Find process by thread ID
You can do it like this with a batch file:
Batchfile killprocess.bat:
@echo off
set processhandle=
set description=
set handle=%1
IF "%handle%." == "." (
echo Usage: killprocess threadID
exit/b
)
FOR /F "tokens=*" %%A IN ('WMIC PATH Win32_thread WHERE handle^=%handle% GET Processhandle /VALUE ^| find "="') DO set "%%A"
FOR /F "tokens=*" %%A IN ('WMIC PATH Win32_process WHERE handle^=%processhandle% GET Description /VALUE ^| find "="') DO set "%%A"
IF "%ProcessHandle%." == "." (
echo ThreadID not found
exit/b
)
echo I'm going to kill %Description% (Processhandle = %processhandle%) if you don't press Q in 5 seconds
echo (or you can press Y to continue)
choice /N /T 5 /C yq /D y
if "%errorlevel%"=="2" goto :eof
echo Killing %Description% (Processhandle = %processhandle%)
Taskkill /PID %processhandle% /T /F
Usage would be something like this:
killprocess 13008
Edit: I also added an abort option (choice) and a description of the process being killed. You could delete this if you don't want it.
Related videos on Youtube
11 : 35
01 : 02
10 : 14
06 : 17
01 : 48
03 : 18
Thomas Weller
I'm trainer at Mitutoyo CTL Germany and e.g. responsible for students and pupils. I'm also training kids for Electronics and we're building a CPU. On SO I'm mainly answering debugging related questions and I'm proud to be the first and currently only owner of a golden windbg badge. But trust me, there are people who know WinDbg much better than me and do stuff that really astonishes me. Previous positions: Software Developer Senior Project Manager Group Manager Test Manager
Updated on September 18, 2022Comments
-
Thomas Weller over 1 year
One of my programs outputs its thread ID for debugging purposes. For testing reasons I'd like to kill the process to which the thread ID belongs.
How do I get the process ID if I have the thread ID so that I can use it with
taskkill?I tried
-
tasklistbut it doesn't seem to have a switch for thead IDs. - SysInternals Process Explorer's "Find handle" feature, which works, but I'd need something that can be automated in a batch file
- SysInternals Handle
-a Thread, but that doesn't seem to work.handle -a | find "Thread"works better, but I lose the process information
-
CBHacking over 8 yearsAre you willing to write a bit of code for this (like, C++ or C#)? The API you would call is GetProcessIdOfThread, which needs a thread HANDLE; you would get that by calling OpenThread.
-
Thomas Weller over 8 years@CBHacking: well, if necesary... I thought it must exist out of the box already.
-
CBHacking over 8 yearsI mean, yeah, I'm sure it can be done using sufficiently convoluted regular expressions with
findstror similar. But yeah, tools for Windows don't generally assume you are trying to go from thread ID to process ID; it's usually the other way around. -
Thomas Weller over 8 years@CBHacking: No, for sure, if a tool like
tid2piddoes not exist, I'd rather write one -
Thomas Weller over 8 years@CBHacking: are you familiar with C++? I added a solution which seems to work for me.
-
-
Rik over 8 yearsEdit: I also added an abort option (choice) and a description of the process being killed. You could delete this if you don't want it.
-
Thomas Weller over 8 yearsGreat. That works. You were faster than me implementing a C++ solution.
-
DavidPostill over 8 yearsNice solution ;) -
Paul over 8 yearsIt's possible to
DO set "%%A"? I don't understand how you can call this variable as value -
Rik over 8 years@Paul
%%Acontains the complete lineProcessHandle=xxxxwhich wmic returns. SoDO set %%AAwill be substituted inDO set ProcessHandle=xxxxwhich works perfectly. (That way you don't have to split the output of wmic into ProcessHandle and the actual value :)) -
CBHacking over 8 yearsThis looks good, yes. The C++ stream silliness (overloading the bit-shift operators) will probably always bother me, but the code appears correct. Could be a little more robust and have better error reporting (for example, check
GetLastError()when something goes wrong) but it should work fine.
