home

ClassicStartMenu.exe

Classic Shell

Ivaylo Beltchev

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Classic Start Menu’.
Publisher:
IvoSoft  (signed by Ivaylo Beltchev)

Product:
Classic Shell

Description:
Classic Start Menu

Version:
4, 3, 0, 0

MD5:
9cde33981e26761cbc90822356af3ba3

SHA-1:
044d6e82ec6bc68f23c43af2f279d721bdcef38a

SHA-256:
769df2ded8a2dafe6e43edbfc61362e97bf711e13407f7a2ac0b0f1f2aac35e8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 2:55:06 AM UTC  (today)

File size:
160 KB (163,800 bytes)

Product version:
4, 3, 0, 0

Copyright:
Copyright (C) 2009-2016, Ivo Beltchev

Original file name:
ClassicStartMenu.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\classic shell\classicstartmenu.exe

Digital Signature
Signed by:
Ivaylo Beltchev

Authority:
StartCom Ltd.

Valid from:
5/17/2016 11:54:48 AM

Valid to:
5/17/2018 11:54:48 AM

Subject:
CN=Ivaylo Beltchev, O=Ivaylo Beltchev, L=Redmond, S=Washington, C=US

Issuer:
CN=StartCom Class 2 Object CA, OU=StartCom Certification Authority, O=StartCom Ltd., C=IL

Serial number:
18213FEE20909C5FC5A530BD2479CF37

File PE Metadata
Compilation timestamp:
7/30/2016 6:04:45 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x6470

Entry point:
48, 83, EC, 28, E8, E3, 4A, 00, 00, 48, 83, C4, 28, E9, 1A, FE, FF, FF, CC, CC, 48, 83, 61, 08, 00, 83, 61, 10, 00, 48, 8D, 05, 0C, 02, 01, 00, 48, 89, 01, 48, 8B, C1, C3, CC, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 48, 8D, 05, EE, 01, 01, 00, 48, 8B, D9, 48, 8B, FA, 48, 89, 01, 48, 8B, 0A, 48, 85, C9, 74, 2B, E8, B8, 0C, 00, 00, 48, 8B, F0, 48, 8D, 48, 01, E8, 10, FC, FF, FF, 48, 89, 43, 08, 48, 85, C0, 74, 16, 4C, 8B, 07, 48, 8D, 56, 01, 48, 8B, C8, E8, 24, 4B, 00, 00, EB, 05, 48, 83...
 
[+]

Code size:
77.5 KB (79,360 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Classic Start Menu

Command:
"C:\Program Files\classic shell\classicstartmenu.exe" -autorun


Scan ClassicStartMenu.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.