Open in app

Sign in

Write

Sign in

How to Find and Close a Handle on File with Sysinternal Handle Utility

The aim of this pageđź“ť is to explain how to manage file handles in Windows using the handle utility, based on the particular example of freeing a handle for a specific file. This happens when for example I cannot delete a git repository that I need to quickly re-clone because some program (sometimes VLC player) is having the handle open and the folder will not get deleted. The easiest is to use the handle utility from Sysinternals Suite

Pavol Kutaj
2 min readNov 21, 2023
  • The handle utility is a command-line tool provided by Sysinternals Suite from Microsoft.
  • It provides information about which files are opened by which processes.
  • It also provides the ability to close handles, which can be useful in some troubleshooting scenarios.
  • To use the handle utility, you need to open a command prompt - I use PowerShell, of course
  • You can then type handle to see a list of all handles for all processes.
  • If you want to see handles for a specific file, you can use the -a parameter followed by the file path.
  • This will display all handles associated with the file, including the PID (Process ID) of the process that owns each handle.
  • To find a handle you can also run handle -a | grep <file> -context 100,100 so that the big list of searches and the hit is displayed with the proper context for you to quickly grab PID and handle ID you need to close the handle
  • To close a handle, you can use the -c parameter followed by the handle number.
  • You also need to specify the PID of the process that owns the handle using the -p parameter.
  • So the command to close a handle looks like this: handle -c <handle> -p <pid>.
  • Be aware that closing handles can cause application or system instability.
  • Always make sure you know what you’re doing when you close a handle.
  • If you’re unsure, it’s best to leave it open or consult with someone who has more experience.
  • You must have administrative privilege to run the Handle utility.
  • If you’re not running it as an administrator, you might not see all the handles and you won’t be able to close them.
  • If you want to avoid a confirmation prompt for closing the handle, you can use -y a parameter.
  • So the command will look like this: handle -c <handle> -p <pid> -y.
  • This command will close the handle without asking for confirmation.
  • Be extra careful when using this option, as it won’t ask you to confirm before closing the handle.
  • Of course, even if you can’t close the handle with this, at least you know which process is holding it and you can kill the whole process instead

CODE

Here is a random example

# Display all handles for a specific file
handle -a "C:\example\example.dll.mui"

# Close a specific handle for a specific process
handle -c 314 -p 000 -y

In the first command, replace "C:\example\example.dll.mui" with the path to your file. In the second command, replace 314 with your handle number and 000 with your PID.

LINKS

Powershell
Sysinternals
Sre

--

--

Pavol Kutaj

Written by Pavol Kutaj

123 Followers

Today I Learnt | Infrastructure Support Engineer at snowplow.io with a passion for cloud infrastructure/terraform/python/docs. More at https://pavol.kutaj.com

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams