2024.07.15 12:07:08 INFO: Loaded VA for NtUserBlockInput = 0x00007FFED1CB8450
2024.07.15 12:07:08 INFO: Loaded VA for NtUserQueryWindow = 0x00007FFED1CB1230
2024.07.15 12:07:08 INFO: Loaded VA for NtUserBuildHwndList = 0x00007FFED1CB13B0
2024.07.15 12:07:08 INFO: Loaded VA for NtUserFindWindowEx = 0x00007FFED1CB1DB0
2024.07.15 12:07:08 INFO: Loaded VA for NtUserGetClassName = 0x00007FFED1CB1F50
2024.07.15 12:07:08 INFO: Loaded VA for NtUserInternalGetWindowText = 0x00007FFED1CB1C70
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> _NtSetInformationThread 00007FFED438D6F0 _NtQuerySystemInformation 00007FFED438DC10 _NtQueryInformationProcess 00007FFED438D870 _NtSetInformationProcess 00007FFED438D8D0 _NtQueryObject 00007FFED438D750
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> _NtYieldExecution 00007FFED438DE10 _NtGetContextThread 00007FFED438F3A0 _NtSetContextThread 00007FFED43906E0 _KiUserExceptionDispatcher 00007FFED4391410 _NtContinue 00007FFED438DDB0
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> _NtClose 00007FFED438D730 _NtDuplicateObject 00007FFED438DCD0 _NtSetDebugFilterState 00007FFED4390700 _NtCreateThread 00007FFED438DF10 _NtCreateThreadEx 00007FFED438ED80 _NtQuerySystemTime 00007FFED438E090 _NtQueryPerformanceCounter 00007FFED438DB70 _NtResumeThread 00007FFED438DF90
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Hooking NtSetInformationThread
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Hooking NtQuerySystemInformation
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Hooking NtQueryInformationProcess
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Hooking NtSetInformationProcess
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Hooking NtQueryObject
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Hooking NtYieldExecution
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Hooking NtGetContextThread
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Hooking NtSetContextThread
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Hooking NtClose
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Hooking NtDuplicateObject
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Hooking NtCreateThreadEx
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Hooking NtSetDebugFilterState
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Hooking KiUserExceptionDispatcher
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Finding jmp to RtlQuerySystemTime at NtQuerySystemTime
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Hooking NtQuerySystemTime at 00007FFED4366F90
2024.07.15 12:07:08 DEBUG: ApplyNtdllHook -> Hooking NtQueryPerformanceCounter
2024.07.15 12:07:08 DEBUG: ApplyKernel32Hook -> Using Kernelbase 00007FFED1DA0000 instead of kernel32 00007FFED3970000
2024.07.15 12:07:08 DEBUG: ApplyKernel32Hook -> _GetTickCount 00007FFED1DFB930 _GetTickCount64 00007FFED1DFD000 _GetLocalTime 00007FFED1E00990 _GetSystemTime 00007FFED1DFF6B0 _OutputDebugStringA 00007FFED1DCBAF0
2024.07.15 12:07:08 DEBUG: ApplyKernel32Hook -> Hooking GetTickCount
2024.07.15 12:07:08 DEBUG: ApplyKernel32Hook -> Hooking GetTickCount64
2024.07.15 12:07:08 DEBUG: ApplyKernel32Hook -> Hooking GetLocalTime
2024.07.15 12:07:08 DEBUG: ApplyKernel32Hook -> Hooking GetSystemTime
2024.07.15 12:07:08 DEBUG: ApplyKernel32Hook -> Hooking OutputDebugStringA
2024.07.15 12:07:08 DEBUG: ApplyUserHook -> HookedNtUserBlockInput 00000211FD021E3C HookedNtUserFindWindowEx 00000211FD021E98 HookedNtUserBuildHwndList 00000211FD021FD0 HookedNtUserBuildHwndList_Eight 00000211FD022030 HookedNtUserQueryWindow 00000211FD02209C
2024.07.15 12:07:08 DEBUG: ApplyUserHook -> _NtUserBlockInput 00007FFED1CB8450 _NtUserFindWindowEx 00007FFED1CB1DB0 _NtUserBuildHwndList 00007FFED1CB13B0 _NtUserQueryWindow 00007FFED1CB1230
2024.07.15 12:07:08 DEBUG: ApplyUserHook -> Hooking NtUserBlockInput
2024.07.15 12:07:08 DEBUG: ApplyUserHook -> Hooking NtUserFindWindowEx
2024.07.15 12:07:08 DEBUG: ApplyUserHook -> Hooking NtUserBuildHwndList
2024.07.15 12:07:08 DEBUG: ApplyUserHook -> Hooking NtUserQueryWindow