阅读883 返回首页    go 搜狐

Wmi Provider Host 占用系统资源过高的问题

      总是占用系统很多资源。详细信息如下:

      常规信息:

           

       Id = {00000000-0000-0000-0000-000000000000};ClientMachine = ZJBL-20161002QP;用户 = NT AUTHORITY\SYSTEM;ClientProcessId = 780;组件 = Unknown;操作 = Start IWbemServices::ExecQuery - root\wmi : select * from WDMClassesOfDriver where Driver = "C:\\WINDOWS\\system32\\drivers\\ndis.sys[MofResourceName]" and (HighDateTime != 0 or LowDateTime != 0);ResultCode = 0x80041032;PossibleCause = Unknown

        详细信息:

               友好视图:

                日志名称:          Microsoft-Windows-WMI-Activity/Operational
来源:            Microsoft-Windows-WMI-Activity
日期:            2017-10-7 08:45:14
事件 ID:         5858
任务类别:          无
级别:            错误
关键字:           
用户:            SYSTEM
计算机:           ZJBL-20161002QP
描述:
Id = {00000000-0000-0000-0000-000000000000};ClientMachine = ZJBL-20161002QP;用户 = NT AUTHORITY\SYSTEM;ClientProcessId = 780;组件 = Unknown;操作 = Start IWbemServices::ExecQuery - root\wmi : select * from WDMClassesOfDriver where Driver = "C:\\WINDOWS\\system32\\drivers\\ndis.sys[MofResourceName]" and (HighDateTime != 0 or LowDateTime != 0);ResultCode = 0x80041032;PossibleCause = Unknown
事件 Xml:
<Event xmlns="https://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-WMI-Activity" Gu />
    <EventID>5858</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x4000000000000000</Keywords>
    <TimeCreated SystemTime="2017-10-07T00:45:14.079802200Z" />
    <EventRecordID>1218</EventRecordID>
    <Correlation />
    <Execution ProcessID="1784" ThreadID="2436" />
    <Channel>Microsoft-Windows-WMI-Activity/Operational</Channel>
    <Computer>ZJBL-20161002QP</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <UserData>
    <Operation_ClientFailure xmlns="https://manifests.microsoft.com/win/2006/windows/WMI">
      <Id>{00000000-0000-0000-0000-000000000000}</Id>
      <ClientMachine>ZJBL-20161002QP</ClientMachine>
      <User>NT AUTHORITY\SYSTEM</User>
      <ClientProcessId>780</ClientProcessId>
      <Component>Unknown</Component>
      <Operation>Start IWbemServices::ExecQuery - root\wmi : select * from WDMClassesOfDriver where Driver = "C:\\WINDOWS\\system32\\drivers\\ndis.sys[MofResourceName]" and (HighDateTime != 0 or LowDateTime != 0)</Operation>
      <ResultCode>0x80041032</ResultCode>
      <PossibleCause>Unknown</PossibleCause>
    </Operation_ClientFailure>
  </UserData>
</Event>

xml视图:

        日志名称:          Microsoft-Windows-WMI-Activity/Operational
来源:            Microsoft-Windows-WMI-Activity
日期:            2017-10-7 08:45:14
事件 ID:         5858
任务类别:          无
级别:            错误
关键字:           
用户:            SYSTEM
计算机:           ZJBL-20161002QP
描述:
Id = {00000000-0000-0000-0000-000000000000};ClientMachine = ZJBL-20161002QP;用户 = NT AUTHORITY\SYSTEM;ClientProcessId = 780;组件 = Unknown;操作 = Start IWbemServices::ExecQuery - root\wmi : select * from WDMClassesOfDriver where Driver = "C:\\WINDOWS\\system32\\drivers\\ndis.sys[MofResourceName]" and (HighDateTime != 0 or LowDateTime != 0);ResultCode = 0x80041032;PossibleCause = Unknown
事件 Xml:
<Event xmlns="https://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-WMI-Activity" Gu />
    <EventID>5858</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x4000000000000000</Keywords>
    <TimeCreated SystemTime="2017-10-07T00:45:14.079802200Z" />
    <EventRecordID>1218</EventRecordID>
    <Correlation />
    <Execution ProcessID="1784" ThreadID="2436" />
    <Channel>Microsoft-Windows-WMI-Activity/Operational</Channel>
    <Computer>ZJBL-20161002QP</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <UserData>
    <Operation_ClientFailure xmlns="https://manifests.microsoft.com/win/2006/windows/WMI">
      <Id>{00000000-0000-0000-0000-000000000000}</Id>
      <ClientMachine>ZJBL-20161002QP</ClientMachine>
      <User>NT AUTHORITY\SYSTEM</User>
      <ClientProcessId>780</ClientProcessId>
      <Component>Unknown</Component>
      <Operation>Start IWbemServices::ExecQuery - root\wmi : select * from WDMClassesOfDriver where Driver = "C:\\WINDOWS\\system32\\drivers\\ndis.sys[MofResourceName]" and (HighDateTime != 0 or LowDateTime != 0)</Operation>
      <ResultCode>0x80041032</ResultCode>
      <PossibleCause>Unknown</PossibleCause>
    </Operation_ClientFailure>
  </UserData>
</Event>

         

                   

最后更新:2017-10-07 10:03:01

  上一篇:go 关于Microsoft Edge for Android
  下一篇:go 公布 Office for Mac(版本 15.39)的 10