Hello,I have a Process ID and I would like to know which process was using it. The process has already ended and does not show anymore under Task manager. I need this information as a process is killing one machine every day (Error 1010) and the process is in the message but no more info about this process...Tomorrow the process ID will be different as the process will start sometime... again...Any idea?Thanks,DomSystem Center Operations Manager 2007 / System Center Configuration Manager 2007 R2 Support

Hi,You mean to say you have a process ID but you do not know the exe associated with it ? It is difficult to know which exe was holding the process after it has ended. If your process coressponds to a service then a relevant event id will be logged under eventvwr. If not you need to wait until next time the process loads in , and the you need to check which exe was bound to the PID. You can also download process explorer which gives you advance information about the process / PID.

I tried again today to wait for the issue but it did not come.... I will give another try thext 2-3 days...Thanks,DomSystem Center Operations Manager 2007 / System Center Configuration Manager 2007 R2 Support

Hi Felyjos,Just a quick question, what would be your next step after you identify the process ?Will you be debugging the process ?, if so please use adplus utility

Hello,Yes I need to know which process causes the error Event ID 1010 which is hanging the server during about 5 minutes almost every day.Then I will have to check who is the owner of this process and see how to proceed and resolve this issue.Thanks,DomSystem Center Operations Manager 2007 / System Center Configuration Manager 2007 R2 Support

Hi , After identifying the process, make sure you a) adplus utlity , check the below link to understand the modes. http://support.microsoft.com/kb/286350b) after you get the dump, use windbg to anlayze the dump , you need to see i) whether the process belongs to microsoft ii) additional process ( 3rd party ) communicating with the process iii) you need to check the number of threads currently holding the process iv) verify for the memory column for the threads , and then it depends how you proceed with debugging.Quick tips ======a) check for the latest file versionb) Check your system for Virus activity.

Hello,Thanks for the path.Is ADPLUS more efficient than ProcessMonitor?Thanks,DomSystem Center Operations Manager 2007 / System Center Configuration Manager 2007 R2 Support

Hi,Process monitor is useful to identify the process , proces sname and its variables.so after identifying the process name , you shoudl use adplus to capture the memory / app dump for further analysis.so both are required and both are very different from functionality

thanks a lot,DomSystem Center Operations Manager 2007 / System Center Configuration Manager 2007 R2 Support