as per screenshot, using bthserv as an example, the svchost.exe (PID 1408) hosting bthserv service is running as local service, not protected and has SeImpersonatePrivilege but still has error "CreateProcessAsUserW failed with error 5"
windows version verified to be before patch, and appid.sys is running
as per screenshot, using bthserv as an example, the svchost.exe (PID 1408) hosting bthserv service is running as local service, not protected and has SeImpersonatePrivilege but still has error "CreateProcessAsUserW failed with error 5"
windows version verified to be before patch, and appid.sys is running
kindly advise, thank you