By Mark Russinovich Published: August 8, 2008 Introduction
Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.
The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.
The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.
Process Explorer works on Windows 2000 SP4 Rollup 1 or above.
Process Explorer 是一款增强型的任务管理器,它可以说是最好的免费进程监视工具. 它能让使用者了解看不到的在后台执行的处理程序,可以使用它方便地管理你的程序进程. 能监视,暂停,重启,强行终止任何程序,包括系统级别的不允许随便终止的关键进程和十分隐蔽的顽固木马. 除此之外,它还详尽地显示计算机信息: CPU,内存,I/O使用情况,可以显示一个程序调用了哪些动态链接库DLL,句柄,模块,系统进程. 以目录树的方式查看进程之间的归属关系,可以对进程进行调试. 可以查看进程的路径,以及公司,版本等详细信息,多色彩显示服务进程,很酷的曲线图. 可以替换系统自带的任务管理器.
