View Issue Details

Category
SSPBT:本体(SSP)
SeveritycrashReproducibilityalways 
Status closed 
Fixed in Version2.4 (リリース) 
Summary0000070: ssp2.4.58.3
Description

i don't know how it happened
OS:windows10
ghost:https://github.com/steve02081504/Taromati2

Activities

guest

2020-04-05 19:27

reporter   ~0000133

STACKTRC.TXT (76,644 bytes)   
SPDebugger/2.15.21731.A
Exception Raised at 76f4f95d because UNKNOWN_EXCEPTION_c0000374 (#c0000374)
Windows NT 10.0.18363 
UAC: Enabled,Limited
Time: 2020/4/5 14:46:05.482
Phys.Mem: 898/3873MB  PageFile: 3052/8481MB
CPU : Intel 0.6.14.9 2712MHz Features:MMX SSE HT AES-NI (Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz)
Package:1 Node:1 Core:2 Thread:4
SSP/2.4.58 (20200227-10; Windows NT 10.0.18363)

Volume Information: 
    C:\  Fixed  [   17195MB Free |  101823MB Total | 16%] (NTFS,Normal)
    D:\  Fixed  [   91673MB Free |  124929MB Total | 73%] (NTFS,Normal)
    E:\  Fixed  [   51538MB Free |  124929MB Total | 41%] (NTFS,Normal)
    F:\  Fixed  [  117060MB Free |  124669MB Total | 93%] (NTFS,Normal)

Monitor Information: 
    0: \\.\DISPLAY1 - Work=0,0,1536,864 Size=1536x864 [PRIMARY]

Env. Variables: 
    =::=::\
    ALLUSERSPROFILE=C:\ProgramData
    APPDATA=C:\Users\steve02081504\AppData\Roaming
    CommonProgramFiles=C:\Program Files (x86)\Common Files
    CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
    CommonProgramW6432=C:\Program Files\Common Files
    COMPUTERNAME=DESKTOP-L6N15MF
    ComSpec=C:\Windows\system32\cmd.exe
    DriverData=C:\Windows\System32\Drivers\DriverData
    FPS_BROWSER_APP_PROFILE_STRING=Internet Explorer
    FPS_BROWSER_USER_PROFILE_STRING=Default
    HOMEDRIVE=C:
    HOMEPATH=\Users\steve02081504
    LOCALAPPDATA=C:\Users\steve02081504\AppData\Local
    LOGONSERVER=\\DESKTOP-L6N15MF
    NUMBER_OF_PROCESSORS=4
    OneDrive=C:\Users\steve02081504\OneDrive
    OneDriveConsumer=C:\Users\steve02081504\OneDrive
    OS=Windows_NT
    Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\IncrediBuild;C:\Users\steve02081504\AppData\Local\Microsoft\WindowsApps;
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_ARCHITEW6432=AMD64
    PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 142 Stepping 9, GenuineIntel
    PROCESSOR_LEVEL=6
    PROCESSOR_REVISION=8e09
    ProgramData=C:\ProgramData
    ProgramFiles=C:\Program Files (x86)
    ProgramFiles(x86)=C:\Program Files (x86)
    ProgramW6432=C:\Program Files
    PSModulePath=C:\Program Files\WindowsPowerShell\Modules;C:\Windows\system32\WindowsPowerShell\v1.0\Modules
    PUBLIC=C:\Users\Public
    SESSIONNAME=Console
    SynaProgDir=Synaptics\SynTP
    SystemDrive=C:
    SystemRoot=C:\Windows
    TEMP=C:\Users\STEVE0~1\AppData\Local\Temp
    TMP=C:\Users\STEVE0~1\AppData\Local\Temp
    USERDOMAIN=DESKTOP-L6N15MF
    USERDOMAIN_ROAMINGPROFILE=DESKTOP-L6N15MF
    USERNAME=steve02081504
    USERPROFILE=C:\Users\steve02081504
    windir=C:\Windows

Loaded Drivers: 
    -5f55d000 : hal.dll
    -5f600000 : ntoskrnl.exe
    -61400000 : kd.dll
    -61410000 : mcupdate_GenuineIntel.dll
    -61620000 : werkernel.sys
    -61640000 : ksecdd.sys
    -61670000 : msrpc.sys
    -616e0000 : tm.sys
    -61710000 : CLFS.SYS
    -61780000 : PSHED.dll
    -617a0000 : BOOTVID.dll
    -617b0000 : clipsp.sys
    -618c0000 : FLTMGR.SYS
    -61940000 : cmimcext.sys
    -61950000 : ntosext.sys
    -61960000 : CI.dll
    -61a40000 : cng.sys
    -61b00000 : Wdf01000.sys
    -61be0000 : WDFLDR.SYS
    -61c00000 : SleepStudyHelper.sys
    -61c10000 : WppRecorder.sys
    -61c30000 : acpiex.sys
    -61c60000 : mssecflt.sys
    -61cb0000 : SgrmAgent.sys
    -61cd0000 : lxss.sys
    -61ce0000 : LXCORE.SYS
    -61e00000 : ACPI.sys
    -61ed0000 : WMILIB.SYS
    -61f00000 : intelpep.sys
    -61f60000 : WindowsTrustedRT.sys
    -61f80000 : WindowsTrustedRTProxy.sys
    -61f90000 : pcw.sys
    -61fb0000 : msisadrv.sys
    -61fc0000 : pci.sys
    -62030000 : vdrvroot.sys
    -62050000 : pdc.sys
    -62090000 : CEA.sys
    -620b0000 : partmgr.sys
    -620f0000 : spaceport.sys
    -621a0000 : volmgr.sys
    -621c0000 : volmgrx.sys
    -62230000 : mountmgr.sys
    -62250000 : storahci.sys
    -62280000 : storport.sys
    -62330000 : EhStorClass.sys
    -62350000 : fileinfo.sys
    -62370000 : Wof.sys
    -623b0000 : WdFilter.sys
    -62420000 : Ntfs.sys
    -626c0000 : Fs_Rec.sys
    -626d0000 : NETIO.SYS
    -62770000 : ksecpkg.sys
    -627b0000 : wfplwfs.sys
    -627f0000 : VmsProxyHNic.sys
    -62800000 : ndis.sys
    -62980000 : tcpip.sys
    -62c70000 : fwpkclnt.sys
    -62cf0000 : VmsProxy.sys
    -62d10000 : vmbkmclr.sys
    -62d40000 : fvevol.sys
    -62e10000 : volume.sys
    -62e20000 : volsnap.sys
    -62e90000 : rdyboost.sys
    -62ee0000 : mup.sys
    -62f10000 : iorate.sys
    -62f40000 : disk.sys
    -62f60000 : CLASSPNP.SYS
    -63400000 : cdrom.sys
    -63440000 : filecrypt.sys
    -63460000 : tbs.sys
    -63470000 : Null.SYS
    -63480000 : Beep.SYS
    -63490000 : dxgkrnl.sys
    -63810000 : watchdog.sys
    -63830000 : BasicDisplay.sys
    -63850000 : BasicRender.sys
    -63870000 : Npfs.SYS
    -63890000 : Msfs.SYS
    -638b0000 : tdx.sys
    -638e0000 : TDI.SYS
    -63900000 : netbt.sys
    -63960000 : afunix.sys
    -63980000 : afd.sys
    -63a30000 : ndisrd.sys
    -63a40000 : vwififlt.sys
    -63a60000 : pacer.sys
    -63a90000 : netbios.sys
    -63ab0000 : rdbss.sys
    -63b30000 : csc.sys
    -63bd0000 : nsiproxy.sys
    -63bf0000 : npsvctrig.sys
    -63c00000 : mssmbios.sys
    -63c20000 : gpuenergydrv.sys
    -63c30000 : dfsc.sys
    -63c80000 : bam.sys
    -63ca0000 : ahcache.sys
    -63cf0000 : Vid.sys
    -63d80000 : winhvr.sys
    -63da0000 : CompositeBus.sys
    -63dc0000 : kdnic.sys
    -63dd0000 : umbus.sys
    -63df0000 : CAD.sys
    -63e10000 : srv2.sys
    -63ee0000 : peauth.sys
    -63fc0000 : ahs_protect.sys
    -64100000 : AgileVpn.sys
    -64130000 : rasl2tp.sys
    -64160000 : raspptp.sys
    -64190000 : raspppoe.sys
    -641b0000 : ndiswan.sys
    -641f0000 : WdNisDrv.sys
    -64230000 : bindflt.sys
    -64320000 : crashdmp.sys
    -65200000 : atikmpag.sys
    -652a0000 : Netwtw04.sys
    -65b40000 : acpipagr.sys
    -65b50000 : wmiacpi.sys
    -65b60000 : CmBatt.sys
    -65b70000 : BATTC.SYS
    -65b90000 : HidEventFilter.sys
    -65bb0000 : mshidkmdf.sys
    -65bc0000 : HIDCLASS.SYS
    -65c00000 : HIDPARSE.SYS
    -65c20000 : Ndu.sys
    -65c50000 : tcpipreg.sys
    -65c70000 : rassstp.sys
    -65c90000 : NDProxy.sys
    -65ce0000 : NdisVirtualBus.sys
    -65cf0000 : swenum.sys
    -65d00000 : rdpbus.sys
    -65d10000 : kbdhid.sys
    -65d30000 : buttonconverter.sys
    -65d50000 : UsbHub3.sys
    -65df0000 : vwifimp.sys
    -65e10000 : igdkmd64.sys
    -66a60000 : dptf_cpu.sys
    -66a80000 : USBXHCI.SYS
    -66b10000 : ucx01000.sys
    -66b60000 : iaLPSS2i_I2C.sys
    -66b90000 : SpbCx.sys
    -66bb0000 : TeeDriverW8x64.sys
    -66c00000 : IntcDAud.sys
    -66cd0000 : hidi2c.sys
    -66cf0000 : mouhid.sys
    -66d10000 : SynRMIHID.sys
    -66d30000 : hidusb.sys
    -66d50000 : usbccgp.sys
    -66d90000 : RtsUer.sys
    -66e00000 : ibtusb.sys
    -66e60000 : BTHUSB.sys
    -66e80000 : bthport.sys
    -66ff0000 : ndistapi.sys
    -67000000 : usbvideo.sys
    -67050000 : vmswitch.sys
    -672b0000 : wanarp.sys
    -672d0000 : lltdio.sys
    -672f0000 : ndisuio.sys
    -67310000 : nwifi.sys
    -673d0000 : winquic.sys
    -67410000 : HTTP.sys
    -67560000 : condrv.sys
    -67580000 : bowser.sys
    -675b0000 : mpsdrv.sys
    -675d0000 : mrxsmb.sys
    -67660000 : mrxsmb20.sys
    -676c0000 : dump_diskdump.sys
    -67700000 : dump_storahci.sys
    -67750000 : dump_dumpfve.sys
    -67770000 : dxgmms2.sys
    -67850000 : monitor.sys
    -67870000 : esif_lf.sys
    -678d0000 : WUDFRd.sys
    -67930000 : mmcss.sys
    -67950000 : luafv.sys
    -67980000 : wcifs.sys
    -679c0000 : cldflt.sys
    -67a40000 : p9rdr.sys
    -67a60000 : storqosflt.sys
    -67a80000 : mslldp.sys
    -67aa0000 : rspndr.sys
    -67ad0000 : RTKVHD64.sys
    -68150000 : ksthunk.sys
    -68160000 : smbdirect.sys
    -681a0000 : srvnet.sys
    -6a200000 : vwifibus.sys
    -6a210000 : rt640x64.sys
    -6a300000 : i8042prt.sys
    -6a330000 : SynTP.sys
    -6a3e0000 : USBD.SYS
    -6a3f0000 : kbdclass.sys
    -6a410000 : mouclass.sys
    -6a430000 : HDAudBus.sys
    -6a460000 : portcls.sys
    -6a4d0000 : drmk.sys
    -6a500000 : ks.sys
    -6a580000 : iaLPSS2i_GPIO2.sys
    -6a5a0000 : msgpioclx.sys
    -6a5e0000 : intelppm.sys
    -6a620000 : atikmdag.sys
    -6db10000 : wdiwifi.sys
    -91600000 : win32kfull.sys
    -919c0000 : win32k.sys
    -92790000 : win32kbase.sys
    -92a40000 : cdd.dll

Executing Processes: 
[With ToolHelp32]
    -00000000 : [System Process] (4 Threads.)
    -00000004 : System (180 Threads.)
    -00000060 : Registry (4 Threads.)
    -00000158 : smss.exe (2 Threads.)
    -00000220 : csrss.exe (10 Threads.)
    -00000290 : wininit.exe (1 Threads.)
    -000002a0 : csrss.exe (14 Threads.)
    -000002d8 : services.exe (6 Threads.)
    -000002e0 : lsass.exe (9 Threads.)
    -00000334 : winlogon.exe (6 Threads.)
    -000003a8 : svchost.exe (1 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000003c0 : fontdrvhost.exe (5 Threads.)
                10.0.18362.535 - Usermode Font Driver Host
                ? Microsoft Corporation. All rights reserved.
    -000003c4 : fontdrvhost.exe (5 Threads.)
                10.0.18362.535 - Usermode Font Driver Host
                ? Microsoft Corporation. All rights reserved.
    -0000004c : WUDFHost.exe (11 Threads.)
    -00000138 : svchost.exe (14 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000001f8 : svchost.exe (11 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000414 : svchost.exe (6 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000468 : dwm.exe (13 Threads.)
    -000004f8 : svchost.exe (8 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000500 : svchost.exe (4 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000508 : svchost.exe (4 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000550 : svchost.exe (2 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000590 : svchost.exe (3 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000005b0 : svchost.exe (2 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000005bc : svchost.exe (6 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000600 : svchost.exe (14 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000668 : svchost.exe (6 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000006e0 : svchost.exe (1 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000006f8 : svchost.exe (5 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000760 : svchost.exe (8 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000007b4 : svchost.exe (4 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000007d8 : svchost.exe (4 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000424 : svchost.exe (7 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -0000082c : atiesrxx.exe (4 Threads.)
    -00000850 : svchost.exe (13 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000008a8 : svchost.exe (11 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000008e4 : svchost.exe (10 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -0000093c : atieclxx.exe (10 Threads.)
    -00000944 : svchost.exe (4 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000954 : svchost.exe (3 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000960 : svchost.exe (4 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -0000099c : Memory Compression (66 Threads.)
    -000009c8 : svchost.exe (2 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000009e8 : igfxCUIService.exe (2 Threads.)
    -00000a10 : svchost.exe (2 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000a20 : svchost.exe (7 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000ac4 : svchost.exe (9 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000b08 : svchost.exe (7 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000b60 : RtkAudioService64.exe (3 Threads.)
    -00000bac : RAVBg64.exe (4 Threads.)
    -00000be8 : svchost.exe (5 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000be4 : svchost.exe (12 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000b58 : svchost.exe (4 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000c1c : svchost.exe (13 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000c54 : svchost.exe (4 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000ca8 : wlanext.exe (1 Threads.)
                10.0.18362.1 - Windows Wireless LAN 802.11 Extensibility Framework
                ? Microsoft Corporation. All rights reserved.
    -00000ccc : conhost.exe (2 Threads.)
    -00000cd4 : spoolsv.exe (7 Threads.)
    -00000d10 : svchost.exe (12 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000d34 : svchost.exe (5 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000dd8 : IntelCpHDCPSvc.exe (3 Threads.)
    -00000de0 : ahs_service.exe (2 Threads.)
    -00000dfc : svchost.exe (7 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000e0c : svchost.exe (17 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000e20 : esif_uf.exe (3 Threads.)
    -00000e2c : svchost.exe (10 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000e38 : ibtsiva.exe (1 Threads.)
    -00000e80 : svchost.exe (7 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000ea8 : IpOverUsbSvc.exe (6 Threads.)
    -00000eb0 : svchost.exe (10 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000eec : PnkBstrA.exe (2 Threads.)
    -00000ef4 : PnkBstrB.exe (2 Threads.)
    -00000f24 : CoordService.exe (6 Threads.)
                9.44.0.3042 - IncrediBuild Coordinator Service
                Copyright ? 2001-2019 IncrediBuild Software Ltd.
    -00000f2c : sssync.exe (4 Threads.)
    -00000f34 : svchost.exe (1 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000f50 : SynTPEnhService.exe (3 Threads.)
    -00000f6c : BuildService.exe (12 Threads.)
                9.44.0.3042 - IncrediBuild Agent Service
                Copyright ? 2001-2019 IncrediBuild Software Ltd.
    -00000f74 : WavesSysSvc64.exe (1 Threads.)
    -00000fa8 : svchost.exe (3 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000fb0 : svchost.exe (4 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000fb8 : svchost.exe (7 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000ffc : svchost.exe (6 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000ce0 : svchost.exe (2 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00001028 : svchost.exe (12 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000010ac : IntelCpHeciSvc.exe (3 Threads.)
    -00001118 : svchost.exe (14 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00001190 : svchost.exe (1 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000012d4 : MsMpEng.exe (27 Threads.)
    -00001310 : svchost.exe (3 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00001644 : svchost.exe (1 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00001664 : svchost.exe (2 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000016d4 : NisSrv.exe (7 Threads.)
    -00001658 : svchost.exe (9 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00001798 : svchost.exe (9 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000e4c : svchost.exe (9 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000abc : svchost.exe (4 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00001704 : SgrmBroker.exe (5 Threads.)
    -00000638 : svchost.exe (11 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000009f0 : svchost.exe (8 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000b24 : SearchIndexer.exe (19 Threads.)
                7.0.18362.719 - Microsoft Windows Search ���
                ? Microsoft Corporation. All rights reserved.
    -00001554 : svchost.exe (5 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00001060 : dptf_helper.exe (3 Threads.)
    -00001308 : SynTPEnh.exe (7 Threads.)
    -00000c7c : sihost.exe (9 Threads.)
    -00000f94 : svchost.exe (14 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00001150 : PresentationFontCache.exe (4 Threads.)
    -00001324 : svchost.exe (5 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00001270 : svchost.exe (1 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000234 : svchost.exe (5 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00001630 : taskhostw.exe (8 Threads.)
    -0000175c : svchost.exe (3 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000dec : ctfmon.exe (12 Threads.)
                10.0.18362.1 - CTF ���س���
                ? Microsoft Corporation. All rights reserved.
    -00001778 : explorer.exe (112 Threads.)
                10.0.18362.693 - Windows ��Դ����
                ? Microsoft Corporation. All rights reserved.
    -000008c8 : svchost.exe (1 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000bfc : ChsIME.exe (104 Threads.)
    -00001318 : svchost.exe (10 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000017fc : SynTPHelper.exe (1 Threads.)
    -00000c18 : igfxEM.exe (5 Threads.)
    -00000314 : StartMenuExperienceHost.exe (7 Threads.)
    -000018e8 : RuntimeBroker.exe (3 Threads.)
    -00001b08 : RuntimeBroker.exe (5 Threads.)
    -00001b60 : svchost.exe (5 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00001978 : SkypeApp.exe (42 Threads.)
    -00001a28 : SkypeBackgroundHost.exe (4 Threads.)
    -00001d64 : YourPhone.exe (14 Threads.)
    -00001e2c : SettingSyncHost.exe (6 Threads.)
                10.0.18362.239 - Host Process for Setting Synchronization
                ? Microsoft Corporation. All rights reserved.
    -00001ea8 : WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe (19 Threads.)
    -00001ee4 : svchost.exe (3 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000610 : SecurityHealthSystray.exe (1 Threads.)
    -00001c78 : RtkNGUI64.exe (6 Threads.)
    -00001c74 : RAVBg64.exe (4 Threads.)
    -00001ad0 : SecurityHealthService.exe (7 Threads.)
    -00001b50 : WavesSvc64.exe (5 Threads.)
    -00001984 : RuntimeBroker.exe (6 Threads.)
    -000009f4 : SearchUI.exe (26 Threads.)
    -00000b1c : RuntimeBroker.exe (4 Threads.)
    -00000728 : xgTrayIcon.exe (4 Threads.)
                9.44.0.3042 - IncrediBuild Agent Tray-Icon
                Copyright ? 2001-2019 IncrediBuild Software Ltd.
    -00001e4c : RuntimeBroker.exe (2 Threads.)
    -000014f0 : dllhost.exe (4 Threads.)
                10.0.18362.1 - COM Surrogate
                ? Microsoft Corporation. All rights reserved.
    -00000f88 : svchost.exe (4 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00001f3c : ApplicationFrameHost.exe (5 Threads.)
    -00000350 : WinStore.App.exe (19 Threads.)
    -00000464 : RuntimeBroker.exe (1 Threads.)
    -00000540 : MicrosoftEdge.exe (34 Threads.)
    -00001da4 : browser_broker.exe (3 Threads.)
    -000008c4 : dllhost.exe (6 Threads.)
                10.0.18362.1 - COM Surrogate
                ? Microsoft Corporation. All rights reserved.
    -00001c64 : RuntimeBroker.exe (1 Threads.)
    -00001ebc : MicrosoftEdgeCP.exe (17 Threads.)
    -00001f08 : MicrosoftEdgeSH.exe (9 Threads.)
    -0000158c : RemindersServer.exe (6 Threads.)
    -00002318 : YourPhoneServer.exe (4 Threads.)
    -000021c8 : SystemSettings.exe (23 Threads.)
    -00002294 : svchost.exe (3 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000978 : xlim.exe (31 Threads.)
    -000007cc : RuntimeBroker.exe (2 Threads.)
    -00001840 : ShellExperienceHost.exe (16 Threads.)
    -0000165c : RuntimeBroker.exe (4 Threads.)
    -0000127c : firefox.exe (72 Threads.)
    -00000a3c : firefox.exe (8 Threads.)
    -00000630 : firefox.exe (31 Threads.)
    -00001158 : firefox.exe (26 Threads.)
    -000011a0 : firefox.exe (23 Threads.)
    -00000908 : firefox.exe (24 Threads.)
    -00001c58 : CompPkgSrv.exe (1 Threads.)
    -00001790 : svchost.exe (1 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000020e4 : firefox.exe (24 Threads.)
    -00001050 : firefox.exe (31 Threads.)
    -00000d20 : firefox.exe (30 Threads.)
    -00002144 : SYPNS.exe (11 Threads.)
    -000013b0 : EPEnvUpdate.exe (8 Threads.)
    -000010e0 : PTXBootSvc.exe (2 Threads.)
    -000023b8 : Microsoft.Photos.exe (14 Threads.)
    -00002bec : RuntimeBroker.exe (7 Threads.)
    -00002388 : svchost.exe (6 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00002b3c : svchost.exe (3 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -000027a4 : firefox.exe (24 Threads.)
    -000016f8 : firefox.exe (24 Threads.)
    -000003d0 : notepad++.exe (17 Threads.)
    -00002714 : svchost.exe (2 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00000b2c : QQ.exe (58 Threads.)
    -00002248 : svchost.exe (2 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00002734 : SearchProtocolHost.exe (6 Threads.)
                7.0.18362.719 - Microsoft Windows Search Protocol Host
                ? Microsoft Corporation. All rights reserved.
    -00002a3c : TabTip.exe (9 Threads.)
    -00001768 : svchost.exe (5 Threads.)
                10.0.18362.1 - Windows ���������
                ? Microsoft Corporation. All rights reserved.
    -00002f58 : smartscreen.exe (13 Threads.)
==> -00002cf4 : ssp.exe (17 Threads.)
                2.4.58.3000 - SSP
                (C) D-EXCLAMATION / SSP BUGTRAQ
    -00002eb8 : LocationNotificationWindows.exe (4 Threads.)
    -000025b0 : SearchFilterHost.exe (7 Threads.)
                7.0.18362.719 - Microsoft Windows Search Filter Host
                ? Microsoft Corporation. All rights reserved.

Executing Services: 
[With SCM/NT]
    ***AHS Service (AHS Service) - Running
    ---AJRouter (AllJoyn Router Service) - Stopped/Paused
    ---ALG (Application Layer Gateway Service) - Stopped/Paused
    ***AMD External Events Utility (AMD External Events Utility) - Running
    ---AppIDSvc (Application Identity) - Stopped/Paused
    ***Appinfo (Application Information) - Running
    ---AppMgmt (Application Management) - Stopped/Paused
    ---AppReadiness (App Readiness) - Stopped/Paused
    ---AppVClient (Microsoft App-V Client) - Stopped/Paused
    ---AppXSvc (AppX Deployment Service (AppXSVC)) - Stopped/Paused
    ---AssignedAccessManagerSvc (AssignedAccessManager ����) - Stopped/Paused
    ***AudioEndpointBuilder (Windows Audio Endpoint Builder) - Running
    ***Audiosrv (Windows Audio) - Running
    ---autotimesvc (�ֻ����ʱ��) - Stopped/Paused
    ---AxInstSV (ActiveX Installer (AxInstSV)) - Stopped/Paused
    ---BDESVC (BitLocker Drive Encryption Service) - Stopped/Paused
    ***BFE (Base Filtering Engine) - Running
    ---BITS (Background Intelligent Transfer Service) - Stopped/Paused
    ***BrokerInfrastructure (Background Tasks Infrastructure Service) - Running
    ---BTAGService (�����Ƶ��ط���) - Stopped/Paused
    ***BthAvctpSvc (AVCTP ����) - Running
    ---bthserv (���֧�ַ���) - Stopped/Paused
    ***camsvc (���ܷ��ʹ�������) - Running
    ***CDPSvc (�����豸ƽ̨����) - Running
    ---CertPropSvc (Certificate Propagation) - Stopped/Paused
    ---ClipSVC (Client License Service (ClipSVC)) - Stopped/Paused
    ---COMSysApp (COM+ System Application) - Stopped/Paused
    ***CoreMessagingRegistrar (CoreMessaging) - Running
    ***cphs (Intel(R) Content Protection HECI Service) - Running
    ***cplspcon (Intel(R) Content Protection HDCP Service) - Running
    ***CryptSvc (Cryptographic Services) - Running
    ---CscService (Offline Files) - Stopped/Paused
    ***DcomLaunch (DCOM Server Process Launcher) - Running
    ---debugregsvc (debugregsvc) - Stopped/Paused
    ---defragsvc (Optimize drives) - Stopped/Paused
    ---DeveloperToolsService (Developer Tools Service) - Stopped/Paused
    ***DeviceAssociationService (Device Association Service) - Running
    ---DeviceInstall (Device Install Service) - Stopped/Paused
    ---DevQueryBroker (DevQuery Background Discovery Broker) - Stopped/Paused
    ***Dhcp (DHCP Client) - Running
    ---diagnosticshub.standardcollector.service (Microsoft (R) ������ı�׼�ռ������) - Stopped/Paused
    ---diagsvc (Diagnostic Execution Service) - Stopped/Paused
    ***DiagTrack (Connected User Experiences and Telemetry) - Running
    ***DispBrokerDesktopSvc (��ʾ���Է���) - Running
    ***DisplayEnhancementService (��ʾ�ǿ����) - Running
    ---DmEnrollmentSvc (�豸���ע����) - Stopped/Paused
    ---dmwappushservice (�豸�������Ӧ�ó���Э�� (WAP) �����Ϣ·�ɷ���) - Stopped/Paused
    ***Dnscache (DNS Client) - Running
    ***DoSvc (Delivery Optimization) - Running
    ---dot3svc (Wired AutoConfig) - Stopped/Paused
    ***DPS (Diagnostic Policy Service) - Running
    ---DsmSvc (Device Setup Manager) - Stopped/Paused
    ---DsSvc (Data Sharing Service) - Stopped/Paused
    ***DusmSvc (���ʹ���) - Running
    ---Eaphost (Extensible Authentication Protocol) - Stopped/Paused
    ***EFS (Encrypting File System (EFS)) - Running
    ---embeddedmode (Ƕ��ģʽ) - Stopped/Paused
    ---EntAppSvc (Enterprise App Management Service) - Stopped/Paused
    ***esifsvc (Intel(R) Dynamic Platform and Thermal Framework service) - Running
    ***EventLog (Windows Event Log) - Running
    ***EventSystem (COM+ Event System) - Running
    ---Fax (Fax) - Stopped/Paused
    ---fdPHost (Function Discovery Provider Host) - Stopped/Paused
    ---FDResPub (Function Discovery Resource Publication) - Stopped/Paused
    ---fhsvc (File History Service) - Stopped/Paused
    ***FontCache (Windows Font Cache Service) - Running
    ***FontCache3.0.0.0 (Windows Presentation Foundation Font Cache 3.0.0.0) - Running
    ---FrameServer (Windows Camera Frame Server) - Stopped/Paused
    ---gpsvc (Group Policy Client) - Stopped/Paused
    ---GraphicsPerfSvc (GraphicsPerfSvc) - Stopped/Paused
    ***hidserv (Human Interface Device Service) - Running
    ---HvHost (HV �������) - Stopped/Paused
    ***ibtsiva (Intel Bluetooth Service) - Running
    ---icssvc (Windows �ƶ��ȵ���) - Stopped/Paused
    ***igfxCUIService2.0.0.0 (Intel(R) HD Graphics Control Panel Service) - Running
    ***IKEEXT (IKE and AuthIP IPsec Keying Modules) - Running
    ***IncrediBuild_Agent (IncrediBuild Agent) - Running
    ***IncrediBuild_Coordinator (IncrediBuild Coordinator) - Running
    ***InstallService (Microsoft Store ��װ����) - Running
    ***iphlpsvc (IP Helper) - Running
    ***IpOverUsbSvc (Windows Phone IP over USB Transport (IpOverUsbSvc)) - Running
    ---IpxlatCfgSvc (IP ת�����÷���) - Stopped/Paused
    ***KeyIso (CNG Key Isolation) - Running
    ---KtmRm (KtmRm for Distributed Transaction Coordinator) - Stopped/Paused
    ***LanmanServer (Server) - Running
    ***LanmanWorkstation (Workstation) - Running
    ***lfsvc (Geolocation Service) - Running
    ***LicenseManager (Windows ���֤��������) - Running
    ---lltdsvc (Link-Layer Topology Discovery Mapper) - Stopped/Paused
    ***lmhosts (TCP/IP NetBIOS Helper) - Running
    ***LSM (Local Session Manager) - Running
    ---LxpSvc (����������) - Stopped/Paused
    ---LxssManager (LxssManager) - Stopped/Paused
    ---MapsBroker (Downloaded Maps Manager) - Stopped/Paused
    ---MozillaMaintenance (Mozilla Maintenance Service) - Stopped/Paused
    ***mpssvc (Windows Defender Firewall) - Running
    ---MSDTC (Distributed Transaction Coordinator) - Stopped/Paused
    ---MSiSCSI (Microsoft iSCSI Initiator Service) - Stopped/Paused
    ---msiserver (Windows Installer) - Stopped/Paused
    ---NaturalAuthentication (��Ȼ�����֤) - Stopped/Paused
    ---NcaSvc (Network Connectivity Assistant) - Stopped/Paused
    ***NcbService (Network Connection Broker) - Running
    ---NcdAutoSetup (Network Connected Devices Auto-Setup) - Stopped/Paused
    ---Netlogon (Netlogon) - Stopped/Paused
    ---Netman (Network Connections) - Stopped/Paused
    ***netprofm (Network List Service) - Running
    ---NetSetupSvc (Network Setup Service) - Stopped/Paused
    ---NetTcpPortSharing (Net.Tcp Port Sharing Service) - Stopped/Paused
    ***NgcCtnrSvc (Microsoft Passport Container) - Running
    ***NgcSvc (Microsoft Passport) - Running
    ***NlaSvc (Network Location Awareness) - Running
    ***nsi (Network Store Interface Service) - Running
    ---p2pimsvc (Peer Networking Identity Manager) - Stopped/Paused
    ---p2psvc (Peer Networking Grouping) - Stopped/Paused
    ***PcaSvc (Program Compatibility Assistant Service) - Running
    ---PeerDistSvc (BranchCache) - Stopped/Paused
    ---perceptionsimulation (Windows ��֪ģ����) - Stopped/Paused
    ---PerfHost (Performance Counter DLL Host) - Stopped/Paused
    ***PhoneSvc (Phone Service) - Running
    ---pla (Performance Logs & Alerts) - Stopped/Paused
    ***PlugPlay (Plug and Play) - Running
    ***PnkBstrA (PnkBstrA) - Running
    ***PnkBstrB (PnkBstrB) - Running
    ---PNRPAutoReg (PNRP Machine Name Publication Service) - Stopped/Paused
    ---PNRPsvc (Peer Name Resolution Protocol) - Stopped/Paused
    ***PolicyAgent (IPsec Policy Agent) - Running
    ***Power (Power) - Running
    ---PrintNotify (Printer Extensions and Notifications) - Stopped/Paused
    ***ProfSvc (User Profile Service) - Running
    ---PushToInstall (Windows PushToInstall ����) - Stopped/Paused
    ---QWAVE (Quality Windows Audio Video Experience) - Stopped/Paused
    ---RasAuto (Remote Access Auto Connection Manager) - Stopped/Paused
    ***RasMan (Remote Access Connection Manager) - Running
    ---RemoteAccess (Routing and Remote Access) - Stopped/Paused
    ---RemoteRegistry (Remote Registry) - Stopped/Paused
    ---RetailDemo (������ʾ����) - Stopped/Paused
    ***RmSvc (���ߵ�����) - Running
    ***RpcEptMapper (RPC Endpoint Mapper) - Running
    ---RpcLocator (Remote Procedure Call (RPC) Locator) - Stopped/Paused
    ***RpcSs (Remote Procedure Call (RPC)) - Running
    ***RtkAudioService (Realtek Audio Service) - Running
    ***SamSs (Security Accounts Manager) - Running
    ---SCardSvr (Smart Card) - Stopped/Paused
    ---ScDeviceEnum (Smart Card Device Enumeration Service) - Stopped/Paused
    ***Schedule (Task Scheduler) - Running
    ---SCPolicySvc (Smart Card Removal Policy) - Stopped/Paused
    ---SDRSVC (Windows ����) - Stopped/Paused
    ---seclogon (Secondary Logon) - Stopped/Paused
    ***SecurityHealthService (Windows ��ȫ���ķ���) - Running
    ---SEMgrSvc (����� NFC/SE ����) - Stopped/Paused
    ***SENS (System Event Notification Service) - Running
    ---Sense (Windows Defender Advanced Threat Protection Service) - Stopped/Paused
    ---SensorDataService (Sensor Data Service) - Stopped/Paused
    ---SensorService (Sensor Service) - Stopped/Paused
    ---SensrSvc (Sensor Monitoring Service) - Stopped/Paused
    ***ServyouMaintSvc (Servyou Maintenance Service) - Running
    ---SessionEnv (Remote Desktop Configuration) - Stopped/Paused
    ***SgrmBroker (System Guard ����ʱ���������) - Running
    ---SharedAccess (Internet Connection Sharing (ICS)) - Stopped/Paused
    ---SharedRealitySvc (�ռ���ݷ���) - Stopped/Paused
    ***ShellHWDetection (Shell Hardware Detection) - Running
    ---shpamsvc (Shared PC Account Manager) - Stopped/Paused
    ---smphost (Microsoft Storage Spaces SMP) - Stopped/Paused
    ---SmsRouter (Microsoft Windows SMS ·�������) - Stopped/Paused
    ---SNMPTRAP (SNMP ����) - Stopped/Paused
    ---spectrum (Windows ��֪����) - Stopped/Paused
    ***Spooler (Print Spooler) - Running
    ---sppsvc (Software Protection) - Stopped/Paused
    ***SSDPSRV (SSDP Discovery) - Running
    ---ssh-agent (OpenSSH Authentication Agent) - Stopped/Paused
    ---sshd (OpenSSH SSH Server) - Stopped/Paused
    ---SshdBroker (SshdBroker) - Stopped/Paused
    ***SSSyncService (SSSyncService) - Running
    ***SstpSvc (Secure Socket Tunneling Protocol Service) - Running
    ***StateRepository (State Repository Service) - Running
    ---Steam Client Service (Steam Client Service) - Stopped/Paused
    ***stisvc (Windows Image Acquisition (WIA)) - Running
    ***StorSvc (Storage Service) - Running
    ---svsvc (Spot Verifier) - Stopped/Paused
    ---swprv (Microsoft Software Shadow Copy Provider) - Stopped/Paused
    ***SynTPEnhService (SynTPEnh Caller Service) - Running
    ***SysMain (SysMain) - Running
    ***SystemEventsBroker (System Events Broker) - Running
    ***TabletInputService (Touch Keyboard and Handwriting Panel Service) - Running
    ---TapiSrv (Telephony) - Stopped/Paused
    ---TermService (Remote Desktop Services) - Stopped/Paused
    ***Themes (Themes) - Running
    ---TieringEngineService (Storage Tiers Management) - Stopped/Paused
    ***TimeBrokerSvc (Time Broker) - Running
    ***TokenBroker (Web �ʻ�����) - Running
    ***TrkWks (Distributed Link Tracking Client) - Running
    ---TroubleshootingSvc (�������ѽ����) - Stopped/Paused
    ---TrustedInstaller (Windows Modules Installer) - Stopped/Paused
    ---tzautoupdate (�Զ�ʱ����³���) - Stopped/Paused
    ---UevAgentService (User Experience Virtualization Service) - Stopped/Paused
    ---UmRdpService (Remote Desktop Services UserMode Port Redirector) - Stopped/Paused
    ---upnphost (UPnP Device Host) - Stopped/Paused
    ***UserManager (User Manager) - Running
    ***UsoSvc (���� Orchestrator ����) - Running
    ---VacSvc (������Ƶ��������) - Stopped/Paused
    ***VaultSvc (Credential Manager) - Running
    ---vds (Virtual Disk) - Stopped/Paused
    ---vmicguestinterface (Hyper-V Guest Service Interface) - Stopped/Paused
    ---vmicheartbeat (Hyper-V Heartbeat Service) - Stopped/Paused
    ---vmickvpexchange (Hyper-V Data Exchange Service) - Stopped/Paused
    ---vmicrdv (Hyper-V Զ��������⻯����) - Stopped/Paused
    ---vmicshutdown (Hyper-V Guest Shutdown Service) - Stopped/Paused
    ---vmictimesync (Hyper-V Time Synchronization Service) - Stopped/Paused
    ---vmicvmsession (Hyper-V PowerShell Direct Service) - Stopped/Paused
    ---vmicvss (Hyper-V ��Ӱ�����������) - Stopped/Paused
    ---VSS (Volume Shadow Copy) - Stopped/Paused
    ---VSStandardCollectorService150 (Visual Studio Standard Collector Service 150) - Stopped/Paused
    ---W32Time (Windows Time) - Stopped/Paused
    ---WaaSMedicSvc (Windows Update Medic Service) - Stopped/Paused
    ---WalletService (WalletService) - Stopped/Paused
    ---WarpJITSvc (WarpJITSvc) - Stopped/Paused
    ***WavesSysSvc (Waves Audio Services) - Running
    ---wbengine (Block Level Backup Engine Service) - Stopped/Paused
    ***WbioSrvc (Windows Biometric Service) - Running
    ***Wcmsvc (Windows Connection Manager) - Running
    ---wcncsvc (Windows Connect Now - Config Registrar) - Stopped/Paused
    ***WdiServiceHost (Diagnostic Service Host) - Running
    ***WdiSystemHost (Diagnostic System Host) - Running
    ***WdNisSvc (Windows Defender Antivirus Network Inspection Service) - Running
    ---WebClient (WebClient) - Stopped/Paused
    ---WebManagement (Web Management) - Stopped/Paused
    ---Wecsvc (Windows Event Collector) - Stopped/Paused
    ---WEPHOSTSVC (Windows Encryption Provider Host Service) - Stopped/Paused
    ---wercplsupport (Problem Reports and Solutions Control Panel Support) - Stopped/Paused
    ---WerSvc (Windows Error Reporting Service) - Stopped/Paused
    ---WFDSConMgrSvc (WLAN Direct ����ӹ�������) - Stopped/Paused
    ---WiaRpc (Still Image Acquisition Events) - Stopped/Paused
    ***WinDefend (Windows Defender Antivirus Service) - Running
    ***WinHttpAutoProxySvc (WinHTTP Web Proxy Auto-Discovery Service) - Running
    ***Winmgmt (Windows Management Instrumentation) - Running
    ---WinRM (Windows Remote Management (WS-Management)) - Stopped/Paused
    ---wisvc (Windows Ԥ�������Ա����) - Stopped/Paused
    ***WlanSvc (WLAN AutoConfig) - Running
    ---wlidsvc (Microsoft Account Sign-in Assistant) - Stopped/Paused
    ---wlpasvc (���������ļ���ַ���) - Stopped/Paused
    ---WManSvc (Windows �����) - Stopped/Paused
    ---wmiApSrv (WMI Performance Adapter) - Stopped/Paused
    ---WMPNetworkSvc (Windows Media Player Network Sharing Service) - Stopped/Paused
    ---workfolderssvc (Work Folders) - Stopped/Paused
    ---WpcMonSvc (�ҳ�����) - Stopped/Paused
    ---WPDBusEnum (Portable Device Enumerator Service) - Stopped/Paused
    ***WpnService (Windows ����֪ͨϵͳ����) - Running
    ***wscsvc (Security Center) - Running
    ***WSearch (Windows Search) - Running
    ---wuauserv (Windows Update) - Stopped/Paused
    ---WwanSvc (WWAN AutoConfig) - Stopped/Paused
    ---XblAuthManager (Xbox Live �����֤����) - Stopped/Paused
    ---XblGameSave (Xbox Live ��Ϸ����) - Stopped/Paused
    ---XboxGipSvc (Xbox Accessory Management Service) - Stopped/Paused
    ---XboxNetApiSvc (Xbox Live �����) - Stopped/Paused
    ---AarSvc_d3f38 (Agent Activation Runtime_d3f38) - Stopped/Paused
    ---BcastDVRUserService_d3f38 (GameDVR �͹㲥�û�����_d3f38) - Stopped/Paused
    ---BluetoothUserService_d3f38 (����û�֧�ַ���_d3f38) - Stopped/Paused
    ---CaptureService_d3f38 (CaptureService_d3f38) - Stopped/Paused
    ***cbdhsvc_d3f38 (������û�����_d3f38) - Running
    ***CDPUserSvc_d3f38 (�����豸ƽ̨�û�����_d3f38) - Running
    ---ConsentUxUserSvc_d3f38 (ConsentUX_d3f38) - Stopped/Paused
    ---CredentialEnrollmentManagerUserSvc_d3f38 (CredentialEnrollmentManagerUserSvc_d3f38) - Stopped/Paused
    ---DeviceAssociationBrokerSvc_d3f38 (DeviceAssociationBroker_d3f38) - Stopped/Paused
    ---DevicePickerUserSvc_d3f38 (DevicePicker_d3f38) - Stopped/Paused
    ---DevicesFlowUserSvc_d3f38 (DevicesFlow_d3f38) - Stopped/Paused
    ***LxssManagerUser_d3f38 (LxssManagerUser_d3f38) - Running
    ---MessagingService_d3f38 (MessagingService_d3f38) - Stopped/Paused
    ***OneSyncSvc_d3f38 (ͬ�����_d3f38) - Running
    ***PimIndexMaintenanceSvc_d3f38 (Contact Data_d3f38) - Running
    ---PrintWorkflowUserSvc_d3f38 (PrintWorkflow_d3f38) - Stopped/Paused
    ***UnistoreSvc_d3f38 (User Data Storage_d3f38) - Running
    ***UserDataSvc_d3f38 (User Data Access_d3f38) - Running
    ***WpnUserService_d3f38 (Windows Push Notifications User Service_d3f38) - Running

Loaded Modules: 
[With ToolHelp32]
    -00400000 <RAW> : C:\Users\steve02081504\Desktop\ssp\ssp.exe
                      2.4.58.3000 - SSP
                      (C) D-EXCLAMATION / SSP BUGTRAQ
    -036c0000 <CMP> : C:\Users\steve02081504\Desktop\ssp\plugin\shared_value\shared_value.dll
                      1.0.0.0 - Shared Value Plugin
                      Copyright (C) CSaori Project
    -037f0000 <RAW> : C:\Users\steve02081504\Desktop\ssp\plugin\SAKNIFE\SAKNIFE.dll
                      1.5.2.0 - SwissArmyKnife
                      (C) 2004 SSP BUGTRAQ
    -0a700000 <RAW> : C:\Users\steve02081504\Desktop\ssp\ghost\Taromati2\ghost\master\saori\saori_ip.dll
    -10000000 <CMP> : C:\Users\steve02081504\Desktop\ssp\data\language\chinese-simplified\resource.dll
                      2.1.0.0 - 
                      
    -13700000 <RAW> : C:\Users\steve02081504\Desktop\ssp\ghost\Taromati2\ghost\master\aya.dll
                      5.51.1.0 - yaya
                       
    -6d290000 <RAW> : C:\Windows\system32\Oleacc.dll
                      7.2.18362.1 - Active Accessibility Core Component
                      ? Microsoft Corporation. All rights reserved.
    -6dec0000 <RAW> : C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.720_none_5f56df818223263f\gdiplus.dll
                      10.0.18362.720 - Microsoft GDI+
                      ? Microsoft Corporation. All rights reserved.
    -6ec70000 <RAW> : C:\Windows\System32\OneCoreUAPCommonProxyStub.dll
                      10.0.18362.449 - OneCoreUAP Common Proxy Stub
                      ? Microsoft Corporation. All rights reserved.
    -6f240000 <RAW> : C:\Windows\SYSTEM32\wintypes.dll
                      10.0.18362.693 - Windows �������� DLL
                      ? Microsoft Corporation. All rights reserved.
    -6f320000 <RAW> : C:\Windows\System32\CoreUIComponents.dll
                      10.0.18362.207 - Microsoft Core UI Components Dll
                      ? Microsoft Corporation. All rights reserved.
    -6f580000 <RAW> : C:\Windows\System32\CoreMessaging.dll
                      10.0.18362.1 - Microsoft CoreMessaging Dll
                      ? Microsoft Corporation. All rights reserved.
    -6f610000 <RAW> : C:\Windows\System32\TextInputFramework.dll
                      10.0.18362.207 - "TextInputFramework.DYNLINK"
                      ? Microsoft Corporation. All rights reserved.
    -6f6a0000 <RAW> : C:\Windows\SYSTEM32\policymanager.dll
                      10.0.18362.387 - Policy Manager DLL
                      ? Microsoft Corporation. All rights reserved.
    -6f790000 <RAW> : C:\Windows\system32\dxgi.dll
                      10.0.18362.693 - DirectX Graphics Infrastructure
                      ? Microsoft Corporation. All rights reserved.
    -6f860000 <RAW> : C:\Windows\system32\dcomp.dll
                      10.0.18362.387 - Microsoft DirectComposition Library
                      ? Microsoft Corporation. All rights reserved.
    -6fc00000 <RAW> : C:\Windows\system32\d3d11.dll
                      10.0.18362.387 - Direct3D 11 Runtime
                      ? Microsoft Corporation. All rights reserved.
    -6fdf0000 <RAW> : C:\Windows\System32\iertutil.dll
                      11.0.18362.693 - Internet Explorer ������ʱʵ�ó���
                      ? Microsoft Corporation. All rights reserved.
    -70060000 <RAW> : C:\Windows\SYSTEM32\LINKINFO.dll
                      10.0.18362.1 - Windows Volume Tracking
                      ? Microsoft Corporation. All rights reserved.
    -70070000 <RAW> : C:\Windows\SYSTEM32\dxcore.dll
                      10.0.18362.1 - DXCore
                      ? Microsoft Corporation. All rights reserved.
    -70090000 <RAW> : C:\Windows\system32\dataexchange.dll
                      10.0.18362.1 - Data exchange
                      ? Microsoft Corporation. All rights reserved.
    -701e0000 <RAW> : C:\Windows\SYSTEM32\ntshrui.dll
                      10.0.18362.329 - ���ڹ��������չ
                      ? Microsoft Corporation. All rights reserved.
    -70250000 <RAW> : C:\Windows\SYSTEM32\mscms.dll
                      10.0.18362.267 - Microsoft ��ɫƥ��ϵͳ DLL
                      ? Microsoft Corporation. All rights reserved.
    -702f0000 <RAW> : C:\Windows\system32\explorerframe.dll
                      10.0.18362.418 - ExplorerFrame
                      ? Microsoft Corporation. All rights reserved.
    -704d0000 <RAW> : C:\Windows\SYSTEM32\ColorAdapterClient.dll
                      10.0.18362.267 - Microsoft Color Adapter Client
                      ? Microsoft Corporation. All rights reserved.
    -704f0000 <RAW> : C:\Windows\System32\netprofm.dll
                      10.0.18362.1 - Network List Manager
                      ? Microsoft Corporation. All rights reserved.
    -70520000 <RAW> : C:\Windows\System32\LocationApi.dll
                      10.0.18362.1 - Microsoft Windows Location API
                      ? Microsoft Corporation. All rights reserved.
    -70580000 <RAW> : C:\Windows\System32\deviceaccess.dll
                      10.0.18362.1 - Device Broker And Policy COM Server
                      ? Microsoft Corporation. All rights reserved.
    -705c0000 <RAW> : C:\Windows\SYSTEM32\cscapi.dll
                      10.0.18362.1 - Offline Files Win32 API
                      ? Microsoft Corporation. All rights reserved.
    -705d0000 <RAW> : C:\Windows\System32\PortableDeviceTypes.dll
                      10.0.18362.1 - Windows Portable Device (Parameter) Types Component
                      ? Microsoft Corporation. All rights reserved.
    -70600000 <RAW> : C:\Windows\System32\msvcp110_win.dll
                      10.0.18362.1 - Microsoft? STL110 C++ Runtime Library
                      ? Microsoft Corporation. All rights reserved.
    -70670000 <RAW> : C:\Windows\System32\SensorsNativeApi.V2.dll
                      10.0.18362.1 - Sensors Native API (V2 stack)
                      ? Microsoft Corporation. All rights reserved.
    -706a0000 <RAW> : C:\Windows\System32\SensorsApi.dll
                      10.0.18362.1 - ����� API
                      ? Microsoft Corporation. All rights reserved.
    -70700000 <RAW> : C:\Windows\SYSTEM32\WINMMBASE.dll
                      10.0.18362.1 - Base Multimedia Extension API DLL
                      ? Microsoft Corporation. All rights reserved.
    -70730000 <RAW> : C:\Windows\System32\npmproxy.dll
                      10.0.18362.1 - Network List Manager Proxy
                      ? Microsoft Corporation. All rights reserved.
    -70740000 <RAW> : C:\Windows\System32\SensorsUtilsV2.dll
                      10.0.18362.1 - ����� v2 ʵ�ù��� DLL
                      ? Microsoft Corporation. All rights reserved.
    -70760000 <RAW> : C:\Windows\SYSTEM32\WINMM.dll
                      10.0.18362.1 - MCI API DLL
                      ? Microsoft Corporation. All rights reserved.
    -70820000 <RAW> : C:\Windows\System32\LocationFrameworkPS.dll
                      10.0.18362.1 - Windows Geolocation Framework PS
                      ? Microsoft Corporation. All rights reserved.
    -70830000 <RAW> : C:\Windows\System32\ActXPrxy.dll
                      10.0.18362.329 - ActiveX Interface Marshaling Library
                      ? Microsoft Corporation. All rights reserved.
    -70880000 <RAW> : C:\Windows\system32\twinapi.dll
                      10.0.18362.628 - twinapi
                      ? Microsoft Corporation. All rights reserved.
    -70910000 <RAW> : C:\Windows\System32\RMCLIENT.dll
                      10.0.18362.267 - Resource Manager Client
                      ? Microsoft Corporation. All rights reserved.
    -70930000 <RAW> : C:\Windows\System32\twinapi.appcore.dll
                      10.0.18362.693 - twinapi.appcore
                      ? Microsoft Corporation. All rights reserved.
    -70b20000 <RAW> : C:\Windows\System32\OneCoreCommonProxyStub.dll
                      10.0.18362.1 - OneCore Common Proxy Stub
                      ? Microsoft Corporation. All rights reserved.
    -70b60000 <RAW> : C:\Windows\System32\perfos.dll
                      10.0.18362.1 - Windows ϵͳ���ܶ��� DLL
                      ? Microsoft Corporation. All rights reserved.
    -70b70000 <RAW> : C:\Windows\SYSTEM32\oledlg.dll
                      10.0.18362.1 - OLE �û�����֧��
                      ? Microsoft Corporation. All rights reserved.
    -70ba0000 <RAW> : C:\Windows\SYSTEM32\QUARTZ.dll
                      10.0.18362.1 - DirectShow Runtime.
                      ? Microsoft Corporation. All rights reserved.
    -70d60000 <RAW> : C:\Windows\system32\dwmapi.dll
                      10.0.18362.267 - Microsoft ��洰�ڹ��� API
                      ? Microsoft Corporation. All rights reserved.
    -70d90000 <RAW> : C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.720_none_2e6bec9c2790ac71\COMCTL32.dll
                      6.10.18362.720 - �û�����ؼ���
                      ? Microsoft Corporation. All rights reserved.
    -711e0000 <RAW> : C:\Windows\SYSTEM32\USERENV.dll
                      10.0.18362.387 - Userenv
                      ? Microsoft Corporation. All rights reserved.
    -71210000 <RAW> : C:\Windows\system32\msimg32.dll
                      10.0.18362.719 - GDIEXT Client DLL
                      ? Microsoft Corporation. All rights reserved.
    -71220000 <RAW> : C:\Windows\System32\PROPSYS.dll
                      7.0.18362.267 - Microsoft ����ϵͳ
                      ? Microsoft Corporation. All rights reserved.
    -712f0000 <RAW> : C:\Windows\system32\uxtheme.dll
                      10.0.18362.449 - Microsoft UxTheme ��
                      ? Microsoft Corporation. All rights reserved.
    -71390000 <RAW> : C:\Windows\System32\fwpuclnt.dll
                      10.0.18362.113 - FWP/IPsec �û�ģʽ API
                      ? Microsoft Corporation. All rights reserved.
    -713f0000 <RAW> : C:\Windows\System32\rasadhlp.dll
                      10.0.18362.1 - Remote Access AutoDial Helper
                      ? Microsoft Corporation. All rights reserved.
    -71400000 <RAW> : C:\Windows\system32\wshbth.dll
                      10.0.18362.1 - Windows Sockets Helper DLL
                      ? Microsoft Corporation. All rights reserved.
    -71410000 <RAW> : C:\Windows\system32\NLAapi.dll
                      10.0.18362.1 - Network Location Awareness 2
                      ? Microsoft Corporation. All rights reserved.
    -71430000 <RAW> : C:\Windows\System32\winrnr.dll
                      10.0.18362.1 - LDAP RnR Provider DLL
                      ? Microsoft Corporation. All rights reserved.
    -71440000 <RAW> : C:\Windows\system32\pnrpnsp.dll
                      10.0.18362.1 - PNRP ���ռ��ṩ����
                      ? Microsoft Corporation. All rights reserved.
    -71460000 <RAW> : C:\Windows\system32\napinsp.dll
                      10.0.18362.1 - �����ʼ�������ṩ����
                      ? Microsoft Corporation. All rights reserved.
    -714f0000 <RAW> : C:\Windows\SYSTEM32\DNSAPI.dll
                      10.0.18362.267 - DNS �ͻ��� API DLL
                      ? Microsoft Corporation. All rights reserved.
    -72060000 <RAW> : C:\Windows\SYSTEM32\ntmarta.dll
                      10.0.18362.1 - Windows NT MARTA �ṩ����
                      ? Microsoft Corporation. All rights reserved.
    -723c0000 <RAW> : C:\Windows\SYSTEM32\srvcli.dll
                      10.0.18362.1 - Server Service Client DLL
                      ? Microsoft Corporation. All rights reserved.
    -72490000 <RAW> : C:\Windows\system32\rsaenh.dll
                      10.0.18362.1 - Microsoft Enhanced Cryptographic Provider
                      ? Microsoft Corporation. All rights reserved.
    -72500000 <RAW> : C:\Windows\system32\mswsock.dll
                      10.0.18362.1 - Microsoft Windows Sockets 2.0 �����ṩ����
                      ? Microsoft Corporation. All rights reserved.
    -72780000 <RAW> : C:\Windows\SYSTEM32\iphlpapi.dll
                      10.0.18362.1 - IP ������� API
                      ? Microsoft Corporation. All rights reserved.
    -73ca0000 <RAW> : C:\Windows\SYSTEM32\WSOCK32.dll
                      10.0.18362.1 - Windows Socket 32-Bit DLL
                      ? Microsoft Corporation. All rights reserved.
    -74620000 <RAW> : C:\Windows\SYSTEM32\VERSION.dll
                      10.0.18362.1 - Version Checking and File Installation Libraries
                      ? Microsoft Corporation. All rights reserved.
    -74630000 <RAW> : C:\Windows\System32\CRYPTBASE.dll
                      10.0.18362.1 - Base cryptographic API DLL
                      ? Microsoft Corporation. All rights reserved.
    -74640000 <RAW> : C:\Windows\System32\SspiCli.dll
                      10.0.18362.1 - Security Support Provider Interface
                      ? Microsoft Corporation. All rights reserved.
    -74660000 <RAW> : C:\Windows\System32\NSI.dll
                      10.0.18362.449 - NSI User-mode interface DLL
                      ? Microsoft Corporation. All rights reserved.
    -746c0000 <RAW> : C:\Windows\System32\comdlg32.dll
                      10.0.18362.693 - Common Dialogs DLL
                      ? Microsoft Corporation. All rights reserved.
    -74770000 <RAW> : C:\Windows\System32\OLEAUT32.dll
                      10.0.18362.693 - OLEAUT32.DLL
                      ? Microsoft Corporation. All rights reserved.
    -74810000 <RAW> : C:\Windows\System32\combase.dll
                      10.0.18362.693 - ���� Windows �� Microsoft COM
                      ? Microsoft Corporation. All rights reserved.
    -74a90000 <RAW> : C:\Windows\System32\msvcp_win.dll
                      10.0.18362.387 - Microsoft? C Runtime Library
                      ? Microsoft Corporation. All rights reserved.
    -74b10000 <RAW> : C:\Windows\System32\sechost.dll
                      10.0.18362.693 - Host for SCM/SDDL/LSA Lookup APIs
                      ? Microsoft Corporation. All rights reserved.
    -74b90000 <RAW> : C:\Windows\System32\CRYPT32.dll
                      10.0.18362.592 - ���� API32
                      ? Microsoft Corporation. All rights reserved.
    -74cf0000 <RAW> : C:\Windows\System32\cfgmgr32.dll
                      10.0.18362.387 - Configuration Manager DLL
                      ? Microsoft Corporation. All rights reserved.
    -74d30000 <RAW> : C:\Windows\System32\kernel.appcore.dll
                      10.0.18362.1 - AppModel API Host
                      ? Microsoft Corporation. All rights reserved.
    -74d40000 <RAW> : C:\Windows\System32\profapi.dll
                      10.0.18362.693 - User Profile Basic API
                      ? Microsoft Corporation. All rights reserved.
    -74d60000 <RAW> : C:\Windows\System32\imagehlp.dll
                      10.0.18362.1 - Windows NT Image Helper
                      ? Microsoft Corporation. All rights reserved.
    -74d80000 <RAW> : C:\Windows\System32\MSASN1.dll
                      10.0.18362.1 - ASN.1 Runtime APIs
                      ? Microsoft Corporation. All rights reserved.
    -74d90000 <RAW> : C:\Windows\System32\IMM32.DLL
                      10.0.18362.387 - Multi-User Windows IMM32 API Client DLL
                      ? Microsoft Corporation. All rights reserved.
    -74e20000 <RAW> : C:\Windows\System32\windows.storage.dll
                      10.0.18362.719 - Microsoft WinRT Storage API
                      ? Microsoft Corporation. All rights reserved.
    -754e0000 <RAW> : C:\Windows\System32\SHELL32.dll
                      10.0.18362.719 - Windows Shell ���� DLL
                      ? Microsoft Corporation. All rights reserved.
    -75a60000 <RAW> : C:\Windows\System32\win32u.dll
                      10.0.18362.719 - Win32u
                      ? Microsoft Corporation. All rights reserved.
    -75a80000 <RAW> : C:\Windows\System32\msvcrt.dll
                      7.0.18362.1 - Windows NT CRT DLL
                      ? Microsoft Corporation. All rights reserved.
    -75b40000 <RAW> : C:\Windows\System32\bcryptPrimitives.dll
                      10.0.18362.295 - Windows Cryptographic Primitives Library
                      ? Microsoft Corporation. All rights reserved.
    -75ba0000 <RAW> : C:\Windows\System32\UMPDC.dll
    -75bb0000 <RAW> : C:\Windows\System32\USER32.dll
                      10.0.18362.719 - ���û� Windows �û� API �ͻ��� DLL
                      ? Microsoft Corporation. All rights reserved.
    -75ec0000 <RAW> : C:\Windows\System32\SHLWAPI.dll
                      10.0.18362.1 - ��Ǽ���ʵ�ù��߿�
                      ? Microsoft Corporation. All rights reserved.
    -75f10000 <RAW> : C:\Windows\System32\clbcatq.dll
                      2001.12.10941.16384 - COM+ Configuration Catalog
                      ? Microsoft Corporation. All rights reserved.
    -75f90000 <RAW> : C:\Windows\System32\ole32.dll
                      10.0.18362.693 - ���� Windows �� Microsoft OLE
                      ? Microsoft Corporation. All rights reserved.
    -76090000 <RAW> : C:\Windows\System32\bcrypt.dll
                      10.0.18362.267 - Windows ���ܻ�Ԫ��
                      ? Microsoft Corporation. All rights reserved.
    -760b0000 <RAW> : C:\Windows\System32\KERNEL32.DLL
                      10.0.18362.329 - Windows NT ���� API �ͻ��� DLL
                      ? Microsoft Corporation. All rights reserved.
    -761a0000 <RAW> : C:\Windows\System32\GDI32.dll
                      10.0.18362.1 - GDI Client DLL
                      ? Microsoft Corporation. All rights reserved.
    -761d0000 <RAW> : C:\Windows\System32\gdi32full.dll
                      10.0.18362.719 - GDI Client DLL
                      ? Microsoft Corporation. All rights reserved.
    -76330000 <RAW> : C:\Windows\System32\MSCTF.dll
                      10.0.18362.693 - MSCTF ����� DLL
                      ? Microsoft Corporation. All rights reserved.
    -76440000 <RAW> : C:\Windows\System32\ADVAPI32.dll
                      10.0.18362.329 - �߼� Windows 32 ���� API
                      ? Microsoft Corporation. All rights reserved.
    -764c0000 <RAW> : C:\Windows\System32\cryptsp.dll
                      10.0.18362.1 - Cryptographic Service Provider API
                      ? Microsoft Corporation. All rights reserved.
    -764e0000 <RAW> : C:\Windows\System32\WS2_32.dll
                      10.0.18362.387 - Windows Socket 2.0 32 λ DLL
                      ? Microsoft Corporation. All rights reserved.
    -76540000 <RAW> : C:\Windows\System32\RPCRT4.dll
                      10.0.18362.628 - Զ�̹��̵�������ʱ
                      ? Microsoft Corporation. All rights reserved.
    -76600000 <RAW> : C:\Windows\System32\SETUPAPI.dll
                      10.0.18362.1 - Windows ��װ���� API
                      ? Microsoft Corporation. All rights reserved.
    -76a50000 <RAW> : C:\Windows\System32\shcore.dll
                      10.0.18362.1 - SHCORE
                      ? Microsoft Corporation. All rights reserved.
    -76ae0000 <RAW> : C:\Windows\System32\normaliz.dll
                      10.0.18362.1 - Unicode Normalization DLL
                      ? Microsoft Corporation. All rights reserved.
    -76af0000 <RAW> : C:\Windows\System32\KERNELBASE.dll
                      10.0.18362.719 - Windows NT ���� API �ͻ��� DLL
                      ? Microsoft Corporation. All rights reserved.
    -76cf0000 <RAW> : C:\Windows\System32\powrprof.dll
                      10.0.18362.1 - ��Դ�����ļ�������� DLL
                      ? Microsoft Corporation. All rights reserved.
    -76d40000 <RAW> : C:\Windows\System32\ucrtbase.dll
                      10.0.18362.387 - Microsoft? C Runtime Library
                      ? Microsoft Corporation. All rights reserved.
==> -76e70000 <RAW> : C:\Windows\SYSTEM32\ntdll.dll
                      10.0.18362.719 - NT �� DLL
                      ? Microsoft Corporation. All rights reserved.

Registers: 
EAX 00199578 EBX 00000000 ECX 001995a8 EDX 76f8b960
ESI 00000002 EDI 001993a0 DS 002b ES 002b FS 0053 GS 002b
SS/ESP/EBP 002b/00199550/00199588 CS/EIP 0023/76f4f95d
EFlags 00200246 (Parity,Zero,Interrupt,ID)

Stack Dump: 
e9f29d7e 001993a0 00000002 00000000 1377ce47 09a86f48 04418c17 00000002
00199550 6e696843 0019960c 76ee9f90 9f1c655e 00000000 0019961c 76f4f935
e9f29eea 001993a0 00000002 00000000 76f8b960 c0000374 c0000374 00000001
00000000 76f4f95d 00000001 76f8b960 000207d0 00000064 00000022 001995f4
001a0000 0019ba80 00000022 001995b0 00000000 00199648 76ee9f90 9f1c69d6
fffffffe 00199618 76ed0f81 76f8b990 e9f29eea 00199590 00000002 00199648
76ee9f90 9f1c657e fffffffe 00199658 76f58384 00000001 76f8b990 76f56279
e9f29eae 001993a0 001993a0 00000000 00199630 001993a8 0019972c 76ee9f90

CallStack Trace:
00 : 76f4f95d/000de95d <RAW> [e9f29eea,001993a0,00000002,00000000] @ ntdll.dll (RtlIsNonEmptyDirectoryReparsePointAllowed->0xcd)
01 : 76f4f935/000de935 <RAW> [00000001,76f8b990,76f56279,e9f29eae] @ ntdll.dll (RtlIsNonEmptyDirectoryReparsePointAllowed->0xa5)
02 : 76f58384/000e7384 <RAW> [00000008,009b0000,001993a0,009b0000] @ ntdll.dll (RtlpNtSetValueKey->0x27c4)
03 : 76f60d72/000efd72 <RAW> [001993a0,00000000,00000000,00000000] @ ntdll.dll (RtlpNtSetValueKey->0xb1b2)
04 : 76ef6662/00085662 <RAW> [00000000,00000000,00000000,001993a8] @ ntdll.dll (LdrCallEnclave->0x102)
05 : 76eadc16/0003cc16 <RAW> [009b0000,00000000,001993a8,cf9a9e22] @ ntdll.dll (RtlFreeHeap->0x46)
06 : 76bff676/0010e676 <RAW> [001993a8,088e7b98,06dab9e4,001997c8] @ KERNELBASE.dll (GlobalFree->0xc6)
07 : 137294c1/000284c1 <RAW> [0332fc50,04418be0,06dab9e4,06dab9bc] @ aya.dll (logsend->0x27971)
08 : 13728c9b/00027c9b <RAW> [001997b8,06dab9e4,001997c8,00000000] @ aya.dll (logsend->0x2714b)
09 : 137475e7/000465e7 <RAW> [0019985c,00199898,08d2da30,00199848] @ aya.dll (logsend->0x45a97)
10 : 13744116/00043116 <RAW> [0019985c,0000000a,00199898,001998d8] @ aya.dll (logsend->0x425c6)
11 : 137248f2/000238f2 <RAW> [040d33c4,07850fbc,088f2c98,00199e40] @ aya.dll (logsend->0x22da2)
12 : 13720e1b/0001fe1b <RAW> [00199e40,088f2c98,08d2d9d8,00000002] @ aya.dll (logsend->0x1f2cb)
13 : 1371e717/0001d717 <RAW> [00000000,07f1ec98,00199e40,00fffffe] @ aya.dll (logsend->0x1cbc7)
14 : 1371e3f7/0001d3f7 <RAW> [07f1ec98,00199e5c,00199e40,08e11940] @ aya.dll (logsend->0x1c8a7)
15 : 1372427a/0002327a <RAW> [07f1ec98,087a532c,088ab190,0019a3dc] @ aya.dll (logsend->0x2272a)
16 : 13720da6/0001fda6 <RAW> [0019a3dc,088ab190,08d2d96c,00000001] @ aya.dll (logsend->0x1f256)
17 : 1371e6fe/0001d6fe <RAW> [00000000,07f1e3a0,0019a3dc,00fffffe] @ aya.dll (logsend->0x1cbae)
18 : 1371e3f7/0001d3f7 <RAW> [07f1e3a0,0019a3f8,0019a3dc,040ca17c] @ aya.dll (logsend->0x1c8a7)
19 : 1372427a/0002327a <RAW> [07f1e3a0,07850b30,08819638,0019aa4c] @ aya.dll (logsend->0x2272a)
20 : 13720da6/0001fda6 <RAW> [0019aa4c,08819638,08d2d828,0019aa4c] @ aya.dll (logsend->0x1f256)
21 : 1371e72b/0001d72b <RAW> [00000008,0019a934,0019aa4c,00fffffe] @ aya.dll (logsend->0x1cbdb)
22 : 1371e80c/0001d80c <RAW> [00000000,07f1dd80,0019aa4c,00fffffe] @ aya.dll (logsend->0x1ccbc)
23 : 1371e3f7/0001d3f7 <RAW> [07f1dd80,0019aa68,0019aa4c,040c8878] @ aya.dll (logsend->0x1c8a7)
24 : 1372427a/0002327a <RAW> [07f1dd80,07850df0,087f02e8,0019afe8] @ aya.dll (logsend->0x2272a)
25 : 13720da6/0001fda6 <RAW> [0019afe8,087f02e8,08d2d894,00000002] @ aya.dll (logsend->0x1f256)
26 : 1371e72b/0001d72b <RAW> [00000000,07f1df78,0019afe8,00fffffe] @ aya.dll (logsend->0x1cbdb)
27 : 1371e3f7/0001d3f7 <RAW> [07f1df78,0019b004,0019afe8,06e18774] @ aya.dll (logsend->0x1c8a7)
28 : 1372427a/0002327a <RAW> [07f1df78,08358d3c,0885d2f4,0019b5b4] @ aya.dll (logsend->0x2272a)
29 : 13720da6/0001fda6 <RAW> [0019b5b4,0885d2f4,08d465fc,00000000] @ aya.dll (logsend->0x1f256)
30 : 1371e717/0001d717 <RAW> [00000000,07f1c0d8,0019b5b4,01fffffe] @ aya.dll (logsend->0x1cbc7)
31 : 1371e3f7/0001d3f7 <RAW> [07f1c0d8,0019b584,0019b5b4,07f1c0d8] @ aya.dll (logsend->0x1c8a7)
32 : 13721cbd/00020cbd <RAW> [06fb5574,087208f8,0019bc44,08d464b8] @ aya.dll (logsend->0x2016d)
33 : 13720fc1/0001ffc1 <RAW> [0019bc44,087208f8,08d464b8,0019bc44] @ aya.dll (logsend->0x1f471)
34 : 1371e6fe/0001d6fe <RAW> [00000015,0019bafc,0019bc44,00fffffe] @ aya.dll (logsend->0x1cbae)
35 : 1371e850/0001d850 <RAW> [00000000,07f1bf18,0019bc44,00fffffe] @ aya.dll (logsend->0x1cd00)
36 : 1371e3f7/0001d3f7 <RAW> [07f1bf18,0019bc14,0019bc44,07f1bf18] @ aya.dll (logsend->0x1c8a7)
37 : 13721cbd/00020cbd <RAW> [0431cae4,0933241c,0019c200,08d35868] @ aya.dll (logsend->0x2016d)
38 : 13720fc1/0001ffc1 <RAW> [0019c200,0933241c,08d35868,00000000] @ aya.dll (logsend->0x1f471)
39 : 1371e6fe/0001d6fe <RAW> [00000000,07fce0f8,0019c200,00fffffe] @ aya.dll (logsend->0x1cbae)
40 : 1371e3f7/0001d3f7 <RAW> [07fce0f8,0019c1d0,0019c200,07fce0f8] @ aya.dll (logsend->0x1c8a7)
41 : 13721cbd/00020cbd <RAW> [0699aa6c,087aba74,0019c964,08d3f69c] @ aya.dll (logsend->0x2016d)
42 : 13720fc1/0001ffc1 <RAW> [0019c964,087aba74,08d3f69c,0019c964] @ aya.dll (logsend->0x1f471)
43 : 1371e6fe/0001d6fe <RAW> [00000037,0019c748,0019c964,00fffffe] @ aya.dll (logsend->0x1cbae)
44 : 1371e850/0001d850 <RAW> [00000002,0019c81c,0019c964,00fffffe] @ aya.dll (logsend->0x1cd00)
45 : 1371e80c/0001d80c <RAW> [00000000,07fd75f0,0019c964,00fffffe] @ aya.dll (logsend->0x1ccbc)
46 : 1371e3f7/0001d3f7 <RAW> [07fd75f0,0019c934,0019c964,07fd75f0] @ aya.dll (logsend->0x1c8a7)
47 : 13721cbd/00020cbd <RAW> [0699a5ec,08ce5290,0019cff4,08d3f630] @ aya.dll (logsend->0x2016d)
48 : 13720fc1/0001ffc1 <RAW> [0019cff4,08ce5290,08d3f630,0019cff4] @ aya.dll (logsend->0x1f471)
49 : 1371e6fe/0001d6fe <RAW> [00000006,0019ceac,0019cff4,00fffffe] @ aya.dll (logsend->0x1cbae)
50 : 1371e850/0001d850 <RAW> [00000000,07fd48a8,0019cff4,00fffffe] @ aya.dll (logsend->0x1cd00)
51 : 1371e3f7/0001d3f7 <RAW> [07fd48a8,0019cfc4,0019cff4,07fd48a8] @ aya.dll (logsend->0x1c8a7)
52 : 13721cbd/00020cbd <RAW> [088e79bc,0019d444,0019dbf0,00000180] @ aya.dll (logsend->0x2016d)
53 : 13720fc1/0001ffc1 <RAW> [0019dbf0,0019d444,00000000,0019d508] @ aya.dll (logsend->0x1f471)
54 : 1375222d/0005122d <RAW> [0019d508,0019d544,08d2d0e8,0019d4f4] @ aya.dll (logsend->0x506dd)
55 : 137447b4/000437b4 <RAW> [0019d508,00000035,0019d544,0019d584] @ aya.dll (logsend->0x42c64)
56 : 137248f2/000238f2 <RAW> [04096bf4,0845a764,0903fb60,0019dbf0] @ aya.dll (logsend->0x22da2)
57 : 13720e1b/0001fe1b <RAW> [0019dbf0,0903fb60,08d2d090,0019dbf0] @ aya.dll (logsend->0x1f2cb)
58 : 1371e717/0001d717 <RAW> [00000018,0019daa8,0019dbf0,00fffffe] @ aya.dll (logsend->0x1cbc7)
59 : 1371e80c/0001d80c <RAW> [00000000,08063088,0019dbf0,00fffffe] @ aya.dll (logsend->0x1ccbc)
60 : 1371e3f7/0001d3f7 <RAW> [08063088,0019dbc0,0019dbf0,0019e4a4] @ aya.dll (logsend->0x1c8a7)
61 : 13721cbd/00020cbd <RAW> [04096840,0884e62c,0019e4a4,0409680c] @ aya.dll (logsend->0x2016d)
62 : 13723184/00022184 <RAW> [00000014,08062f38,0845930c,04096824] @ aya.dll (logsend->0x21634)
63 : 1372012a/0001f12a <RAW> [0019e4a4,0884e62c,08d2cf4c,0019e4a4] @ aya.dll (logsend->0x1e5da)
64 : 1371e72b/0001d72b <RAW> [00000009,0019e288,0019e4a4,00fffffe] @ aya.dll (logsend->0x1cbdb)
65 : 1371e80c/0001d80c <RAW> [00000002,0019e35c,0019e4a4,00fffffe] @ aya.dll (logsend->0x1ccbc)
66 : 1371ec83/0001dc83 <RAW> [00000000,08062448,0019e4a4,00fffffe] @ aya.dll (logsend->0x1d133)
67 : 1371e3f7/0001d3f7 <RAW> [08062448,0019e474,0019e4a4,08062448] @ aya.dll (logsend->0x1c8a7)
68 : 13721cbd/00020cbd <RAW> [04075234,088f2638,0019ea28,08d2cee0] @ aya.dll (logsend->0x2016d)
69 : 13720fc1/0001ffc1 <RAW> [0019ea28,088f2638,08d2cee0,00000001] @ aya.dll (logsend->0x1f471)
70 : 1371e6fe/0001d6fe <RAW> [00000000,0019ea3c,0019ea28,00fffffe] @ aya.dll (logsend->0x1cbae)
71 : 1371e3f7/0001d3f7 <RAW> [0019ea3c,0019ea7c,0019ea28,03318d58] @ aya.dll (logsend->0x1c8a7)
72 : 137174e0/000164e0 <RAW> [03318d58,0019f0e4,00000000,0019ebc4] @ aya.dll (logsend->0x15990)
73 : 13701af5/00000af5 <RAW> [03318d58,0019f0e4,03318d58,02d60034] @ aya.dll (request->0x25)
74 : 00509337/00108337 <RAW> [13701ad0,03318d58,0019f0e4,02d602ac] @ ssp.exe (SPModule::ToHandleW->0xb7)
75 : 005095cd/001085cd <RAW> [13701ad0,03318d58,0019f0e4,02d60034] @ ssp.exe (SPModule::GetVersionRequest->0xbd)
76 : 0050990a/0010890a <RAW> [0019f30c,03318d58,0019f354,0019f814] @ ssp.exe (SPModule::MakeLastReference->0x9a)
77 : 0054e7e1/0014d7e1 <RAW> [0019f30c,0019f814,02d5f578,00000000] @ ssp.exe (SPShiori::HookAPICall->0x71)
78 : 0054d750/0014c750 <RAW> [0019f3b8,00000004,0019f87c,02d5f578] @ ssp.exe (SPShiori::ClearTeachArray->0x60)
79 : 004e0760/000df760 <RAW> [0019f814,00000000,00000000,00000000] @ ssp.exe (SPGhost::TalkBootMessage->0x890)
80 : 004dfdf0/000dedf0 <RAW> [007c1a7c,00000000,007c173c,00000000] @ ssp.exe (SPGhost::OnSurfaceChange->0x1e0)
81 : 0040763e/0000663e <RAW> [000000a2,000000e6,00000001,000000e6] @ ssp.exe (CCharWndCode::CCWC_PreTranslateMessage->0x4e)
82 : 0045af6f/00059f6f <RAW> [00000001,000000a2,000000e6,00e600a2] @ ssp.exe (CSakuraWnd::OnLButtonDblClk->0xdf)
83 : 00791973/00390973 <RAW> [0045af40,007d1a10,007d1a78,0019f9bc] @ ssp.exe (CWnd::AttachControlSite->0x23)
84 : 007913ea/003903ea <RAW> [00000203,00000001,00e600a2,00000203] @ ssp.exe (CCmdUI::SetCheck->0xa)
85 : 0045ebd0/0005dbd0 <RAW> [00000203,00000001,00e600a2,00000203] @ ssp.exe (CSakuraWnd::OnTaskTray->0xa0)
86 : 00790178/0038f178 <RAW> [0639ddd0,00000000,00000203,00000001] @ ssp.exe (CWnd::OnDisplayChange->0x48)
87 : 0079042d/0038f42d <RAW> [001009c2,00000203,00000001,00e600a2] @ ssp.exe (CWnd::UpdateData->0x6d)
88 : 75bf444b/0004344b <RAW> [007903f0,001009c2,00000203,00000001] @ USER32.dll (AddClipboardFormatListener->0x4b)
89 : 75bd4f8c/00023f8c <RAW> [007903f0,00000000,00000203,00000001] @ USER32.dll (CallWindowProcW->0xb2c)
90 : 75bd44df/000234df <RAW> [ffff0863,001009c2,00000203,00000001] @ USER32.dll (CallWindowProcW->0x7f)
91 : 70e06a4d/00075a4d <RAW> [00000203,00000001,00e600a2,fae3699b] @ COMCTL32.dll (DefSubclassProc->0x1ad)
92 : 70e06aeb/00075aeb <RAW> [00000203,00000001,00e600a2,fae369f7] @ COMCTL32.dll (DefSubclassProc->0x24b)
93 : 70e06801/00075801 <RAW> [001009c2,00000203,00000001,00e600a2] @ COMCTL32.dll (RemoveWindowSubclass->0x331)
94 : 75bf444b/0004344b <RAW> [70e06760,001009c2,00000203,00000001] @ USER32.dll (AddClipboardFormatListener->0x4b)
95 : 75bd4f8c/00023f8c <RAW> [70e06760,00000000,00000203,00000001] @ USER32.dll (CallWindowProcW->0xb2c)
96 : 75bd40de/000230de <RAW> [0019fe98,00459c0d,008a5cf8,00000002] @ USER32.dll (DispatchMessageW->0x22e)
97 : 75bee850/0003d850 <RAW> [008a5cf8,00000002,008a5cc8,00000294] @ USER32.dll (DispatchMessageA->0x10)
98 : 00459c0d/00058c0d <RAW> [008a5cc8,008a5cc8,ffffffff,00000000] @ ssp.exe (CSakuraDropTarget::~CSakuraDropTarget->0xd)
99 : 00794108/00393108 <RAW> [008a5cc8,00795ba8,0077db57,00000000] @ ssp.exe (CPaintDC::CPaintDC->0x38)
100 : 00794d51/00393d51 <RAW> [00400000,00000000,009b6b85,00000001] @ ssp.exe (CWinApp::DoMessageBox->0x61)
101 : 0078e018/0038d018 <RAW> [00400000,00000000,009b6b85,00000001] @ ssp.exe (afxMapHWND->0x88)
102 : 0077dc37/0037cc37 <RAW> [00332000,760c6340,0019ffdc,76ed7b74] @ ssp.exe (__sbh_resize_block        0077da72 f   libcmt:sbheap.obj->0x1c5)
103 : 760c6359/00006359 <RAW> [00332000,e9f2f72a,00000000,00000000] @ KERNEL32.DLL (BaseThreadInitThunk->0x19)
104 : 76ed7b74/00066b74 <RAW> [ffffffff,76ef8f37,00000000,00000000] @ ntdll.dll (RtlGetAppContainerNamedObjectPath->0xe4)
105 : 76ed7b44/00066b44 <RAW> [0077db57,00332000,00000000,78746341] @ ntdll.dll (RtlGetAppContainerNamedObjectPath->0xb4)

Total StackDepth : 106
STACKTRC.TXT (76,644 bytes)   

ponapalt

2020-04-05 21:44

administrator   ~0000135

It's aya.dll internal problem and I can't investigate what really happened.
Do you have any additional information to reproduce this problem?

guest

2020-04-06 14:43

reporter   ~0000136

yaya.log is break in here:

// request to library
// name : C:\Users\steve02081504\Desktop\ssp\ghost\Taromati2\ghost\master\saori\saori_ip.dll
GET Version SAORI/1.0
Charset: default
Sender: AYA

this saori can work on ssp2.2.18.3 with same yaya.dll
maybe it's a saori bug?

useage:
_hostname=FUNCTIONEX("saori\saori_ip.dll","host")
_ipaddress=FUNCTIONEX("saori\saori_ip.dll","ip")

saori_ip.dll (45,056 bytes)

guest

2020-04-06 16:21

reporter   ~0000138

there is yaya.log on ssp2.2.18.3:

// request to library
// name : C:\Users\steve02081504\Desktop\Kikka\ghost\Taromati2\ghost\master\saori\saori_ip.dll
EXECUTE SAORI/1.0
Charset: default
Sender: AYA
SecurityLevel: Local
Argument0: host

// response (Execution time : 0[ms])
SAORI/1.0 200 OK
Result: DESKTOP-L6N15MF
Charset: Shift_JIS

// request to library
// name : C:\Users\steve02081504\Desktop\Kikka\ghost\Taromati2\ghost\master\saori\saori_ip.dll
EXECUTE SAORI/1.0
Charset: default
Sender: AYA
SecurityLevel: Local
Argument0: ip

// response (Execution time : 0[ms])
SAORI/1.0 200 OK
Result: 192.168.1.114
Charset: Shift_JIS

// request to library
// name : C:\Users\steve02081504\Desktop\Kikka\ghost\Taromati2\ghost\master\saori\cpuusage.dll
EXECUTE SAORI/1.0
Charset: default
Sender: AYA
SecurityLevel: Local
Argument0: get

ponapalt

2020-04-06 20:01

administrator   ~0000139

Do you have manual, specification, or some sort of documents of saori_ip.dll ?
I can't find it.

guest

2020-04-06 21:51

reporter   ~0000140

i'm sorry that i can't find it two.....
the only thing i can find is how to use it
maybe i can rewrite an alternative
sorry to bother you

ponapalt

2020-04-07 04:38

administrator   ~0000141

I think this problem is caused by WSAStartup and WSACleanup winsock api call, because they are already used by SSP.
I'll patch it.

ponapalt

2020-04-07 12:24

administrator   ~0000142

2.4.68 patched

Issue History

Date Modified Username Field Change
2020-04-05 15:27 guest New Issue
2020-04-05 19:27 guest Note Added: 0000133
2020-04-05 19:27 guest File Added: STACKTRC.TXT
2020-04-05 21:44 ponapalt Assigned To => ponapalt
2020-04-05 21:44 ponapalt Status new => acknowledged
2020-04-05 21:44 ponapalt Note Added: 0000135
2020-04-06 14:43 guest Note Added: 0000136
2020-04-06 14:43 guest File Added: saori_ip.dll
2020-04-06 16:21 guest Note Added: 0000138
2020-04-06 20:01 ponapalt Note Added: 0000139
2020-04-06 21:51 guest Note Added: 0000140
2020-04-07 04:38 ponapalt Note Added: 0000141
2020-04-07 12:24 ponapalt Status acknowledged => closed
2020-04-07 12:24 ponapalt Resolution open => fixed
2020-04-07 12:24 ponapalt Fixed in Version => 2.4 (リリース)
2020-04-07 12:24 ponapalt Note Added: 0000142