Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.
The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.
The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.
有没有想过哪个程序打开了特定的文件或目录?现在你可以知道了。Process Explorer向您显示已打开或加载的句柄和DLL进程的信息。 Process Explorer显示由两个子窗口组成。顶部窗口始终显示当前活动进程的列表,包括其所属帐户的名称,而底部窗口中显示的信息取决于Process Explorer所处的模式:如果它处于句柄模式,您将看到顶部窗口中所选进程已打开的句柄;如果Process Explorer处于DLL模式,您将看到进程加载的DLL和内存映射文件。Process Explorer还具有强大的搜索功能,可以快速显示哪些进程打开了特定句柄或加载了DLL。 Process Explorer的独特功能使其有助于跟踪DLL版本问题或处理泄漏,并深入了解Windows和应用程序的工作方式。 
(8)把进程两次运行(一次正常一次异常)的模块和句柄情况输出到文件,进行比对分析
ZIP
PNG