-------------------------------------------------------------------------------- Start time: 2022-12-23 07:42:11Z Process: 1ee8.1d916a211244bce Command: /stub 1.1.18500.10 /payload 1.381.929.0 /program C:\Windows\SERVIC~1\NETWOR~1\AppData\Local\Temp\mpam-5362cc29.exe /q WD Administrator: no Version: 1.1.18500.10 ================================ ProductSearch ================================= Microsoft Windows Defender (RS1+): Status: Active ProductGUID: 77BDAF73-B396-481F-9042-AD358843EC24 Engine: 5e09cde6608fd1b899c749346a2894bda95cfa3c5f0781962c2db762d2660a28 1.1.19800.4 AS base VDM: 6efc9f9b9c4f8543801319e4191366e49c0152560370c9ffafb86b859fc4b17f 1.379.0.0 AV base VDM: dff21eee3f3ce4f12100e3cdefd04f4deae1eb9cae9cf7ec7cf3c7df9b68ca06 1.379.0.0 AS delta VDM: 153e5801a6c2728ebde0b8aa3a71c3fcd6b9e7b7beafbc48ec2ab0f9d2dcaa52 1.379.1364.0 AV delta VDM: 8a70b225d0be0f6a7e023e02dbaaf30c706d6e934f07506a32d7048851a761ad 1.379.1364.0 NIS engine: NIS base VDM: NIS full VDM: Platform: d69949a02190739cb795174d61dc9832e5e37a7f14175223aafed7d5d3fc44bb 4.18.2211.5 =============================== PackageDiscovery =============================== Package files discovered: Directory: C:\Windows\SERVIC~1\NETWOR~1\AppData\Local\Temp\F3E7F691-F436-4E90-B55D-B52E4C09C6C0 1.1.19800.4_to_1.1.19900.2_mpengine.dll._p: f3df463c7b765b1a7d1626d0071f6988c33ad3372c46a082679e777d9f1e5c7c 1.379.0.0_to_1.381.0.0_mpasbase.vdm._p: 743e79fbee911b4244a73a93b024a81a4049abae0ebbf3c8af0ed2d61df1eb8f 1.379.0.0_to_1.381.0.0_mpavbase.vdm._p: aee07923a445659a20b8e5c97a9aa01cd0c1a7da4edbaff3dc42efb43c9c40f3 mpasdlta.vdm: d589853ef1dfc87e11a3dc23cd3f3925d927c0d66f5839ece05002bb7e489b8f 1.381.929.0 mpavdlta.vdm: 1e0b36cec6d8dc60787b5481360328860b21a5216be0e170e2bd3333b25a14cf 1.381.929.0 MpSigStub.exe: fa42b9b84754e2e8368e8929fa045be86dbd72678176ee75814d2a16d23e5c26 1.1.18500.10 AM BDE: Engine: 1.1.19900.2 AS base VDM: 1.381.0.0 AV base VDM: 1.381.0.0 AS delta VDM: 1.381.929.0 AV delta VDM: 1.381.929.0 =============================== PatchApplication =============================== Patched mpengine.dll to 1.1.19900.2 Patched mpasbase.vdm to 1.381.0.0 Patched mpavbase.vdm to 1.381.0.0 ==================================== Update ==================================== Product name: Microsoft Windows Defender (RS1+) Package files: Directory: C:\Windows\SERVIC~1\NETWOR~1\AppData\Local\Temp\F3E7F691-F436-4E90-B55D-B52E4C09C6C0 1.1.19800.4_to_1.1.19900.2_mpengine.dll._p: f3df463c7b765b1a7d1626d0071f6988c33ad3372c46a082679e777d9f1e5c7c 1.379.0.0_to_1.381.0.0_mpasbase.vdm._p: 743e79fbee911b4244a73a93b024a81a4049abae0ebbf3c8af0ed2d61df1eb8f 1.379.0.0_to_1.381.0.0_mpavbase.vdm._p: aee07923a445659a20b8e5c97a9aa01cd0c1a7da4edbaff3dc42efb43c9c40f3 mpasbase.vdm: d44393331ba9e414cb57b61abdb0ee717eedffb65890f99aed3b83cb0b337bea 1.381.0.0 mpasdlta.vdm: d589853ef1dfc87e11a3dc23cd3f3925d927c0d66f5839ece05002bb7e489b8f 1.381.929.0 mpavbase.vdm: 1672e33aa6a0923334ea3ec67250a2e21bb2c0dc2f76c2f3dbb8548f16d1d4bc 1.381.0.0 mpavdlta.vdm: 1e0b36cec6d8dc60787b5481360328860b21a5216be0e170e2bd3333b25a14cf 1.381.929.0 mpengine.dll: a61aa6cf95f38f0507fe41385096976a41aa506c70842524708620d3e6c068d6 1.1.19900.2 MpSigStub.exe: fa42b9b84754e2e8368e8929fa045be86dbd72678176ee75814d2a16d23e5c26 1.1.18500.10 SignatureLocation changed from C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{75615D4C-F11C-45E4-88B3-3815BE81E5F7} to C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D9FF3053-94B9-44D5-B0B4-B6D85DE49B2B} Signatures updated from C:\Windows\SERVIC~1\NETWOR~1\AppData\Local\Temp\F3E7F691-F436-4E90-B55D-B52E4C09C6C0 ================================ ValidateUpdate ================================ MpSigStub successfully updated Microsoft Windows Defender (RS1+) using the AM BDE package. Original: Updated to: Engine: 1.1.19800.4 1.1.19900.2 AS base VDM: 1.379.0.0 1.381.0.0 AV base VDM: 1.379.0.0 1.381.0.0 AS delta VDM: 1.379.1364.0 1.381.929.0 AV delta VDM: 1.379.1364.0 1.381.929.0 End time: 2022-12-23 07:43:00Z --------------------------------------------------------------------------------