| File name: | AVG.exe |
| Full analysis: | https://app.any.run/tasks/546b6886-3f50-4bd5-995b-28fce8d0d1eb |
| Verdict: | Malicious activity |
| Threats: | A loader is malicious software that infiltrates devices to deliver malicious payloads. This malware is capable of infecting victims’ computers, analyzing their system information, and installing other types of threats, such as trojans or stealers. Criminals usually deliver loaders through phishing emails and links by relying on social engineering to trick users into downloading and running their executables. Loaders employ advanced evasion and persistence tactics to avoid detection. |
| Analysis date: | December 21, 2023, 04:23:58 |
| OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
| Tags: | |
| Indicators: | |
| MIME: | application/x-dosexec |
| File info: | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5: | BB7C2FCDB95B2E41551C2226D79C28B0 |
| SHA1: | AEABA2BE72E7937DF3A136C95928970BD6688EA8 |
| SHA256: | 15EDD01CE5247F3E8E8913AFE57F8847813383EE2D28DD95072DB7BE44AB49C6 |
| SSDEEP: | 6144:ls23uqEHpvySbgZ/9c0LqVH11BQjr9AWIt1:ls23uqE1MZ/9cG01LQrCWIt1 |
MALICIOUS
Drops the executable file immediately after the start
- AVG.exe (PID: 2256)
- avg_antivirus_free_setup.exe (PID: 1344)
- Instup.exe (PID: 2000)
- aswOfferTool.exe (PID: 996)
- aswOfferTool.exe (PID: 1984)
- instup.exe (PID: 2448)
- aswOfferTool.exe (PID: 1384)
SUSPICIOUS
Reads settings of System Certificates
- AVG.exe (PID: 2256)
- avg_antivirus_free_setup.exe (PID: 1344)
- Instup.exe (PID: 2000)
- instup.exe (PID: 2448)
Process requests binary or script from the Internet
- AVG.exe (PID: 2256)
Reads the Internet Settings
- Instup.exe (PID: 2000)
- instup.exe (PID: 2448)
Starts itself from another location
- Instup.exe (PID: 2000)
- aswOfferTool.exe (PID: 1384)
Process drops legitimate windows executable
- instup.exe (PID: 2448)
The process drops C-runtime libraries
- instup.exe (PID: 2448)
The process verifies whether the antivirus software is installed
- instup.exe (PID: 2448)
INFO
Checks supported languages
- AVG.exe (PID: 2256)
- avg_antivirus_free_setup.exe (PID: 1344)
- Instup.exe (PID: 2000)
- instup.exe (PID: 2448)
- aswOfferTool.exe (PID: 2740)
- aswOfferTool.exe (PID: 996)
- aswOfferTool.exe (PID: 2592)
- aswOfferTool.exe (PID: 1384)
- aswOfferTool.exe (PID: 1984)
- sbr.exe (PID: 2580)
Reads the computer name
- AVG.exe (PID: 2256)
- avg_antivirus_free_setup.exe (PID: 1344)
- Instup.exe (PID: 2000)
- instup.exe (PID: 2448)
- aswOfferTool.exe (PID: 1384)
Reads the machine GUID from the registry
- AVG.exe (PID: 2256)
- avg_antivirus_free_setup.exe (PID: 1344)
- Instup.exe (PID: 2000)
- instup.exe (PID: 2448)
Reads Environment values
- Instup.exe (PID: 2000)
- instup.exe (PID: 2448)
Creates files in the program directory
- Instup.exe (PID: 2000)
- avg_antivirus_free_setup.exe (PID: 1344)
- instup.exe (PID: 2448)
Reads CPU info
- Instup.exe (PID: 2000)
- instup.exe (PID: 2448)
Checks proxy server information
- Instup.exe (PID: 2000)
- instup.exe (PID: 2448)
Dropped object may contain TOR URL's
- Instup.exe (PID: 2000)
