ioc[.]one - OSINT Cyber Threat Intelligence Database

XMRig Miner - Virus, Trojan, Spyware, and Malware Removal Help

Tags

country:	Germany Norway United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Model Active Setup - T1547.014 Control Panel - T1218.002 Dns - T1071.004 Dns - T1590.002 Hardware - T1592.001 Malware - T1587.001 Malware - T1588.001 Rundll32 - T1218.011 Server - T1583.004 Server - T1584.004 Sharepoint - T1213.002 Software - T1592.002 Tool - T1588.002 Rundll32 - T1085

Show in Graph

Common Information

Type	Value
UUID	50278ac1-6b3f-4780-af42-eb7e5b2e5237
Fingerprint	3f5c3b2afe82afe3
Analysis status	DONE
Considered CTI value	0
Text language
Published	May 24, 2023, 9:19 a.m.
Added to db	May 25, 2023, 2:35 a.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	XMRig Miner
Title	XMRig Miner - Virus, Trojan, Spyware, and Malware Removal Help
Detected Hints/Tags/Attributes	102/3/373

Source URLs

	Redirection	Url
Details	Source	https://www.bleepingcomputer.com/forums/t/785717/xmrig-miner/

URL Provider

Details	Provider	Source level domain
Details	bleepingcomputer.com	www.bleepingcomputer.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	163	✔	—	https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	7	dell.dcf.ua
Details	Domain	3	dell.techhub.analytics
Details	Domain	285	microsoft.net
Details	Domain	2	aternos.org
Details	Domain	9	meet.google.com
Details	Domain	2	skribbl.io
Details	Domain	1	chessvision.ai
Details	Domain	454	www.google.com
Details	Domain	37	java.com
Details	Domain	368	microsoft.com
Details	Domain	1	clients24.google.com
Details	Domain	1	anticheatexpert.com
Details	Domain	87	regid.1991-06.com.microsoft
Details	Domain	1	salwyrr.properties
Details	Domain	51	battle.net
Details	Domain	2	robot-soft.com
Details	Domain	1	tetr.io
Details	Domain	1	mc-launcher.com
Details	Domain	8	valorant.live
Details	Domain	24	microsoft.windows.photos
Details	Domain	50	microsoft.photos
Details	Domain	1	spoutcam64.ax
Details	Domain	5	nhibernate.info
Details	Domain	79	www.openssl.org
Details	File	1	xr.exe
Details	File	1	c:\users\andrew tan\downloads\frst64.exe
Details	File	99	steam.exe
Details	File	32	steamwebhelper.exe
Details	File	7	subagent.exe
Details	File	3	userprocess.exe
Details	File	6	techhub.exe
Details	File	6	techhub.dat
Details	File	52	c:\program files\google\chrome\application\chrome.exe
Details	File	1	c:\users\andrew tan\appdata\roaming\zoom\bin\zoom.exe
Details	File	27	c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe
Details	File	127	c:\windows\system32\rundll32.exe
Details	File	14	c:\program files\nvidia corporation\nvidia geforce experience\nvidia share.exe
Details	File	13	c:\program files\nvidia corporation\shadowplay\nvsphelper64.exe
Details	File	2	c:\program files\rivet networks\smartbyte\rapsservice.exe
Details	File	2	c:\program files\rivet networks\smartbyte\raps.exe
Details	File	198	msmpeng.exe
Details	File	97	mpcmdrun.exe
Details	File	1	c:\users\andrew tan\appdata\local\programs\opera\opera.exe
Details	File	8	opera_crashreporter.exe
Details	File	1	c:\users\andrew tan\appdata\roaming\microsoft\windows\start menu\programs\startup\xuservice.exe
Details	File	1	c:\users\andrew tan\appdata\local\temp\runtimeservice.exe
Details	File	1	c:\users\andrew tan\appdata\roaming\zoom\bin\cpthost.exe
Details	File	35	discord.exe
Details	File	2	dptf_cpu.inf
Details	File	20	esif_uf.exe
Details	File	15	c:\windows\system32\driverstore\filerepository\dptf_cpu.inf
Details	File	2	dptf_helper.exe
Details	File	1260	explorer.exe
Details	File	9	igcctray.exe
Details	File	128	msedge.exe
Details	File	17	c:\windows\system32\taskmgr.exe
Details	File	47	c:\program files\mozilla firefox\firefox.exe
Details	File	1	c:\users\andrew tan\appdata\roaming\spotify\spotify.exe
Details	File	1	c:\windows\system32\driverstore\filerepository\wavesapo9de.inf
Details	File	8	wavessvc64.exe
Details	File	35	googlecrashhandler.exe
Details	File	33	googlecrashhandler64.exe
Details	File	8	c:\windows\system32\musnotifyicon.exe
Details	File	674	node.js
Details	File	31	helper.exe
Details	File	306	services.exe
Details	File	4	winsvc.exe
Details	File	5	serviceshell.exe
Details	File	2	c:\program files\dell\saremediation\agent\dellsupportassistremedationservice.exe
Details	File	5	c:\program files\dell\supportassistagent\bin\supportassistagent.exe
Details	File	5	c:\program files\dell\delldatavault\ddvcollectorsvcapi.exe
Details	File	5	c:\program files\dell\delldatavault\ddvdatacollector.exe
Details	File	5	c:\program files\dell\delldatavault\ddvrulesprocessor.exe
Details	File	1	macmdnsresponder.exe
Details	File	23	c:\windows\system32\driverstore\filerepository\cui_dch.inf
Details	File	19	igfxcuiservice.exe
Details	File	18	c:\windows\system32\driverstore\filerepository\igcc_dch.inf
Details	File	19	winservice.exe
Details	File	20	c:\windows\system32\driverstore\filerepository\iigd_dch.inf
Details	File	27	intelcphdcpsvc.exe
Details	File	18	intelcphecisvc.exe
Details	File	22	c:\windows\system32\driverstore\filerepository\mewmiprov.inf
Details	File	23	wmiregistrationservice.exe
Details	File	9	c:\windows\tbtp2pshortcutservice.exe
Details	File	4	c:\windows\thunderboltservice.exe
Details	File	33	c:\windows\system32\driverstore\filerepository\dal.inf
Details	File	41	jhi_service.exe
Details	File	17	c:\windows\system32\driverstore\filerepository\lms.inf
Details	File	26	lms.exe
Details	File	8	c:\windows\system32\driverstore\filerepository\iastorac.inf
Details	File	19	rstmwservice.exe
Details	File	15	gameinputsvc.exe
Details	File	29	c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe
Details	File	27	presentationfontcache.exe
Details	File	1	c:\windows\system32\drivers\sessionservice.exe
Details	File	87	nissrv.exe
Details	File	1	c:\windows\system32\driverstore\filerepository\nvdm.inf
Details	File	44	container.exe
Details	File	57	mysqld.exe
Details	File	35	c:\windows\system32\driverstore\filerepository\realtekservice.inf
Details	File	35	rtkauduservice64.exe
Details	File	2	c:\program files\rivet networks\smartbyte\smartbyteanalyticsservice.exe
Details	File	2	c:\program files\rivet networks\smartbyte\smartbytenetworkservice.exe
Details	File	2	c:\windows\system32\cavs\ias\intelaudioservice.exe
Details	File	7	c:\program files\teamviewer\teamviewer_service.exe
Details	File	16	steamservice.exe
Details	File	17	everything.exe
Details	File	7	wavessyssvc64.exe
Details	File	3	zam.exe
Details	File	1122	svchost.exe
Details	File	7	igcc.exe
Details	File	4	time.exe
Details	File	17	c:\program files\microsoft office\root\office16\sdxhelper.exe
Details	File	10	calculatorapp.exe
Details	File	13	gamebar.exe
Details	File	9	gamebarftserver.exe
Details	File	49	c:\windows\immersivecontrolpanel\systemsettings.exe
Details	File	85	c:\windows\system32\dllhost.exe
Details	File	4	c:\windows\system32\inputmethod\chs\chsime.exe
Details	File	35	c:\windows\system32\wlanext.exe
Details	File	14	c:\windows\syswow64\dllhost.exe
Details	File	2	c:\program files\rivet networks\smartbyte\smartbytetelemetry.exe
Details	File	4	c:\program files\highresolution enterprises\x-mouse button control\xmousebuttoncontrol.exe
Details	File	5	c:\program files\riot vanguard\vgtray.exe
Details	File	29	jusched.exe
Details	File	11	epicgameslauncher.exe
Details	File	1	c:\users\andrew tan\appdata\local\discord\update.exe
Details	File	6	overwolflauncher.exe
Details	File	5	c:\program files\voicemod desktop\voicemoddesktop.exe
Details	File	1	c:\users\andrew tan\appdata\local\audiotekservice.exe
Details	File	1	c:\users\andrew tan\appdata\local\medal\update.exe
Details	File	1	c:\users\andrew tan\appdata\local\discordcanary\update.exe
Details	File	1	c:\users\andrew tan\appdata\local\programs\opera\assistant\browser_assistant.exe
Details	File	61	chrmstp.exe
Details	File	1	mysqlsystemtraymonitor.exe
Details	File	1	c:\users\andrew tan\appdata\roaming\microsoft\windows\start menu\programs\startup\nisservice.exe
Details	File	1	c:\users\andrew tan\appdata\roaming\microsoft\windows\start menu\programs\startup\obebroker.exe
Details	File	1	c:\users\andrew tan\appdata\roaming\twitch\bin\twitch.exe
Details	File	1	c:\users\andrew tan\appdata\roaming\videopad framework\vpadtool.exe
Details	File	16	c:\program files\microsoft office\root\vfs\programfilescommonx64\microsoft shared\office16\operfmon.exe
Details	File	20	c:\programdata\nvidia\nvcontainerdriverupdatecheck.log
Details	File	5	c:\programdata\nvidia\nvcontainerbatteryboostcheck.log
Details	File	105	googleupdate.exe
Details	File	18	c:\program files\nvidia corporation\nvbackend\nvtmrep.exe
Details	File	19	c:\program files\nvidia corporation\update core\nvprofileupdater64.exe
Details	File	1	c:\users\andrew tan\appdata\local\programs\opera\launcher.exe
Details	File	19	nvnodejslauncher.exe
Details	File	4	c:\program files\dell\supportassistagent\bin\frameworkagents\supportassistinstaller.exe
Details	File	29	c:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe
Details	File	19	c:\program files\nvidia corporation\nvidia geforce experience\nvidia geforce experience.exe
Details	File	1	mysqlinstallerconsole.exe
Details	File	38	c:\program files\mozilla firefox\default-browser-agent.exe
Details	File	10	overwolfupdater.exe
Details	File	8	c:\program files\bluestacks_nxt\bluestackshelper.exe
Details	File	99	c:\windows\explorer.exe
Details	File	1	chessvision.ai
Details	File	15	npdeployjava1.dll
Details	File	15	npjp2.dll
Details	File	18	c:\program files\microsoft office\root\office16\npspwrap.dll
Details	File	17	c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\npspwrap.dll
Details	File	11	beservice.exe
Details	File	1	c:\program files\dell\commandpowermanager\notifyservice.exe
Details	File	18	easyanticheat.exe
Details	File	16	epiconlineserviceshost.exe
Details	File	2	licensing.exe
Details	File	2	c:\program files\rivet networks\smartbyte\rndbwmservice.exe
Details	File	6	c:\program files\oracle\virtualbox\vboxsds.exe
Details	File	5	c:\program files\riot vanguard\vgc.exe
Details	File	30	containerlocalsystem.log
Details	File	1	c:\windows\system32\drivers\ace-base.sys
Details	File	7	c:\program files\bluestacks_nxt\bstkdrv_nxt.sys
