Overview
overview
6Static
static
1Update/1.3...er.exe
windows7-x64
1Update/1.3...er.exe
windows10-2004-x64
1Update/1.3...64.exe
windows7-x64
1Update/1.3...64.exe
windows10-2004-x64
1Update/1.3...te.exe
windows7-x64
6Update/1.3...te.exe
windows10-2004-x64
6Update/1.3...er.exe
windows7-x64
1Update/1.3...er.exe
windows10-2004-x64
1Update/1.3...64.exe
windows7-x64
4Update/1.3...64.exe
windows10-2004-x64
4Update/1.3...re.exe
windows7-x64
1Update/1.3...re.exe
windows10-2004-x64
1Update/1.3...nd.exe
windows7-x64
1Update/1.3...nd.exe
windows10-2004-x64
1Update/1.3...up.exe
windows7-x64
4Update/1.3...up.exe
windows10-2004-x64
4Update/1.3...te.dll
windows7-x64
6Update/1.3...te.dll
windows10-2004-x64
6Update/1.3...am.dll
windows7-x64
1Update/1.3...am.dll
windows10-2004-x64
1Update/1.3...ar.dll
windows7-x64
1Update/1.3...ar.dll
windows10-2004-x64
1Update/1.3...bg.dll
windows7-x64
1Update/1.3...bg.dll
windows10-2004-x64
1Update/1.3...bn.dll
windows7-x64
1Update/1.3...bn.dll
windows10-2004-x64
1Update/1.3...ca.dll
windows7-x64
1Update/1.3...ca.dll
windows10-2004-x64
1Update/1.3...cs.dll
windows7-x64
1Update/1.3...cs.dll
windows10-2004-x64
1Update/1.3...da.dll
windows7-x64
1Update/1.3...da.dll
windows10-2004-x64
1Analysis
-
max time kernel
118s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20231020-en -
resource tags
arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system -
submitted
08-12-2023 17:51
Static task
static1
Behavioral task
behavioral1
Sample
Update/1.3.36.152/GoogleCrashHandler.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral2
Sample
Update/1.3.36.152/GoogleCrashHandler.exe
Resource
win10v2004-20231130-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
Update/1.3.36.152/GoogleCrashHandler64.exe
Resource
win7-20231201-en
windows7-x64
Behavioral task
behavioral4
Sample
Update/1.3.36.152/GoogleCrashHandler64.exe
Resource
win10v2004-20231201-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
Update/1.3.36.152/GoogleUpdate.exe
Resource
win7-20231130-en
windows7-x64
Behavioral task
behavioral6
Sample
Update/1.3.36.152/GoogleUpdate.exe
Resource
win10v2004-20231130-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
Update/1.3.36.152/GoogleUpdateBroker.exe
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral8
Sample
Update/1.3.36.152/GoogleUpdateBroker.exe
Resource
win10v2004-20231127-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
Update/1.3.36.152/GoogleUpdateComRegisterShell64.exe
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral10
Sample
Update/1.3.36.152/GoogleUpdateComRegisterShell64.exe
Resource
win10v2004-20231127-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
Update/1.3.36.152/GoogleUpdateCore.exe
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral12
Sample
Update/1.3.36.152/GoogleUpdateCore.exe
Resource
win10v2004-20231127-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
Update/1.3.36.152/GoogleUpdateOnDemand.exe
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral14
Sample
Update/1.3.36.152/GoogleUpdateOnDemand.exe
Resource
win10v2004-20231127-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Update/1.3.36.152/GoogleUpdateSetup.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral16
Sample
Update/1.3.36.152/GoogleUpdateSetup.exe
Resource
win10v2004-20231130-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Update/1.3.36.152/goopdate.dll
Resource
win7-20231201-en
windows7-x64
Behavioral task
behavioral18
Sample
Update/1.3.36.152/goopdate.dll
Resource
win10v2004-20231130-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
Update/1.3.36.152/goopdateres_am.dll
Resource
win7-20231201-en
windows7-x64
Behavioral task
behavioral20
Sample
Update/1.3.36.152/goopdateres_am.dll
Resource
win10v2004-20231130-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
Update/1.3.36.152/goopdateres_ar.dll
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral22
Sample
Update/1.3.36.152/goopdateres_ar.dll
Resource
win10v2004-20231127-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
Update/1.3.36.152/goopdateres_bg.dll
Resource
win7-20231130-en
windows7-x64
Behavioral task
behavioral24
Sample
Update/1.3.36.152/goopdateres_bg.dll
Resource
win10v2004-20231127-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
Update/1.3.36.152/goopdateres_bn.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral26
Sample
Update/1.3.36.152/goopdateres_bn.dll
Resource
win10v2004-20231127-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
Update/1.3.36.152/goopdateres_ca.dll
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral28
Sample
Update/1.3.36.152/goopdateres_ca.dll
Resource
win10v2004-20231130-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
Update/1.3.36.152/goopdateres_cs.dll
Resource
win7-20231025-en
windows7-x64
Behavioral task
behavioral30
Sample
Update/1.3.36.152/goopdateres_cs.dll
Resource
win10v2004-20231127-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
Update/1.3.36.152/goopdateres_da.dll
Resource
win7-20231130-en
windows7-x64
Behavioral task
behavioral32
Sample
Update/1.3.36.152/goopdateres_da.dll
Resource
win10v2004-20231201-en
windows10-2004-x64
General
-
Target
Update/1.3.36.152/GoogleUpdateComRegisterShell64.exe
-
Size
190KB
-
MD5
067c069e3a48184c32333ebbd152eb01
-
SHA1
e13808892bb9679a81d0ebdf5f51a6df42400149
-
SHA256
55f4339688f1e72f5da0819abaa1d1f0630f39c496ec1ea0ad8e3458c8df6b02
-
SHA512
74b3aecbf11f94948264b29481839bdf48d7b37f966cb5e2aa3062e66cf3587ecf247563e3bcc1837e1fb89602d327fdb4f22fa98c695b4d5768bc3f1903a2b4
-
SSDEEP
3072:HVS38yXLiGySAcz4hp9wuzkHUYqWEybmoY46+pW8UJHqDMC0JGB:HVS31GGySAcz4hUmA0ohnqTm
Malware Config
Signatures
-
Registers COM server for autorun 1 TTPs 9 IoCs
Processes:
GoogleUpdateComRegisterShell64.exedescription ioc process Key created \REGISTRY\USER\S-1-5-21-2952504676-3105837840-1406404655-1000_CLASSES\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-2952504676-3105837840-1406404655-1000_CLASSES\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\Update\\1.3.36.152\\psmachine_64.dll" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}\InProcServer32 GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}\InProcServer32\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\Update\\1.3.36.152\\psmachine_64.dll" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}\InProcServer32\ThreadingModel = "Both" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-2952504676-3105837840-1406404655-1000_CLASSES\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\Update\\1.3.36.152\\psmachine_64.dll" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-2952504676-3105837840-1406404655-1000_CLASSES\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32\ThreadingModel = "Both" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-2952504676-3105837840-1406404655-1000_CLASSES\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-2952504676-3105837840-1406404655-1000_CLASSES\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32\ThreadingModel = "Both" GoogleUpdateComRegisterShell64.exe -
Modifies registry class 64 IoCs
Processes:
GoogleUpdateComRegisterShell64.exedescription ioc process Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D106AB5F-A70E-400E-A21B-96208C1D8DBB}\ProxyStubClsid32 GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{128C2DA6-2BC0-44C0-B3F6-4EC22E647964}\ = "IProcessLauncher" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{34527502-D3DB-4205-A69B-789B27EE0414}\NumMethods GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DB17455-4E85-46E7-9D23-E555E4B005AF}\NumMethods\ = "10" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{084D78A8-B084-4E14-A629-A2C419B0E3D9}\NumMethods\ = "43" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0CD01D1E-4A1C-489D-93B9-9B6672877C57}\ProxyStubClsid32 GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{494B20CF-282E-4BDD-9F5D-B70CB09D351E}\ProxyStubClsid32\ = "{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{27634814-8E41-4C35-8577-980134A96544}\NumMethods GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{128C2DA6-2BC0-44C0-B3F6-4EC22E647964} GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4DE778FE-F195-4EE3-9DAB-FE446C239221}\NumMethods GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BCDCB538-01C0-46D1-A6A7-52F4D021C272}\ProxyStubClsid32\ = "{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DAB1D343-1B2A-47F9-B445-93DC50704BFE}\NumMethods\ = "4" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DCAB8386-4F03-4DBD-A366-D90BC9F68DE6}\ProxyStubClsid32\ = "{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{05A30352-EB25-45B6-8449-BCA7B0542CE5}\ProxyStubClsid32\ = "{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{128C2DA6-2BC0-44C0-B3F6-4EC22E647964}\ProxyStubClsid32\ = "{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{909489C2-85A6-4322-AA56-D25278649D67}\ProxyStubClsid32 GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5B25A8DC-1780-4178-A629-6BE8B8DEFAA2} GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{247954F9-9EDC-4E68-8CC3-150C2B89EADF}\ProxyStubClsid32\ = "{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4DE778FE-F195-4EE3-9DAB-FE446C239221}\ProxyStubClsid32 GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{19692F10-ADD2-4EFF-BE54-E61C62E40D13}\ = "IJobObserver2" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{49D7563B-2DDB-4831-88C8-768A53833837}\NumMethods\ = "13" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B3A47570-0A85-4AEA-8270-529D47899603}\ProxyStubClsid32\ = "{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{494B20CF-282E-4BDD-9F5D-B70CB09D351E}\ProxyStubClsid32 GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{247954F9-9EDC-4E68-8CC3-150C2B89EADF}\ProxyStubClsid32 GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2D363682-561D-4C3A-81C6-F2F82107562A}\NumMethods\ = "4" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{494B20CF-282E-4BDD-9F5D-B70CB09D351E}\NumMethods GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1C642CED-CA3B-4013-A9DF-CA6CE5FF6503}\ProxyStubClsid32 GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}\InProcServer32\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\Update\\1.3.36.152\\psmachine_64.dll" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BCDCB538-01C0-46D1-A6A7-52F4D021C272}\ = "IAppVersion" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{49D7563B-2DDB-4831-88C8-768A53833837} GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{49D7563B-2DDB-4831-88C8-768A53833837}\ = "IJobObserver" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{05A30352-EB25-45B6-8449-BCA7B0542CE5}\ProxyStubClsid32 GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F63F6F8B-ACD5-413C-A44B-0409136D26CB}\NumMethods\ = "16" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0CD01D1E-4A1C-489D-93B9-9B6672877C57} GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0CD01D1E-4A1C-489D-93B9-9B6672877C57}\NumMethods\ = "10" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DAB1D343-1B2A-47F9-B445-93DC50704BFE}\ProxyStubClsid32\ = "{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{084D78A8-B084-4E14-A629-A2C419B0E3D9} GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-2952504676-3105837840-1406404655-1000_CLASSES\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{18D0F672-18B4-48E6-AD36-6E6BF01DBBC4}\NumMethods\ = "17" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{19692F10-ADD2-4EFF-BE54-E61C62E40D13}\NumMethods GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DAB1D343-1B2A-47F9-B445-93DC50704BFE}\ProxyStubClsid32 GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{76F7B787-A67C-4C73-82C7-31F5E3AABC5C}\ = "IApp" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F63F6F8B-ACD5-413C-A44B-0409136D26CB} GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F63F6F8B-ACD5-413C-A44B-0409136D26CB}\NumMethods GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-2952504676-3105837840-1406404655-1000_CLASSES\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32\ThreadingModel = "Both" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B3A47570-0A85-4AEA-8270-529D47899603}\NumMethods\ = "4" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FE908CDD-22BB-472A-9870-1A0390E42F36}\ProxyStubClsid32\ = "{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0CD01D1E-4A1C-489D-93B9-9B6672877C57}\ProxyStubClsid32\ = "{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2D363682-561D-4C3A-81C6-F2F82107562A}\NumMethods GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5B25A8DC-1780-4178-A629-6BE8B8DEFAA2}\ = "IBrowserHttpRequest2" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{34527502-D3DB-4205-A69B-789B27EE0414}\ProxyStubClsid32\ = "{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D106AB5F-A70E-400E-A21B-96208C1D8DBB} GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F63F6F8B-ACD5-413C-A44B-0409136D26CB}\ProxyStubClsid32 GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4E223325-C16B-4EEB-AEDC-19AA99A237FA} GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{27634814-8E41-4C35-8577-980134A96544}\ProxyStubClsid32 GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0CD01D1E-4A1C-489D-93B9-9B6672877C57}\NumMethods GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2D363682-561D-4C3A-81C6-F2F82107562A}\ProxyStubClsid32\ = "{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FE908CDD-22BB-472A-9870-1A0390E42F36}\NumMethods GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4DE778FE-F195-4EE3-9DAB-FE446C239221} GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{19692F10-ADD2-4EFF-BE54-E61C62E40D13}\ProxyStubClsid32\ = "{BABC0FE1-E9B9-49A3-BBE6-3F16B71DC052}" GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3D05F64F-71E3-48A5-BF6B-83315BC8AE1F}\NumMethods\ = "12" GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DB17455-4E85-46E7-9D23-E555E4B005AF}\ProxyStubClsid32 GoogleUpdateComRegisterShell64.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2D363682-561D-4C3A-81C6-F2F82107562A}\ProxyStubClsid32 GoogleUpdateComRegisterShell64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{909489C2-85A6-4322-AA56-D25278649D67}\ = "IGoogleUpdateCore" GoogleUpdateComRegisterShell64.exe