googleupdate.exe

上海云瞳科技有限公司

It runs as a separate (within the context of its own process) windows Service named “Google Protect Service(gprotect)”.
Publisher:
上海云瞳科技有限公司  (signed and verified)

Version:
48.5.2564.88

MD5:
cb8849a5e5475c7d0c65561cf7e133a9

SHA-1:
e46d02def6fa60fe11e536784125d05370baf588

SHA-256:
f2be80e388c432e713532f1eb4271a429985baa5a773ee4d63c94b9f0d79be22

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/23/2024 7:32:44 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/ELEX.HJ potentially unwanted application
6.3.12010.0

Kaspersky
not-a-virus:AdWare.Win32.ELEX
15.0.2.529

File size:
307.6 KB (315,008 bytes)

Product version:
48.5.2564.88

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\google\update\googleupdate.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
11/23/2015 1:58:59 PM

Valid to:
11/23/2016 1:58:59 PM

Subject:
CN=上海云瞳科技有限公司, O=上海云瞳科技有限公司, STREET=自由贸易试验区奥纳路188号2幢楼5层529室, L=上海, S=上海, C=CN, OID.1.3.6.1.4.1.311.60.2.1.2=Shanghai, OID.1.3.6.1.4.1.311.60.2.1.3=CN, SERIALNUMBER=310141000153861, OID.2.5.4.15=Private Organization

Issuer:
CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112111890B77B0FDF98EB0B3CFDEA89B989C

File PE Metadata
Compilation timestamp:
2/2/2016 11:18:17 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x1EBFC

Entry point:
E8, D3, E8, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 08, 83, 3C, F5, A0, 84, 44, 00, 00, 75, 13, 56, E8, 71, 00, 00, 00, 59, 85, C0, 75, 08, 6A, 11, E8, F7, 67, 00, 00, 59, FF, 34, F5, A0, 84, 44, 00, FF, 15, 0C, A2, 43, 00, 5E, 5D, C3, 56, 57, BE, A0, 84, 44, 00, 8B, FE, 53, 8B, 1F, 85, DB, 74, 17, 83, 7F, 04, 01, 74, 11, 53, FF, 15, E0, A0, 43, 00, 53, E8, 48, CD, FF, FF, 83, 27, 00, 59, 83, C7, 08, 81, FF, C0, 85, 44, 00, 7C, D8, 5B, 83, 3E, 00, 74, 0E, 83, 7E, 04, 01, 75, 08, FF, 36, FF, 15...
 
[+]

Entropy:
6.4851

Code size:
225.5 KB (230,912 bytes)

Service
Display name:
Google Protect Service(gprotect)

Service name:
gprotect

Description:
To ensure your Google software integrity. If this service is disabled or stopped, your Google software will not be kept integrity check, meaning security vulnerabilities that may arise cannot be fixed

Type:
Win32OwnProcess

Depends on:
RpcSs


Scan googleupdate.exe - Powered by Reason Core Security