Hello
The WMI process (WmiPrvSE.exe) is a legitimate part of Windows and stands for Windows Management Instrumentation Provider Service. It’s used by applications on your computer to request information about your system. This process is essential for the smooth operation of your system.
High CPU usage by the WMI process is usually a sign that another application is requesting data through WMI. This could be a temporary situation, for example, an application might be doing a system scan and using WMI to gather data.
However, if you’re consistently seeing high CPU usage from this process, it could indicate a problem. One common issue is that an application is making a large number of WMI queries. This could be due to a misbehaving application, or it could be a sign of a malware infection.
The Event ID 5858 with ResultCode 0x80041032 (WBEM_E_CALL_CANCELLED) indicates that the WMI caller has successfully issued IWbemServices:ExecQuery, but has released the IWbemContext object before retrieving the full result set using the IEnumWbemClassObject::Next method. This error can happen if the WMI application calls IEnumWbemClassObject::Next with a timeout value (lTimeout) that is not long enough to retrieve the object being queried, and is not checking for a return code of WBEM_S_TIMEDOUT (0x40004) in order to issue the request again.
To resolve this issue, the WMI client application should be modified to issue calls to IEnumWbemClassObject::Next to retrieve the full result set, before releasing the IWbemContext object. If no objects are received, make sure that the timeout value (lTimeout) is greater than 0 and that WBEM_S_TIMEDOUT (0x40004) is not being returned.
If you’re not sure which application is causing the high CPU usage, you can use the Event Viewer to find recent “Error” events and locate the process ID number. Then, use Task Manager to identify the process, and either end it or restart it.