Should I block it?

No, this file is 100% safe to run.

Additional versions

9,4,11,2806	4.00%
9,4,10,249	2.00%
9,4,7,2799	16.00%
9,3,11,2762	4.00%
9,3,10,4710	6.00%
9,3,10,4701	2.00%
9,3,7,2735	8.00%
9,3,2,2730	8.00%
9,2,1,4399	8.00%
9,1,15,109	2.00%
9,1,15,109	2.00%
9,1,14,104	6.00%
9,1,13,89	8.00%
9,1,12,73	6.00%
9,1,11,2678	2.00%
9,1,3,2637	8.00%
9,1,3,2636	2.00%
9,0,15,65	2.00%
8,3,7,3619	2.00%
8,2,6,475	2.00%

Relationships

Parent process

explorer.exe (Windows Explorer by Microsoft Corporation)

Child process

originclientservice.exe (OriginClientService by Electronic Arts)

Related files

PE file structure

Show functions

Import table

advapi32.dll

RegCreateKeyExW, RegEnumKeyExW, RegQueryInfoKeyW, RegSetValueExW, RegCloseKey, RegDeleteValueW, RegDeleteKeyW, RegOpenKeyExW, GetSecurityInfo, ConvertStringSidToSidW, SetEntriesInAclW, SetSecurityInfo, GetUserNameW

comctl32.dll

InitCommonControlsEx

gdi32.dll

GetDeviceCaps, GetObjectW, CreateCompatibleDC, SetTextColor, CreateFontW, GetStockObject, BitBlt, CreateSolidBrush, DeleteObject, SelectObject, CreateCompatibleBitmap, DeleteDC

kernel32.dll

InterlockedExchange, DecodePointer, EncodePointer, GetFileInformationByHandle, GetNamedPipeHandleStateA, PeekNamedPipe, CreateDirectoryA, GetFileAttributesA, SetFileAttributesW, SetFilePointerEx, SetEndOfFile, GetFileAttributesW, GetFileType, SetFileTime, LoadLibraryA, CreateFileA, GetFullPathNameW, lstrlenA, InterlockedCompareExchange, WideCharToMultiByte, IsBadWritePtr, GetVersionExW, SetFileAttributesA, Sleep, CreateThread, WaitForSingleObject, LoadLibraryW, FindFirstFileW, HeapSetInformation, FindClose, LoadLibraryExW, FreeLibrary, GetModuleFileNameW, MulDiv, lstrcmpW, GetCurrentProcess, FlushInstructionCache, lstrcmpiW, InterlockedDecrement, InterlockedIncrement, lstrlenW, GetCurrentThreadId, GetProcAddress, InitializeCriticalSectionAndSpinCount, RaiseException, LocalFree, LeaveCriticalSection, EnterCriticalSection, DeleteCriticalSection, InitializeCriticalSection, GetCommandLineW, GetLocaleInfoW, GlobalAlloc, GlobalLock, GlobalUnlock, CreateDirectoryW, GetStartupInfoW, IsProcessorFeaturePresent, SetUnhandledExceptionFilter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, FindResourceW, UnhandledExceptionFilter, IsDebuggerPresent, InterlockedPushEntrySList, HeapFree, GetProcessHeap, HeapAlloc, VirtualFree, VirtualAlloc, InterlockedPopEntrySList, QueryPerformanceCounter, CreateProcessW, GetPrivateProfileStringW, GetLastError, CreateMutexW, SetLastError, TerminateProcess, OpenProcess, GetModuleHandleW, CreateFileW, GetDiskFreeSpaceExW, DeleteFileW, MultiByteToWideChar, WriteFile, MoveFileW, ReadFile, GetFileSize, FreeResource, LockResource, SizeofResource, LoadResource, CloseHandle, FindNextFileW, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, MoveFileExW

msvcp100.dll

DllMain

msvcr100.dll

DllMain

ole32.dll

CoCreateInstance, CreateStreamOnHGlobal, CoUninitialize, CoInitializeEx, CoTaskMemAlloc, CoTaskMemRealloc, CoTaskMemFree, StringFromGUID2, OleLockRunning, CoGetClassObject, CLSIDFromProgID, OleUninitialize, OleInitialize, CLSIDFromString

shell32.dll

ShellExecuteExW, ShellExecuteW, SHGetFolderPathW, SHCreateDirectoryExW

shlwapi.dll

PathFileExistsW, wnsprintfW

user32.dll

CallWindowProcW, FillRect, ReleaseCapture, GetClassNameW, GetParent, IsChild, SetCapture, RedrawWindow, InvalidateRgn, InvalidateRect, ReleaseDC, GetDC, ScreenToClient, ClientToScreen, GetClientRect, SetWindowPos, MoveWindow, GetSysColor, CharNextW, CreateDialogParamW, SetWindowTextW, EndPaint, TranslateMessage, DispatchMessageW, GetWindowLongW, SetWindowLongW, ShowWindow, SetDlgItemTextW, GetDlgItem, SendNotifyMessageW, PostMessageW, MessageBoxExW, wsprintfW, DefWindowProcW, RegisterClassW, CreateWindowExW, DestroyWindow, GetWindow, IsWindowVisible, SetForegroundWindow, GetWindowThreadProcessId, FindWindowW, SendMessageTimeoutW, UnregisterClassA, BeginPaint, DestroyAcceleratorTable, GetDesktopWindow, GetFocus, SetFocus, SendMessageW, IsWindow, GetClassInfoExW, LoadCursorW, RegisterClassExW, CreateAcceleratorTableW, GetWindowTextW, GetWindowTextLengthW, RegisterWindowMessageW, LoadIconW, EndDialog, GetDlgItemTextW, EnableWindow, MapWindowPoints, GetWindowRect, MapDialogRect, GetMessageW, IsDialogMessageW

version.dll

GetFileVersionInfoW, GetFileVersionInfoSizeW, VerQueryValueW

winhttp.dll

WinHttpSendRequest, WinHttpReceiveResponse, WinHttpSetOption, WinHttpOpen, WinHttpQueryDataAvailable, WinHttpQueryHeaders, WinHttpReadData, WinHttpCrackUrl, WinHttpConnect, WinHttpOpenRequest, WinHttpCloseHandle, WinHttpGetIEProxyConfigForCurrentUser

wintrust.dll

WinVerifyTrust

Origin.exe

Origin by Electronic Arts (Signed)

Remove Origin.exe

Version:	9,3,10,4710
MD5:	983d32fd0a38ac45e80480b5d4d29008
SHA1:	92bd9803e425276f50c082bdc494cdd349fcb458

Overview

origin.exe executes as a process with the local user's privileges usually within the context of Windows Explorer. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). It is installed with a couple of know programs including Origin published by Electronic Arts, Origin from Electronic Arts and Origin by Electronic Arts. The file is digitally signed by Electronic Arts which was issued by the VeriSign certificate authority (CA).

Details

File name:	origin.exe
Publisher:	Electronic Arts
Product name:	Origin
Typical file path:	C:\Program Files\origin\origin.exe
File version:	9,3,10,4710
Size:	3.4 MB (3,561,816 bytes)
Build date:	10/9/2013 5:10 PM
Certificate
Issued to:	Electronic Arts
Authority (CA):	VeriSign
Effective date:	Tuesday, July 5, 2011
Expiration date:	Friday, July 5, 2013
Digital DNA
PE subsystem:	Windows GUI
File packed:	No
Code language:	Microsoft Visual C++ 10.0
.NET CLR:	No

More details

Programs

The following programs will install this file

Origin

Electronic Arts

24% remove

Origin (EA Store) is a digital distribution, digital rights management system from Electronic Arts that allows users to purchase games on the internet for PC and mobile platforms, and download them with the Origin client (formerly EA Download Manager). Origin features social features like profile management, networking with friends with chat and direct game joining along with an in-game overlay, sharing of game library and community int...

