Should I block it?

98%
Yes, 98% block recommendation.
Possible reason:
Multiple malware detections

Relationships

google.exe

Remove google.exe
MD5:   7872efc3378ea863da263191e87f9a65
SHA1:   99019788f9699585104647e2ff253609eafb0212
SHA256:   2f6d28313af4f2e30f86e7c42e7a9155864b503093bfe9a324bb51ee4153b06b
Warning 23 antivirus scanners has detected malware.

Overview

google.exe is malware that executes as a process with the local user's privileges typically within the context of its parent winlogon.exe (Windows Logon Application by Microsoft). It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). This particular version is usually found on Windows 8 Pro (6.2.9200.0).

DetailsDetails

File name:google.exe
Typical file path:C:\Windows\System32\sys32\google.exe
Size:1.27 MB (1,327,104 bytes)
Digital DNA
PE subsystem:Windows GUI
File packed:Yes
.NET CLR:No
More details

BehaviorsBehaviors

Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'MicroUpdate' → C:\Windows\system32\sys32\google.exe
Network connections
  • [TCP] 41.100.162.196:81

  • MalwareMalware detections

    Based on 40+ industry antivirus scanners, 23 of them detected the following malware.
    Antivirus engineEngine versionDetection
    Avira AntiVir 7.11.61.188 TR/Symmi.3138.5
    avast! 6.0.1289.0 Win32:Malware-gen
    AVG 2014.0.3629 Suspicion: unknown virus
    BitDefender 7.2 Gen:Variant.Symmi.3138
    Comodo Internet Security 15299 Heur.Packed.MultiPacked
    Dr.Web 8.13.9.28 BackDoor.Comet.152
    Emsisoft Anti-Malware None Gen:Variant.Symmi.3138 (B)
    ESET NOD32 7.8024 a variant of Win32/Packed.MultiPacked.O
    Fortinet 5.0.43.0 W32/DarkKomet.AAFL!tr.bdr
    F-Secure 11.0.19020.35 Gen:Variant.Symmi.3138
    G Data 13.9.22 Gen:Variant.Symmi.3138
    Ikarus T3.1.4.0.0 Backdoor.Win32.Fynloski
    Kaspersky 9.0.0.837 Backdoor.Win32.DarkKomet.aafl
    McAfee 5.400.1158 Artemis!7872EFC3378E
    McAfee Gateway Anti-Malware v2012.1-dat Heuristic.BehavesLike.Win32.Suspicious-BAY.S
    eScan by MicroWorld 12.0.250.0 Gen:Variant.Symmi.3138
    Norman 7.00.20 Troj_Generic.HNEQC
    Panda Antivirus 10.0.3.5 Trj/CI.A
    Sophos 4.86.0 Mal/Generic-S
    Symantec 20121.3.0.76 WS.Reputation.1
    Trend Micro 9.740.0.1012 TROJ_SCAR.BMC
    Trend Micro HouseCall 9.700.0.1001 TROJ_GEN.R47H1BF
    VIPRE Antivirus 15624 Trojan.Win32.Generic!BT

    ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00026184%
    0.028634%
    Kernel CPU:0.00014568%
    0.013761%
    User CPU:0.00011617%
    0.014873%
    Kernel CPU time:2,855 ms/min
    100,923,805ms/min
    Memory
    Private memory:12.14 MB
    21.59 MB
    Private (maximum):13.23 MB
    Private (minimum):1.71 MB
    Non-paged memory:12.14 MB
    21.59 MB
    Virtual memory:115.66 MB
    140.96 MB
    Virtual memory (peak):115.66 MB
    169.69 MB
    Working set:2.09 MB
    18.61 MB
    Working set (peak):13.23 MB
    37.95 MB
    Resource allocations
    Threads:32
    12
    Handles:9539
    600
    GUI GDI count:31
    103
    GUI GDI peak:33
    142
    GUI USER count:24
    49
    GUI USER peak:24
    71

    BehaviorsProcess properties

    Integrety level:Medium
    Platform:32-bit
    Command line:C:\Windows\System32\sys32\google.exe
    Owner:User
    Parent process:winlogon.exe (Windows Logon Application by Microsoft)

    ResourcesThreads

    Averages
     
    google.exe (main module)
    Total CPU:0.00016905%
    0.272967%
    Kernel CPU:0.00007409%
    0.107585%
    User CPU:0.00009496%
    0.165382%
    CPU cycles:19,075/sec
    5,741,424/sec
    Memory:2.58 MB
    1.16 MB
    ntdll.dll
    Total CPU:0.00002129%
    Kernel CPU:0.00000000%
    User CPU:0.00002129%
    CPU cycles:1,504/sec
    Memory:1.4 MB
    gdiplus.dll
    Total CPU:0.00001064%
    Kernel CPU:0.00001064%
    User CPU:0.00000000%
    CPU cycles:218/sec
    Memory:1.39 MB

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 8 Pro 100.00%

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Acer 100.00%
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE