EFI SMM Rootkit Device Handle List

LoadedImage DxeCore
5CB5C776-
Decompress
FirmwareVolume2 -B9A42172CE53
FirmwareVolume2 -EC40C23C5916
FirmwareVolume2 -DC1671C10F36
FirmwareVolume2 -E48809A7ACE3
FirmwareVolume2 -2A4FF6CA6FE5
EE4E5898-
LoadedImage StatusCodeDxe
36232936-
SmartCardReader RscHandler
LoadedImage PcdDxe
GetPcdInfo GetPcdInfoProtocol Pcd Pcd
LoadedImage CpuIo2Dxe
CpuIo2
LoadedImage FlashDriver
755B6596-
LoadedImage NvramDxe
VariableWriteArch VariableArch
MonotonicCounterArch
LoadedImage CrbDxe
LoadedImage FastBootRuntime
LoadedImage DxeBoardConfigInit
LoadedImage WdtDxe
LoadedImage CmosDxe
9851740C-
LoadedImage RomLayoutDxe
HiiPackageList LoadedImage Bds
BdsArch
LoadedImage DataHubDxe
AE80D021-
LoadedImage DevicePathDxe
DevicePathFromText DevicePathToText DevicePathUtilities
DebugSupport EBCInterpreter LoadedImage EbcDxe
LoadedImage HiiDatabase
HIIImage ConfigKeywordHandler HIIConfigRouting HIIDatabase HIIString HIIFont
LoadedImage SecurityStubDxe
SecurityArch Security2Arch
LoadedImage TimestampDxe
Timestamp
LoadedImage CpuDxe
LoadedImage CpuIoDxe
B0732526-
LoadedImage AmiCpuFeaturesDxe
LoadedImage AmiPciPlatform
PciPlatform
DebugPort LoadedImage GopDebugDxe
LoadedImage WdtAppDxe
LoadedImage PlatformInfoDxe
LoadedImage PolicyInitDxe
LoadedImage AmiSyncSetupData
LoadedImage CpuInitDxe
E223CF65-
LoadedImage SmmAccess
SmmAccess2
LoadedImage LegacyInterrupt
31CE593d-
LoadedImage PchSmbusDxe
SmbusHc
LoadedImage FspWrapperNotifyDxe
LoadedImage Aint31
LoadedImage Acoustic
10E9D800-
LoadedImage S3SaveStateDxe
S3SaveState
LoadedImage SioDxeInit
9D36F7EF-
LoadedImage IdeBusBoard
LoadedImage PciDxeInit
EC63428D-
LoadedImage RdspPlus
ComponentName2 DriverBinding LoadedImage Uhcd
2AD8E2D2-
ComponentName2 DriverBinding
ComponentName2 DriverBinding
LoadedImage DpcDxe
480F8AE9-
LoadedImage AmiBoardInfo2
4FC0733F-
LoadedImage FanDxe
LoadedImage HddSecurity
CE6F86BB-
LoadedImage EsrtDxe
A340C064-
LoadedImage OpalSecurity
59AF16B0-
LoadedImage RngDxe
Rng
LoadedImage AmiRedFishApi
B5E7C7AF-
LoadedImage AmiDeviceGuardApi
DAEEAFC8-
LoadedImage TpmSmbiosDxe
LoadedImage TpmNvmeSupport
LoadedImage TcgStorageSecurity
734AA01D-
LoadedImage UpdateDriverProtocol
LoadedImage CpuDxe
CpuArch
MpService
LoadedImage DxeSignBiosAuthenticate
24400798-
LoadedImage EventLog
DAED23EC-
LoadedImage IntelVBios2
HIIFormBrowser2
49374A18-
HIIFormBrowser2
1F73B18D-
348C4D62-
BEBF428C-
LoadedImage FsDxe
LoadedImage DnsrDxe
ComponentName2 DriverBinding LoadedImage NTFS
LoadedImage CapsuleRuntimeDxe
CapsuleArch
LoadedImage RuntimeDxe
RuntimeArch
MetronomeArch LoadedImage SbRun
RealTimeClockArch
SmmControl2 LoadedImage SmmControl
LoadedImage MePlatformReset
ResetArch
LoadedImage CryptoDXE
ComponentName2 DriverBinding LoadedImage NTFS
DriverBinding LoadedImage MouseDriver
LoadedImage StdDefaultsUpdate
LoadedImage Achi
83: CompnentName2 DriverBinding
LoadedImage HttpUtilitiesDxe
HttpUtilities
LoadedImage Nvme
ComponentName2 DriverBinding
LoadedImage SecureBootDXE
LoadedImage TcgPlatformSetupPolicy
LoadedImage ITK50
LoadedImage CISDWdtDxe
LoadedImage OCDxe
LoadedImage OemGop
LoadedImage NbDxe
LoadedImage AmiTxtDxe
LoadedImage HstiIhvDxe
LoadedImage TxtDxe
LoadedImage PciHostBridgeDxe
PciHostBridgeResourceAllocation
PCIRootBridgeIO DevicePath(PciRoot(0x0))
LoadedImage AmiUpdateCspResources
27CFAC87-
LoadedImage PchSpiRuntime
00C7D289-
LoadedImage SiInitDxe
IncompatiblePciDeviceSupport
LoadedImage HpetTimerDxe
TimerArch
HiiPackageList LoadedImage AmiHsti
AdapterInfo(AdapterInfo)
LoadedImage ACPI
AcpiSdt AcpiTable
01FA319E-
LoadedImage AcpiS3SaveDxe
HiiPackageList LoadedImage PciOutOfResourcesSetupPage
LoadedImage UsbRtDxe
HiiPackageList LoadedImage HddSmart
9401BD4F-
HiiPackageList LoadedImage PauseKey
LoadedImage SmbiosBoard
HiiPackageList LoadedImage Tpm20PlatformDxe
LoadedImage CpuS3DataDxe
LoadedImage PlatformConfigDxe
C298B206-
23F2D944-
HiiPackageList ICBDTSEPopupMenu
HiiPackageList LoadedImage HkUpdate
E2E6CF23-
HiiPackageList LoadedImage PlatformIdPage
HIIConfigAccess
LoadedImage OemBoardDxe
BA8D58AB-
LoadedImage PiSmmIpl
LoadedImage PiSmmCore
SmmCommunication SmmBase2
LoadedImage Tcg2Dxe
LoadedImage StatusCodeDxe
LoadedImage FlashDriverSmm
ECB867AB-
LoadedImage CpuIo2Smm
LoadedImage SmmLockBox
BD445d79-
LoadedImage PchSmbusSmm
LoadedImage SraSmmStub
LoadedImage AhciSmm
LoadedImage CryptoCMM
91ABC830-
LoadedImage SmmS3SaveState
LoadedImage RuntimeSmm
395C33FE-
LoadedImage PiSmmCpuDxeSmm
SmmConfig
LoadedImage NvramSmm
CD3D0A05-
LoadedImage PchSpiSmm
LoadedImage SmmPcieSataController
LoadedImage SbDxe
WatchdogTimerArch
17706D27-
PciHotPlugInit
377E6D6B-
LoadedImage CnvUefiVariables
C77AE557-
LoadedImage Dptf
LoadedImage HstiResultDxe
LoadedImage TbtDxe
4D6A54D1-
LoadedImage PlatoformVTdSampleDxe
3D17E448-
LoadedImage PlatformSetup
D5E1268B- D4D2F201-
LoadedImage PowerMgmtDxe
D71DB106-
LoadedImage BdatAccessHandler
LoadedImage PchInitDxe
LoadedImage SraDxe
7AE12E27-
LoadedImage HeciInit
EC7BC880-
1498D127-
LoadedImage BootScriptExecutorDxe
LoadedImage HardwareSignatureEntry
43169678-
ComponentName DriverBinding LoadedImage RtkSdCardDxe
LoadedImage Smbios
LoadedImage OEMActivation
LoadedImage OemUsbPort
LoadedImage OemEventDxe
LoadedImage SaInitDxe
LegacyRegion2
9E67AECF-
603DF7CA-
LoadedImage AcpiPlatform
C77AE556-
LoadedImage AcpiDebugDxe
LoadedImage RamDiskDxe
HIIConfigAccess DevicePath -BB1A4F94081E
HIIConfigAccess DevicePath -2B769AAA30C5
F7: 28A03FF4- RamDisk
LoadedImage ItkSmmVarsDxe
LoadedImage ItkSmmVarsDxe
LoadedImage PchSmiDispatcher
LoadedImage CpuSpSMI
LoadedImage NbSmi
LoadedImage PowerButton
LoadedImage SbRunSmm
LoadedImage SleepSmi
FF: LoadedImage PeriodicSmiControl
LoadedImage TcoSmi
LoadedImage AcpiModeEnable
LoadedImage PepBccdSmm
LoadedImage TbtSmm
LoadedImage OverClockSmiHandler
LoadedImage PowerMgmtSmm
LoadedImage SaLateInitSmm
0D66A1CF- LoadedImage PchInitSmm
LoadedImage UsbRtSmm
LoadedImage CmosSmm
LoadedImage SmmHddSecurity
LoadedImage NvmeSmm
LoadedImage SdioSmm
LoadedImage TpmClearOnRollbackSmm
LoadedImage SmmTcgStorageSec
LoadedImage CrbSmi
LoadedImage PiSmmCommunicationSmm
LoadedImage RtcWakeup
LoadedImage ItkSmmVars
LoadedImage OemBoardSmi
LoadedImage SmmPlatoform
ImageDevicePath -AB74D2C1A600 LoadedImage EnglishDxe
UnicodeCollation2 UnicodeCollation
LoadedImage SmbiosUpdateData
LoadedImage AmiMemoryInfoConfig
LoadedImage MeSmbiosDxe
ComponentName2 ComponentName DriverBinding ImageDevicePath -CD92CFB7D362 LoadedImage SataController
LoadedImage PlatofrmInitDxe
LoadedImage VtioDxe
LoadedImage DxeOverClock
LoadedImage MeFwDowngrade
3EA824D1-
LoadedImage ConSplitter
ComponentName2 DriverBinding
ComponentName2 DriverBinding
AbsolutePointer SimplePointer SimpleTextInEx SimpleTextIn SimpleTextOut
LoadedImage GraphicsConsole
ComponentName2 DriverBinding
ComponentName2 ComponentName DriverBinding LoadedImage DiskIoDxe
ComponentName2 ComponentName DriverBinding LoadedImage PartitionDxe
LoadedImage RstOneClickEnable
LoadedImage RstuefiDriverSupport
5B10CDC8-
SupportedEfiSpecVersion(0x0002001E) ComponentName2 ComponentnName DriverBinding LoadedImage IntegratedTouch
LoadedImage GenericSio
7576CC89- ComponentName2 DriverBinding
LoadedImage IdeBusSrc
132: ComponentName2 DriverBinding
LoadedImage PciBus
ComponentName2 DriverBinding
LoadedImage Ps2Main
ComponentName2 DriverBindding
ComponentName2 ComponentName DriverBinding LoadedImage SnpDxe
ComponentName2 ComponentName DriverBinding LoadedImage MnpDxe
ComponentName2 ComponentName DriverBinding LoadedImage ArpDxe
ComponentName2 ComponentName DriverBinding LoadedImage IpSecDxe
IpSec2 IpSecConfig
ComponentName2 ComponentName DriverBinding
ComponentName2 ComponentName DriverBinding LoadedImage TcpDxe
ComponentName2 ComponentName DriverBinding
13F:
ComponentName2 ComponentName DriverBinding LoadedImage UefiPxeBcDxe
ComponentName2 ComponentName DriverBinding
ComponentName2 ComponentName DriverBinding LoadedImage DnsDxe
ComponentName2 ComponentName DriverBinding
LoadedImage TlsDxe
TlsServiceBinding
ComponentName2 ComponentName DriverBinding LoadedImage Dhcp4Dxe
ComponentName2 ComponentName DriverBinding LoadedImage Ip4Dxe
ComponentName2 ComponentName DriverBinding LoadedImage Mtftp4Dxe
ComponentName2 ComponentName DriverBinding LoadedImage Udp4Dxe
ComponentName2 ComponentName DriverBinding LoadedImage Ip6Dxe
ComponentName2 ComponentName DriverBinding LoadedImage Udp6Dxe
ComponentName2 ComponentName DriverBinding LoadedImage Mtftp6Dxe
LoadedImage AtaPassThru
C6734411-
LoadedImage AudioPlayback
ComponentName2 ComponentName DriverBinding LoadedImage Fat
AuthenticationInfo iSCSIInitiatorName ComponentName2 ComponentName DriverBinding LoadedImage IScsiDxe
ComponentName2 ComponentName DriverBinding
HIIConfigAccess DevicePath(-CCAD2E0F4CF9)
ComponentName2 ComponentName DriverBinding LoadedImage ScsiBus
ComponentName2 ComponentName DriverBinding LoadedImage ScsiDisk
LoadedImage PcieSataController
ComponentName2 DriverBinding
ComponentName2 DriverBinding
ComponentName2 DriverBinding LoadedImage SdioDriver
LoadedImage AcpiPlatformFeatures
LoadedImage CustomSMBIOS
HiiPackageList LoadedImage AMITSE
HiiPopup
160: LoadedImage SmmGenericSio
LoadedImage UpdateMemoryRecord
EDIDOverride
PciEnumerationComplete
30249499- C7D4703B-
651B7EBD- DBCB2FCD- ComponentName2 DriverBinding ImageDevicePath((0x3,0x75F5A018,0x75F6BA98)) LoadedImage MemoryMapped
3279A703-
AD77AE29- 1FD29BE6- AtaPassThru
1FD29BE6- AD77AE29
FA20568B-
6DE538E4-
A33319B5-
A33319B5-
DevicePath LoadFile
ImageDevicePath LoadedImage SmbiosMisc
ImageDevicePath LoadedImage FileExplorerLite
088C3203-
HiiPackageList ImageDevicePath LoadedImage DpsdSetup
HIIConfigAccess DevicePtah
BootManagerPolicy
A68D1FDE-
4622F942-
HIIConfigAccess DevicePath
3A3300AB-
F8DD3A9D-
F31FCBB5-
348C4D62-
18F: 348C4D62-
348C4D62-
AdapterInfo(AdapterInfo)
0F500BE6-
8D9B3387-
Shell ShellParameters SimpleTextOut ImageDevicePath LoadedImage()
PciEnumerationComplete F42A009D-
USBHostController2 USBHostController 3279A703- DevicePath(PciRoot(0x0)/Pci(0x14,0x0)) PCIIO
0ADFB62D- SimpleTextInEx SimpleTextIn 1FEDE521- DevicePath(..)/Pci(0x14,0x0)/USB(0x0,0x0)) USBIO
198: SimplePointer 1FEDE521- DevicePath(..)/Pci(0x14,0x0)/USB(0x0,0x1)) USBIO
DevicePath(..)/Pci(0x014,0x0)/USB(0x0,0x2)) USBIO
30249499- C7D3703B- LoadFile2 BusSpecificDriverOverride DevicePath(PciRoot(0x0)/Pci(0x2,0x0)) PCIIO
E1E4A857- SimpleTextOut EDIDActive(EDIDActive GraphicsOutput(GraphicsOutput) EDIDDiscovered(EDIDDiscovered) 39487C79- DevicePath(..0x2,0x0)/AcpiAdr(0x80013310))
DevicePath(PciRoot(0x0)/Pci(0x0,0x0)) PCIIO
DevicePath(PciRoot(0x0)/Pci(0x8,0x0)) PCIIO
DevicePath(PciRoot(0x0)/Pci(0x12,0x0)) PCIIO
DevicePath(PciRoot(0x0)/Pci(0x14,0x0)) PCIIO
DevicePath(PciRoot(0x0)/Pci(0x16,0x0)) PCIIO
FDB29BE6- AD77AE29- AtaPassThru B2FA4764- IdeControllerInit DevicePath(PciRoot(0x0)/Pci(0x17,0x0)) PCIIO
DevicePath(PciRoot(0x0)/Pci(0x1D,0x0)) PCIIO
4B235191- 1FD29BE6- AD77AE29- F4F63529- NvmExpressPassThru AFA4CF3F- DevicePath(..)/Pci(0x1D,0x0)/Pci(0x0,0x0)) PCIIO
DevicePath(PciRoot(0x0)/Pci(0x1F,0x0)) PCIIO
DevicePath(PciRoot(0x0)/Pci(0x1F,0x4)) PCIIO
DevicePath(PciRoot(0x0)/Pci(0x1F,0x5)) PCIIO
DevicePath(PciRoot(0x0)/Pci(0x1F,0x6)) PCIIO
DiskIO F4F63529- BlockIO DickInfo DevicePath(..17,0x0)/Sata(0x2,0xFFFF,0x0))
1A1: DickIO E6D6D379- PartitionInfo BlockIO DevicePath(..49E6173E12,0x800,0x7470658F))
DiskIO BlockIO DiskInfo DevicePath(..0x1,8D-73-B0-91-55-38-26-00)) StorageSecurityCommand
SimpleFileSystem DiskIO EFISystemPartition PartitionInfo BlockIO DevicePath(..-FFC0339F3A57,0x800,0xEE000))
DiskIO 0FC63DAF- PartitionInfo BlockIO DevicePath(..78C7D5369,0xEE800,0x12A0800))
1A7: DiskIO E6D6D379- PartitionInfo BlockIo DevicePath(.. 18EF8D,0x138F000,0x38FF6800))

rickmark/handles.md