Menu
Using FileSystemWatcher we can monitor the IO activity of a particular file system, but is there anyway to know that which one of the running processes is causing that IO?
More specifically, suppose a running process viz. abc.exe is creating a file text.txt on drive D. We can monitor that a file named text.txt has been created in drive D using FileSystemWatcher, but can we determine programmatically that a process named abc.exe is creating that particular file in drive D?
223
handle.exe from SysInternals is a command line tool that allow programmatic access to which program has a particular file or directory open.
C:\>handle.exe c:\Windows\system32\stdole2.tlb
Produces this output:
Handle v3.42
Copyright (C) 1997-2008 Mark Russinovich
Sysinternals - www.sysinternals.com
devenv.exe pid: 5240 184: C:\Windows\System32\stdole2.tlb
Ssms.exe pid: 5000 1F4: C:\Windows\System32\stdole2.tlb
Which can be parsed programmatically.
http://technet.microsoft.com/en-us/sysinternals/bb896655.aspx
156
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
