Usage
Handle is targetted at searching for open file references, so if you do not specify any command-line parameters it will list the values of all the handles in the system that refer to open files and the names of the files. It also takes several parameters that modify this behavior. usage: handle [[-a] [-u] | [-c <handle> [-y]] | [-s]] [-p <processname>|<pid>> [name]
-a
Dump information about all types of handles, not just those that refer to files. Other types include ports, Registry keys, synchronization primitives, threads, and processes.
-c
Closes the specified handle (interpreted as a hexadecimal number). You must specify the process by its PID.
WARNING: Closing handles can cause application or system instability.
-y
Don't prompt for close handle confirmation.
-s
Print count of each type of handle open.
-u
Show the owning user name when searching for handles.
-p
Instead of examining all the handles in the system, this parameter narrows Handle's scan to those processes that begin with the name process. Thus:
handle -p exp
would dump the open files for all processes that start with "exp", which would include Explorer.
name
This parameter is present so that you can direct Handle to search for references to an object with a particular name. For example, if you wanted to know which process (if any) has "c:\windows\system32" open you could type:
handle windows\system
The name match is case-insensitive and the fragment specified can be anywhere in the paths you are interested in