Submission Summary:

What's been foundSeverity Level
Registers a 32-bit in-process server DLL.
Contains characteristics of an identified security risk.

 

Technical Details:

NOTICE: The content shown in the above window is captured automatically and is not controlled or endorsed by ThreatExpert.
Please contact us on this link should any material be offensive or inappropriate and we will ensure any such content is blocked from future viewers of the report.

 

Possible Security Risk

Security RiskDescription
Dialer.Comforest_Dialer Comforest Dialer is a dialer from Comforest SRL. It is used to access pornographic websites by dialing a high-cost phone number using a modem. Removal of this dialer is advisable if it is not installed for a purpose.

 

File System Modifications

#Filename(s)File SizeFile Hash
1 %Temp%\GoogleUpdateSetup.exe23d0f
%ProgramFiles%\Google\Update\1.3.21.111\GoogleUpdateSetup.exe
%ProgramFiles%\GUM1.tmp\GoogleUpdateSetup.exe
%ProgramFiles%\GUM10.tmp\GoogleUpdateSetup.exe
[file and pathname of the sample #1]
740,000 bytes MD5: 0x57357270C8D92EF9E5DAEFF7A3A4689C
SHA-1: 0x83E8D11CA7AC2B115FB8C2BA6D8EF36FC8A38487
2 %ProgramFiles%\Google\Update\1.3.21.111\GoogleCrashHandler.exe
%ProgramFiles%\GUM10.tmp\GoogleCrashHandler.exe
180,648 bytes MD5: 0xD566847532183A720A0177565014CB73
SHA-1: 0xFF9A9067C362CA70486D6941D490EC6EB066E497
3 %ProgramFiles%\Google\Update\1.3.21.111\GoogleCrashHandler64.exe
%ProgramFiles%\GUM10.tmp\GoogleCrashHandler64.exe
233,896 bytes MD5: 0x9414138F54B6AEBD2B56D928A7902DA9
SHA-1: 0x0902A495539CBADEE1EF1B41E7CB3F60AD8E0F68
4 %ProgramFiles%\Google\Update\1.3.21.111\GoogleUpdate.exe
%ProgramFiles%\Google\Update\GoogleUpdate.exe
%ProgramFiles%\GUM10.tmp\GoogleUpdate.exe
116,648 bytes MD5: 0x506708142BC63DABA64F2D3AD1DCD5BF
SHA-1: 0xD30E8C7543ADBC801D675068530B57D75CABB13F
5 %ProgramFiles%\Google\Update\1.3.21.111\GoogleUpdateBroker.exe
%ProgramFiles%\GUM10.tmp\GoogleUpdateBroker.exe
59,304 bytes MD5: 0xD22E82FE9070C88AE7ABB63F6B3BD989
SHA-1: 0x57A6037AEBC8C76A70E70F4A48DEC6E7C995FA89
6 %ProgramFiles%\Google\Update\1.3.21.111\GoogleUpdateHelper.msi
%ProgramFiles%\GUM10.tmp\GoogleUpdateHelper.msi
25,600 bytes MD5: 0x233FF5ACE1B436E026F818B5AED582AA
SHA-1: 0xE28295C7E7C69AC4DE23A9DC25A43B3BD920D905
7 %ProgramFiles%\Google\Update\1.3.21.111\GoogleUpdateOnDemand.exe
%ProgramFiles%\GUM10.tmp\GoogleUpdateOnDemand.exe
59,304 bytes MD5: 0xA44B0728944F85152C38EEA338099CA2
SHA-1: 0xD36DA30205B8B502837BACFB07D7277CC34E25EF
8 %ProgramFiles%\Google\Update\1.3.21.111\goopdate.dll
%ProgramFiles%\GUM10.tmp\goopdate.dll
821,672 bytes MD5: 0x59448F6B68454BA3DC14B2F974877A49
SHA-1: 0x49F406EBA4297EE2051CF8D1C2E3695B0907CAD4
9 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_am.dll
%ProgramFiles%\GUM10.tmp\goopdateres_am.dll
25,000 bytes MD5: 0x546D1309300D34E26258250B0237A41E
SHA-1: 0x89F35FCC224390DAF613ECD2DA715BC1668D54A4
10 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_ar.dll
%ProgramFiles%\GUM10.tmp\goopdateres_ar.dll
26,536 bytes MD5: 0x97C514498960C733EDFC27F0BB433A9A
SHA-1: 0x926B4F78825FCC4A87F9A619952F35642077B8F0
