processtask-managerwindows
How do you typically identify processes in windows' task manager when trouble shooting a problematic system?
It's easy enough to get a list of tasks via the task manager but how do you determine which ones should stay and which are candidates for removal?
I've had success with Sysinternals Process Explorer. With this, you can search to find what process(es) have a file open, and you can use it to close the handle(s) if you want. Of course, it is safer to close the whole process. Exercise caution and judgement.
To find a specific file, use the menu option Find->Find Handle or DLL... Type in part of the path to the file. The list of processes will appear below.
If you prefer command line, Sysinternals suite includes command line tool Handle, that lists open handles.
Examples
c:\Program Files\SysinternalsSuite>handle.exe |findstr /i "e:\" (finds all files opened from drive e:\"c:\Program Files\SysinternalsSuite>handle.exe |findstr /i "file-or-path-in-question"
Best Answer
I typically use a combination of two tools when I doing this.
First Process Explorer, which is basically Task Manager on crack. I really don't know why Micorsoft doesn't just replace one for the other. this application will tell what processes are running, whether they are a sub process of another, who the owner of the process is, what files are in use by that process, the time in which it started, its path, etc. There is very little that this tool won't tell you from a basic level. It even has built-in Google searching for looking up further info on the internet about a process.
Second is the Process Explorers close cousin, Process Monitor. Process Monitor is similar to process explorer, only it shows you much more verbose information about what a process is doing. This tool will show what files and registry keys a process is try read/delete/modify, what is being written to registry/file system whenever changes are made. Because this one is so much more verbose, I have to warn you with caution that if you are trying to use it on a older/weaker computer as it may crash the system do to system overload. You can however apply filters to help limit the amount of input which comes out of it, which is probably the preferred way since this tool really shows you too much when the view is not filtered to hide whatever is not related to your troubleshooting.