home

ClassicStartMenu.exe

Classic Shell

Ivaylo Beltchev

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Classic Start Menu’.
Publisher:
IvoSoft  (signed by Ivaylo Beltchev)

Product:
Classic Shell

Description:
Classic Start Menu

Version:
4, 2, 4, 0

MD5:
e2055347242433134bf3701768cc3fd5

SHA-1:
149de23e99f3acdf793ac433c56107347c946f31

SHA-256:
f5d69aafc5362838d354b87def9f6b24cd10e8b010b2d7f32cb7034d496432c9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/2/2024 1:36:42 PM UTC  (today)

File size:
145.9 KB (149,440 bytes)

Product version:
4, 2, 4, 0

Copyright:
Copyright (C) 2009-2015, Ivo Beltchev

Original file name:
ClassicStartMenu.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\classic shell\classicstartmenu.exe

Digital Signature
Signed by:
Ivaylo Beltchev

Authority:
StartCom Ltd.

Valid from:
6/27/2015 7:44:27 PM

Valid to:
6/27/2017 11:34:40 AM

Subject:
E=ivo@ibeltchev.com, CN=Ivaylo Beltchev, L=Redmond, S=Washington, C=US

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
12195DA0266A2B

File PE Metadata
Compilation timestamp:
8/9/2015 11:32:41 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x56B0

Entry point:
E8, B5, 50, 00, 00, E9, 79, FE, FF, FF, 8B, C1, 83, 60, 04, 00, 83, 60, 08, 00, C7, 00, C8, 3D, 41, 00, C3, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 56, 57, 8B, F9, C7, 07, C8, 3D, 41, 00, 8B, 03, 85, C0, 74, 26, 50, E8, 76, 0F, 00, 00, 8B, F0, 46, 56, E8, 95, FC, FF, FF, 59, 59, 89, 47, 04, 85, C0, 74, 12, FF, 33, 56, 50, E8, FB, 50, 00, 00, 83, C4, 0C, EB, 04, 83, 67, 04, 00, C7, 47, 08, 01, 00, 00, 00, 8B, C7, 5F, 5E, 5B, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 8B, C1, 8B, 4D, 08, C7, 00, C8, 3D, 41, 00, 8B, 09...
 
[+]

Code size:
70 KB (71,680 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Classic Start Menu

Command:
"C:\Program Files\classic shell\classicstartmenu.exe" -autorun


Scan ClassicStartMenu.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.