Should I block it?

No, this file is 100% safe to run.

Additional versions

1.0.0.1	65.38%
1.0.0.1	7.69%
1.0.0.1	3.85%
1.0.0.1	3.85%
5b485	3.85%
c76d4	3.85%
952da	3.85%
29665	3.85%
6ef11	3.85%

Relationships

Parent processes

Child processes

firefox.exe (Firefox by Mozilla Corporation)

PE file structure

Show functions

Import table

advapi32.dll

RegQueryValueW, LookupPrivilegeValueW, OpenProcessToken, RegCloseKey, RegSetValueExW, RegDeleteValueW, RegOpenKeyW, RegOpenKeyExW, RegCreateKeyExW, RegQueryValueExW, RegEnumKeyW, RegDeleteKeyW, AdjustTokenPrivileges, RegOpenKeyExA, RegCreateKeyExA, RegFlushKey, RegQueryValueExA, RegSetValueExA, RegEnumKeyExA, RegEnumValueA, RegDeleteValueA, RegDeleteKeyA, RegQueryInfoKeyW, RegQueryInfoKeyA, RegEnumValueW, RegEnumKeyExW, GetUserNameW, SetSecurityDescriptorDacl, InitializeSecurityDescriptor

atmanager.dll

ReleaseATManager, CreateATManager

comctl32.dll

InitCommonControlsEx

comdlg32.dll

GetFileTitleW, GetSaveFileNameA, GetOpenFileNameA, PrintDlgA, PrintDlgW, GetSaveFileNameW, GetOpenFileNameW

gdi32.dll

DPtoLP, CreateSolidBrush, CreateFontW, GetRgnBox, GetDeviceCaps, CreateCompatibleBitmap, CreateCompatibleDC, PtVisible, RectVisible, TextOutW, ExtTextOutW, Escape, GetPixel, SetPixel, CreateFontIndirectW, GetObjectW, GetCurrentObject, CreateRectRgn, CreateRectRgnIndirect, CreateRoundRectRgn, CombineRgn, BitBlt, StretchBlt, GetStockObject, PtInRegion, DeleteObject, CreateBitmap, GetClipBox, SetTextColor, SetBkColor, SaveDC, RestoreDC, SetBkMode, SetROP2, SetMapMode, LineTo, MoveToEx, SetTextAlign, GetViewportExtEx, GetWindowExtEx, SelectObject, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, ExtSelectClipRgn, DeleteDC, CreatePen, GetBkColor, GetTextColor, GetMapMode, SelectPalette, RealizePalette, GetObjectA, OffsetRgn, GetPaletteEntries, GetNearestPaletteIndex, SelectClipPath, CreateDCW, CreateDCA, StrokePath, FillPath, BeginPath, PolyBezierTo, CloseFigure, EndPath, SetPolyFillMode, TextOutA, StartDocW, StartDocA, GetBkMode, StartPage, AbortDoc, EndPage, EndDoc, ResetDCW, ResetDCA, SelectClipRgn, GdiFlush, CreateDIBSection, GetDIBits, EnumFontFamiliesExW, EnumFontFamiliesExA, GetTextFaceW, GetTextFaceA, GetTextCharsetInfo, GetFontData, GetCharABCWidthsW, GetCharABCWidthsA, GetCharABCWidthsFloatW, GetTextExtentPoint32W, CreateFontIndirectA, GetTextMetricsW, GetTextMetricsA, SetGraphicsMode, SetWorldTransform, GetGlyphOutlineW, GetGlyphOutlineA, GetOutlineTextMetricsA, RectInRegion, CreatePolygonRgn, EqualRgn, ExtCreateRegion, CreateEllipticRgn, GetRegionData, CreatePalette, RoundRect, PathToRegion

gdiplus.dll

GdipLoadImageFromFileICM, GdipLoadImageFromFile, GdipDrawImageRectRectI, GdipDeleteGraphics, GdipCreateFromHDC, GdiplusStartup, GdipFree, GdipDisposeImage, GdipAlloc, GdipGetImageWidth, GdipGetImageHeight, GdiplusShutdown, GdipCloneImage, GdipCreatePen1, GdipDeleteFont, GdipDeleteFontFamily, GdipGetGenericFontFamilySansSerif, GdipCreateFontFamilyFromName, GdipCreateFont, GdipCreateFontFromLogfontA, GdipCreateFontFromDC, GdipDrawString, GdipDeletePen, GdipSetStringFormatAlign, GdipDeleteStringFormat, GdipFillRectangle, GdipDrawImageRect, GdipDrawImageRectRect, GdipFillRectangleI, GdipCloneBrush, GdipDeleteBrush, GdipCreateSolidFill, GdipDrawImageRectI, GdipDrawRectangleI, GdipDrawLineI, GdipCreateStringFormat, GdipCreateLineBrush, GdipSetStringFormatLineAlign