11 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_bg.dll
%ProgramFiles%\GUM10.tmp\goopdateres_bg.dll
30,120 bytes MD5: 0xE691027F0A7D09F0BC43A5BAC5A910DB
SHA-1: 0xF1F51C18F205B0EA7591D2682A024535422055D4
12 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_bn.dll
%ProgramFiles%\GUM10.tmp\goopdateres_bn.dll
28,584 bytes MD5: 0x93B6AD89179261FB7981519050C6F98E
SHA-1: 0x629617D2965B3605E6FDA051736D973173C0552B
13 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_ca.dll
%ProgramFiles%\GUM10.tmp\goopdateres_ca.dll
29,608 bytes MD5: 0x71DA486E08DA70E831502CFC592DC92D
SHA-1: 0x730F1C60764B6CC039805B12AEA941EECB025553
14 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_cs.dll
%ProgramFiles%\GUM10.tmp\goopdateres_cs.dll
28,584 bytes MD5: 0x40307F06C61B492A201E48D296DDC5B4
SHA-1: 0xD5A585AADA684A7EA277CA882813A5AB36D64EA6
15 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_da.dll
%ProgramFiles%\GUM10.tmp\goopdateres_da.dll
29,096 bytes MD5: 0x647C395E913AB77A8EECC6FCDE2A697A
SHA-1: 0x153E87E6ED06D07A17E81F7D1DDF5F32F9E645F7
16 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_de.dll
%ProgramFiles%\GUM10.tmp\goopdateres_de.dll
31,144 bytes MD5: 0x5754D0B13A2F04DB41177C935A688550
SHA-1: 0x0581F9C2B9F7253E855F04E170EC29A475718B24
17 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_el.dll
%ProgramFiles%\GUM10.tmp\goopdateres_el.dll
30,632 bytes MD5: 0x162C0F89C4722BAA6762C20170A29296
SHA-1: 0xFDAC19FE7F6476617BE93794B8B95A0A9A42A6AD
18 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_en-GB.dll
%ProgramFiles%\GUM10.tmp\goopdateres_en-GB.dll
28,072 bytes MD5: 0x93BBC13D3017CEF9FCB5AE5347AB8B90
SHA-1: 0x69623348A7FBD4893BEA2F5A16AC7AF2EC15AFE5
19 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_en.dll
%ProgramFiles%\GUM10.tmp\goopdateres_en.dll
27,560 bytes MD5: 0x991477032670C1E9123D17A596C9273A
SHA-1: 0x629DDAEA66A8A3388A3D31D1A22AB75FF5B8B7E9
20 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_es-419.dll
%ProgramFiles%\GUM10.tmp\goopdateres_es-419.dll
29,096 bytes MD5: 0x3012F71A127E406AB610374F9AFDD21A
SHA-1: 0x6888306CE6FD77CD4724C193ECFC2FDE45B71B76
21 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_es.dll
%ProgramFiles%\GUM10.tmp\goopdateres_es.dll
31,144 bytes MD5: 0xAF3B0E72A870AE24B517791F88EA227F
SHA-1: 0x7CEB2E3A59F8F1B86481284030BB755BCEAA737C
22 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_et.dll
%ProgramFiles%\GUM10.tmp\goopdateres_et.dll
28,072 bytes MD5: 0xC18D261A0B0089F1600DAD48379EF32C
SHA-1: 0x5E1088678BF457DC5C5D7E91EFE32CF8A78F226B
23 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_fa.dll
%ProgramFiles%\GUM10.tmp\goopdateres_fa.dll
27,560 bytes MD5: 0xBC55189A9287D75641DF24E445F92F84
SHA-1: 0xABE46165CDDCDAF53073E6E0A4938FA12274530F
24 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_fi.dll
%ProgramFiles%\GUM10.tmp\goopdateres_fi.dll
29,096 bytes MD5: 0x83D46ED1519B71AE50378B056B19612B
SHA-1: 0xC515D0CDA2280B413AE1DA46B682B3ED0CD4BE7D
25 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_fil.dll
%ProgramFiles%\GUM10.tmp\goopdateres_fil.dll
30,120 bytes MD5: 0x5E8567CCA02FB179FC8FD61317CB976F
SHA-1: 0xB4E381FE0BC7A8EC08844360605DA336DF639876
26 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_fr.dll
%ProgramFiles%\GUM10.tmp\goopdateres_fr.dll
30,632 bytes MD5: 0x1B614FB14253987B73707F8E88DD35B0
SHA-1: 0x805F9E45E28F953EDEFFB40A6AE3821972B244EE
27 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_gu.dll
%ProgramFiles%\GUM10.tmp\goopdateres_gu.dll
28,584 bytes MD5: 0xD2AD7B377532C405643AC0ED0562CB68
SHA-1: 0x8AA607078314FD648C15AF2123783CAE8A8C8C0F
28 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_hi.dll
%ProgramFiles%\GUM10.tmp\goopdateres_hi.dll
29,096 bytes MD5: 0x5DB21F573BF61E68FC0642939CFED36C
SHA-1: 0xFBCEA6821A73DFDB4A29A484713B3E7535420266
29 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_hr.dll
%ProgramFiles%\GUM10.tmp\goopdateres_hr.dll
29,608 bytes MD5: 0x8A6EC219E31C8B4C769FCE8AFDF298A9
SHA-1: 0x50992C8A814FB92542539930D848A4CFC2D2357C
30 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_hu.dll
%ProgramFiles%\GUM10.tmp\goopdateres_hu.dll
29,608 bytes MD5: 0x8FD615DFD67B5F286C40D300A885EA46
SHA-1: 0xE1047D4E9726E867656E77070D8E1B8A7A3A57AF
31 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_id.dll
%ProgramFiles%\GUM10.tmp\goopdateres_id.dll
28,072 bytes MD5: 0x2AEFDD4B4E4083979371012A8CF81512
SHA-1: 0xABC19A498D14AF49A5D319AC260F8A48087C5797
32 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_is.dll
%ProgramFiles%\GUM10.tmp\goopdateres_is.dll
28,584 bytes MD5: 0x4839D4DDAB3D82CABE3B824421868306
SHA-1: 0xDCEEC6BA5C1665A1442CC1CA5DF7B3F431AACFCF
33 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_it.dll
%ProgramFiles%\GUM10.tmp\goopdateres_it.dll
30,632 bytes MD5: 0x1DAA942D1B4EFB104A8514618A5FF5A5
SHA-1: 0x050770EFC3E7AE86A71619F90913332E38540524
34 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_iw.dll
%ProgramFiles%\GUM10.tmp\goopdateres_iw.dll
26,024 bytes MD5: 0xD257C967ABCB956DD1A84EBF3D7781E8
SHA-1: 0xAE33A6F059B0F9418AFA241B100F1A04658DF4D6
35 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_ja.dll
%ProgramFiles%\GUM10.tmp\goopdateres_ja.dll
24,488 bytes MD5: 0xCEAEB50A019B6B359C09BC7DA8E52CF3
SHA-1: 0x512170BF07C5BF90D69C0EA44AC4F1727789A067
36 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_kn.dll
%ProgramFiles%\GUM10.tmp\goopdateres_kn.dll
29,608 bytes MD5: 0xFF68341CDF9EA3B99087FE8340F77A31
SHA-1: 0xB5DD89A290DC6F6EFF4236A18ECF33EDFB4EFB7B
37 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_ko.dll
%ProgramFiles%\GUM10.tmp\goopdateres_ko.dll
23,464 bytes MD5: 0x3EA0CF29356D4053E0C0AC75A1E02FAA
SHA-1: 0x60C9A9CF7D689BDF44CBD26E0BBA6FB1F2A1E262
38 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_lt.dll
%ProgramFiles%\GUM10.tmp\goopdateres_lt.dll
28,072 bytes MD5: 0x024310D759ADAE5607E819481395D007
SHA-1: 0x7333CBBAE0669E26EFDAC28ACBD051FC8D17702A
39 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_lv.dll
%ProgramFiles%\GUM10.tmp\goopdateres_lv.dll
30,120 bytes MD5: 0x3561E10E4A11BD53961A1BCC344E4C84
SHA-1: 0xB0C67E261F323C799A79F4C3CF3BDAB38D692135
40 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_ml.dll
