H
HcwS
Running Windows XP Home Edition V. 2002 with SP3
After a fresh boot recently, I began to notice that my CPU Usage was running
at or near 100% almost all the time. Lap top fan was always in high speed
mode.
Using Process Explorer I've been able to track the problem down to the
WMISVC.DLL running inside one of the svchost.exe instances.
To reproduce the problem and the temporary work-around, here is the
step-by-step instructions:
1. Perform a fresh boot-up.
2. Open Process Explorer. Locate the svchost.exe process with the highest
current CPU usage. It will also have a very high cumulative CPU Time and it
will have a very high Page Fault count, that is climbing ever higher each
second.
3. After clicking on the svchost.exe process to select it, do a right-click
on it and select the Properties option from the list. This will open the
Properties window for this process.
4. Click on the Performance Graph. You should observe that the CPU Usage
History is running at a very high level (greater than 60%) most of the time.
Normally this level should be in the 1% to 3% range.
5. Now click on the Services tab. Locate the service called WinMgmt
(Windows Management Instrumentation) having a path to
C:\WINDOWS\System32\wbem\WMIsvc.dll. Click on this service.
6. Next, click on the Pause button in the lower right corner. A pop-up
window will appear and show a progress bar as the system brings the service
to a stop. You can also check the Progress tab again and see how the CPU
Usage graph has fallen way back to a lower level.
7. After waiting for a few minutes, return to the Services tab, select the
WMIsvc.dll service again and now click on the Resume button. Again the
pop-up window will display the progress bar as the service is restarted.
8. Return to the Progress Graph. You will see that even after hours of
waiting the svchost.exe will remain as a very low level of CPU usage. In
fact this condition will remain in tack until the system is once again
re-booted.
QUESTION 1 - What is causing this service to "Run-Away" after a fresh boot?
My system has been very stable for a long time. Recently there was an
automated Windows update that came through and I installed a new printer from
HP.
QUESTION 2 - What logging can I turn on that might help pin down what is
going on here? I see there are several log files available in the
C:\WINDOWS\SYSTEM32\WBEM\Logs subdirectory. However, I'm not able to
interpret them enough to recognize what may be going wrong.
QUESTION 3 - How can I correct this so I do not have to manually do a
Pause-Resume after every boot-up?
Thanks.
After a fresh boot recently, I began to notice that my CPU Usage was running
at or near 100% almost all the time. Lap top fan was always in high speed
mode.
Using Process Explorer I've been able to track the problem down to the
WMISVC.DLL running inside one of the svchost.exe instances.
To reproduce the problem and the temporary work-around, here is the
step-by-step instructions:
1. Perform a fresh boot-up.
2. Open Process Explorer. Locate the svchost.exe process with the highest
current CPU usage. It will also have a very high cumulative CPU Time and it
will have a very high Page Fault count, that is climbing ever higher each
second.
3. After clicking on the svchost.exe process to select it, do a right-click
on it and select the Properties option from the list. This will open the
Properties window for this process.
4. Click on the Performance Graph. You should observe that the CPU Usage
History is running at a very high level (greater than 60%) most of the time.
Normally this level should be in the 1% to 3% range.
5. Now click on the Services tab. Locate the service called WinMgmt
(Windows Management Instrumentation) having a path to
C:\WINDOWS\System32\wbem\WMIsvc.dll. Click on this service.
6. Next, click on the Pause button in the lower right corner. A pop-up
window will appear and show a progress bar as the system brings the service
to a stop. You can also check the Progress tab again and see how the CPU
Usage graph has fallen way back to a lower level.
7. After waiting for a few minutes, return to the Services tab, select the
WMIsvc.dll service again and now click on the Resume button. Again the
pop-up window will display the progress bar as the service is restarted.
8. Return to the Progress Graph. You will see that even after hours of
waiting the svchost.exe will remain as a very low level of CPU usage. In
fact this condition will remain in tack until the system is once again
re-booted.
QUESTION 1 - What is causing this service to "Run-Away" after a fresh boot?
My system has been very stable for a long time. Recently there was an
automated Windows update that came through and I installed a new printer from
HP.
QUESTION 2 - What logging can I turn on that might help pin down what is
going on here? I see there are several log files available in the
C:\WINDOWS\SYSTEM32\WBEM\Logs subdirectory. However, I'm not able to
interpret them enough to recognize what may be going wrong.
QUESTION 3 - How can I correct this so I do not have to manually do a
Pause-Resume after every boot-up?
Thanks.