» googletoolbaruser_32.exe
Overview
Analysis
File Details

googletoolbaruser_32.exe

Google Toolbar for Internet Explorer

The executable googletoolbaruser_32.exe, “Google Toolbar Broker” has been detected as malware by 11 anti-virus scanners.

File name:

Publisher:

Google Inc.* (Invalid match)

Product:

Google Toolbar for Internet Explorer

Description:

Google Toolbar Broker

Version:

7, 5, 5111, 1712

MD5:

3d2467dc89dbf65b245510b9cb21e8cf

SHA-1:

d605f9894b333cc09f9834995bc22134e86c67a9

SHA-256:

eb763023fbc57dd6ea9c632c1fcd936ca2dbc51baa64f4e2672b622a67b5950e

Scanner detections:

11 / 68

Status:

Malware

Analysis date:

4/24/2024 11:56:57 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Avira AntiVirus

W32/Chir.B

7.11.30.172

avast!

Win32:Oncer

2014.9-151009

AVG

Win32/Chir.B@mm

2016.0.2962

Bkav FE

W32.ChirBPE

1.3.0.4959

Dr.Web

Win32.Runonce.6652

9.0.1.0282

ESET NOD32

Win32/Chir.B virus

9.7.0.302.0

F-Prot

W32/Thecid.B@mm

v6.4.6.5.141

Kaspersky

Email-Worm.Win32.Runouce

14.0.0.1303

Microsoft Security Essentials

Threat.Undefined

1.175.1935.0

MicroWorld eScan

Win32.Runouce.B@mm

16.0.0.846

VIPRE Antivirus

Threat.219451

29708

File size:

296 KB (303,104 bytes)

Product version:

7, 5, 5111, 1712

Original file name:

GoogleToolbarUser.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\google\google toolbar\googletoolbaruser_32.exe

File PE Metadata

Compilation timestamp:

3/11/2014 6:28:48 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:CzHSbomEo2rlEbS/iqAFqfgKlQwQQtBo184Tz/gg5BlMI:CzHSbomEo2rlEBnqftlQwQQtBo184TUN

Entry address:

0x112F0

Entry point:

E8, 36, 60, 00, 00, E9, 17, FE, FF, FF, 55, 8B, EC, 83, EC, 20, 56, 33, F6, 39, 75, 0C, 75, 1D, E8, D4, 3B, 00, 00, 56, 56, 56, 56, 56, C7, 00, 16, 00, 00, 00, E8, F4, 03, 00, 00, 83, C4, 14, 83, C8, FF, EB, 27, FF, 75, 14, 8D, 45, E0, FF, 75, 10, C7, 45, E4, FF, FF, FF, 7F, FF, 75, 0C, C7, 45, EC, 42, 00, 00, 00, 50, 89, 75, E8, 89, 75, E0, FF, 55, 08, 83, C4, 10, 5E, C9, C3, FF, 74, 24, 08, 6A, 00, FF, 74, 24, 0C, 68, 69, 75, 41, 00, E8, 97, FF, FF, FF, 83, C4, 10, C3, 55, 8B, EC, 83, EC, 20, 53, 33, DB... 
[+]

Code size:

185.5 KB (189,952 bytes)

Remove googletoolbaruser_32.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.