explorer.exe
Windows Explorer by Microsoft Corporation (Signed)
| Version: | 6.1.7600.16385 (win7_rtm.090713-1255) | 
| MD5: | ef1d932549140f3bc64bc81ea77b52c5 | 
| SHA1: | bd2725db9e69fb6b029a88d74f04f794ec5e9401 | 
This is a Windows system installed file with Windows File Protection (WFP) enabled.
What is explorer.exe?
Windows Explorer also known as File Explorer, is a file manager application and also a navigation tool that is included with releases of the Microsoft Windows operating system. It provides a graphical user interface for accessing the file systems. It is also the component of the operating system that presents many user interface items on the monitor such as the taskbar and desktop. Located in the C:\Windows directory, it is sometimes referred to as the Windows shell, explorer.exe.
Overview
explorer.exe executes as a process with the local user's privileges. It configures an autoplay handler withing explorer.exe named MSOpenFolder that will launch the program automatically. The file is digitally signed by Microsoft Corporation. This version is designed to run on Windows 7 and is compiled as a 32 bit program.
 Details
Details
| File name: | explorer.exe | 
| Publisher: | Microsoft Corporation | 
| Product name: | Windows Explorer | 
| Description: | Microsoft® Windows® Operating System | 
| Typical file path: | C:\windows\explorer.exe | 
| Original name: | EXPLORER.EXE.MUI | 
| File version: | 6.1.7600.16385 (win7_rtm.090713-1255) | 
| Product version: | 6.1.7600.16385 | 
| Size: | 2.51 MB (2,633,216 bytes) | 
| Certificate | 
| Issued to: | Microsoft Corporation | 
| Authority (CA): | Microsoft Corporation | 
| Expiration date: | Tuesday, July 9, 2013 | 
| Digital DNA | 
| Entropy: | 5.934229 | 
| File packed: | No | 
| Code language: | Microsoft Visual C++ | 
| .NET CLR: | No | 
More details
 Behaviors
Behaviors
Shell open commands
Autoplay handlers
Runs under the registry key 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers'
- Handler name 'MSOpenFolderBackup'
- Handler name 'MSOpenFolder'
Scheduled tasks
- The task '{AD36F1D3-E56E-44BA-A569-280718EB8C51}' runs on registration in the path '\{AD36F1D3-E56E-44BA-A569-280718EB8C51}'
 Resource utilization
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
| CPU | 
| Total CPU: | 0.00611897% |  | 
| Kernel CPU: | 0.00486606% |  | 
| User CPU: | 0.00125291% |  | 
| Kernel CPU time: | 176,936 ms/min |  | 
| Memory | 
| Private memory: | 53.46 MB |  | 
| Private (maximum): | 86.88 MB |  | 
| Private (minimum): | 34.55 MB |  | 
| Non-paged memory: | 53.46 MB |  | 
| Virtual memory: | 310.66 MB |  | 
| Virtual memory (peak): | 564.63 MB |  | 
| Working set: | 65.95 MB |  | 
| Working set (peak): | 106.4 MB |  | 
| Resource allocations | 
| Threads: | 32 |  | 
| Handles: | 985 |  | 
| GUI GDI count: | 570 |  | 
| GUI GDI peak: | 911 |  | 
| GUI USER count: | 364 |  | 
| GUI USER peak: | 639 |  | 
 
 Process properties
Process properties
| Tray notification: | Yes | 
| Integrety level: | High | 
| Platform: | 32-bit | 
| Command line: | C:\windows\explorer.exe | 
| Owner: | User | 
 Threads
Threads
Averages
 
| Explorer.EXE (main module) | 
| Total CPU: | 0.38234897% |  | 
| Kernel CPU: | 0.08383571% |  | 
| User CPU: | 0.29851326% |  | 
| CPU cycles: | 11,406,279/sec |  | 
| Context switches: | 9/sec |  | 
| Memory: | 2.52 MB |  | 
| ntdll.dll | 
| Total CPU: | 0.03669870% |  | 
| Kernel CPU: | 0.01665174% |  | 
| User CPU: | 0.02004695% |  | 
| CPU cycles: | 1,111,805/sec |  | 
| Context switches: | 1/sec |  | 
| Memory: | 1.23 MB |  | 
| SHLWAPI.dll | 
| Total CPU: | 0.02133776% |  | 
| Kernel CPU: | 0.01082895% |  | 
| User CPU: | 0.01050881% |  | 
| CPU cycles: | 1,361,965/sec |  | 
| Context switches: | 3/sec |  | 
| Memory: | 348 KB |  | 
| WINMM.dll | 
| Total CPU: | 0.00151306% |  | 
| Kernel CPU: | 0.00129691% |  | 
| User CPU: | 0.00021615% |  | 
| CPU cycles: | 66,881/sec |  | 
| Memory: | 200 KB |  | 
| MSVCR80.dll | 
| Total CPU: | 0.00090039% |  | 
| Kernel CPU: | 0.00060026% |  | 
| User CPU: | 0.00030013% |  | 
| CPU cycles: | 498,764/sec |  | 
| Memory: | 620 KB |  | 
| MMDevApi.dll | 
| Total CPU: | 0.00016162% |  | 
| Kernel CPU: | 0.00016162% |  | 
| User CPU: | 0.00000000% |  | 
| CPU cycles: | 5,266/sec |  | 
| Memory: | 228 KB |  | 
 
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
 Distribution by Windows OS
Distribution by Windows OS
| OS version | distribution | 
| Windows 7 Home Premium | 36.00% |  | 
| Windows 8.1 Pro | 14.00% |  | 
| Windows 7 Ultimate | 12.00% |  | 
| Windows 8.1 | 10.50% |  | 
| Windows 7 Professional | 6.50% |  | 
| Windows 8 | 6.50% |  | 
| Windows 8.1 Single Language | 6.00% |  | 
| Windows 8.1 N | 4.00% |  | 
| Windows 8 Single Language | 2.50% |  | 
| Windows 8.1 Pro with Media Center | 2.00% |  | 
 Distribution by country
Distribution by country
United States installs about 51.50% of Windows Explorer.
 Distribution by PC manufacturer
Distribution by PC manufacturer
| PC Manufacturer | distribution | 
| Hewlett-Packard | 23.75% |  | 
| ASUS | 23.33% |  | 
| Dell | 14.17% |  | 
| Toshiba | 13.33% |  | 
| Acer | 12.08% |  | 
| Lenovo | 6.67% |  | 
| Alienware | 3.33% |  | 
| Samsung | 3.33% |  |