|
| Hooked API Functions | ||
| Module | Function | Description |
| NTDLL | LdrLoadDll | !! HOOKED |
| NTDLL | NtCreateFile | !! HOOKED |
| NTDLL | NtDeviceIoControlFile | !! HOOKED |
| NTDLL | NtEnumerateKey | !! HOOKED |
| NTDLL | NtEnumerateValueKey | !! HOOKED |
| NTDLL | NtOpenFile | !! HOOKED |
| NTDLL | NtOpenProcess | !! HOOKED |
| NTDLL | NtQueryDirectoryFile | !! HOOKED |
| NTDLL | NtQuerySystemInformation | !! HOOKED |
| NTDLL | NtQueryVolumeInformationFile | !! HOOKED |
| NTDLL | NtReadVirtualMemory | !! HOOKED |
| NTDLL | NtResumeThread | !! HOOKED |
| NTDLL | NtVdmControl | !! HOOKED |
| NTDLL | RtlGetNativeSystemInformation | !! HOOKED |
| NTDLL | ZwCreateFile | !! HOOKED |
| NTDLL | ZwDeviceIoControlFile | !! HOOKED |
| NTDLL | ZwEnumerateKey | !! HOOKED |
| NTDLL | ZwEnumerateValueKey | !! HOOKED |
| NTDLL | ZwOpenFile | !! HOOKED |
| NTDLL | ZwOpenProcess | !! HOOKED |
| NTDLL | ZwQueryDirectoryFile | !! HOOKED |
| NTDLL | ZwQuerySystemInformation | !! HOOKED |
| NTDLL | ZwQueryVolumeInformationFile | !! HOOKED |
| NTDLL | ZwReadVirtualMemory | !! HOOKED |
| NTDLL | ZwResumeThread | !! HOOKED |
| NTDLL | ZwVdmControl | !! HOOKED |
| KERNEL32 | ReadFile | !! HOOKED |