- aswOfferTool.exe (PID: 1384)
- instup.exe (PID: 2448)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
TRiD
| .exe | | | Win32 Executable (generic) (52.9) |
|---|---|---|
| .exe | | | Generic Win/DOS Executable (23.5) |
| .exe | | | DOS Executable Generic (23.5) |
EXIF
EXE
| MachineType: | Intel 386 or later, and compatibles |
|---|---|
| TimeStamp: | 2021:05:03 13:46:21+02:00 |
| ImageFileCharacteristics: | Executable, Large address aware, 32-bit |
| PEType: | PE32 |
| LinkerVersion: | 14.16 |
| CodeSize: | 134144 |
| InitializedDataSize: | 122368 |
| UninitializedDataSize: | - |
| EntryPoint: | 0x1020 |
| OSVersion: | 5.1 |
| ImageVersion: | - |
| SubsystemVersion: | 5.1 |
| Subsystem: | Windows GUI |
| FileVersionNumber: | 2.1.55.0 |
| ProductVersionNumber: | 2.1.55.0 |
| FileFlagsMask: | 0x003f |
| FileFlags: | (none) |
| FileOS: | Windows NT 32-bit |
| ObjectFileType: | Executable application |
| FileSubtype: | - |
| LanguageCode: | English (U.S.) |
| CharacterSet: | Unicode |
| CompanyName: | AVG Technologies CZ, s.r.o. |
| Edition: | 15 |
| FileDescription: | AVG Installer |
| FileVersion: | 2.1.55.0 |
| InternalName: | microstub |
| LegalCopyright: | Copyright (C) 2021 AVG Technologies CZ, s.r.o. |
| OriginalFileName: | microstub.exe |
| ProductName: | AVG |
| ProductVersion: | 2.1.55.0 |
Total processes
47
Monitored processes
11
Malicious processes
4
Suspicious processes
1
Behavior graph
Click at the process to see the details
Process information
PID | CMD | Path | Indicators | Parent process | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 996 | "C:\Windows\Temp\asw.2f9d92777303b651\New_170c0cf2\aswOfferTool.exe" -checkChrome -elevated | C:\Windows\Temp\asw.2f9d92777303b651\New_170c0cf2\aswOfferTool.exe | — | instup.exe | |||||||||||
User: admin Company: AVG Technologies CZ, s.r.o. Integrity Level: HIGH Description: AVG Offer Installation Tool Exit code: 2 Version: 23.12.8700.0 Modules
| |||||||||||||||
| 1344 | "C:\Windows\Temp\asw.c5258b8c6e400753\avg_antivirus_free_setup.exe" /cookie:mmm_bav_003_999_a5e_m /ga_clientid:7607ba86-c9e8-49e1-82f0-62792a4402f3 /edat_dir:C:\Windows\Temp\asw.c5258b8c6e400753 | C:\Windows\Temp\asw.c5258b8c6e400753\avg_antivirus_free_setup.exe | AVG.exe | ||||||||||||
User: admin Company: AVG Technologies CZ, s.r.o. Integrity Level: HIGH Description: AVG Antivirus Exit code: 0 Version: 23.12.8700.0 Modules
| |||||||||||||||
| 1384 | "C:\Windows\Temp\asw.2f9d92777303b651\New_170c0cf2\aswOfferTool.exe" -checkChromeReactivation -elevated -bc=AWFA | C:\Windows\Temp\asw.2f9d92777303b651\New_170c0cf2\aswOfferTool.exe | — | instup.exe | |||||||||||
User: admin Company: AVG Technologies CZ, s.r.o. Integrity Level: HIGH Description: AVG Offer Installation Tool Exit code: 0 Version: 23.12.8700.0 Modules
| |||||||||||||||
| 1984 | "C:\Users\Public\Documents\aswOfferTool.exe" -checkChromeReactivation -bc=AWFA | C:\Users\Public\Documents\aswOfferTool.exe | — | aswOfferTool.exe | |||||||||||
User: admin Company: AVG Technologies CZ, s.r.o. Integrity Level: MEDIUM Description: AVG Offer Installation Tool Exit code: 0 Version: 23.12.8700.0 Modules
| |||||||||||||||
| 2000 | "C:\Windows\Temp\asw.2f9d92777303b651\instup.exe" /sfx:lite /sfxstorage:C:\Windows\Temp\asw.2f9d92777303b651 /edition:15 /prod:ais /stub_mapping_guid:09edbda5-b305-4b0c-936b-e922d201a185:9631760 /guid:755f8ecc-b65e-4c0e-9655-09c328402d18 /ga_clientid:7607ba86-c9e8-49e1-82f0-62792a4402f3 /cookie:mmm_bav_003_999_a5e_m /ga_clientid:7607ba86-c9e8-49e1-82f0-62792a4402f3 /edat_dir:C:\Windows\Temp\asw.c5258b8c6e400753 | C:\Windows\Temp\asw.2f9d92777303b651\Instup.exe | avg_antivirus_free_setup.exe | ||||||||||||
User: admin Company: AVG Technologies CZ, s.r.o. Integrity Level: HIGH Description: AVG Antivirus Installer Exit code: 0 Version: 23.12.8700.0 Modules
| |||||||||||||||
| 2040 | "C:\Users\admin\AppData\Local\Temp\AVG.exe" | C:\Users\admin\AppData\Local\Temp\AVG.exe | — | explorer.exe | |||||||||||
User: admin Company: AVG Technologies CZ, s.r.o. Integrity Level: MEDIUM Description: AVG Installer Exit code: 3221226540 Version: 2.1.55.0 Modules
| |||||||||||||||
| 2256 | "C:\Users\admin\AppData\Local\Temp\AVG.exe" | C:\Users\admin\AppData\Local\Temp\AVG.exe | explorer.exe | ||||||||||||
User: admin Company: AVG Technologies CZ, s.r.o. Integrity Level: HIGH Description: AVG Installer Exit code: 0 Version: 2.1.55.0 Modules
| |||||||||||||||
| 2448 | "C:\Windows\Temp\asw.2f9d92777303b651\New_170c0cf2\instup.exe" /sfx /sfxstorage:C:\Windows\Temp\asw.2f9d92777303b651 /edition:15 /prod:ais /stub_mapping_guid:09edbda5-b305-4b0c-936b-e922d201a185:9631760 /guid:755f8ecc-b65e-4c0e-9655-09c328402d18 /ga_clientid:7607ba86-c9e8-49e1-82f0-62792a4402f3 /cookie:mmm_bav_003_999_a5e_m /edat_dir:C:\Windows\Temp\asw.c5258b8c6e400753 /online_installer | C:\Windows\Temp\asw.2f9d92777303b651\New_170c0cf2\instup.exe | Instup.exe | ||||||||||||
User: admin Company: AVG Technologies CZ, s.r.o. Integrity Level: HIGH Description: AVG Antivirus Installer Exit code: 0 Version: 23.12.8700.0 Modules
| |||||||||||||||
| 2580 | "C:\Windows\Temp\asw.2f9d92777303b651\New_170c0cf2\sbr.exe" 2448 "AVG Antivirus setup" "AVG Antivirus is being installed. Do not shut down your computer!" | C:\Windows\Temp\asw.2f9d92777303b651\New_170c0cf2\sbr.exe | — | instup.exe | |||||||||||
User: admin Company: AVG Technologies CZ, s.r.o. Integrity Level: HIGH Description: AVG Shutdown blocker Exit code: 0 Version: 23.12.8700.0 Modules
| |||||||||||||||
| 2592 | "C:\Windows\Temp\asw.2f9d92777303b651\New_170c0cf2\aswOfferTool.exe" /check_secure_browser | C:\Windows\Temp\asw.2f9d92777303b651\New_170c0cf2\aswOfferTool.exe | — | instup.exe | |||||||||||
User: admin Company: AVG Technologies CZ, s.r.o. Integrity Level: HIGH Description: AVG Offer Installation Tool Exit code: 0 Version: 23.12.8700.0 Modules
| |||||||||||||||
Total events
21 105
Read events
15 664
Write events
5 438
Delete events
3
Modification events
| (PID) Process: | (2256) AVG.exe | Key: | HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager |
| Operation: | write | Name: | PendingFileRenameOperations |
Value: \??\C:\Windows\Temp\asw.c5258b8c6e400753 | |||
| (PID) Process: | (2256) AVG.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\MuiCache\182\52C64B7E |
| Operation: | write | Name: | LanguageList |
Value: en-US | |||
| (PID) Process: | (1344) avg_antivirus_free_setup.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\MuiCache\182\52C64B7E |
| Operation: | write | Name: | LanguageList |
Value: en-US | |||
| (PID) Process: | (1344) avg_antivirus_free_setup.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvgPersistentStorage |
| Operation: | write | Name: | SfxInstProgress |
Value: 0 | |||
| (PID) Process: | (1344) avg_antivirus_free_setup.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvgPersistentStorage |
| Operation: | write | Name: | SfxInstProgress |
Value: 7 | |||
| (PID) Process: | (1344) avg_antivirus_free_setup.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvgPersistentStorage |
| Operation: | write | Name: | SfxInstProgress |
Value: 14 | |||
| (PID) Process: | (1344) avg_antivirus_free_setup.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvgPersistentStorage |
| Operation: | write | Name: | SfxInstProgress |
Value: 21 | |||
| (PID) Process: | (1344) avg_antivirus_free_setup.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvgPersistentStorage |
| Operation: | write | Name: | SfxInstProgress |
Value: 28 | |||
| (PID) Process: | (1344) avg_antivirus_free_setup.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvgPersistentStorage |
| Operation: | write | Name: | SfxInstProgress |
Value: 35 | |||
| (PID) Process: | (1344) avg_antivirus_free_setup.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvgPersistentStorage |
| Operation: | write | Name: | SfxInstProgress |
Value: 42 | |||
Executable files
112
Suspicious files
98
Text files
46
Unknown types
0
Dropped files
PID | Process | Filename | Type | |
|---|---|---|---|---|
| 1344 | avg_antivirus_free_setup.exe | C:\Windows\Temp\asw.2f9d92777303b651\cookie.bin | text | |
MD5:0A408D8F410A2440C8D8FB390400F2CF | SHA256:950FCFBCE33E883345CF8F5F22FC74B98B6B48D58333AC55E9FA4DE5E81B603B | |||
| 2256 | AVG.exe | C:\windows\temp\asw.c5258b8c6e400753\ecoo.edat | text | |
MD5:0A408D8F410A2440C8D8FB390400F2CF | SHA256:950FCFBCE33E883345CF8F5F22FC74B98B6B48D58333AC55E9FA4DE5E81B603B | |||
| 1344 | avg_antivirus_free_setup.exe | C:\Windows\Temp\asw.2f9d92777303b651\config.def | text | |
MD5:8ABE44BD0AF16C9004D73C71CB454FEC | SHA256:7E221D4AF5A91B5E7A7874A4A03D9614044F369818456E430DDF1532A7DC7576 | |||
| 1344 | avg_antivirus_free_setup.exe | C:\Windows\Temp\asw.2f9d92777303b651\part-setup_ais-170c0cf2.vpx | binary | |
MD5:CF3A80AD54BA331019822052308BB9DE | SHA256:4C5201797A2CD0BF718F5C7C22A97D5F432AC7FC86D3BF63A62D99D3666E177B | |||
| 2256 | AVG.exe | C:\Windows\Temp\asw.c5258b8c6e400753\avg_antivirus_free_setup.exe | executable | |
MD5:733B9DF3AFA4F83777A7AF8D0C1FE091 | SHA256:E4A54063571C26B86619696B9CB1D3DB3872A21BE1AF58B5C71CB15FAC7C95C8 | |||
| 1344 | avg_antivirus_free_setup.exe | C:\Windows\Temp\asw.2f9d92777303b651\servers.def | text | |
MD5:B3A7168931B84B7CC67738B26B6A7DAB | SHA256:8E7DCB971160458C0E1236240D776A7DC6B034B0A72801333E3B5448497DA41C | |||
| 1344 | avg_antivirus_free_setup.exe | C:\Windows\Temp\asw.2f9d92777303b651\config.def.vpx | binary | |
MD5:71BBFB7211A772ADE5BE4ADC41F5FFAC | SHA256:34EFA25990A16CC5C3E96DAF68E394DA9A0017E05E198A70CCE9EF4E59B800B8 | |||
| 1344 | avg_antivirus_free_setup.exe | C:\Windows\Temp\asw.2f9d92777303b651\part-prg_ais-170c0cf2.vpx | binary | |
MD5:123E6E57BC65D00BF22BDD6AF06455A3 | SHA256:742955764D3EC40FF02828C7CA830AF7446C70BA4CE74C3CC07125D79BF894A1 | |||
| 1344 | avg_antivirus_free_setup.exe | C:\Windows\Temp\asw.2f9d92777303b651\part-jrog2-118e.vpx | binary | |
MD5:18F7EEF0CF38D949F3BD24765961B593 | SHA256:D0954BB862259C584B2618F99C1EE0E7847FA8D4EDB4C14E4481AC7B39D718E2 | |||
| 1344 | avg_antivirus_free_setup.exe | C:\ProgramData\AVG\Persistent Data\Antivirus\Logs\Setup.log | text | |
MD5:ECAA88F7FA0BF610A5A26CF545DCD3AA | SHA256:F1945CD6C19E56B3C1C78943EF5EC18116907A4CA1EFC40A57D48AB1DB7ADFC5 | |||
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
42
TCP/UDP connections
66
DNS requests
52
Threats
1
HTTP requests
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
|---|---|---|---|---|---|---|---|---|---|
2256 | AVG.exe | GET | 200 | 2.16.100.170:80 | http://iavs9x.avg.u.avcdn.net/avg/iavs9x/avg_antivirus_free_setup.exe | unknown | executable | 9.19 Mb | unknown |
2256 | AVG.exe | POST | 200 | 142.250.186.174:80 | http://www.google-analytics.com/collect | unknown | image | 35 b | unknown |
2256 | AVG.exe | POST | 204 | 34.117.223.223:80 | http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi | unknown | — | — | unknown |
2256 | AVG.exe | POST | 204 | 34.117.223.223:80 | http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi | unknown | — | — | unknown |
2256 | AVG.exe | POST | 200 | 142.250.186.174:80 | http://www.google-analytics.com/collect | unknown | image | 35 b | unknown |
1344 | avg_antivirus_free_setup.exe | GET | 200 | 142.250.186.174:80 | http://www.google-analytics.com/collect?aiid=mmm_bav_003_999_a5e_m&an=Avg%20Free&av=23.12.8700&cd=stub-extended&cd3=Online&cid=755f8ecc-b65e-4c0e-9655-09c328402d18&dt=Installation&t=screenview&tid=UA-58120669-4&v=1 | unknown | image | 35 b | unknown |
2000 | Instup.exe | GET | 200 | 23.48.23.6:80 | http://m6211579.iavs9x.avg.u.avcdn.net/avg/iavs9x/servers.def.vpx | unknown | binary | 1.36 Kb | unknown |
2000 | Instup.exe | GET | 200 | 23.48.23.20:80 | http://h1785399.iavs9x.avg.u.avcdn.net/avg/iavs9x/prod-pgm.vpx | unknown | binary | 572 b | unknown |
2000 | Instup.exe | GET | 200 | 23.48.23.20:80 | http://h1785399.iavs9x.avg.u.avcdn.net/avg/iavs9x/avbugreport_ais-cf2.vpx | unknown | binary | 1.24 Mb | unknown |
2000 | Instup.exe | GET | 200 | 23.48.23.20:80 | http://h1785399.iavs9x.avg.u.avcdn.net/avg/iavs9x/instcont_ais-cf2.vpx | unknown | binary | 908 Kb | unknown |
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
Connections
PID | Process | IP | Domain | ASN | CN | Reputation |
|---|---|---|---|---|---|---|
4 | System | 192.168.100.255:137 | — | — | — | whitelisted |
2256 | AVG.exe | 142.250.186.174:80 | www.google-analytics.com | GOOGLE | US | whitelisted |
4 | System | 192.168.100.255:138 | — | — | — | whitelisted |
1080 | svchost.exe | 224.0.0.252:5355 | — | — | — | unknown |
2256 | AVG.exe | 34.117.223.223:80 | v7event.stats.avast.com | GOOGLE-CLOUD-PLATFORM | US | unknown |
2256 | AVG.exe | 2.16.100.170:443 | iavs9x.avg.u.avcdn.net | Akamai International B.V. | DE | unknown |
2256 | AVG.exe | 2.16.100.170:80 | iavs9x.avg.u.avcdn.net | Akamai International B.V. | DE | unknown |
1344 | avg_antivirus_free_setup.exe | 142.250.186.174:80 | www.google-analytics.com | GOOGLE | US | whitelisted |
1344 | avg_antivirus_free_setup.exe | 34.117.223.223:443 | v7event.stats.avast.com | GOOGLE-CLOUD-PLATFORM | US | unknown |
2000 | Instup.exe | 34.160.176.28:443 | shepherd.avcdn.net | GOOGLE | US | unknown |
DNS requests
Domain | IP | Reputation |
|---|---|---|
www.google-analytics.com |
| whitelisted |
v7event.stats.avast.com |
| whitelisted |
iavs9x.avg.u.avcdn.net |
| whitelisted |
v7event.stats.avcdn.net |
| whitelisted |
analytics.avcdn.net |
| unknown |
shepherd.avcdn.net |
| whitelisted |
d9217321.iavs9x.avg.u.avcdn.net |
| whitelisted |
h1785399.iavs9x.avg.u.avcdn.net |
| whitelisted |
m6211579.iavs9x.avg.u.avcdn.net |
| unknown |
s-iavs9x.avcdn.net |
| whitelisted |
Threats
PID | Process | Class | Message |
|---|---|---|---|
2256 | AVG.exe | Potential Corporate Privacy Violation | ET POLICY PE EXE or DLL Windows file download HTTP |
Process | Message |
|---|---|
avg_antivirus_free_setup.exe | [2023-12-21 04:24:18.499] [info ] [sfxinst ] [ 1344: 1504] [000000: 0] Running SFX 'C:\Windows\Temp\asw.c5258b8c6e400753\avg_antivirus_free_setup.exe'
|
avg_antivirus_free_setup.exe | [2023-12-21 04:24:18.858] [info ] [sfxinst ] [ 1344: 1504] [000000: 0] Moved extra data file 'ecoo.edat' to 'C:\Windows\Temp\asw.2f9d92777303b651\cookie.bin'.
|
avg_antivirus_free_setup.exe | [2023-12-21 04:24:19.546] [notice ] [burger_rep ] [ 1344: 1836] [000000: 0] The event '70.1' was successfully sent to burger: https://analytics.avcdn.net/v4/receive/json/70.
|
avg_antivirus_free_setup.exe | [2023-12-21 04:24:21.061] [info ] [sfxinst ] [ 1344: 1504] [000000: 0] Starting installer/updater executable 'C:\Windows\Temp\asw.2f9d92777303b651\instup.exe'
|
Instup.exe | [2023-12-21 04:24:21.514] [info ] [instup ] [ 2000: 1832] [000000: 0] CPU: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz,4
|
Instup.exe | [2023-12-21 04:24:21.514] [info ] [instup ] [ 2000: 1832] [000000: 0] Memory: 18% load. Phys:2552868/3145208K free, Page:4194303/4194303K free, Virt:1990756/2097024K free
|
Instup.exe | [2023-12-21 04:24:21.514] [info ] [instup ] [ 2000: 1832] [000000: 0] Running module version: instup.exe - '23.12.8700.0'
|
Instup.exe | [2023-12-21 04:24:21.514] [info ] [xproduct ] [ 2000: 1832] [000000: 0] CrossProductModule::RegisterThisProduct : SOFTWARE\AVG\Products : public-instup 2000
|
Instup.exe | [2023-12-21 04:24:21.514] [info ] [instup ] [ 2000: 1832] [000000: 0] setup: x86
|
Instup.exe | [2023-12-21 04:24:21.514] [info ] [instup ] [ 2000: 1832] [000000: 0] OS: Windows 7 SP1 x86
|