URL:

https://microsoft-paint-3d.en.softonic.com/

Full analysis: https://app.any.run/tasks/d9882061-d53d-47f7-b08d-26d1d066b046
Verdict: Malicious activity
Threats:

A loader is malicious software that infiltrates devices to deliver malicious payloads. This malware is capable of infecting victims’ computers, analyzing their system information, and installing other types of threats, such as trojans or stealers. Criminals usually deliver loaders through phishing emails and links by relying on social engineering to trick users into downloading and running their executables. Loaders employ advanced evasion and persistence tactics to avoid detection.

Malware Trends Tracker     >>>
Analysis date: June 23, 2025, 15:52:54
OS: Windows 10 Professional (build: 19044, 64 bit)
Tags:
loader
antivm
evasion
stealer
Indicators:
MD5:

290FBD2CFB87141667709348EB8A0FDD

SHA1:

98F5DCA76EF5D30217AE8159F40EABAEEF0DFF2B

SHA256:

CD7CB1CC4DC97EA6FDE2F550816D142896ADB6F799F171BA61F9F7DD1A577A63

SSDEEP:

3:N8aYuXZ1HLGK3:21uXZRLGK3

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Changes the autorun value in the registry

      • AVGBrowserUpdate.exe (PID: 9160)
      • AVGBrowser.exe (PID: 472)
      • AVGBrowser.exe (PID: 8712)

    • Steals credentials from Web Browsers

      • AVGBrowser.exe (PID: 3656)

  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • avg_secure_browser_setup.exe (PID: 8472)
      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)
      • AVGBrowserInstaller.exe (PID: 1212)
      • setup.exe (PID: 9196)
      • AVGBrowserInstaller.exe (PID: 8500)

    • The process verifies whether the antivirus software is installed

      • AVGBrowserInstaller.exe (PID: 8500)

    • Reads security settings of Internet Explorer

      • AVGBrowserInstaller.exe (PID: 8500)
      • AVGBrowserUpdate.exe (PID: 9160)
      • AVGBrowser.exe (PID: 8712)
      • AVGBrowserProtect.exe (PID: 8924)
      • setup.exe (PID: 9036)
      • AVGBrowser.exe (PID: 6392)
      • AVGBrowser.exe (PID: 3656)

    • There is functionality for taking screenshot (YARA)

      • avg_secure_browser_setup.exe (PID: 8472)
      • AVGBrowserInstaller.exe (PID: 8500)
      • AVGBrowserUpdate.exe (PID: 9160)
      • AVGBrowserUpdate.exe (PID: 8240)
      • AVGBrowserUpdate.exe (PID: 8244)

    • There is functionality for VM detection VirtualBox (YARA)

      • AVGBrowserInstaller.exe (PID: 8500)

    • There is functionality for VM detection VMWare (YARA)

      • AVGBrowserInstaller.exe (PID: 8500)

    • There is functionality for VM detection antiVM strings (YARA)

      • AVGBrowserInstaller.exe (PID: 8500)

    • Creates/Modifies COM task schedule object

      • AVGBrowserUpdateComRegisterShell64.exe (PID: 6772)
      • AVGBrowserUpdateComRegisterShell64.exe (PID: 2808)
      • AVGBrowserUpdateComRegisterShell64.exe (PID: 8228)
      • AVGBrowserUpdate.exe (PID: 9188)
      • AVGBrowserUpdate.exe (PID: 9160)

    • Starts itself from another location

      • AVGBrowserUpdate.exe (PID: 9160)

    • Process requests binary or script from the Internet

      • AVGBrowserUpdate.exe (PID: 8244)

    • Potential Corporate Privacy Violation

      • AVGBrowserUpdate.exe (PID: 8244)

    • Application launched itself

      • setup.exe (PID: 9196)
      • AVGBrowser.exe (PID: 472)
      • AVGBrowser.exe (PID: 8712)
      • AVGBrowser.exe (PID: 2348)
      • setup.exe (PID: 9036)
      • AVGBrowser.exe (PID: 3656)
      • AVGBrowser.exe (PID: 5464)

    • Creates a software uninstall entry

      • setup.exe (PID: 9196)
      • AVGBrowserInstaller.exe (PID: 8500)
      • AVGBrowser.exe (PID: 472)
      • AVGBrowser.exe (PID: 8712)
      • AVGBrowser.exe (PID: 3656)

    • Searches for installed software

      • setup.exe (PID: 9196)
      • AVGBrowserInstaller.exe (PID: 8500)
      • AVGBrowser.exe (PID: 472)
      • AVGBrowser.exe (PID: 8712)
      • AVGBrowser.exe (PID: 3656)

    • Reads the BIOS version

      • AVGBrowser.exe (PID: 472)
      • AVGBrowser.exe (PID: 8712)
      • AVGBrowser.exe (PID: 3656)

    • The process checks if it is being run in the virtual environment

      • AVGBrowser.exe (PID: 8712)
      • AVGBrowser.exe (PID: 3656)

    • Reads the date of Windows installation

      • AVGBrowser.exe (PID: 6392)
      • setup.exe (PID: 9036)
      • AVGBrowser.exe (PID: 2304)

    • Checks for external IP

      • AVGBrowser.exe (PID: 8932)

    • Reads Mozilla Firefox installation path

      • AVGBrowser.exe (PID: 3656)

  • INFO

    • Reads the computer name

      • identity_helper.exe (PID: 7452)
      • AVGBrowserInstaller.exe (PID: 8500)
      • AVGBrowserUpdate.exe (PID: 9160)
      • AVGBrowserUpdate.exe (PID: 9188)
      • AVGBrowserUpdate.exe (PID: 8240)
      • AVGBrowserUpdate.exe (PID: 8244)
      • AVGBrowserInstaller.exe (PID: 1212)
      • AVGBrowserUpdate.exe (PID: 7860)
      • setup.exe (PID: 9196)
      • AVGBrowser.exe (PID: 472)
      • AVGBrowser.exe (PID: 8712)
      • AVGBrowser.exe (PID: 9076)
      • AVGBrowser.exe (PID: 2792)
      • AVGBrowser.exe (PID: 8240)
      • AVGBrowser.exe (PID: 8280)
      • AVGBrowser.exe (PID: 2348)
      • AVGBrowserProtect.exe (PID: 8924)
      • setup.exe (PID: 9036)
      • AVGBrowser.exe (PID: 7712)
      • AVGBrowser.exe (PID: 6392)
      • AVGBrowser.exe (PID: 3656)
      • AVGBrowser.exe (PID: 8416)
      • AVGBrowser.exe (PID: 8932)
      • AVGBrowser.exe (PID: 5900)
      • AVGBrowser.exe (PID: 2304)
      • AVGBrowser.exe (PID: 5464)
      • AVGBrowser.exe (PID: 8376)
      • AVGBrowser.exe (PID: 9348)
      • AVGBrowser.exe (PID: 9356)

    • Application launched itself

      • msedge.exe (PID: 7080)

    • Reads Environment values

      • identity_helper.exe (PID: 7452)
      • AVGBrowser.exe (PID: 472)
      • AVGBrowser.exe (PID: 8712)
      • AVGBrowser.exe (PID: 3656)

    • Checks supported languages

      • identity_helper.exe (PID: 7452)
      • avg_secure_browser_setup.exe (PID: 8472)
      • AVGBrowserInstaller.exe (PID: 8500)
      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)
      • AVGBrowserUpdate.exe (PID: 9188)
      • AVGBrowserUpdateComRegisterShell64.exe (PID: 6772)
      • AVGBrowserUpdateComRegisterShell64.exe (PID: 2808)
      • AVGBrowserUpdateComRegisterShell64.exe (PID: 8228)
      • AVGBrowserUpdate.exe (PID: 8240)
      • AVGBrowserUpdate.exe (PID: 8244)
      • AVGBrowserInstaller.exe (PID: 1212)
      • AVGBrowserUpdate.exe (PID: 7860)
      • setup.exe (PID: 9196)
      • setup.exe (PID: 7588)
      • AVGBrowserCrashHandler.exe (PID: 7360)
      • AVGBrowserCrashHandler64.exe (PID: 7420)
      • AVGBrowser.exe (PID: 472)
      • AVGBrowser.exe (PID: 8764)
      • AVGBrowser.exe (PID: 9076)
      • AVGBrowser.exe (PID: 2792)
      • AVGBrowser.exe (PID: 9088)
      • AVGBrowser.exe (PID: 6208)
      • AVGBrowser.exe (PID: 1712)
      • AVGBrowser.exe (PID: 1484)
      • AVGBrowser.exe (PID: 888)
      • AVGBrowser.exe (PID: 8712)
      • AVGBrowser.exe (PID: 6124)
      • AVGBrowser.exe (PID: 8820)
      • AVGBrowser.exe (PID: 3736)
      • AVGBrowser.exe (PID: 8412)
      • AVGBrowser.exe (PID: 8280)
      • AVGBrowser.exe (PID: 8240)
      • AVGBrowser.exe (PID: 8376)
      • AVGBrowser.exe (PID: 1712)
      • AVGBrowser.exe (PID: 8708)
      • AVGBrowser.exe (PID: 9196)
      • AVGBrowser.exe (PID: 3628)
      • AVGBrowser.exe (PID: 1512)
      • AVGBrowser.exe (PID: 8580)
      • AVGBrowser.exe (PID: 3924)
      • AVGBrowser.exe (PID: 7924)
      • AVGBrowser.exe (PID: 3756)
      • AVGBrowser.exe (PID: 9052)
      • AVGBrowser.exe (PID: 6704)
      • AVGBrowser.exe (PID: 9084)
      • AVGBrowser.exe (PID: 9028)
      • AVGBrowser.exe (PID: 6392)
      • AVGBrowser.exe (PID: 1212)
      • AVGBrowser.exe (PID: 7332)
      • AVGBrowser.exe (PID: 3872)
      • AVGBrowser.exe (PID: 8784)
      • AVGBrowser.exe (PID: 8796)
      • AVGBrowser.exe (PID: 3396)
      • AVGBrowser.exe (PID: 7604)
      • AVGBrowser.exe (PID: 1712)
      • AVGBrowser.exe (PID: 4236)
      • AVGBrowser.exe (PID: 8720)
      • AVGBrowser.exe (PID: 3876)
      • AVGBrowser.exe (PID: 5904)
      • AVGBrowser.exe (PID: 8716)
      • AVGBrowser.exe (PID: 9176)
      • AVGBrowser.exe (PID: 8604)
      • AVGBrowser.exe (PID: 2348)
      • AVGBrowser.exe (PID: 9152)
      • AVGBrowser.exe (PID: 8868)
      • AVGBrowser.exe (PID: 8312)
      • AVGBrowser.exe (PID: 8784)
      • AVGBrowser.exe (PID: 3948)
      • AVGBrowser.exe (PID: 6068)
      • AVGBrowser.exe (PID: 8568)
      • AVGBrowser.exe (PID: 3572)
      • AVGBrowser.exe (PID: 9040)
      • AVGBrowser.exe (PID: 8588)
      • AVGBrowser.exe (PID: 2348)
      • AVGBrowser.exe (PID: 6016)
      • AVGBrowserProtect.exe (PID: 8924)
      • AVGBrowser.exe (PID: 2528)
      • setup.exe (PID: 9036)
      • setup.exe (PID: 1704)
      • AVGBrowser.exe (PID: 7712)
      • AVGBrowser.exe (PID: 8764)
      • AVGBrowser.exe (PID: 6392)
      • AVGBrowser.exe (PID: 6948)
      • AVGBrowser.exe (PID: 3656)
      • AVGBrowser.exe (PID: 8932)
      • AVGBrowser.exe (PID: 3028)
      • AVGBrowser.exe (PID: 7152)
      • AVGBrowser.exe (PID: 6600)
      • AVGBrowser.exe (PID: 8920)
      • AVGBrowser.exe (PID: 888)
      • AVGBrowser.exe (PID: 8416)
      • AVGBrowser.exe (PID: 8956)
      • AVGBrowser.exe (PID: 7472)
      • AVGBrowser.exe (PID: 6392)
      • AVGBrowser.exe (PID: 1484)
      • AVGBrowser.exe (PID: 8484)
      • AVGBrowser.exe (PID: 5464)
      • AVGBrowser.exe (PID: 5900)
      • AVGBrowser.exe (PID: 2168)
      • AVGBrowser.exe (PID: 2304)
      • AVGBrowser.exe (PID: 9348)
      • AVGBrowser.exe (PID: 9356)
      • AVGBrowser.exe (PID: 9364)
      • AVGBrowser.exe (PID: 8620)
      • AVGBrowser.exe (PID: 9796)
      • AVGBrowser.exe (PID: 6736)
      • AVGBrowser.exe (PID: 8376)
      • AVGBrowser.exe (PID: 8780)
      • AVGBrowser.exe (PID: 9708)

