General Info

File name

ChromeSetup.exe

Full analysis
https://app.any.run/tasks/5f8b5404-7194-4edc-b68c-514b35160705
Verdict
Malicious activity
Analysis date
4/14/2019, 17:49:47
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:

loader

Indicators:

MIME:
application/x-dosexec
File info:
PE32 executable (GUI) Intel 80386, for MS Windows
MD5

d113bca512006e89184866a465cd515c

SHA1

965d7d4f78c93a26327b4ade6e4983399d081b3e

SHA256

5ebc34571aa6bcbf80971df319536cbaef083360eb3e61be2d70d8216df9e74c

SSDEEP

24576:f+T4iax8jaE1O4x2h6MIc3IMoqUYE+QYL+uZtUh:mTQWjaE44w6MIc3I87L+uZty

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
120 seconds
Additional time used
60 seconds
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (73.0.3683.75)
  • Google Update Helper (1.3.33.23)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 65.0.2 (x86 en-US) (65.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO
Application was dropped or rewritten from another process
  • chrome.exe (PID: 2752)
  • chrome.exe (PID: 3800)
  • chrome.exe (PID: 2244)
  • chrome.exe (PID: 3376)
  • chrome.exe (PID: 2376)
  • chrome.exe (PID: 2432)
  • chrome.exe (PID: 2312)
  • chrome.exe (PID: 3164)
  • chrome.exe (PID: 1184)
  • chrome.exe (PID: 252)
  • chrome.exe (PID: 2364)
  • chrome.exe (PID: 3368)
  • chrome.exe (PID: 3400)
  • chrome.exe (PID: 2088)
  • chrome.exe (PID: 3212)
  • chrome.exe (PID: 3620)
  • GoogleUpdate.exe (PID: 2972)
  • GoogleUpdate.exe (PID: 2264)
  • setup.exe (PID: 2968)
  • setup.exe (PID: 3004)
Loads dropped or rewritten executable
  • chrome.exe (PID: 3800)
  • GoogleUpdate.exe (PID: 2264)
  • GoogleUpdate.exe (PID: 2972)
Changes settings of System certificates
  • GoogleUpdate.exe (PID: 2856)
Changes the autorun value in the registry
  • setup.exe (PID: 3004)
Application launched itself
  • GoogleUpdate.exe (PID: 1344)
Executable content was dropped or overwritten
  • 73.0.3683.103_chrome_installer.exe (PID: 2676)
  • setup.exe (PID: 3004)
  • ChromeSetup.exe (PID: 2100)
  • GoogleUpdateSetup.exe (PID: 1796)
Creates a software uninstall entry
  • setup.exe (PID: 3004)
Creates files in the program directory
  • GoogleUpdate.exe (PID: 1344)
  • GoogleUpdateSetup.exe (PID: 1796)
  • setup.exe (PID: 3004)
Modifies the open verb of a shell class
  • setup.exe (PID: 3004)
Adds / modifies Windows certificates
  • GoogleUpdate.exe (PID: 2856)
Reads settings of System Certificates
  • chrome.exe (PID: 2088)
Application launched itself
  • chrome.exe (PID: 3212)
Dropped object may contain Bitcoin addresses
  • setup.exe (PID: 3004)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Static information

TRiD
.exe
|   Win32 Executable MS Visual C++ (generic) (42.2%)
.exe
|   Win64 Executable (generic) (37.3%)
.dll
|   Win32 Dynamic Link Library (generic) (8.8%)
.exe
|   Win32 Executable (generic) (6%)
.exe
|   Generic Win/DOS Executable (2.7%)
EXIF
EXE
MachineType:
Intel 386 or later, and compatibles
TimeStamp:
2015:11:20 17:55:32+01:00
PEType:
PE32
LinkerVersion:
12
CodeSize:
73216
InitializedDataSize:
838144
UninitializedDataSize:
null
EntryPoint:
0x4cde
OSVersion:
5.1
ImageVersion:
null
SubsystemVersion:
5.1
Subsystem:
Windows GUI
FileVersionNumber:
1.3.29.1
ProductVersionNumber:
1.3.29.1
FileFlagsMask:
0x003f
FileFlags:
(none)
FileOS:
Windows NT 32-bit
ObjectFileType:
Executable application
FileSubtype:
null
LanguageCode:
English (U.S.)
CharacterSet:
Unicode
CompanyName:
Google Inc.
FileDescription:
Google Update Setup
FileVersion:
1.3.29.1
InternalName:
Google Update Setup
LegalCopyright:
Copyright 2007-2010 Google Inc.
OriginalFileName:
GoogleUpdateSetup.exe
ProductName:
Google Update
ProductVersion:
1.3.29.1
LanguageId:
en
Summary
Architecture:
IMAGE_FILE_MACHINE_I386
Subsystem:
IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date:
20-Nov-2015 16:55:32
Detected languages
Arabic - Saudi Arabia
Bulgarian - Bulgaria
Catalan - Spain
Chinese - PRC
Chinese - Taiwan
Croatian - Croatia
Czech - Czech Republic
Danish - Denmark
Dutch - Netherlands
English - United Kingdom
English - United States
Estonian - Estonia
Farsi - Iran
Finnish - Finland
French - France
German - Germany
Greek - Greece
Gujarati - India
Hebrew - Israel
Hindi - India
Hungarian - Hungary
Icelandic - Iceland
Indonesian - Indonesia (Bahasa)
Italian - Italy
Japanese - Japan
Kannada - India (Kannada script)
Korean - Korea
Latvian - Latvia
Lithuanian - Lithuania
Malay - Malaysia
Marathi - India
Norwegian - Norway (Bokmal)
Polish - Poland
Portuguese - Brazil
Portuguese - Portugal
Romanian - Romania
Russian - Russia
Serbian - Serbia (Cyrillic)
Slovak - Slovakia
Slovenian - Slovenia
Spanish - Mexico
Spanish - Spain (International sort)
Swahili - Kenya
Swedish - Sweden
Tamil - India
Telugu - India (Telugu script)
Thai - Thailand
Turkish - Turkey
Ukrainian - Ukraine
Urdu - Pakistan
Vietnamese - Viet Nam
Debug artifacts
mi_exe_stub.pdb
CompanyName:
Google Inc.
FileDescription:
Google Update Setup
FileVersion:
1.3.29.1
InternalName:
Google Update Setup
LegalCopyright:
Copyright 2007-2010 Google Inc.
OriginalFilename:
GoogleUpdateSetup.exe
ProductName:
Google Update
ProductVersion:
1.3.29.1
LanguageId:
en
DOS Header
Magic number:
MZ
Bytes on last page of file:
0x0090
Pages in file:
0x0003
Relocations:
0x0000
Size of header:
0x0004
Min extra paragraphs:
0x0000
Max extra paragraphs:
0xFFFF
Initial SS value:
0x0000
Initial SP value:
0x00B8
Checksum:
0x0000
Initial IP value:
0x0000
Initial CS value:
0x0000
Overlay number:
0x0000
OEM identifier:
0x0000
OEM information:
0x0000
Address of NE header:
0x000000F8
PE Headers
Signature:
PE
Machine:
IMAGE_FILE_MACHINE_I386
Number of sections:
5
Time date stamp:
20-Nov-2015 16:55:32
Pointer to Symbol Table:
0x00000000
Number of symbols:
0
Size of Optional Header:
0x00E0
Characteristics
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
Sections
Name Virtual Address Virtual Size Raw Size Charateristics Entropy
.text 0x00001000 0x00011D5D 0x00011E00 IMAGE_SCN_CNT_CODE,IMAGE_SCN_MEM_EXECUTE,IMAGE_SCN_MEM_READ 6.6882
.rdata 0x00013000 0x0000575C 0x00005800 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ 4.69854
.data 0x00019000 0x00003160 0x00001400 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_WRITE 3.27047
.rsrc 0x0001D000 0x000C4A38 0x000C4C00 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ 7.97537
.reloc 0x000E2000 0x00001080 0x00001200 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_DISCARDABLE,IMAGE_SCN_MEM_READ 6.25676
Resources
1

2

3

4

5

6

101

102

1321

Imports
    KERNEL32.dll

    SHLWAPI.dll

    ole32.dll

    SHELL32.dll

    USER32.dll

Exports

    No exports.

Screenshots

Processes

Total processes
69
Monitored processes
33
Malicious processes
9
Suspicious processes
3

Behavior graph

+
drop and start start drop and start drop and start drop and start chromesetup.exe googleupdate.exe no specs googleupdatesetup.exe googleupdate.exe no specs googleupdate.exe no specs googleupdate.exe googleupdate.exe 73.0.3683.103_chrome_installer.exe setup.exe setup.exe no specs googleupdateondemand.exe no specs googleupdate.exe no specs googleupdate.exe chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs googleupdatebroker.exe no specs googleupdate.exe no specs googleupdateondemand.exe no specs googleupdate.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2100
CMD
"C:\Users\admin\AppData\Local\Temp\ChromeSetup.exe"
Path
C:\Users\admin\AppData\Local\Temp\ChromeSetup.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Update Setup
Version
1.3.29.1
Modules
Image
c:\users\admin\appdata\local\temp\chromesetup.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\gum63ec.tmp\googleupdate.exe

PID
2972
CMD
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\GoogleUpdate.exe /installsource taggedmi /install "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={646A3820-F960-76B0-643B-54017A01C98A}&lang=zh-CN&browser=4&usagestats=0&appname=Google%20Chrome&needsadmin=prefers"
Path
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\GoogleUpdate.exe
Indicators
No indicators
Parent process
ChromeSetup.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Installer
Version
1.3.29.1
Modules
Image
c:\users\admin\appdata\local\temp\gum63ec.tmp\googleupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ole32.dll
c:\users\admin\appdata\local\temp\gum63ec.tmp\goopdate.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\psapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\version.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msi.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\users\admin\appdata\local\temp\gum63ec.tmp\goopdateres_zh-cn.dll
c:\windows\system32\propsys.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\mpr.dll

PID
1796
CMD
"C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\GoogleUpdateSetup.exe" /installsource taggedmi /install "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={646A3820-F960-76B0-643B-54017A01C98A}&lang=zh-CN&browser=4&usagestats=0&appname=Google%20Chrome&needsadmin=prefers" /installelevated /nomitag
Path
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\GoogleUpdateSetup.exe
Indicators
Parent process
GoogleUpdate.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Google Inc.
Description
Google Update Setup
Version
1.3.29.1
Modules
Image
c:\users\admin\appdata\local\temp\gum63ec.tmp\googleupdatesetup.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ole32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\program files\gum6a93.tmp\googleupdate.exe

PID
2264
CMD
"C:\Program Files\GUM6A93.tmp\GoogleUpdate.exe" /installsource taggedmi /install "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={646A3820-F960-76B0-643B-54017A01C98A}&lang=zh-CN&browser=4&usagestats=0&appname=Google%20Chrome&needsadmin=prefers" /installelevated
Path
C:\Program Files\GUM6A93.tmp\GoogleUpdate.exe
Indicators
No indicators
Parent process
GoogleUpdateSetup.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Google Inc.
Description
Google Installer
Version
1.3.29.1
Modules
Image
c:\program files\gum6a93.tmp\googleupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ole32.dll
c:\program files\gum6a93.tmp\goopdate.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\psapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\version.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msi.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\cryptbase.dll
c:\program files\gum6a93.tmp\goopdateres_zh-cn.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\propsys.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll
c:\program files\google\update\googleupdate.exe

PID
2132
CMD
"C:\Program Files\Google\Update\GoogleUpdate.exe" /healthcheck
Path
C:\Program Files\Google\Update\GoogleUpdate.exe
Indicators
No indicators
Parent process
GoogleUpdate.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Google Inc.
Description
Google Installer
Version
1.3.33.23
Modules
Image
c:\program files\google\update\googleupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\ole32.dll
c:\program files\google\update\1.3.33.23\goopdate.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\msi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\crypt32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\cryptbase.dll

PID
2856
CMD
"C:\Program Files\Google\Update\GoogleUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB2ZXJzaW9uPSIxLjMuMjkuMSIgc2hlbGxfdmVyc2lvbj0iMS4zLjMzLjIzIiBpc21hY2hpbmU9IjEiIHNlc3Npb25pZD0iezcxRkEzRDBELTU2MDctNEMwRC1BNjAyLUE1NkIzREM2ODhCMH0iIGluc3RhbGxzb3VyY2U9InRhZ2dlZG1pIiByZXF1ZXN0aWQ9Ins3QUZERjMwOC1FMjE2LTQ0NEQtODIxQi05N0ZEMTRFQThEQTV9IiBkZWR1cD0iY3IiPjxodyBwaHlzbWVtb3J5PSIzIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSI2LjEiIHNwPSJTZXJ2aWNlIFBhY2sgMSIgYXJjaD0ieDg2Ii8-PGFwcCBhcHBpZD0iezQzMEZENEQwLUI3MjktNEY2MS1BQTM0LTkxNTI2NDgxNzk5RH0iIHZlcnNpb249IjEuMy4zMy4yMyIgbmV4dHZlcnNpb249IjEuMy4yOS4xIiBsYW5nPSJ6aC1DTiIgYnJhbmQ9IiIgY2xpZW50PSIiIGlpZD0iezY0NkEzODIwLUY5NjAtNzZCMC02NDNCLTU0MDE3QTAxQzk4QX0iPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGluc3RhbGxfdGltZV9tcz0iMzEzIi8-PC9hcHA-PC9yZXF1ZXN0Pg
Path
C:\Program Files\Google\Update\GoogleUpdate.exe
Indicators
Parent process
GoogleUpdate.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Google Inc.
Description
Google Installer
Version
1.3.33.23
Modules
Image
c:\program files\google\update\googleupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\ole32.dll
c:\program files\google\update\1.3.33.23\goopdate.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\msi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\credssp.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\schannel.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\msxml3.dll

PID
1344
CMD
"C:\Program Files\Google\Update\GoogleUpdate.exe" /handoff "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={646A3820-F960-76B0-643B-54017A01C98A}&lang=zh-CN&browser=4&usagestats=0&appname=Google%20Chrome&needsadmin=prefers" /installsource taggedmi /sessionid "{71FA3D0D-5607-4C0D-A602-A56B3DC688B0}"
Path
C:\Program Files\Google\Update\GoogleUpdate.exe
Indicators
Parent process
GoogleUpdate.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Google Inc.
Description
Google Installer
Version
1.3.33.23
Modules
Image
c:\program files\google\update\googleupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\ole32.dll
c:\program files\google\update\1.3.33.23\goopdate.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\msi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\cryptbase.dll
c:\program files\google\update\1.3.33.23\goopdateres_zh-cn.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\credssp.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\schannel.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\winsta.dll
c:\windows\system32\qmgrprxy.dll
c:\windows\system32\bitsprx4.dll
c:\windows\system32\apphelp.dll
c:\program files\google\update\install\{5fe655cf-f917-42b5-b749-620eb11688d3}\73.0.3683.103_chrome_installer.exe
c:\windows\system32\propsys.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\devobj.dll
c:\program files\google\update\1.3.33.23\psmachine.dll

PID
2676
CMD
"C:\Program Files\Google\Update\Install\{5FE655CF-F917-42B5-B749-620EB11688D3}\73.0.3683.103_chrome_installer.exe" --verbose-logging --do-not-launch-chrome --system-level
Path
C:\Program Files\Google\Update\Install\{5FE655CF-F917-42B5-B749-620EB11688D3}\73.0.3683.103_chrome_installer.exe
Indicators
Parent process
GoogleUpdate.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome Installer
Version
73.0.3683.103
Modules
Image
c:\program files\google\update\install\{5fe655cf-f917-42b5-b749-620eb11688d3}\73.0.3683.103_chrome_installer.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\cr_6807a.tmp\setup.exe

PID
3004
CMD
"C:\Users\admin\AppData\Local\Temp\CR_6807A.tmp\setup.exe" --install-archive="C:\Users\admin\AppData\Local\Temp\CR_6807A.tmp\CHROME.PACKED.7Z" --verbose-logging --do-not-launch-chrome --system-level
Path
C:\Users\admin\AppData\Local\Temp\CR_6807A.tmp\setup.exe
Indicators
Parent process
73.0.3683.103_chrome_installer.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome Installer
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\local\temp\cr_6807a.tmp\setup.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\version.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\samcli.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mpr.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\slc.dll
c:\program files\google\chrome\application\chrome.exe

PID
2968
CMD
C:\Users\admin\AppData\Local\Temp\CR_6807A.tmp\setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=73.0.3683.103 --initial-client-data=0x10c,0x114,0x118,0x108,0x11c,0x1d3628,0x1d3638,0x1d3644
Path
C:\Users\admin\AppData\Local\Temp\CR_6807A.tmp\setup.exe
Indicators
No indicators
Parent process
setup.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome Installer
Version
73.0.3683.103
Modules
Image
c:\users\admin\appdata\local\temp\cr_6807a.tmp\setup.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\version.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\samcli.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mpr.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll

PID
3800
CMD
"C:\Program Files\Google\Update\1.3.33.23\GoogleUpdateOnDemand.exe" -Embedding
Path
C:\Program Files\Google\Update\1.3.33.23\GoogleUpdateOnDemand.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Update
Version
1.3.33.23
Modules
Image
c:\program files\google\update\1.3.33.23\googleupdateondemand.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\apphelp.dll
c:\program files\google\update\googleupdate.exe

PID
3132
CMD
"C:\Program Files\Google\Update\GoogleUpdate.exe" /ondemand
Path
C:\Program Files\Google\Update\GoogleUpdate.exe
Indicators
No indicators
Parent process
GoogleUpdateOnDemand.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Installer
Version
1.3.33.23
Modules
Image
c:\program files\google\update\googleupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\ole32.dll
c:\program files\google\update\1.3.33.23\goopdate.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\msi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\crypt32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\program files\google\update\1.3.33.23\goopdateres_en.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\program files\google\update\1.3.33.23\psmachine.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\apphelp.dll

PID
2472
CMD
"C:\Program Files\Google\Update\GoogleUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4zMy4yMyIgc2hlbGxfdmVyc2lvbj0iMS4zLjMzLjIzIiBpc21hY2hpbmU9IjEiIHNlc3Npb25pZD0iezcxRkEzRDBELTU2MDctNEMwRC1BNjAyLUE1NkIzREM2ODhCMH0iIGluc3RhbGxzb3VyY2U9InRhZ2dlZG1pIiByZXF1ZXN0aWQ9IntCNkE1RjNBQi1ENkQxLTRGN0YtOTAxQS1BRTc3RkQ0ODVDMER9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IHBoeXNtZW1vcnk9IjMiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjYuMS43NjAxLjAiIHNwPSJTZXJ2aWNlIFBhY2sgMSIgYXJjaD0ieDg2Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzQy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjczLjAuMzY4My4xMDMiIGxhbmc9InpoLUNOIiBicmFuZD0iIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMjI5IiBpbnN0YWxsZGF0ZT0iNDI1NiIgaWlkPSJ7NjQ2QTM4MjAtRjk2MC03NkIwLTY0M0ItNTQwMTdBMDFDOThBfSIgY29ob3J0PSIxOmd1L2kxOToiIGNvaG9ydG5hbWU9IlN0YWJsZSBJbnN0YWxscyBPbmx5Ij48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL3JlZGlyZWN0b3IuZ3Z0MS5jb20vZWRnZWRsL3JlbGVhc2UyL2Nocm9tZS9BTkROMGRxWERHUDhfNzMuMC4zNjgzLjEwMy83My4wLjM2ODMuMTAzX2Nocm9tZV9pbnN0YWxsZXIuZXhlIiBkb3dubG9hZGVkPSI1NDU0NzcxMiIgdG90YWw9IjU0NTQ3NzEyIiBkb3dubG9hZF90aW1lX21zPSIzMzcxOCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc291cmNlX3VybF9pbmRleD0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjMxMjUiIGRvd25sb2FkX3RpbWVfbXM9IjM0NDM3IiBkb3dubG9hZGVkPSI1NDU0NzcxMiIgdG90YWw9IjU0NTQ3NzEyIiBpbnN0YWxsX3RpbWVfbXM9IjkyOTciLz48L2FwcD48L3JlcXVlc3Q-
Path
C:\Program Files\Google\Update\GoogleUpdate.exe
Indicators
Parent process
GoogleUpdate.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Google Inc.
Description
Google Installer
Version
1.3.33.23
Modules
Image
c:\program files\google\update\googleupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\ole32.dll
c:\program files\google\update\1.3.33.23\goopdate.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\msi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\credssp.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\schannel.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\msxml3.dll

PID
3212
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe"
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
GoogleUpdate.exe
User
admin
Integrity Level
MEDIUM
Exit code
3221225547
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\hid.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\winusb.dll
c:\windows\system32\msi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mscms.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\wpc.dll
c:\windows\system32\samlib.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\wship6.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\program files\google\update\1.3.33.23\psmachine.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\imagehlp.dll
c:\program files\winrar\rarext.dll
c:\program files\microsoft office\office14\olkfstub.dll
c:\progra~1\micros~1\office14\mlshext.dll
c:\program files\microsoft office\office14\onfilter.dll
c:\program files\microsoft office\office14\visshe.dll
c:\program files\common files\microsoft shared\office14\msoshext.dll
c:\program files\microsoft office\office14\msohevi.dll
c:\windows\system32\mf.dll
c:\windows\system32\shdocvw.dll
c:\program files\filezilla ftp client\fzshellext.dll
c:\windows\system32\syncui.dll
c:\program files\notepad++\nppshell_06.dll
c:\program files\windows sidebar\sbdrop.dll
c:\windows\system32\stobject.dll
c:\windows\system32\cryptext.dll
c:\windows\system32\colorui.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_child.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\winspool.drv

PID
2752
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=73.0.3683.103 --initial-client-data=0x7c,0x80,0x84,0x78,0x88,0x6f150f18,0x6f150f28,0x6f150f34
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll

PID
3376
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=292 --on-initialized-event-handle=308 --parent-handle=312 /prefetch:6
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_watcher.dll

PID
3800
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=952,279119253719647876,11656901843951572950,131072 --enable-features=PasswordImport --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=2799308914909558353 --mojo-platform-channel-handle=964 --ignored=" --type=renderer " /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\windows\system32\apphelp.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\lpk.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\kernelbase.dll
c:\systemroot\system32\ntdll.dll
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\kernel32.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\program files\google\chrome\application\73.0.3683.103\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\73.0.3683.103\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\73.0.3683.103\swiftshader\libegl.dll

PID
2088
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=952,279119253719647876,11656901843951572950,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=network --service-request-channel-token=6990403923191220451 --mojo-platform-channel-handle=1520 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\p2pcollab.dll
c:\windows\system32\qagentrt.dll
c:\windows\system32\fveui.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ntmarta.dll

PID
1184
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,279119253719647876,11656901843951572950,131072 --enable-features=PasswordImport --service-pipe-token=11171272391287327953 --lang=en-US --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11171272391287327953 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1940 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2376
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,279119253719647876,11656901843951572950,131072 --enable-features=PasswordImport --service-pipe-token=17080222053045776794 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17080222053045776794 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2288 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
252
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,279119253719647876,11656901843951572950,131072 --enable-features=PasswordImport --service-pipe-token=9829251351238918509 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9829251351238918509 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2304 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2312
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,279119253719647876,11656901843951572950,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=14296188291490206162 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14296188291490206162 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2364
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --field-trial-handle=952,279119253719647876,11656901843951572950,131072 --enable-features=PasswordImport --lang=en-US --device-scale-factor=1 --ppapi-antialiased-text-enabled=0 --ppapi-subpixel-rendering-setting=0 --service-request-channel-token=1914431962113303088 --mojo-platform-channel-handle=3252 /prefetch:4
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\usp10.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\macromed\flash\pepflashplayer32_26_0_0_131.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\psapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll

PID
3588
CMD
"C:\Program Files\Google\Update\1.3.33.23\GoogleUpdateBroker.exe" -Embedding
Path
C:\Program Files\Google\Update\1.3.33.23\GoogleUpdateBroker.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Update
Version
1.3.33.23
Modules
Image
c:\program files\google\update\1.3.33.23\googleupdatebroker.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\apphelp.dll
c:\program files\google\update\googleupdate.exe

PID
2836
CMD
"C:\Program Files\Google\Update\GoogleUpdate.exe" /broker
Path
C:\Program Files\Google\Update\GoogleUpdate.exe
Indicators
No indicators
Parent process
GoogleUpdateBroker.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Installer
Version
1.3.33.23
Modules
Image
c:\program files\google\update\googleupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\ole32.dll
c:\program files\google\update\1.3.33.23\goopdate.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\msi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\comsvcs.dll
c:\windows\system32\atl.dll
c:\program files\google\update\1.3.33.23\psmachine.dll

PID
2296
CMD
"C:\Program Files\Google\Update\1.3.33.23\GoogleUpdateOnDemand.exe" -Embedding
Path
C:\Program Files\Google\Update\1.3.33.23\GoogleUpdateOnDemand.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Google Inc.
Description
Google Update
Version
1.3.33.23
Modules
Image
c:\program files\google\update\1.3.33.23\googleupdateondemand.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\apphelp.dll
c:\program files\google\update\googleupdate.exe

PID
3120
CMD
"C:\Program Files\Google\Update\GoogleUpdate.exe" /ondemand
Path
C:\Program Files\Google\Update\GoogleUpdate.exe
Indicators
Parent process
GoogleUpdateOnDemand.exe
User
admin
Integrity Level
HIGH
Exit code
0
Version:
Company
Google Inc.
Description
Google Installer
Version
1.3.33.23
Modules
Image
c:\program files\google\update\googleupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\ole32.dll
c:\program files\google\update\1.3.33.23\goopdate.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\msi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\cryptbase.dll
c:\program files\google\update\1.3.33.23\goopdateres_en.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\program files\google\update\1.3.33.23\psmachine.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\credssp.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\schannel.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\winsta.dll

PID
3164
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=952,279119253719647876,11656901843951572950,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=17509652662835938457 --mojo-platform-channel-handle=3528 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2432
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=952,279119253719647876,11656901843951572950,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=2609682015287649814 --mojo-platform-channel-handle=3692 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3368
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=952,279119253719647876,11656901843951572950,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=17459166688553487475 --mojo-platform-channel-handle=3676 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3400
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=952,279119253719647876,11656901843951572950,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=8622261903868084648 --mojo-platform-channel-handle=3752 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2244
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=952,279119253719647876,11656901843951572950,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=17533110146532441852 --mojo-platform-channel-handle=3764 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3620
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=952,279119253719647876,11656901843951572950,131072 --enable-features=PasswordImport --disable-gpu-sandbox --use-gl=disabled --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=691384583842749919 --mojo-platform-channel-handle=3900 /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.103
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\lpk.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.103\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll

Registry activity

Total events
2511
Read events
964
Write events
1523
Delete events
24

Modification events

PID
Process
Operation
Key
Name
Value
2264
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
0
2264
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{430FD4D0-B729-4F61-AA34-91526481799D}
iid
{646A3820-F960-76B0-643B-54017A01C98A}
2856
GoogleUpdate.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
2856
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81
Blob
0F000000010000001400000085FEF11B4F47FE3952F98301C9F98976FEFEE0CE09000000010000002A000000302806082B0601050507030106082B0601050507030206082B0601050507030406082B0601050507030353000000010000002500000030233021060B6086480186F8450107300130123010060A2B0601040182373C0101030200C01400000001000000140000007B5B45CFAFCECB7AFD31921A6AB6F346EB5748501D00000001000000100000005B3B67000EEB80022E42605B6B3B72400B000000010000000E000000740068006100770074006500000003000000010000001400000091C6D6EE3E8AC86384E548C299295C756C817B812000000001000000240400003082042030820308A0030201020210344ED55720D5EDEC49F42FCE37DB2B6D300D06092A864886F70D01010505003081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F74204341301E170D3036313131373030303030305A170D3336303731363233353935395A3081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100ACA0F0FB8059D49CC7A4CF9DA159730910450C0D2C6E68F16C5B4868495937FC0B3319C2777FCC102D95341CE6EB4D09A71CD2B8C9973602B789D4245F06C0CC4494948D02626FEB5ADD118D289A5C8490107A0DBD74662F6A38A0E2D55444EB1D079F07BA6FEEE9FD4E0B29F53E84A001F19CABF81C7E89A4E8A1D871650DA3517BEEBCD222600DB95B9DDFBAFC515B0BAF98B2E92EE904E86287DE2BC8D74EC14C641EDDCF8758BA4A4FCA68071D1C9D4AC6D52F91CC7C71721CC5C067EB32FDC9925C94DA85C09BBF537D2B09F48C9D911F976A52CBDE0936A477D87B875044D53E6E2969FB3949261E09A5807B402DEBE82785C9FE61FD7EE67C971DD59D0203010001A3423040300F0603551D130101FF040530030101FF300E0603551D0F0101FF040403020106301D0603551D0E041604147B5B45CFAFCECB7AFD31921A6AB6F346EB574850300D06092A864886F70D010105050003820101007911C04BB391B6FCF0E967D40D6E45BE55E893D2CE033FEDDA25B01D57CB1E3A76A04CEC5076E864720CA4A9F1B88BD6D68784BB32E54111C077D9B3609DEB1BD5D16E4444A9A601EC55621D77B85C8E48497C9C3B5711ACAD73378E2F785C906847D96060E6FC073D222017C4F716E9C4D872F9C8737CDF162F15A93EFD6A27B6A1EB5ABA981FD5E34D640A9D13C861BAF5391C87BAB8BD7B227FF6FEAC4079E5AC106F3D8F1B79768BC437B3211884E53600EB632099B9E9FE3304BB41C8C102F94463209E81CE42D3D63F2C76D3639C59DD8FA6E10EA02E41F72E9547CFBCFD33F3F60B617E7E912B8147C22730EEA7105D378F5C392BE404F07B8D568C68
2856
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\75E0ABB6138512271C04F85FDDDE38E4B7242EFE
Blob
0400000001000000100000009414777E3E5EFD8F30BD41B0CFE7D0300F0000000100000014000000BF4D2C390BBF0AA3A2B7EA2DC751011BF5FD422E090000000100000068000000306606082B0601050507030106082B0601050507030206082B0601050507030306082B0601050507030406082B0601050507030806082B06010505070309060A2B0601040182370A030406082B0601050507030606082B0601050507030706082B060105050802020B000000010000005C00000047006F006F0067006C00650020005400720075007300740020005300650072007600690063006500730020002D00200047006C006F00620061006C005300690067006E00200052006F006F0074002000430041002D005200320000005300000001000000230000003021301F06092B06010401A032010130123010060A2B0601040182373C0101030200C0620000000100000020000000CA42DD41745FD0B81EB902362CF9D8BF719DA1BD1B1EFC946F5B4C99F42C1B9E1400000001000000140000009BE20757671C1EC06A06DE59B49A2DDFDC19862E1D000000010000001000000073621E116224668780B2D2BEE454E52E03000000010000001400000075E0ABB6138512271C04F85FDDDE38E4B7242EFE190000000100000010000000A8827A3CBD2D87D783B59B8062C87E9A2000000001000000BE030000308203BA308202A2A003020102020B0400000000010F8626E60D300D06092A864886F70D0101050500304C3120301E060355040B1317476C6F62616C5369676E20526F6F74204341202D20523231133011060355040A130A476C6F62616C5369676E311330110603550403130A476C6F62616C5369676E301E170D3036313231353038303030305A170D3231313231353038303030305A304C3120301E060355040B1317476C6F62616C5369676E20526F6F74204341202D20523231133011060355040A130A476C6F62616C5369676E311330110603550403130A476C6F62616C5369676E30820122300D06092A864886F70D01010105000382010F003082010A0282010100A6CF240EBE2E6F28994542C4AB3E21549B0BD37F8470FA12B3CBBF875FC67F86D3B2305CD6FDADF17BDCE5F86096099210F5D053DEFB7B7E7388AC52887B4AA6CA49A65EA8A78C5A11BC7A82EBBE8CE9B3AC962507974A992A072FB41E77BF8A0FB5027C1B96B8C5B93A2CBCD612B9EB597DE2D006865F5E496AB5395E8834ECBC780C0898846CA8CD4BB4A07D0C794DF0B82DCB21CAD56C5B7DE1A02984A1F9D39449CB24629120BCDD0BD5D9CCF9EA270A2B7391C69D1BACC8CBE8E0A0F42F908B4DFBB0361BF6197A85E06DF26113885C9FE0930A51978A5ACEAFABD5F7AA09AA60BDDCD95FDF72A960135E0001C94AFA3FA4EA070321028E82CA03C29B8F0203010001A3819C308199300E0603551D0F0101FF040403020106300F0603551D130101FF040530030101FF301D0603551D0E041604149BE20757671C1EC06A06DE59B49A2DDFDC19862E30360603551D1F042F302D302BA029A0278625687474703A2F2F63726C2E676C6F62616C7369676E2E6E65742F726F6F742D72322E63726C301F0603551D230418301680149BE20757671C1EC06A06DE59B49A2DDFDC19862E300D06092A864886F70D01010505000382010100998153871C68978691ECE04AB8440BAB81AC274FD6C1B81C4378B30C9AFCEA2C3C6E611B4D4B29F59F051D26C1B8E983006245B6A90893B9A9334B189AC2F887884EDBDD71341AC154DA463FE0D32AAB6D5422F53A62CD206FBA2989D7DD91EED35CA23EA15B41F5DFE564432DE9D539ABD2A2DFB78BD0C080191C45C02D8CE8F82DA4745649C505B54F15DE6E44783987A87EBBF3791891BBF46F9DC1F08C358C5D01FBC36DB9EF446D7946317E0AFEA982C1FFEFAB6E20C450C95F9D4D9B178C0CE501C9A0416A7353FAA550B46E250FFB4C18F4FD52D98E69B1E8110FDE88D8FB1D49F7AADE95CF2078C26012DB25408C6AFC7E4238406412F79E81E1932E
2856
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81
Blob
190000000100000010000000DC73F9B71E16D51D26527D32B11A6A3D03000000010000001400000091C6D6EE3E8AC86384E548C299295C756C817B810B000000010000000E00000074006800610077007400650000001D00000001000000100000005B3B67000EEB80022E42605B6B3B72401400000001000000140000007B5B45CFAFCECB7AFD31921A6AB6F346EB57485053000000010000002500000030233021060B6086480186F8450107300130123010060A2B0601040182373C0101030200C009000000010000002A000000302806082B0601050507030106082B0601050507030206082B0601050507030406082B060105050703030F000000010000001400000085FEF11B4F47FE3952F98301C9F98976FEFEE0CE2000000001000000240400003082042030820308A0030201020210344ED55720D5EDEC49F42FCE37DB2B6D300D06092A864886F70D01010505003081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F74204341301E170D3036313131373030303030305A170D3336303731363233353935395A3081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100ACA0F0FB8059D49CC7A4CF9DA159730910450C0D2C6E68F16C5B4868495937FC0B3319C2777FCC102D95341CE6EB4D09A71CD2B8C9973602B789D4245F06C0CC4494948D02626FEB5ADD118D289A5C8490107A0DBD74662F6A38A0E2D55444EB1D079F07BA6FEEE9FD4E0B29F53E84A001F19CABF81C7E89A4E8A1D871650DA3517BEEBCD222600DB95B9DDFBAFC515B0BAF98B2E92EE904E86287DE2BC8D74EC14C641EDDCF8758BA4A4FCA68071D1C9D4AC6D52F91CC7C71721CC5C067EB32FDC9925C94DA85C09BBF537D2B09F48C9D911F976A52CBDE0936A477D87B875044D53E6E2969FB3949261E09A5807B402DEBE82785C9FE61FD7EE67C971DD59D0203010001A3423040300F0603551D130101FF040530030101FF300E0603551D0F0101FF040403020106301D0603551D0E041604147B5B45CFAFCECB7AFD31921A6AB6F346EB574850300D06092A864886F70D010105050003820101007911C04BB391B6FCF0E967D40D6E45BE55E893D2CE033FEDDA25B01D57CB1E3A76A04CEC5076E864720CA4A9F1B88BD6D68784BB32E54111C077D9B3609DEB1BD5D16E4444A9A601EC55621D77B85C8E48497C9C3B5711ACAD73378E2F785C906847D96060E6FC073D222017C4F716E9C4D872F9C8737CDF162F15A93EFD6A27B6A1EB5ABA981FD5E34D640A9D13C861BAF5391C87BAB8BD7B227FF6FEAC4079E5AC106F3D8F1B79768BC437B3211884E53600EB632099B9E9FE3304BB41C8C102F94463209E81CE42D3D63F2C76D3639C59DD8FA6E10EA02E41F72E9547CFBCFD33F3F60B617E7E912B8147C22730EEA7105D378F5C392BE404F07B8D568C68
2856
GoogleUpdate.exe
write
HKEY_CURRENT_USER\Software\Google\Update\proxy
source
auto
1344
GoogleUpdate.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
1344
GoogleUpdate.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{BFBF3411-7354-463B-A304-FAB757010E16}
1344
GoogleUpdate.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
0
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{BFBF3411-7354-463B-A304-FAB757010E16}
PersistedPingString
<?xml version="1.0" encoding="UTF-8"?><request protocol="3.0" updater="Omaha" updaterversion="1.3.33.23" shell_version="1.3.33.23" ismachine="1" sessionid="{71FA3D0D-5607-4C0D-A602-A56B3DC688B0}" requestid="{BFBF3411-7354-463B-A304-FAB757010E16}" dedup="cr" domainjoined="0"><hw physmemory="3" sse="1" sse2="1" sse3="1" ssse3="1" sse41="1" sse42="1" avx="1"/><os platform="win" version="6.1.7601.0" sp="Service Pack 1" arch="x86"/></request>
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{BFBF3411-7354-463B-A304-FAB757010E16}
PersistedPingTime
131997306124183750
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
pv
73.0.3683.75
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
StateValue
3
1344
GoogleUpdate.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
1344
GoogleUpdate.exe
write
HKEY_CURRENT_USER\Software\Google\Update\proxy
source
auto
1344
GoogleUpdate.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
0
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
ping_freshness
{4BE492D4-1382-45D8-9262-E3797FB85A1B}
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\cohort
1:gu/i19:
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\cohort
hint
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\cohort
name
Stable Installs Only
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
StateValue
4
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}
PersistedPingString
<?xml version="1.0" encoding="UTF-8"?><request protocol="3.0" updater="Omaha" updaterversion="1.3.33.23" shell_version="1.3.33.23" ismachine="1" sessionid="{71FA3D0D-5607-4C0D-A602-A56B3DC688B0}" installsource="taggedmi" requestid="{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}" dedup="cr" domainjoined="0"><hw physmemory="3" sse="1" sse2="1" sse3="1" ssse3="1" sse41="1" sse42="1" avx="1"/><os platform="win" version="6.1.7601.0" sp="Service Pack 1" arch="x86"/><app appid="{8A69D345-D564-463C-AFF1-A69D9E530F96}" version="" nextversion="73.0.3683.103" lang="zh-CN" brand="" client="" installage="229" installdate="4256" iid="{646A3820-F960-76B0-643B-54017A01C98A}" cohort="1:gu/i19:" cohortname="Stable Installs Only"><event eventtype="9" eventresult="1" errorcode="0" extracode1="0"/></app></request>
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}
PersistedPingTime
131997306157308750
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}
PersistedPingString
<?xml version="1.0" encoding="UTF-8"?><request protocol="3.0" updater="Omaha" updaterversion="1.3.33.23" shell_version="1.3.33.23" ismachine="1" sessionid="{71FA3D0D-5607-4C0D-A602-A56B3DC688B0}" installsource="taggedmi" requestid="{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}" dedup="cr" domainjoined="0"><hw physmemory="3" sse="1" sse2="1" sse3="1" ssse3="1" sse41="1" sse42="1" avx="1"/><os platform="win" version="6.1.7601.0" sp="Service Pack 1" arch="x86"/><app appid="{8A69D345-D564-463C-AFF1-A69D9E530F96}" version="" nextversion="73.0.3683.103" lang="zh-CN" brand="" client="" installage="229" installdate="4256" iid="{646A3820-F960-76B0-643B-54017A01C98A}" cohort="1:gu/i19:" cohortname="Stable Installs Only"><event eventtype="9" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="5" eventresult="1" errorcode="0" extracode1="0"/></app></request>
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}
PersistedPingTime
131997306157621250
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
4294967295
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
0
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
StateValue
7
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
49523
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
2
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
39778
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
4
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
35888
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
6
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
33395
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
8
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
31600
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
10
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
30223
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
12
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
29051
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
13
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
26197
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
15
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
24820
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
17
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
24239
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
19
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
23581
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
21
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
23003
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
23
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
22424
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
25
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
21846
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
27
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
21267
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
29
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
20689
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
31
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
20111
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
33
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
20930
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
34
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
20319
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
36
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
19708
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
37
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
19098
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
39
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
18487
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
41
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
17876
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
43
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
17266
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
45
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
16655
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
47
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
15195
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
49
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
14616
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
51
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
14038
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
53
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
13459
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
55
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
12881
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
57
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
12303
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
59
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
11724
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
61
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
11109
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
62
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
10533
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
64
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
9989
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
66
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
10207
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
67
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
9598
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
69
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
8990
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
71
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
8381
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
73
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
7772
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
75
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
7189
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
77
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
6578
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
79
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
5947
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
81
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
5073
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
83
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
4495
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
85
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
3916
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
86
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
3338
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
88
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
2760
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
90
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
2181
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
92
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
1603
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
94
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
1025
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
96
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
446
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
98
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadTimeRemainingMs
0
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
DownloadProgressPercent
100
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}
PersistedPingString
<?xml version="1.0" encoding="UTF-8"?><request protocol="3.0" updater="Omaha" updaterversion="1.3.33.23" shell_version="1.3.33.23" ismachine="1" sessionid="{71FA3D0D-5607-4C0D-A602-A56B3DC688B0}" installsource="taggedmi" requestid="{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}" dedup="cr" domainjoined="0"><hw physmemory="3" sse="1" sse2="1" sse3="1" ssse3="1" sse41="1" sse42="1" avx="1"/><os platform="win" version="6.1.7601.0" sp="Service Pack 1" arch="x86"/><app appid="{8A69D345-D564-463C-AFF1-A69D9E530F96}" version="" nextversion="73.0.3683.103" lang="zh-CN" brand="" client="" installage="229" installdate="4256" iid="{646A3820-F960-76B0-643B-54017A01C98A}" cohort="1:gu/i19:" cohortname="Stable Installs Only"><event eventtype="9" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="5" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="1" eventresult="1" errorcode="0" extracode1="0" downloader="bits" url="http://redirector.gvt1.com/edgedl/release2/chrome/ANDN0dqXDGP8_73.0.3683.103/73.0.3683.103_chrome_installer.exe" downloaded="54547712" total="54547712" download_time_ms="33718"/></app></request>
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}
PersistedPingTime
131997306501996250
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}
PersistedPingString
<?xml version="1.0" encoding="UTF-8"?><request protocol="3.0" updater="Omaha" updaterversion="1.3.33.23" shell_version="1.3.33.23" ismachine="1" sessionid="{71FA3D0D-5607-4C0D-A602-A56B3DC688B0}" installsource="taggedmi" requestid="{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}" dedup="cr" domainjoined="0"><hw physmemory="3" sse="1" sse2="1" sse3="1" ssse3="1" sse41="1" sse42="1" avx="1"/><os platform="win" version="6.1.7601.0" sp="Service Pack 1" arch="x86"/><app appid="{8A69D345-D564-463C-AFF1-A69D9E530F96}" version="" nextversion="73.0.3683.103" lang="zh-CN" brand="" client="" installage="229" installdate="4256" iid="{646A3820-F960-76B0-643B-54017A01C98A}" cohort="1:gu/i19:" cohortname="Stable Installs Only"><event eventtype="9" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="5" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="1" eventresult="1" errorcode="0" extracode1="0" downloader="bits" url="http://redirector.gvt1.com/edgedl/release2/chrome/ANDN0dqXDGP8_73.0.3683.103/73.0.3683.103_chrome_installer.exe" downloaded="54547712" total="54547712" download_time_ms="33718"/><event eventtype="1" eventresult="1" errorcode="0" extracode1="0"/></app></request>
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}
PersistedPingString
<?xml version="1.0" encoding="UTF-8"?><request protocol="3.0" updater="Omaha" updaterversion="1.3.33.23" shell_version="1.3.33.23" ismachine="1" sessionid="{71FA3D0D-5607-4C0D-A602-A56B3DC688B0}" installsource="taggedmi" requestid="{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}" dedup="cr" domainjoined="0"><hw physmemory="3" sse="1" sse2="1" sse3="1" ssse3="1" sse41="1" sse42="1" avx="1"/><os platform="win" version="6.1.7601.0" sp="Service Pack 1" arch="x86"/><app appid="{8A69D345-D564-463C-AFF1-A69D9E530F96}" version="" nextversion="73.0.3683.103" lang="zh-CN" brand="" client="" installage="229" installdate="4256" iid="{646A3820-F960-76B0-643B-54017A01C98A}" cohort="1:gu/i19:" cohortname="Stable Installs Only"><event eventtype="9" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="5" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="1" eventresult="1" errorcode="0" extracode1="0" downloader="bits" url="http://redirector.gvt1.com/edgedl/release2/chrome/ANDN0dqXDGP8_73.0.3683.103/73.0.3683.103_chrome_installer.exe" downloaded="54547712" total="54547712" download_time_ms="33718"/><event eventtype="1" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="6" eventresult="1" errorcode="0" extracode1="0"/></app></request>
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}
PersistedPingTime
131997306508402500
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
lang
zh-CN
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
browser
4
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
InstallTimeRemainingMs
4294967295
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
InstallProgressPercent
100
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
StateValue
13
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
InstallProgressPercent
24
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
InstallProgressPercent
37
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
InstallProgressPercent
56
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
InstallProgressPercent
75
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
InstallProgressPercent
81
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
LastInstallerResult
0
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
LastInstallerError
2
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
LastInstallerSuccessLaunchCmdLine
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update
LastInstallerResult
0
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update
LastInstallerError
2
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update
LastInstallerSuccessLaunchCmdLine
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
pv
73.0.3683.103
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
iid
{646A3820-F960-76B0-643B-54017A01C98A}
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
LastCheckSuccess
1555257060
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}
PersistedPingString
<?xml version="1.0" encoding="UTF-8"?><request protocol="3.0" updater="Omaha" updaterversion="1.3.33.23" shell_version="1.3.33.23" ismachine="1" sessionid="{71FA3D0D-5607-4C0D-A602-A56B3DC688B0}" installsource="taggedmi" requestid="{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}" dedup="cr" domainjoined="0"><hw physmemory="3" sse="1" sse2="1" sse3="1" ssse3="1" sse41="1" sse42="1" avx="1"/><os platform="win" version="6.1.7601.0" sp="Service Pack 1" arch="x86"/><app appid="{8A69D345-D564-463C-AFF1-A69D9E530F96}" version="" nextversion="73.0.3683.103" lang="zh-CN" brand="" client="" installage="229" installdate="4256" iid="{646A3820-F960-76B0-643B-54017A01C98A}" cohort="1:gu/i19:" cohortname="Stable Installs Only"><event eventtype="9" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="5" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="1" eventresult="1" errorcode="0" extracode1="0" downloader="bits" url="http://redirector.gvt1.com/edgedl/release2/chrome/ANDN0dqXDGP8_73.0.3683.103/73.0.3683.103_chrome_installer.exe" downloaded="54547712" total="54547712" download_time_ms="33718"/><event eventtype="1" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="6" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="2" eventresult="1" errorcode="0" extracode1="0" source_url_index="0" update_check_time_ms="3125" download_time_ms="34437" downloaded="54547712" total="54547712" install_time_ms="9297"/></app></request>
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{B6A5F3AB-D6D1-4F7F-901A-AE77FD485C0D}
PersistedPingTime
131997306601996250
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
InstallTimeRemainingMs
0
1344
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
StateValue
14
2676
73.0.3683.103_chrome_installer.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
ap
-full
3004
setup.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}
3004
setup.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32
3004
setup.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{708860E0-F641-4611-8895-7D867DD3675B}
3004
setup.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{708860E0-F641-4611-8895-7D867DD3675B}
3004
setup.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8}
3004
setup.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\ProxyStubClsid32
3004
setup.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\TypeLib
3004
setup.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}
3004
setup.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\1.0
3004
setup.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\1.0\0
3004
setup.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\1.0\0\win32
3004
setup.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\1.0\0\win64
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
InstallerProgress
18
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
InstallerProgress
24
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
InstallerProgress
37
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
InstallerProgress
43
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
InstallerProgress
49
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
InstallerProgress
56
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
UninstallString
C:\Program Files\Google\Chrome\Application\73.0.3683.103\Installer\setup.exe
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
UninstallArguments
--uninstall --msi --system-level --verbose-logging
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}
name
Google Chrome
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}
pv
73.0.3683.103
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
Google Chrome
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
StubPath
"C:\Program Files\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
Localized Name
Google Chrome
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
IsInstalled
1
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
Version
43,0,0,0
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\on-os-upgrade
CommandLine
"C:\Program Files\Google\Chrome\Application\73.0.3683.103\Installer\setup.exe" --on-os-upgrade --system-level --verbose-logging
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\on-os-upgrade
AutoRunOnOSUpgrade
1
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\store-dmtoken
CommandLine
"C:\Program Files\Google\Chrome\Application\73.0.3683.103\Installer\setup.exe" --store-dmtoken=%1 --system-level --verbose-logging
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\store-dmtoken
WebAccessible
1
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32
"C:\Program Files\Google\Chrome\Application\73.0.3683.103\notification_helper.exe"
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32
ServerExecutable
C:\Program Files\Google\Chrome\Application\73.0.3683.103\notification_helper.exe
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{708860E0-F641-4611-8895-7D867DD3675B}
AppID
{708860E0-F641-4611-8895-7D867DD3675B}
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{708860E0-F641-4611-8895-7D867DD3675B}
LocalService
GoogleChromeElevationService
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\ProxyStubClsid32
{00020424-0000-0000-C000-000000000046}
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\TypeLib
{463ABECF-410D-407F-8AF5-0DF35A005CC8}
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\1.0\0\win32
C:\Program Files\Google\Chrome\Application\73.0.3683.103\elevation_service.exe
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\1.0\0\win64
C:\Program Files\Google\Chrome\Application\73.0.3683.103\elevation_service.exe
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
msi
1
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
InstallerProgress
62
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
InstallerProgress
68
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
InstallerProgress
75
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
GlobalAssocChangedCounter
57
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
GlobalAssocChangedCounter
58
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
GlobalAssocChangedCounter
59
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
InstallerProgress
81
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Chrome
CategoryCount
1
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Chrome
TypesSupported
7
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Chrome
CategoryMessageFile
C:\Program Files\Google\Chrome\Application\73.0.3683.103\eventlog_provider.dll
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Chrome
EventMessageFile
C:\Program Files\Google\Chrome\Application\73.0.3683.103\eventlog_provider.dll
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Chrome
ParameterMessageFile
C:\Program Files\Google\Chrome\Application\73.0.3683.103\eventlog_provider.dll
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML
Chrome HTML Document
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\DefaultIcon
C:\Program Files\Google\Chrome\Application\chrome.exe,0
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromeHTML\shell\open\command
"C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe
Path
C:\Program Files\Google\Chrome\Application
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithProgids
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\OpenWithProgids
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.pdf\OpenWithProgids
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml\OpenWithProgids
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.svg\OpenWithProgids
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xht\OpenWithProgids
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xhtml\OpenWithProgids
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.webp\OpenWithProgids
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome
Google Chrome
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
"C:\Program Files\Google\Chrome\Application\chrome.exe"
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\DefaultIcon
C:\Program Files\Google\Chrome\Application\chrome.exe,0
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\InstallInfo
ReinstallCommand
"C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\InstallInfo
HideIconsCommand
"C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\InstallInfo
ShowIconsCommand
"C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\InstallInfo
IconsVisible
1
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications
Google Chrome
Software\Clients\StartMenuInternet\Google Chrome\Capabilities
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities
ApplicationDescription
Google Chrome 浏览器是一款可高速运行网页和应用的网络浏览器。它快捷、稳定且易于使用。Google Chrome 浏览器内置的恶意软件和网上诱骗防护功能可让您更安全地浏览网页。
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities
ApplicationIcon
C:\Program Files\Google\Chrome\Application\chrome.exe,0
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities
ApplicationName
Google Chrome
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\Startmenu
StartMenuInternet
Google Chrome
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
.htm
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
.html
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
.pdf
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
.shtml
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
.svg
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
.xht
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
.xhtml
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
.webp
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
ftp
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
http
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
https
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
irc
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
mailto
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
mms
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
news
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
nntp
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
sms
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
smsto
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
tel
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
urn
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
webcal
ChromeHTML
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
GlobalAssocChangedCounter
60
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
InstallerProgress
87
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
InstallerProgress
100
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
InstallerResult
0
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
InstallerError
2
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
InstallerSuccessLaunchCmdLine
"C:\Program Files\Google\Chrome\Application\chrome.exe"
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EDF60E6CC0B1623E904001B99652E9A\InstallProperties
DisplayVersion
73.0.3683.103
3004
setup.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6E06FDE9-B0CC-3261-9E40-00B19956E2A9}
DisplayVersion
73.0.3683.103
2472
GoogleUpdate.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\64\52C64B7E
LanguageList
en-US
2472
GoogleUpdate.exe
write
HKEY_CURRENT_USER\Software\Google\Update\proxy
source
auto
3212
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
3212
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
failed_count
0
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
2
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
01000000
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
1
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
1
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome
UsageStatsInSample
0
3212
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
0
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_installdate
0
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_enableddate
0
3212
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
aggregate
sum()
3212
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
S-1-5-21-1302019708-1500728564-335382590-1000
1
3212
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
aggregate
sum()
3212
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
S-1-5-21-1302019708-1500728564-335382590-1000
0
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
0
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
13199730672121500
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
version
73.0.3683.103
3212
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\64\52C64B7E
LanguageList
en-US
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
aapocclcgogkmnckokdopfmhonfmgoek
2284DD94AC1B3AB6BA3A7C2FC4B9733359BDB747982C3530DC2E048B6D62CB90
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
15B1C3FE35F29528448F36A72A4DFBC58A8083C7190559D25865779166D220A2
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
aohghmighlieiainnegkcijnfilokake
E1B425BEDF810783B6CE2A966DDD714F5D185D931907738312CC26D3436F19A0
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
apdfllckaahabafndbhieahigkjlhalf
C9596C0583B5F4B1415B32D1D633065CCF1F745F61A810132E84A3642635FC42
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
blpcfgokakmgnkcojhhkbfbldkacnbeo
A6B528D23C0642276B9F77A21818FBE316600C3232A9DFA1CB57C8A0ECC32BF8
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
felcaaldnbdncclmgdcncolpebgiejap
7AE9E9672BE6A519E095B3538693B3281538614108EE792E92B319F632B56C6F
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
D6B079666F209503A09486C70AC09307652A0F7F783166A999B27C99D0DA79E2
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
C99FDA259CD9DFB68005D94D116F4B1F3723EDC1725FD8B37C476CF441F044D6
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
00175B8120231631976CA8B862A3416996C9373BA3D289F0619DDA992973DDFA
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
63355C14E8C7DF9A075F2EDDEA6F2807DC8166B83F96F4C975B9B6554C6324D7
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
0E265BFED6F1C7D5F0A9BD790C50BB30E78E959631D51EEBB8BB0DE73E65763C
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
04A45240BDA55E8777FA04357712CA6DD942253A21323E4C7D3CCF769B34BFED
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
EFA63CBF982B82CF44E63E567FF3BB95FE3F51570D9A0CED8846E77B13199169
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
05CE80D3373CDE54F78A3C5B1BF3CFCEF90AC073C12B911AC83692856FE39587
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pjkljhegncpnkpknbcohdijeoejaedia
54DC58325420B0AE2DFC2E5803FD2788A2DCCFA3A3BFBA0A9D3AB15F101C4748
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
3BFA0822926BA514BEBA499019BFF18482EE15A51A2D38854BB2702B7928DA12
3212
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
1
3376
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
3212-13199730670934000
259
3376
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
3212-13199730670934000
0
2088
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\64\52C64B7E
LanguageList
en-US
2088
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\64\52C64B7E
@%SystemRoot%\system32\p2pcollab.dll,-8042
Peer to Peer Trust
2088
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\64\52C64B7E
@%SystemRoot%\system32\qagentrt.dll,-10
System Health Authentication
2088
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\64\52C64B7E
@%SystemRoot%\system32\dnsapi.dll,-103
Domain Name System (DNS) Server Trust
2088
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\64\52C64B7E
@%SystemRoot%\System32\fveui.dll,-843
BitLocker Drive Encryption
2088
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\64\52C64B7E
@%SystemRoot%\System32\fveui.dll,-844
BitLocker Data Recovery Agent
3120
GoogleUpdate.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
3120
GoogleUpdate.exe
delete key
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{FA60BAE9-D185-463E-B7FD-F3E7B26B32CA}
3120
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
StateValue
2
3120
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{FA60BAE9-D185-463E-B7FD-F3E7B26B32CA}
PersistedPingString
<?xml version="1.0" encoding="UTF-8"?><request protocol="3.0" updater="Omaha" updaterversion="1.3.33.23" shell_version="1.3.33.23" ismachine="1" sessionid="{FCB62F10-E175-4691-82CF-9B2F6142832E}" requestid="{FA60BAE9-D185-463E-B7FD-F3E7B26B32CA}" dedup="cr" domainjoined="0"><hw physmemory="3" sse="1" sse2="1" sse3="1" ssse3="1" sse41="1" sse42="1" avx="1"/><os platform="win" version="6.1.7601.0" sp="Service Pack 1" arch="x86"/></request>
3120
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\PersistedPings\{FA60BAE9-D185-463E-B7FD-F3E7B26B32CA}
PersistedPingTime
131997306807777500
3120
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
pv
73.0.3683.103
3120
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
StateValue
3
3120
GoogleUpdate.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\64\52C64B7E
LanguageList
en-US
3120
GoogleUpdate.exe
write
HKEY_CURRENT_USER\Software\Google\Update\proxy
source
auto
3120
GoogleUpdate.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
0
3120
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
ActivePingDayStartSec
1555225199
3120
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
RollCallDayStartSec
1555225199
3120
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
DayOfLastActivity
4486
3120
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
DayOfLastRollCall
4486
3120
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
ping_freshness
{E6B763DE-64A4-4683-9838-EC16BB92D2E8}
3120
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\cohort
1:gu:
3120
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\cohort
hint
3120
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\cohort
name
Stable
3120
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
LastCheckSuccess
1555257083
3120
GoogleUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}\CurrentState
StateValue
16

Files activity

Executable files
151
Suspicious files
54
Text files
147
Unknown types
79

Dropped files

PID
Process
Filename
Type
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\GoogleUpdateBroker.exe
executable
MD5: ad8495335c1a605a4e0e32334df52303
SHA256: 1f0551c7862babd3b22043cbef6ae6cdfd07b546369fb9c3d4bfea5366c6fb36
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_pt-PT.dll
executable
MD5: 047eaa80646d93c7b608986cc5c8f492
SHA256: be321f8e9343b4892d4eb1b86f3a15f4fbe25b90cc3e1381cf05be7bd8990f57
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_pt-PT.dll
executable
MD5: 047eaa80646d93c7b608986cc5c8f492
SHA256: be321f8e9343b4892d4eb1b86f3a15f4fbe25b90cc3e1381cf05be7bd8990f57
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_ru.dll
executable
MD5: 15c83c84b3771e803b93c33e89c90951
SHA256: d680efd7d70374124c7ba3a8f0a229c34717fa0d3302a8ca3a4c6cf0a85e0b7f
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_tr.dll
executable
MD5: a08d5d788adf592857e6518c58d2058f
SHA256: 9659fdcc4c1553071b51af4de21ed14113b6bee6d62a14168d6b595243f8c1c9
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_it.dll
executable
MD5: 0d6766b2dc0b6e757e4db21f18cf8e93
SHA256: 2c51e3db1da14244ebf92538d5d0d39da73f4dc3e1eac1913f860e8e1783fd0b
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_ro.dll
executable
MD5: c0782d9740811e5fef9e2500c7de747f
SHA256: 37f0d2e905e2314980e1ce573db4a5db3c21d881a495011b731c535086ffa24f
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_ja.dll
executable
MD5: 57ae4d67067d45ff30e8e668f4299654
SHA256: 06b2d0c9b449e0f5386a83ee7aaf9741583918c023445052f0e733c81accf541
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_nl.dll
executable
MD5: 5b33b8147fa51c3561b8210752ae1535
SHA256: 088f0b1d5b1bb3c01e57b6103723e061927ec2af7f8e9bddb29a72dfce86886d
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_pl.dll
executable
MD5: 8d2234c272199bb271300476ebf78b6a
SHA256: 52d9c9582f53dc4574bd8aa502ecc3d7e76317ba996e3813c0aaea56a55ca531
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_pt-BR.dll
executable
MD5: 2ff041fbf7c188568f815f7fb097abe3
SHA256: 4006c3460b4f6c3fc4f63f16578e9b599211540874bc615ef341ab06312b136e
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_mr.dll
executable
MD5: 736126bc41a068fef010ffdb32161f82
SHA256: d786900a2633b6f1c31d0b710811a6d6ca445513b9a618dba383d0776ed44b86
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_pt-BR.dll
executable
MD5: 2ff041fbf7c188568f815f7fb097abe3
SHA256: 4006c3460b4f6c3fc4f63f16578e9b599211540874bc615ef341ab06312b136e
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_kn.dll
executable
MD5: c6b120e1dc145cdd9c20466fb4f41d59
SHA256: cd4f29a02dcd6c040113234fe685fc08ff728850a158319aa49aac346d76b193
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_fr.dll
executable
MD5: 271c77932ac715f1afaad0e62f589960
SHA256: 6aeca6aeceb9ffdd4d336b3a6e6085574134c1dc43a6a4dea5e107f230a7b6c0
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_ms.dll
executable
MD5: 73866aeee02ec7b1daee1769db41fdcc
SHA256: f58ef79dfd1e74fafcfa291b4c11575a124be1f496e4268823cc21b87332b8df
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_sw.dll
executable
MD5: 02a8291af1ea81e83d582207bbf6a507
SHA256: bf0dfabab8aba1a7245732648582690726ed8477a338deb69b71e1c4f96aa193
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_is.dll
executable
MD5: 64c26403ccab9824c347d471e39fdc26
SHA256: 519e0040b44b7ae7b25372ff3ca61b508378d98d2f2a324925cf9241d05c2cfd
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_sr.dll
executable
MD5: 6583ebd9d5de4b34a38d33d76f7be9fd
SHA256: 15744393ee61c3b80502ceeb3539512d647585ca4b0d41b1ca0f294b70d497b0
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_lt.dll
executable
MD5: b9f817aa59e7f216990e28bb2b322822
SHA256: 29709aaf8cc71abf20a67137740ec69cccf55775ce1d84b0ed2c1ad726568bfe
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_fr.dll
executable
MD5: 271c77932ac715f1afaad0e62f589960
SHA256: 6aeca6aeceb9ffdd4d336b3a6e6085574134c1dc43a6a4dea5e107f230a7b6c0
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_hu.dll
executable
MD5: de8ce5c14938e792583904af942957a6
SHA256: cf7ea4616c0133cea443ceb9ba18fe5be29496c2690a6d157048cbdfcc58c006
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_ml.dll
executable
MD5: 5f94b40090c67f22a3cbc179637d98ff
SHA256: 66fec298e9ac00098b7bb6008c25520b0d86574a2d92f84a5bae383e73e4286f
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_sk.dll
executable
MD5: ce675a9fa01132b6028205845537782a
SHA256: 7cd1408adef514b1f999947766c85497b4f7844ddb61ee767f4b5f70684ab9c3
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_fil.dll
executable
MD5: 1c857dd9b882d048e6bead17a34fe158
SHA256: 3f36f76fe9ef6294f0f74c030e4246de5033156c347c78f560f6c01ffb3f80ba
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_hi.dll
executable
MD5: 5693ceb953641059ebcbae48c2352136
SHA256: 2659f5944739b65af1ede517c3f7ea891b7108cb711f863916ff4e0ab95fa3cf
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_sv.dll
executable
MD5: a81609331cca7de48bc73759ba49f8e1
SHA256: 3c318f1ba1f9a22b27be22f71aa14a2ffd143f3c5950c815b459eb4ce9d38c99
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_te.dll
executable
MD5: 906338580d30032217acfe7878e0c4ee
SHA256: d60d0eb31e988c28311999918f085a054e434fae73714ee46ef5f1595f91735b
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_id.dll
executable
MD5: 7a28097be0a4c2a5c3f4adabf1e39a77
SHA256: 2cfcd743e935763e6d4c6e38fa59c66156fa5509c481a682f46d213ee53e303d
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_gu.dll
executable
MD5: 2cc1d463aa06f6b5f52e3bd899d68487
SHA256: 10b28942c2b1332ce332cefba426ada83f5edf0a742cc84e12062ec614200795
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_en.dll
executable
MD5: a96f428b9219faf6698c914d7a465d15
SHA256: 11e531a22bc5cad48a7e1d63b8ec15830c598d30f38c2dc992d362f555aa0b37
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_ru.dll
executable
MD5: 15c83c84b3771e803b93c33e89c90951
SHA256: d680efd7d70374124c7ba3a8f0a229c34717fa0d3302a8ca3a4c6cf0a85e0b7f
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\psuser.dll
executable
MD5: 65802ca6026ec0adaf1ac7d550b6b245
SHA256: e55f485b6604f84c22e709f889ad7418ca13136157fce2992b6a8b23a7e52aed
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_et.dll
executable
MD5: a6d480ba1bd4cf7ac0c0b0f56a3ff0ff
SHA256: e41acbc8ea404e0374d7df0d855e467bfad8f9abd7d33df16168860bd807a337
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_hr.dll
executable
MD5: 66ef2e938824dbb7235271f1078de85d
SHA256: 0ee944d0f28efd972cb0f9c9f74f77f271f7fc6601fd4c26c47aadae22f55af9
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_th.dll
executable
MD5: 752c0f6f229df85ac24dc097e2f299a9
SHA256: 24cc596085ff60228290b1d2aca944856a003db25374ab07409fbb4d8ce8c0c1
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_iw.dll
executable
MD5: 9acb33ef5dd1ec154d70d424f927f0f0
SHA256: 483a6793e59cc27f3b711d0fd9e94f6b7ff5d749f819d800fd971a593e6c9d8b
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_fil.dll
executable
MD5: 1c857dd9b882d048e6bead17a34fe158
SHA256: 3f36f76fe9ef6294f0f74c030e4246de5033156c347c78f560f6c01ffb3f80ba
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_lt.dll
executable
MD5: b9f817aa59e7f216990e28bb2b322822
SHA256: 29709aaf8cc71abf20a67137740ec69cccf55775ce1d84b0ed2c1ad726568bfe
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_ta.dll
executable
MD5: 41c8270d368ee70faaa09c68a740f374
SHA256: 1a69b26392f957b9fb2c4b5d89428d8f7adbce6c5a2099c2bc0f13386f5329d0
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_el.dll
executable
MD5: c8224a92933be8a7c6f45a32fe69b24d
SHA256: 0dbac07b603c1a14b04beb0bf0868df99ec2de47a3494655a057fd98d4b54058
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_id.dll
executable
MD5: 7a28097be0a4c2a5c3f4adabf1e39a77
SHA256: 2cfcd743e935763e6d4c6e38fa59c66156fa5509c481a682f46d213ee53e303d
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_ms.dll
executable
MD5: 73866aeee02ec7b1daee1769db41fdcc
SHA256: f58ef79dfd1e74fafcfa291b4c11575a124be1f496e4268823cc21b87332b8df
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_kn.dll
executable
MD5: c6b120e1dc145cdd9c20466fb4f41d59
SHA256: cd4f29a02dcd6c040113234fe685fc08ff728850a158319aa49aac346d76b193
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_gu.dll
executable
MD5: 2cc1d463aa06f6b5f52e3bd899d68487
SHA256: 10b28942c2b1332ce332cefba426ada83f5edf0a742cc84e12062ec614200795
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_en-GB.dll
executable
MD5: 6f6a8775f89f24ef22300c8181da78b8
SHA256: adc3226e2893d7855a575dc84cc87f180dab45a35e83e82944c0cba0756d4705
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_nl.dll
executable
MD5: 5b33b8147fa51c3561b8210752ae1535
SHA256: 088f0b1d5b1bb3c01e57b6103723e061927ec2af7f8e9bddb29a72dfce86886d
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_sl.dll
executable
MD5: 7e353417712ebd0eeb7820f8193aeb3d
SHA256: 0fb51c67042c316139fa0cb423716fc543b161a41cc8c6267e5e06d3d950703f
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\GoogleCrashHandler64.exe
executable
MD5: 73f542663fd48b49a798a56daa18c136
SHA256: 0fb06831bc0b8d32d1c41648bb3318df5fed8ff839ed0222b62937d0d3eb1874
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_ko.dll
executable
MD5: 8bea945ac0072425751e62d67af193cf
SHA256: a75abfb69b7a9980a0325a3b0ef13cf6e1cc08e5c660f69b4f445b243ecdbc36
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_es-419.dll
executable
MD5: 1e22b3094af9a935c60c49535686a6ba
SHA256: 610d9a4567af3da0e9ab12eddb2f5446c66528158aba22d892cc9f0f39c3e851
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_no.dll
executable
MD5: 86ac9b5b3b0146ec66208453d5bbbad2
SHA256: b15dcc6bc551bb7b1e2b394eb782794fc165965135180c06dd3582323fd7c4f5
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_hu.dll
executable
MD5: de8ce5c14938e792583904af942957a6
SHA256: cf7ea4616c0133cea443ceb9ba18fe5be29496c2690a6d157048cbdfcc58c006
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_de.dll
executable
MD5: 13f431929b2d1fa8772ebe3b77e0a95a
SHA256: 3994380cfe6a5b2e4e299f3516226040f4b6b9392faa36efa83a020df2288c54
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_sl.dll
executable
MD5: 7e353417712ebd0eeb7820f8193aeb3d
SHA256: 0fb51c67042c316139fa0cb423716fc543b161a41cc8c6267e5e06d3d950703f
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\GoogleUpdateSetup.exe
executable
MD5: d113bca512006e89184866a465cd515c
SHA256: 5ebc34571aa6bcbf80971df319536cbaef083360eb3e61be2d70d8216df9e74c
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_fi.dll
executable
MD5: 136657ea12652d31bab3f5b9a264e81e
SHA256: 4f1aaa0d73d6140b167f5be01fa779ca5c5126c56a64f97d2ff1df8e8d360830
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_lv.dll
executable
MD5: dbe4d2ce3f565621e72e8d51323464c3
SHA256: b0ccbf0055df6ac3a65a51b31a80a1be3073e533ceca46ee44b80aa90aec99f4
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_ro.dll
executable
MD5: c0782d9740811e5fef9e2500c7de747f
SHA256: 37f0d2e905e2314980e1ce573db4a5db3c21d881a495011b731c535086ffa24f
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_ja.dll
executable
MD5: 57ae4d67067d45ff30e8e668f4299654
SHA256: 06b2d0c9b449e0f5386a83ee7aaf9741583918c023445052f0e733c81accf541
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_is.dll
executable
MD5: 64c26403ccab9824c347d471e39fdc26
SHA256: 519e0040b44b7ae7b25372ff3ca61b508378d98d2f2a324925cf9241d05c2cfd
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_fa.dll
executable
MD5: 7723919eb0bd3ef37d753ce50fa58a41
SHA256: d9b9614ec7d25aecdcdc1de3fcf1a48c889dd0e43651eaeb0b5310466ea8d8d9
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_iw.dll
executable
MD5: 9acb33ef5dd1ec154d70d424f927f0f0
SHA256: 483a6793e59cc27f3b711d0fd9e94f6b7ff5d749f819d800fd971a593e6c9d8b
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_ur.dll
executable
MD5: c7b389dcdcbf45c959a1904edd76eaf7
SHA256: a642cd042b3ab4a7a3f108573d1e6a7d3a766f6d895bca83b7499c6a3d3ac5b6
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_hi.dll
executable
MD5: 5693ceb953641059ebcbae48c2352136
SHA256: 2659f5944739b65af1ede517c3f7ea891b7108cb711f863916ff4e0ab95fa3cf
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_es.dll
executable
MD5: 575eca90e1d4c16ccc15492c6f0b1679
SHA256: d7db60c5d5a3dbb4deb8faa3f769f7e735f5f7f47ca08f4813f4fc7b7d78859d
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_sk.dll
executable
MD5: ce675a9fa01132b6028205845537782a
SHA256: 7cd1408adef514b1f999947766c85497b4f7844ddb61ee767f4b5f70684ab9c3
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_zh-CN.dll
executable
MD5: 00daa25a9933cd655f4a93685a811bc1
SHA256: 3904ab6c2961c55ab9295c2d3a2ea8ca748dcfb379e527af8139b3300ab6cef3
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_bn.dll
executable
MD5: cf80cbd346d07fab17e587223be09be0
SHA256: c7d626ca0a2bf3c97a107676b3508e051ffd74ea149290d28a39f27b0880f1ba
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_am.dll
executable
MD5: 949cbdd7a39f11c0472089cbde74fecf
SHA256: 9c0d513acbcb9ee61e4e388d4a3c158b0a2b2cea9f9cc7851d842ff16483489e
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_mr.dll
executable
MD5: 736126bc41a068fef010ffdb32161f82
SHA256: d786900a2633b6f1c31d0b710811a6d6ca445513b9a618dba383d0776ed44b86
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_ko.dll
executable
MD5: 8bea945ac0072425751e62d67af193cf
SHA256: a75abfb69b7a9980a0325a3b0ef13cf6e1cc08e5c660f69b4f445b243ecdbc36
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\psuser_64.dll
executable
MD5: 0840fa02dcae1da4fedb8f125e5dfb3d
SHA256: ea7012f251b9af53d0cd7d40e32c7f7ee2b111c9b2526a54a0accd80227812a7
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdate.dll
executable
MD5: 56a9edf0ecef72b4eb446d46808c4bac
SHA256: fd138050b4939a5cab11d160829b80dbbe30f8d8999f8d602b0fdb8c3bac1c78
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_fi.dll
executable
MD5: 136657ea12652d31bab3f5b9a264e81e
SHA256: 4f1aaa0d73d6140b167f5be01fa779ca5c5126c56a64f97d2ff1df8e8d360830
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_lv.dll
executable
MD5: dbe4d2ce3f565621e72e8d51323464c3
SHA256: b0ccbf0055df6ac3a65a51b31a80a1be3073e533ceca46ee44b80aa90aec99f4
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_da.dll
executable
MD5: 794b9152881d5adaabc433d078c18995
SHA256: f9692696d0e452a753ba157af10ef9eb70d55ec2880229d0a6ec59cc58c543aa
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_cs.dll
executable
MD5: 1cc0144a40ebb98a6a56e46c113b5942
SHA256: a7835f9c8bf94a5bd42c0928847e41c79e740fe35b4c2d1fdf5236fef64a99dc
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_no.dll
executable
MD5: 86ac9b5b3b0146ec66208453d5bbbad2
SHA256: b15dcc6bc551bb7b1e2b394eb782794fc165965135180c06dd3582323fd7c4f5
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_sr.dll
executable
MD5: 6583ebd9d5de4b34a38d33d76f7be9fd
SHA256: 15744393ee61c3b80502ceeb3539512d647585ca4b0d41b1ca0f294b70d497b0
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_de.dll
executable
MD5: 13f431929b2d1fa8772ebe3b77e0a95a
SHA256: 3994380cfe6a5b2e4e299f3516226040f4b6b9392faa36efa83a020df2288c54
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\GoogleCrashHandler64.exe
executable
MD5: 73f542663fd48b49a798a56daa18c136
SHA256: 0fb06831bc0b8d32d1c41648bb3318df5fed8ff839ed0222b62937d0d3eb1874
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_el.dll
executable
MD5: c8224a92933be8a7c6f45a32fe69b24d
SHA256: 0dbac07b603c1a14b04beb0bf0868df99ec2de47a3494655a057fd98d4b54058
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_zh-TW.dll
executable
MD5: 2d054293e035e00cea8901ae8dabf531
SHA256: 5fa9ca4af42b0e735ad42627c3a002fce6b4e24df9dd185af751795b50ee0ac7
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_ar.dll
executable
MD5: d7fe95e5b8b682b89108c4f1e6231ebb
SHA256: 3180750de22f2606d51700a53bb5b88c321037103dfb7d88e3ce10e58d79a33f
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\psmachine.dll
executable
MD5: 0da4e822a670c70d36735b004c2af43b
SHA256: 1f6ad822dd637b8fd6e32f74ef4717e83c7c9eb823dce648402c60bf044e9735
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_ur.dll
executable
MD5: c7b389dcdcbf45c959a1904edd76eaf7
SHA256: a642cd042b3ab4a7a3f108573d1e6a7d3a766f6d895bca83b7499c6a3d3ac5b6
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_uk.dll
executable
MD5: 3a44fa2404b4705d95f5b76e2722d877
SHA256: e3cadfa3da53a8a4b591b919f5d4866d69c14406bdf482a2051b46fb60350917
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_fa.dll
executable
MD5: 7723919eb0bd3ef37d753ce50fa58a41
SHA256: d9b9614ec7d25aecdcdc1de3fcf1a48c889dd0e43651eaeb0b5310466ea8d8d9
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\npGoogleUpdate3.dll
executable
MD5: 3d1497f3f1a344ffb733ce616bb9096d
SHA256: 9b0b9497771ebbef1bb0f3642fb0af8d41161db8a397b6620990262618514563
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_ta.dll
executable
MD5: 41c8270d368ee70faaa09c68a740f374
SHA256: 1a69b26392f957b9fb2c4b5d89428d8f7adbce6c5a2099c2bc0f13386f5329d0
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_vi.dll
executable
MD5: 082bef93b1f95c8c905e57737b6bdb2e
SHA256: 40b8016613d9b48abcdb6ce2c19928f2a6c114610fe9b0ace90740773a46ed09
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_hr.dll
executable
MD5: 66ef2e938824dbb7235271f1078de85d
SHA256: 0ee944d0f28efd972cb0f9c9f74f77f271f7fc6601fd4c26c47aadae22f55af9
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\GoogleCrashHandler.exe
executable
MD5: 7dc16faea44c8d96a1c113305a4059a2
SHA256: 9feda3752a98aec53b8e1aa8ca7416e84fe01954b2b40404fa925b7e099d733e
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_th.dll
executable
MD5: 752c0f6f229df85ac24dc097e2f299a9
SHA256: 24cc596085ff60228290b1d2aca944856a003db25374ab07409fbb4d8ce8c0c1
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_ml.dll
executable
MD5: 5f94b40090c67f22a3cbc179637d98ff
SHA256: 66fec298e9ac00098b7bb6008c25520b0d86574a2d92f84a5bae383e73e4286f
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_bg.dll
executable
MD5: e8da477e6457882058c71182088c92b9
SHA256: 6e38ee9f780303620bef28a23704651223d2bc158d212a7e3f66f70f0b8ce44c
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\psmachine_64.dll
executable
MD5: 001539eb28f8eccaf29f3837fd530dd6
SHA256: 0285f9fe9aed2d586432afb749ed86b6d517802fb56c49ef5f8f39a140e58dcc
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_sw.dll
executable
MD5: 02a8291af1ea81e83d582207bbf6a507
SHA256: bf0dfabab8aba1a7245732648582690726ed8477a338deb69b71e1c4f96aa193
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_pl.dll
executable
MD5: 8d2234c272199bb271300476ebf78b6a
SHA256: 52d9c9582f53dc4574bd8aa502ecc3d7e76317ba996e3813c0aaea56a55ca531
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_cs.dll
executable
MD5: 1cc0144a40ebb98a6a56e46c113b5942
SHA256: a7835f9c8bf94a5bd42c0928847e41c79e740fe35b4c2d1fdf5236fef64a99dc
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_ca.dll
executable
MD5: 48a5e78a7b7e760f1c450cfe98068f7f
SHA256: 795fc0cfe8e44e75ac054abc089a8e7865a0a106ccf84551eff547f2447352e4
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_te.dll
executable
MD5: 906338580d30032217acfe7878e0c4ee
SHA256: d60d0eb31e988c28311999918f085a054e434fae73714ee46ef5f1595f91735b
2676
73.0.3683.103_chrome_installer.exe
C:\Users\admin\AppData\Local\Temp\CR_6807A.tmp\setup.exe
executable
MD5: 283a2528e149559c85d6792340470c44
SHA256: 4abc10ba6fc82d191ea98e8b3c8a89f3c913c81a9d443445ba71aa3abb856f60
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_ca.dll
executable
MD5: 48a5e78a7b7e760f1c450cfe98068f7f
SHA256: 795fc0cfe8e44e75ac054abc089a8e7865a0a106ccf84551eff547f2447352e4
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\psuser_64.dll
executable
MD5: 0840fa02dcae1da4fedb8f125e5dfb3d
SHA256: ea7012f251b9af53d0cd7d40e32c7f7ee2b111c9b2526a54a0accd80227812a7
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_uk.dll
executable
MD5: 3a44fa2404b4705d95f5b76e2722d877
SHA256: e3cadfa3da53a8a4b591b919f5d4866d69c14406bdf482a2051b46fb60350917
3004
setup.exe
C:\Program Files\Google\Chrome\Temp\source3004_13074\Chrome-bin\73.0.3683.103\d3dcompiler_47.dll
executable
MD5: 587a415cd5ac2069813adef5f7685021
SHA256: 2ad0d4987fc4624566b190e747c9d95038443956ed816abfd1e2d389b5ec0851
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\psmachine_64.dll
executable
MD5: 001539eb28f8eccaf29f3837fd530dd6
SHA256: 0285f9fe9aed2d586432afb749ed86b6d517802fb56c49ef5f8f39a140e58dcc
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_bn.dll
executable
MD5: cf80cbd346d07fab17e587223be09be0
SHA256: c7d626ca0a2bf3c97a107676b3508e051ffd74ea149290d28a39f27b0880f1ba
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_tr.dll
executable
MD5: a08d5d788adf592857e6518c58d2058f
SHA256: 9659fdcc4c1553071b51af4de21ed14113b6bee6d62a14168d6b595243f8c1c9
3004
setup.exe
C:\Program Files\Google\Chrome\Temp\source3004_13074\Chrome-bin\73.0.3683.103\WidevineCdm\_platform_specific\win_x86\widevinecdm.dll
executable
MD5: 4b2bffbcc160438de44ff073a8d2a3ee
SHA256: 476d2070e450810bc15bec96335ee2c00898297fd1ad4f08d08894df578e83d8
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_et.dll
executable
MD5: a6d480ba1bd4cf7ac0c0b0f56a3ff0ff
SHA256: e41acbc8ea404e0374d7df0d855e467bfad8f9abd7d33df16168860bd807a337
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\GoogleUpdateOnDemand.exe
executable
MD5: ec0faadc62e1c1dada953de433befb01
SHA256: 0bfd90d2da21a977e38a4fc4b4ee5a7496e65b443286e81eb3e5252a9672957f
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\GoogleUpdateSetup.exe
executable
MD5: d113bca512006e89184866a465cd515c
SHA256: 5ebc34571aa6bcbf80971df319536cbaef083360eb3e61be2d70d8216df9e74c
3004
setup.exe
C:\Program Files\Google\Chrome\Temp\source3004_13074\Chrome-bin\chrome.exe
executable
MD5: e03573aab74bbd64475f25edfe60038b
SHA256: ab6c225828591d03563c55882792685037cbefbe5cad63d859ae503d0d529535
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_es.dll
executable
MD5: 575eca90e1d4c16ccc15492c6f0b1679
SHA256: d7db60c5d5a3dbb4deb8faa3f769f7e735f5f7f47ca08f4813f4fc7b7d78859d
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_da.dll
executable
MD5: 794b9152881d5adaabc433d078c18995
SHA256: f9692696d0e452a753ba157af10ef9eb70d55ec2880229d0a6ec59cc58c543aa
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_zh-TW.dll
executable
MD5: 2d054293e035e00cea8901ae8dabf531
SHA256: 5fa9ca4af42b0e735ad42627c3a002fce6b4e24df9dd185af751795b50ee0ac7
3004
setup.exe
C:\Program Files\Google\Chrome\Temp\source3004_13074\Chrome-bin\chrome_proxy.exe
executable
MD5: f4aeab5449bfb242ff4a4b4bd774deca
SHA256: 8f63a12cb4712cce3e2176a158c136baf08751d56d9c531543ee5ac9cb514a92
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_it.dll
executable
MD5: 0d6766b2dc0b6e757e4db21f18cf8e93
SHA256: 2c51e3db1da14244ebf92538d5d0d39da73f4dc3e1eac1913f860e8e1783fd0b
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\GoogleUpdateWebPlugin.exe
executable
MD5: ba7396ef42213c0f84343c186610b851
SHA256: c07f8e6543107a9c0084c43b773ef6be59697c5e4aecfb6d9546b8e200cbaffb
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_zh-CN.dll
executable
MD5: 00daa25a9933cd655f4a93685a811bc1
SHA256: 3904ab6c2961c55ab9295c2d3a2ea8ca748dcfb379e527af8139b3300ab6cef3
3004
setup.exe
C:\Program Files\Google\Chrome\Temp\scoped_dir3004_32720\chrome.exe
executable
MD5: 328cbfcac1dcb49a002ce125a8ad547b
SHA256: a8d59a71062dfba6304ce2f9fb5f5a13256db8bc6a829bed48e78040689d3d7e
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_am.dll
executable
MD5: 949cbdd7a39f11c0472089cbde74fecf
SHA256: 9c0d513acbcb9ee61e4e388d4a3c158b0a2b2cea9f9cc7851d842ff16483489e
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\GoogleUpdateHelper.msi
executable
MD5: 24bf312f1645b5b5cd4b32adf0b7c773
SHA256: f49d335308480fa3e22c050dd69e85afbfa2817bbd5a5ec4de8c8b1d6402fe80
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_vi.dll
executable
MD5: 082bef93b1f95c8c905e57737b6bdb2e
SHA256: 40b8016613d9b48abcdb6ce2c19928f2a6c114610fe9b0ace90740773a46ed09
3004
setup.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
executable
MD5: e03573aab74bbd64475f25edfe60038b
SHA256: ab6c225828591d03563c55882792685037cbefbe5cad63d859ae503d0d529535
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_en-GB.dll
executable
MD5: 6f6a8775f89f24ef22300c8181da78b8
SHA256: adc3226e2893d7855a575dc84cc87f180dab45a35e83e82944c0cba0756d4705
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_ar.dll
executable
MD5: d7fe95e5b8b682b89108c4f1e6231ebb
SHA256: 3180750de22f2606d51700a53bb5b88c321037103dfb7d88e3ce10e58d79a33f
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\GoogleUpdateBroker.exe
executable
MD5: ad8495335c1a605a4e0e32334df52303
SHA256: 1f0551c7862babd3b22043cbef6ae6cdfd07b546369fb9c3d4bfea5366c6fb36
3004
setup.exe
C:\Program Files\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe
executable
MD5: 283a2528e149559c85d6792340470c44
SHA256: 4abc10ba6fc82d191ea98e8b3c8a89f3c913c81a9d443445ba71aa3abb856f60
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_es-419.dll
executable
MD5: 1e22b3094af9a935c60c49535686a6ba
SHA256: 610d9a4567af3da0e9ab12eddb2f5446c66528158aba22d892cc9f0f39c3e851
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\GoogleUpdateComRegisterShell64.exe
executable
MD5: 5424fdf3776f5458eafaabfb87aa9285
SHA256: bffe720c49c36535b99fee62567118219a304273994fdd3c281dbf504bee6d34
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\GoogleUpdateHelper.msi
executable
MD5: 24bf312f1645b5b5cd4b32adf0b7c773
SHA256: f49d335308480fa3e22c050dd69e85afbfa2817bbd5a5ec4de8c8b1d6402fe80
3004
setup.exe
C:\Program Files\Google\Chrome\Application\73.0.3683.103\Installer\setup.exe
executable
MD5: 283a2528e149559c85d6792340470c44
SHA256: 4abc10ba6fc82d191ea98e8b3c8a89f3c913c81a9d443445ba71aa3abb856f60
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\GoogleUpdateComRegisterShell64.exe
executable
MD5: 5424fdf3776f5458eafaabfb87aa9285
SHA256: bffe720c49c36535b99fee62567118219a304273994fdd3c281dbf504bee6d34
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\goopdateres_bg.dll
executable
MD5: e8da477e6457882058c71182088c92b9
SHA256: 6e38ee9f780303620bef28a23704651223d2bc158d212a7e3f66f70f0b8ce44c
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\npGoogleUpdate3.dll
executable
MD5: 3d1497f3f1a344ffb733ce616bb9096d
SHA256: 9b0b9497771ebbef1bb0f3642fb0af8d41161db8a397b6620990262618514563
3004
setup.exe
C:\Program Files\Google\Chrome\Temp\scoped_dir3004_4780\chrome_proxy.exe
executable
MD5: f4aeab5449bfb242ff4a4b4bd774deca
SHA256: 8f63a12cb4712cce3e2176a158c136baf08751d56d9c531543ee5ac9cb514a92
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\GoogleUpdate.exe
executable
MD5: 88fbbb1c601a6bc42054e57c2897fa45
SHA256: 928c5bab515035de659c4255c209d33c407716da325798951b2e8da9bb230a9f
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\psuser.dll
executable
MD5: 65802ca6026ec0adaf1ac7d550b6b245
SHA256: e55f485b6604f84c22e709f889ad7418ca13136157fce2992b6a8b23a7e52aed
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\GoogleUpdateOnDemand.exe
executable
MD5: ec0faadc62e1c1dada953de433befb01
SHA256: 0bfd90d2da21a977e38a4fc4b4ee5a7496e65b443286e81eb3e5252a9672957f
3004
setup.exe
C:\Program Files\Google\Chrome\Application\chrome_proxy.exe
executable
MD5: f4aeab5449bfb242ff4a4b4bd774deca
SHA256: 8f63a12cb4712cce3e2176a158c136baf08751d56d9c531543ee5ac9cb514a92
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_en.dll
executable
MD5: a96f428b9219faf6698c914d7a465d15
SHA256: 11e531a22bc5cad48a7e1d63b8ec15830c598d30f38c2dc992d362f555aa0b37
2100
ChromeSetup.exe
C:\Users\admin\AppData\Local\Temp\GUM63EC.tmp\GoogleUpdate.exe
executable
MD5: 88fbbb1c601a6bc42054e57c2897fa45
SHA256: 928c5bab515035de659c4255c209d33c407716da325798951b2e8da9bb230a9f
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\GoogleUpdateWebPlugin.exe
executable
MD5: ba7396ef42213c0f84343c186610b851
SHA256: c07f8e6543107a9c0084c43b773ef6be59697c5e4aecfb6d9546b8e200cbaffb
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\GoogleCrashHandler.exe
executable
MD5: 7dc16faea44c8d96a1c113305a4059a2
SHA256: 9feda3752a98aec53b8e1aa8ca7416e84fe01954b2b40404fa925b7e099d733e
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdate.dll
executable
MD5: 56a9edf0ecef72b4eb446d46808c4bac
SHA256: fd138050b4939a5cab11d160829b80dbbe30f8d8999f8d602b0fdb8c3bac1c78
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\psmachine.dll
executable
MD5: 0da4e822a670c70d36735b004c2af43b
SHA256: 1f6ad822dd637b8fd6e32f74ef4717e83c7c9eb823dce648402c60bf044e9735
1796
GoogleUpdateSetup.exe
C:\Program Files\GUM6A93.tmp\goopdateres_sv.dll
executable
MD5: a81609331cca7de48bc73759ba49f8e1
SHA256: 3c318f1ba1f9a22b27be22f71aa14a2ffd143f3c5950c815b459eb4ce9d38c99
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\ru\messages.json
text
MD5: e61ccfd8f13aa36fef4fd8d651aca7aa
SHA256: 04c6ac4f77a59052f5ceb07c06e6e1cf311b5d5231e8732d837c7f936c3ae219
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\ro\messages.json
html
MD5: 2228b9adecbfb55d24890c9510f20b5b
SHA256: d2ce829cc617a8d01c366ec60d1718f52c63f1a9515fb0b1611e55b22f909c69
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\ms\messages.json
html
MD5: 9c3779e6e9f6f10e232ee7ad03d75921
SHA256: 6d7e1a3b52ea61d53cf44e770c89b4a370075b786dfa64174fa8b4565d0fadf3
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\pt\messages.json
html
MD5: 816dc05089e3ec573f5d4341a748fefb
SHA256: d610e5f9fae2d429ca1ba5c41bb52b93d2551222ceb751f335b0d43695544351
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\pl\messages.json
html
MD5: 0bd6d31a53f196364e23f00f1f5b0768
SHA256: 4ea7d131167712c8756062d7b6e8f8ae6de7eb2be91c440d3b8b260b7c7d494e
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\nb\messages.json
html
MD5: 3f56c75fcbcc66ba27df14b9ca5a1119
SHA256: d09c1ed9753d6ba323012a4b4ea4f186321bc3ae9bbaa7990b5773d95cc9a242
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\nl\messages.json
html
MD5: 8e38c515a274c55a4b003c47a23ddb4e
SHA256: ed0c2304a02cc8c49d5f4b055b73412b31505ce290a5af73858761c50f2000ef
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\mr\messages.json
text
MD5: df8ae4588605c10278c88d94e9c1dbbc
SHA256: b783440d2b13c18b97b02f24e953aa7a0c778817162ac91c9afbfead2d0bc8ff
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\ml\messages.json
text
MD5: 90f5f8ccfc9001b7845e2437d5b83740
SHA256: a0d6831c4dcb9492ceb7d8b1ff0426bf6bc7f6a9ceec7b26dafacde8ae06a3c3
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\lv\messages.json
html
MD5: 0cfd87cf25cd27b7928925f136978097
SHA256: a6dbd930c083e2e5dfb665131d9f1e6e6bd8896753cdb79cf059e21488a920da
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\lt\messages.json
html
MD5: a4e08cf83276578f0444c5c0a5b5196d
SHA256: c8a5d07ff98a92409aadcacd7ae99809e5f6e3be634ded7626dad8c00ec663e1
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\ko\messages.json
html
MD5: 46060399fc358c0c0620463fbfd3f325
SHA256: 139c7f78ca0f385cfaf9f08066d3347eeeba8705f746bee8eae4e15c82ba40cc
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\kn\messages.json
text
MD5: b79cb28daffc5af94b6ecd39a3aa4032
SHA256: 27e2c6d453cd3398f8cb64fb9d4a8776be0d80eb608088804bb23ac985a3aae7
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\ja\messages.json
html
MD5: d38392c4246c105fe2f394c7ef41d0a8
SHA256: d61644907520d8a808aed9fb1532ec0f5ef12461e66a5acc7327c9ed6c2a2681
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\iw\messages.json
html
MD5: 4b3a7915595b1f5a74027909bce968dd
SHA256: f95692a9717639fb9d3886efa9de71808cb5c6b0f4354e9b99816a996298fa8f
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\it\messages.json
html
MD5: c248ee6105ae77036fbb4c4e3e9d66e7
SHA256: c7451e207005197a225a3e43b479643c4dbe03865c2fff052acb9facc1025980
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\hu\messages.json
html
MD5: 2d794e2754e5c80f54bff8ed635184d0
SHA256: c83ec71e1b3b7f14910d05e962ecfc61dad91b034a6fa8abe6afaa5b968689e9
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\hi\messages.json
html
MD5: 46fca60f4c16afd5b68738750a16057e
SHA256: 61c146d44f9c4c054c9dbe79d565463496aae7fa95f784164649026eb852dee6
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\id\messages.json
html
MD5: 7b9a0847c6faa8402eab61c096024d33
SHA256: 5e50b077a10a977de39a8a99dbe25ee4c022e88f34d009a665ebf4b7cff688dc
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\hr\messages.json
html
MD5: 444cd89a9aab432251330292216f8dae
SHA256: 2defd1bcbd8d822f07a9c79e13e10bba7e61f49aa4d395b1315321dee6df6503
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\gu\messages.json
html
MD5: 18bd0fa4585a840991bbe01ea1d6bff9
SHA256: 5537157a0078c9485699fc8b103ffbbd069532e29245430c60cac08d6fc50e6e
3400
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3212_10199\CRX_INSTALL\_locales\fr\messages.json
html
MD5: 4d3875bef5c65792c16abe203fde1f16
SHA256: a34353385db3b07a96bb1c2da7a8e623ee296618845858a239834f7371685144