Details	File	26	c:\windows\system32\drivers\btha2dp.sys
Details	File	22	c:\windows\system32\drivers\bthhfenum.sys
Details	File	5	c:\windows\system32\drivers\dddriver64dcsa.sys
Details	File	6	c:\windows\system32\drivers\dellinstrumentation.sys
Details	File	1	c:\windows\system32\hoyokprotect.sys
Details	File	39	mpksldrv.sys
Details	File	5	c:\windows\system32\drivers\scpvbus.sys
Details	File	2	c:\windows\system32\drivers\smbco10x64.sys
Details	File	1	c:\windows\system32\unifairy.sys
Details	File	6	c:\windows\system32\drivers\vboxnetadp6.sys
Details	File	7	c:\windows\system32\drivers\vboxnetlwf.sys
Details	File	5	c:\program files\riot vanguard\vgk.sys
Details	File	2	c:\windows\system32\drivers\mvvad.sys
Details	File	70	c:\windows\system32\drivers\wd\wdboot.sys
Details	File	70	c:\windows\system32\drivers\wd\wdfilter.sys
Details	File	70	c:\windows\system32\drivers\wd\wdnisdrv.sys
Details	File	1	c:\windows\system32\drivers\zam64.sys
Details	File	1	c:\windows\system32\drivers\zamguard64.sys
Details	File	1	c:\users\andrew tan\downloads\frst-olderversion 2023-05-20 16:03 - 2023-05-20 16:03 - 000000000 ____d c:\programdata\plug 2023-05-17 10:41 - 2023-05-17 10:41 - 004348082 _____ c:\users\andrew tan\downloads\sakayanji.mp4
Details	File	1	c:\users\andrew tan\appdata\roaming\discordcanary 2023-05-03 16:07 - 2023-05-24 14:52 - 000000000 ____d c:\users\andrew tan\appdata\local\discordcanary 2023-05-02 18:49 - 2023-05-03 13:37 - 000000139 _____ c:\users\andrew tan\downloads\tinytask.ini
Details	File	1	c:\users\andrew tan\downloads\tinytask.exe
Details	File	1	c:\users\andrew tan\appdata\locallow\cognosphere 2023-05-01 20:49 - 2023-05-04 11:14 - 000000000 ____d c:\program files\star rail 2023-05-01 20:49 - 2023-05-01 20:50 - 000000000 ____d c:\programdata\microsoft\windows\start menu\programs\star rail 2023-04-28 10:21 - 2023-04-28 10:21 - 000014316 _____ c:\users\andrew tan\downloads\fixlog.txt
Details	File	1	c:\users\andrew tan\downloads\frst.txt
Details	File	31	c:\windows\system32\perfstringbackup.ini
Details	File	1	c:\windows\inf 2023-05-24 14:55 - 2022-02-09 14:02 - 000000000 ____d c:\programdata\mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-05-24 14:54 - 2021-08-18 18:14 - 000000001 _____ c:\windows\vgkbootstatus.dat
Details	File	1	c:\programdata\nvidia 2023-05-24 14:53 - 2021-05-03 15:28 - 000000000 ____d c:\users\andrew tan\appdata\local\crashdumps 2023-05-24 14:52 - 2021-06-16 16:42 - 000000000 ____d c:\program files\teamviewer 2023-05-24 14:52 - 2021-04-28 19:05 - 000000000 ____d c:\users\andrew tan 2023-05-24 14:51 - 2021-12-19 11:18 - 000000000 ____d c:\programdata\goodix 2023-05-24 14:51 - 2021-04-15 21:14 - 000000000 ____d c:\intel 2023-05-24 14:51 - 2021-03-16 14:39 - 000008192 ___sh c:\dumpstack.log
Details	File	40	c:\windows\tasks\sa.dat
Details	File	1	c:\windows\servicestate 2023-05-24 14:17 - 2023-03-06 14:50 - 000000000 ____d c:\temp 2023-05-24 08:26 - 2021-10-01 14:14 - 000000000 ____d c:\users\andrew tan\appdata\roaming\microsoft\windows\start menu\programs\roblox 2023-05-24 08:26 - 2021-05-20 10:12 - 000000256 _____ c:\users\andrew tan\appdata\locallow\rbxcsettings.rb
Details	File	1	c:\program files\windowsapps 2023-05-23 19:12 - 2019-12-07 17:14 - 000000000 ____d c:\windows\appreadiness 2023-05-23 17:14 - 2019-12-07 17:03 - 000786432 _____ c:\windows\system32\config\bbi 2023-05-22 08:33 - 2023-03-04 12:54 - 001311744 _____ c:\users\andrew tan\appdata\local\audioassembly.dll
Details	File	10	c:\windows\system32\xgameruntime.dll
Details	File	10	c:\windows\system32\gameplatformservices.dll
Details	File	8	c:\windows\system32\gamingservicesproxy.dll
Details	File	10	c:\windows\system32\gameconfighelper.dll
Details	File	10	c:\windows\system32\gamelaunchhelper.dll
Details	File	12	c:\windows\system32\gamingtcuihelpers.dll
Details	File	10	c:\windows\system32\xgamehelper.exe
Details	File	10	c:\windows\system32\xgamecontrol.exe
Details	File	1	c:\program files\microsoft update health tools 2023-05-11 12:36 - 2021-04-28 19:10 - 000000000 ____d c:\users\andrew tan\appdata\local\packages 2023-05-11 12:36 - 2019-12-07 17:14 - 000000000 ___rd c:\windows\immersivecontrolpanel 2023-05-11 08:50 - 2021-04-29 21:01 - 000000000 ____d c:\users\andrew tan\appdata\local\d3dscache 2023-05-11 08:47 - 2021-03-16 14:50 - 000003536 _____ c:\windows\system32\tasks\microsoftedgeupdatetaskmachineua 2023-05-11 08:47 - 2021-03-16 14:50 - 000003412 _____ c:\windows\system32\tasks\microsoftedgeupdatetaskmachinecore 2023-05-11 08:40 - 2021-03-16 14:39 - 005135160 _____ c:\windows\system32\fntcache.dat
Details	File	54	c:\windows\syswow64\printconfig.dll
Details	File	59	c:\windows\system32\mrt.exe
Details	File	1	c:\users\public\accountpictures 2023-05-03 17:44 - 2021-10-31 11:02 - 000000000 ____d c:\program files\dotnet 2023-05-03 16:08 - 2021-07-28 17:14 - 000000000 ____d c:\users\andrew tan\appdata\roaming\microsoft\windows\start menu\programs\discord inc 2023-05-03 16:08 - 2021-07-28 17:14 - 000000000 ____d c:\users\andrew tan\appdata\local\squirreltemp 2023-05-03 08:40 - 2021-03-16 14:39 - 000000000 ____d c:\windows\system32\drivers\wd 2023-05-01 20:50 - 2022-05-27 14:26 - 000000000 ____d c:\users\andrew tan\appdata\local\hoyoverse 2023-04-28 10:21 - 2021-04-15 21:22 - 000000000 ____d c:\windows\system32\tasks\mcafee 2023-04-28 10:17 - 2021-12-30 17:48 - 000000000 ____d c:\users\andrew tan\appdata\roaming\classin 2023-04-25 12:41 - 2021-11-24 17:53 - 000000000 ____d c:\program files\genshin impact 2023-04-24 10:51 - 2022-01-09 09:24 - 000060296 _____ c:\users\andrew tan\downloads\addition.txt
Details	File	1	c:\users\andrew tan\appdata\roaming\obs-virtualcam.txt
Details	File	1	properties.backup
Details	File	1	c:\users\andrew tan\appdata\local\audioassembly.dll
Details	File	1	c:\users\andrew tan\appdata\local\partner.bmp
Details	File	86	frst.txt
Details	File	70	onedrivesetup.exe
Details	File	34	win.rar
Details	File	18	c:\program files\windowsapps\microsoft.mpeg
Details	File	4	c:\program files\windowsapps\wavesaudio.max
Details	File	6	c:\windows\system32\driverstore\filerepository\iastorpinningcomponent.inf
Details	File	6	optaneshellext.dll
Details	File	1	zamshellext64.dll
Details	File	19	c:\program files\winrar\rarext.dll
Details	File	19	c:\program files\winrar\rarext32.dll
Details	File	29	nvshext.dll
Details	File	19	libegl.dll
Details	File	21	libglesv2.dll
Details	File	1	component_reference_cache.dll
Details	File	1	libprotobuf-lite.dll
Details	File	15	c:\program files\common files\microsoft shared\clicktorun\appvisvsubsystems64.dll
Details	File	15	c:\program files\microsoft office\root\office16\appvisvsubsystems64.dll
Details	File	15	c:\program files\common files\microsoft shared\clicktorun\c2r64.dll
Details	File	15	c:\program files\microsoft office\root\office16\c2r64.dll
Details	File	3	collections.dll
Details	File	3	nhibernate.inf
Details	File	3	c:\program files\dell\supportassistagent\bin\fluentnhibernate.dll
Details	File	25	interop.dll
Details	File	7	linq.dll
Details	File	3	eagerfetching.dll
Details	File	3	c:\program files\dell\supportassistagent\bin\stateless.dll
Details	File	3	c:\program files\dell\supportassistagent\bin\log4net.dll
Details	File	7	libcrypto-1_1-x64.dll
Details	File	5	libssl-1_1-x64.dll
Details	File	13	runtime.dll
Details	File	16	ssv.dll
Details	File	15	jp2ssv.dll
Details	File	20	c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\ochelper.dll
Details	File	20	c:\program files\microsoft office\root\office16\msosb.dll
Details	File	20	c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\msosb.dll
Details	File	2	c:\windows\web\wallpaper\theme1\img1.jpg
Details	File	1	thehiddenroom.exe
Details	File	11	game.exe
Details	File	1	c:\users\andrew tan\appdata\roaming\zoom\bin\airhost.exe
Details	File	1	bh3.exe
Details	File	2	prprlive.exe
Details	File	44	javaw.exe
Details	File	6	epicwebhelper.exe
Details	File	1	c:\program files\genshin impact\genshin impact game\genshinimpact_data\plugins\zfgamebrowser.exe
Details	File	4	c:\riot games\riot client\riotclientservices.exe
Details	File	17	c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe
Details	File	1	medal.exe
Details	File	1	helltaker.exe
Details	File	87	java.exe
Details	File	1	c:\program files\star rail\games\starrail.exe
Details	File	22	c:\program files\microsoft office\root\office16\outlook.exe
Details	File	87	skype.exe
Details	File	76	msedgewebview2.exe
Details	File	9	overwolfbrowser.exe
Details	File	1	audiotekservice.exe
Details	File	1	audioassembly.dll
Details	File	82	kernelbase.dll
Details	File	20	c:\windows\system32\kernelbase.dll
Details	File	5	iigd_dch.inf
Details	File	9	igd10iumd64.dll
Details	File	17	msoxmlmf.dll
Details	File	91	addition.txt
Details	IPv4	4	1.3.36.242
Details	IPv4	142	192.168.0.1
Details	IPv4	295	8.8.8.8
Details	IPv4	63	8.8.4.4
Details	IPv4	1	172.4.1.172
Details	IPv4	1	5.0.64.0
Details	IPv4	2	3.14.0.91
Details	IPv4	109	1.0.0.0
Details	IPv4	1	1.2.17.0
Details	IPv4	5	2.0.36.0
Details	IPv4	1	2.25.2.0
Details	IPv4	59	1.0.0.1
Details	IPv4	2	2.1.7.8
Details	IPv4	1	2.74.0.150
Details	IPv4	12	3.72.0.0
Details	IPv4	1	1.4.36.0
Details	IPv4	1	1.4.25.0
Details	IPv4	1	1.4.37.0
Details	IPv4	3	3.23.0.74
Details	IPv4	2	0.223.0.33
Details	IPv4	1	1.18.4.0
Details	IPv4	1	2.24.2.0
Details	IPv4	34	2.10.91.91
Details	IPv4	6	8.92.0.0
Details	IPv4	1	2.37.0.0
Details	IPv4	1441	127.0.0.1
Details	IPv4	2	0.223.0.30
Details	IPv4	1	0.204.0.1
Details	IPv4	13	2.0.0.1
Details	IPv4	619	0.0.0.0
Details	Microsoft Patch Numbers	21	KB5001716
Details	Url	2	https://aternos.org
Details	Url	6	https://meet.google.com
Details	Url	60	https://www.google.com
Details	Url	1	https://clients24.google.com/service/update2/crx
Details	Url	5	https://www.google.com/complete/search?client=opera&q={searchterms}&ie={inputencoding}&oe={outputencoding}
Details	Url	12	https://www.openssl.org
Details	Url	1	https://go.microsoft.com/fwlink/?linkid=37020&name=pua:linux
Details	Windows Registry Key	68	HKLM\...\Run
Details	Windows Registry Key	50	HKLM-x32\...\Run
Details	Windows Registry Key	44	HKLM\SOFTWARE\Policies\Microsoft\Windows
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Run
Details	Windows Registry Key	59	HKLM\Software\Microsoft\Active
Details	Windows Registry Key	10	HKLM\SOFTWARE\Policies\Google
Details	Windows Registry Key	5	HKLM\...\AutoHotkey
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\AutoHotkey
Details	Windows Registry Key	2	HKLM\...\1de14785-dd8c-5cd2-aae8-d4a376f81d78
Details	Windows Registry Key	15	HKLM-x32\...\Battle.net
Details	Windows Registry Key	7	HKLM\...\BlueStacks_nxt
Details	Windows Registry Key	1	HKLM-x32\...\ClassIn
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj
Details	Windows Registry Key	77	HKLM-x32
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Discord
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\DiscordCanary
Details	Windows Registry Key	2	HKLM-x32\...\Everything
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Overwolf_cmogmmciplgmocnhikmphehmeecmpaggknkjlbag
Details	Windows Registry Key	2	HKLM\...\Genshin
Details	Windows Registry Key	55	HKLM-x32\...\Google
Details	Windows Registry Key	1	HKLM-x32\...\IdentityV
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\1fcec38f-e773-5444-8669-32b8eb41524b
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Medal
Details	Windows Registry Key	12	HKLM\...\O365HomePremRetail
Details	Windows Registry Key	68	HKLM-x32\...\Microsoft
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\OneDriveSetup.exe
Details	Windows Registry Key	41	HKLM\...\Mozilla
Details	Windows Registry Key	41	HKLM\...\MozillaMaintenanceService
Details	Windows Registry Key	17	HKLM-x32\...\OBS
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Opera
Details	Windows Registry Key	9	HKLM-x32\...\Overwolf
Details	Windows Registry Key	5	HKLM\...\Riot
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\roblox-player
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\roblox-studio
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\bad79d23-e888-5a7b-9e99-60ee89b6c8bf
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Spotify
Details	Windows Registry Key	1	HKLM\...\Star
Details	Windows Registry Key	34	HKLM-x32\...\Steam
Details	Windows Registry Key	1	HKLM-x32\...\StepMania
Details	Windows Registry Key	6	HKLM\...\TeamViewer
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\9a3dfa06-7288-5a53-9344-33af40bb4e08
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\a55a547b-6921-3d4a-8f5a-12275fdb4abc_is1
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Riot
Details	Windows Registry Key	30	HKLM\...\WinRAR
Details	Windows Registry Key	3	HKLM-x32\...\winscp3_is1
Details	Windows Registry Key	3	HKLM-x32\...\X-Mouse
Details	Windows Registry Key	1	HKLM-x32\...\7DFA4CC1-24E7-4181-B4F8-0CDB7C89DBE2
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\ZoomUMX
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001_Classes\CLSID
Details	Windows Registry Key	41	HKLM\System\CurrentControlSet\Control\Session
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\Control
Details	Windows Registry Key	98	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Details	Windows Registry Key	29	HKLM\...\StartupApproved\Run
Details	Windows Registry Key	30	HKLM\...\StartupApproved\Run32
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\StartupApproved\StartupFolder
Details	Windows Registry Key	1	HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\StartupApproved\Run