File name:

Roblox Checker.zip

Full analysis: https://app.any.run/tasks/c671e73f-85a5-449b-a194-1ede77580ef1
Verdict: Malicious activity
Analysis date: October 11, 2025, 15:14:45
OS: Windows 10 Professional (build: 19044, 64 bit)
Tags:
arch-exec
golang
Indicators:
MIME: application/zip
File info: Zip archive data, at least v2.0 to extract, compression method=deflate
MD5:

17DE70CC839ABE72290E1EC227C20929

SHA1:

B2D0AA56C5A47435229E4EB6DA9BD9F5A279834C

SHA256:

8C9D43798F95E4C91CB25C4FA43099B7240F7EE3ACD4FC7775C96DF8E322ED5C

SSDEEP:

98304:hGjWAaSJgvqXouC3G856/RXPxn9XFtThsSavuKSXIqcQZWMr9v/HnXd0aDDMYh6Q:5dSAho5VaZauO

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Generic archive extractor

      • WinRAR.exe (PID: 8312)

    • Changes the autorun value in the registry

      • MicrosoftEdgeUpdate.exe (PID: 8848)

    • The DLL Hijacking

      • msedgewebview2.exe (PID: 5180)

  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • Roblox Checker.exe (PID: 8572)
      • MicrosoftEdgeWebview2Setup.exe (PID: 8816)
      • MicrosoftEdgeUpdate.exe (PID: 8848)
      • MicrosoftEdge_X64_141.0.3537.71.exe (PID: 4076)
      • setup.exe (PID: 4680)
      • msedgewebview2.exe (PID: 7908)
      • msedgewebview2.exe (PID: 5792)

    • Process drops legitimate windows executable

      • Roblox Checker.exe (PID: 8572)
      • MicrosoftEdgeWebview2Setup.exe (PID: 8816)
      • MicrosoftEdgeUpdate.exe (PID: 8848)
      • MicrosoftEdge_X64_141.0.3537.71.exe (PID: 4076)
      • setup.exe (PID: 4680)
      • msedgewebview2.exe (PID: 7908)
      • msedgewebview2.exe (PID: 5792)

    • Starts a Microsoft application from unusual location

      • MicrosoftEdgeWebview2Setup.exe (PID: 8816)
      • MicrosoftEdgeUpdate.exe (PID: 8848)

    • Starts itself from another location

      • MicrosoftEdgeUpdate.exe (PID: 8848)

    • Creates/Modifies COM task schedule object

      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 8900)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 8928)
      • MicrosoftEdgeUpdate.exe (PID: 8876)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 8956)

    • Reads security settings of Internet Explorer

      • MicrosoftEdgeUpdate.exe (PID: 8848)
      • MicrosoftEdgeUpdate.exe (PID: 9096)
      • msedgewebview2.exe (PID: 8940)
      • Roblox Checker.exe (PID: 8572)

    • Application launched itself

      • MicrosoftEdgeUpdate.exe (PID: 9096)
      • setup.exe (PID: 4680)
      • msedgewebview2.exe (PID: 8940)

    • Searches for installed software

      • setup.exe (PID: 4680)
      • msedgewebview2.exe (PID: 8940)

    • Creates file in the systems drive root

      • Roblox Checker.exe (PID: 8572)

  • INFO

    • Executable content was dropped or overwritten

      • WinRAR.exe (PID: 8312)

    • Reads the computer name

      • Roblox Checker.exe (PID: 8572)
      • MicrosoftEdgeUpdate.exe (PID: 8848)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 8956)
      • MicrosoftEdgeUpdate.exe (PID: 8876)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 8900)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 8928)
      • MicrosoftEdgeUpdate.exe (PID: 9012)
      • MicrosoftEdgeUpdate.exe (PID: 9052)
      • MicrosoftEdgeUpdate.exe (PID: 9096)
      • MicrosoftEdge_X64_141.0.3537.71.exe (PID: 4076)
      • setup.exe (PID: 4680)
      • MicrosoftEdgeUpdate.exe (PID: 588)
      • msedgewebview2.exe (PID: 8940)
      • msedgewebview2.exe (PID: 5180)
      • msedgewebview2.exe (PID: 8100)
      • msedgewebview2.exe (PID: 5232)

    • Checks supported languages

      • Roblox Checker.exe (PID: 8572)
      • MicrosoftEdgeWebview2Setup.exe (PID: 8816)
      • MicrosoftEdgeUpdate.exe (PID: 8848)
      • MicrosoftEdgeUpdate.exe (PID: 8876)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 8928)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 8956)
      • MicrosoftEdgeUpdate.exe (PID: 9012)
      • MicrosoftEdgeUpdateComRegisterShell64.exe (PID: 8900)
      • MicrosoftEdgeUpdate.exe (PID: 9052)
      • MicrosoftEdgeUpdate.exe (PID: 9096)
      • MicrosoftEdge_X64_141.0.3537.71.exe (PID: 4076)
      • setup.exe (PID: 4680)
      • setup.exe (PID: 4688)
      • MicrosoftEdgeUpdate.exe (PID: 588)
      • msedgewebview2.exe (PID: 8940)
      • msedgewebview2.exe (PID: 5180)
      • msedgewebview2.exe (PID: 8976)
      • msedgewebview2.exe (PID: 2260)
      • msedgewebview2.exe (PID: 844)
      • msedgewebview2.exe (PID: 8100)
      • msedgewebview2.exe (PID: 7908)
      • msedgewebview2.exe (PID: 7704)
      • msedgewebview2.exe (PID: 7592)
      • msedgewebview2.exe (PID: 2016)
      • msedgewebview2.exe (PID: 1912)
      • msedgewebview2.exe (PID: 5232)
      • msedgewebview2.exe (PID: 4912)
      • msedgewebview2.exe (PID: 5792)
      • msedgewebview2.exe (PID: 7560)

    • Reads Environment values

      • Roblox Checker.exe (PID: 8572)
      • MicrosoftEdgeUpdate.exe (PID: 9012)
      • MicrosoftEdgeUpdate.exe (PID: 588)
      • msedgewebview2.exe (PID: 8940)

    • Manual execution by a user

      • Roblox Checker.exe (PID: 8572)
      • notepad++.exe (PID: 6936)

    • Reads the machine GUID from the registry

      • Roblox Checker.exe (PID: 8572)
      • MicrosoftEdgeUpdate.exe (PID: 9096)
      • msedgewebview2.exe (PID: 8940)
      • msedgewebview2.exe (PID: 5232)

    • Reads the software policy settings

      • Roblox Checker.exe (PID: 8572)
      • MicrosoftEdgeUpdate.exe (PID: 9012)
      • MicrosoftEdgeUpdate.exe (PID: 9096)
      • MicrosoftEdgeUpdate.exe (PID: 588)
      • slui.exe (PID: 760)

    • The sample compiled with english language support

      • Roblox Checker.exe (PID: 8572)
      • MicrosoftEdgeWebview2Setup.exe (PID: 8816)
      • MicrosoftEdgeUpdate.exe (PID: 8848)
      • MicrosoftEdge_X64_141.0.3537.71.exe (PID: 4076)
      • setup.exe (PID: 4680)
      • msedgewebview2.exe (PID: 7908)

    • Create files in a temporary directory

      • Roblox Checker.exe (PID: 8572)
      • MicrosoftEdgeWebview2Setup.exe (PID: 8816)
      • msedgewebview2.exe (PID: 8940)

    • Creates files or folders in the user directory

      • MicrosoftEdgeUpdate.exe (PID: 8848)
      • MicrosoftEdgeUpdate.exe (PID: 9096)
      • MicrosoftEdge_X64_141.0.3537.71.exe (PID: 4076)
      • setup.exe (PID: 4688)
      • setup.exe (PID: 4680)
      • msedgewebview2.exe (PID: 8940)
      • msedgewebview2.exe (PID: 8976)
      • msedgewebview2.exe (PID: 8100)
      • msedgewebview2.exe (PID: 5232)

    • Checks proxy server information

      • MicrosoftEdgeUpdate.exe (PID: 9012)
      • MicrosoftEdgeUpdate.exe (PID: 9096)
      • MicrosoftEdgeUpdate.exe (PID: 588)
      • msedgewebview2.exe (PID: 8940)
      • slui.exe (PID: 760)

    • Process checks computer location settings

      • MicrosoftEdgeUpdate.exe (PID: 8848)
      • setup.exe (PID: 4680)
      • msedgewebview2.exe (PID: 8940)
      • msedgewebview2.exe (PID: 844)

    • Application based on Golang

      • Roblox Checker.exe (PID: 8572)

    • Creates a software uninstall entry

      • setup.exe (PID: 4680)

    • Reads CPU info

      • msedgewebview2.exe (PID: 8940)

    • Reads Microsoft Office registry keys

      • OpenWith.exe (PID: 4608)

    • Reads security settings of Internet Explorer

      • OpenWith.exe (PID: 4608)
      • notepad.exe (PID: 8464)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.zip | ZIP compressed archive (100)

EXIF

ZIP

ZipRequiredVersion: 20
ZipBitFlag: -
ZipCompression: Deflated
ZipModifyDate: 2025:07:30 12:56:42
ZipCRC: 0xaf6cf6cf
ZipCompressedSize: 88
ZipUncompressedSize: 105
ZipFileName: config.dat
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
214
Monitored processes
34
Malicious processes
5
Suspicious processes
0

Behavior graph

Click at the process to see the details
start winrar.exe roblox checker.exe microsoftedgewebview2setup.exe microsoftedgeupdate.exe microsoftedgeupdate.exe no specs microsoftedgeupdatecomregistershell64.exe no specs microsoftedgeupdatecomregistershell64.exe no specs microsoftedgeupdatecomregistershell64.exe no specs microsoftedgeupdate.exe microsoftedgeupdate.exe no specs microsoftedgeupdate.exe microsoftedge_x64_141.0.3537.71.exe setup.exe setup.exe no specs slui.exe microsoftedgeupdate.exe msedgewebview2.exe msedgewebview2.exe no specs msedgewebview2.exe no specs msedgewebview2.exe msedgewebview2.exe no specs msedgewebview2.exe no specs msedgewebview2.exe no specs msedgewebview2.exe no specs msedgewebview2.exe no specs openwith.exe no specs msedgewebview2.exe no specs notepad.exe no specs notepad++.exe msedgewebview2.exe no specs msedgewebview2.exe msedgewebview2.exe no specs msedgewebview2.exe msedgewebview2.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
588"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4yMDEuMTEiIHNoZWxsX3ZlcnNpb249IjEuMy4yMDEuMTEiIGlzbWFjaGluZT0iMCIgc2Vzc2lvbmlkPSJ7OTJGNTBDRDctODVEMS00ODIzLUFCRUYtRjRFNzcyODkxM0NDfSIgdXNlcmlkPSJ7QTI0NDVEOTUtMUZFMC00QkVDLTk5MUEtQkI4REIyNEYxNkIxfSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezgzOEIwQ0VBLTFBOTgtNEM2Mi1CMkRELTdFMDE2MTY5M0QxOH0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI2IiBwaHlzbWVtb3J5PSI2IiBkaXNrX3R5cGU9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDUuNDA0NiIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJERUxMIiBwcm9kdWN0X25hbWU9IkRFTEwiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjE0MS4wLjM1MzcuNzEiIGxhbmc9ImVuIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTUzMDI4OTA1NTQiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNTMwMzA0NjU0OSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE1NDEyNTM2MjMwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy9iZWVjMTUyYy1jZmQ3LTQyOTAtOTJmNS0wNWQyOTZhNTMwMGQ_UDE9MTc2MDgwMDUxNiZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1jRTNwMzRrcmd0M1lsS3ZydmF6bzJzNzBmMU84MWpwMnNyVWxuSWkwZ1I0UWlnSUFiJTJmMTBXRlgzTDd6OWNWU2NGQW5PR0k0cnVaaVlLc0JBN3hPckdnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTg2NjQzNTEyIiB0b3RhbD0iMTg2NjQzNTEyIiBkb3dubG9hZF90aW1lX21zPSI4Mzg2Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTU0MTI2OTI0ODQiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNTQzMTEyOTg2OSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTU3ODA0NTc0NzEiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxNTYiIGRvd25sb2FkX3RpbWVfbXM9IjEwOTY1IiBkb3dubG9hZGVkPSIxODY2NDM1MTIiIHRvdGFsPSIxODY2NDM1MTIiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjM0OTMyIi8-PC9hcHA-PC9yZXF1ZXN0PgC:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
MicrosoftEdgeUpdate.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge Update
Exit code:
0
Version:
1.3.201.11
Modules
Images
c:\users\admin\appdata\local\microsoft\edgeupdate\microsoftedgeupdate.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\ole32.dll
760C:\WINDOWS\System32\slui.exe -EmbeddingC:\Windows\System32\slui.exe
svchost.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Activation Client
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\slui.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\user32.dll
844"C:\Users\admin\AppData\Local\Microsoft\EdgeWebView\Application\141.0.3537.71\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Roblox Checker.exe\EBWebView" --webview-exe-name="Roblox Checker.exe" --webview-exe-version=1.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --dma-cps-flags=0 --force-high-res-timeticks=disabled --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--expose-gc --ms-user-locale=" --ssd-no-pressure-read-main-dll --metrics-shmem-handle=3552,i,16106663903105855116,13852398487882951658,2097152 --field-trial-handle=1856,i,16854350069605477207,11121737138700777629,262144 --enable-features=ForceSWDCompWhenDCompFallbackRequired,LocalNetworkAccessForFencedFrameNavigationsWarningOnly,LocalNetworkAccessForNavigationsWarningOnly,LocalNetworkAccessForSubframeNavigationsWarningOnly,LocalNetworkAccessForWorkersWarningOnly,msAggressiveCacheTrimming,msCustomDataPartition,msWebView2NoTabForScreenShare,msWindowsTaskManager --disable-features=BackForwardCache,BackgroundTabLoadingFromPerformanceManager,CloseOmniboxPopupOnInactiveAreaClick,CollectAVProductsInfo,CollectCodeIntegrityInfo,EnableHangWatcher,FilterAdsOnAbusiveSites,GetWifiProtocol,LoginDetection,MediaFoundationCameraUsageMonitoring,PreconnectToSearch,SafetyHub,SegmentationPlatform,SpareRendererForSitePerProcess,Ukm,WebPayments,msAITrackerClassification,msAbydosForWindowlessWV2,msAffirmVirtualCard,msAllowChromeWebstore,msAllowMSAPrtSSOForNonMSAProfile,msApplicationGuard,msAskBeforeClosingMultipleTabs,msAutoToggleAADPrtSSOForNonAADProfile,msAutofillEdgeCoupons,msAutofillEdgeCouponsAutoApply,msAutofillEdgeServiceRequest,msAutofillEnableEdgeSuggestions,msAutomaticTabFreeze,msBrowserSettingsSupported,msCoarseGeolocationService,msDataProtection,msDesktopMode,msDesktopRewards,msDisableVariationsSeedFetchThrottling,msEEProactiveHistory,msETFOffstoreExtensionFileDataCollection,msETFPasswordTheftDNRActionSignals,msEdgeAdPlatformUI,msEdgeAddWebCapturetoCollections,msEdgeAutofillShowDeployedPassword,msEdgeCaptureSelectionInPDF,msEdgeCloudConfigService,msEdgeCloudConfigServiceV2,msEdgeCohorts,msEdgeCollectionsPrismExperiment1,msEdgeCollectionsPrismOverallMigration,msEdgeComposeNext,msEdgeEnableNurturingFramework,msEdgeEnclavePrefsBasic,msEdgeEnclavePrefsNotification,msEdgeFaviconService,msEdgeHJTelemetry,msEdgeHubAppSkype,msEdgeImageEditorUI,msEdgeLinkDoctor,msEdgeMouseGestureDefaultEnabled,msEdgeMouseGestureSupported,msEdgeNewDeviceFre,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgePDFCMHighlightUX,msEdgePasswordIris,msEdgePasswordIrisSaveBubble,msEdgePasswordStrengthCheck,msEdgeProngPersonalization,msEdgeReadingView,msEdgeRose,msEdgeScreenshotUI,msEdgeSendTabToSelf,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingPersistentStorage,msEdgeShoppingUI,msEdgeSmartFind,msEdgeSuperDragDefaultEnabled,msEdgeSuperDragDropSupported,msEdgeTranslate,msEdgeUpdatesMoreMenuPill,msEdgeWebCapture,msEdgeWebCaptureUniformExperience,msEdgeWebContentFilteringFeedback,msEdgeWorkSearchBanner,msEnableCustomJobMemoryLimitsOnXbox,msEnableMIPForPDF,msEnablePdfUpsell,msEnableThirdPartyScanning,msEnableWebSignInCta,msEnableWebToBrowserSignIn,msEndpointDlp,msEntityExtraction,msExtensionTelemetryFramework,msExternalTaskManager,msFileSystemAccessDirectoryIterationBlocklistCheck,msForceBrowserSignIn,msForeignSessionsPage,msGeolocationAccessService,msGeolocationOSLocationPermissionFallback,msGeolocationSQMService,msGeolocationService,msGrowthInfraLaunchSourceLogging,msGuidedSwitchAllowed,msHubPinPersist,msImplicitSignin,msIrm,msIrmv2,msKlarnaVirtualCard,msLlmConsumerDlpPurview,msLoadStatistics,msLogIsEdgePinnedToTaskbarOnLaunch,msMIPCrossTenantPdfViewSupport,msMdatpWebSiteDlp,msNotificationPermissionForPWA,msNumberOfSitesToPin,msNurturingGlobalSitePinningOnCloseModal,msNurturingSitePinningCITopSites,msNurturingSitePinningWithWindowsConsent,msOnHoverSearchInSidebar,msOpenOfficeDocumentsInWebViewer,msPageInteractionRestrictionRevoke,msPasswordBreachDetection,msPdfAnnotationsVisibility,msPdfDataRecovery,msPdfDigitalSignatureRead,msPdfFreeText,msPdfFreeTextForCJK,msPdfHighlightMode,msPdfInking,msPdfKeyphraseSupport,msPdfOOUI,msPdfPopupMarkerRenderer,msPdfShare,msPdfSharedLibrary,msPdfTextNote,msPdfTextNoteMoreMenu,msPdfThumbnailCache,msPdfUnderside,msPdfViewRestore,msPersonalizationUMA,msPriceComparison,msPromptDefaultHandlerForPDF,msReactiveSearch,msReadAloud,msReadAloudPdf,msRedirectToShoreline,msRevokeExtensions,msSaasDlp,msShoppingTrigger,msShorelineSearch,msShorelineSearchFindOnPageWebUI,msShowOfflineGameEntrance,msShowReadAloudIconInAddressBar,msShowUXForAADPrtSSOForNonAADProfile,msSitePinningWithoutUi,msSmartScreenProtection,msSuspendMessageForNewSessionWhenHavingPendingNavigation,msSyncEdgeCollections,msTabResourceStats,msTokenizationAutofillInlineEnabled,msTouchMode,msTriggeringSignalGenerator,msUserUnderstanding,msVideoSuperResolutionUI,msWalletBuyNow,msWalletCheckout,msWalletDiagnosticDataLogger,msWalletHubEntry,msWalletHubIntlP3,msWalletPartialCard,msWalletPasswordCategorization,msWalletPasswordCategorizationPlatformExpansion,msWalletTokenizationCardMetadata,msWalletTokenizedAutofill,msWebAssist,msWebAssistHistorySearchService,msWebOOUI,msWindowsUserActivities,msZipPayVirtualCard --variations-seed-version --mojo-platform-channel-handle=3560 /prefetch:1C:\Users\admin\AppData\Local\Microsoft\EdgeWebView\Application\141.0.3537.71\msedgewebview2.exemsedgewebview2.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge WebView2
Version:
141.0.3537.71
Modules
Images
c:\users\admin\appdata\local\microsoft\edgewebview\application\141.0.3537.71\msedgewebview2.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edgewebview\application\141.0.3537.71\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1912"C:\Users\admin\AppData\Local\Microsoft\EdgeWebView\Application\141.0.3537.71\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Roblox Checker.exe\EBWebView" --webview-exe-name="Roblox Checker.exe" --webview-exe-version=1.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --force-high-res-timeticks=disabled --ssd-no-pressure-read-main-dll --metrics-shmem-handle=5292,i,13186100353406815813,3741445863754548019,524288 --field-trial-handle=1856,i,16854350069605477207,11121737138700777629,262144 --enable-features=ForceSWDCompWhenDCompFallbackRequired,LocalNetworkAccessForFencedFrameNavigationsWarningOnly,LocalNetworkAccessForNavigationsWarningOnly,LocalNetworkAccessForSubframeNavigationsWarningOnly,LocalNetworkAccessForWorkersWarningOnly,msAggressiveCacheTrimming,msCustomDataPartition,msWebView2NoTabForScreenShare,msWindowsTaskManager --disable-features=BackForwardCache,BackgroundTabLoadingFromPerformanceManager,CloseOmniboxPopupOnInactiveAreaClick,CollectAVProductsInfo,CollectCodeIntegrityInfo,EnableHangWatcher,FilterAdsOnAbusiveSites,GetWifiProtocol,LoginDetection,MediaFoundationCameraUsageMonitoring,PreconnectToSearch,SafetyHub,SegmentationPlatform,SpareRendererForSitePerProcess,Ukm,WebPayments,msAITrackerClassification,msAbydosForWindowlessWV2,msAffirmVirtualCard,msAllowChromeWebstore,msAllowMSAPrtSSOForNonMSAProfile,msApplicationGuard,msAskBeforeClosingMultipleTabs,msAutoToggleAADPrtSSOForNonAADProfile,msAutofillEdgeCoupons,msAutofillEdgeCouponsAutoApply,msAutofillEdgeServiceRequest,msAutofillEnableEdgeSuggestions,msAutomaticTabFreeze,msBrowserSettingsSupported,msCoarseGeolocationService,msDataProtection,msDesktopMode,msDesktopRewards,msDisableVariationsSeedFetchThrottling,msEEProactiveHistory,msETFOffstoreExtensionFileDataCollection,msETFPasswordTheftDNRActionSignals,msEdgeAdPlatformUI,msEdgeAddWebCapturetoCollections,msEdgeAutofillShowDeployedPassword,msEdgeCaptureSelectionInPDF,msEdgeCloudConfigService,msEdgeCloudConfigServiceV2,msEdgeCohorts,msEdgeCollectionsPrismExperiment1,msEdgeCollectionsPrismOverallMigration,msEdgeComposeNext,msEdgeEnableNurturingFramework,msEdgeEnclavePrefsBasic,msEdgeEnclavePrefsNotification,msEdgeFaviconService,msEdgeHJTelemetry,msEdgeHubAppSkype,msEdgeImageEditorUI,msEdgeLinkDoctor,msEdgeMouseGestureDefaultEnabled,msEdgeMouseGestureSupported,msEdgeNewDeviceFre,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgePDFCMHighlightUX,msEdgePasswordIris,msEdgePasswordIrisSaveBubble,msEdgePasswordStrengthCheck,msEdgeProngPersonalization,msEdgeReadingView,msEdgeRose,msEdgeScreenshotUI,msEdgeSendTabToSelf,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingPersistentStorage,msEdgeShoppingUI,msEdgeSmartFind,msEdgeSuperDragDefaultEnabled,msEdgeSuperDragDropSupported,msEdgeTranslate,msEdgeUpdatesMoreMenuPill,msEdgeWebCapture,msEdgeWebCaptureUniformExperience,msEdgeWebContentFilteringFeedback,msEdgeWorkSearchBanner,msEnableCustomJobMemoryLimitsOnXbox,msEnableMIPForPDF,msEnablePdfUpsell,msEnableThirdPartyScanning,msEnableWebSignInCta,msEnableWebToBrowserSignIn,msEndpointDlp,msEntityExtraction,msExtensionTelemetryFramework,msExternalTaskManager,msFileSystemAccessDirectoryIterationBlocklistCheck,msForceBrowserSignIn,msForeignSessionsPage,msGeolocationAccessService,msGeolocationOSLocationPermissionFallback,msGeolocationSQMService,msGeolocationService,msGrowthInfraLaunchSourceLogging,msGuidedSwitchAllowed,msHubPinPersist,msImplicitSignin,msIrm,msIrmv2,msKlarnaVirtualCard,msLlmConsumerDlpPurview,msLoadStatistics,msLogIsEdgePinnedToTaskbarOnLaunch,msMIPCrossTenantPdfViewSupport,msMdatpWebSiteDlp,msNotificationPermissionForPWA,msNumberOfSitesToPin,msNurturingGlobalSitePinningOnCloseModal,msNurturingSitePinningCITopSites,msNurturingSitePinningWithWindowsConsent,msOnHoverSearchInSidebar,msOpenOfficeDocumentsInWebViewer,msPageInteractionRestrictionRevoke,msPasswordBreachDetection,msPdfAnnotationsVisibility,msPdfDataRecovery,msPdfDigitalSignatureRead,msPdfFreeText,msPdfFreeTextForCJK,msPdfHighlightMode,msPdfInking,msPdfKeyphraseSupport,msPdfOOUI,msPdfPopupMarkerRenderer,msPdfShare,msPdfSharedLibrary,msPdfTextNote,msPdfTextNoteMoreMenu,msPdfThumbnailCache,msPdfUnderside,msPdfViewRestore,msPersonalizationUMA,msPriceComparison,msPromptDefaultHandlerForPDF,msReactiveSearch,msReadAloud,msReadAloudPdf,msRedirectToShoreline,msRevokeExtensions,msSaasDlp,msShoppingTrigger,msShorelineSearch,msShorelineSearchFindOnPageWebUI,msShowOfflineGameEntrance,msShowReadAloudIconInAddressBar,msShowUXForAADPrtSSOForNonAADProfile,msSitePinningWithoutUi,msSmartScreenProtection,msSuspendMessageForNewSessionWhenHavingPendingNavigation,msSyncEdgeCollections,msTabResourceStats,msTokenizationAutofillInlineEnabled,msTouchMode,msTriggeringSignalGenerator,msUserUnderstanding,msVideoSuperResolutionUI,msWalletBuyNow,msWalletCheckout,msWalletDiagnosticDataLogger,msWalletHubEntry,msWalletHubIntlP3,msWalletPartialCard,msWalletPasswordCategorization,msWalletPasswordCategorizationPlatformExpansion,msWalletTokenizationCardMetadata,msWalletTokenizedAutofill,msWebAssist,msWebAssistHistorySearchService,msWebOOUI,msWindowsUserActivities,msZipPayVirtualCard --variations-seed-version --mojo-platform-channel-handle=4932 /prefetch:8C:\Users\admin\AppData\Local\Microsoft\EdgeWebView\Application\141.0.3537.71\msedgewebview2.exemsedgewebview2.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge WebView2
Exit code:
0
Version:
141.0.3537.71
Modules
Images
c:\users\admin\appdata\local\microsoft\edgewebview\application\141.0.3537.71\msedgewebview2.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edgewebview\application\141.0.3537.71\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
2016"C:\Users\admin\AppData\Local\Microsoft\EdgeWebView\Application\141.0.3537.71\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Roblox Checker.exe\EBWebView" --webview-exe-name="Roblox Checker.exe" --webview-exe-version=1.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --force-high-res-timeticks=disabled --skip-read-main-dll --metrics-shmem-handle=5228,i,17616062300243198119,2299106183731449771,524288 --field-trial-handle=1856,i,16854350069605477207,11121737138700777629,262144 --enable-features=ForceSWDCompWhenDCompFallbackRequired,LocalNetworkAccessForFencedFrameNavigationsWarningOnly,LocalNetworkAccessForNavigationsWarningOnly,LocalNetworkAccessForSubframeNavigationsWarningOnly,LocalNetworkAccessForWorkersWarningOnly,msAggressiveCacheTrimming,msCustomDataPartition,msWebView2NoTabForScreenShare,msWindowsTaskManager --disable-features=BackForwardCache,BackgroundTabLoadingFromPerformanceManager,CloseOmniboxPopupOnInactiveAreaClick,CollectAVProductsInfo,CollectCodeIntegrityInfo,EnableHangWatcher,FilterAdsOnAbusiveSites,GetWifiProtocol,LoginDetection,MediaFoundationCameraUsageMonitoring,PreconnectToSearch,SafetyHub,SegmentationPlatform,SpareRendererForSitePerProcess,Ukm,WebPayments,msAITrackerClassification,msAbydosForWindowlessWV2,msAffirmVirtualCard,msAllowChromeWebstore,msAllowMSAPrtSSOForNonMSAProfile,msApplicationGuard,msAskBeforeClosingMultipleTabs,msAutoToggleAADPrtSSOForNonAADProfile,msAutofillEdgeCoupons,msAutofillEdgeCouponsAutoApply,msAutofillEdgeServiceRequest,msAutofillEnableEdgeSuggestions,msAutomaticTabFreeze,msBrowserSettingsSupported,msCoarseGeolocationService,msDataProtection,msDesktopMode,msDesktopRewards,msDisableVariationsSeedFetchThrottling,msEEProactiveHistory,msETFOffstoreExtensionFileDataCollection,msETFPasswordTheftDNRActionSignals,msEdgeAdPlatformUI,msEdgeAddWebCapturetoCollections,msEdgeAutofillShowDeployedPassword,msEdgeCaptureSelectionInPDF,msEdgeCloudConfigService,msEdgeCloudConfigServiceV2,msEdgeCohorts,msEdgeCollectionsPrismExperiment1,msEdgeCollectionsPrismOverallMigration,msEdgeComposeNext,msEdgeEnableNurturingFramework,msEdgeEnclavePrefsBasic,msEdgeEnclavePrefsNotification,msEdgeFaviconService,msEdgeHJTelemetry,msEdgeHubAppSkype,msEdgeImageEditorUI,msEdgeLinkDoctor,msEdgeMouseGestureDefaultEnabled,msEdgeMouseGestureSupported,msEdgeNewDeviceFre,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgePDFCMHighlightUX,msEdgePasswordIris,msEdgePasswordIrisSaveBubble,msEdgePasswordStrengthCheck,msEdgeProngPersonalization,msEdgeReadingView,msEdgeRose,msEdgeScreenshotUI,msEdgeSendTabToSelf,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingPersistentStorage,msEdgeShoppingUI,msEdgeSmartFind,msEdgeSuperDragDefaultEnabled,msEdgeSuperDragDropSupported,msEdgeTranslate,msEdgeUpdatesMoreMenuPill,msEdgeWebCapture,msEdgeWebCaptureUniformExperience,msEdgeWebContentFilteringFeedback,msEdgeWorkSearchBanner,msEnableCustomJobMemoryLimitsOnXbox,msEnableMIPForPDF,msEnablePdfUpsell,msEnableThirdPartyScanning,msEnableWebSignInCta,msEnableWebToBrowserSignIn,msEndpointDlp,msEntityExtraction,msExtensionTelemetryFramework,msExternalTaskManager,msFileSystemAccessDirectoryIterationBlocklistCheck,msForceBrowserSignIn,msForeignSessionsPage,msGeolocationAccessService,msGeolocationOSLocationPermissionFallback,msGeolocationSQMService,msGeolocationService,msGrowthInfraLaunchSourceLogging,msGuidedSwitchAllowed,msHubPinPersist,msImplicitSignin,msIrm,msIrmv2,msKlarnaVirtualCard,msLlmConsumerDlpPurview,msLoadStatistics,msLogIsEdgePinnedToTaskbarOnLaunch,msMIPCrossTenantPdfViewSupport,msMdatpWebSiteDlp,msNotificationPermissionForPWA,msNumberOfSitesToPin,msNurturingGlobalSitePinningOnCloseModal,msNurturingSitePinningCITopSites,msNurturingSitePinningWithWindowsConsent,msOnHoverSearchInSidebar,msOpenOfficeDocumentsInWebViewer,msPageInteractionRestrictionRevoke,msPasswordBreachDetection,msPdfAnnotationsVisibility,msPdfDataRecovery,msPdfDigitalSignatureRead,msPdfFreeText,msPdfFreeTextForCJK,msPdfHighlightMode,msPdfInking,msPdfKeyphraseSupport,msPdfOOUI,msPdfPopupMarkerRenderer,msPdfShare,msPdfSharedLibrary,msPdfTextNote,msPdfTextNoteMoreMenu,msPdfThumbnailCache,msPdfUnderside,msPdfViewRestore,msPersonalizationUMA,msPriceComparison,msPromptDefaultHandlerForPDF,msReactiveSearch,msReadAloud,msReadAloudPdf,msRedirectToShoreline,msRevokeExtensions,msSaasDlp,msShoppingTrigger,msShorelineSearch,msShorelineSearchFindOnPageWebUI,msShowOfflineGameEntrance,msShowReadAloudIconInAddressBar,msShowUXForAADPrtSSOForNonAADProfile,msSitePinningWithoutUi,msSmartScreenProtection,msSuspendMessageForNewSessionWhenHavingPendingNavigation,msSyncEdgeCollections,msTabResourceStats,msTokenizationAutofillInlineEnabled,msTouchMode,msTriggeringSignalGenerator,msUserUnderstanding,msVideoSuperResolutionUI,msWalletBuyNow,msWalletCheckout,msWalletDiagnosticDataLogger,msWalletHubEntry,msWalletHubIntlP3,msWalletPartialCard,msWalletPasswordCategorization,msWalletPasswordCategorizationPlatformExpansion,msWalletTokenizationCardMetadata,msWalletTokenizedAutofill,msWebAssist,msWebAssistHistorySearchService,msWebOOUI,msWindowsUserActivities,msZipPayVirtualCard --variations-seed-version --mojo-platform-channel-handle=5268 /prefetch:8C:\Users\admin\AppData\Local\Microsoft\EdgeWebView\Application\141.0.3537.71\msedgewebview2.exemsedgewebview2.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge WebView2
Exit code:
0
Version:
141.0.3537.71
Modules
Images
c:\users\admin\appdata\local\microsoft\edgewebview\application\141.0.3537.71\msedgewebview2.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edgewebview\application\141.0.3537.71\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
2260"C:\Users\admin\AppData\Local\Microsoft\EdgeWebView\Application\141.0.3537.71\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\admin\AppData\Roaming\Roblox Checker.exe\EBWebView" --webview-exe-name="Roblox Checker.exe" --webview-exe-version=1.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --force-high-res-timeticks=disabled --startup-read-main-dll --metrics-shmem-handle=2272,i,12765656330369809527,17155120705515210338,524288 --field-trial-handle=1856,i,16854350069605477207,11121737138700777629,262144 --enable-features=ForceSWDCompWhenDCompFallbackRequired,LocalNetworkAccessForFencedFrameNavigationsWarningOnly,LocalNetworkAccessForNavigationsWarningOnly,LocalNetworkAccessForSubframeNavigationsWarningOnly,LocalNetworkAccessForWorkersWarningOnly,msAggressiveCacheTrimming,msCustomDataPartition,msWebView2NoTabForScreenShare,msWindowsTaskManager --disable-features=BackForwardCache,BackgroundTabLoadingFromPerformanceManager,CloseOmniboxPopupOnInactiveAreaClick,CollectAVProductsInfo,CollectCodeIntegrityInfo,EnableHangWatcher,FilterAdsOnAbusiveSites,GetWifiProtocol,LoginDetection,MediaFoundationCameraUsageMonitoring,PreconnectToSearch,SafetyHub,SegmentationPlatform,SpareRendererForSitePerProcess,Ukm,WebPayments,msAITrackerClassification,msAbydosForWindowlessWV2,msAffirmVirtualCard,msAllowChromeWebstore,msAllowMSAPrtSSOForNonMSAProfile,msApplicationGuard,msAskBeforeClosingMultipleTabs,msAutoToggleAADPrtSSOForNonAADProfile,msAutofillEdgeCoupons,msAutofillEdgeCouponsAutoApply,msAutofillEdgeServiceRequest,msAutofillEnableEdgeSuggestions,msAutomaticTabFreeze,msBrowserSettingsSupported,msCoarseGeolocationService,msDataProtection,msDesktopMode,msDesktopRewards,msDisableVariationsSeedFetchThrottling,msEEProactiveHistory,msETFOffstoreExtensionFileDataCollection,msETFPasswordTheftDNRActionSignals,msEdgeAdPlatformUI,msEdgeAddWebCapturetoCollections,msEdgeAutofillShowDeployedPassword,msEdgeCaptureSelectionInPDF,msEdgeCloudConfigService,msEdgeCloudConfigServiceV2,msEdgeCohorts,msEdgeCollectionsPrismExperiment1,msEdgeCollectionsPrismOverallMigration,msEdgeComposeNext,msEdgeEnableNurturingFramework,msEdgeEnclavePrefsBasic,msEdgeEnclavePrefsNotification,msEdgeFaviconService,msEdgeHJTelemetry,msEdgeHubAppSkype,msEdgeImageEditorUI,msEdgeLinkDoctor,msEdgeMouseGestureDefaultEnabled,msEdgeMouseGestureSupported,msEdgeNewDeviceFre,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgePDFCMHighlightUX,msEdgePasswordIris,msEdgePasswordIrisSaveBubble,msEdgePasswordStrengthCheck,msEdgeProngPersonalization,msEdgeReadingView,msEdgeRose,msEdgeScreenshotUI,msEdgeSendTabToSelf,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingPersistentStorage,msEdgeShoppingUI,msEdgeSmartFind,msEdgeSuperDragDefaultEnabled,msEdgeSuperDragDropSupported,msEdgeTranslate,msEdgeUpdatesMoreMenuPill,msEdgeWebCapture,msEdgeWebCaptureUniformExperience,msEdgeWebContentFilteringFeedback,msEdgeWorkSearchBanner,msEnableCustomJobMemoryLimitsOnXbox,msEnableMIPForPDF,msEnablePdfUpsell,msEnableThirdPartyScanning,msEnableWebSignInCta,msEnableWebToBrowserSignIn,msEndpointDlp,msEntityExtraction,msExtensionTelemetryFramework,msExternalTaskManager,msFileSystemAccessDirectoryIterationBlocklistCheck,msForceBrowserSignIn,msForeignSessionsPage,msGeolocationAccessService,msGeolocationOSLocationPermissionFallback,msGeolocationSQMService,msGeolocationService,msGrowthInfraLaunchSourceLogging,msGuidedSwitchAllowed,msHubPinPersist,msImplicitSignin,msIrm,msIrmv2,msKlarnaVirtualCard,msLlmConsumerDlpPurview,msLoadStatistics,msLogIsEdgePinnedToTaskbarOnLaunch,msMIPCrossTenantPdfViewSupport,msMdatpWebSiteDlp,msNotificationPermissionForPWA,msNumberOfSitesToPin,msNurturingGlobalSitePinningOnCloseModal,msNurturingSitePinningCITopSites,msNurturingSitePinningWithWindowsConsent,msOnHoverSearchInSidebar,msOpenOfficeDocumentsInWebViewer,msPageInteractionRestrictionRevoke,msPasswordBreachDetection,msPdfAnnotationsVisibility,msPdfDataRecovery,msPdfDigitalSignatureRead,msPdfFreeText,msPdfFreeTextForCJK,msPdfHighlightMode,msPdfInking,msPdfKeyphraseSupport,msPdfOOUI,msPdfPopupMarkerRenderer,msPdfShare,msPdfSharedLibrary,msPdfTextNote,msPdfTextNoteMoreMenu,msPdfThumbnailCache,msPdfUnderside,msPdfViewRestore,msPersonalizationUMA,msPriceComparison,msPromptDefaultHandlerForPDF,msReactiveSearch,msReadAloud,msReadAloudPdf,msRedirectToShoreline,msRevokeExtensions,msSaasDlp,msShoppingTrigger,msShorelineSearch,msShorelineSearchFindOnPageWebUI,msShowOfflineGameEntrance,msShowReadAloudIconInAddressBar,msShowUXForAADPrtSSOForNonAADProfile,msSitePinningWithoutUi,msSmartScreenProtection,msSuspendMessageForNewSessionWhenHavingPendingNavigation,msSyncEdgeCollections,msTabResourceStats,msTokenizationAutofillInlineEnabled,msTouchMode,msTriggeringSignalGenerator,msUserUnderstanding,msVideoSuperResolutionUI,msWalletBuyNow,msWalletCheckout,msWalletDiagnosticDataLogger,msWalletHubEntry,msWalletHubIntlP3,msWalletPartialCard,msWalletPasswordCategorization,msWalletPasswordCategorizationPlatformExpansion,msWalletTokenizationCardMetadata,msWalletTokenizedAutofill,msWebAssist,msWebAssistHistorySearchService,msWebOOUI,msWindowsUserActivities,msZipPayVirtualCard --variations-seed-version --mojo-platform-channel-handle=2384 /prefetch:8C:\Users\admin\AppData\Local\Microsoft\EdgeWebView\Application\141.0.3537.71\msedgewebview2.exemsedgewebview2.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge WebView2
Version:
141.0.3537.71
Modules
Images
c:\users\admin\appdata\local\microsoft\edgewebview\application\141.0.3537.71\msedgewebview2.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edgewebview\application\141.0.3537.71\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
4076"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\Install\{38A5158B-2072-4B3E-97AE-317554FAC243}\MicrosoftEdge_X64_141.0.3537.71.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --user-levelC:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\Install\{38A5158B-2072-4B3E-97AE-317554FAC243}\MicrosoftEdge_X64_141.0.3537.71.exe
MicrosoftEdgeUpdate.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge Installer
Exit code:
0
Version:
141.0.3537.71
Modules
Images
c:\users\admin\appdata\local\microsoft\edgeupdate\install\{38a5158b-2072-4b3e-97ae-317554fac243}\microsoftedge_x64_141.0.3537.71.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
4608C:\WINDOWS\system32\OpenWith.exe -EmbeddingC:\Windows\System32\OpenWith.exesvchost.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Pick an app
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\openwith.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
4680"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\Install\{38A5158B-2072-4B3E-97AE-317554FAC243}\EDGEMITMP_F2C69.tmp\setup.exe" --install-archive="C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\Install\{38A5158B-2072-4B3E-97AE-317554FAC243}\MicrosoftEdge_X64_141.0.3537.71.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --user-levelC:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\Install\{38A5158B-2072-4B3E-97AE-317554FAC243}\EDGEMITMP_F2C69.tmp\setup.exe
MicrosoftEdge_X64_141.0.3537.71.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge Installer
Exit code:
0
Version:
141.0.3537.71
Modules
Images
c:\users\admin\appdata\local\microsoft\edgeupdate\install\{38a5158b-2072-4b3e-97ae-317554fac243}\edgemitmp_f2c69.tmp\setup.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
4688C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\Install\{38A5158B-2072-4B3E-97AE-317554FAC243}\EDGEMITMP_F2C69.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Microsoft\EdgeWebView\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=141.0.7390.66 --annotation=exe=C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\Install\{38A5158B-2072-4B3E-97AE-317554FAC243}\EDGEMITMP_F2C69.tmp\setup.exe --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=141.0.3537.71 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff6956f9568,0x7ff6956f9574,0x7ff6956f9580C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\Install\{38A5158B-2072-4B3E-97AE-317554FAC243}\EDGEMITMP_F2C69.tmp\setup.exesetup.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge Installer
Exit code:
0
Version:
141.0.3537.71
Modules
Images
c:\users\admin\appdata\local\microsoft\edgeupdate\install\{38a5158b-2072-4b3e-97ae-317554fac243}\edgemitmp_f2c69.tmp\setup.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
Total events
28 966
Read events
27 233
Write events
1 641
Delete events
92

Modification events

(PID) Process:(8312) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:3
Value:
C:\Users\admin\Desktop\preferences.zip
(PID) Process:(8312) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:2
Value:
C:\Users\admin\Desktop\chromium_ext.zip
(PID) Process:(8312) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:1
Value:
C:\Users\admin\Desktop\omni_23_10_2024_.zip
(PID) Process:(8312) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\AppData\Local\Temp\Roblox Checker.zip
(PID) Process:(8312) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(8312) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(8312) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
(PID) Process:(8312) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:mtime
Value:
100
(PID) Process:(8312) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\Interface\MainWin
Operation:writeName:Placement
Value:
2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3D0000002D000000FD03000016020000
(PID) Process:(8312) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\ArcColumnWidths
Operation:writeName:name
Value:
256
Executable files
216
Suspicious files
247
Text files
38
Unknown types
0

Dropped files

PID
Process
Filename
Type
8572Roblox Checker.exeC:\Users\admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exeexecutable
MD5:B603BC0764ECDC3D8F369738601E67FB
SHA256:51934799B259678F830CEA001F408139C93B318F123E9CF710106F78D69DDB93
8816MicrosoftEdgeWebview2Setup.exeC:\Users\admin\AppData\Local\Temp\EU5062.tmp\MicrosoftEdgeUpdate.exeexecutable
MD5:9547820B8B4FC26E91EDF5B4782D2188
SHA256:FD3F30354C00D30F09436E58504A94FB8C7A2F6B0929E44C8F3F72A10C28E3DC
8816MicrosoftEdgeWebview2Setup.exeC:\Users\admin\AppData\Local\Temp\EU5062.tmp\MicrosoftEdgeUpdateOnDemand.exeexecutable
MD5:E7726BEC864BC223CC8B7EB0B463021C
SHA256:09932705B882A1B13684163DC3D8F2469A3ACA8A69AC3E512ACD9C29850A2827
8816MicrosoftEdgeWebview2Setup.exeC:\Users\admin\AppData\Local\Temp\EU5062.tmp\msedgeupdate.dllexecutable
MD5:02201785BBDD0A0C225BB597BE0CACBB
SHA256:7BA3C59E2E7665F38F9ABCC5D30A0D832EB6DE57F98184BB9B0C1B2137960D8B
8816MicrosoftEdgeWebview2Setup.exeC:\Users\admin\AppData\Local\Temp\EU5062.tmp\psmachine_arm64.dllexecutable
MD5:6BDDEDDFAF8A92FFA4C452106A484F05
SHA256:345802A5D6875FBAAB6CD1CDAFDE7E838818E71B7836609894C079C2815D8375
8312WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa8312.33345\Roblox Checker.exeexecutable
MD5:EF4AEA7A9C9845FBA38030D9DC3EE28C
SHA256:3060E72216167C02002C8D18CCE7E46289276DB37AF5FCD5E9DEE1053A5CADAC
8816MicrosoftEdgeWebview2Setup.exeC:\Users\admin\AppData\Local\Temp\EU5062.tmp\MicrosoftEdgeUpdateComRegisterShell64.exeexecutable
MD5:21AE192CF231C441C95DFE827086C485
SHA256:D880BB06A94A2BD98E387BCEE4F080C7C8E6E04EB37ECB3C4CB414CF29A4EA02
8816MicrosoftEdgeWebview2Setup.exeC:\Users\admin\AppData\Local\Temp\EU5062.tmp\psuser_64.dllexecutable
MD5:F4672B986B38548165D8E98172044E84
SHA256:8DC205B7EDDF458C64D73A4B969485337FB2BD2C6A019678706403860F2DA310
8816MicrosoftEdgeWebview2Setup.exeC:\Users\admin\AppData\Local\Temp\EU5062.tmp\msedgeupdateres_am.dllexecutable
MD5:49BD36DA3BB0BEE1647E493FA7721608
SHA256:9BF53C476720E0F22EC71320C25588AD32EF435034D9BFF94D4DFAE80314F0AF
8816MicrosoftEdgeWebview2Setup.exeC:\Users\admin\AppData\Local\Temp\EU5062.tmp\NOTICE.TXTtext
MD5:6DD5BF0743F2366A0BDD37E302783BCD
SHA256:91D3FC490565DED7621FF5198960E501B6DB857D5DD45AF2FE7C3ECD141145F5
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
26
TCP/UDP connections
51
DNS requests
41
Threats
9

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
9164
svchost.exe
HEAD
200
199.232.210.172:80
http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/beec152c-cfd7-4290-92f5-05d296a5300d?P1=1760800516&P2=404&P3=2&P4=cE3p34krgt3YlKvrvazo2s70f1O81jp2srUlnIi0gR4QigIAb%2f10WFX3L7z9cVScFAnOGI4ruZiYKsBA7xOrGg%3d%3d
US
whitelisted
9164
svchost.exe
GET
199.232.210.172:80
http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/beec152c-cfd7-4290-92f5-05d296a5300d?P1=1760800516&P2=404&P3=2&P4=cE3p34krgt3YlKvrvazo2s70f1O81jp2srUlnIi0gR4QigIAb%2f10WFX3L7z9cVScFAnOGI4ruZiYKsBA7xOrGg%3d%3d
US
whitelisted
2344
svchost.exe
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
US
binary
471 b
whitelisted
5792
backgroundTaskHost.exe
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAn5bsKVVV8kdJ6vHl3O1J0%3D
US
binary
471 b
whitelisted
7068
backgroundTaskHost.exe
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
US
binary
313 b
whitelisted
4596
backgroundTaskHost.exe
GET
200
184.30.131.245:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAn5bsKVVV8kdJ6vHl3O1J0%3D
US
binary
471 b
whitelisted
9164
svchost.exe
GET
206
199.232.210.172:80
http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fb6dd03b-99d7-4cc8-a878-91c8e655c2d3?P1=1760398058&P2=404&P3=2&P4=Q6%2bp6a0ZM96ODQbPUM9PsnybNamO%2bF2HraBvMZmdCj7hoMHPBXgODhLTrtXIN4CV4CRrAbecR1ZV6cFwci%2bDlg%3d%3d
US
binary
1.09 Kb
whitelisted
9164
svchost.exe
HEAD
200
199.232.210.172:80
http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fb6dd03b-99d7-4cc8-a878-91c8e655c2d3?P1=1760398058&P2=404&P3=2&P4=Q6%2bp6a0ZM96ODQbPUM9PsnybNamO%2bF2HraBvMZmdCj7hoMHPBXgODhLTrtXIN4CV4CRrAbecR1ZV6cFwci%2bDlg%3d%3d
US
whitelisted
9164
svchost.exe
GET
206
199.232.210.172:80
http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/fb6dd03b-99d7-4cc8-a878-91c8e655c2d3?P1=1760398058&P2=404&P3=2&P4=Q6%2bp6a0ZM96ODQbPUM9PsnybNamO%2bF2HraBvMZmdCj7hoMHPBXgODhLTrtXIN4CV4CRrAbecR1ZV6cFwci%2bDlg%3d%3d
US
compressed
235 b
whitelisted
9164
svchost.exe
GET
200
199.232.210.172:80
http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/ddbf4492-d475-4fe4-bcde-6cbac56f6034?P1=1760398059&P2=404&P3=2&P4=ZCVsotHbQ%2bHz7etmXMuicH8ni%2fY55UNj1ixuD9I%2bakdPS%2fTD%2fbClZld9FCKEtXzGHa%2ftc2stRbMPWikO%2fwbREA%3d%3d
US
binary
1.85 Kb
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
6016
MoUsoCoreWorker.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
7996
RUXIMICS.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4
System
192.168.100.255:138
whitelisted
6016
MoUsoCoreWorker.exe
51.124.78.146:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
5948
svchost.exe
51.124.78.146:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
8572
Roblox Checker.exe
95.100.186.9:443
go.microsoft.com
AKAMAI-AS
FR
whitelisted
8572
Roblox Checker.exe
23.50.131.88:443
msedge.sf.dl.delivery.mp.microsoft.com
Akamai International B.V.
DE
whitelisted
9012
MicrosoftEdgeUpdate.exe
150.171.22.17:443
config.edge.skype.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
4192
svchost.exe
239.255.255.250:1900
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 4.231.128.59
  • 51.124.78.146
whitelisted
google.com
  • 142.250.181.238
whitelisted
go.microsoft.com
  • 95.100.186.9
whitelisted
msedge.sf.dl.delivery.mp.microsoft.com
  • 23.50.131.88
  • 23.50.131.87
whitelisted
config.edge.skype.com
  • 150.171.22.17
whitelisted
msedge.api.cdp.microsoft.com
  • 74.178.232.29
whitelisted
msedge.f.tlu.dl.delivery.mp.microsoft.com
  • 199.232.210.172
  • 199.232.214.172
whitelisted
www.bing.com
  • 2.16.241.207
  • 2.16.241.205
  • 2.16.241.218
whitelisted
login.live.com
  • 20.190.160.3
  • 20.190.160.132
  • 20.190.160.5
  • 40.126.32.72
  • 20.190.160.65
  • 20.190.160.4
  • 20.190.160.2
  • 40.126.32.76
whitelisted
ocsp.digicert.com
  • 184.30.131.245
whitelisted

Threats

PID
Process
Class
Message
Unknown Traffic
ET USER_AGENTS Microsoft Dr Watson User-Agent (MSDW)
9164
svchost.exe
Misc activity
ET INFO Packed Executable Download
8100
msedgewebview2.exe
Generic Protocol Command Decode
SURICATA QUIC failed decrypt
8100
msedgewebview2.exe
Generic Protocol Command Decode
SURICATA QUIC failed decrypt
8100
msedgewebview2.exe
Generic Protocol Command Decode
SURICATA QUIC failed decrypt
8100
msedgewebview2.exe
Generic Protocol Command Decode
SURICATA QUIC failed decrypt
8100
msedgewebview2.exe
Generic Protocol Command Decode
SURICATA QUIC failed decrypt
8100
msedgewebview2.exe
Generic Protocol Command Decode
SURICATA QUIC failed decrypt
8100
msedgewebview2.exe
Generic Protocol Command Decode
SURICATA QUIC failed decrypt
Process
Message
msedgewebview2.exe
RecursiveDirectoryCreate( C:\Users\admin\AppData\Roaming directory exists )
Roblox Checker.exe
Warning: AddWebResourceRequestedFilter without SourceKind parameter is deprecated! It does not behave as expected for iframes.Please use AddWebResourceRequestedFilterWithRequestSourceKinds instead. For more information, please see https://go.microsoft.com/fwlink/?linkid=2286319
notepad++.exe
VerifyLibrary: C:\Program Files\Notepad++\SciLexer.dll
notepad++.exe
VerifyLibrary: certificate revocation checking is disabled
notepad++.exe
ED255D9151912E40DF048A56288E969A8D0DAFA3
notepad++.exe
VerifyLibrary: C:\Program Files\Notepad++\updater\gup.exe
notepad++.exe
VerifyLibrary: certificate revocation checking is disabled
notepad++.exe
VerifyLibrary: error while getting certificate informations
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
Roblox Checker.zip