Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 1.47%
5.2.3790.1830 (srv03_sp1_rtm.050324-1447) 1.47%
5.2.3790.1230 built by: DNSRV(bld4act) 45.59%
5.2.3790.1230 built by: DNSRV(bld4act) 1.47%
5.2.3790.1230 built by: dnsrv(bld4act) 41.18%
5.2.3790.1230 built by: dnsrv(bld4act) 4.41%
5.2.3790.1230 built by: dnsrv(bld4act) 1.47%
5.1.2600.2180 (private/xpsp_mce.040810-0205) 2.94%

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegQueryValueExW, RegCloseKey, RegOpenKeyExW, RegOpenKeyW, StopTraceW, EnableTrace, StartTraceW, ControlTraceW, RegSetValueExW, RegCreateKeyExW, ConvertStringSecurityDescriptorToSecurityDescriptorW, GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, RegisterTraceGuidsW, UnregisterTraceGuids, StartServiceCtrlDispatcherW, SetServiceStatus, RegisterServiceCtrlHandlerExW, GetTokenInformation, OpenThreadToken, LookupAccountSidW, CreateWellKnownSid, TraceMessage
kernel32.dll
ResetEvent, LocalFree, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, CreateTimerQueueTimer, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, CreateTimerQueue, CreateThread, QueueUserAPC, WaitForSingleObjectEx, GetCurrentThread, lstrcmpiW, DeleteTimerQueueEx, GetSystemDirectoryW, SearchPathW, SleepEx, DeleteTimerQueueTimer, ExpandEnvironmentStringsW, InterlockedDecrement, CloseHandle, WaitForSingleObject, TerminateProcess, CreateProcessW, GetLastError, Sleep, InterlockedIncrement, SetEvent, CreateEventW, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, EnterCriticalSection, LeaveCriticalSection, GetSystemTimeAsFileTime, GetModuleHandleA
msvcrt.dll
DllMain
rpcrt4.dll
RpcStringBindingComposeW, RpcBindingFromStringBindingW, RpcBindingSetAuthInfoExW, RpcServerUseProtseqEpW, RpcServerRegisterIfEx, RpcServerListen, RpcBindingFree, RpcImpersonateClient, RpcRevertToSelf, RpcServerUnregisterIf, RpcMgmtStopServerListening, RpcMgmtWaitServerListen, RpcBindingToStringBindingW, RpcStringBindingParseW, RpcServerInqCallAttributesW, UuidFromStringW, RpcAsyncCompleteCall, RpcAsyncInitializeHandle, RpcStringFreeW, NdrServerCall2, NdrClientCall2, NdrAsyncClientCall, UuidToStringW, UuidCreate
secur32.dll
GetUserNameExW
setupapi.dll
SetupDiEnumDeviceInterfaces, SetupDiGetClassDevsExW, SetupDiOpenDeviceInterfaceW, SetupDiGetDeviceInterfaceDetailW, SetupDiOpenDevRegKey, SetupDiDestroyDeviceInfoList, SetupDiCreateDeviceInfoList
user32.dll
UnregisterDeviceNotification, RegisterDeviceNotificationW

WdfMgr.exe

Windows User Mode Driver Manager by Microsoft

Remove WdfMgr.exe
Version:   5.2.3790.1230 built by: DNSRV(bld4act)
MD5:   49501c6be752d5043ada8667ac774f7a
SHA1:   ebeb5be8b8ddf2e47fbced67c4ab8f4d721c611c
SHA256:   11be764ab283e053e5c85efd62ee302437a1ab4da6e6ea44650c262b525cc119

What is WdfMgr.exe?

The Windows User Mode Driver Framework service is a driver component that is used by Windows Media Player 10. The Windows User Mode Driver Framework service supports synchronization of content with hardware players.

Overview

wdfmgr.exe runs as a service under the name UMWdf (SYSTEM\CurrentControlSet\Services\UMWdf) with extensive SYSTEM privileges (full administrator access). and is compiled as a 32 bit program.

DetailsDetails

File name:wdfmgr.exe
Publisher:Microsoft Corporation
Product name:Windows User Mode Driver Manager
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\wdfmgr.exe
File version:5.2.3790.1230 built by: DNSRV(bld4act)
Product version:5.2.3790.1230
Size:38 KB (38,912 bytes)
Digital DNA
PE subsystem:Windows Console
Entropy:6.072843
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • 'UMWdf'

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00001167%
0.028634%
User CPU:0.00001167%
0.014873%
Memory
Private memory:1.48 MB
21.59 MB
Private (maximum):1.53 MB
Private (minimum):60 KB
Non-paged memory:1.48 MB
21.59 MB
Virtual memory:14.45 MB
140.96 MB
Virtual memory (peak):14.95 MB
169.69 MB
Working set:68 KB
18.61 MB
Working set (peak):1.53 MB
37.95 MB
Resource allocations
Threads:4
12
Handles:67
600
GUI GDI count:4
103

BehaviorsProcess properties

Integrety level:Undefined
Platform:32-bit
Command line:C:\Windows\System32\wdfmgr.exe
Owner:SYSTEM
Windows Service
Service name:SYSTEM\CurrentControlSet\Services\UMWdf
Display name:UMWdf
Description:“Enables Windows user mode drivers.”
Type:Win32OwnProcess
Parent process:services.exe (by Microsoft)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Microsoft Windows XP 80.88%
Windows XP Home Edition 13.24%
Microsoft Windows XP Home Edition 2.94%
Windows XP Professional 1.47%
Windows Server 2003, Standard Edition 1.47%

Distribution by countryDistribution by country

United States installs about 16.33% of Windows User Mode Driver Manager.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 42.55%
Toshiba 17.02%
American Megatrends 12.77%
Lenovo 8.51%
Intel 8.51%
ASUS 4.26%
Sahara 4.26%
GIGABYTE 2.13%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE