Should I block it?

No, this file is 100% safe to run.

Relationships

Parent process
Child process
Related files

greetingz_grz_amf_bab[1].exe

By Bit Cocktail Ltd. (Signed)

Remove greetingz_grz_amf_bab[1].exe
MD5:   af7c828a3bda740debc5c91935e43cbc
SHA1:   0048d7735e0a893f362705ba8a387dbfc5622ba6
SHA256:   a6ae4c7b6a0397117573ca16a6d4031027f1ef119c065bfa9f96c47c348d08c9

Overview

greetingz_grz_amf_bab[1].exe executes as a process with the local user's privileges typically within the context of its parent greetingz_grz_amf_bab[1].tmp. The file is digitally signed by Bit Cocktail Ltd. which was issued by the Thawte certificate authority (CA). This particular version is usually found on Windows 7 Ultimate N (6.1.7601.65536). Note, some antivirus scanners have flagged this file, however it is not necessarily considered malware (see below for details).

DetailsDetails

File name:greetingz_grz_amf_bab[1].exe
Publisher:Bitcoktail
Typical file path:C:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\q011r81w\greetingz_grz_amf_bab[1].exe
Size:2.03 MB (2,132,680 bytes)
Certificate
Issued to:Bit Cocktail Ltd.
Authority (CA):Thawte
Effective date:Monday, January 16, 2012
Expiration date:Wednesday, January 16, 2013
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.07297499%
0.028634%
Kernel CPU:0.02432500%
0.013761%
User CPU:0.04864999%
0.014873%
Kernel CPU time:20 ms/min
100,923,805ms/min
Context switches:1/sec
284/sec
Memory
Private memory:1.65 MB
21.59 MB
Private (maximum):3.67 MB
Private (minimum):3.67 MB
Non-paged memory:1.65 MB
21.59 MB
Virtual memory:53.02 MB
140.96 MB
Virtual memory (peak):57.7 MB
169.69 MB
Working set:3.67 MB
18.61 MB
Working set (peak):4.42 MB
37.95 MB
Resource allocations
Threads:1
12
Handles:41
600
GUI GDI count:9
103
GUI GDI peak:10
142
GUI USER count:4
49
GUI USER peak:4
71

BehaviorsProcess properties

Integrety level:High
Platform:32-bit
Command lines:
  • "C:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\q011r81w\greetingz_grz_amf_bab[1].exe" /spawnwnd=$1104f8 /notifywnd=$1c0432
  • "C:\users\user\appdata\local\microsoft\windows\temporary internet files\content.ie5\q011r81w\greetingz_grz_amf_bab[1].exe"
Owner:User
Parent process:greetingz_grz_amf_bab[1].tmp

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate N 100.00%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE