SPDebugger/2.17.24106.A Exception Raised at 0057b572 because ACCESS_VIOLATION (#c0000005) ->Reading 06b355f0 Data Windows NT 10.0.19043 UAC: Enabled,Limited Time: 2022/7/31 21:56:42.854 Phys.Mem: 8726/16152MB PageFile: 22671/32536MB CPU : Intel 0.6.5.2 2208MHz Features:MMX SSE HT AES-NI (Intel(R) Core(TM) i7-10870H CPU @ 2.20GHz) Package:1 Node:1 Core:8 Thread:16 SSP/2.6.12 (20220625-11; Windows NT 10.0.19043) Volume Information: C:\ Fixed [ 164104MB Free | 262143MB Total | 62%] (NTFS,Normal) D:\ Fixed [ 370977MB Free | 524288MB Total | 70%] (NTFS,Normal) E:\ Fixed [ 338035MB Free | 524287MB Total | 64%] (NTFS,Normal) Monitor Information: 0: \\.\DISPLAY1 - Work=0,0,1536,864 Size=1536x864 [PRIMARY] Env. Variables: =::=::\ =E:=E:\ssp\ghost ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\steve02081504\AppData\Roaming CommonProgramFiles=C:\Program Files (x86)\Common Files CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files CommonProgramW6432=C:\Program Files\Common Files COMPUTERNAME=LAPTOP-4FQDVD5B ComSpec=C:\WINDOWS\system32\cmd.exe DriverData=C:\Windows\System32\Drivers\DriverData FPS_BROWSER_APP_PROFILE_STRING=Internet Explorer FPS_BROWSER_USER_PROFILE_STRING=Default HOMEDRIVE=C: HOMEPATH=\Users\steve02081504 LOCALAPPDATA=C:\Users\steve02081504\AppData\Local LOGONSERVER=\\LAPTOP-4FQDVD5B NUMBER_OF_PROCESSORS=16 OneDrive=C:\Users\steve02081504\OneDrive OnlineServices=Online Services OS=Windows_NT Path=E:\ssp\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32\WBEM;E:\Python\Scripts\;E:\Python\;C:\WINDOWS\system32\WBEM;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Users\steve02081504\AppData\Local\Microsoft\WindowsApps;C:\Users\steve02081504\AppData\Local\GitHubDesktop\bin;C:\Program Files\dotnet\;E:\GitHubDesktop\bin;C:\Program Files\Git\cmd;E:\nodejs\;C:\Users\steve02081504\AppData\Local\Microsoft\WindowsApps;E:\GitHubDesktop\bin;E:\tools\upx;C:\Users\steve02081504\Documents\workstation\vcpkg;E:\phone\adb_fastboot_tools-20191020;E:\msys\usr\bin;C:\Users\steve02081504\AppData\Roaming\npm;E:\Microsoft VS Code\bin;E:\7-Zip; PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PY;.PYW platformcode=KV PROCESSOR_ARCHITECTURE=x86 PROCESSOR_ARCHITEW6432=AMD64 PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 165 Stepping 2, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=a502 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files (x86) ProgramFiles(x86)=C:\Program Files (x86) ProgramW6432=C:\Program Files PSModulePath=C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules PUBLIC=C:\Users\Public RegionCode=APJ SESSIONNAME=Console SW_SIM_HYDRA=C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\ SW_SIM_MPIT=INTELMPI SW_SIM_TEMP=C:\ProgramData\SOLIDWORKS\SW_net_sim_temp\ SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\Users\STEVE0~2\AppData\Local\Temp TMP=C:\Users\STEVE0~2\AppData\Local\Temp USERDOMAIN=LAPTOP-4FQDVD5B USERDOMAIN_ROAMINGPROFILE=LAPTOP-4FQDVD5B USERNAME=steve02081504 USERPROFILE=C:\Users\steve02081504 windir=C:\WINDOWS WIX=C:\Program Files (x86)\WiX Toolset v3.11\ Loaded Drivers: -15b40000 : mcupdate_GenuineIntel.dll -15dd0000 : hal.dll -15de0000 : kd.dll -15df0000 : tm.sys -15e20000 : CLFS.SYS -15e90000 : PSHED.dll -15eb0000 : BOOTVID.dll -15ec0000 : FLTMGR.SYS -15f30000 : cmimcext.sys -18200000 : ntoskrnl.exe -1b400000 : clipsp.sys -1b520000 : ksecdd.sys -1b550000 : msrpc.sys -1b5c0000 : werkernel.sys -1b5e0000 : ntosext.sys -1b5f0000 : CI.dll -1b6e0000 : cng.sys -1b7a0000 : Wdf01000.sys -1b880000 : WDFLDR.SYS -1b8a0000 : SleepStudyHelper.sys -1b8b0000 : WppRecorder.sys -1b8d0000 : acpiex.sys -1b900000 : SgrmAgent.sys -1b920000 : lxss.sys -1b930000 : LXCORE.SYS -1ba50000 : ACPI.sys -1bb20000 : WMILIB.SYS -1bb50000 : intelpep.sys -1bbc0000 : WindowsTrustedRT.sys -1bbe0000 : IntelTA.sys -1bbf0000 : WindowsTrustedRTProxy.sys -1bc00000 : pcw.sys -1bc20000 : msisadrv.sys -1bc30000 : pci.sys -1bcb0000 : vdrvroot.sys -1bcd0000 : pdc.sys -1bd00000 : CEA.sys -1bd20000 : partmgr.sys -1bd60000 : spaceport.sys -1be10000 : volmgr.sys -1be30000 : volmgrx.sys -1bea0000 : mountmgr.sys -1bec0000 : stornvme.sys -1bef0000 : storport.sys -1bfb0000 : iaStorAC.sys -1cba0000 : EhStorClass.sys -1cbc0000 : fileinfo.sys -1cbf0000 : Wof.sys -1cc40000 : WdFilter.sys -1ccc0000 : Ntfs.sys -1cfa0000 : Fs_Rec.sys -1cfb0000 : ndis.sys -1d120000 : NETIO.SYS -1d1c0000 : ksecpkg.sys -1d200000 : tcpip.sys -1d4f0000 : fwpkclnt.sys -1d570000 : wfplwfs.sys -1d5b0000 : VmsProxy.sys -1d5d0000 : vmbkmclr.sys -1d600000 : VmsProxyHNic.sys -1d610000 : fvevol.sys -1d6e0000 : hpdskflt.sys -1d700000 : volume.sys -1d710000 : volsnap.sys -1d780000 : rdyboost.sys -1d7e0000 : mup.sys -1d810000 : iorate.sys -1d850000 : disk.sys -1d870000 : CLASSPNP.SYS -34a30000 : crashdmp.sys -34b10000 : cdrom.sys -34b50000 : filecrypt.sys -34b70000 : tbs.sys -34b80000 : Null.SYS -34b90000 : Beep.SYS -35c00000 : tdx.sys -35c30000 : TDI.SYS -35c50000 : netbt.sys -35cb0000 : afunix.sys -35cd0000 : afd.sys -35d80000 : rtf64x64.sys -35da0000 : vwififlt.sys -35dc0000 : pacer.sys -35df0000 : ndiscap.sys -35e10000 : netbios.sys -35e30000 : Vid.sys -35ee0000 : winhvr.sys -35f10000 : rspndr.sys -35f70000 : dxgkrnl.sys -36320000 : watchdog.sys -36340000 : BasicDisplay.sys -36360000 : BasicRender.sys -36380000 : Npfs.SYS -363a0000 : Msfs.SYS -363c0000 : CimFS.SYS -36400000 : CompositeBus.sys -36420000 : kdnic.sys -36430000 : umbus.sys -36450000 : CAD.sys -36470000 : msquic.sys -364d0000 : mrxsmb.sys -36570000 : mrxsmb20.sys -365d0000 : rdbss.sys -36650000 : nsiproxy.sys -36670000 : npsvctrig.sys -36680000 : mssmbios.sys -366a0000 : gpuenergydrv.sys -366b0000 : dfsc.sys -366e0000 : lltdio.sys -36700000 : fastfat.SYS -36770000 : bam.sys -36790000 : ahcache.sys -367e0000 : tap0901.sys -41e00000 : HDAudBus.sys -41e30000 : portcls.sys -41ea0000 : drmk.sys -41ed0000 : ks.sys -41f50000 : USBXHCI.SYS -41ff0000 : ucx01000.sys -42040000 : UcmCxUcsiNvppc.sys -420f0000 : UcmCx.sys -42120000 : ibtusb.sys -42680000 : bowser.sys -426c0000 : nvlddmkm.sys -4ea00000 : bindflt.sys -4ea30000 : rdpdr.sys -4ea60000 : esif_lf.sys -4ead0000 : wcifs.sys -4eb20000 : igdkmd64.sys -50560000 : cldflt.sys -53400000 : wdiwifi.sys -53500000 : vwifibus.sys -53510000 : iaLPSS2_I2C_CNL.sys -53550000 : SpbCx.sys -53570000 : TeeDriverW10x64.sys -535c0000 : rt640x64.sys -536e0000 : GlPciSD.sys -53760000 : iaLPSS2_UART2_CNL.sys -537b0000 : SerCx2.sys -537e0000 : ICCWDT.sys -537f0000 : i8042prt.sys -53820000 : ETD.sys -538e0000 : kbdclass.sys -53900000 : IntcAudioBus.sys -53950000 : iaLPSS2_GPIO2_CNL.sys -53980000 : msgpioclx.sys -539c0000 : hpomencustomcapdriver.sys -539d0000 : Accelerometer.sys -539e0000 : hpcustomcapdriver.sys -539f0000 : wmiacpi.sys -53a00000 : intelppm.sys -53a50000 : acpipagr.sys -53a60000 : acpitime.sys -53a70000 : WirelessButtonDriver64.sys -53a80000 : mshidkmdf.sys -53a90000 : HIDCLASS.SYS -53ad0000 : HIDPARSE.SYS -53af0000 : CmBatt.sys -53b00000 : BATTC.SYS -53b20000 : dptf_acpi.sys -53b40000 : UcmUcsiAcpiClient.sys -53b60000 : UcmUcsiCx.sys -53b90000 : UEFI.sys -53ba0000 : nvvad64v.sys -53bc0000 : ksthunk.sys -53bd0000 : nvvhci.sys -53bf0000 : NdisVirtualBus.sys -53c00000 : swenum.sys -53c10000 : rdpbus.sys -53c20000 : UsbHub3.sys -53cd0000 : USBD.SYS -53ce0000 : ViGEmBus.sys -53d00000 : iocbios2.sys -53d10000 : hidi2c.sys -53d30000 : IntcOED.sys -53e70000 : nvhda64v.sys -53ea0000 : mouhid.sys -53ec0000 : mouclass.sys -53ee0000 : ETDHCF.sys -53ef0000 : PTPFilter.sys -53f00000 : MTConfig.sys -53f10000 : luafv.sys -53f40000 : rdpvideominiport.sys -53f50000 : mmcss.sys -53f70000 : usbvideo.sys -54000000 : dump_stornvme.sys -54050000 : dump_dumpfve.sys -54070000 : dxgmms2.sys -54160000 : monitor.sys -54180000 : storqosflt.sys -541b0000 : Netwtw10.sys -54780000 : WUDFRd.sys -547e0000 : dptf_cpu.sys -55a00000 : IntcBTAu.sys -55ac0000 : IntcDMic.sys -55b70000 : hidusb.sys -55b90000 : BTHUSB.sys -55bc0000 : BTHport.sys -55d60000 : RTKVHD64.sys -56350000 : IntcDAud.sys -563b0000 : usbccgp.sys -563f0000 : dump_dumpstorport.sys -7ca00000 : win32kbase.sys -7cce0000 : win32kfull.sys -7d0a0000 : cdd.dll -7d8e0000 : win32k.sys -93e00000 : HTTP.sys -93f90000 : condrv.sys -93fb0000 : mpsdrv.sys -93fd0000 : HpReadHWData.sys -93fe0000 : idmwfp.sys -94020000 : Ndu.sys -94050000 : srvnet.sys -940b0000 : tcpipreg.sys -940d0000 : peauth.sys -941b0000 : mrxdav.sys -941e0000 : srv2.sys -942b0000 : rassstp.sys -942d0000 : NDProxy.sys -942f0000 : vwifimp.sys -94310000 : AgileVpn.sys -94340000 : rasl2tp.sys -94370000 : raspptp.sys -943a0000 : raspppoe.sys -943c0000 : ndistapi.sys -943d0000 : ndiswan.sys -94440000 : WdNisDrv.sys -94480000 : MpKslDrv.sys -94c20000 : vmswitch.sys -94ea0000 : wanarp.sys -94ec0000 : mslldp.sys -94ee0000 : ndisuio.sys -94f00000 : nwifi.sys Executing Processes: [With ToolHelp32] -00000000 : [System Process] (16 Threads.) -00000004 : System (290 Threads.) -000000ac : Registry (4 Threads.) -00000230 : smss.exe (2 Threads.) -00000348 : csrss.exe (14 Threads.) -000003ac : wininit.exe (1 Threads.) -000003b4 : csrss.exe (13 Threads.) -000003f4 : services.exe (6 Threads.) -000003fc : lsass.exe (10 Threads.) -0000041c : svchost.exe (18 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000043c : fontdrvhost.exe (5 Threads.) 10.0.19041.1620 - Usermode Font Driver Host ? Microsoft Corporation. All rights reserved. -0000044c : WUDFHost.exe (5 Threads.) -000004a4 : svchost.exe (11 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000004d0 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000004f8 : WUDFHost.exe (12 Threads.) -0000053c : winlogon.exe (5 Threads.) -00000578 : fontdrvhost.exe (5 Threads.) 10.0.19041.1620 - Usermode Font Driver Host ? Microsoft Corporation. All rights reserved. -000005c8 : dwm.exe (15 Threads.) -00000618 : svchost.exe (37 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000654 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000065c : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000006a0 : IntelCpHDCPSvc.exe (3 Threads.) -000006a8 : svchost.exe (11 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000006e8 : svchost.exe (8 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000072c : IntelCpHeciSvc.exe (3 Threads.) -000007d0 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000007dc : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000059c : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000814 : svchost.exe (12 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000081c : OmenCap.exe (2 Threads.) -00000824 : NetworkCap.exe (3 Threads.) -0000082c : DiagsCap.exe (3 Threads.) -00000834 : AppHelperCap.exe (4 Threads.) -00000858 : SysInfoCap.exe (12 Threads.) -000008d0 : svchost.exe (5 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000008dc : svchost.exe (1 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000910 : TouchpointAnalyticsClientService.exe (21 Threads.) -00000920 : svchost.exe (1 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000a10 : svchost.exe (7 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000a3c : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000a54 : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000a8c : svchost.exe (8 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000ab8 : svchost.exe (7 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000b3c : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000b60 : svchost.exe (2 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000ba0 : svchost.exe (5 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000bd8 : svchost.exe (7 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000c34 : svchost.exe (7 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000c80 : WmiPrvSE.exe (8 Threads.) 10.0.19041.546 - WMI Provider Host ? Microsoft Corporation. All rights reserved. -00000cdc : unsecapp.exe (3 Threads.) -00000d68 : WmiPrvSE.exe (6 Threads.) 10.0.19041.546 - WMI Provider Host ? Microsoft Corporation. All rights reserved. -00000dd4 : NVDisplay.Container.exe (9 Threads.) -00000e24 : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000e30 : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000e38 : svchost.exe (2 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000e94 : igfxCUIService.exe (2 Threads.) -00000ea0 : Memory Compression (42 Threads.) -00000f08 : svchost.exe (7 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000f10 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000ff0 : svchost.exe (12 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001020 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001028 : svchost.exe (8 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001030 : svchost.exe (11 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000010cc : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001118 : svchost.exe (19 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001158 : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000011a4 : wlanext.exe (1 Threads.) 10.0.19041.1 - Windows Wireless LAN 802.11 Extensibility Framework ? Microsoft Corporation. All rights reserved. -000011b8 : conhost.exe (2 Threads.) -000011c0 : spoolsv.exe (7 Threads.) -0000122c : svchost.exe (12 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001280 : svchost.exe (2 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000130c : svchost.exe (1 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000013c0 : ETDService.exe (4 Threads.) -000013c8 : svchost.exe (1 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000013d0 : svchost.exe (12 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000013d8 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000013e0 : OneApp.IGCC.WinService.exe (7 Threads.) -000013e8 : ibtsiva.exe (1 Threads.) -000013f0 : IntelAudioService.exe (10 Threads.) -000013f8 : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000010e0 : svchost.exe (20 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000106c : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000011c8 : FNPLicensingService64.exe (6 Threads.) -0000129c : SECOMN64.exe (6 Threads.) -0000125c : IpOverUsbSvc.exe (6 Threads.) -00001404 : RstMwService.exe (6 Threads.) -0000140c : RtkAudUService64.exe (12 Threads.) -00001414 : XtuService.exe (13 Threads.) 7.3.0.33 - XtuService Copyright(C) 2007 - 2021, Intel Corporation. All Rights Reserved. -0000141c : snmp.exe (5 Threads.) 10.0.19041.1 - SNMP 服务 ? Microsoft Corporation. All rights reserved. -00001424 : svchost.exe (10 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000144c : svchost.exe (1 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001458 : svchost.exe (5 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001464 : svchost.exe (11 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000146c : MsMpEng.exe (74 Threads.) -000014bc : LMS.exe (3 Threads.) -00001500 : esif_uf.exe (3 Threads.) -0000158c : svchost.exe (8 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001588 : svchost.exe (7 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000165c : svchost.exe (21 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000178c : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000015cc : jhi_service.exe (2 Threads.) -00001818 : dasHost.exe (2 Threads.) -00001850 : lmgrd.exe (2 Threads.) -00001988 : svchost.exe (12 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000019a4 : conhost.exe (4 Threads.) -00001b20 : lmgrd.exe (1 Threads.) -000018ac : sw_d.exe (3 Threads.) -00001c80 : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001e2c : svchost.exe (10 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001fe8 : NisSrv.exe (7 Threads.) -00000734 : NVDisplay.Container.exe (35 Threads.) -00001f34 : svchost.exe (9 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000230c : ETDCtrl.exe (13 Threads.) -000023a0 : svchost.exe (12 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000023d4 : sihost.exe (10 Threads.) -00000f34 : svchost.exe (10 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002160 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000023f4 : PresentationFontCache.exe (4 Threads.) -000010ec : taskhostw.exe (8 Threads.) -00002408 : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000244c : igfxEM.exe (6 Threads.) -00002464 : ctfmon.exe (12 Threads.) 10.0.19041.1 - CTF 加载程序 ? Microsoft Corporation. All rights reserved. -000024a8 : svchost.exe (7 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000024b0 : SECOCL64.exe (14 Threads.) -000024e4 : conhost.exe (2 Threads.) -00002594 : explorer.exe (92 Threads.) 10.0.19041.1865 - Windows 资源管理器 ? Microsoft Corporation. All rights reserved. -00002624 : svchost.exe (7 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002794 : svchost.exe (1 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000027f0 : svchost.exe (2 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000026c8 : ChsIME.exe (2 Threads.) -000027cc : RtkAudUService64.exe (7 Threads.) -0000234c : svchost.exe (9 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000288c : SearchIndexer.exe (15 Threads.) 7.0.19041.1865 - Microsoft Windows Search 索引器 ? Microsoft Corporation. All rights reserved. -00002910 : StartMenuExperienceHost.exe (12 Threads.) -0000294c : RuntimeBroker.exe (6 Threads.) -000029c8 : SearchApp.exe (37 Threads.) -00002a14 : RuntimeBroker.exe (18 Threads.) -00002c60 : SettingSyncHost.exe (3 Threads.) 10.0.19041.1806 - Host Process for Setting Synchronization ? Microsoft Corporation. All rights reserved. -00002ef8 : ApplicationFrameHost.exe (3 Threads.) -000023a4 : TextInputHost.exe (21 Threads.) -00002f74 : SecurityHealthSystray.exe (1 Threads.) -00002ee4 : SecurityHealthService.exe (7 Threads.) -00002ebc : svchost.exe (1 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000030c8 : Discord.exe (35 Threads.) -00003238 : ChsIME.exe (2 Threads.) -000030c0 : Resilio Sync.exe (40 Threads.) -000030c4 : Discord.exe (7 Threads.) -000026fc : Discord.exe (11 Threads.) -000033c8 : Discord.exe (9 Threads.) -0000350c : LetsPRO.exe (44 Threads.) -000035ac : jusched.exe (1 Threads.) -000035f8 : DeepL.exe (60 Threads.) -000036cc : svchost.exe (2 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000010d4 : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003538 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003790 : RuntimeBroker.exe (10 Threads.) -00003600 : CefSharp.BrowserSubprocess.exe (30 Threads.) -00000f20 : CefSharp.BrowserSubprocess.exe (9 Threads.) -00003274 : CefSharp.BrowserSubprocess.exe (12 Threads.) -00001644 : CefSharp.BrowserSubprocess.exe (18 Threads.) -00003054 : ShellExperienceHost.exe (16 Threads.) -00002060 : RuntimeBroker.exe (3 Threads.) -00002094 : HPSystemEventUtilityHost.exe (9 Threads.) -00002a00 : PaintStudio.View.exe (62 Threads.) -00000918 : RuntimeBroker.exe (1 Threads.) -000020d8 : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003708 : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003594 : svchost.exe (5 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001ea4 : HPAudioSwitch.exe (11 Threads.) -00003804 : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000012a0 : HPCommRecovery.exe (14 Threads.) -00002ae4 : SgrmBroker.exe (6 Threads.) -00003994 : svchost.exe (8 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000031e0 : TouchpointGpuInfo.exe (9 Threads.) -000022dc : svchost.exe (2 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002b44 : Discord.exe (54 Threads.) -00001f38 : Discord.exe (8 Threads.) -00003144 : CefSharp.BrowserSubprocess.exe (18 Threads.) -00003bc8 : dllhost.exe (5 Threads.) 10.0.19041.546 - COM Surrogate ? Microsoft Corporation. All rights reserved. -00002fac : MpCopyAccelerator.exe (3 Threads.) -00004378 : SystemSettings.exe (22 Threads.) -00000488 : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002a30 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001540 : Microsoft.Photos.exe (21 Threads.) -00002244 : RuntimeBroker.exe (5 Threads.) -000029d0 : BridgeCommunication.exe (4 Threads.) -00001720 : firefox.exe (82 Threads.) -00001074 : firefox.exe (33 Threads.) -000027ec : firefox.exe (5 Threads.) -00003ffc : firefox.exe (27 Threads.) -00003e0c : firefox.exe (28 Threads.) -00003b80 : firefox.exe (30 Threads.) -00003dc0 : firefox.exe (31 Threads.) -0000409c : svchost.exe (2 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001258 : firefox.exe (31 Threads.) -0000090c : smartscreen.exe (10 Threads.) -00002d6c : GitHubDesktop.exe (31 Threads.) -0000109c : GitHubDesktop.exe (14 Threads.) -00001fe0 : GitHubDesktop.exe (11 Threads.) -000033ac : GitHubDesktop.exe (24 Threads.) -00002248 : firefox.exe (20 Threads.) -00001ef0 : firefox.exe (20 Threads.) -00000a08 : firefox.exe (7 Threads.) -000030f8 : firefox.exe (5 Threads.) -00000db0 : firefox.exe (20 Threads.) -00003c0c : notepad++.exe (4 Threads.) -00002d68 : SearchFilterHost.exe (3 Threads.) 7.0.19041.1865 - Microsoft Windows Search Filter Host ? Microsoft Corporation. All rights reserved. -00001b88 : SearchProtocolHost.exe (5 Threads.) 7.0.19041.1865 - Microsoft Windows Search Protocol Host ? Microsoft Corporation. All rights reserved. -00003964 : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000d04 : audiodg.exe (8 Threads.) -00003be0 : SearchProtocolHost.exe (6 Threads.) 7.0.19041.1865 - Microsoft Windows Search Protocol Host ? Microsoft Corporation. All rights reserved. ==> -00004370 : ssp.exe (20 Threads.) 2.6.12.3000 - SSP (C) D-EXCLAMATION / SSP BUGTRAQ Executing Threads: [With ToolHelp32] -00001d0c : 8(0) -00003db0 : 8(0) -00003f20 : 8(0) -00000fa8 : 8(0) -000016fc : 8(0) -0000202c : 8(0) -00002b34 : 8(0) -00003a9c : 8(0) -00001e28 : 8(0) -00004314 : 7(0) -00004168 : 7(0) -000038e4 : 8(0) -000008b8 : 8(0) -00002378 : 9(0) -00004018 : 7(0) -00004228 : 8(0) -00000778 : 8(0) -0000367c : 7(0) -00002cd4 : 7(0) ==> -00002944 : 8(0) Executing Services: [With SCM/NT] ---AJRouter (AllJoyn Router Service) - Stopped/Paused ---ALG (Application Layer Gateway Service) - Stopped/Paused ---AppIDSvc (Application Identity) - Stopped/Paused ***Appinfo (Application Information) - Running ---AppReadiness (App Readiness) - Stopped/Paused ***AppXSvc (AppX Deployment Service (AppXSVC)) - Running ***AudioEndpointBuilder (Windows Audio Endpoint Builder) - Running ***Audiosrv (Windows Audio) - Running ---autotimesvc (手机网络时间) - Stopped/Paused ---AxInstSV (ActiveX Installer (AxInstSV)) - Stopped/Paused ---BDESVC (BitLocker Drive Encryption Service) - Stopped/Paused ***BFE (Base Filtering Engine) - Running ---BITS (Background Intelligent Transfer Service) - Stopped/Paused ***BrokerInfrastructure (Background Tasks Infrastructure Service) - Running ---BTAGService (蓝牙音频网关服务) - Stopped/Paused ***BthAvctpSvc (AVCTP 服务) - Running ---bthserv (蓝牙支持服务) - Stopped/Paused ***camsvc (功能访问管理器服务) - Running ***CDPSvc (连接设备平台服务) - Running ***CertPropSvc (Certificate Propagation) - Running ---ClipSVC (Client License Service (ClipSVC)) - Stopped/Paused ---COMSysApp (COM+ System Application) - Stopped/Paused ---CoordinatorServiceHost (DTSInterops) - Stopped/Paused ***CoreMessagingRegistrar (CoreMessaging) - Running ***cphs (Intel(R) Content Protection HECI Service) - Running ***cplspcon (Intel(R) Content Protection HDCP Service) - Running ***CryptSvc (Cryptographic Services) - Running ***DcomLaunch (DCOM Server Process Launcher) - Running ---debugregsvc (debugregsvc) - Stopped/Paused ---defragsvc (Optimize drives) - Stopped/Paused ---DeveloperToolsService (开发人员工具服务) - Stopped/Paused ***DeviceAssociationService (Device Association Service) - Running ---DeviceInstall (Device Install Service) - Stopped/Paused ---DevQueryBroker (DevQuery Background Discovery Broker) - Stopped/Paused ***Dhcp (DHCP Client) - Running ---diagnosticshub.standardcollector.service (Microsoft (R) 诊断中心标准收集器服务) - Stopped/Paused ---diagsvc (Diagnostic Execution Service) - Stopped/Paused ***DiagTrack (Connected User Experiences and Telemetry) - Running ***DispBrokerDesktopSvc (显示策略服务) - Running ***DisplayEnhancementService (显示增强服务) - Running ---DmEnrollmentSvc (设备管理注册服务) - Stopped/Paused ---dmwappushservice (设备管理无线应用程序协议 (WAP) 推送消息路由服务) - Stopped/Paused ***Dnscache (DNS Client) - Running ***DoSvc (Delivery Optimization) - Running ---dot3svc (Wired AutoConfig) - Stopped/Paused ***DPS (Diagnostic Policy Service) - Running ---DsmSvc (Device Setup Manager) - Stopped/Paused ***DsSvc (Data Sharing Service) - Running ***DusmSvc (数据使用量) - Running ---Eaphost (Extensible Authentication Protocol) - Stopped/Paused ---edgeupdate (Microsoft Edge 更新 服务 (edgeupdate)) - Stopped/Paused ---edgeupdatem (Microsoft Edge 更新 服务 (edgeupdatem)) - Stopped/Paused ***EFS (Encrypting File System (EFS)) - Running ---embeddedmode (嵌入模式) - Stopped/Paused ---EntAppSvc (Enterprise App Management Service) - Stopped/Paused ---EpicOnlineServices (Epic Online Services) - Stopped/Paused ***esifsvc (Intel(R) Dynamic Tuning service) - Running ***ETDService (ELAN Service) - Running ***EventLog (Windows Event Log) - Running ***EventSystem (COM+ Event System) - Running ---fdPHost (Function Discovery Provider Host) - Stopped/Paused ---FDResPub (Function Discovery Resource Publication) - Stopped/Paused ---fhsvc (File History Service) - Stopped/Paused ---FileSyncHelper (FileSyncHelper) - Stopped/Paused ***FlexNet Licensing Service 64 (FlexNet Licensing Service 64) - Running ***FontCache (Windows Font Cache Service) - Running ***FontCache3.0.0.0 (Windows Presentation Foundation Font Cache 3.0.0.0) - Running ---FrameServer (Windows Camera Frame Server) - Stopped/Paused ---gpsvc (Group Policy Client) - Stopped/Paused ---GraphicsPerfSvc (GraphicsPerfSvc) - Stopped/Paused ---HfcDisableService (Intel(R) RST HFC Disable Service) - Stopped/Paused ---hidserv (Human Interface Device Service) - Stopped/Paused ***HP Comm Recover (HP Comm Recovery) - Running ***HPAppHelperCap (HP App Helper HSA Service) - Running ***HPDiagsCap (HP Diagnostics HSA Service) - Running ***HPNetworkCap (HP Network HSA Service) - Running ***HPOmenCap (HP Omen HSA Service) - Running ***HPSysInfoCap (HP System Info HSA Service) - Running ***HpTouchpointAnalyticsService (HP Analytics service) - Running ---HvHost (HV 主机服务) - Stopped/Paused ---iaStorAfsService (Intel(R) Optane(TM) Memory Service) - Stopped/Paused ***ibtsiva (Intel Bluetooth Service) - Running ---icssvc (Windows 移动热点服务) - Stopped/Paused ***igccservice (Intel(R) Graphics Command Center Service) - Running ***igfxCUIService2.0.0.0 (Intel(R) HD Graphics Control Panel Service) - Running ***IKEEXT (IKE and AuthIP IPsec Keying Modules) - Running ---impi_hydra (Intel(R) MPI Library Hydra Process Manager) - Stopped/Paused ---InstallService (Microsoft Store 安装服务) - Stopped/Paused ---Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Stopped/Paused ---Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Stopped/Paused ***IntelAudioService (Intel(R) Audio Service) - Running ***iphlpsvc (IP Helper) - Running ***IpOverUsbSvc (Windows Phone IP over USB Transport (IpOverUsbSvc)) - Running ***iprip (RIP Listener) - Running ---IpxlatCfgSvc (IP 转换配置服务) - Stopped/Paused ***jhi_service (Intel(R) Dynamic Application Loader Host Interface Service) - Running ***KeyIso (CNG Key Isolation) - Running ---KtmRm (KtmRm for Distributed Transaction Coordinator) - Stopped/Paused ***LanmanServer (Server) - Running ***LanmanWorkstation (Workstation) - Running ***lfsvc (Geolocation Service) - Running ***LicenseManager (Windows 许可证管理器服务) - Running ---lltdsvc (Link-Layer Topology Discovery Mapper) - Stopped/Paused ***lmhosts (TCP/IP NetBIOS Helper) - Running ***LMS (Intel(R) Management and Security Application Local Management Service) - Running ***LSM (Local Session Manager) - Running ---LxpSvc (语言体验服务) - Stopped/Paused ---LxssManager (LxssManager) - Stopped/Paused ---MapsBroker (Downloaded Maps Manager) - Stopped/Paused ---McpManagementService (McpManagementService) - Stopped/Paused ---MixedRealityOpenXRSvc (Windows Mixed Reality OpenXR Service) - Stopped/Paused ***mpssvc (Windows Defender Firewall) - Running ---MSDTC (Distributed Transaction Coordinator) - Stopped/Paused ---MSiSCSI (Microsoft iSCSI Initiator Service) - Stopped/Paused ---msiserver (Windows Installer) - Stopped/Paused ---NaturalAuthentication (自然身份验证) - Stopped/Paused ---NcaSvc (Network Connectivity Assistant) - Stopped/Paused ***NcbService (Network Connection Broker) - Running ---NcdAutoSetup (Network Connected Devices Auto-Setup) - Stopped/Paused ---Netlogon (Netlogon) - Stopped/Paused ***Netman (Network Connections) - Running ***netprofm (Network List Service) - Running ---NetSetupSvc (Network Setup Service) - Stopped/Paused ---NetTcpPortSharing (Net.Tcp Port Sharing Service) - Stopped/Paused ***NgcCtnrSvc (Microsoft Passport Container) - Running ***NgcSvc (Microsoft Passport) - Running ***NlaSvc (Network Location Awareness) - Running ***nsi (Network Store Interface Service) - Running ---NvContainerLocalSystem (NVIDIA LocalSystem Container) - Stopped/Paused ***NVDisplay.ContainerLocalSystem (NVIDIA Display Container LS) - Running ---OneDrive Updater Service (OneDrive Updater Service) - Stopped/Paused ---p2pimsvc (Peer Networking Identity Manager) - Stopped/Paused ---p2psvc (Peer Networking Grouping) - Stopped/Paused ***PcaSvc (Program Compatibility Assistant Service) - Running ---perceptionsimulation (Windows 感知模拟服务) - Stopped/Paused ---PerfHost (Performance Counter DLL Host) - Stopped/Paused ---PhoneSvc (Phone Service) - Stopped/Paused ---pla (Performance Logs & Alerts) - Stopped/Paused ***PlugPlay (Plug and Play) - Running ---PNRPAutoReg (PNRP Machine Name Publication Service) - Stopped/Paused ---PNRPsvc (Peer Name Resolution Protocol) - Stopped/Paused ---PolicyAgent (IPsec Policy Agent) - Stopped/Paused ***Power (Power) - Running ---PrintNotify (Printer Extensions and Notifications) - Stopped/Paused ***ProfSvc (User Profile Service) - Running ---PushToInstall (Windows PushToInstall 服务) - Stopped/Paused ---qcmtusvc (Qualcomm MTU Service) - Stopped/Paused ---QWAVE (Quality Windows Audio Video Experience) - Stopped/Paused ---RasAuto (Remote Access Auto Connection Manager) - Stopped/Paused ***RasMan (Remote Access Connection Manager) - Running ---RemoteAccess (Routing and Remote Access) - Stopped/Paused ---RemoteRegistry (Remote Registry) - Stopped/Paused ---RetailDemo (零售演示服务) - Stopped/Paused ***RmSvc (无线电管理服务) - Running ***RpcEptMapper (RPC Endpoint Mapper) - Running ---RpcLocator (Remote Procedure Call (RPC) Locator) - Stopped/Paused ***RpcSs (Remote Procedure Call (RPC)) - Running ***RstMwService (Intel(R) Storage Middleware Service) - Running ***RtkAudioUniversalService (Realtek Audio Universal Service) - Running ***SamSs (Security Accounts Manager) - Running ---SCardSvr (Smart Card) - Stopped/Paused ---ScDeviceEnum (Smart Card Device Enumeration Service) - Stopped/Paused ***Schedule (Task Scheduler) - Running ---SCPolicySvc (Smart Card Removal Policy) - Stopped/Paused ---SDRSVC (Windows 备份) - Stopped/Paused ---seclogon (Secondary Logon) - Stopped/Paused ***SECOMNService (Sound Research SECOMN Service) - Running ***SecurityHealthService (Windows 安全中心服务) - Running ***SEMgrSvc (付款和 NFC/SE 管理器) - Running ***SENS (System Event Notification Service) - Running ---SensorDataService (Sensor Data Service) - Stopped/Paused ---SensorService (Sensor Service) - Stopped/Paused ---SensrSvc (Sensor Monitoring Service) - Stopped/Paused ***SessionEnv (Remote Desktop Configuration) - Running ***SgrmBroker (System Guard 运行时监视代理) - Running ---SharedAccess (Internet Connection Sharing (ICS)) - Stopped/Paused ---SharedRealitySvc (空间数据服务) - Stopped/Paused ***ShellHWDetection (Shell Hardware Detection) - Running ---shpamsvc (Shared PC Account Manager) - Stopped/Paused ---smphost (Microsoft Storage Spaces SMP) - Stopped/Paused ---SmsRouter (Microsoft Windows SMS 路由器服务。) - Stopped/Paused ***SNMP (SNMP 服务) - Running ---SNMPTRAP (SNMP 陷阱) - Stopped/Paused ***SolidWorks Flexnet Server (SolidWorks Flexnet Server) - Running ---SolidWorks Licensing Service (SolidWorks Licensing Service) - Stopped/Paused ---spectrum (Windows 感知服务) - Stopped/Paused ***Spooler (Print Spooler) - Running ---sppsvc (Software Protection) - Stopped/Paused ***SSDPSRV (SSDP Discovery) - Running ---ssh-agent (OpenSSH Authentication Agent) - Stopped/Paused ---sshd (OpenSSH SSH Server) - Stopped/Paused ---SshdBroker (SshdBroker) - Stopped/Paused ***SstpSvc (Secure Socket Tunneling Protocol Service) - Running ***StateRepository (State Repository Service) - Running ---Steam Client Service (Steam Client Service) - Stopped/Paused ---stisvc (Windows Image Acquisition (WIA)) - Stopped/Paused ***StorSvc (Storage Service) - Running ---svsvc (Spot Verifier) - Stopped/Paused ---swprv (Microsoft Software Shadow Copy Provider) - Stopped/Paused ***SysMain (SysMain) - Running ***SystemEventsBroker (System Events Broker) - Running ***TabletInputService (Touch Keyboard and Handwriting Panel Service) - Running ***TapiSrv (Telephony) - Running ***TermService (Remote Desktop Services) - Running ***Themes (Themes) - Running ---TieringEngineService (Storage Tiers Management) - Stopped/Paused ***TimeBrokerSvc (Time Broker) - Running ***TokenBroker (Web 帐户管理器) - Running ***TrkWks (Distributed Link Tracking Client) - Running ---TroubleshootingSvc (建议疑难解答服务) - Stopped/Paused ---TrustedInstaller (Windows Modules Installer) - Stopped/Paused ---tzautoupdate (自动时区更新程序) - Stopped/Paused ---uhssvc (Microsoft Update Health Service) - Stopped/Paused ***UmRdpService (Remote Desktop Services UserMode Port Redirector) - Running ---upnphost (UPnP Device Host) - Stopped/Paused ***UserManager (User Manager) - Running ***UsoSvc (更新 Orchestrator 服务) - Running ---VacSvc (立体音频组合器服务) - Stopped/Paused ***VaultSvc (Credential Manager) - Running ---vds (Virtual Disk) - Stopped/Paused ---vmicguestinterface (Hyper-V Guest Service Interface) - Stopped/Paused ---vmicheartbeat (Hyper-V Heartbeat Service) - Stopped/Paused ---vmickvpexchange (Hyper-V Data Exchange Service) - Stopped/Paused ---vmicrdv (Hyper-V 远程桌面虚拟化服务) - Stopped/Paused ---vmicshutdown (Hyper-V Guest Shutdown Service) - Stopped/Paused ---vmictimesync (Hyper-V Time Synchronization Service) - Stopped/Paused ---vmicvmsession (Hyper-V PowerShell Direct Service) - Stopped/Paused ---vmicvss (Hyper-V 卷影复制请求程序) - Stopped/Paused ---VSS (Volume Shadow Copy) - Stopped/Paused ---VSStandardCollectorService150 (Visual Studio Standard Collector Service 150) - Stopped/Paused ---W32Time (Windows Time) - Stopped/Paused ---WaaSMedicSvc (Windows 更新医生服务) - Stopped/Paused ---WalletService (WalletService) - Stopped/Paused ---WarpJITSvc (WarpJITSvc) - Stopped/Paused ---wbengine (Block Level Backup Engine Service) - Stopped/Paused ---WbioSrvc (Windows Biometric Service) - Stopped/Paused ***Wcmsvc (Windows Connection Manager) - Running ---wcncsvc (Windows Connect Now - Config Registrar) - Stopped/Paused ***WdiServiceHost (Diagnostic Service Host) - Running ***WdiSystemHost (Diagnostic System Host) - Running ***WdNisSvc (Microsoft Defender Antivirus Network Inspection Service) - Running ***WebClient (WebClient) - Running ---WebManagement (Web Management) - Stopped/Paused ---Wecsvc (Windows Event Collector) - Stopped/Paused ---WEPHOSTSVC (Windows Encryption Provider Host Service) - Stopped/Paused ---wercplsupport (Problem Reports Control Panel Support) - Stopped/Paused ---WerSvc (Windows Error Reporting Service) - Stopped/Paused ---WFDSConMgrSvc (WLAN Direct 服务连接管理器服务) - Stopped/Paused ---WiaRpc (Still Image Acquisition Events) - Stopped/Paused ---WinAppMgmt (Windows Application Management Service) - Stopped/Paused ***WinDefend (Microsoft Defender Antivirus Service) - Running ***WinHttpAutoProxySvc (WinHTTP Web Proxy Auto-Discovery Service) - Running ***Winmgmt (Windows Management Instrumentation) - Running ---WinRM (Windows Remote Management (WS-Management)) - Stopped/Paused ---wisvc (Windows 预览体验成员服务) - Stopped/Paused ***WlanSvc (WLAN AutoConfig) - Running ---wlidsvc (Microsoft Account Sign-in Assistant) - Stopped/Paused ---wlpasvc (本地配置文件助手服务) - Stopped/Paused ---WManSvc (Windows 管理服务) - Stopped/Paused ---wmiApSrv (WMI Performance Adapter) - Stopped/Paused ---workfolderssvc (Work Folders) - Stopped/Paused ---WpcMonSvc (家长控制) - Stopped/Paused ---WPDBusEnum (Portable Device Enumerator Service) - Stopped/Paused ***WpnService (Windows 推送通知系统服务) - Running ***wscsvc (Security Center) - Running ***WSearch (Windows Search) - Running ***wuauserv (Windows Update) - Running ---WwanSvc (WWAN AutoConfig) - Stopped/Paused ---XblAuthManager (Xbox Live 身份验证管理器) - Stopped/Paused ---XblGameSave (Xbox Live 游戏保存) - Stopped/Paused ---XboxGipSvc (Xbox Accessory Management Service) - Stopped/Paused ---XboxNetApiSvc (Xbox Live 网络服务) - Stopped/Paused ***XTU3SERVICE (XTUOCDriverService) - Running ---AarSvc_135ab0 (Agent Activation Runtime_135ab0) - Stopped/Paused ---BcastDVRUserService_135ab0 (GameDVR 和广播用户服务_135ab0) - Stopped/Paused ---BluetoothUserService_135ab0 (蓝牙用户支持服务_135ab0) - Stopped/Paused ***CaptureService_135ab0 (CaptureService_135ab0) - Running ***cbdhsvc_135ab0 (剪贴板用户服务_135ab0) - Running ***CDPUserSvc_135ab0 (连接设备平台用户服务_135ab0) - Running ---ConsentUxUserSvc_135ab0 (ConsentUX_135ab0) - Stopped/Paused ---CredentialEnrollmentManagerUserSvc_135ab0 (CredentialEnrollmentManagerUserSvc_135ab0) - Stopped/Paused ---DeviceAssociationBrokerSvc_135ab0 (DeviceAssociationBroker_135ab0) - Stopped/Paused ---DevicePickerUserSvc_135ab0 (DevicePicker_135ab0) - Stopped/Paused ---DevicesFlowUserSvc_135ab0 (DevicesFlow_135ab0) - Stopped/Paused ---LxssManagerUser_135ab0 (LxssManagerUser_135ab0) - Stopped/Paused ---MessagingService_135ab0 (MessagingService_135ab0) - Stopped/Paused ***PimIndexMaintenanceSvc_135ab0 (Contact Data_135ab0) - Running ---PrintWorkflowUserSvc_135ab0 (PrintWorkflow_135ab0) - Stopped/Paused ---UdkUserSvc_135ab0 (Udk 用户服务_135ab0) - Stopped/Paused ***UnistoreSvc_135ab0 (User Data Storage_135ab0) - Running ***UserDataSvc_135ab0 (User Data Access_135ab0) - Running ***WpnUserService_135ab0 (Windows Push Notifications User Service_135ab0) - Running Loaded Modules: [With ToolHelp32] ==> -00400000 : E:\ssp\ssp.exe 2.6.12.3000 - SSP (C) D-EXCLAMATION / SSP BUGTRAQ -03d40000 : E:\ssp\ghost\Taromati2\ghost\master\saori\ip.DLL 1.0.0.0 - by steve02081504 for Taromati2 at 2021/2/15 -062b0000 : E:\ssp\ghost\Taromati2\ghost\master\saori\cmdrunner.DLL 1.0.0.0 - by steve02081504 for Taromati2 at 2021/2/16 -06720000 : E:\ssp\ghost\Taromati2\ghost\master\saori\VMDetect.DLL 1.0.0.0 - by steve02081504 for Taromati2 at 2022/5/7 -06730000 : E:\ssp\plugin\shared_value\shared_value.dll 1.0.0.0 - Shared Value Plugin Copyright (C) CSaori Project -06860000 : E:\ssp\plugin\SAKNIFE\SAKNIFE.dll 1.5.3.0 - SwissArmyKnife (C) 2004 SSP BUGTRAQ -0aa10000 : E:\ssp\ghost\Taromati2\ghost\master\saori\debeso.DLL -10000000 : E:\ssp\data\language\chinese-simplified\resource.dll 2.5.86.14 - Language Resource DLL (C) D-EXCLAMATION / SSP BUGTRAQ -13700000 : E:\ssp\ghost\Taromati2\ghost\master\shiori\aya.dll -50740000 : C:\Windows\System32\wuapi.dll 10.0.19041.1865 - Windows 更新客户端 API ? Microsoft Corporation. All rights reserved. -50a00000 : C:\Windows\System32\ActXPrxy.dll 10.0.19041.844 - ActiveX Interface Marshaling Library ? Microsoft Corporation. All rights reserved. -50a50000 : E:\ssp\plugin\discord\discord.dll -50ad0000 : C:\Windows\System32\ShellCommonCommonProxyStub.dll 10.0.19041.1566 - ShellCommon Common Proxy Stub ? Microsoft Corporation. All rights reserved. -50b40000 : C:\WINDOWS\SYSTEM32\QUARTZ.dll 10.0.19041.746 - DirectShow Runtime. ? Microsoft Corporation. All rights reserved. -50da0000 : C:\WINDOWS\system32\es.dll 2001.12.10941.16384 - COM+ ? Microsoft Corporation. All rights reserved. -512e0000 : C:\WINDOWS\SYSTEM32\oledlg.dll 10.0.19041.746 - OLE 用户界面支持 ? Microsoft Corporation. All rights reserved. -52fb0000 : C:\Windows\System32\Windows.UI.Immersive.dll 10.0.19041.1865 - WINDOWS.UI.IMMERSIVE ? Microsoft Corporation. All rights reserved. -63790000 : C:\WINDOWS\SYSTEM32\msvcp110_win.dll 10.0.19041.546 - Microsoft? STL110 C++ Runtime Library ? Microsoft Corporation. All rights reserved. -63800000 : C:\WINDOWS\SYSTEM32\policymanager.dll 10.0.19041.1865 - Policy Manager DLL ? Microsoft Corporation. All rights reserved. -63890000 : C:\WINDOWS\SYSTEM32\ntshrui.dll 10.0.19041.844 - 用于共享的外壳扩展 ? Microsoft Corporation. All rights reserved. -638f0000 : C:\WINDOWS\System32\netprofm.dll 10.0.19041.746 - Network List Manager ? Microsoft Corporation. All rights reserved. -64200000 : C:\WINDOWS\SYSTEM32\MSVCP140.dll 14.32.31326.0 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -642e0000 : C:\WINDOWS\system32\explorerframe.dll 10.0.19041.1023 - ExplorerFrame ? Microsoft Corporation. All rights reserved. -64c90000 : C:\WINDOWS\SYSTEM32\LINKINFO.dll 10.0.19041.546 - Windows Volume Tracking ? Microsoft Corporation. All rights reserved. -64ca0000 : C:\WINDOWS\System32\npmproxy.dll 10.0.19041.546 - Network List Manager Proxy ? Microsoft Corporation. All rights reserved. -64d30000 : C:\WINDOWS\SYSTEM32\ondemandconnroutehelper.dll 10.0.19041.546 - On Demand Connctiond Route Helper ? Microsoft Corporation. All rights reserved. -651f0000 : C:\WINDOWS\system32\wshunix.dll 10.0.19041.1 - AF_UNIX Winsock2 Helper DLL ? Microsoft Corporation. All rights reserved. -65210000 : C:\Windows\System32\wups.dll 10.0.19041.1865 - Windows Update client proxy stub ? Microsoft Corporation. All rights reserved. -653b0000 : C:\WINDOWS\SYSTEM32\WindowsCodecs.dll 10.0.19041.1706 - Microsoft Windows Codecs Library ? Microsoft Corporation. All rights reserved. -65670000 : C:\WINDOWS\SYSTEM32\cscapi.dll 10.0.19041.546 - Offline Files Win32 API ? Microsoft Corporation. All rights reserved. -65680000 : C:\Windows\System32\OneCoreCommonProxyStub.dll 10.0.19041.1081 - OneCore Common Proxy Stub ? Microsoft Corporation. All rights reserved. -695d0000 : C:\WINDOWS\system32\twinapi.dll 10.0.19041.1741 - twinapi ? Microsoft Corporation. All rights reserved. -69e40000 : C:\WINDOWS\system32\dcomp.dll 10.0.19041.1741 - Microsoft DirectComposition Library ? Microsoft Corporation. All rights reserved. -69fb0000 : C:\WINDOWS\system32\d3d11.dll 10.0.19041.1865 - Direct3D 11 Runtime ? Microsoft Corporation. All rights reserved. -6a190000 : C:\WINDOWS\system32\dataexchange.dll 10.0.19041.1387 - Data exchange ? Microsoft Corporation. All rights reserved. -6a1d0000 : C:\WINDOWS\system32\dwmapi.dll 10.0.19041.746 - Microsoft 桌面窗口管理器 API ? Microsoft Corporation. All rights reserved. -6a5a0000 : C:\WINDOWS\system32\dxgi.dll 10.0.19041.1806 - DirectX Graphics Infrastructure ? Microsoft Corporation. All rights reserved. -6a750000 : C:\WINDOWS\SYSTEM32\ColorAdapterClient.dll 10.0.19041.546 - Microsoft Color Adapter Client ? Microsoft Corporation. All rights reserved. -6a760000 : C:\WINDOWS\SYSTEM32\mscms.dll 10.0.19041.746 - Microsoft 颜色匹配系统 DLL ? Microsoft Corporation. All rights reserved. -6a810000 : C:\Windows\System32\twinapi.appcore.dll 10.0.19041.1865 - twinapi.appcore ? Microsoft Corporation. All rights reserved. -6a9a0000 : C:\Windows\System32\InputHost.dll 10.0.19041.1741 - InputHost ? Microsoft Corporation. All rights reserved. -6aa90000 : C:\Windows\System32\WindowManagementAPI.dll -6ab10000 : C:\Windows\System32\Windows.UI.dll 10.0.19041.746 - Windows Runtime UI Foundation DLL ? Microsoft Corporation. All rights reserved. -6ac10000 : C:\Windows\System32\CoreUIComponents.dll 10.0.19041.546 - Microsoft Core UI Components Dll ? Microsoft Corporation. All rights reserved. -6ae90000 : C:\Windows\System32\CoreMessaging.dll 10.0.19041.867 - Microsoft CoreMessaging Dll ? Microsoft Corporation. All rights reserved. -6af30000 : C:\Windows\System32\TextInputFramework.dll 10.0.19041.1741 - "TextInputFramework.DYNLINK" ? Microsoft Corporation. All rights reserved. -6b000000 : C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984\COMCTL32.dll 6.10.19041.1110 - 用户体验控件库 ? Microsoft Corporation. All rights reserved. -6b230000 : C:\Windows\System32\OneCoreUAPCommonProxyStub.dll 10.0.19041.1806 - OneCoreUAP Common Proxy Stub ? Microsoft Corporation. All rights reserved. -6b5f0000 : C:\WINDOWS\system32\mlang.dll 10.0.19041.746 - 多语言支持 DLL ? Microsoft Corporation. All rights reserved. -6b700000 : C:\WINDOWS\SYSTEM32\wintypes.dll 10.0.19041.1682 - Windows 基本类型 DLL ? Microsoft Corporation. All rights reserved. -6b7e0000 : C:\WINDOWS\SYSTEM32\iertutil.dll 11.0.19041.1865 - Internet Explorer 的运行时实用程序 ? Microsoft Corporation. All rights reserved. -6ba10000 : C:\WINDOWS\SYSTEM32\urlmon.dll 11.0.19041.1865 - Win32 的 OLE32 扩展 ? Microsoft Corporation. All rights reserved. -6bc10000 : C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll 14.32.31326.0 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -6bc60000 : C:\WINDOWS\SYSTEM32\WINNSI.DLL 10.0.19041.546 - Network Store Information RPC interface ? Microsoft Corporation. All rights reserved. -6bc70000 : C:\WINDOWS\system32\pdh.dll 10.0.19041.1202 - Windows 性能数据助手 DLL ? Microsoft Corporation. All rights reserved. -6ceb0000 : C:\WINDOWS\system32\wininet.dll 11.0.19041.1566 - Win32 的 Internet 扩展 ? Microsoft Corporation. All rights reserved. -6dff0000 : C:\WINDOWS\SYSTEM32\srvcli.dll 10.0.19041.1645 - Server Service Client DLL ? Microsoft Corporation. All rights reserved. -6e050000 : C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.1706_none_d94bc52be10975a7\gdiplus.dll 10.0.19041.1706 - Microsoft GDI+ ? Microsoft Corporation. All rights reserved. -6ec80000 : C:\WINDOWS\SYSTEM32\netutils.dll 10.0.19041.1466 - Net Win32 API Helpers DLL ? Microsoft Corporation. All rights reserved. -713a0000 : C:\WINDOWS\system32\uxtheme.dll 10.0.19041.1620 - Microsoft UxTheme 库 ? Microsoft Corporation. All rights reserved. -71420000 : C:\WINDOWS\SYSTEM32\PROPSYS.dll 7.0.19041.1741 - Microsoft 属性系统 ? Microsoft Corporation. All rights reserved. -71700000 : C:\WINDOWS\SYSTEM32\WINMM.dll 10.0.19041.546 - MCI API DLL ? Microsoft Corporation. All rights reserved. -71730000 : C:\WINDOWS\system32\msimg32.dll 10.0.19041.1466 - GDIEXT Client DLL ? Microsoft Corporation. All rights reserved. -71740000 : C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\X86\MpOav.dll 4.18.2205.7 - IOfficeAntiVirus Module ? Microsoft Corporation. All rights reserved. -717b0000 : C:\WINDOWS\system32\amsi.dll 10.0.19041.1620 - Anti-Malware Scan Interface ? Microsoft Corporation. All rights reserved. -722c0000 : C:\WINDOWS\SYSTEM32\TextShaping.dll -72360000 : C:\WINDOWS\SYSTEM32\profapi.dll 10.0.19041.844 - User Profile Basic API ? Microsoft Corporation. All rights reserved. -72390000 : C:\WINDOWS\SYSTEM32\SspiCli.dll 10.0.19041.1586 - Security Support Provider Interface ? Microsoft Corporation. All rights reserved. -724e0000 : C:\Windows\System32\rasadhlp.dll 10.0.19041.546 - Remote Access AutoDial Helper ? Microsoft Corporation. All rights reserved. -724f0000 : C:\WINDOWS\System32\fwpuclnt.dll 10.0.19041.1682 - FWP/IPsec 用户模式 API ? Microsoft Corporation. All rights reserved. -72ff0000 : C:\WINDOWS\System32\winrnr.dll 10.0.19041.546 - LDAP RnR Provider DLL ? Microsoft Corporation. All rights reserved. -73000000 : C:\WINDOWS\system32\wshbth.dll 10.0.19041.546 - Windows Sockets Helper DLL ? Microsoft Corporation. All rights reserved. -73010000 : C:\WINDOWS\SYSTEM32\DNSAPI.dll 10.0.19041.1865 - DNS 客户端 API DLL ? Microsoft Corporation. All rights reserved. -730a0000 : C:\WINDOWS\system32\mswsock.dll 10.0.19041.546 - Microsoft Windows Sockets 2.0 服务提供程序 ? Microsoft Corporation. All rights reserved. -73100000 : C:\WINDOWS\system32\NLAapi.dll 10.0.19041.546 - Network Location Awareness 2 ? Microsoft Corporation. All rights reserved. -731b0000 : C:\WINDOWS\system32\pnrpnsp.dll 10.0.19041.546 - PNRP 命名空间提供程序 ? Microsoft Corporation. All rights reserved. -731d0000 : C:\WINDOWS\system32\napinsp.dll 10.0.19041.546 - 电子邮件命名填充提供程序 ? Microsoft Corporation. All rights reserved. -731f0000 : C:\WINDOWS\SYSTEM32\CRYPTBASE.dll 10.0.19041.546 - Base cryptographic API DLL ? Microsoft Corporation. All rights reserved. -73200000 : C:\WINDOWS\system32\rsaenh.dll 10.0.19041.1052 - Microsoft Enhanced Cryptographic Provider ? Microsoft Corporation. All rights reserved. -73230000 : C:\WINDOWS\SYSTEM32\CRYPTSP.dll 10.0.19041.546 - Cryptographic Service Provider API ? Microsoft Corporation. All rights reserved. -74750000 : C:\WINDOWS\SYSTEM32\UMPDC.dll -74760000 : C:\WINDOWS\SYSTEM32\MSASN1.dll 10.0.19041.546 - ASN.1 Runtime APIs ? Microsoft Corporation. All rights reserved. -75070000 : C:\WINDOWS\SYSTEM32\VERSION.dll 10.0.19041.546 - Version Checking and File Installation Libraries ? Microsoft Corporation. All rights reserved. -75080000 : C:\WINDOWS\SYSTEM32\USERENV.dll 10.0.19041.572 - Userenv ? Microsoft Corporation. All rights reserved. -750c0000 : C:\WINDOWS\SYSTEM32\kernel.appcore.dll 10.0.19041.546 - AppModel API Host ? Microsoft Corporation. All rights reserved. -750d0000 : C:\WINDOWS\SYSTEM32\Wldp.dll 10.0.19041.1806 - Windows 锁定策略 ? Microsoft Corporation. All rights reserved. -75190000 : C:\WINDOWS\SYSTEM32\windows.storage.dll 10.0.19041.1865 - Microsoft WinRT Storage API ? Microsoft Corporation. All rights reserved. -757a0000 : C:\WINDOWS\SYSTEM32\powrprof.dll 10.0.19041.546 - 电源配置文件帮助程序 DLL ? Microsoft Corporation. All rights reserved. -757f0000 : C:\WINDOWS\SYSTEM32\ntmarta.dll 10.0.19041.546 - Windows NT MARTA 提供程序 ? Microsoft Corporation. All rights reserved. -75820000 : C:\WINDOWS\SYSTEM32\winhttp.dll 10.0.19041.1682 - Windows HTTP 服务 ? Microsoft Corporation. All rights reserved. -758f0000 : C:\WINDOWS\SYSTEM32\iphlpapi.dll 10.0.19041.546 - IP 帮助程序 API ? Microsoft Corporation. All rights reserved. -759f0000 : C:\WINDOWS\System32\ADVAPI32.dll 10.0.19041.1682 - 高级 Windows 32 基本 API ? Microsoft Corporation. All rights reserved. -75a70000 : C:\WINDOWS\System32\RPCRT4.dll 10.0.19041.1806 - 远程过程调用运行时 ? Microsoft Corporation. All rights reserved. -75b30000 : C:\WINDOWS\System32\SHLWAPI.dll 10.0.19041.1706 - 外壳简易实用工具库 ? Microsoft Corporation. All rights reserved. -75b80000 : C:\WINDOWS\System32\imagehlp.dll 10.0.19041.1415 - Windows NT Image Helper ? Microsoft Corporation. All rights reserved. -75c30000 : C:\WINDOWS\System32\OLEAUT32.dll 10.0.19041.985 - OLEAUT32.DLL ? Microsoft Corporation. All rights reserved. -75cd0000 : C:\WINDOWS\System32\comdlg32.dll 10.0.19041.1806 - Common Dialogs DLL ? Microsoft Corporation. All rights reserved. -75d80000 : C:\WINDOWS\System32\combase.dll 10.0.19041.1741 - 用于 Windows 的 Microsoft COM ? Microsoft Corporation. All rights reserved. -76000000 : C:\WINDOWS\System32\NSI.dll 10.0.19041.610 - NSI User-mode interface DLL ? Microsoft Corporation. All rights reserved. -76010000 : C:\WINDOWS\System32\win32u.dll 10.0.19041.1865 - Win32u ? Microsoft Corporation. All rights reserved. -76030000 : C:\WINDOWS\System32\clbcatq.dll 2001.12.10941.16384 - COM+ Configuration Catalog ? Microsoft Corporation. All rights reserved. -760c0000 : C:\WINDOWS\System32\gdi32full.dll 10.0.19041.1865 - GDI Client DLL ? Microsoft Corporation. All rights reserved. -761f0000 : C:\WINDOWS\System32\CRYPT32.dll 10.0.19041.1320 - 加密 API32 ? Microsoft Corporation. All rights reserved. -762f0000 : C:\WINDOWS\System32\IMM32.DLL 10.0.19041.546 - Multi-User Windows IMM32 API Client DLL ? Microsoft Corporation. All rights reserved. -76320000 : C:\WINDOWS\System32\sechost.dll 10.0.19041.1865 - Host for SCM/SDDL/LSA Lookup APIs ? Microsoft Corporation. All rights reserved. -763a0000 : C:\WINDOWS\System32\SETUPAPI.dll 10.0.19041.1741 - Windows 安装程序 API ? Microsoft Corporation. All rights reserved. -767e0000 : C:\WINDOWS\System32\bcrypt.dll 10.0.19041.1023 - Windows 加密基元库 ? Microsoft Corporation. All rights reserved. -76800000 : C:\WINDOWS\System32\KERNELBASE.dll 10.0.19041.1865 - Windows NT 基本 API 客户端 DLL ? Microsoft Corporation. All rights reserved. -76ae0000 : C:\WINDOWS\System32\cfgmgr32.dll 10.0.19041.1620 - Configuration Manager DLL ? Microsoft Corporation. All rights reserved. -76b20000 : C:\WINDOWS\System32\msvcp_win.dll 10.0.19041.789 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -76ba0000 : C:\WINDOWS\System32\WS2_32.dll 10.0.19041.546 - Windows Socket 2.0 32 位 DLL ? Microsoft Corporation. All rights reserved. -76c10000 : C:\WINDOWS\System32\MSCTF.dll 10.0.19041.1806 - MSCTF 服务器 DLL ? Microsoft Corporation. All rights reserved. -76e60000 : C:\WINDOWS\System32\ole32.dll 10.0.19041.1202 - 用于 Windows 的 Microsoft OLE ? Microsoft Corporation. All rights reserved. -76f50000 : C:\WINDOWS\System32\normaliz.dll 10.0.19041.546 - Unicode Normalization DLL ? Microsoft Corporation. All rights reserved. -76f60000 : C:\WINDOWS\System32\GDI32.dll 10.0.19041.1620 - GDI Client DLL ? Microsoft Corporation. All rights reserved. -76f90000 : C:\WINDOWS\System32\KERNEL32.DLL 10.0.19041.1865 - Windows NT 基本 API 客户端 DLL ? Microsoft Corporation. All rights reserved. -77080000 : C:\WINDOWS\System32\msvcrt.dll 7.0.19041.546 - Windows NT CRT DLL ? Microsoft Corporation. All rights reserved. -77140000 : C:\WINDOWS\System32\bcryptPrimitives.dll 10.0.19041.1415 - Windows Cryptographic Primitives Library ? Microsoft Corporation. All rights reserved. -771a0000 : C:\WINDOWS\System32\SHELL32.dll 10.0.19041.1806 - Windows Shell 公用 DLL ? Microsoft Corporation. All rights reserved. -77760000 : C:\WINDOWS\System32\ucrtbase.dll 10.0.19041.789 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -77880000 : C:\WINDOWS\System32\USER32.dll 10.0.19041.1865 - 多用户 Windows 用户 API 客户端 DLL ? Microsoft Corporation. All rights reserved. -77a20000 : C:\WINDOWS\System32\shcore.dll 10.0.19041.1645 - SHCORE ? Microsoft Corporation. All rights reserved. -77ac0000 : C:\WINDOWS\SYSTEM32\ntdll.dll 10.0.19041.1806 - NT 层 DLL ? Microsoft Corporation. All rights reserved. Registers: EAX 06b354b0 EBX 00000000 ECX 06b354b0 EDX 00000000 ESI 06bf2a30 EDI 06ba2750 DS 002b ES 002b FS 0053 GS 002b SS/ESP/EBP 002b/0c8df264/0c8df28c CS/EIP 0023/0057b572 EFlags 00010202 (Interrupt,Restart) Stack Dump: 06ba2a10 06ba2750 00000001 00000000 0c8df450 005c3a3f 80000001 005c3a98 06bf2a30 005810ef 0c8df450 0057de98 06ba2a10 06ba2750 00000001 00e12938 77bbbebc 00110000 00000000 00000000 00e00120 00110100 0c8df2dc 77bb8bf8 00000000 00e12938 03404104 0c8df314 005be77b 0c8df300 03404004 03404104 00000000 000004ea 00000210 00000600 0000035e 00000000 03404104 00000000 000002b7 0c8df330 0087e9e8 7601614c 778a948d 00050970 00000000 0c8df374 0c8df37c 8d011442 00990c48 00000000 0c8df38c 00000002 00000000 0c8df384 004c515f 00050970 00000000 0c8df374 0c8df37c 8d011442 00990c48 00000000 CallStack Trace: 00 : 0057b572/0017a572 [06ba2a10,06ba2750,00000001,00e12938] @ ssp.exe (SPSerikoAnimation::InternalProcessBase->0x62) 01 : 0057de98/0017ce98 [00000001,0c8df4a0,06ba29e4,0c8df4a4] @ ssp.exe (SPSerikoAnimation::LoopReal->0x1f8) 02 : 0057dc65/0017cc65 [00000001,03478768,06b03748,00000000] @ ssp.exe (SPSerikoAnimation::LoopMain->0x95) 03 : 0057b241/0017a241 [06b0563c,0000000d,0c8df578,00000000] @ ssp.exe (SPSerikoAnimation::DumpBuffer->0x201) 04 : 00509acf/00108acf [00000000,00887354,034932c4,03478768] @ ssp.exe (SPGhost::DumpSurfaceReal->0x1cf) 05 : 005097f1/001087f1 [03478818,03493228,06b038e8,06b03748] @ ssp.exe (SPGhost::DumpSurface->0x161) 06 : 00506181/00105181 [000d04e0,00000005,0c8df71c,06b038e8] @ ssp.exe (SPGhost::ExecuteExclamationTag->0xf01) 07 : 0050250c/0010150c [06b038e8,06bcb83c,06b038e8,06bcb83c] @ ssp.exe (SPGhost::DecodeProcReal->0x175c) 08 : 00500d3a/000ffd3a [06b038e8,06bcb83c,76fae7b0,0349a988] @ ssp.exe (SPGhost::DecodeProc->0x3a) 09 : 005100d2/0010f0d2 [00836542,034ceb30,034ceb30,00000000] @ ssp.exe (SPGhost::Loop->0x5f2) 10 : 004a3187/000a2187 [0346db88,00836542,00836542,034ceb30] @ ssp.exe (JWinThread::SetInterval->0xf7) 11 : 008365cb/004355cb [034ceb30,76fafa10,0c8dffdc,77b27a9e] @ ssp.exe (_beginthreadex 008364d7 f libcmt:threadex.obj->0xf4) 12 : 76fafa29/0000fa29 [034ceb30,e2ca157c,00000000,00000000] @ KERNEL32.DLL (BaseThreadInitThunk->0x19) 13 : 77b27a9e/00066a9e [ffffffff,77b48b72,00000000,00000000] @ ntdll.dll (RtlGetAppContainerNamedObjectPath->0x11e) 14 : 77b27a6e/00066a6e [00836542,034ceb30,00000000,00905a4d] @ ntdll.dll (RtlGetAppContainerNamedObjectPath->0xee) Total StackDepth : 15