Should I block it?

45%
45% of PCs block this file from running.
Possible reason:
Performance resource utilization

VersionsAdditional versions

0.267.1.208 5.19%
0.266.1.172 5.19%
0.266.1.155 1.30%
0.266.0.377 5.19%
0.265.14.331 1.30%
0.263.14.1 1.30%
0.260.11.1 29.87%
0.260.11.1 1.30%
0.260.9.16 20.78%
0.260.9.16 1.30%
0.260.9.16 12.99%
0.260.9.16 1.30%
0.260.9.16 1.30%
0.260.2.300 1.30%
0.260.2.300 1.30%
0.260.2.300 5.19%
0.260.2.250 1.30%
0.259.0.47 1.30%
0.257.0.35 1.30%

Relationships

Parent process
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegQueryValueExW, RegDeleteValueW, RegOpenKeyExW, RegSetValueExW, RegCloseKey, RegDisablePredefinedCache, RegCreateKeyW, RegOpenKeyW, GetSidSubAuthority, RegEnumValueW, RevertToSelf, SetSecurityInfo, GetSecurityDescriptorSacl, ConvertStringSecurityDescriptorToSecurityDescriptorW, SetTokenInformation, GetLengthSid, ConvertStringSidToSidW, OpenProcessToken, SetThreadToken, CreateProcessAsUserW, RegCreateKeyExW, CreateRestrictedToken, DuplicateTokenEx, DuplicateToken, EqualSid, GetTokenInformation, LookupPrivilegeValueW, SetEntriesInAclW, GetSecurityInfo, CreateWellKnownSid, CopySid, RegQueryValueExA, RegOpenKeyExA, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, GetCurrentHwProfileW, GetUserNameW, AdjustTokenPrivileges, RegDeleteKeyW, GetTraceLoggerHandle, RegisterEventSourceA, ReportEventA, DeregisterEventSource, RegisterTraceGuidsW, TraceEvent, UnregisterTraceGuids, GetTraceEnableFlags, GetTraceEnableLevel, GetSidSubAuthorityCount, RegNotifyChangeKeyValue, RegEnumKeyExW, RegQueryInfoKeyW, ConvertSidToStringSidW, RegEnumKeyW
comdlg32.dll
GetSaveFileNameW
crypt32.dll
CryptMsgClose, CryptMsgGetParam, CertFindCertificateInStore, CertCloseStore, CertFreeCertificateContext, CryptQueryObject, CryptVerifyMessageSignature, CertGetCertificateContextProperty
dbghelp.dll
MiniDumpWriteDump, SymInitialize, SymFunctionTableAccess64, SymGetModuleBase64, StackWalk64, SymGetLineFromAddr64, SymSetOptions, SymFromAddr
gdi32.dll
GetPaletteEntries, CreateHalftonePalette, SetDIBColorTable, CreateBitmap, DeleteObject, BitBlt, GetObjectW, SelectObject, DeleteDC, CreateCompatibleDC, GetStockObject, GetDCOrgEx, GetClipBox, StretchBlt, SetBrushOrgEx, SetStretchBltMode, GdiFlush, CreateCompatibleBitmap, CreateDIBSection, GetDIBits, CreateSolidBrush, CreateFontIndirectW, SetTextColor, GetDeviceCaps, CreateDCA, GetBitmapBits, GetObjectA
gdiplus.dll
GdipDisposeImageAttributes, GdipDeleteGraphics, GdipDisposeImage, GdipCreateBitmapFromScan0, GdipCloneBrush, GdipDrawString, GdipCreateSolidFill, GdipDeleteFont, GdipCreateFont, GdipDeleteFontFamily, GdipGetGenericFontFamilySansSerif, GdipCreateFontFamilyFromName, GdipDeleteBrush, GdipCreateImageAttributes, GdipGetImageGraphicsContext, GdiplusStartup, GdipBitmapUnlockBits, GdipBitmapLockBits, GdipCreateBitmapFromFileICM, GdipCreateBitmapFromFile, GdipGetImagePalette, GdipGetImagePaletteSize, GdipGetImagePixelFormat, GdipGetImageHeight, GdipGetImageWidth, GdipCloneImage, GdipSetImageAttributesColorMatrix, GdipGraphicsClear, GdipRotateWorldTransform, GdipFree, GdipAlloc, GdipDrawImageI, GdipDrawImageRectRect, GdipTranslateWorldTransform, GdipCreateFromHDC, GdiplusShutdown, GdipSaveImageToFile, GdipGetImageEncodersSize, GdipGetImageEncoders, GdipCreateBitmapFromHBITMAP, GdipCreateBitmapFromHICON, GdipCreatePath, GdipDeletePath, GdipFlush, GdipSetImageAttributesWrapMode, GdipSetStringFormatFlags, GdipSetStringFormatTrimming, GdipClosePathFigures, GdipCreatePen1, GdipDeletePen, GdipCreateStringFormat, GdipSetClipRectI, GdipDrawImageRectRectI, GdipDrawImage, GdipMeasureString, GdipFillPath, GdipFillEllipse, GdipFillRectangle, GdipDrawRectangle, GdipDrawLines, GdipDrawLine, GdipSetSmoothingMode, GdipSetInterpolationMode, GdipSetTextRenderingHint, GdipSetCompositingQuality, GdipSetCompositingMode, GdipCreateFromHWNDICM, GdipCreateFromHWND, GdipAddPathLine, GdipDeleteStringFormat, GdipBitmapSetPixel, GdipBitmapGetPixel
kernel32.dll
DllMain
msimg32.dll
AlphaBlend
netapi32.dll
NetWkstaGetInfo
ole32.dll
StringFromGUID2, CoInitialize, OleUninitialize, CoTaskMemFree, OleInitialize, CoCreateInstance, CoCreateGuid, CoTaskMemAlloc, CoInitializeEx, CoUninitialize, PropVariantClear
powrprof.dll
GetPwrCapabilities, SetSuspendState
psapi.dll
GetProcessImageFileNameW, GetProcessMemoryInfo, QueryWorkingSet
rpcrt4.dll
UuidToStringW, RpcStringFreeW
secur32.dll
GetUserNameExW
shell32.dll
SHGetFolderPathW, ShellExecuteW, SHFileOperationW, CommandLineToArgvW, Shell_NotifyIconW, SHLoadInProc, SHBrowseForFolderW, SHGetPathFromIDListW, ShellExecuteExW, SHGetSpecialFolderPathW, SHGetFileInfoW, SHGetFolderLocation, SHParseDisplayName, SHGetDesktopFolder, SHGetMalloc, SHAppBarMessage, SHGetSettings, SHCreateDirectoryExW
shlwapi.dll
StrStrIW, StrChrIW, StrCpyW, StrRetToBufW, StrCmpW, SHStrDupW, SHDeleteKeyW
urlmon.dll
URLOpenStreamW
user32.dll
GetProcessWindowStation, CreateWindowStationW, UserHandleGrantAccess, CloseDesktop, CloseWindowStation, WaitForInputIdle, wsprintfW, CharUpperW, GetClassInfoExW, ClientToScreen, RedrawWindow, UpdateWindow, GetTopWindow, GetCapture, SetTimer, SetMenuDefaultItem, LoadMenuW, GetSubMenu, LoadStringW, KillTimer, EnableWindow, ScreenToClient, SetRect, GetWindow, IsWindowVisible, IsChild, GetDesktopWindow, GetClientRect, OffsetRect, SystemParametersInfoA, IsIconic, GetWindowPlacement, GetSystemMetrics, GetDC, ReleaseDC, TrackMouseEvent, SetCursor, SetCapture, ReleaseCapture, DialogBoxParamW, EndDialog, GetDlgItem, GetUserObjectInformationW, SetWindowTextW, AdjustWindowRect, BeginPaint, EndPaint, CreateDesktopW, SetWindowLongW, InvalidateRect, GetParent, GetWindowRect, LoadIconW, LoadCursorW, RegisterClassExW, GetMessageW, LoadImageW, DestroyIcon, PostQuitMessage, DefWindowProcW, SetForegroundWindow, DrawIconEx, SystemParametersInfoW, MessageBoxW, GetMenuItemInfoW, SetMenuItemInfoW, GetCursorPos, TrackPopupMenu, GetMenuItemCount, DeleteMenu, EnableMenuItem, CheckMenuItem, InsertMenuItemW, DestroyMenu, CreatePopupMenu, SendMessageTimeoutW, FindWindowW, RegisterWindowMessageW, SendMessageW, IsWindow, PostMessageW, DestroyWindow, UpdateLayeredWindow, ShowWindow, SetWindowPos, CreateWindowExW, PeekMessageW, TranslateMessage, DispatchMessageW, GetClassNameW, EnumChildWindows, GetWindowThreadProcessId, EnumWindows, GetShellWindow, CreateIconIndirect, GetIconInfo, EnumDisplayMonitors, SetProcessWindowStation, GetWindowLongW, GetThreadDesktop, FlashWindow, IntersectRect, CopyRect, GetMonitorInfoW, MonitorFromWindow, GetKeyState, MoveWindow, SetFocus, CreateDialogParamW, BringWindowToTop, GetSystemMenu, MapWindowPoints, GetForegroundWindow, PrivateExtractIconsW, LockWorkStation, ExitWindowsEx, FindWindowExW, SetActiveWindow, MonitorFromRect, GetActiveWindow, UnregisterClassA, GetWindowDC, GetWindowTextLengthW, GetWindowTextW, EqualRect
userenv.dll
DestroyEnvironmentBlock, CreateEnvironmentBlock, GetUserProfileDirectoryW
version.dll
VerQueryValueW, GetFileVersionInfoW, GetFileVersionInfoSizeW
winhttp.dll
WinHttpOpen, WinHttpCloseHandle, WinHttpGetProxyForUrl
wininet.dll
DeleteUrlCacheEntryW, InternetQueryOptionW
winmm.dll
timeEndPeriod, timeGetTime, timeBeginPeriod
ws2_32.dll
freeaddrinfo, getaddrinfo
wtsapi32.dll
WTSDisconnectSession

pokki.exe

Pokki by Pokki (Signed)

Remove pokki.exe
Version:   0.266.1.172
MD5:   d3f53c3fcba03e557424b48a32481980
SHA1:   7fa847413b974152c49cb3b77e2f351f3d87ce62

What is pokki.exe?

Pokki by SweetLabs is an online app store for Windows where users can browse and install various apps into the Pokki platform. The Pokki platform runs in in the background of Windows and checks the Pokki service for app updates amongst other things. Pokki adds the downloaded apps as well as the Pokki desktop button to the Windows task bar.

About pokki.exe (from Pokki)

Pokki is a free software download that brings fun and convenient apps to your desktop. Keep up to date with everything on Facebook, Tweet without opening a browser, or view beautiful photos on Instagr

DetailsDetails

File name:pokki.exe
Publisher:Pokki
Product name:Pokki
Typical file path:C:\users\user\appdata\local\pokki\v0.259\pokki.exe
File version:0.266.1.172
Size:7.87 MB (8,252,744 bytes)
Build date:11/1/2013 1:30 PM
Certificate
Issued to:Pokki
Authority (CA):VeriSign
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
Mini Morphs
 Pokki
20% remove
Game Arcade
 SweetLabs, Inc.
40% remove
Game Arcade is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.
Pixsta
 SweetLabs, Inc.
25% remove
Pixsta is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser. Some versions of the software are bundled with OpenCandy installers.
Yahoo! Mail
 SweetLabs, Inc.
19% remove
Yahoo! Mail is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.
Field Runners
 SweetLabs, Inc.
24% remove
Field Runners is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.
Little Alchemy
 SweetLabs, Inc.
18% remove
Little Alchemy is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.
Dragons of Atlantis
 SweetLabs, Inc.
48% remove
Dragons of Atlantis is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.
YouTube
 SweetLabs, Inc.
18% remove
YouTube is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.
Pirate Storm
 SweetLabs, Inc.
41% remove
Pirate Storm is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.
Toshiba Start
 SweetLabs, Inc.
42% remove
This is a white labeled version of Pokki.
Google Maps
 SweetLabs, Inc.
26% remove
Google Maps is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.
Zoomumba
 SweetLabs, Inc.
  52% remove
Zoomumba is a bundled HTML game that is bundled by Pokki.
Rising Cities
 SweetLabs, Inc.
42% remove
Rising Cities is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.
My To-Do List
 SweetLabs, Inc.
42% remove
My To-Do List is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.
Gateway Games
 SweetLabs, Inc.
42% remove
This is a white labeled version of Pokki for games packaghed with various models of Gateway PCs.
The Godfather
 SweetLabs, Inc.
48% remove
The Godfather is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.
Farmerama
 SweetLabs, Inc.
26% remove
Farmerama is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.
Tweeki
 SweetLabs, Inc.
35% remove
Tweeki is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.
Skyrama
 SweetLabs, Inc.
36% remove
Skyrama is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.
Google
 SweetLabs, Inc.
36% remove
Google is an app for the Pokki desktop platform. The app itself runs as an embedded HTML5 program within the Pokki software outside of the web browser.

BehaviorsBehaviors

Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'Pokki' → "C:\users\user\appdata\Local\Pokki\v0.259\pokki.exe"
Startup files (user) run once
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce'
  • 'Application Restart #4' → C:\users\user\appdata\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-
  • 'Application Restart #0' → C:\users\user\appdata\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-
  • 'Application Restart #1' → C:\users\user\appdata\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-
  • 'Application Restart #3' → C:\users\user\appdata\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-
Network connections
  • [TCP] www2.twitter.com (199.59.149.198:443)

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00099142%
    0.028634%
    Kernel CPU:0.00042370%
    0.013761%
    User CPU:0.00056772%
    0.014873%
    Kernel CPU time:241,791 ms/min
    100,923,805ms/min
    CPU cycles:1,612,009/sec
    17,470,203/sec
    Memory
    Private memory:79.58 MB
    21.59 MB
    Private (maximum):127.44 MB
    Private (minimum):50.08 MB
    Non-paged memory:79.58 MB
    21.59 MB
    Virtual memory:325.61 MB
    140.96 MB
    Virtual memory (peak):354.15 MB
    169.69 MB
    Working set:81.43 MB
    18.61 MB
    Working set (peak):135.97 MB
    37.95 MB
    Page faults:14,616,341/min
    2,039/min
    I/O
    I/O read transfer:1.25 MB/sec
    1.02 MB/min
    I/O read operations:1,291/sec
    343/min
    I/O write transfer:298.78 KB/sec
    274.99 KB/min
    I/O write operations:663/sec
    227/min
    I/O other transfer:26.32 KB/sec
    448.09 KB/min
    I/O other operations:458/sec
    1,671/min
    Resource allocations
    Threads:13
    12
    Handles:455
    600
    GUI GDI count:162
    103
    GUI GDI peak:173
    142
    GUI USER count:47
    49
    GUI USER peak:58
    71

    BehaviorsProcess properties

    Integrety level:Untrusted
    Platform:64-bit
    Command lines:
    • "C:\users\user\appdata\local\pokki\engine\pokki.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-us --force-fieldtrials=asyncdns/disabled/conncountimpact/conn_count_6/connnectbackupjobs/connectbackupjobsenabled/dnsimpact/default_enabled_prefetch/forcecompositingmode/disable/globalsdch/global_enable_sdch/idleskttoimpact/idle_timeout_10/infinitecache/no/omniboxdisallowinlinehqp/standard/omniboxsearchsuggest/16/oneclicksignin
    • "C:\users\user\appdata\local\pokki\engine\pokki.exe"
    • "C:\users\user\appdata\local\pokki\engine\pokki.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --enable-touch-events --lang=en-us --force-fieldtrials=asyncdns/disabled/conncountimpact/conn_count_6/connnectbackupjobs/connectbackupjobsenabled/dnsimpact/default_enabled_prefetch/forcecompositingmode/disable/globalsdch/global_enable_sdch/idleskttoimpact/idle_timeout_10/infinitecache/no/omniboxdisallowinlinehqp/standard/omniboxsearchsu
    • "C:\users\user\appdata\local\pokki\engine\pokki.exe" --type=plugin --plugin-path="C:\users\user\appdata\local\facebook\messenger\2.1.4814.0\npfbdesktopplugin.dll" --disable-breakpad --disable-logging --lang=en-us --channel="4996.191.43112312\2115795356" --noerrdialogs /prefetcC:4
    • "C:\users\user\appdata\local\pokki\engine\pokki.exe" --type=plugin --plugin-path="C:\windows\syswow64\macromed\flash\npswf32_11_9_900_117.dll" --disable-breakpad --disable-logging --lang=en-us --channel="4996.173.926189810\1658943318" --noerrdialogs /prefetcC:4
    • "C:\users\user\appdata\local\pokki\engine\pokki.exe" --type=gpu-process --channel="4996.17.605264743\1700256742" --disable-breakpad --disable-logging --noerrdialogs --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="intel corporation" --gpu-driver-version=10.18.10.3316 --ignored=" --type=renderer " --noerrdialogs /prefetcC:12
    Owner:User
    Parent processes:

    ResourcesThreads

    Averages
     
    pokki.exe (main module)
    Total CPU:0.31940161%
    0.272967%
    Kernel CPU:0.06010517%
    0.107585%
    User CPU:0.25929644%
    0.165382%
    CPU cycles:6,508,959/sec
    5,741,424/sec
    Context switches:23/sec
    79/sec
    Memory:7.9 MB
    1.16 MB
    wow64win.dll
    Total CPU:0.02452248%
    Kernel CPU:0.00966039%
    User CPU:0.01486209%
    CPU cycles:1,931,272/sec
    Context switches:60/sec
    Memory:416 KB
    wow64.dll
    Total CPU:0.01030104%
    Kernel CPU:0.00462704%
    User CPU:0.00567399%
    CPU cycles:1,179,058/sec
    Context switches:15/sec
    Memory:292 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Home Premium 24.68%
    Windows 8 Pro with Media Center 23.38%
    Windows 8 Pro 20.78%
    Windows 8 12.99%
    Windows 8.1 7.79%
    Windows Vista Home Premium 2.60%
    Windows 7 Ultimate 2.60%
    Windows 7 Ultimate N 2.60%
    Windows 8.1 Single Language 1.30%
    Windows 8 Pro N 1.30%

    Distribution by countryDistribution by country

    United States installs about 38.16% of Pokki.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Toshiba 32.50%
    Acer 17.50%
    Dell 15.00%
    Hewlett-Packard 15.00%
    Intel 10.00%
    Alienware 5.00%
    Sony 2.50%
    ASUS 2.50%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE