VersionsVersions

6.3.9600.16384 (winblue_rtm.130821-1623) 2.26%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.10%
6.3.9600.16384 (winblue_rtm.130821-1623) 1.85%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.04%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.10%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.10%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.02%
6.2.9200.16518 (win8_gdr.130201-1704) 0.18%
6.2.9200.16398 (win8_gdr_oobssr.120820-1900) 0.14%
6.2.9200.16398 (win8_gdr_oobssr.120820-1900) 0.70%
6.2.9200.16398 (win8_gdr_oobssr.120820-1900) 0.80%
6.2.9200.16398 (win8_gdr_oobssr.120820-1900) 0.14%
6.2.9200.16384 (win8_rtm.120725-1247) 0.72%
6.2.9200.16384 (win8_rtm.120725-1247) 7.08%
6.2.9200.16384 (win8_rtm.120725-1247) 1.05%
6.2.9200.16384 (win8_rtm.120725-1247) 6.03%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.02%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.02%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.04%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.04%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.02%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.02%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.04%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.04%
6.1.7601.17514 (win7sp1_rtm.101119-1850) 17.52%
6.1.7601.17514 (win7sp1_rtm.101119-1850) 8.47%
6.1.7600.16385 (win7_rtm.090713-1255) 2.44%
6.1.7600.16385 (win7_rtm.090713-1255) 1.70%
6.1.7600.16385 (win7_rtm.090713-1255) 0.02%
6.1.7600.16385 (win7_rtm.090713-1255) 10.61%
6.1.7600.16385 (win7_rtm.090713-1255) 18.28%
6.1.7600.16385 (win7_rtm.090713-1255) 0.02%
6.1.7600.16385 (win7_rtm.090713-1255) 0.02%
6.0.6002.18005 (lh_sp2rtm.090410-1830) 2.56%
6.0.6002.18005 (lh_sp2rtm.090410-1830) 0.68%
6.0.6001.18226 (vistasp1_gdr.090302-1506) 0.02%
6.0.6001.18226 (vistasp1_gdr.090302-1506) 0.18%
6.0.6000.16830 (vista_gdr.090302-1506) 0.10%
6.0.6000.16386 (vista_rtm.061101-2205) 0.02%
6.0.6000.16386 (vista_rtm.061101-2205) 2.89%
6.0.6000.16386 (vista_rtm.061101-2205) 0.02%
6.0.6000.16386 (vista_rtm.061101-2205) 0.18%
6.0.6000.16386 (vista_rtm.061101-2205) 0.64%
6.0.6000.16386 (vista_rtm.061101-2205) 0.18%
5.2.3790.4455 (srv03_sp2_gdr.090203-1205) 0.02%
5.2.3790.4455 (srv03_sp2_gdr.090203-1205) 0.02%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.02%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.02%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.04%
5.1.2600.5755 (xpsp_sp3_qfe.090206-1316) 0.43%
View more

Relationships

Wmiprvse.exe

WMI Provider Host by Microsoft

Remove Wmiprvse.exe
This is a Windows system installed file with Windows File Protection (WFP) enabled.
Warning 3 antivirus scanners has detected malware in various versions of Wmiprvse.exe.

Overview

wmiprvse.exe has 80 known versions, the most recent one is 6.3.9600.16384 (winblue_rtm.130821-1623). wmiprvse.exe is run as a standard windows process with NETWORK SERVICE privileges. The average file size is about 214.63 KB. During the process's lifecycle, the typical CPU resource utilization is less than 0.01%, the average private memory consumption is about 12.14 MB with the maximum memory reaching around 14.39 MB. Addionally, typically read and write I/O disk operations is about 3.72 KB per minute for reads and 122 Bytes per minute for writes.

What is wmiprvse.exe?

WMI provides a uniform interface for any local or remote applications or scripts that obtain management data from a computer system, a network, or an enterprise. The uniform interface is designed such that WMI client applications and scripts do not have to call a wide variety of operating system application programming interfaces (APIs). Many APIs cannot be called by automation clients like scripts or Visual Basic applications. Other APIs do not make calls to remote computers.

About wmiprvse.exe (from Microsoft)

Windows Management Instrumentation (WMI) is the infrastructure for management data and operations on Windows-based operating systems. You can write WMI scripts or applications to automate administrati

DetailsDetails
File name:wmiprvse.exe
Publisher:Microsoft Corporation
Product name:WMI Provider Host
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\wbem\wmiprvse.exe

MalwareMalware detections

Based on 40+ industry antivirus scanners, 3 of them detected the following malware.
Antivirus engineEngine versionDetectionFile version
Clam AntiVirus 0.97.3.0 Win.Trojan.Agent-267095 6.1.7600.16385 (win7_rtm.090713-1255)
McAfee Gateway Anti-Malware v6.8.5-dat Heuristic.LooksLike.Win32.Xorala.H 5.1.2600.5512 (xpsp.080413-2108)
McAfee Gateway Anti-Malware v6.8.5-dat Heuristic.LooksLike.Win32.Xorala.H 5.1.2600.3300 (xpsp.080125-2027)

VersionsAll file variations of wmiprvse.exe

MD5SHA-1File size
ce6d08350d0a1278e9a97d94023d1800 5a4c0e82ff95c9fb762d46a696ef9f1b68001c21 467 KB
6f3fcf9543f9a38bdb359f83752f4945 0e701075b3864f1c50c46c862d038d39d459ad6b 366 KB
7afac828f52d62f304a911ec32f42eee 1ea2c3871a77368fd61dfa8d8c32b455048043e5 190.5 KB
57d8ce143395c99e185ea7d753f5c04f 50f815045bc935863f685c59b87e323012d4712c 137.5 KB
cd62901d0268803024260c60a8c53e7b 8427b62db5b0cfd572828b3f8a2180349cfb8094 465 KB
9061768888649a8fd65b2a7afc5ce355 9e66caa37fc8b53065911a47da5b451c2ab5965a 190.5 KB
3ddd0dc3e4c5edbc35ab3ff3daf2e677 8a617b9149478e1aebccfbbbdfa3a147d2333b17 137.5 KB
2bf54e692fc1292d182ed056faf8bea0 5ba8f9cfce00b82fecb7b82192f17b86034f0956 367 KB
1951c6f1e53079f6b29ecff77eaf9403 82ad7b602b1c17932234dea891fc8b61705fd0ba 321 KB
241cbd0f099f3d68892d19879e53722d 78e41b0fb9b537946692e3b7b1c5b224b72a9fb6 422 KB
4df841632b62a7cf19a79a05046a8ab1 e5db2debac1fa13990ca1920076e885d0c53f64f 190 KB
a1bca34f741d285e8a7cd3f3e734bbbd d4f7e75d1a0ca1b8ef5d74bfd1331d470557ee48 136.5 KB
32ef70e71bb451eeb23f18294d8027e7 386aedebc1c3bf30f7139699dcd7577a1df56064 367 KB
3a4de678e4e709c0794da57c198aa7e3 03d226e18a0a0ce06857edc2e83445a705cb7eb8 468 KB
8899bed47fe375ee665ad1821598e471 92238593096b67f6081431d183466d762dc26c69 139 KB
d113499052c5e541906b727779f0f959 5c6fbbcf168adf89ed3090e1108aee0fab5088e7 193.5 KB
569fad2f38003d4a5a80f04ae16ad74d ec63ae9f2d7f138e11909dc4905055f6546cf8b2 367.5 KB
de4c02870b048e921c0613e6e3e65578 0bb81f214caf1339136eb882d8f0bc3c0c0b9585 469.5 KB
210874b65eb2d8643f46ebdf3146361a ba7d2450febe3cda073ef422f3dd26cb27dd82f3 194.5 KB
8873c2bd271e7a694e4bdc0bfb6b065b d7aa7064df3f8710d1a9c73c53edf7d4a653284b 140 KB
5916fc8ef917b7d4ad8019700c91e5f4 fcc368cb1b8c26de5fc2e2287c1e547b511d2b30 315.5 KB
f959a89f21a81fe3b9c876f010433c50 3396416ab0513bbbdf78f0747bd730b422345a40 136.5 KB
ba48081620c351f25396333996e5e279 5d3dc6897568ca0d7e8175b1c54c936a93c2dc40 299.5 KB
45283fa15203f56c0ce47042e9416113 47f517025bb0b44ebb1358d7b569bd253eea12a2 136 KB
619a67c9f617b7e69315bb28ecd5e1df 9f5a4796b58d8b104a1c0f5a63daf0032b947966 364 KB
4fb491ac8d46aaf22ba8bc5c73dabef7 8bf1819659b79d10121294f37f7d9cf7d95559c1 251.5 KB
203c3380a744ca5b9b1a9caeb57f7d57 cc9550792d5ef0711b92923b762db1ad40ca6065 249 KB
64d757051b5b273e55c93e4503ea4f3e 3ec7f0524eba6759e5f74771bb7f48eba4d119bb 360 KB
816f4e93802aff679a4f9b7fac835be4 79bb43bec743861064d2a38318507cbf3706234b 268.5 KB
6eb6b66517b048d87dc1856ddf1f4c3f 025f357a349de2356e759fa7408a7097d65a4cdf 133 KB
38b84c94c5a8af291adfea478ae54f93 858ac7b85f44b29b16cbbac3a26f78790eb4270c 198.5 KB
6d830f160c1fd0ab3618614cd29e310b 2d0e8e989df923957717b8c4a1dc1dc553c6efbd 152.5 KB
ed683eb348f31093987c5f0554bc321b a686e5ef923e1ef6bb30783cbf8aaedf9dbef431 198.5 KB
9495fcc01d7ab7b60e5b8ba7aefe9e3d 19bcbe0f19696d02155815d1f81c85975ad7ae5b 241.5 KB
e97b6931b5629d7e9f6ee29a68fd6123 20b91fc6641830878be6ccdc0e7ce696a803bcd0 343.5 KB
3b5ec9ccbfabe17656f394c5b9d7a617 76a6e6e1a85ca6df5be0a7afa31e0b7646a97a8d 343.5 KB
a859852dea22d60295a69b8bf92928f1 47978bb56e69d19fc4d3c2a6f16628ea5a603ae8 241.5 KB
8339e480b3d4740404d8ee50d415935b 864565b5ef80d53d165a55775f7587d28f46b8dd 241.5 KB
cd8a7f4847dd181903e6b2f1924e723e 7c0182eb81364930db86c8858abf0f5dd7f8e674 239.5 KB
43be3875207dcb62a85c8c49970b66cc d92b8903dc00a0132c09fa0a8b5c214d45d98756 134.5 KB
d303322dd577c3deda1251ed2e7a496c 577146cb2d9cba2e34de82b33ff6593427026ede 205 KB
a279323bee5fffafda222910bce92132 85e73a088f10af1aa59607907fa4b3b62ac2bbc9 134 KB
21fa389e65a852698b6a1341f36ee02d e89cf1d2f12de49ab435567d813034dbbd01c7b4 205 KB
aba4cf9f856d9a3a25f4ddd7690a6e9d 384835a1ece4e4fce6637d94e2da88f237116c5e 134.5 KB
332124357850eb5429e41fa85c82af0f b11143753a0e1676e352fd247ae6f46ab1eb00d1 212.5 KB
418b57e44edd1659b3fd9402326fdf9f 7ca4320fd48fba366446234c46198defdb8447ed 393.5 KB
0f07673689e9fe6224151d8432dd2898 f42f09abb8398b30923c683cfef8be3d7b1ce9d9 392 KB
796d30c693f7b8a717499a9abeb3af39 018c5a94dff654f78595e4ec8dc5bf1bb7798ace 124.5 KB
56980be8b5a6861b5d9175eaba8ac7dc f8af8cd7a877e69d6bbe3f9c526d544513eb541e 218 KB
f520ab392d58c0a1070268032d809382 236d6a757d8b2c4c9611d0234db4d3d745a9c9b1 222.5 KB
798a9e6828997eef4517ada8a2259831 f36ce7091903b73a6905460069877ddc209ad2e7 222.5 KB

