Tag Archives: RelatedFileObject

Windbg File Handle Analyzing fileobj

windbg file handle analyzing fileobj lkd> !handle …………………………. …………………………. …………………………. 0114: Object: 85324a48 GrantedAccess: 00120089 Entry: e7afb228 Object: 85324a48 Type: (8a527560) File ObjectHeader: 85324a30 (old version) HandleCount: 1 PointerCount: 2 Directory Object: 00000000 Name: \symbols.pub\ntkrpamp.pdb\D8743252F83B4F59985D6E19F33BFCAF1\ntkrpamp.pdb {HarddiskVolume1}   0118: Object: 85933148 GrantedAccess: 00100003 Entry: e7afb230 Object: 85933148 Type: (8a53c490) Event ObjectHeader: 85933130 (old version) HandleCount: 1

Read More