Should I block it?

45%
45% of PCs block this file from running.
Possible reason:
Performance resource utilization

VersionsAdditional versions

0.267.1.208 5.19%
0.266.1.172 5.19%
0.266.1.155 1.30%
0.266.0.377 5.19%
0.265.14.331 1.30%
0.263.14.1 1.30%
0.260.11.1 29.87%
0.260.11.1 1.30%
0.260.9.16 20.78%
0.260.9.16 1.30%
0.260.9.16 12.99%
0.260.9.16 1.30%
0.260.9.16 1.30%
0.260.2.300 1.30%
0.260.2.300 1.30%
0.260.2.300 5.19%
0.260.2.250 1.30%
0.259.0.47 1.30%
0.257.0.35 1.30%

Relationships


PE structurePE file structure

Show functions
Import table
advapi32.dll
RegQueryValueExW, RegDeleteValueW, RegOpenKeyExW, RegSetValueExW, RegCloseKey, RegDisablePredefinedCache, RegCreateKeyW, RegOpenKeyW, GetSidSubAuthority, RegEnumValueW, RevertToSelf, SetSecurityInfo, GetSecurityDescriptorSacl, ConvertStringSecurityDescriptorToSecurityDescriptorW, SetTokenInformation, GetLengthSid, ConvertStringSidToSidW, OpenProcessToken, SetThreadToken, CreateProcessAsUserW, RegCreateKeyExW, CreateRestrictedToken, DuplicateTokenEx, DuplicateToken, EqualSid, GetTokenInformation, LookupPrivilegeValueW, SetEntriesInAclW, GetSecurityInfo, CreateWellKnownSid, CopySid, RegQueryValueExA, RegOpenKeyExA, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, GetCurrentHwProfileW, GetUserNameW, AdjustTokenPrivileges, RegDeleteKeyW, GetTraceLoggerHandle, RegisterEventSourceA, ReportEventA, DeregisterEventSource, RegisterTraceGuidsW, TraceEvent, UnregisterTraceGuids, GetTraceEnableFlags, GetTraceEnableLevel, GetSidSubAuthorityCount, RegNotifyChangeKeyValue, RegEnumKeyExW, RegQueryInfoKeyW, ConvertSidToStringSidW, RegEnumKeyW
comdlg32.dll
GetSaveFileNameW
crypt32.dll
CryptMsgClose, CryptMsgGetParam, CertFindCertificateInStore, CertCloseStore, CertFreeCertificateContext, CryptQueryObject, CryptVerifyMessageSignature, CertGetCertificateContextProperty
dbghelp.dll
MiniDumpWriteDump, SymInitialize, SymFunctionTableAccess64, SymGetModuleBase64, StackWalk64, SymGetLineFromAddr64, SymSetOptions, SymFromAddr
gdi32.dll
GetPaletteEntries, CreateHalftonePalette, SetDIBColorTable, CreateBitmap, DeleteObject, BitBlt, GetObjectW, SelectObject, DeleteDC, CreateCompatibleDC, GetStockObject, GetDCOrgEx, GetClipBox, StretchBlt, SetBrushOrgEx, SetStretchBltMode, GdiFlush, CreateCompatibleBitmap, CreateDIBSection, GetDIBits, CreateSolidBrush, CreateFontIndirectW, SetTextColor, GetDeviceCaps, CreateDCA, GetBitmapBits, GetObjectA
gdiplus.dll
GdipDisposeImageAttributes, GdipDeleteGraphics, GdipDisposeImage, GdipCreateBitmapFromScan0, GdipCloneBrush, GdipDrawString, GdipCreateSolidFill, GdipDeleteFont, GdipCreateFont, GdipDeleteFontFamily, GdipGetGenericFontFamilySansSerif, GdipCreateFontFamilyFromName, GdipDeleteBrush, GdipCreateImageAttributes, GdipGetImageGraphicsContext, GdiplusStartup, GdipBitmapUnlockBits, GdipBitmapLockBits, GdipCreateBitmapFromFileICM, GdipCreateBitmapFromFile, GdipGetImagePalette, GdipGetImagePaletteSize, GdipGetImagePixelFormat, GdipGetImageHeight, GdipGetImageWidth, GdipCloneImage, GdipSetImageAttributesColorMatrix, GdipGraphicsClear, GdipRotateWorldTransform, GdipFree, GdipAlloc, GdipDrawImageI, GdipDrawImageRectRect, GdipTranslateWorldTransform, GdipCreateFromHDC, GdiplusShutdown, GdipSaveImageToFile, GdipGetImageEncodersSize, GdipGetImageEncoders, GdipCreateBitmapFromHBITMAP, GdipCreateBitmapFromHICON, GdipCreatePath, GdipDeletePath, GdipFlush, GdipSetImageAttributesWrapMode, GdipSetStringFormatFlags, GdipSetStringFormatTrimming, GdipClosePathFigures, GdipCreatePen1, GdipDeletePen, GdipCreateStringFormat, GdipSetClipRectI, GdipDrawImageRectRectI, GdipDrawImage, GdipMeasureString, GdipFillPath, GdipFillEllipse, GdipFillRectangle, GdipDrawRectangle, GdipDrawLines, GdipDrawLine, GdipSetSmoothingMode, GdipSetInterpolationMode, GdipSetTextRenderingHint, GdipSetCompositingQuality, GdipSetCompositingMode, GdipCreateFromHWNDICM, GdipCreateFromHWND, GdipAddPathLine, GdipDeleteStringFormat, GdipBitmapSetPixel, GdipBitmapGetPixel
