Windows 10: WMI process used as a gateway for hackers ??

So I understand that the process “sink to receive asynchronous callbacks for WMI client application” is default on Windows 10, and that the WMI thing is also apart of Microsoft, but theoretically speaking, if somebody downloaded something sketchy off the internet, could somebody else use that WMI process, or the other mentioned process, as a gateway into your system ? Long story short, I downloaded something dumb the other night, and immediately after, I tried to log into my google account and it logged me out and gave me security threat notifications and I had to change my passwords and do vi

:)

 

developer mode making wmi provider host use high cpu

Hi,



Thank you for writing to Microsoft Community Forums.



We understand your concern as you the WMI provider host use high CPU of the PC. Usually, WMI Host Provider doesn’t use much usage of the CPU. It will use the CPU when any software or script that asks for some information via WMI. High usage of the
CPU is just the sign that another software is seeking for some information or requesting any data via WMI.



However, the high usage of the CPU for a long time for WMI is an indication that something is wrong because WMI Provider Host doesn’t occupy the resources of the CPU for a long time.



In this scenario, we would suggest you to perform these methods and check if the issue is fixed.



Method 1: Restart the WMI Provider Host Service

1. Press Windows key + R to launch the
   Run command, then type Services.msc and press the
   Ok.
   
2. Scroll down all the services and find
   Windows Management Instrumentation and then Right click on it and select
   Properties.
   
3. Set the startup type to Automatic and then restart the service.

Method 2: Restart other WMI provider Host related Services

1. Click on Start Menu and type CMD, right click on
   CMD icon and select Run as administrator.
   
2. In the Command Prompt Window type the following command and press
   Enter after each command.
   

• net stop iphlpsvc
  
• net stop wscsvc
  
• net stop Winmgmt
  
• net start Winmgmt
  
• net start wscsvc
  
• net start iphlpsvc
  

3. Restart your computer and check if the WMI provider Host having high CPU usage



Method 3: Uninstall the Components and Drivers that causes the Problem

1. Press Windows + XKey and select
   Event Viewer.
   
2. Click on the View Button that appears on the top of the Menu and then click on
   Show Analytic and Debug Logs.
   
3. On the left pane, navigate to this path Applications and Service Logs > Microsoft > Windows > WMI Activity > Operational log. Now Mark or Note down the Item that listed as an
   Error
   
4. Now press the Windows Logo Key +
   X simultaneously, then select Task Manager.
   
5. Now, click on the Service tab and Find the processes with the Matching IDs as seen in
   Event Viewer in the column of PID when You Locate or Find these Process then
   Uninstall or Disable those service.
   
6. Restart the PC and check

You may also refer this article and check if that helps to fix the issue:
High CPU usage by WMIPRVSE.EXE process at regular intervals in Windows



Note: Important this section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify
the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs.

Follow the steps to take
backup of registry.




Let us know how it goes.



Aditya Roy

Microsoft Community – Moderator

 

WMI Provider Host - Windows 10

Hi,



Thank you for writing to Microsoft Community Forums.



We understand your concern as you the WMI provider host use high CPU of the PC. Usually, WMI Host Provider doesn’t use much usage of the CPU. It will use the CPU when any software or script that asks for some information via WMI. High usage of the
CPU is just the sign that another software is seeking for some information or requesting any data via WMI.



However, the high usage of the CPU for a long time for WMI is an indication that something is wrong because WMI Provider Host doesn’t occupy the resources of the CPU for a long time.



In this scenario, we would suggest you to perform these methods and check if the issue is fixed.



Method 1: Restart the WMI Provider Host Service

1. Press Windows key + R to launch the
   Run command, then type Services.msc and press the
   Ok.
   
2. Scroll down all the services and find
   Windows Management Instrumentation and then Right click on it and select
   Properties.
   
3. Set the startup type to Automatic and then restart the service.

Method 2: Restart other WMI provider Host related Services

1. Click on Start Menu and type CMD, right click on
   CMD icon and select Run as administrator.
   
2. In the Command Prompt Window type the following command and press
   Enter after each command.
   

• net stop iphlpsvc
  
• net stop wscsvc
  
• net stop Winmgmt
  
• net start Winmgmt
  
• net start wscsvc
  
• net start iphlpsvc
  

3. Restart your computer and check if the WMI provider Host having high CPU usage



Method 3: Uninstall the Components and Drivers that causes the Problem

1. Press Windows + XKey and select
   Event Viewer.
   
2. Click on the View Button that appears on the top of the Menu and then click on
   Show Analytic and Debug Logs.
   
3. On the left pane, navigate to this path Applications and Service Logs > Microsoft > Windows > WMI Activity > Operational log. Now Mark or Note down the Item that listed as an
   Error
   
4. Now press the Windows Logo Key +
   X simultaneously, then select Task Manager.
   
5. Now, click on the Service tab and Find the processes with the Matching IDs as seen in
   Event Viewer in the column of PID when You Locate or Find these Process then
   Uninstall or Disable those service.
   
6. Restart the PC and check

You may also refer this article and check if that helps to fix the issue:
High CPU usage by WMIPRVSE.EXE process at regular intervals in Windows



Note: Important this section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify
the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs.

Follow the steps to take
backup of registry.




Let us know how it goes.



Aditya Roy

Microsoft Community – Moderator

 

Boot Process

Hi,

Please suggest me a link that can explain the boot process step by step of ...

• Windows 7,
• Windows 8.1,
• Windows 10,
• Windows Server 2008 R2 and
• Windows Server 2012 R2

With Regards

InTech