- MICROSOFT VIRTUAL MINIPORT ADAPTER + VULNERABILITY DRIVER
- MICROSOFT VIRTUAL MINIPORT ADAPTER + VULNERABILITY WINDOWS 10
WpdUpFltr, WPD Upper Class Filter Driver, Driver, Stopped, Demand start, Ws2ifsl, Winsock IFS Driver, Driver, Stopped, Disabled,
MICROSOFT VIRTUAL MINIPORT ADAPTER + VULNERABILITY DRIVER
WudfPf, User Mode Driver Frameworks Platform Driver, Driver, Running, Demand start, WUDFRd, WUDFRd, Driver, Stopped, Demand start, WUDFWpdFs, WUDFWpdFs, Driver, Stopped, Demand start,ĪmdK8, AMD K8 Processor Driver, Driver, Stopped, Demand start,ĪmdPPM, AMD Processor Driver, Driver, Stopped, Demand start,Īmdsata, amdsata, Driver, Stopped, Demand start,Īmdsbs, amdsbs, Driver, Stopped, Demand start,Īmdxata, amdxata, Driver, Stopped, Demand start,ĪppID, AppID Driver, Driver, Stopped, Demand start, Xboxgip, Xbox Game Input Protocol Driver, Driver, Stopped, Demand start,
MICROSOFT VIRTUAL MINIPORT ADAPTER + VULNERABILITY WINDOWS 10
This is how log looks on clean 14361 Windows 10 install.Ĩ:54:37.4893961 AM services.exe 556 RegOpenKey HKLM\System\CurrentControlSet\Services\VBoxDrv REPARSE Desired Access: ReadĨ:8:54:37.4894126 AM services.exe 556 RegOpenKey HKLM\System\CurrentControlSet\Services\VBoxDrv SUCCESS Desired Access: ReadĨ:54:37.4894266 AM services.exe 556 RegQueryValue HKLM\System\CurrentControlSet\Services\VBoxDrv\ObjectName NAME NOT FOUND Length: 80Ĩ:8:54:37.4894359 AM services.exe 556 RegQueryValue HKLM\System\CurrentControlSet\Services\VBoxDrv\Type SUCCESS Type: REG_DWORD, Length: 4, Data: 1Ĩ:8:54:37.4894450 AM services.exe 556 RegQueryKey HKLM\System\CurrentControlSet\Services\VBoxDrv SUCCESS Query: Basic, Name: VBoxDrvĨ:8:54:37.4894577 AM services.exe 556 RegCloseKey HKLM\System\CurrentControlSet\Services\VBoxDrv SUCCESSĨ:8:54:37.4966187 AM services.exe 556 RegOpenKey HKLM\System\CurrentControlSet\Services\VBoxDrv SUCCESS Desired Access: WriteĨ:8:54:37.4966451 AM services.exe 556 RegSetValue HKLM\System\CurrentControlSet\Services\VBoxDrv\DeleteFlag SUCCESS Type: REG_DWORD, Length: 4, Data: 1Ĩ:8:54:37.4966837 AM services.exe 556 RegSetValue HKLM\System\CurrentControlSet\Services\VBoxDrv\Start SUCCESS Type: REG_DWORD, Length: 4, Data: 4Ĩ:8:54:37.4967145 AM services.exe 556 RegQueryKey HKLM\System\CurrentControlSet\Services\VBoxDrv SUCCESS Query: HandleTags, HandleTags: 0x0Ĩ:54:37.4967253 AM services.exe 556 RegOpenKey HKLM\System\CurrentControlSet\Services\VBoxDrv\StartOverride NAME NOT FOUND Desired Access: Maximum AllowedĨ:8:54:37.4967508 AM services.exe 556 RegCloseKey HKLM\System\CurrentControlSet\Services\VBoxDrv SUCCESSĨ:8:54:37.4968336 AM services.exe 556 RegOpenKey HKLM\System\CurrentControlSet\Services REPARSE Desired Access: Read, DeleteĨ:54:37.4968469 AM services.exe 556 RegOpenKey HKLM\System\CurrentControlSet\Services SUCCESS Desired Access: Read, DeleteĨ:54:37.4968588 AM services.exe 556 RegOpenKey HKLM\System\CurrentControlSet\Services\VBoxDrv SUCCESS Desired Access: Read, DeleteĨ:8:54:37.4968678 AM services.exe 556 RegQueryKey HKLM\System\CurrentControlSet\Services\VBoxDrv SUCCESS Query: Full, SubKeys: 0, Values: 6Ĩ:8:54:37.4968771 AM services.exe 556 RegCloseKey HKLM\System\CurrentControlSet\Services\VBoxDrv SUCCESSĨ:8:54:37.4968836 AM services.exe 556 RegOpenKey HKLM\System\CurrentControlSet\Services\VBoxDrv SUCCESS Desired Access: Read, DeleteĨ:8:54:37.4968923 AM services.exe 556 RegDeleteKey HKLM\System\CurrentControlSet\Services\VBoxDrv SUCCESSġ394ohci, 1394 OHCI Compliant Host Controller, Driver, Stopped, Demand start,ģware, 3ware, Driver, Stopped, Demand start,ĪCPI, Microsoft ACPI Driver, Driver, Running, Boot start,Īcpiex, Microsoft ACPIEx Driver, Driver, Running, Boot start,Īcpipagr, ACPI Processor Aggregator Driver, Driver, Stopped, Demand start,ĪcpiPmi, ACPI Power Meter Driver, Driver, Stopped, Demand start,Īcpitime, ACPI Wake Alarm Driver, Driver, Stopped, Demand start,ĪDP80XX, ADP80XX, Driver, Stopped, Demand start,ĪFD, Ancillary Function Driver for Winsock, Driver, Running, System start,Īgp440, Intel AGP Bus Filter, Driver, Stopped, Demand start,Īhcache, Application Compatibility Cache, Driver, Running, System start, It is not necessarily maybe AV but also (since this loader used by various game hacks) game anticheat/whatever countermeasure. You can try manually export this registry data, however I don't know if it will work. Something prevented SCM from creating this key. 11:21:53,5302778 services.exe 696 RegOpenKey HKLM\System\CurrentControlSet\Services\VBoxDrv NAME NOT FOUND Desired Access: Readġ1:21:53,5302954 services.exe 696 RegOpenKey HKLM\System\CurrentControlSet\Services\VBoxDrv NAME NOT FOUND Desired Access: Readġ1:21:53,5303041 services.exe 696 RegOpenKey HKLM\System\CurrentControlSet\Services\VBoxDrv NAME NOT FOUND Desired Access: Readġ1:21:53,5303178 services.exe 696 RegOpenKey HKLM\System\CurrentControlSet\Services\VBoxDrv NAME NOT FOUND Desired Access: Read