Helping people with computers... one answer at a time.
Process Explorer is Task Manager on steroids. A free utility that completely replaces Task Manager, there's no reason not to have and use procexp.
OK, I admit it, I'm a geek. And part of the reason I say that is because I actually have Process Explorer as an auto-start entry on my two primary machines. It runs automatically whenever I boot up. Not only do I find that I refer to it that often, but I'm just the kind of person who likes to know what's going on inside his computer. You know, a geek.
Now, you may not need or even want to know what's going on under the hood. Let's face it, for most computer users you shouldn't have to. Computers are supposed to "just work", and you should never need to be bothered with things like processes or resource utilization or what not.
And we all know how well that's working. 
This is where process explorer comes in. Process Explorer - or frequently just "procexp" - provides a window into the world of all the programs running on your computer, and offers up a level of detailed information that Task Manager could never hope to approach.
•
It's difficult to begin to enumerate the types of things you can do with Process Explorer; it's like a swiss-army knife of system utilities; it has many, many potential uses.
When you fire it up,you'll get exactly what you might expect which is a list of the processes running on your machine:
Unlike Task Manager, the list is complete and includes all tasks running on your system. The "hierarchical" view (click on the "Process" column header to change the view from alphabetical to hierarchical) shows which tasks were started by which other tasks, which can be a very interesting way to understand just how all these processes relate to each other.
Click on the "CPU" column header and the processes will be listed in order of who's using the processor the most. This is perhaps the single most common use of procexp: to answer the question "who's eating up all my CPU"?
Click on the "Working Set" column header and processes will be listed in order of physical memory used. As you might expect, this is perhaps the next most common use: to answer the question "who's eating up all my memory?" (The "Virtual Size" column does the same but includes virtual memory - memory that may have been swapped to the system paging file and might not actually be physically in use.)
The Find function is a quick way to see, for example, what process happens to be using a file. Enter in a partial filename, and procexp will list all the processes that are referencing a handle (typically a file) that includes that name.
Process Explorer also lets you dive into individual processes for more information as well. Right click on any process and click on Properties for more details:
As you can see this view on a process, csrss.exe in this case, shows a lot of additional information. Explore the various tabs on the dialog and you'll be able to see its network usage, security attributes, the resource usage of the process, the command line used to initiate the process and even anything that looks like a readable string within the process image or memory space.
And even with everything I've just touched on, I've really only scratched the surface.
You'll find that in many Ask Leo! answers one of the first steps I mention is to "download and run process explorer" because it's just that useful. Even if you don't have a problem to investigate, Process Explorer is worth downloading and ... well ... exploring. There's a wealth of information available.
Process Explorer is a free download from Microsoft.
I recommend it.
Article C3480 - August 25, 2008 « »
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
January 25, 2011 11:42 AM
PE is great. As an advanced "newbie" I'm up to the challange of a steep learning curve to use this tool to its utmost. Leo's site brought PE to my attention. THANKS.
Comments:
I've watched " Breakout-WCL315, The Case of the Unexplained.... w/ Mark Russinovich" (1hr.21min). While it's a bit advanced in some areas, it indicates what I'll need to know to be more effective. The intermittent humor is great. As a "noob" to other noobs - take notes as you watch (yes, just like college). This vid plus Leo's vids should get anyone up and ready to go.
January 25, 2011 11:51 AM
Re: PE --- When you see all that's actually going on, past & present, inside a computer, a person can not help but to appreciate this complex technology --- and in seconds. Wow!
June 3, 2011 10:06 AM
a year or so ago, you published a tutorial on using Process Explorer. I downloaded and printed it. Since then that computer crashed and I no longer have it, nor can I find the paper copy. Is is still possible to obtain this download??
Many thanks for all you do for us.
June 3, 2011 2:16 PM
@Barbara
Here's the link to the tutorial on process explorer.
http://media.ask-leo.com/ebooks/introtoprocexp.pdf
August 31, 2012 8:43 AM
one thing you didn`t mention task manager and process explorer both require one thing, when your looking at a file you have to know what your looking at. this is not amateur friendly. when i try to remove programs i don`t recognize i always get scared off by "YOU ARE ABOUT TO REMOVE"