%ProgramFiles%\GUM10.tmp\goopdateres_ml.dll
31,656 bytes MD5: 0x37BBF240A1CE7A05AEB66EBBBEF481CB
SHA-1: 0x8884741727A4EEF9FD80931C9B897CD0846FC57D
41 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_mr.dll
%ProgramFiles%\GUM10.tmp\goopdateres_mr.dll
28,584 bytes MD5: 0x88CBF05783CD03939075F4EF5DA8E11C
SHA-1: 0xB08A8025E3363F1CD962C2BD21C6310520E632F3
42 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_ms.dll
%ProgramFiles%\GUM10.tmp\goopdateres_ms.dll
28,072 bytes MD5: 0x3E0CB244AB90DC66E0370FE87E103434
SHA-1: 0xCCE8F6681D10C4112708B61FF7CF284CE947CEA6
43 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_nl.dll
%ProgramFiles%\GUM10.tmp\goopdateres_nl.dll
30,120 bytes MD5: 0x157CC720416962F4EBC44BC76BE038D8
SHA-1: 0xCBC9C52A033DBFA7ED058DB69779059878E17141
44 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_no.dll
%ProgramFiles%\GUM10.tmp\goopdateres_no.dll
29,096 bytes MD5: 0x21C6D0761A197011C7A3E8095D7ED48C
SHA-1: 0x607E84E00E17A89CD36ED0B8F731B46E51888453
45 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_pl.dll
%ProgramFiles%\GUM10.tmp\goopdateres_pl.dll
30,120 bytes MD5: 0xE399F22DFF0DEBDFFDEC4D5A3A7B27C7
SHA-1: 0x16B68022427B69BE3F70C0670FF9EA817B41184E
46 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_pt-BR.dll
%ProgramFiles%\GUM10.tmp\goopdateres_pt-BR.dll
29,096 bytes MD5: 0xB1D2107FC0D8A00E792C9A7580D8A717
SHA-1: 0xE4525B962637E47659BACEA7FA11071752986E22
47 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_pt-PT.dll
%ProgramFiles%\GUM10.tmp\goopdateres_pt-PT.dll
29,096 bytes MD5: 0x3ECE49F6194F96668FAA12C386D678E0
SHA-1: 0xC6675D78EE24338F7F88EC1EC79562E1A44DDD4C
48 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_ro.dll
%ProgramFiles%\GUM10.tmp\goopdateres_ro.dll
29,608 bytes MD5: 0x872131902E445F0B19F92BC9C1D85147
SHA-1: 0x30C8E71B430F41BABE11454F6D3FD70F04A94546
49 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_ru.dll
%ProgramFiles%\GUM10.tmp\goopdateres_ru.dll
28,584 bytes MD5: 0x9076CEB5D9A93B002E728364173D7BC9
SHA-1: 0x1228E67C3464C0E643D2E7163E5C3BA95A1120C9
50 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_sk.dll
%ProgramFiles%\GUM10.tmp\goopdateres_sk.dll
29,608 bytes MD5: 0x4B971F7BF3EFD828EE450CCE21CEB04F
SHA-1: 0xF987EB01418F74E4BA2D01621192FDA5F0AC081B
51 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_sl.dll
%ProgramFiles%\GUM10.tmp\goopdateres_sl.dll
29,608 bytes MD5: 0x2D0E24CF439C7F0D998C22309260FAB1
SHA-1: 0xAE1B169B7E9DEB959944CDA0FCBFFE96B2C2F252
52 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_sr.dll
%ProgramFiles%\GUM10.tmp\goopdateres_sr.dll
29,096 bytes MD5: 0x9B1A18026F8813657D38B093BED063EF
SHA-1: 0x3B083C9005007CBD6906CF03AC2A41D3EC74CAC4
53 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_sv.dll
%ProgramFiles%\GUM10.tmp\goopdateres_sv.dll
29,096 bytes MD5: 0x3D22ECF707C139C62DB75285AFE966C7
SHA-1: 0xD53D97CFE028EBA9CBE438B6E6DAFE32A81B5A83
54 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_sw.dll
%ProgramFiles%\GUM10.tmp\goopdateres_sw.dll
29,096 bytes MD5: 0x1DE5D22CF5AD59A27C83F9493813F996
SHA-1: 0x6F43F6ED9917D5F2B6E46C82BF14BD011E96527F
55 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_ta.dll
%ProgramFiles%\GUM10.tmp\goopdateres_ta.dll
30,120 bytes MD5: 0xF71D8C8A5A959227C35FEEE6EB9611BC
SHA-1: 0x40692691CEA546401C9BDD963F6CEDD3FE47B7BA
56 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_te.dll
%ProgramFiles%\GUM10.tmp\goopdateres_te.dll
29,096 bytes MD5: 0x4D9D46C43587D8B1CC537B18262E27E1
SHA-1: 0xDF59400330EC5BD5D115C33239A748302E3B2E3C
57 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_th.dll
%ProgramFiles%\GUM10.tmp\goopdateres_th.dll
27,560 bytes MD5: 0x16B95DA17C7BA91E522C8995A4D97E50
SHA-1: 0x00FF5B555F268F43394C3258FE1682959A1ECD9D
58 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_tr.dll
%ProgramFiles%\GUM10.tmp\goopdateres_tr.dll
29,096 bytes MD5: 0x5EEB5774B5196CCB313AD065B89F7900
SHA-1: 0x3BBF9BBC367DC3CC59DF41E6769E928ECB8EEF63
59 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_uk.dll
%ProgramFiles%\GUM10.tmp\goopdateres_uk.dll
28,584 bytes MD5: 0xCA854E5F435B1B6365124E7F4B128D38
SHA-1: 0x24DB3F5DEB25698E73BFCF65B70AD80F636B3584
60 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_ur.dll
%ProgramFiles%\GUM10.tmp\goopdateres_ur.dll
28,584 bytes MD5: 0xAE05ADD7511DB9BD497787F316D76C8B
SHA-1: 0x03BFF1E4F191B7683DCA236B63D7101A907D7679
61 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_vi.dll
%ProgramFiles%\GUM10.tmp\goopdateres_vi.dll
28,072 bytes MD5: 0x1D753E31799CD442F105E246A9F566D9
SHA-1: 0x2AD9BF639FBCD27D22F82FF7DA7786E73B79A780
62 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_zh-CN.dll
%ProgramFiles%\GUM10.tmp\goopdateres_zh-CN.dll
21,928 bytes MD5: 0x41ECC522F94751F1855AE4DABCFCD4E1
SHA-1: 0x69ED546F74925E73D3DA7E8A1A8F081E78044DFA
63 %ProgramFiles%\Google\Update\1.3.21.111\goopdateres_zh-TW.dll
%ProgramFiles%\GUM10.tmp\goopdateres_zh-TW.dll
21,928 bytes MD5: 0x1A1CE3D26AE4AA6810613506446F1ED3
SHA-1: 0x47C74FE896A2C5CDA9AAF4788E893976FE1C4C8C
64 %ProgramFiles%\Google\Update\1.3.21.111\npGoogleUpdate3.dll
%ProgramFiles%\GUM10.tmp\npGoogleUpdate3.dll
562,600 bytes MD5: 0x1E6B52ABDF4082374DE9D43CBD2F7E08
SHA-1: 0x9BB449067FFF82E203FB33ACE333481A13B6847F
65 %ProgramFiles%\Google\Update\1.3.21.111\psmachine.dll
%ProgramFiles%\GUM10.tmp\psmachine.dll
157,608 bytes MD5: 0xF9E8217039F98F360F57481AB37FFAE7
SHA-1: 0x9A6F6123FCB6ECC53AC1913613D8F6CA02A1A8D2
66 %ProgramFiles%\Google\Update\1.3.21.111\psuser.dll
%ProgramFiles%\GUM10.tmp\psuser.dll
157,608 bytes MD5: 0xB9FC5D3ED3803EC5B134C980752AB5E6
SHA-1: 0x0E461C01E51E4052792E25150B0BCC0196A4F03C
67 %ProgramFiles%\GUT11.tmp 3,993,600 bytes MD5: 0x6558CCE321DF4F870D64C130E0142E8F
SHA-1: 0x95C47FE6F00BEFC383A0ADA6DC59083164D0324B
68 %Windir%\Installer\19dda.msi 22,016 bytes MD5: 0x71E2679B7319F7FD1311D087C198DFC5
SHA-1: 0xDB54E9196049A64FBF1EE032E5D92A5FA75D2EF4
69 %Windir%\Tasks\GoogleUpdateTaskMachineCore.job 886 bytes MD5: 0xFAEBF5B7082B9E680E2B94C9512CCD86
SHA-1: 0xEC8B9DE616D5DB31802E6982416F4FCCEC96516A
70 %Windir%\Tasks\GoogleUpdateTaskMachineUA.job 890 bytes MD5: 0xB265119ACB3191267FA3D4837B1A3D11
SHA-1: 0x8F56F4426E9AE54852AD1458872F4AF62B3CAB2C

 

Memory Modifications

Process NameProcess FilenameMain Module Size
GoogleUpdate.exe%ProgramFiles%\gum10.tmp\googleupdate.exe122,880 bytes
GoogleUpdate.exe%ProgramFiles%\GUM1.tmp\GoogleUpdate.exe122,880 bytes
GoogleUpdate.exe%ProgramFiles%\Google\Update\GoogleUpdate.exe122,880 bytes
[filename of the sample #1][file and pathname of the sample #1]749,568 bytes

Process NameProcess FilenameAllocated Size
GoogleUpdate.exe%ProgramFiles%\google\update\googleupdate.exe28,672 bytes
GoogleUpdate.exe%ProgramFiles%\google\update\googleupdate.exe28,672 bytes

Module NameModule FilenameAddress Space Details
goopdate.dll%ProgramFiles%\GUM10.tmp\goopdate.dllProcess name: GoogleUpdate.exe
Process filename: %ProgramFiles%\gum10.tmp\googleupdate.exe
Address space: 0x18000000 - 0x180CE000

Service NameDisplay NameStatusService Filename
gupdateGoogle Update Service (gupdate)"Running""%ProgramFiles%\Google\Update\GoogleUpdate.exe" /svc
gupdatemGoogle Update Service (gupdatem)"Stopped""%ProgramFiles%\Google\Update\GoogleUpdate.exe" /medsvc

Service NameDisplay NameNew StatusService Filename
MSIServerWindows Installer"Running"%System%\msiexec.exe /V

 

Registry Modifications

 

Other details

Remote HostPort Number
wpad.mrc.pctools.com.1095
wpad.mrc.pctools.com.1073
wpad.mrc.pctools.com.1071
wpad.mrc.pctools.com.1059
wpad.mrc.pctools.com.1034
wpad.mrc.pctools.com.1036

 

 

All content ("Information") contained in this report is the copyrighted work of Threat Expert Ltd and its associated companies ("ThreatExpert") and may not be copied without the express permission of ThreatExpert.

The Information is provided on an "as is" basis. ThreatExpert disclaims all warranties, whether express or implied, to the maximum extent permitted by law, including the implied warranties that the Information is merchantable, of satisfactory quality, accurate, fit for a particular purpose or need, or non-infringing, unless such implied warranties are legally incapable of exclusion. Further, ThreatExpert does not warrant or make any representations regarding the use or the results of the use of the Information in terms of their correctness, accuracy, reliability, or otherwise.

Copyright © 2014 ThreatExpert. All rights reserved.