SPDebugger/2.16.23119.A Exception Raised at 77ca6c23 because HEAP_CORRUPTION (#c0000374) Windows NT 10.0.19042 UAC: Enabled,Limited Time: 2021/8/18 12:36:51.325 Phys.Mem: 8891/16152MB PageFile: 8199/21016MB CPU : Intel 0.6.5.2 2208MHz Features:MMX SSE HT AES-NI (Intel(R) Core(TM) i7-10870H CPU @ 2.20GHz) Package:1 Node:1 Core:8 Thread:16 SSP/2.5.15 (20210817-9; Windows NT 10.0.19042) Volume Information: C:\ Fixed [ 4843MB Free | 98413MB Total | 4%] (NTFS,Normal) D:\ Fixed [ 89257MB Free | 194558MB Total | 45%] (NTFS,Normal) E:\ Fixed [ 115210MB Free | 194559MB Total | 59%] (NTFS,Normal) Monitor Information: 0: \\.\DISPLAY1 - Work=0,0,1536,864 Size=1536x864 [PRIMARY] Env. Variables: =::=::\ =E:=E:\ssp\ghost\Taromati2\ghost ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\steve02081504\AppData\Roaming CommonProgramFiles=C:\Program Files (x86)\Common Files CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files CommonProgramW6432=C:\Program Files\Common Files COMPUTERNAME=LAPTOP-4FQDVD5B ComSpec=C:\WINDOWS\system32\cmd.exe DriverData=C:\Windows\System32\Drivers\DriverData FPS_BROWSER_APP_PROFILE_STRING=Internet Explorer FPS_BROWSER_USER_PROFILE_STRING=Default HOMEDRIVE=C: HOMEPATH=\Users\steve02081504 LOCALAPPDATA=C:\Users\steve02081504\AppData\Local LOGONSERVER=\\LAPTOP-4FQDVD5B NUMBER_OF_PROCESSORS=16 OneDrive=C:\Users\steve02081504\OneDrive OneDriveConsumer=C:\Users\steve02081504\OneDrive OnlineServices=Online Services OS=Windows_NT Path=E:\ssp\;%SystemRoot%\system32\WBEM;C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Users\steve02081504\AppData\Local\Microsoft\WindowsApps;C:\Users\steve02081504\AppData\Local\GitHubDesktop\bin;C:\Users\steve02081504\AppData\Local\Microsoft\WindowsApps;C:\Users\steve02081504\AppData\Local\GitHubDesktop\bin;C:\Users\steve02081504\AppData\Local\gitkraken\bin PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC platformcode=KV PROCESSOR_ARCHITECTURE=x86 PROCESSOR_ARCHITEW6432=AMD64 PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 165 Stepping 2, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=a502 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files (x86) ProgramFiles(x86)=C:\Program Files (x86) ProgramW6432=C:\Program Files PSModulePath=C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules PUBLIC=C:\Users\Public RegionCode=APJ SESSIONNAME=Console SW_SIM_HYDRA=C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\ SW_SIM_MPIT=INTELMPI SW_SIM_TEMP=C:\ProgramData\SOLIDWORKS\SW_net_sim_temp\ SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\Users\STEVE0~1\AppData\Local\Temp TMP=C:\Users\STEVE0~1\AppData\Local\Temp USERDOMAIN=LAPTOP-4FQDVD5B USERDOMAIN_ROAMINGPROFILE=LAPTOP-4FQDVD5B USERNAME=steve02081504 USERPROFILE=C:\Users\steve02081504 windir=C:\WINDOWS Loaded Drivers: -03400000 : cldflt.sys -03490000 : mmcss.sys -034b0000 : storqosflt.sys -034d0000 : bindflt.sys -03500000 : rdpdr.sys -03530000 : bowser.sys -03560000 : msquic.sys -035c0000 : mrxsmb.sys -03680000 : mrxsmb20.sys -036d0000 : lltdio.sys -036f0000 : rspndr.sys -03730000 : dxgmms2.sys -03820000 : monitor.sys -03840000 : WUDFRd.sys -038a0000 : dptf_cpu.sys -038c0000 : esif_lf.sys -03930000 : luafv.sys -03960000 : wcifs.sys -039a0000 : rdpvideominiport.sys -050f0000 : mcupdate_GenuineIntel.dll -05490000 : hal.dll -054a0000 : kd.dll -054b0000 : tm.sys -054e0000 : BOOTVID.dll -09200000 : ntoskrnl.exe -0aa00000 : CLFS.SYS -0aa70000 : PSHED.dll -0aa90000 : clipsp.sys -0abb0000 : FLTMGR.SYS -0ac20000 : ksecdd.sys -0ac50000 : msrpc.sys -0acc0000 : cmimcext.sys -0acd0000 : werkernel.sys -0acf0000 : ntosext.sys -0ad00000 : CI.dll -0adf0000 : cng.sys -0aeb0000 : Wdf01000.sys -0af90000 : WDFLDR.SYS -0afb0000 : SleepStudyHelper.sys -0afc0000 : WppRecorder.sys -0afe0000 : acpiex.sys -0b010000 : SgrmAgent.sys -0b030000 : lxss.sys -0b040000 : LXCORE.SYS -0b160000 : WMILIB.SYS -0b190000 : intelpep.sys -0b200000 : ACPI.sys -0b2d0000 : WindowsTrustedRT.sys -0b2f0000 : IntelTA.sys -0b300000 : WindowsTrustedRTProxy.sys -0b310000 : pcw.sys -0b330000 : msisadrv.sys -0b340000 : pci.sys -0b3c0000 : vdrvroot.sys -0b3e0000 : pdc.sys -0b410000 : CEA.sys -0b430000 : partmgr.sys -0b470000 : spaceport.sys -0b520000 : volmgr.sys -0b540000 : volmgrx.sys -0b5b0000 : mountmgr.sys -0b5d0000 : stornvme.sys -0b600000 : storport.sys -0b6c0000 : iaStorAC.sys -0c2b0000 : EhStorClass.sys -0c2d0000 : fileinfo.sys -0c2f0000 : Wof.sys -0c340000 : WdFilter.sys -0c3b0000 : Fs_Rec.sys -0c3c0000 : ndis.sys -0c540000 : NETIO.SYS -0c5f0000 : Ntfs.sys -0c8d0000 : ksecpkg.sys -0c910000 : tcpip.sys -0cc00000 : fwpkclnt.sys -0cc80000 : wfplwfs.sys -0ccc0000 : VmsProxy.sys -0cce0000 : vmbkmclr.sys -0cd10000 : VmsProxyHNic.sys -0cd20000 : fvevol.sys -0cdf0000 : hpdskflt.sys -0ce10000 : volume.sys -0ce20000 : volsnap.sys -0ce90000 : rdyboost.sys -0cef0000 : mup.sys -0cf20000 : iorate.sys -0cf60000 : disk.sys -0cf80000 : CLASSPNP.SYS -24000000 : cdrom.sys -24040000 : filecrypt.sys -24060000 : tbs.sys -24070000 : Null.SYS -24080000 : Beep.SYS -24090000 : rtf64x64.sys -240b0000 : vwififlt.sys -24110000 : crashdmp.sys -24200000 : nsiproxy.sys -24220000 : npsvctrig.sys -24230000 : mssmbios.sys -24250000 : gpuenergydrv.sys -24260000 : dfsc.sys -242b0000 : fastfat.SYS -24320000 : bam.sys -24340000 : ahcache.sys -24390000 : tap0901.sys -243a0000 : CompositeBus.sys -243c0000 : kdnic.sys -243d0000 : umbus.sys -243f0000 : CAD.sys -24420000 : pacer.sys -24450000 : ndiscap.sys -24470000 : netbios.sys -24490000 : Vid.sys -24540000 : winhvr.sys -24570000 : rdbss.sys -24600000 : tdx.sys -24630000 : TDI.SYS -24650000 : netbt.sys -246b0000 : afunix.sys -246d0000 : afd.sys -24780000 : dxgkrnl.sys -24b30000 : watchdog.sys -24b50000 : BasicDisplay.sys -24b70000 : BasicRender.sys -24b90000 : Npfs.SYS -24bb0000 : Msfs.SYS -24bd0000 : CimFS.SYS -25370000 : ibtusb.sys -258b0000 : BTHUSB.sys -258e0000 : usbccgp.sys -25920000 : hidusb.sys -25f80000 : dump_dumpstorport.sys -25f90000 : usbvideo.sys -27400000 : ks.sys -27480000 : USBXHCI.SYS -27520000 : ucx01000.sys -27570000 : UcmCxUcsiNvppc.sys -27620000 : UcmCx.sys -27650000 : i8042prt.sys -27680000 : ETD.sys -27740000 : kbdclass.sys -27760000 : IntcAudioBus.sys -277b0000 : iaLPSS2_GPIO2_CNL.sys -277e0000 : msgpioclx.sys -27820000 : Accelerometer.sys -27830000 : hpcustomcapdriver.sys -27840000 : wmiacpi.sys -27850000 : intelppm.sys -278a0000 : acpipagr.sys -278b0000 : acpitime.sys -278c0000 : WirelessButtonDriver64.sys -278d0000 : mshidkmdf.sys -278e0000 : HIDCLASS.SYS -27920000 : HIDPARSE.SYS -27940000 : CmBatt.sys -27950000 : BATTC.SYS -27970000 : dptf_acpi.sys -27990000 : UcmUcsiAcpiClient.sys -279b0000 : UcmUcsiCx.sys -279e0000 : UEFI.sys -279f0000 : nvvad64v.sys -27a10000 : ksthunk.sys -27a20000 : nvvhci.sys -27a40000 : NdisVirtualBus.sys -27a50000 : swenum.sys -27a60000 : rdpbus.sys -27a70000 : UsbHub3.sys -27b20000 : USBD.SYS -27b30000 : ViGEmBus.sys -27b50000 : iocbios2.sys -27b60000 : hidi2c.sys -27b80000 : nvhda64v.sys -27cf0000 : mouhid.sys -27d10000 : mouclass.sys -27d30000 : ETDHCF.sys -27d40000 : PTPFilter.sys -27d50000 : MTConfig.sys -27dc0000 : BTHport.sys -27f80000 : dump_stornvme.sys -27fd0000 : dump_dumpfve.sys -280b0000 : nvlddmkm.sys -2a6c0000 : HDAudBus.sys -2a6f0000 : portcls.sys -2a760000 : drmk.sys -2a800000 : Netwtw10.sys -2add0000 : wdiwifi.sys -2aec0000 : vwifibus.sys -2aed0000 : iaLPSS2_I2C_CNL.sys -2af10000 : SpbCx.sys -2af30000 : TeeDriverW10x64.sys -2af80000 : rt640x64.sys -2b0a0000 : igdkmd64.sys -2cae0000 : GlPciSD.sys -2cb60000 : iaLPSS2_UART2_CNL.sys -2cbb0000 : SerCx2.sys -2cbe0000 : ICCWDT.sys -2cbf0000 : hpomencustomcapdriver.sys -66400000 : HTTP.sys -66590000 : condrv.sys -665b0000 : mpsdrv.sys -665d0000 : HpPortIox64.sys -665e0000 : idmwfp.sys -66620000 : Ndu.sys -66650000 : srvnet.sys -666b0000 : peauth.sys -66790000 : mrxdav.sys -667c0000 : tcpipreg.sys -667e0000 : srv2.sys -668b0000 : rassstp.sys -668d0000 : NDProxy.sys -668f0000 : vwifimp.sys -66910000 : AgileVpn.sys -66940000 : rasl2tp.sys -66970000 : raspptp.sys -669a0000 : raspppoe.sys -669c0000 : ndistapi.sys -669d0000 : ndiswan.sys -66a10000 : WdNisDrv.sys -66bb0000 : HdAudio.sys -66c20000 : IntcDAud.sys -671c0000 : vmswitch.sys -67440000 : wanarp.sys -67460000 : mslldp.sys -67480000 : nwifi.sys -67540000 : ndisuio.sys -80400000 : win32kbase.sys -806e0000 : win32kfull.sys -80aa0000 : cdd.dll -80ba0000 : win32k.sys Executing Processes: [With ToolHelp32] -00000000 : [System Process] (16 Threads.) -00000004 : System (277 Threads.) -000000ac : Registry (4 Threads.) -00000258 : smss.exe (2 Threads.) -00000374 : csrss.exe (14 Threads.) -000003d8 : wininit.exe (1 Threads.) -000003e0 : csrss.exe (14 Threads.) -00000280 : services.exe (6 Threads.) -00000008 : lsass.exe (10 Threads.) -00000464 : svchost.exe (21 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000484 : fontdrvhost.exe (5 Threads.) 10.0.19041.1165 - Usermode Font Driver Host ? Microsoft Corporation. All rights reserved. -000004e0 : svchost.exe (9 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000518 : svchost.exe (5 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000558 : WUDFHost.exe (12 Threads.) -00000560 : winlogon.exe (3 Threads.) -000005c0 : fontdrvhost.exe (5 Threads.) 10.0.19041.1165 - Usermode Font Driver Host ? Microsoft Corporation. All rights reserved. -00000608 : dwm.exe (14 Threads.) -00000648 : svchost.exe (37 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000006a0 : svchost.exe (8 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000006d0 : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000006d8 : svchost.exe (2 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000006e0 : svchost.exe (3 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000076c : IntelCpHDCPSvc.exe (3 Threads.) -00000774 : svchost.exe (6 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000077c : svchost.exe (11 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000007e4 : svchost.exe (7 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000080c : svchost.exe (2 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000824 : IntelCpHeciSvc.exe (3 Threads.) -000008d8 : svchost.exe (5 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000008f8 : svchost.exe (2 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000904 : svchost.exe (6 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000994 : svchost.exe (15 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000009a0 : OmenCap.exe (2 Threads.) -000009a8 : DiagsCap.exe (2 Threads.) -000009b0 : SysInfoCap.exe (11 Threads.) -000009b8 : AppHelperCap.exe (4 Threads.) -000009cc : NetworkCap.exe (3 Threads.) -00000a18 : svchost.exe (6 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000a48 : svchost.exe (1 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000a78 : TouchpointAnalyticsClientService.exe (19 Threads.) -00000b88 : svchost.exe (9 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000b94 : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000bbc : svchost.exe (1 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000bf0 : svchost.exe (6 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000884 : svchost.exe (6 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000c2c : svchost.exe (5 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000c80 : svchost.exe (5 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000cec : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000d3c : WmiPrvSE.exe (7 Threads.) 10.0.19041.546 - WMI Provider Host ? Microsoft Corporation. All rights reserved. -00000d94 : unsecapp.exe (2 Threads.) -00000e14 : WmiPrvSE.exe (5 Threads.) 10.0.19041.546 - WMI Provider Host ? Microsoft Corporation. All rights reserved. -00000e6c : NVDisplay.Container.exe (8 Threads.) -00000ec4 : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000ec8 : svchost.exe (3 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000ed4 : svchost.exe (2 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000f10 : igfxCUIService.exe (2 Threads.) -00000f24 : Memory Compression (58 Threads.) -00000f5c : svchost.exe (6 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000f64 : svchost.exe (2 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000fec : NVDisplay.Container.exe (30 Threads.) -00001044 : svchost.exe (8 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000114c : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001154 : svchost.exe (11 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000115c : svchost.exe (8 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000011ec : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001238 : svchost.exe (17 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000127c : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000012dc : wlanext.exe (1 Threads.) 10.0.19041.1 - Windows Wireless LAN 802.11 Extensibility Framework ? Microsoft Corporation. All rights reserved. -000012f0 : conhost.exe (2 Threads.) -000012f8 : spoolsv.exe (7 Threads.) -00001358 : svchost.exe (12 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001420 : svchost.exe (19 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001428 : svchost.exe (8 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001430 : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001440 : svchost.exe (6 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001448 : OneApp.IGCC.WinService.exe (5 Threads.) -00001438 : svchost.exe (3 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001450 : svchost.exe (1 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001464 : svchost.exe (3 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001470 : svchost.exe (8 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001480 : RtkAudUService64.exe (10 Threads.) -00001488 : svchost.exe (3 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000014a0 : SECOMN64.exe (4 Threads.) -000014ac : MsMpEng.exe (63 Threads.) -000014b4 : ibtsiva.exe (1 Threads.) -000014bc : ETDService.exe (4 Threads.) -000014c4 : XtuService.exe (12 Threads.) 7.3.0.33 - XtuService Copyright(C) 2007 - 2021, Intel Corporation. All Rights Reserved. -000014cc : snmp.exe (5 Threads.) 10.0.19041.1 - SNMP 服务 ? Microsoft Corporation. All rights reserved. -000014d8 : FNPLicensingService64.exe (6 Threads.) -000014e8 : IntelAudioService.exe (8 Threads.) -0000150c : RstMwService.exe (6 Threads.) -000015e0 : esif_uf.exe (3 Threads.) -00001648 : svchost.exe (6 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001678 : svchost.exe (6 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001710 : svchost.exe (11 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000171c : SECOCL64.exe (13 Threads.) -0000172c : jhi_service.exe (2 Threads.) -00001738 : conhost.exe (2 Threads.) -000017c0 : dasHost.exe (2 Threads.) -000017e8 : ETDCtrl.exe (13 Threads.) -0000181c : lmgrd.exe (2 Threads.) -000019b4 : svchost.exe (5 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001ae0 : conhost.exe (4 Threads.) -00001b48 : lmgrd.exe (1 Threads.) -00001c04 : sihost.exe (10 Threads.) -00001c28 : svchost.exe (12 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001c40 : PresentationFontCache.exe (4 Threads.) -00001c90 : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001c98 : svchost.exe (3 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001cc8 : svchost.exe (6 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001d44 : taskhostw.exe (8 Threads.) -00001e38 : svchost.exe (3 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001e64 : explorer.exe (133 Threads.) 10.0.19041.1151 - Windows 资源管理器 ? Microsoft Corporation. All rights reserved. -00001e8c : ctfmon.exe (14 Threads.) 10.0.19041.1 - CTF 加载程序 ? Microsoft Corporation. All rights reserved. -00001f60 : igfxEM.exe (23 Threads.) -00001f9c : svchost.exe (7 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000013e8 : svchost.exe (7 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000209c : svchost.exe (1 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000020d0 : svchost.exe (10 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000213c : svchost.exe (2 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002274 : ChsIME.exe (267 Threads.) -00002338 : StartMenuExperienceHost.exe (13 Threads.) -000023d0 : RuntimeBroker.exe (7 Threads.) -000021f8 : SearchApp.exe (47 Threads.) -00001d58 : SearchIndexer.exe (34 Threads.) 7.0.19041.1151 - Microsoft Windows Search 索引器 ? Microsoft Corporation. All rights reserved. -000024ac : RuntimeBroker.exe (14 Threads.) -00002734 : SettingSyncHost.exe (4 Threads.) 10.0.19041.746 - Host Process for Setting Synchronization ? Microsoft Corporation. All rights reserved. -00002a60 : NisSrv.exe (10 Threads.) -00002ac8 : LockApp.exe (11 Threads.) -00002b04 : TouchpointGpuInfo.exe (13 Threads.) -00002b48 : RuntimeBroker.exe (10 Threads.) -00002bec : SecurityHealthSystray.exe (1 Threads.) -000029d4 : SecurityHealthService.exe (8 Threads.) -000028e8 : svchost.exe (2 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000028b8 : RtkAudUService64.exe (4 Threads.) -00002eb4 : svchost.exe (1 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002d9c : jusched.exe (2 Threads.) -000013f8 : svchost.exe (12 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000303c : svchost.exe (9 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000323c : TextInputHost.exe (20 Threads.) -00003304 : RuntimeBroker.exe (8 Threads.) -000031b0 : LetsPRO.exe (62 Threads.) -00002034 : svchost.exe (2 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000a6c : dllhost.exe (5 Threads.) 10.0.19041.546 - COM Surrogate ? Microsoft Corporation. All rights reserved. -00002dfc : HPSystemEventUtilityHost.exe (9 Threads.) -00002ba4 : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001574 : HPAudioSwitch.exe (9 Threads.) -00001504 : ApplicationFrameHost.exe (13 Threads.) -0000345c : svchost.exe (3 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000038d0 : svchost.exe (1 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000030e8 : HPCommRecovery.exe (10 Threads.) -00003ae4 : SgrmBroker.exe (6 Threads.) -00003a44 : svchost.exe (7 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000022b4 : taskhostw.exe (4 Threads.) -00002380 : svchost.exe (3 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003208 : CompPkgSrv.exe (1 Threads.) -00004164 : ShellExperienceHost.exe (35 Threads.) -000041d0 : RuntimeBroker.exe (14 Threads.) -000020a8 : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003f48 : IDMan.exe (2 Threads.) -00001700 : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003af8 : svchost.exe (1 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003190 : SystemSettingsBroker.exe (13 Threads.) -00004570 : ChsIME.exe (2 Threads.) -00002080 : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000328 : svchost.exe (2 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000165c : SystemSettings.exe (22 Threads.) -00003608 : WinStore.App.exe (23 Threads.) -000022e0 : RuntimeBroker.exe (2 Threads.) -00002f18 : Video.UI.exe (19 Threads.) -00000a0c : RuntimeBroker.exe (2 Threads.) -000036fc : Microsoft.Photos.exe (17 Threads.) -00001d80 : RuntimeBroker.exe (3 Threads.) -000030e0 : sw_d.exe (3 Threads.) -00000dac : svchost.exe (3 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002f04 : BridgeCommunication.exe (5 Threads.) -000046ac : firefox.exe (91 Threads.) -00003c3c : firefox.exe (35 Threads.) -00002414 : firefox.exe (31 Threads.) -00000478 : firefox.exe (28 Threads.) -00002110 : firefox.exe (28 Threads.) -000047c0 : firefox.exe (30 Threads.) -00003930 : firefox.exe (29 Threads.) -00003c34 : firefox.exe (29 Threads.) -00001734 : firefox.exe (29 Threads.) -00003954 : firefox.exe (9 Threads.) -00000450 : firefox.exe (30 Threads.) -00002b40 : explorer.exe (17 Threads.) 10.0.19041.1151 - Windows 资源管理器 ? Microsoft Corporation. All rights reserved. -00003570 : audiodg.exe (2 Threads.) -000021ec : firefox.exe (48 Threads.) -0000246c : GitHubDesktop.exe (33 Threads.) -0000176c : GitHubDesktop.exe (12 Threads.) -00003374 : GitHubDesktop.exe (9 Threads.) -00002d5c : GitHubDesktop.exe (23 Threads.) -0000263c : svchost.exe (14 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000037d8 : SearchProtocolHost.exe (6 Threads.) 7.0.19041.1151 - Microsoft Windows Search Protocol Host ? Microsoft Corporation. All rights reserved. -00003a24 : svchost.exe (5 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002660 : svchost.exe (9 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001680 : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000c14 : smartscreen.exe (10 Threads.) -00002d10 : SearchFilterHost.exe (3 Threads.) 7.0.19041.1151 - Microsoft Windows Search Filter Host ? Microsoft Corporation. All rights reserved. ==> -00001458 : ssp.exe (18 Threads.) 2.5.15.3000 - SSP (C) D-EXCLAMATION / SSP BUGTRAQ -00000734 : MoUsoCoreWorker.exe (9 Threads.) -00003478 : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000353c : svchost.exe (4 Threads.) 10.0.19041.546 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. Executing Threads: [With ToolHelp32] -00000c4c : 8(0) -00003004 : 8(0) -0000469c : 8(0) -0000053c : 8(0) -00004728 : 8(0) -00002100 : 8(0) -00002f20 : 8(0) -0000340c : 8(0) -000005cc : 8(0) -000009c4 : 8(0) -00003ec0 : 8(0) -00002324 : 9(0) -000023e4 : 7(0) -000042dc : 8(0) -000031e0 : 7(0) -00001580 : 7(0) -0000468c : 8(0) ==> -0000288c : 7(0) Executing Services: [With SCM/NT] ---AJRouter (AllJoyn Router Service) - Stopped/Paused ---ALG (Application Layer Gateway Service) - Stopped/Paused ---AppIDSvc (Application Identity) - Stopped/Paused ***Appinfo (Application Information) - Running ---AppReadiness (App Readiness) - Stopped/Paused ***AppXSvc (AppX Deployment Service (AppXSVC)) - Running ***AudioEndpointBuilder (Windows Audio Endpoint Builder) - Running ***Audiosrv (Windows Audio) - Running ---autotimesvc (手机网络时间) - Stopped/Paused ---AxInstSV (ActiveX Installer (AxInstSV)) - Stopped/Paused ---BDESVC (BitLocker Drive Encryption Service) - Stopped/Paused ***BFE (Base Filtering Engine) - Running ---BITS (Background Intelligent Transfer Service) - Stopped/Paused ***BrokerInfrastructure (Background Tasks Infrastructure Service) - Running ---BTAGService (蓝牙音频网关服务) - Stopped/Paused ***BthAvctpSvc (AVCTP 服务) - Running ---bthserv (蓝牙支持服务) - Stopped/Paused ***camsvc (功能访问管理器服务) - Running ***CDPSvc (连接设备平台服务) - Running ***CertPropSvc (Certificate Propagation) - Running ---ClipSVC (Client License Service (ClipSVC)) - Stopped/Paused ---COMSysApp (COM+ System Application) - Stopped/Paused ---CoordinatorServiceHost (DTSInterops) - Stopped/Paused ***CoreMessagingRegistrar (CoreMessaging) - Running ***cphs (Intel(R) Content Protection HECI Service) - Running ***cplspcon (Intel(R) Content Protection HDCP Service) - Running ***CryptSvc (Cryptographic Services) - Running ***DcomLaunch (DCOM Server Process Launcher) - Running ---debugregsvc (debugregsvc) - Stopped/Paused ---defragsvc (Optimize drives) - Stopped/Paused ---DeveloperToolsService (开发人员工具服务) - Stopped/Paused ***DeviceAssociationService (Device Association Service) - Running ---DeviceInstall (Device Install Service) - Stopped/Paused ---DevQueryBroker (DevQuery Background Discovery Broker) - Stopped/Paused ***Dhcp (DHCP Client) - Running ---diagnosticshub.standardcollector.service (Microsoft (R) 诊断中心标准收集器服务) - Stopped/Paused ---diagsvc (Diagnostic Execution Service) - Stopped/Paused ***DiagTrack (Connected User Experiences and Telemetry) - Running ***DispBrokerDesktopSvc (显示策略服务) - Running ***DisplayEnhancementService (显示增强服务) - Running ---DmEnrollmentSvc (设备管理注册服务) - Stopped/Paused ---dmwappushservice (设备管理无线应用程序协议 (WAP) 推送消息路由服务) - Stopped/Paused ***Dnscache (DNS Client) - Running ---DoSvc (Delivery Optimization) - Stopped/Paused ---dot3svc (Wired AutoConfig) - Stopped/Paused ***DPS (Diagnostic Policy Service) - Running ---DsmSvc (Device Setup Manager) - Stopped/Paused ***DsSvc (Data Sharing Service) - Running ***DusmSvc (数据使用量) - Running ---Eaphost (Extensible Authentication Protocol) - Stopped/Paused ---edgeupdate (Microsoft Edge 更新 服务 (edgeupdate)) - Stopped/Paused ---edgeupdatem (Microsoft Edge 更新 服务 (edgeupdatem)) - Stopped/Paused ***EFS (Encrypting File System (EFS)) - Running ---embeddedmode (嵌入模式) - Stopped/Paused ---EntAppSvc (Enterprise App Management Service) - Stopped/Paused ---EpicOnlineServices (Epic Online Services) - Stopped/Paused ***esifsvc (Intel(R) Dynamic Tuning service) - Running ***ETDService (ELAN Service) - Running ***EventLog (Windows Event Log) - Running ***EventSystem (COM+ Event System) - Running ---fdPHost (Function Discovery Provider Host) - Stopped/Paused ---FDResPub (Function Discovery Resource Publication) - Stopped/Paused ---fhsvc (File History Service) - Stopped/Paused ***FlexNet Licensing Service 64 (FlexNet Licensing Service 64) - Running ***FontCache (Windows Font Cache Service) - Running ***FontCache3.0.0.0 (Windows Presentation Foundation Font Cache 3.0.0.0) - Running ---FrameServer (Windows Camera Frame Server) - Stopped/Paused ---gpsvc (Group Policy Client) - Stopped/Paused ---GraphicsPerfSvc (GraphicsPerfSvc) - Stopped/Paused ---HfcDisableService (Intel(R) RST HFC Disable Service) - Stopped/Paused ---hidserv (Human Interface Device Service) - Stopped/Paused ***HP Comm Recover (HP Comm Recovery) - Running ***HPAppHelperCap (HP App Helper HSA Service) - Running ***HPDiagsCap (HP Diagnostics HSA Service) - Running ***HPNetworkCap (HP Network HSA Service) - Running ***HPOmenCap (HP Omen HSA Service) - Running ***HPSysInfoCap (HP System Info HSA Service) - Running ***HpTouchpointAnalyticsService (HP Analytics service) - Running ---HvHost (HV 主机服务) - Stopped/Paused ---iaStorAfsService (Intel(R) Optane(TM) Memory Service) - Stopped/Paused ***ibtsiva (Intel Bluetooth Service) - Running ---icssvc (Windows 移动热点服务) - Stopped/Paused ***igccservice (Intel(R) Graphics Command Center Service) - Running ***igfxCUIService2.0.0.0 (Intel(R) HD Graphics Control Panel Service) - Running ***IKEEXT (IKE and AuthIP IPsec Keying Modules) - Running ---impi_hydra (Intel(R) MPI Library Hydra Process Manager) - Stopped/Paused ***InstallService (Microsoft Store 安装服务) - Running ---Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Stopped/Paused ---Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Stopped/Paused ***IntelAudioService (Intel(R) Audio Service) - Running ***iphlpsvc (IP Helper) - Running ***iprip (RIP Listener) - Running ---IpxlatCfgSvc (IP 转换配置服务) - Stopped/Paused ***jhi_service (Intel(R) Dynamic Application Loader Host Interface Service) - Running ***KeyIso (CNG Key Isolation) - Running ---KtmRm (KtmRm for Distributed Transaction Coordinator) - Stopped/Paused ***LanmanServer (Server) - Running ***LanmanWorkstation (Workstation) - Running ***lfsvc (Geolocation Service) - Running ***LicenseManager (Windows 许可证管理器服务) - Running ---lltdsvc (Link-Layer Topology Discovery Mapper) - Stopped/Paused ***lmhosts (TCP/IP NetBIOS Helper) - Running ***LSM (Local Session Manager) - Running ---LxpSvc (语言体验服务) - Stopped/Paused ---LxssManager (LxssManager) - Stopped/Paused ---MapsBroker (Downloaded Maps Manager) - Stopped/Paused ---MicrosoftEdgeElevationService (Microsoft Edge Elevation Service (MicrosoftEdgeElevationService)) - Stopped/Paused ---MixedRealityOpenXRSvc (Windows Mixed Reality OpenXR Service) - Stopped/Paused ***mpssvc (Windows Defender Firewall) - Running ---MSDTC (Distributed Transaction Coordinator) - Stopped/Paused ---MSiSCSI (Microsoft iSCSI Initiator Service) - Stopped/Paused ---msiserver (Windows Installer) - Stopped/Paused ---NaturalAuthentication (自然身份验证) - Stopped/Paused ---NcaSvc (Network Connectivity Assistant) - Stopped/Paused ***NcbService (Network Connection Broker) - Running ---NcdAutoSetup (Network Connected Devices Auto-Setup) - Stopped/Paused ---Netlogon (Netlogon) - Stopped/Paused ***Netman (Network Connections) - Running ***netprofm (Network List Service) - Running ---NetSetupSvc (Network Setup Service) - Stopped/Paused ---NetTcpPortSharing (Net.Tcp Port Sharing Service) - Stopped/Paused ***NgcCtnrSvc (Microsoft Passport Container) - Running ***NgcSvc (Microsoft Passport) - Running ***NlaSvc (Network Location Awareness) - Running ***nsi (Network Store Interface Service) - Running ---NvContainerLocalSystem (NVIDIA LocalSystem Container) - Stopped/Paused ***NVDisplay.ContainerLocalSystem (NVIDIA Display Container LS) - Running ---p2pimsvc (Peer Networking Identity Manager) - Stopped/Paused ---p2psvc (Peer Networking Grouping) - Stopped/Paused ***PcaSvc (Program Compatibility Assistant Service) - Running ---perceptionsimulation (Windows 感知模拟服务) - Stopped/Paused ---PerfHost (Performance Counter DLL Host) - Stopped/Paused ***PhoneSvc (Phone Service) - Running ---pla (Performance Logs & Alerts) - Stopped/Paused ***PlugPlay (Plug and Play) - Running ---PNRPAutoReg (PNRP Machine Name Publication Service) - Stopped/Paused ---PNRPsvc (Peer Name Resolution Protocol) - Stopped/Paused ---PolicyAgent (IPsec Policy Agent) - Stopped/Paused ***Power (Power) - Running ---PrintNotify (Printer Extensions and Notifications) - Stopped/Paused ***ProfSvc (User Profile Service) - Running ---PushToInstall (Windows PushToInstall 服务) - Stopped/Paused ---QWAVE (Quality Windows Audio Video Experience) - Stopped/Paused ---RasAuto (Remote Access Auto Connection Manager) - Stopped/Paused ***RasMan (Remote Access Connection Manager) - Running ---RemoteAccess (Routing and Remote Access) - Stopped/Paused ---RemoteRegistry (Remote Registry) - Stopped/Paused ---RetailDemo (零售演示服务) - Stopped/Paused ***RmSvc (无线电管理服务) - Running ***RpcEptMapper (RPC Endpoint Mapper) - Running ---RpcLocator (Remote Procedure Call (RPC) Locator) - Stopped/Paused ***RpcSs (Remote Procedure Call (RPC)) - Running ***RstMwService (Intel(R) Storage Middleware Service) - Running ***RtkAudioUniversalService (Realtek Audio Universal Service) - Running ***SamSs (Security Accounts Manager) - Running ---SCardSvr (Smart Card) - Stopped/Paused ---ScDeviceEnum (Smart Card Device Enumeration Service) - Stopped/Paused ***Schedule (Task Scheduler) - Running ---SCPolicySvc (Smart Card Removal Policy) - Stopped/Paused ---SDRSVC (Windows 备份) - Stopped/Paused ---seclogon (Secondary Logon) - Stopped/Paused ***SECOMNService (Sound Research SECOMN Service) - Running ***SecurityHealthService (Windows 安全中心服务) - Running ***SEMgrSvc (付款和 NFC/SE 管理器) - Running ***SENS (System Event Notification Service) - Running ---SensorDataService (Sensor Data Service) - Stopped/Paused ---SensorService (Sensor Service) - Stopped/Paused ---SensrSvc (Sensor Monitoring Service) - Stopped/Paused ***SessionEnv (Remote Desktop Configuration) - Running ***SgrmBroker (System Guard 运行时监视器代理) - Running ---SharedAccess (Internet Connection Sharing (ICS)) - Stopped/Paused ---SharedRealitySvc (空间数据服务) - Stopped/Paused ***ShellHWDetection (Shell Hardware Detection) - Running ---shpamsvc (Shared PC Account Manager) - Stopped/Paused ---smphost (Microsoft Storage Spaces SMP) - Stopped/Paused ---SmsRouter (Microsoft Windows SMS 路由器服务。) - Stopped/Paused ***SNMP (SNMP 服务) - Running ---SNMPTRAP (SNMP 陷阱) - Stopped/Paused ***SolidWorks Flexnet Server (SolidWorks Flexnet Server) - Running ---SolidWorks Licensing Service (SolidWorks Licensing Service) - Stopped/Paused ---spectrum (Windows 感知服务) - Stopped/Paused ***Spooler (Print Spooler) - Running ---sppsvc (Software Protection) - Stopped/Paused ***SSDPSRV (SSDP Discovery) - Running ---ssh-agent (OpenSSH Authentication Agent) - Stopped/Paused ---sshd (OpenSSH SSH Server) - Stopped/Paused ---SshdBroker (SshdBroker) - Stopped/Paused ***SstpSvc (Secure Socket Tunneling Protocol Service) - Running ***StateRepository (State Repository Service) - Running ---Steam Client Service (Steam Client Service) - Stopped/Paused ---stisvc (Windows Image Acquisition (WIA)) - Stopped/Paused ***StorSvc (Storage Service) - Running ---svsvc (Spot Verifier) - Stopped/Paused ---swprv (Microsoft Software Shadow Copy Provider) - Stopped/Paused ***SysMain (SysMain) - Running ***SystemEventsBroker (System Events Broker) - Running ***TabletInputService (Touch Keyboard and Handwriting Panel Service) - Running ---TapiSrv (Telephony) - Stopped/Paused ***TermService (Remote Desktop Services) - Running ***Themes (Themes) - Running ---TieringEngineService (Storage Tiers Management) - Stopped/Paused ***TimeBrokerSvc (Time Broker) - Running ***TokenBroker (Web 帐户管理器) - Running ***TrkWks (Distributed Link Tracking Client) - Running ---TroubleshootingSvc (建议疑难解答服务) - Stopped/Paused ---TrustedInstaller (Windows Modules Installer) - Stopped/Paused ---tzautoupdate (自动时区更新程序) - Stopped/Paused ---uhssvc (Microsoft Update Health Service) - Stopped/Paused ***UmRdpService (Remote Desktop Services UserMode Port Redirector) - Running ---upnphost (UPnP Device Host) - Stopped/Paused ***UserManager (User Manager) - Running ***UsoSvc (更新 Orchestrator 服务) - Running ---VacSvc (立体音频组合器服务) - Stopped/Paused ***VaultSvc (Credential Manager) - Running ---vds (Virtual Disk) - Stopped/Paused ---vmicguestinterface (Hyper-V Guest Service Interface) - Stopped/Paused ---vmicheartbeat (Hyper-V Heartbeat Service) - Stopped/Paused ---vmickvpexchange (Hyper-V Data Exchange Service) - Stopped/Paused ---vmicrdv (Hyper-V 远程桌面虚拟化服务) - Stopped/Paused ---vmicshutdown (Hyper-V Guest Shutdown Service) - Stopped/Paused ---vmictimesync (Hyper-V Time Synchronization Service) - Stopped/Paused ---vmicvmsession (Hyper-V PowerShell Direct Service) - Stopped/Paused ---vmicvss (Hyper-V 卷影复制请求程序) - Stopped/Paused ---VSS (Volume Shadow Copy) - Stopped/Paused ---VSStandardCollectorService150 (Visual Studio Standard Collector Service 150) - Stopped/Paused ---W32Time (Windows Time) - Stopped/Paused ***WaaSMedicSvc (Windows 更新医生服务) - Running ---WalletService (WalletService) - Stopped/Paused ---WarpJITSvc (WarpJITSvc) - Stopped/Paused ---wbengine (Block Level Backup Engine Service) - Stopped/Paused ---WbioSrvc (Windows Biometric Service) - Stopped/Paused ***Wcmsvc (Windows Connection Manager) - Running ---wcncsvc (Windows Connect Now - Config Registrar) - Stopped/Paused ***WdiServiceHost (Diagnostic Service Host) - Running ***WdiSystemHost (Diagnostic System Host) - Running ***WdNisSvc (Microsoft Defender Antivirus Network Inspection Service) - Running ***WebClient (WebClient) - Running ---WebManagement (Web Management) - Stopped/Paused ---Wecsvc (Windows Event Collector) - Stopped/Paused ---WEPHOSTSVC (Windows Encryption Provider Host Service) - Stopped/Paused ---wercplsupport (Problem Reports Control Panel Support) - Stopped/Paused ***WerSvc (Windows Error Reporting Service) - Running ---WFDSConMgrSvc (WLAN Direct 服务连接管理器服务) - Stopped/Paused ---WiaRpc (Still Image Acquisition Events) - Stopped/Paused ---WinAppMgmt (Windows Application Management Service) - Stopped/Paused ***WinDefend (Microsoft Defender Antivirus Service) - Running ***WinHttpAutoProxySvc (WinHTTP Web Proxy Auto-Discovery Service) - Running ***Winmgmt (Windows Management Instrumentation) - Running ---WinRM (Windows Remote Management (WS-Management)) - Stopped/Paused ---wisvc (Windows 预览体验成员服务) - Stopped/Paused ***WlanSvc (WLAN AutoConfig) - Running ***wlidsvc (Microsoft Account Sign-in Assistant) - Running ---wlpasvc (本地配置文件助手服务) - Stopped/Paused ---WManSvc (Windows 管理服务) - Stopped/Paused ---wmiApSrv (WMI Performance Adapter) - Stopped/Paused ---workfolderssvc (Work Folders) - Stopped/Paused ---WpcMonSvc (家长控制) - Stopped/Paused ---WPDBusEnum (Portable Device Enumerator Service) - Stopped/Paused ***WpnService (Windows 推送通知系统服务) - Running ***wscsvc (Security Center) - Running ***WSearch (Windows Search) - Running ***wuauserv (Windows Update) - Running ---WwanSvc (WWAN AutoConfig) - Stopped/Paused ---XblAuthManager (Xbox Live 身份验证管理器) - Stopped/Paused ---XblGameSave (Xbox Live 游戏保存) - Stopped/Paused ---XboxGipSvc (Xbox Accessory Management Service) - Stopped/Paused ---XboxNetApiSvc (Xbox Live 网络服务) - Stopped/Paused ***XTU3SERVICE (XTUOCDriverService) - Running ---AarSvc_72361 (AarSvc_72361) - Stopped/Paused ---BcastDVRUserService_72361 (BcastDVRUserService_72361) - Stopped/Paused ---BluetoothUserService_72361 (BluetoothUserService_72361) - Stopped/Paused ---CaptureService_72361 (CaptureService_72361) - Stopped/Paused ***cbdhsvc_72361 (cbdhsvc_72361) - Running ***CDPUserSvc_72361 (CDPUserSvc_72361) - Running ---ConsentUxUserSvc_72361 (ConsentUxUserSvc_72361) - Stopped/Paused ---CredentialEnrollmentManagerUserSvc_72361 (CredentialEnrollmentManagerUserSvc_72361) - Stopped/Paused ---DeviceAssociationBrokerSvc_72361 (DeviceAssociationBrokerSvc_72361) - Stopped/Paused ---DevicePickerUserSvc_72361 (DevicePickerUserSvc_72361) - Stopped/Paused ---DevicesFlowUserSvc_72361 (DevicesFlowUserSvc_72361) - Stopped/Paused ---LxssManagerUser_72361 (LxssManagerUser_72361) - Stopped/Paused ---MessagingService_72361 (MessagingService_72361) - Stopped/Paused ***PimIndexMaintenanceSvc_72361 (PimIndexMaintenanceSvc_72361) - Running ---PrintWorkflowUserSvc_72361 (PrintWorkflowUserSvc_72361) - Stopped/Paused ***UdkUserSvc_72361 (UdkUserSvc_72361) - Running ***UnistoreSvc_72361 (UnistoreSvc_72361) - Running ***UserDataSvc_72361 (UserDataSvc_72361) - Running ***WpnUserService_72361 (WpnUserService_72361) - Running Loaded Modules: [With ToolHelp32] -00400000 : E:\ssp\ssp.exe 2.5.15.3000 - SSP (C) D-EXCLAMATION / SSP BUGTRAQ -03b90000 : E:\ssp\plugin\shared_value\shared_value.dll 1.0.0.0 - Shared Value Plugin Copyright (C) CSaori Project -03f10000 : E:\ssp\plugin\SAKNIFE\SAKNIFE.dll 1.5.3.0 - SwissArmyKnife (C) 2004 SSP BUGTRAQ -046e0000 : E:\ssp\ghost\Taromati2\ghost\master\saori\cmdrunner.DLL 1.0.0.0 - by steve02081504 for Taromati2 at 2021/2/16 -10000000 : E:\ssp\data\language\chinese-simplified\resource.dll 2.5.11.6 - Language Resource DLL (C) D-EXCLAMATION / SSP BUGTRAQ -13700000 : E:\ssp\ghost\Taromati2\ghost\master\shiori\aya.dll -5f510000 : C:\WINDOWS\SYSTEM32\msvcp110_win.dll 10.0.19041.546 - Microsoft? STL110 C++ Runtime Library ? Microsoft Corporation. All rights reserved. -5f650000 : C:\WINDOWS\SYSTEM32\ondemandconnroutehelper.dll 10.0.19041.546 - On Demand Connctiond Route Helper ? Microsoft Corporation. All rights reserved. -606d0000 : C:\WINDOWS\system32\explorerframe.dll 10.0.19041.1023 - ExplorerFrame ? Microsoft Corporation. All rights reserved. -60960000 : C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.1151_none_d951395de104724f\gdiplus.dll 10.0.19041.1151 - Microsoft GDI+ ? Microsoft Corporation. All rights reserved. -60c70000 : C:\WINDOWS\system32\wininet.dll 11.0.19041.1151 - Win32 的 Internet 扩展 ? Microsoft Corporation. All rights reserved. -64900000 : C:\WINDOWS\SYSTEM32\srvcli.dll 10.0.19041.546 - Server Service Client DLL ? Microsoft Corporation. All rights reserved. -64920000 : C:\Windows\System32\iertutil.dll 11.0.19041.1081 - Internet Explorer 的运行时实用程序 ? Microsoft Corporation. All rights reserved. -64d50000 : C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\X86\MpOav.dll 4.18.2107.4 - IOfficeAntiVirus Module ? Microsoft Corporation. All rights reserved. -64dc0000 : C:\Windows\System32\dcomp.dll 10.0.19041.1023 - Microsoft DirectComposition Library ? Microsoft Corporation. All rights reserved. -64f30000 : C:\WINDOWS\system32\dataexchange.dll 10.0.19041.1151 - Data exchange ? Microsoft Corporation. All rights reserved. -64f70000 : C:\WINDOWS\system32\dwmapi.dll 10.0.19041.746 - Microsoft 桌面窗口管理器 API ? Microsoft Corporation. All rights reserved. -652f0000 : C:\WINDOWS\SYSTEM32\WINNSI.DLL 10.0.19041.546 - Network Store Information RPC interface ? Microsoft Corporation. All rights reserved. -65310000 : C:\WINDOWS\SYSTEM32\oledlg.dll 10.0.19041.746 - OLE 用户界面支持 ? Microsoft Corporation. All rights reserved. -65fd0000 : C:\Windows\System32\wuapi.dll 10.0.19041.1151 - Windows 更新客户端 API ? Microsoft Corporation. All rights reserved. -69840000 : C:\Windows\System32\Windows.UI.Xaml.dll 10.0.19041.1151 - Windows.UI.Xaml dll ? Microsoft Corporation. All rights reserved. -6a660000 : C:\Windows\System32\Windows.UI.Immersive.dll 10.0.19041.1165 - WINDOWS.UI.IMMERSIVE ? Microsoft Corporation. All rights reserved. -6a7f0000 : C:\WINDOWS\SYSTEM32\mscms.dll 10.0.19041.746 - Microsoft 颜色匹配系统 DLL ? Microsoft Corporation. All rights reserved. -6ab00000 : C:\Windows\System32\OneCoreUAPCommonProxyStub.dll 10.0.19041.1023 - OneCoreUAP Common Proxy Stub ? Microsoft Corporation. All rights reserved. -6aea0000 : C:\WINDOWS\system32\amsi.dll 10.0.19041.746 - Anti-Malware Scan Interface ? Microsoft Corporation. All rights reserved. -6af60000 : E:\ssp\plugin\discord\discord.dll 1.0.2.1 - Discord Rich Presence Plugin Copyright (C) 2018 SSP BUGTRAQ -6b040000 : C:\Windows\System32\Bcp47Langs.dll 10.0.19041.1083 - BCP47 Language Classes ? Microsoft Corporation. All rights reserved. -6b1e0000 : C:\WINDOWS\system32\d3d11.dll 10.0.19041.746 - Direct3D 11 Runtime ? Microsoft Corporation. All rights reserved. -6b3c0000 : C:\WINDOWS\system32\dxgi.dll 10.0.19041.964 - DirectX Graphics Infrastructure ? Microsoft Corporation. All rights reserved. -6c370000 : C:\Windows\System32\twinapi.appcore.dll 10.0.19041.746 - twinapi.appcore ? Microsoft Corporation. All rights reserved. -6c670000 : C:\WINDOWS\system32\wshunix.dll 10.0.19041.1 - AF_UNIX Winsock2 Helper DLL ? Microsoft Corporation. All rights reserved. -6c680000 : C:\Windows\System32\InputHost.dll 10.0.19041.906 - InputHost ? Microsoft Corporation. All rights reserved. -6c770000 : C:\WINDOWS\SYSTEM32\wintypes.dll 10.0.19041.1081 - Windows 基本类型 DLL ? Microsoft Corporation. All rights reserved. -6c850000 : C:\Windows\System32\CoreUIComponents.dll 10.0.19041.546 - Microsoft Core UI Components Dll ? Microsoft Corporation. All rights reserved. -6cad0000 : C:\Windows\System32\CoreMessaging.dll 10.0.19041.867 - Microsoft CoreMessaging Dll ? Microsoft Corporation. All rights reserved. -6cb70000 : C:\Windows\System32\TextInputFramework.dll 10.0.19041.1151 - "TextInputFramework.DYNLINK" ? Microsoft Corporation. All rights reserved. -6cc50000 : C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984\COMCTL32.dll 6.10.19041.1110 - 用户体验控件库 ? Microsoft Corporation. All rights reserved. -6ce60000 : C:\WINDOWS\SYSTEM32\ntmarta.dll 10.0.19041.546 - Windows NT MARTA 提供程序 ? Microsoft Corporation. All rights reserved. -70ba0000 : C:\WINDOWS\system32\rsaenh.dll 10.0.19041.1052 - Microsoft Enhanced Cryptographic Provider ? Microsoft Corporation. All rights reserved. -70bd0000 : C:\WINDOWS\SYSTEM32\CRYPTSP.dll 10.0.19041.546 - Cryptographic Service Provider API ? Microsoft Corporation. All rights reserved. -74020000 : C:\WINDOWS\system32\uxtheme.dll 10.0.19041.1081 - Microsoft UxTheme 库 ? Microsoft Corporation. All rights reserved. -740a0000 : C:\WINDOWS\SYSTEM32\UMPDC.dll -740b0000 : C:\WINDOWS\SYSTEM32\powrprof.dll 10.0.19041.546 - 电源配置文件帮助程序 DLL ? Microsoft Corporation. All rights reserved. -74100000 : C:\WINDOWS\SYSTEM32\winhttp.dll 10.0.19041.1151 - Windows HTTP 服务 ? Microsoft Corporation. All rights reserved. -741d0000 : C:\WINDOWS\SYSTEM32\MSVCP140.dll 14.29.30133.0 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -74460000 : C:\WINDOWS\SYSTEM32\VERSION.dll 10.0.19041.546 - Version Checking and File Installation Libraries ? Microsoft Corporation. All rights reserved. -744a0000 : C:\WINDOWS\SYSTEM32\ntshrui.dll 10.0.19041.844 - 用于共享的外壳扩展 ? Microsoft Corporation. All rights reserved. -74500000 : C:\Windows\System32\Windows.UI.dll 10.0.19041.746 - Windows Runtime UI Foundation DLL ? Microsoft Corporation. All rights reserved. -74600000 : C:\WINDOWS\SYSTEM32\WINMM.dll 10.0.19041.546 - MCI API DLL ? Microsoft Corporation. All rights reserved. -74630000 : C:\WINDOWS\SYSTEM32\PROPSYS.dll 7.0.19041.1023 - Microsoft 属性系统 ? Microsoft Corporation. All rights reserved. -749a0000 : C:\Windows\System32\wups.dll 10.0.19041.1151 - Windows Update client proxy stub ? Microsoft Corporation. All rights reserved. -749b0000 : C:\WINDOWS\SYSTEM32\ColorAdapterClient.dll 10.0.19041.546 - Microsoft Color Adapter Client ? Microsoft Corporation. All rights reserved. -749c0000 : C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll 14.29.30133.0 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -749e0000 : C:\WINDOWS\SYSTEM32\QUARTZ.dll 10.0.19041.746 - DirectShow Runtime. ? Microsoft Corporation. All rights reserved. -74bd0000 : C:\WINDOWS\SYSTEM32\cscapi.dll 10.0.19041.546 - Offline Files Win32 API ? Microsoft Corporation. All rights reserved. -74be0000 : C:\WINDOWS\SYSTEM32\LINKINFO.dll 10.0.19041.546 - Windows Volume Tracking ? Microsoft Corporation. All rights reserved. -74bf0000 : C:\Windows\System32\WindowManagementAPI.dll -74c70000 : C:\Windows\System32\ShellCommonCommonProxyStub.dll 10.0.19041.546 - ShellCommon Common Proxy Stub ? Microsoft Corporation. All rights reserved. -74ce0000 : C:\Windows\System32\ActXPrxy.dll 10.0.19041.844 - ActiveX Interface Marshaling Library ? Microsoft Corporation. All rights reserved. -74d70000 : C:\WINDOWS\SYSTEM32\policymanager.dll 10.0.19041.1151 - Policy Manager DLL ? Microsoft Corporation. All rights reserved. -74e00000 : C:\WINDOWS\System32\npmproxy.dll 10.0.19041.546 - Network List Manager Proxy ? Microsoft Corporation. All rights reserved. -74e10000 : C:\WINDOWS\SYSTEM32\TextShaping.dll -74eb0000 : C:\WINDOWS\System32\netprofm.dll 10.0.19041.746 - Network List Manager ? Microsoft Corporation. All rights reserved. -74ef0000 : C:\Windows\System32\OneCoreCommonProxyStub.dll 10.0.19041.1081 - OneCore Common Proxy Stub ? Microsoft Corporation. All rights reserved. -74f30000 : C:\WINDOWS\system32\msimg32.dll 10.0.19041.546 - GDIEXT Client DLL ? Microsoft Corporation. All rights reserved. -74f60000 : C:\Windows\System32\usoapi.dll 10.0.19041.1151 - Update Session Orchestrator API ? Microsoft Corporation. All rights reserved. -74f80000 : C:\WINDOWS\system32\pdh.dll 10.0.19041.906 - Windows 性能数据助手 DLL ? Microsoft Corporation. All rights reserved. -74fd0000 : C:\WINDOWS\system32\twinapi.dll 10.0.19041.844 - twinapi ? Microsoft Corporation. All rights reserved. -75060000 : C:\WINDOWS\SYSTEM32\profapi.dll 10.0.19041.844 - User Profile Basic API ? Microsoft Corporation. All rights reserved. -75080000 : C:\WINDOWS\SYSTEM32\Wldp.dll 10.0.19041.662 - Windows 锁定策略 ? Microsoft Corporation. All rights reserved. -750b0000 : C:\WINDOWS\SYSTEM32\windows.storage.dll 10.0.19041.1151 - Microsoft WinRT Storage API ? Microsoft Corporation. All rights reserved. -756c0000 : C:\WINDOWS\System32\perfos.dll 10.0.19041.488 - Windows 系统性能对象 DLL ? Microsoft Corporation. All rights reserved. -756d0000 : C:\WINDOWS\SYSTEM32\SspiCli.dll 10.0.19041.906 - Security Support Provider Interface ? Microsoft Corporation. All rights reserved. -75700000 : C:\WINDOWS\SYSTEM32\kernel.appcore.dll 10.0.19041.546 - AppModel API Host ? Microsoft Corporation. All rights reserved. -75710000 : C:\WINDOWS\SYSTEM32\CRYPTBASE.dll 10.0.19041.546 - Base cryptographic API DLL ? Microsoft Corporation. All rights reserved. -75720000 : C:\WINDOWS\SYSTEM32\MSASN1.dll 10.0.19041.546 - ASN.1 Runtime APIs ? Microsoft Corporation. All rights reserved. -75730000 : C:\Windows\System32\rasadhlp.dll 10.0.19041.546 - Remote Access AutoDial Helper ? Microsoft Corporation. All rights reserved. -75740000 : C:\WINDOWS\System32\fwpuclnt.dll 10.0.19041.964 - FWP/IPsec 用户模式 API ? Microsoft Corporation. All rights reserved. -757a0000 : C:\WINDOWS\System32\winrnr.dll 10.0.19041.546 - LDAP RnR Provider DLL ? Microsoft Corporation. All rights reserved. -757b0000 : C:\WINDOWS\system32\wshbth.dll 10.0.19041.546 - Windows Sockets Helper DLL ? Microsoft Corporation. All rights reserved. -757c0000 : C:\WINDOWS\SYSTEM32\DNSAPI.dll 10.0.19041.1151 - DNS 客户端 API DLL ? Microsoft Corporation. All rights reserved. -75860000 : C:\WINDOWS\system32\mswsock.dll 10.0.19041.546 - Microsoft Windows Sockets 2.0 服务提供程序 ? Microsoft Corporation. All rights reserved. -758c0000 : C:\WINDOWS\system32\NLAapi.dll 10.0.19041.546 - Network Location Awareness 2 ? Microsoft Corporation. All rights reserved. -758e0000 : C:\WINDOWS\system32\pnrpnsp.dll 10.0.19041.546 - PNRP 命名空间提供程序 ? Microsoft Corporation. All rights reserved. -75900000 : C:\WINDOWS\system32\napinsp.dll 10.0.19041.546 - 电子邮件命名填充提供程序 ? Microsoft Corporation. All rights reserved. -75920000 : C:\WINDOWS\SYSTEM32\iphlpapi.dll 10.0.19041.546 - IP 帮助程序 API ? Microsoft Corporation. All rights reserved. -75a30000 : C:\WINDOWS\SYSTEM32\USERENV.dll 10.0.19041.572 - Userenv ? Microsoft Corporation. All rights reserved. -75b10000 : C:\WINDOWS\System32\normaliz.dll 10.0.19041.546 - Unicode Normalization DLL ? Microsoft Corporation. All rights reserved. -75b20000 : C:\WINDOWS\System32\CRYPT32.dll 10.0.19041.844 - 加密 API32 ? Microsoft Corporation. All rights reserved. -75c30000 : C:\WINDOWS\System32\ole32.dll 10.0.19041.746 - 用于 Windows 的 Microsoft OLE ? Microsoft Corporation. All rights reserved. -75d20000 : C:\WINDOWS\System32\RPCRT4.dll 10.0.19041.1081 - 远程过程调用运行时 ? Microsoft Corporation. All rights reserved. -75de0000 : C:\WINDOWS\System32\SETUPAPI.dll 10.0.19041.1151 - Windows 安装程序 API ? Microsoft Corporation. All rights reserved. -76280000 : C:\WINDOWS\System32\ADVAPI32.dll 10.0.19041.1052 - 高级 Windows 32 基本 API ? Microsoft Corporation. All rights reserved. -76300000 : C:\WINDOWS\System32\WS2_32.dll 10.0.19041.546 - Windows Socket 2.0 32 位 DLL ? Microsoft Corporation. All rights reserved. -76370000 : C:\WINDOWS\System32\MSCTF.dll 10.0.19041.1081 - MSCTF 服务器 DLL ? Microsoft Corporation. All rights reserved. -76450000 : C:\WINDOWS\System32\GDI32.dll 10.0.19041.746 - GDI Client DLL ? Microsoft Corporation. All rights reserved. -76480000 : C:\WINDOWS\System32\msvcrt.dll 7.0.19041.546 - Windows NT CRT DLL ? Microsoft Corporation. All rights reserved. -76540000 : C:\WINDOWS\System32\gdi32full.dll 10.0.19041.1110 - GDI Client DLL ? Microsoft Corporation. All rights reserved. -76620000 : C:\WINDOWS\System32\sechost.dll 10.0.19041.906 - Host for SCM/SDDL/LSA Lookup APIs ? Microsoft Corporation. All rights reserved. -766a0000 : C:\WINDOWS\System32\KERNELBASE.dll 10.0.19041.1151 - Windows NT 基本 API 客户端 DLL ? Microsoft Corporation. All rights reserved. -768c0000 : C:\WINDOWS\System32\OLEAUT32.dll 10.0.19041.985 - OLEAUT32.DLL ? Microsoft Corporation. All rights reserved. -76960000 : C:\WINDOWS\System32\bcryptPrimitives.dll 10.0.19041.1023 - Windows Cryptographic Primitives Library ? Microsoft Corporation. All rights reserved. -769c0000 : C:\WINDOWS\System32\SHELL32.dll 10.0.19041.1151 - Windows Shell 公用 DLL ? Microsoft Corporation. All rights reserved. -76f80000 : C:\WINDOWS\System32\clbcatq.dll 2001.12.10941.16384 - COM+ Configuration Catalog ? Microsoft Corporation. All rights reserved. -77000000 : C:\WINDOWS\System32\comdlg32.dll 10.0.19041.906 - Common Dialogs DLL ? Microsoft Corporation. All rights reserved. -770b0000 : C:\WINDOWS\System32\shcore.dll 10.0.19041.1023 - SHCORE ? Microsoft Corporation. All rights reserved. -77140000 : C:\WINDOWS\System32\msvcp_win.dll 10.0.19041.789 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -771c0000 : C:\WINDOWS\System32\win32u.dll 10.0.19041.1151 - Win32u ? Microsoft Corporation. All rights reserved. -771e0000 : C:\WINDOWS\System32\ucrtbase.dll 10.0.19041.789 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -77300000 : C:\WINDOWS\System32\imagehlp.dll 10.0.19041.546 - Windows NT Image Helper ? Microsoft Corporation. All rights reserved. -77320000 : C:\WINDOWS\System32\combase.dll 10.0.19041.1081 - 用于 Windows 的 Microsoft COM ? Microsoft Corporation. All rights reserved. -77610000 : C:\WINDOWS\System32\cfgmgr32.dll 10.0.19041.1151 - Configuration Manager DLL ? Microsoft Corporation. All rights reserved. -77650000 : C:\WINDOWS\System32\IMM32.DLL 10.0.19041.546 - Multi-User Windows IMM32 API Client DLL ? Microsoft Corporation. All rights reserved. -777f0000 : C:\WINDOWS\System32\KERNEL32.DLL 10.0.19041.1151 - Windows NT 基本 API 客户端 DLL ? Microsoft Corporation. All rights reserved. -778e0000 : C:\WINDOWS\System32\bcrypt.dll 10.0.19041.1023 - Windows 加密基元库 ? Microsoft Corporation. All rights reserved. -77900000 : C:\WINDOWS\System32\NSI.dll 10.0.19041.610 - NSI User-mode interface DLL ? Microsoft Corporation. All rights reserved. -77910000 : C:\WINDOWS\System32\USER32.dll 10.0.19041.1151 - 多用户 Windows 用户 API 客户端 DLL ? Microsoft Corporation. All rights reserved. -77b10000 : C:\WINDOWS\System32\SHLWAPI.dll 10.0.19041.1023 - 外壳简易实用工具库 ? Microsoft Corporation. All rights reserved. ==> -77bc0000 : C:\WINDOWS\SYSTEM32\ntdll.dll 10.0.19041.1110 - NT 层 DLL ? Microsoft Corporation. All rights reserved. Registers: EAX 07b7f400 EBX 02d90200 ECX 07b7f430 EDX 77ce3960 ESI 00000002 EDI 0493db68 DS 002b ES 002b FS 0053 GS 002b SS/ESP/EBP 002b/07b7f3d8/07b7f410 CS/EIP 0023/77ca6c23 EFlags 00000246 (Parity,Zero,Interrupt) Stack Dump: 33558af6 0493db68 00000002 02d90200 00000000 00000000 00000000 00000000 07b7f3d8 00000000 07b7f494 77c3ad20 432eabb6 00000000 07b7f4a4 77ca6bfb 33558a42 0493db68 00000002 02d90200 77ce3960 c0000374 c0000374 00000001 00000000 77ca6c23 00000001 77ce3960 00000000 00000000 0000001c 07b7f47c 07b80000 00000000 0000001c 07b7f438 00000000 07b7f4d0 77c3ad20 432ebb2e fffffffe 07b7f4a0 77c1c041 77ce3990 33558a42 07b7f418 00000002 07b7f4d0 77c3ad20 432eab96 fffffffe 07b7f4e0 77cafcc4 00000001 77ce3990 77cadbb9 33558a06 0493db68 0493db70 02d90200 07b7f4b8 07b7f504 07b7f614 77c3ad20 CallStack Trace: 00 : 77ca6c23/000e5c23 [33558a42,0493db68,00000002,02d90200] @ ntdll.dll (RtlIsZeroMemory->0xf3) 01 : 77ca6bfb/000e5bfb [00000001,77ce3990,77cadbb9,33558a06] @ ntdll.dll (RtlIsZeroMemory->0xcb) 02 : 77cafcc4/000eecc4 [00000008,02d90100,0493db70,00000000] @ ntdll.dll (RtlpNtSetValueKey->0x27c4) 03 : 77cb6030/000f5030 [0493db70,0493db68,00000000,00000000] @ ntdll.dll (RtlpNtSetValueKey->0x8b30) 04 : 77cbf685/000fe685 [0493db70,00000000,07b7f548,02d90000] @ ntdll.dll (RtlpNtSetValueKey->0x12185) 05 : 77cbbad9/000faad9 [00000000,0493db70,02d90000,00000000] @ ntdll.dll (RtlpNtSetValueKey->0xe5d9) 06 : 77cb8838/000f7838 [00000000,00000000,00000000,0493db70] @ ntdll.dll (RtlpNtSetValueKey->0xb338) 07 : 77c471d5/000861d5 [00000000,00000000,00000000,335588c2] @ ntdll.dll (RtlGetNtGlobalFlags->0x65) 08 : 77c8d5b4/000cc5b4 [00000000,0493db70,0493db70,00000000] @ ntdll.dll (RtlImageRvaToVa->0x104) 09 : 77c569e5/000959e5 [02d90000,00000000,0493db70,0493db70] @ ntdll.dll (RtlCaptureStackContext->0xdda5) 10 : 007e4510/003e3510 [0493db70,07b7f6a4,006399bd,0493db70] @ ssp.exe (free 007e4436 f libcmt:free.obj->0xda) 11 : 0047cf5c/0007bf5c [0493db70,008d95b4,0000034c,07b7f6bc] @ ssp.exe (JSocketManager::InitSSL->0x5dc) 12 : 006399bd/002389bd [0493db70,008d95b4,0000034c,0493db70] @ ssp.exe (CRYPTO_free 006399a0 f libcrypto:libcrypto-lib-mem.obj->0x1d) 13 : 006399fa/002389fa [0493db70,00000314,008d95b4,0000034c] @ ssp.exe (CRYPTO_clear_free 006399d0 f libcrypto:libcrypto-lib-mem.obj->0x2a) 14 : 00789055/00388055 [0493db70,00000006,00000000,02ec5c38] @ ssp.exe (SSL_SESSION_free 00788f40 f libssl:libssl-lib-ssl_sess.obj->0x115) 15 : 00480a15/0007fa15 [042d2928,00000001,02ec5c38,00000000] @ ssp.exe (JSocket::ProcessX509Info->0x4c5) 16 : 00480e5b/0007fe5b [0492ce38,00000000,00000001,00000006] @ ssp.exe (JSocket::SSLProcessAfterConnect->0x4b) 17 : 0047e530/0007d530 [0085d240,00000006,00000000,00000000] @ ssp.exe (JSocket::send_wrapper->0x100) 18 : 0047f72c/0007e72c [0085d240,00000006,02ec5c38,02ec5ad0] @ ssp.exe (JSocket::Send->0x3c) 19 : 0047f6df/0007e6df [0085d240,00000000,02ec5ad0,005294ea] @ ssp.exe (JSocket::SendString->0x1f) 20 : 00527e09/00126e09 [02ec9c38,02ec5ad0,07b7fef0,0052aa78] @ ssp.exe (SPPopAccount::Logout->0x59) 21 : 0052919f/0012819f [04214748,02ec9c38,02ea2958,00000000] @ ssp.exe (SPPopAccount::CheckMail->0x1f) 22 : 0052aa78/00129a78 [02ea2958,7780e7b0,02ed4548,00000001] @ ssp.exe (SPPop::LoopMain->0x448) 23 : 0052a613/00129613 [007e796a,0427e430,0427e430,00000000] @ ssp.exe (SPPop::Loop->0x33) 24 : 0048d147/0008c147 [02ea29f8,007e796a,007e796a,0427e430] @ ssp.exe (JWinThread::SetInterval->0xf7) 25 : 007e79f3/003e69f3 [0427e430,7780fa10,07b7ffdc,77c27a7e] @ ssp.exe (_beginthreadex 007e78ff f libcmt:threadex.obj->0xf4) 26 : 7780fa29/0000fa29 [0427e430,3355813a,00000000,00000000] @ KERNEL32.DLL (BaseThreadInitThunk->0x19) 27 : 77c27a7e/00066a7e [ffffffff,77c48a35,00000000,00000000] @ ntdll.dll (RtlGetAppContainerNamedObjectPath->0x11e) 28 : 77c27a4e/00066a4e [007e796a,0427e430,00000000,00000000] @ ntdll.dll (RtlGetAppContainerNamedObjectPath->0xee) Total StackDepth : 29