OpenGL调用锁定/冻结

Question

I am using some dell workstations(running WinXP Pro SP 2 & DeepFreeze) for development, but something was recenlty loaded onto these machines that prevents any opengl call(the call locks) from completing(and I know the code works as I have tested it on 'clean' machines, I also tested with simple opengl apps generated by dev-cpp, which will also lock on the dell machines).

I have tried to debug my own apps to see where exactly the gl calls freeze, but there is some global system hook on ZwQueryInformationProcess that messes up calls to ZwQueryInformationThread(used by ExitThread), preventing me from debugging at all(it causes the debugger, OllyDBG, to go into an access violation reporting loop or the program to crash if the exception is passed along). the hook:

ntdll.ZwQueryInformationProcess 7C90D7E0       B8 9A000000          MOV EAX,9A
7C90D7E5                                       BA 0003FE7F          MOV EDX,7FFE0300
7C90D7EA                                       FF12                 CALL DWORD PTR DS:[EDX]
7C90D7EC                                     - E9 0F28448D          JMP 09D50000
7C90D7F1                                       9B                   WAIT
7C90D7F2                                       0000                 ADD BYTE PTR DS:[EAX],AL
7C90D7F4                                       00BA 0003FE7F        ADD BYTE PTR DS:[EDX+7FFE0300],BH
7C90D7FA                                       FF12                 CALL DWORD PTR DS:[EDX]
7C90D7FC                                       C2 1400              RETN 14
7C90D7FF                                       90                   NOP
ntdll.ZwQueryInformationToken 7C90D800         B8 9C000000          MOV EAX,9C

the messed up function + call:

ntdll.ZwQueryInformationThread 7C90D7F0        8D9B 000000BA        LEA EBX,DWORD PTR DS:[EBX+BA000000]
7C90D7F6                                       0003                 ADD BYTE PTR DS:[EBX],AL
7C90D7F8                                       FE                   ???                                                          ; Unknown command
7C90D7F9                                       7F FF                JG SHORT ntdll.7C90D7FA
7C90D7FB                                       12C2                 ADC AL,DL
7C90D7FD                                       14 00                ADC AL,0
7C90D7FF                                       90                   NOP
ntdll.ZwQueryInformationToken 7C90D800         B8 9C000000          MOV EAX,9C

So firstly, anyone know what if anything would lead to OpenGL calls cause an infinite lock,and if there are any ways around it? and what would be creating such a hook in kernal memory ?

Update: After some more fiddling, I have discovered a few more kernal hooks, a lot of them are used to nullify data returned by system information calls(such as the remote debugging port), I also managed to find out the what ever is doing this is using madchook.dll(by madshi) to do this, this dll is also injected into every running process(these seem to be some anti debugging code). Also, on the OpenGL side, it seems Direct X is fine/unaffected(I ran one of the DX 9 demo's without problems), so could one of these kernal hooks somehow affect OpenGL?

Answer 1

After some research, it seems that there is something actively blocking user->kernel mode calls for OGL, probably an option of DeepFreeze. DirectX works flawlessly though, so I've switched over to that.

Answer 2

This smells awfully like some malware trying to hide itself on your system (and getting it wrong). Have you tried scanning your system with an up-to-date antivirus?

Edit: A quick Google search for madchook.dll reveals that it's used by various spyware/dialers/other malware. DO run your antivirus ASAP.