NP starts with CreateRemoteThread via WriteProcessMemory inject code to all processes (in addition to system process smss.exe), np own code through LoadLibrary to load the target process npggNT.des. npggNT.des Once loaded immediately start doing "bad", hooks (HOOK) system-critical functions such as OpenProcess, ReadProcessMemory, WriteProcessMemory, PostMessage and so on. Hook method is through rewriting system function head start in the function of JMP to npggNT.des replacement function. Users call the corresponding system function, will first enter into npggNT.des module waits for NP examination,

NP Source\dump_wmimmc\ddkbuild.bat
.........\...........\hook.h
.........\...........\makefile
.........\...........\myFunction.h
.........\...........\myNativeAPIs.h
.........\...........\myNtoskrnlAPIs.h
.........\...........\myWin32kAPIs.h
.........\...........\Process.h
.........\...........\sources
.........\...........\wmimmc.c
.........\...........\wmimmc.dsp
.........\...........\wmimmc.dsw
.........\...........\wmimmc.h
.........\...........\原驱动文件\dump_wmmimc.sys
.........\...........\原驱动文件
.........\dump_wmimmc
NP Source

• We are an exchange download platform that only provides communication channels. The downloaded content comes from the internet. Except for download issues, please Google on your own.
• The downloaded content is provided for members to upload. If it unintentionally infringes on your copyright, please contact us.
• Please use Winrar for decompression tools
• If download fail, Try it againg or Feedback to us.
• If downloaded content did not match the introduction, Feedback to us，Confirm and will be refund.
• Before downloading, you can inquire through the uploaded person information

Nothing．