able/windows-nt
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
windows-nt/Source/XPSP1/NT/base/ntos/wmi/sample/wmifilt
History
..
filter.c
filter.h
filter.mof
filter.rc
inf.htm
makefile
makefile.inc
pnp.c
power.c
readme.htm
sources
util.c
wmifilt.htm
wmisamp.c

readme.htm 

<html xmlns:o="urn:schemas-microsoft-com:office:office"
xmlns:w="urn:schemas-microsoft-com:office:word"
xmlns="http://www.w3.org/TR/REC-html40">

<head>
<meta http-equiv=Content-Type content="text/html; charset=windows-1252">
<meta name=ProgId content=Word.Document>
<meta name=Generator content="Microsoft Word 9">
<meta name=Originator content="Microsoft Word 9">
<link rel=File-List href="./readme_files/filelist.xml">
<title>WMI Sample Filter Driver</title>
<!--[if gte mso 9]><xml>
 <o:DocumentProperties>
  <o:LastAuthor>Alan Warwick</o:LastAuthor>
  <o:Revision>5</o:Revision>
  <o:TotalTime>3</o:TotalTime>
  <o:Created>2001-02-09T22:28:00Z</o:Created>
  <o:LastSaved>2001-04-28T20:19:00Z</o:LastSaved>
  <o:Pages>1</o:Pages>
  <o:Words>212</o:Words>
  <o:Characters>1210</o:Characters>
  <o:Company>Microsoft Internal</o:Company>
  <o:Lines>10</o:Lines>
  <o:Paragraphs>2</o:Paragraphs>
  <o:CharactersWithSpaces>1485</o:CharactersWithSpaces>
  <o:Version>9.4119</o:Version>
 </o:DocumentProperties>
</xml><![endif]-->
<style>
<!--
 /* Font Definitions */
@font-face
	{font-family:"MS Mincho";
	panose-1:2 2 6 9 4 2 5 8 3 4;
	mso-font-alt:"\FF2D\FF33 \660E\671D";
	mso-font-charset:128;
	mso-generic-font-family:modern;
	mso-font-pitch:fixed;
	mso-font-signature:-1610612033 1757936891 16 0 131231 0;}
@font-face
	{font-family:"\@MS Mincho";
	panose-1:2 2 6 9 4 2 5 8 3 4;
	mso-font-charset:128;
	mso-generic-font-family:modern;
	mso-font-pitch:fixed;
	mso-font-signature:-1610612033 1757936891 16 0 131231 0;}
 /* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{mso-style-parent:"";
	margin:0in;
	margin-bottom:.0001pt;
	mso-pagination:widow-orphan;
	font-size:12.0pt;
	font-family:"Times New Roman";
	mso-fareast-font-family:"Times New Roman";}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
	{margin:0in;
	margin-bottom:.0001pt;
	mso-pagination:widow-orphan;
	font-size:10.0pt;
	font-family:"Courier New";
	mso-fareast-font-family:"Times New Roman";}
@page Section1
	{size:8.5in 11.0in;
	margin:1.0in 65.95pt 1.0in 65.95pt;
	mso-header-margin:.5in;
	mso-footer-margin:.5in;
	mso-paper-source:0;}
div.Section1
	{page:Section1;}
-->
</style>
</head>

<body lang=EN-US style='tab-interval:.5in'>

<div class=Section1>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>This
sample does not have a dedicated .inf file. The file inf.txt has information <o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>about
the inf sections that need to be modified to the inf to which this filter
driver <o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>is
attached.<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><![if !supportEmptyParas]>&nbsp;<![endif]><o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>If you
have trouble getting the perfmon counters to show up within sysmon<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>then
check the following<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><![if !supportEmptyParas]>&nbsp;<![endif]><o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>1. Use
Wbemtest.exe or generated vbs test scripts to query the class <o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><span
style="mso-spacerun: yes"><3E><> </span>and obtain instances with valid data.<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><![if !supportEmptyParas]>&nbsp;<![endif]><o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>2. The class
has the HiPerf and PerfDetail qualifiers <o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><![if !supportEmptyParas]>&nbsp;<![endif]><o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>3. Each
property is a uint32, uint64, sint32 or sint64. Each property has <o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><span
style="mso-spacerun: yes"><3E><> </span>a PerfDetail, DefaultScale and CounterType
qualifier.<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><![if !supportEmptyParas]>&nbsp;<![endif]><o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><![if !supportEmptyParas]>&nbsp;<![endif]><o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><![if !supportEmptyParas]>&nbsp;<![endif]><o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>If the
above steps do not help you may need to do the following:<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><![if !supportEmptyParas]>&nbsp;<![endif]><o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>1. Exit
sysmon and stop the wmiapsrv service by typing &quot;net stop wmiapsrv&quot;<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><![if !supportEmptyParas]>&nbsp;<![endif]><o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>2. Go
into the registry and delete the value <o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><span
style="mso-spacerun: yes"><3E><>
</span>HKEY_LOCAL_MACHINE\Software\Microsoft\WBEM\Providers\Performance\Performance
Data<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><![if !supportEmptyParas]>&nbsp;<![endif]><o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>3.
Restart the wmiapsrv service by typing &quot;net start wmiapsrv&quot;<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><![if !supportEmptyParas]>&nbsp;<![endif]><o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>4. The
above registry value should be repopulated with data that includes<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><span
style="mso-spacerun: yes"><3E><> </span>the text of you class name and properties.<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><![if !supportEmptyParas]>&nbsp;<![endif]><o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>The
first time you click the add counters button in sysmon you will not see <o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>the WMI
counters in the list. At this point you should open task manager<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>(by
running taskmgr.exe) and wait until the winmgmt.exe process returns to<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>0% cpu
utilization. Now click the add counters button again and you will<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>see the
WMI counters in the list.<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><![if !supportEmptyParas]>&nbsp;<![endif]><o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>Also be
aware that you should not start any drivers containing binary mofs<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>or use
mofcomp.exe to compile in any mofs with WMI perfcounters while<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'>sysmon
is running.<o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><![if !supportEmptyParas]>&nbsp;<![endif]><o:p></o:p></span></p>

<p class=MsoPlainText><span style='mso-fareast-font-family:"MS Mincho"'><![if !supportEmptyParas]>&nbsp;<![endif]><o:p></o:p></span></p>

</div>

</body>

</html>