Behaviors

Startup files (user) run

Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'

'EADM' → "C:\Program Files\Origin\Origin.exe" -AutoStart

Scheduled tasks

The job '{5767B67D-B814-4E67-92F9-8C0AC66A2528}' runs on registration in the path '\{5767B67D-B814-4E67-92F9-8C0AC66A2528}'
The job '{1F4DB01C-3D2A-4025-A897-AD2DAADFB99F}' runs on registration in the path '\{1F4DB01C-3D2A-4025-A897-AD2DAADFB99F}'
The task '{1DF6A24F-6759-4CD4-B1D7-E03D6938A560}' runs on registration in the path '\{1DF6A24F-6759-4CD4-B1D7-E03D6938A560}'

Network connections

[TCP] a23-5-139-9.deploy.static.akamaitechnologies.com (23.5.139.9:443)

Resource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)

Averages

CPU
Total CPU:	0.00160301%	0.028634%
Kernel CPU:	0.00092378%	0.013761%
User CPU:	0.00067923%	0.014873%
Kernel CPU time:	38,959 ms/min	100,923,805ms/min
CPU cycles:	18,143,473/sec	17,470,203/sec
Context switches:	209/sec	284/sec
Memory
Private memory:	77.57 MB	21.59 MB
Private (maximum):	122.67 MB
Private (minimum):	30.01 MB
Non-paged memory:	77.57 MB	21.59 MB
Virtual memory:	315.89 MB	140.96 MB
Virtual memory (peak):	343.09 MB	169.69 MB
Working set:	68.36 MB	18.61 MB
Working set (peak):	126.79 MB	37.95 MB
Page faults:	2,511,976/min	2,039/min
I/O
I/O read transfer:	46.89 KB/sec	1.02 MB/min
I/O read operations:	26/sec	343/min
I/O write transfer:	8.39 MB/sec	274.99 KB/min
I/O write operations:	40/sec	227/min
I/O other transfer:	40.24 KB/sec	448.09 KB/min
I/O other operations:	1,988/sec	1,671/min
Resource allocations
Threads:	34	12
Handles:	2140	600
GUI GDI count:	184	103
GUI GDI peak:	200	142
GUI USER count:	160	49
GUI USER peak:	182	71

Process properties

Integrety level:	Medium
Platform:	64-bit
Command lines:	"C:\Program Files\origin\origin.exe" "origiC://launchgame/1007968,1011575,1011576,1011577,1010268,1010269,1010270,1010271,1010958,1010959,1010960,1010961,1007077,1016751,1016757,1016754?title=battlefield%u00204%u2122&commandparams=" "C:\Program Files\origin\origin.exe" -autostart
Owner:	User
Parent process:	explorer.exe (Windows Explorer by Microsoft Corporation)

Threads

Averages

Origin.exe (main module)
Total CPU:	0.06477417%	0.272967%
Kernel CPU:	0.01509175%	0.107585%
User CPU:	0.04968241%	0.165382%
CPU cycles:	2,748,325/sec	5,741,424/sec
Context switches:	10/sec	79/sec
Memory:	3.4 MB	1.16 MB
ntdll.dll
Total CPU:	0.00047825%
Kernel CPU:	0.00009565%
User CPU:	0.00038260%
CPU cycles:	35,853/sec
Memory:	1.66 MB

Common loaded modules

These are modules that are typiclaly loaded within the context of this process.

Distribution by Windows OS

OS version	distribution
Windows 7 Home Premium	36.73%
Windows 7 Ultimate	16.33%
Windows 8 Pro	12.24%
Windows 8	6.12%
Windows 8.1 Pro	4.08%
Windows 8 Enterprise	4.08%
Microsoft Windows XP	4.08%
Windows 7 Home Basic	4.08%
Windows 8.1 Single Language	2.04%
Windows 8.1	2.04%
Windows Vista Home Premium	2.04%
Windows 7 Enterprise	2.04%
Windows 7 Professional	2.04%
Windows 8 Pro with Media Center	2.04%

Distribution by country

United States installs about 26.53% of Origin.

Distribution by PC manufacturer

PC Manufacturer	distribution
ASUS	29.79%
MSI	12.77%
Acer	10.64%
GIGABYTE	10.64%
Alienware	8.51%
Toshiba	8.51%
Hewlett-Packard	4.26%
Lenovo	4.26%
Dell	4.26%
Samsung	4.26%
American Megatrends	2.13%

Remove Adware and Spyware Programs, FREE Download!