Skip to main content

What is dwm.exe And Why Is It Running?

 

What is dwm.exe And Why Is It Running? 

 

You are no doubt reading this article because you are wondering why this dwm.exe process
is taking more memory than you think it should, and you are curious what it does. Thankfully
for you, we have the answer.

So What Is It Anyway?

Desktop Window Manager (dwm.exe) is the compositing window manager that gives you all
those pretty effects in Windows Vista: Transparent windows, live taskbar thumbnails
(that you can resize now), and even the Flip3D switcher that you can disable and
replace with Switcher.





image
What happens in Vista is that applications write the picture of their window to a specific
place in memory, and then Windows creates one “composite” view of all the windows on the
screen before sending it to your monitor. Because Vista is keeping track of the contents
of each window, it can add effects when layering the windows such as the transparency we’re
all used to, as well as the live preview thumbnails.
The benefit to using this approach is that Windows Vista can utilize the hardware acceleration
features in your video card to create very smooth animations for minimizing and restoring,
and even for the transparent effects.

What about Memory Usage?

If you open up Task Manager, you can see the dwm.exe process in the list, typically
taking somewhere between 30-50MB of memory in my testing:

image

The size of the DWM process is controlled by the number of windows that you have open,
since each window requires a buffer in memory to store the contents of the window.
If you have a large number of very large windows open, DWM will use more memory.
The benefits of using a compositing window manager are worth that relatively small
amount of memory under most circumstances.

Does Switching to the Vista Basic Theme Turn it Off?

The short answer is no, just switching to the Vista Basic theme will not turn off DWM,
but it will reduce the memory usage a great deal.

image

How do you switch to Vista Basic? Just right-click on the desktop, choose Personalize,
and then Window Color and Appearance:

image

Click on classic appearance properties at the bottom:

image

Then choose Windows Vista Basic and click the Apply button:

image

Note that I’m not recommending switching to the Basic theme, just explaining how to do it.

So How Do I Turn dwm.exe Off Then?

Note that I don’t recommend turning this off unless you are playing games in 
fullscreen mode, and even then it likely won’t help increase speed.
The only way to get rid of the dwm.exe process is to stop the service from running.
Open up Services from Control Panel or the start menu, and then find the “Desktop
Window
Manager Session Manager” service in the list, and click the stop button.
Note that you will be switched to the Vista Basic theme when you click the button.

image

To permanently disable it, double click on the item and select Disabled from the “Startup type” drop-down:

image

If you want to use the command line instead, you can open an administrator mode command prompt and use one of these commands:
Command:


Stop Service net stop uxsms
Start Service net start uxsms
Disable Service sc config uxsms start= disabled
Enable Service sc config uxsms start= auto



By now you should understand what the process does… do you really still want to get rid of it?

Comments

Popular posts from this blog

Defacing Sites via HTML Injections (XSS)

Defacing Sites via HTML Injections Defacing Sites via HTML Injections What Is HTML Injection: "HTML Injection" is called as the Virtual Defacement Technique and also known as the "XSS" Cross Site Scripting. It is a very common vulnerability found when searched for most of the domains. This kind of a Vulnerability allows an "Attacker" to Inject some code into the applications affected in order to bypass access to the "Website" or to Infect any particular Page in that "Website". HTML injections = Cross Site Scripting, It is a Security Vulnerability in most of the sites, that allows an Attacker to Inject HTML Code into the Web Pages that are viewed by other users. XSS Attacks are essentially code injection attacks into the various interpreters in the browser. These attacks can be carried out using HTML, JavaScript, VBScript, ActiveX, Flash and other clinet side Languages. Well crafted Malicious Code can even hep the ...

EKS Cluster and Create CSI Driver to store credentials in AWS Secrets Manager via SecretProviderClass

EKS Cluster | CSI Driver | SecretProviderClass | AWS Secrets Manager Setup EKS Cluster and Manage Credentials at runtime using CSI driver using SecretProviderClass and Secrets Manager Assuming you have Configured/Installed AWS CLI, EKSCTL, KUBECTL, HELM. CSI Basic Information: CSI (Container Storage Interface) widely used as a Storage Technology. Created by Google | Mesosphere | Docker.  It has two two Plugins one runs on the Master Node (Centralized Controller Plugin) and another one on Worker Nodes (Decentralized headless Node Plugin).  CSI communication protocol is gRPC.   The communication between Container Orchestration to Controller Plugin (Master) and to Node Plugin (Worker Node) happens using gRPC .  CSI Drivers : vendor specific compiled into Kubernetes/openshift binaries. To use a CSI driver, a StorageClass needs to be assigned first.  The CSI driver is then set as the Provisioner for the Storage Class. CSI drivers provide three main service...

Linux Systems Performance/Observability (BPF (bpfcc-tools), BCC Tools

  Linux System Performance/Observability Tools Linux Systems Performance/Observability (BPF (bpfcc-tools), BCC Tools Assuming you have Linux Server in place and have the required BPF aka BCC related packages installed on the system(s) for the required Linux distribution. BPF(eBPF) aka BCC Tools (bpfcc-tools) : BPF, which originally stood for Berkley Packet Filter is the dynamic tracing tools for Linux Systems.  BPF initially used for the speeding up for the tcpdump expressions and since then it has been know as the extended Berkley packet Filter (eBPF).  Its new uses are Tracing Tools where it provides programmability for the BPF Compiler Collection (BCC) and bpftrace front ends .   Example: execsnoop, biosnoop etc is a BCC Tool. When facing production performance crisis these such list of tools comes handy to trace and fix the issue. However, it requires certain KERNEL level config options to be enabled such as CONFIG_FTRACE, CONFIG_BPF. Profiling tools typically re...