Should I block it?

45%
45% of PCs block this file from running.
Possible reason:
Performance resource utilization

VersionsAdditional versions

0.267.1.208 5.19%
0.266.1.172 5.19%
0.266.1.155 1.30%
0.266.0.377 5.19%
0.265.14.331 1.30%
0.263.14.1 1.30%
0.260.11.1 29.87%
0.260.11.1 1.30%
0.260.9.16 20.78%
0.260.9.16 1.30%
0.260.9.16 12.99%
0.260.9.16 1.30%
0.260.9.16 1.30%
0.260.2.300 1.30%
0.260.2.300 1.30%
0.260.2.300 5.19%
0.260.2.250 1.30%
0.259.0.47 1.30%
0.257.0.35 1.30%

Relationships

Parent process
Child processes
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegQueryValueExW, RegDeleteValueW, RegOpenKeyExW, RegSetValueExW, RegCloseKey, RegDisablePredefinedCache, RegCreateKeyW, RegOpenKeyW, GetSidSubAuthority, RegEnumValueW, RevertToSelf, SetSecurityInfo, GetSecurityDescriptorSacl, ConvertStringSecurityDescriptorToSecurityDescriptorW, SetTokenInformation, GetLengthSid, ConvertStringSidToSidW, OpenProcessToken, SetThreadToken, CreateProcessAsUserW, RegCreateKeyExW, CreateRestrictedToken, DuplicateTokenEx, DuplicateToken, EqualSid, GetTokenInformation, LookupPrivilegeValueW, SetEntriesInAclW, GetSecurityInfo, CreateWellKnownSid, CopySid, RegQueryValueExA, RegOpenKeyExA, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, GetCurrentHwProfileW, GetUserNameW, AdjustTokenPrivileges, RegDeleteKeyW, GetTraceLoggerHandle, RegisterEventSourceA, ReportEventA, DeregisterEventSource, RegisterTraceGuidsW, TraceEvent, UnregisterTraceGuids, GetTraceEnableFlags, GetTraceEnableLevel, GetSidSubAuthorityCount, RegNotifyChangeKeyValue, RegEnumKeyExW, RegQueryInfoKeyW, ConvertSidToStringSidW, RegEnumKeyW
comdlg32.dll
GetSaveFileNameW
crypt32.dll
CryptMsgClose, CryptMsgGetParam, CertFindCertificateInStore, CertCloseStore, CertFreeCertificateContext, CryptQueryObject, CryptVerifyMessageSignature, CertGetCertificateContextProperty
dbghelp.dll
MiniDumpWriteDump, SymInitialize, SymFunctionTableAccess64, SymGetModuleBase64, StackWalk64, SymGetLineFromAddr64, SymSetOptions, SymFromAddr
gdi32.dll
GetPaletteEntries, CreateHalftonePalette, SetDIBColorTable, CreateBitmap, DeleteObject, BitBlt, GetObjectW, SelectObject, DeleteDC, CreateCompatibleDC, GetStockObject, GetDCOrgEx, GetClipBox, StretchBlt, SetBrushOrgEx, SetStretchBltMode, GdiFlush, CreateCompatibleBitmap, CreateDIBSection, GetDIBits, CreateSolidBrush, CreateFontIndirectW, SetTextColor, GetDeviceCaps, CreateDCA, GetBitmapBits, GetObjectA
gdiplus.dll
GdipDisposeImageAttributes, GdipDeleteGraphics, GdipDisposeImage, GdipCreateBitmapFromScan0, GdipCloneBrush, GdipDrawString, GdipCreateSolidFill, GdipDeleteFont, GdipCreateFont, GdipDeleteFontFamily, GdipGetGenericFontFamilySansSerif, GdipCreateFontFamilyFromName, GdipDeleteBrush, GdipCreateImageAttributes, GdipGetImageGraphicsContext, GdiplusStartup, GdipBitmapUnlockBits, GdipBitmapLockBits, GdipCreateBitmapFromFileICM, GdipCreateBitmapFromFile, GdipGetImagePalette, GdipGetImagePaletteSize, GdipGetImagePixelFormat, GdipGetImageHeight, GdipGetImageWidth, GdipCloneImage, GdipSetImageAttributesColorMatrix, GdipGraphicsClear, GdipRotateWorldTransform, GdipFree, GdipAlloc, GdipDrawImageI, GdipDrawImageRectRect, GdipTranslateWorldTransform, GdipCreateFromHDC, GdiplusShutdown, GdipSaveImageToFile, GdipGetImageEncodersSize, GdipGetImageEncoders, GdipCreateBitmapFromHBITMAP, GdipCreateBitmapFromHICON, GdipCreatePath, GdipDeletePath, GdipFlush, GdipSetImageAttributesWrapMode, GdipSetStringFormatFlags, GdipSetStringFormatTrimming, GdipClosePathFigures, GdipCreatePen1, GdipDeletePen, GdipCreateStringFormat, GdipSetClipRectI, GdipDrawImageRectRectI, GdipDrawImage, GdipMeasureString, GdipFillPath, GdipFillEllipse, GdipFillRectangle, GdipDrawRectangle, GdipDrawLines, GdipDrawLine, GdipSetSmoothingMode, GdipSetInterpolationMode, GdipSetTextRenderingHint, GdipSetCompositingQuality, GdipSetCompositingMode, GdipCreateFromHWNDICM, GdipCreateFromHWND, GdipAddPathLine, GdipDeleteStringFormat, GdipBitmapSetPixel, GdipBitmapGetPixel
kernel32.dll
DllMain
msimg32.dll
AlphaBlend
netapi32.dll
NetWkstaGetInfo
ole32.dll
StringFromGUID2, CoInitialize, OleUninitialize, CoTaskMemFree, OleInitialize, CoCreateInstance, CoCreateGuid, CoTaskMemAlloc, CoInitializeEx, CoUninitialize, PropVariantClear
powrprof.dll
GetPwrCapabilities, SetSuspendState
psapi.dll
GetProcessImageFileNameW, GetProcessMemoryInfo, QueryWorkingSet
rpcrt4.dll
UuidToStringW, RpcStringFreeW
secur32.dll
GetUserNameExW
shell32.dll
SHGetFolderPathW, ShellExecuteW, SHFileOperationW, CommandLineToArgvW, Shell_NotifyIconW, SHLoadInProc, SHBrowseForFolderW, SHGetPathFromIDListW, ShellExecuteExW, SHGetSpecialFolderPathW, SHGetFileInfoW, SHGetFolderLocation, SHParseDisplayName, SHGetDesktopFolder, SHGetMalloc, SHAppBarMessage, SHGetSettings, SHCreateDirectoryExW
shlwapi.dll
StrStrIW, StrChrIW, StrCpyW, StrRetToBufW, StrCmpW, SHStrDupW, SHDeleteKeyW
urlmon.dll
URLOpenStreamW
user32.dll
GetProcessWindowStation, CreateWindowStationW, UserHandleGrantAccess, CloseDesktop, CloseWindowStation, WaitForInputIdle, wsprintfW, CharUpperW, GetClassInfoExW, ClientToScreen, RedrawWindow, UpdateWindow, GetTopWindow, GetCapture, SetTimer, SetMenuDefaultItem, LoadMenuW, GetSubMenu, LoadStringW, KillTimer, EnableWindow, ScreenToClient, SetRect, GetWindow, IsWindowVisible, IsChild, GetDesktopWindow, GetClientRect, OffsetRect, SystemParametersInfoA, IsIconic, GetWindowPlacement, GetSystemMetrics, GetDC, ReleaseDC, TrackMouseEvent, SetCursor, SetCapture, ReleaseCapture, DialogBoxParamW, EndDialog, GetDlgItem, GetUserObjectInformationW, SetWindowTextW, AdjustWindowRect, BeginPaint, EndPaint, CreateDesktopW, SetWindowLongW, InvalidateRect, GetParent, GetWindowRect, LoadIconW, LoadCursorW, RegisterClassExW, GetMessageW, LoadImageW, DestroyIcon, PostQuitMessage, DefWindowProcW, SetForegroundWindow, DrawIconEx, SystemParametersInfoW, MessageBoxW, GetMenuItemInfoW, SetMenuItemInfoW, GetCursorPos, TrackPopupMenu, GetMenuItemCount, DeleteMenu, EnableMenuItem, CheckMenuItem, InsertMenuItemW, DestroyMenu, CreatePopupMenu, SendMessageTimeoutW, FindWindowW, RegisterWindowMessageW, SendMessageW, IsWindow, PostMessageW, DestroyWindow, UpdateLayeredWindow, ShowWindow, SetWindowPos, CreateWindowExW, PeekMessageW, TranslateMessage, DispatchMessageW, GetClassNameW, EnumChildWindows, GetWindowThreadProcessId, EnumWindows, GetShellWindow, CreateIconIndirect, GetIconInfo, EnumDisplayMonitors, SetProcessWindowStation, GetWindowLongW, GetThreadDesktop, FlashWindow, IntersectRect, CopyRect, GetMonitorInfoW, MonitorFromWindow, GetKeyState, MoveWindow, SetFocus, CreateDialogParamW, BringWindowToTop, GetSystemMenu, MapWindowPoints, GetForegroundWindow, PrivateExtractIconsW, LockWorkStation, ExitWindowsEx, FindWindowExW, SetActiveWindow, MonitorFromRect, GetActiveWindow, UnregisterClassA, GetWindowDC, GetWindowTextLengthW, GetWindowTextW, EqualRect
userenv.dll
DestroyEnvironmentBlock, CreateEnvironmentBlock, GetUserProfileDirectoryW
version.dll
VerQueryValueW, GetFileVersionInfoW, GetFileVersionInfoSizeW
winhttp.dll
WinHttpOpen, WinHttpCloseHandle, WinHttpGetProxyForUrl
wininet.dll
DeleteUrlCacheEntryW, InternetQueryOptionW
winmm.dll
timeEndPeriod, timeGetTime, timeBeginPeriod
ws2_32.dll
freeaddrinfo, getaddrinfo
wtsapi32.dll
WTSDisconnectSession

pokki.exe

Pokki by Pokki (Signed)

Remove pokki.exe
Version:   0.260.11.1
MD5:   138d246fab83b6c223785e1b31fd845d
SHA1:   0d718e63b43ca754e6ba4fc26dac348407dafefe
SHA256:   98a74c80a50ebd95d4465154c36166d9bdf6e2fd671c0a884f782bd668b53517

What is pokki.exe?

Pokki by SweetLabs is an online app store for Windows where users can browse and install various apps into the Pokki platform. The Pokki platform runs in in the background of Windows and checks the Pokki service for app updates amongst other things. Pokki adds the downloaded apps as well as the Pokki desktop button to the Windows task bar.

About pokki.exe (from Pokki)

Pokki is a free software download that brings fun and convenient apps to your desktop. Keep up to date with everything on Facebook, Tweet without opening a browser, or view beautiful photos on Instagr

DetailsDetails

File name:pokki.exe
Publisher:Pokki
Product name:Pokki
Typical file path:C:\users\user\appdata\local\pokki\v0.259\pokki.exe
File version:0.260.11.1
Size:7.17 MB (7,519,512 bytes)
Build date:6/5/2013 6:01 PM
Certificate
Issued to:Pokki
Authority (CA):VeriSign
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
Game Arcade
 SweetLabs, Inc.
40% remove
Game Arcade is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.
Pokki
 SweetLabs, Inc.
37% remove
The software is typically bundled with third party installers such as Open Candy and Download.com. "The Pokki platform provides users with rich HTML5 apps on their Windows desktop for the ultimate app experience on the PC. Categories of apps include games, social media, education, entertainment, music, photography and more."

BehaviorsBehaviors

Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'Pokki' → "C:\users\user\appdata\Local\Pokki\v0.259\pokki.exe"
Startup files (user) run once
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce'
  • 'Application Restart #4' → C:\users\user\appdata\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-
  • 'Application Restart #0' → C:\users\user\appdata\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-
  • 'Application Restart #1' → C:\users\user\appdata\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-
  • 'Application Restart #3' → C:\users\user\appdata\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-
Network connections
  • [TCP] 184.75.170.226:8890
  • [TCP] a23-77-202-17.deploy.static.akamaitechnologies.com (23.77.202.17:80)
  • [TCP] lhr14s20-in-f2.1e100.net (173.194.34.98:443)
  • [TCP] fa-in-f113.1e100.net (173.194.70.113:80)

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00460685%
    0.028634%
    Kernel CPU:0.00257529%
    0.013761%
    User CPU:0.00203156%
    0.014873%
    Kernel CPU time:145,250 ms/min
    100,923,805ms/min
    CPU cycles:7,289,915/sec
    17,470,203/sec
    Context switches:227/sec
    284/sec
    Memory
    Private memory:46.62 MB
    21.59 MB
    Private (maximum):148.34 MB
    Private (minimum):49.25 MB
    Non-paged memory:46.62 MB
    21.59 MB
    Virtual memory:297.07 MB
    140.96 MB
    Virtual memory (peak):346.08 MB
    169.69 MB
    Working set:82.83 MB
    18.61 MB
    Working set (peak):159.65 MB
    37.95 MB
    Page faults:11,435,647/min
    2,039/min
    I/O
    I/O read transfer:42.72 KB/sec
    1.02 MB/min
    I/O read operations:119/sec
    343/min
    I/O write transfer:4.28 KB/sec
    274.99 KB/min
    I/O write operations:35/sec
    227/min
    I/O other transfer:6.59 KB/sec
    448.09 KB/min
    I/O other operations:36/sec
    1,671/min
    Resource allocations
    Threads:18
    12
    Handles:487
    600
    GUI GDI count:108
    103
    GUI GDI peak:125
    142
    GUI USER count:47
    49
    GUI USER peak:54
    71