    • Executable content was dropped or overwritten

      • msedge.exe (PID: 5924)
      • msedge.exe (PID: 7080)

    • Launching a file from the Downloads directory

      • msedge.exe (PID: 7080)

    • Create files in a temporary directory

      • avg_secure_browser_setup.exe (PID: 8472)
      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 8244)
      • AVGBrowser.exe (PID: 472)
      • AVGBrowser.exe (PID: 8712)
      • AVGBrowser.exe (PID: 3656)

    • The sample compiled with english language support

      • avg_secure_browser_setup.exe (PID: 8472)
      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)
      • AVGBrowserInstaller.exe (PID: 1212)
      • setup.exe (PID: 9196)

    • Process checks whether UAC notifications are on

      • AVGBrowserInstaller.exe (PID: 8500)

    • Process checks computer location settings

      • AVGBrowserInstaller.exe (PID: 8500)
      • AVGBrowserUpdate.exe (PID: 9160)
      • AVGBrowser.exe (PID: 472)
      • AVGBrowser.exe (PID: 9088)
      • AVGBrowser.exe (PID: 1484)
      • AVGBrowser.exe (PID: 6124)
      • AVGBrowser.exe (PID: 8712)
      • AVGBrowser.exe (PID: 8376)
      • AVGBrowser.exe (PID: 8604)
      • AVGBrowser.exe (PID: 8312)
      • AVGBrowser.exe (PID: 6068)
      • AVGBrowser.exe (PID: 8568)
      • AVGBrowser.exe (PID: 8588)
      • AVGBrowser.exe (PID: 9040)
      • AVGBrowser.exe (PID: 6016)
      • AVGBrowser.exe (PID: 3656)
      • AVGBrowser.exe (PID: 6392)
      • AVGBrowser.exe (PID: 3028)
      • AVGBrowser.exe (PID: 888)
      • AVGBrowser.exe (PID: 8920)
      • AVGBrowser.exe (PID: 2168)
      • AVGBrowser.exe (PID: 6600)
      • AVGBrowser.exe (PID: 6392)
      • AVGBrowser.exe (PID: 8484)
      • AVGBrowser.exe (PID: 7152)
      • AVGBrowser.exe (PID: 7472)
      • AVGBrowser.exe (PID: 2304)

    • Checks proxy server information

      • AVGBrowserInstaller.exe (PID: 8500)
      • AVGBrowserUpdate.exe (PID: 7860)
      • AVGBrowserUpdate.exe (PID: 8244)
      • slui.exe (PID: 8952)
      • AVGBrowser.exe (PID: 472)
      • AVGBrowser.exe (PID: 8712)
      • AVGBrowserProtect.exe (PID: 8924)
      • AVGBrowser.exe (PID: 3656)

    • Reads the machine GUID from the registry

      • AVGBrowserInstaller.exe (PID: 8500)
      • AVGBrowserUpdate.exe (PID: 9160)
      • AVGBrowserUpdate.exe (PID: 8244)
      • AVGBrowser.exe (PID: 472)
      • AVGBrowser.exe (PID: 8712)
      • AVGBrowser.exe (PID: 3656)
      • AVGBrowser.exe (PID: 8376)

    • Reads the software policy settings

      • AVGBrowserInstaller.exe (PID: 8500)
      • AVGBrowserUpdate.exe (PID: 7860)
      • AVGBrowserUpdate.exe (PID: 8244)
      • slui.exe (PID: 8952)

    • The sample compiled with arabic language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • The sample compiled with french language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • The sample compiled with german language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • The sample compiled with bulgarian language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • The sample compiled with czech language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • The sample compiled with japanese language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • The sample compiled with korean language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • The sample compiled with Indonesian language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • The sample compiled with turkish language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • The sample compiled with Italian language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • The sample compiled with portuguese language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • The sample compiled with polish language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • The sample compiled with slovak language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • The sample compiled with russian language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • The sample compiled with swedish language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • The sample compiled with chinese language support

      • AVGBrowserUpdateSetup.exe (PID: 9140)
      • AVGBrowserUpdate.exe (PID: 9160)

