| All comments about winmgmt.exe: |
 Alex | Windows Management Service, contains the WMI repository |
 | it stops me loading up doalogue boxes, windows explorer, image preview etc. When I end task it terminates the process and loads up by itself about 2 minutes later |
| john smith 3rd | core file |
 afsar ali | when i login it's shown winmgmt.exe has generated error and you will be closed by windows and reapeated continueosly not able to appear desktop |
| alee | its a windows management file |
 joe shmo | As stated twice above, "winmgmt.exe has generated errors...". For me it also causes problems with the DNS on my PC. |
 | It makes everywindow i have show up wrong, and after ending the task, its starts back up right away |
| Bully | Thsi Program try to connect to the following IP "67.19.131.36" with that Name "36.67-19-131.reverse.theplanet.com" on Port "6667". I see it on my Firewall. I research that there are two Task running with the same Name but ist was a bit different. One is called "WinMgmt.exe" an the other is called "winmgmt.exe" The once with the uppercase m is the Systemtask that was explained from Alex. But the other one do that what I say above. |
| Aaron | standard win 2000 system file - could get infected bby a virus. rus a scan |
| | Again and again a dialogue box appears and says winmgmt.exe has caused some errors. the program will be restarted. What is that? I can't understand |
| Daniel | In my case, prevented Windows from shuting down, causing to abort the shut down process and keeping the system up. |
 Markay | its within system32, but in its own folder? |
| shadab | this is windows file. See also: Link |
| | part of win |
| hermannado@yahoo.de | bringt mir immer nur fehlermeldungen? |
| Rob | Without it system info will not work, MSINFO32.EXE is disabled, it is required if you want system info to work. Why it pops on, it is collecting info about the system. It can also be used to manage remotely on a network. It changed a lot since W95. |
| vincent | This file is safe if within windows\system32 if you have a problem with it try uninstalling recently installed programs because it can be launched automatically by windows if your application requests access to the WMI |
| Dennis | I installed the latest Sygate Firewall update and this file now shows up in Task Manager every time I boot. |
| overgrow.com | Just another one of the many holes in windows. I have win2k and it just sits there listening for connections on ports 2265 and up, no idea why. Anyone know how to plug it? |
| | I can't disable the exe file - it runs in the background and prevents my computer from completeing scan disk or disk defrag operations. |
| ali :oP | Every time i try to delete it, it reappears again 2 seconds later! |
| Slayer0420 | Eats a lot of memory &sometimes locks computer till i ctrl alt delete end task wimmgmt.exe then comp goes back to normal . Im wondering if its safe to remove |
| Rini | Was suddenly running in my system after installing 'Windows Install Clean Up', from the MicroSoftWebside. It slowed down process-speed dramatically. After removing it via regedit and a restart, all's ok. It seems I don't need WINMGMT.EXE in WIN98! |
| Bear | all i know is i downloaded microsoft antispyware and didnt validate my windows after install WinMgmt.exe is trying to connect to the internet, i believe this microsoft seeing if you have a cracked copy of windows. anyhow im not letting it access the internet. |
| Sindri | winmgmt.exe is a normal Windows process. winnmgnt.exe (notice the "gnt" instead of "gmt" at the end of the name) is a backdoor program an should be deleted See also: Link |
| c collier | when i login it's shown winmgmt.exe has generated error and you will be closed by windows and reapeated continueosly not able to appear desktop See also: Link |
| GlenMichael | seems part of Win, was causing mem leak in 98se machine, removed from registry seemingly without issue |
| The Minus One | It shows up in a Xoftspy scan as a worm. I looked it up in Google and it shows it as something created by sun java. Webm is the folder it is in, web business management or something like that. I am not sure weather or not to have Xoftspy remove it, going to ask my bro who woks at M. |
| jgs | the file is in system32\wbem and second of all it's also in dllcache dir, which means it's protected by wfp, which means it will get replaced when you try to delete it |
| | I know it run in Windows 2000. I also know that on my PC at work it takes up to 40% of the CPU time and makes the HDD churn endlessly, slowing down the system completely. |
| Tim 'gk^' Nilimaa | Depends on were it is. if its under %windir%/system32/ its okey. BUT if its anywere else - delete it! |
| dreamer-71 | My system runs fine when I don't see winmgmt in the task manager, very unstable with memory leaks when I do see it there. |
| Mohammed | it makes a warning window appear on my screan each couple seconds |
| kathi | seems to be same as above just pops up and says it has generated an error and i must close down the computer but when i do it doesn't change ... when i leave the computer on overnight it the message pop upquits popping up but I don't like leaving the computer on all night. |
| | Part of the W32 OS |
| walker | it make my memory full and I cant open any programe |
| micele9 | WBEMCNTL.exe aufrufen und restart abstellen |
| Magician | I found it in "C:\Windows\System\WBEM". I've got windows millenium. Is that normal? |
| Matt Chrismer | It causes a memory error, saying the memory could not be "read". |
| escudo | Some additional files seem associated with winmgmt.exe. There is an winmgmtr.dll. Also, these files are located in "SYSTEM" not "SYSTEM32" on my computer. SYSTEM32 appears to contain mostly drivers, and the ONLY .exe application in SYSTEM32 is regsvr32.exe. I'm running WinME on this computer. |
| bobbem | suddenly the winmgmt.exe process started using up 10% of CPU every two seconds or so. It would also access the hard disk every two seconds. Very annoying, but a reboot fixed it. |
| ConradThe2nd | Hogs up my System Resources, loads up at startup, its a pain having to close it every time with ALT CTRL DELETE then End Task. |
| Beverman | It keeps my PC nice and unstable. at least i think its the problem |
| [ARB1D3_[00L3R | HERE IT IS! All of you have seperately pieced together the "WinMgmt.exe" Microsoft blowhole. Yep, you won't find much on this thingie because it utilizes Java ( The Minus One ) to port your file system tree to a Microsoft server. This introduced the idea of the next Microsoft OS- codename LONGHORN. Download Jetico Personal ( my fave ) or any other firewall to interrupt traffic - and, yes, it is integrated into the os (2000) so that if it is removed, the os must reboot- retrieving the file from a *.cab( like a zip ) file on your hard drive. Delete the .cab file and imagine having to reload W2k. |
| Greg Fox | The file is used to generate management scripts, ostensibly by system admins. It appears some trojans/viruses can manipulate it, so if you see it loaded for no apparent reason, you have a problem. If you're not on a network or if you're running Win-9x, I'd personally rename the file to c:\windows\system\wbem\winmgmt.ex- ASAP then restore if you ever genuinely need it. Chances are it's helping viruses reinstall themselves "as if by magic". My money's on a CWS-variant using it to work its wonders. See also: Link |
| Greg Fox | This info relevant only to Win9x - my guess is that it's a piece of standard windows kit, not used in 9x, and some other purpose is being met using it. I would rename rather than delete, but again I stress only in 9x. Chances are a trojan IS using it to log/download/etc. but it would appear to be part of windows originally. Does not appear to cause any problems if you rename it (eg. to winmgmt.ex_) See also: Link |
| Matt G | Part of the core o\s. It often utilises high CPU. this is because of the WMI subsystem and slow I\O to the disk. Toi increase system performance, follow the link and do as suggested. Also, disable the Indexing Service. in addition, if you have an "on-Scan" virus checker, exclude the indexes from being scanned. See also: Link |
| Ben Whittaker | Microsoft monitoring activity, shut the process down then delete the corresponding files. No harm done. The files come from Windows Update or newer versions of Windows. System and System32 should be 'uncluttered' just like temp folder or recycle. |
| Regiside | It is the only thing running on my 98 right now and It keeps poping up ads Obviosly this is the copy version because I don't think the real one came out until XP or Mabye NT |
| BK | If It's not in your System32 folder get rid of it. Every instance I've seen this file Running or in the Startup it has been associated with the installation of a Trojan. |
| Ann | It pops up and makes me shut down the pc, what i've done was to shut it down from the task manager and take it out of the msconfig. It worked quite well. |
| Meepeek | It only started showing up in my processes very recently. Ever since it did, it makes the system run very slow. |
| linuxweb | Danke micele9 -- go to (win98) system\wbem and run wbemcntl.exe and turn off logging and check "Don't Restart" |
| Nigel. | Always shows in the CTRL+ALT+Del list when I have a problem and closing it often reso;ves the problem on ME. |
| -=DMC=- | naturally it´s system file and will disappear when you close the system management console. |
| G.E. | My system is getting slower when this horrible program is working. |
| | It caused my PC CPU to shoot up to 100%. System unusuable. |
| Abol | it come each 6 sec. of my memory and open a new site. |
| Martin Balchin | Stops scan disk from completing a scan. |
| sagar | it stoped my print file server |
| owen | windows sytems file See also: Link Link |
| d | there is a troyan which substitutes this file for it self process this may provide a lot of control of your pc by a hacker |
| Gazza | it runs for about 1 minute after i start windows 2000, whoring the CPU, last look there's two runing. fighting for CPU. |
| Cygoris | Like Dennis, it came after I installed Sygate Perso. Firewall V5.6 & this file now shows up in Task Manager every time I boot. ! |
| | Noton antivirus reports :unauthorized access attempt |
| Volker Becker | Systemfile |
| Leo | If you don't want WMI to restart, go to Services and disable Windows Management Instrumentation service. If you want instead to switch it to Manual, go to Recovery page and select Take no Action instead of Restart the Service. |
| charles opoggen | it opens up each time i log into my system, and after a little while my system starts rebooting, i have to repeatedly close up this error messagesevery other time and before i how it the system starts rebooting |
| JohnNY | Slows my sys waaay down. Hampered defrag. Going to investigate more. |
| kashif | pop up and unable to delete |
| Pc | I hate how can I get rid of it it prevents disk utilites and norton go back from iinstaliin |
| Me!! | It shutsdown my computer from time to time. In it's log I can see that the core was shutdown by it. |
| Greg | Winmgmt CPU utilization appears correlated to disk IO operations |
| DILIP | it is a windows file & this file give the error because if the virus is in pc |
| Rooza | i have ME as well and it appears in my c:/windows/system/Wbem folder, same as escudo. although mine appears to be called Winmgmt.exe, is it meant to have a capital w? or should i consider removing this as it may be allowing trojans to restore themselves? |
| Brad | To stop a restart, run cmd, and enter shutdown -a, aborting shutdown. The WMI file is used to keep programs with in the limit of your computers spec. |
| OIR | update latest defifnition & restart in safemode fully scanned plbm solved |
| Dale | This is part of WBEM Web-Based Enterprise Management (WBEM) is a set of management and Internet standard technologies developed to unify the management of distributed computing environments. WBEM provides the ability for the industry to deliver a well-integrated set of standard-based management tools, facilitating the exchange of data across otherwise disparate technologies and platforms |
| Nick | "A core component of client management. This process starts when the first client application connects, or when management applications request its services." "The original winmgmt.exe from Microsoft gets placed at C:WINDOWSSystem32winmgmt.exe . if you find it anywhere else then you should be suspicious for sure." See also: Link |
| David C | Have OS Microsoft Me. After adding Norton Internet Security I could not shut off winmgmt and it iterfered with defrag. Recently I downloaded "Connectivity tool" from Symantec and it entirely deleted winmgmt and everything seems to work just fine without it! |
| DELETE IT | I found it in: C:\WINNT\$NtServicePackUninstall$ ~~ C:\WINNT\ServicePackFiles\i386 ~~ and ~~ C:\WINNT\SYSTEM32\WBEM. It EATS up CPU time and doesn't appear to serve any useful purpose. |
| vanDivX | I installed VMware Player on one PC on LAN and soon after it was asking about IP of another PC and that PC's firewall poped up notice about winmgmt.exe which I allowed since I believe it is associated with the VMware Player program. |
| Erwin Moller | Beware of a trojan named winmgnt.exe (Mind the n instead of the m). It contains Hale. See also: Link |
| Chris | I have Sygate firewall and Winmgmt always loads at startup ever since installing the firewall. It eats up the cpu. |
| Tom Andrews | winmgmt.exe errors can be cleared from the repository folder, stop the service and then delete the winmgmt.cfg file, shut down your computer and then turn on...make sure it's a shut down instead of a reboot! |
| Nicholas | I found in Process Explorer that this file pops up after using Firefox for an extended period of time. When it does, CPU usage goes to 100% and commit charge skyrockets, rendering the system incredibly slow and unstable. After I terminated winmgmt.exe in Process Explorer, my system returns back to normal. |
| Neko | It's a core system file. Do not delete. Depending on the location of the file may determine whether or not it is a virus, etc... |
|
|