    BehaviorsProcess properties

    Integrety level:Untrusted
    Platform:64-bit
    Command lines:
    • "C:\users\user\appdata\local\pokki\engine\pokki.exe"
    • "C:\users\user\appdata\local\pokki\engine\pokki.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --enable-touch-events --lang=en-us --force-fieldtrials=asyncdns/disabled/conncountimpact/conn_count_6/connnectbackupjobs/connectbackupjobsenabled/dnsimpact/default_enabled_prefetch/forcecompositingmode/disable/globalsdch/global_enable_sdch/idleskttoimpact/idle_timeout_10/infinitecache/no/omniboxdisallowinlinehqp/
    • "C:\users\user\appdata\local\pokki\engine\pokki.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-us --force-fieldtrials=asyncdns/disabled/conncountimpact/conn_count_6/connnectbackupjobs/connectbackupjobsenabled/dnsimpact/default_enabled_prefetch/forcecompositingmode/disable/globalsdch/global_enable_sdch/idleskttoimpact/idle_timeout_10/infinitecache/no/omniboxdisallowinlinehqp/standard/omniboxsearchsuggest/7/oneclicksignin/
    • "C:\users\user\appdata\local\pokki\engine\pokki.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-us --force-fieldtrials=asyncdns/disabled/conncountimpact/conn_count_6/connnectbackupjobs/connectbackupjobsenabled/dnsimpact/default_enabled_prefetch/forcecompositingmode/disable/globalsdch/global_enable_sdch/idleskttoimpact/idle_timeout_10/infinitecache/no/omniboxdisallowinlinehqp/standard/omniboxsearchsuggest/19/oneclicksigni
    • "C:\users\user\appdata\local\pokki\engine\pokki.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-us --force-fieldtrials=asyncdns/disabled/conncountimpact/conn_count_6/connnectbackupjobs/connectbackupjobsenabled/dnsimpact/default_enabled_prefetch/forcecompositingmode/disable/globalsdch/global_enable_sdch/idleskttoimpact/idle_timeout_10/infinitecache/no/interstitialmalware310/default/interstitialphishing564/default/intersti
    • "C:\users\user\appdata\local\pokki\engine\pokki.exe" --type=plugin --plugin-path="C:\users\user\appdata\locallow\unity\webplayer\loader\npunity3d32.dll" --disable-breakpad --disable-logging --lang=en-us --channel="3980.391.920462894\1216665053" --noerrdialogs /prefetcC:4
    • "C:\users\user\appdata\local\pokki\engine\pokki.exe" --type=plugin --plugin-path="C:\windows\syswow64\macromed\flash\npswf32_11_9_900_117.dll" --disable-breakpad --disable-logging --lang=en-us --channel="3980.284.975970913\2089365812" --noerrdialogs /prefetcC:4
    • (14 more)
    Owner:User
    Parent processes:

    ResourcesThreads

    Averages
     
    pokki.exe (main module)
    Total CPU:0.40160601%
    0.272967%
    Kernel CPU:0.04890026%
    0.107585%
    User CPU:0.35270575%
    0.165382%
    CPU cycles:9,536,240/sec
    5,741,424/sec
    Context switches:3/sec
    79/sec
    Memory:7.21 MB
    1.16 MB
    ntdll.dll
    Total CPU:0.06019090%
    Kernel CPU:0.02891700%
    User CPU:0.03127390%
    CPU cycles:1,941,055/sec
    Memory:1.66 MB
    wow64win.dll
    Total CPU:0.04852679%
    Kernel CPU:0.01486569%
    User CPU:0.03366110%
    CPU cycles:2,297,044/sec
    Context switches:45/sec
    Memory:360 KB
    wow64cpu.dll
    Total CPU:0.02349883%
    Kernel CPU:0.00917922%
    User CPU:0.01431961%
    CPU cycles:2,903,152/sec
    Context switches:64/sec
    Memory:32 KB
    wow64.dll
    Total CPU:0.00011970%
    Kernel CPU:0.00005441%
    User CPU:0.00006529%
    CPU cycles:4,168/sec
    Memory:252 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Home Premium 24.68%
    Windows 8 Pro with Media Center 23.38%
    Windows 8 Pro 20.78%
    Windows 8 12.99%
    Windows 8.1 7.79%
    Windows Vista Home Premium 2.60%
    Windows 7 Ultimate 2.60%
    Windows 7 Ultimate N 2.60%
    Windows 8.1 Single Language 1.30%
    Windows 8 Pro N 1.30%

    Distribution by countryDistribution by country

    United States installs about 38.16% of Pokki.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Toshiba 32.50%
    Acer 17.50%
    Dell 15.00%
    Hewlett-Packard 15.00%
    Intel 10.00%
    Alienware 5.00%
    Sony 2.50%
    ASUS 2.50%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE