Recipe 9.12. Viewing Processes That Have a Registry Key Open
ProblemYou want to view the processes that have a Registry key open. If a process has a key open, you may not be able to modify or delete that key or its values. SolutionUsing a graphical user interfaceOpen the Sysinternals Registry Monitor (regmon.exe) tool. By default, the Registry Monitor shows all processes that have a handle to a Registry key or value. You have two options for finding a specific key or value:
You can also use the Sysinternals Process Explorer (procexp.exe) tool to search for Registry handles. Using a command-line interfaceWith the Sysinternals handle command, you can find a process that has a Registry key open. Simply specify the -a switch and some part of the key path or value name you want to search on. Since the search is fuzzy, there is a chance it might match things other than Registry access (e.g., an open file), but if your search string is specific enough, you should be able to narrow it down. For example, the following command finds all processes that have a handle to something containing RunOnce in the name (often a Registry key): > handle -a RunOnce You can also use handle to view all processes that are accessing a key under HKLM\Software: > handle -a HKLM\Software |
Find. Enter the some part of the Registry key or value you want to search against. Make sure Direction is selected correctly (by default Down is selected, but if you want to search Up).
EAN: 2147483647
Pages: 408
- Command Reference
- Command Reference
- Implementing AToM for Like to Like Circuits
- MPLS QoS Operating Modes
- Case Study 2: Implementing Multi-VRF CE, VRF Selection Using Source IP Address, VRF Selection Using Policy-Based Routing, NAT and HSRP Support in MPLS VPN, and Multicast VPN Support over Multi-VRF CE