Should I block it?

60%
60% of PCs block this file from running.
Possible reason:
Performance resource utilization

VersionsAdditional versions

4, 1, 509, 1944 95.29%
2, 0, 301, 1654 4.71%

Relationships

Parent processes
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegOpenKeyExW, RegQueryValueExW, RegCloseKey
kernel32.dll
ExitProcess, GetCommandLineA, GetStartupInfoA, GetModuleHandleA, GetCommandLineW, FreeLibrary, GetModuleFileNameW, CompareStringW, lstrlenW, GetProcAddress, lstrcmpiW, GetProcessHeap, HeapFree, LoadLibraryW, HeapAlloc, GetLocaleInfoA, GetACP, DeleteCriticalSection, InitializeCriticalSection, InterlockedExchange, GetVersionExA, EnterCriticalSection, LeaveCriticalSection, TerminateProcess, GetCurrentProcess, GetStartupInfoW, HeapReAlloc, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, VirtualProtect, GetSystemInfo, VirtualQuery, MultiByteToWideChar, LCMapStringA, WideCharToMultiByte, GetLastError, LCMapStringW, TlsAlloc, SetLastError, GetCurrentThreadId, TlsFree, TlsSetValue, TlsGetValue, HeapSize, WriteFile, GetStdHandle, GetModuleFileNameA, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, RtlUnwind, GetCPInfo, GetStringTypeA, GetStringTypeW, GetOEMCP, LoadLibraryA

GoogleToolbarNotifier.exe

GoogleToolbarNotifier by Google Inc (Signed)

Remove GoogleToolbarNotifier.exe
Version:   4, 1, 509, 1944
MD5:   5d61be7db55b026a5d61a3eed09d0ead
SHA1:   215950ce5d40907b041346f22b4e404ee591581d
SHA256:   d32cc7b31a6f98c60abc313abc7d1143681f72de2bb2604711a0ba20710caaae

What is GoogleToolbarNotifier.exe?

Google Toolbar Notifier is a Windows service that runs in the background to make sure that Google is your default search engine and is automatically installed on your PC when you install many of the Google applications such as the Google Toolbar or Google Chrome. This windows service is simply designed to make sure the default search provider is not changed.

About GoogleToolbarNotifier.exe (from Google Inc)

Toolbar Notifier protects your Google search settings and notifies you if a website or program attempts to change your default search settings. Sometimes malware attempts to redirect your searches to

DetailsDetails

File name:GoogleToolbarNotifier.exe
Publisher:Google Inc.
Product name:GoogleToolbarNotifier
Typical file path:C:\Program Files\google\googletoolbarnotifier\googletoolbarnotifier.exe
File version:4, 1, 509, 1944
Size:38.48 KB (39,408 bytes)
Certificate
Issued to:Google Inc
Authority (CA):VeriSign
Effective date:Monday, June 18, 2007
Expiration date:Friday, June 18, 2010
Digital DNA
Entropy:5.488021
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'swg' → "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
Network connections
  • [TCP] maa03s04-in-f4.1e100.net (74.125.236.36:80)
  • [TCP] ni-in-f138.1e100.net (74.125.135.138:80)
  • [TCP] mia04s04-in-f3.1e100.net (74.125.229.163:80)
  • [TCP] lax02s02-in-f4.1e100.net (74.125.224.196:80)
  • [TCP] kix01s02-in-f5.1e100.net (74.125.235.229:80)
  • [TCP] sin01s05-in-f6.1e100.net (74.125.235.38:80)
  • [TCP] lhr14s20-in-f3.1e100.net (173.194.34.99:80)
  • [TCP] dfw06s27-in-f7.1e100.net (173.194.46.7:80)
  • [TCP] bk-in-f101.1e100.net (173.194.69.101:80)
  • [TCP] lga15s35-in-f5.1e100.net (173.194.43.37:80)
  • [TCP] ord08s06-in-f4.1e100.net (74.125.225.36:80)
  • [TCP] lga15s28-in-f1.1e100.net (74.125.226.193:80)
  • [TCP] ord08s07-in-f2.1e100.net (74.125.225.66:80)
  • [TCP] lax04s09-in-f3.1e100.net (74.125.239.3:80)
  • [TCP] hg-in-f138.1e100.net (74.125.128.138:80)
  • [TCP] syd01s04-in-f2.1e100.net (74.125.237.2:80)
  • [TCP] den03s06-in-f5.1e100.net (74.125.225.197:80)
  • [TCP] dfw06s16-in-f6.1e100.net (74.125.227.102:80)
  • [TCP] lax04s09-in-f8.1e100.net (74.125.239.8:80)
  • [TCP] nuq04s08-in-f2.1e100.net (74.125.224.98:80)
  • [TCP] cache.google.com (79.101.110.109:80)

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.08860378%
    0.028634%
    Kernel CPU:0.05563381%
    0.013761%
    User CPU:0.03296996%
    0.014873%
    Kernel CPU time:67,340 ms/min
    100,923,805ms/min
    User CPU time:0 ms/min
    0 ms/min
    CPU cycles:258,968/sec
    17,470,203/sec
    Context switches:8/sec
    284/sec
    Memory
    Private memory:3.66 MB
    21.59 MB
    Private (maximum):5.19 MB
    Private (minimum):1000.29 KB
    Non-paged memory:3.66 MB
    21.59 MB
    Virtual memory:80.34 MB
    140.96 MB
    Virtual memory (peak):85.8 MB
    169.69 MB
    Working set:1.88 MB
    18.61 MB
    Working set (peak):8.55 MB
    37.95 MB
    Page faults:32,915/min
    2,039/min
    I/O
    I/O read transfer:10.29 KB/sec
    1.02 MB/min
    I/O read operations:8/sec
    343/min
    I/O write transfer:38 Bytes/sec
    274.99 KB/min
    I/O write operations:1/sec
    227/min
    I/O other transfer:949 Bytes/sec
    448.09 KB/min
    I/O other operations:36/sec
    1,671/min
    Resource allocations
    Threads:6
    12
    Handles:228
    600
    GUI GDI count:13
    103
    GUI GDI peak:14
    142
    GUI USER count:12
    49
    GUI USER peak:15
    71

    BehaviorsProcess properties

    Integrety level:Medium
    Platform:64-bit
    Command lines:
    • "C:\Program Files\google\googletoolbarnotifier\googletoolbarnotifier.exe" -embedding
    • "C:\Program Files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
    Owner:User
    Parent processes:

    ResourcesThreads

    Averages
     
    swg.dll (GoogleToolbarNotifier by Google)
    Total CPU:0.08435260%
    0.272967%
    Kernel CPU:0.06326445%
    0.107585%
    User CPU:0.02108815%
    0.165382%
    Context switches:2/sec
    79/sec
    Memory:1000 KB
    1.16 MB
    ntdll.dll
    Total CPU:0.02141753%
    Kernel CPU:0.00010987%
    User CPU:0.02130766%
    CPU cycles:34,586/sec
    Memory:1.66 MB
    GoogleToolbarNotifier.exe (main module)
    Total CPU:0.01350200%
    Kernel CPU:0.00788963%
    User CPU:0.00561237%
    CPU cycles:132,423/sec
    Context switches:2/sec
    Memory:48 KB
    sendori.dll (Sendori.dll by Sendori)
    Total CPU:0.00598273%
    Kernel CPU:0.00598273%
    User CPU:0.00000000%
    CPU cycles:341,511/sec
    Context switches:17/sec
    Memory:316 KB
    wow64.dll (Win32 Emulation on NT64 by Microsoft)
    Total CPU:0.00304960%
    Kernel CPU:0.00191747%
    User CPU:0.00113212%
    CPU cycles:95,779/sec
    Memory:252 KB
    WININET.dll
    Total CPU:0.00299175%
    Kernel CPU:0.00000000%
    User CPU:0.00299175%
    CPU cycles:62,422/sec
    Memory:980 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Home Premium 34.50%
    Microsoft Windows XP 20.00%
    Windows Vista Home Premium 13.50%
    Windows 7 Ultimate 8.00%
    Windows 7 Professional 8.00%
    Windows 8 Pro 5.00%
    Windows 7 Home Basic 4.00%
    Windows 8 3.00%
    Windows 8.1 1.00%
    Windows 8 Pro with Media Center 1.00%
    Windows 7 Starter 1.00%
    Windows Vista Home Basic 0.50%
    Windows Vista Ultimate 0.50%

    Distribution by countryDistribution by country

    United States installs about 48.24% of GoogleToolbarNotifier.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Toshiba 19.01%
    Dell 14.08%
    Hewlett-Packard 13.73%
    Sony 11.27%
    Acer 10.21%
    ASUS 8.45%
    Lenovo 5.63%
    Intel 5.63%
    Compaq 4.23%
    Gateway 3.52%
    GIGABYTE 1.41%
    Samsung 1.06%
    American Megatrends 0.70%
    Alienware 0.35%
    Packard Bell 0.35%
    Sahara 0.35%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE