Stáhněte SysProt AntiRootkit http://sites.google.com/site/sysprotantirootkit/
-rozbalte a spusťte
-provedte všechny záložky a vložte logy
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problémy s explorer.exe
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
Re: Problémy s explorer.exe
Nevadí
Stáhněte SysProt AntiRootkit
http://sites.google.com/site/sysprotantirootkit/
-rozbalte a spusťte
-provedte všechny záložky a vložte logy
Stáhněte SysProt AntiRootkit http://sites.google.com/site/sysprotantirootkit/
-rozbalte a spusťte
-provedte všechny záložky a vložte logy
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Problémy s explorer.exe
Tak toto se mi nezdá už vůbec.
Jsem přihlášen jako admin a stejně "huláká"... log je zde, ale???
--------------------------
SysProt AntiRootkit v1.0.1.0
by swatkat
******************************************************************************************
******************************************************************************************
No Processes found
******************************************************************************************
******************************************************************************************
No Kernel Modules found
******************************************************************************************
******************************************************************************************
No SSDT Hooks found
******************************************************************************************
******************************************************************************************
No Kernel Hooks found
******************************************************************************************
******************************************************************************************
No IRP Hooks found
******************************************************************************************
******************************************************************************************
No Ports found
******************************************************************************************
******************************************************************************************
No hidden files/folders found
Jsem přihlášen jako admin a stejně "huláká"... log je zde, ale???
--------------------------
SysProt AntiRootkit v1.0.1.0
by swatkat
******************************************************************************************
******************************************************************************************
No Processes found
******************************************************************************************
******************************************************************************************
No Kernel Modules found
******************************************************************************************
******************************************************************************************
No SSDT Hooks found
******************************************************************************************
******************************************************************************************
No Kernel Hooks found
******************************************************************************************
******************************************************************************************
No IRP Hooks found
******************************************************************************************
******************************************************************************************
No Ports found
******************************************************************************************
******************************************************************************************
No hidden files/folders found
Re: Problémy s explorer.exe
Jak huláká?
Stáhněte http://rootrepeal.googlepages.com/RootRepeal.zip
-Stáhněte,rozbalte a spusťte
-vyberte záložku Files, klikněte na Scan,
-proběhne sken, po něm klikněte na Save Report , tím se uloží log, který zkopírujete sem
-postupně vyberte všechny záložky a udělejte skeny.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Problémy s explorer.exe
Huláká=nadává v dialogovém okně...
Zde to je. Dám to do dvou odpovědí, neb se to nevejde.
---------------------------------
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/03 15:18
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Processes
-------------------
Path: System
PID: 4 Status: Locked to the Windows API!
Path: C:\Windows\System32\spoolsv.exe
PID: 364 Status: -
Path: C:\Windows\System32\smss.exe
PID: 444 Status: -
Path: C:\Windows\System32\taskeng.exe
PID: 460 Status: -
Path: C:\Windows\System32\csrss.exe
PID: 572 Status: -
Path: C:\Program Files\Windows Defender\MSASCui.exe
PID: 580 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 612 Status: -
Path: C:\Windows\System32\wininit.exe
PID: 620 Status: -
Path: C:\Windows\System32\csrss.exe
PID: 632 Status: -
Path: C:\Windows\System32\services.exe
PID: 664 Status: -
Path: C:\Windows\System32\lsass.exe
PID: 676 Status: -
Path: C:\Windows\System32\lsm.exe
PID: 688 Status: -
Path: C:\Windows\System32\winlogon.exe
PID: 764 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
PID: 808 Status: -
Path: C:\Program Files\TO2SSM\McciTrayApp.exe
PID: 852 Status: -
Path: C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
PID: 860 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 868 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 944 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 984 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1060 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1108 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1124 Status: -
Path: C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
PID: 1188 Status: -
Path: C:\Windows\System32\hkcmd.exe
PID: 1212 Status: -
Path: C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PID: 1216 Status: -
Path: C:\Windows\PLFSetI.exe
PID: 1236 Status: -
Path: C:\Windows\System32\audiodg.exe
PID: 1248 Status: Locked to the Windows API!
Path: C:\Windows\System32\svchost.exe
PID: 1276 Status: -
Path: C:\Windows\System32\SLsvc.exe
PID: 1300 Status: -
Path: C:\Program Files\Apoint2K\Apoint.exe
PID: 1312 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1336 Status: -
Path: C:\Windows\System32\taskeng.exe
PID: 1348 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1500 Status: -
Path: C:\Windows\System32\wpcumi.exe
PID: 1524 Status: -
Path: C:\Program Files\Winamp\winampa.exe
PID: 1548 Status: -
Path: C:\Windows\System32\igfxpers.exe
PID: 1616 Status: -
Path: C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PID: 1708 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashServ.exe
PID: 1724 Status: -
Path: C:\Windows\System32\dwm.exe
PID: 1804 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PID: 1832 Status: -
Path: C:\Windows\explorer.exe
PID: 1844 Status: -
Path: C:\Program Files\Windows Sidebar\sidebar.exe
PID: 1856 Status: -
Path: C:\Windows\ehome\ehtray.exe
PID: 1876 Status: -
Path: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PID: 2104 Status: -
Path: C:\Windows\System32\igfxsrvc.exe
PID: 2112 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PID: 2168 Status: -
Path: C:\Windows\ehome\ehmsas.exe
PID: 2220 Status: -
Path: C:\Program Files\Apoint2K\ApMsgFwd.exe
PID: 2240 Status: -
Path: C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PID: 2352 Status: -
Path: C:\Program Files\Apoint2K\ApntEx.exe
PID: 2364 Status: -
Path: C:\Windows\System32\taskeng.exe
PID: 2508 Status: -
Path: C:\Program Files\Windows Media Player\wmpnscfg.exe
PID: 2620 Status: -
Path: D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PID: 2668 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 2812 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PID: 2828 Status: -
Path: C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PID: 2912 Status: -
Path: C:\Program Files\Common Files\Motive\McciCMService.exe
PID: 2988 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PID: 3068 Status: -
Path: C:\ACER\Mobility Center\MobilityService.exe
PID: 3096 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PID: 3180 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PID: 3224 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 3252 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 3292 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 3352 Status: -
Path: C:\Windows\System32\SearchIndexer.exe
PID: 3424 Status: -
Path: C:\Program Files\Windows Media Player\wmpnetwk.exe
PID: 3448 Status: -
Path: C:\Windows\System32\drivers\XAudio.exe
PID: 3608 Status: -
Path: C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PID: 3648 Status: -
Path: C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PID: 3792 Status: -
Path: C:\Windows\System32\wbem\WmiPrvSE.exe
PID: 3856 Status: -
Path: C:\totalcmd\TOTALCMD.EXE
PID: 3932 Status: -
Path: C:\Windows\System32\alg.exe
PID: 4320 Status: -
Path: C:\Windows\servicing\TrustedInstaller.exe
PID: 4480 Status: -
Path: C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PID: 4496 Status: -
Path: C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PID: 4524 Status: -
Path: D:\SW\RootRepeal\RootRepeal.exe
PID: 4576 Status: -
Path: C:\Windows\System32\wbem\unsecapp.exe
PID: 4712 Status: -
Path: C:\Windows\System32\SearchProtocolHost.exe
PID: 6012 Status: -
Path: C:\Windows\System32\SearchFilterHost.exe
PID: 6016 Status: -
---------------------------------
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/03 15:02
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Drivers
-------------------
Name: acpi.sys
Image Path: C:\Windows\system32\drivers\acpi.sys
Address: 0x80696000 Size: 286720 File Visible: - Signed: -
Status: -
Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: afd.sys
Image Path: C:\Windows\system32\drivers\afd.sys
Address: 0x90692000 Size: 294912 File Visible: - Signed: -
Status: -
Name: Apfiltr.sys
Image Path: C:\Windows\system32\DRIVERS\Apfiltr.sys
Address: 0x8E6BA000 Size: 184320 File Visible: - Signed: -
Status: -
Name: aswFsBlk.sys
Image Path: C:\Windows\system32\DRIVERS\aswFsBlk.sys
Address: 0xA8E68000 Size: 32768 File Visible: - Signed: -
Status: -
Name: aswMonFlt.sys
Image Path: C:\Windows\system32\DRIVERS\aswMonFlt.sys
Address: 0xA8E51000 Size: 94208 File Visible: - Signed: -
Status: -
Name: aswRdr.SYS
Image Path: C:\Windows\System32\Drivers\aswRdr.SYS
Address: 0x906DA000 Size: 15136 File Visible: - Signed: -
Status: -
Name: aswSP.SYS
Image Path: C:\Windows\System32\Drivers\aswSP.SYS
Address: 0x907B1000 Size: 135168 File Visible: - Signed: -
Status: -
Name: aswTdi.SYS
Image Path: C:\Windows\System32\Drivers\aswTdi.SYS
Address: 0x90687000 Size: 41664 File Visible: - Signed: -
Status: -
Name: asyncmac.sys
Image Path: C:\Windows\system32\DRIVERS\asyncmac.sys
Address: 0xB4DB8000 Size: 36864 File Visible: - Signed: -
Status: -
Name: atapi.sys
Image Path: C:\Windows\system32\drivers\atapi.sys
Address: 0x826DD000 Size: 32768 File Visible: - Signed: -
Status: -
Name: ataport.SYS
Image Path: C:\Windows\system32\drivers\ataport.SYS
Address: 0x826E5000 Size: 122880 File Visible: - Signed: -
Status: -
Name: BATTC.SYS
Image Path: C:\Windows\system32\DRIVERS\BATTC.SYS
Address: 0x80726000 Size: 40960 File Visible: - Signed: -
Status: -
Name: Beep.SYS
Image Path: C:\Windows\System32\Drivers\Beep.SYS
Address: 0x8E3F4000 Size: 28672 File Visible: - Signed: -
Status: -
Name: BOOTVID.dll
Image Path: C:\Windows\system32\BOOTVID.dll
Address: 0x80491000 Size: 32768 File Visible: - Signed: -
Status: -
Name: bowser.sys
Image Path: C:\Windows\system32\DRIVERS\bowser.sys
Address: 0xB0E23000 Size: 102400 File Visible: - Signed: -
Status: -
Name: cdd.dll
Image Path: C:\Windows\System32\cdd.dll
Address: 0x97CB0000 Size: 57344 File Visible: - Signed: -
Status: -
Name: cdfs.sys
Image Path: C:\Windows\system32\DRIVERS\cdfs.sys
Address: 0xB4D27000 Size: 90112 File Visible: - Signed: -
Status: -
Name: cdrom.sys
Image Path: C:\Windows\system32\DRIVERS\cdrom.sys
Address: 0x8E6F2000 Size: 98304 File Visible: - Signed: -
Status: -
Name: CI.dll
Image Path: C:\Windows\system32\CI.dll
Address: 0x804DA000 Size: 917504 File Visible: - Signed: -
Status: -
Name: CLASSPNP.SYS
Image Path: C:\Windows\system32\drivers\CLASSPNP.SYS
Address: 0x8A59D000 Size: 135168 File Visible: - Signed: -
Status: -
Name: CLFS.SYS
Image Path: C:\Windows\system32\CLFS.SYS
Address: 0x80499000 Size: 266240 File Visible: - Signed: -
Status: -
Name: CmBatt.sys
Image Path: C:\Windows\system32\DRIVERS\CmBatt.sys
Address: 0x8EBCE000 Size: 14208 File Visible: - Signed: -
Status: -
Name: compbatt.sys
Image Path: C:\Windows\system32\DRIVERS\compbatt.sys
Address: 0x80723000 Size: 10496 File Visible: - Signed: -
Status: -
Name: crashdmp.sys
Image Path: C:\Windows\System32\Drivers\crashdmp.sys
Address: 0x907D2000 Size: 53248 File Visible: - Signed: -
Status: -
Name: crcdisk.sys
Image Path: C:\Windows\system32\drivers\crcdisk.sys
Address: 0x8A5BE000 Size: 36864 File Visible: - Signed: -
Status: -
Name: dfsc.sys
Image Path: C:\Windows\System32\Drivers\dfsc.sys
Address: 0x9079A000 Size: 94208 File Visible: - Signed: -
Status: -
Name: disk.sys
Image Path: C:\Windows\system32\drivers\disk.sys
Address: 0x8A58C000 Size: 69632 File Visible: - Signed: -
Status: -
Name: DKbFltr.sys
Image Path: C:\Windows\system32\DRIVERS\DKbFltr.sys
Address: 0x8EBE5000 Size: 40960 File Visible: - Signed: -
Status: -
Name: DPortIO.sys
Image Path: C:\PROGRA~1\LAUNCH~1\DPortIO.sys
Address: 0x9078C000 Size: 13184 File Visible: - Signed: -
Status: -
Name: drmk.sys
Image Path: C:\Windows\system32\drivers\drmk.sys
Address: 0x807D6000 Size: 151552 File Visible: - Signed: -
Status: -
Name: dump_iaStor.sys
Image Path: C:\Windows\System32\Drivers\dump_iaStor.sys
Address: 0x8A30E000 Size: 892928 File Visible: No Signed: -
Status: -
Name: Dxapi.sys
Image Path: C:\Windows\System32\drivers\Dxapi.sys
Address: 0x907DF000 Size: 40960 File Visible: - Signed: -
Status: -
Name: dxgkrnl.sys
Image Path: C:\Windows\System32\drivers\dxgkrnl.sys
Address: 0x8E2FE000 Size: 659456 File Visible: - Signed: -
Status: -
Name: ecache.sys
Image Path: C:\Windows\System32\drivers\ecache.sys
Address: 0x8A565000 Size: 159744 File Visible: - Signed: -
Status: -
Name: fastfat.SYS
Image Path: C:\Windows\System32\Drivers\fastfat.SYS
Address: 0xB4D90000 Size: 163840 File Visible: - Signed: -
Status: -
Name: fileinfo.sys
Image Path: C:\Windows\system32\drivers\fileinfo.sys
Address: 0x8274D000 Size: 65536 File Visible: - Signed: -
Status: -
Name: fltmgr.sys
Image Path: C:\Windows\system32\drivers\fltmgr.sys
Address: 0x8271B000 Size: 204800 File Visible: - Signed: -
Status: -
Name: Fs_Rec.SYS
Image Path: C:\Windows\System32\Drivers\Fs_Rec.SYS
Address: 0x8E600000 Size: 36864 File Visible: - Signed: -
Status: -
Name: fwpkclnt.sys
Image Path: C:\Windows\System32\drivers\fwpkclnt.sys
Address: 0x8A2F3000 Size: 110592 File Visible: - Signed: -
Status: -
Name: hal.dll
Image Path: C:\Windows\system32\hal.dll
Address: 0x82012000 Size: 208896 File Visible: - Signed: -
Status: -
Name: HDAudBus.sys
Image Path: C:\Windows\system32\DRIVERS\HDAudBus.sys
Address: 0x8E609000 Size: 577536 File Visible: - Signed: -
Status: -
Name: HdAudio.sys
Image Path: C:\Windows\system32\drivers\HdAudio.sys
Address: 0x805BA000 Size: 258048 File Visible: - Signed: -
Status: -
Name: HSX_CNXT.sys
Image Path: C:\Windows\system32\DRIVERS\HSX_CNXT.sys
Address: 0x90544000 Size: 741376 File Visible: - Signed: -
Status: -
Name: HSX_DPV.sys
Image Path: C:\Windows\system32\DRIVERS\HSX_DPV.sys
Address: 0x90441000 Size: 1060864 File Visible: - Signed: -
Status: -
Name: HSXHWAZL.sys
Image Path: C:\Windows\system32\DRIVERS\HSXHWAZL.sys
Address: 0x90403000 Size: 253952 File Visible: - Signed: -
Status: -
Name: HTTP.sys
Image Path: C:\Windows\system32\drivers\HTTP.sys
Address: 0xA8F89000 Size: 446464 File Visible: - Signed: -
Status: -
Name: i8042prt.sys
Image Path: C:\Windows\system32\DRIVERS\i8042prt.sys
Address: 0x8EBD2000 Size: 77824 File Visible: - Signed: -
Status: -
Name: iaStor.sys
Image Path: C:\Windows\system32\DRIVERS\iaStor.sys
Address: 0x82603000 Size: 892928 File Visible: - Signed: -
Status: -
Name: igdkmd32.sys
Image Path: C:\Windows\system32\DRIVERS\igdkmd32.sys
Address: 0x8DC03000 Size: 7319552 File Visible: - Signed: -
Status: -
Name: intelppm.sys
Image Path: C:\Windows\system32\DRIVERS\intelppm.sys
Address: 0x8A5E8000 Size: 61440 File Visible: - Signed: -
Status: -
Name: ipfltdrv.sys
Image Path: C:\Windows\system32\DRIVERS\ipfltdrv.sys
Address: 0xA8F20000 Size: 73728 File Visible: - Signed: -
Status: -
Name: ipnat.sys
Image Path: C:\Windows\system32\DRIVERS\ipnat.sys
Address: 0xB4D01000 Size: 155648 File Visible: - Signed: -
Status: -
Name: jmcr.sys
Image Path: C:\Windows\system32\DRIVERS\jmcr.sys
Address: 0x8EB91000 Size: 93056 File Visible: - Signed: -
Status: -
Name: kbdclass.sys
Image Path: C:\Windows\system32\DRIVERS\kbdclass.sys
Address: 0x8EBEF000 Size: 45056 File Visible: - Signed: -
Status: -
Name: kdcom.dll
Image Path: C:\Windows\system32\kdcom.dll
Address: 0x80409000 Size: 28672 File Visible: - Signed: -
Status: -
Name: ks.sys
Image Path: C:\Windows\system32\DRIVERS\ks.sys
Address: 0x8A19E000 Size: 172032 File Visible: - Signed: -
Status: -
Name: ksecdd.sys
Image Path: C:\Windows\System32\Drivers\ksecdd.sys
Address: 0x8275D000 Size: 462848 File Visible: - Signed: -
Status: -
Name: lltdio.sys
Image Path: C:\Windows\system32\DRIVERS\lltdio.sys
Address: 0xA8F32000 Size: 65536 File Visible: - Signed: -
Status: -
Name: luafv.sys
Image Path: C:\Windows\system32\drivers\luafv.sys
Address: 0xA8E36000 Size: 110592 File Visible: - Signed: -
Status: -
Name: mcupdate_GenuineIntel.dll
Image Path: C:\Windows\system32\mcupdate_GenuineIntel.dll
Address: 0x80410000 Size: 458752 File Visible: - Signed: -
Status: -
Name: mdmxsdk.sys
Image Path: C:\Windows\system32\DRIVERS\mdmxsdk.sys
Address: 0xB0F55000 Size: 12672 File Visible: - Signed: -
Status: -
Name: modem.sys
Image Path: C:\Windows\system32\drivers\modem.sys
Address: 0x8A1E6000 Size: 53248 File Visible: - Signed: -
Status: -
Name: monitor.sys
Image Path: C:\Windows\system32\DRIVERS\monitor.sys
Address: 0xA8E27000 Size: 61440 File Visible: - Signed: -
Status: -
Name: mouclass.sys
Image Path: C:\Windows\system32\DRIVERS\mouclass.sys
Address: 0x8E6E7000 Size: 45056 File Visible: - Signed: -
Status: -
Name: mountmgr.sys
Image Path: C:\Windows\System32\drivers\mountmgr.sys
Address: 0x80789000 Size: 65536 File Visible: - Signed: -
Status: -
Name: mpsdrv.sys
Image Path: C:\Windows\System32\drivers\mpsdrv.sys
Address: 0xB0E3C000 Size: 86016 File Visible: - Signed: -
Status: -
Name: mrxdav.sys
Image Path: C:\Windows\system32\drivers\mrxdav.sys
Address: 0xB0E51000 Size: 135168 File Visible: - Signed: -
Status: -
Name: mrxsmb.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb.sys
Address: 0xB0E72000 Size: 126976 File Visible: - Signed: -
Status: -
Name: mrxsmb10.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb10.sys
Address: 0xB0E91000 Size: 233472 File Visible: - Signed: -
Status: -
Name: mrxsmb20.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb20.sys
Address: 0xB0ECA000 Size: 98304 File Visible: - Signed: -
Status: -
Name: msahci.sys
Image Path: C:\Windows\system32\drivers\msahci.sys
Address: 0x82703000 Size: 40960 File Visible: - Signed: -
Status: -
Name: Msfs.SYS
Image Path: C:\Windows\System32\Drivers\Msfs.SYS
Address: 0x9063B000 Size: 45056 File Visible: - Signed: -
Status: -
Name: msisadrv.sys
Image Path: C:\Windows\system32\drivers\msisadrv.sys
Address: 0x806E5000 Size: 32768 File Visible: - Signed: -
Status: -
Name: msiscsi.sys
Image Path: C:\Windows\system32\DRIVERS\msiscsi.sys
Address: 0x8E713000 Size: 192512 File Visible: - Signed: -
Status: -
Name: msrpc.sys
Image Path: C:\Windows\system32\drivers\msrpc.sys
Address: 0x8A113000 Size: 176128 File Visible: - Signed: -
Status: -
Name: mssmbios.sys
Image Path: C:\Windows\system32\DRIVERS\mssmbios.sys
Address: 0x8E7F6000 Size: 40960 File Visible: - Signed: -
Status: -
Name: mup.sys
Image Path: C:\Windows\System32\Drivers\mup.sys
Address: 0x8A556000 Size: 61440 File Visible: - Signed: -
Status: -
Name: ndis.sys
Image Path: C:\Windows\system32\drivers\ndis.sys
Address: 0x8A008000 Size: 1093632 File Visible: - Signed: -
Status: -
Name: ndistapi.sys
Image Path: C:\Windows\system32\DRIVERS\ndistapi.sys
Address: 0x8E7A5000 Size: 45056 File Visible: - Signed: -
Status: -
Name: ndisuio.sys
Image Path: C:\Windows\system32\DRIVERS\ndisuio.sys
Address: 0xA8F6C000 Size: 40960 File Visible: - Signed: -
Status: -
Name: ndiswan.sys
Image Path: C:\Windows\system32\DRIVERS\ndiswan.sys
Address: 0x8E7B0000 Size: 143360 File Visible: - Signed: -
Status: -
Name: NDProxy.SYS
Image Path: C:\Windows\System32\Drivers\NDProxy.SYS
Address: 0x8A1D5000 Size: 69632 File Visible: - Signed: -
Status: -
Name: netbios.sys
Image Path: C:\Windows\system32\DRIVERS\netbios.sys
Address: 0x9072F000 Size: 57344 File Visible: - Signed: -
Status: -
Name: netbt.sys
Image Path: C:\Windows\System32\DRIVERS\netbt.sys
Address: 0x906DE000 Size: 204800 File Visible: - Signed: -
Status: -
Name: NETIO.SYS
Image Path: C:\Windows\system32\drivers\NETIO.SYS
Address: 0x8A13E000 Size: 241664 File Visible: - Signed: -
Status: -
Name: NETw5v32.sys
Image Path: C:\Windows\system32\DRIVERS\NETw5v32.sys
Address: 0x8E809000 Size: 3702784 File Visible: - Signed: -
Status: -
Name: Npfs.SYS
Image Path: C:\Windows\System32\Drivers\Npfs.SYS
Address: 0x90646000 Size: 57344 File Visible: - Signed: -
Status: -
Name: nsiproxy.sys
Image Path: C:\Windows\system32\drivers\nsiproxy.sys
Address: 0x90790000 Size: 40960 File Visible: - Signed: -
Status: -
Name: Ntfs.sys
Image Path: C:\Windows\System32\Drivers\Ntfs.sys
Address: 0x8A405000 Size: 1114112 File Visible: - Signed: -
Status: -
Name: NTIDrvr.sys
Image Path: C:\Windows\system32\DRIVERS\NTIDrvr.sys
Address: 0x8E800000 Size: 32768 File Visible: - Signed: -
Status: -
Name: ntkrnlpa.exe
Image Path: C:\Windows\system32\ntkrnlpa.exe
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: Null.SYS
Image Path: C:\Windows\System32\Drivers\Null.SYS
Address: 0x905F9000 Size: 28672 File Visible: - Signed: -
Status: -
Name: nwifi.sys
Image Path: C:\Windows\system32\DRIVERS\nwifi.sys
Address: 0xA8F42000 Size: 172032 File Visible: - Signed: -
Status: -
Name: pacer.sys
Image Path: C:\Windows\system32\DRIVERS\pacer.sys
Address: 0x90719000 Size: 90112 File Visible: - Signed: -
Status: -
Name: partmgr.sys
Image Path: C:\Windows\System32\drivers\partmgr.sys
Address: 0x80714000 Size: 61440 File Visible: - Signed: -
Status: -
Name: pci.sys
Image Path: C:\Windows\system32\drivers\pci.sys
Address: 0x806ED000 Size: 159744 File Visible: - Signed: -
Status: -
Name: PCIIDEX.SYS
Image Path: C:\Windows\system32\drivers\PCIIDEX.SYS
Address: 0x8270D000 Size: 57344 File Visible: - Signed: -
Status: -
Name: peauth.sys
Image Path: C:\Windows\system32\drivers\peauth.sys
Address: 0xB4C05000 Size: 909312 File Visible: - Signed: -
Status: -
Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: portcls.sys
Image Path: C:\Windows\system32\drivers\portcls.sys
Address: 0x827CE000 Size: 184320 File Visible: - Signed: -
Status: -
Name: PSHED.dll
Image Path: C:\Windows\system32\PSHED.dll
Address: 0x80480000 Size: 69632 File Visible: - Signed: -
Status: -
Name: rasacd.sys
Image Path: C:\Windows\System32\DRIVERS\rasacd.sys
Address: 0x90654000 Size: 36864 File Visible: - Signed: -
Status: -
Name: rasl2tp.sys
Image Path: C:\Windows\system32\DRIVERS\rasl2tp.sys
Address: 0x8E78E000 Size: 94208 File Visible: - Signed: -
Status: -
Name: raspppoe.sys
Image Path: C:\Windows\system32\DRIVERS\raspppoe.sys
Address: 0x8E7D3000 Size: 61440 File Visible: - Signed: -
Status: -
Name: raspptp.sys
Image Path: C:\Windows\system32\DRIVERS\raspptp.sys
Address: 0x8E7E2000 Size: 81920 File Visible: - Signed: -
Status: -
Name: rassstp.sys
Image Path: C:\Windows\system32\DRIVERS\rassstp.sys
Address: 0x8A179000 Size: 86016 File Visible: - Signed: -
Status: -
Name: RAW
Image Path: \FileSystem\RAW
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: rdbss.sys
Image Path: C:\Windows\system32\DRIVERS\rdbss.sys
Address: 0x90750000 Size: 245760 File Visible: - Signed: -
Status: -
Name: RDPCDD.sys
Image Path: C:\Windows\System32\DRIVERS\RDPCDD.sys
Address: 0x9062B000 Size: 32768 File Visible: - Signed: -
Status: -
Name: rdpencdd.sys
Image Path: C:\Windows\system32\drivers\rdpencdd.sys
Address: 0x90633000 Size: 32768 File Visible: - Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0xB4D3D000 Size: 49152 File Visible: No Signed: -
Status: -
Name: rspndr.sys
Image Path: C:\Windows\system32\DRIVERS\rspndr.sys
Address: 0xA8F76000 Size: 77824 File Visible: - Signed: -
Status: -
Name: Rtlh86.sys
Image Path: C:\Windows\system32\DRIVERS\Rtlh86.sys
Address: 0x8E696000 Size: 147456 File Visible: - Signed: -
Status: -
Name: SCSIPORT.SYS
Image Path: C:\Windows\system32\DRIVERS\SCSIPORT.SYS
Address: 0x8EBA8000 Size: 155648 File Visible: - Signed: -
Status: -
Name: secdrv.SYS
Image Path: C:\Windows\System32\Drivers\secdrv.SYS
Address: 0xB4CE3000 Size: 40960 File Visible: - Signed: -
Status: -
Name: smb.sys
Image Path: C:\Windows\system32\DRIVERS\smb.sys
Address: 0x90673000 Size: 81920 File Visible: - Signed: -
Status: -
Name: spldr.sys
Image Path: C:\Windows\System32\Drivers\spldr.sys
Address: 0x8A54E000 Size: 32768 File Visible: - Signed: -
Status: -
Name: spsys.sys
Image Path: C:\Windows\system32\drivers\spsys.sys
Address: 0xA8E70000 Size: 720896 File Visible: - Signed: -
Status: -
Name: srv.sys
Image Path: C:\Windows\System32\DRIVERS\srv.sys
Address: 0xB0F09000 Size: 311296 File Visible: - Signed: -
Status: -
Name: srv2.sys
Image Path: C:\Windows\System32\DRIVERS\srv2.sys
Address: 0xB0EE2000 Size: 159744 File Visible: - Signed: -
Status: -
Name: srvnet
Image Path: \FileSystem\srvnet
Address: 0xAF278000 Size: 118784 File Visible: No Signed: -
Status: Hidden from the Windows API!
Name: srvnet.sys
Image Path: C:\Windows\System32\DRIVERS\srvnet.sys
Address: 0xB0E06000 Size: 118784 File Visible: - Signed: -
Status: -
Name: storport.sys
Image Path: C:\Windows\system32\DRIVERS\storport.sys
Address: 0x8E742000 Size: 266240 File Visible: - Signed: -
Status: -
Name: swenum.sys
Image Path: C:\Windows\system32\DRIVERS\swenum.sys
Address: 0x8EBFA000 Size: 4992 File Visible: - Signed: -
Status: -
Name: tcpip.sys
Image Path: C:\Windows\System32\drivers\tcpip.sys
Address: 0x8A209000 Size: 958464 File Visible: - Signed: -
Status: -
Name: tcpipreg.sys
Image Path: C:\Windows\System32\drivers\tcpipreg.sys
Address: 0xB4CED000 Size: 49152 File Visible: - Signed: -
Status: -
Name: TDI.SYS
Image Path: C:\Windows\system32\DRIVERS\TDI.SYS
Address: 0x8E783000 Size: 45056 File Visible: - Signed: -
Status: -
Name: tdx.sys
Image Path: C:\Windows\system32\DRIVERS\tdx.sys
Address: 0x9065D000 Size: 90112 File Visible: - Signed: -
Status: -
Name: termdd.sys
Image Path: C:\Windows\system32\DRIVERS\termdd.sys
Address: 0x8A18E000 Size: 65536 File Visible: - Signed: -
Status: -
Name: TSDDD.dll
Image Path: C:\Windows\System32\TSDDD.dll
Address: 0x97C90000 Size: 36864 File Visible: - Signed: -
Status: -
Name: tunmp.sys
Image Path: C:\Windows\system32\DRIVERS\tunmp.sys
Address: 0x8A5DF000 Size: 36864 File Visible: - Signed: -
Status: -
Name: tunnel.sys
Image Path: C:\Windows\system32\DRIVERS\tunnel.sys
Address: 0x8A5D4000 Size: 45056 File Visible: - Signed: -
Status: -
Name: UBHelper.sys
Image Path: C:\Windows\System32\Drivers\UBHelper.sys
Address: 0x80799000 Size: 32768 File Visible: - Signed: -
Status: -
Name: umbus.sys
Image Path: C:\Windows\system32\DRIVERS\umbus.sys
Address: 0x8A1C8000 Size: 53248 File Visible: - Signed: -
Status: -
Name: usbccgp.sys
Image Path: C:\Windows\system32\DRIVERS\usbccgp.sys
Address: 0x907E9000 Size: 94208 File Visible: - Signed: -
Status: -
Name: USBD.SYS
Image Path: C:\Windows\system32\DRIVERS\USBD.SYS
Address: 0x90600000 Size: 8192 File Visible: - Signed: -
Status: -
Name: usbehci.sys
Image Path: C:\Windows\system32\DRIVERS\usbehci.sys
Address: 0x8A3E8000 Size: 61440 File Visible: - Signed: -
Status: -
Name: usbhub.sys
Image Path: C:\Windows\system32\DRIVERS\usbhub.sys
Address: 0x807A1000 Size: 217088 File Visible: - Signed: -
Status: -
Name: USBPORT.SYS
Image Path: C:\Windows\system32\DRIVERS\USBPORT.SYS
Address: 0x8E3B6000 Size: 253952 File Visible: - Signed: -
Status: -
Name: usbuhci.sys
Image Path: C:\Windows\system32\DRIVERS\usbuhci.sys
Address: 0x8E3AB000 Size: 45056 File Visible: - Signed: -
Status: -
Name: usbvideo.sys
Image Path: C:\Windows\System32\Drivers\usbvideo.sys
Address: 0xA8E06000 Size: 134016 File Visible: - Signed: -
Status: -
Name: vga.sys
Image Path: C:\Windows\System32\drivers\vga.sys
Address: 0x8A1F3000 Size: 49152 File Visible: - Signed: -
Status: -
Name: VIDEOPRT.SYS
Image Path: C:\Windows\System32\drivers\VIDEOPRT.SYS
Address: 0x9060A000 Size: 135168 File Visible: - Signed: -
Status: -
Name: volmgr.sys
Image Path: C:\Windows\system32\drivers\volmgr.sys
Address: 0x80730000 Size: 61440 File Visible: - Signed: -
Status: -
Name: volmgrx.sys
Image Path: C:\Windows\System32\drivers\volmgrx.sys
Address: 0x8073F000 Size: 303104 File Visible: - Signed: -
Status: -
Name: volsnap.sys
Image Path: C:\Windows\system32\drivers\volsnap.sys
Address: 0x8A515000 Size: 233472 File Visible: - Signed: -
Status: -
Name: wanarp.sys
Image Path: C:\Windows\system32\DRIVERS\wanarp.sys
Address: 0x9073D000 Size: 77824 File Visible: - Signed: -
Status: -
Name: watchdog.sys
Image Path: C:\Windows\System32\drivers\watchdog.sys
Address: 0x8E39F000 Size: 49152 File Visible: - Signed: -
Status: -
Name: Wdf01000.sys
Image Path: C:\Windows\system32\drivers\Wdf01000.sys
Address: 0x8060D000 Size: 507904 File Visible: - Signed: -
Status: -
Name: WDFLDR.SYS
Image Path: C:\Windows\system32\drivers\WDFLDR.SYS
Address: 0x80689000 Size: 53248 File Visible: - Signed: -
Status: -
Name: Win32k
Image Path: \Driver\Win32k
Address: 0x97A70000 Size: 2105344 File Visible: - Signed: -
Status: -
Name: win32k.sys
Image Path: C:\Windows\System32\win32k.sys
Address: 0x97A70000 Size: 2105344 File Visible: - Signed: -
Status: -
Name: wmiacpi.sys
Image Path: C:\Windows\system32\DRIVERS\wmiacpi.sys
Address: 0x8E70A000 Size: 36864 File Visible: - Signed: -
Status: -
Name: WMILIB.SYS
Image Path: C:\Windows\system32\drivers\WMILIB.SYS
Address: 0x806DC000 Size: 36864 File Visible: - Signed: -
Status: -
Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: ws2ifsl.sys
Image Path: C:\Windows\system32\drivers\ws2ifsl.sys
Address: 0x90710000 Size: 36864 File Visible: - Signed: -
Status: -
Name: xaudio.sys
Image Path: C:\Windows\system32\DRIVERS\xaudio.sys
Address: 0xB4CF9000 Size: 32768 File Visible: - Signed: -
Status: -
-------------------------------
---------------------------------
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/03 15:20
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Hidden Services
-------------------
Zde to je. Dám to do dvou odpovědí, neb se to nevejde.
---------------------------------
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/03 15:18
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Processes
-------------------
Path: System
PID: 4 Status: Locked to the Windows API!
Path: C:\Windows\System32\spoolsv.exe
PID: 364 Status: -
Path: C:\Windows\System32\smss.exe
PID: 444 Status: -
Path: C:\Windows\System32\taskeng.exe
PID: 460 Status: -
Path: C:\Windows\System32\csrss.exe
PID: 572 Status: -
Path: C:\Program Files\Windows Defender\MSASCui.exe
PID: 580 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 612 Status: -
Path: C:\Windows\System32\wininit.exe
PID: 620 Status: -
Path: C:\Windows\System32\csrss.exe
PID: 632 Status: -
Path: C:\Windows\System32\services.exe
PID: 664 Status: -
Path: C:\Windows\System32\lsass.exe
PID: 676 Status: -
Path: C:\Windows\System32\lsm.exe
PID: 688 Status: -
Path: C:\Windows\System32\winlogon.exe
PID: 764 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
PID: 808 Status: -
Path: C:\Program Files\TO2SSM\McciTrayApp.exe
PID: 852 Status: -
Path: C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
PID: 860 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 868 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 944 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 984 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1060 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1108 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1124 Status: -
Path: C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
PID: 1188 Status: -
Path: C:\Windows\System32\hkcmd.exe
PID: 1212 Status: -
Path: C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PID: 1216 Status: -
Path: C:\Windows\PLFSetI.exe
PID: 1236 Status: -
Path: C:\Windows\System32\audiodg.exe
PID: 1248 Status: Locked to the Windows API!
Path: C:\Windows\System32\svchost.exe
PID: 1276 Status: -
Path: C:\Windows\System32\SLsvc.exe
PID: 1300 Status: -
Path: C:\Program Files\Apoint2K\Apoint.exe
PID: 1312 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1336 Status: -
Path: C:\Windows\System32\taskeng.exe
PID: 1348 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1500 Status: -
Path: C:\Windows\System32\wpcumi.exe
PID: 1524 Status: -
Path: C:\Program Files\Winamp\winampa.exe
PID: 1548 Status: -
Path: C:\Windows\System32\igfxpers.exe
PID: 1616 Status: -
Path: C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PID: 1708 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashServ.exe
PID: 1724 Status: -
Path: C:\Windows\System32\dwm.exe
PID: 1804 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PID: 1832 Status: -
Path: C:\Windows\explorer.exe
PID: 1844 Status: -
Path: C:\Program Files\Windows Sidebar\sidebar.exe
PID: 1856 Status: -
Path: C:\Windows\ehome\ehtray.exe
PID: 1876 Status: -
Path: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PID: 2104 Status: -
Path: C:\Windows\System32\igfxsrvc.exe
PID: 2112 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PID: 2168 Status: -
Path: C:\Windows\ehome\ehmsas.exe
PID: 2220 Status: -
Path: C:\Program Files\Apoint2K\ApMsgFwd.exe
PID: 2240 Status: -
Path: C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PID: 2352 Status: -
Path: C:\Program Files\Apoint2K\ApntEx.exe
PID: 2364 Status: -
Path: C:\Windows\System32\taskeng.exe
PID: 2508 Status: -
Path: C:\Program Files\Windows Media Player\wmpnscfg.exe
PID: 2620 Status: -
Path: D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PID: 2668 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 2812 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PID: 2828 Status: -
Path: C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PID: 2912 Status: -
Path: C:\Program Files\Common Files\Motive\McciCMService.exe
PID: 2988 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PID: 3068 Status: -
Path: C:\ACER\Mobility Center\MobilityService.exe
PID: 3096 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PID: 3180 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PID: 3224 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 3252 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 3292 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 3352 Status: -
Path: C:\Windows\System32\SearchIndexer.exe
PID: 3424 Status: -
Path: C:\Program Files\Windows Media Player\wmpnetwk.exe
PID: 3448 Status: -
Path: C:\Windows\System32\drivers\XAudio.exe
PID: 3608 Status: -
Path: C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PID: 3648 Status: -
Path: C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PID: 3792 Status: -
Path: C:\Windows\System32\wbem\WmiPrvSE.exe
PID: 3856 Status: -
Path: C:\totalcmd\TOTALCMD.EXE
PID: 3932 Status: -
Path: C:\Windows\System32\alg.exe
PID: 4320 Status: -
Path: C:\Windows\servicing\TrustedInstaller.exe
PID: 4480 Status: -
Path: C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PID: 4496 Status: -
Path: C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PID: 4524 Status: -
Path: D:\SW\RootRepeal\RootRepeal.exe
PID: 4576 Status: -
Path: C:\Windows\System32\wbem\unsecapp.exe
PID: 4712 Status: -
Path: C:\Windows\System32\SearchProtocolHost.exe
PID: 6012 Status: -
Path: C:\Windows\System32\SearchFilterHost.exe
PID: 6016 Status: -
---------------------------------
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/03 15:02
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Drivers
-------------------
Name: acpi.sys
Image Path: C:\Windows\system32\drivers\acpi.sys
Address: 0x80696000 Size: 286720 File Visible: - Signed: -
Status: -
Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: afd.sys
Image Path: C:\Windows\system32\drivers\afd.sys
Address: 0x90692000 Size: 294912 File Visible: - Signed: -
Status: -
Name: Apfiltr.sys
Image Path: C:\Windows\system32\DRIVERS\Apfiltr.sys
Address: 0x8E6BA000 Size: 184320 File Visible: - Signed: -
Status: -
Name: aswFsBlk.sys
Image Path: C:\Windows\system32\DRIVERS\aswFsBlk.sys
Address: 0xA8E68000 Size: 32768 File Visible: - Signed: -
Status: -
Name: aswMonFlt.sys
Image Path: C:\Windows\system32\DRIVERS\aswMonFlt.sys
Address: 0xA8E51000 Size: 94208 File Visible: - Signed: -
Status: -
Name: aswRdr.SYS
Image Path: C:\Windows\System32\Drivers\aswRdr.SYS
Address: 0x906DA000 Size: 15136 File Visible: - Signed: -
Status: -
Name: aswSP.SYS
Image Path: C:\Windows\System32\Drivers\aswSP.SYS
Address: 0x907B1000 Size: 135168 File Visible: - Signed: -
Status: -
Name: aswTdi.SYS
Image Path: C:\Windows\System32\Drivers\aswTdi.SYS
Address: 0x90687000 Size: 41664 File Visible: - Signed: -
Status: -
Name: asyncmac.sys
Image Path: C:\Windows\system32\DRIVERS\asyncmac.sys
Address: 0xB4DB8000 Size: 36864 File Visible: - Signed: -
Status: -
Name: atapi.sys
Image Path: C:\Windows\system32\drivers\atapi.sys
Address: 0x826DD000 Size: 32768 File Visible: - Signed: -
Status: -
Name: ataport.SYS
Image Path: C:\Windows\system32\drivers\ataport.SYS
Address: 0x826E5000 Size: 122880 File Visible: - Signed: -
Status: -
Name: BATTC.SYS
Image Path: C:\Windows\system32\DRIVERS\BATTC.SYS
Address: 0x80726000 Size: 40960 File Visible: - Signed: -
Status: -
Name: Beep.SYS
Image Path: C:\Windows\System32\Drivers\Beep.SYS
Address: 0x8E3F4000 Size: 28672 File Visible: - Signed: -
Status: -
Name: BOOTVID.dll
Image Path: C:\Windows\system32\BOOTVID.dll
Address: 0x80491000 Size: 32768 File Visible: - Signed: -
Status: -
Name: bowser.sys
Image Path: C:\Windows\system32\DRIVERS\bowser.sys
Address: 0xB0E23000 Size: 102400 File Visible: - Signed: -
Status: -
Name: cdd.dll
Image Path: C:\Windows\System32\cdd.dll
Address: 0x97CB0000 Size: 57344 File Visible: - Signed: -
Status: -
Name: cdfs.sys
Image Path: C:\Windows\system32\DRIVERS\cdfs.sys
Address: 0xB4D27000 Size: 90112 File Visible: - Signed: -
Status: -
Name: cdrom.sys
Image Path: C:\Windows\system32\DRIVERS\cdrom.sys
Address: 0x8E6F2000 Size: 98304 File Visible: - Signed: -
Status: -
Name: CI.dll
Image Path: C:\Windows\system32\CI.dll
Address: 0x804DA000 Size: 917504 File Visible: - Signed: -
Status: -
Name: CLASSPNP.SYS
Image Path: C:\Windows\system32\drivers\CLASSPNP.SYS
Address: 0x8A59D000 Size: 135168 File Visible: - Signed: -
Status: -
Name: CLFS.SYS
Image Path: C:\Windows\system32\CLFS.SYS
Address: 0x80499000 Size: 266240 File Visible: - Signed: -
Status: -
Name: CmBatt.sys
Image Path: C:\Windows\system32\DRIVERS\CmBatt.sys
Address: 0x8EBCE000 Size: 14208 File Visible: - Signed: -
Status: -
Name: compbatt.sys
Image Path: C:\Windows\system32\DRIVERS\compbatt.sys
Address: 0x80723000 Size: 10496 File Visible: - Signed: -
Status: -
Name: crashdmp.sys
Image Path: C:\Windows\System32\Drivers\crashdmp.sys
Address: 0x907D2000 Size: 53248 File Visible: - Signed: -
Status: -
Name: crcdisk.sys
Image Path: C:\Windows\system32\drivers\crcdisk.sys
Address: 0x8A5BE000 Size: 36864 File Visible: - Signed: -
Status: -
Name: dfsc.sys
Image Path: C:\Windows\System32\Drivers\dfsc.sys
Address: 0x9079A000 Size: 94208 File Visible: - Signed: -
Status: -
Name: disk.sys
Image Path: C:\Windows\system32\drivers\disk.sys
Address: 0x8A58C000 Size: 69632 File Visible: - Signed: -
Status: -
Name: DKbFltr.sys
Image Path: C:\Windows\system32\DRIVERS\DKbFltr.sys
Address: 0x8EBE5000 Size: 40960 File Visible: - Signed: -
Status: -
Name: DPortIO.sys
Image Path: C:\PROGRA~1\LAUNCH~1\DPortIO.sys
Address: 0x9078C000 Size: 13184 File Visible: - Signed: -
Status: -
Name: drmk.sys
Image Path: C:\Windows\system32\drivers\drmk.sys
Address: 0x807D6000 Size: 151552 File Visible: - Signed: -
Status: -
Name: dump_iaStor.sys
Image Path: C:\Windows\System32\Drivers\dump_iaStor.sys
Address: 0x8A30E000 Size: 892928 File Visible: No Signed: -
Status: -
Name: Dxapi.sys
Image Path: C:\Windows\System32\drivers\Dxapi.sys
Address: 0x907DF000 Size: 40960 File Visible: - Signed: -
Status: -
Name: dxgkrnl.sys
Image Path: C:\Windows\System32\drivers\dxgkrnl.sys
Address: 0x8E2FE000 Size: 659456 File Visible: - Signed: -
Status: -
Name: ecache.sys
Image Path: C:\Windows\System32\drivers\ecache.sys
Address: 0x8A565000 Size: 159744 File Visible: - Signed: -
Status: -
Name: fastfat.SYS
Image Path: C:\Windows\System32\Drivers\fastfat.SYS
Address: 0xB4D90000 Size: 163840 File Visible: - Signed: -
Status: -
Name: fileinfo.sys
Image Path: C:\Windows\system32\drivers\fileinfo.sys
Address: 0x8274D000 Size: 65536 File Visible: - Signed: -
Status: -
Name: fltmgr.sys
Image Path: C:\Windows\system32\drivers\fltmgr.sys
Address: 0x8271B000 Size: 204800 File Visible: - Signed: -
Status: -
Name: Fs_Rec.SYS
Image Path: C:\Windows\System32\Drivers\Fs_Rec.SYS
Address: 0x8E600000 Size: 36864 File Visible: - Signed: -
Status: -
Name: fwpkclnt.sys
Image Path: C:\Windows\System32\drivers\fwpkclnt.sys
Address: 0x8A2F3000 Size: 110592 File Visible: - Signed: -
Status: -
Name: hal.dll
Image Path: C:\Windows\system32\hal.dll
Address: 0x82012000 Size: 208896 File Visible: - Signed: -
Status: -
Name: HDAudBus.sys
Image Path: C:\Windows\system32\DRIVERS\HDAudBus.sys
Address: 0x8E609000 Size: 577536 File Visible: - Signed: -
Status: -
Name: HdAudio.sys
Image Path: C:\Windows\system32\drivers\HdAudio.sys
Address: 0x805BA000 Size: 258048 File Visible: - Signed: -
Status: -
Name: HSX_CNXT.sys
Image Path: C:\Windows\system32\DRIVERS\HSX_CNXT.sys
Address: 0x90544000 Size: 741376 File Visible: - Signed: -
Status: -
Name: HSX_DPV.sys
Image Path: C:\Windows\system32\DRIVERS\HSX_DPV.sys
Address: 0x90441000 Size: 1060864 File Visible: - Signed: -
Status: -
Name: HSXHWAZL.sys
Image Path: C:\Windows\system32\DRIVERS\HSXHWAZL.sys
Address: 0x90403000 Size: 253952 File Visible: - Signed: -
Status: -
Name: HTTP.sys
Image Path: C:\Windows\system32\drivers\HTTP.sys
Address: 0xA8F89000 Size: 446464 File Visible: - Signed: -
Status: -
Name: i8042prt.sys
Image Path: C:\Windows\system32\DRIVERS\i8042prt.sys
Address: 0x8EBD2000 Size: 77824 File Visible: - Signed: -
Status: -
Name: iaStor.sys
Image Path: C:\Windows\system32\DRIVERS\iaStor.sys
Address: 0x82603000 Size: 892928 File Visible: - Signed: -
Status: -
Name: igdkmd32.sys
Image Path: C:\Windows\system32\DRIVERS\igdkmd32.sys
Address: 0x8DC03000 Size: 7319552 File Visible: - Signed: -
Status: -
Name: intelppm.sys
Image Path: C:\Windows\system32\DRIVERS\intelppm.sys
Address: 0x8A5E8000 Size: 61440 File Visible: - Signed: -
Status: -
Name: ipfltdrv.sys
Image Path: C:\Windows\system32\DRIVERS\ipfltdrv.sys
Address: 0xA8F20000 Size: 73728 File Visible: - Signed: -
Status: -
Name: ipnat.sys
Image Path: C:\Windows\system32\DRIVERS\ipnat.sys
Address: 0xB4D01000 Size: 155648 File Visible: - Signed: -
Status: -
Name: jmcr.sys
Image Path: C:\Windows\system32\DRIVERS\jmcr.sys
Address: 0x8EB91000 Size: 93056 File Visible: - Signed: -
Status: -
Name: kbdclass.sys
Image Path: C:\Windows\system32\DRIVERS\kbdclass.sys
Address: 0x8EBEF000 Size: 45056 File Visible: - Signed: -
Status: -
Name: kdcom.dll
Image Path: C:\Windows\system32\kdcom.dll
Address: 0x80409000 Size: 28672 File Visible: - Signed: -
Status: -
Name: ks.sys
Image Path: C:\Windows\system32\DRIVERS\ks.sys
Address: 0x8A19E000 Size: 172032 File Visible: - Signed: -
Status: -
Name: ksecdd.sys
Image Path: C:\Windows\System32\Drivers\ksecdd.sys
Address: 0x8275D000 Size: 462848 File Visible: - Signed: -
Status: -
Name: lltdio.sys
Image Path: C:\Windows\system32\DRIVERS\lltdio.sys
Address: 0xA8F32000 Size: 65536 File Visible: - Signed: -
Status: -
Name: luafv.sys
Image Path: C:\Windows\system32\drivers\luafv.sys
Address: 0xA8E36000 Size: 110592 File Visible: - Signed: -
Status: -
Name: mcupdate_GenuineIntel.dll
Image Path: C:\Windows\system32\mcupdate_GenuineIntel.dll
Address: 0x80410000 Size: 458752 File Visible: - Signed: -
Status: -
Name: mdmxsdk.sys
Image Path: C:\Windows\system32\DRIVERS\mdmxsdk.sys
Address: 0xB0F55000 Size: 12672 File Visible: - Signed: -
Status: -
Name: modem.sys
Image Path: C:\Windows\system32\drivers\modem.sys
Address: 0x8A1E6000 Size: 53248 File Visible: - Signed: -
Status: -
Name: monitor.sys
Image Path: C:\Windows\system32\DRIVERS\monitor.sys
Address: 0xA8E27000 Size: 61440 File Visible: - Signed: -
Status: -
Name: mouclass.sys
Image Path: C:\Windows\system32\DRIVERS\mouclass.sys
Address: 0x8E6E7000 Size: 45056 File Visible: - Signed: -
Status: -
Name: mountmgr.sys
Image Path: C:\Windows\System32\drivers\mountmgr.sys
Address: 0x80789000 Size: 65536 File Visible: - Signed: -
Status: -
Name: mpsdrv.sys
Image Path: C:\Windows\System32\drivers\mpsdrv.sys
Address: 0xB0E3C000 Size: 86016 File Visible: - Signed: -
Status: -
Name: mrxdav.sys
Image Path: C:\Windows\system32\drivers\mrxdav.sys
Address: 0xB0E51000 Size: 135168 File Visible: - Signed: -
Status: -
Name: mrxsmb.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb.sys
Address: 0xB0E72000 Size: 126976 File Visible: - Signed: -
Status: -
Name: mrxsmb10.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb10.sys
Address: 0xB0E91000 Size: 233472 File Visible: - Signed: -
Status: -
Name: mrxsmb20.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb20.sys
Address: 0xB0ECA000 Size: 98304 File Visible: - Signed: -
Status: -
Name: msahci.sys
Image Path: C:\Windows\system32\drivers\msahci.sys
Address: 0x82703000 Size: 40960 File Visible: - Signed: -
Status: -
Name: Msfs.SYS
Image Path: C:\Windows\System32\Drivers\Msfs.SYS
Address: 0x9063B000 Size: 45056 File Visible: - Signed: -
Status: -
Name: msisadrv.sys
Image Path: C:\Windows\system32\drivers\msisadrv.sys
Address: 0x806E5000 Size: 32768 File Visible: - Signed: -
Status: -
Name: msiscsi.sys
Image Path: C:\Windows\system32\DRIVERS\msiscsi.sys
Address: 0x8E713000 Size: 192512 File Visible: - Signed: -
Status: -
Name: msrpc.sys
Image Path: C:\Windows\system32\drivers\msrpc.sys
Address: 0x8A113000 Size: 176128 File Visible: - Signed: -
Status: -
Name: mssmbios.sys
Image Path: C:\Windows\system32\DRIVERS\mssmbios.sys
Address: 0x8E7F6000 Size: 40960 File Visible: - Signed: -
Status: -
Name: mup.sys
Image Path: C:\Windows\System32\Drivers\mup.sys
Address: 0x8A556000 Size: 61440 File Visible: - Signed: -
Status: -
Name: ndis.sys
Image Path: C:\Windows\system32\drivers\ndis.sys
Address: 0x8A008000 Size: 1093632 File Visible: - Signed: -
Status: -
Name: ndistapi.sys
Image Path: C:\Windows\system32\DRIVERS\ndistapi.sys
Address: 0x8E7A5000 Size: 45056 File Visible: - Signed: -
Status: -
Name: ndisuio.sys
Image Path: C:\Windows\system32\DRIVERS\ndisuio.sys
Address: 0xA8F6C000 Size: 40960 File Visible: - Signed: -
Status: -
Name: ndiswan.sys
Image Path: C:\Windows\system32\DRIVERS\ndiswan.sys
Address: 0x8E7B0000 Size: 143360 File Visible: - Signed: -
Status: -
Name: NDProxy.SYS
Image Path: C:\Windows\System32\Drivers\NDProxy.SYS
Address: 0x8A1D5000 Size: 69632 File Visible: - Signed: -
Status: -
Name: netbios.sys
Image Path: C:\Windows\system32\DRIVERS\netbios.sys
Address: 0x9072F000 Size: 57344 File Visible: - Signed: -
Status: -
Name: netbt.sys
Image Path: C:\Windows\System32\DRIVERS\netbt.sys
Address: 0x906DE000 Size: 204800 File Visible: - Signed: -
Status: -
Name: NETIO.SYS
Image Path: C:\Windows\system32\drivers\NETIO.SYS
Address: 0x8A13E000 Size: 241664 File Visible: - Signed: -
Status: -
Name: NETw5v32.sys
Image Path: C:\Windows\system32\DRIVERS\NETw5v32.sys
Address: 0x8E809000 Size: 3702784 File Visible: - Signed: -
Status: -
Name: Npfs.SYS
Image Path: C:\Windows\System32\Drivers\Npfs.SYS
Address: 0x90646000 Size: 57344 File Visible: - Signed: -
Status: -
Name: nsiproxy.sys
Image Path: C:\Windows\system32\drivers\nsiproxy.sys
Address: 0x90790000 Size: 40960 File Visible: - Signed: -
Status: -
Name: Ntfs.sys
Image Path: C:\Windows\System32\Drivers\Ntfs.sys
Address: 0x8A405000 Size: 1114112 File Visible: - Signed: -
Status: -
Name: NTIDrvr.sys
Image Path: C:\Windows\system32\DRIVERS\NTIDrvr.sys
Address: 0x8E800000 Size: 32768 File Visible: - Signed: -
Status: -
Name: ntkrnlpa.exe
Image Path: C:\Windows\system32\ntkrnlpa.exe
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: Null.SYS
Image Path: C:\Windows\System32\Drivers\Null.SYS
Address: 0x905F9000 Size: 28672 File Visible: - Signed: -
Status: -
Name: nwifi.sys
Image Path: C:\Windows\system32\DRIVERS\nwifi.sys
Address: 0xA8F42000 Size: 172032 File Visible: - Signed: -
Status: -
Name: pacer.sys
Image Path: C:\Windows\system32\DRIVERS\pacer.sys
Address: 0x90719000 Size: 90112 File Visible: - Signed: -
Status: -
Name: partmgr.sys
Image Path: C:\Windows\System32\drivers\partmgr.sys
Address: 0x80714000 Size: 61440 File Visible: - Signed: -
Status: -
Name: pci.sys
Image Path: C:\Windows\system32\drivers\pci.sys
Address: 0x806ED000 Size: 159744 File Visible: - Signed: -
Status: -
Name: PCIIDEX.SYS
Image Path: C:\Windows\system32\drivers\PCIIDEX.SYS
Address: 0x8270D000 Size: 57344 File Visible: - Signed: -
Status: -
Name: peauth.sys
Image Path: C:\Windows\system32\drivers\peauth.sys
Address: 0xB4C05000 Size: 909312 File Visible: - Signed: -
Status: -
Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: portcls.sys
Image Path: C:\Windows\system32\drivers\portcls.sys
Address: 0x827CE000 Size: 184320 File Visible: - Signed: -
Status: -
Name: PSHED.dll
Image Path: C:\Windows\system32\PSHED.dll
Address: 0x80480000 Size: 69632 File Visible: - Signed: -
Status: -
Name: rasacd.sys
Image Path: C:\Windows\System32\DRIVERS\rasacd.sys
Address: 0x90654000 Size: 36864 File Visible: - Signed: -
Status: -
Name: rasl2tp.sys
Image Path: C:\Windows\system32\DRIVERS\rasl2tp.sys
Address: 0x8E78E000 Size: 94208 File Visible: - Signed: -
Status: -
Name: raspppoe.sys
Image Path: C:\Windows\system32\DRIVERS\raspppoe.sys
Address: 0x8E7D3000 Size: 61440 File Visible: - Signed: -
Status: -
Name: raspptp.sys
Image Path: C:\Windows\system32\DRIVERS\raspptp.sys
Address: 0x8E7E2000 Size: 81920 File Visible: - Signed: -
Status: -
Name: rassstp.sys
Image Path: C:\Windows\system32\DRIVERS\rassstp.sys
Address: 0x8A179000 Size: 86016 File Visible: - Signed: -
Status: -
Name: RAW
Image Path: \FileSystem\RAW
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: rdbss.sys
Image Path: C:\Windows\system32\DRIVERS\rdbss.sys
Address: 0x90750000 Size: 245760 File Visible: - Signed: -
Status: -
Name: RDPCDD.sys
Image Path: C:\Windows\System32\DRIVERS\RDPCDD.sys
Address: 0x9062B000 Size: 32768 File Visible: - Signed: -
Status: -
Name: rdpencdd.sys
Image Path: C:\Windows\system32\drivers\rdpencdd.sys
Address: 0x90633000 Size: 32768 File Visible: - Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0xB4D3D000 Size: 49152 File Visible: No Signed: -
Status: -
Name: rspndr.sys
Image Path: C:\Windows\system32\DRIVERS\rspndr.sys
Address: 0xA8F76000 Size: 77824 File Visible: - Signed: -
Status: -
Name: Rtlh86.sys
Image Path: C:\Windows\system32\DRIVERS\Rtlh86.sys
Address: 0x8E696000 Size: 147456 File Visible: - Signed: -
Status: -
Name: SCSIPORT.SYS
Image Path: C:\Windows\system32\DRIVERS\SCSIPORT.SYS
Address: 0x8EBA8000 Size: 155648 File Visible: - Signed: -
Status: -
Name: secdrv.SYS
Image Path: C:\Windows\System32\Drivers\secdrv.SYS
Address: 0xB4CE3000 Size: 40960 File Visible: - Signed: -
Status: -
Name: smb.sys
Image Path: C:\Windows\system32\DRIVERS\smb.sys
Address: 0x90673000 Size: 81920 File Visible: - Signed: -
Status: -
Name: spldr.sys
Image Path: C:\Windows\System32\Drivers\spldr.sys
Address: 0x8A54E000 Size: 32768 File Visible: - Signed: -
Status: -
Name: spsys.sys
Image Path: C:\Windows\system32\drivers\spsys.sys
Address: 0xA8E70000 Size: 720896 File Visible: - Signed: -
Status: -
Name: srv.sys
Image Path: C:\Windows\System32\DRIVERS\srv.sys
Address: 0xB0F09000 Size: 311296 File Visible: - Signed: -
Status: -
Name: srv2.sys
Image Path: C:\Windows\System32\DRIVERS\srv2.sys
Address: 0xB0EE2000 Size: 159744 File Visible: - Signed: -
Status: -
Name: srvnet
Image Path: \FileSystem\srvnet
Address: 0xAF278000 Size: 118784 File Visible: No Signed: -
Status: Hidden from the Windows API!
Name: srvnet.sys
Image Path: C:\Windows\System32\DRIVERS\srvnet.sys
Address: 0xB0E06000 Size: 118784 File Visible: - Signed: -
Status: -
Name: storport.sys
Image Path: C:\Windows\system32\DRIVERS\storport.sys
Address: 0x8E742000 Size: 266240 File Visible: - Signed: -
Status: -
Name: swenum.sys
Image Path: C:\Windows\system32\DRIVERS\swenum.sys
Address: 0x8EBFA000 Size: 4992 File Visible: - Signed: -
Status: -
Name: tcpip.sys
Image Path: C:\Windows\System32\drivers\tcpip.sys
Address: 0x8A209000 Size: 958464 File Visible: - Signed: -
Status: -
Name: tcpipreg.sys
Image Path: C:\Windows\System32\drivers\tcpipreg.sys
Address: 0xB4CED000 Size: 49152 File Visible: - Signed: -
Status: -
Name: TDI.SYS
Image Path: C:\Windows\system32\DRIVERS\TDI.SYS
Address: 0x8E783000 Size: 45056 File Visible: - Signed: -
Status: -
Name: tdx.sys
Image Path: C:\Windows\system32\DRIVERS\tdx.sys
Address: 0x9065D000 Size: 90112 File Visible: - Signed: -
Status: -
Name: termdd.sys
Image Path: C:\Windows\system32\DRIVERS\termdd.sys
Address: 0x8A18E000 Size: 65536 File Visible: - Signed: -
Status: -
Name: TSDDD.dll
Image Path: C:\Windows\System32\TSDDD.dll
Address: 0x97C90000 Size: 36864 File Visible: - Signed: -
Status: -
Name: tunmp.sys
Image Path: C:\Windows\system32\DRIVERS\tunmp.sys
Address: 0x8A5DF000 Size: 36864 File Visible: - Signed: -
Status: -
Name: tunnel.sys
Image Path: C:\Windows\system32\DRIVERS\tunnel.sys
Address: 0x8A5D4000 Size: 45056 File Visible: - Signed: -
Status: -
Name: UBHelper.sys
Image Path: C:\Windows\System32\Drivers\UBHelper.sys
Address: 0x80799000 Size: 32768 File Visible: - Signed: -
Status: -
Name: umbus.sys
Image Path: C:\Windows\system32\DRIVERS\umbus.sys
Address: 0x8A1C8000 Size: 53248 File Visible: - Signed: -
Status: -
Name: usbccgp.sys
Image Path: C:\Windows\system32\DRIVERS\usbccgp.sys
Address: 0x907E9000 Size: 94208 File Visible: - Signed: -
Status: -
Name: USBD.SYS
Image Path: C:\Windows\system32\DRIVERS\USBD.SYS
Address: 0x90600000 Size: 8192 File Visible: - Signed: -
Status: -
Name: usbehci.sys
Image Path: C:\Windows\system32\DRIVERS\usbehci.sys
Address: 0x8A3E8000 Size: 61440 File Visible: - Signed: -
Status: -
Name: usbhub.sys
Image Path: C:\Windows\system32\DRIVERS\usbhub.sys
Address: 0x807A1000 Size: 217088 File Visible: - Signed: -
Status: -
Name: USBPORT.SYS
Image Path: C:\Windows\system32\DRIVERS\USBPORT.SYS
Address: 0x8E3B6000 Size: 253952 File Visible: - Signed: -
Status: -
Name: usbuhci.sys
Image Path: C:\Windows\system32\DRIVERS\usbuhci.sys
Address: 0x8E3AB000 Size: 45056 File Visible: - Signed: -
Status: -
Name: usbvideo.sys
Image Path: C:\Windows\System32\Drivers\usbvideo.sys
Address: 0xA8E06000 Size: 134016 File Visible: - Signed: -
Status: -
Name: vga.sys
Image Path: C:\Windows\System32\drivers\vga.sys
Address: 0x8A1F3000 Size: 49152 File Visible: - Signed: -
Status: -
Name: VIDEOPRT.SYS
Image Path: C:\Windows\System32\drivers\VIDEOPRT.SYS
Address: 0x9060A000 Size: 135168 File Visible: - Signed: -
Status: -
Name: volmgr.sys
Image Path: C:\Windows\system32\drivers\volmgr.sys
Address: 0x80730000 Size: 61440 File Visible: - Signed: -
Status: -
Name: volmgrx.sys
Image Path: C:\Windows\System32\drivers\volmgrx.sys
Address: 0x8073F000 Size: 303104 File Visible: - Signed: -
Status: -
Name: volsnap.sys
Image Path: C:\Windows\system32\drivers\volsnap.sys
Address: 0x8A515000 Size: 233472 File Visible: - Signed: -
Status: -
Name: wanarp.sys
Image Path: C:\Windows\system32\DRIVERS\wanarp.sys
Address: 0x9073D000 Size: 77824 File Visible: - Signed: -
Status: -
Name: watchdog.sys
Image Path: C:\Windows\System32\drivers\watchdog.sys
Address: 0x8E39F000 Size: 49152 File Visible: - Signed: -
Status: -
Name: Wdf01000.sys
Image Path: C:\Windows\system32\drivers\Wdf01000.sys
Address: 0x8060D000 Size: 507904 File Visible: - Signed: -
Status: -
Name: WDFLDR.SYS
Image Path: C:\Windows\system32\drivers\WDFLDR.SYS
Address: 0x80689000 Size: 53248 File Visible: - Signed: -
Status: -
Name: Win32k
Image Path: \Driver\Win32k
Address: 0x97A70000 Size: 2105344 File Visible: - Signed: -
Status: -
Name: win32k.sys
Image Path: C:\Windows\System32\win32k.sys
Address: 0x97A70000 Size: 2105344 File Visible: - Signed: -
Status: -
Name: wmiacpi.sys
Image Path: C:\Windows\system32\DRIVERS\wmiacpi.sys
Address: 0x8E70A000 Size: 36864 File Visible: - Signed: -
Status: -
Name: WMILIB.SYS
Image Path: C:\Windows\system32\drivers\WMILIB.SYS
Address: 0x806DC000 Size: 36864 File Visible: - Signed: -
Status: -
Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: ws2ifsl.sys
Image Path: C:\Windows\system32\drivers\ws2ifsl.sys
Address: 0x90710000 Size: 36864 File Visible: - Signed: -
Status: -
Name: xaudio.sys
Image Path: C:\Windows\system32\DRIVERS\xaudio.sys
Address: 0xB4CF9000 Size: 32768 File Visible: - Signed: -
Status: -
-------------------------------
---------------------------------
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/03 15:20
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Hidden Services
-------------------
Re: Problémy s explorer.exe
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/03 15:02
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Drivers
-------------------
Name: acpi.sys
Image Path: C:\Windows\system32\drivers\acpi.sys
Address: 0x80696000 Size: 286720 File Visible: - Signed: -
Status: -
Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: afd.sys
Image Path: C:\Windows\system32\drivers\afd.sys
Address: 0x90692000 Size: 294912 File Visible: - Signed: -
Status: -
Name: Apfiltr.sys
Image Path: C:\Windows\system32\DRIVERS\Apfiltr.sys
Address: 0x8E6BA000 Size: 184320 File Visible: - Signed: -
Status: -
Name: aswFsBlk.sys
Image Path: C:\Windows\system32\DRIVERS\aswFsBlk.sys
Address: 0xA8E68000 Size: 32768 File Visible: - Signed: -
Status: -
Name: aswMonFlt.sys
Image Path: C:\Windows\system32\DRIVERS\aswMonFlt.sys
Address: 0xA8E51000 Size: 94208 File Visible: - Signed: -
Status: -
Name: aswRdr.SYS
Image Path: C:\Windows\System32\Drivers\aswRdr.SYS
Address: 0x906DA000 Size: 15136 File Visible: - Signed: -
Status: -
Name: aswSP.SYS
Image Path: C:\Windows\System32\Drivers\aswSP.SYS
Address: 0x907B1000 Size: 135168 File Visible: - Signed: -
Status: -
Name: aswTdi.SYS
Image Path: C:\Windows\System32\Drivers\aswTdi.SYS
Address: 0x90687000 Size: 41664 File Visible: - Signed: -
Status: -
Name: asyncmac.sys
Image Path: C:\Windows\system32\DRIVERS\asyncmac.sys
Address: 0xB4DB8000 Size: 36864 File Visible: - Signed: -
Status: -
Name: atapi.sys
Image Path: C:\Windows\system32\drivers\atapi.sys
Address: 0x826DD000 Size: 32768 File Visible: - Signed: -
Status: -
Name: ataport.SYS
Image Path: C:\Windows\system32\drivers\ataport.SYS
Address: 0x826E5000 Size: 122880 File Visible: - Signed: -
Status: -
Name: BATTC.SYS
Image Path: C:\Windows\system32\DRIVERS\BATTC.SYS
Address: 0x80726000 Size: 40960 File Visible: - Signed: -
Status: -
Name: Beep.SYS
Image Path: C:\Windows\System32\Drivers\Beep.SYS
Address: 0x8E3F4000 Size: 28672 File Visible: - Signed: -
Status: -
Name: BOOTVID.dll
Image Path: C:\Windows\system32\BOOTVID.dll
Address: 0x80491000 Size: 32768 File Visible: - Signed: -
Status: -
Name: bowser.sys
Image Path: C:\Windows\system32\DRIVERS\bowser.sys
Address: 0xB0E23000 Size: 102400 File Visible: - Signed: -
Status: -
Name: cdd.dll
Image Path: C:\Windows\System32\cdd.dll
Address: 0x97CB0000 Size: 57344 File Visible: - Signed: -
Status: -
Name: cdfs.sys
Image Path: C:\Windows\system32\DRIVERS\cdfs.sys
Address: 0xB4D27000 Size: 90112 File Visible: - Signed: -
Status: -
Name: cdrom.sys
Image Path: C:\Windows\system32\DRIVERS\cdrom.sys
Address: 0x8E6F2000 Size: 98304 File Visible: - Signed: -
Status: -
Name: CI.dll
Image Path: C:\Windows\system32\CI.dll
Address: 0x804DA000 Size: 917504 File Visible: - Signed: -
Status: -
Name: CLASSPNP.SYS
Image Path: C:\Windows\system32\drivers\CLASSPNP.SYS
Address: 0x8A59D000 Size: 135168 File Visible: - Signed: -
Status: -
Name: CLFS.SYS
Image Path: C:\Windows\system32\CLFS.SYS
Address: 0x80499000 Size: 266240 File Visible: - Signed: -
Status: -
Name: CmBatt.sys
Image Path: C:\Windows\system32\DRIVERS\CmBatt.sys
Address: 0x8EBCE000 Size: 14208 File Visible: - Signed: -
Status: -
Name: compbatt.sys
Image Path: C:\Windows\system32\DRIVERS\compbatt.sys
Address: 0x80723000 Size: 10496 File Visible: - Signed: -
Status: -
Name: crashdmp.sys
Image Path: C:\Windows\System32\Drivers\crashdmp.sys
Address: 0x907D2000 Size: 53248 File Visible: - Signed: -
Status: -
Name: crcdisk.sys
Image Path: C:\Windows\system32\drivers\crcdisk.sys
Address: 0x8A5BE000 Size: 36864 File Visible: - Signed: -
Status: -
Name: dfsc.sys
Image Path: C:\Windows\System32\Drivers\dfsc.sys
Address: 0x9079A000 Size: 94208 File Visible: - Signed: -
Status: -
Name: disk.sys
Image Path: C:\Windows\system32\drivers\disk.sys
Address: 0x8A58C000 Size: 69632 File Visible: - Signed: -
Status: -
Name: DKbFltr.sys
Image Path: C:\Windows\system32\DRIVERS\DKbFltr.sys
Address: 0x8EBE5000 Size: 40960 File Visible: - Signed: -
Status: -
Name: DPortIO.sys
Image Path: C:\PROGRA~1\LAUNCH~1\DPortIO.sys
Address: 0x9078C000 Size: 13184 File Visible: - Signed: -
Status: -
Name: drmk.sys
Image Path: C:\Windows\system32\drivers\drmk.sys
Address: 0x807D6000 Size: 151552 File Visible: - Signed: -
Status: -
Name: dump_iaStor.sys
Image Path: C:\Windows\System32\Drivers\dump_iaStor.sys
Address: 0x8A30E000 Size: 892928 File Visible: No Signed: -
Status: -
Name: Dxapi.sys
Image Path: C:\Windows\System32\drivers\Dxapi.sys
Address: 0x907DF000 Size: 40960 File Visible: - Signed: -
Status: -
Name: dxgkrnl.sys
Image Path: C:\Windows\System32\drivers\dxgkrnl.sys
Address: 0x8E2FE000 Size: 659456 File Visible: - Signed: -
Status: -
Name: ecache.sys
Image Path: C:\Windows\System32\drivers\ecache.sys
Address: 0x8A565000 Size: 159744 File Visible: - Signed: -
Status: -
Name: fastfat.SYS
Image Path: C:\Windows\System32\Drivers\fastfat.SYS
Address: 0xB4D90000 Size: 163840 File Visible: - Signed: -
Status: -
Name: fileinfo.sys
Image Path: C:\Windows\system32\drivers\fileinfo.sys
Address: 0x8274D000 Size: 65536 File Visible: - Signed: -
Status: -
Name: fltmgr.sys
Image Path: C:\Windows\system32\drivers\fltmgr.sys
Address: 0x8271B000 Size: 204800 File Visible: - Signed: -
Status: -
Name: Fs_Rec.SYS
Image Path: C:\Windows\System32\Drivers\Fs_Rec.SYS
Address: 0x8E600000 Size: 36864 File Visible: - Signed: -
Status: -
Name: fwpkclnt.sys
Image Path: C:\Windows\System32\drivers\fwpkclnt.sys
Address: 0x8A2F3000 Size: 110592 File Visible: - Signed: -
Status: -
Name: hal.dll
Image Path: C:\Windows\system32\hal.dll
Address: 0x82012000 Size: 208896 File Visible: - Signed: -
Status: -
Name: HDAudBus.sys
Image Path: C:\Windows\system32\DRIVERS\HDAudBus.sys
Address: 0x8E609000 Size: 577536 File Visible: - Signed: -
Status: -
Name: HdAudio.sys
Image Path: C:\Windows\system32\drivers\HdAudio.sys
Address: 0x805BA000 Size: 258048 File Visible: - Signed: -
Status: -
Name: HSX_CNXT.sys
Image Path: C:\Windows\system32\DRIVERS\HSX_CNXT.sys
Address: 0x90544000 Size: 741376 File Visible: - Signed: -
Status: -
Name: HSX_DPV.sys
Image Path: C:\Windows\system32\DRIVERS\HSX_DPV.sys
Address: 0x90441000 Size: 1060864 File Visible: - Signed: -
Status: -
Name: HSXHWAZL.sys
Image Path: C:\Windows\system32\DRIVERS\HSXHWAZL.sys
Address: 0x90403000 Size: 253952 File Visible: - Signed: -
Status: -
Name: HTTP.sys
Image Path: C:\Windows\system32\drivers\HTTP.sys
Address: 0xA8F89000 Size: 446464 File Visible: - Signed: -
Status: -
Name: i8042prt.sys
Image Path: C:\Windows\system32\DRIVERS\i8042prt.sys
Address: 0x8EBD2000 Size: 77824 File Visible: - Signed: -
Status: -
Name: iaStor.sys
Image Path: C:\Windows\system32\DRIVERS\iaStor.sys
Address: 0x82603000 Size: 892928 File Visible: - Signed: -
Status: -
Name: igdkmd32.sys
Image Path: C:\Windows\system32\DRIVERS\igdkmd32.sys
Address: 0x8DC03000 Size: 7319552 File Visible: - Signed: -
Status: -
Name: intelppm.sys
Image Path: C:\Windows\system32\DRIVERS\intelppm.sys
Address: 0x8A5E8000 Size: 61440 File Visible: - Signed: -
Status: -
Name: ipfltdrv.sys
Image Path: C:\Windows\system32\DRIVERS\ipfltdrv.sys
Address: 0xA8F20000 Size: 73728 File Visible: - Signed: -
Status: -
Name: ipnat.sys
Image Path: C:\Windows\system32\DRIVERS\ipnat.sys
Address: 0xB4D01000 Size: 155648 File Visible: - Signed: -
Status: -
Name: jmcr.sys
Image Path: C:\Windows\system32\DRIVERS\jmcr.sys
Address: 0x8EB91000 Size: 93056 File Visible: - Signed: -
Status: -
Name: kbdclass.sys
Image Path: C:\Windows\system32\DRIVERS\kbdclass.sys
Address: 0x8EBEF000 Size: 45056 File Visible: - Signed: -
Status: -
Name: kdcom.dll
Image Path: C:\Windows\system32\kdcom.dll
Address: 0x80409000 Size: 28672 File Visible: - Signed: -
Status: -
Name: ks.sys
Image Path: C:\Windows\system32\DRIVERS\ks.sys
Address: 0x8A19E000 Size: 172032 File Visible: - Signed: -
Status: -
Name: ksecdd.sys
Image Path: C:\Windows\System32\Drivers\ksecdd.sys
Address: 0x8275D000 Size: 462848 File Visible: - Signed: -
Status: -
Name: lltdio.sys
Image Path: C:\Windows\system32\DRIVERS\lltdio.sys
Address: 0xA8F32000 Size: 65536 File Visible: - Signed: -
Status: -
Name: luafv.sys
Image Path: C:\Windows\system32\drivers\luafv.sys
Address: 0xA8E36000 Size: 110592 File Visible: - Signed: -
Status: -
Name: mcupdate_GenuineIntel.dll
Image Path: C:\Windows\system32\mcupdate_GenuineIntel.dll
Address: 0x80410000 Size: 458752 File Visible: - Signed: -
Status: -
Name: mdmxsdk.sys
Image Path: C:\Windows\system32\DRIVERS\mdmxsdk.sys
Address: 0xB0F55000 Size: 12672 File Visible: - Signed: -
Status: -
Name: modem.sys
Image Path: C:\Windows\system32\drivers\modem.sys
Address: 0x8A1E6000 Size: 53248 File Visible: - Signed: -
Status: -
Name: monitor.sys
Image Path: C:\Windows\system32\DRIVERS\monitor.sys
Address: 0xA8E27000 Size: 61440 File Visible: - Signed: -
Status: -
Name: mouclass.sys
Image Path: C:\Windows\system32\DRIVERS\mouclass.sys
Address: 0x8E6E7000 Size: 45056 File Visible: - Signed: -
Status: -
Name: mountmgr.sys
Image Path: C:\Windows\System32\drivers\mountmgr.sys
Address: 0x80789000 Size: 65536 File Visible: - Signed: -
Status: -
Name: mpsdrv.sys
Image Path: C:\Windows\System32\drivers\mpsdrv.sys
Address: 0xB0E3C000 Size: 86016 File Visible: - Signed: -
Status: -
Name: mrxdav.sys
Image Path: C:\Windows\system32\drivers\mrxdav.sys
Address: 0xB0E51000 Size: 135168 File Visible: - Signed: -
Status: -
Name: mrxsmb.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb.sys
Address: 0xB0E72000 Size: 126976 File Visible: - Signed: -
Status: -
Name: mrxsmb10.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb10.sys
Address: 0xB0E91000 Size: 233472 File Visible: - Signed: -
Status: -
Name: mrxsmb20.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb20.sys
Address: 0xB0ECA000 Size: 98304 File Visible: - Signed: -
Status: -
Name: msahci.sys
Image Path: C:\Windows\system32\drivers\msahci.sys
Address: 0x82703000 Size: 40960 File Visible: - Signed: -
Status: -
Name: Msfs.SYS
Image Path: C:\Windows\System32\Drivers\Msfs.SYS
Address: 0x9063B000 Size: 45056 File Visible: - Signed: -
Status: -
Name: msisadrv.sys
Image Path: C:\Windows\system32\drivers\msisadrv.sys
Address: 0x806E5000 Size: 32768 File Visible: - Signed: -
Status: -
Name: msiscsi.sys
Image Path: C:\Windows\system32\DRIVERS\msiscsi.sys
Address: 0x8E713000 Size: 192512 File Visible: - Signed: -
Status: -
Name: msrpc.sys
Image Path: C:\Windows\system32\drivers\msrpc.sys
Address: 0x8A113000 Size: 176128 File Visible: - Signed: -
Status: -
Name: mssmbios.sys
Image Path: C:\Windows\system32\DRIVERS\mssmbios.sys
Address: 0x8E7F6000 Size: 40960 File Visible: - Signed: -
Status: -
Name: mup.sys
Image Path: C:\Windows\System32\Drivers\mup.sys
Address: 0x8A556000 Size: 61440 File Visible: - Signed: -
Status: -
Name: ndis.sys
Image Path: C:\Windows\system32\drivers\ndis.sys
Address: 0x8A008000 Size: 1093632 File Visible: - Signed: -
Status: -
Name: ndistapi.sys
Image Path: C:\Windows\system32\DRIVERS\ndistapi.sys
Address: 0x8E7A5000 Size: 45056 File Visible: - Signed: -
Status: -
Name: ndisuio.sys
Image Path: C:\Windows\system32\DRIVERS\ndisuio.sys
Address: 0xA8F6C000 Size: 40960 File Visible: - Signed: -
Status: -
Name: ndiswan.sys
Image Path: C:\Windows\system32\DRIVERS\ndiswan.sys
Address: 0x8E7B0000 Size: 143360 File Visible: - Signed: -
Status: -
Name: NDProxy.SYS
Image Path: C:\Windows\System32\Drivers\NDProxy.SYS
Address: 0x8A1D5000 Size: 69632 File Visible: - Signed: -
Status: -
Name: netbios.sys
Image Path: C:\Windows\system32\DRIVERS\netbios.sys
Address: 0x9072F000 Size: 57344 File Visible: - Signed: -
Status: -
Name: netbt.sys
Image Path: C:\Windows\System32\DRIVERS\netbt.sys
Address: 0x906DE000 Size: 204800 File Visible: - Signed: -
Status: -
Name: NETIO.SYS
Image Path: C:\Windows\system32\drivers\NETIO.SYS
Address: 0x8A13E000 Size: 241664 File Visible: - Signed: -
Status: -
Name: NETw5v32.sys
Image Path: C:\Windows\system32\DRIVERS\NETw5v32.sys
Address: 0x8E809000 Size: 3702784 File Visible: - Signed: -
Status: -
Name: Npfs.SYS
Image Path: C:\Windows\System32\Drivers\Npfs.SYS
Address: 0x90646000 Size: 57344 File Visible: - Signed: -
Status: -
Name: nsiproxy.sys
Image Path: C:\Windows\system32\drivers\nsiproxy.sys
Address: 0x90790000 Size: 40960 File Visible: - Signed: -
Status: -
Name: Ntfs.sys
Image Path: C:\Windows\System32\Drivers\Ntfs.sys
Address: 0x8A405000 Size: 1114112 File Visible: - Signed: -
Status: -
Name: NTIDrvr.sys
Image Path: C:\Windows\system32\DRIVERS\NTIDrvr.sys
Address: 0x8E800000 Size: 32768 File Visible: - Signed: -
Status: -
Name: ntkrnlpa.exe
Image Path: C:\Windows\system32\ntkrnlpa.exe
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: Null.SYS
Image Path: C:\Windows\System32\Drivers\Null.SYS
Address: 0x905F9000 Size: 28672 File Visible: - Signed: -
Status: -
Name: nwifi.sys
Image Path: C:\Windows\system32\DRIVERS\nwifi.sys
Address: 0xA8F42000 Size: 172032 File Visible: - Signed: -
Status: -
Name: pacer.sys
Image Path: C:\Windows\system32\DRIVERS\pacer.sys
Address: 0x90719000 Size: 90112 File Visible: - Signed: -
Status: -
Name: partmgr.sys
Image Path: C:\Windows\System32\drivers\partmgr.sys
Address: 0x80714000 Size: 61440 File Visible: - Signed: -
Status: -
Name: pci.sys
Image Path: C:\Windows\system32\drivers\pci.sys
Address: 0x806ED000 Size: 159744 File Visible: - Signed: -
Status: -
Name: PCIIDEX.SYS
Image Path: C:\Windows\system32\drivers\PCIIDEX.SYS
Address: 0x8270D000 Size: 57344 File Visible: - Signed: -
Status: -
Name: peauth.sys
Image Path: C:\Windows\system32\drivers\peauth.sys
Address: 0xB4C05000 Size: 909312 File Visible: - Signed: -
Status: -
Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: portcls.sys
Image Path: C:\Windows\system32\drivers\portcls.sys
Address: 0x827CE000 Size: 184320 File Visible: - Signed: -
Status: -
Name: PSHED.dll
Image Path: C:\Windows\system32\PSHED.dll
Address: 0x80480000 Size: 69632 File Visible: - Signed: -
Status: -
Name: rasacd.sys
Image Path: C:\Windows\System32\DRIVERS\rasacd.sys
Address: 0x90654000 Size: 36864 File Visible: - Signed: -
Status: -
Name: rasl2tp.sys
Image Path: C:\Windows\system32\DRIVERS\rasl2tp.sys
Address: 0x8E78E000 Size: 94208 File Visible: - Signed: -
Status: -
Name: raspppoe.sys
Image Path: C:\Windows\system32\DRIVERS\raspppoe.sys
Address: 0x8E7D3000 Size: 61440 File Visible: - Signed: -
Status: -
Name: raspptp.sys
Image Path: C:\Windows\system32\DRIVERS\raspptp.sys
Address: 0x8E7E2000 Size: 81920 File Visible: - Signed: -
Status: -
Name: rassstp.sys
Image Path: C:\Windows\system32\DRIVERS\rassstp.sys
Address: 0x8A179000 Size: 86016 File Visible: - Signed: -
Status: -
Name: RAW
Image Path: \FileSystem\RAW
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: rdbss.sys
Image Path: C:\Windows\system32\DRIVERS\rdbss.sys
Address: 0x90750000 Size: 245760 File Visible: - Signed: -
Status: -
Name: RDPCDD.sys
Image Path: C:\Windows\System32\DRIVERS\RDPCDD.sys
Address: 0x9062B000 Size: 32768 File Visible: - Signed: -
Status: -
Name: rdpencdd.sys
Image Path: C:\Windows\system32\drivers\rdpencdd.sys
Address: 0x90633000 Size: 32768 File Visible: - Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0xB4D3D000 Size: 49152 File Visible: No Signed: -
Status: -
Name: rspndr.sys
Image Path: C:\Windows\system32\DRIVERS\rspndr.sys
Address: 0xA8F76000 Size: 77824 File Visible: - Signed: -
Status: -
Name: Rtlh86.sys
Image Path: C:\Windows\system32\DRIVERS\Rtlh86.sys
Address: 0x8E696000 Size: 147456 File Visible: - Signed: -
Status: -
Name: SCSIPORT.SYS
Image Path: C:\Windows\system32\DRIVERS\SCSIPORT.SYS
Address: 0x8EBA8000 Size: 155648 File Visible: - Signed: -
Status: -
Name: secdrv.SYS
Image Path: C:\Windows\System32\Drivers\secdrv.SYS
Address: 0xB4CE3000 Size: 40960 File Visible: - Signed: -
Status: -
Name: smb.sys
Image Path: C:\Windows\system32\DRIVERS\smb.sys
Address: 0x90673000 Size: 81920 File Visible: - Signed: -
Status: -
Name: spldr.sys
Image Path: C:\Windows\System32\Drivers\spldr.sys
Address: 0x8A54E000 Size: 32768 File Visible: - Signed: -
Status: -
Name: spsys.sys
Image Path: C:\Windows\system32\drivers\spsys.sys
Address: 0xA8E70000 Size: 720896 File Visible: - Signed: -
Status: -
Name: srv.sys
Image Path: C:\Windows\System32\DRIVERS\srv.sys
Address: 0xB0F09000 Size: 311296 File Visible: - Signed: -
Status: -
Name: srv2.sys
Image Path: C:\Windows\System32\DRIVERS\srv2.sys
Address: 0xB0EE2000 Size: 159744 File Visible: - Signed: -
Status: -
Name: srvnet
Image Path: \FileSystem\srvnet
Address: 0xAF278000 Size: 118784 File Visible: No Signed: -
Status: Hidden from the Windows API!
Name: srvnet.sys
Image Path: C:\Windows\System32\DRIVERS\srvnet.sys
Address: 0xB0E06000 Size: 118784 File Visible: - Signed: -
Status: -
Name: storport.sys
Image Path: C:\Windows\system32\DRIVERS\storport.sys
Address: 0x8E742000 Size: 266240 File Visible: - Signed: -
Status: -
Name: swenum.sys
Image Path: C:\Windows\system32\DRIVERS\swenum.sys
Address: 0x8EBFA000 Size: 4992 File Visible: - Signed: -
Status: -
Name: tcpip.sys
Image Path: C:\Windows\System32\drivers\tcpip.sys
Address: 0x8A209000 Size: 958464 File Visible: - Signed: -
Status: -
Name: tcpipreg.sys
Image Path: C:\Windows\System32\drivers\tcpipreg.sys
Address: 0xB4CED000 Size: 49152 File Visible: - Signed: -
Status: -
Name: TDI.SYS
Image Path: C:\Windows\system32\DRIVERS\TDI.SYS
Address: 0x8E783000 Size: 45056 File Visible: - Signed: -
Status: -
Name: tdx.sys
Image Path: C:\Windows\system32\DRIVERS\tdx.sys
Address: 0x9065D000 Size: 90112 File Visible: - Signed: -
Status: -
Name: termdd.sys
Image Path: C:\Windows\system32\DRIVERS\termdd.sys
Address: 0x8A18E000 Size: 65536 File Visible: - Signed: -
Status: -
Name: TSDDD.dll
Image Path: C:\Windows\System32\TSDDD.dll
Address: 0x97C90000 Size: 36864 File Visible: - Signed: -
Status: -
Name: tunmp.sys
Image Path: C:\Windows\system32\DRIVERS\tunmp.sys
Address: 0x8A5DF000 Size: 36864 File Visible: - Signed: -
Status: -
Name: tunnel.sys
Image Path: C:\Windows\system32\DRIVERS\tunnel.sys
Address: 0x8A5D4000 Size: 45056 File Visible: - Signed: -
Status: -
Name: UBHelper.sys
Image Path: C:\Windows\System32\Drivers\UBHelper.sys
Address: 0x80799000 Size: 32768 File Visible: - Signed: -
Status: -
Name: umbus.sys
Image Path: C:\Windows\system32\DRIVERS\umbus.sys
Address: 0x8A1C8000 Size: 53248 File Visible: - Signed: -
Status: -
Name: usbccgp.sys
Image Path: C:\Windows\system32\DRIVERS\usbccgp.sys
Address: 0x907E9000 Size: 94208 File Visible: - Signed: -
Status: -
Name: USBD.SYS
Image Path: C:\Windows\system32\DRIVERS\USBD.SYS
Address: 0x90600000 Size: 8192 File Visible: - Signed: -
Status: -
Name: usbehci.sys
Image Path: C:\Windows\system32\DRIVERS\usbehci.sys
Address: 0x8A3E8000 Size: 61440 File Visible: - Signed: -
Status: -
Name: usbhub.sys
Image Path: C:\Windows\system32\DRIVERS\usbhub.sys
Address: 0x807A1000 Size: 217088 File Visible: - Signed: -
Status: -
Name: USBPORT.SYS
Image Path: C:\Windows\system32\DRIVERS\USBPORT.SYS
Address: 0x8E3B6000 Size: 253952 File Visible: - Signed: -
Status: -
Name: usbuhci.sys
Image Path: C:\Windows\system32\DRIVERS\usbuhci.sys
Address: 0x8E3AB000 Size: 45056 File Visible: - Signed: -
Status: -
Name: usbvideo.sys
Image Path: C:\Windows\System32\Drivers\usbvideo.sys
Address: 0xA8E06000 Size: 134016 File Visible: - Signed: -
Status: -
Name: vga.sys
Image Path: C:\Windows\System32\drivers\vga.sys
Address: 0x8A1F3000 Size: 49152 File Visible: - Signed: -
Status: -
Name: VIDEOPRT.SYS
Image Path: C:\Windows\System32\drivers\VIDEOPRT.SYS
Address: 0x9060A000 Size: 135168 File Visible: - Signed: -
Status: -
Name: volmgr.sys
Image Path: C:\Windows\system32\drivers\volmgr.sys
Address: 0x80730000 Size: 61440 File Visible: - Signed: -
Status: -
Name: volmgrx.sys
Image Path: C:\Windows\System32\drivers\volmgrx.sys
Address: 0x8073F000 Size: 303104 File Visible: - Signed: -
Status: -
Name: volsnap.sys
Image Path: C:\Windows\system32\drivers\volsnap.sys
Address: 0x8A515000 Size: 233472 File Visible: - Signed: -
Status: -
Name: wanarp.sys
Image Path: C:\Windows\system32\DRIVERS\wanarp.sys
Address: 0x9073D000 Size: 77824 File Visible: - Signed: -
Status: -
Name: watchdog.sys
Image Path: C:\Windows\System32\drivers\watchdog.sys
Address: 0x8E39F000 Size: 49152 File Visible: - Signed: -
Status: -
Name: Wdf01000.sys
Image Path: C:\Windows\system32\drivers\Wdf01000.sys
Address: 0x8060D000 Size: 507904 File Visible: - Signed: -
Status: -
Name: WDFLDR.SYS
Image Path: C:\Windows\system32\drivers\WDFLDR.SYS
Address: 0x80689000 Size: 53248 File Visible: - Signed: -
Status: -
Name: Win32k
Image Path: \Driver\Win32k
Address: 0x97A70000 Size: 2105344 File Visible: - Signed: -
Status: -
Name: win32k.sys
Image Path: C:\Windows\System32\win32k.sys
Address: 0x97A70000 Size: 2105344 File Visible: - Signed: -
Status: -
Name: wmiacpi.sys
Image Path: C:\Windows\system32\DRIVERS\wmiacpi.sys
Address: 0x8E70A000 Size: 36864 File Visible: - Signed: -
Status: -
Name: WMILIB.SYS
Image Path: C:\Windows\system32\drivers\WMILIB.SYS
Address: 0x806DC000 Size: 36864 File Visible: - Signed: -
Status: -
Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: ws2ifsl.sys
Image Path: C:\Windows\system32\drivers\ws2ifsl.sys
Address: 0x90710000 Size: 36864 File Visible: - Signed: -
Status: -
Name: xaudio.sys
Image Path: C:\Windows\system32\DRIVERS\xaudio.sys
Address: 0xB4CF9000 Size: 32768 File Visible: - Signed: -
Status: -
-------------------------
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/03 15:19
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Stealth Objects
-------------------
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/03 15:19
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
SSDT
-------------------
#: 000 Function Name: NtAcceptConnectPort
Status: Not hooked
#: 001 Function Name: NtAccessCheck
Status: Not hooked
#: 002 Function Name: NtAccessCheckAndAuditAlarm
Status: Not hooked
#: 003 Function Name: NtAccessCheckByType
Status: Not hooked
#: 004 Function Name: NtAccessCheckByTypeAndAuditAlarm
Status: Not hooked
#: 005 Function Name: NtAccessCheckByTypeResultList
Status: Not hooked
#: 006 Function Name: NtAccessCheckByTypeResultListAndAuditAlarm
Status: Not hooked
#: 007 Function Name: NtAccessCheckByTypeResultListAndAuditAlarmByHandle
Status: Not hooked
#: 008 Function Name: NtAddAtom
Status: Not hooked
#: 009 Function Name: NtAddBootEntry
Status: Not hooked
#: 010 Function Name: NtAddDriverEntry
Status: Not hooked
#: 011 Function Name: NtAdjustGroupsToken
Status: Not hooked
#: 012 Function Name: NtAdjustPrivilegesToken
Status: Not hooked
#: 013 Function Name: NtAlertResumeThread
Status: Not hooked
#: 014 Function Name: NtAlertThread
Status: Not hooked
#: 015 Function Name: NtAllocateLocallyUniqueId
Status: Not hooked
#: 016 Function Name: NtAllocateUserPhysicalPages
Status: Not hooked
#: 017 Function Name: NtAllocateUuids
Status: Not hooked
#: 018 Function Name: NtAllocateVirtualMemory
Status: Not hooked
#: 019 Function Name: NtAlpcAcceptConnectPort
Status: Not hooked
#: 020 Function Name: NtAlpcCancelMessage
Status: Not hooked
#: 021 Function Name: NtAlpcConnectPort
Status: Not hooked
#: 022 Function Name: NtAlpcCreatePort
Status: Not hooked
#: 023 Function Name: NtAlpcCreatePortSection
Status: Not hooked
#: 024 Function Name: NtAlpcCreateResourceReserve
Status: Not hooked
#: 025 Function Name: NtAlpcCreateSectionView
Status: Not hooked
#: 026 Function Name: NtAlpcCreateSecurityContext
Status: Not hooked
#: 027 Function Name: NtAlpcDeletePortSection
Status: Not hooked
#: 028 Function Name: NtAlpcDeleteResourceReserve
Status: Not hooked
#: 029 Function Name: NtAlpcDeleteSectionView
Status: Not hooked
#: 030 Function Name: NtAlpcDeleteSecurityContext
Status: Not hooked
#: 031 Function Name: NtAlpcDisconnectPort
Status: Not hooked
#: 032 Function Name: NtAlpcImpersonateClientOfPort
Status: Not hooked
#: 033 Function Name: NtAlpcOpenSenderProcess
Status: Not hooked
#: 034 Function Name: NtAlpcOpenSenderThread
Status: Not hooked
#: 035 Function Name: NtAlpcQueryInformation
Status: Not hooked
#: 036 Function Name: NtAlpcQueryInformationMessage
Status: Not hooked
#: 037 Function Name: NtAlpcRevokeSecurityContext
Status: Not hooked
#: 038 Function Name: NtAlpcSendWaitReceivePort
Status: Not hooked
#: 039 Function Name: NtAlpcSetInformation
Status: Not hooked
#: 040 Function Name: NtApphelpCacheControl
Status: Not hooked
#: 041 Function Name: NtAreMappedFilesTheSame
Status: Not hooked
#: 042 Function Name: NtAssignProcessToJobObject
Status: Not hooked
#: 043 Function Name: NtCallbackReturn
Status: Not hooked
#: 044 Function Name: NtRequestDeviceWakeup
Status: Not hooked
#: 045 Function Name: NtCancelIoFile
Status: Not hooked
#: 046 Function Name: NtCancelTimer
Status: Not hooked
#: 047 Function Name: NtClearEvent
Status: Not hooked
#: 048 Function Name: NtClose
Status: Not hooked
#: 049 Function Name: NtCloseObjectAuditAlarm
Status: Not hooked
#: 050 Function Name: NtCompactKeys
Status: Not hooked
#: 051 Function Name: NtCompareTokens
Status: Not hooked
#: 052 Function Name: NtCompleteConnectPort
Status: Not hooked
#: 053 Function Name: NtCompressKey
Status: Not hooked
#: 054 Function Name: NtConnectPort
Status: Not hooked
#: 055 Function Name: NtContinue
Status: Not hooked
#: 056 Function Name: NtCreateDebugObject
Status: Not hooked
#: 057 Function Name: NtCreateDirectoryObject
Status: Not hooked
#: 058 Function Name: NtCreateEvent
Status: Not hooked
#: 059 Function Name: NtCreateEventPair
Status: Not hooked
#: 060 Function Name: NtCreateFile
Status: Not hooked
#: 061 Function Name: NtCreateIoCompletion
Status: Not hooked
#: 062 Function Name: NtCreateJobObject
Status: Not hooked
#: 063 Function Name: NtCreateJobSet
Status: Not hooked
#: 064 Function Name: NtCreateKey
Status: Not hooked
#: 065 Function Name: NtCreateKeyTransacted
Status: Not hooked
#: 066 Function Name: NtCreateMailslotFile
Status: Not hooked
#: 067 Function Name: NtCreateMutant
Status: Not hooked
#: 068 Function Name: NtCreateNamedPipeFile
Status: Not hooked
#: 069 Function Name: NtCreatePrivateNamespace
Status: Not hooked
#: 070 Function Name: NtCreatePagingFile
Status: Not hooked
#: 071 Function Name: NtCreatePort
Status: Not hooked
#: 072 Function Name: NtCreateProcess
Status: Not hooked
#: 073 Function Name: NtCreateProcessEx
Status: Not hooked
#: 074 Function Name: NtCreateProfile
Status: Not hooked
#: 075 Function Name: NtCreateSection
Status: Not hooked
#: 076 Function Name: NtCreateSemaphore
Status: Not hooked
#: 077 Function Name: NtCreateSymbolicLinkObject
Status: Not hooked
#: 078 Function Name: NtCreateThread
Status: Not hooked
#: 079 Function Name: NtCreateTimer
Status: Not hooked
#: 080 Function Name: NtCreateToken
Status: Not hooked
#: 081 Function Name: NtCreateTransaction
Status: Not hooked
#: 082 Function Name: NtOpenTransaction
Status: Not hooked
#: 083 Function Name: NtQueryInformationTransaction
Status: Not hooked
#: 084 Function Name: NtQueryInformationTransactionManager
Status: Not hooked
#: 085 Function Name: NtPrePrepareEnlistment
Status: Not hooked
#: 086 Function Name: NtPrepareEnlistment
Status: Not hooked
#: 087 Function Name: NtCommitEnlistment
Status: Not hooked
#: 088 Function Name: NtReadOnlyEnlistment
Status: Not hooked
#: 089 Function Name: NtRollbackComplete
Status: Not hooked
#: 090 Function Name: NtRollbackEnlistment
Status: Not hooked
#: 091 Function Name: NtCommitTransaction
Status: Not hooked
#: 092 Function Name: NtRollbackTransaction
Status: Not hooked
#: 093 Function Name: NtPrePrepareComplete
Status: Not hooked
#: 094 Function Name: NtPrepareComplete
Status: Not hooked
#: 095 Function Name: NtCommitComplete
Status: Not hooked
#: 096 Function Name: NtSinglePhaseReject
Status: Not hooked
#: 097 Function Name: NtSetInformationTransaction
Status: Not hooked
#: 098 Function Name: NtSetInformationTransactionManager
Status: Not hooked
#: 099 Function Name: NtSetInformationResourceManager
Status: Not hooked
#: 100 Function Name: NtCreateTransactionManager
Status: Not hooked
#: 101 Function Name: NtOpenTransactionManager
Status: Not hooked
#: 102 Function Name: NtRenameTransactionManager
Status: Not hooked
#: 103 Function Name: NtRollforwardTransactionManager
Status: Not hooked
#: 104 Function Name: NtRecoverEnlistment
Status: Not hooked
#: 105 Function Name: NtRecoverResourceManager
Status: Not hooked
#: 106 Function Name: NtRecoverTransactionManager
Status: Not hooked
#: 107 Function Name: NtCreateResourceManager
Status: Not hooked
#: 108 Function Name: NtOpenResourceManager
Status: Not hooked
#: 109 Function Name: NtGetNotificationResourceManager
Status: Not hooked
#: 110 Function Name: NtQueryInformationResourceManager
Status: Not hooked
#: 111 Function Name: NtCreateEnlistment
Status: Not hooked
#: 112 Function Name: NtOpenEnlistment
Status: Not hooked
#: 113 Function Name: NtSetInformationEnlistment
Status: Not hooked
#: 114 Function Name: NtQueryInformationEnlistment
Status: Not hooked
#: 115 Function Name: NtCreateWaitablePort
Status: Not hooked
#: 116 Function Name: NtDebugActiveProcess
Status: Not hooked
#: 117 Function Name: NtDebugContinue
Status: Not hooked
#: 118 Function Name: NtDelayExecution
Status: Not hooked
#: 119 Function Name: NtDeleteAtom
Status: Not hooked
#: 120 Function Name: NtDeleteBootEntry
Status: Not hooked
#: 121 Function Name: NtDeleteDriverEntry
Status: Not hooked
#: 122 Function Name: NtDeleteFile
Status: Not hooked
#: 123 Function Name: NtDeleteKey
Status: Not hooked
#: 124 Function Name: NtDeletePrivateNamespace
Status: Not hooked
#: 125 Function Name: NtDeleteObjectAuditAlarm
Status: Not hooked
#: 126 Function Name: NtDeleteValueKey
Status: Not hooked
#: 127 Function Name: NtDeviceIoControlFile
Status: Not hooked
#: 128 Function Name: NtDisplayString
Status: Not hooked
#: 129 Function Name: NtDuplicateObject
Status: Not hooked
#: 130 Function Name: NtDuplicateToken
Status: Not hooked
#: 131 Function Name: NtEnumerateBootEntries
Status: Not hooked
#: 132 Function Name: NtEnumerateDriverEntries
Status: Not hooked
#: 133 Function Name: NtEnumerateKey
Status: Not hooked
#: 134 Function Name: NtEnumerateSystemEnvironmentValuesEx
Status: Not hooked
#: 135 Function Name: NtEnumerateTransactionObject
Status: Not hooked
#: 136 Function Name: NtEnumerateValueKey
Status: Not hooked
#: 137 Function Name: NtExtendSection
Status: Not hooked
#: 138 Function Name: NtFilterToken
Status: Not hooked
#: 139 Function Name: NtFindAtom
Status: Not hooked
#: 140 Function Name: NtFlushBuffersFile
Status: Not hooked
#: 141 Function Name: NtFlushInstructionCache
Status: Not hooked
#: 142 Function Name: NtFlushKey
Status: Not hooked
#: 143 Function Name: NtFlushProcessWriteBuffers
Status: Not hooked
#: 144 Function Name: NtFlushVirtualMemory
Status: Not hooked
#: 145 Function Name: NtFlushWriteBuffer
Status: Not hooked
#: 146 Function Name: NtFreeUserPhysicalPages
Status: Not hooked
#: 147 Function Name: NtFreeVirtualMemory
Status: Not hooked
#: 148 Function Name: NtFreezeRegistry
Status: Not hooked
#: 149 Function Name: NtFreezeTransactions
Status: Not hooked
#: 150 Function Name: NtFsControlFile
Status: Not hooked
#: 151 Function Name: NtGetContextThread
Status: Not hooked
#: 152 Function Name: NtGetDevicePowerState
Status: Not hooked
#: 153 Function Name: NtGetNlsSectionPtr
Status: Not hooked
#: 154 Function Name: NtGetPlugPlayEvent
Status: Not hooked
#: 155 Function Name: NtGetWriteWatch
Status: Not hooked
#: 156 Function Name: NtImpersonateAnonymousToken
Status: Not hooked
#: 157 Function Name: NtImpersonateClientOfPort
Status: Not hooked
#: 158 Function Name: NtImpersonateThread
Status: Not hooked
#: 159 Function Name: NtInitializeNlsFiles
Status: Not hooked
#: 160 Function Name: NtInitializeRegistry
Status: Not hooked
#: 161 Function Name: NtInitiatePowerAction
Status: Not hooked
#: 162 Function Name: NtIsProcessInJob
Status: Not hooked
#: 163 Function Name: NtIsSystemResumeAutomatic
Status: Not hooked
#: 164 Function Name: NtListenPort
Status: Not hooked
#: 165 Function Name: NtLoadDriver
Status: Not hooked
#: 166 Function Name: NtLoadKey
Status: Not hooked
#: 167 Function Name: NtLoadKey2
Status: Not hooked
#: 168 Function Name: NtLoadKeyEx
Status: Not hooked
#: 169 Function Name: NtLockFile
Status: Not hooked
#: 170 Function Name: NtLockProductActivationKeys
Status: Not hooked
#: 171 Function Name: NtLockRegistryKey
Status: Not hooked
#: 172 Function Name: NtLockVirtualMemory
Status: Not hooked
#: 173 Function Name: NtMakePermanentObject
Status: Not hooked
#: 174 Function Name: NtMakeTemporaryObject
Status: Not hooked
#: 175 Function Name: NtMapUserPhysicalPages
Status: Not hooked
#: 176 Function Name: NtMapUserPhysicalPagesScatter
Status: Not hooked
#: 177 Function Name: NtMapViewOfSection
Status: Not hooked
#: 178 Function Name: NtModifyBootEntry
Status: Not hooked
#: 179 Function Name: NtModifyDriverEntry
Status: Not hooked
#: 180 Function Name: NtNotifyChangeDirectoryFile
Status: Not hooked
#: 181 Function Name: NtNotifyChangeKey
Status: Not hooked
#: 182 Function Name: NtNotifyChangeMultipleKeys
Status: Not hooked
#: 183 Function Name: NtOpenDirectoryObject
Status: Not hooked
#: 184 Function Name: NtOpenEvent
Status: Not hooked
#: 185 Function Name: NtOpenEventPair
Status: Not hooked
#: 186 Function Name: NtOpenFile
Status: Not hooked
#: 187 Function Name: NtOpenIoCompletion
Status: Not hooked
#: 188 Function Name: NtOpenJobObject
Status: Not hooked
#: 189 Function Name: NtOpenKey
Status: Not hooked
#: 190 Function Name: NtOpenKeyTransacted
Status: Not hooked
#: 191 Function Name: NtOpenMutant
Status: Not hooked
#: 192 Function Name: NtOpenPrivateNamespace
Status: Not hooked
#: 193 Function Name: NtOpenObjectAuditAlarm
Status: Not hooked
#: 194 Function Name: NtOpenProcess
Status: Not hooked
#: 195 Function Name: NtOpenProcessToken
Status: Not hooked
#: 196 Function Name: NtOpenProcessTokenEx
Status: Not hooked
#: 197 Function Name: NtOpenSection
Status: Not hooked
#: 198 Function Name: NtOpenSemaphore
Status: Not hooked
#: 199 Function Name: NtOpenSession
Status: Not hooked
#: 200 Function Name: NtOpenSymbolicLinkObject
Status: Not hooked
#: 201 Function Name: NtOpenThread
Status: Not hooked
#: 202 Function Name: NtOpenThreadToken
Status: Not hooked
#: 203 Function Name: NtOpenThreadTokenEx
Status: Not hooked
#: 204 Function Name: NtOpenTimer
Status: Not hooked
#: 205 Function Name: NtPlugPlayControl
Status: Not hooked
#: 206 Function Name: NtPowerInformation
Status: Not hooked
#: 207 Function Name: NtPrivilegeCheck
Status: Not hooked
#: 208 Function Name: NtPrivilegeObjectAuditAlarm
Status: Not hooked
#: 209 Function Name: NtPrivilegedServiceAuditAlarm
Status: Not hooked
#: 210 Function Name: NtProtectVirtualMemory
Status: Not hooked
#: 211 Function Name: NtPulseEvent
Status: Not hooked
#: 212 Function Name: NtQueryAttributesFile
Status: Not hooked
#: 213 Function Name: NtQueryBootEntryOrder
Status: Not hooked
#: 214 Function Name: NtQueryBootOptions
Status: Not hooked
#: 215 Function Name: NtQueryDebugFilterState
Status: Not hooked
#: 216 Function Name: NtQueryDefaultLocale
Status: Not hooked
#: 217 Function Name: NtQueryDefaultUILanguage
Status: Not hooked
#: 218 Function Name: NtQueryDirectoryFile
Status: Not hooked
#: 219 Function Name: NtQueryDirectoryObject
Status: Not hooked
#: 220 Function Name: NtQueryDriverEntryOrder
Status: Not hooked
#: 221 Function Name: NtQueryEaFile
Status: Not hooked
#: 222 Function Name: NtQueryEvent
Status: Not hooked
#: 223 Function Name: NtQueryFullAttributesFile
Status: Not hooked
#: 224 Function Name: NtQueryInformationAtom
Status: Not hooked
#: 225 Function Name: NtQueryInformationFile
Status: Not hooked
#: 226 Function Name: NtQueryInformationJobObject
Status: Not hooked
#: 227 Function Name: NtQueryInformationPort
Status: Not hooked
#: 228 Function Name: NtQueryInformationProcess
Status: Not hooked
#: 229 Function Name: NtQueryInformationThread
Status: Not hooked
#: 230 Function Name: NtQueryInformationToken
Status: Not hooked
#: 231 Function Name: NtQueryInstallUILanguage
Status: Not hooked
#: 232 Function Name: NtQueryIntervalProfile
Status: Not hooked
#: 233 Function Name: NtQueryIoCompletion
Status: Not hooked
#: 234 Function Name: NtQueryKey
Status: Not hooked
#: 235 Function Name: NtQueryMultipleValueKey
Status: Not hooked
#: 236 Function Name: NtQueryMutant
Status: Not hooked
#: 237 Function Name: NtQueryObject
Status: Not hooked
#: 238 Function Name: NtQueryOpenSubKeys
Status: Not hooked
#: 239 Function Name: NtQueryOpenSubKeysEx
Status: Not hooked
#: 240 Function Name: NtQueryPerformanceCounter
Status: Not hooked
#: 241 Function Name: NtQueryQuotaInformationFile
Status: Not hooked
#: 242 Function Name: NtQuerySection
Status: Not hooked
#: 243 Function Name: NtQuerySecurityObject
Status: Not hooked
#: 244 Function Name: NtQuerySemaphore
Status: Not hooked
#: 245 Function Name: NtQuerySymbolicLinkObject
Status: Not hooked
#: 246 Function Name: NtQuerySystemEnvironmentValue
Status: Not hooked
#: 247 Function Name: NtQuerySystemEnvironmentValueEx
Status: Not hooked
#: 248 Function Name: NtQuerySystemInformation
Status: Not hooked
#: 249 Function Name: NtQuerySystemTime
Status: Not hooked
#: 250 Function Name: NtQueryTimer
Status: Not hooked
#: 251 Function Name: NtQueryTimerResolution
Status: Not hooked
#: 252 Function Name: NtQueryValueKey
Status: Not hooked
#: 253 Function Name: NtQueryVirtualMemory
Status: Not hooked
#: 254 Function Name: NtQueryVolumeInformationFile
Status: Not hooked
#: 255 Function Name: NtQueueApcThread
Status: Not hooked
#: 256 Function Name: NtRaiseException
Status: Not hooked
#: 257 Function Name: NtRaiseHardError
Status: Not hooked
#: 258 Function Name: NtReadFile
Status: Not hooked
#: 259 Function Name: NtReadFileScatter
Status: Not hooked
#: 260 Function Name: NtReadRequestData
Status: Not hooked
#: 261 Function Name: NtReadVirtualMemory
Status: Not hooked
#: 262 Function Name: NtRegisterThreadTerminatePort
Status: Not hooked
#: 263 Function Name: NtReleaseMutant
Status: Not hooked
#: 264 Function Name: NtReleaseSemaphore
Status: Not hooked
#: 265 Function Name: NtRemoveIoCompletion
Status: Not hooked
#: 266 Function Name: NtRemoveProcessDebug
Status: Not hooked
#: 267 Function Name: NtRenameKey
Status: Not hooked
#: 268 Function Name: NtReplaceKey
Status: Not hooked
#: 269 Function Name: NtReplacePartitionUnit
Status: Not hooked
#: 270 Function Name: NtReplyPort
Status: Not hooked
#: 271 Function Name: NtReplyWaitReceivePort
Status: Not hooked
#: 272 Function Name: NtReplyWaitReceivePortEx
Status: Not hooked
#: 273 Function Name: NtReplyWaitReplyPort
Status: Not hooked
#: 274 Function Name: NtRequestDeviceWakeup
Status: Not hooked
#: 275 Function Name: NtRequestPort
Status: Not hooked
#: 276 Function Name: NtRequestWaitReplyPort
Status: Not hooked
#: 277 Function Name: NtRequestWakeupLatency
Status: Not hooked
#: 278 Function Name: NtResetEvent
Status: Not hooked
#: 279 Function Name: NtResetWriteWatch
Status: Not hooked
#: 280 Function Name: NtRestoreKey
Status: Not hooked
#: 281 Function Name: NtResumeProcess
Status: Not hooked
#: 282 Function Name: NtResumeThread
Status: Not hooked
#: 283 Function Name: NtSaveKey
Status: Not hooked
#: 284 Function Name: NtSaveKeyEx
Status: Not hooked
#: 285 Function Name: NtSaveMergedKeys
Status: Not hooked
#: 286 Function Name: NtSecureConnectPort
Status: Not hooked
#: 287 Function Name: NtSetBootEntryOrder
Status: Not hooked
#: 288 Function Name: NtSetBootOptions
Status: Not hooked
#: 289 Function Name: NtSetContextThread
Status: Not hooked
#: 290 Function Name: NtSetDebugFilterState
Status: Not hooked
#: 291 Function Name: NtSetDefaultHardErrorPort
Status: Not hooked
#: 292 Function Name: NtSetDefaultLocale
Status: Not hooked
#: 293 Function Name: NtSetDefaultUILanguage
Status: Not hooked
#: 294 Function Name: NtSetDriverEntryOrder
Status: Not hooked
#: 295 Function Name: NtSetEaFile
Status: Not hooked
#: 296 Function Name: NtSetEvent
Status: Not hooked
#: 297 Function Name: NtSetEventBoostPriority
Status: Not hooked
#: 298 Function Name: NtSetHighEventPair
Status: Not hooked
#: 299 Function Name: NtSetHighWaitLowEventPair
Status: Not hooked
#: 300 Function Name: NtSetInformationDebugObject
Status: Not hooked
#: 301 Function Name: NtSetInformationFile
Status: Not hooked
#: 302 Function Name: NtSetInformationJobObject
Status: Not hooked
#: 303 Function Name: NtSetInformationKey
Status: Not hooked
#: 304 Function Name: NtSetInformationObject
Status: Not hooked
#: 305 Function Name: NtSetInformationProcess
Status: Not hooked
#: 306 Function Name: NtSetInformationThread
Status: Not hooked
#: 307 Function Name: NtSetInformationToken
Status: Not hooked
#: 308 Function Name: NtSetIntervalProfile
Status: Not hooked
#: 309 Function Name: NtSetIoCompletion
Status: Not hooked
#: 310 Function Name: NtSetLdtEntries
Status: Not hooked
#: 311 Function Name: NtSetLowEventPair
Status: Not hooked
#: 312 Function Name: NtSetLowWaitHighEventPair
Status: Not hooked
#: 313 Function Name: NtSetQuotaInformationFile
Status: Not hooked
#: 314 Function Name: NtSetSecurityObject
Status: Not hooked
#: 315 Function Name: NtSetSystemEnvironmentValue
Status: Not hooked
#: 316 Function Name: NtSetSystemEnvironmentValueEx
Status: Not hooked
#: 317 Function Name: NtSetSystemInformation
Status: Not hooked
#: 318 Function Name: NtSetSystemPowerState
Status: Not hooked
#: 319 Function Name: NtSetSystemTime
Status: Not hooked
#: 320 Function Name: NtSetThreadExecutionState
Status: Not hooked
#: 321 Function Name: NtSetTimer
Status: Not hooked
#: 322 Function Name: NtSetTimerResolution
Status: Not hooked
#: 323 Function Name: NtSetUuidSeed
Status: Not hooked
#: 324 Function Name: NtSetValueKey
Status: Not hooked
#: 325 Function Name: NtSetVolumeInformationFile
Status: Not hooked
#: 326 Function Name: NtShutdownSystem
Status: Not hooked
#: 327 Function Name: NtSignalAndWaitForSingleObject
Status: Not hooked
#: 328 Function Name: NtStartProfile
Status: Not hooked
#: 329 Function Name: NtStopProfile
Status: Not hooked
#: 330 Function Name: NtSuspendProcess
Status: Not hooked
#: 331 Function Name: NtSuspendThread
Status: Not hooked
#: 332 Function Name: NtSystemDebugControl
Status: Not hooked
#: 333 Function Name: NtTerminateJobObject
Status: Not hooked
#: 334 Function Name: NtTerminateProcess
Status: Not hooked
#: 335 Function Name: NtTerminateThread
Status: Not hooked
#: 336 Function Name: NtTestAlert
Status: Not hooked
#: 337 Function Name: NtThawRegistry
Status: Not hooked
#: 338 Function Name: NtThawTransactions
Status: Not hooked
#: 339 Function Name: NtTraceEvent
Status: Not hooked
#: 340 Function Name: NtTraceControl
Status: Not hooked
#: 341 Function Name: NtTranslateFilePath
Status: Not hooked
#: 342 Function Name: NtUnloadDriver
Status: Not hooked
#: 343 Function Name: NtUnloadKey
Status: Not hooked
#: 344 Function Name: NtUnloadKey2
Status: Not hooked
#: 345 Function Name: NtUnloadKeyEx
Status: Not hooked
#: 346 Function Name: NtUnlockFile
Status: Not hooked
#: 347 Function Name: NtUnlockVirtualMemory
Status: Not hooked
#: 348 Function Name: NtUnmapViewOfSection
Status: Not hooked
#: 349 Function Name: NtVdmControl
Status: Not hooked
#: 350 Function Name: NtWaitForDebugEvent
Status: Not hooked
#: 351 Function Name: NtWaitForMultipleObjects
Status: Not hooked
#: 352 Function Name: NtWaitForSingleObject
Status: Not hooked
#: 353 Function Name: NtWaitHighEventPair
Status: Not hooked
#: 354 Function Name: NtWaitLowEventPair
Status: Not hooked
#: 355 Function Name: NtWriteFile
Status: Not hooked
#: 356 Function Name: NtWriteFileGather
Status: Not hooked
#: 357 Function Name: NtWriteRequestData
Status: Not hooked
#: 358 Function Name: NtWriteVirtualMemory
Status: Not hooked
#: 359 Function Name: NtYieldExecution
Status: Not hooked
#: 360 Function Name: NtCreateKeyedEvent
Status: Not hooked
#: 361 Function Name: NtOpenKeyedEvent
Status: Not hooked
#: 362 Function Name: NtReleaseKeyedEvent
Status: Not hooked
#: 363 Function Name: NtWaitForKeyedEvent
Status: Not hooked
#: 364 Function Name: NtQueryPortInformationProcess
Status: Not hooked
#: 365 Function Name: NtGetCurrentProcessorNumber
Status: Not hooked
#: 366 Function Name: NtWaitForMultipleObjects32
Status: Not hooked
#: 367 Function Name: NtGetNextProcess
Status: Not hooked
#: 368 Function Name: NtGetNextThread
Status: Not hooked
#: 369 Function Name: NtCancelIoFileEx
Status: Not hooked
#: 370 Function Name: NtCancelSynchronousIoFile
Status: Not hooked
#: 371 Function Name: NtRemoveIoCompletionEx
Status: Not hooked
#: 372 Function Name: NtRegisterProtocolAddressInformation
Status: Not hooked
#: 373 Function Name: NtPropagationComplete
Status: Not hooked
#: 374 Function Name: NtPropagationFailed
Status: Not hooked
#: 375 Function Name: NtCreateWorkerFactory
Status: Not hooked
#: 376 Function Name: NtReleaseWorkerFactoryWorker
Status: Not hooked
#: 377 Function Name: NtWaitForWorkViaWorkerFactory
Status: Not hooked
#: 378 Function Name: NtSetInformationWorkerFactory
Status: Not hooked
#: 379 Function Name: NtQueryInformationWorkerFactory
Status: Not hooked
#: 380 Function Name: NtWorkerFactoryWorkerReady
Status: Not hooked
#: 381 Function Name: NtShutdownWorkerFactory
Status: Not hooked
#: 382 Function Name: NtCreateThreadEx
Status: Not hooked
#: 383 Function Name: NtCreateUserProcess
Status: Not hooked
#: 384 Function Name: NtQueryLicenseValue
Status: Not hooked
#: 385 Function Name: NtMapCMFModule
Status: Not hooked
#: 386 Function Name: NtIsUILanguageComitted
Status: Not hooked
#: 387 Function Name: NtFlushInstallUILanguage
Status: Not hooked
#: 388 Function Name: NtGetMUIRegistryInfo
Status: Not hooked
#: 389 Function Name: NtAcquireCMFViewOwnership
Status: Not hooked
#: 390 Function Name: NtReleaseCMFViewOwnership
Status: Not hooked
==================================================
Scan Start Time: 2010/01/03 15:02
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Drivers
-------------------
Name: acpi.sys
Image Path: C:\Windows\system32\drivers\acpi.sys
Address: 0x80696000 Size: 286720 File Visible: - Signed: -
Status: -
Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: afd.sys
Image Path: C:\Windows\system32\drivers\afd.sys
Address: 0x90692000 Size: 294912 File Visible: - Signed: -
Status: -
Name: Apfiltr.sys
Image Path: C:\Windows\system32\DRIVERS\Apfiltr.sys
Address: 0x8E6BA000 Size: 184320 File Visible: - Signed: -
Status: -
Name: aswFsBlk.sys
Image Path: C:\Windows\system32\DRIVERS\aswFsBlk.sys
Address: 0xA8E68000 Size: 32768 File Visible: - Signed: -
Status: -
Name: aswMonFlt.sys
Image Path: C:\Windows\system32\DRIVERS\aswMonFlt.sys
Address: 0xA8E51000 Size: 94208 File Visible: - Signed: -
Status: -
Name: aswRdr.SYS
Image Path: C:\Windows\System32\Drivers\aswRdr.SYS
Address: 0x906DA000 Size: 15136 File Visible: - Signed: -
Status: -
Name: aswSP.SYS
Image Path: C:\Windows\System32\Drivers\aswSP.SYS
Address: 0x907B1000 Size: 135168 File Visible: - Signed: -
Status: -
Name: aswTdi.SYS
Image Path: C:\Windows\System32\Drivers\aswTdi.SYS
Address: 0x90687000 Size: 41664 File Visible: - Signed: -
Status: -
Name: asyncmac.sys
Image Path: C:\Windows\system32\DRIVERS\asyncmac.sys
Address: 0xB4DB8000 Size: 36864 File Visible: - Signed: -
Status: -
Name: atapi.sys
Image Path: C:\Windows\system32\drivers\atapi.sys
Address: 0x826DD000 Size: 32768 File Visible: - Signed: -
Status: -
Name: ataport.SYS
Image Path: C:\Windows\system32\drivers\ataport.SYS
Address: 0x826E5000 Size: 122880 File Visible: - Signed: -
Status: -
Name: BATTC.SYS
Image Path: C:\Windows\system32\DRIVERS\BATTC.SYS
Address: 0x80726000 Size: 40960 File Visible: - Signed: -
Status: -
Name: Beep.SYS
Image Path: C:\Windows\System32\Drivers\Beep.SYS
Address: 0x8E3F4000 Size: 28672 File Visible: - Signed: -
Status: -
Name: BOOTVID.dll
Image Path: C:\Windows\system32\BOOTVID.dll
Address: 0x80491000 Size: 32768 File Visible: - Signed: -
Status: -
Name: bowser.sys
Image Path: C:\Windows\system32\DRIVERS\bowser.sys
Address: 0xB0E23000 Size: 102400 File Visible: - Signed: -
Status: -
Name: cdd.dll
Image Path: C:\Windows\System32\cdd.dll
Address: 0x97CB0000 Size: 57344 File Visible: - Signed: -
Status: -
Name: cdfs.sys
Image Path: C:\Windows\system32\DRIVERS\cdfs.sys
Address: 0xB4D27000 Size: 90112 File Visible: - Signed: -
Status: -
Name: cdrom.sys
Image Path: C:\Windows\system32\DRIVERS\cdrom.sys
Address: 0x8E6F2000 Size: 98304 File Visible: - Signed: -
Status: -
Name: CI.dll
Image Path: C:\Windows\system32\CI.dll
Address: 0x804DA000 Size: 917504 File Visible: - Signed: -
Status: -
Name: CLASSPNP.SYS
Image Path: C:\Windows\system32\drivers\CLASSPNP.SYS
Address: 0x8A59D000 Size: 135168 File Visible: - Signed: -
Status: -
Name: CLFS.SYS
Image Path: C:\Windows\system32\CLFS.SYS
Address: 0x80499000 Size: 266240 File Visible: - Signed: -
Status: -
Name: CmBatt.sys
Image Path: C:\Windows\system32\DRIVERS\CmBatt.sys
Address: 0x8EBCE000 Size: 14208 File Visible: - Signed: -
Status: -
Name: compbatt.sys
Image Path: C:\Windows\system32\DRIVERS\compbatt.sys
Address: 0x80723000 Size: 10496 File Visible: - Signed: -
Status: -
Name: crashdmp.sys
Image Path: C:\Windows\System32\Drivers\crashdmp.sys
Address: 0x907D2000 Size: 53248 File Visible: - Signed: -
Status: -
Name: crcdisk.sys
Image Path: C:\Windows\system32\drivers\crcdisk.sys
Address: 0x8A5BE000 Size: 36864 File Visible: - Signed: -
Status: -
Name: dfsc.sys
Image Path: C:\Windows\System32\Drivers\dfsc.sys
Address: 0x9079A000 Size: 94208 File Visible: - Signed: -
Status: -
Name: disk.sys
Image Path: C:\Windows\system32\drivers\disk.sys
Address: 0x8A58C000 Size: 69632 File Visible: - Signed: -
Status: -
Name: DKbFltr.sys
Image Path: C:\Windows\system32\DRIVERS\DKbFltr.sys
Address: 0x8EBE5000 Size: 40960 File Visible: - Signed: -
Status: -
Name: DPortIO.sys
Image Path: C:\PROGRA~1\LAUNCH~1\DPortIO.sys
Address: 0x9078C000 Size: 13184 File Visible: - Signed: -
Status: -
Name: drmk.sys
Image Path: C:\Windows\system32\drivers\drmk.sys
Address: 0x807D6000 Size: 151552 File Visible: - Signed: -
Status: -
Name: dump_iaStor.sys
Image Path: C:\Windows\System32\Drivers\dump_iaStor.sys
Address: 0x8A30E000 Size: 892928 File Visible: No Signed: -
Status: -
Name: Dxapi.sys
Image Path: C:\Windows\System32\drivers\Dxapi.sys
Address: 0x907DF000 Size: 40960 File Visible: - Signed: -
Status: -
Name: dxgkrnl.sys
Image Path: C:\Windows\System32\drivers\dxgkrnl.sys
Address: 0x8E2FE000 Size: 659456 File Visible: - Signed: -
Status: -
Name: ecache.sys
Image Path: C:\Windows\System32\drivers\ecache.sys
Address: 0x8A565000 Size: 159744 File Visible: - Signed: -
Status: -
Name: fastfat.SYS
Image Path: C:\Windows\System32\Drivers\fastfat.SYS
Address: 0xB4D90000 Size: 163840 File Visible: - Signed: -
Status: -
Name: fileinfo.sys
Image Path: C:\Windows\system32\drivers\fileinfo.sys
Address: 0x8274D000 Size: 65536 File Visible: - Signed: -
Status: -
Name: fltmgr.sys
Image Path: C:\Windows\system32\drivers\fltmgr.sys
Address: 0x8271B000 Size: 204800 File Visible: - Signed: -
Status: -
Name: Fs_Rec.SYS
Image Path: C:\Windows\System32\Drivers\Fs_Rec.SYS
Address: 0x8E600000 Size: 36864 File Visible: - Signed: -
Status: -
Name: fwpkclnt.sys
Image Path: C:\Windows\System32\drivers\fwpkclnt.sys
Address: 0x8A2F3000 Size: 110592 File Visible: - Signed: -
Status: -
Name: hal.dll
Image Path: C:\Windows\system32\hal.dll
Address: 0x82012000 Size: 208896 File Visible: - Signed: -
Status: -
Name: HDAudBus.sys
Image Path: C:\Windows\system32\DRIVERS\HDAudBus.sys
Address: 0x8E609000 Size: 577536 File Visible: - Signed: -
Status: -
Name: HdAudio.sys
Image Path: C:\Windows\system32\drivers\HdAudio.sys
Address: 0x805BA000 Size: 258048 File Visible: - Signed: -
Status: -
Name: HSX_CNXT.sys
Image Path: C:\Windows\system32\DRIVERS\HSX_CNXT.sys
Address: 0x90544000 Size: 741376 File Visible: - Signed: -
Status: -
Name: HSX_DPV.sys
Image Path: C:\Windows\system32\DRIVERS\HSX_DPV.sys
Address: 0x90441000 Size: 1060864 File Visible: - Signed: -
Status: -
Name: HSXHWAZL.sys
Image Path: C:\Windows\system32\DRIVERS\HSXHWAZL.sys
Address: 0x90403000 Size: 253952 File Visible: - Signed: -
Status: -
Name: HTTP.sys
Image Path: C:\Windows\system32\drivers\HTTP.sys
Address: 0xA8F89000 Size: 446464 File Visible: - Signed: -
Status: -
Name: i8042prt.sys
Image Path: C:\Windows\system32\DRIVERS\i8042prt.sys
Address: 0x8EBD2000 Size: 77824 File Visible: - Signed: -
Status: -
Name: iaStor.sys
Image Path: C:\Windows\system32\DRIVERS\iaStor.sys
Address: 0x82603000 Size: 892928 File Visible: - Signed: -
Status: -
Name: igdkmd32.sys
Image Path: C:\Windows\system32\DRIVERS\igdkmd32.sys
Address: 0x8DC03000 Size: 7319552 File Visible: - Signed: -
Status: -
Name: intelppm.sys
Image Path: C:\Windows\system32\DRIVERS\intelppm.sys
Address: 0x8A5E8000 Size: 61440 File Visible: - Signed: -
Status: -
Name: ipfltdrv.sys
Image Path: C:\Windows\system32\DRIVERS\ipfltdrv.sys
Address: 0xA8F20000 Size: 73728 File Visible: - Signed: -
Status: -
Name: ipnat.sys
Image Path: C:\Windows\system32\DRIVERS\ipnat.sys
Address: 0xB4D01000 Size: 155648 File Visible: - Signed: -
Status: -
Name: jmcr.sys
Image Path: C:\Windows\system32\DRIVERS\jmcr.sys
Address: 0x8EB91000 Size: 93056 File Visible: - Signed: -
Status: -
Name: kbdclass.sys
Image Path: C:\Windows\system32\DRIVERS\kbdclass.sys
Address: 0x8EBEF000 Size: 45056 File Visible: - Signed: -
Status: -
Name: kdcom.dll
Image Path: C:\Windows\system32\kdcom.dll
Address: 0x80409000 Size: 28672 File Visible: - Signed: -
Status: -
Name: ks.sys
Image Path: C:\Windows\system32\DRIVERS\ks.sys
Address: 0x8A19E000 Size: 172032 File Visible: - Signed: -
Status: -
Name: ksecdd.sys
Image Path: C:\Windows\System32\Drivers\ksecdd.sys
Address: 0x8275D000 Size: 462848 File Visible: - Signed: -
Status: -
Name: lltdio.sys
Image Path: C:\Windows\system32\DRIVERS\lltdio.sys
Address: 0xA8F32000 Size: 65536 File Visible: - Signed: -
Status: -
Name: luafv.sys
Image Path: C:\Windows\system32\drivers\luafv.sys
Address: 0xA8E36000 Size: 110592 File Visible: - Signed: -
Status: -
Name: mcupdate_GenuineIntel.dll
Image Path: C:\Windows\system32\mcupdate_GenuineIntel.dll
Address: 0x80410000 Size: 458752 File Visible: - Signed: -
Status: -
Name: mdmxsdk.sys
Image Path: C:\Windows\system32\DRIVERS\mdmxsdk.sys
Address: 0xB0F55000 Size: 12672 File Visible: - Signed: -
Status: -
Name: modem.sys
Image Path: C:\Windows\system32\drivers\modem.sys
Address: 0x8A1E6000 Size: 53248 File Visible: - Signed: -
Status: -
Name: monitor.sys
Image Path: C:\Windows\system32\DRIVERS\monitor.sys
Address: 0xA8E27000 Size: 61440 File Visible: - Signed: -
Status: -
Name: mouclass.sys
Image Path: C:\Windows\system32\DRIVERS\mouclass.sys
Address: 0x8E6E7000 Size: 45056 File Visible: - Signed: -
Status: -
Name: mountmgr.sys
Image Path: C:\Windows\System32\drivers\mountmgr.sys
Address: 0x80789000 Size: 65536 File Visible: - Signed: -
Status: -
Name: mpsdrv.sys
Image Path: C:\Windows\System32\drivers\mpsdrv.sys
Address: 0xB0E3C000 Size: 86016 File Visible: - Signed: -
Status: -
Name: mrxdav.sys
Image Path: C:\Windows\system32\drivers\mrxdav.sys
Address: 0xB0E51000 Size: 135168 File Visible: - Signed: -
Status: -
Name: mrxsmb.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb.sys
Address: 0xB0E72000 Size: 126976 File Visible: - Signed: -
Status: -
Name: mrxsmb10.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb10.sys
Address: 0xB0E91000 Size: 233472 File Visible: - Signed: -
Status: -
Name: mrxsmb20.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb20.sys
Address: 0xB0ECA000 Size: 98304 File Visible: - Signed: -
Status: -
Name: msahci.sys
Image Path: C:\Windows\system32\drivers\msahci.sys
Address: 0x82703000 Size: 40960 File Visible: - Signed: -
Status: -
Name: Msfs.SYS
Image Path: C:\Windows\System32\Drivers\Msfs.SYS
Address: 0x9063B000 Size: 45056 File Visible: - Signed: -
Status: -
Name: msisadrv.sys
Image Path: C:\Windows\system32\drivers\msisadrv.sys
Address: 0x806E5000 Size: 32768 File Visible: - Signed: -
Status: -
Name: msiscsi.sys
Image Path: C:\Windows\system32\DRIVERS\msiscsi.sys
Address: 0x8E713000 Size: 192512 File Visible: - Signed: -
Status: -
Name: msrpc.sys
Image Path: C:\Windows\system32\drivers\msrpc.sys
Address: 0x8A113000 Size: 176128 File Visible: - Signed: -
Status: -
Name: mssmbios.sys
Image Path: C:\Windows\system32\DRIVERS\mssmbios.sys
Address: 0x8E7F6000 Size: 40960 File Visible: - Signed: -
Status: -
Name: mup.sys
Image Path: C:\Windows\System32\Drivers\mup.sys
Address: 0x8A556000 Size: 61440 File Visible: - Signed: -
Status: -
Name: ndis.sys
Image Path: C:\Windows\system32\drivers\ndis.sys
Address: 0x8A008000 Size: 1093632 File Visible: - Signed: -
Status: -
Name: ndistapi.sys
Image Path: C:\Windows\system32\DRIVERS\ndistapi.sys
Address: 0x8E7A5000 Size: 45056 File Visible: - Signed: -
Status: -
Name: ndisuio.sys
Image Path: C:\Windows\system32\DRIVERS\ndisuio.sys
Address: 0xA8F6C000 Size: 40960 File Visible: - Signed: -
Status: -
Name: ndiswan.sys
Image Path: C:\Windows\system32\DRIVERS\ndiswan.sys
Address: 0x8E7B0000 Size: 143360 File Visible: - Signed: -
Status: -
Name: NDProxy.SYS
Image Path: C:\Windows\System32\Drivers\NDProxy.SYS
Address: 0x8A1D5000 Size: 69632 File Visible: - Signed: -
Status: -
Name: netbios.sys
Image Path: C:\Windows\system32\DRIVERS\netbios.sys
Address: 0x9072F000 Size: 57344 File Visible: - Signed: -
Status: -
Name: netbt.sys
Image Path: C:\Windows\System32\DRIVERS\netbt.sys
Address: 0x906DE000 Size: 204800 File Visible: - Signed: -
Status: -
Name: NETIO.SYS
Image Path: C:\Windows\system32\drivers\NETIO.SYS
Address: 0x8A13E000 Size: 241664 File Visible: - Signed: -
Status: -
Name: NETw5v32.sys
Image Path: C:\Windows\system32\DRIVERS\NETw5v32.sys
Address: 0x8E809000 Size: 3702784 File Visible: - Signed: -
Status: -
Name: Npfs.SYS
Image Path: C:\Windows\System32\Drivers\Npfs.SYS
Address: 0x90646000 Size: 57344 File Visible: - Signed: -
Status: -
Name: nsiproxy.sys
Image Path: C:\Windows\system32\drivers\nsiproxy.sys
Address: 0x90790000 Size: 40960 File Visible: - Signed: -
Status: -
Name: Ntfs.sys
Image Path: C:\Windows\System32\Drivers\Ntfs.sys
Address: 0x8A405000 Size: 1114112 File Visible: - Signed: -
Status: -
Name: NTIDrvr.sys
Image Path: C:\Windows\system32\DRIVERS\NTIDrvr.sys
Address: 0x8E800000 Size: 32768 File Visible: - Signed: -
Status: -
Name: ntkrnlpa.exe
Image Path: C:\Windows\system32\ntkrnlpa.exe
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: Null.SYS
Image Path: C:\Windows\System32\Drivers\Null.SYS
Address: 0x905F9000 Size: 28672 File Visible: - Signed: -
Status: -
Name: nwifi.sys
Image Path: C:\Windows\system32\DRIVERS\nwifi.sys
Address: 0xA8F42000 Size: 172032 File Visible: - Signed: -
Status: -
Name: pacer.sys
Image Path: C:\Windows\system32\DRIVERS\pacer.sys
Address: 0x90719000 Size: 90112 File Visible: - Signed: -
Status: -
Name: partmgr.sys
Image Path: C:\Windows\System32\drivers\partmgr.sys
Address: 0x80714000 Size: 61440 File Visible: - Signed: -
Status: -
Name: pci.sys
Image Path: C:\Windows\system32\drivers\pci.sys
Address: 0x806ED000 Size: 159744 File Visible: - Signed: -
Status: -
Name: PCIIDEX.SYS
Image Path: C:\Windows\system32\drivers\PCIIDEX.SYS
Address: 0x8270D000 Size: 57344 File Visible: - Signed: -
Status: -
Name: peauth.sys
Image Path: C:\Windows\system32\drivers\peauth.sys
Address: 0xB4C05000 Size: 909312 File Visible: - Signed: -
Status: -
Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: portcls.sys
Image Path: C:\Windows\system32\drivers\portcls.sys
Address: 0x827CE000 Size: 184320 File Visible: - Signed: -
Status: -
Name: PSHED.dll
Image Path: C:\Windows\system32\PSHED.dll
Address: 0x80480000 Size: 69632 File Visible: - Signed: -
Status: -
Name: rasacd.sys
Image Path: C:\Windows\System32\DRIVERS\rasacd.sys
Address: 0x90654000 Size: 36864 File Visible: - Signed: -
Status: -
Name: rasl2tp.sys
Image Path: C:\Windows\system32\DRIVERS\rasl2tp.sys
Address: 0x8E78E000 Size: 94208 File Visible: - Signed: -
Status: -
Name: raspppoe.sys
Image Path: C:\Windows\system32\DRIVERS\raspppoe.sys
Address: 0x8E7D3000 Size: 61440 File Visible: - Signed: -
Status: -
Name: raspptp.sys
Image Path: C:\Windows\system32\DRIVERS\raspptp.sys
Address: 0x8E7E2000 Size: 81920 File Visible: - Signed: -
Status: -
Name: rassstp.sys
Image Path: C:\Windows\system32\DRIVERS\rassstp.sys
Address: 0x8A179000 Size: 86016 File Visible: - Signed: -
Status: -
Name: RAW
Image Path: \FileSystem\RAW
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: rdbss.sys
Image Path: C:\Windows\system32\DRIVERS\rdbss.sys
Address: 0x90750000 Size: 245760 File Visible: - Signed: -
Status: -
Name: RDPCDD.sys
Image Path: C:\Windows\System32\DRIVERS\RDPCDD.sys
Address: 0x9062B000 Size: 32768 File Visible: - Signed: -
Status: -
Name: rdpencdd.sys
Image Path: C:\Windows\system32\drivers\rdpencdd.sys
Address: 0x90633000 Size: 32768 File Visible: - Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0xB4D3D000 Size: 49152 File Visible: No Signed: -
Status: -
Name: rspndr.sys
Image Path: C:\Windows\system32\DRIVERS\rspndr.sys
Address: 0xA8F76000 Size: 77824 File Visible: - Signed: -
Status: -
Name: Rtlh86.sys
Image Path: C:\Windows\system32\DRIVERS\Rtlh86.sys
Address: 0x8E696000 Size: 147456 File Visible: - Signed: -
Status: -
Name: SCSIPORT.SYS
Image Path: C:\Windows\system32\DRIVERS\SCSIPORT.SYS
Address: 0x8EBA8000 Size: 155648 File Visible: - Signed: -
Status: -
Name: secdrv.SYS
Image Path: C:\Windows\System32\Drivers\secdrv.SYS
Address: 0xB4CE3000 Size: 40960 File Visible: - Signed: -
Status: -
Name: smb.sys
Image Path: C:\Windows\system32\DRIVERS\smb.sys
Address: 0x90673000 Size: 81920 File Visible: - Signed: -
Status: -
Name: spldr.sys
Image Path: C:\Windows\System32\Drivers\spldr.sys
Address: 0x8A54E000 Size: 32768 File Visible: - Signed: -
Status: -
Name: spsys.sys
Image Path: C:\Windows\system32\drivers\spsys.sys
Address: 0xA8E70000 Size: 720896 File Visible: - Signed: -
Status: -
Name: srv.sys
Image Path: C:\Windows\System32\DRIVERS\srv.sys
Address: 0xB0F09000 Size: 311296 File Visible: - Signed: -
Status: -
Name: srv2.sys
Image Path: C:\Windows\System32\DRIVERS\srv2.sys
Address: 0xB0EE2000 Size: 159744 File Visible: - Signed: -
Status: -
Name: srvnet
Image Path: \FileSystem\srvnet
Address: 0xAF278000 Size: 118784 File Visible: No Signed: -
Status: Hidden from the Windows API!
Name: srvnet.sys
Image Path: C:\Windows\System32\DRIVERS\srvnet.sys
Address: 0xB0E06000 Size: 118784 File Visible: - Signed: -
Status: -
Name: storport.sys
Image Path: C:\Windows\system32\DRIVERS\storport.sys
Address: 0x8E742000 Size: 266240 File Visible: - Signed: -
Status: -
Name: swenum.sys
Image Path: C:\Windows\system32\DRIVERS\swenum.sys
Address: 0x8EBFA000 Size: 4992 File Visible: - Signed: -
Status: -
Name: tcpip.sys
Image Path: C:\Windows\System32\drivers\tcpip.sys
Address: 0x8A209000 Size: 958464 File Visible: - Signed: -
Status: -
Name: tcpipreg.sys
Image Path: C:\Windows\System32\drivers\tcpipreg.sys
Address: 0xB4CED000 Size: 49152 File Visible: - Signed: -
Status: -
Name: TDI.SYS
Image Path: C:\Windows\system32\DRIVERS\TDI.SYS
Address: 0x8E783000 Size: 45056 File Visible: - Signed: -
Status: -
Name: tdx.sys
Image Path: C:\Windows\system32\DRIVERS\tdx.sys
Address: 0x9065D000 Size: 90112 File Visible: - Signed: -
Status: -
Name: termdd.sys
Image Path: C:\Windows\system32\DRIVERS\termdd.sys
Address: 0x8A18E000 Size: 65536 File Visible: - Signed: -
Status: -
Name: TSDDD.dll
Image Path: C:\Windows\System32\TSDDD.dll
Address: 0x97C90000 Size: 36864 File Visible: - Signed: -
Status: -
Name: tunmp.sys
Image Path: C:\Windows\system32\DRIVERS\tunmp.sys
Address: 0x8A5DF000 Size: 36864 File Visible: - Signed: -
Status: -
Name: tunnel.sys
Image Path: C:\Windows\system32\DRIVERS\tunnel.sys
Address: 0x8A5D4000 Size: 45056 File Visible: - Signed: -
Status: -
Name: UBHelper.sys
Image Path: C:\Windows\System32\Drivers\UBHelper.sys
Address: 0x80799000 Size: 32768 File Visible: - Signed: -
Status: -
Name: umbus.sys
Image Path: C:\Windows\system32\DRIVERS\umbus.sys
Address: 0x8A1C8000 Size: 53248 File Visible: - Signed: -
Status: -
Name: usbccgp.sys
Image Path: C:\Windows\system32\DRIVERS\usbccgp.sys
Address: 0x907E9000 Size: 94208 File Visible: - Signed: -
Status: -
Name: USBD.SYS
Image Path: C:\Windows\system32\DRIVERS\USBD.SYS
Address: 0x90600000 Size: 8192 File Visible: - Signed: -
Status: -
Name: usbehci.sys
Image Path: C:\Windows\system32\DRIVERS\usbehci.sys
Address: 0x8A3E8000 Size: 61440 File Visible: - Signed: -
Status: -
Name: usbhub.sys
Image Path: C:\Windows\system32\DRIVERS\usbhub.sys
Address: 0x807A1000 Size: 217088 File Visible: - Signed: -
Status: -
Name: USBPORT.SYS
Image Path: C:\Windows\system32\DRIVERS\USBPORT.SYS
Address: 0x8E3B6000 Size: 253952 File Visible: - Signed: -
Status: -
Name: usbuhci.sys
Image Path: C:\Windows\system32\DRIVERS\usbuhci.sys
Address: 0x8E3AB000 Size: 45056 File Visible: - Signed: -
Status: -
Name: usbvideo.sys
Image Path: C:\Windows\System32\Drivers\usbvideo.sys
Address: 0xA8E06000 Size: 134016 File Visible: - Signed: -
Status: -
Name: vga.sys
Image Path: C:\Windows\System32\drivers\vga.sys
Address: 0x8A1F3000 Size: 49152 File Visible: - Signed: -
Status: -
Name: VIDEOPRT.SYS
Image Path: C:\Windows\System32\drivers\VIDEOPRT.SYS
Address: 0x9060A000 Size: 135168 File Visible: - Signed: -
Status: -
Name: volmgr.sys
Image Path: C:\Windows\system32\drivers\volmgr.sys
Address: 0x80730000 Size: 61440 File Visible: - Signed: -
Status: -
Name: volmgrx.sys
Image Path: C:\Windows\System32\drivers\volmgrx.sys
Address: 0x8073F000 Size: 303104 File Visible: - Signed: -
Status: -
Name: volsnap.sys
Image Path: C:\Windows\system32\drivers\volsnap.sys
Address: 0x8A515000 Size: 233472 File Visible: - Signed: -
Status: -
Name: wanarp.sys
Image Path: C:\Windows\system32\DRIVERS\wanarp.sys
Address: 0x9073D000 Size: 77824 File Visible: - Signed: -
Status: -
Name: watchdog.sys
Image Path: C:\Windows\System32\drivers\watchdog.sys
Address: 0x8E39F000 Size: 49152 File Visible: - Signed: -
Status: -
Name: Wdf01000.sys
Image Path: C:\Windows\system32\drivers\Wdf01000.sys
Address: 0x8060D000 Size: 507904 File Visible: - Signed: -
Status: -
Name: WDFLDR.SYS
Image Path: C:\Windows\system32\drivers\WDFLDR.SYS
Address: 0x80689000 Size: 53248 File Visible: - Signed: -
Status: -
Name: Win32k
Image Path: \Driver\Win32k
Address: 0x97A70000 Size: 2105344 File Visible: - Signed: -
Status: -
Name: win32k.sys
Image Path: C:\Windows\System32\win32k.sys
Address: 0x97A70000 Size: 2105344 File Visible: - Signed: -
Status: -
Name: wmiacpi.sys
Image Path: C:\Windows\system32\DRIVERS\wmiacpi.sys
Address: 0x8E70A000 Size: 36864 File Visible: - Signed: -
Status: -
Name: WMILIB.SYS
Image Path: C:\Windows\system32\drivers\WMILIB.SYS
Address: 0x806DC000 Size: 36864 File Visible: - Signed: -
Status: -
Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x82045000 Size: 3903488 File Visible: - Signed: -
Status: -
Name: ws2ifsl.sys
Image Path: C:\Windows\system32\drivers\ws2ifsl.sys
Address: 0x90710000 Size: 36864 File Visible: - Signed: -
Status: -
Name: xaudio.sys
Image Path: C:\Windows\system32\DRIVERS\xaudio.sys
Address: 0xB4CF9000 Size: 32768 File Visible: - Signed: -
Status: -
-------------------------
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/03 15:19
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Stealth Objects
-------------------
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/03 15:19
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
SSDT
-------------------
#: 000 Function Name: NtAcceptConnectPort
Status: Not hooked
#: 001 Function Name: NtAccessCheck
Status: Not hooked
#: 002 Function Name: NtAccessCheckAndAuditAlarm
Status: Not hooked
#: 003 Function Name: NtAccessCheckByType
Status: Not hooked
#: 004 Function Name: NtAccessCheckByTypeAndAuditAlarm
Status: Not hooked
#: 005 Function Name: NtAccessCheckByTypeResultList
Status: Not hooked
#: 006 Function Name: NtAccessCheckByTypeResultListAndAuditAlarm
Status: Not hooked
#: 007 Function Name: NtAccessCheckByTypeResultListAndAuditAlarmByHandle
Status: Not hooked
#: 008 Function Name: NtAddAtom
Status: Not hooked
#: 009 Function Name: NtAddBootEntry
Status: Not hooked
#: 010 Function Name: NtAddDriverEntry
Status: Not hooked
#: 011 Function Name: NtAdjustGroupsToken
Status: Not hooked
#: 012 Function Name: NtAdjustPrivilegesToken
Status: Not hooked
#: 013 Function Name: NtAlertResumeThread
Status: Not hooked
#: 014 Function Name: NtAlertThread
Status: Not hooked
#: 015 Function Name: NtAllocateLocallyUniqueId
Status: Not hooked
#: 016 Function Name: NtAllocateUserPhysicalPages
Status: Not hooked
#: 017 Function Name: NtAllocateUuids
Status: Not hooked
#: 018 Function Name: NtAllocateVirtualMemory
Status: Not hooked
#: 019 Function Name: NtAlpcAcceptConnectPort
Status: Not hooked
#: 020 Function Name: NtAlpcCancelMessage
Status: Not hooked
#: 021 Function Name: NtAlpcConnectPort
Status: Not hooked
#: 022 Function Name: NtAlpcCreatePort
Status: Not hooked
#: 023 Function Name: NtAlpcCreatePortSection
Status: Not hooked
#: 024 Function Name: NtAlpcCreateResourceReserve
Status: Not hooked
#: 025 Function Name: NtAlpcCreateSectionView
Status: Not hooked
#: 026 Function Name: NtAlpcCreateSecurityContext
Status: Not hooked
#: 027 Function Name: NtAlpcDeletePortSection
Status: Not hooked
#: 028 Function Name: NtAlpcDeleteResourceReserve
Status: Not hooked
#: 029 Function Name: NtAlpcDeleteSectionView
Status: Not hooked
#: 030 Function Name: NtAlpcDeleteSecurityContext
Status: Not hooked
#: 031 Function Name: NtAlpcDisconnectPort
Status: Not hooked
#: 032 Function Name: NtAlpcImpersonateClientOfPort
Status: Not hooked
#: 033 Function Name: NtAlpcOpenSenderProcess
Status: Not hooked
#: 034 Function Name: NtAlpcOpenSenderThread
Status: Not hooked
#: 035 Function Name: NtAlpcQueryInformation
Status: Not hooked
#: 036 Function Name: NtAlpcQueryInformationMessage
Status: Not hooked
#: 037 Function Name: NtAlpcRevokeSecurityContext
Status: Not hooked
#: 038 Function Name: NtAlpcSendWaitReceivePort
Status: Not hooked
#: 039 Function Name: NtAlpcSetInformation
Status: Not hooked
#: 040 Function Name: NtApphelpCacheControl
Status: Not hooked
#: 041 Function Name: NtAreMappedFilesTheSame
Status: Not hooked
#: 042 Function Name: NtAssignProcessToJobObject
Status: Not hooked
#: 043 Function Name: NtCallbackReturn
Status: Not hooked
#: 044 Function Name: NtRequestDeviceWakeup
Status: Not hooked
#: 045 Function Name: NtCancelIoFile
Status: Not hooked
#: 046 Function Name: NtCancelTimer
Status: Not hooked
#: 047 Function Name: NtClearEvent
Status: Not hooked
#: 048 Function Name: NtClose
Status: Not hooked
#: 049 Function Name: NtCloseObjectAuditAlarm
Status: Not hooked
#: 050 Function Name: NtCompactKeys
Status: Not hooked
#: 051 Function Name: NtCompareTokens
Status: Not hooked
#: 052 Function Name: NtCompleteConnectPort
Status: Not hooked
#: 053 Function Name: NtCompressKey
Status: Not hooked
#: 054 Function Name: NtConnectPort
Status: Not hooked
#: 055 Function Name: NtContinue
Status: Not hooked
#: 056 Function Name: NtCreateDebugObject
Status: Not hooked
#: 057 Function Name: NtCreateDirectoryObject
Status: Not hooked
#: 058 Function Name: NtCreateEvent
Status: Not hooked
#: 059 Function Name: NtCreateEventPair
Status: Not hooked
#: 060 Function Name: NtCreateFile
Status: Not hooked
#: 061 Function Name: NtCreateIoCompletion
Status: Not hooked
#: 062 Function Name: NtCreateJobObject
Status: Not hooked
#: 063 Function Name: NtCreateJobSet
Status: Not hooked
#: 064 Function Name: NtCreateKey
Status: Not hooked
#: 065 Function Name: NtCreateKeyTransacted
Status: Not hooked
#: 066 Function Name: NtCreateMailslotFile
Status: Not hooked
#: 067 Function Name: NtCreateMutant
Status: Not hooked
#: 068 Function Name: NtCreateNamedPipeFile
Status: Not hooked
#: 069 Function Name: NtCreatePrivateNamespace
Status: Not hooked
#: 070 Function Name: NtCreatePagingFile
Status: Not hooked
#: 071 Function Name: NtCreatePort
Status: Not hooked
#: 072 Function Name: NtCreateProcess
Status: Not hooked
#: 073 Function Name: NtCreateProcessEx
Status: Not hooked
#: 074 Function Name: NtCreateProfile
Status: Not hooked
#: 075 Function Name: NtCreateSection
Status: Not hooked
#: 076 Function Name: NtCreateSemaphore
Status: Not hooked
#: 077 Function Name: NtCreateSymbolicLinkObject
Status: Not hooked
#: 078 Function Name: NtCreateThread
Status: Not hooked
#: 079 Function Name: NtCreateTimer
Status: Not hooked
#: 080 Function Name: NtCreateToken
Status: Not hooked
#: 081 Function Name: NtCreateTransaction
Status: Not hooked
#: 082 Function Name: NtOpenTransaction
Status: Not hooked
#: 083 Function Name: NtQueryInformationTransaction
Status: Not hooked
#: 084 Function Name: NtQueryInformationTransactionManager
Status: Not hooked
#: 085 Function Name: NtPrePrepareEnlistment
Status: Not hooked
#: 086 Function Name: NtPrepareEnlistment
Status: Not hooked
#: 087 Function Name: NtCommitEnlistment
Status: Not hooked
#: 088 Function Name: NtReadOnlyEnlistment
Status: Not hooked
#: 089 Function Name: NtRollbackComplete
Status: Not hooked
#: 090 Function Name: NtRollbackEnlistment
Status: Not hooked
#: 091 Function Name: NtCommitTransaction
Status: Not hooked
#: 092 Function Name: NtRollbackTransaction
Status: Not hooked
#: 093 Function Name: NtPrePrepareComplete
Status: Not hooked
#: 094 Function Name: NtPrepareComplete
Status: Not hooked
#: 095 Function Name: NtCommitComplete
Status: Not hooked
#: 096 Function Name: NtSinglePhaseReject
Status: Not hooked
#: 097 Function Name: NtSetInformationTransaction
Status: Not hooked
#: 098 Function Name: NtSetInformationTransactionManager
Status: Not hooked
#: 099 Function Name: NtSetInformationResourceManager
Status: Not hooked
#: 100 Function Name: NtCreateTransactionManager
Status: Not hooked
#: 101 Function Name: NtOpenTransactionManager
Status: Not hooked
#: 102 Function Name: NtRenameTransactionManager
Status: Not hooked
#: 103 Function Name: NtRollforwardTransactionManager
Status: Not hooked
#: 104 Function Name: NtRecoverEnlistment
Status: Not hooked
#: 105 Function Name: NtRecoverResourceManager
Status: Not hooked
#: 106 Function Name: NtRecoverTransactionManager
Status: Not hooked
#: 107 Function Name: NtCreateResourceManager
Status: Not hooked
#: 108 Function Name: NtOpenResourceManager
Status: Not hooked
#: 109 Function Name: NtGetNotificationResourceManager
Status: Not hooked
#: 110 Function Name: NtQueryInformationResourceManager
Status: Not hooked
#: 111 Function Name: NtCreateEnlistment
Status: Not hooked
#: 112 Function Name: NtOpenEnlistment
Status: Not hooked
#: 113 Function Name: NtSetInformationEnlistment
Status: Not hooked
#: 114 Function Name: NtQueryInformationEnlistment
Status: Not hooked
#: 115 Function Name: NtCreateWaitablePort
Status: Not hooked
#: 116 Function Name: NtDebugActiveProcess
Status: Not hooked
#: 117 Function Name: NtDebugContinue
Status: Not hooked
#: 118 Function Name: NtDelayExecution
Status: Not hooked
#: 119 Function Name: NtDeleteAtom
Status: Not hooked
#: 120 Function Name: NtDeleteBootEntry
Status: Not hooked
#: 121 Function Name: NtDeleteDriverEntry
Status: Not hooked
#: 122 Function Name: NtDeleteFile
Status: Not hooked
#: 123 Function Name: NtDeleteKey
Status: Not hooked
#: 124 Function Name: NtDeletePrivateNamespace
Status: Not hooked
#: 125 Function Name: NtDeleteObjectAuditAlarm
Status: Not hooked
#: 126 Function Name: NtDeleteValueKey
Status: Not hooked
#: 127 Function Name: NtDeviceIoControlFile
Status: Not hooked
#: 128 Function Name: NtDisplayString
Status: Not hooked
#: 129 Function Name: NtDuplicateObject
Status: Not hooked
#: 130 Function Name: NtDuplicateToken
Status: Not hooked
#: 131 Function Name: NtEnumerateBootEntries
Status: Not hooked
#: 132 Function Name: NtEnumerateDriverEntries
Status: Not hooked
#: 133 Function Name: NtEnumerateKey
Status: Not hooked
#: 134 Function Name: NtEnumerateSystemEnvironmentValuesEx
Status: Not hooked
#: 135 Function Name: NtEnumerateTransactionObject
Status: Not hooked
#: 136 Function Name: NtEnumerateValueKey
Status: Not hooked
#: 137 Function Name: NtExtendSection
Status: Not hooked
#: 138 Function Name: NtFilterToken
Status: Not hooked
#: 139 Function Name: NtFindAtom
Status: Not hooked
#: 140 Function Name: NtFlushBuffersFile
Status: Not hooked
#: 141 Function Name: NtFlushInstructionCache
Status: Not hooked
#: 142 Function Name: NtFlushKey
Status: Not hooked
#: 143 Function Name: NtFlushProcessWriteBuffers
Status: Not hooked
#: 144 Function Name: NtFlushVirtualMemory
Status: Not hooked
#: 145 Function Name: NtFlushWriteBuffer
Status: Not hooked
#: 146 Function Name: NtFreeUserPhysicalPages
Status: Not hooked
#: 147 Function Name: NtFreeVirtualMemory
Status: Not hooked
#: 148 Function Name: NtFreezeRegistry
Status: Not hooked
#: 149 Function Name: NtFreezeTransactions
Status: Not hooked
#: 150 Function Name: NtFsControlFile
Status: Not hooked
#: 151 Function Name: NtGetContextThread
Status: Not hooked
#: 152 Function Name: NtGetDevicePowerState
Status: Not hooked
#: 153 Function Name: NtGetNlsSectionPtr
Status: Not hooked
#: 154 Function Name: NtGetPlugPlayEvent
Status: Not hooked
#: 155 Function Name: NtGetWriteWatch
Status: Not hooked
#: 156 Function Name: NtImpersonateAnonymousToken
Status: Not hooked
#: 157 Function Name: NtImpersonateClientOfPort
Status: Not hooked
#: 158 Function Name: NtImpersonateThread
Status: Not hooked
#: 159 Function Name: NtInitializeNlsFiles
Status: Not hooked
#: 160 Function Name: NtInitializeRegistry
Status: Not hooked
#: 161 Function Name: NtInitiatePowerAction
Status: Not hooked
#: 162 Function Name: NtIsProcessInJob
Status: Not hooked
#: 163 Function Name: NtIsSystemResumeAutomatic
Status: Not hooked
#: 164 Function Name: NtListenPort
Status: Not hooked
#: 165 Function Name: NtLoadDriver
Status: Not hooked
#: 166 Function Name: NtLoadKey
Status: Not hooked
#: 167 Function Name: NtLoadKey2
Status: Not hooked
#: 168 Function Name: NtLoadKeyEx
Status: Not hooked
#: 169 Function Name: NtLockFile
Status: Not hooked
#: 170 Function Name: NtLockProductActivationKeys
Status: Not hooked
#: 171 Function Name: NtLockRegistryKey
Status: Not hooked
#: 172 Function Name: NtLockVirtualMemory
Status: Not hooked
#: 173 Function Name: NtMakePermanentObject
Status: Not hooked
#: 174 Function Name: NtMakeTemporaryObject
Status: Not hooked
#: 175 Function Name: NtMapUserPhysicalPages
Status: Not hooked
#: 176 Function Name: NtMapUserPhysicalPagesScatter
Status: Not hooked
#: 177 Function Name: NtMapViewOfSection
Status: Not hooked
#: 178 Function Name: NtModifyBootEntry
Status: Not hooked
#: 179 Function Name: NtModifyDriverEntry
Status: Not hooked
#: 180 Function Name: NtNotifyChangeDirectoryFile
Status: Not hooked
#: 181 Function Name: NtNotifyChangeKey
Status: Not hooked
#: 182 Function Name: NtNotifyChangeMultipleKeys
Status: Not hooked
#: 183 Function Name: NtOpenDirectoryObject
Status: Not hooked
#: 184 Function Name: NtOpenEvent
Status: Not hooked
#: 185 Function Name: NtOpenEventPair
Status: Not hooked
#: 186 Function Name: NtOpenFile
Status: Not hooked
#: 187 Function Name: NtOpenIoCompletion
Status: Not hooked
#: 188 Function Name: NtOpenJobObject
Status: Not hooked
#: 189 Function Name: NtOpenKey
Status: Not hooked
#: 190 Function Name: NtOpenKeyTransacted
Status: Not hooked
#: 191 Function Name: NtOpenMutant
Status: Not hooked
#: 192 Function Name: NtOpenPrivateNamespace
Status: Not hooked
#: 193 Function Name: NtOpenObjectAuditAlarm
Status: Not hooked
#: 194 Function Name: NtOpenProcess
Status: Not hooked
#: 195 Function Name: NtOpenProcessToken
Status: Not hooked
#: 196 Function Name: NtOpenProcessTokenEx
Status: Not hooked
#: 197 Function Name: NtOpenSection
Status: Not hooked
#: 198 Function Name: NtOpenSemaphore
Status: Not hooked
#: 199 Function Name: NtOpenSession
Status: Not hooked
#: 200 Function Name: NtOpenSymbolicLinkObject
Status: Not hooked
#: 201 Function Name: NtOpenThread
Status: Not hooked
#: 202 Function Name: NtOpenThreadToken
Status: Not hooked
#: 203 Function Name: NtOpenThreadTokenEx
Status: Not hooked
#: 204 Function Name: NtOpenTimer
Status: Not hooked
#: 205 Function Name: NtPlugPlayControl
Status: Not hooked
#: 206 Function Name: NtPowerInformation
Status: Not hooked
#: 207 Function Name: NtPrivilegeCheck
Status: Not hooked
#: 208 Function Name: NtPrivilegeObjectAuditAlarm
Status: Not hooked
#: 209 Function Name: NtPrivilegedServiceAuditAlarm
Status: Not hooked
#: 210 Function Name: NtProtectVirtualMemory
Status: Not hooked
#: 211 Function Name: NtPulseEvent
Status: Not hooked
#: 212 Function Name: NtQueryAttributesFile
Status: Not hooked
#: 213 Function Name: NtQueryBootEntryOrder
Status: Not hooked
#: 214 Function Name: NtQueryBootOptions
Status: Not hooked
#: 215 Function Name: NtQueryDebugFilterState
Status: Not hooked
#: 216 Function Name: NtQueryDefaultLocale
Status: Not hooked
#: 217 Function Name: NtQueryDefaultUILanguage
Status: Not hooked
#: 218 Function Name: NtQueryDirectoryFile
Status: Not hooked
#: 219 Function Name: NtQueryDirectoryObject
Status: Not hooked
#: 220 Function Name: NtQueryDriverEntryOrder
Status: Not hooked
#: 221 Function Name: NtQueryEaFile
Status: Not hooked
#: 222 Function Name: NtQueryEvent
Status: Not hooked
#: 223 Function Name: NtQueryFullAttributesFile
Status: Not hooked
#: 224 Function Name: NtQueryInformationAtom
Status: Not hooked
#: 225 Function Name: NtQueryInformationFile
Status: Not hooked
#: 226 Function Name: NtQueryInformationJobObject
Status: Not hooked
#: 227 Function Name: NtQueryInformationPort
Status: Not hooked
#: 228 Function Name: NtQueryInformationProcess
Status: Not hooked
#: 229 Function Name: NtQueryInformationThread
Status: Not hooked
#: 230 Function Name: NtQueryInformationToken
Status: Not hooked
#: 231 Function Name: NtQueryInstallUILanguage
Status: Not hooked
#: 232 Function Name: NtQueryIntervalProfile
Status: Not hooked
#: 233 Function Name: NtQueryIoCompletion
Status: Not hooked
#: 234 Function Name: NtQueryKey
Status: Not hooked
#: 235 Function Name: NtQueryMultipleValueKey
Status: Not hooked
#: 236 Function Name: NtQueryMutant
Status: Not hooked
#: 237 Function Name: NtQueryObject
Status: Not hooked
#: 238 Function Name: NtQueryOpenSubKeys
Status: Not hooked
#: 239 Function Name: NtQueryOpenSubKeysEx
Status: Not hooked
#: 240 Function Name: NtQueryPerformanceCounter
Status: Not hooked
#: 241 Function Name: NtQueryQuotaInformationFile
Status: Not hooked
#: 242 Function Name: NtQuerySection
Status: Not hooked
#: 243 Function Name: NtQuerySecurityObject
Status: Not hooked
#: 244 Function Name: NtQuerySemaphore
Status: Not hooked
#: 245 Function Name: NtQuerySymbolicLinkObject
Status: Not hooked
#: 246 Function Name: NtQuerySystemEnvironmentValue
Status: Not hooked
#: 247 Function Name: NtQuerySystemEnvironmentValueEx
Status: Not hooked
#: 248 Function Name: NtQuerySystemInformation
Status: Not hooked
#: 249 Function Name: NtQuerySystemTime
Status: Not hooked
#: 250 Function Name: NtQueryTimer
Status: Not hooked
#: 251 Function Name: NtQueryTimerResolution
Status: Not hooked
#: 252 Function Name: NtQueryValueKey
Status: Not hooked
#: 253 Function Name: NtQueryVirtualMemory
Status: Not hooked
#: 254 Function Name: NtQueryVolumeInformationFile
Status: Not hooked
#: 255 Function Name: NtQueueApcThread
Status: Not hooked
#: 256 Function Name: NtRaiseException
Status: Not hooked
#: 257 Function Name: NtRaiseHardError
Status: Not hooked
#: 258 Function Name: NtReadFile
Status: Not hooked
#: 259 Function Name: NtReadFileScatter
Status: Not hooked
#: 260 Function Name: NtReadRequestData
Status: Not hooked
#: 261 Function Name: NtReadVirtualMemory
Status: Not hooked
#: 262 Function Name: NtRegisterThreadTerminatePort
Status: Not hooked
#: 263 Function Name: NtReleaseMutant
Status: Not hooked
#: 264 Function Name: NtReleaseSemaphore
Status: Not hooked
#: 265 Function Name: NtRemoveIoCompletion
Status: Not hooked
#: 266 Function Name: NtRemoveProcessDebug
Status: Not hooked
#: 267 Function Name: NtRenameKey
Status: Not hooked
#: 268 Function Name: NtReplaceKey
Status: Not hooked
#: 269 Function Name: NtReplacePartitionUnit
Status: Not hooked
#: 270 Function Name: NtReplyPort
Status: Not hooked
#: 271 Function Name: NtReplyWaitReceivePort
Status: Not hooked
#: 272 Function Name: NtReplyWaitReceivePortEx
Status: Not hooked
#: 273 Function Name: NtReplyWaitReplyPort
Status: Not hooked
#: 274 Function Name: NtRequestDeviceWakeup
Status: Not hooked
#: 275 Function Name: NtRequestPort
Status: Not hooked
#: 276 Function Name: NtRequestWaitReplyPort
Status: Not hooked
#: 277 Function Name: NtRequestWakeupLatency
Status: Not hooked
#: 278 Function Name: NtResetEvent
Status: Not hooked
#: 279 Function Name: NtResetWriteWatch
Status: Not hooked
#: 280 Function Name: NtRestoreKey
Status: Not hooked
#: 281 Function Name: NtResumeProcess
Status: Not hooked
#: 282 Function Name: NtResumeThread
Status: Not hooked
#: 283 Function Name: NtSaveKey
Status: Not hooked
#: 284 Function Name: NtSaveKeyEx
Status: Not hooked
#: 285 Function Name: NtSaveMergedKeys
Status: Not hooked
#: 286 Function Name: NtSecureConnectPort
Status: Not hooked
#: 287 Function Name: NtSetBootEntryOrder
Status: Not hooked
#: 288 Function Name: NtSetBootOptions
Status: Not hooked
#: 289 Function Name: NtSetContextThread
Status: Not hooked
#: 290 Function Name: NtSetDebugFilterState
Status: Not hooked
#: 291 Function Name: NtSetDefaultHardErrorPort
Status: Not hooked
#: 292 Function Name: NtSetDefaultLocale
Status: Not hooked
#: 293 Function Name: NtSetDefaultUILanguage
Status: Not hooked
#: 294 Function Name: NtSetDriverEntryOrder
Status: Not hooked
#: 295 Function Name: NtSetEaFile
Status: Not hooked
#: 296 Function Name: NtSetEvent
Status: Not hooked
#: 297 Function Name: NtSetEventBoostPriority
Status: Not hooked
#: 298 Function Name: NtSetHighEventPair
Status: Not hooked
#: 299 Function Name: NtSetHighWaitLowEventPair
Status: Not hooked
#: 300 Function Name: NtSetInformationDebugObject
Status: Not hooked
#: 301 Function Name: NtSetInformationFile
Status: Not hooked
#: 302 Function Name: NtSetInformationJobObject
Status: Not hooked
#: 303 Function Name: NtSetInformationKey
Status: Not hooked
#: 304 Function Name: NtSetInformationObject
Status: Not hooked
#: 305 Function Name: NtSetInformationProcess
Status: Not hooked
#: 306 Function Name: NtSetInformationThread
Status: Not hooked
#: 307 Function Name: NtSetInformationToken
Status: Not hooked
#: 308 Function Name: NtSetIntervalProfile
Status: Not hooked
#: 309 Function Name: NtSetIoCompletion
Status: Not hooked
#: 310 Function Name: NtSetLdtEntries
Status: Not hooked
#: 311 Function Name: NtSetLowEventPair
Status: Not hooked
#: 312 Function Name: NtSetLowWaitHighEventPair
Status: Not hooked
#: 313 Function Name: NtSetQuotaInformationFile
Status: Not hooked
#: 314 Function Name: NtSetSecurityObject
Status: Not hooked
#: 315 Function Name: NtSetSystemEnvironmentValue
Status: Not hooked
#: 316 Function Name: NtSetSystemEnvironmentValueEx
Status: Not hooked
#: 317 Function Name: NtSetSystemInformation
Status: Not hooked
#: 318 Function Name: NtSetSystemPowerState
Status: Not hooked
#: 319 Function Name: NtSetSystemTime
Status: Not hooked
#: 320 Function Name: NtSetThreadExecutionState
Status: Not hooked
#: 321 Function Name: NtSetTimer
Status: Not hooked
#: 322 Function Name: NtSetTimerResolution
Status: Not hooked
#: 323 Function Name: NtSetUuidSeed
Status: Not hooked
#: 324 Function Name: NtSetValueKey
Status: Not hooked
#: 325 Function Name: NtSetVolumeInformationFile
Status: Not hooked
#: 326 Function Name: NtShutdownSystem
Status: Not hooked
#: 327 Function Name: NtSignalAndWaitForSingleObject
Status: Not hooked
#: 328 Function Name: NtStartProfile
Status: Not hooked
#: 329 Function Name: NtStopProfile
Status: Not hooked
#: 330 Function Name: NtSuspendProcess
Status: Not hooked
#: 331 Function Name: NtSuspendThread
Status: Not hooked
#: 332 Function Name: NtSystemDebugControl
Status: Not hooked
#: 333 Function Name: NtTerminateJobObject
Status: Not hooked
#: 334 Function Name: NtTerminateProcess
Status: Not hooked
#: 335 Function Name: NtTerminateThread
Status: Not hooked
#: 336 Function Name: NtTestAlert
Status: Not hooked
#: 337 Function Name: NtThawRegistry
Status: Not hooked
#: 338 Function Name: NtThawTransactions
Status: Not hooked
#: 339 Function Name: NtTraceEvent
Status: Not hooked
#: 340 Function Name: NtTraceControl
Status: Not hooked
#: 341 Function Name: NtTranslateFilePath
Status: Not hooked
#: 342 Function Name: NtUnloadDriver
Status: Not hooked
#: 343 Function Name: NtUnloadKey
Status: Not hooked
#: 344 Function Name: NtUnloadKey2
Status: Not hooked
#: 345 Function Name: NtUnloadKeyEx
Status: Not hooked
#: 346 Function Name: NtUnlockFile
Status: Not hooked
#: 347 Function Name: NtUnlockVirtualMemory
Status: Not hooked
#: 348 Function Name: NtUnmapViewOfSection
Status: Not hooked
#: 349 Function Name: NtVdmControl
Status: Not hooked
#: 350 Function Name: NtWaitForDebugEvent
Status: Not hooked
#: 351 Function Name: NtWaitForMultipleObjects
Status: Not hooked
#: 352 Function Name: NtWaitForSingleObject
Status: Not hooked
#: 353 Function Name: NtWaitHighEventPair
Status: Not hooked
#: 354 Function Name: NtWaitLowEventPair
Status: Not hooked
#: 355 Function Name: NtWriteFile
Status: Not hooked
#: 356 Function Name: NtWriteFileGather
Status: Not hooked
#: 357 Function Name: NtWriteRequestData
Status: Not hooked
#: 358 Function Name: NtWriteVirtualMemory
Status: Not hooked
#: 359 Function Name: NtYieldExecution
Status: Not hooked
#: 360 Function Name: NtCreateKeyedEvent
Status: Not hooked
#: 361 Function Name: NtOpenKeyedEvent
Status: Not hooked
#: 362 Function Name: NtReleaseKeyedEvent
Status: Not hooked
#: 363 Function Name: NtWaitForKeyedEvent
Status: Not hooked
#: 364 Function Name: NtQueryPortInformationProcess
Status: Not hooked
#: 365 Function Name: NtGetCurrentProcessorNumber
Status: Not hooked
#: 366 Function Name: NtWaitForMultipleObjects32
Status: Not hooked
#: 367 Function Name: NtGetNextProcess
Status: Not hooked
#: 368 Function Name: NtGetNextThread
Status: Not hooked
#: 369 Function Name: NtCancelIoFileEx
Status: Not hooked
#: 370 Function Name: NtCancelSynchronousIoFile
Status: Not hooked
#: 371 Function Name: NtRemoveIoCompletionEx
Status: Not hooked
#: 372 Function Name: NtRegisterProtocolAddressInformation
Status: Not hooked
#: 373 Function Name: NtPropagationComplete
Status: Not hooked
#: 374 Function Name: NtPropagationFailed
Status: Not hooked
#: 375 Function Name: NtCreateWorkerFactory
Status: Not hooked
#: 376 Function Name: NtReleaseWorkerFactoryWorker
Status: Not hooked
#: 377 Function Name: NtWaitForWorkViaWorkerFactory
Status: Not hooked
#: 378 Function Name: NtSetInformationWorkerFactory
Status: Not hooked
#: 379 Function Name: NtQueryInformationWorkerFactory
Status: Not hooked
#: 380 Function Name: NtWorkerFactoryWorkerReady
Status: Not hooked
#: 381 Function Name: NtShutdownWorkerFactory
Status: Not hooked
#: 382 Function Name: NtCreateThreadEx
Status: Not hooked
#: 383 Function Name: NtCreateUserProcess
Status: Not hooked
#: 384 Function Name: NtQueryLicenseValue
Status: Not hooked
#: 385 Function Name: NtMapCMFModule
Status: Not hooked
#: 386 Function Name: NtIsUILanguageComitted
Status: Not hooked
#: 387 Function Name: NtFlushInstallUILanguage
Status: Not hooked
#: 388 Function Name: NtGetMUIRegistryInfo
Status: Not hooked
#: 389 Function Name: NtAcquireCMFViewOwnership
Status: Not hooked
#: 390 Function Name: NtReleaseCMFViewOwnership
Status: Not hooked
Re: Problémy s explorer.exe
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/03 15:21
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Shadow SSDT
-------------------
#: 000 Function Name: NtGdiAbortDoc
Status: Not hooked
#: 001 Function Name: NtGdiAbortPath
Status: Not hooked
#: 002 Function Name: NtGdiAddFontResourceW
Status: Not hooked
#: 003 Function Name: NtGdiAddRemoteFontToDC
Status: Not hooked
#: 004 Function Name: NtGdiAddFontMemResourceEx
Status: Not hooked
#: 005 Function Name: NtGdiRemoveMergeFont
Status: Not hooked
#: 006 Function Name: NtGdiAddRemoteMMInstanceToDC
Status: Not hooked
#: 007 Function Name: NtGdiAlphaBlend
Status: Not hooked
#: 008 Function Name: NtGdiAngleArc
Status: Not hooked
#: 009 Function Name: NtGdiAnyLinkedFonts
Status: Not hooked
#: 010 Function Name: NtGdiFontIsLinked
Status: Not hooked
#: 011 Function Name: NtGdiArcInternal
Status: Not hooked
#: 012 Function Name: NtGdiBeginPath
Status: Not hooked
#: 013 Function Name: NtGdiBitBlt
Status: Not hooked
#: 014 Function Name: NtGdiCancelDC
Status: Not hooked
#: 015 Function Name: NtGdiCheckBitmapBits
Status: Not hooked
#: 016 Function Name: NtGdiCloseFigure
Status: Not hooked
#: 017 Function Name: NtGdiClearBitmapAttributes
Status: Not hooked
#: 018 Function Name: NtGdiClearBrushAttributes
Status: Not hooked
#: 019 Function Name: NtGdiColorCorrectPalette
Status: Not hooked
#: 020 Function Name: NtGdiCombineRgn
Status: Not hooked
#: 021 Function Name: NtGdiCombineTransform
Status: Not hooked
#: 022 Function Name: NtGdiComputeXformCoefficients
Status: Not hooked
#: 023 Function Name: NtGdiConfigureOPMProtectedOutput
Status: Not hooked
#: 024 Function Name: NtGdiConsoleTextOut
Status: Not hooked
#: 025 Function Name: NtGdiConvertMetafileRect
Status: Not hooked
#: 026 Function Name: NtGdiCreateBitmap
Status: Not hooked
#: 027 Function Name: NtGdiCreateClientObj
Status: Not hooked
#: 028 Function Name: NtGdiCreateColorSpace
Status: Not hooked
#: 029 Function Name: NtGdiCreateColorTransform
Status: Not hooked
#: 030 Function Name: NtGdiCreateCompatibleBitmap
Status: Not hooked
#: 031 Function Name: NtGdiCreateCompatibleDC
Status: Not hooked
#: 032 Function Name: NtGdiCreateDIBBrush
Status: Not hooked
#: 033 Function Name: NtGdiCreateDIBitmapInternal
Status: Not hooked
#: 034 Function Name: NtGdiCreateDIBSection
Status: Not hooked
#: 035 Function Name: NtGdiCreateEllipticRgn
Status: Not hooked
#: 036 Function Name: NtGdiCreateHalftonePalette
Status: Not hooked
#: 037 Function Name: NtGdiCreateHatchBrushInternal
Status: Not hooked
#: 038 Function Name: NtGdiCreateMetafileDC
Status: Not hooked
#: 039 Function Name: NtGdiCreateOPMProtectedOutputs
Status: Not hooked
#: 040 Function Name: NtGdiCreatePaletteInternal
Status: Not hooked
#: 041 Function Name: NtGdiCreatePatternBrushInternal
Status: Not hooked
#: 042 Function Name: NtGdiCreatePen
Status: Not hooked
#: 043 Function Name: NtGdiCreateRectRgn
Status: Not hooked
#: 044 Function Name: NtGdiCreateRoundRectRgn
Status: Not hooked
#: 045 Function Name: NtGdiCreateServerMetaFile
Status: Not hooked
#: 046 Function Name: NtGdiCreateSolidBrush
Status: Not hooked
#: 047 Function Name: NtGdiD3dContextCreate
Status: Not hooked
#: 048 Function Name: NtGdiD3dContextDestroy
Status: Not hooked
#: 049 Function Name: NtGdiD3dContextDestroyAll
Status: Not hooked
#: 050 Function Name: NtGdiD3dValidateTextureStageState
Status: Not hooked
#: 051 Function Name: NtGdiD3dDrawPrimitives2
Status: Not hooked
#: 052 Function Name: NtGdiDdGetDriverState
Status: Not hooked
#: 053 Function Name: NtGdiDdAddAttachedSurface
Status: Not hooked
#: 054 Function Name: NtGdiDdAlphaBlt
Status: Not hooked
#: 055 Function Name: NtGdiDdAttachSurface
Status: Not hooked
#: 056 Function Name: NtGdiDdBeginMoCompFrame
Status: Not hooked
#: 057 Function Name: NtGdiDdBlt
Status: Not hooked
#: 058 Function Name: NtGdiDdCanCreateSurface
Status: Not hooked
#: 059 Function Name: NtGdiDdCanCreateD3DBuffer
Status: Not hooked
#: 060 Function Name: NtGdiDdColorControl
Status: Not hooked
#: 061 Function Name: NtGdiDdCreateDirectDrawObject
Status: Not hooked
#: 062 Function Name: NtGdiDdCreateSurface
Status: Not hooked
#: 063 Function Name: NtGdiDdCreateD3DBuffer
Status: Not hooked
#: 064 Function Name: NtGdiDdCreateMoComp
Status: Not hooked
#: 065 Function Name: NtGdiDdCreateSurfaceObject
Status: Not hooked
#: 066 Function Name: NtGdiDdDeleteDirectDrawObject
Status: Not hooked
#: 067 Function Name: NtGdiDdDeleteSurfaceObject
Status: Not hooked
#: 068 Function Name: NtGdiDdDestroyMoComp
Status: Not hooked
#: 069 Function Name: NtGdiDdDestroySurface
Status: Not hooked
#: 070 Function Name: NtGdiDdDestroyD3DBuffer
Status: Not hooked
#: 071 Function Name: NtGdiDdEndMoCompFrame
Status: Not hooked
#: 072 Function Name: NtGdiDdFlip
Status: Not hooked
#: 073 Function Name: NtGdiDdFlipToGDISurface
Status: Not hooked
#: 074 Function Name: NtGdiDdGetAvailDriverMemory
Status: Not hooked
#: 075 Function Name: NtGdiDdGetBltStatus
Status: Not hooked
#: 076 Function Name: NtGdiDdGetDC
Status: Not hooked
#: 077 Function Name: NtGdiDdGetDriverInfo
Status: Not hooked
#: 078 Function Name: NtGdiDdGetDxHandle
Status: Not hooked
#: 079 Function Name: NtGdiDdGetFlipStatus
Status: Not hooked
#: 080 Function Name: NtGdiDdGetInternalMoCompInfo
Status: Not hooked
#: 081 Function Name: NtGdiDdGetMoCompBuffInfo
Status: Not hooked
#: 082 Function Name: NtGdiDdGetMoCompGuids
Status: Not hooked
#: 083 Function Name: NtGdiDdGetMoCompFormats
Status: Not hooked
#: 084 Function Name: NtGdiDdGetScanLine
Status: Not hooked
#: 085 Function Name: NtGdiDdLock
Status: Not hooked
#: 086 Function Name: NtGdiDdLockD3D
Status: Not hooked
#: 087 Function Name: NtGdiDdQueryDirectDrawObject
Status: Not hooked
#: 088 Function Name: NtGdiDdQueryMoCompStatus
Status: Not hooked
#: 089 Function Name: NtGdiDdReenableDirectDrawObject
Status: Not hooked
#: 090 Function Name: NtGdiDdReleaseDC
Status: Not hooked
#: 091 Function Name: NtGdiDdRenderMoComp
Status: Not hooked
#: 092 Function Name: NtGdiDdResetVisrgn
Status: Not hooked
#: 093 Function Name: NtGdiDdSetColorKey
Status: Not hooked
#: 094 Function Name: NtGdiDdSetExclusiveMode
Status: Not hooked
#: 095 Function Name: NtGdiDdSetGammaRamp
Status: Not hooked
#: 096 Function Name: NtGdiDdCreateSurfaceEx
Status: Not hooked
#: 097 Function Name: NtGdiDdSetOverlayPosition
Status: Not hooked
#: 098 Function Name: NtGdiDdUnattachSurface
Status: Not hooked
#: 099 Function Name: NtGdiDdUnlock
Status: Not hooked
#: 100 Function Name: NtGdiDdUnlockD3D
Status: Not hooked
#: 101 Function Name: NtGdiDdUpdateOverlay
Status: Not hooked
#: 102 Function Name: NtGdiDdWaitForVerticalBlank
Status: Not hooked
#: 103 Function Name: NtGdiDvpCanCreateVideoPort
Status: Not hooked
#: 104 Function Name: NtGdiDvpColorControl
Status: Not hooked
#: 105 Function Name: NtGdiDvpCreateVideoPort
Status: Not hooked
#: 106 Function Name: NtGdiDvpDestroyVideoPort
Status: Not hooked
#: 107 Function Name: NtGdiDvpFlipVideoPort
Status: Not hooked
#: 108 Function Name: NtGdiDvpGetVideoPortBandwidth
Status: Not hooked
#: 109 Function Name: NtGdiDvpGetVideoPortField
Status: Not hooked
#: 110 Function Name: NtGdiDvpGetVideoPortFlipStatus
Status: Not hooked
#: 111 Function Name: NtGdiDvpGetVideoPortInputFormats
Status: Not hooked
#: 112 Function Name: NtGdiDvpGetVideoPortLine
Status: Not hooked
#: 113 Function Name: NtGdiDvpGetVideoPortOutputFormats
Status: Not hooked
#: 114 Function Name: NtGdiDvpGetVideoPortConnectInfo
Status: Not hooked
#: 115 Function Name: NtGdiDvpGetVideoSignalStatus
Status: Not hooked
#: 116 Function Name: NtGdiDvpUpdateVideoPort
Status: Not hooked
#: 117 Function Name: NtGdiDvpWaitForVideoPortSync
Status: Not hooked
#: 118 Function Name: NtGdiDvpAcquireNotification
Status: Not hooked
#: 119 Function Name: NtGdiDvpReleaseNotification
Status: Not hooked
#: 120 Function Name: NtGdiDxgGenericThunk
Status: Not hooked
#: 121 Function Name: NtGdiDeleteClientObj
Status: Not hooked
#: 122 Function Name: NtGdiDeleteColorSpace
Status: Not hooked
#: 123 Function Name: NtGdiDeleteColorTransform
Status: Not hooked
#: 124 Function Name: NtGdiDeleteObjectApp
Status: Not hooked
#: 125 Function Name: NtGdiDescribePixelFormat
Status: Not hooked
#: 126 Function Name: NtGdiDestroyOPMProtectedOutput
Status: Not hooked
#: 127 Function Name: NtGdiGetPerBandInfo
Status: Not hooked
#: 128 Function Name: NtGdiDoBanding
Status: Not hooked
#: 129 Function Name: NtGdiDoPalette
Status: Not hooked
#: 130 Function Name: NtGdiDrawEscape
Status: Not hooked
#: 131 Function Name: NtGdiEllipse
Status: Not hooked
#: 132 Function Name: NtGdiEnableEudc
Status: Not hooked
#: 133 Function Name: NtGdiEndDoc
Status: Not hooked
#: 134 Function Name: NtGdiEndPage
Status: Not hooked
#: 135 Function Name: NtGdiEndPath
Status: Not hooked
#: 136 Function Name: NtGdiEnumFontChunk
Status: Not hooked
#: 137 Function Name: NtGdiEnumFontClose
Status: Not hooked
#: 138 Function Name: NtGdiEnumFontOpen
Status: Not hooked
#: 139 Function Name: NtGdiEnumObjects
Status: Not hooked
#: 140 Function Name: NtGdiEqualRgn
Status: Not hooked
#: 141 Function Name: NtGdiEudcLoadUnloadLink
Status: Not hooked
#: 142 Function Name: NtGdiExcludeClipRect
Status: Not hooked
#: 143 Function Name: NtGdiExtCreatePen
Status: Not hooked
#: 144 Function Name: NtGdiExtCreateRegion
Status: Not hooked
#: 145 Function Name: NtGdiExtEscape
Status: Not hooked
#: 146 Function Name: NtGdiExtFloodFill
Status: Not hooked
#: 147 Function Name: NtGdiExtGetObjectW
Status: Not hooked
#: 148 Function Name: NtGdiExtSelectClipRgn
Status: Not hooked
#: 149 Function Name: NtGdiExtTextOutW
Status: Not hooked
#: 150 Function Name: NtGdiFillPath
Status: Not hooked
#: 151 Function Name: NtGdiFillRgn
Status: Not hooked
#: 152 Function Name: NtGdiFlattenPath
Status: Not hooked
#: 153 Function Name: NtGdiFlush
Status: Not hooked
#: 154 Function Name: NtGdiForceUFIMapping
Status: Not hooked
#: 155 Function Name: NtGdiFrameRgn
Status: Not hooked
#: 156 Function Name: NtGdiFullscreenControl
Status: Not hooked
#: 157 Function Name: NtGdiGetAndSetDCDword
Status: Not hooked
#: 158 Function Name: NtGdiGetAppClipBox
Status: Not hooked
#: 159 Function Name: NtGdiGetBitmapBits
Status: Not hooked
#: 160 Function Name: NtGdiGetBitmapDimension
Status: Not hooked
#: 161 Function Name: NtGdiGetBoundsRect
Status: Not hooked
#: 162 Function Name: NtGdiGetCertificate
Status: Not hooked
#: 163 Function Name: NtGdiGetCertificateSize
Status: Not hooked
#: 164 Function Name: NtGdiGetCharABCWidthsW
Status: Not hooked
#: 165 Function Name: NtGdiGetCharacterPlacementW
Status: Not hooked
#: 166 Function Name: NtGdiGetCharSet
Status: Not hooked
#: 167 Function Name: NtGdiGetCharWidthW
Status: Not hooked
#: 168 Function Name: NtGdiGetCharWidthInfo
Status: Not hooked
#: 169 Function Name: NtGdiGetColorAdjustment
Status: Not hooked
#: 170 Function Name: NtGdiGetColorSpaceforBitmap
Status: Not hooked
#: 171 Function Name: NtGdiGetCOPPCompatibleOPMInformation
Status: Not hooked
#: 172 Function Name: NtGdiGetDCDword
Status: Not hooked
#: 173 Function Name: NtGdiGetDCforBitmap
Status: Not hooked
#: 174 Function Name: NtGdiGetDCObject
Status: Not hooked
#: 175 Function Name: NtGdiGetDCPoint
Status: Not hooked
#: 176 Function Name: NtGdiGetDeviceCaps
Status: Not hooked
#: 177 Function Name: NtGdiGetDeviceGammaRamp
Status: Not hooked
#: 178 Function Name: NtGdiGetDeviceCapsAll
Status: Not hooked
#: 179 Function Name: NtGdiGetDIBitsInternal
Status: Not hooked
#: 180 Function Name: NtGdiGetETM
Status: Not hooked
#: 181 Function Name: NtGdiGetEudcTimeStampEx
Status: Not hooked
#: 182 Function Name: NtGdiGetFontData
Status: Not hooked
#: 183 Function Name: NtGdiGetFontResourceInfoInternalW
Status: Not hooked
#: 184 Function Name: NtGdiGetGlyphIndicesW
Status: Not hooked
#: 185 Function Name: NtGdiGetGlyphIndicesWInternal
Status: Not hooked
#: 186 Function Name: NtGdiGetGlyphOutline
Status: Not hooked
#: 187 Function Name: NtGdiGetOPMInformation
Status: Not hooked
#: 188 Function Name: NtGdiGetKerningPairs
Status: Not hooked
#: 189 Function Name: NtGdiGetLinkedUFIs
Status: Not hooked
#: 190 Function Name: NtGdiGetMiterLimit
Status: Not hooked
#: 191 Function Name: NtGdiGetMonitorID
Status: Not hooked
#: 192 Function Name: NtGdiGetNearestColor
Status: Not hooked
#: 193 Function Name: NtGdiGetNearestPaletteIndex
Status: Not hooked
#: 194 Function Name: NtGdiGetObjectBitmapHandle
Status: Not hooked
#: 195 Function Name: NtGdiGetOPMRandomNumber
Status: Not hooked
#: 196 Function Name: NtGdiGetOutlineTextMetricsInternalW
Status: Not hooked
#: 197 Function Name: NtGdiGetPath
Status: Not hooked
#: 198 Function Name: NtGdiGetPixel
Status: Not hooked
#: 199 Function Name: NtGdiGetRandomRgn
Status: Not hooked
#: 200 Function Name: NtGdiGetRasterizerCaps
Status: Not hooked
#: 201 Function Name: NtGdiGetRealizationInfo
Status: Not hooked
#: 202 Function Name: NtGdiGetRegionData
Status: Not hooked
#: 203 Function Name: NtGdiGetRgnBox
Status: Not hooked
#: 204 Function Name: NtGdiGetServerMetaFileBits
Status: Not hooked
#: 205 Function Name: NtGdiGetSpoolMessage
Status: Not hooked
#: 206 Function Name: NtGdiGetStats
Status: Not hooked
#: 207 Function Name: NtGdiGetStockObject
Status: Not hooked
#: 208 Function Name: NtGdiGetStringBitmapW
Status: Not hooked
#: 209 Function Name: NtGdiGetSuggestedOPMProtectedOutputArraySize
Status: Not hooked
#: 210 Function Name: NtGdiGetSystemPaletteUse
Status: Not hooked
#: 211 Function Name: NtGdiGetTextCharsetInfo
Status: Not hooked
#: 212 Function Name: NtGdiGetTextExtent
Status: Not hooked
#: 213 Function Name: NtGdiGetTextExtentExW
Status: Not hooked
#: 214 Function Name: NtGdiGetTextFaceW
Status: Not hooked
#: 215 Function Name: NtGdiGetTextMetricsW
Status: Not hooked
#: 216 Function Name: NtGdiGetTransform
Status: Not hooked
#: 217 Function Name: NtGdiGetUFI
Status: Not hooked
#: 218 Function Name: NtGdiGetEmbUFI
Status: Not hooked
#: 219 Function Name: NtGdiGetUFIPathname
Status: Not hooked
#: 220 Function Name: NtGdiGetEmbedFonts
Status: Not hooked
#: 221 Function Name: NtGdiChangeGhostFont
Status: Not hooked
#: 222 Function Name: NtGdiAddEmbFontToDC
Status: Not hooked
#: 223 Function Name: NtGdiGetFontUnicodeRanges
Status: Not hooked
#: 224 Function Name: NtGdiGetWidthTable
Status: Not hooked
#: 225 Function Name: NtGdiGradientFill
Status: Not hooked
#: 226 Function Name: NtGdiHfontCreate
Status: Not hooked
#: 227 Function Name: NtGdiIcmBrushInfo
Status: Not hooked
#: 228 Function Name: SURFACE::bUnMap
Status: Not hooked
#: 229 Function Name: NtGdiInitSpool
Status: Not hooked
#: 230 Function Name: NtGdiIntersectClipRect
Status: Not hooked
#: 231 Function Name: NtGdiInvertRgn
Status: Not hooked
#: 232 Function Name: NtGdiLineTo
Status: Not hooked
#: 233 Function Name: NtGdiMakeFontDir
Status: Not hooked
#: 234 Function Name: NtGdiMakeInfoDC
Status: Not hooked
#: 235 Function Name: NtGdiMaskBlt
Status: Not hooked
#: 236 Function Name: NtGdiModifyWorldTransform
Status: Not hooked
#: 237 Function Name: NtGdiMonoBitmap
Status: Not hooked
#: 238 Function Name: NtGdiMoveTo
Status: Not hooked
#: 239 Function Name: NtGdiOffsetClipRgn
Status: Not hooked
#: 240 Function Name: NtGdiOffsetRgn
Status: Not hooked
#: 241 Function Name: NtGdiOpenDCW
Status: Not hooked
#: 242 Function Name: NtGdiPatBlt
Status: Not hooked
#: 243 Function Name: NtGdiPolyPatBlt
Status: Not hooked
#: 244 Function Name: NtGdiPathToRegion
Status: Not hooked
#: 245 Function Name: NtGdiPlgBlt
Status: Not hooked
#: 246 Function Name: NtGdiPolyDraw
Status: Not hooked
#: 247 Function Name: NtGdiPolyPolyDraw
Status: Not hooked
#: 248 Function Name: NtGdiPolyTextOutW
Status: Not hooked
#: 249 Function Name: NtGdiPtInRegion
Status: Not hooked
#: 250 Function Name: NtGdiPtVisible
Status: Not hooked
#: 251 Function Name: NtGdiQueryFonts
Status: Not hooked
#: 252 Function Name: NtGdiQueryFontAssocInfo
Status: Not hooked
#: 253 Function Name: NtGdiRectangle
Status: Not hooked
#: 254 Function Name: NtGdiRectInRegion
Status: Not hooked
#: 255 Function Name: NtGdiRectVisible
Status: Not hooked
#: 256 Function Name: NtGdiRemoveFontResourceW
Status: Not hooked
#: 257 Function Name: NtGdiRemoveFontMemResourceEx
Status: Not hooked
#: 258 Function Name: NtGdiResetDC
Status: Not hooked
#: 259 Function Name: NtGdiResizePalette
Status: Not hooked
#: 260 Function Name: NtGdiRestoreDC
Status: Not hooked
#: 261 Function Name: NtGdiRoundRect
Status: Not hooked
#: 262 Function Name: NtGdiSaveDC
Status: Not hooked
#: 263 Function Name: NtGdiScaleViewportExtEx
Status: Not hooked
#: 264 Function Name: NtGdiScaleWindowExtEx
Status: Not hooked
#: 265 Function Name: GreSelectBitmap
Status: Not hooked
#: 266 Function Name: NtGdiSelectBrush
Status: Not hooked
#: 267 Function Name: NtGdiSelectClipPath
Status: Not hooked
#: 268 Function Name: NtGdiSelectFont
Status: Not hooked
#: 269 Function Name: NtGdiSelectPen
Status: Not hooked
#: 270 Function Name: NtGdiSetBitmapAttributes
Status: Not hooked
#: 271 Function Name: NtGdiSetBitmapBits
Status: Not hooked
#: 272 Function Name: NtGdiSetBitmapDimension
Status: Not hooked
#: 273 Function Name: NtGdiSetBoundsRect
Status: Not hooked
#: 274 Function Name: NtGdiSetBrushAttributes
Status: Not hooked
#: 275 Function Name: NtGdiSetBrushOrg
Status: Not hooked
#: 276 Function Name: NtGdiSetColorAdjustment
Status: Not hooked
#: 277 Function Name: NtGdiSetColorSpace
Status: Not hooked
#: 278 Function Name: NtGdiSetDeviceGammaRamp
Status: Not hooked
#: 279 Function Name: NtGdiSetDIBitsToDeviceInternal
Status: Not hooked
#: 280 Function Name: NtGdiSetFontEnumeration
Status: Not hooked
#: 281 Function Name: NtGdiSetFontXform
Status: Not hooked
#: 282 Function Name: NtGdiSetIcmMode
Status: Not hooked
#: 283 Function Name: NtGdiSetLinkedUFIs
Status: Not hooked
#: 284 Function Name: NtGdiSetMagicColors
Status: Not hooked
#: 285 Function Name: NtGdiSetMetaRgn
Status: Not hooked
#: 286 Function Name: NtGdiSetMiterLimit
Status: Not hooked
#: 287 Function Name: NtGdiGetDeviceWidth
Status: Not hooked
#: 288 Function Name: NtGdiMirrorWindowOrg
Status: Not hooked
#: 289 Function Name: NtGdiSetLayout
Status: Not hooked
#: 290 Function Name: NtGdiSetOPMSigningKeyAndSequenceNumbers
Status: Not hooked
#: 291 Function Name: NtGdiSetPixel
Status: Not hooked
#: 292 Function Name: NtGdiSetPixelFormat
Status: Not hooked
#: 293 Function Name: NtGdiSetRectRgn
Status: Not hooked
#: 294 Function Name: NtGdiSetSystemPaletteUse
Status: Not hooked
#: 295 Function Name: NtGdiSetTextJustification
Status: Not hooked
#: 296 Function Name: NtGdiSetupPublicCFONT
Status: Not hooked
#: 297 Function Name: NtGdiSetVirtualResolution
Status: Not hooked
#: 298 Function Name: NtGdiSetSizeDevice
Status: Not hooked
#: 299 Function Name: NtGdiStartDoc
Status: Not hooked
#: 300 Function Name: NtGdiStartPage
Status: Not hooked
#: 301 Function Name: NtGdiStretchBlt
Status: Not hooked
#: 302 Function Name: NtGdiStretchDIBitsInternal
Status: Not hooked
#: 303 Function Name: NtGdiStrokeAndFillPath
Status: Not hooked
#: 304 Function Name: NtGdiStrokePath
Status: Not hooked
#: 305 Function Name: NtGdiSwapBuffers
Status: Not hooked
#: 306 Function Name: NtGdiTransformPoints
Status: Not hooked
#: 307 Function Name: NtGdiTransparentBlt
Status: Not hooked
#: 308 Function Name: DxgStubCanCreateSurface
Status: Not hooked
#: 309 Function Name: NtGdiUMPDEngFreeUserMem
Status: Not hooked
#: 310 Function Name: NtGdiUnrealizeObject
Status: Not hooked
#: 311 Function Name: NtGdiUpdateColors
Status: Not hooked
#: 312 Function Name: NtGdiWidenPath
Status: Not hooked
#: 313 Function Name: NtUserActivateKeyboardLayout
Status: Not hooked
#: 314 Function Name: NtUserAddClipboardFormatListener
Status: Not hooked
#: 315 Function Name: NtUserAlterWindowStyle
Status: Not hooked
#: 316 Function Name: NtUserAssociateInputContext
Status: Not hooked
#: 317 Function Name: NtUserAttachThreadInput
Status: Not hooked
#: 318 Function Name: NtUserBeginPaint
Status: Not hooked
#: 319 Function Name: NtUserBitBltSysBmp
Status: Not hooked
#: 320 Function Name: NtUserBlockInput
Status: Not hooked
#: 321 Function Name: NtUserBuildHimcList
Status: Not hooked
#: 322 Function Name: NtUserBuildHwndList
Status: Not hooked
#: 323 Function Name: NtUserBuildNameList
Status: Not hooked
#: 324 Function Name: NtUserBuildPropList
Status: Not hooked
#: 325 Function Name: NtUserCallHwnd
Status: Not hooked
#: 326 Function Name: NtUserCallHwndLock
Status: Not hooked
#: 327 Function Name: NtUserCallHwndOpt
Status: Not hooked
#: 328 Function Name: NtUserCallHwndParam
Status: Not hooked
#: 329 Function Name: NtUserCallHwndParamLock
Status: Not hooked
#: 330 Function Name: NtUserCallMsgFilter
Status: Not hooked
#: 331 Function Name: NtUserCallNextHookEx
Status: Not hooked
#: 332 Function Name: NtUserCallNoParam
Status: Not hooked
#: 333 Function Name: NtUserCallOneParam
Status: Not hooked
#: 334 Function Name: NtUserCallTwoParam
Status: Not hooked
#: 335 Function Name: NtUserChangeClipboardChain
Status: Not hooked
#: 336 Function Name: NtUserChangeDisplaySettings
Status: Not hooked
#: 337 Function Name: NtUserCheckAccessForIntegrityLevel
Status: Not hooked
#: 338 Function Name: NtUserCheckDesktopByThreadId
Status: Not hooked
#: 339 Function Name: NtUserCheckWindowThreadDesktop
Status: Not hooked
#: 340 Function Name: NtUserCheckImeHotKey
Status: Not hooked
#: 341 Function Name: NtUserCheckMenuItem
Status: Not hooked
#: 342 Function Name: NtUserChildWindowFromPointEx
Status: Not hooked
#: 343 Function Name: NtUserClipCursor
Status: Not hooked
#: 344 Function Name: NtUserCloseClipboard
Status: Not hooked
#: 345 Function Name: NtUserCloseDesktop
Status: Not hooked
#: 346 Function Name: NtUserCloseWindowStation
Status: Not hooked
#: 347 Function Name: NtUserConsoleControl
Status: Not hooked
#: 348 Function Name: NtUserConvertMemHandle
Status: Not hooked
#: 349 Function Name: NtUserCopyAcceleratorTable
Status: Not hooked
#: 350 Function Name: NtUserCountClipboardFormats
Status: Not hooked
#: 351 Function Name: NtUserCreateAcceleratorTable
Status: Not hooked
#: 352 Function Name: NtUserCreateCaret
Status: Not hooked
#: 353 Function Name: NtUserCreateDesktopEx
Status: Not hooked
#: 354 Function Name: NtUserCreateInputContext
Status: Not hooked
#: 355 Function Name: NtUserCreateLocalMemHandle
Status: Not hooked
#: 356 Function Name: NtUserCreateWindowEx
Status: Not hooked
#: 357 Function Name: NtUserCreateWindowStation
Status: Not hooked
#: 358 Function Name: NtUserDdeInitialize
Status: Not hooked
#: 359 Function Name: NtUserDeferWindowPos
Status: Not hooked
#: 360 Function Name: NtUserDefSetText
Status: Not hooked
#: 361 Function Name: NtUserDeleteMenu
Status: Not hooked
#: 362 Function Name: NtUserDestroyAcceleratorTable
Status: Not hooked
#: 363 Function Name: NtUserDestroyCursor
Status: Not hooked
#: 364 Function Name: NtUserDestroyInputContext
Status: Not hooked
#: 365 Function Name: NtUserDestroyMenu
Status: Not hooked
#: 366 Function Name: NtUserDestroyWindow
Status: Not hooked
#: 367 Function Name: NtUserDisableThreadIme
Status: Not hooked
#: 368 Function Name: NtUserDispatchMessage
Status: Not hooked
#: 369 Function Name: NtUserDoSoundConnect
Status: Not hooked
#: 370 Function Name: NtUserDoSoundDisconnect
Status: Not hooked
#: 371 Function Name: NtUserDragDetect
Status: Not hooked
#: 372 Function Name: NtUserDragObject
Status: Not hooked
#: 373 Function Name: NtUserDrawAnimatedRects
Status: Not hooked
#: 374 Function Name: NtUserDrawCaption
Status: Not hooked
#: 375 Function Name: NtUserDrawCaptionTemp
Status: Not hooked
#: 376 Function Name: NtUserDrawIconEx
Status: Not hooked
#: 377 Function Name: NtUserDrawMenuBarTemp
Status: Not hooked
#: 378 Function Name: NtUserEmptyClipboard
Status: Not hooked
#: 379 Function Name: NtUserEnableMenuItem
Status: Not hooked
#: 380 Function Name: NtUserEnableScrollBar
Status: Not hooked
#: 381 Function Name: NtUserEndDeferWindowPosEx
Status: Not hooked
#: 382 Function Name: NtUserEndMenu
Status: Not hooked
#: 383 Function Name: NtUserEndPaint
Status: Not hooked
#: 384 Function Name: NtUserEnumDisplayDevices
Status: Not hooked
#: 385 Function Name: NtUserEnumDisplayMonitors
Status: Not hooked
#: 386 Function Name: NtUserEnumDisplaySettings
Status: Not hooked
#: 387 Function Name: NtUserEvent
Status: Not hooked
#: 388 Function Name: NtUserExcludeUpdateRgn
Status: Not hooked
#: 389 Function Name: NtUserFillWindow
Status: Not hooked
#: 390 Function Name: NtUserFindExistingCursorIcon
Status: Not hooked
#: 391 Function Name: NtUserFindWindowEx
Status: Not hooked
#: 392 Function Name: NtUserFlashWindowEx
Status: Not hooked
#: 393 Function Name: NtUserFrostCrashedWindow
Status: Not hooked
#: 394 Function Name: NtUserGetAltTabInfo
Status: Not hooked
#: 395 Function Name: NtUserGetAncestor
Status: Not hooked
#: 396 Function Name: NtUserGetAppImeLevel
Status: Not hooked
#: 397 Function Name: NtUserGetAsyncKeyState
Status: Not hooked
#: 398 Function Name: NtUserGetAtomName
Status: Not hooked
#: 399 Function Name: NtUserGetCaretBlinkTime
Status: Not hooked
#: 400 Function Name: NtUserGetCaretPos
Status: Not hooked
#: 401 Function Name: NtUserGetClassInfoEx
Status: Not hooked
#: 402 Function Name: NtUserGetClassName
Status: Not hooked
#: 403 Function Name: NtUserGetClipboardData
Status: Not hooked
#: 404 Function Name: NtUserGetClipboardFormatName
Status: Not hooked
#: 405 Function Name: NtUserGetClipboardOwner
Status: Not hooked
#: 406 Function Name: NtUserGetClipboardSequenceNumber
Status: Not hooked
#: 407 Function Name: NtUserGetClipboardViewer
Status: Not hooked
#: 408 Function Name: NtUserGetClipCursor
Status: Not hooked
#: 409 Function Name: NtUserGetComboBoxInfo
Status: Not hooked
#: 410 Function Name: NtUserGetControlBrush
Status: Not hooked
#: 411 Function Name: NtUserGetControlColor
Status: Not hooked
#: 412 Function Name: NtUserGetCPD
Status: Not hooked
#: 413 Function Name: NtUserGetCursorFrameInfo
Status: Not hooked
#: 414 Function Name: NtUserGetCursorInfo
Status: Not hooked
#: 415 Function Name: NtUserGetDC
Status: Not hooked
#: 416 Function Name: NtUserGetDCEx
Status: Not hooked
#: 417 Function Name: NtUserGetDoubleClickTime
Status: Not hooked
#: 418 Function Name: NtUserGetForegroundWindow
Status: Not hooked
#: 419 Function Name: NtUserGetGuiResources
Status: Not hooked
#: 420 Function Name: NtUserGetGUIThreadInfo
Status: Not hooked
#: 421 Function Name: NtUserGetIconInfo
Status: Not hooked
#: 422 Function Name: NtUserGetIconSize
Status: Not hooked
#: 423 Function Name: NtUserGetImeHotKey
Status: Not hooked
#: 424 Function Name: NtUserGetImeInfoEx
Status: Not hooked
#: 425 Function Name: NtUserGetInternalWindowPos
Status: Not hooked
#: 426 Function Name: NtUserGetKeyboardLayoutList
Status: Not hooked
#: 427 Function Name: NtUserGetKeyboardLayoutName
Status: Not hooked
#: 428 Function Name: NtUserGetKeyboardState
Status: Not hooked
#: 429 Function Name: NtUserGetKeyNameText
Status: Not hooked
#: 430 Function Name: NtUserGetKeyState
Status: Not hooked
#: 431 Function Name: NtUserGetListBoxInfo
Status: Not hooked
#: 432 Function Name: NtUserGetMenuBarInfo
Status: Not hooked
#: 433 Function Name: NtUserGetMenuIndex
Status: Not hooked
#: 434 Function Name: NtUserGetMenuItemRect
Status: Not hooked
#: 435 Function Name: NtUserGetMessage
Status: Not hooked
#: 436 Function Name: NtUserGetMouseMovePointsEx
Status: Not hooked
#: 437 Function Name: NtUserGetObjectInformation
Status: Not hooked
#: 438 Function Name: NtUserGetOpenClipboardWindow
Status: Not hooked
#: 439 Function Name: NtUserGetPriorityClipboardFormat
Status: Not hooked
#: 440 Function Name: NtUserGetProcessWindowStation
Status: Not hooked
#: 441 Function Name: NtUserGetRawInputBuffer
Status: Not hooked
#: 442 Function Name: NtUserGetRawInputData
Status: Not hooked
#: 443 Function Name: NtUserGetRawInputDeviceInfo
Status: Not hooked
#: 444 Function Name: NtUserGetRawInputDeviceList
Status: Not hooked
#: 445 Function Name: NtUserGetRegisteredRawInputDevices
Status: Not hooked
#: 446 Function Name: NtUserGetScrollBarInfo
Status: Not hooked
#: 447 Function Name: NtUserGetSystemMenu
Status: Not hooked
#: 448 Function Name: NtUserGetThreadDesktop
Status: Not hooked
#: 449 Function Name: NtUserGetThreadState
Status: Not hooked
#: 450 Function Name: NtUserGetTitleBarInfo
Status: Not hooked
#: 451 Function Name: NtUserGetUpdatedClipboardFormats
Status: Not hooked
#: 452 Function Name: NtUserGetUpdateRect
Status: Not hooked
#: 453 Function Name: NtUserGetUpdateRgn
Status: Not hooked
#: 454 Function Name: NtUserGetWindowDC
Status: Not hooked
#: 455 Function Name: NtUserGetWindowPlacement
Status: Not hooked
#: 456 Function Name: NtUserGetWOWClass
Status: Not hooked
#: 457 Function Name: NtUserGhostWindowFromHungWindow
Status: Not hooked
#: 458 Function Name: NtUserHardErrorControl
Status: Not hooked
#: 459 Function Name: NtUserHideCaret
Status: Not hooked
#: 460 Function Name: NtUserHiliteMenuItem
Status: Not hooked
#: 461 Function Name: NtUserHungWindowFromGhostWindow
Status: Not hooked
#: 462 Function Name: NtUserImpersonateDdeClientWindow
Status: Not hooked
#: 463 Function Name: NtUserInitialize
Status: Not hooked
#: 464 Function Name: NtUserInitializeClientPfnArrays
Status: Not hooked
#: 465 Function Name: NtUserInitTask
Status: Not hooked
#: 466 Function Name: NtUserInternalGetWindowText
Status: Not hooked
#: 467 Function Name: NtUserInternalGetWindowIcon
Status: Not hooked
#: 468 Function Name: NtUserInvalidateRect
Status: Not hooked
#: 469 Function Name: NtUserInvalidateRgn
Status: Not hooked
#: 470 Function Name: NtUserIsClipboardFormatAvailable
Status: Not hooked
#: 471 Function Name: NtUserKillTimer
Status: Not hooked
#: 472 Function Name: NtUserLoadKeyboardLayoutEx
Status: Not hooked
#: 473 Function Name: NtUserLockWindowStation
Status: Not hooked
#: 474 Function Name: NtUserLockWindowUpdate
Status: Not hooked
#: 475 Function Name: NtUserLockWorkStation
Status: Not hooked
#: 476 Function Name: NtUserLogicalToPhysicalPoint
Status: Not hooked
#: 477 Function Name: NtUserMapVirtualKeyEx
Status: Not hooked
#: 478 Function Name: NtUserMenuItemFromPoint
Status: Not hooked
#: 479 Function Name: NtUserMessageCall
Status: Not hooked
#: 480 Function Name: NtUserMinMaximize
Status: Not hooked
#: 481 Function Name: NtUserMNDragLeave
Status: Not hooked
#: 482 Function Name: NtUserMNDragOver
Status: Not hooked
#: 483 Function Name: NtUserModifyUserStartupInfoFlags
Status: Not hooked
#: 484 Function Name: NtUserMoveWindow
Status: Not hooked
#: 485 Function Name: NtUserNotifyIMEStatus
Status: Not hooked
#: 486 Function Name: NtUserNotifyProcessCreate
Status: Not hooked
#: 487 Function Name: NtUserNotifyWinEvent
Status: Not hooked
#: 488 Function Name: NtUserOpenClipboard
Status: Not hooked
#: 489 Function Name: NtUserOpenDesktop
Status: Not hooked
#: 490 Function Name: NtUserOpenInputDesktop
Status: Not hooked
#: 491 Function Name: NtUserOpenThreadDesktop
Status: Not hooked
#: 492 Function Name: NtUserOpenWindowStation
Status: Not hooked
#: 493 Function Name: NtUserPaintDesktop
Status: Not hooked
#: 494 Function Name: NtUserPaintMonitor
Status: Not hooked
#: 495 Function Name: NtUserPeekMessage
Status: Not hooked
#: 496 Function Name: NtUserPhysicalToLogicalPoint
Status: Not hooked
#: 497 Function Name: NtUserPostMessage
Status: Not hooked
#: 498 Function Name: NtUserPostThreadMessage
Status: Not hooked
#: 499 Function Name: NtUserPrintWindow
Status: Not hooked
#: 500 Function Name: NtUserProcessConnect
Status: Not hooked
#: 501 Function Name: NtUserQueryInformationThread
Status: Not hooked
#: 502 Function Name: NtUserQueryInputContext
Status: Not hooked
#: 503 Function Name: NtUserQuerySendMessage
Status: Not hooked
#: 504 Function Name: NtUserQueryWindow
Status: Not hooked
#: 505 Function Name: NtUserRealChildWindowFromPoint
Status: Not hooked
#: 506 Function Name: NtUserRealInternalGetMessage
Status: Not hooked
#: 507 Function Name: NtUserRealWaitMessageEx
Status: Not hooked
#: 508 Function Name: NtUserRedrawWindow
Status: Not hooked
#: 509 Function Name: NtUserRegisterClassExWOW
Status: Not hooked
#: 510 Function Name: NtUserRegisterErrorReportingDialog
Status: Not hooked
#: 511 Function Name: NtUserRegisterUserApiHook
Status: Not hooked
#: 512 Function Name: NtUserRegisterHotKey
Status: Not hooked
#: 513 Function Name: NtUserRegisterRawInputDevices
Status: Not hooked
#: 514 Function Name: NtUserRegisterTasklist
Status: Not hooked
#: 515 Function Name: NtUserRegisterWindowMessage
Status: Not hooked
#: 516 Function Name: NtUserRemoveClipboardFormatListener
Status: Not hooked
#: 517 Function Name: NtUserRemoveMenu
Status: Not hooked
#: 518 Function Name: NtUserRemoveProp
Status: Not hooked
#: 519 Function Name: NtUserResolveDesktop
Status: Not hooked
#: 520 Function Name: NtUserResolveDesktopForWOW
Status: Not hooked
#: 521 Function Name: NtUserSBGetParms
Status: Not hooked
#: 522 Function Name: NtUserScrollDC
Status: Not hooked
#: 523 Function Name: NtUserScrollWindowEx
Status: Not hooked
#: 524 Function Name: NtUserSelectPalette
Status: Not hooked
#: 525 Function Name: NtUserSendInput
Status: Not hooked
#: 526 Function Name: NtUserSetActiveWindow
Status: Not hooked
#: 527 Function Name: NtUserSetAppImeLevel
Status: Not hooked
#: 528 Function Name: NtUserSetCapture
Status: Not hooked
#: 529 Function Name: NtUserSetClassLong
Status: Not hooked
#: 530 Function Name: NtUserSetClassWord
Status: Not hooked
#: 531 Function Name: NtUserSetClipboardData
Status: Not hooked
#: 532 Function Name: NtUserSetClipboardViewer
Status: Not hooked
#: 533 Function Name: NtUserSetConsoleReserveKeys
Status: Not hooked
#: 534 Function Name: NtUserSetCursor
Status: Not hooked
#: 535 Function Name: NtUserSetCursorContents
Status: Not hooked
#: 536 Function Name: NtUserSetCursorIconData
Status: Not hooked
#: 537 Function Name: NtUserSetFocus
Status: Not hooked
#: 538 Function Name: NtUserSetImeHotKey
Status: Not hooked
#: 539 Function Name: NtUserSetImeInfoEx
Status: Not hooked
#: 540 Function Name: NtUserSetImeOwnerWindow
Status: Not hooked
#: 541 Function Name: NtUserSetInformationProcess
Status: Not hooked
#: 542 Function Name: NtUserSetInformationThread
Status: Not hooked
#: 543 Function Name: NtUserSetInternalWindowPos
Status: Not hooked
#: 544 Function Name: NtUserSetKeyboardState
Status: Not hooked
#: 545 Function Name: NtUserSetMenu
Status: Not hooked
#: 546 Function Name: NtUserSetMenuContextHelpId
Status: Not hooked
#: 547 Function Name: NtUserSetMenuDefaultItem
Status: Not hooked
#: 548 Function Name: NtUserSetMenuFlagRtoL
Status: Not hooked
#: 549 Function Name: NtUserSetObjectInformation
Status: Not hooked
#: 550 Function Name: NtUserSetParent
Status: Not hooked
#: 551 Function Name: NtUserSetProcessWindowStation
Status: Not hooked
#: 552 Function Name: NtUserGetProp
Status: Not hooked
#: 553 Function Name: NtUserSetProp
Status: Not hooked
#: 554 Function Name: NtUserSetScrollInfo
Status: Not hooked
#: 555 Function Name: NtUserSetShellWindowEx
Status: Not hooked
#: 556 Function Name: NtUserSetSysColors
Status: Not hooked
#: 557 Function Name: NtUserSetSystemCursor
Status: Not hooked
#: 558 Function Name: NtUserSetSystemMenu
Status: Not hooked
#: 559 Function Name: NtUserSetSystemTimer
Status: Not hooked
#: 560 Function Name: NtUserSetThreadDesktop
Status: Not hooked
#: 561 Function Name: NtUserSetThreadLayoutHandles
Status: Not hooked
#: 562 Function Name: NtUserSetThreadState
Status: Not hooked
#: 563 Function Name: NtUserSetTimer
Status: Not hooked
#: 564 Function Name: NtUserSetProcessDPIAware
Status: Not hooked
#: 565 Function Name: NtUserSetWindowFNID
Status: Not hooked
#: 566 Function Name: NtUserSetWindowLong
Status: Not hooked
#: 567 Function Name: NtUserSetWindowPlacement
Status: Not hooked
#: 568 Function Name: NtUserSetWindowPos
Status: Not hooked
#: 569 Function Name: NtUserSetWindowRgn
Status: Not hooked
#: 570 Function Name: NtUserGetWindowRgnEx
Status: Not hooked
#: 571 Function Name: NtUserSetWindowRgnEx
Status: Not hooked
#: 572 Function Name: NtUserSetWindowsHookAW
Status: Not hooked
#: 573 Function Name: NtUserSetWindowsHookEx
Status: Not hooked
#: 574 Function Name: NtUserSetWindowStationUser
Status: Not hooked
#: 575 Function Name: NtUserSetWindowWord
Status: Not hooked
#: 576 Function Name: NtUserSetWinEventHook
Status: Not hooked
#: 577 Function Name: NtUserShowCaret
Status: Not hooked
#: 578 Function Name: NtUserShowScrollBar
Status: Not hooked
#: 579 Function Name: NtUserShowWindow
Status: Not hooked
#: 580 Function Name: NtUserShowWindowAsync
Status: Not hooked
#: 581 Function Name: NtUserSoundSentry
Status: Not hooked
#: 582 Function Name: NtUserSwitchDesktop
Status: Not hooked
#: 583 Function Name: NtUserSystemParametersInfo
Status: Not hooked
#: 584 Function Name: NtUserTestForInteractiveUser
Status: Not hooked
#: 585 Function Name: NtUserThunkedMenuInfo
Status: Not hooked
#: 586 Function Name: NtUserThunkedMenuItemInfo
Status: Not hooked
#: 587 Function Name: NtUserToUnicodeEx
Status: Not hooked
#: 588 Function Name: NtUserTrackMouseEvent
Status: Not hooked
#: 589 Function Name: NtUserTrackPopupMenuEx
Status: Not hooked
#: 590 Function Name: NtUserCalcMenuBar
Status: Not hooked
#: 591 Function Name: NtUserPaintMenuBar
Status: Not hooked
#: 592 Function Name: NtUserTranslateAccelerator
Status: Not hooked
#: 593 Function Name: NtUserTranslateMessage
Status: Not hooked
#: 594 Function Name: NtUserUnhookWindowsHookEx
Status: Not hooked
#: 595 Function Name: NtUserUnhookWinEvent
Status: Not hooked
#: 596 Function Name: NtUserUnloadKeyboardLayout
Status: Not hooked
#: 597 Function Name: NtUserUnlockWindowStation
Status: Not hooked
#: 598 Function Name: NtUserUnregisterClass
Status: Not hooked
#: 599 Function Name: NtUserUnregisterUserApiHook
Status: Not hooked
#: 600 Function Name: NtUserUnregisterHotKey
Status: Not hooked
#: 601 Function Name: NtUserUpdateInputContext
Status: Not hooked
#: 602 Function Name: NtUserUpdateInstance
Status: Not hooked
#: 603 Function Name: NtUserUpdateLayeredWindow
Status: Not hooked
#: 604 Function Name: NtUserGetLayeredWindowAttributes
Status: Not hooked
#: 605 Function Name: NtUserSetLayeredWindowAttributes
Status: Not hooked
#: 606 Function Name: NtUserUpdatePerUserSystemParameters
Status: Not hooked
#: 607 Function Name: NtUserUserHandleGrantAccess
Status: Not hooked
#: 608 Function Name: NtUserValidateHandleSecure
Status: Not hooked
#: 609 Function Name: NtUserValidateRect
Status: Not hooked
#: 610 Function Name: NtUserValidateTimerCallback
Status: Not hooked
#: 611 Function Name: NtUserVkKeyScanEx
Status: Not hooked
#: 612 Function Name: NtUserWaitForInputIdle
Status: Not hooked
#: 613 Function Name: NtUserWaitForMsgAndEvent
Status: Not hooked
#: 614 Function Name: NtUserWaitMessage
Status: Not hooked
#: 615 Function Name: DxgStubGenericThunk
Status: Not hooked
#: 616 Function Name: NtUserWindowFromPhysicalPoint
Status: Not hooked
#: 617 Function Name: NtUserWindowFromPoint
Status: Not hooked
#: 618 Function Name: NtUserYieldTask
Status: Not hooked
#: 619 Function Name: NtUserRemoteConnect
Status: Not hooked
#: 620 Function Name: NtUserRemoteRedrawRectangle
Status: Not hooked
#: 621 Function Name: NtUserRemoteRedrawScreen
Status: Not hooked
#: 622 Function Name: NtUserRemoteStopScreenUpdates
Status: Not hooked
#: 623 Function Name: NtUserCtxDisplayIOCtl
Status: Not hooked
#: 624 Function Name: NtUserRegisterSessionPort
Status: Not hooked
#: 625 Function Name: NtUserUnregisterSessionPort
Status: Not hooked
#: 626 Function Name: NtUserUpdateWindowTransform
Status: Not hooked
#: 627 Function Name: NtUserDwmStartRedirection
Status: Not hooked
#: 628 Function Name: NtUserDwmStopRedirection
Status: Not hooked
#: 629 Function Name: NtUserDwmHintDxUpdate
Status: Not hooked
#: 630 Function Name: NtUserDwmGetDxRgn
Status: Not hooked
#: 631 Function Name: NtUserGetWindowMinimizeRect
Status: Not hooked
#: 632 Function Name: NtGdiEngAssociateSurface
Status: Not hooked
#: 633 Function Name: NtGdiEngCreateBitmap
Status: Not hooked
#: 634 Function Name: NtGdiEngCreateDeviceSurface
Status: Not hooked
#: 635 Function Name: NtGdiEngCreateDeviceBitmap
Status: Not hooked
#: 636 Function Name: NtGdiEngCreatePalette
Status: Not hooked
#: 637 Function Name: NtGdiEngComputeGlyphSet
Status: Not hooked
#: 638 Function Name: NtGdiEngCopyBits
Status: Not hooked
#: 639 Function Name: NtGdiEngDeletePalette
Status: Not hooked
#: 640 Function Name: NtGdiEngDeleteSurface
Status: Not hooked
#: 641 Function Name: NtGdiEngEraseSurface
Status: Not hooked
#: 642 Function Name: NtGdiEngUnlockSurface
Status: Not hooked
#: 643 Function Name: NtGdiEngLockSurface
Status: Not hooked
#: 644 Function Name: NtGdiEngBitBlt
Status: Not hooked
#: 645 Function Name: NtGdiEngStretchBlt
Status: Not hooked
#: 646 Function Name: NtGdiEngPlgBlt
Status: Not hooked
#: 647 Function Name: NtGdiEngMarkBandingSurface
Status: Not hooked
#: 648 Function Name: NtGdiEngStrokePath
Status: Not hooked
#: 649 Function Name: NtGdiEngFillPath
Status: Not hooked
#: 650 Function Name: NtGdiEngStrokeAndFillPath
Status: Not hooked
#: 651 Function Name: NtGdiEngPaint
Status: Not hooked
#: 652 Function Name: NtGdiEngLineTo
Status: Not hooked
#: 653 Function Name: NtGdiEngAlphaBlend
Status: Not hooked
#: 654 Function Name: NtGdiEngGradientFill
Status: Not hooked
#: 655 Function Name: NtGdiEngTransparentBlt
Status: Not hooked
#: 656 Function Name: NtGdiEngTextOut
Status: Not hooked
#: 657 Function Name: NtGdiEngStretchBltROP
Status: Not hooked
#: 658 Function Name: NtGdiXLATEOBJ_cGetPalette
Status: Not hooked
#: 659 Function Name: NtGdiXLATEOBJ_iXlate
Status: Not hooked
#: 660 Function Name: NtGdiXLATEOBJ_hGetColorTransform
Status: Not hooked
#: 661 Function Name: NtGdiCLIPOBJ_bEnum
Status: Not hooked
#: 662 Function Name: NtGdiCLIPOBJ_cEnumStart
Status: Not hooked
#: 663 Function Name: NtGdiCLIPOBJ_ppoGetPath
Status: Not hooked
#: 664 Function Name: NtGdiEngDeletePath
Status: Not hooked
#: 665 Function Name: NtGdiEngCreateClip
Status: Not hooked
#: 666 Function Name: NtGdiEngDeleteClip
Status: Not hooked
#: 667 Function Name: NtGdiBRUSHOBJ_ulGetBrushColor
Status: Not hooked
#: 668 Function Name: NtGdiBRUSHOBJ_pvAllocRbrush
Status: Not hooked
#: 669 Function Name: NtGdiBRUSHOBJ_pvGetRbrush
Status: Not hooked
#: 670 Function Name: NtGdiBRUSHOBJ_hGetColorTransform
Status: Not hooked
#: 671 Function Name: NtGdiXFORMOBJ_bApplyXform
Status: Not hooked
#: 672 Function Name: NtGdiXFORMOBJ_iGetXform
Status: Not hooked
#: 673 Function Name: NtGdiFONTOBJ_vGetInfo
Status: Not hooked
#: 674 Function Name: NtGdiFONTOBJ_pxoGetXform
Status: Not hooked
#: 675 Function Name: NtGdiFONTOBJ_cGetGlyphs
Status: Not hooked
#: 676 Function Name: NtGdiFONTOBJ_pifi
Status: Not hooked
#: 677 Function Name: NtGdiFONTOBJ_pfdg
Status: Not hooked
#: 678 Function Name: NtGdiFONTOBJ_pQueryGlyphAttrs
Status: Not hooked
#: 679 Function Name: NtGdiFONTOBJ_pvTrueTypeFontFile
Status: Not hooked
#: 680 Function Name: NtGdiFONTOBJ_cGetAllGlyphHandles
Status: Not hooked
#: 681 Function Name: NtGdiSTROBJ_bEnum
Status: Not hooked
#: 682 Function Name: NtGdiSTROBJ_bEnumPositionsOnly
Status: Not hooked
#: 683 Function Name: NtGdiSTROBJ_bGetAdvanceWidths
Status: Not hooked
#: 684 Function Name: NtGdiSTROBJ_vEnumStart
Status: Not hooked
#: 685 Function Name: NtGdiSTROBJ_dwGetCodePage
Status: Not hooked
#: 686 Function Name: NtGdiPATHOBJ_vGetBounds
Status: Not hooked
#: 687 Function Name: NtGdiPATHOBJ_bEnum
Status: Not hooked
#: 688 Function Name: NtGdiPATHOBJ_vEnumStart
Status: Not hooked
#: 689 Function Name: NtGdiPATHOBJ_vEnumStartClipLines
Status: Not hooked
#: 690 Function Name: NtGdiPATHOBJ_bEnumClipLines
Status: Not hooked
#: 691 Function Name: NtGdiGetDhpdev
Status: Not hooked
#: 692 Function Name: NtGdiEngCheckAbort
Status: Not hooked
#: 693 Function Name: NtGdiHT_Get8BPPFormatPalette
Status: Not hooked
#: 694 Function Name: NtGdiHT_Get8BPPMaskPalette
Status: Not hooked
#: 695 Function Name: NtGdiUpdateTransform
Status: Not hooked
#: 696 Function Name: NtGdiSetPUMPDOBJ
Status: Not hooked
#: 697 Function Name: NtGdiBRUSHOBJ_DeleteRbrush
Status: Not hooked
#: 698 Function Name: NtGdiUMPDEngFreeUserMem
Status: Not hooked
#: 699 Function Name: NtGdiDrawStream
Status: Not hooked
#: 700 Function Name: NtGdiDwmGetDirtyRgn
Status: Not hooked
#: 701 Function Name: NtGdiDwmGetSurfaceData
Status: Not hooked
#: 702 Function Name: NtGdiDdDDICreateAllocation
Status: Not hooked
#: 703 Function Name: NtGdiDdDDIQueryResourceInfo
Status: Not hooked
#: 704 Function Name: NtGdiDdDDIOpenResource
Status: Not hooked
#: 705 Function Name: NtGdiDdDDIDestroyAllocation
Status: Not hooked
#: 706 Function Name: NtGdiDdDDISetAllocationPriority
Status: Not hooked
#: 707 Function Name: NtGdiDdDDIQueryAllocationResidency
Status: Not hooked
#: 708 Function Name: NtGdiDdDDICreateDevice
Status: Not hooked
#: 709 Function Name: NtGdiDdDDIDestroyDevice
Status: Not hooked
#: 710 Function Name: NtGdiDdDDICreateContext
Status: Not hooked
#: 711 Function Name: NtGdiDdDDIDestroyContext
Status: Not hooked
#: 712 Function Name: NtGdiDdDDICreateSynchronizationObject
Status: Not hooked
#: 713 Function Name: NtGdiDdDDIDestroySynchronizationObject
Status: Not hooked
#: 714 Function Name: NtGdiDdDDIWaitForSynchronizationObject
Status: Not hooked
#: 715 Function Name: NtGdiDdDDISignalSynchronizationObject
Status: Not hooked
#: 716 Function Name: NtGdiDdDDIGetRuntimeData
Status: Not hooked
#: 717 Function Name: NtGdiDdDDIQueryAdapterInfo
Status: Not hooked
#: 718 Function Name: NtGdiDdDDILock
Status: Not hooked
#: 719 Function Name: NtGdiDdDDIUnlock
Status: Not hooked
#: 720 Function Name: NtGdiDdDDIGetDisplayModeList
Status: Not hooked
#: 721 Function Name: NtGdiDdDDISetDisplayMode
Status: Not hooked
#: 722 Function Name: NtGdiDdDDIGetMultisampleMethodList
Status: Not hooked
#: 723 Function Name: NtGdiDdDDIPresent
Status: Not hooked
#: 724 Function Name: NtGdiDdDDIRender
Status: Not hooked
#: 725 Function Name: NtGdiDdDDIOpenAdapterFromDeviceName
Status: Not hooked
#: 726 Function Name: NtGdiDdDDIOpenAdapterFromHdc
Status: Not hooked
#: 727 Function Name: NtGdiDdDDICloseAdapter
Status: Not hooked
#: 728 Function Name: NtGdiDdDDIGetSharedPrimaryHandle
Status: Not hooked
#: 729 Function Name: NtGdiDdDDIEscape
Status: Not hooked
#: 730 Function Name: NtGdiDdDDIQueryStatistics
Status: Not hooked
#: 731 Function Name: NtGdiDdDDISetVidPnSourceOwner
Status: Not hooked
#: 732 Function Name: NtGdiDdDDIGetPresentHistory
Status: Not hooked
#: 733 Function Name: NtGdiDdDDICreateOverlay
Status: Not hooked
#: 734 Function Name: NtGdiDdDDIUpdateOverlay
Status: Not hooked
#: 735 Function Name: NtGdiDdDDIFlipOverlay
Status: Not hooked
#: 736 Function Name: NtGdiDdDDIDestroyOverlay
Status: Not hooked
#: 737 Function Name: NtGdiDdDDIWaitForVerticalBlankEvent
Status: Not hooked
#: 738 Function Name: NtGdiDdDDISetGammaRamp
Status: Not hooked
#: 739 Function Name: NtGdiDdDDIGetDeviceState
Status: Not hooked
#: 740 Function Name: NtGdiDdDDICreateDCFromMemory
Status: Not hooked
#: 741 Function Name: NtGdiDdDDIDestroyDCFromMemory
Status: Not hooked
#: 742 Function Name: NtGdiDdDDISetContextSchedulingPriority
Status: Not hooked
#: 743 Function Name: NtGdiDdDDIGetContextSchedulingPriority
Status: Not hooked
#: 744 Function Name: NtGdiDdDDISetProcessSchedulingPriorityClass
Status: Not hooked
#: 745 Function Name: NtGdiDdDDIGetProcessSchedulingPriorityClass
Status: Not hooked
#: 746 Function Name: NtGdiDdDDIReleaseProcessVidPnSourceOwners
Status: Not hooked
#: 747 Function Name: NtGdiDdDDIGetScanLine
Status: Not hooked
#: 748 Function Name: NtGdiDdDDISetQueuedLimit
Status: Not hooked
#: 749 Function Name: NtGdiDdDDIPollDisplayChildren
Status: Not hooked
#: 750 Function Name: NtGdiDdDDIInvalidateActiveVidPn
Status: Not hooked
#: 751 Function Name: NtGdiDdDDICheckOcclusion
Status: Not hooked
#: 752 Function Name: NtGdiDdDDIWaitForIdle
Status: Not hooked
#: 753 Function Name: NtGdiDdDDICheckMonitorPowerState
Status: Not hooked
#: 754 Function Name: NtGdiDdDDICheckExclusiveOwnership
Status: Not hooked
#: 755 Function Name: NtGdiDdDDISetDisplayPrivateDriverFormat
Status: Not hooked
#: 756 Function Name: NtGdiDdDDISharedPrimaryLockNotification
Status: Not hooked
#: 757 Function Name: NtGdiDdDDISharedPrimaryUnLockNotification
Status: Not hooked
#: 758 Function Name: DxgStubCanCreateSurface
Status: Not hooked
#: 759 Function Name: DxgStubContextDestroy
Status: Not hooked
#: 760 Function Name: NtGdiGetNumberOfPhysicalMonitors
Status: Not hooked
#: 761 Function Name: NtGdiGetPhysicalMonitors
Status: Not hooked
#: 762 Function Name: NtGdiGetPhysicalMonitorDescription
Status: Not hooked
#: 763 Function Name: DestroyPhysicalMonitor
Status: Not hooked
#: 764 Function Name: NtGdiDDCCIGetVCPFeature
Status: Not hooked
#: 765 Function Name: NtGdiDDCCISetVCPFeature
Status: Not hooked
#: 766 Function Name: NtGdiDDCCISaveCurrentSettings
Status: Not hooked
#: 767 Function Name: NtGdiDDCCIGetCapabilitiesStringLength
Status: Not hooked
#: 768 Function Name: NtGdiDDCCIGetCapabilitiesString
Status: Not hooked
#: 769 Function Name: NtGdiDDCCIGetTimingReport
Status: Not hooked
#: 770 Function Name: NtUserSetMirrorRendering
Status: Not hooked
#: 771 Function Name: NtUserShowSystemCursor
Status: Not hooked
-----------------------
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/03 15:18
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Processes
-------------------
Path: System
PID: 4 Status: Locked to the Windows API!
Path: C:\Windows\System32\spoolsv.exe
PID: 364 Status: -
Path: C:\Windows\System32\smss.exe
PID: 444 Status: -
Path: C:\Windows\System32\taskeng.exe
PID: 460 Status: -
Path: C:\Windows\System32\csrss.exe
PID: 572 Status: -
Path: C:\Program Files\Windows Defender\MSASCui.exe
PID: 580 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 612 Status: -
Path: C:\Windows\System32\wininit.exe
PID: 620 Status: -
Path: C:\Windows\System32\csrss.exe
PID: 632 Status: -
Path: C:\Windows\System32\services.exe
PID: 664 Status: -
Path: C:\Windows\System32\lsass.exe
PID: 676 Status: -
Path: C:\Windows\System32\lsm.exe
PID: 688 Status: -
Path: C:\Windows\System32\winlogon.exe
PID: 764 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
PID: 808 Status: -
Path: C:\Program Files\TO2SSM\McciTrayApp.exe
PID: 852 Status: -
Path: C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
PID: 860 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 868 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 944 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 984 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1060 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1108 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1124 Status: -
Path: C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
PID: 1188 Status: -
Path: C:\Windows\System32\hkcmd.exe
PID: 1212 Status: -
Path: C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PID: 1216 Status: -
Path: C:\Windows\PLFSetI.exe
PID: 1236 Status: -
Path: C:\Windows\System32\audiodg.exe
PID: 1248 Status: Locked to the Windows API!
Path: C:\Windows\System32\svchost.exe
PID: 1276 Status: -
Path: C:\Windows\System32\SLsvc.exe
PID: 1300 Status: -
Path: C:\Program Files\Apoint2K\Apoint.exe
PID: 1312 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1336 Status: -
Path: C:\Windows\System32\taskeng.exe
PID: 1348 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1500 Status: -
Path: C:\Windows\System32\wpcumi.exe
PID: 1524 Status: -
Path: C:\Program Files\Winamp\winampa.exe
PID: 1548 Status: -
Path: C:\Windows\System32\igfxpers.exe
PID: 1616 Status: -
Path: C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PID: 1708 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashServ.exe
PID: 1724 Status: -
Path: C:\Windows\System32\dwm.exe
PID: 1804 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PID: 1832 Status: -
Path: C:\Windows\explorer.exe
PID: 1844 Status: -
Path: C:\Program Files\Windows Sidebar\sidebar.exe
PID: 1856 Status: -
Path: C:\Windows\ehome\ehtray.exe
PID: 1876 Status: -
Path: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PID: 2104 Status: -
Path: C:\Windows\System32\igfxsrvc.exe
PID: 2112 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PID: 2168 Status: -
Path: C:\Windows\ehome\ehmsas.exe
PID: 2220 Status: -
Path: C:\Program Files\Apoint2K\ApMsgFwd.exe
PID: 2240 Status: -
Path: C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PID: 2352 Status: -
Path: C:\Program Files\Apoint2K\ApntEx.exe
PID: 2364 Status: -
Path: C:\Windows\System32\taskeng.exe
PID: 2508 Status: -
Path: C:\Program Files\Windows Media Player\wmpnscfg.exe
PID: 2620 Status: -
Path: D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PID: 2668 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 2812 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PID: 2828 Status: -
Path: C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PID: 2912 Status: -
Path: C:\Program Files\Common Files\Motive\McciCMService.exe
PID: 2988 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PID: 3068 Status: -
Path: C:\ACER\Mobility Center\MobilityService.exe
PID: 3096 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PID: 3180 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PID: 3224 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 3252 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 3292 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 3352 Status: -
Path: C:\Windows\System32\SearchIndexer.exe
PID: 3424 Status: -
Path: C:\Program Files\Windows Media Player\wmpnetwk.exe
PID: 3448 Status: -
Path: C:\Windows\System32\drivers\XAudio.exe
PID: 3608 Status: -
Path: C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PID: 3648 Status: -
Path: C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PID: 3792 Status: -
Path: C:\Windows\System32\wbem\WmiPrvSE.exe
PID: 3856 Status: -
Path: C:\totalcmd\TOTALCMD.EXE
PID: 3932 Status: -
Path: C:\Windows\System32\alg.exe
PID: 4320 Status: -
Path: C:\Windows\servicing\TrustedInstaller.exe
PID: 4480 Status: -
Path: C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PID: 4496 Status: -
Path: C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PID: 4524 Status: -
Path: D:\SW\RootRepeal\RootRepeal.exe
PID: 4576 Status: -
Path: C:\Windows\System32\wbem\unsecapp.exe
PID: 4712 Status: -
Path: C:\Windows\System32\SearchProtocolHost.exe
PID: 6012 Status: -
Path: C:\Windows\System32\SearchFilterHost.exe
PID: 6016 Status: -
==================================================
Scan Start Time: 2010/01/03 15:21
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Shadow SSDT
-------------------
#: 000 Function Name: NtGdiAbortDoc
Status: Not hooked
#: 001 Function Name: NtGdiAbortPath
Status: Not hooked
#: 002 Function Name: NtGdiAddFontResourceW
Status: Not hooked
#: 003 Function Name: NtGdiAddRemoteFontToDC
Status: Not hooked
#: 004 Function Name: NtGdiAddFontMemResourceEx
Status: Not hooked
#: 005 Function Name: NtGdiRemoveMergeFont
Status: Not hooked
#: 006 Function Name: NtGdiAddRemoteMMInstanceToDC
Status: Not hooked
#: 007 Function Name: NtGdiAlphaBlend
Status: Not hooked
#: 008 Function Name: NtGdiAngleArc
Status: Not hooked
#: 009 Function Name: NtGdiAnyLinkedFonts
Status: Not hooked
#: 010 Function Name: NtGdiFontIsLinked
Status: Not hooked
#: 011 Function Name: NtGdiArcInternal
Status: Not hooked
#: 012 Function Name: NtGdiBeginPath
Status: Not hooked
#: 013 Function Name: NtGdiBitBlt
Status: Not hooked
#: 014 Function Name: NtGdiCancelDC
Status: Not hooked
#: 015 Function Name: NtGdiCheckBitmapBits
Status: Not hooked
#: 016 Function Name: NtGdiCloseFigure
Status: Not hooked
#: 017 Function Name: NtGdiClearBitmapAttributes
Status: Not hooked
#: 018 Function Name: NtGdiClearBrushAttributes
Status: Not hooked
#: 019 Function Name: NtGdiColorCorrectPalette
Status: Not hooked
#: 020 Function Name: NtGdiCombineRgn
Status: Not hooked
#: 021 Function Name: NtGdiCombineTransform
Status: Not hooked
#: 022 Function Name: NtGdiComputeXformCoefficients
Status: Not hooked
#: 023 Function Name: NtGdiConfigureOPMProtectedOutput
Status: Not hooked
#: 024 Function Name: NtGdiConsoleTextOut
Status: Not hooked
#: 025 Function Name: NtGdiConvertMetafileRect
Status: Not hooked
#: 026 Function Name: NtGdiCreateBitmap
Status: Not hooked
#: 027 Function Name: NtGdiCreateClientObj
Status: Not hooked
#: 028 Function Name: NtGdiCreateColorSpace
Status: Not hooked
#: 029 Function Name: NtGdiCreateColorTransform
Status: Not hooked
#: 030 Function Name: NtGdiCreateCompatibleBitmap
Status: Not hooked
#: 031 Function Name: NtGdiCreateCompatibleDC
Status: Not hooked
#: 032 Function Name: NtGdiCreateDIBBrush
Status: Not hooked
#: 033 Function Name: NtGdiCreateDIBitmapInternal
Status: Not hooked
#: 034 Function Name: NtGdiCreateDIBSection
Status: Not hooked
#: 035 Function Name: NtGdiCreateEllipticRgn
Status: Not hooked
#: 036 Function Name: NtGdiCreateHalftonePalette
Status: Not hooked
#: 037 Function Name: NtGdiCreateHatchBrushInternal
Status: Not hooked
#: 038 Function Name: NtGdiCreateMetafileDC
Status: Not hooked
#: 039 Function Name: NtGdiCreateOPMProtectedOutputs
Status: Not hooked
#: 040 Function Name: NtGdiCreatePaletteInternal
Status: Not hooked
#: 041 Function Name: NtGdiCreatePatternBrushInternal
Status: Not hooked
#: 042 Function Name: NtGdiCreatePen
Status: Not hooked
#: 043 Function Name: NtGdiCreateRectRgn
Status: Not hooked
#: 044 Function Name: NtGdiCreateRoundRectRgn
Status: Not hooked
#: 045 Function Name: NtGdiCreateServerMetaFile
Status: Not hooked
#: 046 Function Name: NtGdiCreateSolidBrush
Status: Not hooked
#: 047 Function Name: NtGdiD3dContextCreate
Status: Not hooked
#: 048 Function Name: NtGdiD3dContextDestroy
Status: Not hooked
#: 049 Function Name: NtGdiD3dContextDestroyAll
Status: Not hooked
#: 050 Function Name: NtGdiD3dValidateTextureStageState
Status: Not hooked
#: 051 Function Name: NtGdiD3dDrawPrimitives2
Status: Not hooked
#: 052 Function Name: NtGdiDdGetDriverState
Status: Not hooked
#: 053 Function Name: NtGdiDdAddAttachedSurface
Status: Not hooked
#: 054 Function Name: NtGdiDdAlphaBlt
Status: Not hooked
#: 055 Function Name: NtGdiDdAttachSurface
Status: Not hooked
#: 056 Function Name: NtGdiDdBeginMoCompFrame
Status: Not hooked
#: 057 Function Name: NtGdiDdBlt
Status: Not hooked
#: 058 Function Name: NtGdiDdCanCreateSurface
Status: Not hooked
#: 059 Function Name: NtGdiDdCanCreateD3DBuffer
Status: Not hooked
#: 060 Function Name: NtGdiDdColorControl
Status: Not hooked
#: 061 Function Name: NtGdiDdCreateDirectDrawObject
Status: Not hooked
#: 062 Function Name: NtGdiDdCreateSurface
Status: Not hooked
#: 063 Function Name: NtGdiDdCreateD3DBuffer
Status: Not hooked
#: 064 Function Name: NtGdiDdCreateMoComp
Status: Not hooked
#: 065 Function Name: NtGdiDdCreateSurfaceObject
Status: Not hooked
#: 066 Function Name: NtGdiDdDeleteDirectDrawObject
Status: Not hooked
#: 067 Function Name: NtGdiDdDeleteSurfaceObject
Status: Not hooked
#: 068 Function Name: NtGdiDdDestroyMoComp
Status: Not hooked
#: 069 Function Name: NtGdiDdDestroySurface
Status: Not hooked
#: 070 Function Name: NtGdiDdDestroyD3DBuffer
Status: Not hooked
#: 071 Function Name: NtGdiDdEndMoCompFrame
Status: Not hooked
#: 072 Function Name: NtGdiDdFlip
Status: Not hooked
#: 073 Function Name: NtGdiDdFlipToGDISurface
Status: Not hooked
#: 074 Function Name: NtGdiDdGetAvailDriverMemory
Status: Not hooked
#: 075 Function Name: NtGdiDdGetBltStatus
Status: Not hooked
#: 076 Function Name: NtGdiDdGetDC
Status: Not hooked
#: 077 Function Name: NtGdiDdGetDriverInfo
Status: Not hooked
#: 078 Function Name: NtGdiDdGetDxHandle
Status: Not hooked
#: 079 Function Name: NtGdiDdGetFlipStatus
Status: Not hooked
#: 080 Function Name: NtGdiDdGetInternalMoCompInfo
Status: Not hooked
#: 081 Function Name: NtGdiDdGetMoCompBuffInfo
Status: Not hooked
#: 082 Function Name: NtGdiDdGetMoCompGuids
Status: Not hooked
#: 083 Function Name: NtGdiDdGetMoCompFormats
Status: Not hooked
#: 084 Function Name: NtGdiDdGetScanLine
Status: Not hooked
#: 085 Function Name: NtGdiDdLock
Status: Not hooked
#: 086 Function Name: NtGdiDdLockD3D
Status: Not hooked
#: 087 Function Name: NtGdiDdQueryDirectDrawObject
Status: Not hooked
#: 088 Function Name: NtGdiDdQueryMoCompStatus
Status: Not hooked
#: 089 Function Name: NtGdiDdReenableDirectDrawObject
Status: Not hooked
#: 090 Function Name: NtGdiDdReleaseDC
Status: Not hooked
#: 091 Function Name: NtGdiDdRenderMoComp
Status: Not hooked
#: 092 Function Name: NtGdiDdResetVisrgn
Status: Not hooked
#: 093 Function Name: NtGdiDdSetColorKey
Status: Not hooked
#: 094 Function Name: NtGdiDdSetExclusiveMode
Status: Not hooked
#: 095 Function Name: NtGdiDdSetGammaRamp
Status: Not hooked
#: 096 Function Name: NtGdiDdCreateSurfaceEx
Status: Not hooked
#: 097 Function Name: NtGdiDdSetOverlayPosition
Status: Not hooked
#: 098 Function Name: NtGdiDdUnattachSurface
Status: Not hooked
#: 099 Function Name: NtGdiDdUnlock
Status: Not hooked
#: 100 Function Name: NtGdiDdUnlockD3D
Status: Not hooked
#: 101 Function Name: NtGdiDdUpdateOverlay
Status: Not hooked
#: 102 Function Name: NtGdiDdWaitForVerticalBlank
Status: Not hooked
#: 103 Function Name: NtGdiDvpCanCreateVideoPort
Status: Not hooked
#: 104 Function Name: NtGdiDvpColorControl
Status: Not hooked
#: 105 Function Name: NtGdiDvpCreateVideoPort
Status: Not hooked
#: 106 Function Name: NtGdiDvpDestroyVideoPort
Status: Not hooked
#: 107 Function Name: NtGdiDvpFlipVideoPort
Status: Not hooked
#: 108 Function Name: NtGdiDvpGetVideoPortBandwidth
Status: Not hooked
#: 109 Function Name: NtGdiDvpGetVideoPortField
Status: Not hooked
#: 110 Function Name: NtGdiDvpGetVideoPortFlipStatus
Status: Not hooked
#: 111 Function Name: NtGdiDvpGetVideoPortInputFormats
Status: Not hooked
#: 112 Function Name: NtGdiDvpGetVideoPortLine
Status: Not hooked
#: 113 Function Name: NtGdiDvpGetVideoPortOutputFormats
Status: Not hooked
#: 114 Function Name: NtGdiDvpGetVideoPortConnectInfo
Status: Not hooked
#: 115 Function Name: NtGdiDvpGetVideoSignalStatus
Status: Not hooked
#: 116 Function Name: NtGdiDvpUpdateVideoPort
Status: Not hooked
#: 117 Function Name: NtGdiDvpWaitForVideoPortSync
Status: Not hooked
#: 118 Function Name: NtGdiDvpAcquireNotification
Status: Not hooked
#: 119 Function Name: NtGdiDvpReleaseNotification
Status: Not hooked
#: 120 Function Name: NtGdiDxgGenericThunk
Status: Not hooked
#: 121 Function Name: NtGdiDeleteClientObj
Status: Not hooked
#: 122 Function Name: NtGdiDeleteColorSpace
Status: Not hooked
#: 123 Function Name: NtGdiDeleteColorTransform
Status: Not hooked
#: 124 Function Name: NtGdiDeleteObjectApp
Status: Not hooked
#: 125 Function Name: NtGdiDescribePixelFormat
Status: Not hooked
#: 126 Function Name: NtGdiDestroyOPMProtectedOutput
Status: Not hooked
#: 127 Function Name: NtGdiGetPerBandInfo
Status: Not hooked
#: 128 Function Name: NtGdiDoBanding
Status: Not hooked
#: 129 Function Name: NtGdiDoPalette
Status: Not hooked
#: 130 Function Name: NtGdiDrawEscape
Status: Not hooked
#: 131 Function Name: NtGdiEllipse
Status: Not hooked
#: 132 Function Name: NtGdiEnableEudc
Status: Not hooked
#: 133 Function Name: NtGdiEndDoc
Status: Not hooked
#: 134 Function Name: NtGdiEndPage
Status: Not hooked
#: 135 Function Name: NtGdiEndPath
Status: Not hooked
#: 136 Function Name: NtGdiEnumFontChunk
Status: Not hooked
#: 137 Function Name: NtGdiEnumFontClose
Status: Not hooked
#: 138 Function Name: NtGdiEnumFontOpen
Status: Not hooked
#: 139 Function Name: NtGdiEnumObjects
Status: Not hooked
#: 140 Function Name: NtGdiEqualRgn
Status: Not hooked
#: 141 Function Name: NtGdiEudcLoadUnloadLink
Status: Not hooked
#: 142 Function Name: NtGdiExcludeClipRect
Status: Not hooked
#: 143 Function Name: NtGdiExtCreatePen
Status: Not hooked
#: 144 Function Name: NtGdiExtCreateRegion
Status: Not hooked
#: 145 Function Name: NtGdiExtEscape
Status: Not hooked
#: 146 Function Name: NtGdiExtFloodFill
Status: Not hooked
#: 147 Function Name: NtGdiExtGetObjectW
Status: Not hooked
#: 148 Function Name: NtGdiExtSelectClipRgn
Status: Not hooked
#: 149 Function Name: NtGdiExtTextOutW
Status: Not hooked
#: 150 Function Name: NtGdiFillPath
Status: Not hooked
#: 151 Function Name: NtGdiFillRgn
Status: Not hooked
#: 152 Function Name: NtGdiFlattenPath
Status: Not hooked
#: 153 Function Name: NtGdiFlush
Status: Not hooked
#: 154 Function Name: NtGdiForceUFIMapping
Status: Not hooked
#: 155 Function Name: NtGdiFrameRgn
Status: Not hooked
#: 156 Function Name: NtGdiFullscreenControl
Status: Not hooked
#: 157 Function Name: NtGdiGetAndSetDCDword
Status: Not hooked
#: 158 Function Name: NtGdiGetAppClipBox
Status: Not hooked
#: 159 Function Name: NtGdiGetBitmapBits
Status: Not hooked
#: 160 Function Name: NtGdiGetBitmapDimension
Status: Not hooked
#: 161 Function Name: NtGdiGetBoundsRect
Status: Not hooked
#: 162 Function Name: NtGdiGetCertificate
Status: Not hooked
#: 163 Function Name: NtGdiGetCertificateSize
Status: Not hooked
#: 164 Function Name: NtGdiGetCharABCWidthsW
Status: Not hooked
#: 165 Function Name: NtGdiGetCharacterPlacementW
Status: Not hooked
#: 166 Function Name: NtGdiGetCharSet
Status: Not hooked
#: 167 Function Name: NtGdiGetCharWidthW
Status: Not hooked
#: 168 Function Name: NtGdiGetCharWidthInfo
Status: Not hooked
#: 169 Function Name: NtGdiGetColorAdjustment
Status: Not hooked
#: 170 Function Name: NtGdiGetColorSpaceforBitmap
Status: Not hooked
#: 171 Function Name: NtGdiGetCOPPCompatibleOPMInformation
Status: Not hooked
#: 172 Function Name: NtGdiGetDCDword
Status: Not hooked
#: 173 Function Name: NtGdiGetDCforBitmap
Status: Not hooked
#: 174 Function Name: NtGdiGetDCObject
Status: Not hooked
#: 175 Function Name: NtGdiGetDCPoint
Status: Not hooked
#: 176 Function Name: NtGdiGetDeviceCaps
Status: Not hooked
#: 177 Function Name: NtGdiGetDeviceGammaRamp
Status: Not hooked
#: 178 Function Name: NtGdiGetDeviceCapsAll
Status: Not hooked
#: 179 Function Name: NtGdiGetDIBitsInternal
Status: Not hooked
#: 180 Function Name: NtGdiGetETM
Status: Not hooked
#: 181 Function Name: NtGdiGetEudcTimeStampEx
Status: Not hooked
#: 182 Function Name: NtGdiGetFontData
Status: Not hooked
#: 183 Function Name: NtGdiGetFontResourceInfoInternalW
Status: Not hooked
#: 184 Function Name: NtGdiGetGlyphIndicesW
Status: Not hooked
#: 185 Function Name: NtGdiGetGlyphIndicesWInternal
Status: Not hooked
#: 186 Function Name: NtGdiGetGlyphOutline
Status: Not hooked
#: 187 Function Name: NtGdiGetOPMInformation
Status: Not hooked
#: 188 Function Name: NtGdiGetKerningPairs
Status: Not hooked
#: 189 Function Name: NtGdiGetLinkedUFIs
Status: Not hooked
#: 190 Function Name: NtGdiGetMiterLimit
Status: Not hooked
#: 191 Function Name: NtGdiGetMonitorID
Status: Not hooked
#: 192 Function Name: NtGdiGetNearestColor
Status: Not hooked
#: 193 Function Name: NtGdiGetNearestPaletteIndex
Status: Not hooked
#: 194 Function Name: NtGdiGetObjectBitmapHandle
Status: Not hooked
#: 195 Function Name: NtGdiGetOPMRandomNumber
Status: Not hooked
#: 196 Function Name: NtGdiGetOutlineTextMetricsInternalW
Status: Not hooked
#: 197 Function Name: NtGdiGetPath
Status: Not hooked
#: 198 Function Name: NtGdiGetPixel
Status: Not hooked
#: 199 Function Name: NtGdiGetRandomRgn
Status: Not hooked
#: 200 Function Name: NtGdiGetRasterizerCaps
Status: Not hooked
#: 201 Function Name: NtGdiGetRealizationInfo
Status: Not hooked
#: 202 Function Name: NtGdiGetRegionData
Status: Not hooked
#: 203 Function Name: NtGdiGetRgnBox
Status: Not hooked
#: 204 Function Name: NtGdiGetServerMetaFileBits
Status: Not hooked
#: 205 Function Name: NtGdiGetSpoolMessage
Status: Not hooked
#: 206 Function Name: NtGdiGetStats
Status: Not hooked
#: 207 Function Name: NtGdiGetStockObject
Status: Not hooked
#: 208 Function Name: NtGdiGetStringBitmapW
Status: Not hooked
#: 209 Function Name: NtGdiGetSuggestedOPMProtectedOutputArraySize
Status: Not hooked
#: 210 Function Name: NtGdiGetSystemPaletteUse
Status: Not hooked
#: 211 Function Name: NtGdiGetTextCharsetInfo
Status: Not hooked
#: 212 Function Name: NtGdiGetTextExtent
Status: Not hooked
#: 213 Function Name: NtGdiGetTextExtentExW
Status: Not hooked
#: 214 Function Name: NtGdiGetTextFaceW
Status: Not hooked
#: 215 Function Name: NtGdiGetTextMetricsW
Status: Not hooked
#: 216 Function Name: NtGdiGetTransform
Status: Not hooked
#: 217 Function Name: NtGdiGetUFI
Status: Not hooked
#: 218 Function Name: NtGdiGetEmbUFI
Status: Not hooked
#: 219 Function Name: NtGdiGetUFIPathname
Status: Not hooked
#: 220 Function Name: NtGdiGetEmbedFonts
Status: Not hooked
#: 221 Function Name: NtGdiChangeGhostFont
Status: Not hooked
#: 222 Function Name: NtGdiAddEmbFontToDC
Status: Not hooked
#: 223 Function Name: NtGdiGetFontUnicodeRanges
Status: Not hooked
#: 224 Function Name: NtGdiGetWidthTable
Status: Not hooked
#: 225 Function Name: NtGdiGradientFill
Status: Not hooked
#: 226 Function Name: NtGdiHfontCreate
Status: Not hooked
#: 227 Function Name: NtGdiIcmBrushInfo
Status: Not hooked
#: 228 Function Name: SURFACE::bUnMap
Status: Not hooked
#: 229 Function Name: NtGdiInitSpool
Status: Not hooked
#: 230 Function Name: NtGdiIntersectClipRect
Status: Not hooked
#: 231 Function Name: NtGdiInvertRgn
Status: Not hooked
#: 232 Function Name: NtGdiLineTo
Status: Not hooked
#: 233 Function Name: NtGdiMakeFontDir
Status: Not hooked
#: 234 Function Name: NtGdiMakeInfoDC
Status: Not hooked
#: 235 Function Name: NtGdiMaskBlt
Status: Not hooked
#: 236 Function Name: NtGdiModifyWorldTransform
Status: Not hooked
#: 237 Function Name: NtGdiMonoBitmap
Status: Not hooked
#: 238 Function Name: NtGdiMoveTo
Status: Not hooked
#: 239 Function Name: NtGdiOffsetClipRgn
Status: Not hooked
#: 240 Function Name: NtGdiOffsetRgn
Status: Not hooked
#: 241 Function Name: NtGdiOpenDCW
Status: Not hooked
#: 242 Function Name: NtGdiPatBlt
Status: Not hooked
#: 243 Function Name: NtGdiPolyPatBlt
Status: Not hooked
#: 244 Function Name: NtGdiPathToRegion
Status: Not hooked
#: 245 Function Name: NtGdiPlgBlt
Status: Not hooked
#: 246 Function Name: NtGdiPolyDraw
Status: Not hooked
#: 247 Function Name: NtGdiPolyPolyDraw
Status: Not hooked
#: 248 Function Name: NtGdiPolyTextOutW
Status: Not hooked
#: 249 Function Name: NtGdiPtInRegion
Status: Not hooked
#: 250 Function Name: NtGdiPtVisible
Status: Not hooked
#: 251 Function Name: NtGdiQueryFonts
Status: Not hooked
#: 252 Function Name: NtGdiQueryFontAssocInfo
Status: Not hooked
#: 253 Function Name: NtGdiRectangle
Status: Not hooked
#: 254 Function Name: NtGdiRectInRegion
Status: Not hooked
#: 255 Function Name: NtGdiRectVisible
Status: Not hooked
#: 256 Function Name: NtGdiRemoveFontResourceW
Status: Not hooked
#: 257 Function Name: NtGdiRemoveFontMemResourceEx
Status: Not hooked
#: 258 Function Name: NtGdiResetDC
Status: Not hooked
#: 259 Function Name: NtGdiResizePalette
Status: Not hooked
#: 260 Function Name: NtGdiRestoreDC
Status: Not hooked
#: 261 Function Name: NtGdiRoundRect
Status: Not hooked
#: 262 Function Name: NtGdiSaveDC
Status: Not hooked
#: 263 Function Name: NtGdiScaleViewportExtEx
Status: Not hooked
#: 264 Function Name: NtGdiScaleWindowExtEx
Status: Not hooked
#: 265 Function Name: GreSelectBitmap
Status: Not hooked
#: 266 Function Name: NtGdiSelectBrush
Status: Not hooked
#: 267 Function Name: NtGdiSelectClipPath
Status: Not hooked
#: 268 Function Name: NtGdiSelectFont
Status: Not hooked
#: 269 Function Name: NtGdiSelectPen
Status: Not hooked
#: 270 Function Name: NtGdiSetBitmapAttributes
Status: Not hooked
#: 271 Function Name: NtGdiSetBitmapBits
Status: Not hooked
#: 272 Function Name: NtGdiSetBitmapDimension
Status: Not hooked
#: 273 Function Name: NtGdiSetBoundsRect
Status: Not hooked
#: 274 Function Name: NtGdiSetBrushAttributes
Status: Not hooked
#: 275 Function Name: NtGdiSetBrushOrg
Status: Not hooked
#: 276 Function Name: NtGdiSetColorAdjustment
Status: Not hooked
#: 277 Function Name: NtGdiSetColorSpace
Status: Not hooked
#: 278 Function Name: NtGdiSetDeviceGammaRamp
Status: Not hooked
#: 279 Function Name: NtGdiSetDIBitsToDeviceInternal
Status: Not hooked
#: 280 Function Name: NtGdiSetFontEnumeration
Status: Not hooked
#: 281 Function Name: NtGdiSetFontXform
Status: Not hooked
#: 282 Function Name: NtGdiSetIcmMode
Status: Not hooked
#: 283 Function Name: NtGdiSetLinkedUFIs
Status: Not hooked
#: 284 Function Name: NtGdiSetMagicColors
Status: Not hooked
#: 285 Function Name: NtGdiSetMetaRgn
Status: Not hooked
#: 286 Function Name: NtGdiSetMiterLimit
Status: Not hooked
#: 287 Function Name: NtGdiGetDeviceWidth
Status: Not hooked
#: 288 Function Name: NtGdiMirrorWindowOrg
Status: Not hooked
#: 289 Function Name: NtGdiSetLayout
Status: Not hooked
#: 290 Function Name: NtGdiSetOPMSigningKeyAndSequenceNumbers
Status: Not hooked
#: 291 Function Name: NtGdiSetPixel
Status: Not hooked
#: 292 Function Name: NtGdiSetPixelFormat
Status: Not hooked
#: 293 Function Name: NtGdiSetRectRgn
Status: Not hooked
#: 294 Function Name: NtGdiSetSystemPaletteUse
Status: Not hooked
#: 295 Function Name: NtGdiSetTextJustification
Status: Not hooked
#: 296 Function Name: NtGdiSetupPublicCFONT
Status: Not hooked
#: 297 Function Name: NtGdiSetVirtualResolution
Status: Not hooked
#: 298 Function Name: NtGdiSetSizeDevice
Status: Not hooked
#: 299 Function Name: NtGdiStartDoc
Status: Not hooked
#: 300 Function Name: NtGdiStartPage
Status: Not hooked
#: 301 Function Name: NtGdiStretchBlt
Status: Not hooked
#: 302 Function Name: NtGdiStretchDIBitsInternal
Status: Not hooked
#: 303 Function Name: NtGdiStrokeAndFillPath
Status: Not hooked
#: 304 Function Name: NtGdiStrokePath
Status: Not hooked
#: 305 Function Name: NtGdiSwapBuffers
Status: Not hooked
#: 306 Function Name: NtGdiTransformPoints
Status: Not hooked
#: 307 Function Name: NtGdiTransparentBlt
Status: Not hooked
#: 308 Function Name: DxgStubCanCreateSurface
Status: Not hooked
#: 309 Function Name: NtGdiUMPDEngFreeUserMem
Status: Not hooked
#: 310 Function Name: NtGdiUnrealizeObject
Status: Not hooked
#: 311 Function Name: NtGdiUpdateColors
Status: Not hooked
#: 312 Function Name: NtGdiWidenPath
Status: Not hooked
#: 313 Function Name: NtUserActivateKeyboardLayout
Status: Not hooked
#: 314 Function Name: NtUserAddClipboardFormatListener
Status: Not hooked
#: 315 Function Name: NtUserAlterWindowStyle
Status: Not hooked
#: 316 Function Name: NtUserAssociateInputContext
Status: Not hooked
#: 317 Function Name: NtUserAttachThreadInput
Status: Not hooked
#: 318 Function Name: NtUserBeginPaint
Status: Not hooked
#: 319 Function Name: NtUserBitBltSysBmp
Status: Not hooked
#: 320 Function Name: NtUserBlockInput
Status: Not hooked
#: 321 Function Name: NtUserBuildHimcList
Status: Not hooked
#: 322 Function Name: NtUserBuildHwndList
Status: Not hooked
#: 323 Function Name: NtUserBuildNameList
Status: Not hooked
#: 324 Function Name: NtUserBuildPropList
Status: Not hooked
#: 325 Function Name: NtUserCallHwnd
Status: Not hooked
#: 326 Function Name: NtUserCallHwndLock
Status: Not hooked
#: 327 Function Name: NtUserCallHwndOpt
Status: Not hooked
#: 328 Function Name: NtUserCallHwndParam
Status: Not hooked
#: 329 Function Name: NtUserCallHwndParamLock
Status: Not hooked
#: 330 Function Name: NtUserCallMsgFilter
Status: Not hooked
#: 331 Function Name: NtUserCallNextHookEx
Status: Not hooked
#: 332 Function Name: NtUserCallNoParam
Status: Not hooked
#: 333 Function Name: NtUserCallOneParam
Status: Not hooked
#: 334 Function Name: NtUserCallTwoParam
Status: Not hooked
#: 335 Function Name: NtUserChangeClipboardChain
Status: Not hooked
#: 336 Function Name: NtUserChangeDisplaySettings
Status: Not hooked
#: 337 Function Name: NtUserCheckAccessForIntegrityLevel
Status: Not hooked
#: 338 Function Name: NtUserCheckDesktopByThreadId
Status: Not hooked
#: 339 Function Name: NtUserCheckWindowThreadDesktop
Status: Not hooked
#: 340 Function Name: NtUserCheckImeHotKey
Status: Not hooked
#: 341 Function Name: NtUserCheckMenuItem
Status: Not hooked
#: 342 Function Name: NtUserChildWindowFromPointEx
Status: Not hooked
#: 343 Function Name: NtUserClipCursor
Status: Not hooked
#: 344 Function Name: NtUserCloseClipboard
Status: Not hooked
#: 345 Function Name: NtUserCloseDesktop
Status: Not hooked
#: 346 Function Name: NtUserCloseWindowStation
Status: Not hooked
#: 347 Function Name: NtUserConsoleControl
Status: Not hooked
#: 348 Function Name: NtUserConvertMemHandle
Status: Not hooked
#: 349 Function Name: NtUserCopyAcceleratorTable
Status: Not hooked
#: 350 Function Name: NtUserCountClipboardFormats
Status: Not hooked
#: 351 Function Name: NtUserCreateAcceleratorTable
Status: Not hooked
#: 352 Function Name: NtUserCreateCaret
Status: Not hooked
#: 353 Function Name: NtUserCreateDesktopEx
Status: Not hooked
#: 354 Function Name: NtUserCreateInputContext
Status: Not hooked
#: 355 Function Name: NtUserCreateLocalMemHandle
Status: Not hooked
#: 356 Function Name: NtUserCreateWindowEx
Status: Not hooked
#: 357 Function Name: NtUserCreateWindowStation
Status: Not hooked
#: 358 Function Name: NtUserDdeInitialize
Status: Not hooked
#: 359 Function Name: NtUserDeferWindowPos
Status: Not hooked
#: 360 Function Name: NtUserDefSetText
Status: Not hooked
#: 361 Function Name: NtUserDeleteMenu
Status: Not hooked
#: 362 Function Name: NtUserDestroyAcceleratorTable
Status: Not hooked
#: 363 Function Name: NtUserDestroyCursor
Status: Not hooked
#: 364 Function Name: NtUserDestroyInputContext
Status: Not hooked
#: 365 Function Name: NtUserDestroyMenu
Status: Not hooked
#: 366 Function Name: NtUserDestroyWindow
Status: Not hooked
#: 367 Function Name: NtUserDisableThreadIme
Status: Not hooked
#: 368 Function Name: NtUserDispatchMessage
Status: Not hooked
#: 369 Function Name: NtUserDoSoundConnect
Status: Not hooked
#: 370 Function Name: NtUserDoSoundDisconnect
Status: Not hooked
#: 371 Function Name: NtUserDragDetect
Status: Not hooked
#: 372 Function Name: NtUserDragObject
Status: Not hooked
#: 373 Function Name: NtUserDrawAnimatedRects
Status: Not hooked
#: 374 Function Name: NtUserDrawCaption
Status: Not hooked
#: 375 Function Name: NtUserDrawCaptionTemp
Status: Not hooked
#: 376 Function Name: NtUserDrawIconEx
Status: Not hooked
#: 377 Function Name: NtUserDrawMenuBarTemp
Status: Not hooked
#: 378 Function Name: NtUserEmptyClipboard
Status: Not hooked
#: 379 Function Name: NtUserEnableMenuItem
Status: Not hooked
#: 380 Function Name: NtUserEnableScrollBar
Status: Not hooked
#: 381 Function Name: NtUserEndDeferWindowPosEx
Status: Not hooked
#: 382 Function Name: NtUserEndMenu
Status: Not hooked
#: 383 Function Name: NtUserEndPaint
Status: Not hooked
#: 384 Function Name: NtUserEnumDisplayDevices
Status: Not hooked
#: 385 Function Name: NtUserEnumDisplayMonitors
Status: Not hooked
#: 386 Function Name: NtUserEnumDisplaySettings
Status: Not hooked
#: 387 Function Name: NtUserEvent
Status: Not hooked
#: 388 Function Name: NtUserExcludeUpdateRgn
Status: Not hooked
#: 389 Function Name: NtUserFillWindow
Status: Not hooked
#: 390 Function Name: NtUserFindExistingCursorIcon
Status: Not hooked
#: 391 Function Name: NtUserFindWindowEx
Status: Not hooked
#: 392 Function Name: NtUserFlashWindowEx
Status: Not hooked
#: 393 Function Name: NtUserFrostCrashedWindow
Status: Not hooked
#: 394 Function Name: NtUserGetAltTabInfo
Status: Not hooked
#: 395 Function Name: NtUserGetAncestor
Status: Not hooked
#: 396 Function Name: NtUserGetAppImeLevel
Status: Not hooked
#: 397 Function Name: NtUserGetAsyncKeyState
Status: Not hooked
#: 398 Function Name: NtUserGetAtomName
Status: Not hooked
#: 399 Function Name: NtUserGetCaretBlinkTime
Status: Not hooked
#: 400 Function Name: NtUserGetCaretPos
Status: Not hooked
#: 401 Function Name: NtUserGetClassInfoEx
Status: Not hooked
#: 402 Function Name: NtUserGetClassName
Status: Not hooked
#: 403 Function Name: NtUserGetClipboardData
Status: Not hooked
#: 404 Function Name: NtUserGetClipboardFormatName
Status: Not hooked
#: 405 Function Name: NtUserGetClipboardOwner
Status: Not hooked
#: 406 Function Name: NtUserGetClipboardSequenceNumber
Status: Not hooked
#: 407 Function Name: NtUserGetClipboardViewer
Status: Not hooked
#: 408 Function Name: NtUserGetClipCursor
Status: Not hooked
#: 409 Function Name: NtUserGetComboBoxInfo
Status: Not hooked
#: 410 Function Name: NtUserGetControlBrush
Status: Not hooked
#: 411 Function Name: NtUserGetControlColor
Status: Not hooked
#: 412 Function Name: NtUserGetCPD
Status: Not hooked
#: 413 Function Name: NtUserGetCursorFrameInfo
Status: Not hooked
#: 414 Function Name: NtUserGetCursorInfo
Status: Not hooked
#: 415 Function Name: NtUserGetDC
Status: Not hooked
#: 416 Function Name: NtUserGetDCEx
Status: Not hooked
#: 417 Function Name: NtUserGetDoubleClickTime
Status: Not hooked
#: 418 Function Name: NtUserGetForegroundWindow
Status: Not hooked
#: 419 Function Name: NtUserGetGuiResources
Status: Not hooked
#: 420 Function Name: NtUserGetGUIThreadInfo
Status: Not hooked
#: 421 Function Name: NtUserGetIconInfo
Status: Not hooked
#: 422 Function Name: NtUserGetIconSize
Status: Not hooked
#: 423 Function Name: NtUserGetImeHotKey
Status: Not hooked
#: 424 Function Name: NtUserGetImeInfoEx
Status: Not hooked
#: 425 Function Name: NtUserGetInternalWindowPos
Status: Not hooked
#: 426 Function Name: NtUserGetKeyboardLayoutList
Status: Not hooked
#: 427 Function Name: NtUserGetKeyboardLayoutName
Status: Not hooked
#: 428 Function Name: NtUserGetKeyboardState
Status: Not hooked
#: 429 Function Name: NtUserGetKeyNameText
Status: Not hooked
#: 430 Function Name: NtUserGetKeyState
Status: Not hooked
#: 431 Function Name: NtUserGetListBoxInfo
Status: Not hooked
#: 432 Function Name: NtUserGetMenuBarInfo
Status: Not hooked
#: 433 Function Name: NtUserGetMenuIndex
Status: Not hooked
#: 434 Function Name: NtUserGetMenuItemRect
Status: Not hooked
#: 435 Function Name: NtUserGetMessage
Status: Not hooked
#: 436 Function Name: NtUserGetMouseMovePointsEx
Status: Not hooked
#: 437 Function Name: NtUserGetObjectInformation
Status: Not hooked
#: 438 Function Name: NtUserGetOpenClipboardWindow
Status: Not hooked
#: 439 Function Name: NtUserGetPriorityClipboardFormat
Status: Not hooked
#: 440 Function Name: NtUserGetProcessWindowStation
Status: Not hooked
#: 441 Function Name: NtUserGetRawInputBuffer
Status: Not hooked
#: 442 Function Name: NtUserGetRawInputData
Status: Not hooked
#: 443 Function Name: NtUserGetRawInputDeviceInfo
Status: Not hooked
#: 444 Function Name: NtUserGetRawInputDeviceList
Status: Not hooked
#: 445 Function Name: NtUserGetRegisteredRawInputDevices
Status: Not hooked
#: 446 Function Name: NtUserGetScrollBarInfo
Status: Not hooked
#: 447 Function Name: NtUserGetSystemMenu
Status: Not hooked
#: 448 Function Name: NtUserGetThreadDesktop
Status: Not hooked
#: 449 Function Name: NtUserGetThreadState
Status: Not hooked
#: 450 Function Name: NtUserGetTitleBarInfo
Status: Not hooked
#: 451 Function Name: NtUserGetUpdatedClipboardFormats
Status: Not hooked
#: 452 Function Name: NtUserGetUpdateRect
Status: Not hooked
#: 453 Function Name: NtUserGetUpdateRgn
Status: Not hooked
#: 454 Function Name: NtUserGetWindowDC
Status: Not hooked
#: 455 Function Name: NtUserGetWindowPlacement
Status: Not hooked
#: 456 Function Name: NtUserGetWOWClass
Status: Not hooked
#: 457 Function Name: NtUserGhostWindowFromHungWindow
Status: Not hooked
#: 458 Function Name: NtUserHardErrorControl
Status: Not hooked
#: 459 Function Name: NtUserHideCaret
Status: Not hooked
#: 460 Function Name: NtUserHiliteMenuItem
Status: Not hooked
#: 461 Function Name: NtUserHungWindowFromGhostWindow
Status: Not hooked
#: 462 Function Name: NtUserImpersonateDdeClientWindow
Status: Not hooked
#: 463 Function Name: NtUserInitialize
Status: Not hooked
#: 464 Function Name: NtUserInitializeClientPfnArrays
Status: Not hooked
#: 465 Function Name: NtUserInitTask
Status: Not hooked
#: 466 Function Name: NtUserInternalGetWindowText
Status: Not hooked
#: 467 Function Name: NtUserInternalGetWindowIcon
Status: Not hooked
#: 468 Function Name: NtUserInvalidateRect
Status: Not hooked
#: 469 Function Name: NtUserInvalidateRgn
Status: Not hooked
#: 470 Function Name: NtUserIsClipboardFormatAvailable
Status: Not hooked
#: 471 Function Name: NtUserKillTimer
Status: Not hooked
#: 472 Function Name: NtUserLoadKeyboardLayoutEx
Status: Not hooked
#: 473 Function Name: NtUserLockWindowStation
Status: Not hooked
#: 474 Function Name: NtUserLockWindowUpdate
Status: Not hooked
#: 475 Function Name: NtUserLockWorkStation
Status: Not hooked
#: 476 Function Name: NtUserLogicalToPhysicalPoint
Status: Not hooked
#: 477 Function Name: NtUserMapVirtualKeyEx
Status: Not hooked
#: 478 Function Name: NtUserMenuItemFromPoint
Status: Not hooked
#: 479 Function Name: NtUserMessageCall
Status: Not hooked
#: 480 Function Name: NtUserMinMaximize
Status: Not hooked
#: 481 Function Name: NtUserMNDragLeave
Status: Not hooked
#: 482 Function Name: NtUserMNDragOver
Status: Not hooked
#: 483 Function Name: NtUserModifyUserStartupInfoFlags
Status: Not hooked
#: 484 Function Name: NtUserMoveWindow
Status: Not hooked
#: 485 Function Name: NtUserNotifyIMEStatus
Status: Not hooked
#: 486 Function Name: NtUserNotifyProcessCreate
Status: Not hooked
#: 487 Function Name: NtUserNotifyWinEvent
Status: Not hooked
#: 488 Function Name: NtUserOpenClipboard
Status: Not hooked
#: 489 Function Name: NtUserOpenDesktop
Status: Not hooked
#: 490 Function Name: NtUserOpenInputDesktop
Status: Not hooked
#: 491 Function Name: NtUserOpenThreadDesktop
Status: Not hooked
#: 492 Function Name: NtUserOpenWindowStation
Status: Not hooked
#: 493 Function Name: NtUserPaintDesktop
Status: Not hooked
#: 494 Function Name: NtUserPaintMonitor
Status: Not hooked
#: 495 Function Name: NtUserPeekMessage
Status: Not hooked
#: 496 Function Name: NtUserPhysicalToLogicalPoint
Status: Not hooked
#: 497 Function Name: NtUserPostMessage
Status: Not hooked
#: 498 Function Name: NtUserPostThreadMessage
Status: Not hooked
#: 499 Function Name: NtUserPrintWindow
Status: Not hooked
#: 500 Function Name: NtUserProcessConnect
Status: Not hooked
#: 501 Function Name: NtUserQueryInformationThread
Status: Not hooked
#: 502 Function Name: NtUserQueryInputContext
Status: Not hooked
#: 503 Function Name: NtUserQuerySendMessage
Status: Not hooked
#: 504 Function Name: NtUserQueryWindow
Status: Not hooked
#: 505 Function Name: NtUserRealChildWindowFromPoint
Status: Not hooked
#: 506 Function Name: NtUserRealInternalGetMessage
Status: Not hooked
#: 507 Function Name: NtUserRealWaitMessageEx
Status: Not hooked
#: 508 Function Name: NtUserRedrawWindow
Status: Not hooked
#: 509 Function Name: NtUserRegisterClassExWOW
Status: Not hooked
#: 510 Function Name: NtUserRegisterErrorReportingDialog
Status: Not hooked
#: 511 Function Name: NtUserRegisterUserApiHook
Status: Not hooked
#: 512 Function Name: NtUserRegisterHotKey
Status: Not hooked
#: 513 Function Name: NtUserRegisterRawInputDevices
Status: Not hooked
#: 514 Function Name: NtUserRegisterTasklist
Status: Not hooked
#: 515 Function Name: NtUserRegisterWindowMessage
Status: Not hooked
#: 516 Function Name: NtUserRemoveClipboardFormatListener
Status: Not hooked
#: 517 Function Name: NtUserRemoveMenu
Status: Not hooked
#: 518 Function Name: NtUserRemoveProp
Status: Not hooked
#: 519 Function Name: NtUserResolveDesktop
Status: Not hooked
#: 520 Function Name: NtUserResolveDesktopForWOW
Status: Not hooked
#: 521 Function Name: NtUserSBGetParms
Status: Not hooked
#: 522 Function Name: NtUserScrollDC
Status: Not hooked
#: 523 Function Name: NtUserScrollWindowEx
Status: Not hooked
#: 524 Function Name: NtUserSelectPalette
Status: Not hooked
#: 525 Function Name: NtUserSendInput
Status: Not hooked
#: 526 Function Name: NtUserSetActiveWindow
Status: Not hooked
#: 527 Function Name: NtUserSetAppImeLevel
Status: Not hooked
#: 528 Function Name: NtUserSetCapture
Status: Not hooked
#: 529 Function Name: NtUserSetClassLong
Status: Not hooked
#: 530 Function Name: NtUserSetClassWord
Status: Not hooked
#: 531 Function Name: NtUserSetClipboardData
Status: Not hooked
#: 532 Function Name: NtUserSetClipboardViewer
Status: Not hooked
#: 533 Function Name: NtUserSetConsoleReserveKeys
Status: Not hooked
#: 534 Function Name: NtUserSetCursor
Status: Not hooked
#: 535 Function Name: NtUserSetCursorContents
Status: Not hooked
#: 536 Function Name: NtUserSetCursorIconData
Status: Not hooked
#: 537 Function Name: NtUserSetFocus
Status: Not hooked
#: 538 Function Name: NtUserSetImeHotKey
Status: Not hooked
#: 539 Function Name: NtUserSetImeInfoEx
Status: Not hooked
#: 540 Function Name: NtUserSetImeOwnerWindow
Status: Not hooked
#: 541 Function Name: NtUserSetInformationProcess
Status: Not hooked
#: 542 Function Name: NtUserSetInformationThread
Status: Not hooked
#: 543 Function Name: NtUserSetInternalWindowPos
Status: Not hooked
#: 544 Function Name: NtUserSetKeyboardState
Status: Not hooked
#: 545 Function Name: NtUserSetMenu
Status: Not hooked
#: 546 Function Name: NtUserSetMenuContextHelpId
Status: Not hooked
#: 547 Function Name: NtUserSetMenuDefaultItem
Status: Not hooked
#: 548 Function Name: NtUserSetMenuFlagRtoL
Status: Not hooked
#: 549 Function Name: NtUserSetObjectInformation
Status: Not hooked
#: 550 Function Name: NtUserSetParent
Status: Not hooked
#: 551 Function Name: NtUserSetProcessWindowStation
Status: Not hooked
#: 552 Function Name: NtUserGetProp
Status: Not hooked
#: 553 Function Name: NtUserSetProp
Status: Not hooked
#: 554 Function Name: NtUserSetScrollInfo
Status: Not hooked
#: 555 Function Name: NtUserSetShellWindowEx
Status: Not hooked
#: 556 Function Name: NtUserSetSysColors
Status: Not hooked
#: 557 Function Name: NtUserSetSystemCursor
Status: Not hooked
#: 558 Function Name: NtUserSetSystemMenu
Status: Not hooked
#: 559 Function Name: NtUserSetSystemTimer
Status: Not hooked
#: 560 Function Name: NtUserSetThreadDesktop
Status: Not hooked
#: 561 Function Name: NtUserSetThreadLayoutHandles
Status: Not hooked
#: 562 Function Name: NtUserSetThreadState
Status: Not hooked
#: 563 Function Name: NtUserSetTimer
Status: Not hooked
#: 564 Function Name: NtUserSetProcessDPIAware
Status: Not hooked
#: 565 Function Name: NtUserSetWindowFNID
Status: Not hooked
#: 566 Function Name: NtUserSetWindowLong
Status: Not hooked
#: 567 Function Name: NtUserSetWindowPlacement
Status: Not hooked
#: 568 Function Name: NtUserSetWindowPos
Status: Not hooked
#: 569 Function Name: NtUserSetWindowRgn
Status: Not hooked
#: 570 Function Name: NtUserGetWindowRgnEx
Status: Not hooked
#: 571 Function Name: NtUserSetWindowRgnEx
Status: Not hooked
#: 572 Function Name: NtUserSetWindowsHookAW
Status: Not hooked
#: 573 Function Name: NtUserSetWindowsHookEx
Status: Not hooked
#: 574 Function Name: NtUserSetWindowStationUser
Status: Not hooked
#: 575 Function Name: NtUserSetWindowWord
Status: Not hooked
#: 576 Function Name: NtUserSetWinEventHook
Status: Not hooked
#: 577 Function Name: NtUserShowCaret
Status: Not hooked
#: 578 Function Name: NtUserShowScrollBar
Status: Not hooked
#: 579 Function Name: NtUserShowWindow
Status: Not hooked
#: 580 Function Name: NtUserShowWindowAsync
Status: Not hooked
#: 581 Function Name: NtUserSoundSentry
Status: Not hooked
#: 582 Function Name: NtUserSwitchDesktop
Status: Not hooked
#: 583 Function Name: NtUserSystemParametersInfo
Status: Not hooked
#: 584 Function Name: NtUserTestForInteractiveUser
Status: Not hooked
#: 585 Function Name: NtUserThunkedMenuInfo
Status: Not hooked
#: 586 Function Name: NtUserThunkedMenuItemInfo
Status: Not hooked
#: 587 Function Name: NtUserToUnicodeEx
Status: Not hooked
#: 588 Function Name: NtUserTrackMouseEvent
Status: Not hooked
#: 589 Function Name: NtUserTrackPopupMenuEx
Status: Not hooked
#: 590 Function Name: NtUserCalcMenuBar
Status: Not hooked
#: 591 Function Name: NtUserPaintMenuBar
Status: Not hooked
#: 592 Function Name: NtUserTranslateAccelerator
Status: Not hooked
#: 593 Function Name: NtUserTranslateMessage
Status: Not hooked
#: 594 Function Name: NtUserUnhookWindowsHookEx
Status: Not hooked
#: 595 Function Name: NtUserUnhookWinEvent
Status: Not hooked
#: 596 Function Name: NtUserUnloadKeyboardLayout
Status: Not hooked
#: 597 Function Name: NtUserUnlockWindowStation
Status: Not hooked
#: 598 Function Name: NtUserUnregisterClass
Status: Not hooked
#: 599 Function Name: NtUserUnregisterUserApiHook
Status: Not hooked
#: 600 Function Name: NtUserUnregisterHotKey
Status: Not hooked
#: 601 Function Name: NtUserUpdateInputContext
Status: Not hooked
#: 602 Function Name: NtUserUpdateInstance
Status: Not hooked
#: 603 Function Name: NtUserUpdateLayeredWindow
Status: Not hooked
#: 604 Function Name: NtUserGetLayeredWindowAttributes
Status: Not hooked
#: 605 Function Name: NtUserSetLayeredWindowAttributes
Status: Not hooked
#: 606 Function Name: NtUserUpdatePerUserSystemParameters
Status: Not hooked
#: 607 Function Name: NtUserUserHandleGrantAccess
Status: Not hooked
#: 608 Function Name: NtUserValidateHandleSecure
Status: Not hooked
#: 609 Function Name: NtUserValidateRect
Status: Not hooked
#: 610 Function Name: NtUserValidateTimerCallback
Status: Not hooked
#: 611 Function Name: NtUserVkKeyScanEx
Status: Not hooked
#: 612 Function Name: NtUserWaitForInputIdle
Status: Not hooked
#: 613 Function Name: NtUserWaitForMsgAndEvent
Status: Not hooked
#: 614 Function Name: NtUserWaitMessage
Status: Not hooked
#: 615 Function Name: DxgStubGenericThunk
Status: Not hooked
#: 616 Function Name: NtUserWindowFromPhysicalPoint
Status: Not hooked
#: 617 Function Name: NtUserWindowFromPoint
Status: Not hooked
#: 618 Function Name: NtUserYieldTask
Status: Not hooked
#: 619 Function Name: NtUserRemoteConnect
Status: Not hooked
#: 620 Function Name: NtUserRemoteRedrawRectangle
Status: Not hooked
#: 621 Function Name: NtUserRemoteRedrawScreen
Status: Not hooked
#: 622 Function Name: NtUserRemoteStopScreenUpdates
Status: Not hooked
#: 623 Function Name: NtUserCtxDisplayIOCtl
Status: Not hooked
#: 624 Function Name: NtUserRegisterSessionPort
Status: Not hooked
#: 625 Function Name: NtUserUnregisterSessionPort
Status: Not hooked
#: 626 Function Name: NtUserUpdateWindowTransform
Status: Not hooked
#: 627 Function Name: NtUserDwmStartRedirection
Status: Not hooked
#: 628 Function Name: NtUserDwmStopRedirection
Status: Not hooked
#: 629 Function Name: NtUserDwmHintDxUpdate
Status: Not hooked
#: 630 Function Name: NtUserDwmGetDxRgn
Status: Not hooked
#: 631 Function Name: NtUserGetWindowMinimizeRect
Status: Not hooked
#: 632 Function Name: NtGdiEngAssociateSurface
Status: Not hooked
#: 633 Function Name: NtGdiEngCreateBitmap
Status: Not hooked
#: 634 Function Name: NtGdiEngCreateDeviceSurface
Status: Not hooked
#: 635 Function Name: NtGdiEngCreateDeviceBitmap
Status: Not hooked
#: 636 Function Name: NtGdiEngCreatePalette
Status: Not hooked
#: 637 Function Name: NtGdiEngComputeGlyphSet
Status: Not hooked
#: 638 Function Name: NtGdiEngCopyBits
Status: Not hooked
#: 639 Function Name: NtGdiEngDeletePalette
Status: Not hooked
#: 640 Function Name: NtGdiEngDeleteSurface
Status: Not hooked
#: 641 Function Name: NtGdiEngEraseSurface
Status: Not hooked
#: 642 Function Name: NtGdiEngUnlockSurface
Status: Not hooked
#: 643 Function Name: NtGdiEngLockSurface
Status: Not hooked
#: 644 Function Name: NtGdiEngBitBlt
Status: Not hooked
#: 645 Function Name: NtGdiEngStretchBlt
Status: Not hooked
#: 646 Function Name: NtGdiEngPlgBlt
Status: Not hooked
#: 647 Function Name: NtGdiEngMarkBandingSurface
Status: Not hooked
#: 648 Function Name: NtGdiEngStrokePath
Status: Not hooked
#: 649 Function Name: NtGdiEngFillPath
Status: Not hooked
#: 650 Function Name: NtGdiEngStrokeAndFillPath
Status: Not hooked
#: 651 Function Name: NtGdiEngPaint
Status: Not hooked
#: 652 Function Name: NtGdiEngLineTo
Status: Not hooked
#: 653 Function Name: NtGdiEngAlphaBlend
Status: Not hooked
#: 654 Function Name: NtGdiEngGradientFill
Status: Not hooked
#: 655 Function Name: NtGdiEngTransparentBlt
Status: Not hooked
#: 656 Function Name: NtGdiEngTextOut
Status: Not hooked
#: 657 Function Name: NtGdiEngStretchBltROP
Status: Not hooked
#: 658 Function Name: NtGdiXLATEOBJ_cGetPalette
Status: Not hooked
#: 659 Function Name: NtGdiXLATEOBJ_iXlate
Status: Not hooked
#: 660 Function Name: NtGdiXLATEOBJ_hGetColorTransform
Status: Not hooked
#: 661 Function Name: NtGdiCLIPOBJ_bEnum
Status: Not hooked
#: 662 Function Name: NtGdiCLIPOBJ_cEnumStart
Status: Not hooked
#: 663 Function Name: NtGdiCLIPOBJ_ppoGetPath
Status: Not hooked
#: 664 Function Name: NtGdiEngDeletePath
Status: Not hooked
#: 665 Function Name: NtGdiEngCreateClip
Status: Not hooked
#: 666 Function Name: NtGdiEngDeleteClip
Status: Not hooked
#: 667 Function Name: NtGdiBRUSHOBJ_ulGetBrushColor
Status: Not hooked
#: 668 Function Name: NtGdiBRUSHOBJ_pvAllocRbrush
Status: Not hooked
#: 669 Function Name: NtGdiBRUSHOBJ_pvGetRbrush
Status: Not hooked
#: 670 Function Name: NtGdiBRUSHOBJ_hGetColorTransform
Status: Not hooked
#: 671 Function Name: NtGdiXFORMOBJ_bApplyXform
Status: Not hooked
#: 672 Function Name: NtGdiXFORMOBJ_iGetXform
Status: Not hooked
#: 673 Function Name: NtGdiFONTOBJ_vGetInfo
Status: Not hooked
#: 674 Function Name: NtGdiFONTOBJ_pxoGetXform
Status: Not hooked
#: 675 Function Name: NtGdiFONTOBJ_cGetGlyphs
Status: Not hooked
#: 676 Function Name: NtGdiFONTOBJ_pifi
Status: Not hooked
#: 677 Function Name: NtGdiFONTOBJ_pfdg
Status: Not hooked
#: 678 Function Name: NtGdiFONTOBJ_pQueryGlyphAttrs
Status: Not hooked
#: 679 Function Name: NtGdiFONTOBJ_pvTrueTypeFontFile
Status: Not hooked
#: 680 Function Name: NtGdiFONTOBJ_cGetAllGlyphHandles
Status: Not hooked
#: 681 Function Name: NtGdiSTROBJ_bEnum
Status: Not hooked
#: 682 Function Name: NtGdiSTROBJ_bEnumPositionsOnly
Status: Not hooked
#: 683 Function Name: NtGdiSTROBJ_bGetAdvanceWidths
Status: Not hooked
#: 684 Function Name: NtGdiSTROBJ_vEnumStart
Status: Not hooked
#: 685 Function Name: NtGdiSTROBJ_dwGetCodePage
Status: Not hooked
#: 686 Function Name: NtGdiPATHOBJ_vGetBounds
Status: Not hooked
#: 687 Function Name: NtGdiPATHOBJ_bEnum
Status: Not hooked
#: 688 Function Name: NtGdiPATHOBJ_vEnumStart
Status: Not hooked
#: 689 Function Name: NtGdiPATHOBJ_vEnumStartClipLines
Status: Not hooked
#: 690 Function Name: NtGdiPATHOBJ_bEnumClipLines
Status: Not hooked
#: 691 Function Name: NtGdiGetDhpdev
Status: Not hooked
#: 692 Function Name: NtGdiEngCheckAbort
Status: Not hooked
#: 693 Function Name: NtGdiHT_Get8BPPFormatPalette
Status: Not hooked
#: 694 Function Name: NtGdiHT_Get8BPPMaskPalette
Status: Not hooked
#: 695 Function Name: NtGdiUpdateTransform
Status: Not hooked
#: 696 Function Name: NtGdiSetPUMPDOBJ
Status: Not hooked
#: 697 Function Name: NtGdiBRUSHOBJ_DeleteRbrush
Status: Not hooked
#: 698 Function Name: NtGdiUMPDEngFreeUserMem
Status: Not hooked
#: 699 Function Name: NtGdiDrawStream
Status: Not hooked
#: 700 Function Name: NtGdiDwmGetDirtyRgn
Status: Not hooked
#: 701 Function Name: NtGdiDwmGetSurfaceData
Status: Not hooked
#: 702 Function Name: NtGdiDdDDICreateAllocation
Status: Not hooked
#: 703 Function Name: NtGdiDdDDIQueryResourceInfo
Status: Not hooked
#: 704 Function Name: NtGdiDdDDIOpenResource
Status: Not hooked
#: 705 Function Name: NtGdiDdDDIDestroyAllocation
Status: Not hooked
#: 706 Function Name: NtGdiDdDDISetAllocationPriority
Status: Not hooked
#: 707 Function Name: NtGdiDdDDIQueryAllocationResidency
Status: Not hooked
#: 708 Function Name: NtGdiDdDDICreateDevice
Status: Not hooked
#: 709 Function Name: NtGdiDdDDIDestroyDevice
Status: Not hooked
#: 710 Function Name: NtGdiDdDDICreateContext
Status: Not hooked
#: 711 Function Name: NtGdiDdDDIDestroyContext
Status: Not hooked
#: 712 Function Name: NtGdiDdDDICreateSynchronizationObject
Status: Not hooked
#: 713 Function Name: NtGdiDdDDIDestroySynchronizationObject
Status: Not hooked
#: 714 Function Name: NtGdiDdDDIWaitForSynchronizationObject
Status: Not hooked
#: 715 Function Name: NtGdiDdDDISignalSynchronizationObject
Status: Not hooked
#: 716 Function Name: NtGdiDdDDIGetRuntimeData
Status: Not hooked
#: 717 Function Name: NtGdiDdDDIQueryAdapterInfo
Status: Not hooked
#: 718 Function Name: NtGdiDdDDILock
Status: Not hooked
#: 719 Function Name: NtGdiDdDDIUnlock
Status: Not hooked
#: 720 Function Name: NtGdiDdDDIGetDisplayModeList
Status: Not hooked
#: 721 Function Name: NtGdiDdDDISetDisplayMode
Status: Not hooked
#: 722 Function Name: NtGdiDdDDIGetMultisampleMethodList
Status: Not hooked
#: 723 Function Name: NtGdiDdDDIPresent
Status: Not hooked
#: 724 Function Name: NtGdiDdDDIRender
Status: Not hooked
#: 725 Function Name: NtGdiDdDDIOpenAdapterFromDeviceName
Status: Not hooked
#: 726 Function Name: NtGdiDdDDIOpenAdapterFromHdc
Status: Not hooked
#: 727 Function Name: NtGdiDdDDICloseAdapter
Status: Not hooked
#: 728 Function Name: NtGdiDdDDIGetSharedPrimaryHandle
Status: Not hooked
#: 729 Function Name: NtGdiDdDDIEscape
Status: Not hooked
#: 730 Function Name: NtGdiDdDDIQueryStatistics
Status: Not hooked
#: 731 Function Name: NtGdiDdDDISetVidPnSourceOwner
Status: Not hooked
#: 732 Function Name: NtGdiDdDDIGetPresentHistory
Status: Not hooked
#: 733 Function Name: NtGdiDdDDICreateOverlay
Status: Not hooked
#: 734 Function Name: NtGdiDdDDIUpdateOverlay
Status: Not hooked
#: 735 Function Name: NtGdiDdDDIFlipOverlay
Status: Not hooked
#: 736 Function Name: NtGdiDdDDIDestroyOverlay
Status: Not hooked
#: 737 Function Name: NtGdiDdDDIWaitForVerticalBlankEvent
Status: Not hooked
#: 738 Function Name: NtGdiDdDDISetGammaRamp
Status: Not hooked
#: 739 Function Name: NtGdiDdDDIGetDeviceState
Status: Not hooked
#: 740 Function Name: NtGdiDdDDICreateDCFromMemory
Status: Not hooked
#: 741 Function Name: NtGdiDdDDIDestroyDCFromMemory
Status: Not hooked
#: 742 Function Name: NtGdiDdDDISetContextSchedulingPriority
Status: Not hooked
#: 743 Function Name: NtGdiDdDDIGetContextSchedulingPriority
Status: Not hooked
#: 744 Function Name: NtGdiDdDDISetProcessSchedulingPriorityClass
Status: Not hooked
#: 745 Function Name: NtGdiDdDDIGetProcessSchedulingPriorityClass
Status: Not hooked
#: 746 Function Name: NtGdiDdDDIReleaseProcessVidPnSourceOwners
Status: Not hooked
#: 747 Function Name: NtGdiDdDDIGetScanLine
Status: Not hooked
#: 748 Function Name: NtGdiDdDDISetQueuedLimit
Status: Not hooked
#: 749 Function Name: NtGdiDdDDIPollDisplayChildren
Status: Not hooked
#: 750 Function Name: NtGdiDdDDIInvalidateActiveVidPn
Status: Not hooked
#: 751 Function Name: NtGdiDdDDICheckOcclusion
Status: Not hooked
#: 752 Function Name: NtGdiDdDDIWaitForIdle
Status: Not hooked
#: 753 Function Name: NtGdiDdDDICheckMonitorPowerState
Status: Not hooked
#: 754 Function Name: NtGdiDdDDICheckExclusiveOwnership
Status: Not hooked
#: 755 Function Name: NtGdiDdDDISetDisplayPrivateDriverFormat
Status: Not hooked
#: 756 Function Name: NtGdiDdDDISharedPrimaryLockNotification
Status: Not hooked
#: 757 Function Name: NtGdiDdDDISharedPrimaryUnLockNotification
Status: Not hooked
#: 758 Function Name: DxgStubCanCreateSurface
Status: Not hooked
#: 759 Function Name: DxgStubContextDestroy
Status: Not hooked
#: 760 Function Name: NtGdiGetNumberOfPhysicalMonitors
Status: Not hooked
#: 761 Function Name: NtGdiGetPhysicalMonitors
Status: Not hooked
#: 762 Function Name: NtGdiGetPhysicalMonitorDescription
Status: Not hooked
#: 763 Function Name: DestroyPhysicalMonitor
Status: Not hooked
#: 764 Function Name: NtGdiDDCCIGetVCPFeature
Status: Not hooked
#: 765 Function Name: NtGdiDDCCISetVCPFeature
Status: Not hooked
#: 766 Function Name: NtGdiDDCCISaveCurrentSettings
Status: Not hooked
#: 767 Function Name: NtGdiDDCCIGetCapabilitiesStringLength
Status: Not hooked
#: 768 Function Name: NtGdiDDCCIGetCapabilitiesString
Status: Not hooked
#: 769 Function Name: NtGdiDDCCIGetTimingReport
Status: Not hooked
#: 770 Function Name: NtUserSetMirrorRendering
Status: Not hooked
#: 771 Function Name: NtUserShowSystemCursor
Status: Not hooked
-----------------------
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/03 15:18
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Processes
-------------------
Path: System
PID: 4 Status: Locked to the Windows API!
Path: C:\Windows\System32\spoolsv.exe
PID: 364 Status: -
Path: C:\Windows\System32\smss.exe
PID: 444 Status: -
Path: C:\Windows\System32\taskeng.exe
PID: 460 Status: -
Path: C:\Windows\System32\csrss.exe
PID: 572 Status: -
Path: C:\Program Files\Windows Defender\MSASCui.exe
PID: 580 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 612 Status: -
Path: C:\Windows\System32\wininit.exe
PID: 620 Status: -
Path: C:\Windows\System32\csrss.exe
PID: 632 Status: -
Path: C:\Windows\System32\services.exe
PID: 664 Status: -
Path: C:\Windows\System32\lsass.exe
PID: 676 Status: -
Path: C:\Windows\System32\lsm.exe
PID: 688 Status: -
Path: C:\Windows\System32\winlogon.exe
PID: 764 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
PID: 808 Status: -
Path: C:\Program Files\TO2SSM\McciTrayApp.exe
PID: 852 Status: -
Path: C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
PID: 860 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 868 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 944 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 984 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1060 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1108 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1124 Status: -
Path: C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
PID: 1188 Status: -
Path: C:\Windows\System32\hkcmd.exe
PID: 1212 Status: -
Path: C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PID: 1216 Status: -
Path: C:\Windows\PLFSetI.exe
PID: 1236 Status: -
Path: C:\Windows\System32\audiodg.exe
PID: 1248 Status: Locked to the Windows API!
Path: C:\Windows\System32\svchost.exe
PID: 1276 Status: -
Path: C:\Windows\System32\SLsvc.exe
PID: 1300 Status: -
Path: C:\Program Files\Apoint2K\Apoint.exe
PID: 1312 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1336 Status: -
Path: C:\Windows\System32\taskeng.exe
PID: 1348 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 1500 Status: -
Path: C:\Windows\System32\wpcumi.exe
PID: 1524 Status: -
Path: C:\Program Files\Winamp\winampa.exe
PID: 1548 Status: -
Path: C:\Windows\System32\igfxpers.exe
PID: 1616 Status: -
Path: C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PID: 1708 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashServ.exe
PID: 1724 Status: -
Path: C:\Windows\System32\dwm.exe
PID: 1804 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PID: 1832 Status: -
Path: C:\Windows\explorer.exe
PID: 1844 Status: -
Path: C:\Program Files\Windows Sidebar\sidebar.exe
PID: 1856 Status: -
Path: C:\Windows\ehome\ehtray.exe
PID: 1876 Status: -
Path: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PID: 2104 Status: -
Path: C:\Windows\System32\igfxsrvc.exe
PID: 2112 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PID: 2168 Status: -
Path: C:\Windows\ehome\ehmsas.exe
PID: 2220 Status: -
Path: C:\Program Files\Apoint2K\ApMsgFwd.exe
PID: 2240 Status: -
Path: C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PID: 2352 Status: -
Path: C:\Program Files\Apoint2K\ApntEx.exe
PID: 2364 Status: -
Path: C:\Windows\System32\taskeng.exe
PID: 2508 Status: -
Path: C:\Program Files\Windows Media Player\wmpnscfg.exe
PID: 2620 Status: -
Path: D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PID: 2668 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 2812 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PID: 2828 Status: -
Path: C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PID: 2912 Status: -
Path: C:\Program Files\Common Files\Motive\McciCMService.exe
PID: 2988 Status: -
Path: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PID: 3068 Status: -
Path: C:\ACER\Mobility Center\MobilityService.exe
PID: 3096 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PID: 3180 Status: -
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PID: 3224 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 3252 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 3292 Status: -
Path: C:\Windows\System32\svchost.exe
PID: 3352 Status: -
Path: C:\Windows\System32\SearchIndexer.exe
PID: 3424 Status: -
Path: C:\Program Files\Windows Media Player\wmpnetwk.exe
PID: 3448 Status: -
Path: C:\Windows\System32\drivers\XAudio.exe
PID: 3608 Status: -
Path: C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PID: 3648 Status: -
Path: C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PID: 3792 Status: -
Path: C:\Windows\System32\wbem\WmiPrvSE.exe
PID: 3856 Status: -
Path: C:\totalcmd\TOTALCMD.EXE
PID: 3932 Status: -
Path: C:\Windows\System32\alg.exe
PID: 4320 Status: -
Path: C:\Windows\servicing\TrustedInstaller.exe
PID: 4480 Status: -
Path: C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PID: 4496 Status: -
Path: C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PID: 4524 Status: -
Path: D:\SW\RootRepeal\RootRepeal.exe
PID: 4576 Status: -
Path: C:\Windows\System32\wbem\unsecapp.exe
PID: 4712 Status: -
Path: C:\Windows\System32\SearchProtocolHost.exe
PID: 6012 Status: -
Path: C:\Windows\System32\SearchFilterHost.exe
PID: 6016 Status: -
-
Vrtule
- Přítel fóra
- Příspěvky: 328
- Registrován: 20 dub 2007 22:54
- Bydliště: Praha
- Kontaktovat uživatele:
Re: Problémy s explorer.exe
Zdravím,
nejprve se omlluvím za vstup.
Já v logu z RootRepealu nic podezřelého nevidím. Žádný skrytý ovladač, žádný skrytý proces, žádný skrytý objekt ani žádná skrytá služba. SysProt Antirootkit také neukazuje nic podezřelého. Tam je jen zajímavé to, že na vás hulákal. Co přesně na vás v onom dialogovém okně hulákal?
Navrhoval bych se podívat, kdo v procesu explorer.exe ten procesor vytěžuje. Stáhněte z http://www.sysinternals.com program Process Explorer a spusťte ho, asi nejlépe s právy správce. Označte proces explorer.exe a nechte si zobrazit jeho vlastnosti (pravé tlačítko myší a Properties). Přejděte na záložku Threads (seznam vláken). Zde zjistíte, které vlákno je nejvíce aktivní a u toho mě zajímá jeho zásobník (stack). Asi bude nejlepší to sem dát pomocí screenshotu.
nejprve se omlluvím za vstup.
Já v logu z RootRepealu nic podezřelého nevidím. Žádný skrytý ovladač, žádný skrytý proces, žádný skrytý objekt ani žádná skrytá služba. SysProt Antirootkit také neukazuje nic podezřelého. Tam je jen zajímavé to, že na vás hulákal. Co přesně na vás v onom dialogovém okně hulákal?
Navrhoval bych se podívat, kdo v procesu explorer.exe ten procesor vytěžuje. Stáhněte z http://www.sysinternals.com program Process Explorer a spusťte ho, asi nejlépe s právy správce. Označte proces explorer.exe a nechte si zobrazit jeho vlastnosti (pravé tlačítko myší a Properties). Přejděte na záložku Threads (seznam vláken). Zde zjistíte, které vlákno je nejvíce aktivní a u toho mě zajímá jeho zásobník (stack). Asi bude nejlepší to sem dát pomocí screenshotu.
GitHub (https://github.com/MartinDrab)
Re: Problémy s explorer.exe
Za vstup se nezlobím.
Dle mých reakcí je asi zřejmé, že nejsem kovaný...
Ale tímto jsem obohacován.
Tak jsem to zkusil....
Zatím úplně přesně nevím, zda obrázek vkládám správně, ale určitě budu nasměrován.
Mi
Dle mých reakcí je asi zřejmé, že nejsem kovaný...
Ale tímto jsem obohacován.
Tak jsem to zkusil....
Zatím úplně přesně nevím, zda obrázek vkládám správně, ale určitě budu nasměrován.
Mi
- Přílohy
-
- ProocesExplorer.gif
- (55.94 KiB) Staženo 129 x
-
Vrtule
- Přítel fóra
- Příspěvky: 328
- Registrován: 20 dub 2007 22:54
- Bydliště: Praha
- Kontaktovat uživatele:
Re: Problémy s explorer.exe
Jenom se ještě na ověření zeptám. Já jsem totiž zapomněl napsat, jak se pozná vlákno, co je aktivní. V té záložce Threads je to vyjádřeno procentuálně (druhý sloupec) a ve třetím sloupci platí, že čím větší číslo, tím více vlákno vykonalo v polsední vteřině (aspoň myslím).
Jestli jste to vlákno vybral podle tohoto, tak je věc smutná v tom, že nic podezřelého nevidím. Vlákno vykonává kód jen v originálních DLL knihovnách. Teoreticky je akorát možné, že nedělá nic extra důůležitého, takže by bylo možné pro ušetření výkonu jej buď ukončit (Kill, nebo Terminate, tak nějak se to bude jmenovat), nebo pozastavit (Suspend). Ale pravda je, že tím se řeší následek a ne příčina.
Jestli jste to vlákno vybral podle tohoto, tak je věc smutná v tom, že nic podezřelého nevidím. Vlákno vykonává kód jen v originálních DLL knihovnách. Teoreticky je akorát možné, že nedělá nic extra důůležitého, takže by bylo možné pro ušetření výkonu jej buď ukončit (Kill, nebo Terminate, tak nějak se to bude jmenovat), nebo pozastavit (Suspend). Ale pravda je, že tím se řeší následek a ne příčina.
GitHub (https://github.com/MartinDrab)
Re: Problémy s explorer.exe
Je to tak, druhý a třetí sloupec. Jo a střižení, resp. pozastavení vede k zatuhnutí... 
Mi
Mi
-
Vrtule
- Přítel fóra
- Příspěvky: 328
- Registrován: 20 dub 2007 22:54
- Bydliště: Praha
- Kontaktovat uživatele:
Re: Problémy s explorer.exe
Zdravím,
nepamatujete si, kdy se tohle chování začalo objevovat? Jestli to nebylo po instalaci nějaké aplikace nebo při podobné události? Přiznám se, že teď moc nevím, jak budu postupovat dál, ale to snad během krátké doby zjistím. Už jsem se s tímto problémeme kdysi setkal, jen si už nepamatuju, jak se vyřešil. Ale budu se asi objevovat převážně až večer, přes týden mám školu...
nepamatujete si, kdy se tohle chování začalo objevovat? Jestli to nebylo po instalaci nějaké aplikace nebo při podobné události? Přiznám se, že teď moc nevím, jak budu postupovat dál, ale to snad během krátké doby zjistím. Už jsem se s tímto problémeme kdysi setkal, jen si už nepamatuju, jak se vyřešil. Ale budu se asi objevovat převážně až večer, přes týden mám školu...
GitHub (https://github.com/MartinDrab)
Re: Problémy s explorer.exe
Zdravím.
To je právě to, že problém přímo nenavazuje na nějakou instalaci. Snad jen běžná aktualizace antiviru (AvastHome).
Ten jsem ale zkusil odinstalovat a dělalo to stejně.
S pozdravem
Mi
To je právě to, že problém přímo nenavazuje na nějakou instalaci. Snad jen běžná aktualizace antiviru (AvastHome).
Ten jsem ale zkusil odinstalovat a dělalo to stejně.
S pozdravem
Mi
Re: Problémy s explorer.exe
Pořád je stejný problém?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Problémy s explorer.exe
Zdravím.
Stále
S pozdravem Mi
Stále
S pozdravem Mi
Re: Problémy s explorer.exe
Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?