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 35.50%
Windows 8.1 16.75%
Windows 7 Ultimate 11.75%
Windows 8 6.75%
Windows 8.1 Pro 5.75%
Windows 7 Professional 4.50%
Windows 8 Single Language 3.50%
Windows 8.1 Single Language 2.50%
Windows 7 Home Basic 2.50%
Windows 8 Pro 2.50%
Windows Vista Home Premium 1.75%
Windows 8.1 Pro with Media Center 1.25%
Windows 8.1 Enterprise 1.25%
Windows 8 Enterprise 0.75%
Windows 8.1 Pro Preview 0.75%
Windows 7 Enterprise 0.50%
Windows 8.1 N 0.25%
Windows Seven Black Edition 0.25%
Windows 8.1 Enterprise Evaluation 0.25%
Windows Developer Preview 0.25%
Windows 8 Enterprise Evaluation 0.25%
23 other Windows OS version

Distribution by countryDistribution by country

United States installs about 44.86% of WMI Provider Host.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 20.38%
Hewlett-Packard 18.68%
ASUS 15.09%
Acer 12.08%
Toshiba 10.57%
Lenovo 8.68%
Sony 6.04%
GIGABYTE 2.83%
Samsung 2.08%
Alienware 1.13%
MSI 1.13%
Sahara 0.57%
Intel 0.38%
Medion 0.38%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE