Description

Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.

Installation

Process Explorer can be downloaded from following location: http://download.sysinternals.com/files/ProcessExplorer.zip

Usage

Main interface

Verify option

The verify option compares the image on disk and on memory. If it's the same, it displays "(Verified)" on top of the popup window. This feature is particularly useful for verifying that the Windows file on disk has not been corrupted; malware often replaces authentic Windows files with its own in an attempt to hide.