AV/EPP/EDR Windows API hook list

Hooks redirect to "EDR hooking.dll" >> umppc*****.dll for example umppc16606.dll
>>Hooks in ntdll.dll<<[-] NtDeviceIoControlFile [-] NtSetInformationThread [-] NtAllocateVirtualMemory [-] NtSetInformationProcess [-] NtQueryInformationThread [-] NtMapViewOfSection [-] NtUnmapViewOfSection [-] NtWriteVirtualMemory [-] NtReadVirtualMemory [-] NtQueueApcThread [-] NtProtectVirtualMemory [-] NtResumeThread [-] NtAllocateVirtualMemoryEx [-] NtCreateMutant [-] NtGetContextThread [-] NtMapViewOfSectionEx [-] NtQueueApcThreadEx [-] NtSetContextThread [-] NtSuspendThread [-] NtUnmapViewOfSectionEx     >>Hooks in win32u.dll<<    [-] NtUserSetProp [-] NtUserSetWindowLong [-] NtUserSetWindowsHookEx [-] NtUserSetWindowsHookAW [-] NtGdiAddFontMemResourceEx [-] NtGdiAddFontResourceW [-] NtGdiAddRemoteFontToDC [-] NtUserSetWindowLongPtr     Total: 28 hooks

Hooks redirect to !EDR hooking.dll! >> inprocessclient64.dll
>>Hooks in ntdll.dll<<[-] LdrLoadDll [-] RtlAddVectoredExceptionHandler [-] NtSetInformationThread [-] NtSetInformationProcess [-] NtFreeVirtualMemory [-] NtOpenProcess [-] NtMapViewOfSection [-] NtUnmapViewOfSection [-] NtTerminateProcess [-] NtQuerySystemInformation [-] NtWriteVirtualMemory [-] NtReadVirtualMemory [-] NtQueueApcThread [-] NtResumeThread [-] NtCreateThreadEx [-] NtCreateUserProcess [-] NtLoadDriver [-] NtMapUserPhysicalPages [-] NtQuerySystemInformationEx [-] NtQueueApcThreadEx [-] NtSetContextThread [-] KiUserApcDispatcher         >>Hooks in KernelBase.dll<<[-] CreateProcessInternalW [-] CopyFileExW [-] LoadLibraryA [-] UnhandledExceptionFilter         >>Hooks in combase.dll<<    [-] CoGetInstanceFromIStorage             >>Hooks in crypt32.dll<<    [-] CryptUnprotectData         >>Hooks in ole32.dll<<    [-] CoGetObject         >>Hooks in samcli.dll<<[-] NetUserAdd     
>>Hooks in shell32.dll<<[-] Shell_NotifyIconW         >>Hooks in sspicli.dll<<[-] InitializeSecurityContextW [-] LsaCallAuthenticationPackage         >>Hooks in user32.dll<<   [-] CreateWindowExA [-] CreateWindowExW [-] PeekMessageA [-] PeekMessageW [-] SetWindowLongPtrW [-] SetWindowLongW [-] GetKeyState [-] GetMessageW [-] SystemParametersInfoW [-] GetAsyncKeyState [-] GetMessageA [-] SystemParametersInfoA [-] SetWindowsHookExW [-] ExitWindowsEx [-] SetWindowLongA [-] SetWindowLongPtrA [-] SetWindowsHookExA 

>>Hooks in win32u.dll<<[-] NtUserSetProp [-] NtUserShowWindow [-] NtUserGetKeyboardState [-] NtUserAttachThreadInput [-] NtUserRegisterRawInputDevices 
Total: 55 hooks

Hooks redirect to "EDR hooking.dll" tmmon64.dll
>>Hooks in ntdll.dll<<[-] LdrUnloadDll [-] LdrLoadDll [-] NtDeviceIoControlFile [-] NtSetInformationThread [-] NtQueryInformationThread [-] NtMapViewOfSection [-] NtUnmapViewOfSection [-] NtTerminateProcess [-] NtWriteVirtualMemory [-] NtReadVirtualMemory [-] NtQueueApcThread [-] NtCreateThread [-] NtProtectVirtualMemory [-] NtCreateMutant [-] NtCreateThreadEx [-] NtGetContextThread [-] NtLoadDriver [-] NtSetContextThread [-] NtUnmapViewOfSectionEx 

>>Hooks in kernel32.dll<<[-] CreateMailslotA [-] CreateMailslotW [-] MoveFileW [-] CreateRemoteThread [-] CreateNamedPipeA [-] CopyFileA [-] CopyFileExA [-] MoveFileA [-] MoveFileWithProgressA 

>>Hooks in KernelBase.dll<<[-] CreateProcessInternalA [-] CreateProcessInternalW [-] CreateRemoteThreadEx [-] DeleteFileA [-] DeleteFileW [-] FindFirstFileW [-] FindFirstFileExW [-] CreateFileA [-] CreateFileW [-] MoveFileWithProgressW [-] CopyFileW [-] CopyFileExW [-] VirtualAlloc [-] ImpersonateLoggedOnUser [-] WriteProcessMemory [-] FindFirstFileA [-] VirtualAllocEx [-] CreateNamedPipeW [-] FindFirstFileExA 

>>Hooks in advapi32.dll<<[-] OpenEventLogW [-] CloseEventLog [-] EncryptFileW [-] CreateServiceA [-] CreateServiceW [-] ClearEventLogA [-] ClearEventLogW [-] OpenEventLogA 

>>Hooks in samcli.dll<<[-] NetUserGetLocalGroups [-] NetUserGetInfo [-] NetUserEnum [-] NetUserAdd [-] NetUserChangePassword [-] NetUserDel [-] NetUserGetGroups [-] NetUserSetGroups [-] NetUserSetInfo 

>>Hooks in sechost.dll<<[-] !StartServiceW [-] !OpenServiceW [-] !OpenServiceA [-] !StartServiceA 

>>Hooks in user32.dll<<[-] SetWindowsHookExW [-] SetWindowsHookA [-] SetWindowsHookExA [-] SetWindowsHookW [-] MessageBoxA [-] MessageBoxExA [-] MessageBoxExW [-] MessageBoxW 

>>Hooks in wevtapi.dll<<[-] EvtOpenSession [-] EvtClose [-] EvtClearLog 

>>Hooks in win32u.dll<<[-] NtUserShowWindow 

>>Hooks in wininet.dll<<[-] InternetCreateUrlW [-] InternetConnectW [-] InternetConnectA [-] InternetCreateUrlA [-] InternetOpenUrlA [-] InternetOpenUrlW 
Total: 86 hooks