好久没写东西了~~:
>SSDT State
NtClose
Actual Address 0xF0389268
Hooked by: C:\OllyDBG\plugin\whlsod.sys
NtCreateProcess
Actual Address 0xF03892C8
Hooked by: C:\OllyDBG\plugin\whlsod.sys
NtDuplicateObject
Actual Address 0xF03891E8
Hooked by: C:\OllyDBG\plugin\whlsod.sys
NtOpenProcess
Actual Address 0xF0388E18
Hooked by: C:\OllyDBG\plugin\whlsod.sys
NtOpenThread
Actual Address 0xF0388F28
Hooked by: C:\OllyDBG\plugin\whlsod.sys
NtQueryInformationProcess
Actual Address 0xF0389068
Hooked by: C:\OllyDBG\plugin\whlsod.sys
NtQueryObject
Actual Address 0xF0388D78
Hooked by: C:\OllyDBG\plugin\whlsod.sys
NtQuerySystemInformation
Actual Address 0xF0388988
Hooked by: C:\OllyDBG\plugin\whlsod.sys
NtSetInformationThread
Actual Address 0xF0389018
Hooked by: C:\OllyDBG\plugin\whlsod.sys
NtYieldExecution
Actual Address 0xF0388E08
Hooked by: C:\OllyDBG\plugin\whlsod.sys
>Shadow
NtUserBuildHwndList
Actual Address 0xF0389558
Hooked by: C:\OllyDBG\plugin\whlsod.sys
NtUserFindWindowEx
Actual Address 0xF0389718
Hooked by: C:\OllyDBG\plugin\whlsod.sys
NtUserGetForegroundWindow
Actual Address 0xF03897A8
Hooked by: C:\OllyDBG\plugin\whlsod.sys
NtUserPostMessage
Actual Address 0xF0389518
Hooked by: C:\OllyDBG\plugin\whlsod.sys
NtUserQueryWindow
Actual Address 0xF0389478
Hooked by: C:\OllyDBG\plugin\whlsod.sys
NtUserSetParent
Actual Address 0xF0389838
Hooked by: C:\OllyDBG\plugin\whlsod.sys
>Hooks
[1044]Ollydbg.exe-->kernel32.dll-->ContinueDebugEvent, Type: IAT modification 0x0050D2B8
[StrongOD.dll]
[1044]Ollydbg.exe-->kernel32.dll-->CreateProcessA, Type: IAT modification 0x0050D2C4
[StrongOD.dll]
[1044]Ollydbg.exe-->kernel32.dll-->DebugActiveProcess, Type: IAT modification 0x0050D2C8
[StrongOD.dll]
[1044]Ollydbg.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x0050D344
[StrongOD.dll]
[1044]Ollydbg.exe-->kernel32.dll-->MultiByteToWideChar, Type: IAT modification 0x0050D3C8
[StrongOD.dll]
[1044]Ollydbg.exe-->kernel32.dll-->WaitForDebugEvent, Type: IAT modification 0x0050D440
[StrongOD.dll]
[1044]Ollydbg.exe-->ntdll.dll-->NtCreateProcess, Type: Inline - RelativeJump 0x7C92D754
[StrongOD.dll]
[1044]Ollydbg.exe-->ntdll.dll-->NtCreateProcessEx, Type: Inline - RelativeJump 0x7C92D769
[StrongOD.dll]
[1044]Ollydbg.exe-->user32.dll-->CreateMDIWindowA, Type: IAT modification 0x0050D7F4
[StrongOD.dll]
[1044]Ollydbg.exe-->user32.dll-->DialogBoxParamA, Type: IAT modification 0x0050D81C [StrongOD.dll]
[1044]Ollydbg.exe-->user32.dll-->EnumChildWindows, Type: IAT modification 0x0050D83C
[StrongOD.dll]
[1044]Ollydbg.exe-->user32.dll-->GetClassLongA, Type: IAT modification 0x0050D858 [StrongOD.dll]
[1044]Ollydbg.exe-->user32.dll-->GetWindowLongA, Type: IAT modification 0x0050D8B0 [StrongOD.dll]
[1044]Ollydbg.exe-->user32.dll-->GetWindowTextA, Type: Inline - RelativeJump 0x77D3212B
[unknown_code_page]
[1044]Ollydbg.exe-->user32.dll-->RegisterClassA, Type: IAT modification 0x0050D920 [StrongOD.dll]
[1044]Ollydbg.exe-->user32.dll-->SetWindowTextA, Type: IAT modification 0x0050D96C [StrongOD.dll]
还有1个CreateProcess Notfiy
![人生如梦游戏间,RPG游戏开源开发讲座(JAVA篇)[0]——月晕础润](https://p-blog.csdn.net/images/p_blog_csdn_net/cping1982/cp0.png)