    • Creates files or folders in the user directory

      • AVGBrowserUpdate.exe (PID: 9160)
      • AVGBrowserUpdate.exe (PID: 8244)
      • AVGBrowserInstaller.exe (PID: 1212)
      • setup.exe (PID: 9196)
      • setup.exe (PID: 7588)
      • AVGBrowserInstaller.exe (PID: 8500)
      • AVGBrowser.exe (PID: 472)
      • AVGBrowser.exe (PID: 2792)
      • AVGBrowser.exe (PID: 3736)
      • AVGBrowser.exe (PID: 8712)
      • AVGBrowser.exe (PID: 8280)
      • AVGBrowser.exe (PID: 2348)
      • AVGBrowser.exe (PID: 6948)
      • AVGBrowser.exe (PID: 3656)
      • setup.exe (PID: 9036)
      • AVGBrowser.exe (PID: 8932)
      • AVGBrowser.exe (PID: 5464)
      • AVGBrowser.exe (PID: 8376)

    • Launching a file from a Registry key

      • AVGBrowserUpdate.exe (PID: 9160)
      • AVGBrowser.exe (PID: 472)
      • AVGBrowser.exe (PID: 8712)

    • Reads Microsoft Office registry keys

      • OpenWith.exe (PID: 7936)
      • OpenWith.exe (PID: 8240)

    • Reads CPU info

      • AVGBrowser.exe (PID: 8712)
      • AVGBrowser.exe (PID: 3656)

    • Reads security settings of Internet Explorer

      • OpenWith.exe (PID: 8240)
      • notepad.exe (PID: 9544)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
323
Monitored processes
172
Malicious processes
10
Suspicious processes
3

Behavior graph

Click at the process to see the details
start msedge.exe msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs identity_helper.exe no specs identity_helper.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs avg_secure_browser_setup.exe avgbrowserinstaller.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs slui.exe msedge.exe no specs avgbrowserupdatesetup.exe avgbrowserupdate.exe avgbrowserupdate.exe no specs avgbrowserupdatecomregistershell64.exe no specs avgbrowserupdatecomregistershell64.exe no specs avgbrowserupdatecomregistershell64.exe no specs avgbrowserupdate.exe avgbrowserupdate.exe no specs avgbrowserupdate.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs avgbrowserinstaller.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs setup.exe msedge.exe no specs setup.exe no specs msedge.exe no specs openwith.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs avgbrowsercrashhandler.exe no specs avgbrowsercrashhandler64.exe no specs avgbrowser.exe avgbrowser.exe no specs rundll32.exe no specs avgbrowser.exe no specs avgbrowser.exe avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowserprotect.exe avgbrowser.exe no specs setup.exe no specs setup.exe no specs avgbrowser.exe no specs avgbrowser.exe avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs msedge.exe no specs openwith.exe no specs msedge.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs notepad.exe no specs avgbrowser.exe no specs msedge.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs avgbrowser.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
472AVGBrowser.exe --heartbeat --install --create-profileC:\Users\admin\AppData\Local\AVG\Browser\Application\AVGBrowser.exe
AVGBrowserInstaller.exe
User:
admin
Company:
Gen Digital Inc.
Integrity Level:
MEDIUM
Description:
AVG Secure Browser
Exit code:
0
Version:
137.0.30674.104
Modules
Images
c:\users\admin\appdata\local\avg\browser\application\avgbrowser.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\users\admin\appdata\local\avg\browser\application\137.0.30674.104\chrome_elf.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
592"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --disable-quic --string-annotations --always-read-main-dll --field-trial-handle=2716,i,851568941661209627,8064936290875801290,262144 --variations-seed-version --mojo-platform-channel-handle=2744 /prefetch:8C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
888"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --disable-quic --string-annotations --always-read-main-dll --field-trial-handle=8220,i,851568941661209627,8064936290875801290,262144 --variations-seed-version --mojo-platform-channel-handle=6092 /prefetch:8C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
888"C:\Users\admin\AppData\Local\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --force-high-res-timeticks=disabled --field-trial-handle=2060,i,18224979848008943579,15556850775414280668,262144 --variations-seed-version --mojo-platform-channel-handle=4500 /prefetch:8C:\Users\admin\AppData\Local\AVG\Browser\Application\AVGBrowser.exeAVGBrowser.exe
User:
admin
Company:
Gen Digital Inc.
Integrity Level:
LOW
Description:
AVG Secure Browser
Exit code:
0
Version:
137.0.30674.104
Modules
Images
c:\users\admin\appdata\local\avg\browser\application\avgbrowser.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\avg\browser\application\137.0.30674.104\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
888"C:\Users\admin\AppData\Local\AVG\Browser\Application\AVGBrowser.exe" --type=renderer --extension-process --force-high-res-timeticks=disabled --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=2028,i,13979684597187728999,13900666811254219666,262144 --variations-seed-version --mojo-platform-channel-handle=3860 /prefetch:2C:\Users\admin\AppData\Local\AVG\Browser\Application\AVGBrowser.exeAVGBrowser.exe
User:
admin
Company:
Gen Digital Inc.
Integrity Level:
LOW
Description:
AVG Secure Browser
Version:
137.0.30674.104
Modules
Images
c:\users\admin\appdata\local\avg\browser\application\avgbrowser.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\avg\browser\application\137.0.30674.104\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
1036"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=53 --always-read-main-dll --field-trial-handle=10472,i,851568941661209627,8064936290875801290,262144 --variations-seed-version --mojo-platform-channel-handle=9872 /prefetch:1C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1180"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --always-read-main-dll --field-trial-handle=3024,i,851568941661209627,8064936290875801290,262144 --variations-seed-version --mojo-platform-channel-handle=3576 /prefetch:1C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1204"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4340,i,851568941661209627,8064936290875801290,262144 --variations-seed-version --mojo-platform-channel-handle=4364 /prefetch:2C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1212"C:\Users\admin\AppData\Local\AVG\Browser\Update\Install\{B04C12A1-DDC9-4B23-A612-959E77604DD5}\AVGBrowserInstaller.exe" --chrome --do-not-launch-chrome --hide-browser-override --show-developer-mode --suppress-first-run-bubbles --default-search-id=3 --default-search=bing.com --adblock-mode-default=0 --no-create-user-shortcuts --make-chrome-default --force-default-win10 --import-cookiesC:\Users\admin\AppData\Local\AVG\Browser\Update\Install\{B04C12A1-DDC9-4B23-A612-959E77604DD5}\AVGBrowserInstaller.exe
AVGBrowserUpdate.exe
User:
admin
Company:
Gen Digital Inc.
Integrity Level:
MEDIUM
Description:
AVG Secure Browser Installer
Exit code:
0
Version:
137.0.30674.104
Modules
Images
c:\users\admin\appdata\local\avg\browser\update\install\{b04c12a1-ddc9-4b23-a612-959e77604dd5}\avgbrowserinstaller.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\shell32.dll
1212"C:\Users\admin\AppData\Local\AVG\Browser\Application\AVGBrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --force-high-res-timeticks=disabled --field-trial-handle=2484,i,5245309057632254311,8057119782298274991,262144 --variations-seed-version --mojo-platform-channel-handle=4008 /prefetch:8C:\Users\admin\AppData\Local\AVG\Browser\Application\AVGBrowser.exeAVGBrowser.exe
User:
admin
Company:
Gen Digital Inc.
Integrity Level:
LOW
Description:
AVG Secure Browser
Exit code:
0
Version:
137.0.30674.104
Modules
Images
c:\users\admin\appdata\local\avg\browser\application\avgbrowser.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\avg\browser\application\137.0.30674.104\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
Total events
40 503
Read events
37 586
Write events
2 847
Delete events
70

Modification events

(PID) Process:(7080) msedge.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
Operation:writeName:failed_count
Value:
0
(PID) Process:(7080) msedge.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
Operation:writeName:state
Value:
2
(PID) Process:(7080) msedge.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
Operation:writeName:state
Value:
1
(PID) Process:(7080) msedge.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate\ClientStateMedium\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\LastWasDefault
Operation:writeName:S-1-5-21-1693682860-607145093-2874071422-1001
Value:
D6B3AC7DD5962F00
(PID) Process:(7080) msedge.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
Operation:writeName:user_experience_metrics.stability.exited_cleanly
Value:
0
(PID) Process:(7080) msedge.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\590702
Operation:writeName:WindowTabManagerFileMappingId
Value:
{EAE23C06-EAAB-4403-B876-D2AD3F293247}
(PID) Process:(7080) msedge.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\590702
Operation:writeName:WindowTabManagerFileMappingId
Value:
{3D973F4C-1D20-4A1E-BD07-C497969753C3}
(PID) Process:(7080) msedge.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\590702
Operation:writeName:WindowTabManagerFileMappingId
Value:
{33C47996-01A0-490F-A40C-8D8271B0B496}
(PID) Process:(7080) msedge.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\590702
Operation:writeName:WindowTabManagerFileMappingId
Value:
{EAB179BF-BDC3-4A3E-93F8-203E466A38AB}
(PID) Process:(7080) msedge.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\590702
Operation:writeName:WindowTabManagerFileMappingId
Value:
{1EF73D67-E01C-479A-AF1B-68375508BC9A}
Executable files
160
Suspicious files
1 320
Text files
875
Unknown types
213

Dropped files

PID
Process
Filename
Type
7080msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\ClientCertificates\LOG.old~RF177d4e.TMP
MD5:
SHA256:
7080msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\ClientCertificates\LOG.old
MD5:
SHA256:
7080msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\parcel_tracking_db\LOG.old~RF177d5d.TMP
MD5:
SHA256:
7080msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\parcel_tracking_db\LOG.old
MD5:
SHA256:
7080msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\PersistentOriginTrials\LOG.old~RF177d6d.TMP
MD5:
SHA256:
7080msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\PersistentOriginTrials\LOG.old
MD5:
SHA256:
7080msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\LOG.old~RF177d6d.TMP
MD5:
SHA256:
7080msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\LOG.old
MD5:
SHA256:
7080msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\discounts_db\LOG.old~RF177d9c.TMP
MD5:
SHA256:
7080msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\discounts_db\LOG.old
MD5:
SHA256:
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
39
TCP/UDP connections
377
DNS requests
428
Threats
50

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
5924
msedge.exe
GET
200
150.171.28.11:80
http://edge.microsoft.com/browsernetworktime/time/1/current?cup2key=2:4_IpMNuM-mBdKfGX6x__XoHeuqXst0xxWUR8HaUI6bg&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
unknown
whitelisted
1268
svchost.exe
GET
200
23.53.40.178:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
1268
svchost.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
3948
SIHClient.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
3948
SIHClient.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
whitelisted
4520
svchost.exe
GET
200
2.17.190.73:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
7080
msedge.exe
GET
200
2.17.190.73:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfIs%2BLjDtGwQ09XEB1Yeq%2BtX%2BBgQQU7NfjgtJxXWRM3y5nP%2Be6mK4cD08CEAitQLJg0pxMn17Nqb2Trtk%3D
unknown
whitelisted
7080
msedge.exe
GET
200
2.17.190.73:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSRXerF0eFeSWRripTgTkcJWMm7iQQUaDfg67Y7%2BF8Rhvv%2BYXsIiGX0TkICEAQ1YD96iIrhbAWwDxU8xvw%3D
unknown
whitelisted
8244
AVGBrowserUpdate.exe
GET
2.16.168.106:80
http://browser-update.avg.com/browser-avg/win/x64/137.0.30674.104/AVGBrowserInstaller.exe
unknown
whitelisted
7392
svchost.exe
GET
206
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acpeapixpwuzscfa5h5j5m7c4xaa_2025.6.16.0/niikhdgajlphfehepabhhblakbdgeefj_2025.06.16.00_all_acgsomx5qtwgffxcrxwhoksfom7q.crx3
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
5944
MoUsoCoreWorker.exe
51.124.78.146:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
1268
svchost.exe
51.124.78.146:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
3788
RUXIMICS.exe
51.124.78.146:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
4
System
192.168.100.255:138
whitelisted
5924
msedge.exe
13.107.42.16:443
config.edge.skype.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
5924
msedge.exe
151.101.1.91:443
microsoft-paint-3d.en.softonic.com
FASTLY
US
whitelisted
5924
msedge.exe
150.171.28.11:80
edge.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
5924
msedge.exe
2.23.227.199:443
copilot.microsoft.com
Ooredoo Q.S.C.
QA
whitelisted
5924
msedge.exe
150.171.27.11:443
edge.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 51.124.78.146
  • 51.104.136.2
whitelisted
google.com
  • 142.250.185.110
whitelisted
edge.microsoft.com
  • 150.171.28.11
  • 150.171.27.11
whitelisted
config.edge.skype.com
  • 13.107.42.16
whitelisted
microsoft-paint-3d.en.softonic.com
  • 151.101.1.91
  • 151.101.129.91
  • 151.101.193.91
  • 151.101.65.91
whitelisted
copilot.microsoft.com
  • 2.23.227.199
  • 2.23.227.211
whitelisted
sdk.privacy-center.org
  • 3.161.82.55
  • 3.161.82.43
  • 3.161.82.94
  • 3.161.82.117
whitelisted
rv-assets.softonic.com
  • 151.101.129.91
  • 151.101.193.91
  • 151.101.65.91
  • 151.101.1.91
whitelisted
www.bing.com
  • 2.23.227.215
  • 2.23.227.208
  • 2.16.241.205
  • 2.16.241.218
  • 2.16.241.207
whitelisted
www.googletagmanager.com
  • 142.250.184.232
whitelisted

Threats

PID
Process
Class
Message
5924
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com)
5924
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com)
5924
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com)
5924
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com)
5924
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com)
5924
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com)
8244
AVGBrowserUpdate.exe
Potential Corporate Privacy Violation
ET INFO PE EXE or DLL Windows file download HTTP
5924
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Cloudflare Network Error Logging (NEL)
5924
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Cloudflare Network Error Logging (NEL)
2792
AVGBrowser.exe
Generic Protocol Command Decode
SURICATA QUIC failed decrypt
Process
Message
AVGBrowserInstaller.exe
2025-06-23T15:53:43 [installer] {00002134:00002138} <2:Info> (4bbd888238eee7c1\src\jinx\Logging.cpp:169) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
AVGBrowserInstaller.exe
2025-06-23T15:53:43 [installer] {00002134:00002138} <2:Info> (4bbd888238eee7c1\src\jinx\Logging.cpp:167) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
AVGBrowserInstaller.exe
2025-06-23T15:53:43 [installer] {00002134:00002138} <2:Info> (4bbd888238eee7c1\src\jinx\Logging.cpp:168) Jinx logging started
AVGBrowserInstaller.exe
2025-06-23T15:53:43 [installer] {00002134:00002138} <2:Info> (4bbd888238eee7c1\src\jinx\Logging.cpp:171) build date: May 12 2025 build number: 1677 build time: 11:01:46 build timestamp: May 12 2025 11:01:46 company: Gen Digital Inc. copyright: (C) 2017-2025 Gen Digital Inc. description: Secure Browser Installer file name: AVGBrowserInstaller.exe file version: 9.1.0.1677 git commit: 8544c67a02049729b6b1157ba0eacf01b83f2405 internal name: jinx-installer product name: Secure Browser Installer product version: 9.1.0.1677 target system: windows
AVGBrowserInstaller.exe
2025-06-23T15:53:43 [installer] {00002134:00002138} <2:Info> (4bbd888238eee7c1\src\jinx\Logging.cpp:181) Operating system: Windows Enterprise x64 10.0.19045.4046 SP0
AVGBrowserInstaller.exe
2025-06-23T15:53:43 [installer] {00002134:00002138} <2:Info> (4bbd888238eee7c1\src\jinx\Logging.cpp:184) Process is not elevated.
AVGBrowserInstaller.exe
2025-06-23T15:53:43 [installer] {00002134:00002138} <2:Info> (4bbd888238eee7c1\src\jinx\Logging.cpp:106) Command line: "C:\Users\admin\AppData\Local\Temp\nszC02.tmp\AVGBrowserInstaller.exe" "C:\Users\admin\Downloads\avg_secure_browser_setup.exe" User dotfile was used: false Global dotfile was used: false Execution arguments:
AVGBrowserInstaller.exe
2025-06-23T15:53:43 [installer] {00002134:00002138} <2:Info> (4bbd888238eee7c1\src\jinx\Logging.cpp:190) Process owner: DESKTOP-JGLLJLD\admin (logon=true, admin=true)
AVGBrowserInstaller.exe
2025-06-23T15:53:43 [installer] {00002134:00002138} <1:Debug> (4bbd888238eee7c1\src\jinx\VmDetect.cpp:203) Starting VM Detection system
AVGBrowserInstaller.exe
2025-06-23T15:53:43 [installer] {00002134:00002138} <1:Debug> (4bbd888238eee7c1\src\jinx\TagData.cpp:457) TagData: Extracting from "C:\Users\admin\Downloads\avg_secure_browser_setup.exe" using start marker '<##TAGDATA##>' and end marker '</##TAGDATA##>'
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
https://microsoft-paint-3d.en.softonic.com/