Jump to content

MOTOAM

Members
  • Posts

    2
  • Joined

  • Last visited

Everything posted by MOTOAM

  1. I can't get directly to the download sites (or here) from the affected computer so I downloaded the file (renaming as directed) to another computer. Then placed the file on a USB ram drive and copied to my desktop. When I run the exe file I get a warning: !ALERT! It is not safe to continue The contents of the ComboFix package have been compromised. Please download a fresh copy from: http://www.bleepingcomputer.com/combofix/how-to-use-combofix Note: You may be infected with a file patching virus 'virut' Renaming Combo-Fix to iexplore.exe or winlogon.exe did not change the effect of trying to install. Is this the result of not downloading directly to the desktop or another evil function of the infection?
  2. My HP laptop got infected with a Trojan (False Security Alert). I could not see the user interface, no taskbar just Windows background screen. I ran MBAM but it apparently did not remove it completely. I cannot access any antivirus websites directly (I'm sending this from another computer.) I downloaded the latest version of MBAM (August 3)and renamed it. It ran in safemode and found more malware. I ran Root Repeal (again renamed) it detects a hidden service (Service Name: UACd.sys Image Path: C:\WINDOWS\system32\drivers\UACljaowktaru.sys) but can't wipe the file (says it Can't find the file on the disk). I tried to install AVIRA but it can't complete the setup process. On startup I get an error: Windows Logon UI which I can't seem to get rid of. Been working on this for over a week now. Obviously, I need some expert help. Thank you in advance. Following are Hijack This log, Root Repeal log and MBAM log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:06:14 PM, on 8/8/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b O4 - S-1-5-18 Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user') O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user') O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1249709823359 O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 6793 bytes ROOTREPEAL © AD, 2007-2009 ================================================== Scan Start Time: 2009/08/08 12:52 Program Version: Version 1.3.3.0 Windows Version: Windows XP Media Center Edition SP2 ================================================== Drivers ------------------- Name: 1394BUS.SYS Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS Address: 0xF762C000 Size: 53248 File Visible: - Signed: Yes Status: - Name: ACPI.sys Image Path: ACPI.sys Address: 0xF75BD000 Size: 187776 File Visible: - Signed: Yes Status: - Name: ACPI_HAL Image Path: \Driver\ACPI_HAL Address: 0x804D7000 Size: 2252800 File Visible: - Signed: Yes Status: - Name: ACPIEC.sys Image Path: ACPIEC.sys Address: 0xF7A28000 Size: 11648 File Visible: - Signed: Yes Status: - Name: aliide.sys Image Path: aliide.sys Address: 0xF7B14000 Size: 5248 File Visible: - Signed: Yes Status: - Name: atapi.sys Image Path: atapi.sys Address: 0xF7531000 Size: 95360 File Visible: - Signed: Yes Status: - Name: BATTC.SYS Image Path: C:\WINDOWS\system32\DRIVERS\BATTC.SYS Address: 0xF7A24000 Size: 16384 File Visible: - Signed: Yes Status: - Name: Beep.SYS Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS Address: 0xF7B66000 Size: 4224 File Visible: - Signed: Yes Status: - Name: BOOTVID.dll Image Path: C:\WINDOWS\system32\BOOTVID.dll Address: 0xF7A1C000 Size: 12288 File Visible: - Signed: Yes Status: - Name: cdrom.sys Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys Address: 0xF76CC000 Size: 49536 File Visible: - Signed: Yes Status: - Name: CLASSPNP.SYS Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS Address: 0xF766C000 Size: 53248 File Visible: - Signed: Yes Status: - Name: compbatt.sys Image Path: compbatt.sys Address: 0xF7A20000 Size: 9344 File Visible: - Signed: Yes Status: - Name: cpqbttn.sys Image Path: C:\WINDOWS\system32\DRIVERS\cpqbttn.sys Address: 0xF7AC0000 Size: 9344 File Visible: - Signed: Yes Status: - Name: disk.sys Image Path: disk.sys Address: 0xF765C000 Size: 36352 File Visible: - Signed: Yes Status: - Name: dmio.sys Image Path: dmio.sys Address: 0xF7549000 Size: 153344 File Visible: - Signed: Yes Status: - Name: dmload.sys Image Path: dmload.sys Address: 0xF7B16000 Size: 5888 File Visible: - Signed: Yes Status: - Name: dump_iaStor.sys Image Path: C:\WINDOWS\System32\Drivers\dump_iaStor.sys Address: 0xBAD53000 Size: 876544 File Visible: No Signed: No Status: - Name: Dxapi.sys Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys Address: 0xBAEE0000 Size: 12288 File Visible: - Signed: Yes Status: - Name: dxg.sys Image Path: C:\WINDOWS\System32\drivers\dxg.sys Address: 0xBF9C1000 Size: 73728 File Visible: - Signed: Yes Status: - Name: dxgthk.sys Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys Address: 0xF7C7B000 Size: 4096 File Visible: - Signed: Yes Status: - Name: Fastfat.SYS Image Path: C:\WINDOWS\System32\Drivers\Fastfat.SYS Address: 0xBAE29000 Size: 143360 File Visible: - Signed: Yes Status: - Name: fltMgr.sys Image Path: fltMgr.sys Address: 0xF743C000 Size: 124800 File Visible: - Signed: Yes Status: - Name: framebuf.dll Image Path: C:\WINDOWS\System32\framebuf.dll Address: 0xBFF50000 Size: 12288 File Visible: - Signed: Yes Status: - Name: Fs_Rec.SYS Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS Address: 0xF7B62000 Size: 7936 File Visible: - Signed: Yes Status: - Name: ftdisk.sys Image Path: ftdisk.sys Address: 0xF756F000 Size: 125056 File Visible: - Signed: Yes Status: - Name: hal.dll Image Path: C:\WINDOWS\system32\hal.dll Address: 0x806FD000 Size: 134272 File Visible: - Signed: Yes Status: - Name: HDAudBus.sys Image Path: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys Address: 0xBAFAB000 Size: 151552 File Visible: - Signed: Yes Status: - Name: HIDCLASS.SYS Image Path: C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS Address: 0xF769C000 Size: 36864 File Visible: - Signed: Yes Status: - Name: HIDPARSE.SYS Image Path: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS Address: 0xF7994000 Size: 28672 File Visible: - Signed: Yes Status: - Name: i2omgmt.SYS Image Path: C:\WINDOWS\System32\Drivers\i2omgmt.SYS Address: 0xF7B5E000 Size: 8192 File Visible: - Signed: Yes Status: - Name: i8042prt.sys Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys Address: 0xF76AC000 Size: 52736 File Visible: - Signed: Yes Status: - Name: iaStor.sys Image Path: iaStor.sys Address: 0xF745B000 Size: 874240 File Visible: - Signed: Yes Status: - Name: imapi.sys Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys Address: 0xF76BC000 Size: 41856 File Visible: - Signed: Yes Status: - Name: intelide.sys Image Path: intelide.sys Address: 0xF7B10000 Size: 5504 File Visible: - Signed: Yes Status: - Name: isapnp.sys Image Path: isapnp.sys Address: 0xF760C000 Size: 35840 File Visible: - Signed: Yes Status: - Name: kbdclass.sys Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys Address: 0xF78CC000 Size: 24576 File Visible: - Signed: Yes Status: - Name: kbdhid.sys Image Path: C:\WINDOWS\system32\DRIVERS\kbdhid.sys Address: 0xF7B04000 Size: 14848 File Visible: - Signed: Yes Status: - Name: KDCOM.DLL Image Path: C:\WINDOWS\system32\KDCOM.DLL Address: 0xF7B0C000 Size: 8192 File Visible: - Signed: Yes Status: - Name: ks.sys Image Path: C:\WINDOWS\system32\DRIVERS\ks.sys Address: 0xBAF35000 Size: 143360 File Visible: - Signed: Yes Status: - Name: KSecDD.sys Image Path: KSecDD.sys Address: 0xF7413000 Size: 92032 File Visible: - Signed: Yes Status: - Name: mouclass.sys Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys Address: 0xF790C000 Size: 23040 File Visible: - Signed: Yes Status: - Name: MountMgr.sys Image Path: MountMgr.sys Address: 0xF763C000 Size: 42240 File Visible: - Signed: Yes Status: - Name: Msfs.SYS Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS Address: 0xF78EC000 Size: 19072 File Visible: - Signed: Yes Status: - Name: mssmbios.sys Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys Address: 0xF7AFC000 Size: 15488 File Visible: - Signed: Yes Status: - Name: Mup.sys Image Path: Mup.sys Address: 0xF733E000 Size: 107904 File Visible: - Signed: Yes Status: - Name: NDIS.sys Image Path: NDIS.sys Address: 0xF7359000 Size: 182528 File Visible: - Signed: Yes Status: - Name: Npfs.SYS Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS Address: 0xF78FC000 Size: 30848 File Visible: - Signed: Yes Status: - Name: Ntfs.sys Image Path: Ntfs.sys Address: 0xF7386000 Size: 574592 File Visible: - Signed: Yes Status: - Name: ntoskrnl.exe Image Path: C:\WINDOWS\system32\ntoskrnl.exe Address: 0x804D7000 Size: 2252800 File Visible: - Signed: Yes Status: - Name: Null.SYS Image Path: C:\WINDOWS\System32\Drivers\Null.SYS Address: 0xF7C4B000 Size: 2944 File Visible: - Signed: Yes Status: - Name: ohci1394.sys Image Path: ohci1394.sys Address: 0xF761C000 Size: 61056 File Visible: - Signed: Yes Status: - Name: OPRGHDLR.SYS Image Path: C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS Address: 0xF7BD5000 Size: 4096 File Visible: - Signed: Yes Status: - Name: PartMgr.sys Image Path: PartMgr.sys Address: 0xF7894000 Size: 18688 File Visible: - Signed: Yes Status: - Name: pci.sys Image Path: pci.sys Address: 0xF75AC000 Size: 68224 File Visible: - Signed: Yes Status: - Name: pciide.sys Image Path: pciide.sys Address: 0xF7BD4000 Size: 3328 File Visible: - Signed: Yes Status: - Name: PCIIDEX.SYS Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS Address: 0xF788C000 Size: 28672 File Visible: - Signed: Yes Status: - Name: pcmcia.sys Image Path: pcmcia.sys Address: 0xF758E000 Size: 119936 File Visible: - Signed: Yes Status: - Name: PnpManager Image Path: \Driver\PnpManager Address: 0x804D7000 Size: 2252800 File Visible: - Signed: Yes Status: - Name: PxHelp20.sys Image Path: PxHelp20.sys Address: 0xF789C000 Size: 20000 File Visible: - Signed: No Status: - Name: RAW Image Path: \FileSystem\RAW Address: 0x804D7000 Size: 2252800 File Visible: - Signed: Yes Status: - Name: rdpdr.sys Image Path: C:\WINDOWS\system32\DRIVERS\rdpdr.sys Address: 0xBAF04000 Size: 196864 File Visible: - Signed: Yes Status: - Name: redbook.sys Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys Address: 0xF76DC000 Size: 57344 File Visible: - Signed: Yes Status: - Name: repealroot.bat.sys Image Path: C:\WINDOWS\system32\drivers\repealroot.bat.sys Address: 0xBA9AB000 Size: 49152 File Visible: No Signed: No Status: - Name: Serial.sys Image Path: Serial.sys Address: 0xF767C000 Size: 64896 File Visible: - Signed: Yes Status: - Name: sr.sys Image Path: sr.sys Address: 0xF742A000 Size: 73472 File Visible: - Signed: Yes Status: - Name: swenum.sys Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys Address: 0xF7B58000 Size: 4352 File Visible: - Signed: Yes Status: - Name: SynTP.sys Image Path: C:\WINDOWS\system32\DRIVERS\SynTP.sys Address: 0xBAF58000 Size: 192736 File Visible: - Signed: Yes Status: - Name: termdd.sys Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys Address: 0xF76EC000 Size: 40704 File Visible: - Signed: Yes Status: - Name: update.sys Image Path: C:\WINDOWS\system32\DRIVERS\update.sys Address: 0xBAEA8000 Size: 209408 File Visible: - Signed: Yes Status: - Name: USBD.SYS Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS Address: 0xF7B52000 Size: 8192 File Visible: - Signed: Yes Status: - Name: usbehci.sys Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys Address: 0xF7A0C000 Size: 26624 File Visible: - Signed: Yes Status: - Name: usbhub.sys Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys Address: 0xF76FC000 Size: 57600 File Visible: - Signed: Yes Status: - Name: USBPORT.SYS Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS Address: 0xBAF88000 Size: 143360 File Visible: - Signed: Yes Status: - Name: usbuhci.sys Image Path: C:\WINDOWS\system32\DRIVERS\usbuhci.sys Address: 0xF79DC000 Size: 20480 File Visible: - Signed: Yes Status: - Name: vga.sys Image Path: C:\WINDOWS\System32\drivers\vga.sys Address: 0xF78C4000 Size: 20992 File Visible: - Signed: Yes Status: - Name: viaide.sys Image Path: viaide.sys Address: 0xF7B12000 Size: 5376 File Visible: - Signed: Yes Status: - Name: VIDEOPRT.SYS Image Path: C:\WINDOWS\System32\drivers\VIDEOPRT.SYS Address: 0xBAE6C000 Size: 81920 File Visible: - Signed: Yes Status: - Name: VolSnap.sys Image Path: VolSnap.sys Address: 0xF764C000 Size: 52352 File Visible: - Signed: Yes Status: - Name: watchdog.sys Image Path: C:\WINDOWS\System32\watchdog.sys Address: 0xF79E4000 Size: 20480 File Visible: - Signed: Yes Status: - Name: Win32k Image Path: \Driver\Win32k Address: 0xBF800000 Size: 1839104 File Visible: - Signed: Yes Status: - Name: win32k.sys Image Path: C:\WINDOWS\System32\win32k.sys Address: 0xBF800000 Size: 1839104 File Visible: - Signed: Yes Status: - Name: wmiacpi.sys Image Path: C:\WINDOWS\system32\DRIVERS\wmiacpi.sys Address: 0xF7AC8000 Size: 8832 File Visible: - Signed: Yes Status: - Name: WMILIB.SYS Image Path: C:\WINDOWS\system32\DRIVERS\WMILIB.SYS Address: 0xF7B0E000 Size: 8192 File Visible: - Signed: Yes Status: - Name: WMIxWDM Image Path: \Driver\WMIxWDM Address: 0x804D7000 Size: 2252800 File Visible: - Signed: Yes Status: - Hidden/Locked Files ------------------- Path: C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a Status: Locked to the Windows API! Processes ------------------- PathSystem PID: 4 Status: - PathC:\WINDOWS\system32\smss.exe PID: 168 Status: - PathC:\WINDOWS\system32\csrss.exe PID: 216 Status: - PathC:\WINDOWS\system32\winlogon.exe PID: 240 Status: - PathC:\WINDOWS\system32\services.exe PID: 284 Status: - PathC:\WINDOWS\system32\lsass.exe PID: 296 Status: - PathC:\WINDOWS\system32\svchost.exe PID: 448 Status: - PathC:\WINDOWS\system32\svchost.exe PID: 492 Status: - PathC:\WINDOWS\system32\svchost.exe PID: 560 Status: - PathC:\WINDOWS\explorer.exe PID: 772 Status: - PathC:\WINDOWS\system32\igfxsrvc.exe PID: 840 Status: - PathC:\RootRepeal\repealroot.bat.exe PID: 900 Status: - SSDT ------------------- #: 000 Function Name: NtAcceptConnectPort Status: Not hooked #: 001 Function Name: NtAccessCheck Status: Not hooked #: 002 Function Name: NtAccessCheckAndAuditAlarm Status: Not hooked #: 003 Function Name: NtAccessCheckByType Status: Not hooked #: 004 Function Name: NtAccessCheckByTypeAndAuditAlarm Status: Not hooked #: 005 Function Name: NtAccessCheckByTypeResultList Status: Not hooked #: 006 Function Name: NtAccessCheckByTypeResultListAndAuditAlarm Status: Not hooked #: 007 Function Name: NtAccessCheckByTypeResultListAndAuditAlarmByHandle Status: Not hooked #: 008 Function Name: NtAddAtom Status: Not hooked #: 009 Function Name: NtAddBootEntry Status: Not hooked #: 010 Function Name: NtAdjustGroupsToken Status: Not hooked #: 011 Function Name: NtAdjustPrivilegesToken Status: Not hooked #: 012 Function Name: NtAlertResumeThread Status: Not hooked #: 013 Function Name: NtAlertThread Status: Not hooked #: 014 Function Name: NtAllocateLocallyUniqueId Status: Not hooked #: 015 Function Name: NtAllocateUserPhysicalPages Status: Not hooked #: 016 Function Name: NtAllocateUuids Status: Not hooked #: 017 Function Name: NtAllocateVirtualMemory Status: Not hooked #: 018 Function Name: NtAreMappedFilesTheSame Status: Not hooked #: 019 Function Name: NtAssignProcessToJobObject Status: Not hooked #: 020 Function Name: NtCallbackReturn Status: Not hooked #: 021 Function Name: NtCancelDeviceWakeupRequest Status: Not hooked #: 022 Function Name: NtCancelIoFile Status: Not hooked #: 023 Function Name: NtCancelTimer Status: Not hooked #: 024 Function Name: NtClearEvent Status: Not hooked #: 025 Function Name: NtClose Status: Not hooked #: 026 Function Name: NtCloseObjectAuditAlarm Status: Not hooked #: 027 Function Name: NtCompactKeys Status: Not hooked #: 028 Function Name: NtCompareTokens Status: Not hooked #: 029 Function Name: NtCompleteConnectPort Status: Not hooked #: 030 Function Name: NtCompressKey Status: Not hooked #: 031 Function Name: NtConnectPort Status: Not hooked #: 032 Function Name: NtContinue Status: Not hooked #: 033 Function Name: NtCreateDebugObject Status: Not hooked #: 034 Function Name: NtCreateDirectoryObject Status: Not hooked #: 035 Function Name: NtCreateEvent Status: Not hooked #: 036 Function Name: NtCreateEventPair Status: Not hooked #: 037 Function Name: NtCreateFile Status: Not hooked #: 038 Function Name: NtCreateIoCompletion Status: Not hooked #: 039 Function Name: NtCreateJobObject Status: Not hooked #: 040 Function Name: NtCreateJobSet Status: Not hooked #: 041 Function Name: NtCreateKey Status: Not hooked #: 042 Function Name: NtCreateMailslotFile Status: Not hooked #: 043 Function Name: NtCreateMutant Status: Not hooked #: 044 Function Name: NtCreateNamedPipeFile Status: Not hooked #: 045 Function Name: NtCreatePagingFile Status: Not hooked #: 046 Function Name: NtCreatePort Status: Not hooked #: 047 Function Name: NtCreateProcess Status: Not hooked #: 048 Function Name: NtCreateProcessEx Status: Not hooked #: 049 Function Name: NtCreateProfile Status: Not hooked #: 050 Function Name: NtCreateSection Status: Not hooked #: 051 Function Name: NtCreateSemaphore Status: Not hooked #: 052 Function Name: NtCreateSymbolicLinkObject Status: Not hooked #: 053 Function Name: NtCreateThread Status: Not hooked #: 054 Function Name: NtCreateTimer Status: Not hooked #: 055 Function Name: NtCreateToken Status: Not hooked #: 056 Function Name: NtCreateWaitablePort Status: Not hooked #: 057 Function Name: NtDebugActiveProcess Status: Not hooked #: 058 Function Name: NtDebugContinue Status: Not hooked #: 059 Function Name: NtDelayExecution Status: Not hooked #: 060 Function Name: NtDeleteAtom Status: Not hooked #: 061 Function Name: NtDeleteBootEntry Status: Not hooked #: 062 Function Name: NtDeleteFile Status: Not hooked #: 063 Function Name: NtDeleteKey Status: Not hooked #: 064 Function Name: NtDeleteObjectAuditAlarm Status: Not hooked #: 065 Function Name: NtDeleteValueKey Status: Not hooked #: 066 Function Name: NtDeviceIoControlFile Status: Not hooked #: 067 Function Name: NtDisplayString Status: Not hooked #: 068 Function Name: NtDuplicateObject Status: Not hooked #: 069 Function Name: NtDuplicateToken Status: Not hooked #: 070 Function Name: NtEnumerateBootEntries Status: Not hooked #: 071 Function Name: NtEnumerateKey Status: Not hooked #: 072 Function Name: NtEnumerateSystemEnvironmentValuesEx Status: Not hooked #: 073 Function Name: NtEnumerateValueKey Status: Not hooked #: 074 Function Name: NtExtendSection Status: Not hooked #: 075 Function Name: NtFilterToken Status: Not hooked #: 076 Function Name: NtFindAtom Status: Not hooked #: 077 Function Name: NtFlushBuffersFile Status: Not hooked #: 078 Function Name: NtFlushInstructionCache Status: Not hooked #: 079 Function Name: NtFlushKey Status: Not hooked #: 080 Function Name: NtFlushVirtualMemory Status: Not hooked #: 081 Function Name: NtFlushWriteBuffer Status: Not hooked #: 082 Function Name: NtFreeUserPhysicalPages Status: Not hooked #: 083 Function Name: NtFreeVirtualMemory Status: Not hooked #: 084 Function Name: NtFsControlFile Status: Not hooked #: 085 Function Name: NtGetContextThread Status: Not hooked #: 086 Function Name: NtGetDevicePowerState Status: Not hooked #: 087 Function Name: NtGetPlugPlayEvent Status: Not hooked #: 088 Function Name: NtGetWriteWatch Status: Not hooked #: 089 Function Name: NtImpersonateAnonymousToken Status: Not hooked #: 090 Function Name: NtImpersonateClientOfPort Status: Not hooked #: 091 Function Name: NtImpersonateThread Status: Not hooked #: 092 Function Name: NtInitializeRegistry Status: Not hooked #: 093 Function Name: NtInitiatePowerAction Status: Not hooked #: 094 Function Name: NtIsProcessInJob Status: Not hooked #: 095 Function Name: NtIsSystemResumeAutomatic Status: Not hooked #: 096 Function Name: NtListenPort Status: Not hooked #: 097 Function Name: NtLoadDriver Status: Not hooked #: 098 Function Name: NtLoadKey Status: Not hooked #: 099 Function Name: NtLoadKey2 Status: Not hooked #: 100 Function Name: NtLockFile Status: Not hooked #: 101 Function Name: NtLockProductActivationKeys Status: Not hooked #: 102 Function Name: NtLockRegistryKey Status: Not hooked #: 103 Function Name: NtLockVirtualMemory Status: Not hooked #: 104 Function Name: NtMakePermanentObject Status: Not hooked #: 105 Function Name: NtMakeTemporaryObject Status: Not hooked #: 106 Function Name: NtMapUserPhysicalPages Status: Not hooked #: 107 Function Name: NtMapUserPhysicalPagesScatter Status: Not hooked #: 108 Function Name: NtMapViewOfSection Status: Not hooked #: 109 Function Name: NtModifyBootEntry Status: Not hooked #: 110 Function Name: NtNotifyChangeDirectoryFile Status: Not hooked #: 111 Function Name: NtNotifyChangeKey Status: Not hooked #: 112 Function Name: NtNotifyChangeMultipleKeys Status: Not hooked #: 113 Function Name: NtOpenDirectoryObject Status: Not hooked #: 114 Function Name: NtOpenEvent Status: Not hooked #: 115 Function Name: NtOpenEventPair Status: Not hooked #: 116 Function Name: NtOpenFile Status: Not hooked #: 117 Function Name: NtOpenIoCompletion Status: Not hooked #: 118 Function Name: NtOpenJobObject Status: Not hooked #: 119 Function Name: NtOpenKey Status: Not hooked #: 120 Function Name: NtOpenMutant Status: Not hooked #: 121 Function Name: NtOpenObjectAuditAlarm Status: Not hooked #: 122 Function Name: NtOpenProcess Status: Not hooked #: 123 Function Name: NtOpenProcessToken Status: Not hooked #: 124 Function Name: NtOpenProcessTokenEx Status: Not hooked #: 125 Function Name: NtOpenSection Status: Not hooked #: 126 Function Name: NtOpenSemaphore Status: Not hooked #: 127 Function Name: NtOpenSymbolicLinkObject Status: Not hooked #: 128 Function Name: NtOpenThread Status: Not hooked #: 129 Function Name: NtOpenThreadToken Status: Not hooked #: 130 Function Name: NtOpenThreadTokenEx Status: Not hooked #: 131 Function Name: NtOpenTimer Status: Not hooked #: 132 Function Name: NtPlugPlayControl Status: Not hooked #: 133 Function Name: NtPowerInformation Status: Not hooked #: 134 Function Name: NtPrivilegeCheck Status: Not hooked #: 135 Function Name: NtPrivilegeObjectAuditAlarm Status: Not hooked #: 136 Function Name: NtPrivilegedServiceAuditAlarm Status: Not hooked #: 137 Function Name: NtProtectVirtualMemory Status: Not hooked #: 138 Function Name: NtPulseEvent Status: Not hooked #: 139 Function Name: NtQueryAttributesFile Status: Not hooked #: 140 Function Name: NtQueryBootEntryOrder Status: Not hooked #: 141 Function Name: NtQueryBootOptions Status: Not hooked #: 142 Function Name: NtQueryDebugFilterState Status: Not hooked #: 143 Function Name: NtQueryDefaultLocale Status: Not hooked #: 144 Function Name: NtQueryDefaultUILanguage Status: Not hooked #: 145 Function Name: NtQueryDirectoryFile Status: Not hooked #: 146 Function Name: NtQueryDirectoryObject Status: Not hooked #: 147 Function Name: NtQueryEaFile Status: Not hooked #: 148 Function Name: NtQueryEvent Status: Not hooked #: 149 Function Name: NtQueryFullAttributesFile Status: Not hooked #: 150 Function Name: NtQueryInformationAtom Status: Not hooked #: 151 Function Name: NtQueryInformationFile Status: Not hooked #: 152 Function Name: NtQueryInformationJobObject Status: Not hooked #: 153 Function Name: NtQueryInformationPort Status: Not hooked #: 154 Function Name: NtQueryInformationProcess Status: Not hooked #: 155 Function Name: NtQueryInformationThread Status: Not hooked #: 156 Function Name: NtQueryInformationToken Status: Not hooked #: 157 Function Name: NtQueryInstallUILanguage Status: Not hooked #: 158 Function Name: NtQueryIntervalProfile Status: Not hooked #: 159 Function Name: NtQueryIoCompletion Status: Not hooked #: 160 Function Name: NtQueryKey Status: Not hooked #: 161 Function Name: NtQueryMultipleValueKey Status: Not hooked #: 162 Function Name: NtQueryMutant Status: Not hooked #: 163 Function Name: NtQueryObject Status: Not hooked #: 164 Function Name: NtQueryOpenSubKeys Status: Not hooked #: 165 Function Name: NtQueryPerformanceCounter Status: Not hooked #: 166 Function Name: NtQueryQuotaInformationFile Status: Not hooked #: 167 Function Name: NtQuerySection Status: Not hooked #: 168 Function Name: NtQuerySecurityObject Status: Not hooked #: 169 Function Name: NtQuerySemaphore Status: Not hooked #: 170 Function Name: NtQuerySymbolicLinkObject Status: Not hooked #: 171 Function Name: NtQuerySystemEnvironmentValue Status: Not hooked #: 172 Function Name: NtQuerySystemEnvironmentValueEx Status: Not hooked #: 173 Function Name: NtQuerySystemInformation Status: Not hooked #: 174 Function Name: NtQuerySystemTime Status: Not hooked #: 175 Function Name: NtQueryTimer Status: Not hooked #: 176 Function Name: NtQueryTimerResolution Status: Not hooked #: 177 Function Name: NtQueryValueKey Status: Not hooked #: 178 Function Name: NtQueryVirtualMemory Status: Not hooked #: 179 Function Name: NtQueryVolumeInformationFile Status: Not hooked #: 180 Function Name: NtQueueApcThread Status: Not hooked #: 181 Function Name: NtRaiseException Status: Not hooked #: 182 Function Name: NtRaiseHardError Status: Not hooked #: 183 Function Name: NtReadFile Status: Not hooked #: 184 Function Name: NtReadFileScatter Status: Not hooked #: 185 Function Name: NtReadRequestData Status: Not hooked #: 186 Function Name: NtReadVirtualMemory Status: Not hooked #: 187 Function Name: NtRegisterThreadTerminatePort Status: Not hooked #: 188 Function Name: NtReleaseMutant Status: Not hooked #: 189 Function Name: NtReleaseSemaphore Status: Not hooked #: 190 Function Name: NtRemoveIoCompletion Status: Not hooked #: 191 Function Name: NtRemoveProcessDebug Status: Not hooked #: 192 Function Name: NtRenameKey Status: Not hooked #: 193 Function Name: NtReplaceKey Status: Not hooked #: 194 Function Name: NtReplyPort Status: Not hooked #: 195 Function Name: NtReplyWaitReceivePort Status: Not hooked #: 196 Function Name: NtReplyWaitReceivePortEx Status: Not hooked #: 197 Function Name: NtReplyWaitReplyPort Status: Not hooked #: 198 Function Name: NtRequestDeviceWakeup Status: Not hooked #: 199 Function Name: NtRequestPort Status: Not hooked #: 200 Function Name: NtRequestWaitReplyPort Status: Not hooked #: 201 Function Name: NtRequestWakeupLatency Status: Not hooked #: 202 Function Name: NtResetEvent Status: Not hooked #: 203 Function Name: NtResetWriteWatch Status: Not hooked #: 204 Function Name: NtRestoreKey Status: Not hooked #: 205 Function Name: NtResumeProcess Status: Not hooked #: 206 Function Name: NtResumeThread Status: Not hooked #: 207 Function Name: NtSaveKey Status: Not hooked #: 208 Function Name: NtSaveKeyEx Status: Not hooked #: 209 Function Name: NtSaveMergedKeys Status: Not hooked #: 210 Function Name: NtSecureConnectPort Status: Not hooked #: 211 Function Name: NtSetBootEntryOrder Status: Not hooked #: 212 Function Name: NtSetBootOptions Status: Not hooked #: 213 Function Name: NtSetContextThread Status: Not hooked #: 214 Function Name: NtSetDebugFilterState Status: Not hooked #: 215 Function Name: NtSetDefaultHardErrorPort Status: Not hooked #: 216 Function Name: NtSetDefaultLocale Status: Not hooked #: 217 Function Name: NtSetDefaultUILanguage Status: Not hooked #: 218 Function Name: NtSetEaFile Status: Not hooked #: 219 Function Name: NtSetEvent Status: Not hooked #: 220 Function Name: NtSetEventBoostPriority Status: Not hooked #: 221 Function Name: NtSetHighEventPair Status: Not hooked #: 222 Function Name: NtSetHighWaitLowEventPair Status: Not hooked #: 223 Function Name: NtSetInformationDebugObject Status: Not hooked #: 224 Function Name: NtSetInformationFile Status: Not hooked #: 225 Function Name: NtSetInformationJobObject Status: Not hooked #: 226 Function Name: NtSetInformationKey Status: Not hooked #: 227 Function Name: NtSetInformationObject Status: Not hooked #: 228 Function Name: NtSetInformationProcess Status: Not hooked #: 229 Function Name: NtSetInformationThread Status: Not hooked #: 230 Function Name: NtSetInformationToken Status: Not hooked #: 231 Function Name: NtSetIntervalProfile Status: Not hooked #: 232 Function Name: NtSetIoCompletion Status: Not hooked #: 233 Function Name: NtSetLdtEntries Status: Not hooked #: 234 Function Name: NtSetLowEventPair Status: Not hooked #: 235 Function Name: NtSetLowWaitHighEventPair Status: Not hooked #: 236 Function Name: NtSetQuotaInformationFile Status: Not hooked #: 237 Function Name: NtSetSecurityObject Status: Not hooked #: 238 Function Name: NtSetSystemEnvironmentValue Status: Not hooked #: 239 Function Name: NtSetSystemEnvironmentValueEx Status: Not hooked #: 240 Function Name: NtSetSystemInformation Status: Not hooked #: 241 Function Name: NtSetSystemPowerState Status: Not hooked #: 242 Function Name: NtSetSystemTime Status: Not hooked #: 243 Function Name: NtSetThreadExecutionState Status: Not hooked #: 244 Function Name: NtSetTimer Status: Not hooked #: 245 Function Name: NtSetTimerResolution Status: Not hooked #: 246 Function Name: NtSetUuidSeed Status: Not hooked #: 247 Function Name: NtSetValueKey Status: Not hooked #: 248 Function Name: NtSetVolumeInformationFile Status: Not hooked #: 249 Function Name: NtShutdownSystem Status: Not hooked #: 250 Function Name: NtSignalAndWaitForSingleObject Status: Not hooked #: 251 Function Name: NtStartProfile Status: Not hooked #: 252 Function Name: NtStopProfile Status: Not hooked #: 253 Function Name: NtSuspendProcess Status: Not hooked #: 254 Function Name: NtSuspendThread Status: Not hooked #: 255 Function Name: NtSystemDebugControl Status: Not hooked #: 256 Function Name: NtTerminateJobObject Status: Not hooked #: 257 Function Name: NtTerminateProcess Status: Not hooked #: 258 Function Name: NtTerminateThread Status: Not hooked #: 259 Function Name: NtTestAlert Status: Not hooked #: 260 Function Name: NtTraceEvent Status: Not hooked #: 261 Function Name: NtTranslateFilePath Status: Not hooked #: 262 Function Name: NtUnloadDriver Status: Not hooked #: 263 Function Name: NtUnloadKey Status: Not hooked #: 264 Function Name: NtUnloadKeyEx Status: Not hooked #: 265 Function Name: NtUnlockFile Status: Not hooked #: 266 Function Name: NtUnlockVirtualMemory Status: Not hooked #: 267 Function Name: NtUnmapViewOfSection Status: Not hooked #: 268 Function Name: NtVdmControl Status: Not hooked #: 269 Function Name: NtWaitForDebugEvent Status: Not hooked #: 270 Function Name: NtWaitForMultipleObjects Status: Not hooked #: 271 Function Name: NtWaitForSingleObject Status: Not hooked #: 272 Function Name: NtWaitHighEventPair Status: Not hooked #: 273 Function Name: NtWaitLowEStealth Objects ------------------- Hidden Services ------------------- Service Name: UACd.sys Image Path: C:\WINDOWS\system32\drivers\UACljaowktaru.sys Shadow SSDT ------------------- #: 000 Function Name: NtGdiAbortDoc Status: Not hooked #: 001 Function Name: NtGdiAbortPath Status: Not hooked #: 002 Function Name: NtGdiAddFontResourceW Status: Not hooked #: 003 Function Name: NtGdiAddRemoteFontToDC Status: Not hooked #: 004 Function Name: NtGdiAddFontMemResourceEx Status: Not hooked #: 005 Function Name: NtGdiRemoveMergeFont Status: Not hooked #: 006 Function Name: NtGdiAddRemoteMMInstanceToDC Status: Not hooked #: 007 Function Name: NtGdiAlphaBlend Status: Not hooked #: 008 Function Name: NtGdiAngleArc Status: Not hooked #: 009 Function Name: NtGdiAnyLinkedFonts Status: Not hooked #: 010 Function Name: NtGdiFontIsLinked Status: Not hooked #: 011 Function Name: NtGdiArcInternal Status: Not hooked #: 012 Function Name: NtGdiBeginPath Status: Not hooked #: 013 Function Name: NtGdiBitBlt Status: Not hooked #: 014 Function Name: NtGdiCancelDC Status: Not hooked #: 015 Function Name: NtGdiCheckBitmapBits Status: Not hooked #: 016 Function Name: NtGdiCloseFigure Status: Not hooked #: 017 Function Name: NtGdiClearBitmapAttributes Status: Not hooked #: 018 Function Name: NtGdiClearBrushAttributes Status: Not hooked #: 019 Function Name: NtGdiColorCorrectPalette Status: Not hooked #: 020 Function Name: NtGdiCombineRgn Status: Not hooked #: 021 Function Name: NtGdiCombineTransform Status: Not hooked #: 022 Function Name: NtGdiComputeXformCoefficients Status: Not hooked #: 023 Function Name: NtGdiConsoleTextOut Status: Not hooked #: 024 Function Name: NtGdiConvertMetafileRect Status: Not hooked #: 025 Function Name: NtGdiCreateBitmap Status: Not hooked #: 026 Function Name: NtGdiCreateClientObj Status: Not hooked #: 027 Function Name: NtGdiCreateColorSpace Status: Not hooked #: 028 Function Name: NtGdiCreateColorTransform Status: Not hooked #: 029 Function Name: NtGdiCreateCompatibleBitmap Status: Not hooked #: 030 Function Name: NtGdiCreateCompatibleDC Status: Not hooked #: 031 Function Name: NtGdiCreateDIBBrush Status: Not hooked #: 032 Function Name: NtGdiCreateDIBitmapInternal Status: Not hooked #: 033 Function Name: NtGdiCreateDIBSection Status: Not hooked #: 034 Function Name: NtGdiCreateEllipticRgn Status: Not hooked #: 035 Function Name: NtGdiCreateHalftonePalette Status: Not hooked #: 036 Function Name: NtGdiCreateHatchBrushInternal Status: Not hooked #: 037 Function Name: NtGdiCreateMetafileDC Status: Not hooked #: 038 Function Name: NtGdiCreatePaletteInternal Status: Not hooked #: 039 Function Name: NtGdiCreatePatternBrushInternal Status: Not hooked #: 040 Function Name: NtGdiCreatePen Status: Not hooked #: 041 Function Name: NtGdiCreateRectRgn Status: Not hooked #: 042 Function Name: NtGdiCreateRoundRectRgn Status: Not hooked #: 043 Function Name: NtGdiCreateServerMetaFile Status: Not hooked #: 044 Function Name: NtGdiCreateSolidBrush Status: Not hooked #: 045 Function Name: NtGdiD3dContextCreate Status: Not hooked #: 046 Function Name: NtGdiD3dContextDestroy Status: Not hooked #: 047 Function Name: NtGdiD3dContextDestroyAll Status: Not hooked #: 048 Function Name: NtGdiD3dValidateTextureStageState Status: Not hooked #: 049 Function Name: NtGdiD3dDrawPrimitives2 Status: Not hooked #: 050 Function Name: NtGdiDdGetDriverState Status: Not hooked #: 051 Function Name: NtGdiDdAddAttachedSurface Status: Not hooked #: 052 Function Name: NtGdiDdAlphaBlt Status: Not hooked #: 053 Function Name: NtGdiDdAttachSurface Status: Not hooked #: 054 Function Name: NtGdiDdBeginMoCompFrame Status: Not hooked #: 055 Function Name: NtGdiDdBlt Status: Not hooked #: 056 Function Name: NtGdiDdCanCreateSurface Status: Not hooked #: 057 Function Name: NtGdiDdCanCreateD3DBuffer Status: Not hooked #: 058 Function Name: NtGdiDdColorControl Status: Not hooked #: 059 Function Name: NtGdiDdCreateDirectDrawObject Status: Not hooked #: 060 Function Name: NtGdiDdCreateSurface Status: Not hooked #: 061 Function Name: NtGdiDdCreateD3DBuffer Status: Not hooked #: 062 Function Name: NtGdiDdCreateMoComp Status: Not hooked #: 063 Function Name: NtGdiDdCreateSurfaceObject Status: Not hooked #: 064 Function Name: NtGdiDdDeleteDirectDrawObject Status: Not hooked #: 065 Function Name: NtGdiDdDeleteSurfaceObject Status: Not hooked #: 066 Function Name: NtGdiDdDestroyMoComp Status: Not hooked #: 067 Function Name: NtGdiDdDestroySurface Status: Not hooked #: 068 Function Name: NtGdiDdDestroyD3DBuffer Status: Not hooked #: 069 Function Name: NtGdiDdEndMoCompFrame Status: Not hooked #: 070 Function Name: NtGdiDdFlip Status: Not hooked #: 071 Function Name: NtGdiDdFlipToGDISurface Status: Not hooked #: 072 Function Name: NtGdiDdGetAvailDriverMemory Status: Not hooked #: 073 Function Name: NtGdiDdGetBltStatus Status: Not hooked #: 074 Function Name: NtGdiDdGetDC Status: Not hooked #: 075 Function Name: NtGdiDdGetDriverInfo Status: Not hooked #: 076 Function Name: NtGdiDdGetDxHandle Status: Not hooked #: 077 Function Name: NtGdiDdGetFlipStatus Status: Not hooked #: 078 Function Name: NtGdiDdGetInternalMoCompInfo Status: Not hooked #: 079 Function Name: NtGdiDdGetMoCompBuffInfo Status: Not hooked #: 080 Function Name: NtGdiDdGetMoCompGuids Status: Not hooked #: 081 Function Name: NtGdiDdGetMoCompFormats Status: Not hooked #: 082 Function Name: NtGdiDdGetScanLine Status: Not hooked #: 083 Function Name: NtGdiDdLock Status: Not hooked #: 084 Function Name: NtGdiDdLockD3D Status: Not hooked #: 085 Function Name: NtGdiDdQueryDirectDrawObject Status: Not hooked #: 086 Function Name: NtGdiDdQueryMoCompStatus Status: Not hooked #: 087 Function Name: NtGdiDdReenableDirectDrawObject Status: Not hooked #: 088 Function Name: NtGdiDdReleaseDC Status: Not hooked #: 089 Function Name: NtGdiDdRenderMoComp Status: Not hooked #: 090 Function Name: NtGdiDdResetVisrgn Status: Not hooked #: 091 Function Name: NtGdiDdSetColorKey Status: Not hooked #: 092 Function Name: NtGdiDdSetExclusiveMode Status: Not hooked #: 093 Function Name: NtGdiDdSetGammaRamp Status: Not hooked #: 094 Function Name: NtGdiDdCreateSurfaceEx Status: Not hooked #: 095 Function Name: NtGdiDdSetOverlayPosition Status: Not hooked #: 096 Function Name: NtGdiDdUnattachSurface Status: Not hooked #: 097 Function Name: NtGdiDdUnlock Status: Not hooked #: 098 Function Name: NtGdiDdUnlockD3D Status: Not hooked #: 099 Function Name: NtGdiDdUpdateOverlay Status: Not hooked #: 100 Function Name: NtGdiDdWaitForVerticalBlank Status: Not hooked #: 101 Function Name: NtGdiDvpCanCreateVideoPort Status: Not hooked #: 102 Function Name: NtGdiDvpColorControl Status: Not hooked #: 103 Function Name: NtGdiDvpCreateVideoPort Status: Not hooked #: 104 Function Name: NtGdiDvpDestroyVideoPort Status: Not hooked #: 105 Function Name: NtGdiDvpFlipVideoPort Status: Not hooked #: 106 Function Name: NtGdiDvpGetVideoPortBandwidth Status: Not hooked #: 107 Function Name: NtGdiDvpGetVideoPortField Status: Not hooked #: 108 Function Name: NtGdiDvpGetVideoPortFlipStatus Status: Not hooked #: 109 Function Name: NtGdiDvpGetVideoPortInputFormats Status: Not hooked #: 110 Function Name: NtGdiDvpGetVideoPortLine Status: Not hooked #: 111 Function Name: NtGdiDvpGetVideoPortOutputFormats Status: Not hooked #: 112 Function Name: NtGdiDvpGetVideoPortConnectInfo Status: Not hooked #: 113 Function Name: NtGdiDvpGetVideoSignalStatus Status: Not hooked #: 114 Function Name: NtGdiDvpUpdateVideoPort Status: Not hooked #: 115 Function Name: NtGdiDvpWaitForVideoPortSync Status: Not hooked #: 116 Function Name: NtGdiDvpAcquireNotification Status: Not hooked #: 117 Function Name: NtGdiDvpReleaseNotification Status: Not hooked #: 118 Function Name: NtGdiDxgGenericThunk Status: Not hooked #: 119 Function Name: NtGdiDeleteClientObj Status: Not hooked #: 120 Function Name: NtGdiDeleteColorSpace Status: Not hooked #: 121 Function Name: NtGdiDeleteColorTransform Status: Not hooked #: 122 Function Name: NtGdiDeleteObjectApp Status: Not hooked #: 123 Function Name: NtGdiDescribePixelFormat Status: Not hooked #: 124 Function Name: NtGdiGetPerBandInfo Status: Not hooked #: 125 Function Name: NtGdiDoBanding Status: Not hooked #: 126 Function Name: NtGdiDoPalette Status: Not hooked #: 127 Function Name: NtGdiDrawEscape Status: Not hooked #: 128 Function Name: NtGdiEllipse Status: Not hooked #: 129 Function Name: NtGdiEnableEudc Status: Not hooked #: 130 Function Name: NtGdiEndDoc Status: Not hooked #: 131 Function Name: NtGdiEndPage Status: Not hooked #: 132 Function Name: NtGdiEndPath Status: Not hooked #: 133 Function Name: NtGdiEnumFontChunk Status: Not hooked #: 134 Function Name: NtGdiEnumFontClose Status: Not hooked #: 135 Function Name: NtGdiEnumFontOpen Status: Not hooked #: 136 Function Name: NtGdiEnumObjects Status: Not hooked #: 137 Function Name: NtGdiEqualRgn Status: Not hooked #: 138 Function Name: NtGdiEudcLoadUnloadLink Status: Not hooked #: 139 Function Name: NtGdiExcludeClipRect Status: Not hooked #: 140 Function Name: NtGdiExtCreatePen Status: Not hooked #: 141 Function Name: NtGdiExtCreateRegion Status: Not hooked #: 142 Function Name: NtGdiExtEscape Status: Not hooked #: 143 Function Name: NtGdiExtFloodFill Status: Not hooked #: 144 Function Name: NtGdiExtGetObjectW Status: Not hooked #: 145 Function Name: NtGdiExtSelectClipRgn Status: Not hooked #: 146 Function Name: NtGdiExtTextOutW Status: Not hooked #: 147 Function Name: NtGdiFillPath Status: Not hooked #: 148 Function Name: NtGdiFillRgn Status: Not hooked #: 149 Function Name: NtGdiFlattenPath Status: Not hooked #: 150 Function Name: NtGdiFlushUserBatch Status: Not hooked #: 151 Function Name: NtGdiFlush Status: Not hooked #: 152 Function Name: NtGdiForceUFIMapping Status: Not hooked #: 153 Function Name: NtGdiFrameRgn Status: Not hooked #: 154 Function Name: NtGdiFullscreenControl Status: Not hooked #: 155 Function Name: NtGdiGetAndSetDCDword Status: Not hooked #: 156 Function Name: NtGdiGetAppClipBox Status: Not hooked #: 157 Function Name: NtGdiGetBitmapBits Status: Not hooked #: 158 Function Name: NtGdiGetBitmapDimension Status: Not hooked #: 159 Function Name: NtGdiGetBoundsRect Status: Not hooked #: 160 Function Name: NtGdiGetCharABCWidthsW Status: Not hooked #: 161 Function Name: NtGdiGetCharacterPlacementW Status: Not hooked #: 162 Function Name: NtGdiGetCharSet Status: Not hooked #: 163 Function Name: NtGdiGetCharWidthW Status: Not hooked #: 164 Function Name: NtGdiGetCharWidthInfo Status: Not hooked #: 165 Function Name: NtGdiGetColorAdjustment Status: Not hooked #: 166 Function Name: NtGdiGetColorSpaceforBitmap Status: Not hooked #: 167 Function Name: NtGdiGetDCDword Status: Not hooked #: 168 Function Name: NtGdiGetDCforBitmap Status: Not hooked #: 169 Function Name: NtGdiGetDCObject Status: Not hooked #: 170 Function Name: NtGdiGetDCPoint Status: Not hooked #: 171 Function Name: NtGdiGetDeviceCaps Status: Not hooked #: 172 Function Name: NtGdiGetDeviceGammaRamp Status: Not hooked #: 173 Function Name: NtGdiGetDeviceCapsAll Status: Not hooked #: 174 Function Name: NtGdiGetDIBitsInternal Status: Not hooked #: 175 Function Name: NtGdiGetETM Status: Not hooked #: 176 Function Name: NtGdiGetEudcTimeStampEx Status: Not hooked #: 177 Function Name: NtGdiGetFontData Status: Not hooked #: 178 Function Name: NtGdiGetFontResourceInfoInternalW Status: Not hooked #: 179 Function Name: NtGdiGetGlyphIndicesW Status: Not hooked #: 180 Function Name: NtGdiGetGlyphIndicesWInternal Status: Not hooked #: 181 Function Name: NtGdiGetGlyphOutline Status: Not hooked #: 182 Function Name: NtGdiGetKerningPairs Status: Not hooked #: 183 Function Name: NtGdiGetLinkedUFIs Status: Not hooked #: 184 Function Name: NtGdiGetMiterLimit Status: Not hooked #: 185 Function Name: NtGdiGetMonitorID Status: Not hooked #: 186 Function Name: NtGdiGetNearestColor Status: Not hooked #: 187 Function Name: NtGdiGetNearestPaletteIndex Status: Not hooked #: 188 Function Name: NtGdiGetObjectBitmapHandle Status: Not hooked #: 189 Function Name: NtGdiGetOutlineTextMetricsInternalW Status: Not hooked #: 190 Function Name: NtGdiGetPath Status: Not hooked #: 191 Function Name: NtGdiGetPixel Status: Not hooked #: 192 Function Name: NtGdiGetRandomRgn Status: Not hooked #: 193 Function Name: NtGdiGetRasterizerCaps Status: Not hooked #: 194 Function Name: NtGdiGetRealizationInfo Status: Not hooked #: 195 Function Name: NtGdiGetRegionData Status: Not hooked #: 196 Function Name: NtGdiGetRgnBox Status: Not hooked #: 197 Function Name: NtGdiGetServerMetaFileBits Status: Not hooked #: 198 Function Name: NtGdiGetSpoolMessage Status: Not hooked #: 199 Function Name: NtGdiGetStats Status: Not hooked #: 200 Function Name: NtGdiGetStockObject Status: Not hooked #: 201 Function Name: NtGdiGetStringBitmapW Status: Not hooked #: 202 Function Name: NtGdiGetSystemPaletteUse Status: Not hooked #: 203 Function Name: NtGdiGetTextCharsetInfo Status: Not hooked #: 204 Function Name: NtGdiGetTextExtent Status: Not hooked #: 205 Function Name: NtGdiGetTextExtentExW Status: Not hooked #: 206 Function Name: NtGdiGetTextFaceW Status: Not hooked #: 207 Function Name: NtGdiGetTextMetricsW Status: Not hooked #: 208 Function Name: NtGdiGetTransform Status: Not hooked #: 209 Function Name: NtGdiGetUFI Status: Not hooked #: 210 Function Name: NtGdiGetEmbUFI Status: Not hooked #: 211 Function Name: NtGdiGetUFIPathname Status: Not hooked #: 212 Function Name: NtGdiGetEmbedFonts Status: Not hooked #: 213 Function Name: NtGdiChangeGhostFont Status: Not hooked #: 214 Function Name: NtGdiAddEmbFontToDC Status: Not hooked #: 215 Function Name: NtGdiGetFontUnicodeRanges Status: Not hooked #: 216 Function Name: NtGdiGetWidthTable Status: Not hooked #: 217 Function Name: NtGdiGradientFill Status: Not hooked #: 218 Function Name: NtGdiHfontCreate Status: Not hooked #: 219 Function Name: NtGdiIcmBrushInfo Status: Not hooked #: 220 Function Name: NtGdiInit Status: Not hooked #: 221 Function Name: NtGdiInitSpool Status: Not hooked #: 222 Function Name: NtGdiIntersectClipRect Status: Not hooked #: 223 Function Name: NtGdiInvertRgn Status: Not hooked #: 224 Function Name: NtGdiLineTo Status: Not hooked #: 225 Function Name: NtGdiMakeFontDir Status: Not hooked #: 226 Function Name: NtGdiMakeInfoDC Status: Not hooked #: 227 Function Name: NtGdiMaskBlt Status: Not hooked #: 228 Function Name: NtGdiModifyWorldTransform Status: Not hooked #: 229 Function Name: NtGdiMonoBitmap Status: Not hooked #: 230 Function Name: NtGdiMoveTo Status: Not hooked #: 231 Function Name: NtGdiOffsetClipRgn Status: Not hooked #: 232 Function Name: NtGdiOffsetRgn Status: Not hooked #: 233 Function Name: NtGdiOpenDCW Status: Not hooked #: 234 Function Name: NtGdiPatBlt Status: Not hooked #: 235 Function Name: NtGdiPolyPatBlt Status: Not hooked #: 236 Function Name: NtGdiPathToRegion Status: Not hooked #: 237 Function Name: NtGdiPlgBlt Status: Not hooked #: 238 Function Name: NtGdiPolyDraw Status: Not hooked #: 239 Function Name: NtGdiPolyPolyDraw Status: Not hooked #: 240 Function Name: NtGdiPolyTextOutW Status: Not hooked #: 241 Function Name: NtGdiPtInRegion Status: Not hooked #: 242 Function Name: NtGdiPtVisible Status: Not hooked #: 243 Function Name: NtGdiQueryFonts Status: Not hooked #: 244 Function Name: NtGdiQueryFontAssocInfo Status: Not hooked #: 245 Function Name: NtGdiRectangle Status: Not hooked #: 246 Function Name: NtGdiRectInRegion Status: Not hooked #: 247 Function Name: NtGdiRectVisible Status: Not hooked #: 248 Function Name: NtGdiRemoveFontResourceW Status: Not hooked #: 249 Function Name: NtGdiRemoveFontMemResourceEx Status: Not hooked #: 250 Function Name: NtGdiResetDC Status: Not hooked #: 251 Function Name: NtGdiResizePalette Status: Not hooked #: 252 Function Name: NtGdiRestoreDC Status: Not hooked #: 253 Function Name: NtGdiRoundRect Status: Not hooked #: 254 Function Name: NtGdiSaveDC Status: Not hooked #: 255 Function Name: NtGdiScaleViewportExtEx Status: Not hooked #: 256 Function Name: NtGdiScaleWindowExtEx Status: Not hooked #: 257 Function Name: NtGdiSelectBitmap Status: Not hooked #: 258 Function Name: NtGdiSelectBrush Status: Not hooked #: 259 Function Name: NtGdiSelectClipPath Status: Not hooked #: 260 Function Name: NtGdiSelectFont Status: Not hooked #: 261 Function Name: NtGdiSelectPen Status: Not hooked #: 262 Function Name: NtGdiSetBitmapAttributes Status: Not hooked #: 263 Function Name: NtGdiSetBitmapBits Status: Not hooked #: 264 Function Name: NtGdiSetBitmapDimension Status: Not hooked #: 265 Function Name: NtGdiSetBoundsRect Status: Not hooked #: 266 Function Name: NtGdiSetBrushAttributes Status: Not hooked #: 267 Function Name: NtGdiSetBrushOrg Status: Not hooked #: 268 Function Name: NtGdiSetColorAdjustment Status: Not hooked #: 269 Function Name: NtGdiSetColorSpace Status: Not hooked #: 270 Function Name: NtGdiSetDeviceGammaRamp Status: Not hooked #: 271 Function Name: NtGdiSetDIBitsToDeviceInternal Status: Not hooked #: 272 Function Name: NtGdiSetFontEnumeration Status: Not hooked #: 273 Function Name: NtGdiSetFontXform Status: Not hooked #: 274 Function Name: NtGdiSetIcmMode Status: Not hooked #: 275 Function Name: NtGdiSetLinkedUFIs Status: Not hooked #: 276 Function Name: NtGdiSetMagicColors Status: Not hooked #: 277 Function Name: NtGdiSetMetaRgn Status: Not hooked #: 278 Function Name: NtGdiSetMiterLimit Status: Not hooked #: 279 Function Name: NtGdiGetDeviceWidth Status: Not hooked #: 280 Function Name: NtGdiMirrorWindowOrg Status: Not hooked #: 281 Function Name: NtGdiSetLayout Status: Not hooked #: 282 Function Name: NtGdiSetPixel Status: Not hooked #: 283 Function Name: NtGdiSetPixelFormat Status: Not hooked #: 284 Function Name: NtGdiSetRectRgn Status: Not hooked #: 285 Function Name: NtGdiSetSystemPaletteUse Status: Not hooked #: 286 Function Name: NtGdiSetTextJustification Status: Not hooked #: 287 Function Name: NtGdiSetupPublicCFONT Status: Not hooked #: 288 Function Name: NtGdiSetVirtualResolution Status: Not hooked #: 289 Function Name: NtGdiSetSizeDevice Status: Not hooked #: 290 Function Name: NtGdiStartDoc Status: Not hooked #: 291 Function Name: NtGdiStartPage Status: Not hooked #: 292 Function Name: NtGdiStretchBlt Status: Not hooked #: 293 Function Name: NtGdiStretchDIBitsInternal Status: Not hooked #: 294 Function Name: NtGdiStrokeAndFillPath Status: Not hooked #: 295 Function Name: NtGdiStrokePath Status: Not hooked #: 296 Function Name: NtGdiSwapBuffers Status: Not hooked #: 297 Function Name: NtGdiTransformPoints Status: Not hooked #: 298 Function Name: NtGdiTransparentBlt Status: Not hooked #: 299 Function Name: NtGdiUnloadPrinterDriver Status: Not hooked #: 300 Function Name: NtGdiUnmapMemFont Status: Not hooked #: 301 Function Name: NtGdiUnrealizeObject Status: Not hooked #: 302 Function Name: NtGdiUpdateColors Status: Not hooked #: 303 Function Name: NtGdiWidenPath Status: Not hooked #: 304 Function Name: NtUserActivateKeyboardLayout Status: Not hooked #: 305 Function Name: NtUserAlterWindowStyle Status: Not hooked #: 306 Function Name: NtUserAssociateInputContext Status: Not hooked #: 307 Function Name: NtUserAttachThreadInput Status: Not hooked #: 308 Function Name: NtUserBeginPaint Status: Not hooked #: 309 Function Name: NtUserBitBltSysBmp Status: Not hooked #: 310 Function Name: NtUserBlockInput Status: Not hooked #: 311 Function Name: NtUserBuildHimcList Status: Not hooked #: 312 Function Name: NtUserBuildHwndList Status: Not hooked #: 313 Function Name: NtUserBuildNameList Status: Not hooked #: 314 Function Name: NtUserBuildPropList Status: Not hooked #: 315 Function Name: NtUserCallHwnd Status: Not hooked #: 316 Function Name: NtUserCallHwndLock Status: Not hooked #: 317 Function Name: NtUserCallHwndOpt Status: Not hooked #: 318 Function Name: NtUserCallHwndParam Status: Not hooked #: 319 Function Name: NtUserCallHwndParamLock Status: Not hooked #: 320 Function Name: NtUserCallMsgFilter Status: Not hooked #: 321 Function Name: NtUserCallNextHookEx Status: Not hooked #: 322 Function Name: NtUserCallNoParam Status: Not hooked #: 323 Function Name: NtUserCallOneParam Status: Not hooked #: 324 Function Name: NtUserCallTwoParam Status: Not hooked #: 325 Function Name: NtUserChangeClipboardChain Status: Not hooked #: 326 Function Name: NtUserChangeDisplaySettings Status: Not hooked #: 327 Function Name: NtUserCheckImeHotKey Status: Not hooked #: 328 Function Name: NtUserCheckMenuItem Status: Not hooked #: 329 Function Name: NtUserChildWindowFromPointEx Status: Not hooked #: 330 Function Name: NtUserClipCursor Status: Not hooked #: 331 Function Name: NtUserCloseClipboard Status: Not hooked #: 332 Function Name: NtUserCloseDesktop Status: Not hooked #: 333 Function Name: NtUserCloseWindowStation Status: Not hooked #: 334 Function Name: NtUserConsoleControl Status: Not hooked #: 335 Function Name: NtUserConvertMemHandle Status: Not hooked #: 336 Function Name: NtUserCopyAcceleratorTable Status: Not hooked #: 337 Function Name: NtUserCountClipboardFormats Status: Not hooked #: 338 Function Name: NtUserCreateAcceleratorTable Status: Not hooked #: 339 Function Name: NtUserCreateCaret Status: Not hooked #: 340 Function Name: NtUserCreateDesktop Status: Not hooked #: 341 Function Name: NtUserCreateInputContext Status: Not hooked #: 342 Function Name: NtUserCreateLocalMemHandle Status: Not hooked #: 343 Function Name: NtUserCreateWindowEx Status: Not hooked #: 344 Function Name: NtUserCreateWindowStation Status: Not hooked #: 345 Function Name: NtUserDdeGetQualityOfService Status: Not hooked #: 346 Function Name: NtUserDdeInitialize Status: Not hooked #: 347 Function Name: NtUserDdeSetQualityOfService Status: Not hooked #: 348 Function Name: NtUserDeferWindowPos Status: Not hooked #: 349 Function Name: NtUserDefSetText Status: Not hooked #: 350 Function Name: NtUserDeleteMenu Status: Not hooked #: 351 Function Name: NtUserDestroyAcceleratorTable Status: Not hooked #: 352 Function Name: NtUserDestroyCursor Status: Not hooked #: 353 Function Name: NtUserDestroyInputContext Status: Not hooked #: 354 Function Name: NtUserDestroyMenu Status: Not hooked #: 355 Function Name: NtUserDestroyWindow Status: Not hooked #: 356 Function Name: NtUserDisableThreadIme Status: Not hooked #: 357 Function Name: NtUserDispatchMessage Status: Not hooked #: 358 Function Name: NtUserDragDetect Status: Not hooked #: 359 Function Name: NtUserDragObject Status: Not hooked #: 360 Function Name: NtUserDrawAnimatedRects Status: Not hooked #: 361 Function Name: NtUserDrawCaption Status: Not hooked #: 362 Function Name: NtUserDrawCaptionTemp Status: Not hooked #: 363 Function Name: NtUserDrawIconEx Status: Not hooked #: 364 Function Name: NtUserDrawMenuBarTemp Status: Not hooked #: 365 Function Name: NtUserEmptyClipboard Status: Not hooked #: 366 Function Name: NtUserEnableMenuItem Status: Not hooked #: 367 Function Name: NtUserEnableScrollBar Status: Not hooked #: 368 Function Name: NtUserEndDeferWindowPosEx Status: Not hooked #: 369 Function Name: NtUserEndMenu Status: Not hooked #: 370 Function Name: NtUserEndPaint Status: Not hooked #: 371 Function Name: NtUserEnumDisplayDevices Status: Not hooked #: 372 Function Name: NtUserEnumDisplayMonitors Status: Not hooked #: 373 Function Name: NtUserEnumDisplaySettings Status: Not hooked #: 374 Function Name: NtUserEvent Status: Not hooked #: 375 Function Name: NtUserExcludeUpdateRgn Status: Not hooked #: 376 Function Name: NtUserFillWindow Status: Not hooked #: 377 Function Name: NtUserFindExistingCursorIcon Status: Not hooked #: 378 Function Name: NtUserFindWindowEx Status: Not hooked #: 379 Function Name: NtUserFlashWindowEx Status: Not hooked #: 380 Function Name: NtUserGetAltTabInfo Status: Not hooked #: 381 Function Name: NtUserGetAncestor Status: Not hooked #: 382 Function Name: NtUserGetAppImeLevel Status: Not hooked #: 383 Function Name: NtUserGetAsyncKeyState Status: Not hooked #: 384 Function Name: NtUserGetAtomName Status: Not hooked #: 385 Function Name: NtUserGetCaretBlinkTime Status: Not hooked #: 386 Function Name: NtUserGetCaretPos Status: Not hooked #: 387 Function Name: NtUserGetClassInfo Status: Not hooked #: 388 Function Name: NtUserGetClassName Status: Not hooked #: 389 Function Name: NtUserGetClipboardData Status: Not hooked #: 390 Function Name: NtUserGetClipboardFormatName Status: Not hooked #: 391 Function Name: NtUserGetClipboardOwner Status: Not hooked #: 392 Function Name: NtUserGetClipboardSequenceNumber Status: Not hooked #: 393 Function Name: NtUserGetClipboardViewer Status: Not hooked #: 394 Function Name: NtUserGetClipCursor Status: Not hooked #: 395 Function Name: NtUserGetComboBoxInfo Status: Not hooked #: 396 Function Name: NtUserGetControlBrush Status: Not hooked #: 397 Function Name: NtUserGetControlColor Status: Not hooked #: 398 Function Name: NtUserGetCPD Status: Not hooked #: 399 Function Name: NtUserGetCursorFrameInfo Status: Not hooked #: 400 Function Name: NtUserGetCursorInfo Status: Not hooked #: 401 Function Name: NtUserGetDC Status: Not hooked #: 402 Function Name: NtUserGetDCEx Status: Not hooked #: 403 Function Name: NtUserGetDoubleClickTime Status: Not hooked #: 404 Function Name: NtUserGetForegroundWindow Status: Not hooked #: 405 Function Name: NtUserGetGuiResources Status: Not hooked #: 406 Function Name: NtUserGetGUIThreadInfo Status: Not hooked #: 407 Function Name: NtUserGetIconInfo Status: Not hooked #: 408 Function Name: NtUserGetIconSize Status: Not hooked #: 409 Function Name: NtUserGetImeHotKey Status: Not hooked #: 410 Function Name: NtUserGetImeInfoEx Status: Not hooked #: 411 Function Name: NtUserGetInternalWindowPos Status: Not hooked #: 412 Function Name: NtUserGetKeyboardLayoutList Status: Not hooked #: 413 Function Name: NtUserGetKeyboardLayoutName Status: Not hooked #: 414 Function Name: NtUserGetKeyboardState Status: Not hooked #: 415 Function Name: NtUserGetKeyNameText Status: Not hooked #: 416 Function Name: NtUserGetKeyState Status: Not hooked #: 417 Function Name: NtUserGetListBoxInfo Status: Not hooked #: 418 Function Name: NtUserGetMenuBarInfo Status: Not hooked #: 419 Function Name: NtUserGetMenuIndex Status: Not hooked #: 420 Function Name: NtUserGetMenuItemRect Status: Not hooked #: 421 Function Name: NtUserGetMessage Status: Not hooked #: 422 Function Name: NtUserGetMouseMovePointsEx Status: Not hooked #: 423 Function Name: NtUserGetObjectInformation Status: Not hooked #: 424 Function Name: NtUserGetOpenClipboardWindow Status: Not hooked #: 425 Function Name: NtUserGetPriorityClipboardFormat Status: Not hooked #: 426 Function Name: NtUserGetProcessWindowStation Status: Not hooked #: 427 Function Name: NtUserGetRawInputBuffer Status: Not hooked #: 428 Function Name: NtUserGetRawInputData Status: Not hooked #: 429 Function Name: NtUserGetRawInputDeviceInfo Status: Not hooked #: 430 Function Name: NtUserGetRawInputDeviceList Status: Not hooked #: 431 Function Name: NtUserGetRegisteredRawInputDevices Status: Not hooked #: 432 Function Name: NtUserGetScrollBarInfo Status: Not hooked #: 433 Function Name: NtUserGetSystemMenu Status: Not hooked #: 434 Function Name: NtUserGetThreadDesktop Status: Not hooked #: 435 Function Name: NtUserGetThreadState Status: Not hooked #: 436 Function Name: NtUserGetTitleBarInfo Status: Not hooked #: 437 Function Name: NtUserGetUpdateRect Status: Not hooked #: 438 Function Name: NtUserGetUpdateRgn Status: Not hooked #: 439 Function Name: NtUserGetWindowDC Status: Not hooked #: 440 Function Name: NtUserGetWindowPlacement Status: Not hooked #: 441 Function Name: NtUserGetWOWClass Status: Not hooked #: 442 Function Name: NtUserHardErrorControl Status: Not hooked #: 443 Function Name: NtUserHideCaret Status: Not hooked #: 444 Function Name: NtUserHiliteMenuItem Status: Not hooked #: 445 Function Name: NtUserImpersonateDdeClientWindow Status: Not hooked #: 446 Function Name: NtUserInitialize Status: Not hooked #: 447 Function Name: NtUserInitializeClientPfnArrays Status: Not hooked #: 448 Function Name: NtUserInitTask Status: Not hooked #: 449 Function Name: NtUserInternalGetWindowText Status: Not hooked #: 450 Function Name: NtUserInvalidateRect Status: Not hooked #: 451 Function Name: NtUserInvalidateRgn Status: Not hooked #: 452 Function Name: NtUserIsClipboardFormatAvailable Status: Not hooked #: 453 Function Name: NtUserKillTimer Status: Not hooked #: 454 Function Name: NtUserLoadKeyboardLayoutEx Status: Not hooked #: 455 Function Name: NtUserLockWindowStation Status: Not hooked #: 456 Function Name: NtUserLockWindowUpdate Status: Not hooked #: 457 Function Name: NtUserLockWorkStation Status: Not hooked #: 458 Function Name: NtUserMapVirtualKeyEx Status: Not hooked #: 459 Function Name: NtUserMenuItemFromPoint Status: Not hooked #: 460 Function Name: NtUserMessageCall Status: Not hooked #: 461 Function Name: NtUserMinMaximize Status: Not hooked #: 462 Function Name: NtUserMNDragLeave Status: Not hooked #: 463 Function Name: NtUserMNDragOver Status: Not hooked #: 464 Function Name: NtUserModifyUserStartupInfoFlags Status: Not hooked #: 465 Function Name: NtUserMoveWindow Status: Not hooked #: 466 Function Name: NtUserNotifyIMEStatus Status: Not hooked #: 467 Function Name: NtUserNotifyProcessCreate Status: Not hooked #: 468 Function Name: NtUserNotifyWinEvent Status: Not hooked #: 469 Function Name: NtUserOpenClipboard Status: Not hooked #: 470 Function Name: NtUserOpenDesktop Status: Not hooked #: 471 Function Name: NtUserOpenInputDesktop Status: Not hooked #: 472 Function Name: NtUserOpenWindowStation Status: Not hooked #: 473 Function Name: NtUserPaintDesktop Status: Not hooked #: 474 Function Name: NtUserPeekMessage Status: Not hooked #: 475 Function Name: NtUserPostMessage Status: Not hooked #: 476 Function Name: NtUserPostThreadMessage Status: Not hooked #: 477 Function Name: NtUserPrintWindow Status: Not hooked #: 478 Function Name: NtUserProcessConnect Status: Not hooked #: 479 Function Name: NtUserQueryInformationThread Status: Not hooked #: 480 Function Name: NtUserQueryInputContext Status: Not hooked #: 481 Function Name: NtUserQuerySendMessage Status: Not hooked #: 482 Function Name: NtUserQueryUserCounters Status: Not hooked #: 483 Function Name: NtUserQueryWindow Status: Not hooked #: 484 Function Name: NtUserRealChildWindowFromPoint Status: Not hooked #: 485 Function Name: NtUserRealInternalGetMessage Status: Not hooked #: 486 Function Name: NtUserRealWaitMessageEx Status: Not hooked Malwarebytes' Anti-Malware 1.40 Database version: 2551 Windows 5.1.2600 Service Pack 2 (Safe Mode) 8/8/2009 1:56:02 PM mbam-log-2009-08-08 (13-56-02).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 243969 Time elapsed: 44 minute(s), 29 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) #: 487 Function Name: NtUserRedrawWindow Status: Not hooked #: 488 Function Name: NtUserRegisterClassExWOW Status: Not hooked #: 489 Function Name: NtUserRegisterUserApiHook Status: Not hooked #: 490 Function Name: NtUserRegisterHotKey Status: Not hooked #: 491 Function Name: NtUserRegisterRawInputDevices Status: Not ho==EOF== --------------------------------------------------------------------------------
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.