imm32.dll

ImmSetCompositionFontW, ImmSetCompositionFontA, ImmSetCompositionWindow, ImmSetCandidateWindow, ImmAssociateContext, ImmGetCompositionStringW, ImmGetCompositionStringA, ImmNotifyIME, ImmReleaseContext, ImmGetContext, ImmGetDefaultIMEWnd, ImmGetVirtualKey

inithw.dll

GetHardware

kernel32.dll

DllMain, ResetEvent, FindClose, FindNextFileA, FindNextFileW, FindFirstFileA, FindFirstFileW, ExpandEnvironmentStringsA, CreateProcessA, CreateProcessW, GetModuleHandleA, GetVolumeInformationA, GetVolumeInformationW, GetModuleHandleW, GetUserDefaultLangID, InterlockedDecrement, IsValidLocale, GlobalUnlock, GlobalLock, GlobalAlloc, lstrcmpW, lstrcpynW, lstrcpynA, VirtualFreeEx, ReadProcessMemory, VirtualAllocEx, OpenProcess, GlobalSize, GlobalFree, GetProfileStringA, GetProfileStringW, GetDriveTypeA, GetDriveTypeW, GetWindowsDirectoryW, FindFirstChangeNotificationW, FindFirstChangeNotificationA, FindNextChangeNotification, FindCloseChangeNotification, lstrlenW, GetProcessHeap, HeapFree, GetSystemTimeAsFileTime, GetTickCount, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, TerminateProcess, GetStartupInfoA, InterlockedCompareExchange, InterlockedExchange, GetSystemDirectoryW, WideCharToMultiByte, MultiByteToWideChar, CreateSemaphoreW, CloseHandle, WaitForSingleObject, ReleaseSemaphore, GetLastError, CompareStringA, CompareStringW, GetUserDefaultLCID, GetVersionExA, LocalFree, FormatMessageA, FormatMessageW, GetCurrentProcessId, GetModuleFileNameA, GetModuleFileNameW, GetCommandLineA, GetCommandLineW, TlsFree, GetCurrentThreadId, GetCurrentThread, GetSystemInfo, Sleep, SwitchToThread, TlsAlloc, TerminateThread, SetThreadPriority, TlsSetValue, ResumeThread, GetThreadPriority, WaitForMultipleObjects, SetEvent, CreateEventA, CreateEventW, DuplicateHandle, GetCurrentProcess, TlsGetValue, GetLocaleInfoW, GetLocaleInfoA, GetDateFormatA, GetDateFormatW, GetTimeFormatA, GetTimeFormatW, GetLocalTime, InitializeCriticalSection, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, OutputDebugStringA, OutputDebugStringW, CreateSemaphoreA, WaitForSingleObjectEx, GetFileType, SystemTimeToFileTime, SystemTimeToTzSpecificLocalTime, FileTimeToSystemTime, FreeLibrary, GetProcAddress, LoadLibraryW, LoadLibraryA, GetFileInformationByHandle, GetFileAttributesExA, GetFileAttributesExW, SetFilePointer, ReadFile, WriteFile, SetCurrentDirectoryA, SetCurrentDirectoryW, GetCurrentDirectoryA, GetCurrentDirectoryW, GetTempPathA, GetTempPathW, SetEndOfFile, GetFullPathNameA, GetFullPathNameW, CreateFileA, CreateFileW, DeleteFileA, DeleteFileW, CopyFileA, CopyFileW, MoveFileA, MoveFileW, CreateDirectoryA, CreateDirectoryW, RemoveDirectoryA, RemoveDirectoryW, GetFileAttributesA, GetFileAttributesW, GetFileTime, GetLogicalDrives, SetErrorMode, MapViewOfFile, CreateFileMappingA, CreateFileMappingW, UnmapViewOfFile, LoadLibraryExW, OpenSemaphoreW

msimg32.dll

TransparentBlt

msvcp80.dll

DllMain

msvcr80.dll

DllMain

ole32.dll

CoTaskMemFree, CoTaskMemAlloc, CLSIDFromProgID, CLSIDFromString, CoUninitialize, CoCreateInstance, CoInitializeEx, CoGetClassObject, StgOpenStorageOnILockBytes, StgCreateDocfileOnILockBytes, CreateILockBytesOnHGlobal, OleUninitialize, CoRegisterMessageFilter, OleFlushClipboard, OleIsCurrentClipboard, CoRevokeClassObject, OleInitialize, CoFreeUnusedLibraries, RevokeDragDrop, CoInitialize, RegisterDragDrop, CoLockObjectExternal, StringFromGUID2, CoCreateGuid, ReleaseStgMedium, DoDragDrop, CoGetMalloc, OleGetClipboard, OleSetClipboard

oledlg.dll

OleUIBusyW

setupapi.dll

CM_Get_Device_IDW, SetupDiCreateDeviceInfoList, CM_Get_Device_ID_Size, CM_Get_Parent, SetupDiOpenDeviceInfoW, SetupDiEnumDeviceInterfaces, SetupDiGetDeviceInterfaceDetailW, CM_Get_DevNode_Status, SetupDiSetClassInstallParamsW, SetupDiCallClassInstaller, SetupDiGetDeviceInstallParamsW, SetupDiGetDeviceInstanceIdW, SetupDiSetDeviceRegistryPropertyW, SetupDiDestroyDeviceInfoList, SetupDiGetDeviceRegistryPropertyW, SetupDiEnumDeviceInfo, SetupDiGetClassDevsW

shell32.dll

ShellExecuteW, ShellExecuteExW, SHFileOperationW, Shell_NotifyIconW, SHGetFileInfoW, SHGetMalloc, SHGetPathFromIDListA, ShellExecuteA, SHBrowseForFolderA, Shell_NotifyIconA, SHGetSpecialFolderPathW, SHGetFolderPathW

shlwapi.dll

PathFindFileNameW, PathRemoveFileSpecW, PathStripToRootW, PathFindExtensionW, PathIsUNCW

user32.dll

SetRect, InvalidateRgn, GetNextDlgGroupItem, UnregisterClassW, RegisterClipboardFormatW, SetActiveWindow, CreateDialogIndirectParamW, GetDlgItem, GetNextDlgTabItem, EndDialog, GetMenuItemID, GetMenuItemCount, GetSubMenu, GetWindowThreadProcessId, GetLastActivePopup, IsWindowEnabled, MessageBoxW, SetWindowsHookExW, CallNextHookEx, GetMessageW, TranslateMessage, GetActiveWindow, ValidateRect, SetMenuItemBitmaps, GetMenuCheckMarkDimensions, GetFocus, GetMenuState, EnableMenuItem, CheckMenuItem, PostQuitMessage, DrawEdge, SetCapture, SetWindowRgn, ReleaseCapture, SystemParametersInfoW, ShowScrollBar, GetClassLongW, PeekMessageW, DispatchMessageW, SetForegroundWindow, MessageBeep, DestroyWindow, OpenClipboard, SetClipboardData, IsRectEmpty, CloseClipboard, GetKeyState, LoadBitmapW, GetCursorPos, UpdateWindow, IsWindow, EnumChildWindows, CharNextA, LoadImageW, ModifyMenuW, AppendMenuW, CreatePopupMenu, UpdateLayeredWindow, GetDC, GrayStringW, DrawTextExW, DrawTextW, TabbedTextOutW, LoadCursorW, SetCursor, SetWindowPos, GetDesktopWindow, IsWindowVisible, IsIconic, UnregisterDeviceNotification, RegisterDeviceNotificationW, GetSystemMetrics, GetWindowLongW, SetLayeredWindowAttributes, KillTimer, PostThreadMessageW, DrawIcon, LoadIconW, InvalidateRect, SetTimer, SendMessageW, GetParent, SetWindowLongW, EnableWindow, ReleaseDC, GetWindowDC, GetClientRect, GetWindowRect, PostMessageW, FrameRect, PtInRect, OffsetRect, InflateRect, CopyAcceleratorTableW, GetClassNameW, SetPropW, GetPropW, RemovePropW, SetFocus, CharUpperW, GetWindowTextLengthW, GetWindowTextW, GetSysColorBrush, GetForegroundWindow, GetTopWindow, UnhookWindowsHookEx, WindowFromPoint, DestroyMenu, CharNextW, EndPaint, BeginPaint, ClientToScreen, GetMessageTime, GetMessagePos, TrackPopupMenu, ShowWindow, MoveWindow, SetWindowTextW, IsDialogMessageW, SetDlgItemTextW, RegisterWindowMessageW, SendDlgItemMessageW, SendDlgItemMessageA, WinHelpW, IsChild, GetClipboardData, GetCapture, SetMenu, CreateWindowExW, GetClassInfoExW, GetClassInfoW, RegisterClassW, GetSysColor, MapDialogRect, ScreenToClient, EqualRect, CopyRect, SetWindowPlacement, GetDlgCtrlID, DefWindowProcW, CallWindowProcW, GetMenu, IntersectRect, SystemParametersInfoA, GetWindowPlacement, GetWindow, MapWindowPoints, SetWindowContextHelpId, AdjustWindowRectEx, RegisterClassA, UnregisterClassA, DispatchMessageA, MsgWaitForMultipleObjectsEx, DestroyIcon, CreateIconIndirect, ScrollWindowEx, SetWindowsHookExA, SetWindowTextA, SendMessageA, IsZoomed, CreateWindowExA, ValidateRgn, SetParent, GetSystemMenu, SetCaretBlinkTime, GetCaretBlinkTime, SetDoubleClickTime, GetDoubleClickTime, SetWindowLongA, GetWindowLongA, RegisterWindowMessageA, GetUpdateRect, ClipCursor, GetWindowRgn, DefWindowProcA, DrawIconEx, LoadIconA, GetClassInfoA, GetMessageA, PostMessageA, PeekMessageA, CharNextExA, GetIconInfo, DestroyCursor, SetCursorPos, CreateCursor, LoadCursorA, GetKeyboardLayoutList, HideCaret, CreateCaret, GetKeyboardLayout, ToUnicode, ToAscii, MapVirtualKeyW, TrackPopupMenuEx, SetMenuItemInfoW, GetKeyboardState, MapVirtualKeyA, SetCaretPos, FindWindowExA, SetClipboardViewer, ChangeClipboardChain, GetClipboardFormatNameW, GetClipboardFormatNameA, RegisterClipboardFormatA, FindWindowExW, FindWindowA, DestroyCaret, EnumWindows, DllMain

userenv.dll

GetUserProfileDirectoryW

winmm.dll

PlaySoundW, midiOutOpen, midiOutClose, midiOutReset, midiOutShortMsg, PlaySoundA

winspool.drv

OpenPrinterW, DocumentPropertiesW, ClosePrinter, GetPrinterW, DeviceCapabilitiesA, GetPrinterA, EnumPrintersA, EnumPrintersW, OpenPrinterA, DeviceCapabilitiesW, EnumFormsW

zfdevicehw.dll

GetHardware

zfxcommwrapper.dll

ReleaseDMService, CreateDMService

app.exe

Remove app.exe

Version:	1.0.0.1
MD5:	fdedad0b4196d71efa97a513aa2d5e08
SHA1:	2a31cf13ddf4990bfb4ce1a1f49a46c61d3ee2fc
SHA256:	92b288389e8ece15d51a4c786f2cf82a5baf9e50c8da9a8ab5647818f1676665

Overview

app.exe executes as a process with the local user's privileges typically within the context of its parent c+weject.exe.

Details

File name:	app.exe
Typical file path:	C:\Program Files\mblaze ui\bin\app.exe
File version:	1.0.0.1
Size:	2.23 MB (2,337,280 bytes)
Digital DNA
PE subsystem:	Windows GUI
File packed:	No
Code language:	Microsoft Visual C++ 8.0
.NET CLR:	No

More details

Behaviors

Scheduled tasks

The task '{ED8EC87D-A705-4720-A3BA-CAEE9ABD7F08}' runs on registration in the path '\{ED8EC87D-A705-4720-A3BA-CAEE9ABD7F08}'
The job '{D8C7AB90-B5FD-4A84-AEF2-5C726244635D}' runs on registration in the path '\{D8C7AB90-B5FD-4A84-AEF2-5C726244635D}'
The job '{BC5A9ACF-5D30-4923-A2CA-9289D42D63DB}' runs on registration in the path '\{BC5A9ACF-5D30-4923-A2CA-9289D42D63DB}'
The task '{BBADD103-2DB5-4BD3-807D-C0DC66C4EF1A}' runs on registration in the path '\{BBADD103-2DB5-4BD3-807D-C0DC66C4EF1A}'
The task '{AE21A374-D4F0-494E-902D-558EE3798466}' runs on registration in the path '\{AE21A374-D4F0-494E-902D-558EE3798466}'
The task '{A176B164-385F-4292-AF39-21B9DCDEEA94}' runs on registration in the path '\{A176B164-385F-4292-AF39-21B9DCDEEA94}'
The job '{9181EBB6-79F2-4959-8319-CFE2A70152EE}' runs on registration in the path '\{9181EBB6-79F2-4959-8319-CFE2A70152EE}'
The job '{865342D1-031C-4E25-9DEA-1828B85203AA}' runs on registration in the path '\{865342D1-031C-4E25-9DEA-1828B85203AA}'
The task '{7E9EC464-801E-4590-9C4D-FC583C3EE7C9}' runs on registration in the path '\{7E9EC464-801E-4590-9C4D-FC583C3EE7C9}'
The job '{69B4A0B2-C7C4-490E-B344-A2C17132E13D}' runs on registration in the path '\{69B4A0B2-C7C4-490E-B344-A2C17132E13D}'
The task '{49E4AA76-7D95-40DF-A88D-3B9DCCBDA6D1}' runs on registration in the path '\{49E4AA76-7D95-40DF-A88D-3B9DCCBDA6D1}'
The job '{330C36C3-54C2-45ED-A725-6BEE4BC52B5D}' runs on registration in the path '\{330C36C3-54C2-45ED-A725-6BEE4BC52B5D}'
The job '{2BDC7C97-150B-442E-A8E5-79850467949C}' runs on registration in the path '\{2BDC7C97-150B-442E-A8E5-79850467949C}'
The job '{16091F72-CD3D-48B7-ACD3-DFBCA237C0DC}' runs on registration in the path '\{16091F72-CD3D-48B7-ACD3-DFBCA237C0DC}'
The job '{0D13A9D9-FBEB-4D8E-A5D2-0F8CA680AFA5}' runs on registration in the path '\{0D13A9D9-FBEB-4D8E-A5D2-0F8CA680AFA5}'
Entry path '\{288B3014-7F73-4328-8AE1-05A808C6622F}'

Resource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)

Averages

CPU
Total CPU:	0.06200183%	0.028634%
Kernel CPU:	0.02528031%	0.013761%
User CPU:	0.03672152%	0.014873%
Kernel CPU time:	9,500,883 ms/min	100,923,805ms/min
Context switches:	300/sec	284/sec
Memory
Private memory:	15.91 MB	21.59 MB
Private (maximum):	13.75 MB
Private (minimum):	13.05 MB
Non-paged memory:	15.91 MB	21.59 MB
Virtual memory:	118.1 MB	140.96 MB
Virtual memory (peak):	122.41 MB	169.69 MB
Working set:	13.71 MB	18.61 MB
Working set (peak):	21.77 MB	37.95 MB
Resource allocations
Threads:	8	12
Handles:	382	600
GUI GDI count:	407	103
GUI USER count:	343	49

Process properties

Tray notification:	Yes
Integrety level:	Undefined
Platform:	32-bit
Command line:	"C:\Program Files\smartfren connex ac782 ui\app.exe"
Owner:	User
Parent processes:	c+weject.exe explorer.exe (Windows Explorer by Microsoft Corporation)

Threads

Averages

App.exe (main module)
Total CPU:	3.34036353%	0.272967%
Kernel CPU:	1.97580765%	0.107585%
User CPU:	1.36455588%	0.165382%
Context switches:	86/sec	79/sec
Memory:	2.26 MB	1.16 MB
atmanager.dll
Total CPU:	0.01332573%
Kernel CPU:	0.00444190%
User CPU:	0.00888383%
Context switches:	20/sec
Memory:	532 KB

Common loaded modules

These are modules that are typiclaly loaded within the context of this process.

Distribution by Windows OS

OS version	distribution
Windows 7 Professional	61.54%
Windows 7 Ultimate	15.38%
Microsoft Windows XP	7.69%
Windows 7 Starter	3.85%
Windows 8 Pro	3.85%
Windows 7 Home Basic	3.85%
Windows Vista Ultimate	3.85%

Distribution by country

Indonesia installs about 80.77% of app.exe.

Distribution by PC manufacturer

PC Manufacturer	distribution
Acer	59.26%
Dell	14.81%
Toshiba	7.41%
ASUS	7.41%
GIGABYTE	3.70%
American Megatrends	3.70%
Hewlett-Packard	3.70%

Remove Adware and Spyware Programs, FREE Download!