Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.



http://www.sysinternals.com/ntw2k/freeware/procexp.shtml

Copy it to your %systemroot%\system32 folder and use the replace the task manger option with it. It's the best.

@Ariel_001, Thats a great idea, how did you find that out ? When I saw this I thought of all the problems people were having with malware . Also highjackthis while a great program does n't explain what the running processes are . :)

I saw it somewhere. This program is what the task manger would be if it was on steroids.

Latest version 9.02: http://www.sysinternals.com/ntw2k/freeware/procexp.shtml
Check out other stuff too:
http://www.sysinternals.com/ntw2k/source/filemon.shtml
http://www.sysinternals.com/ntw2k/source/regmon.shtml
http://www.sysinternals.com/ntw2k/freeware/autoruns.shtml
http://www.sysinternals.com/ntw2k/source/misc.shtml

Thanx Ariel, all one could ask for , feedback . ;)

You should try out autoruns: http://www.sysinternals.com/ntw2k/freeware/autoruns.shtml

Check out what get loaded when you start your computer.

Thats what I love about this forum , you post a thread trying to help and get pwned ! :ohmy: JK Ariel, I'm going to try the copy task manager trick. Thanx buddie . :) Whats that old saying ? Learn something new everyday , I love it .

Hey Ariel_001 where is the "%systemroot%\system32 folder" in XP? Probably should know myself. lol. Thanks.

It requires mdm to be running.

I don't like mdm.

What's mdm?

Machine Debug manager.

Usually it's a pretty useless drain on resources, unless you are a developer of some sort, but apparently this needs it for something.

It's for script-debugging.

Hey Ariel_001 where is the "%systemroot%\system32 folder" in XP? Probably should know myself. lol. Thanks.

C:\WINDOWS\system32
then look for taskmgr.exe

C:\WINDOWS\system32
then look for taskmgr.exe



First thing I looked for . Thought I'm "NOT" fucking with that ! :lol: But will try whats the worst thing that can happen ? Format big deal . :)

Thanks folks.

Environment variables - These are wildcard values that can be entered into Windows explorer on NT based systems.
They will always lead to the named directories, regardless of the drive letter Windows was installed to.

C: is used in the following examples, but the letter for the system drive could be R or even X - and it would work just the same.

%Type in this variable% = Displays this drive/directory

%SystemDrive% = C:
%SystemRoot% = C:\WINDOWS
%WinDir% = C:\WINDOWS
%Temp% or %Tmp% = C:\DOCUME~1\[user]\LOCALS~1\Temp from C:\Documents and Settings\[user]\Local Settings\Temp
%HOMEDRIVE% = C: The drive letter associated with the user's home directory
%HOMEPATH% = The path to the user's home directory (excluding drive):\Documents and Settings\[user]

There are other variables for NT and Win2000 systems too..
Google 'windows environment variables' for more info.

First thing I looked for . Thought I'm "NOT" fucking with that ! :lol: But will try whats the worst thing that can happen ? Format big deal . :)

Do not delete that! Process Explorer has an option to replace task manger. ;)

Do not delete that! Process Explorer has an option to replace task manger. ;)


No problem , I know what you meant . But thanx for watchin out . I appreciate it . :)

No problem , I know what you meant . But thanx for watchin out . I appreciate it . :)


ok, cool. Anyways I think sfc will do it magic when you try to delete things like that. :blink: