home

googledesktopsetup.exe

Google Desktop

Google

The executable googledesktopsetup.exe has been detected as malware by 3 anti-virus scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source.
Publisher:
Google

Product:
Google Desktop

Version:
5.7.807.15159

MD5:
e980dba554802ce5329689da3959135e

SHA-1:
738c08c67aae80449e3aece6d84842624e0f65b2

SHA-256:
efd79c90cba078b523838b2a4a468310f0233459bf7941e1af08a29c14955710

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
4/16/2024 7:03:27 PM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
PUA.Packed.PECompact-1
0.98/18155

Comodo Security
Heur.Suspicious
11377

Reason Heuristics
Unnamed.Threat.12
14.3.6.21

File size:
4.7 MB (4,961,280 bytes)

Product version:
5.7.807.15159

Copyright:
Copyright (c) 2003-08 Google. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Language:
Greek (Greece)

Common path:
C:\Program Files\google\google desktop search\googledesktopsetup.exe

File PE Metadata
Compilation timestamp:
7/15/2008 2:16:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:vA05dB3RsS1t7y32k5YHD/0bby41esbLaMcxpIC0tQ0ZkXaWm:vHDB3uS1t7yGk5YIbbTyMzC0tQTKWm

Entry address:
0x35140

Entry point:
B8, 88, 1E, CF, 01, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 62, 48, 44, 7B, 49, 92, 79, A6, 23, DF, 8B, 42, 20, 3F, A0, 40, 58, 9C, C7, FA, 50, 57, 6B, 2F, 86, 34, 59, A8, 04, A7, 55, EC, E7, CC, 95, FD, E3, 41, 3B, 92, 4A, 00, 69, AC, B3, 68, B8, 33, 63, AD, 9B, 1E, E7, 6C, AB, E2, 36, 62, 7F, E5, DA, 6A, 8B, E2, FD, 9D, 02, 2F, A6, 23, 34, 3B, 52, A6, C6, D4, 62, B6, 7C, B7, D0, 1D, 1C, A0, 19, 21, 7F, 84, 61, 0D, 29, 03, 04...
 
[+]

Entropy:
7.9964

Packer / compiler:
PECompact v2

Code size:
227 KB (232,448 bytes)

Remove googledesktopsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.