chrome.exe
Google Chrome by Google Inc (Signed)
Warning 7 antivirus scanners has detected malware in various versions of chrome.exe.
Overview
chrome.exe has 102 known versions, the most recent one is 37.0.2031.2. chrome.exe is run as a standard windows process with the logged in user's account privileges. By adding a startup entry to the run registry key, the file will be executed when the user logs into Windows. The average file size is about 1016.84 KB. It is an authenticode code-signed executable issued to Google Inc by the certification authority VeriSign. The programs Google Chrome, Google Chrome Frame and Keynote Internet Testing Environment have been observed as installing specific variations of chrome.exe. During the process's lifecycle, the typical CPU resource utilization is less than 0.01%, the average private memory consumption is about 88.67 MB with the maximum memory reaching around 118.05 MB. Addionally, typically read and write I/O disk operations is about 2.2 MB per minute for reads and 1.11 MB per minute for writes.
What is chrome.exe?
Google Chrome is a web browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier.
About chrome.exe (from Google Inc)
“Google Chrome is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier. The web browser is arguably the most important piece of software on y”
 Details
|
| File name: | chrome.exe |
| Publisher: | Google Inc. |
| Product name: | Google Chrome |
| Typical file path: | C:\users\user\appdata\local\google\chrome\application\chrome.exe |
| Certificate |
| Issued to: | Google Inc |
| Authority (CA): | VeriSign |
| Effective date: | Sunday, February 21, 2010 |
| Expiration date: | Wednesday, February 22, 2012 |
Programs installed in
(Note, the programs listed below are for all versions of Google Chrome.)
This spyware/adware program monitors a user's web browsing activity and captures click-stream data in order to aggregate and track a user's behavior including search and browse. This is done through i...
Hyper Browser injects advertising in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of search-related ads, banner and video ads, and text-links (ro...
According to the company, this software runs in the background of the user's PC and collects browsing habits and advertising data.
"Idlecrawler is a software which is collecting data from the open ...
“IdleCrawler will do it for you! You will be able to download videos and mp3 easily on your computer just in one click. Downloading media was never that easy. Type the name of your favorite video or mu...”
"Idlecrawler is a software which is collecting data from the open sources in internet in 3 different fields such as: - google search engine result pages - advertising settings - twitter stream posts T...
Google Chrome is a free web browser developed by Google that uses the WebKit layout engine. It is designed to be secure, fast, simple and stable. Chrome supports plug-ins with the Netscape Plugin Appl...
“Google Chrome Frame is a free plug-in for Internet Explorer. Some advanced web apps use Google Chrome Frame to provide you with additional features and better performance. Sites that utilize Google Ch...”
Google Chrome is a freeware web browser developed by Google that uses the WebKit layout engine. Google Chrome aims to be secure, fast, simple and stable. There are extensive differences from its peers...
“Google Chrome Frame is a free plug-in for Internet Explorer. Some advanced web apps use Google Chrome Frame to provide you with additional features and better performance. Sites that utilize Google C...”
“Google Chrome Frame is an open source plug-in that seamlessly brings Google Chrome's open web technologies and speedy JavaScript engine to Internet Explorer. Google Chrome Frame is a free plug-in for ...”
“The Chrome App Launcher is the hub of all your Chrome apps and with it you have quick access to all of your apps from the desktop. When you install an app from the Chrome Web Store, you'll get an opti...”
“Google Chrome Frame is a free plug-in for Internet Explorer. Some advanced web apps use Google Chrome Frame to provide you with additional features and better performance. Sites that utilize Google Ch...”
“The canary build is less stable, but with even more cutting-edge features than the developer's build, which tests new features before they're pushed to the beta build. It should only be used by those ...”
“Modern instrument for SEO and Marketing professionals from all around the world. IdleCrawler delivers you analytics data reports about your competitors tactic – keywords, advertising time and geo poli...”
Behaviors
(Note, the behaviors below are for all versions of chrome.exe, select a unique version for details.)
Shell open commands
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'GoogleChromeAutoLaunch_B4E9779156F26FC26D03BF7A2ADC2259' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
- 'GoogleChromeAutoLaunch_3A8E73E00ACB6A9C84E2271ADD776436' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
- '339C656FAAAFC62E61EDD1B5499876F594366031._service_run' → "C:\users\user\appdata\Local\Google\Chrome\Application\chrome.exe" --type=service
- 'GoogleChromeAutoLaunch_4C0B8624EA365B4F6304B5DF2BBE0388' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
- 'GoogleChromeAutoLaunch_6DCE21DB4A685A2B1C8D7511A528C4EA' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
- 'ADE9898B89D25091B4D05175D74A49326C9B7CB2._service_run' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
- 'GoogleChromeAutoLaunch_CB71CD92231E9EECFEEE72606F7F75DB' → "C:\Documents and Settings\user\Application Data\Google\Chrome\Application\chrome.exe" --no-startup-window
- 'GoogleChromeAutoLaunch_8E06199F53DB94E0AB8348FDBF05DBEB' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
- 'GoogleChromeAutoLaunch_6093416D02A5C5C3E82F09E96330A58A' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
- 'E395F216ABB1C6F0CEF7C7B6F765240D6528C69B._service_run' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
- 'GoogleChromeAutoLaunch_D176EBC68FCB05FB686D441AEFCB495A' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
- '2534E86F0DF2D26BFB9FCAF067B7CE46FC88134A._service_run' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
- 'GoogleChromeAutoLaunch_0558B37369EDB14D0126D02CBEE09976' → "C:\users\user\appdata\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
- 'GoogleChromeAutoLaunch_B624F2C0BE501C24D5E84F352BED5A33' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
- '1DEC8F125A76C0A933228AE48FA410CF728D936B._service_run' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
- 'GoogleChromeAutoLaunch_DD4D88757AE625C128370BC0AB81C5AA' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
- 'GoogleChromeAutoLaunch_D07AA0C8883757892C0A7BD65E309F16' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
- '59E9B434805BBF7247D3BE6F0DDC1F6C49249005._service_run' → "C:\Documents and Settings\user\Application Data\Google\Chrome\Application\chrome.exe" --type=service
- 'GoogleChromeAutoLaunch_F9D69CCF0F6531CD4B2E55DA4F1322CC' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
- 'GoogleChromeAutoLaunch_67B49362D3A8C1AAF36B88B38FC33840' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
- '01CC2E4B2FC882AC7EDFEE7F0A5288CD4BB10139._service_run' → "C:\users\user\appdata\Local\Google\Chrome\Application\chrome.exe" --type=service
- 'GoogleChromeAutoLaunch_AAFCC270D31FADB1D329301E4E8A245A' → "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
Scheduled tasks
- The job '{2B6BE463-CA32-45AE-943C-92657944331A}' runs on registration in the path '\{2B6BE463-CA32-45AE-943C-92657944331A}'
- Entry path '\{EC5A5D5A-15ED-4B36-85E6-62672AB6DCDD}'
- Entry path '\{EC46ABC6-0C41-479A-AB59-272B0FF13EE0}'
- Entry path '\{C4D64019-B0AC-4F59-A9E9-51BBD5E5FD3D}'
- Entry path '\{B2BACD86-D97B-4705-B2FA-6E62D7D10E41}'
- Entry path '\{8B05145D-D53D-4461-9233-E909358089F9}'
- Entry path '\{86E6EB65-50A2-4871-989B-220E57332DC6}'
- Entry path '\{166A113B-7CD9-4BE9-985A-D5A9151FD363}'
- Entry path '\{13CFB1E6-A4D5-4E19-A02E-4988BA9992C5}'
- Entry path '\{817D93AC-712B-4CC3-872D-EB83C1DD7C77}'
- Entry path '\{564C78A6-98A3-4CAD-AD34-2B3C211D07D4}'
- Entry path '\{4C702BD9-4E8B-498F-ABB1-46442A2D6865}'
- Entry path '\{5815F94C-2C46-4749-8AE6-206289E2F1ED}'
- Entry path '\{6CF0EF04-799B-413F-81B9-97769D3F5C18}'
- Entry path '\{D71F64C6-0C5C-489D-A46C-6FA79B47BAEF}'
- Entry path '\{00D3410E-E735-41BF-A1B0-D4A0511D54F9}'
- Entry path '\{F164D2A0-2157-4CCD-9445-009AFF9DA7A6}'
- Entry path '\{E11483AC-C538-4D7C-BC27-ED13BB8EEC95}'
- Entry path '\{5D5FB896-6884-45F7-9252-56F355B20CE0}'
- Entry path '\{1DFBAD4A-39AC-4247-9223-570AF5FF3323}'
- Entry path '\0'
- Entry path '\{782BC845-2E7A-46D1-9B9B-9E57B188ABC4}'
Startup files (user) run once
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce'
- 'Application Restart #2' → C:\Program Files\Google\Chrome\Application\chrome.exe --automation-channel=ChromeTestingInterfacC:5568.1 --chrome-frame --no-first-run --disable-background-mode --disable-popup-blocking --disab
- 'Application Restart #0' → C:\users\user\appdata\Local\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- httC://www.avast.com/program/api/?action=2&p_aas=0&p_adp=0000&p_a
- 'Application Restart #1' → C:\users\user\appdata\Local\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- httC://login.yahoo.com/config/reset_cookies_token?.token=rmoHQGE
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
- Firewall exception for 'C:\Program Files\Google\Chrome\Application\chrome.exe'
- Firewall exception for 'C:\Documents and Settings\user\Application Data\Google\Chrome\Application\chrome.exe'
- Firewall exception for 'C:\Program Files\Google\Chrome\Application\chrome.exe'
Malware detections
Based on 40+ industry antivirus scanners, 7 of them detected the following malware.
| Antivirus engine | Engine version | Detection | File version |
| Antiy Labs AVL |
2.0.3.7 |
Trojan/Win32.Agent |
21.0.1180.60 |
| Antiy Labs AVL |
2.0.3.7 |
Trojan/Win32.Agent |
21.0.1180.89 |
| Antiy Labs AVL |
2.0.3.7 |
Trojan/Win32.Llac |
26.0.1410.43 |
| Antiy Labs AVL |
2.0.3.7 |
Trojan/Win32.Llac |
26.0.1410.64 |
| Commtouch |
5.4.1.7 |
W32/Trojan.PJOJ-0153 |
27.0.1453.47 |
| Trend Micro HouseCall |
9.700.0.1001 |
HV_AGENT_BK083E56.TOMC |
21.0.1180.89 |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.F47V0412 |
27.0.1453.47 |
All file variations of chrome.exe
Distribution by Windows OS
| OS version | distribution |
| Windows 8.1 Pro |
21.00% |
|
| Windows 7 Home Premium |
20.25% |
|
| Windows 8.1 |
14.50% |
|
| Windows 8.1 Single Language |
11.75% |
|
| Windows 7 Professional |
11.25% |
|
| Windows 7 Ultimate |
8.00% |
|
| Windows 8 |
4.25% |
|
| Windows 8.1 Enterprise Evaluation |
4.25% |
|
| Windows Seven Black Edition |
2.25% |
|
| Windows 8 Single Language |
1.75% |
|
| Windows 8.1 Pro with Media Center |
0.75% |
|
Distribution by country
United States installs about 54.50% of Google Chrome.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| ASUS |
27.02% |
|
| Hewlett-Packard |
23.99% |
|
| Lenovo |
15.32% |
|
| Dell |
12.10% |
|
| Toshiba |
12.10% |
|
| Acer |
7.26% |
|
| Alienware |
1.61% |
|
| Samsung |
0.60% |
|
