What is wmiprvse.exe

Windows® Management Instrumentation (WMI) is a component of the Microsoft® Windows® operating system that provides management information and control in an enterprise environment. By using industry standards, managers can use WMI to query and set information on desktop systems, applications, networks and other enterprise components. Developers can use WMI to create event monitoring applications that alert users when important incidents occur. 

In earlier versions of Windows, providers were loaded in-process with the Windows Management service (WinMgmt.exe), running under the LocalSystem security account. Failure of a provider caused the entire WMI service to fail; the next request to WMI restarted the service.
Beginning with Windows XP, WMI resides in a shared service host with several other services. To avoid stopping all the services when a provider fails, providers are loaded into a separate host process named Wmiprvse.exe. Multiple instances of Wmiprvse.exe can run at the same time under different accounts: LocalSystem, NetworkService or LocalService. The WMI core WinMgmt.exe is loaded into the shared Local Service host named Svchost.exe.

Note: wmiprvsw.exe is the Sasser worm!

Note: The wmiprvse.exe file is located in the folder C:WINDOWSSystem32Wbem. In other cases, wmiprvse.exe is a virus, spyware, trojan or worm!