Windows 7 Thread, Windows 7 - WMIADAP in Technical; Hi guys
I'm struggling with a strange problem with Windows 7 on the domain(vanilla 2k8). My machines seem to be ...
6th April 2011, 10:35 AM #1
Windows 7 - WMIADAP
I'm struggling with a strange problem with Windows 7 on the domain(vanilla 2k8). My machines seem to be regularly (a few each week) going 100% on one core for the service calling wmiadap during bootup.
The only way I can get into the desktop is safemode where the 100% still happens, but I can run process explorer.
Nothing I seem to try seems to stop this and currently I'm just reimaging to keep these machines running. (I have kept a couple to experiment on).
The worst part is the randomness... Yesterday I had 2 machines in a room of 30 identical , same OU machines go 100% WMI. I know that after I reimage these 2 machines could still do the same thing, but so could any of the others in the room.
A few (not complete) software additions...
Mcafee 8.7 AV
Office 2k3 (some with 2010 too)
Any guesses or experience would be welcomed cause I'm banging my head here...
IDG Tech News
6th April 2011, 10:41 AM #2
Stupid question, but where is wmiadap located?
Is it the "C:Windows\system32\WBEM\WMIADAP.EXE" or another folder? As normally other folders one is a virus disguised.
6th April 2011, 10:46 AM #3
Hi Steve, checking now. Virus has passed my mind, but this has been going on for a few weeks and I'll be seriously miffed if Mcafee has been missing it for that long
6th April 2011, 11:09 AM #4
It is showing as that location. Although process explorer shows \\? in front of the path which I don't recognise...
6th April 2011, 11:13 AM #5
@AlexB - Are there any errors in the Event Logs?
Check the wmiadap.log and post here?
6th April 2011, 11:21 AM #6
It looks like that process handles cleaning up WMI information, this is expanded by various software and drivers that add performance counters into the WMI subsystem. If one or more of these was behaving badly that might be able to cause a hangup like that. Are you running the latest drivers, BIOS and version of AV?
You could try looking through the logging information to see if any events are being generated that indicate a corrupt database entry: Tracing WMI Activity (Windows)
Personally I would be blameing the AV first, so many AV products have weird little issues with modern Windows due to legacy programming that they are still using behind the scenes.
6th April 2011, 11:49 AM #7
The AV is certainly worth a harder look. I am trying to access the wmi trace now
6th April 2011, 12:22 PM #8
The drivers are reasonably up to date, but not necessarily the latest (new at August, or updated from WSUS). None of our BIOSes have been updated and the AV is 8.7 (8.8 being the latest). All in all that paints a bleak picture for me in terms of ruling out these.
The WMI trace seems to be recording nothing.... any thoughts?
By bio in forum Windows Server 2008 R2
Last Post: 19th March 2012, 09:58 AM
By kennysarmy in forum Windows 7
Last Post: 28th February 2011, 02:42 PM
By zx2012 in forum Windows
Last Post: 26th May 2010, 06:29 PM
By SYSMAN_MK in forum Windows 7
Last Post: 4th September 2009, 01:48 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)