Before you begin
- You have Process Explorer open. See Open Process Explorer.
It is highly recommended to be running Process Explorer as administrator. While it is not necessary to run Process Explorer as administrator, not doing so can mean the search cannot look at handles for processes to which you do not have access.
Steps to take
- Click on the binoculars button
The Process Explorer Search window opens - Enter what you wish to search for then click Search
In this example I am searching for 7A8CB8A3-4A10-4E3F-B290-6C953B0EAB75.bmp - Select a file handle in the Process Explorer Search window
Process Explorer will jump to the file handle and select the owning process - If you are sure, Click Yes
Where to from here
- You may wish to Close a handle. See Close a handle.
This clears the way to move forward with deleting the file
In this example, there were many handles to 7A8CB8A3-4A10-4E3F-B290-6C953B0EAB75.bmp. I had to clear them all before I could go ahead and delete the file.
Background
Task manager is an excellent tool for working with processes, high-level performance, users, and process details.
Resource Monitor is an excellent tool for monitoring the CPU, memory, disk and network resources
But sometimes we want to know which handles and DLLs a process is holding on to, or more often in reverse - given a file, which process is holding on to it.
For example, sometimes when an attempt is made to delete a file, Windows reports the file is in use.
Sometimes the message reveals which process is holding on to the file but this is often not the case. When the message does not reveal which process is holding on to the file, how can you find out without having to resort to a reboot?
To an extend, Resource Monitor can achieve this
But for this task, this is where Process Explorer really shines.
Comments (0 comments)