SpyStudio Group Selection


ActiveX: COM objects creation.
Common Dialogs: Dialogs included in comdlg32.dll.
Drivers: IOCtls and Driver communication.
Environment: environment variables.
Exceptions: handled and unhandled user-mode exceptions thrown.
Files: File and directory access.
Handles: Windows handles query functions.
Internet: Wininet.dll functions. Set of high level functions that Internet Explorer use to browse.
Internet helpers: Urlmon.dll functions that are used by Internet Explorer to access Wininet.dll in a multi-threaded context. They also include Zone implementation and some Internet Explorer options.
Localization: Functions used to get current language settings.
Module Handle: GetModuleHandle function.
Ntdll Strings: Ntdll string initialization functions. Useful when you know that a specific string appears after certain event (e.g.: a crash or an issue).
Procedure Address: GetProcAddress function.
Process: Library loads and Process creation.
Registry: Registry activity.
Resources: Load and find resources.
Shell: Shell32 functions that are used to find programs, open file with default program, convert file paths and tons of shell related help functions.
Windows Creation: Window creation and destruction.
Windows Hooks: SetWindowsHook functions used to install message filters.
Windows Messages: SendMessage, PostMessage and show window.
Windows Properties: Windows properties such as TItle, Visible, etc.

Comments