進程名稱: Microsoft Windows Management Instrumentation
描述:
wmiprvse.exe是微軟Windows操作系統的壹部分。用於通過WinMgmt.exe程序處理WMI操作。這個程序對妳系統的正常運行是非常重要的。
出品者: Microsoft
屬於: Microsoft Windows Operating System
系統進程: 是
後臺程序: 是
使用網絡: 否
硬件相關: 否
常見錯誤: 未知N/A
內存使用: 未知N/A
安全等級 (0-5): 0
間諜軟件: 否
Adware: 否
病毒: 否
木馬: 否
Windows? Management Instrumentation (WMI) is a component of the Microsoft? Windows? operating system that provides management information and control in an enterprise environment. By using industry standards, managers can use WMI to query and set information on desktop systems, applications, networks, and other enterprise components. Developers can use WMI to create event monitoring applications that alert users when important incidents occur.
In earlier versions of Windows, providers were loaded in-process with the Windows Management service (WinMgmt.exe), running under the LocalSystem security account. Failure of a provider caused the entire WMI service to fail. The next request to WMI restarted the service.
Beginning with Windows XP, WMI resides in a shared service host with several other services. To avoid stopping all the services when a provider fails, providers are loaded into a separate host process named Wmiprvse.exe. Multiple instances of Wmiprvse.exe can run at the same time under different accounts: LocalSystem, NetworkService, or LocalService. The WMI core WinMgmt.exe is loaded into the shared Local Service host named Svchost.exe.
Note: wmiprvsw.exe is the Sasser worm!
Note: The wmiprvse.exe file is located in the C:\WINDOWS\System32\Wbem folder. In other cases, wmiprvse.exe is a virus, spyware, trojan or worm! Check this with Security Task Manager.
Virus with same name:
W32/Sonebot-B - sophos.com
ntsd殺不死的進程(分大小寫):WMIPRVSE.EXE
文件位置:
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\dllcache\wmiprvse.exe
以下是翻譯:
Windows? 管理儀器工作(WMI) 是Microsoft? 的組分; Windows? 提供管理信息和控制在企業環境裏的操作系統。由使用業界標準, 經理能使用WMI 詢問和設置信息關於桌面系統、應用、網絡, 和其它企業組分。開發商可能使用WMI 創造事件機敏的用戶的監視應用當重要事件發生。
在窗口的更加早期的版本, 提供者是被裝載的在過程以窗口管理服務(WinMgmt.exe), 運行在LocalSystem 證券帳戶之下。提供者的失敗導致整個WMI 服務失敗。下個請求對WMI 重新開始了服務。
開始從Windows XP, WMI 居住在壹個***有的服務主人以幾其它服務。避免停止所有服務當提供者失敗, 提供者被裝載入壹個分開的主人過程被命名Wmiprvse.exe 。Wmiprvse.exe 多個事例可能同時運行在不同的帳戶之下: LocalSystem 、NetworkService, 或LocalService 。WMI 核心WinMgmt.exe 被裝載入***有的地方服務主人被命名Svchost.exe 。
註: wmiprvsw.exe 是Sasser 蠕蟲!
註: wmiprvse.exe 文件尋找,正常的因該在C:\WINDOWS\System32\Wbem 文件夾。如果在其它文件, wmiprvse.exe 就是病毒、spyware 、特洛伊人或蠕蟲! 檢查這與安全任務經理。
參考資料: