Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.0.6000.16386 (vista_rtm.061101-2205) 71.43%
6.0.6000.16386 (vista_rtm.061101-2205) 14.29%
6.0.6000.16386 (vista_rtm.061101-2205) 14.29%
(Note, Microsoft publishes each variation of this file with the same version, but the hashes are unique.)

Relationships

Parent process
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, RegisterTraceGuidsW, UnregisterTraceGuids, ControlTraceW, ConvertStringSecurityDescriptorToSecurityDescriptorW, RegCloseKey, StartTraceW, CloseTrace, EnableTrace, LookupPrivilegeValueW, AdjustTokenPrivileges, GetSecurityDescriptorDacl, InitializeSecurityDescriptor, AllocateAndInitializeSid, SetEntriesInAclW, SetSecurityDescriptorDacl, FreeSid, TraceMessage, RegCreateKeyExW, RegSetValueExW, RegOpenKeyExW, RegQueryValueExW, OpenProcessToken
gdi32.dll
GetStockObject
kernel32.dll
SetErrorMode, ExpandEnvironmentStringsW, GlobalHandle, FindFirstVolumeMountPointW, FindNextVolumeMountPointW, GetVolumeInformationW, lstrcmpW, GetDriveTypeW, GetVolumeNameForVolumeMountPointW, SystemTimeToFileTime, GetDateFormatW, GetTimeFormatW, ReleaseMutex, GetFileSize, ReadFile, FlushFileBuffers, GetFileInformationByHandle, CompareStringW, DeviceIoControl, GlobalReAlloc, InterlockedDecrement, InterlockedIncrement, LoadLibraryW, GetSystemPowerStatus, CreateThread, GetCommandLineW, HeapSetInformation, GlobalMemoryStatus, CreateEventW, GetVersionExW, CloseHandle, GetSystemWindowsDirectoryW, MoveFileExW, GetFileAttributesW, DeleteFileW, CreateDirectoryW, LocalFree, GetLastError, HeapFree, GetProcessHeap, HeapAlloc, SetLastError, FindVolumeMountPointClose, InterlockedExchange, Sleep, InterlockedCompareExchange, GetStartupInfoA, SetUnhandledExceptionFilter, GetModuleHandleA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, WriteFile, CreateFileW, OutputDebugStringA, IsDebuggerPresent, SetFilePointer, GetLocalTime, EnterCriticalSection, LeaveCriticalSection, GlobalFree, GlobalUnlock, GlobalLock, GlobalAlloc, GlobalSize, GetTickCount64, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, lstrlenW, GetExitCodeThread, lstrcmpiW, WaitForSingleObject, SetEvent, QueryPerformanceFrequency, ExitThread, SizeofResource, FindResourceW, GetComputerNameW, FormatMessageW, OpenEventW
msvcrt.dll
DllMain
ntdll.dll
RtlInitUnicodeString, NtQueryInformationFile, RtlEnumerateGenericTableLikeADirectory, NtSetInformationProcess, RtlIsGenericTableEmptyAvl, NtWaitForSingleObject, NtQueryVolumeInformationFile, NtOpenFile, RtlNtStatusToDosError, RtlInsertElementGenericTableAvl, RtlNumberGenericTableElementsAvl, RtlEnumerateGenericTableAvl, NtFsControlFile, RtlDeleteElementGenericTableAvl, RtlInitializeGenericTableAvl
ole32.dll
CLSIDFromString, CoDisconnectObject, CoRevokeClassObject, CoRegisterClassObject, CoCreateGuid, ReleaseStgMedium, CoCreateInstanceEx, CoUninitialize, CoInitializeSecurity, CoInitializeEx, CoTaskMemFree, CoTaskMemAlloc
shell32.dll
SHGetPathFromIDListW, SHGetSpecialFolderLocation
user32.dll
DispatchMessageW, DefWindowProcW, MessageBoxW, DestroyWindow, PostQuitMessage, SetTimer, LoadStringW, PostMessageW, CharUpperW, GetMessageW, SendMessageW, CreateWindowExW, RegisterClassW, LoadCursorW, TranslateMessage
vssapi.dll
IsVolumeSnapshottedInternal

dfrgntfs.exe

Windows Disk Defragmenter by Microsoft

Remove dfrgntfs.exe
Version:   6.0.6000.16386 (vista_rtm.061101-2205)
MD5:   1041911450c1d7b215bc4b9a9c8acdb4
SHA1:   3372a1c28783f7f24341427ccd529db1c55ce185
SHA256:   6b2e2864fa7d31bda564c83995bc863e3ef60d0c2b7df0ac817826b17476990d
This is a Windows system installed file with Windows File Protection (WFP) enabled.

Overview

dfrgntfs.exe executes as a process under the SYSTEM account with extensive privileges (the system and the administrator accounts have the same file privileges) typically within the context of its parent svchost.exe (Host Process for Windows Services by Microsoft Corporation). This version is designed to run on Windows Vista and is compiled as a 64 bit program.

DetailsDetails

File name:dfrgntfs.exe
Publisher:Microsoft Corp.
Product name:Windows Disk Defragmenter
Description:Disk Defragmenter NTFS Module
Typical file path:C:\Windows\System32\dfrgntfs.exe
Original name:DFRGNTFS.EXE.MUI
File version:6.0.6000.16386 (vista_rtm.061101-2205)
Product version:6.0.6000.16386
Size:172.5 KB (176,640 bytes)
Digital DNA
PE subsystem:Windows GUI
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00255988%
0.028634%
Kernel CPU:0.00243298%
0.013761%
User CPU:0.00012690%
0.014873%
Kernel CPU time:70,029 ms/min
100,923,805ms/min
CPU cycles:23,886,222/sec
17,470,203/sec
Memory
Private memory:56.71 MB
21.59 MB
Private (maximum):60.73 MB
Private (minimum):29.25 MB
Non-paged memory:56.71 MB
21.59 MB
Virtual memory:120.66 MB
140.96 MB
Virtual memory (peak):121.66 MB
169.69 MB
Working set:60.73 MB
18.61 MB
Working set (peak):60.74 MB
37.95 MB
Page faults:17,229/min
2,039/min
I/O
I/O read transfer:8.23 KB/sec
1.02 MB/min
I/O read operations:2/sec
343/min
I/O write transfer:4 Bytes/sec
274.99 KB/min
I/O write operations:1/sec
227/min
I/O other transfer:2.32 MB/sec
448.09 KB/min
I/O other operations:21,274/sec
1,671/min
Resource allocations
Threads:4
12
Handles:103
600

BehaviorsProcess properties

Integrety level:System
Platform:64-bit
Command line:C:\Windows\System32\dfrgntfs.exe -embedding
Owner:SYSTEM
Parent process:svchost.exe (Host Process for Windows Services by Microsoft Corporation)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows Vista Ultimate 42.86%
Windows Vista Home Premium 28.57%
Windows Vista Home Basic 28.57%

Distribution by countryDistribution by country

United States installs about 57.14% of Windows Disk Defragmenter.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Hewlett-Packard 40.00%
Toshiba 40.00%
American Megatrends 20.00%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE