SPDebugger/2.17.24106.A Exception Raised at 06658374 because ACCESS_VIOLATION (#c0000005) ->Reading 00000008 Data Windows NT 10.0.19045 UAC: Enabled,Limited Time: 2023/3/2 09:27:25.283 Phys.Mem: 9268/16152MB PageFile: 21133/32536MB CPU : Intel 0.6.5.6 2200MHz Features:MMX SSE HT AES-NI (Intel(R) Core(TM) i7-10870H CPU @ 2.20GHz) Package:1 Node:1 Core:8 Thread:16 SSP/2.6.31 (20230301-7; Windows NT 10.0.19045) Volume Information: C:\ Fixed [ 91723MB Free | 261236MB Total | 35%] (NTFS,Normal) D:\ Fixed [ 666397MB Free | 1120450MB Total | 59%] (NTFS,Normal) E:\ Fixed [ 184550MB Free | 524287MB Total | 35%] (NTFS,Normal) Monitor Information: 0: \\.\DISPLAY1 - Work=0,0,1536,864 Size=1536x864 [PRIMARY] Env. Variables: =::=::\ =C:=C:\ =D:=D:\ =E:=E:\ssp\ghost\Taromati2\ghost\master ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\steve02081504\AppData\Roaming CommonProgramFiles=C:\Program Files (x86)\Common Files CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files CommonProgramW6432=C:\Program Files\Common Files COMPUTERNAME=LAPTOP-4FQDVD5B ComSpec=C:\WINDOWS\system32\cmd.exe DriverData=C:\Windows\System32\Drivers\DriverData FPS_BROWSER_APP_PROFILE_STRING=Internet Explorer FPS_BROWSER_USER_PROFILE_STRING=Default HOMEDRIVE=C: HOMEPATH=\Users\steve02081504 KMP_DUPLICATE_LIB_OK=TRUE LOCALAPPDATA=C:\Users\steve02081504\AppData\Local LOGONSERVER=\\LAPTOP-4FQDVD5B MKL_SERIAL=YES NUMBER_OF_PROCESSORS=16 OneDrive=C:\Users\steve02081504\OneDrive OnlineServices=Online Services OS=Windows_NT Path=E:\ssp\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32\WBEM;E:\Python\Scripts\;E:\Python\;C:\WINDOWS\system32\WBEM;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Users\steve02081504\AppData\Local\Microsoft\WindowsApps;C:\Users\steve02081504\AppData\Local\GitHubDesktop\bin;C:\Program Files\dotnet\;E:\GitHubDesktop\bin;E:\nodejs\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;E;E;E:\Graphviz\bin;E:\LLVM\bin;C:\Program Files\PowerShell\7-preview\preview;C:\Program Files\Git\cmd;C:\Users\steve02081504\AppData\Local\Microsoft\WindowsApps;E:\GitHubDesktop\bin;E:\tools\upx;C:\Users\steve02081504\Documents\workstation\vcpkg;E:\phone\adb_fastboot_tools-20191020;E:\LLVM\bin;C:\Users\steve02081504\AppData\Roaming\npm;E:\Microsoft VS Code\bin;E:\7-Zip;E:\vcpkg\downloads\tools\cmake-3.24.0-windows\cmake-3.24.0-windows-i386;E:\Java\jdk-19\bin;E:\msys\usr\bin;E:\tools\Fiddler;E:\mysql\bin; PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PY;.PYW platformcode=KV POWERSHELL_DISTRIBUTION_CHANNEL=MSI:Windows 10 Pro PROCESSOR_ARCHITECTURE=x86 PROCESSOR_ARCHITEW6432=AMD64 PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 165 Stepping 2, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=a502 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files (x86) ProgramFiles(x86)=C:\Program Files (x86) ProgramW6432=C:\Program Files PSModulePath=C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules PUBLIC=C:\Users\Public RegionCode=APJ SESSIONNAME=Console SW_SIM_HYDRA=C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\ SW_SIM_MPIT=INTELMPI SW_SIM_TEMP=C:\ProgramData\SOLIDWORKS\SW_net_sim_temp\ SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\Users\STEVE0~1\AppData\Local\Temp TMP=C:\Users\STEVE0~1\AppData\Local\Temp USERDOMAIN=LAPTOP-4FQDVD5B USERDOMAIN_ROAMINGPROFILE=LAPTOP-4FQDVD5B USERNAME=steve02081504 USERPROFILE=C:\Users\steve02081504 windir=C:\WINDOWS WIX=C:\Program Files (x86)\WiX Toolset v3.11\ Loaded Drivers: -13690000 : mcupdate_GenuineIntel.dll -13920000 : hal.dll -13930000 : kd.dll -13940000 : tm.sys -13970000 : CLFS.SYS -139e0000 : PSHED.dll -13a00000 : BOOTVID.dll -13a10000 : FLTMGR.SYS -13a80000 : cmimcext.sys -15200000 : ntoskrnl.exe -19000000 : clipsp.sys -19120000 : ksecdd.sys -19150000 : msrpc.sys -191c0000 : werkernel.sys -191e0000 : ntosext.sys -191f0000 : CI.dll -192e0000 : cng.sys -193a0000 : Wdf01000.sys -19480000 : WDFLDR.SYS -194a0000 : SleepStudyHelper.sys -194b0000 : WppRecorder.sys -194d0000 : acpiex.sys -19500000 : mssecflt.sys -19560000 : SgrmAgent.sys -19580000 : lxss.sys -19590000 : LXCORE.SYS -196b0000 : ACPI.sys -19780000 : WMILIB.SYS -197b0000 : intelpep.sys -19820000 : WindowsTrustedRT.sys -19840000 : IntelTA.sys -19850000 : WindowsTrustedRTProxy.sys -19860000 : pcw.sys -19880000 : msisadrv.sys -19890000 : pci.sys -19910000 : vdrvroot.sys -19930000 : pdc.sys -19960000 : CEA.sys -19980000 : partmgr.sys -199c0000 : spaceport.sys -19a70000 : volmgr.sys -19a90000 : volmgrx.sys -19b00000 : mountmgr.sys -19b20000 : stornvme.sys -19b60000 : storport.sys -19c20000 : iaStorAC.sys -1a810000 : EhStorClass.sys -1a830000 : fileinfo.sys -1a850000 : Wof.sys -1a8a0000 : WdFilter.sys -1a920000 : Fs_Rec.sys -1a930000 : ndis.sys -1aaa0000 : NETIO.SYS -1ab40000 : ksecpkg.sys -1ab80000 : wfplwfs.sys -1abc0000 : VmsProxy.sys -1abf0000 : Ntfs.sys -1aed0000 : tcpip.sys -1b1c0000 : fwpkclnt.sys -1b240000 : vmbkmclr.sys -1b270000 : VmsProxyHNic.sys -1b280000 : fvevol.sys -1b350000 : hpdskflt.sys -1b370000 : volume.sys -1b380000 : volsnap.sys -1b3f0000 : rdyboost.sys -1b450000 : mup.sys -1b480000 : iorate.sys -1b4c0000 : disk.sys -1b4e0000 : CLASSPNP.SYS -1f000000 : win32kbase.sys -1f2e0000 : win32kfull.sys -1f6a0000 : cdd.dll -1fcd0000 : win32k.sys -326c0000 : cdrom.sys -32700000 : filecrypt.sys -32720000 : tbs.sys -32730000 : Null.SYS -32740000 : Beep.SYS -32750000 : IntcBTAu.sys -32810000 : IntcDMic.sys -328c0000 : usbccgp.sys -32900000 : idmwfp.sys -32940000 : Ndu.sys -329b0000 : crashdmp.sys -33a00000 : tdx.sys -33a30000 : TDI.SYS -33a50000 : netbt.sys -33ab0000 : afunix.sys -33ad0000 : afd.sys -33b80000 : rtf64x64.sys -33ba0000 : vwififlt.sys -33bc0000 : pacer.sys -33bf0000 : ndiscap.sys -33c10000 : netbios.sys -33c30000 : Vid.sys -33ce0000 : winhvr.sys -33d10000 : rdbss.sys -33d90000 : csc.sys -33e30000 : nsiproxy.sys -33e50000 : npsvctrig.sys -33e60000 : mssmbios.sys -33e80000 : gpuenergydrv.sys -33e90000 : dfsc.sys -33ee0000 : fastfat.SYS -33f50000 : bam.sys -33f70000 : ahcache.sys -33fc0000 : tap0901.sys -33fd0000 : CompositeBus.sys -33ff0000 : kdnic.sys -34000000 : umbus.sys -34020000 : CAD.sys -34040000 : UsbHub3.sys -340f0000 : ViGEmBus.sys -34110000 : iocbios2.sys -34120000 : hidi2c.sys -34140000 : nvhda64v.sys -34170000 : IntcOED.sys -342b0000 : mouhid.sys -342d0000 : mouclass.sys -342f0000 : ETDHCF.sys -34300000 : PTPFilter.sys -34310000 : MTConfig.sys -34320000 : IntcDAud.sys -34380000 : RTKVHD64.sys -34980000 : dxgkrnl.sys -34d30000 : watchdog.sys -34d50000 : BasicDisplay.sys -34d70000 : BasicRender.sys -34d90000 : Npfs.SYS -34db0000 : Msfs.SYS -34dd0000 : CimFS.SYS -43c00000 : ucx01000.sys -43c50000 : UcmCxUcsiNvppc.sys -43d00000 : UcmCx.sys -43d30000 : Netwtw10.sys -44300000 : rt640x64.sys -44420000 : GlPciSD.sys -444a0000 : iaLPSS2_UART2_CNL.sys -444f0000 : SerCx2.sys -44520000 : ICCWDT.sys -44530000 : i8042prt.sys -44560000 : ETD.sys -44620000 : kbdclass.sys -44640000 : IntcAudioBus.sys -44690000 : iaLPSS2_GPIO2_CNL.sys -446c0000 : msgpioclx.sys -44700000 : hpomencustomcapdriver.sys -44710000 : Accelerometer.sys -44720000 : hpcustomcapdriver.sys -44730000 : wmiacpi.sys -44740000 : intelppm.sys -44790000 : acpipagr.sys -447a0000 : acpitime.sys -447b0000 : WirelessButtonDriver64.sys -447c0000 : mshidkmdf.sys -447d0000 : HIDCLASS.SYS -44820000 : HIDPARSE.SYS -44840000 : CmBatt.sys -44850000 : BATTC.SYS -44870000 : dptf_acpi.sys -44890000 : UcmUcsiAcpiClient.sys -448b0000 : UcmUcsiCx.sys -448e0000 : UEFI.sys -448f0000 : nvvad64v.sys -44900000 : ksthunk.sys -44910000 : nvvhci.sys -44930000 : NvModuleTracker.sys -44940000 : NdisVirtualBus.sys -44950000 : swenum.sys -44960000 : rdpbus.sys -44970000 : vbaudio_vmvaio64_win10.sys -44990000 : USBD.SYS -449a0000 : nvlddmkm.sys -48210000 : HDAudBus.sys -48240000 : portcls.sys -482b0000 : drmk.sys -482e0000 : ks.sys -48360000 : USBXHCI.SYS -52600000 : TeeDriverW10x64.sys -52650000 : igdkmd64.sys -54090000 : MpKslDrv.sys -540d0000 : hiber_stornvme.sys -541a0000 : iaLPSS2_I2C_CNL.sys -541e0000 : SpbCx.sys -59410000 : usbvideo.sys -59480000 : dump_dumpstorport.sys -594d0000 : dump_stornvme.sys -59530000 : dump_dumpfve.sys -59550000 : dxgmms2.sys -59640000 : monitor.sys -59660000 : WUDFRd.sys -596c0000 : dptf_cpu.sys -596e0000 : esif_lf.sys -59750000 : luafv.sys -59780000 : wcifs.sys -597c0000 : rdpvideominiport.sys -597d0000 : cldflt.sys -59860000 : mmcss.sys -59880000 : storqosflt.sys -598a0000 : bindflt.sys -598d0000 : rdpdr.sys -59900000 : tsusbhub.sys -59950000 : bowser.sys -59980000 : msquic.sys -599e0000 : mrxsmb.sys -59a80000 : mrxsmb20.sys -59ad0000 : lltdio.sys -59af0000 : rspndr.sys -59b10000 : vmswitch.sys -59d90000 : wanarp.sys -59db0000 : mslldp.sys -59dd0000 : ndisuio.sys -59df0000 : nwifi.sys -59eb0000 : HTTP.sys -5a040000 : mpsdrv.sys -5a060000 : condrv.sys -5a080000 : BstkDrv_nxt.sys -5a0e0000 : HpReadHWData.sys -5a100000 : ibtusb.sys -5a640000 : BTHUSB.sys -5a670000 : BTHport.sys -8a2f0000 : WdNisDrv.sys -8a430000 : wdiwifi.sys -8a530000 : vwifibus.sys -8a540000 : vwifimp.sys -8a580000 : hiber_dumpstorport.sys -8a5a0000 : hiber_dumpfve.sys -b0200000 : srv2.sys -b02d0000 : rassstp.sys -b02f0000 : NDProxy.sys -b0330000 : AgileVpn.sys -b0360000 : rasl2tp.sys -b0390000 : raspptp.sys -b03c0000 : raspppoe.sys -b03e0000 : ndistapi.sys -b03f0000 : ndiswan.sys -b0520000 : p9rdr.sys -b0620000 : hidusb.sys -b0660000 : peauth.sys -b0740000 : srvnet.sys -b07a0000 : mrxdav.sys -b07d0000 : tcpipreg.sys Executing Processes: [With ToolHelp32] -00000000 : [System Process] (16 Threads.) -00000004 : System (341 Threads.) -000000ac : Registry (4 Threads.) -0000028c : smss.exe (2 Threads.) -000003a8 : csrss.exe (16 Threads.) -00000298 : wininit.exe (1 Threads.) -000002b8 : csrss.exe (20 Threads.) -0000040c : services.exe (13 Threads.) -00000418 : lsass.exe (11 Threads.) -00000490 : svchost.exe (29 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000004b0 : fontdrvhost.exe (5 Threads.) 10.0.19041.2075 - Usermode Font Driver Host ? Microsoft Corporation. All rights reserved. -000004b8 : WUDFHost.exe (8 Threads.) -00000514 : svchost.exe (14 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000548 : svchost.exe (9 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000056c : WUDFHost.exe (14 Threads.) -000005ac : winlogon.exe (6 Threads.) -00000608 : fontdrvhost.exe (5 Threads.) 10.0.19041.2075 - Usermode Font Driver Host ? Microsoft Corporation. All rights reserved. -00000658 : dwm.exe (15 Threads.) -0000068c : svchost.exe (39 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000006bc : svchost.exe (10 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000006c4 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000070c : svchost.exe (13 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000714 : IntelCpHDCPSvc.exe (3 Threads.) -00000764 : svchost.exe (10 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000007c4 : IntelCpHeciSvc.exe (6 Threads.) -00000544 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000007a8 : svchost.exe (8 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000848 : svchost.exe (9 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000888 : svchost.exe (15 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000890 : NetworkCap.exe (4 Threads.) -0000089c : SysInfoCap.exe (15 Threads.) -000008a4 : OmenCap.exe (3 Threads.) -000008b0 : DiagsCap.exe (4 Threads.) -000008b8 : AppHelperCap.exe (8 Threads.) -0000094c : svchost.exe (18 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000097c : TouchpointAnalyticsClientService.exe (14 Threads.) -00000988 : svchost.exe (5 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000990 : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000009b8 : svchost.exe (20 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000a14 : svchost.exe (9 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000af8 : svchost.exe (29 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000b04 : svchost.exe (5 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000b40 : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000b48 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000be4 : svchost.exe (9 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000924 : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000c3c : svchost.exe (7 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000cdc : svchost.exe (8 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000d88 : unsecapp.exe (3 Threads.) -00000e10 : WmiPrvSE.exe (6 Threads.) 10.0.19041.546 - WMI Provider Host ? Microsoft Corporation. All rights reserved. -00000ee8 : NVDisplay.Container.exe (13 Threads.) -00000f48 : svchost.exe (5 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000f50 : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000f60 : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000fbc : igfxCUIService.exe (4 Threads.) -00000fd8 : Memory Compression (97 Threads.) -00000a3c : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000cf0 : svchost.exe (10 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001034 : svchost.exe (2 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000109c : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000010d8 : svchost.exe (10 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001188 : svchost.exe (16 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001190 : svchost.exe (20 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001198 : svchost.exe (7 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000011ec : svchost.exe (5 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000012a0 : svchost.exe (19 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000012c4 : svchost.exe (9 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001314 : spoolsv.exe (10 Threads.) -0000136c : svchost.exe (18 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000014a0 : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000014b4 : Everything.exe (2 Threads.) -000014c0 : svchost.exe (12 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000014d0 : ETDService.exe (4 Threads.) -000014d8 : IntelAudioService.exe (10 Threads.) -000014e4 : FNPLicensingService64.exe (6 Threads.) -000014ec : nisvcloc.exe (2 Threads.) -000014fc : svchost.exe (21 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001510 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001518 : OneApp.IGCC.WinService.exe (9 Threads.) -00001520 : niauth_daemon.exe (8 Threads.) -00001528 : svchost.exe (21 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001530 : nvcontainer.exe (38 Threads.) -00001538 : SECOMN64.exe (4 Threads.) -00001540 : snmp.exe (5 Threads.) 10.0.19041.1 - SNMP 服务 ? Microsoft Corporation. All rights reserved. -00001548 : RtkAudUService64.exe (10 Threads.) -00001550 : svchost.exe (23 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001554 : svchost.exe (8 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001560 : XtuService.exe (13 Threads.) 7.3.0.33 - XtuService Copyright(C) 2007 - 2021, Intel Corporation. All Rights Reserved. -00001568 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001574 : MsMpEng.exe (71 Threads.) -0000157c : RstMwService.exe (6 Threads.) -00001588 : svchost.exe (7 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001598 : lkads.exe (11 Threads.) 5.8.0.49155 - lkads Copyright ? 2000-2016 National Instruments Corporation. All Rights Reserved. -000015cc : LMS.exe (5 Threads.) -000015e4 : esif_uf.exe (4 Threads.) -0000173c : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000176c : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000017a4 : svchost.exe (1 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000017ac : jhi_service.exe (2 Threads.) -00001864 : dasHost.exe (12 Threads.) -000018e8 : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000019ac : lmgrd.exe (2 Threads.) -00001a5c : conhost.exe (4 Threads.) -00001a78 : lktsrv.exe (16 Threads.) 5.8.0.49155 - lktsrv Copyright ? 2000-2016 National Instruments Corporation. All Rights Reserved. -00001a80 : nidmsrv.exe (14 Threads.) -00001a8c : lkcitdl.exe (14 Threads.) 4.5.2.0 - Part of Logos Copyright ? 2004, by National Instruments, Inc. -00001a94 : nimdnsResponder.exe (4 Threads.) -00001b08 : lmgrd.exe (1 Threads.) -000019a8 : svchost.exe (16 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001e10 : svchost.exe (12 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001f4c : rundll32.exe (2 Threads.) 10.0.19041.746 - Windows 主进程 (Rundll32) ? Microsoft Corporation. All rights reserved. -00001f9c : SystemWebServer.exe (8 Threads.) -0000222c : ApplicationWebServer.exe (9 Threads.) -0000223c : NIWebServiceContainer.exe (7 Threads.) -0000228c : NIWebServiceContainer.exe (7 Threads.) -000021f4 : NIWebServiceContainer.exe (7 Threads.) -0000210c : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000480 : svchost.exe (11 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002448 : svchost.exe (11 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000840 : NVDisplay.Container.exe (46 Threads.) -00000de4 : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002a00 : ETDCtrl.exe (15 Threads.) -00002aa0 : nvcontainer.exe (18 Threads.) -00002ac4 : nvcontainer.exe (29 Threads.) -00002ae4 : sihost.exe (14 Threads.) -00002b0c : svchost.exe (13 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002b28 : svchost.exe (9 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002ba4 : PresentationFontCache.exe (4 Threads.) -00002bd8 : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000027a8 : svchost.exe (5 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000027c4 : ctfmon.exe (16 Threads.) 10.0.19041.1 - CTF 加载程序 ? Microsoft Corporation. All rights reserved. -00000eb8 : taskhostw.exe (9 Threads.) -00002c30 : svchost.exe (10 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002d74 : explorer.exe (118 Threads.) 10.0.19041.2546 - Windows 资源管理器 ? Microsoft Corporation. All rights reserved. -00002d98 : SearchIndexer.exe (68 Threads.) 7.0.19041.2546 - Microsoft Windows Search 索引器 ? Microsoft Corporation. All rights reserved. -00002dbc : svchost.exe (10 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002e18 : SECOCL64.exe (12 Threads.) -00002e34 : conhost.exe (2 Threads.) -00002f20 : NVIDIA Web Helper.exe (95 Threads.) -00002f2c : conhost.exe (2 Threads.) -00002f3c : igfxEM.exe (70 Threads.) -00002fa0 : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002fd0 : ChsIME.exe (4 Threads.) -000028f0 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003120 : svchost.exe (13 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003158 : RtkAudUService64.exe (7 Threads.) -0000316c : svchost.exe (9 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000032d4 : StartMenuExperienceHost.exe (10 Threads.) -00003318 : svchost.exe (12 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003334 : RuntimeBroker.exe (5 Threads.) -000033f0 : SearchApp.exe (45 Threads.) -0000341c : RuntimeBroker.exe (16 Threads.) -000036d8 : svchost.exe (5 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003548 : ApplicationFrameHost.exe (17 Threads.) -00003520 : LockApp.exe (11 Threads.) -00003964 : RuntimeBroker.exe (12 Threads.) -000039c4 : SecurityHealthSystray.exe (3 Threads.) -00003ac4 : SecurityHealthService.exe (8 Threads.) -00003b90 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00003e38 : TextInputHost.exe (24 Threads.) -00003ea4 : jusched.exe (7 Threads.) -00003c4c : svchost.exe (2 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000874 : RuntimeBroker.exe (5 Threads.) -00004248 : nvsphelper64.exe (5 Threads.) -00002a38 : NVIDIA Share.exe (38 Threads.) -00004600 : NVIDIA Share.exe (13 Threads.) -0000478c : NVIDIA Share.exe (16 Threads.) -00004120 : HPSystemEventUtilityHost.exe (10 Threads.) -00003ba4 : PaintStudio.View.exe (62 Threads.) -00004a44 : RuntimeBroker.exe (3 Threads.) -00004b54 : HPAudioSwitch.exe (15 Threads.) -00004184 : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002cf0 : HPCommRecovery.exe (15 Threads.) -00000e1c : SgrmBroker.exe (7 Threads.) -000036c0 : svchost.exe (9 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000022dc : MpCopyAccelerator.exe (4 Threads.) -00003958 : ShellExperienceHost.exe (38 Threads.) -000045a0 : RuntimeBroker.exe (16 Threads.) -000026b8 : UserOOBEBroker.exe (3 Threads.) -00003c5c : dllhost.exe (7 Threads.) 10.0.19041.546 - COM Surrogate ? Microsoft Corporation. All rights reserved. -00002a44 : svchost.exe (5 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000024ec : CompPkgSrv.exe (3 Threads.) -000022b8 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00004898 : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000012b4 : SystemSettingsBroker.exe (18 Threads.) -0000031c : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000022e0 : IDMan.exe (6 Threads.) -00005914 : svchost.exe (5 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00001a00 : taskhostw.exe (7 Threads.) -00006de4 : ChsIME.exe (4 Threads.) -00003c0c : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00000ab0 : NisSrv.exe (17 Threads.) -0000619c : wlanext.exe (4 Threads.) 10.0.19041.1 - Windows Wireless LAN 802.11 Extensibility Framework ? Microsoft Corporation. All rights reserved. -000012b0 : conhost.exe (2 Threads.) -00005818 : svchost.exe (3 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000419c : Microsoft.Photos.exe (13 Threads.) -00006a28 : RuntimeBroker.exe (17 Threads.) -00005614 : SystemSettings.exe (24 Threads.) -00005ab8 : dllhost.exe (5 Threads.) 10.0.19041.546 - COM Surrogate ? Microsoft Corporation. All rights reserved. -000034dc : svchost.exe (18 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00005510 : svchost.exe (4 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000333c : Clash for Windows.exe (31 Threads.) -00002abc : Clash for Windows.exe (28 Threads.) -00006ecc : Clash for Windows.exe (14 Threads.) -0000557c : Clash for Windows.exe (22 Threads.) -00006af4 : clash-win64.exe (26 Threads.) -0000670c : conhost.exe (2 Threads.) -000035b0 : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000630c : QQ.exe (119 Threads.) -00005440 : QQExternal.exe (15 Threads.) -00002cb0 : taskhostw.exe (8 Threads.) -00003a34 : sw_d.exe (3 Threads.) -000023f0 : DeepL.exe (62 Threads.) -00004dec : CefSharp.BrowserSubprocess.exe (32 Threads.) -00003598 : CefSharp.BrowserSubprocess.exe (11 Threads.) -00004a80 : CefSharp.BrowserSubprocess.exe (16 Threads.) -000029ac : CefSharp.BrowserSubprocess.exe (20 Threads.) -000021a8 : CefSharp.BrowserSubprocess.exe (20 Threads.) -00002dcc : audiodg.exe (14 Threads.) -000067e4 : svchost.exe (9 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00002650 : svchost.exe (5 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -0000369c : svchost.exe (6 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00005c44 : smartscreen.exe (8 Threads.) ==> -00004018 : ssp.exe (23 Threads.) 2.6.31.3000 - SSP (C) D-EXCLAMATION / SSP BUGTRAQ -00006168 : rundll32.exe (4 Threads.) 10.0.19041.746 - Windows 主进程 (Rundll32) ? Microsoft Corporation. All rights reserved. -000056a8 : LogonUI.exe (16 Threads.) -000045e0 : WmiPrvSE.exe (10 Threads.) 10.0.19041.546 - WMI Provider Host ? Microsoft Corporation. All rights reserved. -00006a68 : MoUsoCoreWorker.exe (11 Threads.) -00003f20 : TrustedInstaller.exe (9 Threads.) -00005018 : TiWorker.exe (8 Threads.) -00000390 : svchost.exe (7 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -000066e4 : wermgr.exe (4 Threads.) 10.0.19041.2546 - Windows Problem Reporting ? Microsoft Corporation. All rights reserved. -00005e8c : svchost.exe (7 Threads.) 10.0.19041.1806 - Windows 服务主进程 ? Microsoft Corporation. All rights reserved. -00005618 : upfc.exe (4 Threads.) -00006490 : backgroundTaskHost.exe (1 Threads.) 10.0.19041.546 - Background Task Host ? Microsoft Corporation. All rights reserved. -00003948 : LocationNotificationWindows.exe (1 Threads.) Executing Threads: [With ToolHelp32] -00003c84 : 8(0) -00005b34 : 8(0) -00005170 : 8(0) -00000824 : 8(0) -00000d08 : 8(0) -000059a0 : 8(0) -00002fa8 : 8(0) -00000408 : 9(0) -00006908 : 8(0) -00001628 : 7(0) -000005c0 : 7(0) -000007b0 : 7(0) -00005894 : 8(0) -00004d9c : 7(0) -00000bac : 7(0) -0000439c : 8(0) ==> -00002d90 : 8(0) -00002794 : 8(0) -00004008 : 8(0) -00003944 : 8(0) -00001d18 : 8(0) -000049fc : 8(0) -000067e0 : 8(0) Executing Services: [With SCM/NT] ---AJRouter (AllJoyn Router Service) - Stopped/Paused ---ALG (Application Layer Gateway Service) - Stopped/Paused ---AppIDSvc (Application Identity) - Stopped/Paused ***Appinfo (Application Information) - Running ---AppMgmt (Application Management) - Stopped/Paused ---AppReadiness (App Readiness) - Stopped/Paused ---AppVClient (Microsoft App-V Client) - Stopped/Paused ***AppXSvc (AppX Deployment Service (AppXSVC)) - Running ---AssignedAccessManagerSvc (AssignedAccessManager 服务) - Stopped/Paused ***AudioEndpointBuilder (Windows Audio Endpoint Builder) - Running ***Audiosrv (Windows Audio) - Running ---autotimesvc (手机网络时间) - Stopped/Paused ---AxInstSV (ActiveX Installer (AxInstSV)) - Stopped/Paused ---BDESVC (BitLocker Drive Encryption Service) - Stopped/Paused ---BEService (BattlEye Service) - Stopped/Paused ***BFE (Base Filtering Engine) - Running ---BITS (Background Intelligent Transfer Service) - Stopped/Paused ***BrokerInfrastructure (Background Tasks Infrastructure Service) - Running ---BTAGService (蓝牙音频网关服务) - Stopped/Paused ***BthAvctpSvc (AVCTP 服务) - Running ---bthserv (蓝牙支持服务) - Stopped/Paused ***camsvc (功能访问管理器服务) - Running ***CDPSvc (连接设备平台服务) - Running ***CertPropSvc (Certificate Propagation) - Running ---ClipSVC (Client License Service (ClipSVC)) - Stopped/Paused ---cloudidsvc (Microsoft 云标识服务) - Stopped/Paused ---COMSysApp (COM+ System Application) - Stopped/Paused ---CoordinatorServiceHost (DTSInterops) - Stopped/Paused ***CoreMessagingRegistrar (CoreMessaging) - Running ***cphs (Intel(R) Content Protection HECI Service) - Running ***cplspcon (Intel(R) Content Protection HDCP Service) - Running ***CryptSvc (Cryptographic Services) - Running ---CscService (Offline Files) - Stopped/Paused ***DcomLaunch (DCOM Server Process Launcher) - Running ---dcsvc (dcsvc) - Stopped/Paused ---debugregsvc (debugregsvc) - Stopped/Paused ---defragsvc (Optimize drives) - Stopped/Paused ---DeveloperToolsService (开发人员工具服务) - Stopped/Paused ***DeviceAssociationService (Device Association Service) - Running ---DeviceInstall (Device Install Service) - Stopped/Paused ---DevQueryBroker (DevQuery Background Discovery Broker) - Stopped/Paused ***Dhcp (DHCP Client) - Running ---diagnosticshub.standardcollector.service (Microsoft (R) 诊断中心标准收集器服务) - Stopped/Paused ---diagsvc (Diagnostic Execution Service) - Stopped/Paused ***DiagTrack (Connected User Experiences and Telemetry) - Running ---DialogBlockingService (DialogBlockingService) - Stopped/Paused ***DispBrokerDesktopSvc (显示策略服务) - Running ***DisplayEnhancementService (显示增强服务) - Running ---DmEnrollmentSvc (设备管理注册服务) - Stopped/Paused ---dmwappushservice (设备管理无线应用程序协议 (WAP) 推送消息路由服务) - Stopped/Paused ***Dnscache (DNS Client) - Running ---DoSvc (Delivery Optimization) - Stopped/Paused ---dot3svc (Wired AutoConfig) - Stopped/Paused ***DPS (Diagnostic Policy Service) - Running ---DsmSvc (Device Setup Manager) - Stopped/Paused ***DsSvc (Data Sharing Service) - Running ***DusmSvc (数据使用量) - Running ---Eaphost (Extensible Authentication Protocol) - Stopped/Paused ***EFS (Encrypting File System (EFS)) - Running ---embeddedmode (嵌入模式) - Stopped/Paused ---EntAppSvc (Enterprise App Management Service) - Stopped/Paused ***esifsvc (Intel(R) Dynamic Tuning service) - Running ***ETDService (ELAN Service) - Running ***EventLog (Windows Event Log) - Running ***EventSystem (COM+ Event System) - Running ***Everything (Everything) - Running ---Fax (Fax) - Stopped/Paused ***fdPHost (Function Discovery Provider Host) - Running ***FDResPub (Function Discovery Resource Publication) - Running ---fhsvc (File History Service) - Stopped/Paused ***FlexNet Licensing Service 64 (FlexNet Licensing Service 64) - Running ***FontCache (Windows Font Cache Service) - Running ***FontCache3.0.0.0 (Windows Presentation Foundation Font Cache 3.0.0.0) - Running ---FrameServer (Windows Camera Frame Server) - Stopped/Paused ---FvSvc (NVIDIA FrameView SDK service) - Stopped/Paused ---gpsvc (Group Policy Client) - Stopped/Paused ---GraphicsPerfSvc (GraphicsPerfSvc) - Stopped/Paused ---HfcDisableService (Intel(R) RST HFC Disable Service) - Stopped/Paused ---hidserv (Human Interface Device Service) - Stopped/Paused ***HP Comm Recover (HP Comm Recovery) - Running ***HPAppHelperCap (HP App Helper HSA Service) - Running ***HPDiagsCap (HP Diagnostics HSA Service) - Running ***HPNetworkCap (HP Network HSA Service) - Running ***HPOmenCap (HP Omen HSA Service) - Running ***HPSysInfoCap (HP System Info HSA Service) - Running ***HpTouchpointAnalyticsService (HP Analytics service) - Running ---HvHost (HV 主机服务) - Stopped/Paused ---iaStorAfsService (Intel(R) Optane(TM) Memory Service) - Stopped/Paused ---icssvc (Windows 移动热点服务) - Stopped/Paused ***igccservice (Intel(R) Graphics Command Center Service) - Running ***igfxCUIService2.0.0.0 (Intel(R) HD Graphics Control Panel Service) - Running ---IKEEXT (IKE and AuthIP IPsec Keying Modules) - Stopped/Paused ---impi_hydra (Intel(R) MPI Library Hydra Process Manager) - Stopped/Paused ***InstallService (Microsoft Store 安装服务) - Running ---Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Stopped/Paused ---Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Stopped/Paused ***IntelAudioService (Intel(R) Audio Service) - Running ***iphlpsvc (IP Helper) - Running ***iprip (RIP Listener) - Running ---IpxlatCfgSvc (IP 转换配置服务) - Stopped/Paused ***jhi_service (Intel(R) Dynamic Application Loader Host Interface Service) - Running ***KeyIso (CNG Key Isolation) - Running ---KtmRm (KtmRm for Distributed Transaction Coordinator) - Stopped/Paused ***LanmanServer (Server) - Running ***LanmanWorkstation (Workstation) - Running ***lfsvc (Geolocation Service) - Running ***LicenseManager (Windows 许可证管理器服务) - Running ***LkCitadelServer (NI Citadel 4 Service) - Running ***lkClassAds (NI PSP Service Locator) - Running ***lkTimeSync (NI Time Synchronization) - Running ---lltdsvc (Link-Layer Topology Discovery Mapper) - Stopped/Paused ---lmhosts (TCP/IP NetBIOS Helper) - Stopped/Paused ***LMS (Intel(R) Management and Security Application Local Management Service) - Running ***LSM (Local Session Manager) - Running ---LxpSvc (语言体验服务) - Stopped/Paused ***LxssManager (LxssManager) - Running ---MapsBroker (Downloaded Maps Manager) - Stopped/Paused ---McpManagementService (McpManagementService) - Stopped/Paused ---MixedRealityOpenXRSvc (Windows Mixed Reality OpenXR Service) - Stopped/Paused ---MozillaMaintenance (Mozilla Maintenance Service) - Stopped/Paused ***mpssvc (Windows Defender Firewall) - Running ---MSDTC (Distributed Transaction Coordinator) - Stopped/Paused ---MSiSCSI (Microsoft iSCSI Initiator Service) - Stopped/Paused ---msiserver (Windows Installer) - Stopped/Paused ---MsKeyboardFilter (Microsoft 键盘筛选器) - Stopped/Paused ---MySQL (MySQL) - Stopped/Paused ---NaturalAuthentication (自然身份验证) - Stopped/Paused ---NcaSvc (Network Connectivity Assistant) - Stopped/Paused ***NcbService (Network Connection Broker) - Running ***NcdAutoSetup (Network Connected Devices Auto-Setup) - Running ---Netlogon (Netlogon) - Stopped/Paused ---Netman (Network Connections) - Stopped/Paused ***netprofm (Network List Service) - Running ---NetSetupSvc (Network Setup Service) - Stopped/Paused ---NetTcpPortSharing (Net.Tcp Port Sharing Service) - Stopped/Paused ***NgcCtnrSvc (Microsoft Passport Container) - Running ***NgcSvc (Microsoft Passport) - Running ***NIApplicationWebServer (NI Application Web Server) - Running ---NIApplicationWebServer64 (NI Application Web Server (64-bit)) - Stopped/Paused ***niauth (NI Authentication Service) - Running ***NIDomainService (NI Domain Service) - Running ---NILM License Manager (NI License Server) - Stopped/Paused ***nimDNSResponder (NI mDNS Responder Service) - Running ***NiSvcLoc (NI Service Locator) - Running ***NISystemWebServer (NI System Web Server) - Running ***NlaSvc (Network Location Awareness) - Running ***nsi (Network Store Interface Service) - Running ***NvContainerLocalSystem (NVIDIA LocalSystem Container) - Running ***NVDisplay.ContainerLocalSystem (NVIDIA Display Container LS) - Running ---p2pimsvc (Peer Networking Identity Manager) - Stopped/Paused ---p2psvc (Peer Networking Grouping) - Stopped/Paused ***PcaSvc (Program Compatibility Assistant Service) - Running ---PeerDistSvc (BranchCache) - Stopped/Paused ---perceptionsimulation (Windows 感知模拟服务) - Stopped/Paused ---PerfHost (Performance Counter DLL Host) - Stopped/Paused ---PhoneSvc (Phone Service) - Stopped/Paused ---pla (Performance Logs & Alerts) - Stopped/Paused ***PlugPlay (Plug and Play) - Running ---PNRPAutoReg (PNRP Machine Name Publication Service) - Stopped/Paused ---PNRPsvc (Peer Name Resolution Protocol) - Stopped/Paused ---PolicyAgent (IPsec Policy Agent) - Stopped/Paused ***Power (Power) - Running ---PrintNotify (Printer Extensions and Notifications) - Stopped/Paused ***ProfSvc (User Profile Service) - Running ---PushToInstall (Windows PushToInstall 服务) - Stopped/Paused ---qcmtusvc (Qualcomm MTU Service) - Stopped/Paused ---QWAVE (Quality Windows Audio Video Experience) - Stopped/Paused ---RasAuto (Remote Access Auto Connection Manager) - Stopped/Paused ***RasMan (Remote Access Connection Manager) - Running ---RemoteAccess (Routing and Remote Access) - Stopped/Paused ---RemoteRegistry (Remote Registry) - Stopped/Paused ---RetailDemo (零售演示服务) - Stopped/Paused ***RmSvc (无线电管理服务) - Running ***RpcEptMapper (RPC Endpoint Mapper) - Running ---RpcLocator (Remote Procedure Call (RPC) Locator) - Stopped/Paused ***RpcSs (Remote Procedure Call (RPC)) - Running ***RstMwService (Intel(R) Storage Middleware Service) - Running ***RtkAudioUniversalService (Realtek Audio Universal Service) - Running ***SamSs (Security Accounts Manager) - Running ---SCardSvr (Smart Card) - Stopped/Paused ---ScDeviceEnum (Smart Card Device Enumeration Service) - Stopped/Paused ***Schedule (Task Scheduler) - Running ---SCPolicySvc (Smart Card Removal Policy) - Stopped/Paused ---SDRSVC (Windows 备份) - Stopped/Paused ---seclogon (Secondary Logon) - Stopped/Paused ***SECOMNService (Sound Research SECOMN Service) - Running ***SecurityHealthService (Windows 安全中心服务) - Running ***SEMgrSvc (付款和 NFC/SE 管理器) - Running ***SENS (System Event Notification Service) - Running ---Sense (Windows Defender Advanced Threat Protection Service) - Stopped/Paused ---SensorDataService (Sensor Data Service) - Stopped/Paused ---SensorService (Sensor Service) - Stopped/Paused ---SensrSvc (Sensor Monitoring Service) - Stopped/Paused ***SessionEnv (Remote Desktop Configuration) - Running ***SgrmBroker (System Guard 运行时监视代理) - Running ---SharedAccess (Internet Connection Sharing (ICS)) - Stopped/Paused ---SharedRealitySvc (空间数据服务) - Stopped/Paused ***ShellHWDetection (Shell Hardware Detection) - Running ---shpamsvc (Shared PC Account Manager) - Stopped/Paused ---smphost (Microsoft Storage Spaces SMP) - Stopped/Paused ---SmsRouter (Microsoft Windows SMS 路由器服务。) - Stopped/Paused ***SNMP (SNMP 服务) - Running ---SNMPTRAP (SNMP 陷阱) - Stopped/Paused ***SolidWorks Flexnet Server (SolidWorks Flexnet Server) - Running ---SolidWorks Licensing Service (SolidWorks Licensing Service) - Stopped/Paused ---spectrum (Windows 感知服务) - Stopped/Paused ***Spooler (Print Spooler) - Running ---sppsvc (Software Protection) - Stopped/Paused ***SSDPSRV (SSDP Discovery) - Running ---ssh-agent (OpenSSH Authentication Agent) - Stopped/Paused ---sshd (OpenSSH SSH Server) - Stopped/Paused ---SshdBroker (SshdBroker) - Stopped/Paused ***SstpSvc (Secure Socket Tunneling Protocol Service) - Running ***StateRepository (State Repository Service) - Running ---Steam Client Service (Steam Client Service) - Stopped/Paused ---stisvc (Windows Image Acquisition (WIA)) - Stopped/Paused ***StorSvc (Storage Service) - Running ---svsvc (Spot Verifier) - Stopped/Paused ---swprv (Microsoft Software Shadow Copy Provider) - Stopped/Paused ***SysMain (SysMain) - Running ***SystemEventsBroker (System Events Broker) - Running ***TabletInputService (Touch Keyboard and Handwriting Panel Service) - Running ***TapiSrv (Telephony) - Running ***TermService (Remote Desktop Services) - Running ***Themes (Themes) - Running ---TieringEngineService (Storage Tiers Management) - Stopped/Paused ***TimeBrokerSvc (Time Broker) - Running ***TokenBroker (Web 帐户管理器) - Running ***TrkWks (Distributed Link Tracking Client) - Running ---TroubleshootingSvc (建议疑难解答服务) - Stopped/Paused ***TrustedInstaller (Windows Modules Installer) - Running ***tzautoupdate (自动时区更新程序) - Running ---UevAgentService (User Experience Virtualization Service) - Stopped/Paused ---uhssvc (Microsoft Update Health Service) - Stopped/Paused ***UmRdpService (Remote Desktop Services UserMode Port Redirector) - Running ---upnphost (UPnP Device Host) - Stopped/Paused ***UserManager (User Manager) - Running ***UsoSvc (更新 Orchestrator 服务) - Running ---VacSvc (立体音频组合器服务) - Stopped/Paused ***VaultSvc (Credential Manager) - Running ---vds (Virtual Disk) - Stopped/Paused ---vmicguestinterface (Hyper-V Guest Service Interface) - Stopped/Paused ---vmicheartbeat (Hyper-V Heartbeat Service) - Stopped/Paused ---vmickvpexchange (Hyper-V Data Exchange Service) - Stopped/Paused ---vmicrdv (Hyper-V 远程桌面虚拟化服务) - Stopped/Paused ---vmicshutdown (Hyper-V Guest Shutdown Service) - Stopped/Paused ---vmictimesync (Hyper-V Time Synchronization Service) - Stopped/Paused ---vmicvmsession (Hyper-V PowerShell Direct Service) - Stopped/Paused ---vmicvss (Hyper-V 卷影复制请求程序) - Stopped/Paused ---VSS (Volume Shadow Copy) - Stopped/Paused ---VSStandardCollectorService150 (Visual Studio Standard Collector Service 150) - Stopped/Paused ***W32Time (Windows Time) - Running ***WaaSMedicSvc (Windows 更新医生服务) - Running ---WalletService (WalletService) - Stopped/Paused ---WarpJITSvc (WarpJITSvc) - Stopped/Paused ---wbengine (Block Level Backup Engine Service) - Stopped/Paused ***WbioSrvc (Windows Biometric Service) - Running ***Wcmsvc (Windows Connection Manager) - Running ---wcncsvc (Windows Connect Now - Config Registrar) - Stopped/Paused ***WdiServiceHost (Diagnostic Service Host) - Running ---WdiSystemHost (Diagnostic System Host) - Stopped/Paused ***WdNisSvc (Microsoft Defender Antivirus Network Inspection Service) - Running ***WebClient (WebClient) - Running ---WebManagement (Web Management) - Stopped/Paused ---Wecsvc (Windows Event Collector) - Stopped/Paused ---WemeetUpdateSvc (WemeetUpdateSvc) - Stopped/Paused ---WEPHOSTSVC (Windows Encryption Provider Host Service) - Stopped/Paused ---wercplsupport (Problem Reports Control Panel Support) - Stopped/Paused ---WerSvc (Windows Error Reporting Service) - Stopped/Paused ---WFDSConMgrSvc (WLAN Direct 服务连接管理器服务) - Stopped/Paused ---WiaRpc (Still Image Acquisition Events) - Stopped/Paused ***WinDefend (Microsoft Defender Antivirus Service) - Running ***WinHttpAutoProxySvc (WinHTTP Web Proxy Auto-Discovery Service) - Running ***Winmgmt (Windows Management Instrumentation) - Running ---WinRM (Windows Remote Management (WS-Management)) - Stopped/Paused ---wisvc (Windows 预览体验成员服务) - Stopped/Paused ***WlanSvc (WLAN AutoConfig) - Running ***wlidsvc (Microsoft Account Sign-in Assistant) - Running ---wlpasvc (本地配置文件助手服务) - Stopped/Paused ---WManSvc (Windows 管理服务) - Stopped/Paused ---wmiApSrv (WMI Performance Adapter) - Stopped/Paused ---WMPNetworkSvc (Windows Media Player Network Sharing Service) - Stopped/Paused ---workfolderssvc (Work Folders) - Stopped/Paused ---WpcMonSvc (家长控制) - Stopped/Paused ---WPDBusEnum (Portable Device Enumerator Service) - Stopped/Paused ***WpnService (Windows 推送通知系统服务) - Running ***wscsvc (Security Center) - Running ***WSearch (Windows Search) - Running ***wuauserv (Windows Update) - Running ***WwanSvc (WWAN AutoConfig) - Running ---XblAuthManager (Xbox Live 身份验证管理器) - Stopped/Paused ---XblGameSave (Xbox Live 游戏保存) - Stopped/Paused ---XboxGipSvc (Xbox Accessory Management Service) - Stopped/Paused ---XboxNetApiSvc (Xbox Live 网络服务) - Stopped/Paused ***XTU3SERVICE (XTUOCDriverService) - Running ---AarSvc_13c2a5 (Agent Activation Runtime_13c2a5) - Stopped/Paused ---BcastDVRUserService_13c2a5 (GameDVR 和广播用户服务_13c2a5) - Stopped/Paused ---BluetoothUserService_13c2a5 (蓝牙用户支持服务_13c2a5) - Stopped/Paused ***CaptureService_13c2a5 (CaptureService_13c2a5) - Running ***cbdhsvc_13c2a5 (剪贴板用户服务_13c2a5) - Running ***CDPUserSvc_13c2a5 (连接设备平台用户服务_13c2a5) - Running ---ConsentUxUserSvc_13c2a5 (ConsentUX_13c2a5) - Stopped/Paused ---CredentialEnrollmentManagerUserSvc_13c2a5 (CredentialEnrollmentManagerUserSvc_13c2a5) - Stopped/Paused ---DeviceAssociationBrokerSvc_13c2a5 (DeviceAssociationBroker_13c2a5) - Stopped/Paused ---DevicePickerUserSvc_13c2a5 (DevicePicker_13c2a5) - Stopped/Paused ---DevicesFlowUserSvc_13c2a5 (DevicesFlow_13c2a5) - Stopped/Paused ---LxssManagerUser_13c2a5 (LxssManagerUser_13c2a5) - Stopped/Paused ---MessagingService_13c2a5 (MessagingService_13c2a5) - Stopped/Paused ***OneSyncSvc_13c2a5 (同步主机_13c2a5) - Running ***PimIndexMaintenanceSvc_13c2a5 (Contact Data_13c2a5) - Running ***PrintWorkflowUserSvc_13c2a5 (PrintWorkflow_13c2a5) - Running ***UdkUserSvc_13c2a5 (Udk 用户服务_13c2a5) - Running ***UnistoreSvc_13c2a5 (User Data Storage_13c2a5) - Running ***UserDataSvc_13c2a5 (User Data Access_13c2a5) - Running ***WpnUserService_13c2a5 (Windows Push Notifications User Service_13c2a5) - Running Loaded Modules: [With ToolHelp32] -00160000 : E:\ssp\ghost\Taromati2\ghost\master\saori\cpuusage.DLL -00190000 : E:\ssp\ghost\Taromati2\ghost\master\saori\ip.DLL 1.0.0.0 - by steve02081504 for Taromati2 at 2021/2/15 -00400000 : E:\ssp\ssp.exe 2.6.31.3000 - SSP (C) D-EXCLAMATION / SSP BUGTRAQ -013a0000 : E:\ssp\ghost\Taromati2\ghost\master\saori\advanced_sysinfo.DLL 1.0.0.0 - advanced_sysinfo SAORI Extension / CSaori Library Sample -03600000 : E:\ssp\ghost\Taromati2\ghost\master\saori\ChConverter.DLL 1.0.0.1 - ChConverter Copyright ? 2009 Pygmalion -063a0000 : E:\ssp\plugin\ukadonyu\saori\httpc\httpc.dll -06600000 : E:\ssp\plugin\ukadonyu\saori\imgctl_saori\imgctl_saori.dll ==> -06650000 : E:\ssp\plugin\ukadonyu\saori\imgctl_saori\imgctl.dll -066e0000 : E:\ssp\plugin\ukadonyu\saori\textcopy2\textcopy2.dll 1.0.0.0 - textcopy2 SAORI Extension / CSaori Library Sample -06750000 : E:\ssp\plugin\shared_value\shared_value.dll 1.0.0.0 - Shared Value Plugin Copyright (C) CSaori Project -06820000 : E:\ssp\plugin\ukadonyu\akari.dll -07420000 : E:\ssp\plugin\SAKNIFE\SAKNIFE.dll 1.5.3.0 - SwissArmyKnife (C) 2004 SSP BUGTRAQ -080e0000 : E:\ssp\ghost\Taromati2\ghost\master\shiori\aya.dll -08180000 : E:\ssp\ghost\Taromati2\ghost\master\saori\cmdrunner.DLL 1.0.0.0 - by steve02081504 for Taromati2 at 2021/2/16 -0c0f0000 : C:\WINDOWS\SYSTEM32\WindowsCodecs.dll 10.0.19041.1706 - Microsoft Windows Codecs Library ? Microsoft Corporation. All rights reserved. -0c990000 : E:\ssp\ghost\Taromati2\ghost\master\saori\debeso.DLL -0c9f0000 : E:\ssp\ghost\Taromati2\ghost\master\saori\lunar.DLL 2.0.1.2 - 伪春菜_lunar calendar conversion KikkaAIdb -10000000 : E:\ssp\data\language\chinese-simplified\resource.dll 2.6.19.15 - Language Resource DLL (C) D-EXCLAMATION / SSP BUGTRAQ -13700000 : E:\ssp\plugin\ukadonyu\saori\yaya\yaya.dll 5.71.5.0 - yaya -56100000 : C:\WINDOWS\SYSTEM32\sxs.dll 10.0.19041.2364 - Fusion 2.5 ? Microsoft Corporation. All rights reserved. -60c70000 : C:\Windows\System32\Bcp47Langs.dll 10.0.19041.1566 - BCP47 Language Classes ? Microsoft Corporation. All rights reserved. -63270000 : C:\WINDOWS\SYSTEM32\msvcp110_win.dll 10.0.19041.546 - Microsoft? STL110 C++ Runtime Library ? Microsoft Corporation. All rights reserved. -632e0000 : C:\WINDOWS\SYSTEM32\policymanager.dll 10.0.19041.2604 - Policy Manager DLL ? Microsoft Corporation. All rights reserved. -63550000 : C:\WINDOWS\SYSTEM32\nimdnsResponder.dll 215.0.0.49152 - National Instruments Zeroconf Library Copyright ? 2000-2014 National Instruments Corporation. All Rights Reserved. -63560000 : E:\Multisim14\Shared\mDNS Responder\nimdnsNSP.dll 215.0.0.49152 - National Instruments Zeroconf Namespace Service Provider Copyright ? 2000-2014 National Instruments Corporation. All Rights Reserved. -635c0000 : C:\WINDOWS\SYSTEM32\urlmon.dll 11.0.19041.2604 - Win32 的 OLE32 扩展 ? Microsoft Corporation. All rights reserved. -64210000 : C:\WINDOWS\SYSTEM32\QUARTZ.dll 10.0.19041.746 - DirectShow Runtime. ? Microsoft Corporation. All rights reserved. -64e30000 : C:\Windows\System32\appresolver.dll 10.0.19041.1620 - 应用解析程序 ? Microsoft Corporation. All rights reserved. -6a240000 : C:\WINDOWS\SYSTEM32\NTASN1.dll 10.0.19041.546 - Microsoft ASN.1 API ? Microsoft Corporation. All rights reserved. -6a270000 : C:\WINDOWS\SYSTEM32\ncrypt.dll 10.0.19041.546 - Windows NCrypt 路由器 ? Microsoft Corporation. All rights reserved. -6b810000 : C:\WINDOWS\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9672_none_d08f9da24428a513\MSVCR80.dll 8.0.50727.9672 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -6ca10000 : C:\Windows\System32\OneCoreUAPCommonProxyStub.dll 10.0.19041.2311 - OneCoreUAP Common Proxy Stub ? Microsoft Corporation. All rights reserved. -6cdd0000 : C:\WINDOWS\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9672_none_d08f9da24428a513\MSVCP80.dll 8.0.50727.9672 - Microsoft? C++ Runtime Library ? Microsoft Corporation. All rights reserved. -6d150000 : C:\WINDOWS\system32\d3d11.dll 10.0.19041.2075 - Direct3D 11 Runtime ? Microsoft Corporation. All rights reserved. -6d330000 : C:\WINDOWS\system32\dcomp.dll 10.0.19041.2546 - Microsoft DirectComposition Library ? Microsoft Corporation. All rights reserved. -6d4a0000 : C:\WINDOWS\system32\dxgi.dll 10.0.19041.2311 - DirectX Graphics Infrastructure ? Microsoft Corporation. All rights reserved. -6d930000 : C:\WINDOWS\SYSTEM32\mscms.dll 10.0.19041.746 - Microsoft 颜色匹配系统 DLL ? Microsoft Corporation. All rights reserved. -6d9d0000 : C:\Windows\System32\twinapi.appcore.dll 10.0.19041.1865 - twinapi.appcore ? Microsoft Corporation. All rights reserved. -6dd50000 : C:\WINDOWS\SYSTEM32\edputil.dll 10.0.19041.546 - EDP 实用程序 ? Microsoft Corporation. All rights reserved. -6ddd0000 : C:\WINDOWS\SYSTEM32\wintypes.dll 10.0.19041.2311 - Windows 基本类型 DLL ? Microsoft Corporation. All rights reserved. -6ded0000 : C:\Windows\System32\sppc.dll 10.0.19041.1682 - 软件授权客户端 Dll ? Microsoft Corporation. All rights reserved. -6def0000 : C:\Windows\System32\SLC.dll 10.0.19041.1682 - 软件授权客户端 Dll ? Microsoft Corporation. All rights reserved. -6e110000 : C:\Windows\System32\wuapi.dll 10.0.19041.2546 - Windows 更新客户端 API ? Microsoft Corporation. All rights reserved. -6e4d0000 : C:\WINDOWS\SYSTEM32\WININET.dll 11.0.19041.2193 - Win32 的 Internet 扩展 ? Microsoft Corporation. All rights reserved. -6eac0000 : C:\WINDOWS\system32\uxtheme.dll 10.0.19041.2193 - Microsoft UxTheme 库 ? Microsoft Corporation. All rights reserved. -6edd0000 : C:\WINDOWS\SYSTEM32\apphelp.dll 10.0.19041.2546 - 应用程序兼容性客户端库 ? Microsoft Corporation. All rights reserved. -6ef00000 : C:\WINDOWS\System32\schannel.dll 10.0.19041.2604 - TLS/SSL 安全提供程序 ? Microsoft Corporation. All rights reserved. -6f6a0000 : C:\WINDOWS\System32\CoreUIComponents.dll 10.0.19041.546 - Microsoft Core UI Components Dll ? Microsoft Corporation. All rights reserved. -6f920000 : C:\WINDOWS\System32\CoreMessaging.dll 10.0.19041.2193 - Microsoft CoreMessaging Dll ? Microsoft Corporation. All rights reserved. -6f9c0000 : C:\WINDOWS\system32\ncryptsslp.dll 10.0.19041.546 - Microsoft SChannel Provider ? Microsoft Corporation. All rights reserved. -6fb90000 : C:\WINDOWS\System32\WINSTA.dll 10.0.19041.2075 - Winstation Library ? Microsoft Corporation. All rights reserved. -6fe90000 : C:\WINDOWS\SYSTEM32\textinputframework.dll 10.0.19041.2546 - "TextInputFramework.DYNLINK" ? Microsoft Corporation. All rights reserved. -6ff50000 : C:\WINDOWS\system32\dwrite.dll 10.0.19041.1566 - Microsoft DirectX 版式服务 ? Microsoft Corporation. All rights reserved. -70160000 : C:\WINDOWS\system32\dataexchange.dll 10.0.19041.1387 - Data exchange ? Microsoft Corporation. All rights reserved. -701a0000 : C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984\COMCTL32.dll 6.10.19041.1110 - 用户体验控件库 ? Microsoft Corporation. All rights reserved. -703b0000 : C:\WINDOWS\SYSTEM32\PROPSYS.dll 7.0.19041.1741 - Microsoft 属性系统 ? Microsoft Corporation. All rights reserved. -70710000 : C:\WINDOWS\SYSTEM32\mskeyprotect.dll 10.0.19041.1202 - Microsoft 密钥保护提供程序 ? Microsoft Corporation. All rights reserved. -70900000 : C:\WINDOWS\system32\dwmapi.dll 10.0.19041.746 - Microsoft 桌面窗口管理器 API ? Microsoft Corporation. All rights reserved. -70930000 : C:\WINDOWS\SYSTEM32\ColorAdapterClient.dll 10.0.19041.546 - Microsoft Color Adapter Client ? Microsoft Corporation. All rights reserved. -70950000 : C:\WINDOWS\SYSTEM32\DPAPI.DLL 10.0.19041.546 - Data Protection API ? Microsoft Corporation. All rights reserved. -70a00000 : C:\Windows\System32\cryptnet.dll 10.0.19041.906 - Crypto Network Related API ? Microsoft Corporation. All rights reserved. -70a50000 : C:\WINDOWS\SYSTEM32\ntshrui.dll 10.0.19041.844 - 用于共享的外壳扩展 ? Microsoft Corporation. All rights reserved. -70ab0000 : C:\WINDOWS\System32\DAVHLPR.dll 10.0.19041.546 - DAV Helper DLL ? Microsoft Corporation. All rights reserved. -70ac0000 : C:\WINDOWS\System32\davclnt.dll 10.0.19041.546 - Web DAV Client DLL ? Microsoft Corporation. All rights reserved. -70ae0000 : C:\WINDOWS\System32\ntlanman.dll 10.0.19041.2604 - Microsoft? LAN 管理器 ? Microsoft Corporation. All rights reserved. -70b00000 : C:\WINDOWS\System32\drprov.dll 10.0.19041.546 - Microsoft 远程桌面会话主机服务器网络提供程序 ? Microsoft Corporation. All rights reserved. -70b10000 : C:\WINDOWS\System32\p9np.dll 10.0.19041.2311 - Plan 9 Network Provider ? Microsoft Corporation. All rights reserved. -70b30000 : C:\WINDOWS\system32\NetworkExplorer.dll 10.0.19041.1 - 网络浏览器 ? Microsoft Corporation. All rights reserved. -70b50000 : C:\WINDOWS\System32\npmproxy.dll 10.0.19041.2311 - Network List Manager Proxy ? Microsoft Corporation. All rights reserved. -70b60000 : C:\WINDOWS\System32\netprofm.dll 10.0.19041.2311 - Network List Manager ? Microsoft Corporation. All rights reserved. -70be0000 : E:\ssp\plugin\discord\discord.dll -70c60000 : C:\WINDOWS\system32\twinapi.dll 10.0.19041.1741 - twinapi ? Microsoft Corporation. All rights reserved. -70cf0000 : C:\WINDOWS\SYSTEM32\ondemandconnroutehelper.dll 10.0.19041.2311 - On Demand Connctiond Route Helper ? Microsoft Corporation. All rights reserved. -70d10000 : C:\WINDOWS\SYSTEM32\iertutil.dll 11.0.19041.2130 - Internet Explorer 的运行时实用程序 ? Microsoft Corporation. All rights reserved. -70f80000 : C:\WINDOWS\system32\d2d1.dll 10.0.19041.546 - Microsoft D2D 库 ? Microsoft Corporation. All rights reserved. -71520000 : C:\Windows\System32\ShellCommonCommonProxyStub.dll 10.0.19041.2546 - ShellCommon Common Proxy Stub ? Microsoft Corporation. All rights reserved. -71590000 : C:\WINDOWS\system32\explorerframe.dll 10.0.19041.1949 - ExplorerFrame ? Microsoft Corporation. All rights reserved. -71750000 : C:\WINDOWS\system32\pdh.dll 10.0.19041.1202 - Windows 性能数据助手 DLL ? Microsoft Corporation. All rights reserved. -71790000 : C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.2251_none_d9513b1fe1046fc7\gdiplus.dll 10.0.19041.2251 - Microsoft GDI+ ? Microsoft Corporation. All rights reserved. -71970000 : C:\Windows\System32\ActXPrxy.dll 10.0.19041.2546 - ActiveX Interface Marshaling Library ? Microsoft Corporation. All rights reserved. -719e0000 : C:\WINDOWS\SYSTEM32\cscapi.dll 10.0.19041.546 - Offline Files Win32 API ? Microsoft Corporation. All rights reserved. -71a20000 : C:\WINDOWS\SYSTEM32\LINKINFO.dll 10.0.19041.546 - Windows Volume Tracking ? Microsoft Corporation. All rights reserved. -71a70000 : C:\Windows\System32\wups.dll 10.0.19041.2546 - Windows Update client proxy stub ? Microsoft Corporation. All rights reserved. -71b00000 : C:\WINDOWS\SYSTEM32\oledlg.dll 10.0.19041.746 - OLE 用户界面支持 ? Microsoft Corporation. All rights reserved. -71b50000 : C:\WINDOWS\system32\wshunix.dll 10.0.19041.1 - AF_UNIX Winsock2 Helper DLL ? Microsoft Corporation. All rights reserved. -71b90000 : C:\WINDOWS\system32\mlang.dll 10.0.19041.746 - 多语言支持 DLL ? Microsoft Corporation. All rights reserved. -71bd0000 : C:\WINDOWS\SYSTEM32\TextShaping.dll -71c90000 : C:\WINDOWS\SYSTEM32\FLTLIB.DLL 10.0.19041.546 - 筛选器库 ? Microsoft Corporation. All rights reserved. -71ca0000 : C:\WINDOWS\SYSTEM32\virtdisk.dll 10.0.19041.2311 - Virtual Disk API DLL ? Microsoft Corporation. All rights reserved. -73b20000 : C:\WINDOWS\SYSTEM32\VERSION.dll 10.0.19041.546 - Version Checking and File Installation Libraries ? Microsoft Corporation. All rights reserved. -73b30000 : C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\X86\MpOav.dll 4.18.2301.6 - IOfficeAntiVirus Module ? Microsoft Corporation. All rights reserved. -73ba0000 : C:\WINDOWS\system32\amsi.dll 10.0.19041.2075 - Anti-Malware Scan Interface ? Microsoft Corporation. All rights reserved. -73bc0000 : C:\WINDOWS\system32\msimg32.dll 10.0.19041.1466 - GDIEXT Client DLL ? Microsoft Corporation. All rights reserved. -73bd0000 : C:\WINDOWS\SYSTEM32\MPR.dll 10.0.19041.1806 - 多提供程序路由器 DLL ? Microsoft Corporation. All rights reserved. -73d20000 : C:\WINDOWS\SYSTEM32\DEVOBJ.dll 10.0.19041.1620 - Device Information Set DLL ? Microsoft Corporation. All rights reserved. -743c0000 : C:\WINDOWS\system32\rsaenh.dll 10.0.19041.1052 - Microsoft Enhanced Cryptographic Provider ? Microsoft Corporation. All rights reserved. -743f0000 : C:\WINDOWS\SYSTEM32\CRYPTSP.dll 10.0.19041.546 - Cryptographic Service Provider API ? Microsoft Corporation. All rights reserved. -74520000 : C:\WINDOWS\SYSTEM32\profapi.dll 10.0.19041.844 - User Profile Basic API ? Microsoft Corporation. All rights reserved. -74550000 : C:\WINDOWS\SYSTEM32\SspiCli.dll 10.0.19041.2130 - Security Support Provider Interface ? Microsoft Corporation. All rights reserved. -74580000 : C:\WINDOWS\SYSTEM32\WINNSI.DLL 10.0.19041.546 - Network Store Information RPC interface ? Microsoft Corporation. All rights reserved. -745d0000 : C:\WINDOWS\System32\fwpuclnt.dll 10.0.19041.1682 - FWP/IPsec 用户模式 API ? Microsoft Corporation. All rights reserved. -74630000 : C:\Windows\System32\rasadhlp.dll 10.0.19041.546 - Remote Access AutoDial Helper ? Microsoft Corporation. All rights reserved. -74640000 : C:\WINDOWS\SYSTEM32\CRYPTBASE.dll 10.0.19041.546 - Base cryptographic API DLL ? Microsoft Corporation. All rights reserved. -74650000 : C:\WINDOWS\System32\winrnr.dll 10.0.19041.546 - LDAP RnR Provider DLL ? Microsoft Corporation. All rights reserved. -74660000 : C:\WINDOWS\SYSTEM32\WINMM.dll 10.0.19041.546 - MCI API DLL ? Microsoft Corporation. All rights reserved. -74690000 : C:\WINDOWS\SYSTEM32\DNSAPI.dll 10.0.19041.2546 - DNS 客户端 API DLL ? Microsoft Corporation. All rights reserved. -74730000 : C:\WINDOWS\SYSTEM32\srvcli.dll 10.0.19041.1645 - Server Service Client DLL ? Microsoft Corporation. All rights reserved. -74750000 : C:\WINDOWS\system32\NLAapi.dll 10.0.19041.546 - Network Location Awareness 2 ? Microsoft Corporation. All rights reserved. -74770000 : C:\WINDOWS\SYSTEM32\netutils.dll 10.0.19041.1466 - Net Win32 API Helpers DLL ? Microsoft Corporation. All rights reserved. -74780000 : C:\WINDOWS\system32\wshbth.dll 10.0.19041.546 - Windows Sockets Helper DLL ? Microsoft Corporation. All rights reserved. -747b0000 : C:\WINDOWS\system32\pnrpnsp.dll 10.0.19041.546 - PNRP 命名空间提供程序 ? Microsoft Corporation. All rights reserved. -747d0000 : C:\WINDOWS\system32\napinsp.dll 10.0.19041.546 - 电子邮件命名填充提供程序 ? Microsoft Corporation. All rights reserved. -74860000 : C:\WINDOWS\SYSTEM32\kernel.appcore.dll 10.0.19041.546 - AppModel API Host ? Microsoft Corporation. All rights reserved. -74870000 : C:\WINDOWS\system32\mswsock.dll 10.0.19041.546 - Microsoft Windows Sockets 2.0 服务提供程序 ? Microsoft Corporation. All rights reserved. -748d0000 : C:\WINDOWS\SYSTEM32\UMPDC.dll -748e0000 : C:\WINDOWS\SYSTEM32\MSASN1.dll 10.0.19041.2251 - ASN.1 Runtime APIs ? Microsoft Corporation. All rights reserved. -749c0000 : C:\WINDOWS\SYSTEM32\USERENV.dll 10.0.19041.572 - Userenv ? Microsoft Corporation. All rights reserved. -749f0000 : C:\WINDOWS\SYSTEM32\Wldp.dll 10.0.19041.2546 - Windows 锁定策略 ? Microsoft Corporation. All rights reserved. -74a20000 : C:\WINDOWS\SYSTEM32\windows.storage.dll 10.0.19041.2311 - Microsoft WinRT Storage API ? Microsoft Corporation. All rights reserved. -75030000 : C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll 14.34.31931.0 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -75050000 : C:\WINDOWS\SYSTEM32\MSVCP140.dll 14.34.31931.0 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -75150000 : C:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9625_none_508ef7e4bcbbe589\MSVCR90.dll 9.0.30729.9625 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -75200000 : C:\WINDOWS\SYSTEM32\powrprof.dll 10.0.19041.546 - 电源配置文件帮助程序 DLL ? Microsoft Corporation. All rights reserved. -75250000 : C:\WINDOWS\SYSTEM32\ntmarta.dll 10.0.19041.546 - Windows NT MARTA 提供程序 ? Microsoft Corporation. All rights reserved. -75280000 : C:\WINDOWS\SYSTEM32\WSOCK32.dll 10.0.19041.1 - Windows Socket 32-Bit DLL ? Microsoft Corporation. All rights reserved. -75290000 : C:\WINDOWS\SYSTEM32\winhttp.dll 10.0.19041.2193 - Windows HTTP 服务 ? Microsoft Corporation. All rights reserved. -75360000 : C:\WINDOWS\SYSTEM32\iphlpapi.dll 10.0.19041.546 - IP 帮助程序 API ? Microsoft Corporation. All rights reserved. -753a0000 : C:\WINDOWS\System32\OLEAUT32.dll 10.0.19041.985 - OLEAUT32.DLL ? Microsoft Corporation. All rights reserved. -75440000 : C:\WINDOWS\System32\msvcp_win.dll 10.0.19041.789 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -75520000 : C:\WINDOWS\System32\shcore.dll 10.0.19041.1645 - SHCORE ? Microsoft Corporation. All rights reserved. -755b0000 : C:\WINDOWS\System32\SHELL32.dll 10.0.19041.2546 - Windows Shell 公用 DLL ? Microsoft Corporation. All rights reserved. -75b70000 : C:\WINDOWS\System32\WINTRUST.dll 10.0.19041.2546 - Microsoft Trust Verification APIs ? Microsoft Corporation. All rights reserved. -75bc0000 : C:\WINDOWS\System32\comdlg32.dll 10.0.19041.1806 - Common Dialogs DLL ? Microsoft Corporation. All rights reserved. -75c70000 : C:\WINDOWS\System32\GDI32.dll 10.0.19041.2130 - GDI Client DLL ? Microsoft Corporation. All rights reserved. -75ca0000 : C:\WINDOWS\System32\normaliz.dll 10.0.19041.546 - Unicode Normalization DLL ? Microsoft Corporation. All rights reserved. -75cb0000 : C:\WINDOWS\System32\bcryptPrimitives.dll 10.0.19041.2486 - Windows Cryptographic Primitives Library ? Microsoft Corporation. All rights reserved. -75d10000 : C:\WINDOWS\System32\clbcatq.dll 2001.12.10941.16384 - COM+ Configuration Catalog ? Microsoft Corporation. All rights reserved. -75d90000 : C:\WINDOWS\System32\NSI.dll 10.0.19041.610 - NSI User-mode interface DLL ? Microsoft Corporation. All rights reserved. -75da0000 : C:\WINDOWS\System32\MSCTF.dll 10.0.19041.2546 - MSCTF 服务器 DLL ? Microsoft Corporation. All rights reserved. -75e80000 : C:\WINDOWS\System32\IMM32.DLL 10.0.19041.2193 - Multi-User Windows IMM32 API Client DLL ? Microsoft Corporation. All rights reserved. -75eb0000 : C:\WINDOWS\System32\ole32.dll 10.0.19041.1202 - 用于 Windows 的 Microsoft OLE ? Microsoft Corporation. All rights reserved. -75fa0000 : C:\WINDOWS\System32\bcrypt.dll 10.0.19041.2486 - Windows 加密基元库 ? Microsoft Corporation. All rights reserved. -75fc0000 : C:\WINDOWS\System32\USER32.dll 10.0.19041.2604 - 多用户 Windows 用户 API 客户端 DLL ? Microsoft Corporation. All rights reserved. -76160000 : C:\WINDOWS\System32\CRYPT32.dll 10.0.19041.2486 - 加密 API32 ? Microsoft Corporation. All rights reserved. -76260000 : C:\WINDOWS\System32\imagehlp.dll 10.0.19041.1415 - Windows NT Image Helper ? Microsoft Corporation. All rights reserved. -76280000 : C:\WINDOWS\System32\sechost.dll 10.0.19041.1865 - Host for SCM/SDDL/LSA Lookup APIs ? Microsoft Corporation. All rights reserved. -76300000 : C:\WINDOWS\System32\msvcrt.dll 7.0.19041.546 - Windows NT CRT DLL ? Microsoft Corporation. All rights reserved. -763c0000 : C:\WINDOWS\System32\RPCRT4.dll 10.0.19041.2486 - 远程过程调用运行时 ? Microsoft Corporation. All rights reserved. -76480000 : C:\WINDOWS\System32\SHLWAPI.dll 10.0.19041.2075 - 外壳简易实用工具库 ? Microsoft Corporation. All rights reserved. -76530000 : C:\WINDOWS\System32\WS2_32.dll 10.0.19041.546 - Windows Socket 2.0 32 位 DLL ? Microsoft Corporation. All rights reserved. -767a0000 : C:\WINDOWS\System32\ADVAPI32.dll 10.0.19041.2130 - 高级 Windows 32 基本 API ? Microsoft Corporation. All rights reserved. -76820000 : C:\WINDOWS\System32\combase.dll 10.0.19041.2546 - 用于 Windows 的 Microsoft COM ? Microsoft Corporation. All rights reserved. -76ab0000 : C:\WINDOWS\System32\KERNEL32.DLL 10.0.19041.2546 - Windows NT 基本 API 客户端 DLL ? Microsoft Corporation. All rights reserved. -76ba0000 : C:\WINDOWS\System32\SETUPAPI.dll 10.0.19041.2193 - Windows 安装程序 API ? Microsoft Corporation. All rights reserved. -76fe0000 : C:\WINDOWS\System32\KERNELBASE.dll 10.0.19041.2604 - Windows NT 基本 API 客户端 DLL ? Microsoft Corporation. All rights reserved. -77260000 : C:\WINDOWS\System32\gdi32full.dll 10.0.19041.2604 - GDI Client DLL ? Microsoft Corporation. All rights reserved. -77350000 : C:\WINDOWS\System32\win32u.dll 10.0.19041.2604 - Win32u ? Microsoft Corporation. All rights reserved. -77370000 : C:\WINDOWS\System32\ucrtbase.dll 10.0.19041.789 - Microsoft? C Runtime Library ? Microsoft Corporation. All rights reserved. -77490000 : C:\WINDOWS\System32\cfgmgr32.dll 10.0.19041.1620 - Configuration Manager DLL ? Microsoft Corporation. All rights reserved. -774e0000 : C:\WINDOWS\SYSTEM32\ntdll.dll 10.0.19041.2364 - NT 层 DLL ? Microsoft Corporation. All rights reserved. Registers: EAX 00000000 EBX 06c0b538 ECX 06658360 EDX 00000040 ESI 0d9fb7a0 EDI 069b7b20 DS 002b ES 002b FS 0053 GS 002b SS/ESP/EBP 002b/0d9f9158/0d9f9218 CS/EIP 0023/06658374 EFlags 00210212 (Adjust,Interrupt,Restart,ID) Stack Dump: 0d9fb7a0 0d9f9218 06c0b538 06603c0f 0d9f91c0 0d9f9178 0660396f 0d9f91c0 0d9f919c 0d9f918c 06603523 0d9fb7a0 0660c045 06c0b538 069b7b20 0d9fb7a0 06626790 06626260 0d9f91ac 06602400 00000040 0d9f91c8 0660c281 06626870 065161d8 0d9f91dc 0000000a 00000008 0d9f91e0 06619326 065161d8 0d9f91dc 00000000 065161da 0661a8f3 00000000 00000040 00000040 00000000 00000009 06516180 00000000 06501b08 06601529 00000000 00000040 00000040 00000000 0d9f93c4 0661cff6 0d9f92ac 0d9f957c 00000091 00000000 00000000 00000000 00110000 00000002 72757a00 775d0065 00000091 00000000 00000000 0000000f CallStack Trace: 00 : 06658374/00007374 [0d9f92ac,0d9f957c,00000091,00000000] @ imgctl.dll (ResizeDIB->0x14) 01 : 0661cff6/0001bff6 [05b554f0,0d9f957c,0b8e8ba8,06b00000] @ imgctl_saori.dll (request->0xa56) 02 : 06897125/00076125 [0d9f96b0,0d9f9c34,0d9f95e0,775d7b19] @ akari.dll 03 : 0685f92b/0003e92b [0d9f9c24,0d9f9c34,06c0a2f8,06c27858] @ akari.dll 04 : 06850a47/0002fa47 [00000063,0d9f9c24,0d9f9c34,0d9fb7a0] @ akari.dll 05 : 0685a5a5/000395a5 [00000063,0d9f9c24,0d9f9c34,00001460] @ akari.dll 06 : 068a4f42/00083f42 [0d9f9f04,0000001e,0d9f9ebc,0d9f9c00] @ akari.dll (luaopen_akari->0x3c62) 07 : 068a77dc/000867dc [0000001e,00000029,00000000,06ac84e8] @ akari.dll (luaopen_akari->0x64fc) 08 : 068a8528/00087528 [0d9fa0eb,0ba54000,00000040,06ca2000] @ akari.dll (luaopen_akari->0x7248) 09 : 0685d085/0003c085 [00000155,06d80ea8,0d9fa5b8,0000001e] @ akari.dll 10 : 0685adb8/00039db8 [00000155,06d80ea8,00000000,00000000] @ akari.dll 11 : 0685aa59/00039a59 [00000155,0d9faa40,0d9faa50,00000034] @ akari.dll 12 : 068a4f42/00083f42 [0d9fad20,0000006e,0d9facd8,0d9faa00] @ akari.dll (luaopen_akari->0x3c62) 13 : 068a77dc/000867dc [0000006e,00000077,00000000,06ac84e8] @ akari.dll (luaopen_akari->0x64fc) 14 : 068a8528/00087528 [77567475,00000000,00000000,775674ba] @ akari.dll (luaopen_akari->0x7248) 15 : 0685d085/0003c085 [0000014c,06db8838,0d9fb3d4,0000006e] @ akari.dll 16 : 0685adb8/00039db8 [0000014c,06db8838,06889181,00000031] @ akari.dll 17 : 0685bc67/0003ac67 [0000014c,06db8838,06889367,06db0031] @ akari.dll 18 : 0685b01f/0003a01f [0000014c,06db8838,0dd50000,00000000] @ akari.dll 19 : 0685aa59/00039a59 [0000014c,0d9fbe08,0d9fbe18,00000034] @ akari.dll 20 : 068a4f42/00083f42 [0d9fc0e8,00000250,0d9fc0a0,0d9fbe00] @ akari.dll (luaopen_akari->0x3c62) 21 : 068a77dc/000867dc [00000250,00000253,00000000,06ac84e8] @ akari.dll (luaopen_akari->0x64fc) 22 : 068a8528/00087528 [775d7b19,00000400,00000040,00000000] @ akari.dll (luaopen_akari->0x7248) 23 : 0685d085/0003c085 [00000138,06db8890,0d9fcbc0,00000250] @ akari.dll 24 : 06889e32/00068e32 [0d9fc65c,00000138,0d9fcbc0,06db8890] @ akari.dll 25 : 06889c7a/00068c7a [00000138,06db8890,0000024f,00000253] @ akari.dll 26 : 0685cfd5/0003bfd5 [00000138,06db8890,0d9fcbc0,0000024e] @ akari.dll 27 : 0685adb8/00039db8 [00000138,06db8890,06889181,2c392c33] @ akari.dll 28 : 0685bc67/0003ac67 [00000138,06db8890,06889367,2c392c33] @ akari.dll 29 : 0685b01f/0003a01f [00000138,06db8890,3c889181,00392c33] @ akari.dll 30 : 0685b8fa/0003a8fa [00000138,06db8890,06889367,00392c33] @ akari.dll 31 : 0685b01f/0003a01f [00000138,06db8890,3c889181,0d9f0033] @ akari.dll 32 : 0685b8fa/0003a8fa [00000138,06db8890,06889367,06db0033] @ akari.dll 33 : 0685b01f/0003a01f [00000138,06db8890,0bbf0000,00000000] @ akari.dll 34 : 0685aa59/00039a59 [00000138,0d9fe14c,0d9fe15c,00000002] @ akari.dll 35 : 068a4f42/00083f42 [0d9fe42c,00000072,0d9fe3e4,0d9fe100] @ akari.dll (luaopen_akari->0x3c62) 36 : 068a77dc/000867dc [00000072,00000079,06c1df00,0d9fec08] @ akari.dll (luaopen_akari->0x64fc) 37 : 068a7025/00086025 [00000070,00000079,00000000,06ac84e8] @ akari.dll (luaopen_akari->0x5d45) 38 : 068a8528/00087528 [06b002c0,00000916,06dbf020,06b002c0] @ akari.dll (luaopen_akari->0x7248) 39 : 0685d085/0003c085 [000000f7,06db8680,0d9fede8,00000070] @ akari.dll 40 : 0685adb8/00039db8 [000000f7,06db8680,0d9fee0c,06855f00] @ akari.dll 41 : 0685aa59/00039a59 [000000f7,0d9ff270,0d9ff280,00000034] @ akari.dll 42 : 068a4f42/00083f42 [0d9ff550,0000003c,0d9ff508,0d9ff200] @ akari.dll (luaopen_akari->0x3c62) 43 : 068a77dc/000867dc [0000003c,0000003e,00000000,06ac84e8] @ akari.dll (luaopen_akari->0x64fc) 44 : 068a8528/00087528 [002e004c,004c0044,0000004c,0d9ff98c] @ akari.dll (luaopen_akari->0x7248) 45 : 0685d085/0003c085 [000000f3,06c70188,0d9ffc04,0000003c] @ akari.dll 46 : 0685adb8/00039db8 [000000f3,06c70188,0d9ffc28,06855f00] @ akari.dll 47 : 0685aa59/00039a59 [000000f3,0d9fff18,0d9ffebc,775674ba] @ akari.dll 48 : 0685e70d/0003d70d [06c34e70,069b7b20,069b7b20,06c0b538] @ akari.dll 49 : 069b7bd6/00196bd6 [06c5f1b0,76ad00e0,0d9fffdc,77547bbe] @ akari.dll (luaopen_akari->0x1168f6) 50 : 76ad00f9/000100f9 [06c0b538,e122f5d8,00000000,00000000] @ KERNEL32.DLL (BaseThreadInitThunk->0x19) 51 : 77547bbe/00066bbe [ffffffff,77568d0b,00000000,00000000] @ ntdll.dll (RtlGetAppContainerNamedObjectPath->0x11e) 52 : 77547b8e/00066b8e [069b7b20,06c0b538,00000000,0da15040] @ ntdll.dll (RtlGetAppContainerNamedObjectPath->0xee) Total StackDepth : 53