home

GoogleUpdaterService.exe

Google Updater

Google Inc

It runs as a separate (within the context of its own process) windows Service named “Google Software Updater”.
Publisher:
Google  (signed by Google Inc)

Product:
Google Updater

Description:
gusvc

Version:
2.4.2617.4952.beta

MD5:
4724b1aabb8028ecb0a52a0e084052e5

SHA-1:
3e81ae0215016d4f4deb0d29c9f8f266cf208542

SHA-256:
657e88f86a823379d84fbee66e386b5c575214773b730c93498abcd92e25cf3a

Scanner detections:
16 / 68

Status:
Clean  (16 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/26/2024 7:20:17 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Win32/ChiHack.6652
2013.05.12

avast!
Win32:Runonce [Trj]
2014.9-160215

Clam AntiVirus
WIN.Worm.Brontok
0.98/18155

Comodo Security
EmailWorm.Win32.Runonce.~v001
16237

Dr.Web
Win32.Runonce.6652
9.0.1.046

F-Prot
W32/Thecid.B@mm
v6.4.7.1.166

F-Secure
Virus:W32/Runouce.gen!A
11.2016-15-02_2

IKARUS anti.virus
Email-Worm.Win32.Runouce
t3scan.2.0.0.0

K7 AntiVirus
EmailWorm
13.166.8668

Malwarebytes
Virus.Chir
v2016.02.15.06

Norman
Malware
11.20160215

Quick Heal
W32.Runouce.B
2.16.12.00

Rising Antivirus
PE:Worm.Chir!6.1232 [F]
23.00.65.16213

Sophos
W32/Chir-A
4.89

Vba32 AntiVirus
Virus.Win32.Chur.A
3.12.22.0

VIPRE Antivirus
Win32.chir.b
17656

File size:
189.5 KB (194,032 bytes)

Product version:
2.4.2617.4952.beta

Copyright:
©2005-2006 Google. All Rights Reserved.

Original file name:
GoogleUpdaterService.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\google\common\google updater\googleupdaterservice.exe

Digital Signature
Signed by:
Google Inc

Authority:
VeriSign, Inc.

Valid from:
11/14/2011 7:00:00 AM

Valid to:
11/14/2014 6:59:59 AM

Subject:
CN=Google Inc, OU=Digital ID Class 3 - Java Object Signing, O=Google Inc, L=Mountain View, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
09E28B26DB593EC4E73286B66499C370

File PE Metadata
Compilation timestamp:
3/3/2012 4:13:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:RRa61HsUZqyZjLnB4/A0/bp+ho5vUX00h7XcZWKaaiay5Oq+6wtwcxy:RM6TZq2RuAebpeo5u00SZ1aa956wtwOy

Entry address:
0x11E48

Entry point:
E8, FC, 57, 00, 00, E9, 17, FE, FF, FF, 8B, 44, 24, 04, 53, 8B, 5C, 24, 0C, 66, 83, 3B, 00, 57, 8B, F8, 74, 45, 0F, B7, 08, 66, 85, C9, 74, 3B, 0F, B7, D1, 2B, C3, 66, 85, D2, 8B, 4C, 24, 10, 74, 1B, 0F, B7, 11, 66, 85, D2, 74, 2A, 0F, B7, 1C, 08, 0F, B7, D2, 2B, DA, 75, 08, 41, 41, 66, 39, 1C, 08, 75, E5, 66, 83, 39, 00, 74, 11, 47, 47, 0F, B7, 17, 40, 40, 66, 85, D2, 75, CA, 33, C0, 5F, 5B, C3, 8B, C7, EB, F9, 8B, 44, 24, 04, 66, 8B, 54, 24, 08, EB, 07, 66, 3B, CA, 74, 11, 40, 40, 0F, B7, 08, 66, 85, C9...
 
[+]

Entropy:
6.3745

Code size:
125 KB (128,000 bytes)

Service
Display name:
Google Software Updater

Service name:
gusvc

Description:
Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may aris

Type:
Win32OwnProcess

Depends on:
RPCSS


Scan GoogleUpdaterService.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.