Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.17031 (winblue_gdr.140221-1952) 2.92%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.83%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.01%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.98%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.01%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.07%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.24%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.01%
6.2.9200.16384 (win8_rtm.120725-1247) 3.79%
6.2.9200.16384 (win8_rtm.120725-1247) 0.17%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.05%
6.1.7600.16385 (win7_rtm.090713-1255) 0.74%
6.1.7600.16385 (win7_rtm.090713-1255) 1.88%
6.1.7600.16385 (win7_rtm.090713-1255) 42.01%
6.1.7600.16385 (win7_rtm.090713-1255) 2.00%
6.1.7600.16385 (win7_rtm.090713-1255) 2.42%
6.1.7600.16385 (win7_rtm.090713-1255) 3.82%
6.1.7600.16385 (win7_rtm.090713-1255) 11.84%
6.1.7600.16385 (win7_rtm.090713-1255) 2.03%
6.1.7600.16385 (win7_rtm.090713-1255) 0.01%
6.1.7600.16385 (win7_rtm.090713-1255) 0.01%
6.1.7600.16385 (win7_rtm.090713-1255) 0.66%
6.1.7600.16385 (win7_rtm.090713-1255) 0.05%
6.1.7600.16385 (win7_rtm.090713-1255) 0.01%
6.1.7600.16385 (win7_rtm.090713-1255) 0.01%
View more

Relationships

Parent processes
Child processes

explorer.exe

Windows Explorer by Microsoft Corporation (Signed)

Remove explorer.exe
Version:   6.1.7600.16385 (win7_rtm.090713-1255)
MD5:   0862495e0c825893db75ef44faea8e93
SHA1:   e4b9a40fa341bcb82f20c9c3cefad84825e0d194
SHA256:   d190b84f29a6f22acfc313373301a848a927882cf728ca6d72eed4073dfc2b75
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is explorer.exe?

Windows Explorer also known as File Explorer, is a file manager application and also a navigation tool that is included with releases of the Microsoft Windows operating system. It provides a graphical user interface for accessing the file systems. It is also the component of the operating system that presents many user interface items on the monitor such as the taskbar and desktop. Located in the C:\Windows directory, it is sometimes referred to as the Windows shell, explorer.exe.

Overview

explorer.exe executes as a process with the local user's privileges typically within the context of its parent winlogon.exe (Windows Logon Application by Microsoft). It configures an autoplay handler withing explorer.exe named MSOpenFolder that will launch the program automatically. The file is digitally signed by Microsoft Corporation. This version is designed to run on Windows 7 and is compiled as a 64 bit program.

DetailsDetails

File name:explorer.exe
Publisher:Microsoft Corporation
Product name:Windows Explorer
Description:Microsoft® Windows® Operating System
Typical file path:C:\windows\explorer.exe
Original name:EXPLORER.EXE.MUI
File version:6.1.7600.16385 (win7_rtm.090713-1255)
Product version:6.1.7600.16385
Size:2.74 MB (2,870,272 bytes)
Certificate
Issued to:Microsoft Corporation
Authority (CA):Microsoft Corporation
Expiration date:Tuesday, July 9, 2013
Digital DNA
Entropy:5.934229
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Shell open commands
  • SHCmdFile
Autoplay handlers
Runs under the registry key 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers'
  • Handler name 'MSOpenFolderBackup'
  • Handler name 'MSOpenFolder'
Scheduled tasks
  • The task '{AD36F1D3-E56E-44BA-A569-280718EB8C51}' runs on registration in the path '\{AD36F1D3-E56E-44BA-A569-280718EB8C51}'

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.01985658%
0.028634%
Kernel CPU:0.01228771%
0.013761%
User CPU:0.00756888%
0.014873%
Kernel CPU time:427,191,393 ms/min
100,923,805ms/min
CPU cycles:4,908,886/sec
17,470,203/sec
Context switches:87/sec
284/sec
Memory
Private memory:56.26 MB
21.59 MB
Private (maximum):81.26 MB
Private (minimum):29.87 MB
Non-paged memory:56.26 MB
21.59 MB
Virtual memory:320.97 MB
140.96 MB
Virtual memory (peak):440.36 MB
169.69 MB
Working set:52.41 MB
18.61 MB
Working set (peak):93.57 MB
37.95 MB
Page faults:921,547/min
2,039/min
I/O
I/O read transfer:144.45 KB/sec
1.02 MB/min
I/O read operations:30/sec
343/min
I/O write transfer:30.05 KB/sec
274.99 KB/min
I/O write operations:2/sec
227/min
I/O other transfer:7.96 KB/sec
448.09 KB/min
I/O other operations:584/sec
1,671/min
Resource allocations
Threads:30
12
Handles:2482
600
GUI GDI count:545
103
GUI GDI peak:759
142
GUI USER count:312
49
GUI USER peak:469
71

BehaviorsProcess properties

Tray notification:Yes
Integrety level:Medium
Platform:64-bit
Command lines:
  • C:\windows\explorer.exe
  • explorer.exe
  • C:\windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -embedding
  • "C:\windows\explorer.exe"
Owner:User
Parent processes:

ResourcesThreads

Averages
 
SHLWAPI.dll
Total CPU:0.04465704%
0.272967%
Kernel CPU:0.02732780%
0.107585%
User CPU:0.01732924%
0.165382%
CPU cycles:1,840,557/sec
5,741,424/sec
Context switches:4/sec
79/sec
Memory:452 KB
1.16 MB
Explorer.EXE (main module)
Total CPU:0.04264229%
Kernel CPU:0.01917799%
User CPU:0.02346430%
CPU cycles:1,018,126/sec
Context switches:2/sec
Memory:2.75 MB
ntdll.dll
Total CPU:0.01691584%
Kernel CPU:0.01022126%
User CPU:0.00669458%
CPU cycles:398,574/sec
Context switches:1/sec
Memory:1.67 MB
pnidui.dll
Total CPU:0.00596683%
Kernel CPU:0.00282622%
User CPU:0.00314061%
CPU cycles:192,290/sec
Memory:1.74 MB
WINMM.dll
Total CPU:0.00160539%
Kernel CPU:0.00004041%
User CPU:0.00156498%
CPU cycles:22,758/sec
Memory:236 KB
fxsst.dll
Total CPU:0.00114510%
Kernel CPU:0.00114510%
User CPU:0.00000000%
CPU cycles:6,072/sec
Memory:860 KB
WlanMM.dll
Total CPU:0.00056760%
Kernel CPU:0.00010017%
User CPU:0.00046742%
CPU cycles:16,490/sec
Memory:828 KB
MMDevApi.dll
Total CPU:0.00032006%
Kernel CPU:0.00002504%
User CPU:0.00029502%
CPU cycles:851/sec
Memory:300 KB
DesktopDock64.dll
Total CPU:0.00030793%
Kernel CPU:0.00027187%
User CPU:0.00003606%
CPU cycles:6,594/sec
Memory:1000 KB
Wlanapi.dll
Total CPU:0.00028222%
Kernel CPU:0.00019809%
User CPU:0.00008413%
CPU cycles:15,581/sec
Memory:128 KB
ole32.dll
Total CPU:0.00020108%
Kernel CPU:0.00002281%
User CPU:0.00017828%
CPU cycles:2,937/sec
Memory:2.01 MB
GIMEJA.IME
Total CPU:0.00019250%
Kernel CPU:0.00009118%
User CPU:0.00010132%
CPU cycles:3,374/sec
Memory:2.1 MB

Common loaded modules

These are modules that are typiclaly loaded within the context of this process.

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 36.00%
Windows 8.1 Pro 14.00%
Windows 7 Ultimate 12.00%
Windows 8.1 10.50%
Windows 7 Professional 6.50%
Windows 8 6.50%
Windows 8.1 Single Language 6.00%
Windows 8.1 N 4.00%
Windows 8 Single Language 2.50%
Windows 8.1 Pro with Media Center 2.00%

Distribution by countryDistribution by country

United States installs about 51.50% of Windows Explorer.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Hewlett-Packard 23.75%
ASUS 23.33%
Dell 14.17%
Toshiba 13.33%
Acer 12.08%
Lenovo 6.67%
Alienware 3.33%
Samsung 3.33%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE