Microsoft Windows Experts

How to find which process initiated a wmiprvse.exe October 6, 2011

Filed under: WMI — helpforsure @ 11:54 pm
Tags: , , , ,

In many cases we have noticed issues with Wmiprvse.exe. the issue could be anything- from CPU spike to high memory consumption. The main problem in such cases is to find out the process that initiated the wmiprvse.exe, taking a dump of the concerned wmiprvse.exe process will also not help.

The best way to figure out this process is as under.

Go to Start -Run – Wbemtest

connect to root\cimv2 namespace and launch the following Query

select * from msft_providers where HostProcessIdentifier = PID

where PID is the process Id of the wmiprvse.exe.


4 Responses to “How to find which process initiated a wmiprvse.exe”

  1. tamahome Says:

    Which field returned is the process id of the client making the original wmi query?

  2. helpforsure Says:

    I didn’t understand your question. However, this query would simply return WMI provider name for that remote or local Wmiprvse.exe process.

  3. tam Says:

    Then how do you find the process which initiated the wmiprvse?

  4. marvin Says:

    I once had a problem identifying this process… thanks for sharing.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s