Process Explorer – Full Control Over Running Processes

Ever wondered what’s running on your computer? For most tech enthusiasts, it’s vital to have it all figured out. Complete understanding, if not complete control is a must. Though the Windows Task Manager does a decent job of listing processes, and memory usage, it’s not enough for us geeks.

Process Explorer by Sysinternals, is a program for Windows that gives you full control over what runs on your PC.

Getting started

To get started, just unzip the file, and run the EXE.

You can see everything that’s functioning. Broadly, the processes you see can be divided into idle, Windows and explorer.exe processes. Explorer.exe processes are the ones we’re interested in, because that’s how most applications are run.

System Information

You get detailed information about programs – its icon, command-line path, image path, memory stats, security attributes, and a lot more. You can even examine all the DLLs it has used, the operating system resources it’s using, and even track down processes that are using specific resources.

Multiple svchosts?

Go to the wininit.exe submenu, enlarge the services.exe group and you will see several svchost.exe files open. You could, of course, go to the Properties of each and monitor everything it’s doing, but hovering your mouse over it does the trick as well. Going to the properties, has the added advantage that you’ll be able to read and understand what each service actually does.

You can see advanced details of all running processes

View more

If you’re not overwhelmed by information overload, right click next to one of the columns headers and click on “Select Columns”. This way, you can see a lot more information about your processes.

Suspend, not end

One scenario that Process Explorer is really handy for, is when you’re infected with a virus. As most of us have experienced, the task manager is all but useless when it comes to helping us remove viruses.

While the Task Manager gets disabled by certain viruses, and even if it’s not, killing a rogue process usually just doesn’t help, as it starts up again. With Process Explorer, you can choose to Suspend a service or process, instead of ending it. Just right-click and choose Suspend. You can resume suspended services from the right-click menu as well.

The Suspend option is a life saver when you’re infected

Lower the pane

Go to View > Show Lower Pane (or use [Ctrl] + [L]). This will show you additional information about processes. You can also choose between viewing Handles or DLLs – go to View > Lower Pane View to choose one.

‘til death do us part

If you prefer Process Explorer to Task Manager, just go to Options > Replace Task Manager, and from now on this app will load instead of the Task Manager.