SPDebugger/2.17.24106.A Windows NT 10.0.19044 UAC: Enabled,Limited Time: 2022/4/12 14:26:15.674 Phys.Mem: 29250/32664MB PageFile: 32694/37528MB CPU : AMD 0.23.1.0 3593MHz Features:MMX SSE HT AES-NI (AMD Ryzen 5 3600 6-Core Processor) Package:1 Node:1 Core:6 Thread:12 SSP/2.5.89 (20220406-1; Windows NT 10.0.19044) Volume Information: C:\ Fixed [ 620678MB Free | 976072MB Total | 63%] (NTFS,Normal) D:\ Fixed [ 320090MB Free | 953867MB Total | 33%] (NTFS,Normal) E:\ Fixed [ 360710MB Free | 953867MB Total | 37%] (NTFS,Normal) Monitor Information: 0: \\.\DISPLAY1 - Work=0,0,1920,1040 Size=1920x1080 [PRIMARY] Env. Variables: =::=::\ ALLUSERSPROFILE=C:\ProgramData AMDRMPATH=C:\Program Files\AMD\RyzenMaster\ APPDATA=C:\Users\Dannis\AppData\Roaming CommonProgramFiles=C:\Program Files (x86)\Common Files CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files CommonProgramW6432=C:\Program Files\Common Files COMPUTERNAME=STEAK ComSpec=C:\Windows\system32\cmd.exe DriverData=C:\Windows\System32\Drivers\DriverData FPS_BROWSER_APP_PROFILE_STRING=Internet Explorer FPS_BROWSER_USER_PROFILE_STRING=Default HOMEDRIVE=C: HOMEPATH=\Users\Dannis LOCALAPPDATA=C:\Users\Dannis\AppData\Local LOGONSERVER=\\STEAK NUMBER_OF_PROCESSORS=12 OneDrive=C:\Users\Dannis\OneDrive OneDriveConsumer=C:\Users\Dannis\OneDrive OS=Windows_NT Path=D:\SSP\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\VMware\VMware Workstation\bin\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Users\Dannis\Documents\adb;C:\Users\Dannis\AppData\Local\Microsoft\WindowsApps;;C:\Users\Dannis\AppData\Local\Programs\Microsoft VS Code\bin PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE=x86 PROCESSOR_ARCHITEW6432=AMD64 PROCESSOR_IDENTIFIER=AMD64 Family 23 Model 113 Stepping 0, AuthenticAMD PROCESSOR_LEVEL=23 PROCESSOR_REVISION=7100 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files (x86) ProgramFiles(x86)=C:\Program Files (x86) ProgramW6432=C:\Program Files PSModulePath=C:\Program Files\WindowsPowerShell\Modules;C:\Windows\system32\WindowsPowerShell\v1.0\Modules PUBLIC=C:\Users\Public SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\Dannis\AppData\Local\Temp TMP=C:\Users\Dannis\AppData\Local\Temp USERDOMAIN=STEAK USERDOMAIN_ROAMINGPROFILE=STEAK USERNAME=Dannis USERPROFILE=C:\Users\Dannis windir=C:\Windows Loaded Drivers: -36f60000 : mcupdate_AuthenticAMD.dll -36f90000 : hal.dll -36fa0000 : kd.dll -36fb0000 : tm.sys -36fe0000 : CLFS.SYS -37050000 : PSHED.dll -37070000 : BOOTVID.dll -37080000 : clipsp.sys -371a0000 : FLTMGR.SYS -37210000 : ksecdd.sys -37240000 : msrpc.sys -372b0000 : cmimcext.sys -372c0000 : werkernel.sys -372e0000 : ntosext.sys -372f0000 : WDFLDR.SYS -37310000 : SleepStudyHelper.sys -37320000 : WppRecorder.sys -37340000 : SgrmAgent.sys -37400000 : HTTP.sys -37590000 : bowser.sys -375c0000 : mpsdrv.sys -375e0000 : mrxsmb.sys -37680000 : mrxsmb20.sys -376d0000 : condrv.sys -376f0000 : vmx86.sys -37720000 : AMDRyzenMasterDriver.sys -37760000 : AMDRyzenMasterDriver.sys -37770000 : AMDRyzenMasterDriver.sys -377b0000 : srvnet.sys -37810000 : hcmon.sys -37830000 : peauth.sys -37910000 : tcpipreg.sys -37930000 : Ndu.sys -37960000 : vstor2-x64.sys -37970000 : srv2.sys -37a40000 : rassstp.sys -37a60000 : NDProxy.sys -37a80000 : AgileVpn.sys -37ab0000 : vwifimp.sys -37ad0000 : rasl2tp.sys -37b00000 : raspptp.sys -37b30000 : raspppoe.sys -37b50000 : ndistapi.sys -37b60000 : ndiswan.sys -37ba0000 : logi_joy_vir_hid.sys -38000000 : mslldp.sys -38020000 : rspndr.sys -38040000 : vmnetuserif.sys -38050000 : wanarp.sys -38070000 : ndisuio.sys -38090000 : nwifi.sys -38150000 : msquic.sys -3a400000 : ntoskrnl.exe -3c800000 : CI.dll -3c8f0000 : cng.sys -3c9b0000 : Wdf01000.sys -3ca90000 : acpiex.sys -3cac0000 : mssecflt.sys -3cb20000 : ACPI.sys -3cbf0000 : WMILIB.SYS -3cc00000 : msisadrv.sys -3cc10000 : pci.sys -3cc90000 : tpm.sys -3cce0000 : intelpep.sys -3cd50000 : WindowsTrustedRT.sys -3cd70000 : IntelTA.sys -3cd80000 : WindowsTrustedRTProxy.sys -3cd90000 : pcw.sys -3cdb0000 : vdrvroot.sys -3cdd0000 : pdc.sys -3ce00000 : CEA.sys -3ce20000 : partmgr.sys -3ce60000 : spaceport.sys -3cf10000 : volmgr.sys -3cf30000 : volmgrx.sys -3cfa0000 : vsock.sys -3cfc0000 : vmci.sys -3cfe0000 : mountmgr.sys -3d000000 : storahci.sys -3d040000 : storport.sys -3d100000 : stornvme.sys -3d130000 : secnvme.sys -3d160000 : EhStorTcgDrv.sys -3d190000 : EhStorClass.sys -3d1b0000 : fileinfo.sys -3d1d0000 : Wof.sys -3d220000 : Fs_Rec.sys -3d230000 : ndis.sys -3d3a0000 : ksecpkg.sys -3d3e0000 : amdpsp.sys -3d3f0000 : volume.sys -3d400000 : Ntfs.sys -3d6e0000 : NETIO.SYS -3d780000 : tcpip.sys -3da70000 : fwpkclnt.sys -3daf0000 : wfplwfs.sys -3db30000 : fvevol.sys -3dc00000 : volsnap.sys -3dc70000 : rdyboost.sys -3dcd0000 : mup.sys -3dd00000 : iorate.sys -3dd40000 : hrdevmon_win10.sys -3dd50000 : disk.sys -3dd70000 : CLASSPNP.SYS -43e00000 : dxgkrnl.sys -441b0000 : watchdog.sys -441d0000 : BasicDisplay.sys -441f0000 : BasicRender.sys -44210000 : Npfs.SYS -44230000 : Msfs.SYS -44250000 : CimFS.SYS -44270000 : sysdiag_win10.sys -44310000 : tdx.sys -44340000 : TDI.SYS -44360000 : LgdCatcherTdi.sys -44380000 : LgdCatcher.sys -443a0000 : ws2ifsl.sys -443b0000 : netbt.sys -44410000 : afunix.sys -44430000 : afd.sys -444e0000 : vwififlt.sys -44500000 : pacer.sys -44530000 : ndiscap.sys -44550000 : netbios.sys -44570000 : Vid.sys -44650000 : crashdmp.sys -44670000 : bindflt.sys -446a0000 : hrwfpdrv_win10.sys -446e0000 : vmnetbridge.sys -44700000 : lltdio.sys -44730000 : cdrom.sys -44770000 : filecrypt.sys -44790000 : tbs.sys -447a0000 : Null.SYS -447b0000 : Beep.SYS -447c0000 : vmkbd.sys -447d0000 : winhvr.sys -44800000 : nsiproxy.sys -44820000 : npsvctrig.sys -44830000 : mssmbios.sys -44850000 : gpuenergydrv.sys -44860000 : dfsc.sys -448b0000 : fastfat.SYS -44920000 : bam.sys -44940000 : ahcache.sys -44990000 : vmnetadapter.sys -449a0000 : VMNET.SYS -449b0000 : CompositeBus.sys -449d0000 : kdnic.sys -449e0000 : umbus.sys -44a00000 : CAD.sys -44a20000 : amdppm.sys -44a60000 : wmiacpi.sys -44a70000 : USBXHCI.SYS -44b10000 : ucx01000.sys -44b60000 : RtsPer.sys -44cb0000 : rt640x64.sys -44dd0000 : Netwtw10.sys -452d0000 : wdiwifi.sys -453d0000 : vwifibus.sys -453e0000 : nvhda64v.sys -45410000 : ksthunk.sys -45420000 : cldflt.sys -454b0000 : storqosflt.sys -454d0000 : rdbss.sys -45550000 : csc.sys -45e00000 : usbvideo.sys -45e60000 : hidusb.sys -45e80000 : kbdhid.sys -45eb0000 : dump_diskdump.sys -45ef0000 : dump_secnvme.sys -45f40000 : dump_dumpfve.sys -45f60000 : ibtusb.sys -46570000 : BTHUSB.sys -465a0000 : BTHport.sys -46730000 : rfcomm.sys -46770000 : BthEnum.sys -467a0000 : bthpan.sys -467d0000 : Microsoft.Bluetooth.Legacy.LEEnumerator.sys -46800000 : dxgmms2.sys -468f0000 : monitor.sys -46910000 : luafv.sys -46940000 : mmcss.sys -46970000 : RTKVHD64.sys -470c0000 : MBfilt64.sys -470d0000 : hidi2c.sys -470f0000 : ANXUcmCxCD.sys -47150000 : mouhid.sys -47170000 : MTConfig.sys -47180000 : usbccgp.sys -471c0000 : wcifs.sys -47e00000 : portcls.sys -47e70000 : drmk.sys -47ea0000 : ks.sys -47f20000 : UcmCxUcsiNvppc.sys -47fd0000 : UcmCx.sys -48000000 : AMDPCIDev.sys -48010000 : i8042prt.sys -48040000 : HKKbdFltr.sys -48050000 : kbdclass.sys -48070000 : HKMouFltr.sys -48080000 : mouclass.sys -480a0000 : CmBatt.sys -480b0000 : BATTC.SYS -480d0000 : AcpiBridge.sys -480e0000 : AirplaneModeHid.sys -480f0000 : mshidkmdf.sys -48100000 : HIDCLASS.SYS -48140000 : HIDPARSE.SYS -48160000 : amdgpio2.sys -48170000 : msgpioclx.sys -481b0000 : amdi2c.sys -481d0000 : SpbCx.sys -481f0000 : amdgpio3.sys -48200000 : UEFI.sys -48210000 : NdisVirtualBus.sys -48220000 : swenum.sys -48230000 : logi_joy_bus_enum.sys -48240000 : logi_joy_xlcore.sys -48260000 : rdpbus.sys -48270000 : UsbHub3.sys -48320000 : USBD.SYS -48330000 : nvlddmkm.sys -4a9d0000 : HDAudBus.sys -60600000 : win32kbase.sys -60a70000 : win32k.sys -614b0000 : win32kfull.sys -61870000 : cdd.dll Executing Processes: [With ToolHelp32] -00000000 : [System Process] (12 Threads.) -00000004 : System (288 Threads.) -00000094 : Registry (4 Threads.) -00000214 : smss.exe (2 Threads.) 10.0.19041.964 - Windows 会话管理器 ? Microsoft Corporation. All rights reserved. -00000318 : csrss.exe (13 Threads.) 10.0.19041.546 - Client Server Runtime Process ? Microsoft Corporation. All rights reserved. -00000358 : wininit.exe (1 Threads.) 10.0.19041.1620 - Windows 启动应用程序 ? Microsoft Corporation. All rights reserved. -00000360 : csrss.exe (15 Threads.) 10.0.19041.546 - Client Server Runtime Process ? Microsoft Corporation. All rights reserved. -000003ac : services.exe (10 Threads.) 10.0.19041.928 - 服务和控制器应用 ? Microsoft Corporation. All rights reserved. -000003c8 : lsass.exe (10 Threads.) 10.0.19041.1586 - Local Security Authority Process ? Microsoft Corporation. All rights reserved. -00000064 : svchost.exe (12 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000040c : fontdrvhost.exe (5 Threads.) 10.0.19041.1620 - Usermode Font Driver Host ? Microsoft Corporation. All rights reserved. -0000044c : svchost.exe (9 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000478 : svchost.exe (4 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000004b0 : winlogon.exe (4 Threads.) 10.0.19041.1620 - Windows 登录应用程序 ? Microsoft Corporation. All rights reserved. -000004e8 : fontdrvhost.exe (5 Threads.) 10.0.19041.1620 - Usermode Font Driver Host ? Microsoft Corporation. All rights reserved. -00000554 : dwm.exe (22 Threads.) 10.0.19041.746 - 桌面窗口管理器 ? Microsoft Corporation. All rights reserved. -00000568 : svchost.exe (3 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000570 : svchost.exe (5 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000578 : svchost.exe (11 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000614 : svchost.exe (5 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000061c : svchost.exe (2 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000006b4 : svchost.exe (12 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000006e4 : svchost.exe (6 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000704 : svchost.exe (7 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000072c : svchost.exe (8 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000748 : svchost.exe (5 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000770 : svchost.exe (7 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000007e8 : svchost.exe (3 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000824 : svchost.exe (6 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000854 : svchost.exe (11 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000008c4 : svchost.exe (6 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000008fc : svchost.exe (4 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000918 : HipsDaemon.exe (67 Threads.) -000009c0 : svchost.exe (9 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000009cc : dasHost.exe (5 Threads.) 10.0.19041.1 - Device Association Framework Provider Host ? Microsoft Corporation. All rights reserved. -00000a08 : svchost.exe (3 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000a54 : svchost.exe (5 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000a5c : svchost.exe (11 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000aec : svchost.exe (4 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000b2c : svchost.exe (11 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000b80 : NVDisplay.Container.exe (9 Threads.) -0000067c : svchost.exe (3 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000404 : svchost.exe (5 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000007e4 : svchost.exe (5 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000bdc : NVDisplay.Container.exe (37 Threads.) -00000bfc : Memory Compression (34 Threads.) -00000c20 : svchost.exe (2 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000c68 : svchost.exe (3 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000c70 : svchost.exe (7 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000cec : svchost.exe (16 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000d20 : usysdiag.exe (31 Threads.) -00000e18 : wsctrlsvc.exe (4 Threads.) -00000e54 : WmiPrvSE.exe (5 Threads.) 10.0.19041.546 - WMI Provider Host ? Microsoft Corporation. All rights reserved. -00000ec4 : svchost.exe (25 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000f40 : svchost.exe (10 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000df8 : svchost.exe (10 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000e04 : svchost.exe (4 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000105c : svchost.exe (16 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001090 : svchost.exe (5 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000010c0 : spoolsv.exe (9 Threads.) 10.0.19041.1620 - 后台处理程序子系统应用 ? Microsoft Corporation. All rights reserved. -000010e4 : svchost.exe (14 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001120 : svchost.exe (6 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000011b4 : wlanext.exe (3 Threads.) 10.0.19041.1 - Windows Wireless LAN 802.11 Extensibility Framework ? Microsoft Corporation. All rights reserved. -000011bc : conhost.exe (3 Threads.) 10.0.19041.1566 - 控制台窗口主进程 ? Microsoft Corporation. All rights reserved. -00001254 : sihost.exe (13 Threads.) 10.0.19041.746 - Shell Infrastructure Host ? Microsoft Corporation. All rights reserved. -00001274 : svchost.exe (14 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000127c : svchost.exe (2 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000129c : WmiPrvSE.exe (7 Threads.) 10.0.19041.546 - WMI Provider Host ? Microsoft Corporation. All rights reserved. -000012f4 : svchost.exe (10 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001360 : svchost.exe (11 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001374 : DCHUService.exe (7 Threads.) -0000137c : vmware-authd.exe (5 Threads.) -0000138c : NutstoreDriverSvc.exe (11 Threads.) -00001394 : svchost.exe (8 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000139c : svchost.exe (7 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000013ac : svchost.exe (3 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000013bc : svchost.exe (18 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000013c4 : Creative.UWPRPCService.exe (2 Threads.) -000013cc : HKClipSvc.exe (3 Threads.) -000013dc : vmnat.exe (5 Threads.) -000013e4 : svchost.exe (7 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000013ec : svchost.exe (7 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000013f4 : RtkAudUService64.exe (10 Threads.) 1.0.285.1 - Realtek HD Audio Universal Service 2020 (c) Realtek Semiconductor. All rights reserved. -000013fc : vmnetdhcp.exe (2 Threads.) -00001084 : vmware-usbarbitrator64.exe (5 Threads.) -00000e94 : svchost.exe (5 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000e90 : lghub_updater.exe (39 Threads.) -00001144 : OfficeClickToRun.exe (23 Threads.) -00000974 : svchost.exe (2 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000140c : svchost.exe (5 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001480 : PopBlock.exe (5 Threads.) -000014cc : taskhostw.exe (9 Threads.) 10.0.19041.1503 - Windows 任务的主机进程 ? Microsoft Corporation. All rights reserved. -000015a0 : steamcommunity_302_V12.0.7.exe (31 Threads.) -000015a8 : svchost.exe (18 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000160c : svchost.exe (5 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000016d8 : svchost.exe (3 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001744 : svchost.exe (4 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001814 : svchost.exe (15 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000018fc : ctfmon.exe (17 Threads.) 10.0.19041.1 - CTF 加载程序 ? Microsoft Corporation. All rights reserved. -00001be0 : explorer.exe (116 Threads.) 10.0.19041.1620 - Windows 资源管理器 ? Microsoft Corporation. All rights reserved. -00001324 : svchost.exe (12 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001d30 : svchost.exe (8 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001df4 : SearchIndexer.exe (18 Threads.) 7.0.19041.1620 - Microsoft Windows Search 索引器 ? Microsoft Corporation. All rights reserved. -00001e7c : svchost.exe (2 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001ea8 : svchost.exe (4 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001ed4 : svchost.exe (12 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001f60 : SearchProtocolHost.exe (7 Threads.) 7.0.19041.1620 - Microsoft Windows Search Protocol Host ? Microsoft Corporation. All rights reserved. -0000130c : ChsIME.exe (4 Threads.) -00002030 : StartMenuExperienceHost.exe (16 Threads.) -000020a8 : svchost.exe (4 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002114 : RuntimeBroker.exe (3 Threads.) 10.0.19041.746 - Runtime Broker ? Microsoft Corporation. All rights reserved. -00002194 : SearchApp.exe (51 Threads.) -000022ec : RuntimeBroker.exe (11 Threads.) 10.0.19041.746 - Runtime Broker ? Microsoft Corporation. All rights reserved. -000023d4 : LockApp.exe (25 Threads.) -00002414 : RuntimeBroker.exe (3 Threads.) 10.0.19041.746 - Runtime Broker ? Microsoft Corporation. All rights reserved. -00002650 : RuntimeBroker.exe (12 Threads.) 10.0.19041.746 - Runtime Broker ? Microsoft Corporation. All rights reserved. -00002770 : HipsTray.exe (12 Threads.) -00002608 : RtkAudUService64.exe (9 Threads.) 1.0.285.1 - Realtek HD Audio Universal Service 2020 (c) Realtek Semiconductor. All rights reserved. -00002420 : SettingSyncHost.exe (6 Threads.) 10.0.19041.1320 - Host Process for Setting Synchronization ? Microsoft Corporation. All rights reserved. -000028cc : lghub.exe (28 Threads.) -0000297c : svchost.exe (4 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002984 : svchost.exe (3 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000029c8 : svchost.exe (5 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000029fc : svchost.exe (6 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002a64 : svchost.exe (8 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002ac0 : lghub_agent.exe (148 Threads.) -00002b30 : lghub.exe (20 Threads.) -00002808 : lghub.exe (9 Threads.) -00002c5c : unsecapp.exe (4 Threads.) 10.0.19041.1320 - Sink to receive asynchronous callbacks for WMI client application ? Microsoft Corporation. All rights reserved. -00002e78 : TextInputHost.exe (34 Threads.) -00002e94 : Screenpresso.exe (14 Threads.) -00002fc8 : svchost.exe (2 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002c90 : ScreenpressoRpc.exe (8 Threads.) -00002cb0 : svchost.exe (8 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000006a8 : Taskmgr.exe (17 Threads.) 10.0.19041.1202 - 任务管理器 ? Microsoft Corporation. All rights reserved. -000017d4 : QQ.exe (86 Threads.) -00002264 : steamcommunity_302.caddy (15 Threads.) -00002288 : conhost.exe (4 Threads.) 10.0.19041.1566 - 控制台窗口主进程 ? Microsoft Corporation. All rights reserved. -00002388 : TXPlatform.exe (4 Threads.) -000030d8 : ShellExperienceHost.exe (19 Threads.) -0000321c : audiodg.exe (3 Threads.) 10.0.19041.1503 - Windows 音频设备图形隔离 ? Microsoft Corporation. All rights reserved. -00003224 : RuntimeBroker.exe (4 Threads.) 10.0.19041.746 - Runtime Broker ? Microsoft Corporation. All rights reserved. -000033e8 : dllhost.exe (6 Threads.) 10.0.19041.546 - COM Surrogate ? Microsoft Corporation. All rights reserved. -000005b0 : svchost.exe (5 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000860 : ApplicationFrameHost.exe (3 Threads.) 10.0.19041.746 - Application Frame Host ? Microsoft Corporation. All rights reserved. -000006f8 : SystemSettings.exe (30 Threads.) -00001238 : Music.UI.exe (23 Threads.) -000034e4 : mmc.exe (12 Threads.) 10.0.19041.1586 - Microsoft 管理控制台 ? Microsoft Corporation. All rights reserved. -000037f4 : svchost.exe (1 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000032c4 : SgrmBroker.exe (6 Threads.) 10.0.19041.546 - System Guard 运行时监视器代理服务 ? Microsoft Corporation. All rights reserved. -0000021c : svchost.exe (6 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000778 : svchost.exe (8 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000a90 : SecurityHealthService.exe (4 Threads.) 4.18.1907.16384 - Windows Security Health Service ? Microsoft Corporation. All rights reserved. -000015f8 : svchost.exe (2 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002ef0 : smartscreen.exe (10 Threads.) 10.0.19041.1566 - Windows Defender SmartScreen ? Microsoft Corporation. All rights reserved. ==> -000004e4 : ssp.exe (28 Threads.) 2.5.89.3000 - SSP (C) D-EXCLAMATION / SSP BUGTRAQ -00000f24 : svchost.exe (4 Threads.) 10.0.19041.1566 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000eb4 : dllhost.exe (5 Threads.) 10.0.19041.546 - COM Surrogate ? Microsoft Corporation. All rights reserved. -00000714 : HipsMain.exe (14 Threads.) -000007e0 : HRConfig.exe (9 Threads.) -00003368 : UserOOBEBroker.exe (4 Threads.) -00000724 : SearchFilterHost.exe (7 Threads.) 7.0.19041.1620 - Microsoft Windows Search Filter Host ? Microsoft Corporation. All rights reserved. -00002dbc : dllhost.exe (8 Threads.) 10.0.19041.546 - COM Surrogate ? Microsoft Corporation. All rights reserved. Executing Threads: [With ToolHelp32] ==> -00000784 : 8(0) -00001c6c : 8(0) -000022dc : 8(0) -00002870 : 8(0) -00002754 : 8(0) -00001604 : 7(0) -00002ca0 : 8(0) -000035f8 : 8(0) -00002ff4 : 9(0) -00002d90 : 7(0) -000035ec : 8(0) -00001cac : 8(0) -00001cc8 : 8(0) -00002f5c : 8(0) -00001874 : 7(0) -00002e10 : 7(0) -0000135c : 8(0) -000025f4 : 7(0) -00001b58 : 7(0) -00001da0 : 7(0) -00000818 : 8(0) -00001858 : 8(0) -00002130 : 8(0) -00002120 : 8(0) -00002704 : 8(0) -00002a28 : 8(0) -00001350 : 8(0) -0000367c : 8(0) Executing Services: [With SCM/NT] ---AJRouter (AllJoyn Router Service) - Stopped/Paused ---ALG (Application Layer Gateway Service) - Stopped/Paused ---AppIDSvc (Application Identity) - Stopped/Paused ***Appinfo (Application Information) - Running ---AppMgmt (Application Management) - Stopped/Paused ---AppReadiness (App Readiness) - Stopped/Paused ---AppVClient (Microsoft App-V Client) - Stopped/Paused ***AppXSvc (AppX Deployment Service (AppXSVC)) - Running ---AssignedAccessManagerSvc (AssignedAccessManager 服务) - Stopped/Paused ***AudioEndpointBuilder (Windows Audio Endpoint Builder) - Running ***Audiosrv (Windows Audio) - Running ---autotimesvc (手机网络时间) - Stopped/Paused ---AxInstSV (ActiveX Installer (AxInstSV)) - Stopped/Paused ***BDESVC (BitLocker Drive Encryption Service) - Running ***BFE (Base Filtering Engine) - Running ---BITS (Background Intelligent Transfer Service) - Stopped/Paused ***BrokerInfrastructure (Background Tasks Infrastructure Service) - Running ***BTAGService (蓝牙音频网关服务) - Running ***BthAvctpSvc (AVCTP 服务) - Running ***bthserv (蓝牙支持服务) - Running ---camsvc (功能访问管理器服务) - Stopped/Paused ***CCDCHUService (Control Center Hotkey Service) - Running ***CDPSvc (连接设备平台服务) - Running ---CertPropSvc (Certificate Propagation) - Stopped/Paused ***ClickToRunSvc (Microsoft Office Click-to-Run Service) - Running ***ClipSVC (Client License Service (ClipSVC)) - Running ---cloudidsvc (Microsoft 云标识服务) - Stopped/Paused ---COMSysApp (COM+ System Application) - Stopped/Paused ***CoreMessagingRegistrar (CoreMessaging) - Running ***CryptSvc (Cryptographic Services) - Running ---CscService (Offline Files) - Stopped/Paused ***DcomLaunch (DCOM Server Process Launcher) - Running ---defragsvc (Optimize drives) - Stopped/Paused ***DeviceAssociationService (Device Association Service) - Running ---DeviceInstall (Device Install Service) - Stopped/Paused ---DevQueryBroker (DevQuery Background Discovery Broker) - Stopped/Paused ***Dhcp (DHCP Client) - Running ---diagnosticshub.standardcollector.service (Microsoft (R) 诊断中心标准收集器服务) - Stopped/Paused ---diagsvc (Diagnostic Execution Service) - Stopped/Paused ***DiagTrack (Connected User Experiences and Telemetry) - Running ---DialogBlockingService (DialogBlockingService) - Stopped/Paused ***DispBrokerDesktopSvc (显示策略服务) - Running ***DisplayEnhancementService (显示增强服务) - Running ---DmEnrollmentSvc (设备管理注册服务) - Stopped/Paused ---dmwappushservice (设备管理无线应用程序协议 (WAP) 推送消息路由服务) - Stopped/Paused ***Dnscache (DNS Client) - Running ---DoSvc (Delivery Optimization) - Stopped/Paused ---dot3svc (Wired AutoConfig) - Stopped/Paused ***DPS (Diagnostic Policy Service) - Running ---DsmSvc (Device Setup Manager) - Stopped/Paused ---DsSvc (Data Sharing Service) - Stopped/Paused ***DusmSvc (数据使用量) - Running ---Eaphost (Extensible Authentication Protocol) - Stopped/Paused ---EasyAntiCheat (EasyAntiCheat) - Stopped/Paused ***EFS (Encrypting File System (EFS)) - Running ---embeddedmode (嵌入模式) - Stopped/Paused ---EntAppSvc (Enterprise App Management Service) - Stopped/Paused ---EpicOnlineServices (Epic Online Services) - Stopped/Paused ***EventLog (Windows Event Log) - Running ***EventSystem (COM+ Event System) - Running ---Fax (Fax) - Stopped/Paused ***fdPHost (Function Discovery Provider Host) - Running ***FDResPub (Function Discovery Resource Publication) - Running ---fhsvc (File History Service) - Stopped/Paused ---FileSyncHelper (FileSyncHelper) - Stopped/Paused ---FlexNet Licensing Service (FlexNet Licensing Service) - Stopped/Paused ***FontCache (Windows Font Cache Service) - Running ---FontCache3.0.0.0 (Windows Presentation Foundation Font Cache 3.0.0.0) - Stopped/Paused ---FrameServer (Windows Camera Frame Server) - Stopped/Paused ---GoogleChromeElevationService (Google Chrome Elevation Service (GoogleChromeElevationService)) - Stopped/Paused ---gpsvc (Group Policy Client) - Stopped/Paused ---GraphicsPerfSvc (GraphicsPerfSvc) - Stopped/Paused ---gupdate (Google 更新服务 (gupdate)) - Stopped/Paused ---gupdatem (Google 更新服务 (gupdatem)) - Stopped/Paused ***hidserv (Human Interface Device Service) - Running ***HipsDaemon (Huorong Internet Security Daemon) - Running ***HKClipSvc (HotKey Clipboard Service) - Running ***HRWSCCtrl (Huorong Windows Security Center) - Running ---HvHost (HV 主机服务) - Stopped/Paused ---icssvc (Windows 移动热点服务) - Stopped/Paused ***IKEEXT (IKE and AuthIP IPsec Keying Modules) - Running ---InstallService (Microsoft Store 安装服务) - Stopped/Paused ***iphlpsvc (IP Helper) - Running ---IpxlatCfgSvc (IP 转换配置服务) - Stopped/Paused ***KeyIso (CNG Key Isolation) - Running ---KtmRm (KtmRm for Distributed Transaction Coordinator) - Stopped/Paused ***LanmanServer (Server) - Running ***LanmanWorkstation (Workstation) - Running ---lfsvc (Geolocation Service) - Stopped/Paused ***LGHUBUpdaterService (LGHUB Updater Service) - Running ***LicenseManager (Windows 许可证管理器服务) - Running ---lltdsvc (Link-Layer Topology Discovery Mapper) - Stopped/Paused ***lmhosts (TCP/IP NetBIOS Helper) - Running ***LSM (Local Session Manager) - Running ---LxpSvc (语言体验服务) - Stopped/Paused ---MapsBroker (Downloaded Maps Manager) - Stopped/Paused ---MixedRealityOpenXRSvc (Windows Mixed Reality OpenXR Service) - Stopped/Paused ***mpssvc (Windows Defender Firewall) - Running ---MSDTC (Distributed Transaction Coordinator) - Stopped/Paused ---MSiSCSI (Microsoft iSCSI Initiator Service) - Stopped/Paused ---msiserver (Windows Installer) - Stopped/Paused ---MsKeyboardFilter (Microsoft 键盘筛选器) - Stopped/Paused ---NaturalAuthentication (自然身份验证) - Stopped/Paused ---NcaSvc (Network Connectivity Assistant) - Stopped/Paused ***NcbService (Network Connection Broker) - Running ***NcdAutoSetup (Network Connected Devices Auto-Setup) - Running ---Netlogon (Netlogon) - Stopped/Paused ---Netman (Network Connections) - Stopped/Paused ***netprofm (Network List Service) - Running ---NetSetupSvc (Network Setup Service) - Stopped/Paused ---NetTcpPortSharing (Net.Tcp Port Sharing Service) - Stopped/Paused ***NgcCtnrSvc (Microsoft Passport Container) - Running ***NgcSvc (Microsoft Passport) - Running ***NlaSvc (Network Location Awareness) - Running ***nsi (Network Store Interface Service) - Running ***NutstoreDriverSvc (Nutstore Minifilter Driver Service) - Running ---NutstoreMaintenance (Nutstore Maintenance Service) - Stopped/Paused ---NutstoreUSN (Nutstore Watcher Service) - Stopped/Paused ***NVDisplay.ContainerLocalSystem (NVIDIA Display Container LS) - Running ---OneDrive Updater Service (OneDrive Updater Service) - Stopped/Paused ---p2pimsvc (Peer Networking Identity Manager) - Stopped/Paused ---p2psvc (Peer Networking Grouping) - Stopped/Paused ***PcaSvc (Program Compatibility Assistant Service) - Running ---PeerDistSvc (BranchCache) - Stopped/Paused ---perceptionsimulation (Windows 感知模拟服务) - Stopped/Paused ---PerfHost (Performance Counter DLL Host) - Stopped/Paused ---PhoneSvc (Phone Service) - Stopped/Paused ---pla (Performance Logs & Alerts) - Stopped/Paused ***PlugPlay (Plug and Play) - Running ---PNRPAutoReg (PNRP Machine Name Publication Service) - Stopped/Paused ---PNRPsvc (Peer Name Resolution Protocol) - Stopped/Paused ---PolicyAgent (IPsec Policy Agent) - Stopped/Paused ***Power (Power) - Running ---PrintNotify (Printer Extensions and Notifications) - Stopped/Paused ***ProfSvc (User Profile Service) - Running ---PushToInstall (Windows PushToInstall 服务) - Stopped/Paused ---qcmtusvc (Qualcomm MTU Service) - Stopped/Paused ---QWAVE (Quality Windows Audio Video Experience) - Stopped/Paused ---RasAuto (Remote Access Auto Connection Manager) - Stopped/Paused ***RasMan (Remote Access Connection Manager) - Running ---RemoteAccess (Routing and Remote Access) - Stopped/Paused ---RemoteRegistry (Remote Registry) - Stopped/Paused ---RetailDemo (零售演示服务) - Stopped/Paused ***RmSvc (无线电管理服务) - Running ***RpcEptMapper (RPC Endpoint Mapper) - Running ---RpcLocator (Remote Procedure Call (RPC) Locator) - Stopped/Paused ***RpcSs (Remote Procedure Call (RPC)) - Running ***RtkAudioUniversalService (Realtek Audio Universal Service) - Running ***SamSs (Security Accounts Manager) - Running ---SCardSvr (Smart Card) - Stopped/Paused ---ScDeviceEnum (Smart Card Device Enumeration Service) - Stopped/Paused ***Schedule (Task Scheduler) - Running ---SCPolicySvc (Smart Card Removal Policy) - Stopped/Paused ---SDRSVC (Windows 备份) - Stopped/Paused ---seclogon (Secondary Logon) - Stopped/Paused ***SecurityHealthService (Windows 安全中心服务) - Running ---SEMgrSvc (付款和 NFC/SE 管理器) - Stopped/Paused ***SENS (System Event Notification Service) - Running ---Sense (Windows Defender Advanced Threat Protection Service) - Stopped/Paused ---SensorDataService (Sensor Data Service) - Stopped/Paused ---SensorService (Sensor Service) - Stopped/Paused ---SensrSvc (Sensor Monitoring Service) - Stopped/Paused ---SessionEnv (Remote Desktop Configuration) - Stopped/Paused ***SgrmBroker (System Guard 运行时监视器代理) - Running ---SharedAccess (Internet Connection Sharing (ICS)) - Stopped/Paused ---SharedRealitySvc (空间数据服务) - Stopped/Paused ***ShellHWDetection (Shell Hardware Detection) - Running ---shpamsvc (Shared PC Account Manager) - Stopped/Paused ---smphost (Microsoft Storage Spaces SMP) - Stopped/Paused ---SmsRouter (Microsoft Windows SMS 路由器服务。) - Stopped/Paused ---SNMPTRAP (SNMP 陷阱) - Stopped/Paused ---spectrum (Windows 感知服务) - Stopped/Paused ***Spooler (Print Spooler) - Running ---sppsvc (Software Protection) - Stopped/Paused ***SSDPSRV (SSDP Discovery) - Running ---ssh-agent (OpenSSH Authentication Agent) - Stopped/Paused ***SstpSvc (Secure Socket Tunneling Protocol Service) - Running ***StateRepository (State Repository Service) - Running ---Steam Client Service (Steam Client Service) - Stopped/Paused ***stisvc (Windows Image Acquisition (WIA)) - Running ***StorSvc (Storage Service) - Running ---svsvc (Spot Verifier) - Stopped/Paused ---swprv (Microsoft Software Shadow Copy Provider) - Stopped/Paused ***SysMain (SysMain) - Running ***SystemEventsBroker (System Events Broker) - Running ***TabletInputService (Touch Keyboard and Handwriting Panel Service) - Running ***TapiSrv (Telephony) - Running ---TermService (Remote Desktop Services) - Stopped/Paused ***Themes (Themes) - Running ---TieringEngineService (Storage Tiers Management) - Stopped/Paused ***TimeBrokerSvc (Time Broker) - Running ***TokenBroker (Web 帐户管理器) - Running ***TrkWks (Distributed Link Tracking Client) - Running ---TroubleshootingSvc (建议疑难解答服务) - Stopped/Paused ---TrustedInstaller (Windows Modules Installer) - Stopped/Paused ---tzautoupdate (自动时区更新程序) - Stopped/Paused ---UevAgentService (User Experience Virtualization Service) - Stopped/Paused ---uhssvc (Microsoft Update Health Service) - Stopped/Paused ---UmRdpService (Remote Desktop Services UserMode Port Redirector) - Stopped/Paused ---upnphost (UPnP Device Host) - Stopped/Paused ***UserManager (User Manager) - Running ***UsoSvc (更新 Orchestrator 服务) - Running ***UWPService (UWP RPC Service) - Running ---VacSvc (立体音频组合器服务) - Stopped/Paused ***VaultSvc (Credential Manager) - Running ---vds (Virtual Disk) - Stopped/Paused ***VMAuthdService (VMware Authorization Service) - Running ---vmicguestinterface (Hyper-V Guest Service Interface) - Stopped/Paused ---vmicheartbeat (Hyper-V Heartbeat Service) - Stopped/Paused ---vmickvpexchange (Hyper-V Data Exchange Service) - Stopped/Paused ---vmicrdv (Hyper-V 远程桌面虚拟化服务) - Stopped/Paused ---vmicshutdown (Hyper-V Guest Shutdown Service) - Stopped/Paused ---vmictimesync (Hyper-V Time Synchronization Service) - Stopped/Paused ---vmicvmsession (Hyper-V PowerShell Direct Service) - Stopped/Paused ---vmicvss (Hyper-V 卷影复制请求程序) - Stopped/Paused ***VMnetDHCP (VMware DHCP Service) - Running ***VMUSBArbService (VMware USB Arbitration Service) - Running ***VMware NAT Service (VMware NAT Service) - Running ---VSS (Volume Shadow Copy) - Stopped/Paused ---W32Time (Windows Time) - Stopped/Paused ---WaaSMedicSvc (Windows 更新医生服务) - Stopped/Paused ---WalletService (WalletService) - Stopped/Paused ---WarpJITSvc (WarpJITSvc) - Stopped/Paused ---wbengine (Block Level Backup Engine Service) - Stopped/Paused ---WbioSrvc (Windows Biometric Service) - Stopped/Paused ***Wcmsvc (Windows Connection Manager) - Running ---wcncsvc (Windows Connect Now - Config Registrar) - Stopped/Paused ***WdiServiceHost (Diagnostic Service Host) - Running ***WdiSystemHost (Diagnostic System Host) - Running ---WdNisSvc (Microsoft Defender Antivirus Network Inspection Service) - Stopped/Paused ---WebClient (WebClient) - Stopped/Paused ---Wecsvc (Windows Event Collector) - Stopped/Paused ---WEPHOSTSVC (Windows Encryption Provider Host Service) - Stopped/Paused ---wercplsupport (Problem Reports Control Panel Support) - Stopped/Paused ---WerSvc (Windows Error Reporting Service) - Stopped/Paused ---WFDSConMgrSvc (WLAN Direct 服务连接管理器服务) - Stopped/Paused ---WiaRpc (Still Image Acquisition Events) - Stopped/Paused ---WinDefend (Microsoft Defender Antivirus Service) - Stopped/Paused ***WinHttpAutoProxySvc (WinHTTP Web Proxy Auto-Discovery Service) - Running ***Winmgmt (Windows Management Instrumentation) - Running ---WinRM (Windows Remote Management (WS-Management)) - Stopped/Paused ---wisvc (Windows 预览体验成员服务) - Stopped/Paused ***WlanSvc (WLAN AutoConfig) - Running ---wlidsvc (Microsoft Account Sign-in Assistant) - Stopped/Paused ---wlpasvc (本地配置文件助手服务) - Stopped/Paused ---WManSvc (Windows 管理服务) - Stopped/Paused ---wmiApSrv (WMI Performance Adapter) - Stopped/Paused ---WMPNetworkSvc (Windows Media Player Network Sharing Service) - Stopped/Paused ---workfolderssvc (Work Folders) - Stopped/Paused ---WpcMonSvc (家长控制) - Stopped/Paused ---WPDBusEnum (Portable Device Enumerator Service) - Stopped/Paused ***WpnService (Windows 推送通知系统服务) - Running ***wscsvc (Security Center) - Running ***WSearch (Windows Search) - Running ---wuauserv (Windows Update) - Stopped/Paused ---WwanSvc (WWAN AutoConfig) - Stopped/Paused ---XblAuthManager (Xbox Live 身份验证管理器) - Stopped/Paused ---XblGameSave (Xbox Live 游戏保存) - Stopped/Paused ---XboxGipSvc (Xbox Accessory Management Service) - Stopped/Paused ---XboxNetApiSvc (Xbox Live 网络服务) - Stopped/Paused ---AarSvc_3e98e (AarSvc_3e98e) - Stopped/Paused ---BcastDVRUserService_3e98e (BcastDVRUserService_3e98e) - Stopped/Paused ***BluetoothUserService_3e98e (BluetoothUserService_3e98e) - Running ---CaptureService_3e98e (CaptureService_3e98e) - Stopped/Paused ***cbdhsvc_3e98e (cbdhsvc_3e98e) - Running ***CDPUserSvc_3e98e (CDPUserSvc_3e98e) - Running ---ConsentUxUserSvc_3e98e (ConsentUxUserSvc_3e98e) - Stopped/Paused ---CredentialEnrollmentManagerUserSvc_3e98e (CredentialEnrollmentManagerUserSvc_3e98e) - Stopped/Paused ---DeviceAssociationBrokerSvc_3e98e (DeviceAssociationBrokerSvc_3e98e) - Stopped/Paused ---DevicePickerUserSvc_3e98e (DevicePickerUserSvc_3e98e) - Stopped/Paused ---DevicesFlowUserSvc_3e98e (DevicesFlowUserSvc_3e98e) - Stopped/Paused ---MessagingService_3e98e (MessagingService_3e98e) - Stopped/Paused ***OneSyncSvc_3e98e (OneSyncSvc_3e98e) - Running ---PimIndexMaintenanceSvc_3e98e (PimIndexMaintenanceSvc_3e98e) - Stopped/Paused ---PrintWorkflowUserSvc_3e98e (PrintWorkflowUserSvc_3e98e) - Stopped/Paused ---UdkUserSvc_3e98e (UdkUserSvc_3e98e) - Stopped/Paused ---UnistoreSvc_3e98e (UnistoreSvc_3e98e) - Stopped/Paused ---UserDataSvc_3e98e (UserDataSvc_3e98e) - Stopped/Paused ***WpnUserService_3e98e (WpnUserService_3e98e) - Running Loaded Modules: [With ToolHelp32] -00400000 : D:\SSP\ssp.exe 2.5.89.3000 - SSP (C) D-EXCLAMATION / SSP BUGTRAQ -014e0000 : D:\SSP\plugin\shared_value\shared_value.dll 1.0.0.0 - Shared Value Plugin Copyright (C) CSaori Project -01610000 : D:\SSP\plugin\SAKNIFE\SAKNIFE.dll 1.5.3.0 - SwissArmyKnife (C) 2004 SSP BUGTRAQ -10000000 : D:\SSP\data\language\chinese-simplified\resource.dll 2.5.86.14 - Language Resource DLL (C) D-EXCLAMATION / SSP BUGTRAQ -13700000 : D:\SSP\ghost\emily4\ghost\master\yaya.dll 5.55.1.0 - yaya -5fcc0000 : C:\Windows\System32\provsvc.dll 10.0.19041.1466 - Windows HomeGroup ? Microsoft Corporation. All rights reserved. -5fd30000 : C:\Windows\system32\IconCodecService.dll 10.0.19041.1 - Converts a PNG part of the icon to a legacy bmp icon ? Microsoft Corporation. All rights reserved. -5fd40000 : C:\Windows\SYSTEM32\msIso.dll 11.0.19041.1586 - Isolation Library for Internet Explorer ? Microsoft Corporation. All rights reserved. -603d0000 : C:\Windows\system32\NetworkExplorer.dll 10.0.19041.1 - Network Explorer ? Microsoft Corporation. All rights reserved. -603f0000 : C:\Program Files\Microsoft OneDrive\21.230.1107.0004\i386\FileSyncShell.dll 21.230.1107.4 - Microsoft OneDrive Shell Extension ? Microsoft Corporation. All rights reserved. -60550000 : C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll 10.0.19041.746 - 触摸键盘和手写面板文本服务框架 ? Microsoft Corporation. All rights reserved. -60980000 : C:\Windows\System32\PortableDeviceApi.dll 10.0.19041.746 - Windows 便携设备 API 组件 ? Microsoft Corporation. All rights reserved. -60aa0000 : C:\Windows\System32\MMDevApi.dll 10.0.19041.1503 - MMDevice API ? Microsoft Corporation. All rights reserved. -60b10000 : C:\Windows\System32\DevDispItemProvider.dll 10.0.19041.546 - DeviceItem inproc devquery 子系统 ? Microsoft Corporation. All rights reserved. -60b30000 : C:\Windows\System32\PlayToDevice.dll 10.0.19041.746 - PLAYTODEVICE DLL ? Microsoft Corporation. All rights reserved. -60b80000 : C:\Windows\System32\dlnashext.dll 10.0.19041.1566 - DLNA Namespace DLL ? Microsoft Corporation. All rights reserved. -60bd0000 : C:\Windows\System32\DAVHLPR.dll 10.0.19041.546 - DAV Helper DLL ? Microsoft Corporation. All rights reserved. -60be0000 : C:\Windows\System32\davclnt.dll 10.0.19041.546 - Web DAV Client DLL ? Microsoft Corporation. All rights reserved. -60c00000 : C:\Windows\System32\ntlanman.dll 10.0.19041.1566 - Microsoft? LAN 管理器 ? Microsoft Corporation. All rights reserved. -60c20000 : C:\Windows\System32\drprov.dll 10.0.19041.546 - Microsoft 远程桌面会话主机服务器网络提供程序 ? Microsoft Corporation. All rights reserved. -60c30000 : C:\Windows\system32\Windows.Storage.Search.dll 10.0.19041.746 - Windows.Storage.Search ? Microsoft Corporation. All rights reserved. -60cd0000 : C:\Windows\System32\StructuredQuery.dll 7.0.19041.746 - Structured Query ? Microsoft Corporation. All rights reserved. -60d60000 : C:\Windows\System32\AssignedAccessRuntime.dll 10.0.19041.1320 - AssignedAccessRuntime ? Microsoft Corporation. All rights reserved. -60d70000 : C:\Windows\System32\Windows.UI.FileExplorer.dll 10.0.19041.1566 - Windows.UI.FileExplorer ? Microsoft Corporation. All rights reserved. -60db0000 : C:\Windows\System32\thumbcache.dll 10.0.19041.1466 - Microsoft 缩略图缓存 ? Microsoft Corporation. All rights reserved. -60e00000 : C:\Windows\SYSTEM32\DUser.dll 10.0.19041.546 - Windows DirectUser Engine ? Microsoft Corporation. All rights reserved. -60e80000 : C:\Windows\SYSTEM32\DUI70.dll 10.0.19041.746 - Windows DirectUI 引擎 ? Microsoft Corporation. All rights reserved. -60fe0000 : C:\Windows\SYSTEM32\policymanager.dll 10.0.19041.1620 - Policy Manager DLL ? Microsoft Corporation. All rights reserved. -61070000 : C:\Windows\SYSTEM32\cscapi.dll 10.0.19041.546 - Offline Files Win32 API ? Microsoft Corporation. All rights reserved. -61080000 : C:\Windows\SYSTEM32\ntshrui.dll 10.0.19041.844 - 用于共享的外壳扩展 ? Microsoft Corporation. All rights reserved. -610e0000 : C:\Windows\SYSTEM32\LINKINFO.dll 10.0.19041.546 - Windows Volume Tracking ? Microsoft Corporation. All rights reserved. -610f0000 : C:\Windows\SYSTEM32\WindowsCodecs.dll 10.0.19041.1151 - Microsoft Windows Codecs Library ? Microsoft Corporation. All rights reserved. -61270000 : C:\Windows\SYSTEM32\mscms.dll 10.0.19041.746 - Microsoft 颜色匹配系统 DLL ? Microsoft Corporation. All rights reserved. -616b0000 : C:\Windows\System32\Windows.StateRepositoryPS.dll 10.0.19041.1466 - Windows StateRepository Proxy/Stub Server ? Microsoft Corporation. All rights reserved. -61880000 : C:\Windows\SYSTEM32\edputil.dll 10.0.19041.546 - EDP 实用程序 ? Microsoft Corporation. All rights reserved. -618e0000 : C:\Windows\System32\Windows.FileExplorer.Common.dll 10.0.19041.1566 - Windows.FileExplorer.Common ? Microsoft Corporation. All rights reserved. -61930000 : C:\Windows\System32\msvcp110_win.dll 10.0.19041.546 - Microsoft? STL110 C++ Runtime Library ? Microsoft Corporation. All rights reserved. -619a0000 : C:\Windows\System32\LocationApi.dll 10.0.19041.746 - Microsoft Windows Location API ? Microsoft Corporation. All rights reserved. -61a00000 : C:\Windows\System32\deviceaccess.dll 10.0.19041.746 - Device Broker And Policy COM Server ? Microsoft Corporation. All rights reserved. -61a30000 : C:\Windows\System32\PortableDeviceTypes.dll 10.0.19041.746 - Windows Portable Device (Parameter) Types Component ? Microsoft Corporation. All rights reserved. -61a60000 : C:\Windows\System32\SensorsNativeApi.V2.dll 10.0.19041.1 - Sensors Native API (V2 stack) ? Microsoft Corporation. All rights reserved. -61bf0000 : C:\Windows\SYSTEM32\ColorAdapterClient.dll 10.0.19041.546 - Microsoft Color Adapter Client ? Microsoft Corporation. All rights reserved. -61c00000 : C:\Windows\System32\SensorsUtilsV2.dll 10.0.19041.746 - 传感器 v2 实用工具 DLL ? Microsoft Corporation. All rights reserved. -66070000 : C:\Windows\System32\npmproxy.dll 10.0.19041.546 - Network List Manager Proxy ? Microsoft Corporation. All rights reserved. -66080000 : C:\Windows\System32\netprofm.dll 10.0.19041.746 - Network List Manager ? Microsoft Corporation. All rights reserved. -67000000 : C:\Windows\System32\winrnr.dll 10.0.19041.546 - LDAP RnR Provider DLL ? Microsoft Corporation. All rights reserved. -67010000 : C:\Windows\system32\NLAapi.dll 10.0.19041.546 - Network Location Awareness 2 ? Microsoft Corporation. All rights reserved. -67030000 : C:\Windows\system32\wshbth.dll 10.0.19041.546 - Windows Sockets Helper DLL ? Microsoft Corporation. All rights reserved. -67040000 : C:\Windows\system32\pnrpnsp.dll 10.0.19041.546 - PNRP 命名空间提供程序 ? Microsoft Corporation. All rights reserved. -67060000 : C:\Windows\system32\napinsp.dll 10.0.19041.546 - 电子邮件命名填充提供程序 ? Microsoft Corporation. All rights reserved. -67460000 : C:\Windows\system32\dcomp.dll 10.0.19041.1566 - Microsoft DirectComposition Library ? Microsoft Corporation. All rights reserved. -675d0000 : C:\Windows\system32\dataexchange.dll 10.0.19041.1387 - Data exchange ? Microsoft Corporation. All rights reserved. -67a50000 : C:\Windows\SYSTEM32\ondemandconnroutehelper.dll 10.0.19041.546 - On Demand Connctiond Route Helper ? Microsoft Corporation. All rights reserved. -67a70000 : C:\Windows\SYSTEM32\Secur32.dll 10.0.19041.546 - Security Support Provider Interface ? Microsoft Corporation. All rights reserved. -69430000 : C:\Windows\system32\dxgi.dll 10.0.19041.1566 - DirectX Graphics Infrastructure ? Microsoft Corporation. All rights reserved. -69500000 : C:\Windows\system32\d3d11.dll 10.0.19041.1620 - Direct3D 11 Runtime ? Microsoft Corporation. All rights reserved. -69c00000 : C:\Windows\System32\OneCoreUAPCommonProxyStub.dll 10.0.19041.1620 - OneCoreUAP Common Proxy Stub ? Microsoft Corporation. All rights reserved. -69fb0000 : C:\Windows\SYSTEM32\WINNSI.DLL 10.0.19041.546 - Network Store Information RPC interface ? Microsoft Corporation. All rights reserved. -6b1a0000 : C:\Windows\System32\wkscli.dll 10.0.19041.1466 - Workstation Service Client DLL ? Microsoft Corporation. All rights reserved. -6c6a0000 : C:\Windows\System32\FLTLIB.DLL 10.0.19041.546 - 筛选器库 ? Microsoft Corporation. All rights reserved. -6cb00000 : C:\Windows\SYSTEM32\urlmon.dll 11.0.19041.1566 - Win32 的 OLE32 扩展 ? Microsoft Corporation. All rights reserved. -6ccf0000 : C:\Windows\SYSTEM32\iertutil.dll 11.0.19041.1586 - Internet Explorer 的运行时实用程序 ? Microsoft Corporation. All rights reserved. -6cf20000 : C:\Windows\SYSTEM32\srvcli.dll 10.0.19041.1466 - Server Service Client DLL ? Microsoft Corporation. All rights reserved. -6cf40000 : C:\Windows\System32\cldapi.dll 10.0.19041.1288 - Cloud API user mode API ? Microsoft Corporation. All rights reserved. -6cf60000 : C:\Windows\System32\SensorsApi.dll 10.0.19041.746 - 传感器 API ? Microsoft Corporation. All rights reserved. -6cfc0000 : C:\Windows\System32\wuapi.dll 10.0.19041.1503 - Windows 更新客户端 API ? Microsoft Corporation. All rights reserved. -6d080000 : C:\Windows\System32\Windows.UI.Immersive.dll 10.0.19041.1526 - WINDOWS.UI.IMMERSIVE ? Microsoft Corporation. All rights reserved. -6d170000 : C:\Windows\System32\InputHost.dll 10.0.19041.906 - InputHost ? Microsoft Corporation. All rights reserved. -6d260000 : C:\Windows\System32\Windows.UI.dll 10.0.19041.746 - Windows Runtime UI Foundation DLL ? Microsoft Corporation. All rights reserved. -6d360000 : C:\Windows\System32\twinapi.appcore.dll 10.0.19041.746 - twinapi.appcore ? Microsoft Corporation. All rights reserved. -6d4f0000 : C:\Users\Dannis\Documents\OldNewExplorer\OldNewExplorer32.dll 1.1.9.0 - OldNewExplorer shell enhancements Copyright (C) 2013, Tihiy -6d540000 : C:\Windows\SYSTEM32\PROPSYS.dll 7.0.19041.1023 - Microsoft 属性系统 ? Microsoft Corporation. All rights reserved. -6d610000 : C:\Windows\system32\wshunix.dll 10.0.19041.1 - AF_UNIX Winsock2 Helper DLL ? Microsoft Corporation. All rights reserved. -6d620000 : C:\Windows\system32\pdh.dll 10.0.19041.1202 - Windows 性能数据助手 DLL ? Microsoft Corporation. All rights reserved. -6d660000 : C:\Windows\System32\WindowManagementAPI.dll -6d6e0000 : C:\Windows\System32\ShellCommonCommonProxyStub.dll 10.0.19041.1566 - ShellCommon Common Proxy Stub ? Microsoft Corporation. All rights reserved. -6d750000 : C:\Windows\system32\explorerframe.dll 10.0.19041.1023 - ExplorerFrame ? Microsoft Corporation. All rights reserved. -6d900000 : C:\Windows\System32\ActXPrxy.dll 10.0.19041.844 - ActiveX Interface Marshaling Library ? Microsoft Corporation. All rights reserved. -6d950000 : C:\Windows\system32\dwmapi.dll 10.0.19041.746 - Microsoft 桌面窗口管理器 API ? Microsoft Corporation. All rights reserved. -6d980000 : C:\Windows\system32\amsi.dll 10.0.19041.1620 - Anti-Malware Scan Interface ? Microsoft Corporation. All rights reserved. -6d9a0000 : C:\Windows\system32\mlang.dll 10.0.19041.746 - 多语言支持 DLL ? Microsoft Corporation. All rights reserved. -6d9e0000 : C:\Windows\system32\twinapi.dll 10.0.19041.1202 - twinapi ? Microsoft Corporation. All rights reserved. -6da70000 : C:\Windows\SYSTEM32\QUARTZ.dll 10.0.19041.746 - DirectShow Runtime. ? Microsoft Corporation. All rights reserved. -72500000 : C:\Windows\SYSTEM32\apphelp.dll 10.0.19041.1320 - 应用程序兼容性客户端库 ? Microsoft Corporation. All rights reserved. -72600000 : C:\Windows\System32\WINSTA.dll 10.0.19041.546 - Winstation Library ? Microsoft Corporation. All rights reserved. -72650000 : C:\Windows\SYSTEM32\wintypes.dll 10.0.19041.1348 - Windows 基本类型 DLL ? Microsoft Corporation. All rights reserved. -72730000 : C:\Windows\System32\CoreUIComponents.dll 10.0.19041.546 - Microsoft Core UI Components Dll ? Microsoft Corporation. All rights reserved. -729b0000 : C:\Windows\System32\CoreMessaging.dll 10.0.19041.867 - Microsoft CoreMessaging Dll ? Microsoft Corporation. All rights reserved. -72a50000 : C:\Windows\System32\TextInputFramework.dll 10.0.19041.1503 - "TextInputFramework.DYNLINK" ? Microsoft Corporation. All rights reserved. -72b10000 : C:\Windows\SYSTEM32\XmlLite.dll 10.0.19041.546 - Microsoft XmlLite Library ? Microsoft Corporation. All rights reserved. -72b40000 : C:\Windows\System32\OLEACC.dll 7.2.19041.746 - Active Accessibility Core Component ? Microsoft Corporation. All rights reserved. -72ec0000 : C:\Windows\System32\netutils.dll 10.0.19041.1466 - Net Win32 API Helpers DLL ? Microsoft Corporation. All rights reserved. -72ed0000 : C:\Windows\SYSTEM32\atlthunk.dll 10.0.19041.546 - atlthunk.dll ? Microsoft Corporation. All rights reserved. -72f60000 : C:\Windows\SYSTEM32\TextShaping.dll -73000000 : C:\Windows\system32\msimg32.dll 10.0.19041.1466 - GDIEXT Client DLL ? Microsoft Corporation. All rights reserved. -73010000 : C:\Windows\system32\uxtheme.dll 10.0.19041.1620 - Microsoft UxTheme 库 ? Microsoft Corporation. All rights reserved. -73090000 : C:\Windows\System32\OneCoreCommonProxyStub.dll 10.0.19041.1081 - OneCore Common Proxy Stub ? Microsoft Corporation. All rights reserved. -730d0000 : C:\Windows\system32\es.dll 2001.12.10941.16384 - COM+ ? Microsoft Corporation. All rights reserved. -73130000 : C:\Windows\SYSTEM32\oledlg.dll 10.0.19041.746 - OLE 用户界面支持 ? Microsoft Corporation. All rights reserved. -73160000 : C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.1566_none_d951c72fe1040d0f\gdiplus.dll 10.0.19041.1566 - Microsoft GDI+ ? Microsoft Corporation. All rights reserved. -733e0000 : C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984\COMCTL32.dll 6.10.19041.1110 - 用户体验控件库 ? Microsoft Corporation. All rights reserved. -73670000 : C:\Windows\SYSTEM32\SspiCli.dll 10.0.19041.1586 - Security Support Provider Interface ? Microsoft Corporation. All rights reserved. -736e0000 : C:\Windows\SYSTEM32\profapi.dll 10.0.19041.844 - User Profile Basic API ? Microsoft Corporation. All rights reserved. -73710000 : C:\Windows\System32\DEVOBJ.dll 10.0.19041.1620 - Device Information Set DLL ? Microsoft Corporation. All rights reserved. -737b0000 : C:\Windows\SYSTEM32\winhttp.dll 10.0.19041.1620 - Windows HTTP Services ? Microsoft Corporation. All rights reserved. -73880000 : C:\Windows\system32\wininet.dll 11.0.19041.1566 - Win32 的 Internet 扩展 ? Microsoft Corporation. All rights reserved. -73ce0000 : C:\Windows\SYSTEM32\MPR.dll 10.0.19041.1566 - 多提供程序路由器 DLL ? Microsoft Corporation. All rights reserved. -73d00000 : C:\Windows\SYSTEM32\WINMM.dll 10.0.19041.546 - MCI API DLL ? Microsoft Corporation. All rights reserved. -74b30000 : C:\Windows\System32\fwpuclnt.dll 10.0.19041.1526 - FWP/IPsec 用户模式 API ? Microsoft Corporation. All rights reserved. -74b90000 : C:\Windows\system32\rsaenh.dll 10.0.19041.1052 - Microsoft Enhanced Cryptographic Provider ? Microsoft Corporation. All rights reserved. -74bc0000 : C:\Windows\SYSTEM32\windows.storage.dll 10.0.19041.1566 - Microsoft WinRT Storage API ? Microsoft Corporation. All rights reserved. -751d0000 : C:\Windows\System32\rasadhlp.dll 10.0.19041.546 - Remote Access AutoDial Helper ? Microsoft Corporation. All rights reserved. -751f0000 : C:\Windows\SYSTEM32\DNSAPI.dll 10.0.19041.1620 - DNS 客户端 API DLL ? Microsoft Corporation. All rights reserved. -75290000 : C:\Windows\system32\mswsock.dll 10.0.19041.546 - Microsoft Windows Sockets 2.0 服务提供程序 ? Microsoft Corporation. All rights reserved. -752f0000 : C:\Windows\SYSTEM32\CRYPTBASE.dll 10.0.19041.546 - Base cryptographic API DLL ? Microsoft Corporation. All rights reserved. -75300000 : C:\Windows\SYSTEM32\CRYPTSP.dll 10.0.19041.546 - Cryptographic Service Provider API ? Microsoft Corporation. All rights reserved. -75320000 : C:\Windows\SYSTEM32\ntmarta.dll 10.0.19041.546 - Windows NT MARTA 提供程序 ? Microsoft Corporation. All rights reserved. -75350000 : C:\Windows\SYSTEM32\MSASN1.dll 10.0.19041.546 - ASN.1 Runtime APIs ? Microsoft Corporation. All rights reserved. -75360000 : C:\Windows\SYSTEM32\Wldp.dll 10.0.19041.1566 - Windows 锁定策略 ? Microsoft Corporation. All rights reserved. -75390000 : C:\Windows\SYSTEM32\kernel.appcore.dll 10.0.19041.546 - AppModel API Host ? Microsoft Corporation. All rights reserved. -753c0000 : C:\Windows\SYSTEM32\UMPDC.dll -75660000 : C:\Windows\SYSTEM32\USERENV.dll 10.0.19041.572 - Userenv ? Microsoft Corporation. All rights reserved. -75690000 : C:\Windows\SYSTEM32\powrprof.dll 10.0.19041.546 - 电源配置文件帮助程序 DLL ? Microsoft Corporation. All rights reserved. -75770000 : C:\Windows\SYSTEM32\WTSAPI32.dll 10.0.19041.546 - Windows Remote Desktop Session Host Server SDK APIs ? Microsoft Corporation. All rights reserved. -75780000 : C:\Windows\SYSTEM32\VERSION.dll 10.0.19041.546 - Version Checking and File Installation Libraries ? Microsoft Corporation. All rights reserved. -75790000 : C:\Windows\SYSTEM32\iphlpapi.dll 10.0.19041.546 - IP 帮助程序 API ? Microsoft Corporation. All rights reserved. -75d00000 : C:\Windows\System32\ucrtbase.dll 10.0.19041.789 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -75e20000 : C:\Windows\System32\ole32.dll 10.0.19041.1202 - 用于 Windows 的 Microsoft OLE ? Microsoft Corporation. All rights reserved. -75f10000 : C:\Windows\System32\WS2_32.dll 10.0.19041.546 - Windows Socket 2.0 32 位 DLL ? Microsoft Corporation. All rights reserved. -75f80000 : C:\Windows\System32\RPCRT4.dll 10.0.19041.1466 - 远程过程调用运行时 ? Microsoft Corporation. All rights reserved. -76040000 : C:\Windows\System32\msvcp_win.dll 10.0.19041.789 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -760c0000 : C:\Windows\System32\CRYPT32.dll 10.0.19041.1320 - 加密 API32 ? Microsoft Corporation. All rights reserved. -761c0000 : C:\Windows\System32\clbcatq.dll 2001.12.10941.16384 - COM+ Configuration Catalog ? Microsoft Corporation. All rights reserved. -762a0000 : C:\Windows\System32\NSI.dll 10.0.19041.610 - NSI User-mode interface DLL ? Microsoft Corporation. All rights reserved. -762b0000 : C:\Windows\System32\coml2.dll 10.0.19041.546 - Microsoft COM for Windows ? Microsoft Corporation. All rights reserved. -76310000 : C:\Windows\System32\msvcrt.dll 7.0.19041.546 - Windows NT CRT DLL ? Microsoft Corporation. All rights reserved. -76440000 : C:\Windows\System32\ADVAPI32.dll 10.0.19041.1466 - 高级 Windows 32 基本 API ? Microsoft Corporation. All rights reserved. -764c0000 : C:\Windows\System32\MSCTF.dll 10.0.19041.1620 - MSCTF 服务器 DLL ? Microsoft Corporation. All rights reserved. -765a0000 : C:\Windows\System32\bcrypt.dll 10.0.19041.1023 - Windows 加密基元库 ? Microsoft Corporation. All rights reserved. -765c0000 : C:\Windows\System32\gdi32full.dll 10.0.19041.1620 - GDI Client DLL ? Microsoft Corporation. All rights reserved. -766a0000 : C:\Windows\System32\KERNEL32.DLL 10.0.19041.1566 - Windows NT 基本 API 客户端 DLL ? Microsoft Corporation. All rights reserved. -76790000 : C:\Windows\System32\GDI32.dll 10.0.19041.1620 - GDI Client DLL ? Microsoft Corporation. All rights reserved. -767c0000 : C:\Windows\System32\combase.dll 10.0.19041.1566 - 用于 Windows 的 Microsoft COM ? Microsoft Corporation. All rights reserved. -76a40000 : C:\Windows\System32\sechost.dll 10.0.19041.1586 - Host for SCM/SDDL/LSA Lookup APIs ? Microsoft Corporation. All rights reserved. -76ac0000 : C:\Windows\System32\OLEAUT32.dll 10.0.19041.985 - OLEAUT32.DLL ? Microsoft Corporation. All rights reserved. -76b60000 : C:\Windows\System32\SETUPAPI.dll 10.0.19041.1620 - Windows 安装程序 API ? Microsoft Corporation. All rights reserved. -76fa0000 : C:\Windows\System32\KERNELBASE.dll 10.0.19041.1620 - Windows NT 基本 API 客户端 DLL ? Microsoft Corporation. All rights reserved. -771c0000 : C:\Windows\System32\USER32.dll 10.0.19041.1620 - 多用户 Windows 用户 API 客户端 DLL ? Microsoft Corporation. All rights reserved. -77360000 : C:\Windows\System32\comdlg32.dll 10.0.19041.1566 - Common Dialogs DLL ? Microsoft Corporation. All rights reserved. -77410000 : C:\Windows\System32\normaliz.dll 10.0.19041.546 - Unicode Normalization DLL ? Microsoft Corporation. All rights reserved. -77420000 : C:\Windows\System32\shcore.dll 10.0.19041.1620 - SHCORE ? Microsoft Corporation. All rights reserved. -774b0000 : C:\Windows\System32\WINTRUST.dll 10.0.19041.1566 - Microsoft Trust Verification APIs ? Microsoft Corporation. All rights reserved. -77500000 : C:\Windows\System32\imagehlp.dll 10.0.19041.1415 - Windows NT Image Helper ? Microsoft Corporation. All rights reserved. -775b0000 : C:\Windows\System32\bcryptPrimitives.dll 10.0.19041.1415 - Windows Cryptographic Primitives Library ? Microsoft Corporation. All rights reserved. -77610000 : C:\Windows\System32\IMM32.DLL 10.0.19041.546 - Multi-User Windows IMM32 API Client DLL ? Microsoft Corporation. All rights reserved. -77640000 : C:\Windows\System32\SHELL32.dll 10.0.19041.1566 - Windows Shell 公用 DLL ? Microsoft Corporation. All rights reserved. -77c00000 : C:\Windows\System32\SHLWAPI.dll 10.0.19041.1023 - 外壳简易实用工具库 ? Microsoft Corporation. All rights reserved. -77c50000 : C:\Windows\System32\cfgmgr32.dll 10.0.19041.1620 - Configuration Manager DLL ? Microsoft Corporation. All rights reserved. -77c90000 : C:\Windows\System32\win32u.dll 10.0.19041.1620 - Win32u ? Microsoft Corporation. All rights reserved. -77cc0000 : C:\Windows\SYSTEM32\ntdll.dll 10.0.19041.1566 - NT 层 DLL ? Microsoft Corporation. All rights reserved. Profile: SelfUpdate.LastExec=703059966 Balloon.RightClick.Method.ReDefault=1 executing=1 Ghost.0=.\ghost\emily4\ sntp.lastexec=703059820 AppID=SSPBT.SSP.MAIN.ZJHA8EVD2/NJKZekbadbgw== LangUpdate.LastExec=702973540 Ghost.Num=1