which other tasks, which can be a very interesting way to understand just how all these processes relate to each other.
Click on the “CPU” column header and the processes will be listed in order of who’s using the processor the most. This is perhaps the single most common use of procexp: to answer the question “who’s eating up all my CPU“?
Click on the “Working Set” column header and processes will be listed in order of physical memory used. As you might expect, this is perhaps the next most common use: to answer the question “who’s eating up all my memory?” (The “Virtual Size” column does the same but includes virtual memory – memory that may have been swapped to the system paging file and might not actually be physically in use.)
The Find function is a quick way to see, for example, what process happens to be using a file. Enter in a partial filename, and procexp will list all the processes that are referencing a handle (typically a file) that includes that name.
Process Explorer also lets you dive into individual processes for more information as well. Right click on any process and click on Properties for more details:
As you can see this view on a process, onedrive.exe in this case, shows a lot of additional information. Explore the various tabs on the dialog and you’ll be able to see its network usage, security attributes, the resource usage of the process, the command line used to initiate the process and even anything that looks like a readable string within the process image or memory space.
And even with everything I’ve just touched on, I’ve really only scratched the surface.
You’ll find that in many Ask Leo! answers one of the first steps I mention is to “download and run process explorer” because it’s just that useful. Even if you don’t have a problem to investigate, Process Explorer is worth downloading and … well … exploring. There’s a wealth of information available.
Process Explorer is a free download from Microsoft.
I recommend it.