![]() ![]() There is a Find command which allows for searching a handle or DLL which can be used to identify the process(es) holding a file lock.There is a command to create a process dump (mini or full) (Process => Create Dump).In properties of a process a user can view the process's threads and threads' stack traces.(View => Lower Pane View => Handles) an option Show Lower Pane has to be switched on There is an option to display processes' handles which includes named mutants, events, sockets, files, registry keys etc.There is an option to display DLLs loaded by process (View => Lower Pane View => DLLs) an option Show Lower Pane has to be switched on.There is an option (in a process's context menu) to verify a process in VirusTotal. ![]() For example, when the pointer is placed over a svchost.exe, it will tell if it is the one performing automatic updates/secondary logon/etc., or the one providing RPC, or the one performing terminal services, and so on
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |