home

google_chrome_setup.exe

Fast Downloads

The Adlogica setup manager, an installer that bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application google_chrome_setup.exe by Fast Downloads has been detected as adware by 13 anti-malware scanners. The program is a setup application that uses the Adlogica Downloader installer. This version of the installer will bundle a Mindspark/MyWebSearch Toolbar, a potentially unwanted web browser extension. The installer is marketed through download protals and search ads as Google's Chrome web browser but will also install additional software offers which include adware, PUPs and browser toolbars.
Publisher:
Fast Downloads  (signed and verified)

MD5:
ca9b0ce2c45b6371e1b94a310f738734

SHA-1:
1a8e92a3d127340774cfbd54cb26e656519e4bec

SHA-256:
2f6d187aed898ed01aa1bedb0afe767e19497a66b5531747f0c7a526e3f2e8cb

Scanner detections:
13 / 68

Status:
Adware

Explanation:
Bundles the Mindspark (MyWebSearch/Ask) toolbar, a web browser extension that will modify a user's search and home pages.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
1/13/2025 5:24:32 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Toolbar.MyWebSearch
7.1.1

avast!
Win32:PUP-gen [PUP]
2014.9-141127

AVG
AdPlugin
2015.0.3277

ESET NOD32
Win32/Toolbar.MyWebSearch (variant)
8.10786

Fortinet FortiGate
Riskware/Toolbar_MyWebSearch
11/27/2014

K7 AntiVirus
Unwanted-Program
13.186.14150

Malwarebytes
PUP.Optional.Downloadster
v2014.11.27.02

McAfee
Artemis!CA9B0CE2C45B
5600.6933

Panda Antivirus
Trj/Chgt.D
14.11.27.02

Reason Heuristics
PUP.Installer.FastDownloads.T
14.11.27.14

Sophos
Generic PUA CH
4.98

Trend Micro House Call
Suspicious_GEN.F47V1106
7.2.331

VIPRE Antivirus
InstallCore
35156

File size:
808.9 KB (828,304 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Adlogica Downloader

Language:
English (United States)

Common path:
C:\users\{user}\downloads\google_chrome_setup.exe

Digital Signature
Signed by:
Fast Downloads

Authority:
COMODO CA Limited

Valid from:
8/11/2014 5:00:00 PM

Valid to:
8/11/2017 4:59:59 PM

Subject:
CN=Fast Downloads, O=Fast Downloads, STREET="96 Jessie St, 4th Floor", L=San Francisco, S=CA, PostalCode=94105, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FAF54737027D796BDFDF9DFF5F8D1709

File PE Metadata
Compilation timestamp:
6/21/2014 7:05:32 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:6uR5EPHvTzOfZumcynKfFfIrTVRL8SpX1c8y1MmG3ss23atdLEk3vg:6f7zOkNyKNmTESpFc8y2t3ss23a7g

Entry address:
0x162E0

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C8, 89, 45, CC, 89, 45, D0, 89, 45, EC, 89, 45, D8, 89, 45, D4, B8, D4, 5E, 41, 00, E8, 12, 00, FF, FF, 33, C0, 55, 68, ED, 64, 41, 00, 64, FF, 30, 64, 89, 20, 33, C0, 55, 68, 8B, 64, 41, 00, 64, FF, 30, 64, 89, 20, 8D, 45, EC, 50, 8D, 45, D8, E8, BE, AF, FF, FF, 8B, 45, D8, 89, 45, DC, C6, 45, E0, 0B, 8D, 55, D4, B8, 08, 00, 00, 00, E8, CF, AF, FF, FF, 8B, 45, D4, 89, 45, E4, C6, 45, E8, 0B, 8D, 55, DC, B9, 01, 00, 00, 00, B8, 04, 65, 41, 00...
 
[+]

Entropy:
7.8712

Developed / compiled with:
Microsoft Visual C++

Code size:
85.5 KB (87,552 bytes)

Remove google_chrome_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.