kernel32.dll
DllMain
msimg32.dll
AlphaBlend
netapi32.dll
NetWkstaGetInfo
ole32.dll
StringFromGUID2, CoInitialize, OleUninitialize, CoTaskMemFree, OleInitialize, CoCreateInstance, CoCreateGuid, CoTaskMemAlloc, CoInitializeEx, CoUninitialize, PropVariantClear
powrprof.dll
GetPwrCapabilities, SetSuspendState
psapi.dll
GetProcessImageFileNameW, GetProcessMemoryInfo, QueryWorkingSet
rpcrt4.dll
UuidToStringW, RpcStringFreeW
secur32.dll
GetUserNameExW
shell32.dll
SHGetFolderPathW, ShellExecuteW, SHFileOperationW, CommandLineToArgvW, Shell_NotifyIconW, SHLoadInProc, SHBrowseForFolderW, SHGetPathFromIDListW, ShellExecuteExW, SHGetSpecialFolderPathW, SHGetFileInfoW, SHGetFolderLocation, SHParseDisplayName, SHGetDesktopFolder, SHGetMalloc, SHAppBarMessage, SHGetSettings, SHCreateDirectoryExW
shlwapi.dll
StrStrIW, StrChrIW, StrCpyW, StrRetToBufW, StrCmpW, SHStrDupW, SHDeleteKeyW
urlmon.dll
URLOpenStreamW
user32.dll
GetProcessWindowStation, CreateWindowStationW, UserHandleGrantAccess, CloseDesktop, CloseWindowStation, WaitForInputIdle, wsprintfW, CharUpperW, GetClassInfoExW, ClientToScreen, RedrawWindow, UpdateWindow, GetTopWindow, GetCapture, SetTimer, SetMenuDefaultItem, LoadMenuW, GetSubMenu, LoadStringW, KillTimer, EnableWindow, ScreenToClient, SetRect, GetWindow, IsWindowVisible, IsChild, GetDesktopWindow, GetClientRect, OffsetRect, SystemParametersInfoA, IsIconic, GetWindowPlacement, GetSystemMetrics, GetDC, ReleaseDC, TrackMouseEvent, SetCursor, SetCapture, ReleaseCapture, DialogBoxParamW, EndDialog, GetDlgItem, GetUserObjectInformationW, SetWindowTextW, AdjustWindowRect, BeginPaint, EndPaint, CreateDesktopW, SetWindowLongW, InvalidateRect, GetParent, GetWindowRect, LoadIconW, LoadCursorW, RegisterClassExW, GetMessageW, LoadImageW, DestroyIcon, PostQuitMessage, DefWindowProcW, SetForegroundWindow, DrawIconEx, SystemParametersInfoW, MessageBoxW, GetMenuItemInfoW, SetMenuItemInfoW, GetCursorPos, TrackPopupMenu, GetMenuItemCount, DeleteMenu, EnableMenuItem, CheckMenuItem, InsertMenuItemW, DestroyMenu, CreatePopupMenu, SendMessageTimeoutW, FindWindowW, RegisterWindowMessageW, SendMessageW, IsWindow, PostMessageW, DestroyWindow, UpdateLayeredWindow, ShowWindow, SetWindowPos, CreateWindowExW, PeekMessageW, TranslateMessage, DispatchMessageW, GetClassNameW, EnumChildWindows, GetWindowThreadProcessId, EnumWindows, GetShellWindow, CreateIconIndirect, GetIconInfo, EnumDisplayMonitors, SetProcessWindowStation, GetWindowLongW, GetThreadDesktop, FlashWindow, IntersectRect, CopyRect, GetMonitorInfoW, MonitorFromWindow, GetKeyState, MoveWindow, SetFocus, CreateDialogParamW, BringWindowToTop, GetSystemMenu, MapWindowPoints, GetForegroundWindow, PrivateExtractIconsW, LockWorkStation, ExitWindowsEx, FindWindowExW, SetActiveWindow, MonitorFromRect, GetActiveWindow, UnregisterClassA, GetWindowDC, GetWindowTextLengthW, GetWindowTextW, EqualRect
userenv.dll
DestroyEnvironmentBlock, CreateEnvironmentBlock, GetUserProfileDirectoryW
version.dll
VerQueryValueW, GetFileVersionInfoW, GetFileVersionInfoSizeW
winhttp.dll
WinHttpOpen, WinHttpCloseHandle, WinHttpGetProxyForUrl
wininet.dll
DeleteUrlCacheEntryW, InternetQueryOptionW
winmm.dll
timeEndPeriod, timeGetTime, timeBeginPeriod
ws2_32.dll
freeaddrinfo, getaddrinfo
wtsapi32.dll
WTSDisconnectSession

pokki.exe

Pokki by Pokki (Signed)

Remove pokki.exe
Version:   0.260.9.16
MD5:   15f0d9aec7a2b1d5a0fba3fb5a575215
SHA1:   b14f24041f662741b6ef8db687c934e96bdca32b
SHA256:   d90709dca5274c2431b75d6607ef6be89ba2ce065ca246b081834a1bb3b928c3

What is pokki.exe?

Pokki by SweetLabs is an online app store for Windows where users can browse and install various apps into the Pokki platform. The Pokki platform runs in in the background of Windows and checks the Pokki service for app updates amongst other things. Pokki adds the downloaded apps as well as the Pokki desktop button to the Windows task bar.

About pokki.exe (from Pokki)

Pokki is a free software download that brings fun and convenient apps to your desktop. Keep up to date with everything on Facebook, Tweet without opening a browser, or view beautiful photos on Instagr

DetailsDetails

File name:pokki.exe
Publisher:Pokki
Product name:Pokki
Typical file path:C:\users\user\appdata\local\pokki\v0.259\pokki.exe
File version:0.260.9.16
Size:5.38 MB (5,639,448 bytes)
Certificate
Issued to:Pokki
Authority (CA):VeriSign
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
SweetLabs, Inc.
37% remove
The software is typically bundled with third party installers such as Open Candy and Download.com. "The Pokki platform provides users with rich HTML5 apps on their Windows desktop for the ultimate app experience on the PC. Categories of apps include games, social media, education, entertainment, music, photography and more."

BehaviorsBehaviors

Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'Pokki' → "C:\users\user\appdata\Local\Pokki\v0.259\pokki.exe"
Startup files (user) run once
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce'
  • 'Application Restart #4' → C:\users\user\appdata\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-
  • 'Application Restart #0' → C:\users\user\appdata\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-
  • 'Application Restart #1' → C:\users\user\appdata\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-
  • 'Application Restart #3' → C:\users\user\appdata\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-
Network connections
  • [TCP] 178.132.81.57:443
  • [TCP] del01s05-in-f22.1e100.net (74.125.236.22:443)
  • [TCP] bk-in-f91.1e100.net (173.194.69.91:443)

  • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00149677%
    0.028634%
    Kernel CPU:0.00080474%
    0.013761%
    User CPU:0.00069202%
    0.014873%
    Kernel CPU time:16,109,042 ms/min
    100,923,805ms/min
    CPU cycles:8,707,604/sec
    17,470,203/sec
    Context switches:148/sec
    284/sec
    Memory
    Private memory:31.95 MB
    21.59 MB
    Private (maximum):56.17 MB
    Private (minimum):37.07 MB
    Non-paged memory:31.95 MB
    21.59 MB
    Virtual memory:248.54 MB
    140.96 MB
    Virtual memory (peak):270.79 MB
    169.69 MB
    Working set:46.08 MB
    18.61 MB
    Working set (peak):59.07 MB
    37.95 MB
    Page faults:4,590,284/min
    2,039/min
    I/O
    I/O read transfer:37.8 KB/sec
    1.02 MB/min
    I/O read operations:66/sec
    343/min
    I/O write transfer:3.62 KB/sec
    274.99 KB/min
    I/O write operations:94/sec
    227/min
    I/O other transfer:3.55 KB/sec
    448.09 KB/min
    I/O other operations:27/sec
    1,671/min
    Resource allocations
    Threads:17
    12
    Handles:591
    600
    GUI GDI count:120
    103
    GUI GDI peak:127
    142
    GUI USER count:57
    49
    GUI USER peak:62
    71

    BehaviorsProcess properties

    Integrety level:Low
    Platform:64-bit
    Command lines:
    • "C:\users\user\appdata\local\pokki\v0.260.10.204\pokki.exe"
    • "C:\users\user\appdata\local\pokki\v0.260.10.204\pokki.exe" --type=renderer --disable-accelerated-compositing --lang=en-us --disable-client-side-phishing-detection --enable-nacl --channel=4640.04f8d780.714425218 /prefetcC:3
    • "C:\users\user\appdata\local\pokki\v0.260.10.204\pokki.exe" --type=renderer --disable-accelerated-compositing --lang=en-us --disable-client-side-phishing-detection --enable-nacl --channel=3204.04c8b780.1822011700 /prefetcC:3
    • "C:\users\user\appdata\local\pokki\v0.260.10.204\pokki.exe" --type=renderer --disable-accelerated-compositing --lang=en-us --disable-client-side-phishing-detection --enable-nacl --channel=2732.0a3a2c00.421821334 /prefetcC:3
    • "C:\users\user\appdata\local\pokki\v0.260.10.204\pokki.exe" --type=renderer --disable-accelerated-compositing --lang=en-us --disable-client-side-phishing-detection --enable-nacl --channel=2732.059ea600.1798349960 /prefetcC:3
    • "C:\users\user\appdata\local\pokki\v0.260.10.204\pokki.exe" --type=renderer --disable-accelerated-compositing --lang=en-us --disable-client-side-phishing-detection --enable-nacl --channel=23096.0a371780.411103349 /prefetcC:3
    • "C:\users\user\appdata\local\pokki\v0.260.10.204\pokki.exe" --type=renderer --disable-accelerated-compositing --lang=en-us --disable-client-side-phishing-detection --enable-nacl --channel=23096.06b99780.1868049419 /prefetcC:3
    • (8 more)
    Owner:User
    Parent processes:

    ResourcesThreads

    Averages
     
    pokki.exe (main module)
    Total CPU:0.05553957%
    0.272967%
    Kernel CPU:0.04512210%
    0.107585%
    User CPU:0.01041747%
    0.165382%
    CPU cycles:2,191,561/sec
    5,741,424/sec
    Context switches:3/sec
    79/sec
    Memory:5.41 MB
    1.16 MB
    wow64.dll
    Total CPU:0.00198066%
    Kernel CPU:0.00092013%
    User CPU:0.00106053%
    CPU cycles:1,757,115/sec
    Context switches:14/sec
    Memory:276 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Home Premium 24.68%
    Windows 8 Pro with Media Center 23.38%
    Windows 8 Pro 20.78%
    Windows 8 12.99%
    Windows 8.1 7.79%
    Windows Vista Home Premium 2.60%
    Windows 7 Ultimate 2.60%
    Windows 7 Ultimate N 2.60%
    Windows 8.1 Single Language 1.30%
    Windows 8 Pro N 1.30%

    Distribution by countryDistribution by country

    United States installs about 38.16% of Pokki.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Toshiba 32.50%
    Acer 17.50%
    Dell 15.00%
    Hewlett-Packard 15.00%
    Intel 10.00%
    Alienware 5.00%
    Sony 2.50%
    ASUS 2.50%
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE