date/time : 2025-06-18, 09:51:39, 844ms

computer name : SEAME

user name : Administrator
operating system : Windows 10 x64 build 22631
system language : Chinese (Simplified)
system up time : 2 hours 29 minutes
program up time : 2 hours 28 minutes
processors : 12x AMD Ryzen 5 5600G with Radeon Graphics
physical memory : 8771/15761 MB (free/total)
free disk space : (C:) 84.57 GB (M:) 87.63 GB
display mode : 1920x1080, 32 bit
process id : $ce0
allocated memory : 1.76 GB
largest free block : 1.61 GB
executable : DreamMail.exe
exec. date/time : 2025-04-10 10:15
version : 6.7.1.8
compiled with : Delphi 10.4 Sydney
madExcept version : 5.1.1
callstack crc : $7eebc033, $45aa34e8, $fdc8f5c7
exception number : 2
exception class : EAccessViolation
exception message : Access violation at address 7EEBC033. Execution of address
7EEBC033.

main thread ($d94):

7eebc033 +000 ???
00411ba4 +010 DreamMail.exe System 70 +0 @IntfClear
0040e771 +17d DreamMail.exe System 70 +0 @FinalizeArray
0040e4ec +10c DreamMail.exe System 70 +0 @FinalizeRecord
0040a61c +01c DreamMail.exe System 70 +0 TObject.CleanupInstance
0040a50d +005 DreamMail.exe System 70 +0 TObject.FreeInstance
004b3a01 +019 DreamMail.exe madExcept InterceptClassDestroy
0069dfcd +169 DreamMail.exe Vcl.Forms TCustomForm.Destroy
0040a554 +008 DreamMail.exe System 70 +0 TObject.Free
006a3ff8 +000 DreamMail.exe Vcl.Forms TCustomForm.CMRelease
005beeca +2be DreamMail.exe Vcl.Controls TControl.WndProc
005c3d13 +693 DreamMail.exe Vcl.Controls TWinControl.WndProc
0069f697 +6db DreamMail.exe Vcl.Forms TCustomForm.WndProc
006a87a9 +76d DreamMail.exe Vcl.Forms TApplication.WndProc
009d4333 +007 DreamMail.exe cxControls 12535 +1
TcxWindowProcLinkedObject.DefaultProc
00c9c33a +0d6 DreamMail.exe dxBar 20008 +18 TdxBarManager.OwnerWindowProc
009d45c7 +007 DreamMail.exe cxControls 12646 +1
TcxWindowProcLinkedObjectList.WndProc
005c3260 +02c DreamMail.exe Vcl.Controls TWinControl.MainWndProc
004fb918 +014 DreamMail.exe System.Classes StdWndProc
7544271b +00b USER32.dll DispatchMessageW
006a908f +0f3 DreamMail.exe Vcl.Forms TApplication.ProcessMessage
006a90d2 +00a DreamMail.exe Vcl.Forms TApplication.HandleMessage
006a9409 +0c9 DreamMail.exe Vcl.Forms TApplication.Run
01f73961 +365 DreamMail.exe DreamMail 505 +96 initialization
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk

thread $317c: <priority:2>

754ab9dc +ec USER32.dll GetMessageA
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
72e756a5 +00 winmm.dll

thread $32e0 (TMailBoxUnreadUpdateThread): <priority:-2>

779d1574 +e4 ntdll.dll RtlDelayExecution
76f990a9 +49 KERNELBASE.dll SleepEx
76f9904a +0a KERNELBASE.dll Sleep
004f8da9 +01 DreamMail.exe System.Classes TThread.Sleep
013f3511 +41 DreamMail.exe uMailBoxUnread 640 +9
TMailBoxUnreadUpdateThread.Execute
004b3d3f +2b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +49 DreamMail.exe System.Classes ThreadProc
004f835c +ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +28 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
004f8388 +18 DreamMail.exe System.Classes TThread.Create

thread $3390 (TTableUpdateThread):

779d1574 +e4 ntdll.dll RtlDelayExecution
76f990a9 +49 KERNELBASE.dll SleepEx
76f9904a +0a KERNELBASE.dll Sleep
004f8da9 +01 DreamMail.exe System.Classes TThread.Sleep
011285d4 +34 DreamMail.exe uCyTable 1560 +8 TTableUpdateThread.Execute
004b3d3f +2b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +49 DreamMail.exe System.Classes ThreadProc
004f835c +ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +28 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $36c4 at:
004f8388 +18 DreamMail.exe System.Classes TThread.Create

thread $3394 (TTableUpdateThread):

779d1574 +e4 ntdll.dll RtlDelayExecution
76f990a9 +49 KERNELBASE.dll SleepEx
76f9904a +0a KERNELBASE.dll Sleep
004f8da9 +01 DreamMail.exe System.Classes TThread.Sleep
011285d4 +34 DreamMail.exe uCyTable 1560 +8 TTableUpdateThread.Execute
004b3d3f +2b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +49 DreamMail.exe System.Classes ThreadProc
004f835c +ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +28 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $36c4 at:
004f8388 +18 DreamMail.exe System.Classes TThread.Create

thread $33a0 (TTableUpdateThread):

779d1574 +e4 ntdll.dll RtlDelayExecution
76f990a9 +49 KERNELBASE.dll SleepEx
76f9904a +0a KERNELBASE.dll Sleep
004f8da9 +01 DreamMail.exe System.Classes TThread.Sleep
011285d4 +34 DreamMail.exe uCyTable 1560 +8 TTableUpdateThread.Execute
004b3d3f +2b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +49 DreamMail.exe System.Classes ThreadProc
004f835c +ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +28 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $36c4 at:
004f8388 +18 DreamMail.exe System.Classes TThread.Create

thread $33ac (TMailTrackingPushLogDetailThread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01ca58d1 +1e9 DreamMail.exe uMailTrackingPushThd 243 +49
TMailTrackingPushLogDetailThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $339c (TIdWebsocketMultiReadThread):

7675a50c +0bc WS2_32.dll select
01c8d04c +214 DreamMail.exe IdHTTPWebsocketClient 1496 +58
TIdWebsocketMultiReadThread.ReadFromAllChannels
01c8c596 +05a DreamMail.exe IdHTTPWebsocketClient 1271 +8
TIdWebsocketMultiReadThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $33ac (TMailTrackingPushLogDetailThread) at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $1ff4 (TIdWebsocketDispatchThread):

76fb8199 +189 KERNELBASE.dll WaitForMultipleObjectsEx
004eb27c +05c DreamMail.exe System.Classes TStringList.Grow
004eb77d +079 DreamMail.exe System.Classes TStringList.InsertItem
0040e4ec +10c DreamMail.exe System 70 +0 @FinalizeRecord
004b3a01 +019 DreamMail.exe madExcept InterceptClassDestroy
0040a545 +009 DreamMail.exe System 70 +0 TObject.Destroy
00412dc9 +039 DreamMail.exe System 70 +0
TInterfacedObject._Release
0059b80e +056 DreamMail.exe System.SyncObjs THandleObject.WaitFor
01c588f2 +062 DreamMail.exe IdIOHandlerWebsocket 1213 +6
TIdWebsocketQueueThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $339c (TIdWebsocketMultiReadThread) at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $10e4 (TTableUpdateThread):

779d1574 +e4 ntdll.dll RtlDelayExecution
76f990a9 +49 KERNELBASE.dll SleepEx
76f9904a +0a KERNELBASE.dll Sleep
004f8da9 +01 DreamMail.exe System.Classes TThread.Sleep
011285d4 +34 DreamMail.exe uCyTable 1560 +8 TTableUpdateThread.Execute
004b3d3f +2b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +49 DreamMail.exe System.Classes ThreadProc
004f835c +ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +28 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $10c0 at:
004f8388 +18 DreamMail.exe System.Classes TThread.Create

thread $1054 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $2f38 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $c08 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $2f38 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $3110 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $2f38 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $34f4 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $2f38 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $34c0 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $2f38 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $225c (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $2f38 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $1b50:
75442e8c +4c USER32.dll MsgWaitForMultipleObjectsEx
674be382 +32 DUser.dll GetMessageExA
7750857c +8c msvcrt.dll _endthreadex
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
7750845f +7f msvcrt.dll _beginthreadex

thread $1f94:
779b93fb +4b ntdll.dll KiUserCallbackDispatcher
75450a1a +2a USER32.dll GetMessageW
675b9948 +28 DUI70.dll StartMessagePump
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
67418f7b +00 msctfuimanager.dll

thread $2804 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $2f38 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $454c (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $4704 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $2238 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $4704 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $3b68:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $2814:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
thread $760:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $4068:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $23a4:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $d50:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $45bc:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $b1c:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $39bc:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $4134:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $391c:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $e44:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $1844 (TMailAutoReceiveControlThread):

779d1574 +e4 ntdll.dll RtlDelayExecution
76f990a9 +49 KERNELBASE.dll SleepEx
76f9904a +0a KERNELBASE.dll Sleep
004f8da9 +01 DreamMail.exe System.Classes TThread.Sleep
01deced7 +27 DreamMail.exe uMailAutoReceiveControlThread 47 +8
TMailAutoReceiveControlThread.Execute
0040c2c8 +28 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
004f8388 +18 DreamMail.exe System.Classes TThread.Create

thread $3ac0:
76fb8199 +189 KERNELBASE.dll WaitForMultipleObjectsEx
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $2814 at:
76b8a1be +000 combase.dll

thread $3090: <priority:-1>

76fb8199 +189 KERNELBASE.dll WaitForMultipleObjectsEx
7750857c +08c msvcrt.dll _endthreadex
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
7750845f +07f msvcrt.dll _beginthreadex

thread $3a28:
76fb7372 +82 KERNELBASE.dll WaitForSingleObjectEx
76fb72dd +0d KERNELBASE.dll WaitForSingleObject
7750857c +8c msvcrt.dll _endthreadex
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
7750845f +7f msvcrt.dll _beginthreadex

thread $45a8:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $1850:
779b93fb +4b ntdll.dll KiUserCallbackDispatcher
75450a1a +2a USER32.dll GetMessageW
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
6741f838 +00 msctfuimanager.dll

thread $3d10:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $421c:
75442e8c +4c USER32.dll
754528aa +1a USER32.dll
004b3c25 +0d DreamMail.exe
004b3c8a +32 DreamMail.exe
76667ba7 +17 KERNEL32.DLL
>> created by thread $1850 at:
640ad07a +00 directmanipulation.dll
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
madExcept CallThreadProcSafe
madExcept ThreadExceptFrame
BaseThreadInitThunk

thread $3a9c:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $3ba0 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $1844 (TMailAutoReceiveControlThread) at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

modules:
00400000 DreamMail.exe 6.7.1.8 M:\DreamMail6
09c30000 CoreMessaging.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
10000000 sqlite3.dll M:\DreamMail6\Sys
46350000 USP10.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
463d0000 globinputhost.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
46480000 security.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
591c0000 CoreUIComponents.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
59620000 hzpy.dll 6.0.0.1 M:\DreamMail6\Sys
596c0000 wmiutils.dll 10.0.22621.3672 C:\WINDOWS\system32\
wbem
5a830000 TextShaping.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
5a8d0000 ondemandconnroutehelper.dll 10.0.22621.3527 C:\WINDOWS\SYSTEM32
5a900000 msxml6.dll 6.30.22621.5262 C:\Windows\System32
5aaf0000 olepro32.dll 10.0.22621.3235 C:\WINDOWS\SYSTEM32
5ab10000 WindowsCodecs.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
5ac70000 FaultRep.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
5add0000 sxs.dll 10.0.22621.4830 C:\WINDOWS\SYSTEM32
5ae60000 wbemdisp.dll 10.0.22621.1 C:\WINDOWS\system32\
wbem
5b0f0000 ssleay32.dll 1.0.2.14 M:\DreamMail6\Sys
5bff0000 libeay32.dll 1.0.2.14 M:\DreamMail6\Sys
5d9d0000 Windows.Globalization.dll 10.0.22621.5262 C:\Windows\System32
5f310000 twinapi.appcore.dll 10.0.22621.5331 C:\WINDOWS\system32
5f510000 dataexchange.dll 10.0.22621.5262 C:\WINDOWS\system32
5f7a0000 mscms.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
61570000 Msftedit.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
61fe0000 directxdatabasehelper.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
62070000 DWrite.dll 10.0.22621.5262 C:\Windows\System32
622a0000 qingnse.dll 12.1.0.21541 D:\wps\WPS Office\
12.1.0.21541\office6
63ef0000 dcomp.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
640a0000 directmanipulation.dll 10.0.22621.5262 C:\WINDOWS\system32
66420000 UIAutomationCore.dll 7.2.22621.5262 C:\WINDOWS\SYSTEM32
667d0000 bcp47mrm.dll 10.0.22621.5262 C:\Windows\System32
66910000 wtdccm.dll C:\WINDOWS\SYSTEM32
66fc0000 p9np.dll 10.0.22621.5262 C:\WINDOWS\System32
66ff0000 drprov.dll 10.0.22621.1 C:\WINDOWS\System32
67000000 ntlanman.dll 10.0.22621.4249 C:\WINDOWS\System32
67020000 atlthunk.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
67030000 StructuredQuery.dll 7.0.22621.5262 C:\WINDOWS\System32
670c0000 xmllite.dll 10.0.22621.2506 C:\WINDOWS\system32
670f0000 OneCoreCommonProxyStub.dll 10.0.22621.5262 C:\Windows\System32
67140000 explorerframe.dll 10.0.22621.5331 C:\WINDOWS\system32
67340000 tiptsf.dll 10.0.22621.5262 C:\Program Files
(x86)\Common Files\microsoft shared\ink
673c0000 UIAnimation.dll 10.0.22621.1 C:\WINDOWS\System32
67400000 msctfuimanager.dll 10.0.22621.5262 C:\WINDOWS\system32
674b0000 DUser.dll 10.0.22621.4249 C:\WINDOWS\SYSTEM32
67530000 DUI70.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
67800000 c_g18030.dll 10.0.22621.1 C:\WINDOWS\system32
67c60000 mssprxy.dll 7.0.22621.5262 C:\WINDOWS\system32
67c70000 windows.staterepositoryclient.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
67ca0000 msls31.dll 3.10.349.0 C:\WINDOWS\SYSTEM32
67cd0000 RICHED20.DLL 5.31.23.1231 C:\WINDOWS\SYSTEM32
67d50000 vaultcli.dll 10.0.22621.3527 C:\Windows\System32
690c0000 windowsudk.shellcommon.dll 10.0.22621.5335 C:\WINDOWS\system32
694f0000 Windows.Storage.Search.dll 10.0.22621.5262 C:\WINDOWS\system32
695c0000 Windows.UI.dll 10.0.22621.5262 C:\Windows\System32
696e0000 Windows.UI.Immersive.dll 10.0.22621.5331 C:\Windows\System32
69810000 davclnt.dll 10.0.22621.1 C:\WINDOWS\System32
69830000 cscapi.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
69980000 DevDispItemProvider.dll 10.0.22621.2506 C:\Windows\System32
699a0000 LINKINFO.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
699c0000 d2d1.dll 10.0.22621.5262 C:\Windows\System32
69ee0000 msimtf.dll 10.0.22621.1 C:\WINDOWS\system32
69ef0000 jscript9.dll 11.0.22621.5331 C:\Windows\System32
6a2c0000 ieapfltr.dll 11.0.22621.3527 C:\Windows\System32
6a380000 mlang.dll 10.0.22621.1 C:\WINDOWS\system32
6a3c0000 srpapi.dll 10.0.22621.5262 C:\Windows\System32
6a3f0000 mshtml.dll 11.0.22621.5262 C:\Windows\System32
6b700000 msIso.dll 11.0.22621.5331 C:\WINDOWS\SYSTEM32
6b740000 policymanager.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6b7d0000 thumbcache.dll 10.0.22621.5262 C:\Windows\System32
6b830000 windows.staterepositorycore.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6b850000 msvcp110_win.dll 10.0.22621.1 C:\Windows\System32
6b8c0000 Windows.System.Launcher.dll 10.0.22621.5331 C:\Windows\System32
6b9b0000 ieframe.dll 11.0.22621.5262 C:\Windows\System32
6c010000 dxcore.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6c090000 twinapi.dll 10.0.22621.5331 C:\Windows\System32
6c170000 OneCoreUAPCommonProxyStub.dll 10.0.22621.5262 C:\Windows\System32
6c480000 NetworkExplorer.dll 10.0.22621.3527 C:\WINDOWS\system32
6c4a0000 apphelp.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6c650000 secur32.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
6c660000 dwmapi.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6c690000 dlnashext.dll 10.0.22621.5262 C:\Windows\System32
6c6e0000 PlayToDevice.dll 10.0.22621.1 C:\Windows\System32
6c990000 ActXPrxy.dll 10.0.22621.5262 C:\Windows\System32
6ca20000 ntshrui.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6cad0000 d3d11.dll 10.0.22621.5262 C:\Windows\System32
6d3d0000 dxgi.dll 10.0.22621.5331 C:\Windows\System32
6d860000 MMDevApi.dll 10.0.22621.5262 C:\WINDOWS\System32
6f0a0000 PortableDeviceApi.dll 10.0.22621.4974 C:\Windows\System32
6f130000 DPAPI.DLL 10.0.22621.1 C:\WINDOWS\SYSTEM32
6f140000 Bcp47Langs.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6f190000 textinputframework.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6f290000 COMCTL32.dll 6.10.22621.5262 C:\WINDOWS\WinSxS\
x86_microsoft.windows.common-
controls_6595b64144ccf1df_6.0.22621.5262_none_6ebff4ba87ff320e
6f4c0000 winspool.drv 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6f540000 oleacc.dll 7.2.22621.5262 C:\WINDOWS\SYSTEM32
6f5a0000 msimg32.dll 10.0.22621.2506 C:\WINDOWS\SYSTEM32
6f620000 uxtheme.dll 10.0.22621.5262 C:\WINDOWS\system32
6f7f0000 iertutil.dll 11.0.22621.5331 C:\WINDOWS\SYSTEM32
6fa30000 URLMON.DLL 11.0.22621.5331 C:\WINDOWS\SYSTEM32
6fdf0000 cldapi.dll 10.0.22621.2506 C:\Windows\System32
70100000 virtdisk.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
70120000 Windows.StateRepositoryPS.dll 10.0.22621.4036 C:\Windows\System32
70180000 srvcli.dll 10.0.22621.4249 C:\WINDOWS\SYSTEM32
701a0000 edputil.dll 10.0.22621.3527 C:\WINDOWS\SYSTEM32
701c0000 Windows.FileExplorer.Common.dll 10.0.22621.5331 C:\Windows\System32
70260000 propsys.dll 7.0.22621.5262 C:\WINDOWS\system32
70330000 gdiplus.dll 10.0.22621.5331 C:\WINDOWS\WinSxS\
x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.22621.5331_none_9fa7fd65e2944687
72140000 wkscli.dll 10.0.22621.4249 C:\WINDOWS\SYSTEM32
72160000 netapi32.dll 10.0.22621.2506 C:\WINDOWS\SYSTEM32
72180000 amsi.dll 10.0.22621.3527 C:\WINDOWS\SYSTEM32
72200000 Fwpuclnt.dll 10.0.22621.3235 C:\WINDOWS\SYSTEM32
72260000 fastprox.dll 10.0.22621.5262 C:\WINDOWS\system32\
wbem
72ba0000 netutils.dll 10.0.22621.2506 C:\WINDOWS\SYSTEM32
72d10000 wsock32.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
72d50000 profapi.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
72dd0000 WINNSI.DLL 10.0.22621.4746 C:\WINDOWS\SYSTEM32
72de0000 rasadhlp.dll 10.0.22621.1 C:\Windows\System32
72e50000 mpr.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
72e70000 winmm.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
73540000 DEVOBJ.dll 10.0.22621.2506 C:\WINDOWS\System32
73bb0000 wpdshext.dll 10.0.22621.5262 C:\WINDOWS\system32
73c60000 windows.storage.dll 10.0.22621.5331 C:\WINDOWS\SYSTEM32
74370000 nlansp_c.dll 10.0.22621.5331 C:\WINDOWS\system32
74390000 wshbth.dll 10.0.22621.5331 C:\WINDOWS\system32
743b0000 pnrpnsp.dll 10.0.22621.1 C:\WINDOWS\system32
743d0000 napinsp.dll 10.0.22621.1 C:\WINDOWS\system32
743f0000 WINSTA.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
74460000 powrprof.dll 10.0.22621.3958 C:\WINDOWS\SYSTEM32
744c0000 wininet.dll 11.0.22621.5262 C:\WINDOWS\SYSTEM32
74950000 mswsock.dll 10.0.22621.5335 C:\WINDOWS\system32
749b0000 CRYPTBASE.DLL 10.0.22621.4746 C:\WINDOWS\SYSTEM32
749d0000 winrnr.dll 10.0.22621.1 C:\WINDOWS\System32
749e0000 wbemcomn.dll 10.0.22621.2506 C:\WINDOWS\SYSTEM32
74a50000 kernel.appcore.dll 10.0.22621.3958 C:\WINDOWS\SYSTEM32
74a80000 rsaenh.dll 10.0.22621.5262 C:\WINDOWS\system32
74b00000 UMPDC.dll 10.0.22621.5124 C:\WINDOWS\SYSTEM32
74b10000 SSPICLI.DLL 10.0.22621.5192 C:\WINDOWS\SYSTEM32
74b40000 wbemsvc.dll 10.0.22621.3672 C:\WINDOWS\system32\
wbem
74b60000 wbemprox.dll 10.0.22621.3672 C:\WINDOWS\system32\
wbem
74b70000 ntmarta.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
74bb0000 CRYPTSP.dll 10.0.22621.5335 C:\WINDOWS\SYSTEM32
74bf0000 MSASN1.dll 10.0.22621.2506 C:\WINDOWS\SYSTEM32
74c30000 CFGMGR32.dll 10.0.22621.2506 C:\WINDOWS\SYSTEM32
74c80000 winhttp.dll 10.0.22621.4830 C:\WINDOWS\SYSTEM32
75250000 wtsapi32.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
75260000 USERENV.dll 10.0.22621.3527 C:\Windows\System32
752f0000 DNSAPI.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
753b0000 iphlpapi.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
75410000 version.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
75420000 USER32.dll 10.0.22621.5331 C:\WINDOWS\System32
755d0000 MSCTF.dll 10.0.22621.5331 C:\WINDOWS\System32
75740000 psapi.dll 10.0.22621.1 C:\WINDOWS\System32
75750000 CRYPT32.dll 10.0.22621.5262 C:\WINDOWS\System32
75860000 bcrypt.dll 10.0.22621.4746 C:\WINDOWS\System32
75d20000 comdlg32.dll 10.0.22621.5331 C:\WINDOWS\System32
75de0000 coml2.dll 10.0.22621.5262 C:\WINDOWS\System32
75e50000 SHELL32.dll 10.0.22621.5331 C:\WINDOWS\System32
76520000 sechost.dll 10.0.22621.5262 C:\WINDOWS\System32
765b0000 win32u.dll 10.0.22621.5185 C:\WINDOWS\System32
765d0000 msvcp_win.dll 10.0.22621.3374 C:\WINDOWS\System32
76650000 KERNEL32.DLL 10.0.22621.5262 C:\WINDOWS\System32
76740000 WS2_32.dll 10.0.22621.4746 C:\WINDOWS\System32
767a0000 ucrtbase.dll 10.0.22621.3593 C:\WINDOWS\System32
768c0000 RPCRT4.dll 10.0.22621.5124 C:\WINDOWS\System32
76980000 oleaut32.dll 10.0.22621.5262 C:\WINDOWS\System32
76a20000 gdi32full.dll 10.0.22621.5262 C:\WINDOWS\System32
76b10000 combase.dll 10.0.22621.5262 C:\WINDOWS\System32
76da0000 wintypes.dll 10.0.22621.5262 C:\WINDOWS\System32
76e70000 KERNELBASE.dll 10.0.22621.5331 C:\WINDOWS\System32
77110000 WINTRUST.dll 10.0.22621.5262 C:\WINDOWS\System32
77180000 bcryptPrimitives.dll 10.0.22621.4317 C:\WINDOWS\System32
771f0000 NSI.dll 10.0.22621.4746 C:\WINDOWS\System32
77200000 clbcatq.dll 2001.12.10941.16384 C:\WINDOWS\System32
77290000 ADVAPI32.DLL 10.0.22621.5192 C:\WINDOWS\System32
77310000 shcore.dll 10.0.22621.5331 C:\WINDOWS\System32
773f0000 Normaliz.dll 10.0.22621.1 C:\WINDOWS\System32
774a0000 msvcrt.dll 7.0.22621.2506 C:\WINDOWS\System32
77570000 ole32.dll 10.0.22621.5262 C:\WINDOWS\System32
776d0000 shlwapi.dll 10.0.22621.5262 C:\WINDOWS\System32
77730000 IMM32.DLL 10.0.22621.5185 C:\WINDOWS\System32
77780000 GDI32.dll 10.0.22621.5185 C:\WINDOWS\System32
77940000 ntdll.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
7c4d0000 MrmCoreR.dll 10.0.22621.5262 C:\Windows\System32
891d0000 d3d10warp.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
8ace0000 SETUPAPI.dll 10.0.22621.2506 C:\WINDOWS\System32

processes:
0000 Idle 0 0 0
0004 System 0 0 0
00a8 Registry 0 0 0
023c smss.exe 0 0 0
034c csrss.exe 0 0 0
03cc wininit.exe 0 0 0
03d8 csrss.exe 1 0 0
0324 services.exe 0 0 0
0350 winlogon.exe 1 0 0
0420 lsass.exe 0 0 0
04b4 svchost.exe 0 0 0
04d0 fontdrvhost.exe 1 0 0
04d4 fontdrvhost.exe 0 0 0
04e0 WUDFHost.exe 0 0 0
0568 svchost.exe 0 0 0
0594 svchost.exe 0 0 0
0620 svchost.exe 0 0 0
063c svchost.exe 0 0 0
0644 svchost.exe 0 0 0
067c svchost.exe 0 0 0
06a4 svchost.exe 0 0 0
06f8 svchost.exe 0 0 0
0704 svchost.exe 0 0 0
0754 dwm.exe 1 0 0
0780 amdfendrsr.exe 0 0 0
0788 svchost.exe 0 0 0
0790 atiesrxx.exe 0 0 0
05f0 svchost.exe 0 0 0
0804 svchost.exe 0 0 0
0838 svchost.exe 0 0 0
0840 svchost.exe 0 0 0
084c svchost.exe 0 0 0
0854 atieclxx.exe 1 0 0
08b4 svchost.exe 0 0 0
08e4 svchost.exe 0 0 0
08fc Memory Compression 0 0 0
0934 svchost.exe 0 0 0
0954 svchost.exe 0 0 0
095c svchost.exe 0 0 0
0a3c svchost.exe 0 0 0
0aa0 svchost.exe 0 0 0
0b40 svchost.exe 0 0 0
0b90 svchost.exe 0 0 0
0be4 svchost.exe 0 0 0
08a0 svchost.exe 0 0 0
073c svchost.exe 0 0 0
0c2c svchost.exe 0 0 0
0c68 svchost.exe 0 0 0
0c70 svchost.exe 0 0 0
0cb4 svchost.exe 0 0 0
0d1c spoolsv.exe 0 0 0
0d7c svchost.exe 0 0 0
0db8 svchost.exe 0 0 0
0f00 svchost.exe 0 0 0
0f08 svchost.exe 0 0 0
0f10 ahs_service.exe 0 0 0
0f18 svchost.exe 0 0 0
0f24 D4Ser_ICBC.exe 0 0 0
0f2c svchost.exe 0 0 0
0f34 svchost.exe 0 0 0
0f3c svchost.exe 0 0 0
0f44 LISFService.exe 0 0 0
0f4c HDZB_USBKEY_2G_CEP_DevServer.exe 0 0 0
0f54 svchost.exe 0 0 0
0f5c sssync.exe 0 0 0
0f64 vmnetdhcp.exe 0 0 0
0f70 HGBOT_x64.exe 0 0 0
0f78 LenovoServiceAS.exe 0 0 0
0f88 WDDrvRpr_Share.exe 0 0 0
0f94 svchost.exe 0 0 0
0f9c svchost.exe 0 0 0
0fa4 IcbcDaemon_64.exe 0 0 0
0fac WmiApSrv.exe 0 0 0
0fb4 UBankService.exe 0 0 0
0fc4 WDTokenServerHaiGuan.exe 0 0 0
0fd0 svchost.exe 0 0 0
0fd8 vmnat.exe 0 0 0
0fe4 OfficeClickToRun.exe 0 0 0
0c24 svchost.exe 0 0 0
1024 svchost.exe 0 0 0
103c svchost.exe 0 0 0
10a8 D4Ser_ICBC.exe 0 0 0
1198 svchost.exe 0 0 0
123c LenovoPcManagerService.exe 0 0 0
1258 clash-verge-service.exe 0 0 0
1268 vmware-authd.exe 0 0 0
1280 vmware-usbarbitrator64.exe 0 0 0
12d8 dasHost.exe 0 0 0
13dc svchost.exe 0 0 0
1470 svchost.exe 0 0 0
14d8 Locator.exe 0 0 0
1668 CnEport.Pub.WinService.exe 0 0 0
1698 svchost.exe 0 0 0
1804 svchost.exe 0 0 0
182c svchost.exe 0 0 0
1924 MSPCManagerService.exe 0 0 0
19dc SearchIndexer.exe 0 0 0
1a7c AggregatorHost.exe 0 0 0
1d8c sihost.exe 1 0 8 normal C:\Windows\System32
1db4 svchost.exe 1 0 1 normal C:\Windows\System32
1dd0 svchost.exe 1 0 1 normal C:\Windows\System32
1df4 svchost.exe 1 0 4 normal C:\Windows\System32
1e9c svchost.exe 0 0 0
1cc8 svchost.exe 0 0 0
199c taskhostw.exe 1 8 6 normal C:\Windows\System32
1f20 explorer.exe 1 390 557 normal C:\Windows
2090 svchost.exe 0 0 0
216c LockScreenMain.exe 0 0 0
2184 svchost.exe 0 0 0
23f4 svchost.exe 1 0 12 normal C:\Windows\System32
21b8 LenovoInternetSoftwareFramework.exe 1 0 0
232c Lsf.exe 1 0 0
1e70 LnvSvcFdn.exe 0 0 0
23e0 LenovoTray.exe 1 0 0
2280 crashpad_handler.exe 1 0 0
215c SearchHost.exe 1 14 91 normal C:\Windows\
SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy
2150 StartMenuExperienceHost.exe 1 0 14 normal C:\Windows\
SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy
24d8 LAVService.exe 0 0 0
2538 RuntimeBroker.exe 1 41 8 normal C:\Windows\System32
2564 Widgets.exe 1 0 4 normal C:\Program Files\
WindowsApps\MicrosoftWindows.Client.WebExperience_525.5100.40.0_x64__cw5n1h2txyewy\
Dashboard
2584 svchost.exe 1 0 1 normal C:\Windows\System32
2678 RuntimeBroker.exe 1 0 5 normal C:\Windows\System32
26a4 svchost.exe 0 0 0
29a8 dllhost.exe 1 0 3 normal C:\Windows\System32
2ac8 ctfmon.exe 1 0 0
28d8 ChsIME.exe 1 0 0
2920 TextInputHost.exe 1 12 112 high C:\Windows\
SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy
26d8 PhoneExperienceHost.exe 1 0 15 normal C:\Program Files\
WindowsApps\Microsoft.YourPhone_1.25031.60.0_x64__8wekyb3d8bbwe
2d60 crashpad_handler.exe 0 0 0
2ea4 CnEport.Pub.WebSocketServer.exe 1 38 35 normal D:\中国电子口岸客户端控件
2f28 svchost.exe 0 0 0
2f88 SecurityHealthSystray.exe 1 7 5 normal C:\Windows\System32
2f9c SecurityHealthService.exe 0 0 0
2fc4 wsctrl11.exe 0 0 0
2e1c svchost.exe 0 0 0
0ce0 DreamMail.exe 1 796 749 normal M:\DreamMail6
1760 usysdiag.exe 0 0 0
2c08 svchost.exe 0 0 0
0660 WXWork.exe 1 205 123 normal D:\企业微信\WXWork
0968 WeChat.exe 1 140 100 normal D:\企业微信\WeChat
1034 RadeonSoftware.exe 1 34 71 normal C:\Program Files\
WindowsApps\AdvancedMicroDevicesInc-
2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware
14ac RRMSVR.exe 1 0 4 normal C:\Program Files
(x86)\ICBCEbankTools\Gemplus\GemSafe Libraries\BIN
3250 cncmd.exe 1 0 1 normal C:\Program Files\
WindowsApps\AdvancedMicroDevicesInc-
2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware
3320 AMDRSServ.exe 1 3 9 normal C:\Program Files\
WindowsApps\AdvancedMicroDevicesInc-
2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware
2c24 svchost.exe 0 0 0
1864 mmcrashpad_handler64.exe 1 0 4 normal D:\企业微信\WeChat\
[3.9.12.51]
2c90 WeChatAppEx.exe 1 19 62 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
0a68 WeChatAppEx.exe 1 0 4 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
20b4 WeChatAppEx.exe 1 0 1 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
0650 WeChatAppEx.exe 1 13 26 above normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
0570 svchost.exe 0 0 0
1da4 WXWorkWeb.exe 1 13 56 normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
1dc4 WeMail.exe 1 40 45 normal D:\企业微信\WXWork\
4.1.22.8031\wemail
1e1c WeMailNode.exe 1 0 1 normal D:\企业微信\WXWork\
4.1.22.8031
2690 WXWorkWeb.exe 1 0 4 normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
2004 WXWorkWeb.exe 1 11 16 above normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
18fc WXDrive.exe 1 0 1 normal D:\企业微信\WXWork\
4.1.22.8031
1814 WXWorkWeb.exe 1 0 0 normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
2f3c WXWorkWeb.exe 1 0 2 normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
2654 FlutterPlugins.exe 1 9 56 normal D:\企业微信\WXWork\
4.1.22.8031\FlutterPlugins
359c WXWorkWeb.exe 1 0 0 normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
35f8 WXWorkWeb.exe 1 0 0 normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
3600 WXWorkWeb.exe 1 0 0 normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
0dac svchost.exe 1 0 1 normal C:\Windows\System32
2f34 svchost.exe 0 0 0
2ebc svchost.exe 0 0 0
336c svchost.exe 0 0 0
3438 svchost.exe 0 0 0
1c70 svchost.exe 0 0 0
2f00 SystemSettings.exe 1 11 48 normal C:\Windows\
ImmersiveControlPanel
0928 ApplicationFrameHost.exe 1 17 12 normal C:\Windows\System32
0ac4 ShellExperienceHost.exe 1 13 52 normal C:\Windows\
SystemApps\ShellExperienceHost_cw5n1h2txyewy
10dc svchost.exe 1 0 3 normal C:\Windows\System32
2a1c AMDRSSrcExt.exe 1 6 12 normal C:\Program Files\
WindowsApps\AdvancedMicroDevicesInc-
2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware
2cfc QtWebEngineProcess.exe 1 0 1 normal C:\Program Files\
WindowsApps\AdvancedMicroDevicesInc-
2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware
0a8c svchost.exe 0 0 0
1dac svchost.exe 0 0 0
12a8 MailPreview.exe 1 59 66 normal M:\DreamMail6\Sys
1c58 LeAppOM.exe 1 0 0
3138 wpscloudsvr.exe 1 5 100 normal D:\wps\WPS Office\
12.1.0.21541\office6
1c18 wps.exe 1 5 30 normal D:\wps\WPS Office\
12.1.0.21541\office6
03c4 promecefpluginhost.exe 1 1 1 above normal D:\wps\WPS Office\
12.1.0.21541\office6
19d8 promecefpluginhost.exe 1 0 13 normal D:\wps\WPS Office\
12.1.0.21541\office6
1ec8 WeChatPlayer.exe 1 0 1 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\ThumbPlayer\4073\
extracted
2270 WeChatUtility.exe 1 0 1 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\WeChatUtility\8091\
extracted
1350 WeChatAppEx.exe 1 0 0 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
12a0 WeChatAppEx.exe 1 0 1 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
0974 WeChatOCR.exe 1 0 1 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\WeChatOCR\7079\
extracted
2eb0 WeChatAppEx.exe 1 0 0 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
1e80 WidgetService.exe 1 0 5 normal C:\Program Files\
WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.8.0_x64__8wekyb3d8bbwe\
WidgetService
0d6c Clash for Windows.exe 1 20 52 normal D:\
Clash.for.Windows-0.20.16-ikuuu\Clash.for.Windows-0.20.16-ikuuu
32a0 Clash for Windows.exe 1 4 2 above normal D:\
Clash.for.Windows-0.20.16-ikuuu\Clash.for.Windows-0.20.16-ikuuu
27f4 Clash for Windows.exe 1 0 1 normal D:\
Clash.for.Windows-0.20.16-ikuuu\Clash.for.Windows-0.20.16-ikuuu
0b28 Clash for Windows.exe 1 0 1 idle D:\
Clash.for.Windows-0.20.16-ikuuu\Clash.for.Windows-0.20.16-ikuuu
15ac WeChatAppEx.exe 1 0 0 idle C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
211c clash-win64.exe 1 0 0 normal D:\
Clash.for.Windows-0.20.16-ikuuu\Clash.for.Windows-0.20.16-ikuuu\resources\static\
files\win\x64
18d4 conhost.exe 1 0 1 normal C:\Windows\System32
1d54 WeChatAppEx.exe 1 0 0 idle C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
3a30 RuntimeBroker.exe 1 4 3 normal C:\Windows\System32
4190 D4Svr_ICBC.exe 1 0 0
3c68 msedge.exe 1 2 26 normal C:\Program Files
(x86)\Microsoft\Edge\Application
4344 msedge.exe 1 0 3 normal C:\Program Files
(x86)\Microsoft\Edge\Application
064c msedge.exe 1 1 4 above normal C:\Program Files
(x86)\Microsoft\Edge\Application
38e8 msedge.exe 1 0 5 normal C:\Program Files
(x86)\Microsoft\Edge\Application
2d8c msedge.exe 1 0 0 normal C:\Program Files
(x86)\Microsoft\Edge\Application
4600 msedge.exe 1 0 0 normal C:\Program Files
(x86)\Microsoft\Edge\Application
2c0c msedge.exe 1 0 0 idle C:\Program Files
(x86)\Microsoft\Edge\Application
1ca8 msedge.exe 1 0 0 idle C:\Program Files
(x86)\Microsoft\Edge\Application
463c WXWorkWeb.exe 1 0 0 normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
1cf8 WXWorkWeb.exe 1 0 0 idle D:\企业微信\WXWork\
4.1.22.8031\updated_web
3914 svchost.exe 0 0 0
2e84 WeChatAppEx.exe 1 0 0 idle C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
3fdc svchost.exe 1 0 1 normal C:\Windows\System32
3314 svchost.exe 0 0 0

hardware:
+ {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
- Fax
- Microsoft Print to PDF
- Microsoft XPS Document Writer
- OneNote (Desktop)
- 导出为 WPS PDF
- 根打印队列
+ {36fc9e60-c465-11cf-8056-444553540000}
- AMD USB 3.10 可扩展主机控制器 - 1.10 (Microsoft)
- AMD USB 3.10 可扩展主机控制器 - 1.10 (Microsoft)
- AMD USB 3.10 可扩展主机控制器 - 1.10 (Microsoft)
- USB Composite Device
- USB 根集线器(USB 3.0)
- USB 根集线器(USB 3.0)
- USB 根集线器(USB 3.0)
- 通用 USB 集线器
+ {4d36e966-e325-11ce-bfc1-08002be10318}
- BIOSTAR Group A520MS
- 基于 ACPI x64 的电脑
+ {4d36e967-e325-11ce-bfc1-08002be10318}
- Great Wall GW600 128GB
- SAMSUNG MZNLH256HAJD-00000
- WDC WD5000AAKX-08U6AA0
+ {4d36e968-e325-11ce-bfc1-08002be10318}
- AMD Radeon(TM) Graphics (driver 30.0.13014.8)
- OrayIddDriver Device (driver 17.1.58.818)
+ {4d36e96a-e325-11ce-bfc1-08002be10318}
- 标准 SATA AHCI 控制器
- 标准 SATA AHCI 控制器
+ {4d36e96b-e325-11ce-bfc1-08002be10318}
- HID Keyboard Device
- HID Keyboard Device
- Virtual Keyboard (driver 16.30.22.349)
+ {4d36e96c-e325-11ce-bfc1-08002be10318}
- AMD High Definition Audio Device (driver 10.0.1.21)
- Realtek High Definition Audio (driver 6.0.8988.1)
+ {4d36e96e-e325-11ce-bfc1-08002be10318}
- Generic Monitor (22B2WG5)
- Generic Monitor (F22B20F)
+ {4d36e96f-e325-11ce-bfc1-08002be10318}
- HID-compliant mouse
- Virtual Mouse (driver 16.30.26.320)
+ {4d36e972-e325-11ce-bfc1-08002be10318}
 - Microsoft Kernel Debug Network Adapter
- Realtek PCIe GbE Family Controller (driver 1168.11.1206.2022)
- VMware Virtual Ethernet Adapter for VMnet1 (driver 14.0.0.8)
- VMware Virtual Ethernet Adapter for VMnet8 (driver 14.0.0.8)
- WAN Miniport (IKEv2)
- WAN Miniport (IP)
- WAN Miniport (IPv6)
- WAN Miniport (L2TP)
- WAN Miniport (Network Monitor)
- WAN Miniport (PPPOE)
- WAN Miniport (PPTP)
- WAN Miniport (SSTP)
+ {4d36e978-e325-11ce-bfc1-08002be10318}
- 通信端口 (COM1)
+ {4d36e97b-e325-11ce-bfc1-08002be10318}
- Microsoft 存储空间控制器
+ {4d36e97d-e325-11ce-bfc1-08002be10318}
- ACPI 固定功能按钮
- ACPI 处理器容器设备
- ACPI 热区域
- ACPI 电源按钮
- AMD Crash Defender (driver 21.30.0.100)
- AMD GPIO Controller (driver 2.2.0.121)
- AMD GPIO Controller (driver 2.0.1.0)
- AMD Link Controller Emulation (driver 21.40.0.6)
- AMD SMBus (driver 5.12.0.38)
- High Definition Audio Bus (driver 21.30.0.1000)
- High Definition Audio 控制器
- Microsoft ACPI-Compliant System
- Microsoft Hyper-V 虚拟化基础结构驱动程序
- Microsoft System Management BIOS Driver
- Microsoft UEFI 兼容系统
- Microsoft Windows Management Interface for ACPI
- Microsoft 基本呈现驱动程序
- Microsoft 基本显示驱动程序
- Microsoft 虚拟驱动器枚举器
- NDIS 虚拟网络适配器枚举器
- Oray Virtual Game Controller (driver 1.0.0.0)
- OrayUSBVHCI (driver 1.0.0.0)
- PCI Express 根复合体
- PCI 到 PCI 桥
- PCI 到 PCI 桥
- PCI 到 PCI 桥
- PCI 到 PCI 桥
- PCI 到 PCI 桥
- PCI 标准 ISA 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- Scp Virtual Bus Driver (driver 16.30.16.687)
 - UMBus Root Bus Enumerator
- VMware VMCI Host Device (driver 9.8.18.0)
- VMware VMCI Host Device (driver 9.8.18.0)
- 即插即用软件设备枚举器
- 卷管理器
- 可编程中断控制器
- 复合总线枚举器
- 母板资源
- 母板资源
- 母板资源
- 母板资源
- 母板资源
- 母板资源
- 直接内存访问控制器
- 系统 CMOS/实时时钟
- 系统扬声器
- 系统板
- 系统计时器
- 远程桌面设备重定向程序总线
- 高精度事件计时器
+ {50127dc3-0f36-415e-a6cc-4cb3be910b65}
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
+ {5c4c3332-344d-483c-8739-259e934c9cc8}
- AMD-UWP Version Control (driver 29.2130.0.0)
+ {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
- Microsoft Device Association Root Enumerator
- Microsoft GS 波表合成器
- Microsoft Passport Container Enumeration Bus
- Microsoft Radio Device Enumeration Bus
- Microsoft RRAS Root Enumerator
- Smart Card Device Enumeration Bus
+ {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
- USB 输入设备
- USB 输入设备
- USB 输入设备
- 符合 HID 标准的供应商定义设备
- 符合 HID 标准的用户控制设备
- 符合 HID 标准的系统控制器
+ {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
- 1 - 22B2WG5 (AMD High Definition Audio Device)
+ {d94ee5d8-d189-4994-83d2-f68d7d41b0e6}
- AMD PSP 10.0 Device (driver 5.17.0.0)
- 受信任的平台模块 2.0
+ {f2e7dd72-6468-4e36-b6f1-6488f42c1b52}
- 系统固件

cpu registers:
eax = 0061004d
ebx = 4f996a74
ecx = 013c57df
edx = 60fa18e0
esi = 01eda798
edi = 4f9964d0
eip = 7eebc033
esp = 0019fa30
ebp = 0019fa6c

stack dump:
0019fa30 a7 1b 41 00 e0 18 fa 60 - 74 6a 99 4f 76 e7 40 00 ..A....`tj.Ov.@.
0019fa40 74 fa 19 00 cb ba 40 00 - 6c fa 19 00 d0 64 99 4f [email protected]
0019fa50 98 a7 ed 01 d0 64 99 4f - 04 00 00 00 df 57 3c 01 .....d.O.....W<.
0019fa60 00 00 00 00 d0 57 3c 01 - 74 6a 99 4f 9c fa 19 00 .....W<.tj.O....
0019fa70 f1 e4 40 00 74 fc 19 00 - cb ba 40 00 9c fa 19 00 [email protected].....@.....
0019fa80 d0 64 99 4f 98 a7 ed 01 - d0 64 99 4f b4 fa 19 00 .d.O.....d.O....
0019fa90 00 00 00 00 d4 9f e0 01 - d0 64 99 4f e4 fa 19 00 .........d.O....
0019faa0 21 a6 40 00 21 b0 00 00 - d0 64 99 4f d0 64 99 4f !.@.!....d.O.d.O
0019fab0 12 a5 40 00 d0 64 99 4f - 04 3a 4b 00 04 fd 19 00 [email protected].:K.....
0019fac0 d2 df 69 00 98 68 99 4f - 94 68 99 4f 70 68 99 4f ..i..h.O.h.Oph.O
0019fad0 64 68 99 4f b8 67 99 4f - b0 67 99 4f 4b 00 00 01 dh.O.g.O.g.OK...
0019fae0 d0 64 99 4f 18 fc 19 00 - 57 a5 40 00 fd 3f 6a 00 .d.O....W.@..?j.
0019faf0 cd ee 5b 00 21 b0 00 00 - 28 fd c0 6d 04 fd 19 00 ..[.!...(..m....
0019fb00 01 00 00 00 cc 12 40 00 - 48 82 ae 8b 3c fb 19 00 [email protected]...<...
0019fb10 f1 e4 40 00 44 fb 19 00 - 04 e5 40 00 3c fb 19 00 [email protected].....@.<...
0019fb20 70 d0 9c 8f 00 00 00 00 - 48 82 ae 8b 7f c3 40 00 p.......H.....@.
0019fb30 00 00 00 00 7f 13 4c 00 - 48 82 ae 8b 70 fb 19 00 ......L.H...p...
0019fb40 6c e7 40 00 d4 fb 19 00 - a6 e7 40 00 70 fb 19 00 l.@[email protected]...
0019fb50 7c d0 9c 8f c2 74 40 00 - 9e c4 40 00 14 ee 4b 00 |....t@[email protected].
0019fb60 7c d0 9c 8f 5a e6 40 00 - 70 d0 9c 8f 98 fb 19 00 |[email protected].......

disassembling:
[...]
00411b98 jz loc_411ba8
00411b9a mov dword ptr [eax], 0
00411ba0 push eax
00411ba1 push edx
00411ba2 mov eax, [edx]
00411ba4 > call dword ptr [eax+8]
00411ba7 pop eax
00411ba8 ret

date/time : 2025-06-18, 18:37:15, 307ms

computer name : SEAME
user name : Administrator
operating system : Windows 10 x64 build 22631
system language : Chinese (Simplified)
system up time : 11 hours 14 minutes
program up time : 11 hours 14 minutes
processors : 12x AMD Ryzen 5 5600G with Radeon Graphics
physical memory : 9009/15761 MB (free/total)
free disk space : (C:) 88.45 GB (M:) 87.63 GB
display mode : 1920x1080, 32 bit
process id : $ce0
allocated memory : 1.78 GB
largest free block : 1.59 GB
executable : DreamMail.exe
exec. date/time : 2025-04-10 10:15
version : 6.7.1.8
compiled with : Delphi 10.4 Sydney
madExcept version : 5.1.1
callstack crc : $779ac2ef, $27c364ac, $dc100224
exception number : 3
exception class : EExternalException
exception message : External exception 80000003.

thread $48d4 (TMailAutoSendControlThread):

779ac2ef +00 ntdll.dll
>> created by main thread ($d94) at:
004f8388 +18 DreamMail.exe System.Classes TThread.Create

thread $48d4 (TMailAutoSendControlThread), inner exception level 1:

>> EAccessViolation, Access violation at address 8A975AA0. Execution of address
8A975AA0
8a975aa0 +00 ???
0040c2c8 +28 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
004f8388 +18 DreamMail.exe System.Classes TThread.Create

thread $48d4 (TMailAutoSendControlThread), inner exception level 2:

>> EAccessViolation, Access violation at address 5D7CFFCC. Execution of address
5D7CFFCC
5d7cffcc +00 ???
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
004f8388 +18 DreamMail.exe System.Classes TThread.Create

main thread ($d94):

006a9dd1 +149 DreamMail.exe
006a90df +017 DreamMail.exe
006a9409 +0c9 DreamMail.exe
01f73961 +365 DreamMail.exe
76667ba7 +017 KERNEL32.DLL
Vcl.Forms TApplication.Idle
Vcl.Forms TApplication.HandleMessage
Vcl.Forms TApplication.Run
DreamMail 505 +96 initialization
BaseThreadInitThunk

thread $317c: <priority:2>

754ab9dc +ec USER32.dll GetMessageA
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
72e756a5 +00 winmm.dll

thread $32e0 (TMailBoxUnreadUpdateThread): <priority:-2>

779d1574 +e4 ntdll.dll RtlDelayExecution
76f990a9 +49 KERNELBASE.dll SleepEx
76f9904a +0a KERNELBASE.dll Sleep
004f8da9 +01 DreamMail.exe System.Classes TThread.Sleep
013f3511 +41 DreamMail.exe uMailBoxUnread 640 +9
TMailBoxUnreadUpdateThread.Execute
004b3d3f +2b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +49 DreamMail.exe System.Classes ThreadProc
004f835c +ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +28 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
004f8388 +18 DreamMail.exe System.Classes TThread.Create

thread $3390 (TTableUpdateThread):

779d1574 +e4 ntdll.dll RtlDelayExecution
76f990a9 +49 KERNELBASE.dll SleepEx
76f9904a +0a KERNELBASE.dll Sleep
004f8da9 +01 DreamMail.exe System.Classes TThread.Sleep
011285d4 +34 DreamMail.exe uCyTable 1560 +8 TTableUpdateThread.Execute
004b3d3f +2b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +49 DreamMail.exe System.Classes ThreadProc
004f835c +ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +28 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $36c4 at:
004f8388 +18 DreamMail.exe System.Classes TThread.Create

thread $3394 (TTableUpdateThread):

779d1574 +e4 ntdll.dll RtlDelayExecution
76f990a9 +49 KERNELBASE.dll SleepEx
76f9904a +0a KERNELBASE.dll Sleep
004f8da9 +01 DreamMail.exe System.Classes TThread.Sleep
011285d4 +34 DreamMail.exe uCyTable 1560 +8 TTableUpdateThread.Execute
004b3d3f +2b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +49 DreamMail.exe System.Classes ThreadProc
004f835c +ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +28 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $36c4 at:
004f8388 +18 DreamMail.exe System.Classes TThread.Create

thread $33a0 (TTableUpdateThread):

779d1574 +e4 ntdll.dll RtlDelayExecution
76f990a9 +49 KERNELBASE.dll SleepEx
76f9904a +0a KERNELBASE.dll Sleep
004f8da9 +01 DreamMail.exe System.Classes TThread.Sleep
011285d4 +34 DreamMail.exe uCyTable 1560 +8 TTableUpdateThread.Execute
004b3d3f +2b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +49 DreamMail.exe System.Classes ThreadProc
004f835c +ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +28 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $36c4 at:
004f8388 +18 DreamMail.exe System.Classes TThread.Create

thread $33ac (TMailTrackingPushLogDetailThread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01ca58d1 +1e9 DreamMail.exe uMailTrackingPushThd 243 +49
TMailTrackingPushLogDetailThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $339c (TIdWebsocketMultiReadThread):

7675a50c +0bc WS2_32.dll select
01c8d04c +214 DreamMail.exe IdHTTPWebsocketClient 1496 +58
TIdWebsocketMultiReadThread.ReadFromAllChannels
01c8c596 +05a DreamMail.exe IdHTTPWebsocketClient 1271 +8
TIdWebsocketMultiReadThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $33ac (TMailTrackingPushLogDetailThread) at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $1ff4 (TIdWebsocketDispatchThread):

76fb8199 +189 KERNELBASE.dll WaitForMultipleObjectsEx
004eb27c +05c DreamMail.exe System.Classes TStringList.Grow
004eb77d +079 DreamMail.exe System.Classes TStringList.InsertItem
0040e4ec +10c DreamMail.exe System 70 +0 @FinalizeRecord
004b3a01 +019 DreamMail.exe madExcept InterceptClassDestroy
0040a545 +009 DreamMail.exe System 70 +0 TObject.Destroy
00412dc9 +039 DreamMail.exe System 70 +0
TInterfacedObject._Release
0059b80e +056 DreamMail.exe System.SyncObjs THandleObject.WaitFor
01c588f2 +062 DreamMail.exe IdIOHandlerWebsocket 1213 +6
TIdWebsocketQueueThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $339c (TIdWebsocketMultiReadThread) at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $10e4 (TTableUpdateThread):

779d1574 +e4 ntdll.dll RtlDelayExecution
76f990a9 +49 KERNELBASE.dll SleepEx
76f9904a +0a KERNELBASE.dll Sleep
004f8da9 +01 DreamMail.exe System.Classes TThread.Sleep
011285d4 +34 DreamMail.exe uCyTable 1560 +8 TTableUpdateThread.Execute
004b3d3f +2b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +49 DreamMail.exe System.Classes ThreadProc
004f835c +ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +28 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $10c0 at:
004f8388 +18 DreamMail.exe System.Classes TThread.Create

thread $1054 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $2f38 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $c08 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $2f38 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $3110 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $2f38 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $34f4 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $2f38 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $34c0 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $2f38 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $225c (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $2f38 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $1b50:
75442e8c +4c USER32.dll MsgWaitForMultipleObjectsEx
674be382 +32 DUser.dll GetMessageExA
7750857c +8c msvcrt.dll _endthreadex
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
7750845f +7f msvcrt.dll _beginthreadex

thread $1f94:
779b93fb +4b ntdll.dll KiUserCallbackDispatcher
75450a1a +2a USER32.dll GetMessageW
675b9948 +28 DUI70.dll StartMessagePump
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
67418f7b +00 msctfuimanager.dll

thread $2804 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $2f38 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $454c (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $4704 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $2238 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $4704 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $45a8:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $1850:
779b93fb +4b ntdll.dll KiUserCallbackDispatcher
75450a1a +2a USER32.dll GetMessageW
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
6741f838 +00 msctfuimanager.dll

thread $3d10:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

thread $421c:
75442e8c +4c USER32.dll
754528aa +1a USER32.dll
004b3c25 +0d DreamMail.exe
004b3c8a +32 DreamMail.exe
76667ba7 +17 KERNEL32.DLL
>> created by thread $1850 at:
640ad07a +00 directmanipulation.dll
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
madExcept CallThreadProcSafe
madExcept ThreadExceptFrame
BaseThreadInitThunk
thread $3ba0 (TMailBkdlImap4Thread):
779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $1844 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $4980 (TMailBkdlImap4Thread):

779d1574 +0e4 ntdll.dll RtlDelayExecution
76f990a9 +049 KERNELBASE.dll SleepEx
76f9904a +00a KERNELBASE.dll Sleep
004f8da9 +001 DreamMail.exe System.Classes TThread.Sleep
01dcf44c +038 DreamMail.exe uMailBkdlmap4Thread 56 +9
TMailBkdlImap4Thread.DoAction
019056a7 +06f DreamMail.exe uMailImap4ConnectThread 139 +13 _DoLoginOK
01905942 +27a DreamMail.exe uMailImap4ConnectThread 194 +47 _DoNormalImap
01905d96 +09a DreamMail.exe uMailImap4ConnectThread 291 +19
TMailImap4ConnectThread.Execute
004b3d3f +02b DreamMail.exe madExcept HookedTThreadExecute
004f82f9 +049 DreamMail.exe System.Classes ThreadProc
004f835c +0ac DreamMail.exe System.Classes ThreadProc
0040c2c8 +028 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +00d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +032 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +017 KERNEL32.DLL BaseThreadInitThunk
>> created by thread $c14 at:
004f8388 +018 DreamMail.exe System.Classes TThread.Create

thread $18c8 (TMailAutoReceiveControlThread):

779d1574 +e4 ntdll.dll RtlDelayExecution
76f990a9 +49 KERNELBASE.dll SleepEx
76f9904a +0a KERNELBASE.dll Sleep
004f8da9 +01 DreamMail.exe System.Classes TThread.Sleep
01deced7 +27 DreamMail.exe uMailAutoReceiveControlThread 47 +8
TMailAutoReceiveControlThread.Execute
0040c2c8 +28 DreamMail.exe System 70 +0 ThreadWrapper
004b3c25 +0d DreamMail.exe madExcept CallThreadProcSafe
004b3c8a +32 DreamMail.exe madExcept ThreadExceptFrame
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk
>> created by main thread ($d94) at:
004f8388 +18 DreamMail.exe System.Classes TThread.Create

thread $34a0:
76667ba7 +17 KERNEL32.DLL BaseThreadInitThunk

modules:
00400000 DreamMail.exe 6.7.1.8 M:\DreamMail6
09c30000 CoreMessaging.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
10000000 sqlite3.dll M:\DreamMail6\Sys
46350000 USP10.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
463d0000 globinputhost.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
46480000 security.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
591c0000 CoreUIComponents.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
59620000 hzpy.dll 6.0.0.1 M:\DreamMail6\Sys
596c0000 wmiutils.dll 10.0.22621.3672 C:\WINDOWS\system32\
wbem
5a830000 TextShaping.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
5a8d0000 ondemandconnroutehelper.dll 10.0.22621.3527 C:\WINDOWS\SYSTEM32
5a900000 msxml6.dll 6.30.22621.5262 C:\Windows\System32
5aaf0000 olepro32.dll 10.0.22621.3235 C:\WINDOWS\SYSTEM32
5ab10000 WindowsCodecs.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
5ac70000 FaultRep.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
5add0000 sxs.dll 10.0.22621.4830 C:\WINDOWS\SYSTEM32
5ae60000 wbemdisp.dll 10.0.22621.1 C:\WINDOWS\system32\
wbem
5b0f0000 ssleay32.dll 1.0.2.14 M:\DreamMail6\Sys
5bff0000 libeay32.dll 1.0.2.14 M:\DreamMail6\Sys
5d9d0000 Windows.Globalization.dll 10.0.22621.5262 C:\Windows\System32
5f310000 twinapi.appcore.dll 10.0.22621.5331 C:\WINDOWS\system32
5f510000 dataexchange.dll 10.0.22621.5262 C:\WINDOWS\system32
5f7a0000 mscms.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
61570000 Msftedit.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
61fe0000 directxdatabasehelper.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
62070000 DWrite.dll 10.0.22621.5262 C:\Windows\System32
622a0000 qingnse.dll 12.1.0.21541 D:\wps\WPS Office\
12.1.0.21541\office6
63ef0000 dcomp.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
640a0000 directmanipulation.dll 10.0.22621.5262 C:\WINDOWS\system32
66420000 UIAutomationCore.dll 7.2.22621.5262 C:\WINDOWS\SYSTEM32
667d0000 bcp47mrm.dll 10.0.22621.5262 C:\Windows\System32
66910000 wtdccm.dll C:\WINDOWS\SYSTEM32
66fc0000 p9np.dll 10.0.22621.5262 C:\WINDOWS\System32
66ff0000 drprov.dll 10.0.22621.1 C:\WINDOWS\System32
67000000 ntlanman.dll 10.0.22621.4249 C:\WINDOWS\System32
67020000 atlthunk.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
67030000 StructuredQuery.dll 7.0.22621.5262 C:\WINDOWS\System32
670c0000 xmllite.dll 10.0.22621.2506 C:\WINDOWS\system32
670f0000 OneCoreCommonProxyStub.dll 10.0.22621.5262 C:\Windows\System32
67140000 explorerframe.dll 10.0.22621.5331 C:\WINDOWS\system32
67340000 tiptsf.dll 10.0.22621.5262 C:\Program Files
(x86)\Common Files\microsoft shared\ink
673c0000 UIAnimation.dll 10.0.22621.1 C:\WINDOWS\System32
67400000 msctfuimanager.dll 10.0.22621.5262 C:\WINDOWS\system32
674b0000 DUser.dll 10.0.22621.4249 C:\WINDOWS\SYSTEM32
67530000 DUI70.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
67800000 c_g18030.dll 10.0.22621.1 C:\WINDOWS\system32
67c70000 windows.staterepositoryclient.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
67ca0000 msls31.dll 3.10.349.0 C:\WINDOWS\SYSTEM32
67cd0000 RICHED20.DLL 5.31.23.1231 C:\WINDOWS\SYSTEM32
67d50000 vaultcli.dll 10.0.22621.3527 C:\Windows\System32
690c0000 windowsudk.shellcommon.dll 10.0.22621.5335 C:\WINDOWS\system32
694f0000 Windows.Storage.Search.dll 10.0.22621.5262 C:\WINDOWS\system32
695c0000 Windows.UI.dll 10.0.22621.5262 C:\Windows\System32
696e0000 Windows.UI.Immersive.dll 10.0.22621.5331 C:\Windows\System32
69810000 davclnt.dll 10.0.22621.1 C:\WINDOWS\System32
69830000 cscapi.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
69980000 DevDispItemProvider.dll 10.0.22621.2506 C:\Windows\System32
699a0000 LINKINFO.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
699c0000 d2d1.dll 10.0.22621.5262 C:\Windows\System32
69ee0000 msimtf.dll 10.0.22621.1 C:\WINDOWS\system32
69ef0000 jscript9.dll 11.0.22621.5331 C:\Windows\System32
6a2c0000 ieapfltr.dll 11.0.22621.3527 C:\Windows\System32
6a380000 mlang.dll 10.0.22621.1 C:\WINDOWS\system32
6a3c0000 srpapi.dll 10.0.22621.5262 C:\Windows\System32
6a3f0000 mshtml.dll 11.0.22621.5262 C:\Windows\System32
6b700000 msIso.dll 11.0.22621.5331 C:\WINDOWS\SYSTEM32
6b740000 policymanager.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6b7d0000 thumbcache.dll 10.0.22621.5262 C:\Windows\System32
6b830000 windows.staterepositorycore.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6b850000 msvcp110_win.dll 10.0.22621.1 C:\Windows\System32
6b8c0000 Windows.System.Launcher.dll 10.0.22621.5331 C:\Windows\System32
6b9b0000 ieframe.dll 11.0.22621.5262 C:\Windows\System32
6c010000 dxcore.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6c090000 twinapi.dll 10.0.22621.5331 C:\Windows\System32
6c170000 OneCoreUAPCommonProxyStub.dll 10.0.22621.5262 C:\Windows\System32
6c480000 NetworkExplorer.dll 10.0.22621.3527 C:\WINDOWS\system32
6c4a0000 apphelp.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6c650000 secur32.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
6c660000 dwmapi.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6c690000 dlnashext.dll 10.0.22621.5262 C:\Windows\System32
6c990000 ActXPrxy.dll 10.0.22621.5262 C:\Windows\System32
6ca20000 ntshrui.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6cad0000 d3d11.dll 10.0.22621.5262 C:\Windows\System32
6d3d0000 dxgi.dll 10.0.22621.5331 C:\Windows\System32
6f130000 DPAPI.DLL 10.0.22621.1 C:\WINDOWS\SYSTEM32
6f140000 Bcp47Langs.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6f190000 textinputframework.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6f290000 COMCTL32.dll 6.10.22621.5262 C:\WINDOWS\WinSxS\
x86_microsoft.windows.common-
controls_6595b64144ccf1df_6.0.22621.5262_none_6ebff4ba87ff320e
6f4c0000 winspool.drv 10.0.22621.5262 C:\WINDOWS\SYSTEM32
6f540000 oleacc.dll 7.2.22621.5262 C:\WINDOWS\SYSTEM32
6f5a0000 msimg32.dll 10.0.22621.2506 C:\WINDOWS\SYSTEM32
6f620000 uxtheme.dll 10.0.22621.5262 C:\WINDOWS\system32
6f7f0000 iertutil.dll 11.0.22621.5331 C:\WINDOWS\SYSTEM32
6fa30000 URLMON.DLL 11.0.22621.5331 C:\WINDOWS\SYSTEM32
6fdf0000 cldapi.dll 10.0.22621.2506 C:\Windows\System32
70100000 virtdisk.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
70180000 srvcli.dll 10.0.22621.4249 C:\WINDOWS\SYSTEM32
701a0000 edputil.dll 10.0.22621.3527 C:\WINDOWS\SYSTEM32
701c0000 Windows.FileExplorer.Common.dll 10.0.22621.5331 C:\Windows\System32
70260000 propsys.dll 7.0.22621.5262 C:\WINDOWS\system32
70330000 gdiplus.dll 10.0.22621.5331 C:\WINDOWS\WinSxS\
x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.22621.5331_none_9fa7fd65e2944687
72140000 wkscli.dll 10.0.22621.4249 C:\WINDOWS\SYSTEM32
72160000 netapi32.dll 10.0.22621.2506 C:\WINDOWS\SYSTEM32
72180000 amsi.dll 10.0.22621.3527 C:\WINDOWS\SYSTEM32
72200000 Fwpuclnt.dll 10.0.22621.3235 C:\WINDOWS\SYSTEM32
72260000 fastprox.dll 10.0.22621.5262 C:\WINDOWS\system32\
wbem
72ba0000 netutils.dll 10.0.22621.2506 C:\WINDOWS\SYSTEM32
72d10000 wsock32.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
72d50000 profapi.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
72dd0000 WINNSI.DLL 10.0.22621.4746 C:\WINDOWS\SYSTEM32
72de0000 rasadhlp.dll 10.0.22621.1 C:\Windows\System32
72e50000 mpr.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
72e70000 winmm.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
73540000 DEVOBJ.dll 10.0.22621.2506 C:\WINDOWS\System32
73c60000 windows.storage.dll 10.0.22621.5331 C:\WINDOWS\SYSTEM32
74370000 nlansp_c.dll 10.0.22621.5331 C:\WINDOWS\system32
74390000 wshbth.dll 10.0.22621.5331 C:\WINDOWS\system32
743b0000 pnrpnsp.dll 10.0.22621.1 C:\WINDOWS\system32
743d0000 napinsp.dll 10.0.22621.1 C:\WINDOWS\system32
743f0000 WINSTA.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
74460000 powrprof.dll 10.0.22621.3958 C:\WINDOWS\SYSTEM32
744c0000 wininet.dll 11.0.22621.5262 C:\WINDOWS\SYSTEM32
74950000 mswsock.dll 10.0.22621.5335 C:\WINDOWS\system32
749b0000 CRYPTBASE.DLL 10.0.22621.4746 C:\WINDOWS\SYSTEM32
749d0000 winrnr.dll 10.0.22621.1 C:\WINDOWS\System32
749e0000 wbemcomn.dll 10.0.22621.2506 C:\WINDOWS\SYSTEM32
74a50000 kernel.appcore.dll 10.0.22621.3958 C:\WINDOWS\SYSTEM32
74a80000 rsaenh.dll 10.0.22621.5262 C:\WINDOWS\system32
74b00000 UMPDC.dll 10.0.22621.5124 C:\WINDOWS\SYSTEM32
74b10000 SSPICLI.DLL 10.0.22621.5192 C:\WINDOWS\SYSTEM32
74b40000 wbemsvc.dll 10.0.22621.3672 C:\WINDOWS\system32\
wbem
74b60000 wbemprox.dll 10.0.22621.3672 C:\WINDOWS\system32\
wbem
74b70000 ntmarta.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
74bb0000 CRYPTSP.dll 10.0.22621.5335 C:\WINDOWS\SYSTEM32
74bf0000 MSASN1.dll 10.0.22621.2506 C:\WINDOWS\SYSTEM32
74c30000 CFGMGR32.dll 10.0.22621.2506 C:\WINDOWS\SYSTEM32
74c80000 winhttp.dll 10.0.22621.4830 C:\WINDOWS\SYSTEM32
75250000 wtsapi32.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
75260000 USERENV.dll 10.0.22621.3527 C:\Windows\System32
752f0000 DNSAPI.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
753b0000 iphlpapi.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
75410000 version.dll 10.0.22621.1 C:\WINDOWS\SYSTEM32
75420000 USER32.dll 10.0.22621.5331 C:\WINDOWS\System32
755d0000 MSCTF.dll 10.0.22621.5331 C:\WINDOWS\System32
75740000 psapi.dll 10.0.22621.1 C:\WINDOWS\System32
75750000 CRYPT32.dll 10.0.22621.5262 C:\WINDOWS\System32
75860000 bcrypt.dll 10.0.22621.4746 C:\WINDOWS\System32
75d20000 comdlg32.dll 10.0.22621.5331 C:\WINDOWS\System32
75de0000 coml2.dll 10.0.22621.5262 C:\WINDOWS\System32
75e50000 SHELL32.dll 10.0.22621.5331 C:\WINDOWS\System32
76520000 sechost.dll 10.0.22621.5262 C:\WINDOWS\System32
765b0000 win32u.dll 10.0.22621.5185 C:\WINDOWS\System32
765d0000 msvcp_win.dll 10.0.22621.3374 C:\WINDOWS\System32
76650000 KERNEL32.DLL 10.0.22621.5262 C:\WINDOWS\System32
76740000 WS2_32.dll 10.0.22621.4746 C:\WINDOWS\System32
767a0000 ucrtbase.dll 10.0.22621.3593 C:\WINDOWS\System32
768c0000 RPCRT4.dll 10.0.22621.5124 C:\WINDOWS\System32
76980000 oleaut32.dll 10.0.22621.5262 C:\WINDOWS\System32
76a20000 gdi32full.dll 10.0.22621.5262 C:\WINDOWS\System32
76b10000 combase.dll 10.0.22621.5262 C:\WINDOWS\System32
76da0000 wintypes.dll 10.0.22621.5262 C:\WINDOWS\System32
76e70000 KERNELBASE.dll 10.0.22621.5331 C:\WINDOWS\System32
77110000 WINTRUST.dll 10.0.22621.5262 C:\WINDOWS\System32
77180000 bcryptPrimitives.dll 10.0.22621.4317 C:\WINDOWS\System32
771f0000 NSI.dll 10.0.22621.4746 C:\WINDOWS\System32
77200000 clbcatq.dll 2001.12.10941.16384 C:\WINDOWS\System32
77290000 ADVAPI32.DLL 10.0.22621.5192 C:\WINDOWS\System32
77310000 shcore.dll 10.0.22621.5331 C:\WINDOWS\System32
773f0000 Normaliz.dll 10.0.22621.1 C:\WINDOWS\System32
774a0000 msvcrt.dll 7.0.22621.2506 C:\WINDOWS\System32
77570000 ole32.dll 10.0.22621.5262 C:\WINDOWS\System32
776d0000 shlwapi.dll 10.0.22621.5262 C:\WINDOWS\System32
77730000 IMM32.DLL 10.0.22621.5185 C:\WINDOWS\System32
77780000 GDI32.dll 10.0.22621.5185 C:\WINDOWS\System32
77940000 ntdll.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
7c4d0000 MrmCoreR.dll 10.0.22621.5262 C:\Windows\System32
891d0000 d3d10warp.dll 10.0.22621.5262 C:\WINDOWS\SYSTEM32
90840000 AudioSes.DLL 10.0.22621.5262 C:\WINDOWS\SYSTEM32

processes:
0000 Idle 0 0 0
0004 System 0 0 0
00a8 Registry 0 0 0
023c smss.exe 0 0 0
034c csrss.exe 0 0 0
03cc wininit.exe 0 0 0
03d8 csrss.exe 1 0 0
0324 services.exe 0 0 0
0350 winlogon.exe 1 0 0
0420 lsass.exe 0 0 0
04b4 svchost.exe 0 0 0
04d0 fontdrvhost.exe 1 0 0
04d4 fontdrvhost.exe 0 0 0
04e0 WUDFHost.exe 0 0 0
0568 svchost.exe 0 0 0
0594 svchost.exe 0 0 0
0620 svchost.exe 0 0 0
063c svchost.exe 0 0 0
0644 svchost.exe 0 0 0
067c svchost.exe 0 0 0
06a4 svchost.exe 0 0 0
06f8 svchost.exe 0 0 0
0704 svchost.exe 0 0 0
0754 dwm.exe 1 0 0
0780 amdfendrsr.exe 0 0 0
0788 svchost.exe 0 0 0
0790 atiesrxx.exe 0 0 0
05f0 svchost.exe 0 0 0
0804 svchost.exe 0 0 0
0838 svchost.exe 0 0 0
0840 svchost.exe 0 0 0
084c svchost.exe 0 0 0
0854 atieclxx.exe 1 0 0
08b4 svchost.exe 0 0 0
08e4 svchost.exe 0 0 0
08fc Memory Compression 0 0 0
0934 svchost.exe 0 0 0
0954 svchost.exe 0 0 0
095c svchost.exe 0 0 0
0a3c svchost.exe 0 0 0
0aa0 svchost.exe 0 0 0
0b40 svchost.exe 0 0 0
0b90 svchost.exe 0 0 0
0be4 svchost.exe 0 0 0
08a0 svchost.exe 0 0 0
073c svchost.exe 0 0 0
0c2c svchost.exe 0 0 0
0c68 svchost.exe 0 0 0
0c70 svchost.exe 0 0 0
0cb4 svchost.exe 0 0 0
0d1c spoolsv.exe 0 0 0
0d7c svchost.exe 0 0 0
0db8 svchost.exe 0 0 0
0f00 svchost.exe 0 0 0
0f08 svchost.exe 0 0 0
0f10 ahs_service.exe 0 0 0
0f18 svchost.exe 0 0 0
0f24 D4Ser_ICBC.exe 0 0 0
0f2c svchost.exe 0 0 0
0f34 svchost.exe 0 0 0
0f3c svchost.exe 0 0 0
0f44 LISFService.exe 0 0 0
0f4c HDZB_USBKEY_2G_CEP_DevServer.exe 0 0 0
0f54 svchost.exe 0 0 0
0f5c sssync.exe 0 0 0
0f64 vmnetdhcp.exe 0 0 0
0f70 HGBOT_x64.exe 0 0 0
0f78 LenovoServiceAS.exe 0 0 0
0f88 WDDrvRpr_Share.exe 0 0 0
0f94 svchost.exe 0 0 0
0f9c svchost.exe 0 0 0
0fa4 IcbcDaemon_64.exe 0 0 0
0fac WmiApSrv.exe 0 0 0
0fb4 UBankService.exe 0 0 0
0fc4 WDTokenServerHaiGuan.exe 0 0 0
0fd0 svchost.exe 0 0 0
0fd8 vmnat.exe 0 0 0
0fe4 OfficeClickToRun.exe 0 0 0
0c24 svchost.exe 0 0 0
1024 svchost.exe 0 0 0
103c svchost.exe 0 0 0
10a8 D4Ser_ICBC.exe 0 0 0
1198 svchost.exe 0 0 0
123c LenovoPcManagerService.exe 0 0 0
1258 clash-verge-service.exe 0 0 0
1268 vmware-authd.exe 0 0 0
1280 vmware-usbarbitrator64.exe 0 0 0
12d8 dasHost.exe 0 0 0
13dc svchost.exe 0 0 0
1470 svchost.exe 0 0 0
14d8 Locator.exe 0 0 0
1668 CnEport.Pub.WinService.exe 0 0 0
1698 svchost.exe 0 0 0
1804 svchost.exe 0 0 0
182c svchost.exe 0 0 0
1924 MSPCManagerService.exe 0 0 0
19dc SearchIndexer.exe 0 0 0
1a7c AggregatorHost.exe 0 0 0
1d8c sihost.exe 1 0 8 normal C:\Windows\System32
1db4 svchost.exe 1 0 1 normal C:\Windows\System32
1dd0 svchost.exe 1 0 1 normal C:\Windows\System32
1df4 svchost.exe 1 0 4 normal C:\Windows\System32
1e9c svchost.exe 0 0 0
1cc8 svchost.exe 0 0 0
199c taskhostw.exe 1 10 6 normal C:\Windows\System32
1f20 explorer.exe 1 685 670 normal C:\Windows
2090 svchost.exe 0 0 0
216c LockScreenMain.exe 0 0 0
2184 svchost.exe 0 0 0
23f4 svchost.exe 1 0 14 normal C:\Windows\System32
21b8 LenovoInternetSoftwareFramework.exe 1 0 0
232c Lsf.exe 1 0 0
1e70 LnvSvcFdn.exe 0 0 0
23e0 LenovoTray.exe 1 0 0
2280 crashpad_handler.exe 1 0 0
215c SearchHost.exe 1 17 83 normal C:\Windows\
SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy
2150 StartMenuExperienceHost.exe 1 7 19 normal C:\Windows\
SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy
24d8 LAVService.exe 0 0 0
2538 RuntimeBroker.exe 1 41 10 normal C:\Windows\System32
2564 Widgets.exe 1 0 4 normal C:\Program Files\
WindowsApps\MicrosoftWindows.Client.WebExperience_525.5100.40.0_x64__cw5n1h2txyewy\
Dashboard
2584 svchost.exe 1 0 1 normal C:\Windows\System32
2678 RuntimeBroker.exe 1 6 7 normal C:\Windows\System32
26a4 svchost.exe 0 0 0
29a8 dllhost.exe 1 0 3 normal C:\Windows\System32
2ac8 ctfmon.exe 1 0 0
28d8 ChsIME.exe 1 0 0
2920 TextInputHost.exe 1 12 111 high C:\Windows\
SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy
2d60 crashpad_handler.exe 0 0 0
2ea4 CnEport.Pub.WebSocketServer.exe 1 37 35 normal D:\中国电子口岸客户端控件
2f28 svchost.exe 0 0 0
2f88 SecurityHealthSystray.exe 1 7 5 normal C:\Windows\System32
2f9c SecurityHealthService.exe 0 0 0
2fc4 wsctrl11.exe 0 0 0
2e1c svchost.exe 0 0 0
0ce0 DreamMail.exe 1 836 810 normal M:\DreamMail6
1760 usysdiag.exe 0 0 0
2c08 svchost.exe 0 0 0
0660 WXWork.exe 1 247 148 normal D:\企业微信\WXWork
0968 WeChat.exe 1 175 108 normal D:\企业微信\WeChat
1034 RadeonSoftware.exe 1 34 79 normal C:\Program Files\
WindowsApps\AdvancedMicroDevicesInc-
2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware
14ac RRMSVR.exe 1 2 4 normal C:\Program Files
(x86)\ICBCEbankTools\Gemplus\GemSafe Libraries\BIN
3250 cncmd.exe 1 0 1 normal C:\Program Files\
WindowsApps\AdvancedMicroDevicesInc-
2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware
3320 AMDRSServ.exe 1 5 10 normal C:\Program Files\
WindowsApps\AdvancedMicroDevicesInc-
2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware
2c24 svchost.exe 0 0 0
1864 mmcrashpad_handler64.exe 1 2 4 normal D:\企业微信\WeChat\
[3.9.12.51]
2c90 WeChatAppEx.exe 1 88 79 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
0a68 WeChatAppEx.exe 1 2 4 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
20b4 WeChatAppEx.exe 1 0 1 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
0650 WeChatAppEx.exe 1 12 28 above normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
0570 svchost.exe 0 0 0
1da4 WXWorkWeb.exe 1 13 59 normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
1dc4 WeMail.exe 1 40 45 normal D:\企业微信\WXWork\
4.1.22.8031\wemail
1e1c WeMailNode.exe 1 0 1 normal D:\企业微信\WXWork\
4.1.22.8031
2690 WXWorkWeb.exe 1 2 4 normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
2004 WXWorkWeb.exe 1 11 17 above normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
18fc WXDrive.exe 1 0 1 normal D:\企业微信\WXWork\
4.1.22.8031
1814 WXWorkWeb.exe 1 0 0 normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
2f3c WXWorkWeb.exe 1 0 2 normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
2654 FlutterPlugins.exe 1 9 27 normal D:\企业微信\WXWork\
4.1.22.8031\FlutterPlugins
359c WXWorkWeb.exe 1 0 0 normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
3600 WXWorkWeb.exe 1 0 0 normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
0dac svchost.exe 1 0 1 normal C:\Windows\System32
2f34 svchost.exe 0 0 0
2ebc svchost.exe 0 0 0
336c svchost.exe 0 0 0
3438 svchost.exe 0 0 0
1c70 svchost.exe 0 0 0
2f00 SystemSettings.exe 1 11 48 normal C:\Windows\
ImmersiveControlPanel
0928 ApplicationFrameHost.exe 1 25 12 normal C:\Windows\System32
0ac4 ShellExperienceHost.exe 1 13 52 normal C:\Windows\
SystemApps\ShellExperienceHost_cw5n1h2txyewy
10dc svchost.exe 1 0 1 normal C:\Windows\System32
2a1c AMDRSSrcExt.exe 1 6 12 normal C:\Program Files\
WindowsApps\AdvancedMicroDevicesInc-
2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware
2cfc QtWebEngineProcess.exe 1 0 1 normal C:\Program Files\
WindowsApps\AdvancedMicroDevicesInc-
2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware
1dac svchost.exe 0 0 0
12a8 MailPreview.exe 1 47 66 normal M:\DreamMail6\Sys
1c58 LeAppOM.exe 1 0 0
3138 wpscloudsvr.exe 1 46 341 normal D:\wps\WPS Office\
12.1.0.21541\office6
1ec8 WeChatPlayer.exe 1 0 1 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\ThumbPlayer\4073\
extracted
2270 WeChatUtility.exe 1 0 1 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\WeChatUtility\8091\
extracted
1350 WeChatAppEx.exe 1 0 0 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
12a0 WeChatAppEx.exe 1 0 1 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
0974 WeChatOCR.exe 1 0 1 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\WeChatOCR\7079\
extracted
2eb0 WeChatAppEx.exe 1 0 0 normal C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
1e80 WidgetService.exe 1 0 5 normal C:\Program Files\
WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.8.0_x64__8wekyb3d8bbwe\
WidgetService
0d6c Clash for Windows.exe 1 20 52 normal D:\
Clash.for.Windows-0.20.16-ikuuu\Clash.for.Windows-0.20.16-ikuuu
32a0 Clash for Windows.exe 1 4 2 above normal D:\
Clash.for.Windows-0.20.16-ikuuu\Clash.for.Windows-0.20.16-ikuuu
27f4 Clash for Windows.exe 1 0 1 normal D:\
Clash.for.Windows-0.20.16-ikuuu\Clash.for.Windows-0.20.16-ikuuu
0b28 Clash for Windows.exe 1 0 1 normal D:\
Clash.for.Windows-0.20.16-ikuuu\Clash.for.Windows-0.20.16-ikuuu
211c clash-win64.exe 1 0 0 normal D:\
Clash.for.Windows-0.20.16-ikuuu\Clash.for.Windows-0.20.16-ikuuu\resources\static\
files\win\x64
18d4 conhost.exe 1 0 1 normal C:\Windows\System32
3a30 RuntimeBroker.exe 1 4 3 normal C:\Windows\System32
4190 D4Svr_ICBC.exe 1 0 0
3c68 msedge.exe 1 2 27 normal C:\Program Files
(x86)\Microsoft\Edge\Application
4344 msedge.exe 1 2 3 normal C:\Program Files
(x86)\Microsoft\Edge\Application
064c msedge.exe 1 1 4 above normal C:\Program Files
(x86)\Microsoft\Edge\Application
38e8 msedge.exe 1 0 5 normal C:\Program Files
(x86)\Microsoft\Edge\Application
2d8c msedge.exe 1 0 0 normal C:\Program Files
(x86)\Microsoft\Edge\Application
4600 msedge.exe 1 0 0 normal C:\Program Files
(x86)\Microsoft\Edge\Application
2c0c msedge.exe 1 0 0 idle C:\Program Files
(x86)\Microsoft\Edge\Application
1ca8 msedge.exe 1 0 0 idle C:\Program Files
(x86)\Microsoft\Edge\Application
463c WXWorkWeb.exe 1 0 0 normal D:\企业微信\WXWork\
4.1.22.8031\updated_web
3fdc svchost.exe 1 0 1 normal C:\Windows\System32
3bb8 WXWorkWeb.exe 1 0 0 idle D:\企业微信\WXWork\
4.1.22.8031\updated_web
3e20 WmiPrvSE.exe 0 0 0
380c SunloginClient.exe 1 164 101 normal D:\向日葵\
SunloginClient
4734 msedgewebview2.exe 1 43 47 normal C:\Program Files
(x86)\Microsoft\EdgeWebView\Application\137.0.3296.83
299c msedgewebview2.exe 1 2 3 normal C:\Program Files
(x86)\Microsoft\EdgeWebView\Application\137.0.3296.83
474c SunloginClient.exe 0 0 0
26d8 msedgewebview2.exe 1 14 58 above normal C:\Program Files
(x86)\Microsoft\EdgeWebView\Application\137.0.3296.83
314c msedgewebview2.exe 1 0 5 normal C:\Program Files
(x86)\Microsoft\EdgeWebView\Application\137.0.3296.83
1d94 msedgewebview2.exe 1 0 0 normal C:\Program Files
(x86)\Microsoft\EdgeWebView\Application\137.0.3296.83
3570 msedgewebview2.exe 1 0 0 idle C:\Program Files
(x86)\Microsoft\EdgeWebView\Application\137.0.3296.83
32b8 msedgewebview2.exe 1 0 0 idle C:\Program Files
(x86)\Microsoft\EdgeWebView\Application\137.0.3296.83
18b0 SunloginClient.exe 0 0 0
12e8 sunlogin_guard.exe 0 0 0
3d68 conhost.exe 0 0 0
0cd4 msedgewebview2.exe 1 0 0 idle C:\Program Files
(x86)\Microsoft\EdgeWebView\Application\137.0.3296.83
2c60 msedgewebview2.exe 1 0 0 idle C:\Program Files
(x86)\Microsoft\EdgeWebView\Application\137.0.3296.83
30c8 unsecapp.exe 0 0 0
3b18 UserOOBEBroker.exe 1 0 1 normal C:\Windows\
System32\oobe
07b0 Everything.exe 1 7 6 normal D:\everything
46fc Everything.exe 1 0 0
3eac svchost.exe 0 0 0
224c splwow64.exe 1 3 8 normal C:\Windows
1994 WeChatOCR.exe 1 0 1 normal D:\企业微信\WXWork\
4.1.22.8031\WeChatOCR
099c WXWorkWeb.exe 1 0 0 idle D:\企业微信\WXWork\
4.1.22.8031\updated_web
4414 svchost.exe 0 0 0
36a8 WeChatAppEx.exe 1 0 0 idle C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
3554 vmplayer.exe 1 376 190 normal C:\Program Files
(x86)\VMware\VMware Workstation
38bc vmware-unity-helper.exe 1 4 9 normal C:\Program Files
(x86)\VMware\VMware Workstation
1158 WeChatAppEx.exe 1 0 0 idle C:\Users\
Administrator\AppData\Roaming\Tencent\WeChat\XPlugin\Plugins\RadiumWMPF\13639\
extracted\runtime
476c svchost.exe 0 0 0
43d4 svchost.exe 0 0 0

hardware:
+ {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
- Fax
- HP DJ 2130 series
- Microsoft Print to PDF
- Microsoft XPS Document Writer
- OneNote (Desktop)
- 导出为 WPS PDF
- 根打印队列
+ {36fc9e60-c465-11cf-8056-444553540000}
- AMD USB 3.10 可扩展主机控制器 - 1.10 (Microsoft)
- AMD USB 3.10 可扩展主机控制器 - 1.10 (Microsoft)
- AMD USB 3.10 可扩展主机控制器 - 1.10 (Microsoft)
- HP DeskJet 2130 series
- HP DeskJet 2130 series(REST) (driver 35.0.56.52825)
- USB Composite Device
- USB Composite Device
- USB 根集线器(USB 3.0)
- USB 根集线器(USB 3.0)
- USB 根集线器(USB 3.0)
- 通用 USB 集线器
+ {4d36e966-e325-11ce-bfc1-08002be10318}
- BIOSTAR Group A520MS
- 基于 ACPI x64 的电脑
+ {4d36e967-e325-11ce-bfc1-08002be10318}
- Great Wall GW600 128GB
- SAMSUNG MZNLH256HAJD-00000
- WDC WD5000AAKX-08U6AA0
+ {4d36e968-e325-11ce-bfc1-08002be10318}
- AMD Radeon(TM) Graphics (driver 30.0.13014.8)
- OrayIddDriver Device (driver 17.1.58.818)
+ {4d36e96a-e325-11ce-bfc1-08002be10318}
- 标准 SATA AHCI 控制器
- 标准 SATA AHCI 控制器
+ {4d36e96b-e325-11ce-bfc1-08002be10318}
- HID Keyboard Device
- HID Keyboard Device
- Virtual Keyboard (driver 16.30.22.349)
+ {4d36e96c-e325-11ce-bfc1-08002be10318}
- AMD High Definition Audio Device (driver 10.0.1.21)
- Realtek High Definition Audio (driver 6.0.8988.1)
+ {4d36e96e-e325-11ce-bfc1-08002be10318}
- Generic Monitor (22B2WG5)
- Generic Monitor (F22B20F)
+ {4d36e96f-e325-11ce-bfc1-08002be10318}
- HID-compliant mouse
- Virtual Mouse (driver 16.30.26.320)
+ {4d36e972-e325-11ce-bfc1-08002be10318}
- Microsoft Kernel Debug Network Adapter
- Realtek PCIe GbE Family Controller (driver 1168.11.1206.2022)
- VMware Virtual Ethernet Adapter for VMnet1 (driver 14.0.0.8)
- VMware Virtual Ethernet Adapter for VMnet8 (driver 14.0.0.8)
- WAN Miniport (IKEv2)
- WAN Miniport (IP)
- WAN Miniport (IPv6)
- WAN Miniport (L2TP)
- WAN Miniport (Network Monitor)
- WAN Miniport (PPPOE)
- WAN Miniport (PPTP)
- WAN Miniport (SSTP)
+ {4d36e978-e325-11ce-bfc1-08002be10318}
- 通信端口 (COM1)
+ {4d36e979-e325-11ce-bfc1-08002be10318}
- HP DJ 2130 series (driver 20.79.1.6597)
+ {4d36e97b-e325-11ce-bfc1-08002be10318}
- Microsoft 存储空间控制器
+ {4d36e97d-e325-11ce-bfc1-08002be10318}
- ACPI 固定功能按钮
- ACPI 处理器容器设备
- ACPI 热区域
- ACPI 电源按钮
- AMD Crash Defender (driver 21.30.0.100)
- AMD GPIO Controller (driver 2.2.0.121)
- AMD GPIO Controller (driver 2.0.1.0)
- AMD Link Controller Emulation (driver 21.40.0.6)
- AMD SMBus (driver 5.12.0.38)
- High Definition Audio Bus (driver 21.30.0.1000)
- High Definition Audio 控制器
- Microsoft ACPI-Compliant System
- Microsoft Hyper-V 虚拟化基础结构驱动程序
- Microsoft System Management BIOS Driver
- Microsoft UEFI 兼容系统
- Microsoft Windows Management Interface for ACPI
 - Microsoft 基本呈现驱动程序
- Microsoft 基本显示驱动程序
- Microsoft 虚拟驱动器枚举器
- NDIS 虚拟网络适配器枚举器
- Oray Virtual Game Controller (driver 1.0.0.0)
- OrayUSBVHCI (driver 1.0.0.0)
- PCI Express 根复合体
- PCI 到 PCI 桥
- PCI 到 PCI 桥
- PCI 到 PCI 桥
- PCI 到 PCI 桥
- PCI 到 PCI 桥
- PCI 标准 ISA 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- PCI 标准主机 CPU 桥
- Scp Virtual Bus Driver (driver 16.30.16.687)
- UMBus Root Bus Enumerator
- VMware VMCI Host Device (driver 9.8.18.0)
- VMware VMCI Host Device (driver 9.8.18.0)
- 即插即用软件设备枚举器
- 卷管理器
- 可编程中断控制器
- 复合总线枚举器
- 母板资源
- 母板资源
- 母板资源
- 母板资源
- 母板资源
- 母板资源
- 直接内存访问控制器
- 系统 CMOS/实时时钟
- 系统扬声器
- 系统板
- 系统计时器
- 远程桌面设备重定向程序总线
- 高精度事件计时器
+ {50127dc3-0f36-415e-a6cc-4cb3be910b65}
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
- AMD Ryzen 5 5600G with Radeon Graphics
+ {5c4c3332-344d-483c-8739-259e934c9cc8}
- AMD-UWP Version Control (driver 29.2130.0.0)
+ {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
- Microsoft Device Association Root Enumerator
- Microsoft GS 波表合成器
- Microsoft Passport Container Enumeration Bus
- Microsoft Radio Device Enumeration Bus
- Microsoft RRAS Root Enumerator
- Smart Card Device Enumeration Bus
+ {6bdd1fc6-810f-11d0-bec7-08002be2092f}
- HP DeskJet 2130 series (USB) (driver 40.11.1114.1765)
+ {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
- USB 输入设备
- USB 输入设备
- USB 输入设备
- 符合 HID 标准的供应商定义设备
- 符合 HID 标准的用户控制设备
- 符合 HID 标准的系统控制器
+ {88bae032-5a81-49f0-bc3d-a4ff138216d6}
- DeskJet 2130 series
+ {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
- 1 - 22B2WG5 (AMD High Definition Audio Device)
+ {d94ee5d8-d189-4994-83d2-f68d7d41b0e6}
- AMD PSP 10.0 Device (driver 5.17.0.0)
- 受信任的平台模块 2.0
+ {f2e7dd72-6468-4e36-b6f1-6488f42c1b52}
- 系统固件

cpu registers:
eax = 5d7cff04
ebx = 5d7cff18
ecx = 00000001
edx = 787c0d3c
esi = 00000030
edi = 004b3c58
eip = 5d7cffcc
esp = 5d7cfdf4
ebp = 5d7cfe1c

stack dump:
5d7cfdf4 53 bf de 01 28 fe 7c 5d - ec b8 40 00 1c fe 7c 5d S...(.|]..@...|]
5d7cfe04 90 95 11 5f 40 cc de 01 - 74 d7 eb 0b 54 60 e6 40 [email protected]`.@
5d7cfe14 00 00 00 00 00 00 00 00 - 90 fe 7c 5d 2f c1 de 01 ..........|]/...
5d7cfe24 b4 fe 7c 5d 34 fe 7c 5d - ec b8 40 00 90 fe 7c 5d ..|]4.|]..@...|]
5d7cfe34 9c fe 7c 5d ec b8 40 00 - 90 fe 7c 5d 58 3c 4b 00 ..|]..@...|]X<K.
5d7cfe44 90 95 11 5f 40 cc de 01 - 00 00 00 00 00 00 00 00 ..._@...........
5d7cfe54 ac c3 de 01 11 00 00 00 - 8c b6 2f 88 11 15 4c 00 ........../...L.
5d7cfe64 00 00 00 00 00 1b 82 08 - 00 00 00 00 7c fe 7c 5d ............|.|]
5d7cfe74 58 e1 ea 01 75 e1 ea 01 - c0 fe 7c 5d 70 ae 04 5a X...u.....|]p..Z
5d7cfe84 94 e1 ea 00 00 00 00 00 - 00 00 00 00 b4 fe 7c 5d ..............|]
5d7cfe94 a1 ca de 01 b4 fe 7c 5d - c0 fe 7c 5d ec b8 40 00 ......|]..|]..@.
5d7cfea4 b4 fe 7c 5d 00 00 00 00 - b0 63 97 8a 04 ff 7c 5d ..|].....c....|]
5d7cfeb4 e8 fe 7c 5d 45 cc de 01 - 41 3d 4b 00 cc fe 7c 5d ..|]E...A=K...|]
5d7cfec4 bc b6 40 00 e8 fe 7c 5d - f0 fe 7c 5d aa 3d 4b 00 ..@...|]..|].=K.
5d7cfed4 e8 fe 7c 5d 58 3c 4b 00 - 90 95 11 5f 38 ff 7c 5d ..|]X<K...._8.|]
5d7cfee4 a0 5a 97 8a 18 ff 7c 5d - fc 82 4f 00 fc fe 7c 5d .Z....|]..O...|]
5d7cfef4 06 83 4f 00 18 ff 7c 5d - 20 ff 7c 5d 5e 83 4f 00 ..O...|] .|]^.O.
5d7cff04 18 ff 7c 5d 58 3c 4b 00 - 90 95 11 5f 38 ff 7c 5d ..|]X<K...._8.|]
5d7cff14 a0 5a 97 8a 2c ff 7c 5d - ca c2 40 00 4c ff 7c 5d .Z..,.|][email protected].|]
5d7cff24 bc bb 40 00 2c ff 7c 5d - 3c ff 7c 5d 27 3c 4b 00 ..@.,.|]<.|]'<K.

disassembling:
[...]
76667b98 test ecx, ecx
76667b9a jnz loc_76667bb0
76667b9c push dword ptr [ebp+8]
76667b9f mov ecx, esi
76667ba1 call dword ptr [$766d2218] ; BaseDumpAppcompatCacheWorker
(KERNEL32.DLL)
76667ba7 > call esi
76667ba9 push eax
76667baa call dword ptr [$766d1dac] ; RtlExitUserThread (ntdll.dll)
76667bb0 call dword ptr [$766d1ec0] ; RtlGetSuiteMask (ntdll.dll)
76667bb6 pop esi
76667bb7 test al, $10
[...]