SPDebugger/2.17.24106.A Exception Raised at 0082fbc3 because ACCESS_VIOLATION (#c0000005) ->Reading 003d0030 Data Windows NT 10.0.22000 UAC: Enabled,Limited Time: 2022/5/4 14:31:06.546 Phys.Mem: 7468/16164MB PageFile: 9334/24100MB CPU : Intel 0.6.14.10 2904MHz Features:MMX SSE HT AES-NI (Intel(R) Core(TM) i9-8950HK CPU @ 2.90GHz) Package:1 Node:1 Core:6 Thread:12 SSP/2.5.99 (20220503-28; Windows NT 10.0.22000) Volume Information: C:\ Fixed [ 237863MB Free | 487058MB Total | 48%] (NTFS,Normal) D:\ Fixed [ 64865MB Free | 944262MB Total | 6%] (NTFS,Normal) E:\ Fixed [ 489MB Free | 548MB Total | 89%] (NTFS,Normal) G:\ Removable Monitor Information: 0: \\.\DISPLAY1 - Work=0,0,1536,816 Size=1536x864 [PRIMARY] Env. Variables: =::=::\ =C:=C:\ssp\ghost\Taromati2\ghost\master ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\RobertYyx\AppData\Roaming CommonProgramFiles=C:\Program Files (x86)\Common Files CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files CommonProgramW6432=C:\Program Files\Common Files COMPUTERNAME=ROBERTYYX ComSpec=C:\WINDOWS\system32\cmd.exe DriverData=C:\Windows\System32\Drivers\DriverData FPS_BROWSER_APP_PROFILE_STRING=Internet Explorer FPS_BROWSER_USER_PROFILE_STRING=Default HOMEDRIVE=C: HOMEPATH=\Users\RobertYyx INTEL_DEV_REDIST=C:\Program Files (x86)\Common Files\Intel\Shared Libraries\ JAVA11_HOME=C:\Program Files\Java\jdk-11.0.15 JAVA17_HOME=C:\Program Files\Java\jdk-17.0.3 JAVA18_HOME=C:\Program Files\Java\jdk-18.0.1 JAVA8_HOME=C:\Program Files\Java\jdk1.8.0_331 JAVA_HOME=C:\Program Files\Java\jdk1.8.0_331 LOCALAPPDATA=C:\Users\RobertYyx\AppData\Local LOGONSERVER=\\ROBERTYYX MIC_LD_LIBRARY_PATH=C:\Program Files (x86)\Common Files\Intel\Shared Libraries\compiler\lib\mic NUMBER_OF_PROCESSORS=12 OneDrive=C:\Users\RobertYyx\OneDrive OneDriveConsumer=C:\Users\RobertYyx\OneDrive OS=Windows_NT Path=C:\ssp\;C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\VMware\VMware Workstation\bin\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Bandizip\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Git\cmd;C:\Program Files\Java\jdk1.8.0_331\bin;%JAVE_HOME%\jre\bin;C:\Program Files (x86)\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\DTS\Binn\;C:\Program Files (x86)\Hyenae;C:\Program Files\PuTTY\;C:\Program Files (x86)\NetSarang\Xshell 7\;C:\Program Files (x86)\NetSarang\Xftp 7\;C:\Program Files\IDM Computer Solutions\UltraEdit;C:\Program Files\IDM Computer Solutions\UltraCompare;C:\Program Files\IDM Computer Solutions\UltraFinder;C:\Program Files\IDM Computer Solutions\UEStudio;C:\Program Files\IDM Computer Solutions\UltraFTP;C:\Users\RobertYyx\AppData\Local\Programs\Python\Python310\Scripts\;C:\Users\RobertYyx\AppData\Local\Programs\Python\Python310\;C:\Users\RobertYyx\AppData\Local\Microsoft\WindowsApps;;C:\Users\RobertYyx\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\RobertYyx\.dotnet\tools;C:\Users\RobertYyx\AppData\Local\Programs\Fiddler;C:\Program Files (x86)\mitmproxy\bin PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE=x86 PROCESSOR_ARCHITEW6432=AMD64 PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 158 Stepping 10, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=9e0a ProgramData=C:\ProgramData ProgramFiles=C:\Program Files (x86) ProgramFiles(x86)=C:\Program Files (x86) ProgramW6432=C:\Program Files PSModulePath=C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules;C:\Program Files (x86)\Microsoft SQL Server\150\Tools\PowerShell\Modules\ PUBLIC=C:\Users\Public SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\Users\ROBERT~1\AppData\Local\Temp TMP=C:\Users\ROBERT~1\AppData\Local\Temp USERDOMAIN=ROBERTYYX USERDOMAIN_ROAMINGPROFILE=ROBERTYYX USERNAME=RobertYyx0 USERPROFILE=C:\Users\RobertYyx windir=C:\WINDOWS ZES_ENABLE_SYSMAN=1 Loaded Drivers: -44650000 : hal.dll -44660000 : kd.dll -44670000 : tm.sys -446a0000 : CLFS.SYS -44710000 : PSHED.dll -44730000 : BOOTVID.dll -44740000 : clipsp.sys -44860000 : FLTMGR.SYS -448e0000 : ksecdd.sys -44910000 : msrpc.sys -44980000 : cmimcext.sys -44990000 : werkernel.sys -449b0000 : ntosext.sys -449c0000 : WDFLDR.SYS -449e0000 : PRM.sys -449f0000 : acpiex.sys -44e30000 : CI.dll -44f20000 : cng.sys -44fe0000 : WppRecorder.sys -47000000 : ntoskrnl.exe -4a400000 : Wdf01000.sys -4a4e0000 : mssecflt.sys -4a540000 : SgrmAgent.sys -4a560000 : lxss.sys -4a570000 : LXCORE.SYS -4a690000 : ACPI.sys -4a760000 : WMILIB.SYS -4a770000 : msisadrv.sys -4a780000 : pci.sys -4a810000 : tpm.sys -4a870000 : intelpep.sys -4a8f0000 : WindowsTrustedRT.sys -4a910000 : IntelPMT.sys -4a930000 : WindowsTrustedRTProxy.sys -4a940000 : pcw.sys -4a960000 : vdrvroot.sys -4a980000 : pdc.sys -4a9b0000 : CEA.sys -4a9d0000 : partmgr.sys -4aa10000 : spaceport.sys -4aae0000 : volmgr.sys -4ab00000 : volmgrx.sys -4ab70000 : vsock.sys -4ab90000 : vmci.sys -4abb0000 : mountmgr.sys -4abd0000 : stornvme.sys -4ac10000 : storport.sys -4ad00000 : iaStorAC.sys -4b8f0000 : EhStorClass.sys -4b920000 : fileinfo.sys -4b940000 : Wof.sys -4b990000 : Ntfs.sys -4bcb0000 : Fs_Rec.sys -4bcc0000 : ndis.sys -4be50000 : NETIO.SYS -4bef0000 : fse.sys -4bf20000 : fwpkclnt.sys -4bfb0000 : ksecpkg.sys -4bff0000 : tcpip.sys -4c310000 : wfplwfs.sys -4c350000 : VmsProxy.sys -4c360000 : VmsProxyHNic.sys -4c370000 : fvevol.sys -4c450000 : volume.sys -4c460000 : volsnap.sys -4c4e0000 : rdyboost.sys -4c530000 : mup.sys -4c560000 : iorate.sys -4c5a0000 : hrdevmon_win10.sys -4c5b0000 : disk.sys -4c5d0000 : CLASSPNP.SYS -4ca40000 : cdrom.sys -4ca80000 : filecrypt.sys -4caa0000 : tbs.sys -4cab0000 : Null.SYS -4cac0000 : Beep.SYS -4cad0000 : vmkbd.sys -4cae0000 : dxgkrnl.sys -4cf50000 : watchdog.sys -4cf70000 : BasicDisplay.sys -4cf90000 : BasicRender.sys -4cfb0000 : Npfs.SYS -4cfd0000 : Msfs.SYS -4cff0000 : CimFS.SYS -4d020000 : sysdiag_win10.sys -4d0c0000 : tdx.sys -4d0f0000 : TDI.SYS -4d110000 : ws2ifsl.sys -4d120000 : netbt.sys -4d180000 : afunix.sys -4d1a0000 : afd.sys -4d250000 : vwififlt.sys -4d270000 : pacer.sys -4d2a0000 : ndiscap.sys -4d2c0000 : netbios.sys -4d2e0000 : Vid.sys -4d3a0000 : winhvr.sys -4d3d0000 : rdbss.sys -4d450000 : csc.sys -4d4f0000 : ViGEmBus.sys -4d520000 : nsiproxy.sys -4d540000 : npsvctrig.sys -4d550000 : mssmbios.sys -4d570000 : gpuenergydrv.sys -4d580000 : dfsc.sys -4d5e0000 : fastfat.SYS -4d650000 : bam.sys -4d670000 : ahcache.sys -4d730000 : crashdmp.sys -4e800000 : mouclass.sys -4e820000 : mrxsmb.sys -4e9c0000 : vmbusr.sys -4ea10000 : hvsocket.sys -4ea40000 : vmbkmclr.sys -4ea70000 : hvservice.sys -4ea90000 : IntcDAud.sys -4eaf0000 : hidusb.sys -4eb10000 : usbccgp.sys -4eb70000 : usbvideo.sys -4ebd0000 : mouhid.sys -5b000000 : VCam_WDM.sys -5b110000 : buttonconverter.sys -5b130000 : UsbHub3.sys -5b1e0000 : kbdclass.sys -5b210000 : vmswitch.sys -5b4a0000 : teamviewervpn.sys -5b4b0000 : vmnetadapter.sys -5b4c0000 : VMNET.SYS -5b4d0000 : CompositeBus.sys -5b4f0000 : kdnic.sys -5b500000 : vkrnlintvsp.sys -5b510000 : umbus.sys -5b530000 : CAD.sys -5b550000 : HdAudio.sys -5b5d0000 : kbdhid.sys -62800000 : Netwtw08.sys -630e0000 : portcls.sys -63160000 : drmk.sys -63190000 : ks.sys -63220000 : iaLPSS2_GPIO2_CNL.sys -63250000 : msgpioclx.sys -63290000 : intelppm.sys -632e0000 : umpass.sys -632f0000 : CmBatt.sys -63310000 : BATTC.SYS -63330000 : HidEventFilter.sys -63350000 : mshidkmdf.sys -63360000 : HIDCLASS.SYS -633b0000 : HIDPARSE.SYS -633d0000 : UcmUcsiAcpiClient.sys -633f0000 : UcmUcsiCx.sys -63420000 : UcmCx.sys -63460000 : vrtaucbl.sys -634a0000 : storvsp.sys -634e0000 : NdisVirtualBus.sys -634f0000 : swenum.sys -63500000 : dddriver64Dcsa.sys -63510000 : ssdevfactory.sys -63520000 : nvlddmkm.sys -65b20000 : rdpbus.sys -65b30000 : VAud_WDM.sys -65b50000 : SteelSeries-Sonar-VAD.sys -65b70000 : USBD.SYS -65b80000 : UEFI.sys -65ba0000 : vpcivsp.sys -65be0000 : ksthunk.sys -65bf0000 : sshid.sys -70600000 : wdiwifi.sys -70700000 : vwifibus.sys -70710000 : iaLPSS2_I2C_CNL.sys -70750000 : SpbCx.sys -70770000 : TeeDriverW10x64.sys -707c0000 : e2xw10x64.sys -707f0000 : dptf_acpi.sys -70810000 : HDAudBus.sys -70840000 : wmiacpi.sys -70850000 : igdkmd64.sys -732e0000 : dptf_cpu.sys -73300000 : USBXHCI.SYS -733a0000 : ucx01000.sys -733f0000 : acpipagr.sys -7ee00000 : mrxsmb20.sys -7ee50000 : tsusbhub.sys -7ee80000 : ibtusb.sys -7f5c0000 : BTHUSB.sys -7f5e0000 : mpsdrv.sys -7f600000 : dxgmms2.sys -7f710000 : monitor.sys -7f730000 : esif_lf.sys -7f7a0000 : WUDFRd.sys -7f800000 : WinUSB.SYS -7f830000 : rdpvideominiport.sys -7f840000 : mmcss.sys -7f860000 : luafv.sys -7f890000 : wcifs.sys -7f8d0000 : cldflt.sys -7f960000 : prjflt.sys -7f9b0000 : WpdUpFltr.sys -7f9c0000 : rdpdr.sys -7f9f0000 : storqosflt.sys -7fa10000 : condrv.sys -7fa30000 : mslldp.sys -7fa50000 : MessageTransfer.sys -7fe00000 : bindflt.sys -7fe30000 : bowser.sys -7fe60000 : msquic.sys -7ff00000 : BTHport.sys -800e0000 : USBSTOR.SYS -80120000 : dump_dumpstorport.sys -80170000 : dump_stornvme.sys -801d0000 : dump_dumpfve.sys -ca200000 : rspndr.sys -ca220000 : vmnetuserif.sys -ca230000 : wanarp.sys -ca250000 : nwifi.sys -ca310000 : ndisuio.sys -ca330000 : vmx86.sys -ca360000 : hvsocketcontrol.sys -ca370000 : hcmon.sys -ca390000 : srvnet.sys -cafe0000 : HTTP.sys -cb180000 : hrwfpdrv_win10.sys -cb1c0000 : vmnetbridge.sys -cb1e0000 : lltdio.sys -d8e00000 : Ndu.sys -d8e30000 : npf.sys -d8e40000 : tcpipreg.sys -d8e60000 : vstor2-x64.sys -d8e70000 : srv2.sys -d8f40000 : vwifimp.sys -d8f60000 : xvdd.sys -d9050000 : gameflt.sys -d9070000 : winnat.sys -d90c0000 : vhdparser.sys -d90e0000 : FsDepends.sys -d9100000 : vhdmp.sys -d9220000 : IUProcessFilter.sys -d9230000 : IURegistryFilter.sys -d9240000 : IUFileFilter.sys -d95e0000 : KfeCo10X64.sys -da8d0000 : idmwfp.sys -da910000 : peauth.sys -e3600000 : win32kbase.sys -e3950000 : win32kfull.sys -e3d10000 : cdd.dll -e3f30000 : win32k.sys Executing Processes: [With ToolHelp32] -00000000 : [System Process] (24 Threads.) -00000004 : System (259 Threads.) -00000088 : Secure System (0 Threads.) -000000d0 : Registry (4 Threads.) -000002d0 : smss.exe (2 Threads.) -0000038c : csrss.exe (11 Threads.) -000003ec : wininit.exe (1 Threads.) -000003f4 : csrss.exe (16 Threads.) -00000318 : services.exe (9 Threads.) -00000358 : LsaIso.exe (1 Threads.) -00000374 : lsass.exe (10 Threads.) -00000464 : svchost.exe (20 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000480 : fontdrvhost.exe (5 Threads.) -00000488 : WUDFHost.exe (12 Threads.) -000004e8 : svchost.exe (11 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000051c : svchost.exe (5 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000558 : WUDFHost.exe (8 Threads.) -000005cc : winlogon.exe (3 Threads.) -00000604 : fontdrvhost.exe (5 Threads.) -00000654 : dwm.exe (27 Threads.) -000006a0 : svchost.exe (33 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000006b0 : svchost.exe (1 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000006b8 : svchost.exe (3 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000074c : svchost.exe (4 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000754 : svchost.exe (3 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000778 : svchost.exe (2 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000784 : svchost.exe (8 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000007d4 : IntelCpHDCPSvc.exe (3 Threads.) -000007dc : svchost.exe (10 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000404 : svchost.exe (6 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000408 : svchost.exe (3 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000824 : svchost.exe (15 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000874 : svchost.exe (6 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000008f8 : IntelCpHeciSvc.exe (3 Threads.) -00000904 : svchost.exe (5 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000009c8 : helperservice.exe (1 Threads.) -000009fc : WUDFHost.exe (8 Threads.) -00000a0c : svchost.exe (2 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000a78 : svchost.exe (23 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000ae4 : svchost.exe (4 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000b0c : svchost.exe (14 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000b14 : HipsDaemon.exe (69 Threads.) -00000b24 : svchost.exe (3 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000b8c : vmms.exe (12 Threads.) -00000b98 : svchost.exe (3 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000948 : svchost.exe (11 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000c48 : svchost.exe (14 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000c8c : svchost.exe (6 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000cd8 : svchost.exe (1 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000d78 : svchost.exe (4 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000da0 : conhost.exe (4 Threads.) -00000db0 : svchost.exe (1 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000e28 : svchost.exe (15 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000e8c : svchost.exe (4 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000eac : NVDisplay.Container.exe (10 Threads.) -00000ef8 : svchost.exe (5 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000f00 : svchost.exe (7 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000f38 : svchost.exe (2 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000f44 : svchost.exe (6 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000f3c : svchost.exe (2 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000fa4 : igfxCUIService.exe (2 Threads.) -00000fbc : Memory Compression (58 Threads.) -00000c88 : svchost.exe (2 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000648 : svchost.exe (8 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000f80 : svchost.exe (4 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000010ec : NVDisplay.Container.exe (31 Threads.) -00001130 : svchost.exe (2 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001168 : svchost.exe (1 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000011bc : usysdiag.exe (26 Threads.) -00001234 : svchost.exe (4 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001298 : svchost.exe (8 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000012c0 : GroupySrv.exe (3 Threads.) -00001330 : wsctrlsvc.exe (3 Threads.) -00001338 : svchost.exe (3 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001340 : svchost.exe (6 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000010c4 : svchost.exe (17 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000119c : svchost.exe (8 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000012fc : spoolsv.exe (7 Threads.) -000014ac : armsvc.exe (2 Threads.) -00001500 : svchost.exe (1 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000150c : FNPLicensingService.exe (11 Threads.) -00001514 : AGSService.exe (2 Threads.) -0000151c : svchost.exe (9 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001528 : OfficeClickToRun.exe (20 Threads.) -00001534 : AGMService.exe (3 Threads.) -0000153c : KillerAnalyticsService.exe (5 Threads.) -0000154c : esif_uf.exe (3 Threads.) -00001554 : Everything.exe (2 Threads.) -0000155c : HPPrintScanDoctorService.exe (3 Threads.) -00001564 : ToDesk_Service.exe (15 Threads.) -00001570 : svchost.exe (20 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001580 : svchost.exe (1 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001588 : svchost.exe (6 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001590 : svchost.exe (3 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000159c : SakuraFrpService.exe (9 Threads.) -000015a8 : vmnat.exe (4 Threads.) 16.2.3.21887 - VMware NAT Service Copyright ? 1998-2022 VMware, Inc. -000015b0 : vmnetdhcp.exe (2 Threads.) 16.2.3.21887 - VMware VMnet DHCP service Copyright ? 1998-2022 VMware, Inc. -000015c0 : RtkAudUService64.exe (4 Threads.) -000015c8 : QQProtect.exe (13 Threads.) -000015e0 : kms-renewal.exe (2 Threads.) -000015e8 : pservice.exe (4 Threads.) -000015f0 : audiodg.exe (4 Threads.) -00001600 : RstMwService.exe (3 Threads.) -00001608 : TeamViewer_Service.exe (28 Threads.) -00001620 : svchost.exe (5 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001628 : svchost.exe (4 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001634 : svchost.exe (6 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000163c : OneApp.IGCC.WinService.exe (8 Threads.) -00001644 : vmware-authd.exe (4 Threads.) -0000164c : sqlwriter.exe (2 Threads.) -00001654 : LMS.exe (3 Threads.) -00001664 : vmcompute.exe (2 Threads.) -00001678 : vmware-usbarbitrator64.exe (3 Threads.) -000016b4 : KillerNetworkService.exe (14 Threads.) -00001718 : svchost.exe (5 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000017c4 : sqlservr.exe (92 Threads.) -00001810 : sqlceip.exe (14 Threads.) -00001840 : svchost.exe (1 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001a48 : svchost.exe (7 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001a94 : jhi_service.exe (6 Threads.) -00001ab0 : svchost.exe (4 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000018e0 : xTendUtilityService.exe (6 Threads.) -00001cb8 : AggregatorHost.exe (1 Threads.) -00001cf8 : wlanext.exe (1 Threads.) 10.0.22000.1 - Windows Wireless LAN 802.11 Extensibility Framework ? Microsoft Corporation. All rights reserved. -00001d6c : svchost.exe (1 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001e64 : conhost.exe (2 Threads.) -00001e94 : xTendUtility.exe (3 Threads.) -00001e9c : svchost.exe (2 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001ed8 : dasHost.exe (1 Threads.) -00001f0c : conhost.exe (4 Threads.) -0000207c : unsecapp.exe (3 Threads.) -00002104 : WmiPrvSE.exe (5 Threads.) 10.0.22000.1 - WMI Provider Host ? Microsoft Corporation. All rights reserved. -000024bc : gamingservicesnet.exe (4 Threads.) -000024cc : gamingservices.exe (15 Threads.) -00002628 : svchost.exe (1 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000026a4 : dasHost.exe (4 Threads.) -000026f4 : svchost.exe (1 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000007f8 : svchost.exe (7 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002258 : svchost.exe (12 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000029a8 : svchost.exe (4 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002a40 : dllhost.exe (4 Threads.) 10.0.22000.1 - COM Surrogate ? Microsoft Corporation. All rights reserved. -00002b68 : GroupyHelp64.exe (1 Threads.) -00002b7c : GroupyHelp32.exe (1 Threads.) -00002b84 : GroupyCtrl.exe (12 Threads.) -00002bc0 : TeamViewer.exe (32 Threads.) -00001478 : sihost.exe (14 Threads.) -00002840 : svchost.exe (7 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002538 : svchost.exe (11 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000954 : PresentationFontCache.exe (4 Threads.) -00001ffc : svchost.exe (4 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000029e4 : svchost.exe (6 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002078 : svchost.exe (3 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002adc : ctfmon.exe (14 Threads.) 10.0.22000.1 - CTF 加载程序 ? Microsoft Corporation. All rights reserved. -00000dfc : taskhostw.exe (8 Threads.) -00002cd8 : svchost.exe (8 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002d08 : igfxEM.exe (3 Threads.) -00002d64 : explorer.exe (168 Threads.) 10.0.22000.593 - Windows 资源管理器 ? Microsoft Corporation. All rights reserved. -00002df4 : svchost.exe (3 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002ef8 : ChsIME.exe (2 Threads.) -00002f3c : tv_w32.exe (2 Threads.) -00002f6c : regsvr32.exe (3 Threads.) 10.0.22000.1 - Microsoft(C) 注册服务器 ? Microsoft Corporation. All rights reserved. -00002f8c : tv_x64.exe (2 Threads.) -00002fb0 : rundll32.exe (1 Threads.) 10.0.22000.1 - Windows 主进程 (Rundll32) ? Microsoft Corporation. All rights reserved. -00002fb8 : rundll32.exe (1 Threads.) 10.0.22000.1 - Windows 主进程 (Rundll32) ? Microsoft Corporation. All rights reserved. -00002ffc : svchost.exe (12 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002d58 : ToDesk.exe (12 Threads.) -0000310c : svchost.exe (9 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003194 : GoogleCrashHandler.exe (3 Threads.) -000031b0 : GoogleCrashHandler64.exe (3 Threads.) -0000325c : StartMenuExperienceHost.exe (11 Threads.) -0000327c : SearchHost.exe (52 Threads.) -00003318 : RuntimeBroker.exe (8 Threads.) -00003348 : RuntimeBroker.exe (13 Threads.) -00003394 : svchost.exe (3 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003310 : dllhost.exe (9 Threads.) 10.0.22000.1 - COM Surrogate ? Microsoft Corporation. All rights reserved. -000034c8 : SearchIndexer.exe (17 Threads.) 7.0.22000.593 - Microsoft Windows Search 索引器 ? Microsoft Corporation. All rights reserved. -00003638 : YourPhone.exe (23 Threads.) -00003934 : TextInputHost.exe (42 Threads.) -00003a6c : SecurityHealthSystray.exe (1 Threads.) -00003aa8 : SecurityHealthService.exe (11 Threads.) -00003bf8 : RuntimeBroker.exe (1 Threads.) -00003830 : RtkAudUService64.exe (2 Threads.) -000032cc : vmmem (0 Threads.) -000038ac : HipsTray.exe (11 Threads.) -000039b0 : SteelSeriesGG.exe (29 Threads.) -00001ca0 : SteelSeriesEngine.exe (26 Threads.) -00002ec8 : acrotray.exe (2 Threads.) -00003d8c : OneDrive.exe (27 Threads.) -0000430c : steam.exe (32 Threads.) -00004364 : ApplicationFrameHost.exe (3 Threads.) -00003f68 : svchost.exe (4 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000017b4 : svchost.exe (2 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00004094 : steamwebhelper.exe (21 Threads.) -000042a0 : steamservice.exe (4 Threads.) -000041dc : svchost.exe (8 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00004118 : steamwebhelper.exe (6 Threads.) -00003ea4 : IDMan.exe (6 Threads.) -00003e2c : steamwebhelper.exe (12 Threads.) -00003cf0 : steamwebhelper.exe (11 Threads.) -00003d3c : svchost.exe (5 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00004008 : IEMonitor.exe (1 Threads.) -0000389c : fdm.exe (18 Threads.) -0000455c : Zoom.exe (28 Threads.) -000047f4 : PowerWord.exe (35 Threads.) -0000076c : CBGrabConnect_x64.exe (3 Threads.) -0000138c : EpicGamesLauncher.exe (75 Threads.) -000018bc : EpicWebHelper.exe (11 Threads.) -00003188 : Zoom.exe (20 Threads.) -00001fc8 : wallpaper32.exe (11 Threads.) -00001dec : svchost.exe (5 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000033cc : svchost.exe (10 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001b2c : Windows Desk.exe (6 Threads.) -00001e70 : YunDetectService.exe (12 Threads.) -00004858 : EpicWebHelper.exe (10 Threads.) -00004b94 : parsecd.exe (12 Threads.) -000049c0 : ShellExperienceHost.exe (18 Threads.) -00004d6c : RuntimeBroker.exe (3 Threads.) -00004dd4 : Cortana.exe (20 Threads.) -00004eac : RuntimeBroker.exe (5 Threads.) -00004ef4 : WzPreloader.exe (5 Threads.) -00004f10 : svchost.exe (15 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00004fe4 : QuickLook.exe (7 Threads.) -00005044 : snipaste.exe (6 Threads.) -000050a8 : steamwebhelper.exe (18 Threads.) -000050b4 : steamwebhelper.exe (19 Threads.) -00005170 : steamwebhelper.exe (19 Threads.) -000052b8 : RuntimeBroker.exe (1 Threads.) -000053a0 : AnLink.exe (10 Threads.) -000053fc : ShareX.exe (8 Threads.) -000051b0 : dllhost.exe (3 Threads.) 10.0.22000.1 - COM Surrogate ? Microsoft Corporation. All rights reserved. -00004a88 : RuntimeBroker.exe (1 Threads.) -000041f8 : ald.exe (6 Threads.) -00004af8 : EarTrumpet.exe (8 Threads.) -000048fc : KillerControlCenter.exe (16 Threads.) -0000087c : WindowsTerminal.exe (10 Threads.) -00004138 : RuntimeBroker.exe (1 Threads.) -00002b14 : OpenConsole.exe (5 Threads.) -000024dc : powershell.exe (9 Threads.) 10.0.22000.1 - Windows PowerShell ? Microsoft Corporation. All rights reserved. -00001084 : IGCCTray.exe (8 Threads.) -000004d8 : IGCC.exe (8 Threads.) -00002b2c : XboxAppServices.exe (9 Threads.) -00002a08 : Spotify.exe (34 Threads.) -000046dc : Rainmeter.exe (4 Threads.) -00003fe0 : Spotify.exe (6 Threads.) -00005530 : vmware-tray.exe (3 Threads.) -000055b8 : Spotify.exe (11 Threads.) -00005418 : Spotify.exe (5 Threads.) -00005490 : Spotify.exe (11 Threads.) -00005458 : CCXProcess.exe (1 Threads.) -00005444 : node.exe (22 Threads.) -00002a84 : Spotify.exe (14 Threads.) -00004444 : jusched.exe (1 Threads.) -00005804 : conhost.exe (2 Threads.) -00005908 : GameBar.exe (14 Threads.) -00005974 : GameBarFTServer.exe (2 Threads.) -000059c0 : RuntimeBroker.exe (1 Threads.) -00005aa4 : svchost.exe (1 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00005af8 : AdobeIPCBroker.exe (6 Threads.) -0000415c : aesm_service.exe (2 Threads.) -000060e0 : Dsapi.exe (17 Threads.) -00004100 : SocketHeciServer.exe (2 Threads.) -00005e00 : ServiceShell.exe (28 Threads.) -00005fb4 : svchost.exe (10 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00004b9c : SgrmBroker.exe (6 Threads.) -00006350 : SupportAssistAgent.exe (43 Threads.) -00004d78 : svchost.exe (8 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000631c : svchost.exe (4 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000b84 : UninstallMonitor.exe (19 Threads.) -00004e04 : Widgets.exe (7 Threads.) -00005994 : msedgewebview2.exe (28 Threads.) -00005984 : msedgewebview2.exe (7 Threads.) -00005e44 : msedgewebview2.exe (15 Threads.) -00004fec : msedgewebview2.exe (12 Threads.) -00003b08 : msedgewebview2.exe (7 Threads.) -00006280 : msedgewebview2.exe (16 Threads.) -00002eec : msedgewebview2.exe (16 Threads.) -000037bc : backgroundTaskHost.exe (10 Threads.) 10.0.22000.1 - Background Task Host ? Microsoft Corporation. All rights reserved. -00006360 : RuntimeBroker.exe (2 Threads.) -00002de0 : svchost.exe (6 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003534 : ChsIME.exe (4 Threads.) -00001e5c : Steam++.exe (45 Threads.) -00000ce0 : RuntimeBroker.exe (1 Threads.) -00000cfc : dllhost.exe (5 Threads.) 10.0.22000.1 - COM Surrogate ? Microsoft Corporation. All rights reserved. -00002338 : dllhost.exe (4 Threads.) 10.0.22000.1 - COM Surrogate ? Microsoft Corporation. All rights reserved. -000038bc : dllhost.exe (5 Threads.) 10.0.22000.1 - COM Surrogate ? Microsoft Corporation. All rights reserved. -000055a4 : dllhost.exe (4 Threads.) 10.0.22000.1 - COM Surrogate ? Microsoft Corporation. All rights reserved. -00000bc0 : Video.UI.exe (18 Threads.) -000021ac : RuntimeBroker.exe (2 Threads.) -00004d7c : dllhost.exe (5 Threads.) 10.0.22000.1 - COM Surrogate ? Microsoft Corporation. All rights reserved. -00001a5c : Everything.exe (21 Threads.) -00001854 : svchost.exe (2 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. ==> -000022f8 : ssp.exe (19 Threads.) 2.5.99.3000 - SSP (C) D-EXCLAMATION / SSP BUGTRAQ -000043ec : LocationNotificationWindows.exe (1 Threads.) -000018ec : pwsearch.exe (5 Threads.) -00002f9c : svchost.exe (2 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000234 : Microsoft.Photos.exe (17 Threads.) -00006134 : RuntimeBroker.exe (2 Threads.) -00005358 : LockApp.exe (11 Threads.) -00001c2c : RuntimeBroker.exe (11 Threads.) -000043ac : RuntimeBroker.exe (6 Threads.) -00004704 : QQ.exe (86 Threads.) -00004544 : TXPlatform.exe (2 Threads.) -00002c5c : SearchProtocolHost.exe (6 Threads.) 7.0.22000.593 - Microsoft Windows Search Protocol Host ? Microsoft Corporation. All rights reserved. -00004718 : SearchFilterHost.exe (4 Threads.) 7.0.22000.593 - Microsoft Windows Search Filter Host ? Microsoft Corporation. All rights reserved. -00002738 : QQGuild.exe (89 Threads.) -00000398 : QQGuild.exe (14 Threads.) -000031b8 : QQGuild.exe (10 Threads.) -00004058 : QQGuild.exe (18 Threads.) -00005a8c : QQGuild.exe (18 Threads.) -00004014 : QQGuild.exe (16 Threads.) -00002e40 : QQGuild.exe (18 Threads.) -00002a80 : firefox.exe (92 Threads.) -000024a4 : firefox.exe (47 Threads.) -000059e0 : firefox.exe (5 Threads.) -00002c3c : firefox.exe (31 Threads.) -00004024 : firefox.exe (5 Threads.) -000051e8 : firefox.exe (29 Threads.) -0000100c : firefox.exe (28 Threads.) -000058c0 : firefox.exe (29 Threads.) -00002ea8 : firefox.exe (30 Threads.) -00000d00 : firefox.exe (29 Threads.) -000063a8 : SearchProtocolHost.exe (5 Threads.) 7.0.22000.593 - Microsoft Windows Search Protocol Host ? Microsoft Corporation. All rights reserved. -00001610 : firefox.exe (28 Threads.) -00003f50 : firefox.exe (28 Threads.) -00001e8c : firefox.exe (28 Threads.) -000023bc : SearchFilterHost.exe (3 Threads.) 7.0.22000.593 - Microsoft Windows Search Filter Host ? Microsoft Corporation. All rights reserved. -000042cc : firefox.exe (27 Threads.) -00000428 : firefox.exe (27 Threads.) -00003a5c : firefox.exe (35 Threads.) -00004fcc : firefox.exe (31 Threads.) -00005640 : firefox.exe (12 Threads.) -000026d4 : WinRAR.exe (11 Threads.) -000054d0 : Notepad.exe (6 Threads.) 10.0.22000.1 - 记事本 ? Microsoft Corporation. All rights reserved. -000057e8 : smartscreen.exe (9 Threads.) -00005a7c : notepad++.exe (8 Threads.) -0000109c : dllhost.exe (3 Threads.) 10.0.22000.1 - COM Surrogate ? Microsoft Corporation. All rights reserved. -00003d40 : svchost.exe (4 Threads.) 10.0.22000.527 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002490 : WmiPrvSE.exe (10 Threads.) 10.0.22000.1 - WMI Provider Host ? Microsoft Corporation. All rights reserved. -00005c80 : firefox.exe (17 Threads.) -0000021c : rundll32.exe (6 Threads.) 10.0.22000.1 - Windows 主进程 (Rundll32) ? Microsoft Corporation. All rights reserved. -0000500c : firefox.exe (15 Threads.) Executing Threads: [With ToolHelp32] -0000414c : 8(0) -000053f0 : 8(0) -000013ec : 8(0) -000013b8 : 8(0) -00001b78 : 10(0) -00002ccc : 7(0) -00002f20 : 7(0) -000063f0 : 8(0) -00001858 : 9(0) -00001148 : 7(0) -00005564 : 8(0) -00002118 : 8(0) -000042c0 : 8(0) ==> -000027ec : 7(0) -0000328c : 8(0) -00003190 : 8(0) -00002790 : 7(0) -00005e80 : 7(0) -000049d4 : 8(0) Executing Services: [With SCM/NT] ***AdobeARMservice (Adobe Acrobat Update Service) - Running ***AESMService (Intel? SGX AESM) - Running ***AGMService (Adobe Genuine Monitor Service) - Running ***AGSService (Adobe Genuine Software Integrity Service) - Running ---AJRouter (AllJoyn Router Service) - Stopped/Paused ---ALG (Application Layer Gateway Service) - Stopped/Paused ---AntiCheatExpert Service (AntiCheatExpert Service) - Stopped/Paused ---AppIDSvc (Application Identity) - Stopped/Paused ***Appinfo (Application Information) - Running ***AppMgmt (Application Management) - Running ---AppReadiness (App Readiness) - Stopped/Paused ---AppVClient (Microsoft App-V Client) - Stopped/Paused ***AppXSvc (AppX Deployment Service (AppXSVC)) - Running ---aspnet_state (ASP.NET State Service) - Stopped/Paused ---AssignedAccessManagerSvc (AssignedAccessManager 服务) - Stopped/Paused ***AudioEndpointBuilder (Windows Audio Endpoint Builder) - Running ***Audiosrv (Windows Audio) - Running ---autotimesvc (手机网络时间) - Stopped/Paused ---AxInstSV (ActiveX Installer (AxInstSV)) - Stopped/Paused ***AzureAttestService (AzureAttestService) - Running ---BaiduNetdiskUtility (BaiduNetdiskUtility) - Stopped/Paused ***BDESVC (BitLocker Drive Encryption Service) - Running ***BFE (Base Filtering Engine) - Running ---BITS (Background Intelligent Transfer Service) - Stopped/Paused ***BrokerInfrastructure (Background Tasks Infrastructure Service) - Running ---BTAGService (蓝牙音频网关服务) - Stopped/Paused ***BthAvctpSvc (AVCTP 服务) - Running ---bthserv (蓝牙支持服务) - Stopped/Paused ***camsvc (功能访问管理器服务) - Running ***CDPSvc (连接设备平台服务) - Running ***CertPropSvc (Certificate Propagation) - Running ***ClickToRunSvc (Microsoft Office Click-to-Run Service) - Running ---ClipSVC (Client License Service (ClipSVC)) - Stopped/Paused ---cloudidsvc (Microsoft 云标识服务) - Stopped/Paused ***CmService (容器管理器服务) - Running ---COMSysApp (COM+ System Application) - Stopped/Paused ***CoreMessagingRegistrar (CoreMessaging) - Running ***cphs (Intel(R) Content Protection HECI Service) - Running ***cplspcon (Intel(R) Content Protection HDCP Service) - Running ***CryptSvc (Cryptographic Services) - Running ---CscService (Offline Files) - Stopped/Paused ***DcomLaunch (DCOM Server Process Launcher) - Running ---DDVCollectorSvcApi (Dell Data Vault Service API) - Stopped/Paused ---DDVDataCollector (Dell Data Vault Collector) - Stopped/Paused ---DDVRulesProcessor (Dell Data Vault Processor) - Stopped/Paused ---debugregsvc (debugregsvc) - Stopped/Paused ---defragsvc (Optimize drives) - Stopped/Paused ***Dell Hardware Support (Dell Hardware Support) - Running ***DellClientManagementService (Dell Client Management Service) - Running ---DeveloperToolsService (Developer Tools Service) - Stopped/Paused ***DeviceAssociationService (Device Association Service) - Running ***DeviceInstall (Device Install Service) - Running ---DevQueryBroker (DevQuery Background Discovery Broker) - Stopped/Paused ***Dhcp (DHCP Client) - Running ---diagnosticshub.standardcollector.service (Microsoft (R) 诊断中心标准收集器服务) - Stopped/Paused ---diagsvc (Diagnostic Execution Service) - Stopped/Paused ***DiagTrack (Connected User Experiences and Telemetry) - Running ---DialogBlockingService (DialogBlockingService) - Stopped/Paused ***DispBrokerDesktopSvc (显示策略服务) - Running ***DisplayEnhancementService (显示增强服务) - Running ---DmEnrollmentSvc (设备管理注册服务) - Stopped/Paused ---dmwappushservice (设备管理无线应用程序协议 (WAP) 推送消息路由服务) - Stopped/Paused ***Dnscache (DNS Client) - Running ***DoSvc (Delivery Optimization) - Running ---dot3svc (Wired AutoConfig) - Stopped/Paused ***DPS (Diagnostic Policy Service) - Running ---DsmSvc (Device Setup Manager) - Stopped/Paused ---DsSvc (Data Sharing Service) - Stopped/Paused ***DusmSvc (数据使用量) - Running ---EapHost (Extensible Authentication Protocol) - Stopped/Paused ---EasyAntiCheat_EOS (Easy Anti-Cheat (Epic Online Services)) - Stopped/Paused ---edgeupdate (Microsoft Edge Update Service (edgeupdate)) - Stopped/Paused ---edgeupdatem (Microsoft Edge Update Service (edgeupdatem)) - Stopped/Paused ***EFS (Encrypting File System (EFS)) - Running ---embeddedmode (嵌入模式) - Stopped/Paused ---EntAppSvc (Enterprise App Management Service) - Stopped/Paused ---EpicOnlineServices (Epic Online Services) - Stopped/Paused ***esifsvc (Intel(R) Dynamic Platform and Thermal Framework service) - Running ***EventLog (Windows Event Log) - Running ***EventSystem (COM+ Event System) - Running ***Everything (Everything) - Running ---Fax (Fax) - Stopped/Paused ***fdPHost (Function Discovery Provider Host) - Running ***FDResPub (Function Discovery Resource Publication) - Running ---fhsvc (File History Service) - Stopped/Paused ---FileSyncHelper (FileSyncHelper) - Stopped/Paused ***FlexNet Licensing Service (FlexNet Licensing Service) - Running ***FontCache (Windows Font Cache Service) - Running ***FontCache3.0.0.0 (Windows Presentation Foundation Font Cache 3.0.0.0) - Running ---FrameServer (Windows Camera Frame Server) - Stopped/Paused ---FrameServerMonitor (Windows Camera Frame Server Monitor) - Stopped/Paused ***GamingServices (Gaming Services) - Running ***GamingServicesNet (Gaming Services) - Running ---gcs (Hyper-V 来宾计算服务) - Stopped/Paused ---GoogleChromeElevationService (Google Chrome Elevation Service (GoogleChromeElevationService)) - Stopped/Paused ---gpsvc (Group Policy Client) - Stopped/Paused ---GraphicsPerfSvc (GraphicsPerfSvc) - Stopped/Paused ***Groupy (Stardock Groupy) - Running ---gupdate (Google 更新服务 (gupdate)) - Stopped/Paused ---gupdatem (Google 更新服务 (gupdatem)) - Stopped/Paused ---HgClientService (主机保护者客户端服务) - Stopped/Paused ***hidserv (Human Interface Device Service) - Running ***HipsDaemon (Huorong Internet Security Daemon) - Running ***HNS (主机网络服务) - Running ***HPPrintScanDoctorService (HP Print Scan Doctor Service) - Running ***HRWSCCtrl (Huorong Windows Security Center) - Running ***HvHost (HV 主机服务) - Running ---icssvc (Windows 移动热点服务) - Stopped/Paused ***igccservice (Intel(R) Graphics Command Center Service) - Running ***igfxCUIService2.0.0.0 (Intel(R) HD Graphics Control Panel Service) - Running ---IKEEXT (IKE and AuthIP IPsec Keying Modules) - Stopped/Paused ***InstallService (Microsoft Store 安装服务) - Running ***Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Running ---Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Stopped/Paused ---IntelAudioService (Intel(R) Audio Service) - Stopped/Paused ---IObitUnSvr (IObit Uninstaller Service) - Stopped/Paused ***iphlpsvc (IP Helper) - Running ---IpxlatCfgSvc (IP 转换配置服务) - Stopped/Paused ***jhi_service (Intel(R) Dynamic Application Loader Host Interface Service) - Running ---KAPSService (Killer Smart AP Selection Service) - Stopped/Paused ***KeyIso (CNG Key Isolation) - Running ***Killer Analytics Service (Killer Analytics Service) - Running ***Killer Network Service (Killer Network Service) - Running ---KNDBWM (Killer Dynamic Bandwidth Management) - Stopped/Paused ---KtmRm (KtmRm for Distributed Transaction Coordinator) - Stopped/Paused ***LanmanServer (Server) - Running ***LanmanWorkstation (Workstation) - Running ***lfsvc (Geolocation Service) - Running ***LicenseManager (Windows 许可证管理器服务) - Running ---lltdsvc (Link-Layer Topology Discovery Mapper) - Stopped/Paused ***lmhosts (TCP/IP NetBIOS Helper) - Running ***LMS (Intel(R) Management and Security Application Local Management Service) - Running ***LSM (Local Session Manager) - Running ---LxpSvc (语言体验服务) - Stopped/Paused ---LxssManager (LxssManager) - Stopped/Paused ---MapsBroker (Downloaded Maps Manager) - Stopped/Paused ---McpManagementService (McpManagementService) - Stopped/Paused ---MicrosoftEdgeElevationService (Microsoft Edge Elevation Service (MicrosoftEdgeElevationService)) - Stopped/Paused ---MixedRealityOpenXRSvc (Windows Mixed Reality OpenXR 服务) - Stopped/Paused ---MozillaMaintenance (Mozilla Maintenance Service) - Stopped/Paused ***mpssvc (Windows Defender Firewall) - Running ---MSDTC (Distributed Transaction Coordinator) - Stopped/Paused ---MSiSCSI (Microsoft iSCSI Initiator Service) - Stopped/Paused ---msiserver (Windows Installer) - Stopped/Paused ---MsKeyboardFilter (Microsoft 键盘筛选器) - Stopped/Paused ***MSSQLSERVER (SQL Server (MSSQLSERVER)) - Running ---NaturalAuthentication (自然身份验证) - Stopped/Paused ---NcaSvc (Network Connectivity Assistant) - Stopped/Paused ***NcbService (Network Connection Broker) - Running ***NcdAutoSetup (Network Connected Devices Auto-Setup) - Running ---Netlogon (Netlogon) - Stopped/Paused ***Netman (Network Connections) - Running ***netprofm (Network List Service) - Running ***NetSetupSvc (Network Setup Service) - Running ---NetTcpPortSharing (Net.Tcp Port Sharing Service) - Stopped/Paused ***NgcCtnrSvc (Microsoft Passport Container) - Running ***NgcSvc (Microsoft Passport) - Running ---NlaSvc (网络位置感知) - Stopped/Paused ***nsi (Network Store Interface Service) - Running ***nvagent (网络虚拟服务) - Running ***NVDisplay.ContainerLocalSystem (NVIDIA Display Container LS) - Running ---OneDrive Updater Service (OneDrive Updater Service) - Stopped/Paused ---p2pimsvc (Peer Networking Identity Manager) - Stopped/Paused ---p2psvc (Peer Networking Grouping) - Stopped/Paused ***Parsec (Parsec) - Running ***PcaSvc (Program Compatibility Assistant Service) - Running ---PeerDistSvc (BranchCache) - Stopped/Paused ---perceptionsimulation (Windows 感知模拟服务) - Stopped/Paused ---PerfHost (Performance Counter DLL Host) - Stopped/Paused ---PhoneSvc (Phone Service) - Stopped/Paused ---pla (Performance Logs & Alerts) - Stopped/Paused ***PlugPlay (Plug and Play) - Running ---PNRPAutoReg (PNRP Machine Name Publication Service) - Stopped/Paused ---PNRPsvc (Peer Name Resolution Protocol) - Stopped/Paused ---PolicyAgent (IPsec Policy Agent) - Stopped/Paused ***Power (Power) - Running ---PrintNotify (Printer Extensions and Notifications) - Stopped/Paused ***ProfSvc (User Profile Service) - Running ---PushToInstall (Windows PushToInstall 服务) - Stopped/Paused ***QPCore (QPCore Service) - Running ---QQPYService (QQ拼音输入法基础服务) - Stopped/Paused ---QWAVE (Quality Windows Audio Video Experience) - Stopped/Paused ---RasAuto (Remote Access Auto Connection Manager) - Stopped/Paused ---RasMan (Remote Access Connection Manager) - Stopped/Paused ---RemoteAccess (Routing and Remote Access) - Stopped/Paused ---RemoteRegistry (Remote Registry) - Stopped/Paused ---RetailDemo (零售演示服务) - Stopped/Paused ***RmSvc (无线电管理服务) - Running ---rpcapd (Remote Packet Capture Protocol v.0 (experimental)) - Stopped/Paused ***RpcEptMapper (RPC Endpoint Mapper) - Running ---RpcLocator (Remote Procedure Call (RPC) Locator) - Stopped/Paused ***RpcSs (Remote Procedure Call (RPC)) - Running ***RstMwService (Intel(R) Storage Middleware Service) - Running ***RtkAudioUniversalService (Realtek Audio Universal Service) - Running ***SakuraFrpService (SakuraFrp Daemon Service) - Running ***SamSs (Security Accounts Manager) - Running ---SCardSvr (Smart Card) - Stopped/Paused ---ScDeviceEnum (Smart Card Device Enumeration Service) - Stopped/Paused ***Schedule (Task Scheduler) - Running ---SCPolicySvc (Smart Card Removal Policy) - Stopped/Paused ---SDRSVC (Windows 备份) - Stopped/Paused ***seclogon (Secondary Logon) - Running ***SecurityHealthService (Windows 安全中心服务) - Running ---SEMgrSvc (付款和 NFC/SE 管理器) - Stopped/Paused ***SENS (System Event Notification Service) - Running ---Sense (Windows Defender Advanced Threat Protection Service) - Stopped/Paused ---SensorDataService (Sensor Data Service) - Stopped/Paused ---SensorService (Sensor Service) - Stopped/Paused ---SensrSvc (Sensor Monitoring Service) - Stopped/Paused ***SessionEnv (Remote Desktop Configuration) - Running ***SgrmBroker (System Guard 运行时监视器代理) - Running ***SharedAccess (Internet Connection Sharing (ICS)) - Running ---SharedRealitySvc (空间数据服务) - Stopped/Paused ***ShellHWDetection (Shell Hardware Detection) - Running ---shpamsvc (Shared PC Account Manager) - Stopped/Paused ---smphost (Microsoft Storage Spaces SMP) - Stopped/Paused ---SmsRouter (Microsoft Windows SMS 路由器服务。) - Stopped/Paused ---SNMPTrap (SNMP 陷阱) - Stopped/Paused ---spectrum (Windows 感知服务) - Stopped/Paused ***Spooler (Print Spooler) - Running ---sppsvc (Software Protection) - Stopped/Paused ---SQLBrowser (SQL Server Browser) - Stopped/Paused ---SQLSERVERAGENT (SQL Server 代理 (MSSQLSERVER)) - Stopped/Paused ***SQLTELEMETRY (SQL Server CEIP 服务 (MSSQLSERVER)) - Running ***SQLWriter (SQL Server VSS Writer) - Running ***SSDPSRV (SSDP Discovery) - Running ---ssh-agent (OpenSSH Authentication Agent) - Stopped/Paused ---sshd (OpenSSH SSH Server) - Stopped/Paused ---SshdBroker (SshdBroker) - Stopped/Paused ---SstpSvc (Secure Socket Tunneling Protocol Service) - Stopped/Paused ***StateRepository (State Repository Service) - Running ***Steam Client Service (Steam Client Service) - Running ---SteelSeriesUpdateService (SteelSeries Update Service) - Stopped/Paused ***StiSvc (Windows Image Acquisition (WIA)) - Running ***StorSvc (Storage Service) - Running ***SupportAssistAgent (Dell SupportAssist) - Running ---svsvc (Spot Verifier) - Stopped/Paused ---swprv (Microsoft Software Shadow Copy Provider) - Stopped/Paused ***SysMain (SysMain) - Running ***SystemEventsBroker (System Events Broker) - Running ***TabletInputService (Touch Keyboard and Handwriting Panel Service) - Running ---TapiSrv (Telephony) - Stopped/Paused ***TeamViewer (TeamViewer) - Running ***TermService (Remote Desktop Services) - Running ***Themes (Themes) - Running ---TieringEngineService (Storage Tiers Management) - Stopped/Paused ***TimeBrokerSvc (Time Broker) - Running ***ToDesk_Service (ToDesk Service) - Running ***TokenBroker (Web 帐户管理器) - Running ***TrkWks (Distributed Link Tracking Client) - Running ---TroubleshootingSvc (建议疑难解答服务) - Stopped/Paused ---TrustedInstaller (Windows Modules Installer) - Stopped/Paused ---tzautoupdate (自动时区更新程序) - Stopped/Paused ---UevAgentService (User Experience Virtualization Service) - Stopped/Paused ---uhssvc (Microsoft Update Health Service) - Stopped/Paused ***UmRdpService (Remote Desktop Services UserMode Port Redirector) - Running ---upnphost (UPnP Device Host) - Stopped/Paused ***UserManager (User Manager) - Running ***UsoSvc (更新 Orchestrator 服务) - Running ---VacSvc (立体音频组合器服务) - Stopped/Paused ***VaultSvc (Credential Manager) - Running ---vds (Virtual Disk) - Stopped/Paused ***vlmcsd (Key Management Server) - Running ***VMAuthdService (VMware Authorization Service) - Running ***vmcompute (Hyper-V 主机计算服务) - Running ---vmicguestinterface (Hyper-V Guest Service Interface) - Stopped/Paused ---vmicheartbeat (Hyper-V Heartbeat Service) - Stopped/Paused ---vmickvpexchange (Hyper-V Data Exchange Service) - Stopped/Paused ---vmicrdv (Hyper-V 远程桌面虚拟化服务) - Stopped/Paused ---vmicshutdown (Hyper-V Guest Shutdown Service) - Stopped/Paused ---vmictimesync (Hyper-V Time Synchronization Service) - Stopped/Paused ---vmicvmsession (Hyper-V PowerShell Direct Service) - Stopped/Paused ---vmicvss (Hyper-V 卷影复制请求程序) - Stopped/Paused ***vmms (Hyper-V 虚拟机管理) - Running ***VMnetDHCP (VMware DHCP Service) - Running ***VMUSBArbService (VMware USB Arbitration Service) - Running ***VMware NAT Service (VMware NAT Service) - Running ---VSS (Volume Shadow Copy) - Stopped/Paused ---VSStandardCollectorService150 (Visual Studio Standard Collector Service 150) - Stopped/Paused ---W32Time (Windows Time) - Stopped/Paused ---WaaSMedicSvc (Windows 更新医生服务) - Stopped/Paused ---WalletService (WalletService) - Stopped/Paused ---WarpJITSvc (Warp JIT Service) - Stopped/Paused ---wbengine (Block Level Backup Engine Service) - Stopped/Paused ---WbioSrvc (Windows Biometric Service) - Stopped/Paused ***Wcmsvc (Windows Connection Manager) - Running ---wcncsvc (Windows Connect Now - Config Registrar) - Stopped/Paused ---WdiServiceHost (Diagnostic Service Host) - Stopped/Paused ***WdiSystemHost (Diagnostic System Host) - Running ---WdNisSvc (Microsoft Defender Antivirus Network Inspection Service) - Stopped/Paused ---WebClient (WebClient) - Stopped/Paused ---WebManagement (Web Management) - Stopped/Paused ---Wecsvc (Windows Event Collector) - Stopped/Paused ---WEPHOSTSVC (Windows Encryption Provider Host Service) - Stopped/Paused ---wercplsupport (Problem Reports Control Panel Support) - Stopped/Paused ---WerSvc (Windows Error Reporting Service) - Stopped/Paused ---WFDSConMgrSvc (WLAN Direct 服务连接管理器服务) - Stopped/Paused ---WiaRpc (Still Image Acquisition Events) - Stopped/Paused ---WinDefend (Microsoft Defender Antivirus Service) - Stopped/Paused ***WinHttpAutoProxySvc (WinHTTP Web Proxy Auto-Discovery Service) - Running ***Winmgmt (Windows Management Instrumentation) - Running ---WinRM (Windows Remote Management (WS-Management)) - Stopped/Paused ---wisvc (Windows 预览体验成员服务) - Stopped/Paused ***WlanSvc (WLAN AutoConfig) - Running ---wlidsvc (Microsoft Account Sign-in Assistant) - Stopped/Paused ---wlpasvc (本地配置文件助手服务) - Stopped/Paused ---WManSvc (Windows 管理服务) - Stopped/Paused ---wmiApSrv (WMI Performance Adapter) - Stopped/Paused ---WMIRegistrationService (Intel(R) Management Engine WMI Provider Registration) - Stopped/Paused ---WMPNetworkSvc (Windows Media Player Network Sharing Service) - Stopped/Paused ---workfolderssvc (Work Folders) - Stopped/Paused ---WpcMonSvc (家长控制) - Stopped/Paused ---WPDBusEnum (Portable Device Enumerator Service) - Stopped/Paused ***WpnService (Windows 推送通知系统服务) - Running ---WsaService (Windows Subsystem for Android?) - Stopped/Paused ***wscsvc (Security Center) - Running ***WSearch (Windows Search) - Running ---WslService (Windows Subsystem for Linux Preview) - Stopped/Paused ***wuauserv (Windows Update) - Running ---WwanSvc (WWAN AutoConfig) - Stopped/Paused ***XblAuthManager (Xbox Live 身份验证管理器) - Running ---XblGameSave (Xbox Live 游戏保存) - Stopped/Paused ---XboxGipSvc (Xbox Accessory Management Service) - Stopped/Paused ---XboxNetApiSvc (Xbox Live 网络服务) - Stopped/Paused ---xTendSoftAPService (xTendSoftAPService) - Stopped/Paused ***xTendUtilityService (xTendUtilityService) - Running ***AarSvc_dc6ac (Agent Activation Runtime_dc6ac) - Running ---BcastDVRUserService_dc6ac (GameDVR 和广播用户服务_dc6ac) - Stopped/Paused ---BluetoothUserService_dc6ac (蓝牙用户支持服务_dc6ac) - Stopped/Paused ---CaptureService_dc6ac (CaptureService_dc6ac) - Stopped/Paused ***cbdhsvc_dc6ac (剪贴板用户服务_dc6ac) - Running ***CDPUserSvc_dc6ac (连接设备平台用户服务_dc6ac) - Running ---ConsentUxUserSvc_dc6ac (ConsentUX 用户服务_dc6ac) - Stopped/Paused ---CredentialEnrollmentManagerUserSvc_dc6ac (CredentialEnrollmentManagerUserSvc_dc6ac) - Stopped/Paused ---DeviceAssociationBrokerSvc_dc6ac (DeviceAssociationBroker_dc6ac) - Stopped/Paused ---DevicePickerUserSvc_dc6ac (DevicePicker_dc6ac) - Stopped/Paused ---DevicesFlowUserSvc_dc6ac (DevicesFlow_dc6ac) - Stopped/Paused ---MessagingService_dc6ac (MessagingService_dc6ac) - Stopped/Paused ***NPSMSvc_dc6ac (NPSMSvc_dc6ac) - Running ***OneSyncSvc_dc6ac (同步主机_dc6ac) - Running ---P9RdrService_dc6ac (P9RdrService_dc6ac) - Stopped/Paused ---PenService_dc6ac (PenService_dc6ac) - Stopped/Paused ***PimIndexMaintenanceSvc_dc6ac (Contact Data_dc6ac) - Running ---PrintWorkflowUserSvc_dc6ac (PrintWorkflow_dc6ac) - Stopped/Paused ***UdkUserSvc_dc6ac (Udk 用户服务_dc6ac) - Running ***UnistoreSvc_dc6ac (User Data Storage_dc6ac) - Running ***UserDataSvc_dc6ac (User Data Access_dc6ac) - Running ---WebManagementUser_dc6ac (WebManagementUser_dc6ac) - Stopped/Paused ***WpnUserService_dc6ac (Windows Push Notifications User Service_dc6ac) - Running Loaded Modules: [With ToolHelp32] ==> -00400000 : C:\ssp\ssp.exe 2.5.99.3000 - SSP (C) D-EXCLAMATION / SSP BUGTRAQ -01180000 : C:\ssp\ghost\Taromati2\ghost\master\saori\cmdrunner.DLL 1.0.0.0 - by steve02081504 for Taromati2 at 2021/2/16 -03c00000 : C:\ssp\ghost\Taromati2\ghost\master\saori\debeso.DLL -05d50000 : C:\ssp\plugin\SAKNIFE\SAKNIFE.dll 1.5.3.0 - SwissArmyKnife (C) 2004 SSP BUGTRAQ -06600000 : C:\ssp\plugin\shared_value\shared_value.dll 1.0.0.0 - Shared Value Plugin Copyright (C) CSaori Project -10000000 : C:\ssp\data\language\chinese-simplified\resource.dll 2.5.86.14 - Language Resource DLL (C) D-EXCLAMATION / SSP BUGTRAQ -13700000 : C:\ssp\ghost\Taromati2\ghost\master\shiori\aya.dll -50010000 : C:\WINDOWS\system32\NetworkExplorer.dll 10.0.22000.1 - 网络浏览器 ? Microsoft Corporation. All rights reserved. -50030000 : C:\WINDOWS\SYSTEM32\LINKINFO.dll 10.0.22000.1 - Windows Volume Tracking ? Microsoft Corporation. All rights reserved. -508d0000 : C:\WINDOWS\SYSTEM32\mscms.dll 10.0.22000.469 - Microsoft 颜色匹配系统 DLL ? Microsoft Corporation. All rights reserved. -58e00000 : C:\WINDOWS\System32\npmproxy.dll 10.0.22000.65 - Network List Manager Proxy ? Microsoft Corporation. All rights reserved. -58e10000 : C:\WINDOWS\System32\netprofm.dll 10.0.22000.65 - 网络列表管理器 ? Microsoft Corporation. All rights reserved. -5a0b0000 : C:\WINDOWS\SYSTEM32\sxs.dll 10.0.22000.1 - Fusion 2.5 ? Microsoft Corporation. All rights reserved. -5a140000 : C:\WINDOWS\system32\mlang.dll 10.0.22000.1 - 多语言支持 DLL ? Microsoft Corporation. All rights reserved. -5d730000 : C:\WINDOWS\SYSTEM32\policymanager.dll 10.0.22000.593 - Policy Manager DLL ? Microsoft Corporation. All rights reserved. -5db60000 : C:\WINDOWS\SYSTEM32\ondemandconnroutehelper.dll 10.0.22000.1 - On Demand Connctiond Route Helper ? Microsoft Corporation. All rights reserved. -5db80000 : C:\Windows\System32\OneCoreUAPCommonProxyStub.dll 10.0.22000.527 - OneCoreUAP Common Proxy Stub ? Microsoft Corporation. All rights reserved. -62b20000 : C:\WINDOWS\SYSTEM32\TextShaping.dll -62be0000 : C:\WINDOWS\SYSTEM32\msvcp110_win.dll 10.0.22000.1 - Microsoft? STL110 C++ Runtime Library ? Microsoft Corporation. All rights reserved. -63350000 : C:\Windows\System32\twinapi.appcore.dll 10.0.22000.593 - twinapi.appcore ? Microsoft Corporation. All rights reserved. -63550000 : C:\WINDOWS\system32\dataexchange.dll 10.0.22000.1 - Data exchange ? Microsoft Corporation. All rights reserved. -63820000 : C:\WINDOWS\SYSTEM32\CoreMessaging.dll 10.0.22000.71 - Microsoft CoreMessaging Dll ? Microsoft Corporation. All rights reserved. -66530000 : C:\WINDOWS\SYSTEM32\srvcli.dll 10.0.22000.613 - Server Service Client DLL ? Microsoft Corporation. All rights reserved. -66550000 : C:\WINDOWS\SYSTEM32\iertutil.dll 11.0.22000.593 - Internet Explorer 的运行时实用程序 ? Microsoft Corporation. All rights reserved. -66c00000 : C:\WINDOWS\SYSTEM32\urlmon.dll 11.0.22000.527 - Win32 的 OLE32 扩展 ? Microsoft Corporation. All rights reserved. -67320000 : C:\WINDOWS\SYSTEM32\PROPSYS.dll 7.0.22000.37 - Microsoft 属性系统 ? Microsoft Corporation. All rights reserved. -6ce90000 : C:\WINDOWS\system32\wshunix.dll 10.0.22000.1 - AF_UNIX Winsock2 Helper DLL ? Microsoft Corporation. All rights reserved. -6cea0000 : C:\Windows\System32\LocationFrameworkPS.dll 10.0.22000.41 - Windows Geolocation Framework PS ? Microsoft Corporation. All rights reserved. -6ceb0000 : C:\Windows\System32\LocationApi.dll 10.0.22000.1 - Microsoft Windows Location API ? Microsoft Corporation. All rights reserved. -6cf10000 : C:\Windows\System32\deviceaccess.dll 10.0.22000.593 - Device Broker And Policy COM Server ? Microsoft Corporation. All rights reserved. -6cf50000 : C:\Windows\System32\PortableDeviceTypes.dll 10.0.22000.1 - Windows Portable Device (Parameter) Types Component ? Microsoft Corporation. All rights reserved. -6cf80000 : C:\WINDOWS\System32\SensorsNativeApi.V2.dll 10.0.22000.593 - Sensors Native API (V2 stack) ? Microsoft Corporation. All rights reserved. -6cfc0000 : C:\WINDOWS\System32\SensorsUtilsV2.dll 10.0.22000.348 - 传感器 v2 实用工具 DLL ? Microsoft Corporation. All rights reserved. -6cff0000 : C:\WINDOWS\System32\SensorsApi.dll 10.0.22000.1 - 传感器 API ? Microsoft Corporation. All rights reserved. -6d050000 : C:\Windows\System32\wups.dll 10.0.22000.282 - Windows Update client proxy stub ? Microsoft Corporation. All rights reserved. -6d060000 : C:\Windows\System32\wuapi.dll 10.0.22000.282 - Windows 更新客户端 API ? Microsoft Corporation. All rights reserved. -6d140000 : C:\WINDOWS\system32\pdh.dll 10.0.22000.1 - Windows 性能数据助手 DLL ? Microsoft Corporation. All rights reserved. -6d290000 : C:\Windows\System32\ShellCommonCommonProxyStub.dll 10.0.22000.527 - ShellCommon Common Proxy Stub ? Microsoft Corporation. All rights reserved. -6d390000 : C:\WINDOWS\SYSTEM32\QUARTZ.dll 10.0.22000.1 - DirectShow Runtime. ? Microsoft Corporation. All rights reserved. -6d7e0000 : C:\WINDOWS\system32\dwmapi.dll 10.0.22000.41 - Microsoft 桌面窗口管理器 API ? Microsoft Corporation. All rights reserved. -6f050000 : C:\WINDOWS\system32\explorerframe.dll 10.0.22000.593 - ExplorerFrame ? Microsoft Corporation. All rights reserved. -6fcc0000 : C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 10.0.22000.132 - Microsoft Core UI Components Dll ? Microsoft Corporation. All rights reserved. -6ff60000 : C:\WINDOWS\SYSTEM32\AUDIOSES.DLL 10.0.22000.348 - 音频会话 ? Microsoft Corporation. All rights reserved. -705c0000 : C:\Program Files (x86)\Internet Download Manager\idmmkb.dll 6.37.8.1 - Internet Download Manager module Tonec FZE, Copyright ? 2000 - 2020 -70610000 : C:\WINDOWS\SYSTEM32\midimap.dll 10.0.22000.1 - Microsoft MIDI Mapper ? Microsoft Corporation. All rights reserved. -70620000 : C:\WINDOWS\SYSTEM32\MSACM32.dll 10.0.22000.1 - Microsoft ACM 音频筛选器 ? Microsoft Corporation. All rights reserved. -70670000 : C:\WINDOWS\SYSTEM32\cscapi.dll 10.0.22000.1 - Offline Files Win32 API ? Microsoft Corporation. All rights reserved. -70af0000 : C:\WINDOWS\SYSTEM32\DEVOBJ.dll 10.0.22000.1 - Device Information Set DLL ? Microsoft Corporation. All rights reserved. -70b90000 : C:\WINDOWS\SYSTEM32\msacm32.drv 10.0.22000.1 - Microsoft 声音映射器 ? Microsoft Corporation. All rights reserved. -70bd0000 : C:\WINDOWS\SYSTEM32\textinputframework.dll 10.0.22000.282 - "TextInputFramework.DYNLINK" ? Microsoft Corporation. All rights reserved. -70cc0000 : C:\WINDOWS\SYSTEM32\MMDevAPI.DLL 10.0.22000.1 - MMDevice API ? Microsoft Corporation. All rights reserved. -70e10000 : C:\Windows\System32\ActXPrxy.dll 10.0.22000.65 - ActiveX Interface Marshaling Library ? Microsoft Corporation. All rights reserved. -71000000 : C:\Program Files (x86)\Stardock\Groupy\groupy_32.dll 1.4.4.0 - Stardock Groupy Copyright (C) 2020 Stardock Software, Inc -710f0000 : C:\WINDOWS\SYSTEM32\AVRT.dll 10.0.22000.1 - 多媒体实时运行时 ? Microsoft Corporation. All rights reserved. -71100000 : C:\WINDOWS\SYSTEM32\ksuser.dll 10.0.22000.1 - User CSA Library ? Microsoft Corporation. All rights reserved. -71110000 : C:\WINDOWS\SYSTEM32\wdmaud.drv 10.0.22000.1 - Winmm 音频系统驱动程序 ? Microsoft Corporation. All rights reserved. -71150000 : C:\WINDOWS\SYSTEM32\WINMMBASE.dll 10.0.22000.1 - Base Multimedia Extension API DLL ? Microsoft Corporation. All rights reserved. -71290000 : C:\WINDOWS\SYSTEM32\WindowsCodecs.dll 10.0.22000.1 - Microsoft Windows Codecs Library ? Microsoft Corporation. All rights reserved. -71400000 : C:\WINDOWS\system32\twinapi.dll 10.0.22000.132 - twinapi ? Microsoft Corporation. All rights reserved. -714c0000 : C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.22000.434_none_1630a2eb2777c45d\gdiplus.dll 10.0.22000.434 - Microsoft GDI+ ? Microsoft Corporation. All rights reserved. -71740000 : C:\WINDOWS\SYSTEM32\WINNSI.DLL 10.0.22000.1 - Network Store Information RPC interface ? Microsoft Corporation. All rights reserved. -71820000 : C:\WINDOWS\system32\amsi.dll 10.0.22000.593 - Anti-Malware Scan Interface ? Microsoft Corporation. All rights reserved. -71850000 : C:\WINDOWS\system32\nlansp_c.dll 10.0.22000.1 - NLA Namespace Service Provider DLL ? Microsoft Corporation. All rights reserved. -71870000 : C:\WINDOWS\system32\wshbth.dll 10.0.22000.41 - Windows Sockets Helper DLL ? Microsoft Corporation. All rights reserved. -71890000 : C:\WINDOWS\System32\winrnr.dll 10.0.22000.1 - LDAP RnR Provider DLL ? Microsoft Corporation. All rights reserved. -718a0000 : C:\WINDOWS\system32\pnrpnsp.dll 10.0.22000.1 - PNRP 命名空间提供程序 ? Microsoft Corporation. All rights reserved. -718c0000 : C:\WINDOWS\system32\napinsp.dll 10.0.22000.1 - 电子邮件命名填充提供程序 ? Microsoft Corporation. All rights reserved. -71960000 : C:\WINDOWS\system32\uxtheme.dll 10.0.22000.120 - Microsoft UxTheme 库 ? Microsoft Corporation. All rights reserved. -71a80000 : C:\WINDOWS\SYSTEM32\MSVCP140.dll 14.32.31326.0 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -72010000 : C:\WINDOWS\SYSTEM32\profapi.dll 10.0.22000.1 - User Profile Basic API ? Microsoft Corporation. All rights reserved. -729a0000 : C:\WINDOWS\SYSTEM32\WINMM.dll 10.0.22000.1 - MCI API DLL ? Microsoft Corporation. All rights reserved. -72fc0000 : C:\WINDOWS\system32\wininet.dll 11.0.22000.282 - Win32 的 Internet 扩展 ? Microsoft Corporation. All rights reserved. -73550000 : C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll 14.32.31326.0 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -736a0000 : C:\WINDOWS\SYSTEM32\SspiCli.dll 10.0.22000.556 - Security Support Provider Interface ? Microsoft Corporation. All rights reserved. -736f0000 : C:\WINDOWS\SYSTEM32\apphelp.dll 10.0.22000.282 - 应用程序兼容性客户端库 ? Microsoft Corporation. All rights reserved. -73810000 : C:\WINDOWS\SYSTEM32\oledlg.dll 10.0.22000.1 - OLE 用户界面支持 ? Microsoft Corporation. All rights reserved. -73840000 : C:\WINDOWS\system32\msimg32.dll 10.0.22000.1 - GDIEXT Client DLL ? Microsoft Corporation. All rights reserved. -738d0000 : C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d\COMCTL32.dll 6.10.22000.120 - 用户体验控件库 ? Microsoft Corporation. All rights reserved. -73b10000 : C:\WINDOWS\SYSTEM32\netutils.dll 10.0.22000.434 - Net Win32 API Helpers DLL ? Microsoft Corporation. All rights reserved. -73e00000 : C:\WINDOWS\SYSTEM32\winhttp.dll 10.0.22000.1 - Windows HTTP 服务 ? Microsoft Corporation. All rights reserved. -740d0000 : C:\WINDOWS\System32\fwpuclnt.dll 10.0.22000.258 - FWP/IPsec 用户模式 API ? Microsoft Corporation. All rights reserved. -74130000 : C:\WINDOWS\SYSTEM32\wintypes.dll 10.0.22000.527 - Windows 基本类型 DLL ? Microsoft Corporation. All rights reserved. -74220000 : C:\WINDOWS\SYSTEM32\windows.storage.dll 10.0.22000.613 - Microsoft WinRT Storage API ? Microsoft Corporation. All rights reserved. -748d0000 : C:\Windows\System32\rasadhlp.dll 10.0.22000.1 - Remote Access AutoDial Helper ? Microsoft Corporation. All rights reserved. -748e0000 : C:\WINDOWS\SYSTEM32\bcrypt.dll 10.0.22000.1 - Windows 加密基元库 ? Microsoft Corporation. All rights reserved. -74900000 : C:\WINDOWS\system32\rsaenh.dll 10.0.22000.282 - Microsoft Enhanced Cryptographic Provider ? Microsoft Corporation. All rights reserved. -74930000 : C:\WINDOWS\SYSTEM32\DNSAPI.dll 10.0.22000.593 - DNS 客户端 API DLL ? Microsoft Corporation. All rights reserved. -749e0000 : C:\WINDOWS\system32\mswsock.dll 10.0.22000.1 - Microsoft Windows Sockets 2.0 服务提供程序 ? Microsoft Corporation. All rights reserved. -74a30000 : C:\WINDOWS\SYSTEM32\ntmarta.dll 10.0.22000.1 - Windows NT MARTA 提供程序 ? Microsoft Corporation. All rights reserved. -74a60000 : C:\WINDOWS\SYSTEM32\CRYPTBASE.dll 10.0.22000.1 - Base cryptographic API DLL ? Microsoft Corporation. All rights reserved. -74a70000 : C:\WINDOWS\SYSTEM32\CRYPTSP.dll 10.0.22000.1 - Cryptographic Service Provider API ? Microsoft Corporation. All rights reserved. -74a90000 : C:\WINDOWS\SYSTEM32\MSASN1.dll 10.0.22000.1 - ASN.1 Runtime APIs ? Microsoft Corporation. All rights reserved. -74aa0000 : C:\WINDOWS\SYSTEM32\kernel.appcore.dll 10.0.22000.71 - AppModel API Host ? Microsoft Corporation. All rights reserved. -74ae0000 : C:\WINDOWS\SYSTEM32\UMPDC.dll 10.0.22000.1 - User Mode Power Dependency Coordinator ? Microsoft Corporation. All rights reserved. -74c90000 : C:\WINDOWS\SYSTEM32\CFGMGR32.dll 10.0.22000.1 - Configuration Manager DLL ? Microsoft Corporation. All rights reserved. -74dc0000 : C:\Windows\System32\USERENV.dll 10.0.22000.1 - Userenv ? Microsoft Corporation. All rights reserved. -74de0000 : C:\WINDOWS\SYSTEM32\powrprof.dll 10.0.22000.1 - 电源配置文件帮助程序 DLL ? Microsoft Corporation. All rights reserved. -74e40000 : C:\WINDOWS\SYSTEM32\VERSION.dll 10.0.22000.1 - Version Checking and File Installation Libraries ? Microsoft Corporation. All rights reserved. -74e80000 : C:\WINDOWS\SYSTEM32\iphlpapi.dll 10.0.22000.282 - IP 帮助程序 API ? Microsoft Corporation. All rights reserved. -752d0000 : C:\WINDOWS\System32\WINTRUST.dll 10.0.22000.527 - Microsoft Trust Verification APIs ? Microsoft Corporation. All rights reserved. -75330000 : C:\WINDOWS\System32\combase.dll 10.0.22000.527 - 用于 Windows 的 Microsoft COM ? Microsoft Corporation. All rights reserved. -755c0000 : C:\WINDOWS\System32\clbcatq.dll 2001.12.10941.16384 - COM+ Configuration Catalog ? Microsoft Corporation. All rights reserved. -75650000 : C:\WINDOWS\System32\WS2_32.dll 10.0.22000.1 - Windows Socket 2.0 32 位 DLL ? Microsoft Corporation. All rights reserved. -756c0000 : C:\WINDOWS\System32\KERNELBASE.dll 10.0.22000.613 - Windows NT 基本 API 客户端 DLL ? Microsoft Corporation. All rights reserved. -75920000 : C:\WINDOWS\System32\IMM32.DLL 10.0.22000.1 - Multi-User Windows IMM32 API Client DLL ? Microsoft Corporation. All rights reserved. -75950000 : C:\WINDOWS\System32\ADVAPI32.dll 10.0.22000.434 - 高级 Windows 32 基本 API ? Microsoft Corporation. All rights reserved. -759e0000 : C:\WINDOWS\System32\SHLWAPI.dll 10.0.22000.1 - 外壳简易实用工具库 ? Microsoft Corporation. All rights reserved. -75a30000 : C:\WINDOWS\System32\GDI32.dll 10.0.22000.1 - GDI Client DLL ? Microsoft Corporation. All rights reserved. -75a60000 : C:\WINDOWS\System32\imagehlp.dll 10.0.22000.1 - Windows NT Image Helper ? Microsoft Corporation. All rights reserved. -75a80000 : C:\WINDOWS\System32\win32u.dll 10.0.22000.37 - Win32u ? Microsoft Corporation. All rights reserved. -75aa0000 : C:\WINDOWS\System32\ole32.dll 10.0.22000.120 - 用于 Windows 的 Microsoft OLE ? Microsoft Corporation. All rights reserved. -75bf0000 : C:\WINDOWS\System32\OLEAUT32.dll 10.0.22000.1 - OLEAUT32.DLL ? Microsoft Corporation. All rights reserved. -75c90000 : C:\WINDOWS\System32\KERNEL32.DLL 10.0.22000.613 - Windows NT 基本 API 客户端 DLL ? Microsoft Corporation. All rights reserved. -75d80000 : C:\WINDOWS\System32\gdi32full.dll 10.0.22000.613 - GDI Client DLL ? Microsoft Corporation. All rights reserved. -75e60000 : C:\WINDOWS\System32\comdlg32.dll 10.0.22000.527 - Common Dialogs DLL ? Microsoft Corporation. All rights reserved. -76010000 : C:\WINDOWS\System32\RPCRT4.dll 10.0.22000.613 - 远程过程调用运行时 ? Microsoft Corporation. All rights reserved. -76130000 : C:\WINDOWS\System32\SHELL32.dll 10.0.22000.593 - Windows Shell 公用 DLL ? Microsoft Corporation. All rights reserved. -76740000 : C:\WINDOWS\System32\NSI.dll 10.0.22000.1 - NSI User-mode interface DLL ? Microsoft Corporation. All rights reserved. -76750000 : C:\WINDOWS\System32\shcore.dll 10.0.22000.613 - SHCORE ? Microsoft Corporation. All rights reserved. -76820000 : C:\WINDOWS\System32\USER32.dll 10.0.22000.593 - 多用户 Windows 用户 API 客户端 DLL ? Microsoft Corporation. All rights reserved. -769d0000 : C:\WINDOWS\System32\SETUPAPI.dll 10.0.22000.469 - Windows 安装程序 API ? Microsoft Corporation. All rights reserved. -76e10000 : C:\WINDOWS\System32\MSCTF.dll 10.0.22000.527 - MSCTF 服务器 DLL ? Microsoft Corporation. All rights reserved. -76ef0000 : C:\WINDOWS\System32\sechost.dll 10.0.22000.556 - Host for SCM/SDDL/LSA Lookup APIs ? Microsoft Corporation. All rights reserved. -76f70000 : C:\WINDOWS\System32\normaliz.dll 10.0.22000.1 - Unicode Normalization DLL ? Microsoft Corporation. All rights reserved. -76f80000 : C:\WINDOWS\System32\bcryptPrimitives.dll 10.0.22000.376 - Windows Cryptographic Primitives Library ? Microsoft Corporation. All rights reserved. -76ff0000 : C:\WINDOWS\System32\msvcrt.dll 7.0.22000.1 - Windows NT CRT DLL ? Microsoft Corporation. All rights reserved. -77290000 : C:\WINDOWS\System32\msvcp_win.dll 10.0.22000.1 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -77310000 : C:\WINDOWS\System32\CRYPT32.dll 10.0.22000.348 - 加密 API32 ? Microsoft Corporation. All rights reserved. -77410000 : C:\WINDOWS\System32\ucrtbase.dll 10.0.22000.1 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -77540000 : C:\WINDOWS\SYSTEM32\ntdll.dll 10.0.22000.527 - NT 层 DLL ? Microsoft Corporation. All rights reserved. -7b830000 : C:\WINDOWS\SYSTEM32\ntshrui.dll 10.0.22000.65 - 用于共享的外壳扩展 ? Microsoft Corporation. All rights reserved. Registers: EAX 007d0090 EBX 0c9ffcec ECX 00100018 EDX 00000000 ESI 003d0030 EDI 0e200000 DS 002b ES 002b FS 0053 GS 002b SS/ESP/EBP 002b/0c9ffc6c/0c9ffc74 CS/EIP 0023/0082fbc3 EFlags 00010202 (Interrupt,Restart) Stack Dump: 003d0030 0e200002 0c9ffc9c 004a3d44 0e200000 003d0030 00400060 07a711f8 082902e8 034b72f8 00300048 003d0030 0c9ffd30 0050c93d 00200030 0cc51d58 00000000 07a711f8 07a5b998 0000005f 0000009f 2f2f3a73 2e776172 68746967 73756275 6f637265 6e65746e 6f632e74 001f006d 0cc51d58 0cc524c0 07a71c08 0e200000 00000001 00300048 0c9ffd14 004d3b14 004d3b23 0c9ffd58 07abe460 0cc51d58 07a71b8c 0c9ffd3c 005d302b 0c9ffd58 00000000 0c9ffee0 0086bef0 00000003 0c9ffeec 0050c67f 0cc51d58 0c9ffda4 07a711f8 034b72f8 0c9ffe54 75ca62c0 07abe460 75ca83d0 008bc40c 0c9ffd64 00000001 07a71b8c 0c9ffd80 CallStack Trace: 00 : 0082fbc3/0042ebc3 [0e200000,003d0030,00400060,07a711f8] @ ssp.exe (memmove 0082fb90 f libcmt:memmove.obj->0x33) 01 : 004a3d44/000a2d44 [00200030,0cc51d58,00000000,07a711f8] @ ssp.exe (JWString::operator=->0xf4) 02 : 0050c93d/0010b93d [0cc51d58,0c9ffda4,07a711f8,034b72f8] @ ssp.exe (SPUpdateParam::~SPUpdateParam->0x70d) 03 : 0050c67f/0010b67f [004ff268,07abe4b4,0c9fff2c,0059373c] @ ssp.exe (SPUpdateParam::~SPUpdateParam->0x44f) 04 : 00593904/00192904 [034ff268,00834e73,07a351c8,07a351c8] @ ssp.exe (SPSTMThreadDescProc::Execute->0x14) 05 : 0059373c/0019273c [0348fa54,00000001,0c9fff74,00834ef4] @ ssp.exe (SPSimpleThreadManager::BeginThreadProcShared->0xac) 06 : 00593843/00192843 [07abe460,00834e73,00834e73,07a351c8] @ ssp.exe (SPSimpleThreadManager::BeginThreadProcNormal->0x13) 07 : 00834ef4/00433ef4 [07a351c8,75ca6720,0c9fffdc,775a8e7f] @ ssp.exe (_beginthread 00834dfc f libcmt:thread.obj->0xf8) 08 : 75ca6739/00006739 [07a351c8,ae80c188,00000000,00000000] @ KERNEL32.DLL (BaseThreadInitThunk->0x19) 09 : 775a8e7f/00067e7f [ffffffff,775d8ca2,00000000,00000000] @ ntdll.dll (RtlGetFullPathName_UEx->0x4bf) 10 : 775a8e4d/00067e4d [00834e73,07a351c8,00000000,0d700000] @ ntdll.dll (RtlGetFullPathName_UEx->0x48d) Total StackDepth : 11