How to remove StartMenuIndexer.exe.vir
- File Details
- Overview
- Analysis
StartMenuIndexer.exe.vir
The module StartMenuIndexer.exe.vir has been detected as PUP.Pokki
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
60c881097f4d90adc991c27034712c5b |
| Size: |
2 MB |
| First Published: |
2017-05-21 22:06:17 (8 years ago) |
| Latest Published: |
2025-05-06 23:02:07 (2 weeks ago) |
| Status: |
PUP.Pokki (on last analysis) |
|
| Analysis Date: |
2025-05-06 23:02:07 (2 weeks ago) |
Overview
| Signed By: |
Pokki |
| Status: |
Valid |
| %localappdata%\pokki\engine |
| %appdata%\zhp\quarantine\pokki\pokki\engine |
| %sysdrive%\adwcleaner\quarantine\files\rsotlyhxseehpekdwtsolqxpayvwrbtx\engine |
| %sysdrive%\adwcleaner\quarantine\files\qtvvoantewfespnpphfxtqfgvkpxosea\engine |
| %sysdrive%\adwcleaner\quarantine\files\zkkcohtexeglkekgnljsecpaksxwzkpx\engine |
| %sysdrive%\adwcleaner\quarantine\idcdjoyapn\engine |
| %sysdrive%\adwcleaner\quarantine\exuieaoeii\engine |
| %sysdrive%\adwcleaner\quarantine\files\njbvoewgslwlyagsqmfxwamesodgwamd\engine |
| %sysdrive%\windows.old\users\default\appdata\local\pokki\engine |
| %sysdrive%\adwcleaner\quarantine\rqf69azbla\engine |
| StartMenuIndexer.exe |
| StartMenuIndexer.exe.vir |
| StartMenuIndexer.exe.pcpquar |
| StartMenuIndexer (1).exe |
| StartMenuIndexer (1).exe#5BC0A93D0E7B0344 |
| StartMenuIndexer.exe#2B03DA04D8077F8D |
| United Kingdom |
14.4% |
|
| Russia |
10.3% |
|
| Taiwan |
6.3% |
|
| France |
4.8% |
|
| United States |
4.8% |
|
| Germany |
4.8% |
|
| Spain |
4.7% |
|
| Poland |
4.6% |
|
| Turkey |
4.0% |
|
| Brazil |
3.9% |
|
| Italy |
2.7% |
|
| Malaysia |
2.5% |
|
| Czech Republic |
2.2% |
|
| Portugal |
2.0% |
|
| Philippines |
1.7% |
|
| Netherlands |
1.6% |
|
| Hong Kong |
1.4% |
|
| Norway |
1.4% |
|
| Slovakia |
1.4% |
|
| Canada |
1.4% |
|
| Australia |
1.3% |
|
| Vietnam |
1.3% |
|
| Kuwait |
1.0% |
|
| Denmark |
1.0% |
|
| Indonesia |
0.9% |
|
| Mexico |
0.9% |
|
| Greece |
0.9% |
|
| Ukraine |
0.8% |
|
| Switzerland |
0.8% |
|
| Belgium |
0.7% |
|
| Austria |
0.7% |
|
| China |
0.7% |
|
| Qatar |
0.7% |
|
| Sweden |
0.7% |
|
| Belarus |
0.7% |
|
| Japan |
0.5% |
|
| Colombia |
0.4% |
|
| Israel |
0.4% |
|
| India |
0.4% |
|
| Chile |
0.4% |
|
| Dominican Republic |
0.4% |
|
| Egypt |
0.3% |
|
| Ireland |
0.3% |
|
| Estonia |
0.3% |
|
| Hungary |
0.3% |
|
| Romania |
0.3% |
|
| Iran |
0.3% |
|
| Finland |
0.3% |
|
| Argentina |
0.3% |
|
| Thailand |
0.1% |
|
| Bulgaria |
0.1% |
|
| Croatia |
0.1% |
|
| Singapore |
0.1% |
|
| South Africa |
0.1% |
|
| United Arab Emirates |
0.1% |
|
| El Salvador |
0.1% |
|
| Jamaica |
0.1% |
|
| Saudi Arabia |
0.1% |
|
| Suriname |
0.1% |
|
| Uruguay |
0.1% |
|
| Windows 10 |
53.9% |
|
| Windows 8.1 |
46.1% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x001c1e60 |
| Name |
Size of data |
MD5 |
| .text |
2231808 |
0c98fbb51336e6d7c72b872f343994a0 |
| .rdata |
626688 |
8e5c6229ab4a1b453ea32659e930e625 |
| .data |
31232 |
20259c0d16264533cf315db4ae794a49 |
| .pdata |
134656 |
52f4ea38f9d7031e98f83bac1ed404a7 |
| .tls |
512 |
bf619eac0cdf3f68d496ea9344137e8b |
| text |
3072 |
ed31afc36fde37f86052439296fea013 |
| data |
10240 |
a6643ae545092962a14d7bee1a5b20fe |
| .rsrc |
58368 |
28bdafb7e658db23fc6394c912fb670c |
| .reloc |
12800 |
651193e72e2e502b13f1642325b352b3 |
