ntddk.h File Reference

#include <windows.h>
#include <ntstatus.h>

Go to the source code of this file.

Classes
struct	_STRING
struct	_UNICODE_STRING
struct	_OBJECT_ATTRIBUTES
struct	_IO_STATUS_BLOCK
struct	_CLIENT_ID
struct	_CURDIR
struct	_OBJECT_BASIC_INFORMATION
struct	_OBJECT_NAME_INFORMATION
struct	_OBJECT_TYPE_INFORMATION
struct	_OBJECT_HANDLE_FLAG_INFORMATION
struct	_OBJECT_DIRECTORY_INFORMATION
struct	_RTL_SPLAY_LINKS
struct	_RTL_GENERIC_TABLE
struct	_RTL_HANDLE_TABLE_ENTRY
struct	_RTL_HANDLE_TABLE
struct	_KEY_BASIC_INFORMATION
struct	_KEY_NODE_INFORMATION
struct	_KEY_FULL_INFORMATION
struct	_KEY_NAME_INFORMATION
struct	_KEY_CACHED_INFORMATION
struct	_KEY_FLAGS_INFORMATION
struct	_KEY_VALUE_FULL_INFORMATION
struct	_KEY_VALUE_PARTIAL_INFORMATION
struct	_RTL_QUERY_REGISTRY_TABLE
struct	_SYSTEM_BASIC_INFORMATION
struct	_SYSTEM_PROCESSOR_INFORMATION
struct	_SYSTEM_PERFORMANCE_INFORMATION
struct	_SYSTEM_TIMEOFDAY_INFORMATION
struct	_SYSTEM_PROCESS_INFORMATION
struct	_SYSTEM_DEVICE_INFORMATION
struct	_SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION
struct	_SYSTEM_FLAGS_INFORMATION
struct	_SYSTEM_MODULE
struct	_SYSTEM_MODULE_INFORMATION
struct	_FILE_DIRECTORY_INFORMATION
struct	_FILE_FULL_DIR_INFORMATION
struct	_FILE_BOTH_DIR_INFORMATION
struct	_FILE_BASIC_INFORMATION
struct	_FILE_STANDARD_INFORMATION
struct	_FILE_INTERNAL_INFORMATION
struct	_FILE_EA_INFORMATION
struct	_FILE_ACCESS_INFORMATION
struct	_FILE_NAME_INFORMATION
struct	_FILE_RENAME_INFORMATION
struct	_FILE_NAMES_INFORMATION
struct	_FILE_DISPOSITION_INFORMATION
struct	_FILE_POSITION_INFORMATION
struct	_FILE_FULL_EA_INFORMATION
struct	_FILE_MODE_INFORMATION
struct	_FILE_ALIGNMENT_INFORMATION
struct	_FILE_ALL_INFORMATION
struct	_FILE_ALLOCATION_INFORMATION
struct	_FILE_END_OF_FILE_INFORMATION
struct	_FILE_STREAM_INFORMATION
struct	_FILE_PIPE_INFORMATION
struct	_FILE_PIPE_LOCAL_INFORMATION
struct	_FILE_PIPE_REMOTE_INFORMATION
struct	_FILE_MAILSLOT_QUERY_INFORMATION
struct	_FILE_MAILSLOT_SET_INFORMATION
struct	_FILE_COMPRESSION_INFORMATION
struct	_FILE_LINK_INFORMATION
struct	_FILE_OBJECTID_INFORMATION
struct	_FILE_COMPLETION_INFORMATION
struct	_FILE_MOVE_CLUSTER_INFORMATION
struct	_FILE_NETWORK_OPEN_INFORMATION
struct	_FILE_ATTRIBUTE_TAG_INFORMATION
struct	_FILE_TRACKING_INFORMATION
struct	_FILE_REPARSE_POINT_INFORMATION
struct	_FILE_QUOTA_INFORMATION
struct	_FILE_ID_BOTH_DIR_INFORMATION
struct	_FILE_ID_FULL_DIR_INFORMATION
struct	_FILE_VALID_DATA_LENGTH_INFORMATION
struct	_FILE_LINK_ENTRY_INFORMATION
struct	_FILE_LINKS_INFORMATION
struct	_RTL_DRIVE_LETTER_CURDIR
struct	_RTL_USER_PROCESS_PARAMETERS
struct	_PEB_FREE_BLOCK
struct	_PEB_LDR_DATA
struct	_LDR_DATA_TABLE_ENTRY
struct	_PEB
struct	_TEB
struct	_PROCESS_BASIC_INFORMATION
struct	_PORT_MESSAGE
struct	_PORT_VIEW
struct	_REMOTE_PORT_VIEW
struct	RTL_HEAP_PARAMETERS
struct	_EVENT_BASIC_INFORMATION

Macros
#define	NT_SUCCESS(Status)   ((NTSTATUS)(Status) >= 0)
#define	STATUS_SUCCESS   ((NTSTATUS)0x00000000L)
#define	STATUS_UNSUCCESSFUL   ((NTSTATUS)0xC0000001L)
#define	ASSERT(x)   /* x */
#define	UNICODE_NULL   ((WCHAR)0)
#define	OBJ_INHERIT   0x00000002L
#define	OBJ_PERMANENT   0x00000010L
#define	OBJ_EXCLUSIVE   0x00000020L
#define	OBJ_CASE_INSENSITIVE   0x00000040L
#define	OBJ_OPENIF   0x00000080L
#define	OBJ_OPENLINK   0x00000100L
#define	OBJ_KERNEL_HANDLE   0x00000200L
#define	OBJ_FORCE_ACCESS_CHECK   0x00000400L
#define	OBJ_VALID_ATTRIBUTES   0x000007F2L
#define	INIT_UNICODE_STRING(us, wch)
#define	InitializeObjectAttributes(p, n, a, r, s)
#define	InitializeMessageHeader(ph, l, t)
#define	DIRECTORY_QUERY   (0x0001)
#define	DIRECTORY_TRAVERSE   (0x0002)
#define	DIRECTORY_CREATE_OBJECT   (0x0004)
#define	DIRECTORY_CREATE_SUBDIRECTORY   (0x0008)
#define	DIRECTORY_ALL_ACCESS   (STANDARD_RIGHTS_REQUIRED | 0xF)
#define	LEVEL_HANDLE_ID   0x74000000
#define	LEVEL_HANDLE_ID_MASK   0xFF000000
#define	LEVEL_HANDLE_INDEX_MASK   0x00FFFFFF
#define	RTL_QUERY_REGISTRY_SUBKEY   0x00000001
#define	RTL_QUERY_REGISTRY_TOPKEY   0x00000002
#define	RTL_QUERY_REGISTRY_REQUIRED   0x00000004
#define	RTL_QUERY_REGISTRY_NOVALUE   0x00000008
#define	RTL_QUERY_REGISTRY_NOEXPAND   0x00000010
#define	RTL_QUERY_REGISTRY_DIRECT   0x00000020
#define	RTL_QUERY_REGISTRY_DELETE   0x00000040
#define	RTL_REGISTRY_ABSOLUTE   0
#define	RTL_REGISTRY_SERVICES   1
#define	RTL_REGISTRY_CONTROL   2
#define	RTL_REGISTRY_WINDOWS_NT   3
#define	RTL_REGISTRY_DEVICEMAP   4
#define	RTL_REGISTRY_USER   5
#define	RTL_REGISTRY_MAXIMUM   6
#define	RTL_REGISTRY_HANDLE   0x40000000
#define	RTL_REGISTRY_OPTIONAL   0x80000000
#define	OLD_DOS_VOLID   0x00000008
#define	FILE_SUPERSEDE   0x00000000
#define	FILE_OPEN   0x00000001
#define	FILE_CREATE   0x00000002
#define	FILE_OPEN_IF   0x00000003
#define	FILE_OVERWRITE   0x00000004
#define	FILE_OVERWRITE_IF   0x00000005
#define	FILE_MAXIMUM_DISPOSITION   0x00000005
#define	FILE_DIRECTORY_FILE   0x00000001
#define	FILE_WRITE_THROUGH   0x00000002
#define	FILE_SEQUENTIAL_ONLY   0x00000004
#define	FILE_NO_INTERMEDIATE_BUFFERING   0x00000008
#define	FILE_SYNCHRONOUS_IO_ALERT   0x00000010
#define	FILE_SYNCHRONOUS_IO_NONALERT   0x00000020
#define	FILE_NON_DIRECTORY_FILE   0x00000040
#define	FILE_CREATE_TREE_CONNECTION   0x00000080
#define	FILE_COMPLETE_IF_OPLOCKED   0x00000100
#define	FILE_NO_EA_KNOWLEDGE   0x00000200
#define	FILE_OPEN_FOR_RECOVERY   0x00000400
#define	FILE_RANDOM_ACCESS   0x00000800
#define	FILE_DELETE_ON_CLOSE   0x00001000
#define	FILE_OPEN_BY_FILE_ID   0x00002000
#define	FILE_OPEN_FOR_BACKUP_INTENT   0x00004000
#define	FILE_NO_COMPRESSION   0x00008000
#define	FILE_RESERVE_OPFILTER   0x00100000
#define	FILE_OPEN_REPARSE_POINT   0x00200000
#define	FILE_OPEN_NO_RECALL   0x00400000
#define	FILE_OPEN_FOR_FREE_SPACE_QUERY   0x00800000
#define	FILE_SUPERSEDED   0x00000000
#define	FILE_OPENED   0x00000001
#define	FILE_CREATED   0x00000002
#define	FILE_OVERWRITTEN   0x00000003
#define	FILE_EXISTS   0x00000004
#define	FILE_DOES_NOT_EXIST   0x00000005
#define	PIO_APC_ROUTINE_DEFINED
#define	GDI_HANDLE_BUFFER_SIZE   34
#define	NtCurrentProcess()   ((HANDLE) -1)
#define	NtCurrentThread()   ((HANDLE) -2)
#define	MAX_LPC_DATA   0x130
#define	HEAP_NO_SERIALIZE   0x00000001
#define	HEAP_GROWABLE   0x00000002
#define	HEAP_GENERATE_EXCEPTIONS   0x00000004
#define	HEAP_ZERO_MEMORY   0x00000008
#define	HEAP_REALLOC_IN_PLACE_ONLY   0x00000010
#define	HEAP_TAIL_CHECKING_ENABLED   0x00000020
#define	HEAP_FREE_CHECKING_ENABLED   0x00000040
#define	HEAP_DISABLE_COALESCE_ON_FREE   0x00000080
#define	HEAP_CREATE_ALIGN_16   0x00010000
#define	HEAP_CREATE_ENABLE_TRACING   0x00020000
#define	HEAP_MAXIMUM_TAG   0x0FFF
#define	HEAP_PSEUDO_TAG_FLAG   0x8000
#define	RtlProcessHeap()   (HANDLE)(NtCurrentTeb()->ProcessEnvironmentBlock->ProcessHeap)
#define	SYMBOLIC_LINK_QUERY   (0x0001)
#define	SYMBOLIC_LINK_ALL_ACCESS   (STANDARD_RIGHTS_REQUIRED | 0x1)

Typedefs
typedef long	NTSTATUS
typedef enum _EVENT_TYPE	EVENT_TYPE
typedef struct _STRING	STRING
typedef struct _STRING *	PSTRING
typedef struct _UNICODE_STRING	UNICODE_STRING
typedef struct _UNICODE_STRING *	PUNICODE_STRING
typedef STRING	ANSI_STRING
typedef PSTRING	PANSI_STRING
typedef STRING	OEM_STRING
typedef PSTRING	POEM_STRING
typedef CONST STRING *	PCOEM_STRING
typedef const UNICODE_STRING *	PCUNICODE_STRING
typedef struct _OBJECT_ATTRIBUTES	OBJECT_ATTRIBUTES
typedef struct _OBJECT_ATTRIBUTES *	POBJECT_ATTRIBUTES
typedef struct _IO_STATUS_BLOCK	IO_STATUS_BLOCK
typedef struct _IO_STATUS_BLOCK *	PIO_STATUS_BLOCK
typedef struct _CLIENT_ID	CLIENT_ID
typedef struct _CLIENT_ID *	PCLIENT_ID
typedef struct _CURDIR	CURDIR
typedef struct _CURDIR *	PCURDIR
typedef enum _POOL_TYPE	POOL_TYPE
typedef enum _OBJECT_INFORMATION_CLASS	OBJECT_INFORMATION_CLASS
typedef struct _OBJECT_BASIC_INFORMATION	OBJECT_BASIC_INFORMATION
typedef struct _OBJECT_BASIC_INFORMATION *	POBJECT_BASIC_INFORMATION
typedef struct _OBJECT_NAME_INFORMATION	OBJECT_NAME_INFORMATION
typedef struct _OBJECT_NAME_INFORMATION *	POBJECT_NAME_INFORMATION
typedef struct _OBJECT_TYPE_INFORMATION	OBJECT_TYPE_INFORMATION
typedef struct _OBJECT_TYPE_INFORMATION *	POBJECT_TYPE_INFORMATION
typedef struct _OBJECT_HANDLE_FLAG_INFORMATION	OBJECT_HANDLE_FLAG_INFORMATION
typedef struct _OBJECT_HANDLE_FLAG_INFORMATION *	POBJECT_HANDLE_FLAG_INFORMATION
typedef struct _OBJECT_DIRECTORY_INFORMATION	OBJECT_DIRECTORY_INFORMATION
typedef struct _OBJECT_DIRECTORY_INFORMATION *	POBJECT_DIRECTORY_INFORMATION
typedef enum _RTL_GENERIC_COMPARE_RESULTS	RTL_GENERIC_COMPARE_RESULTS
typedef struct _RTL_SPLAY_LINKS	RTL_SPLAY_LINKS
typedef struct _RTL_SPLAY_LINKS *	PRTL_SPLAY_LINKS
typedef PVOID	FirstStruct
typedef PVOID PVOID	SecondStruct
typedef PVOID(NTAPI *	PRTL_GENERIC_ALLOCATE_ROUTINE) (struct _RTL_GENERIC_TABLE *Table, ULONG ByteSize)
typedef VOID(NTAPI *	PRTL_GENERIC_FREE_ROUTINE) (struct _RTL_GENERIC_TABLE *Table, PVOID Buffer)
typedef struct _RTL_GENERIC_TABLE	RTL_GENERIC_TABLE
typedef struct _RTL_GENERIC_TABLE *	PRTL_GENERIC_TABLE
typedef struct _RTL_HANDLE_TABLE_ENTRY	RTL_HANDLE_TABLE_ENTRY
typedef struct _RTL_HANDLE_TABLE_ENTRY *	PRTL_HANDLE_TABLE_ENTRY
typedef struct _RTL_HANDLE_TABLE	RTL_HANDLE_TABLE
typedef struct _RTL_HANDLE_TABLE *	PRTL_HANDLE_TABLE
typedef enum _KEY_INFORMATION_CLASS	KEY_INFORMATION_CLASS
typedef struct _KEY_BASIC_INFORMATION	KEY_BASIC_INFORMATION
typedef struct _KEY_BASIC_INFORMATION *	PKEY_BASIC_INFORMATION
typedef struct _KEY_NODE_INFORMATION	KEY_NODE_INFORMATION
typedef struct _KEY_NODE_INFORMATION *	PKEY_NODE_INFORMATION
typedef struct _KEY_FULL_INFORMATION	KEY_FULL_INFORMATION
typedef struct _KEY_FULL_INFORMATION *	PKEY_FULL_INFORMATION
typedef struct _KEY_NAME_INFORMATION	KEY_NAME_INFORMATION
typedef struct _KEY_NAME_INFORMATION *	PKEY_NAME_INFORMATION
typedef struct _KEY_CACHED_INFORMATION	KEY_CACHED_INFORMATION
typedef struct _KEY_CACHED_INFORMATION *	PKEY_CACHED_INFORMATION
typedef struct _KEY_FLAGS_INFORMATION	KEY_FLAGS_INFORMATION
typedef struct _KEY_FLAGS_INFORMATION *	PKEY_FLAGS_INFORMATION
typedef enum _KEY_VALUE_INFORMATION_CLASS	KEY_VALUE_INFORMATION_CLASS
typedef struct _KEY_VALUE_FULL_INFORMATION	KEY_VALUE_FULL_INFORMATION
typedef struct _KEY_VALUE_FULL_INFORMATION *	PKEY_VALUE_FULL_INFORMATION
typedef struct _KEY_VALUE_PARTIAL_INFORMATION	KEY_VALUE_PARTIAL_INFORMATION
typedef struct _KEY_VALUE_PARTIAL_INFORMATION *	PKEY_VALUE_PARTIAL_INFORMATION
typedef NTSTATUS(NTAPI *	PRTL_QUERY_REGISTRY_ROUTINE) (IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext)
typedef struct _RTL_QUERY_REGISTRY_TABLE	RTL_QUERY_REGISTRY_TABLE
typedef struct _RTL_QUERY_REGISTRY_TABLE *	PRTL_QUERY_REGISTRY_TABLE
typedef enum _SYSTEM_INFORMATION_CLASS	SYSTEM_INFORMATION_CLASS
typedef enum _SYSTEM_INFORMATION_CLASS *	PSYSTEM_INFORMATION_CLASS
typedef LONG	KPRIORITY
typedef struct _SYSTEM_BASIC_INFORMATION	SYSTEM_BASIC_INFORMATION
typedef struct _SYSTEM_BASIC_INFORMATION *	PSYSTEM_BASIC_INFORMATION
typedef struct _SYSTEM_PROCESSOR_INFORMATION	SYSTEM_PROCESSOR_INFORMATION
typedef struct _SYSTEM_PROCESSOR_INFORMATION *	PSYSTEM_PROCESSOR_INFORMATION
typedef struct _SYSTEM_PERFORMANCE_INFORMATION	SYSTEM_PERFORMANCE_INFORMATION
typedef struct _SYSTEM_PERFORMANCE_INFORMATION *	PSYSTEM_PERFORMANCE_INFORMATION
typedef struct _SYSTEM_TIMEOFDAY_INFORMATION	SYSTEM_TIMEOFDAY_INFORMATION
typedef struct _SYSTEM_TIMEOFDAY_INFORMATION *	PSYSTEM_TIMEOFDAY_INFORMATION
typedef struct _SYSTEM_PROCESS_INFORMATION	SYSTEM_PROCESS_INFORMATION
typedef struct _SYSTEM_PROCESS_INFORMATION *	PSYSTEM_PROCESS_INFORMATION
typedef struct _SYSTEM_DEVICE_INFORMATION	SYSTEM_DEVICE_INFORMATION
typedef struct _SYSTEM_DEVICE_INFORMATION *	PSYSTEM_DEVICE_INFORMATION
typedef struct _SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION	SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION
typedef struct _SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION *	PSYSTEM_PROCESSOR_PERFORMANCE_INFORMATION
typedef struct _SYSTEM_FLAGS_INFORMATION	SYSTEM_FLAGS_INFORMATION
typedef struct _SYSTEM_FLAGS_INFORMATION *	PSYSTEM_FLAGS_INFORMATION
typedef struct _SYSTEM_MODULE	SYSTEM_MODULE
typedef struct _SYSTEM_MODULE *	PSYSTEM_MODULE
typedef struct _SYSTEM_MODULE_INFORMATION	SYSTEM_MODULE_INFORMATION
typedef struct _SYSTEM_MODULE_INFORMATION *	PSYSTEM_MODULE_INFORMATION
typedef enum _SHUTDOWN_ACTION	SHUTDOWN_ACTION
typedef enum _SHUTDOWN_ACTION *	PSHUTDOWN_ACTION
typedef VOID(NTAPI *	PIO_APC_ROUTINE) (IN PVOID ApcContext, IN PIO_STATUS_BLOCK IoStatusBlock, IN ULONG Reserved)
typedef enum _FILE_INFORMATION_CLASS	FILE_INFORMATION_CLASS
typedef enum _FILE_INFORMATION_CLASS *	PFILE_INFORMATION_CLASS
typedef struct _FILE_DIRECTORY_INFORMATION	FILE_DIRECTORY_INFORMATION
typedef struct _FILE_DIRECTORY_INFORMATION *	PFILE_DIRECTORY_INFORMATION
typedef struct _FILE_FULL_DIR_INFORMATION	FILE_FULL_DIR_INFORMATION
typedef struct _FILE_FULL_DIR_INFORMATION *	PFILE_FULL_DIR_INFORMATION
typedef struct _FILE_BOTH_DIR_INFORMATION	FILE_BOTH_DIR_INFORMATION
typedef struct _FILE_BOTH_DIR_INFORMATION *	PFILE_BOTH_DIR_INFORMATION
typedef struct _FILE_BASIC_INFORMATION	FILE_BASIC_INFORMATION
typedef struct _FILE_BASIC_INFORMATION *	PFILE_BASIC_INFORMATION
typedef struct _FILE_STANDARD_INFORMATION	FILE_STANDARD_INFORMATION
typedef struct _FILE_STANDARD_INFORMATION *	PFILE_STANDARD_INFORMATION
typedef struct _FILE_INTERNAL_INFORMATION	FILE_INTERNAL_INFORMATION
typedef struct _FILE_INTERNAL_INFORMATION *	PFILE_INTERNAL_INFORMATION
typedef struct _FILE_EA_INFORMATION	FILE_EA_INFORMATION
typedef struct _FILE_EA_INFORMATION *	PFILE_EA_INFORMATION
typedef struct _FILE_ACCESS_INFORMATION	FILE_ACCESS_INFORMATION
typedef struct _FILE_ACCESS_INFORMATION *	PFILE_ACCESS_INFORMATION
typedef struct _FILE_NAME_INFORMATION	FILE_NAME_INFORMATION
typedef struct _FILE_NAME_INFORMATION *	PFILE_NAME_INFORMATION
typedef struct _FILE_RENAME_INFORMATION	FILE_RENAME_INFORMATION
typedef struct _FILE_RENAME_INFORMATION *	PFILE_RENAME_INFORMATION
typedef struct _FILE_NAMES_INFORMATION	FILE_NAMES_INFORMATION
typedef struct _FILE_NAMES_INFORMATION *	PFILE_NAMES_INFORMATION
typedef struct _FILE_DISPOSITION_INFORMATION	FILE_DISPOSITION_INFORMATION
typedef struct _FILE_DISPOSITION_INFORMATION *	PFILE_DISPOSITION_INFORMATION
typedef struct _FILE_POSITION_INFORMATION	FILE_POSITION_INFORMATION
typedef struct _FILE_POSITION_INFORMATION *	PFILE_POSITION_INFORMATION
typedef struct _FILE_FULL_EA_INFORMATION	FILE_FULL_EA_INFORMATION
typedef struct _FILE_FULL_EA_INFORMATION *	PFILE_FULL_EA_INFORMATION
typedef struct _FILE_MODE_INFORMATION	FILE_MODE_INFORMATION
typedef struct _FILE_MODE_INFORMATION *	PFILE_MODE_INFORMATION
typedef struct _FILE_ALIGNMENT_INFORMATION	FILE_ALIGNMENT_INFORMATION
typedef struct _FILE_ALIGNMENT_INFORMATION *	PFILE_ALIGNMENT_INFORMATION
typedef struct _FILE_ALL_INFORMATION	FILE_ALL_INFORMATION
typedef struct _FILE_ALL_INFORMATION *	PFILE_ALL_INFORMATION
typedef struct _FILE_ALLOCATION_INFORMATION	FILE_ALLOCATION_INFORMATION
typedef struct _FILE_ALLOCATION_INFORMATION *	PFILE_ALLOCATION_INFORMATION
typedef struct _FILE_END_OF_FILE_INFORMATION	FILE_END_OF_FILE_INFORMATION
typedef struct _FILE_END_OF_FILE_INFORMATION *	PFILE_END_OF_FILE_INFORMATION
typedef struct _FILE_STREAM_INFORMATION	FILE_STREAM_INFORMATION
typedef struct _FILE_STREAM_INFORMATION *	PFILE_STREAM_INFORMATION
typedef struct _FILE_PIPE_INFORMATION	FILE_PIPE_INFORMATION
typedef struct _FILE_PIPE_INFORMATION *	PFILE_PIPE_INFORMATION
typedef struct _FILE_PIPE_LOCAL_INFORMATION	FILE_PIPE_LOCAL_INFORMATION
typedef struct _FILE_PIPE_LOCAL_INFORMATION *	PFILE_PIPE_LOCAL_INFORMATION
typedef struct _FILE_PIPE_REMOTE_INFORMATION	FILE_PIPE_REMOTE_INFORMATION
typedef struct _FILE_PIPE_REMOTE_INFORMATION *	PFILE_PIPE_REMOTE_INFORMATION
typedef struct _FILE_MAILSLOT_QUERY_INFORMATION	FILE_MAILSLOT_QUERY_INFORMATION
typedef struct _FILE_MAILSLOT_QUERY_INFORMATION *	PFILE_MAILSLOT_QUERY_INFORMATION
typedef struct _FILE_MAILSLOT_SET_INFORMATION	FILE_MAILSLOT_SET_INFORMATION
typedef struct _FILE_MAILSLOT_SET_INFORMATION *	PFILE_MAILSLOT_SET_INFORMATION
typedef struct _FILE_COMPRESSION_INFORMATION	FILE_COMPRESSION_INFORMATION
typedef struct _FILE_COMPRESSION_INFORMATION *	PFILE_COMPRESSION_INFORMATION
typedef struct _FILE_LINK_INFORMATION	FILE_LINK_INFORMATION
typedef struct _FILE_LINK_INFORMATION *	PFILE_LINK_INFORMATION
typedef struct _FILE_OBJECTID_INFORMATION	FILE_OBJECTID_INFORMATION
typedef struct _FILE_OBJECTID_INFORMATION *	PFILE_OBJECTID_INFORMATION
typedef struct _FILE_COMPLETION_INFORMATION	FILE_COMPLETION_INFORMATION
typedef struct _FILE_COMPLETION_INFORMATION *	PFILE_COMPLETION_INFORMATION
typedef struct _FILE_MOVE_CLUSTER_INFORMATION	FILE_MOVE_CLUSTER_INFORMATION
typedef struct _FILE_MOVE_CLUSTER_INFORMATION *	PFILE_MOVE_CLUSTER_INFORMATION
typedef struct _FILE_NETWORK_OPEN_INFORMATION	FILE_NETWORK_OPEN_INFORMATION
typedef struct _FILE_NETWORK_OPEN_INFORMATION *	PFILE_NETWORK_OPEN_INFORMATION
typedef struct _FILE_ATTRIBUTE_TAG_INFORMATION	FILE_ATTRIBUTE_TAG_INFORMATION
typedef struct _FILE_ATTRIBUTE_TAG_INFORMATION *	PFILE_ATTRIBUTE_TAG_INFORMATION
typedef struct _FILE_TRACKING_INFORMATION	FILE_TRACKING_INFORMATION
typedef struct _FILE_TRACKING_INFORMATION *	PFILE_TRACKING_INFORMATION
typedef struct _FILE_REPARSE_POINT_INFORMATION	FILE_REPARSE_POINT_INFORMATION
typedef struct _FILE_REPARSE_POINT_INFORMATION *	PFILE_REPARSE_POINT_INFORMATION
typedef struct _FILE_QUOTA_INFORMATION	FILE_QUOTA_INFORMATION
typedef struct _FILE_QUOTA_INFORMATION *	PFILE_QUOTA_INFORMATION
typedef struct _FILE_ID_BOTH_DIR_INFORMATION	FILE_ID_BOTH_DIR_INFORMATION
typedef struct _FILE_ID_BOTH_DIR_INFORMATION *	PFILE_ID_BOTH_DIR_INFORMATION
typedef struct _FILE_ID_FULL_DIR_INFORMATION	FILE_ID_FULL_DIR_INFORMATION
typedef struct _FILE_ID_FULL_DIR_INFORMATION *	PFILE_ID_FULL_DIR_INFORMATION
typedef struct _FILE_VALID_DATA_LENGTH_INFORMATION	FILE_VALID_DATA_LENGTH_INFORMATION
typedef struct _FILE_VALID_DATA_LENGTH_INFORMATION *	PFILE_VALID_DATA_LENGTH_INFORMATION
typedef struct _FILE_LINK_ENTRY_INFORMATION	FILE_LINK_ENTRY_INFORMATION
typedef struct _FILE_LINK_ENTRY_INFORMATION *	PFILE_LINK_ENTRY_INFORMATION
typedef struct _FILE_LINKS_INFORMATION	FILE_LINKS_INFORMATION
typedef struct _FILE_LINKS_INFORMATION *	PFILE_LINKS_INFORMATION
typedef enum _FSINFOCLASS	FS_INFORMATION_CLASS
typedef enum _FSINFOCLASS *	PFS_INFORMATION_CLASS
typedef enum _PROCESSINFOCLASS	PROCESSINFOCLASS
typedef enum _THREADINFOCLASS	THREADINFOCLASS
typedef struct _RTL_DRIVE_LETTER_CURDIR	RTL_DRIVE_LETTER_CURDIR
typedef struct _RTL_DRIVE_LETTER_CURDIR *	PRTL_DRIVE_LETTER_CURDIR
typedef struct _RTL_USER_PROCESS_PARAMETERS	RTL_USER_PROCESS_PARAMETERS
typedef struct _RTL_USER_PROCESS_PARAMETERS *	PRTL_USER_PROCESS_PARAMETERS
typedef struct _PEB_FREE_BLOCK	PEB_FREE_BLOCK
typedef struct _PEB_FREE_BLOCK *	PPEB_FREE_BLOCK
typedef struct _PEB_LDR_DATA	PEB_LDR_DATA
typedef struct _PEB_LDR_DATA *	PPEB_LDR_DATA
typedef struct _LDR_DATA_TABLE_ENTRY	LDR_DATA_TABLE_ENTRY
typedef struct _LDR_DATA_TABLE_ENTRY *	PLDR_DATA_TABLE_ENTRY
typedef struct _PEB	PEB
typedef struct _PEB *	PPEB
typedef struct _TEB	TEB
typedef struct _TEB *	PTEB
typedef struct _PROCESS_BASIC_INFORMATION	PROCESS_BASIC_INFORMATION
typedef struct _PROCESS_BASIC_INFORMATION *	PPROCESS_BASIC_INFORMATION
typedef enum _LPC_TYPE	LPC_TYPE
typedef enum _LPC_TYPE *	PLPC_TYPE
typedef struct _PORT_MESSAGE	PORT_MESSAGE
typedef struct _PORT_MESSAGE *	PPORT_MESSAGE
typedef struct _PORT_VIEW	PORT_VIEW
typedef struct _PORT_VIEW *	PPORT_VIEW
typedef struct _REMOTE_PORT_VIEW	REMOTE_PORT_VIEW
typedef struct _REMOTE_PORT_VIEW *	PREMOTE_PORT_VIEW
typedef struct RTL_HEAP_PARAMETERS	RTL_HEAP_PARAMETERS
typedef struct RTL_HEAP_PARAMETERS *	PRTL_HEAP_PARAMETERS
typedef enum _SECTION_INHERIT	SECTION_INHERIT
typedef enum _SECTION_INFORMATION_CLASS	SECTION_INFORMATION_CLASS
typedef enum _SECTION_INFORMATION_CLASS *	PSECTION_INFORMATION_CLASS
typedef enum _WAIT_TYPE	WAIT_TYPE
typedef enum _EVENT_INFORMATION_CLASS	EVENT_INFORMATION_CLASS
typedef struct _EVENT_BASIC_INFORMATION	EVENT_BASIC_INFORMATION
typedef struct _EVENT_BASIC_INFORMATION *	PEVENT_BASIC_INFORMATION

Enumerations
enum	_EVENT_TYPE { NotificationEvent , SynchronizationEvent }
enum	_POOL_TYPE {   NonPagedPool , PagedPool , NonPagedPoolMustSucceed , DontUseThisType ,   NonPagedPoolCacheAligned , PagedPoolCacheAligned , NonPagedPoolCacheAlignedMustS , MaxPoolType }
enum	_OBJECT_INFORMATION_CLASS {   ObjectBasicInformation , ObjectNameInformation , ObjectTypeInformation , ObjectTypesInformation ,   ObjectHandleFlagInformation }
enum	_RTL_GENERIC_COMPARE_RESULTS { GenericLessThan , GenericGreaterThan , GenericEqual }
enum	_KEY_INFORMATION_CLASS {   KeyBasicInformation , KeyNodeInformation , KeyFullInformation , KeyNameInformation ,   KeyCachedInformation , KeyFlagsInformation , MaxKeyInfoClass }
enum	_KEY_VALUE_INFORMATION_CLASS {   KeyValueBasicInformation , KeyValueFullInformation , KeyValuePartialInformation , KeyValueFullInformationAlign64 ,   KeyValuePartialInformationAlign64 , MaxKeyValueInfoClass }
enum	_SYSTEM_INFORMATION_CLASS {   SystemBasicInformation , SystemProcessorInformation , SystemPerformanceInformation , SystemTimeOfDayInformation ,   SystemPathInformation , SystemProcessInformation , SystemCallCountInformation , SystemDeviceInformation ,   SystemProcessorPerformanceInformation , SystemFlagsInformation , SystemCallTimeInformation , SystemModuleInformation ,   SystemLocksInformation , SystemStackTraceInformation , SystemPagedPoolInformation , SystemNonPagedPoolInformation ,   SystemHandleInformation , SystemObjectInformation , SystemPageFileInformation , SystemVdmInstemulInformation ,   SystemVdmBopInformation , SystemFileCacheInformation , SystemPoolTagInformation , SystemInterruptInformation ,   SystemDpcBehaviorInformation , SystemFullMemoryInformation , SystemLoadGdiDriverInformation , SystemUnloadGdiDriverInformation ,   SystemTimeAdjustmentInformation , SystemSummaryMemoryInformation , SystemNextEventIdInformation , SystemEventIdsInformation ,   SystemCrashDumpInformation , SystemExceptionInformation , SystemCrashDumpStateInformation , SystemKernelDebuggerInformation ,   SystemContextSwitchInformation , SystemRegistryQuotaInformation , SystemExtendServiceTableInformation , SystemPrioritySeperation ,   SystemPlugPlayBusInformation , SystemDockInformation }
enum	_SHUTDOWN_ACTION { ShutdownNoReboot , ShutdownReboot , ShutdownPowerOff }
enum	_FILE_INFORMATION_CLASS {   FileDirectoryInformation = 1 , FileFullDirectoryInformation , FileBothDirectoryInformation , FileBasicInformation ,   FileStandardInformation , FileInternalInformation , FileEaInformation , FileAccessInformation ,   FileNameInformation , FileRenameInformation , FileLinkInformation , FileNamesInformation ,   FileDispositionInformation , FilePositionInformation , FileFullEaInformation , FileModeInformation ,   FileAlignmentInformation , FileAllInformation , FileAllocationInformation , FileEndOfFileInformation ,   FileAlternateNameInformation , FileStreamInformation , FilePipeInformation , FilePipeLocalInformation ,   FilePipeRemoteInformation , FileMailslotQueryInformation , FileMailslotSetInformation , FileCompressionInformation ,   FileObjectIdInformation , FileCompletionInformation , FileMoveClusterInformation , FileQuotaInformation ,   FileReparsePointInformation , FileNetworkOpenInformation , FileAttributeTagInformation , FileTrackingInformation ,   FileIdBothDirectoryInformation , FileIdFullDirectoryInformation , FileValidDataLengthInformation , FileShortNameInformation ,   FileIoCompletionNotificationInformation , FileIoStatusBlockRangeInformation , FileIoPriorityHintInformation , FileSfioReserveInformation ,   FileSfioVolumeInformation , FileHardLinkInformation , FileProcessIdsUsingFileInformation , FileMaximumInformation }
enum	_FSINFOCLASS {   FileFsVolumeInformation = 1 , FileFsLabelInformation , FileFsSizeInformation , FileFsDeviceInformation ,   FileFsAttributeInformation , FileFsControlInformation , FileFsFullSizeInformation , FileFsObjectIdInformation ,   FileFsDriverPathInformation , FileFsMaximumInformation }
enum	_PROCESSINFOCLASS {   ProcessBasicInformation , ProcessQuotaLimits , ProcessIoCounters , ProcessVmCounters ,   ProcessTimes , ProcessBasePriority , ProcessRaisePriority , ProcessDebugPort ,   ProcessExceptionPort , ProcessAccessToken , ProcessLdtInformation , ProcessLdtSize ,   ProcessDefaultHardErrorMode , ProcessIoPortHandlers , ProcessPooledUsageAndLimits , ProcessWorkingSetWatch ,   ProcessUserModeIOPL , ProcessEnableAlignmentFaultFixup , ProcessPriorityClass , ProcessWx86Information ,   ProcessHandleCount , ProcessAffinityMask , ProcessPriorityBoost , ProcessDeviceMap ,   ProcessSessionInformation , ProcessForegroundInformation , ProcessWow64Information , ProcessImageFileName ,   ProcessLUIDDeviceMapsEnabled , ProcessBreakOnTermination , ProcessDebugObjectHandle , ProcessDebugFlags ,   ProcessHandleTracing , MaxProcessInfoClass }
enum	_THREADINFOCLASS {   ThreadBasicInformation , ThreadTimes , ThreadPriority , ThreadBasePriority ,   ThreadAffinityMask , ThreadImpersonationToken , ThreadDescriptorTableEntry , ThreadEnableAlignmentFaultFixup ,   ThreadEventPair , ThreadQuerySetWin32StartAddress , ThreadZeroTlsCell , ThreadPerformanceCount ,   ThreadAmILastThread , ThreadIdealProcessor , ThreadPriorityBoost , ThreadSetTlsArrayAddress ,   MaxThreadInfoClass }
enum	_LPC_TYPE {   LPC_NEW_MESSAGE , LPC_REQUEST , LPC_REPLY , LPC_DATAGRAM ,   LPC_LOST_REPLY , LPC_PORT_CLOSED , LPC_CLIENT_DIED , LPC_EXCEPTION ,   LPC_DEBUG_EVENT , LPC_ERROR_EVENT , LPC_CONNECTION_REQUEST }
enum	_SECTION_INHERIT { ViewShare = 1 , ViewUnmap = 2 }
enum	_SECTION_INFORMATION_CLASS { SectionBasicInformation , SectionImageInformation }
enum	_WAIT_TYPE { WaitAll , WaitAny }
enum	_EVENT_INFORMATION_CLASS { EventBasicInformation }

Functions
NTSYSAPI PVOID NTAPI	RtlImageNtHeader (IN PVOID BaseAddress)
NTSYSAPI PVOID NTAPI	RtlImageDirectoryEntryToData (IN PVOID Base, IN BOOLEAN MappedAsImage, IN USHORT DirectoryEntry, OUT PULONG Size)
NTSYSAPI NTSTATUS NTAPI	RtlStringFromGUID (IN REFGUID Guid, OUT PUNICODE_STRING GuidString)
NTSYSAPI VOID NTAPI	RtlInitUnicodeString (PUNICODE_STRING DestinationString, PCWSTR SourceString)
NTSYSAPI BOOLEAN NTAPI	RtlCreateUnicodeString (OUT PUNICODE_STRING DestinationString, IN PCWSTR SourceString)
NTSYSAPI BOOLEAN NTAPI	RtlCreateUnicodeStringFromAsciiz (OUT PUNICODE_STRING Destination, IN PCSTR Source)
NTSYSAPI BOOLEAN NTAPI	RtlPrefixUnicodeString (IN PUNICODE_STRING String1, IN PUNICODE_STRING String2, IN BOOLEAN CaseInSensitive)
NTSYSAPI NTSTATUS NTAPI	RtlDuplicateUnicodeString (IN BOOLEAN AllocateNew, IN PUNICODE_STRING SourceString, OUT PUNICODE_STRING TargetString)
NTSYSAPI NTSTATUS NTAPI	RtlAppendUnicodeToString (PUNICODE_STRING Destination, PCWSTR Source)
NTSYSAPI NTSTATUS NTAPI	RtlAppendUnicodeStringToString (IN OUT PUNICODE_STRING Destination, IN PUNICODE_STRING Source)
NTSYSAPI NTSTATUS NTAPI	RtlUnicodeStringToInteger (IN PUNICODE_STRING String, IN ULONG Base OPTIONAL, OUT PULONG Value)
NTSYSAPI NTSTATUS NTAPI	RtlIntegerToUnicodeString (IN ULONG Value, IN ULONG Base OPTIONAL, IN OUT PUNICODE_STRING String)
NTSYSAPI NTSTATUS NTAPI	RtlGUIDFromString (IN PUNICODE_STRING GuidString, OUT GUID *Guid)
NTSYSAPI LONG NTAPI	RtlCompareUnicodeString (IN PUNICODE_STRING String1, IN PUNICODE_STRING String2, IN BOOLEAN CaseInSensitive)
NTSYSAPI VOID NTAPI	RtlCopyUnicodeString (OUT PUNICODE_STRING DestinationString, IN PUNICODE_STRING SourceString)
NTSYSAPI NTSTATUS NTAPI	RtlUpcaseUnicodeString (OUT PUNICODE_STRING DestinationString, IN PUNICODE_STRING SourceString, IN BOOLEAN AllocateDestinationString)
NTSYSAPI NTSTATUS NTAPI	RtlDowncaseUnicodeString (OUT PUNICODE_STRING DestinationString, IN PUNICODE_STRING SourceString, IN BOOLEAN AllocateDestinationString)
NTSYSAPI BOOLEAN NTAPI	RtlEqualUnicodeString (IN PUNICODE_STRING String1, IN PUNICODE_STRING String2, IN BOOLEAN CaseInSensitive)
NTSYSAPI VOID NTAPI	RtlFreeUnicodeString (IN PUNICODE_STRING UnicodeString)
NTSYSAPI NTSTATUS NTAPI	RtlAnsiStringToUnicodeString (OUT PUNICODE_STRING DestinationString, IN PANSI_STRING SourceString, IN BOOLEAN AllocateDestinationString)
NTSYSAPI NTSTATUS NTAPI	RtlUnicodeStringToAnsiString (OUT PANSI_STRING DestinationString, IN PUNICODE_STRING SourceString, IN BOOLEAN AllocateDestinationString)
NTSYSAPI VOID NTAPI	RtlInitAnsiString (OUT PANSI_STRING DestinationString, IN PCHAR SourceString)
NTSYSAPI VOID NTAPI	RtlFreeAnsiString (IN PANSI_STRING AnsiString)
NTSYSAPI NTSTATUS NTAPI	RtlFormatCurrentUserKeyPath (OUT PUNICODE_STRING CurrentUserKeyPath)
NTSYSAPI VOID NTAPI	RtlRaiseStatus (IN NTSTATUS Status)
NTSYSAPI VOID NTAPI	DbgBreakPoint (VOID)
NTSYSAPI ULONG _cdecl	DbgPrint (PCH Format,...)
NTSYSAPI ULONG NTAPI	RtlRandom (IN OUT PULONG Seed)
NTSYSAPI NTSTATUS NTAPI	RtlInitializeCriticalSection (IN PRTL_CRITICAL_SECTION CriticalSection)
NTSYSAPI BOOL NTAPI	RtlTryEnterCriticalSection (IN PRTL_CRITICAL_SECTION CriticalSection)
NTSYSAPI NTSTATUS NTAPI	RtlEnterCriticalSection (IN PRTL_CRITICAL_SECTION CriticalSection)
NTSYSAPI NTSTATUS NTAPI	RtlLeaveCriticalSection (IN PRTL_CRITICAL_SECTION CriticalSection)
NTSYSAPI NTSTATUS NTAPI	RtlDeleteCriticalSection (IN PRTL_CRITICAL_SECTION CriticalSection)
NTSYSAPI NTSTATUS NTAPI	NtOpenDirectoryObject (OUT PHANDLE DirectoryHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
NTSYSAPI NTSTATUS NTAPI	NtQueryDirectoryObject (IN HANDLE DirectoryHandle, OUT PVOID Buffer, IN ULONG Length, IN BOOLEAN ReturnSingleEntry, IN BOOLEAN RestartScan, IN OUT PULONG Context, OUT PULONG ReturnLength OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtQueryObject (IN HANDLE ObjectHandle, IN OBJECT_INFORMATION_CLASS ObjectInformationClass, OUT PVOID ObjectInformation, IN ULONG Length, OUT PULONG ResultLength OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtSetInformationObject (IN HANDLE ObjectHandle, IN OBJECT_INFORMATION_CLASS ObjectInformationClass, IN PVOID ObjectInformation, IN ULONG Length)
NTSYSAPI NTSTATUS NTAPI	NtDuplicateObject (IN HANDLE SourceProcessHandle, IN HANDLE SourceHandle, IN HANDLE TargetProcessHandle OPTIONAL, OUT PHANDLE TargetHandle OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG HandleAttributes, IN ULONG Options)
NTSYSAPI NTSTATUS NTAPI	NtQuerySecurityObject (IN HANDLE ObjectHandle, IN SECURITY_INFORMATION SecurityInformation, OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN ULONG DescriptorLength, OUT PULONG ReturnLength)
NTSYSAPI NTSTATUS NTAPI	NtSetSecurityObject (IN HANDLE ObjectHandle, IN SECURITY_INFORMATION SecurityInformation, IN PSECURITY_DESCRIPTOR SecurityDescriptor)
typedef	RTL_GENERIC_COMPARE_RESULTS (NTAPI *PRTL_GENERIC_COMPARE_ROUTINE)(struct _RTL_GENERIC_TABLE *Table
NTSYSAPI VOID NTAPI	RtlInitializeGenericTable (IN PRTL_GENERIC_TABLE Table, IN PRTL_GENERIC_COMPARE_ROUTINE CompareRoutine, IN PRTL_GENERIC_ALLOCATE_ROUTINE AllocateRoutine, IN PRTL_GENERIC_FREE_ROUTINE FreeRoutine, IN PVOID TableContext)
NTSYSAPI VOID NTAPI	RtlInitializeHandleTable (IN ULONG MaximumNumberOfHandles, IN ULONG SizeOfHandleTableEntry, OUT PRTL_HANDLE_TABLE HandleTable)
NTSYSAPI PRTL_HANDLE_TABLE_ENTRY NTAPI	RtlAllocateHandle (IN PRTL_HANDLE_TABLE HandleTable, OUT PULONG HandleIndex OPTIONAL)
NTSYSAPI BOOLEAN NTAPI	RtlFreeHandle (IN PRTL_HANDLE_TABLE HandleTable, IN PRTL_HANDLE_TABLE_ENTRY Handle)
NTSYSAPI BOOLEAN NTAPI	RtlIsValidIndexHandle (IN PRTL_HANDLE_TABLE HandleTable, IN ULONG HandleIndex, OUT PRTL_HANDLE_TABLE_ENTRY *Handle)
NTSYSAPI PVOID NTAPI	RtlInsertElementGenericTable (IN PRTL_GENERIC_TABLE Table, IN PVOID Buffer, IN LONG BufferSize, OUT PBOOLEAN NewElement OPTIONAL)
NTSYSAPI BOOLEAN NTAPI	RtlIsGenericTableEmpty (IN PRTL_GENERIC_TABLE Table)
NTSYSAPI PVOID NTAPI	RtlLookupElementGenericTable (IN PRTL_GENERIC_TABLE Table, IN PVOID Buffer)
NTSYSAPI PVOID NTAPI	RtlEnumerateGenericTableWithoutSplaying (IN PRTL_GENERIC_TABLE Table, IN PVOID *RestartKey)
NTSYSAPI NTSTATUS NTAPI	NtClose (IN HANDLE Handle)
NTSYSAPI NTSTATUS NTAPI	ZwClose (IN HANDLE Handle)
NTSYSAPI NTSTATUS NTAPI	RtlOpenCurrentUser (IN ULONG DesiredAccess, OUT PHANDLE CurrentUserKey)
NTSYSAPI NTSTATUS NTAPI	RtlCreateEnvironment (BOOLEAN CloneCurrentEnvironment, PVOID *Environment)
NTSYSAPI NTSTATUS NTAPI	RtlQueryEnvironmentVariable_U (PVOID Environment, PUNICODE_STRING Name, PUNICODE_STRING Value)
NTSYSAPI NTSTATUS NTAPI	RtlSetEnvironmentVariable (PVOID *Environment, PUNICODE_STRING Name, PUNICODE_STRING Value)
NTSYSAPI NTSTATUS NTAPI	RtlDestroyEnvironment (PVOID Environment)
NTSYSAPI NTSTATUS NTAPI	NtCreateKey (OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG TitleIndex, IN PUNICODE_STRING Class OPTIONAL, IN ULONG CreateOptions, OUT PULONG Disposition OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtOpenKey (OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
NTSYSAPI NTSTATUS NTAPI	NtQueryKey (IN HANDLE KeyHandle, IN KEY_INFORMATION_CLASS KeyInformationClass, OUT PVOID KeyInformation, IN ULONG Length, OUT PULONG ResultLength)
NTSYSAPI NTSTATUS NTAPI	NtEnumerateKey (IN HANDLE KeyHandle, IN ULONG Index, IN KEY_INFORMATION_CLASS KeyInformationClass, IN PVOID KeyInformation, IN ULONG Length, IN PULONG ResultLength)
NTSYSAPI NTSTATUS NTAPI	NtDeleteKey (IN HANDLE KeyHandle)
NTSYSAPI NTSTATUS NTAPI	NtQueryValueKey (IN HANDLE KeyHandle, IN PUNICODE_STRING ValueName, IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass, OUT PVOID KeyValueInformation, IN ULONG Length, OUT PULONG ResultLength)
NTSYSAPI NTSTATUS NTAPI	NtSetValueKey (IN HANDLE KeyHandle, IN PUNICODE_STRING ValueName, IN ULONG TitleIndex OPTIONAL, IN ULONG Type, IN PVOID Data, IN ULONG DataSize)
NTSYSAPI NTSTATUS NTAPI	NtDeleteValueKey (IN HANDLE KeyHandle, IN PUNICODE_STRING ValueName)
NTSYSAPI NTSTATUS NTAPI	RtlQueryRegistryValues (IN ULONG RelativeTo, IN PCWSTR Path, IN PRTL_QUERY_REGISTRY_TABLE QueryTable, IN PVOID Context, IN PVOID Environment OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtQuerySystemInformation (IN SYSTEM_INFORMATION_CLASS SystemInformationClass, OUT PVOID SystemInformation, IN ULONG SystemInformationLength, OUT PULONG ReturnLength)
NTSYSAPI NTSTATUS NTAPI	NtShutdownSystem (IN SHUTDOWN_ACTION Action)
NTSYSAPI NTSTATUS NTAPI	NtCreateFile (OUT PHANDLE FileHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK IoStatusBlock, IN PLARGE_INTEGER AllocationSize, IN ULONG FileAttributes, IN ULONG ShareAccess, IN ULONG CreateDisposition, IN ULONG CreateOptions, IN PVOID EaBuffer, IN ULONG EaLength)
NTSYSAPI NTSTATUS NTAPI	ZwCreateFile (OUT PHANDLE FileHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK IoStatusBlock, IN PLARGE_INTEGER AllocationSize, IN ULONG FileAttributes, IN ULONG ShareAccess, IN ULONG CreateDisposition, IN ULONG CreateOptions, IN PVOID EaBuffer, IN ULONG EaLength)
NTSYSAPI NTSTATUS NTAPI	NtOpenFile (OUT PHANDLE FileHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK IoStatusBlock, IN ULONG ShareAccess, IN ULONG OpenOptions)
NTSYSAPI NTSTATUS NTAPI	ZwOpenFile (OUT PHANDLE FileHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, OUT PIO_STATUS_BLOCK IoStatusBlock, IN ULONG ShareAccess, IN ULONG OpenOptions)
NTSYSAPI NTSTATUS NTAPI	NtQueryInformationFile (IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock, OUT PVOID FileInformation, IN ULONG Length, IN FILE_INFORMATION_CLASS FileInformationClass)
NTSYSAPI NTSTATUS NTAPI	ZwQueryInformationFile (IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock, OUT PVOID FileInformation, IN ULONG Length, IN FILE_INFORMATION_CLASS FileInformationClass)
NTSYSAPI NTSTATUS NTAPI	NtQueryDirectoryFile (IN HANDLE FileHandle, IN HANDLE Event OPTIONAL, IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, IN PVOID ApcContext OPTIONAL, OUT PIO_STATUS_BLOCK IoStatusBlock, OUT PVOID FileInformation, IN ULONG Length, IN FILE_INFORMATION_CLASS FileInformationClass, IN BOOLEAN ReturnSingleEntry, IN PUNICODE_STRING FileName OPTIONAL, IN BOOLEAN RestartScan)
NTSYSAPI NTSTATUS NTAPI	ZwQueryDirectoryFile (IN HANDLE FileHandle, IN HANDLE Event OPTIONAL, IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, IN PVOID ApcContext OPTIONAL, OUT PIO_STATUS_BLOCK IoStatusBlock, OUT PVOID FileInformation, IN ULONG Length, IN FILE_INFORMATION_CLASS FileInformationClass, IN BOOLEAN ReturnSingleEntry, IN PUNICODE_STRING FileName OPTIONAL, IN BOOLEAN RestartScan)
NTSYSAPI NTSTATUS NTAPI	NtQueryVolumeInformationFile (IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock, OUT PVOID FsInformation, IN ULONG Length, IN FS_INFORMATION_CLASS FsInformationClass)
NTSYSAPI NTSTATUS NTAPI	ZwQueryVolumeInformationFile (IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock, OUT PVOID FsInformation, IN ULONG Length, IN FS_INFORMATION_CLASS FsInformationClass)
NTSYSAPI NTSTATUS NTAPI	NtSetInformationFile (IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock, IN PVOID FileInformation, IN ULONG Length, IN FILE_INFORMATION_CLASS FileInformationClass)
NTSYSAPI NTSTATUS NTAPI	ZwSetInformationFile (IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock, IN PVOID FileInformation, IN ULONG Length, IN FILE_INFORMATION_CLASS FileInformationClass)
NTSYSAPI NTSTATUS NTAPI	NtQueryEaFile (IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock, OUT PVOID Buffer, IN ULONG Length, IN BOOLEAN ReturnSingleEntry, IN PVOID EaList OPTIONAL, IN ULONG EaListLength, IN PULONG EaIndex OPTIONAL, IN BOOLEAN RestartScan)
NTSYSAPI NTSTATUS NTAPI	ZwQueryEaFile (IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock, OUT PVOID Buffer, IN ULONG Length, IN BOOLEAN ReturnSingleEntry, IN PVOID EaList OPTIONAL, IN ULONG EaListLength, IN PULONG EaIndex OPTIONAL, IN BOOLEAN RestartScan)
NTSYSAPI NTSTATUS NTAPI	NtSetEaFile (IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock, IN PVOID Buffer, IN ULONG Length)
NTSYSAPI NTSTATUS NTAPI	ZwSetEaFile (IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock, IN PVOID Buffer, IN ULONG Length)
NTSYSAPI NTSTATUS NTAPI	NtReadFile (IN HANDLE FileHandle, IN HANDLE Event OPTIONAL, IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, IN PVOID ApcContext OPTIONAL, OUT PIO_STATUS_BLOCK IoStatusBlock, OUT PVOID Buffer, IN ULONG Length, IN PLARGE_INTEGER ByteOffset OPTIONAL, IN PULONG Key OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	ZwReadFile (IN HANDLE FileHandle, IN HANDLE Event OPTIONAL, IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, IN PVOID ApcContext OPTIONAL, OUT PIO_STATUS_BLOCK IoStatusBlock, OUT PVOID Buffer, IN ULONG Length, IN PLARGE_INTEGER ByteOffset OPTIONAL, IN PULONG Key OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtWriteFile (IN HANDLE FileHandle, IN HANDLE Event OPTIONAL, IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, IN PVOID ApcContext OPTIONAL, OUT PIO_STATUS_BLOCK IoStatusBlock, IN PVOID Buffer, IN ULONG Length, IN PLARGE_INTEGER ByteOffset OPTIONAL, IN PULONG Key OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	ZwWriteFile (IN HANDLE FileHandle, IN HANDLE Event OPTIONAL, IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, IN PVOID ApcContext OPTIONAL, OUT PIO_STATUS_BLOCK IoStatusBlock, IN PVOID Buffer, IN ULONG Length, IN PLARGE_INTEGER ByteOffset OPTIONAL, IN PULONG Key OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtDeleteFile (IN POBJECT_ATTRIBUTES ObjectAttributes)
NTSYSAPI NTSTATUS NTAPI	ZwDeleteFile (IN POBJECT_ATTRIBUTES ObjectAttributes)
NTSYSAPI NTSTATUS NTAPI	NtFlushBuffersFile (IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock)
NTSYSAPI NTSTATUS NTAPI	ZwFlushBuffersFile (IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock)
NTSYSAPI NTSTATUS NTAPI	NtDeviceIoControlFile (IN HANDLE FileHandle, IN HANDLE Event, IN PIO_APC_ROUTINE ApcRoutine, IN PVOID ApcContext, OUT PIO_STATUS_BLOCK IoStatusBlock, IN ULONG IoControlCode, IN PVOID InputBuffer, IN ULONG InputBufferLength, IN PVOID OutputBuffer, IN ULONG OutputBufferLength)
NTSYSAPI NTSTATUS NTAPI	ZwDeviceIoControlFile (IN HANDLE FileHandle, IN HANDLE Event, IN PIO_APC_ROUTINE ApcRoutine, IN PVOID ApcContext, OUT PIO_STATUS_BLOCK IoStatusBlock, IN ULONG IoControlCode, IN PVOID InputBuffer, IN ULONG InputBufferLength, IN PVOID OutputBuffer, IN ULONG OutputBufferLength)
NTSYSAPI NTSTATUS NTAPI	NtCancelIoFile (IN HANDLE Filehandle, OUT PIO_STATUS_BLOCK IoStatusBlock)
NTSYSAPI NTSTATUS NTAPI	ZwCancelIoFile (IN HANDLE Filehandle, OUT PIO_STATUS_BLOCK IoStatusBlock)
NTSYSAPI BOOLEAN NTAPI	RtlDosPathNameToNtPathName_U (IN PWSTR DosPathName, OUT PUNICODE_STRING NtPathName, OUT PWSTR *NtFileNamePart OPTIONAL, OUT PCURDIR DirectoryInfo OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtOpenProcess (OUT PHANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PCLIENT_ID ClientId OPTIONAL)
NTSYSCALLAPI NTSTATUS NTAPI	NtSuspendProcess (IN HANDLE ProcessHandle)
NTSYSCALLAPI NTSTATUS NTAPI	NtResumeProcess (IN HANDLE ProcessHandle)
NTSYSAPI NTSTATUS NTAPI	NtOpenThread (OUT PHANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PCLIENT_ID ClientId OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtQueryInformationThread (IN HANDLE ThreadHandle, IN THREADINFOCLASS ThreadInformationClass, OUT PVOID ThreadInformation, IN ULONG ThreadInformationLength, OUT PULONG ReturnLength OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtQueryInformationProcess (IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, OUT PVOID ProcessInformation, IN ULONG ProcessInformationLength, OUT PULONG ReturnLength OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtSetInformationProcess (IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, IN PVOID ProcessInformation, IN ULONG ProcessInformationLength)
NTSYSAPI NTSTATUS NTAPI	NtCreatePort (OUT PHANDLE PortHandle, IN POBJECT_ATTRIBUTES ObjectAttributes, IN ULONG MaxConnectionInfoLength, IN ULONG MaxMessageLength, IN ULONG MaxPoolUsage)
NTSYSAPI NTSTATUS NTAPI	NtConnectPort (OUT PHANDLE PortHandle, IN PUNICODE_STRING PortName, IN PSECURITY_QUALITY_OF_SERVICE SecurityQos, IN OUT PPORT_VIEW ClientView OPTIONAL, OUT PREMOTE_PORT_VIEW ServerView OPTIONAL, OUT PULONG MaxMessageLength OPTIONAL, IN OUT PVOID ConnectionInformation OPTIONAL, IN OUT PULONG ConnectionInformationLength OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	ZwConnectPort (OUT PHANDLE PortHandle, IN PUNICODE_STRING PortName, IN PSECURITY_QUALITY_OF_SERVICE SecurityQos, IN OUT PPORT_VIEW ClientView OPTIONAL, OUT PREMOTE_PORT_VIEW ServerView OPTIONAL, OUT PULONG MaxMessageLength OPTIONAL, IN OUT PVOID ConnectionInformation OPTIONAL, IN OUT PULONG ConnectionInformationLength OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtListenPort (IN HANDLE PortHandle, OUT PPORT_MESSAGE RequestMessage)
NTSYSAPI NTSTATUS NTAPI	NtAcceptConnectPort (OUT PHANDLE PortHandle, IN PVOID PortContext OPTIONAL, IN PPORT_MESSAGE ConnectionRequest, IN BOOLEAN AcceptConnection, IN OUT PPORT_VIEW ServerView OPTIONAL, OUT PREMOTE_PORT_VIEW ClientView OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtCompleteConnectPort (IN HANDLE PortHandle)
NTSYSAPI NTSTATUS NTAPI	ZwCompleteConnectPort (IN HANDLE PortHandle)
NTSYSAPI NTSTATUS NTAPI	NtRequestPort (IN HANDLE PortHandle, IN PPORT_MESSAGE RequestMessage)
NTSYSAPI NTSTATUS NTAPI	NtRequestWaitReplyPort (IN HANDLE PortHandle, IN PPORT_MESSAGE RequestMessage, OUT PPORT_MESSAGE ReplyMessage)
NTSYSAPI NTSTATUS NTAPI	ZwRequestWaitReplyPort (IN HANDLE PortHandle, IN PPORT_MESSAGE RequestMessage, OUT PPORT_MESSAGE ReplyMessage)
NTSYSAPI NTSTATUS NTAPI	NtReplyPort (IN HANDLE PortHandle, IN PPORT_MESSAGE ReplyMessage)
NTSYSAPI NTSTATUS NTAPI	NtReplyWaitReplyPort (IN HANDLE PortHandle, IN OUT PPORT_MESSAGE ReplyMessage)
NTSYSAPI NTSTATUS NTAPI	NtReplyWaitReceivePort (IN HANDLE PortHandle, OUT PVOID *PortContext OPTIONAL, IN PPORT_MESSAGE ReplyMessage OPTIONAL, OUT PPORT_MESSAGE ReceiveMessage)
NTSYSAPI HANDLE NTAPI	RtlCreateHeap (IN ULONG Flags, IN PVOID BaseAddress OPTIONAL, IN ULONG SizeToReserve, IN ULONG SizeToCommit, IN BOOLEAN Lock OPTIONAL, IN PRTL_HEAP_PARAMETERS Definition OPTIONAL)
NTSYSAPI ULONG NTAPI	RtlDestroyHeap (IN HANDLE HeapHandle)
NTSYSAPI PVOID NTAPI	RtlAllocateHeap (IN HANDLE HeapHandle, IN ULONG Flags, IN ULONG Size)
NTSYSAPI BOOLEAN NTAPI	RtlFreeHeap (IN HANDLE HeapHandle, IN ULONG Flags, IN PVOID Address)
NTSYSAPI ULONG NTAPI	RtlCompactHeap (IN HANDLE HeapHandle, IN ULONG Flags)
NTSYSAPI BOOLEAN NTAPI	RtlLockHeap (IN HANDLE HeapHandle)
NTSYSAPI BOOLEAN NTAPI	RtlUnlockHeap (IN HANDLE HeapHandle)
NTSYSAPI PVOID NTAPI	RtlReAllocateHeap (IN HANDLE HeapHandle, IN ULONG Flags, IN PVOID Address, IN ULONG Size)
NTSYSAPI ULONG NTAPI	RtlSizeHeap (IN HANDLE HeapHandle, IN ULONG Flags, IN PVOID Address)
NTSYSAPI BOOLEAN NTAPI	RtlValidateHeap (IN HANDLE HeapHandle, IN ULONG Flags, IN PVOID Address OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtAllocateVirtualMemory (IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG ZeroBits, IN OUT PULONG RegionSize, IN ULONG AllocationType, IN ULONG Protect)
NTSYSAPI NTSTATUS NTAPI	ZwAllocateVirtualMemory (IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG ZeroBits, IN OUT PULONG RegionSize, IN ULONG AllocationType, IN ULONG Protect)
NTSYSAPI NTSTATUS NTAPI	NtFreeVirtualMemory (IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN OUT PULONG RegionSize, IN ULONG FreeType)
NTSYSAPI NTSTATUS NTAPI	ZwFreeVirtualMemory (IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN OUT PULONG RegionSize, IN ULONG FreeType)
NTSYSAPI NTSTATUS NTAPI	NtReadVirtualMemory (IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID Buffer, IN ULONG NumberOfBytesToRead, OUT PULONG NumberOfBytesRead OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtWriteVirtualMemory (IN HANDLE ProcessHandle, IN PVOID BaseAddress, IN PVOID Buffer, IN ULONG NumberOfBytesToWrite, OUT PULONG NumberOfBytesWritten OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtCreateSection (OUT PHANDLE SectionHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN PLARGE_INTEGER MaximumSize OPTIONAL, IN ULONG SectionPageProtection, IN ULONG AllocationAttributes, IN HANDLE FileHandle OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	ZwCreateSection (OUT PHANDLE SectionHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN PLARGE_INTEGER MaximumSize OPTIONAL, IN ULONG SectionPageProtection, IN ULONG AllocationAttributes, IN HANDLE FileHandle OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtOpenSection (OUT PHANDLE SectionHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
NTSYSAPI NTSTATUS NTAPI	ZwOpenSection (OUT PHANDLE SectionHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
NTSYSAPI NTSTATUS NTAPI	NtMapViewOfSection (IN HANDLE SectionHandle, IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG_PTR ZeroBits, IN SIZE_T CommitSize, IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, IN OUT PSIZE_T ViewSize, IN SECTION_INHERIT InheritDisposition, IN ULONG AllocationType, IN ULONG Protect)
NTSYSAPI NTSTATUS NTAPI	ZwMapViewOfSection (IN HANDLE SectionHandle, IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG_PTR ZeroBits, IN SIZE_T CommitSize, IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, IN OUT PSIZE_T ViewSize, IN SECTION_INHERIT InheritDisposition, IN ULONG AllocationType, IN ULONG Protect)
NTSYSAPI NTSTATUS NTAPI	NtUnmapViewOfSection (IN HANDLE ProcessHandle, IN PVOID BaseAddress)
NTSYSAPI NTSTATUS NTAPI	ZwUnmapViewOfSection (IN HANDLE ProcessHandle, IN PVOID BaseAddress)
NTSYSAPI NTSTATUS NTAPI	NtExtendSection (IN HANDLE SectionHandle, IN OUT PLARGE_INTEGER SectionSize)
NTSYSAPI NTSTATUS NTAPI	ZwExtendSection (IN HANDLE SectionHandle, IN OUT PLARGE_INTEGER SectionSize)
NTSYSAPI NTSTATUS NTAPI	NtQuerySection (IN HANDLE SectionHandle, IN SECTION_INFORMATION_CLASS SectionInformationClass, OUT PVOID SectionInformation, IN ULONG Length, OUT PULONG ResultLength OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	ZwQuerySection (IN HANDLE SectionHandle, IN SECTION_INFORMATION_CLASS SectionInformationClass, OUT PVOID SectionInformation, IN ULONG Length, OUT PULONG ResultLength OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtWaitForSingleObject (IN HANDLE Handle, IN BOOLEAN Alertable, IN PLARGE_INTEGER Timeout OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	ZwWaitForSingleObject (IN HANDLE Handle, IN BOOLEAN Alertable, IN PLARGE_INTEGER Timeout OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtWaitForMultipleObjects (IN ULONG Count, IN HANDLE Handle[], IN WAIT_TYPE WaitType, IN BOOLEAN Alertable, IN PLARGE_INTEGER Timeout OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	ZwWaitForMultipleObjects (IN ULONG Count, IN HANDLE Handle[], IN WAIT_TYPE WaitType, IN BOOLEAN Alertable, IN PLARGE_INTEGER Timeout OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtCreateEvent (OUT PHANDLE EventHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN EVENT_TYPE EventType, IN BOOLEAN InitialState)
NTSYSAPI NTSTATUS NTAPI	ZwCreateEvent (OUT PHANDLE EventHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN EVENT_TYPE EventType, IN BOOLEAN InitialState)
NTSYSAPI NTSTATUS NTAPI	NtClearEvent (IN HANDLE Handle)
NTSYSAPI NTSTATUS NTAPI	ZwClearEvent (IN HANDLE Handle)
NTSYSAPI NTSTATUS NTAPI	NtPulseEvent (IN HANDLE Handle, OUT PLONG PreviousState OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	ZwPulseEvent (IN HANDLE Handle, OUT PLONG PreviousState OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtResetEvent (IN HANDLE Handle, OUT PLONG PreviousState OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	ZwResetEvent (IN HANDLE Handle, OUT PLONG PreviousState OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtSetEvent (IN HANDLE Handle, OUT PLONG PreviousState OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	ZwSetEvent (IN HANDLE Handle, OUT PLONG PreviousState OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	NtOpenEvent (OUT PHANDLE EventHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
NTSYSAPI NTSTATUS NTAPI	ZwOpenEvent (OUT PHANDLE EventHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
NTSYSAPI NTSTATUS NTAPI	NtQueryEvent (IN HANDLE EventHandle, IN EVENT_INFORMATION_CLASS EventInfoClass, OUT PVOID EventInfo, IN ULONG Length, OUT PULONG ResultLength OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	ZwQueryEvent (IN HANDLE EventHandle, IN EVENT_INFORMATION_CLASS EventInfoClass, OUT PVOID EventInfo, IN ULONG Length, OUT PULONG ResultLength OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	RtlCreateSecurityDescriptor (IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN ULONG Revision)
NTSYSAPI NTSTATUS NTAPI	RtlSetDaclSecurityDescriptor (IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN DaclPresent, IN PACL Dacl OPTIONAL, IN BOOLEAN DaclDefaulted OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	RtlSetOwnerSecurityDescriptor (IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN PSID Owner OPTIONAL, IN BOOLEAN OwnerDefaulted OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	RtlAllocateAndInitializeSid (IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
NTSYSAPI ULONG NTAPI	RtlLengthSid (IN PSID Sid)
NTSYSAPI BOOLEAN NTAPI	RtlEqualSid (IN PSID Sid1, IN PSID Sid2)
NTSYSAPI PVOID NTAPI	RtlFreeSid (IN PSID Sid)
NTSYSAPI NTSTATUS NTAPI	RtlCreateAcl (IN PACL Acl, IN ULONG AclLength, IN ULONG AclRevision)
NTSYSAPI NTSTATUS NTAPI	RtlAddAccessAllowedAce (IN OUT PACL Acl, IN ULONG AceRevision, IN ACCESS_MASK AccessMask, IN PSID Sid)
NTSYSAPI NTSTATUS NTAPI	RtlAddAccessAllowedAceEx (IN OUT PACL Acl, IN ULONG AceRevision, IN ULONG AceFlags, IN ULONG AccessMask, IN PSID Sid)
NTSYSAPI NTSTATUS NTAPI	NtOpenProcessToken (IN HANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, OUT PHANDLE TokenHandle)
NTSYSAPI NTSTATUS NTAPI	NtOpenThreadToken (IN HANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN BOOLEAN OpenAsSelf, OUT PHANDLE TokenHandle)
NTSYSAPI NTSTATUS NTAPI	NtQueryInformationToken (IN HANDLE TokenHandle, IN TOKEN_INFORMATION_CLASS TokenInformationClass, OUT PVOID TokenInformation, IN ULONG TokenInformationLength, OUT PULONG ReturnLength)
NTSYSAPI NTSTATUS NTAPI	NtSetInformationToken (IN HANDLE TokenHandle, IN TOKEN_INFORMATION_CLASS TokenInformationClass, IN PVOID TokenInformation, IN ULONG TokenInformationLength)
NTSYSAPI NTSTATUS NTAPI	NtAdjustPrivilegesToken (IN HANDLE TokenHandle, IN BOOLEAN DisableAllPrivileges, IN PTOKEN_PRIVILEGES NewState OPTIONAL, IN ULONG BufferLength OPTIONAL, IN PTOKEN_PRIVILEGES PreviousState OPTIONAL, OUT PULONG ReturnLength)
NTSYSAPI NTSTATUS NTAPI	NtDuplicateToken (IN HANDLE ExistingTokenHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN BOOLEAN EffectiveOnly, IN TOKEN_TYPE TokenType, OUT PHANDLE NewTokenHandle)
NTSYSAPI NTSTATUS NTAPI	NtCompareTokens (IN HANDLE FirstTokenHandle, IN HANDLE SecondTokenHandle, OUT PBOOLEAN IdenticalTokens)
NTSYSAPI NTSTATUS NTAPI	NtOpenSymbolicLinkObject (OUT PHANDLE SymbolicLinkHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
NTSYSAPI NTSTATUS NTAPI	NtQuerySymbolicLinkObject (IN HANDLE SymbolicLinkHandle, OUT PUNICODE_STRING NameString, OUT PULONG ResultLength OPTIONAL)
NTSYSAPI NTSTATUS NTAPI	LdrGetDllHandle (IN PWSTR DllPath OPTIONAL, IN PULONG DllCharacteristics OPTIONAL, IN PUNICODE_STRING DllName, OUT PVOID *DllHandle)
NTSYSAPI NTSTATUS NTAPI	LdrGetProcedureAddress (IN PVOID DllHandle, IN PANSI_STRING ProcedureName OPTIONAL, IN ULONG ProcedureNumber OPTIONAL, OUT PVOID *ProcedureAddress)
NTSYSAPI NTSTATUS NTAPI	LdrLoadDll (IN PWSTR DllPath OPTIONAL, IN PULONG DllCharacteristics OPTIONAL, IN PUNICODE_STRING DllName, OUT PVOID *DllHandle)
NTSYSAPI NTSTATUS NTAPI	LdrFindEntryForAddress (IN PVOID Address, OUT PLDR_DATA_TABLE_ENTRY *Module)
NTSYSAPI VOID NTAPI	RtlGetCallersAddress (OUT PVOID *CallersAddress, OUT PVOID *CallersCaller)
NTSYSAPI ULONG NTAPI	RtlNtStatusToDosError (NTSTATUS Status)
NTSYSAPI ULONG NTAPI	RtlNtStatusToDosErrorNoTeb (NTSTATUS Status)
NTSYSAPI NTSTATUS NTAPI	RtlGetLastNtStatus ()
NTSYSAPI ULONG NTAPI	RtlGetLastWin32Error ()
NTSYSAPI VOID NTAPI	RtlSetLastWin32Error (ULONG WinError)
NTSYSAPI VOID NTAPI	RtlSetLastWin32ErrorAndNtStatusFromNtStatus (NTSTATUS Status)
NTSYSAPI NTSTATUS NTAPI	NtDisplayString (IN PUNICODE_STRING String)

Macro Definition Documentation

ASSERT

#define ASSERT

(

x

)

/* x */

Definition at line 46 of file ntddk.h.

DIRECTORY_ALL_ACCESS

#define DIRECTORY_ALL_ACCESS   (STANDARD_RIGHTS_REQUIRED | 0xF)

Definition at line 517 of file ntddk.h.

DIRECTORY_CREATE_OBJECT

#define DIRECTORY_CREATE_OBJECT   (0x0004)

Definition at line 515 of file ntddk.h.

DIRECTORY_CREATE_SUBDIRECTORY

#define DIRECTORY_CREATE_SUBDIRECTORY   (0x0008)

Definition at line 516 of file ntddk.h.

DIRECTORY_QUERY

#define DIRECTORY_QUERY   (0x0001)

Definition at line 513 of file ntddk.h.

DIRECTORY_TRAVERSE

#define DIRECTORY_TRAVERSE   (0x0002)

Definition at line 514 of file ntddk.h.

FILE_COMPLETE_IF_OPLOCKED

#define FILE_COMPLETE_IF_OPLOCKED   0x00000100

Definition at line 1694 of file ntddk.h.

FILE_CREATE

#define FILE_CREATE   0x00000002

Definition at line 1676 of file ntddk.h.

FILE_CREATE_TREE_CONNECTION

#define FILE_CREATE_TREE_CONNECTION   0x00000080

Definition at line 1693 of file ntddk.h.

FILE_CREATED

#define FILE_CREATED   0x00000002

Definition at line 1716 of file ntddk.h.

FILE_DELETE_ON_CLOSE

#define FILE_DELETE_ON_CLOSE   0x00001000

Definition at line 1698 of file ntddk.h.

FILE_DIRECTORY_FILE

#define FILE_DIRECTORY_FILE   0x00000001

Definition at line 1686 of file ntddk.h.

FILE_DOES_NOT_EXIST

#define FILE_DOES_NOT_EXIST   0x00000005

Definition at line 1719 of file ntddk.h.

FILE_EXISTS

#define FILE_EXISTS   0x00000004

Definition at line 1718 of file ntddk.h.

FILE_MAXIMUM_DISPOSITION

#define FILE_MAXIMUM_DISPOSITION   0x00000005

Definition at line 1680 of file ntddk.h.

FILE_NO_COMPRESSION

#define FILE_NO_COMPRESSION   0x00008000

Definition at line 1701 of file ntddk.h.

FILE_NO_EA_KNOWLEDGE

#define FILE_NO_EA_KNOWLEDGE   0x00000200

Definition at line 1695 of file ntddk.h.

FILE_NO_INTERMEDIATE_BUFFERING

#define FILE_NO_INTERMEDIATE_BUFFERING   0x00000008

Definition at line 1689 of file ntddk.h.

FILE_NON_DIRECTORY_FILE

#define FILE_NON_DIRECTORY_FILE   0x00000040

Definition at line 1692 of file ntddk.h.

FILE_OPEN

#define FILE_OPEN   0x00000001

Definition at line 1675 of file ntddk.h.

FILE_OPEN_BY_FILE_ID

#define FILE_OPEN_BY_FILE_ID   0x00002000

Definition at line 1699 of file ntddk.h.

FILE_OPEN_FOR_BACKUP_INTENT

#define FILE_OPEN_FOR_BACKUP_INTENT   0x00004000

Definition at line 1700 of file ntddk.h.

FILE_OPEN_FOR_FREE_SPACE_QUERY

#define FILE_OPEN_FOR_FREE_SPACE_QUERY   0x00800000

Definition at line 1705 of file ntddk.h.

FILE_OPEN_FOR_RECOVERY

#define FILE_OPEN_FOR_RECOVERY   0x00000400

Definition at line 1696 of file ntddk.h.

FILE_OPEN_IF

#define FILE_OPEN_IF   0x00000003

Definition at line 1677 of file ntddk.h.

FILE_OPEN_NO_RECALL

#define FILE_OPEN_NO_RECALL   0x00400000

Definition at line 1704 of file ntddk.h.

FILE_OPEN_REPARSE_POINT

#define FILE_OPEN_REPARSE_POINT   0x00200000

Definition at line 1703 of file ntddk.h.

FILE_OPENED

#define FILE_OPENED   0x00000001

Definition at line 1715 of file ntddk.h.

FILE_OVERWRITE

#define FILE_OVERWRITE   0x00000004

Definition at line 1678 of file ntddk.h.

FILE_OVERWRITE_IF

#define FILE_OVERWRITE_IF   0x00000005

Definition at line 1679 of file ntddk.h.

FILE_OVERWRITTEN

#define FILE_OVERWRITTEN   0x00000003

Definition at line 1717 of file ntddk.h.

FILE_RANDOM_ACCESS

#define FILE_RANDOM_ACCESS   0x00000800

Definition at line 1697 of file ntddk.h.

FILE_RESERVE_OPFILTER

#define FILE_RESERVE_OPFILTER   0x00100000

Definition at line 1702 of file ntddk.h.

FILE_SEQUENTIAL_ONLY

#define FILE_SEQUENTIAL_ONLY   0x00000004

Definition at line 1688 of file ntddk.h.

FILE_SUPERSEDE

#define FILE_SUPERSEDE   0x00000000

Definition at line 1674 of file ntddk.h.

FILE_SUPERSEDED

#define FILE_SUPERSEDED   0x00000000

Definition at line 1714 of file ntddk.h.

FILE_SYNCHRONOUS_IO_ALERT

#define FILE_SYNCHRONOUS_IO_ALERT   0x00000010

Definition at line 1690 of file ntddk.h.

FILE_SYNCHRONOUS_IO_NONALERT

#define FILE_SYNCHRONOUS_IO_NONALERT   0x00000020

Definition at line 1691 of file ntddk.h.

FILE_WRITE_THROUGH

#define FILE_WRITE_THROUGH   0x00000002

Definition at line 1687 of file ntddk.h.

GDI_HANDLE_BUFFER_SIZE

#define GDI_HANDLE_BUFFER_SIZE   34

Definition at line 2531 of file ntddk.h.

HEAP_CREATE_ALIGN_16

#define HEAP_CREATE_ALIGN_16   0x00010000

Definition at line 3328 of file ntddk.h.

HEAP_CREATE_ENABLE_TRACING

#define HEAP_CREATE_ENABLE_TRACING   0x00020000

Definition at line 3329 of file ntddk.h.

HEAP_DISABLE_COALESCE_ON_FREE

#define HEAP_DISABLE_COALESCE_ON_FREE   0x00000080

Definition at line 3327 of file ntddk.h.

HEAP_FREE_CHECKING_ENABLED

#define HEAP_FREE_CHECKING_ENABLED   0x00000040

Definition at line 3326 of file ntddk.h.

HEAP_GENERATE_EXCEPTIONS

#define HEAP_GENERATE_EXCEPTIONS   0x00000004

Definition at line 3322 of file ntddk.h.

HEAP_GROWABLE

#define HEAP_GROWABLE   0x00000002

Definition at line 3321 of file ntddk.h.

HEAP_MAXIMUM_TAG

#define HEAP_MAXIMUM_TAG   0x0FFF

Definition at line 3330 of file ntddk.h.

HEAP_NO_SERIALIZE

#define HEAP_NO_SERIALIZE   0x00000001

Definition at line 3320 of file ntddk.h.

HEAP_PSEUDO_TAG_FLAG

#define HEAP_PSEUDO_TAG_FLAG   0x8000

Definition at line 3331 of file ntddk.h.

HEAP_REALLOC_IN_PLACE_ONLY

#define HEAP_REALLOC_IN_PLACE_ONLY   0x00000010

Definition at line 3324 of file ntddk.h.

HEAP_TAIL_CHECKING_ENABLED

#define HEAP_TAIL_CHECKING_ENABLED   0x00000020

Definition at line 3325 of file ntddk.h.

HEAP_ZERO_MEMORY

#define HEAP_ZERO_MEMORY   0x00000008

Definition at line 3323 of file ntddk.h.

INIT_UNICODE_STRING

#define INIT_UNICODE_STRING	(		us,
			wch
	)

Value:

    us.MaximumLength = (USHORT)sizeof(wch);          \
    us.Length        = (USHORT)(wcslen(wch) * sizeof(WCHAR)); \
    us.Buffer        = wch

Definition at line 175 of file ntddk.h.

InitializeMessageHeader

#define InitializeMessageHeader	(		ph,
			l,
			t
	)

Value:

    {                  \
    (ph)->TotalLength    = (USHORT)(l);                        \
    (ph)->DataLength     = (USHORT)(l - sizeof(PORT_MESSAGE)); \
    (ph)->Type           = (USHORT)(t);                        \
    (ph)->VirtualRangesOffset = 0;                             \
    }

Definition at line 195 of file ntddk.h.

InitializeObjectAttributes

#define InitializeObjectAttributes	(		p,
			n,
			a,
			r,
			s
	)

Value:

    {   \
    (p)->Length = sizeof( OBJECT_ATTRIBUTES );          \
    (p)->RootDirectory = r;                             \
    (p)->Attributes = a;                                \
    (p)->ObjectName = n;                                \
    (p)->SecurityDescriptor = s;                        \
    (p)->SecurityQualityOfService = NULL;               \
    }

Definition at line 183 of file ntddk.h.

LEVEL_HANDLE_ID

#define LEVEL_HANDLE_ID   0x74000000

Definition at line 704 of file ntddk.h.

LEVEL_HANDLE_ID_MASK

#define LEVEL_HANDLE_ID_MASK   0xFF000000

Definition at line 705 of file ntddk.h.

LEVEL_HANDLE_INDEX_MASK

#define LEVEL_HANDLE_INDEX_MASK   0x00FFFFFF

Definition at line 706 of file ntddk.h.

MAX_LPC_DATA

#define MAX_LPC_DATA   0x130

Definition at line 2900 of file ntddk.h.

NT_SUCCESS

#define NT_SUCCESS

(

Status

)

((NTSTATUS)(Status) >= 0)

Definition at line 31 of file ntddk.h.

NtCurrentProcess

#define NtCurrentProcess

(

)

((HANDLE) -1)

Definition at line 2827 of file ntddk.h.

NtCurrentThread

#define NtCurrentThread

(

)

((HANDLE) -2)

Definition at line 2828 of file ntddk.h.

OBJ_CASE_INSENSITIVE

#define OBJ_CASE_INSENSITIVE   0x00000040L

Definition at line 107 of file ntddk.h.

OBJ_EXCLUSIVE

#define OBJ_EXCLUSIVE   0x00000020L

Definition at line 106 of file ntddk.h.

OBJ_FORCE_ACCESS_CHECK

#define OBJ_FORCE_ACCESS_CHECK   0x00000400L

Definition at line 111 of file ntddk.h.

OBJ_INHERIT

#define OBJ_INHERIT   0x00000002L

Definition at line 104 of file ntddk.h.

OBJ_KERNEL_HANDLE

#define OBJ_KERNEL_HANDLE   0x00000200L

Definition at line 110 of file ntddk.h.

OBJ_OPENIF

#define OBJ_OPENIF   0x00000080L

Definition at line 108 of file ntddk.h.

OBJ_OPENLINK

#define OBJ_OPENLINK   0x00000100L

Definition at line 109 of file ntddk.h.

OBJ_PERMANENT

#define OBJ_PERMANENT   0x00000010L

Definition at line 105 of file ntddk.h.

OBJ_VALID_ATTRIBUTES

#define OBJ_VALID_ATTRIBUTES   0x000007F2L

Definition at line 112 of file ntddk.h.

OLD_DOS_VOLID

#define OLD_DOS_VOLID   0x00000008

Definition at line 1670 of file ntddk.h.

PIO_APC_ROUTINE_DEFINED

#define PIO_APC_ROUTINE_DEFINED

Definition at line 1731 of file ntddk.h.

RTL_QUERY_REGISTRY_DELETE

#define RTL_QUERY_REGISTRY_DELETE   0x00000040

Definition at line 1185 of file ntddk.h.

RTL_QUERY_REGISTRY_DIRECT

#define RTL_QUERY_REGISTRY_DIRECT   0x00000020

Definition at line 1176 of file ntddk.h.

RTL_QUERY_REGISTRY_NOEXPAND

#define RTL_QUERY_REGISTRY_NOEXPAND   0x00000010

Definition at line 1171 of file ntddk.h.

RTL_QUERY_REGISTRY_NOVALUE

#define RTL_QUERY_REGISTRY_NOVALUE   0x00000008

Definition at line 1167 of file ntddk.h.

RTL_QUERY_REGISTRY_REQUIRED

#define RTL_QUERY_REGISTRY_REQUIRED   0x00000004

Definition at line 1164 of file ntddk.h.

RTL_QUERY_REGISTRY_SUBKEY

#define RTL_QUERY_REGISTRY_SUBKEY   0x00000001

Definition at line 1157 of file ntddk.h.

RTL_QUERY_REGISTRY_TOPKEY

#define RTL_QUERY_REGISTRY_TOPKEY   0x00000002

Definition at line 1161 of file ntddk.h.

RTL_REGISTRY_ABSOLUTE

#define RTL_REGISTRY_ABSOLUTE   0

Definition at line 1194 of file ntddk.h.

RTL_REGISTRY_CONTROL

#define RTL_REGISTRY_CONTROL   2

Definition at line 1196 of file ntddk.h.

RTL_REGISTRY_DEVICEMAP

#define RTL_REGISTRY_DEVICEMAP   4

Definition at line 1198 of file ntddk.h.

RTL_REGISTRY_HANDLE

#define RTL_REGISTRY_HANDLE   0x40000000

Definition at line 1201 of file ntddk.h.

RTL_REGISTRY_MAXIMUM

#define RTL_REGISTRY_MAXIMUM   6

Definition at line 1200 of file ntddk.h.

RTL_REGISTRY_OPTIONAL

#define RTL_REGISTRY_OPTIONAL   0x80000000

Definition at line 1202 of file ntddk.h.

RTL_REGISTRY_SERVICES

#define RTL_REGISTRY_SERVICES   1

Definition at line 1195 of file ntddk.h.

RTL_REGISTRY_USER

#define RTL_REGISTRY_USER   5

Definition at line 1199 of file ntddk.h.

RTL_REGISTRY_WINDOWS_NT

#define RTL_REGISTRY_WINDOWS_NT   3

Definition at line 1197 of file ntddk.h.

RtlProcessHeap

#define RtlProcessHeap

(

)

(HANDLE)(NtCurrentTeb()->ProcessEnvironmentBlock->ProcessHeap)

Definition at line 3354 of file ntddk.h.

STATUS_SUCCESS

#define STATUS_SUCCESS   ((NTSTATUS)0x00000000L)

Definition at line 35 of file ntddk.h.

STATUS_UNSUCCESSFUL

#define STATUS_UNSUCCESSFUL   ((NTSTATUS)0xC0000001L)

Definition at line 39 of file ntddk.h.

SYMBOLIC_LINK_ALL_ACCESS

#define SYMBOLIC_LINK_ALL_ACCESS   (STANDARD_RIGHTS_REQUIRED | 0x1)

Definition at line 4162 of file ntddk.h.

SYMBOLIC_LINK_QUERY

#define SYMBOLIC_LINK_QUERY   (0x0001)

Definition at line 4161 of file ntddk.h.

UNICODE_NULL

#define UNICODE_NULL   ((WCHAR)0)

Definition at line 97 of file ntddk.h.

Typedef Documentation

ANSI_STRING

typedef STRING ANSI_STRING

Definition at line 88 of file ntddk.h.

CLIENT_ID

typedef struct _CLIENT_ID CLIENT_ID

CURDIR

typedef struct _CURDIR CURDIR

EVENT_BASIC_INFORMATION

typedef struct _EVENT_BASIC_INFORMATION EVENT_BASIC_INFORMATION

EVENT_INFORMATION_CLASS

typedef enum _EVENT_INFORMATION_CLASS EVENT_INFORMATION_CLASS

EVENT_TYPE

typedef enum _EVENT_TYPE EVENT_TYPE

FILE_ACCESS_INFORMATION

typedef struct _FILE_ACCESS_INFORMATION FILE_ACCESS_INFORMATION

FILE_ALIGNMENT_INFORMATION

typedef struct _FILE_ALIGNMENT_INFORMATION FILE_ALIGNMENT_INFORMATION

FILE_ALL_INFORMATION

typedef struct _FILE_ALL_INFORMATION FILE_ALL_INFORMATION

FILE_ALLOCATION_INFORMATION

typedef struct _FILE_ALLOCATION_INFORMATION FILE_ALLOCATION_INFORMATION

FILE_ATTRIBUTE_TAG_INFORMATION

typedef struct _FILE_ATTRIBUTE_TAG_INFORMATION FILE_ATTRIBUTE_TAG_INFORMATION

FILE_BASIC_INFORMATION

typedef struct _FILE_BASIC_INFORMATION FILE_BASIC_INFORMATION

FILE_BOTH_DIR_INFORMATION

typedef struct _FILE_BOTH_DIR_INFORMATION FILE_BOTH_DIR_INFORMATION

FILE_COMPLETION_INFORMATION

typedef struct _FILE_COMPLETION_INFORMATION FILE_COMPLETION_INFORMATION

FILE_COMPRESSION_INFORMATION

typedef struct _FILE_COMPRESSION_INFORMATION FILE_COMPRESSION_INFORMATION

FILE_DIRECTORY_INFORMATION

typedef struct _FILE_DIRECTORY_INFORMATION FILE_DIRECTORY_INFORMATION

FILE_DISPOSITION_INFORMATION

typedef struct _FILE_DISPOSITION_INFORMATION FILE_DISPOSITION_INFORMATION

FILE_EA_INFORMATION

typedef struct _FILE_EA_INFORMATION FILE_EA_INFORMATION

FILE_END_OF_FILE_INFORMATION

typedef struct _FILE_END_OF_FILE_INFORMATION FILE_END_OF_FILE_INFORMATION

FILE_FULL_DIR_INFORMATION

typedef struct _FILE_FULL_DIR_INFORMATION FILE_FULL_DIR_INFORMATION

FILE_FULL_EA_INFORMATION

typedef struct _FILE_FULL_EA_INFORMATION FILE_FULL_EA_INFORMATION

FILE_ID_BOTH_DIR_INFORMATION

typedef struct _FILE_ID_BOTH_DIR_INFORMATION FILE_ID_BOTH_DIR_INFORMATION

FILE_ID_FULL_DIR_INFORMATION

typedef struct _FILE_ID_FULL_DIR_INFORMATION FILE_ID_FULL_DIR_INFORMATION

FILE_INFORMATION_CLASS

typedef enum _FILE_INFORMATION_CLASS FILE_INFORMATION_CLASS

FILE_INTERNAL_INFORMATION

typedef struct _FILE_INTERNAL_INFORMATION FILE_INTERNAL_INFORMATION

FILE_LINK_ENTRY_INFORMATION

typedef struct _FILE_LINK_ENTRY_INFORMATION FILE_LINK_ENTRY_INFORMATION

FILE_LINK_INFORMATION

typedef struct _FILE_LINK_INFORMATION FILE_LINK_INFORMATION

FILE_LINKS_INFORMATION

typedef struct _FILE_LINKS_INFORMATION FILE_LINKS_INFORMATION

FILE_MAILSLOT_QUERY_INFORMATION

typedef struct _FILE_MAILSLOT_QUERY_INFORMATION FILE_MAILSLOT_QUERY_INFORMATION

FILE_MAILSLOT_SET_INFORMATION

typedef struct _FILE_MAILSLOT_SET_INFORMATION FILE_MAILSLOT_SET_INFORMATION

FILE_MODE_INFORMATION

typedef struct _FILE_MODE_INFORMATION FILE_MODE_INFORMATION

FILE_MOVE_CLUSTER_INFORMATION

typedef struct _FILE_MOVE_CLUSTER_INFORMATION FILE_MOVE_CLUSTER_INFORMATION

FILE_NAME_INFORMATION

typedef struct _FILE_NAME_INFORMATION FILE_NAME_INFORMATION

FILE_NAMES_INFORMATION

typedef struct _FILE_NAMES_INFORMATION FILE_NAMES_INFORMATION

FILE_NETWORK_OPEN_INFORMATION

typedef struct _FILE_NETWORK_OPEN_INFORMATION FILE_NETWORK_OPEN_INFORMATION

FILE_OBJECTID_INFORMATION

typedef struct _FILE_OBJECTID_INFORMATION FILE_OBJECTID_INFORMATION

FILE_PIPE_INFORMATION

typedef struct _FILE_PIPE_INFORMATION FILE_PIPE_INFORMATION

FILE_PIPE_LOCAL_INFORMATION

typedef struct _FILE_PIPE_LOCAL_INFORMATION FILE_PIPE_LOCAL_INFORMATION

FILE_PIPE_REMOTE_INFORMATION

typedef struct _FILE_PIPE_REMOTE_INFORMATION FILE_PIPE_REMOTE_INFORMATION

FILE_POSITION_INFORMATION

typedef struct _FILE_POSITION_INFORMATION FILE_POSITION_INFORMATION

FILE_QUOTA_INFORMATION

typedef struct _FILE_QUOTA_INFORMATION FILE_QUOTA_INFORMATION

FILE_RENAME_INFORMATION

typedef struct _FILE_RENAME_INFORMATION FILE_RENAME_INFORMATION

FILE_REPARSE_POINT_INFORMATION

typedef struct _FILE_REPARSE_POINT_INFORMATION FILE_REPARSE_POINT_INFORMATION

FILE_STANDARD_INFORMATION

typedef struct _FILE_STANDARD_INFORMATION FILE_STANDARD_INFORMATION

FILE_STREAM_INFORMATION

typedef struct _FILE_STREAM_INFORMATION FILE_STREAM_INFORMATION

FILE_TRACKING_INFORMATION

typedef struct _FILE_TRACKING_INFORMATION FILE_TRACKING_INFORMATION

FILE_VALID_DATA_LENGTH_INFORMATION

typedef struct _FILE_VALID_DATA_LENGTH_INFORMATION FILE_VALID_DATA_LENGTH_INFORMATION

FirstStruct

typedef PVOID FirstStruct

Definition at line 729 of file ntddk.h.

FS_INFORMATION_CLASS

typedef enum _FSINFOCLASS FS_INFORMATION_CLASS

IO_STATUS_BLOCK

typedef struct _IO_STATUS_BLOCK IO_STATUS_BLOCK

KEY_BASIC_INFORMATION

typedef struct _KEY_BASIC_INFORMATION KEY_BASIC_INFORMATION

KEY_CACHED_INFORMATION

typedef struct _KEY_CACHED_INFORMATION KEY_CACHED_INFORMATION

KEY_FLAGS_INFORMATION

typedef struct _KEY_FLAGS_INFORMATION KEY_FLAGS_INFORMATION

KEY_FULL_INFORMATION

typedef struct _KEY_FULL_INFORMATION KEY_FULL_INFORMATION

KEY_INFORMATION_CLASS

typedef enum _KEY_INFORMATION_CLASS KEY_INFORMATION_CLASS

KEY_NAME_INFORMATION

typedef struct _KEY_NAME_INFORMATION KEY_NAME_INFORMATION

KEY_NODE_INFORMATION

typedef struct _KEY_NODE_INFORMATION KEY_NODE_INFORMATION

KEY_VALUE_FULL_INFORMATION

typedef struct _KEY_VALUE_FULL_INFORMATION KEY_VALUE_FULL_INFORMATION

KEY_VALUE_INFORMATION_CLASS

typedef enum _KEY_VALUE_INFORMATION_CLASS KEY_VALUE_INFORMATION_CLASS

KEY_VALUE_PARTIAL_INFORMATION

typedef struct _KEY_VALUE_PARTIAL_INFORMATION KEY_VALUE_PARTIAL_INFORMATION

KPRIORITY

typedef LONG KPRIORITY

Definition at line 1297 of file ntddk.h.

LDR_DATA_TABLE_ENTRY

typedef struct _LDR_DATA_TABLE_ENTRY LDR_DATA_TABLE_ENTRY

LPC_TYPE

typedef enum _LPC_TYPE LPC_TYPE

NTSTATUS

typedef long NTSTATUS

Definition at line 28 of file ntddk.h.

OBJECT_ATTRIBUTES

typedef struct _OBJECT_ATTRIBUTES OBJECT_ATTRIBUTES

OBJECT_BASIC_INFORMATION

typedef struct _OBJECT_BASIC_INFORMATION OBJECT_BASIC_INFORMATION

OBJECT_DIRECTORY_INFORMATION

typedef struct _OBJECT_DIRECTORY_INFORMATION OBJECT_DIRECTORY_INFORMATION

OBJECT_HANDLE_FLAG_INFORMATION

typedef struct _OBJECT_HANDLE_FLAG_INFORMATION OBJECT_HANDLE_FLAG_INFORMATION

OBJECT_INFORMATION_CLASS

typedef enum _OBJECT_INFORMATION_CLASS OBJECT_INFORMATION_CLASS

OBJECT_NAME_INFORMATION

typedef struct _OBJECT_NAME_INFORMATION OBJECT_NAME_INFORMATION

OBJECT_TYPE_INFORMATION

typedef struct _OBJECT_TYPE_INFORMATION OBJECT_TYPE_INFORMATION

OEM_STRING

typedef STRING OEM_STRING

Definition at line 91 of file ntddk.h.

PANSI_STRING

typedef PSTRING PANSI_STRING

Definition at line 89 of file ntddk.h.

PCLIENT_ID

typedef struct _CLIENT_ID * PCLIENT_ID

PCOEM_STRING

typedef CONST STRING* PCOEM_STRING

Definition at line 93 of file ntddk.h.

PCUNICODE_STRING

typedef const UNICODE_STRING* PCUNICODE_STRING

Definition at line 95 of file ntddk.h.

PCURDIR

typedef struct _CURDIR * PCURDIR

PEB

typedef struct _PEB PEB

PEB_FREE_BLOCK

typedef struct _PEB_FREE_BLOCK PEB_FREE_BLOCK

PEB_LDR_DATA

typedef struct _PEB_LDR_DATA PEB_LDR_DATA

PEVENT_BASIC_INFORMATION

typedef struct _EVENT_BASIC_INFORMATION * PEVENT_BASIC_INFORMATION

PFILE_ACCESS_INFORMATION

typedef struct _FILE_ACCESS_INFORMATION * PFILE_ACCESS_INFORMATION

PFILE_ALIGNMENT_INFORMATION

typedef struct _FILE_ALIGNMENT_INFORMATION * PFILE_ALIGNMENT_INFORMATION

PFILE_ALL_INFORMATION

typedef struct _FILE_ALL_INFORMATION * PFILE_ALL_INFORMATION

PFILE_ALLOCATION_INFORMATION

typedef struct _FILE_ALLOCATION_INFORMATION * PFILE_ALLOCATION_INFORMATION

PFILE_ATTRIBUTE_TAG_INFORMATION

typedef struct _FILE_ATTRIBUTE_TAG_INFORMATION * PFILE_ATTRIBUTE_TAG_INFORMATION

PFILE_BASIC_INFORMATION

typedef struct _FILE_BASIC_INFORMATION * PFILE_BASIC_INFORMATION

PFILE_BOTH_DIR_INFORMATION

typedef struct _FILE_BOTH_DIR_INFORMATION * PFILE_BOTH_DIR_INFORMATION

PFILE_COMPLETION_INFORMATION

typedef struct _FILE_COMPLETION_INFORMATION * PFILE_COMPLETION_INFORMATION

PFILE_COMPRESSION_INFORMATION

typedef struct _FILE_COMPRESSION_INFORMATION * PFILE_COMPRESSION_INFORMATION

PFILE_DIRECTORY_INFORMATION

typedef struct _FILE_DIRECTORY_INFORMATION * PFILE_DIRECTORY_INFORMATION

PFILE_DISPOSITION_INFORMATION

typedef struct _FILE_DISPOSITION_INFORMATION * PFILE_DISPOSITION_INFORMATION

PFILE_EA_INFORMATION

typedef struct _FILE_EA_INFORMATION * PFILE_EA_INFORMATION

PFILE_END_OF_FILE_INFORMATION

typedef struct _FILE_END_OF_FILE_INFORMATION * PFILE_END_OF_FILE_INFORMATION

PFILE_FULL_DIR_INFORMATION

typedef struct _FILE_FULL_DIR_INFORMATION * PFILE_FULL_DIR_INFORMATION

PFILE_FULL_EA_INFORMATION

typedef struct _FILE_FULL_EA_INFORMATION * PFILE_FULL_EA_INFORMATION

PFILE_ID_BOTH_DIR_INFORMATION

typedef struct _FILE_ID_BOTH_DIR_INFORMATION * PFILE_ID_BOTH_DIR_INFORMATION

PFILE_ID_FULL_DIR_INFORMATION

typedef struct _FILE_ID_FULL_DIR_INFORMATION * PFILE_ID_FULL_DIR_INFORMATION

PFILE_INFORMATION_CLASS

typedef enum _FILE_INFORMATION_CLASS * PFILE_INFORMATION_CLASS

PFILE_INTERNAL_INFORMATION

typedef struct _FILE_INTERNAL_INFORMATION * PFILE_INTERNAL_INFORMATION

PFILE_LINK_ENTRY_INFORMATION

typedef struct _FILE_LINK_ENTRY_INFORMATION * PFILE_LINK_ENTRY_INFORMATION

PFILE_LINK_INFORMATION

typedef struct _FILE_LINK_INFORMATION * PFILE_LINK_INFORMATION

PFILE_LINKS_INFORMATION

typedef struct _FILE_LINKS_INFORMATION * PFILE_LINKS_INFORMATION

PFILE_MAILSLOT_QUERY_INFORMATION

typedef struct _FILE_MAILSLOT_QUERY_INFORMATION * PFILE_MAILSLOT_QUERY_INFORMATION

PFILE_MAILSLOT_SET_INFORMATION

typedef struct _FILE_MAILSLOT_SET_INFORMATION * PFILE_MAILSLOT_SET_INFORMATION

PFILE_MODE_INFORMATION

typedef struct _FILE_MODE_INFORMATION * PFILE_MODE_INFORMATION

PFILE_MOVE_CLUSTER_INFORMATION

typedef struct _FILE_MOVE_CLUSTER_INFORMATION * PFILE_MOVE_CLUSTER_INFORMATION

PFILE_NAME_INFORMATION

typedef struct _FILE_NAME_INFORMATION * PFILE_NAME_INFORMATION

PFILE_NAMES_INFORMATION

typedef struct _FILE_NAMES_INFORMATION * PFILE_NAMES_INFORMATION

PFILE_NETWORK_OPEN_INFORMATION

typedef struct _FILE_NETWORK_OPEN_INFORMATION * PFILE_NETWORK_OPEN_INFORMATION

PFILE_OBJECTID_INFORMATION

typedef struct _FILE_OBJECTID_INFORMATION * PFILE_OBJECTID_INFORMATION

PFILE_PIPE_INFORMATION

typedef struct _FILE_PIPE_INFORMATION * PFILE_PIPE_INFORMATION

PFILE_PIPE_LOCAL_INFORMATION

typedef struct _FILE_PIPE_LOCAL_INFORMATION * PFILE_PIPE_LOCAL_INFORMATION

PFILE_PIPE_REMOTE_INFORMATION

typedef struct _FILE_PIPE_REMOTE_INFORMATION * PFILE_PIPE_REMOTE_INFORMATION

PFILE_POSITION_INFORMATION

typedef struct _FILE_POSITION_INFORMATION * PFILE_POSITION_INFORMATION

PFILE_QUOTA_INFORMATION

typedef struct _FILE_QUOTA_INFORMATION * PFILE_QUOTA_INFORMATION

PFILE_RENAME_INFORMATION

typedef struct _FILE_RENAME_INFORMATION * PFILE_RENAME_INFORMATION

PFILE_REPARSE_POINT_INFORMATION

typedef struct _FILE_REPARSE_POINT_INFORMATION * PFILE_REPARSE_POINT_INFORMATION

PFILE_STANDARD_INFORMATION

typedef struct _FILE_STANDARD_INFORMATION * PFILE_STANDARD_INFORMATION

PFILE_STREAM_INFORMATION

typedef struct _FILE_STREAM_INFORMATION * PFILE_STREAM_INFORMATION

PFILE_TRACKING_INFORMATION

typedef struct _FILE_TRACKING_INFORMATION * PFILE_TRACKING_INFORMATION

PFILE_VALID_DATA_LENGTH_INFORMATION

typedef struct _FILE_VALID_DATA_LENGTH_INFORMATION * PFILE_VALID_DATA_LENGTH_INFORMATION

PFS_INFORMATION_CLASS

typedef enum _FSINFOCLASS * PFS_INFORMATION_CLASS

PIO_APC_ROUTINE

typedef VOID(NTAPI * PIO_APC_ROUTINE) (IN PVOID ApcContext, IN PIO_STATUS_BLOCK IoStatusBlock, IN ULONG Reserved)

Definition at line 1725 of file ntddk.h.

PIO_STATUS_BLOCK

typedef struct _IO_STATUS_BLOCK * PIO_STATUS_BLOCK

PKEY_BASIC_INFORMATION

typedef struct _KEY_BASIC_INFORMATION * PKEY_BASIC_INFORMATION

PKEY_CACHED_INFORMATION

typedef struct _KEY_CACHED_INFORMATION * PKEY_CACHED_INFORMATION

PKEY_FLAGS_INFORMATION

typedef struct _KEY_FLAGS_INFORMATION * PKEY_FLAGS_INFORMATION

PKEY_FULL_INFORMATION

typedef struct _KEY_FULL_INFORMATION * PKEY_FULL_INFORMATION

PKEY_NAME_INFORMATION

typedef struct _KEY_NAME_INFORMATION * PKEY_NAME_INFORMATION

PKEY_NODE_INFORMATION

typedef struct _KEY_NODE_INFORMATION * PKEY_NODE_INFORMATION

PKEY_VALUE_FULL_INFORMATION

typedef struct _KEY_VALUE_FULL_INFORMATION * PKEY_VALUE_FULL_INFORMATION

PKEY_VALUE_PARTIAL_INFORMATION

typedef struct _KEY_VALUE_PARTIAL_INFORMATION * PKEY_VALUE_PARTIAL_INFORMATION

PLDR_DATA_TABLE_ENTRY

typedef struct _LDR_DATA_TABLE_ENTRY * PLDR_DATA_TABLE_ENTRY

PLPC_TYPE

typedef enum _LPC_TYPE * PLPC_TYPE

POBJECT_ATTRIBUTES

typedef struct _OBJECT_ATTRIBUTES * POBJECT_ATTRIBUTES

POBJECT_BASIC_INFORMATION

typedef struct _OBJECT_BASIC_INFORMATION * POBJECT_BASIC_INFORMATION

POBJECT_DIRECTORY_INFORMATION

typedef struct _OBJECT_DIRECTORY_INFORMATION * POBJECT_DIRECTORY_INFORMATION

POBJECT_HANDLE_FLAG_INFORMATION

typedef struct _OBJECT_HANDLE_FLAG_INFORMATION * POBJECT_HANDLE_FLAG_INFORMATION

POBJECT_NAME_INFORMATION

typedef struct _OBJECT_NAME_INFORMATION * POBJECT_NAME_INFORMATION

POBJECT_TYPE_INFORMATION

typedef struct _OBJECT_TYPE_INFORMATION * POBJECT_TYPE_INFORMATION

POEM_STRING

typedef PSTRING POEM_STRING

Definition at line 92 of file ntddk.h.

POOL_TYPE

typedef enum _POOL_TYPE POOL_TYPE

PORT_MESSAGE

typedef struct _PORT_MESSAGE PORT_MESSAGE

PORT_VIEW

typedef struct _PORT_VIEW PORT_VIEW

PPEB

typedef struct _PEB * PPEB

PPEB_FREE_BLOCK

typedef struct _PEB_FREE_BLOCK * PPEB_FREE_BLOCK

PPEB_LDR_DATA

typedef struct _PEB_LDR_DATA * PPEB_LDR_DATA

PPORT_MESSAGE

typedef struct _PORT_MESSAGE * PPORT_MESSAGE

PPORT_VIEW

typedef struct _PORT_VIEW * PPORT_VIEW

PPROCESS_BASIC_INFORMATION

typedef struct _PROCESS_BASIC_INFORMATION* PPROCESS_BASIC_INFORMATION

PREMOTE_PORT_VIEW

typedef struct _REMOTE_PORT_VIEW * PREMOTE_PORT_VIEW

PROCESS_BASIC_INFORMATION

typedef struct _PROCESS_BASIC_INFORMATION PROCESS_BASIC_INFORMATION

PROCESSINFOCLASS

typedef enum _PROCESSINFOCLASS PROCESSINFOCLASS

PRTL_DRIVE_LETTER_CURDIR

typedef struct _RTL_DRIVE_LETTER_CURDIR * PRTL_DRIVE_LETTER_CURDIR

PRTL_GENERIC_ALLOCATE_ROUTINE

typedef PVOID(NTAPI * PRTL_GENERIC_ALLOCATE_ROUTINE) (struct _RTL_GENERIC_TABLE *Table, ULONG ByteSize)

Definition at line 734 of file ntddk.h.

PRTL_GENERIC_FREE_ROUTINE

typedef VOID(NTAPI * PRTL_GENERIC_FREE_ROUTINE) (struct _RTL_GENERIC_TABLE *Table, PVOID Buffer)

Definition at line 741 of file ntddk.h.

PRTL_GENERIC_TABLE

typedef struct _RTL_GENERIC_TABLE * PRTL_GENERIC_TABLE

PRTL_HANDLE_TABLE

typedef struct _RTL_HANDLE_TABLE * PRTL_HANDLE_TABLE

PRTL_HANDLE_TABLE_ENTRY

typedef struct _RTL_HANDLE_TABLE_ENTRY * PRTL_HANDLE_TABLE_ENTRY

PRTL_HEAP_PARAMETERS

typedef struct RTL_HEAP_PARAMETERS * PRTL_HEAP_PARAMETERS

PRTL_QUERY_REGISTRY_ROUTINE

typedef NTSTATUS(NTAPI * PRTL_QUERY_REGISTRY_ROUTINE) (IN PWSTR ValueName, IN ULONG ValueType, IN PVOID ValueData, IN ULONG ValueLength, IN PVOID Context, IN PVOID EntryContext)

Definition at line 1205 of file ntddk.h.

PRTL_QUERY_REGISTRY_TABLE

typedef struct _RTL_QUERY_REGISTRY_TABLE * PRTL_QUERY_REGISTRY_TABLE

PRTL_SPLAY_LINKS

typedef struct _RTL_SPLAY_LINKS * PRTL_SPLAY_LINKS

PRTL_USER_PROCESS_PARAMETERS

typedef struct _RTL_USER_PROCESS_PARAMETERS * PRTL_USER_PROCESS_PARAMETERS

PSECTION_INFORMATION_CLASS

typedef enum _SECTION_INFORMATION_CLASS * PSECTION_INFORMATION_CLASS

PSHUTDOWN_ACTION

typedef enum _SHUTDOWN_ACTION * PSHUTDOWN_ACTION

PSTRING

typedef struct _STRING * PSTRING

PSYSTEM_BASIC_INFORMATION

typedef struct _SYSTEM_BASIC_INFORMATION * PSYSTEM_BASIC_INFORMATION

PSYSTEM_DEVICE_INFORMATION

typedef struct _SYSTEM_DEVICE_INFORMATION * PSYSTEM_DEVICE_INFORMATION

PSYSTEM_FLAGS_INFORMATION

typedef struct _SYSTEM_FLAGS_INFORMATION * PSYSTEM_FLAGS_INFORMATION

PSYSTEM_INFORMATION_CLASS

typedef enum _SYSTEM_INFORMATION_CLASS * PSYSTEM_INFORMATION_CLASS

PSYSTEM_MODULE

typedef struct _SYSTEM_MODULE * PSYSTEM_MODULE

PSYSTEM_MODULE_INFORMATION

typedef struct _SYSTEM_MODULE_INFORMATION * PSYSTEM_MODULE_INFORMATION

PSYSTEM_PERFORMANCE_INFORMATION

typedef struct _SYSTEM_PERFORMANCE_INFORMATION * PSYSTEM_PERFORMANCE_INFORMATION

PSYSTEM_PROCESS_INFORMATION

typedef struct _SYSTEM_PROCESS_INFORMATION * PSYSTEM_PROCESS_INFORMATION

PSYSTEM_PROCESSOR_INFORMATION

typedef struct _SYSTEM_PROCESSOR_INFORMATION * PSYSTEM_PROCESSOR_INFORMATION

PSYSTEM_PROCESSOR_PERFORMANCE_INFORMATION

typedef struct _SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION * PSYSTEM_PROCESSOR_PERFORMANCE_INFORMATION

PSYSTEM_TIMEOFDAY_INFORMATION

typedef struct _SYSTEM_TIMEOFDAY_INFORMATION * PSYSTEM_TIMEOFDAY_INFORMATION

PTEB

typedef struct _TEB * PTEB

PUNICODE_STRING

typedef struct _UNICODE_STRING * PUNICODE_STRING

REMOTE_PORT_VIEW

typedef struct _REMOTE_PORT_VIEW REMOTE_PORT_VIEW

RTL_DRIVE_LETTER_CURDIR

typedef struct _RTL_DRIVE_LETTER_CURDIR RTL_DRIVE_LETTER_CURDIR

RTL_GENERIC_COMPARE_RESULTS

typedef enum _RTL_GENERIC_COMPARE_RESULTS RTL_GENERIC_COMPARE_RESULTS

RTL_GENERIC_TABLE

typedef struct _RTL_GENERIC_TABLE RTL_GENERIC_TABLE

RTL_HANDLE_TABLE

typedef struct _RTL_HANDLE_TABLE RTL_HANDLE_TABLE

RTL_HANDLE_TABLE_ENTRY

typedef struct _RTL_HANDLE_TABLE_ENTRY RTL_HANDLE_TABLE_ENTRY

RTL_HEAP_PARAMETERS

typedef struct RTL_HEAP_PARAMETERS RTL_HEAP_PARAMETERS

RTL_QUERY_REGISTRY_TABLE

typedef struct _RTL_QUERY_REGISTRY_TABLE RTL_QUERY_REGISTRY_TABLE

RTL_SPLAY_LINKS

typedef struct _RTL_SPLAY_LINKS RTL_SPLAY_LINKS

RTL_USER_PROCESS_PARAMETERS

typedef struct _RTL_USER_PROCESS_PARAMETERS RTL_USER_PROCESS_PARAMETERS

SecondStruct

typedef PVOID PVOID SecondStruct

Definition at line 730 of file ntddk.h.

SECTION_INFORMATION_CLASS

typedef enum _SECTION_INFORMATION_CLASS SECTION_INFORMATION_CLASS

SECTION_INHERIT

typedef enum _SECTION_INHERIT SECTION_INHERIT

SHUTDOWN_ACTION

typedef enum _SHUTDOWN_ACTION SHUTDOWN_ACTION

STRING

typedef struct _STRING STRING

SYSTEM_BASIC_INFORMATION

typedef struct _SYSTEM_BASIC_INFORMATION SYSTEM_BASIC_INFORMATION

SYSTEM_DEVICE_INFORMATION

typedef struct _SYSTEM_DEVICE_INFORMATION SYSTEM_DEVICE_INFORMATION

SYSTEM_FLAGS_INFORMATION

typedef struct _SYSTEM_FLAGS_INFORMATION SYSTEM_FLAGS_INFORMATION

SYSTEM_INFORMATION_CLASS

typedef enum _SYSTEM_INFORMATION_CLASS SYSTEM_INFORMATION_CLASS

SYSTEM_MODULE

typedef struct _SYSTEM_MODULE SYSTEM_MODULE

SYSTEM_MODULE_INFORMATION

typedef struct _SYSTEM_MODULE_INFORMATION SYSTEM_MODULE_INFORMATION

SYSTEM_PERFORMANCE_INFORMATION

typedef struct _SYSTEM_PERFORMANCE_INFORMATION SYSTEM_PERFORMANCE_INFORMATION

SYSTEM_PROCESS_INFORMATION

typedef struct _SYSTEM_PROCESS_INFORMATION SYSTEM_PROCESS_INFORMATION

SYSTEM_PROCESSOR_INFORMATION

typedef struct _SYSTEM_PROCESSOR_INFORMATION SYSTEM_PROCESSOR_INFORMATION

SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION

typedef struct _SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION

SYSTEM_TIMEOFDAY_INFORMATION

typedef struct _SYSTEM_TIMEOFDAY_INFORMATION SYSTEM_TIMEOFDAY_INFORMATION

TEB

typedef struct _TEB TEB

THREADINFOCLASS

typedef enum _THREADINFOCLASS THREADINFOCLASS

UNICODE_STRING

typedef struct _UNICODE_STRING UNICODE_STRING

WAIT_TYPE

typedef enum _WAIT_TYPE WAIT_TYPE

Enumeration Type Documentation

_EVENT_INFORMATION_CLASS

enum _EVENT_INFORMATION_CLASS

Enumerator
EventBasicInformation

Definition at line 3810 of file ntddk.h.

_EVENT_TYPE

enum _EVENT_TYPE

Enumerator
NotificationEvent
SynchronizationEvent

Definition at line 53 of file ntddk.h.

_FILE_INFORMATION_CLASS

enum _FILE_INFORMATION_CLASS

Enumerator
FileDirectoryInformation
FileFullDirectoryInformation
FileBothDirectoryInformation
FileBasicInformation
FileStandardInformation
FileInternalInformation
FileEaInformation
FileAccessInformation
FileNameInformation
FileRenameInformation
FileLinkInformation
FileNamesInformation
FileDispositionInformation
FilePositionInformation
FileFullEaInformation
FileModeInformation
FileAlignmentInformation
FileAllInformation
FileAllocationInformation
FileEndOfFileInformation
FileAlternateNameInformation
FileStreamInformation
FilePipeInformation
FilePipeLocalInformation
FilePipeRemoteInformation
FileMailslotQueryInformation
FileMailslotSetInformation
FileCompressionInformation
FileObjectIdInformation
FileCompletionInformation
FileMoveClusterInformation
FileQuotaInformation
FileReparsePointInformation
FileNetworkOpenInformation
FileAttributeTagInformation
FileTrackingInformation
FileIdBothDirectoryInformation
FileIdFullDirectoryInformation
FileValidDataLengthInformation
FileShortNameInformation
FileIoCompletionNotificationInformation
FileIoStatusBlockRangeInformation
FileIoPriorityHintInformation
FileSfioReserveInformation
FileSfioVolumeInformation
FileHardLinkInformation
FileProcessIdsUsingFileInformation
FileMaximumInformation

Definition at line 1735 of file ntddk.h.

_FSINFOCLASS

enum _FSINFOCLASS

Enumerator
FileFsVolumeInformation
FileFsLabelInformation
FileFsSizeInformation
FileFsDeviceInformation
FileFsAttributeInformation
FileFsControlInformation
FileFsFullSizeInformation
FileFsObjectIdInformation
FileFsDriverPathInformation
FileFsMaximumInformation

Definition at line 2135 of file ntddk.h.

_KEY_INFORMATION_CLASS

enum _KEY_INFORMATION_CLASS

Enumerator
KeyBasicInformation
KeyNodeInformation
KeyFullInformation
KeyNameInformation
KeyCachedInformation
KeyFlagsInformation
MaxKeyInfoClass

Definition at line 944 of file ntddk.h.

_KEY_VALUE_INFORMATION_CLASS

enum _KEY_VALUE_INFORMATION_CLASS

Enumerator
KeyValueBasicInformation
KeyValueFullInformation
KeyValuePartialInformation
KeyValueFullInformationAlign64
KeyValuePartialInformationAlign64
MaxKeyValueInfoClass

Definition at line 1030 of file ntddk.h.

_LPC_TYPE

enum _LPC_TYPE

Enumerator
LPC_NEW_MESSAGE
LPC_REQUEST
LPC_REPLY
LPC_DATAGRAM
LPC_LOST_REPLY
LPC_PORT_CLOSED
LPC_CLIENT_DIED
LPC_EXCEPTION
LPC_DEBUG_EVENT
LPC_ERROR_EVENT
LPC_CONNECTION_REQUEST

Definition at line 2903 of file ntddk.h.

_OBJECT_INFORMATION_CLASS

enum _OBJECT_INFORMATION_CLASS

Enumerator
ObjectBasicInformation
ObjectNameInformation
ObjectTypeInformation
ObjectTypesInformation
ObjectHandleFlagInformation

Definition at line 536 of file ntddk.h.

_POOL_TYPE

enum _POOL_TYPE

Enumerator
NonPagedPool
PagedPool
NonPagedPoolMustSucceed
DontUseThisType
NonPagedPoolCacheAligned
PagedPoolCacheAligned
NonPagedPoolCacheAlignedMustS
MaxPoolType

Definition at line 520 of file ntddk.h.

_PROCESSINFOCLASS

enum _PROCESSINFOCLASS

Enumerator
ProcessBasicInformation
ProcessQuotaLimits
ProcessIoCounters
ProcessVmCounters
ProcessTimes
ProcessBasePriority
ProcessRaisePriority
ProcessDebugPort
ProcessExceptionPort
ProcessAccessToken
ProcessLdtInformation
ProcessLdtSize
ProcessDefaultHardErrorMode
ProcessIoPortHandlers
ProcessPooledUsageAndLimits
ProcessWorkingSetWatch
ProcessUserModeIOPL
ProcessEnableAlignmentFaultFixup
ProcessPriorityClass
ProcessWx86Information
ProcessHandleCount
ProcessAffinityMask
ProcessPriorityBoost
ProcessDeviceMap
ProcessSessionInformation
ProcessForegroundInformation
ProcessWow64Information
ProcessImageFileName
ProcessLUIDDeviceMapsEnabled
ProcessBreakOnTermination
ProcessDebugObjectHandle
ProcessDebugFlags
ProcessHandleTracing
MaxProcessInfoClass

Definition at line 2537 of file ntddk.h.

_RTL_GENERIC_COMPARE_RESULTS

enum _RTL_GENERIC_COMPARE_RESULTS

Enumerator
GenericLessThan
GenericGreaterThan
GenericEqual

Definition at line 708 of file ntddk.h.

_SECTION_INFORMATION_CLASS

enum _SECTION_INFORMATION_CLASS

Enumerator
SectionBasicInformation
SectionImageInformation

Definition at line 3540 of file ntddk.h.

_SECTION_INHERIT

enum _SECTION_INHERIT

Enumerator
ViewShare
ViewUnmap

Definition at line 3532 of file ntddk.h.

_SHUTDOWN_ACTION

enum _SHUTDOWN_ACTION

Enumerator
ShutdownNoReboot
ShutdownReboot
ShutdownPowerOff

Definition at line 1650 of file ntddk.h.

_SYSTEM_INFORMATION_CLASS

enum _SYSTEM_INFORMATION_CLASS

Enumerator
SystemBasicInformation
SystemProcessorInformation
SystemPerformanceInformation
SystemTimeOfDayInformation
SystemPathInformation
SystemProcessInformation
SystemCallCountInformation
SystemDeviceInformation
SystemProcessorPerformanceInformation
SystemFlagsInformation
SystemCallTimeInformation
SystemModuleInformation
SystemLocksInformation
SystemStackTraceInformation
SystemPagedPoolInformation
SystemNonPagedPoolInformation
SystemHandleInformation
SystemObjectInformation
SystemPageFileInformation
SystemVdmInstemulInformation
SystemVdmBopInformation
SystemFileCacheInformation
SystemPoolTagInformation
SystemInterruptInformation
SystemDpcBehaviorInformation
SystemFullMemoryInformation
SystemLoadGdiDriverInformation
SystemUnloadGdiDriverInformation
SystemTimeAdjustmentInformation
SystemSummaryMemoryInformation
SystemNextEventIdInformation
SystemEventIdsInformation
SystemCrashDumpInformation
SystemExceptionInformation
SystemCrashDumpStateInformation
SystemKernelDebuggerInformation
SystemContextSwitchInformation
SystemRegistryQuotaInformation
SystemExtendServiceTableInformation
SystemPrioritySeperation
SystemPlugPlayBusInformation
SystemDockInformation

Definition at line 1242 of file ntddk.h.

_THREADINFOCLASS

enum _THREADINFOCLASS

Enumerator
ThreadBasicInformation
ThreadTimes
ThreadPriority
ThreadBasePriority
ThreadAffinityMask
ThreadImpersonationToken
ThreadDescriptorTableEntry
ThreadEnableAlignmentFaultFixup
ThreadEventPair
ThreadQuerySetWin32StartAddress
ThreadZeroTlsCell
ThreadPerformanceCount
ThreadAmILastThread
ThreadIdealProcessor
ThreadPriorityBoost
ThreadSetTlsArrayAddress
MaxThreadInfoClass

Definition at line 2578 of file ntddk.h.

_WAIT_TYPE

enum _WAIT_TYPE

Enumerator
WaitAll
WaitAny

Definition at line 3757 of file ntddk.h.

Function Documentation

DbgBreakPoint()

NTSYSAPI VOID NTAPI DbgBreakPoint

(

VOID

)

DbgPrint()

NTSYSAPI ULONG _cdecl DbgPrint	(	PCH	Format,
			...
	)

LdrFindEntryForAddress()

NTSYSAPI NTSTATUS NTAPI LdrFindEntryForAddress	(	IN PVOID	Address,
		OUT PLDR_DATA_TABLE_ENTRY *	Module
	)

LdrGetDllHandle()

NTSYSAPI NTSTATUS NTAPI LdrGetDllHandle	(	IN PWSTR DllPath	OPTIONAL,
		IN PULONG DllCharacteristics	OPTIONAL,
		IN PUNICODE_STRING	DllName,
		OUT PVOID *	DllHandle
	)

LdrGetProcedureAddress()

NTSYSAPI NTSTATUS NTAPI LdrGetProcedureAddress	(	IN PVOID	DllHandle,
		IN PANSI_STRING ProcedureName	OPTIONAL,
		IN ULONG ProcedureNumber	OPTIONAL,
		OUT PVOID *	ProcedureAddress
	)

LdrLoadDll()

NTSYSAPI NTSTATUS NTAPI LdrLoadDll	(	IN PWSTR DllPath	OPTIONAL,
		IN PULONG DllCharacteristics	OPTIONAL,
		IN PUNICODE_STRING	DllName,
		OUT PVOID *	DllHandle
	)

NtAcceptConnectPort()

NTSYSAPI NTSTATUS NTAPI NtAcceptConnectPort	(	OUT PHANDLE	PortHandle,
		IN PVOID PortContext	OPTIONAL,
		IN PPORT_MESSAGE	ConnectionRequest,
		IN BOOLEAN	AcceptConnection,
		IN OUT PPORT_VIEW ServerView	OPTIONAL,
		OUT PREMOTE_PORT_VIEW ClientView	OPTIONAL
	)

NtAdjustPrivilegesToken()

NTSYSAPI NTSTATUS NTAPI NtAdjustPrivilegesToken	(	IN HANDLE	TokenHandle,
		IN BOOLEAN	DisableAllPrivileges,
		IN PTOKEN_PRIVILEGES NewState	OPTIONAL,
		IN ULONG BufferLength	OPTIONAL,
		IN PTOKEN_PRIVILEGES PreviousState	OPTIONAL,
		OUT PULONG	ReturnLength
	)

NtAllocateVirtualMemory()

NTSYSAPI NTSTATUS NTAPI NtAllocateVirtualMemory	(	IN HANDLE	ProcessHandle,
		IN OUT PVOID *	BaseAddress,
		IN ULONG	ZeroBits,
		IN OUT PULONG	RegionSize,
		IN ULONG	AllocationType,
		IN ULONG	Protect
	)

NtCancelIoFile()

NTSYSAPI NTSTATUS NTAPI NtCancelIoFile	(	IN HANDLE	Filehandle,
		OUT PIO_STATUS_BLOCK	IoStatusBlock
	)

NtClearEvent()

NTSYSAPI NTSTATUS NTAPI NtClearEvent

(

IN HANDLE

Handle

)

NtClose()

NTSYSAPI NTSTATUS NTAPI NtClose

(

IN HANDLE

Handle

)

NtCompareTokens()

NTSYSAPI NTSTATUS NTAPI NtCompareTokens	(	IN HANDLE	FirstTokenHandle,
		IN HANDLE	SecondTokenHandle,
		OUT PBOOLEAN	IdenticalTokens
	)

NtCompleteConnectPort()

NTSYSAPI NTSTATUS NTAPI NtCompleteConnectPort

(

IN HANDLE

PortHandle

)

NtConnectPort()

NTSYSAPI NTSTATUS NTAPI NtConnectPort	(	OUT PHANDLE	PortHandle,
		IN PUNICODE_STRING	PortName,
		IN PSECURITY_QUALITY_OF_SERVICE	SecurityQos,
		IN OUT PPORT_VIEW ClientView	OPTIONAL,
		OUT PREMOTE_PORT_VIEW ServerView	OPTIONAL,
		OUT PULONG MaxMessageLength	OPTIONAL,
		IN OUT PVOID ConnectionInformation	OPTIONAL,
		IN OUT PULONG ConnectionInformationLength	OPTIONAL
	)

NtCreateEvent()

NTSYSAPI NTSTATUS NTAPI NtCreateEvent	(	OUT PHANDLE	EventHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES ObjectAttributes	OPTIONAL,
		IN EVENT_TYPE	EventType,
		IN BOOLEAN	InitialState
	)

NtCreateFile()

NTSYSAPI NTSTATUS NTAPI NtCreateFile	(	OUT PHANDLE	FileHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES	ObjectAttributes,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		IN PLARGE_INTEGER	AllocationSize,
		IN ULONG	FileAttributes,
		IN ULONG	ShareAccess,
		IN ULONG	CreateDisposition,
		IN ULONG	CreateOptions,
		IN PVOID	EaBuffer,
		IN ULONG	EaLength
	)

NtCreateKey()

NTSYSAPI NTSTATUS NTAPI NtCreateKey	(	OUT PHANDLE	KeyHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES	ObjectAttributes,
		IN ULONG	TitleIndex,
		IN PUNICODE_STRING Class	OPTIONAL,
		IN ULONG	CreateOptions,
		OUT PULONG Disposition	OPTIONAL
	)

NtCreatePort()

NTSYSAPI NTSTATUS NTAPI NtCreatePort	(	OUT PHANDLE	PortHandle,
		IN POBJECT_ATTRIBUTES	ObjectAttributes,
		IN ULONG	MaxConnectionInfoLength,
		IN ULONG	MaxMessageLength,
		IN ULONG	MaxPoolUsage
	)

NtCreateSection()

NTSYSAPI NTSTATUS NTAPI NtCreateSection	(	OUT PHANDLE	SectionHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES ObjectAttributes	OPTIONAL,
		IN PLARGE_INTEGER MaximumSize	OPTIONAL,
		IN ULONG	SectionPageProtection,
		IN ULONG	AllocationAttributes,
		IN HANDLE FileHandle	OPTIONAL
	)

NtDeleteFile()

NTSYSAPI NTSTATUS NTAPI NtDeleteFile

(

IN POBJECT_ATTRIBUTES

ObjectAttributes

)

NtDeleteKey()

NTSYSAPI NTSTATUS NTAPI NtDeleteKey

(

IN HANDLE

KeyHandle

)

NtDeleteValueKey()

NTSYSAPI NTSTATUS NTAPI NtDeleteValueKey	(	IN HANDLE	KeyHandle,
		IN PUNICODE_STRING	ValueName
	)

NtDeviceIoControlFile()

NTSYSAPI NTSTATUS NTAPI NtDeviceIoControlFile	(	IN HANDLE	FileHandle,
		IN HANDLE	Event,
		IN PIO_APC_ROUTINE	ApcRoutine,
		IN PVOID	ApcContext,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		IN ULONG	IoControlCode,
		IN PVOID	InputBuffer,
		IN ULONG	InputBufferLength,
		IN PVOID	OutputBuffer,
		IN ULONG	OutputBufferLength
	)

NtDisplayString()

NTSYSAPI NTSTATUS NTAPI NtDisplayString

(

IN PUNICODE_STRING

String

)

NtDuplicateObject()

NTSYSAPI NTSTATUS NTAPI NtDuplicateObject	(	IN HANDLE	SourceProcessHandle,
		IN HANDLE	SourceHandle,
		IN HANDLE TargetProcessHandle	OPTIONAL,
		OUT PHANDLE TargetHandle	OPTIONAL,
		IN ACCESS_MASK	DesiredAccess,
		IN ULONG	HandleAttributes,
		IN ULONG	Options
	)

NtDuplicateToken()

NTSYSAPI NTSTATUS NTAPI NtDuplicateToken	(	IN HANDLE	ExistingTokenHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES	ObjectAttributes,
		IN BOOLEAN	EffectiveOnly,
		IN TOKEN_TYPE	TokenType,
		OUT PHANDLE	NewTokenHandle
	)

NtEnumerateKey()

NTSYSAPI NTSTATUS NTAPI NtEnumerateKey	(	IN HANDLE	KeyHandle,
		IN ULONG	Index,
		IN KEY_INFORMATION_CLASS	KeyInformationClass,
		IN PVOID	KeyInformation,
		IN ULONG	Length,
		IN PULONG	ResultLength
	)

NtExtendSection()

NTSYSAPI NTSTATUS NTAPI NtExtendSection	(	IN HANDLE	SectionHandle,
		IN OUT PLARGE_INTEGER	SectionSize
	)

NtFlushBuffersFile()

NTSYSAPI NTSTATUS NTAPI NtFlushBuffersFile	(	IN HANDLE	FileHandle,
		OUT PIO_STATUS_BLOCK	IoStatusBlock
	)

NtFreeVirtualMemory()

NTSYSAPI NTSTATUS NTAPI NtFreeVirtualMemory	(	IN HANDLE	ProcessHandle,
		IN OUT PVOID *	BaseAddress,
		IN OUT PULONG	RegionSize,
		IN ULONG	FreeType
	)

NtListenPort()

NTSYSAPI NTSTATUS NTAPI NtListenPort	(	IN HANDLE	PortHandle,
		OUT PPORT_MESSAGE	RequestMessage
	)

NtMapViewOfSection()

NTSYSAPI NTSTATUS NTAPI NtMapViewOfSection	(	IN HANDLE	SectionHandle,
		IN HANDLE	ProcessHandle,
		IN OUT PVOID *	BaseAddress,
		IN ULONG_PTR	ZeroBits,
		IN SIZE_T	CommitSize,
		IN OUT PLARGE_INTEGER SectionOffset	OPTIONAL,
		IN OUT PSIZE_T	ViewSize,
		IN SECTION_INHERIT	InheritDisposition,
		IN ULONG	AllocationType,
		IN ULONG	Protect
	)

NtOpenDirectoryObject()

NTSYSAPI NTSTATUS NTAPI NtOpenDirectoryObject	(	OUT PHANDLE	DirectoryHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES	ObjectAttributes
	)

NtOpenEvent()

NTSYSAPI NTSTATUS NTAPI NtOpenEvent	(	OUT PHANDLE	EventHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES	ObjectAttributes
	)

NtOpenFile()

NTSYSAPI NTSTATUS NTAPI NtOpenFile	(	OUT PHANDLE	FileHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES	ObjectAttributes,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		IN ULONG	ShareAccess,
		IN ULONG	OpenOptions
	)

NtOpenKey()

NTSYSAPI NTSTATUS NTAPI NtOpenKey	(	OUT PHANDLE	KeyHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES	ObjectAttributes
	)

NtOpenProcess()

NTSYSAPI NTSTATUS NTAPI NtOpenProcess	(	OUT PHANDLE	ProcessHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES	ObjectAttributes,
		IN PCLIENT_ID ClientId	OPTIONAL
	)

NtOpenProcessToken()

NTSYSAPI NTSTATUS NTAPI NtOpenProcessToken	(	IN HANDLE	ProcessHandle,
		IN ACCESS_MASK	DesiredAccess,
		OUT PHANDLE	TokenHandle
	)

NtOpenSection()

NTSYSAPI NTSTATUS NTAPI NtOpenSection	(	OUT PHANDLE	SectionHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES	ObjectAttributes
	)

NtOpenSymbolicLinkObject()

NTSYSAPI NTSTATUS NTAPI NtOpenSymbolicLinkObject	(	OUT PHANDLE	SymbolicLinkHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES	ObjectAttributes
	)

NtOpenThread()

NTSYSAPI NTSTATUS NTAPI NtOpenThread	(	OUT PHANDLE	ThreadHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES	ObjectAttributes,
		IN PCLIENT_ID ClientId	OPTIONAL
	)

NtOpenThreadToken()

NTSYSAPI NTSTATUS NTAPI NtOpenThreadToken	(	IN HANDLE	ThreadHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN BOOLEAN	OpenAsSelf,
		OUT PHANDLE	TokenHandle
	)

NtPulseEvent()

NTSYSAPI NTSTATUS NTAPI NtPulseEvent	(	IN HANDLE	Handle,
		OUT PLONG PreviousState	OPTIONAL
	)

NtQueryDirectoryFile()

NTSYSAPI NTSTATUS NTAPI NtQueryDirectoryFile	(	IN HANDLE	FileHandle,
		IN HANDLE Event	OPTIONAL,
		IN PIO_APC_ROUTINE ApcRoutine	OPTIONAL,
		IN PVOID ApcContext	OPTIONAL,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		OUT PVOID	FileInformation,
		IN ULONG	Length,
		IN FILE_INFORMATION_CLASS	FileInformationClass,
		IN BOOLEAN	ReturnSingleEntry,
		IN PUNICODE_STRING FileName	OPTIONAL,
		IN BOOLEAN	RestartScan
	)

NtQueryDirectoryObject()

NTSYSAPI NTSTATUS NTAPI NtQueryDirectoryObject	(	IN HANDLE	DirectoryHandle,
		OUT PVOID	Buffer,
		IN ULONG	Length,
		IN BOOLEAN	ReturnSingleEntry,
		IN BOOLEAN	RestartScan,
		IN OUT PULONG	Context,
		OUT PULONG ReturnLength	OPTIONAL
	)

NtQueryEaFile()

NTSYSAPI NTSTATUS NTAPI NtQueryEaFile	(	IN HANDLE	FileHandle,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		OUT PVOID	Buffer,
		IN ULONG	Length,
		IN BOOLEAN	ReturnSingleEntry,
		IN PVOID EaList	OPTIONAL,
		IN ULONG	EaListLength,
		IN PULONG EaIndex	OPTIONAL,
		IN BOOLEAN	RestartScan
	)

NtQueryEvent()

NTSYSAPI NTSTATUS NTAPI NtQueryEvent	(	IN HANDLE	EventHandle,
		IN EVENT_INFORMATION_CLASS	EventInfoClass,
		OUT PVOID	EventInfo,
		IN ULONG	Length,
		OUT PULONG ResultLength	OPTIONAL
	)

NtQueryInformationFile()

NTSYSAPI NTSTATUS NTAPI NtQueryInformationFile	(	IN HANDLE	FileHandle,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		OUT PVOID	FileInformation,
		IN ULONG	Length,
		IN FILE_INFORMATION_CLASS	FileInformationClass
	)

NtQueryInformationProcess()

NTSYSAPI NTSTATUS NTAPI NtQueryInformationProcess	(	IN HANDLE	ProcessHandle,
		IN PROCESSINFOCLASS	ProcessInformationClass,
		OUT PVOID	ProcessInformation,
		IN ULONG	ProcessInformationLength,
		OUT PULONG ReturnLength	OPTIONAL
	)

NtQueryInformationThread()

NTSYSAPI NTSTATUS NTAPI NtQueryInformationThread	(	IN HANDLE	ThreadHandle,
		IN THREADINFOCLASS	ThreadInformationClass,
		OUT PVOID	ThreadInformation,
		IN ULONG	ThreadInformationLength,
		OUT PULONG ReturnLength	OPTIONAL
	)

NtQueryInformationToken()

NTSYSAPI NTSTATUS NTAPI NtQueryInformationToken	(	IN HANDLE	TokenHandle,
		IN TOKEN_INFORMATION_CLASS	TokenInformationClass,
		OUT PVOID	TokenInformation,
		IN ULONG	TokenInformationLength,
		OUT PULONG	ReturnLength
	)

NtQueryKey()

NTSYSAPI NTSTATUS NTAPI NtQueryKey	(	IN HANDLE	KeyHandle,
		IN KEY_INFORMATION_CLASS	KeyInformationClass,
		OUT PVOID	KeyInformation,
		IN ULONG	Length,
		OUT PULONG	ResultLength
	)

NtQueryObject()

NTSYSAPI NTSTATUS NTAPI NtQueryObject	(	IN HANDLE	ObjectHandle,
		IN OBJECT_INFORMATION_CLASS	ObjectInformationClass,
		OUT PVOID	ObjectInformation,
		IN ULONG	Length,
		OUT PULONG ResultLength	OPTIONAL
	)

NtQuerySection()

NTSYSAPI NTSTATUS NTAPI NtQuerySection	(	IN HANDLE	SectionHandle,
		IN SECTION_INFORMATION_CLASS	SectionInformationClass,
		OUT PVOID	SectionInformation,
		IN ULONG	Length,
		OUT PULONG ResultLength	OPTIONAL
	)

NtQuerySecurityObject()

NTSYSAPI NTSTATUS NTAPI NtQuerySecurityObject	(	IN HANDLE	ObjectHandle,
		IN SECURITY_INFORMATION	SecurityInformation,
		OUT PSECURITY_DESCRIPTOR	SecurityDescriptor,
		IN ULONG	DescriptorLength,
		OUT PULONG	ReturnLength
	)

NtQuerySymbolicLinkObject()

NTSYSAPI NTSTATUS NTAPI NtQuerySymbolicLinkObject	(	IN HANDLE	SymbolicLinkHandle,
		OUT PUNICODE_STRING	NameString,
		OUT PULONG ResultLength	OPTIONAL
	)

NtQuerySystemInformation()

NTSYSAPI NTSTATUS NTAPI NtQuerySystemInformation	(	IN SYSTEM_INFORMATION_CLASS	SystemInformationClass,
		OUT PVOID	SystemInformation,
		IN ULONG	SystemInformationLength,
		OUT PULONG	ReturnLength
	)

NtQueryValueKey()

NTSYSAPI NTSTATUS NTAPI NtQueryValueKey	(	IN HANDLE	KeyHandle,
		IN PUNICODE_STRING	ValueName,
		IN KEY_VALUE_INFORMATION_CLASS	KeyValueInformationClass,
		OUT PVOID	KeyValueInformation,
		IN ULONG	Length,
		OUT PULONG	ResultLength
	)

NtQueryVolumeInformationFile()

NTSYSAPI NTSTATUS NTAPI NtQueryVolumeInformationFile	(	IN HANDLE	FileHandle,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		OUT PVOID	FsInformation,
		IN ULONG	Length,
		IN FS_INFORMATION_CLASS	FsInformationClass
	)

NtReadFile()

NTSYSAPI NTSTATUS NTAPI NtReadFile	(	IN HANDLE	FileHandle,
		IN HANDLE Event	OPTIONAL,
		IN PIO_APC_ROUTINE ApcRoutine	OPTIONAL,
		IN PVOID ApcContext	OPTIONAL,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		OUT PVOID	Buffer,
		IN ULONG	Length,
		IN PLARGE_INTEGER ByteOffset	OPTIONAL,
		IN PULONG Key	OPTIONAL
	)

NtReadVirtualMemory()

NTSYSAPI NTSTATUS NTAPI NtReadVirtualMemory	(	IN HANDLE	ProcessHandle,
		IN PVOID	BaseAddress,
		OUT PVOID	Buffer,
		IN ULONG	NumberOfBytesToRead,
		OUT PULONG NumberOfBytesRead	OPTIONAL
	)

NtReplyPort()

NTSYSAPI NTSTATUS NTAPI NtReplyPort	(	IN HANDLE	PortHandle,
		IN PPORT_MESSAGE	ReplyMessage
	)

NtReplyWaitReceivePort()

NTSYSAPI NTSTATUS NTAPI NtReplyWaitReceivePort	(	IN HANDLE	PortHandle,
		OUT PVOID *PortContext	OPTIONAL,
		IN PPORT_MESSAGE ReplyMessage	OPTIONAL,
		OUT PPORT_MESSAGE	ReceiveMessage
	)

NtReplyWaitReplyPort()

NTSYSAPI NTSTATUS NTAPI NtReplyWaitReplyPort	(	IN HANDLE	PortHandle,
		IN OUT PPORT_MESSAGE	ReplyMessage
	)

NtRequestPort()

NTSYSAPI NTSTATUS NTAPI NtRequestPort	(	IN HANDLE	PortHandle,
		IN PPORT_MESSAGE	RequestMessage
	)

NtRequestWaitReplyPort()

NTSYSAPI NTSTATUS NTAPI NtRequestWaitReplyPort	(	IN HANDLE	PortHandle,
		IN PPORT_MESSAGE	RequestMessage,
		OUT PPORT_MESSAGE	ReplyMessage
	)

NtResetEvent()

NTSYSAPI NTSTATUS NTAPI NtResetEvent	(	IN HANDLE	Handle,
		OUT PLONG PreviousState	OPTIONAL
	)

NtResumeProcess()

NTSYSCALLAPI NTSTATUS NTAPI NtResumeProcess

(

IN HANDLE

ProcessHandle

)

NtSetEaFile()

NTSYSAPI NTSTATUS NTAPI NtSetEaFile	(	IN HANDLE	FileHandle,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		IN PVOID	Buffer,
		IN ULONG	Length
	)

NtSetEvent()

NTSYSAPI NTSTATUS NTAPI NtSetEvent	(	IN HANDLE	Handle,
		OUT PLONG PreviousState	OPTIONAL
	)

NtSetInformationFile()

NTSYSAPI NTSTATUS NTAPI NtSetInformationFile	(	IN HANDLE	FileHandle,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		IN PVOID	FileInformation,
		IN ULONG	Length,
		IN FILE_INFORMATION_CLASS	FileInformationClass
	)

NtSetInformationObject()

NTSYSAPI NTSTATUS NTAPI NtSetInformationObject	(	IN HANDLE	ObjectHandle,
		IN OBJECT_INFORMATION_CLASS	ObjectInformationClass,
		IN PVOID	ObjectInformation,
		IN ULONG	Length
	)

NtSetInformationProcess()

NTSYSAPI NTSTATUS NTAPI NtSetInformationProcess	(	IN HANDLE	ProcessHandle,
		IN PROCESSINFOCLASS	ProcessInformationClass,
		IN PVOID	ProcessInformation,
		IN ULONG	ProcessInformationLength
	)

NtSetInformationToken()

NTSYSAPI NTSTATUS NTAPI NtSetInformationToken	(	IN HANDLE	TokenHandle,
		IN TOKEN_INFORMATION_CLASS	TokenInformationClass,
		IN PVOID	TokenInformation,
		IN ULONG	TokenInformationLength
	)

NtSetSecurityObject()

NTSYSAPI NTSTATUS NTAPI NtSetSecurityObject	(	IN HANDLE	ObjectHandle,
		IN SECURITY_INFORMATION	SecurityInformation,
		IN PSECURITY_DESCRIPTOR	SecurityDescriptor
	)

NtSetValueKey()

NTSYSAPI NTSTATUS NTAPI NtSetValueKey	(	IN HANDLE	KeyHandle,
		IN PUNICODE_STRING	ValueName,
		IN ULONG TitleIndex	OPTIONAL,
		IN ULONG	Type,
		IN PVOID	Data,
		IN ULONG	DataSize
	)

NtShutdownSystem()

NTSYSAPI NTSTATUS NTAPI NtShutdownSystem

(

IN SHUTDOWN_ACTION

Action

)

NtSuspendProcess()

NTSYSCALLAPI NTSTATUS NTAPI NtSuspendProcess

(

IN HANDLE

ProcessHandle

)

NtUnmapViewOfSection()

NTSYSAPI NTSTATUS NTAPI NtUnmapViewOfSection	(	IN HANDLE	ProcessHandle,
		IN PVOID	BaseAddress
	)

NtWaitForMultipleObjects()

NTSYSAPI NTSTATUS NTAPI NtWaitForMultipleObjects	(	IN ULONG	Count,
		IN HANDLE	Handle[],
		IN WAIT_TYPE	WaitType,
		IN BOOLEAN	Alertable,
		IN PLARGE_INTEGER Timeout	OPTIONAL
	)

NtWaitForSingleObject()

NTSYSAPI NTSTATUS NTAPI NtWaitForSingleObject	(	IN HANDLE	Handle,
		IN BOOLEAN	Alertable,
		IN PLARGE_INTEGER Timeout	OPTIONAL
	)

NtWriteFile()

NTSYSAPI NTSTATUS NTAPI NtWriteFile	(	IN HANDLE	FileHandle,
		IN HANDLE Event	OPTIONAL,
		IN PIO_APC_ROUTINE ApcRoutine	OPTIONAL,
		IN PVOID ApcContext	OPTIONAL,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		IN PVOID	Buffer,
		IN ULONG	Length,
		IN PLARGE_INTEGER ByteOffset	OPTIONAL,
		IN PULONG Key	OPTIONAL
	)

NtWriteVirtualMemory()

NTSYSAPI NTSTATUS NTAPI NtWriteVirtualMemory	(	IN HANDLE	ProcessHandle,
		IN PVOID	BaseAddress,
		IN PVOID	Buffer,
		IN ULONG	NumberOfBytesToWrite,
		OUT PULONG NumberOfBytesWritten	OPTIONAL
	)

RTL_GENERIC_COMPARE_RESULTS()

typedef RTL_GENERIC_COMPARE_RESULTS

(

NTAPI *

PRTL_GENERIC_COMPARE_ROUTINE

)

RtlAddAccessAllowedAce()

NTSYSAPI NTSTATUS NTAPI RtlAddAccessAllowedAce	(	IN OUT PACL	Acl,
		IN ULONG	AceRevision,
		IN ACCESS_MASK	AccessMask,
		IN PSID	Sid
	)

RtlAddAccessAllowedAceEx()

NTSYSAPI NTSTATUS NTAPI RtlAddAccessAllowedAceEx	(	IN OUT PACL	Acl,
		IN ULONG	AceRevision,
		IN ULONG	AceFlags,
		IN ULONG	AccessMask,
		IN PSID	Sid
	)

RtlAllocateAndInitializeSid()

NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid	(	IN PSID_IDENTIFIER_AUTHORITY	IdentifierAuthority,
		IN UCHAR	SubAuthorityCount,
		IN ULONG	SubAuthority0,
		IN ULONG	SubAuthority1,
		IN ULONG	SubAuthority2,
		IN ULONG	SubAuthority3,
		IN ULONG	SubAuthority4,
		IN ULONG	SubAuthority5,
		IN ULONG	SubAuthority6,
		IN ULONG	SubAuthority7,
		OUT PSID *	Sid
	)

RtlAllocateHandle()

NTSYSAPI PRTL_HANDLE_TABLE_ENTRY NTAPI RtlAllocateHandle	(	IN PRTL_HANDLE_TABLE	HandleTable,
		OUT PULONG HandleIndex	OPTIONAL
	)

RtlAllocateHeap()

NTSYSAPI PVOID NTAPI RtlAllocateHeap	(	IN HANDLE	HeapHandle,
		IN ULONG	Flags,
		IN ULONG	Size
	)

RtlAnsiStringToUnicodeString()

NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString	(	OUT PUNICODE_STRING	DestinationString,
		IN PANSI_STRING	SourceString,
		IN BOOLEAN	AllocateDestinationString
	)

RtlAppendUnicodeStringToString()

NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString	(	IN OUT PUNICODE_STRING	Destination,
		IN PUNICODE_STRING	Source
	)

RtlAppendUnicodeToString()

NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeToString	(	PUNICODE_STRING	Destination,
		PCWSTR	Source
	)

RtlCompactHeap()

NTSYSAPI ULONG NTAPI RtlCompactHeap	(	IN HANDLE	HeapHandle,
		IN ULONG	Flags
	)

RtlCompareUnicodeString()

NTSYSAPI LONG NTAPI RtlCompareUnicodeString	(	IN PUNICODE_STRING	String1,
		IN PUNICODE_STRING	String2,
		IN BOOLEAN	CaseInSensitive
	)

RtlCopyUnicodeString()

NTSYSAPI VOID NTAPI RtlCopyUnicodeString	(	OUT PUNICODE_STRING	DestinationString,
		IN PUNICODE_STRING	SourceString
	)

RtlCreateAcl()

NTSYSAPI NTSTATUS NTAPI RtlCreateAcl	(	IN PACL	Acl,
		IN ULONG	AclLength,
		IN ULONG	AclRevision
	)

RtlCreateEnvironment()

NTSYSAPI NTSTATUS NTAPI RtlCreateEnvironment	(	BOOLEAN	CloneCurrentEnvironment,
		PVOID *	Environment
	)

RtlCreateHeap()

NTSYSAPI HANDLE NTAPI RtlCreateHeap	(	IN ULONG	Flags,
		IN PVOID BaseAddress	OPTIONAL,
		IN ULONG	SizeToReserve,
		IN ULONG	SizeToCommit,
		IN BOOLEAN Lock	OPTIONAL,
		IN PRTL_HEAP_PARAMETERS Definition	OPTIONAL
	)

RtlCreateSecurityDescriptor()

NTSYSAPI NTSTATUS NTAPI RtlCreateSecurityDescriptor	(	IN PSECURITY_DESCRIPTOR	SecurityDescriptor,
		IN ULONG	Revision
	)

RtlCreateUnicodeString()

NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeString	(	OUT PUNICODE_STRING	DestinationString,
		IN PCWSTR	SourceString
	)

RtlCreateUnicodeStringFromAsciiz()

NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeStringFromAsciiz	(	OUT PUNICODE_STRING	Destination,
		IN PCSTR	Source
	)

RtlDeleteCriticalSection()

NTSYSAPI NTSTATUS NTAPI RtlDeleteCriticalSection

(

IN PRTL_CRITICAL_SECTION

CriticalSection

)

RtlDestroyEnvironment()

NTSYSAPI NTSTATUS NTAPI RtlDestroyEnvironment

(

PVOID

Environment

)

RtlDestroyHeap()

NTSYSAPI ULONG NTAPI RtlDestroyHeap

(

IN HANDLE

HeapHandle

)

RtlDosPathNameToNtPathName_U()

NTSYSAPI BOOLEAN NTAPI RtlDosPathNameToNtPathName_U	(	IN PWSTR	DosPathName,
		OUT PUNICODE_STRING	NtPathName,
		OUT PWSTR *NtFileNamePart	OPTIONAL,
		OUT PCURDIR DirectoryInfo	OPTIONAL
	)

RtlDowncaseUnicodeString()

NTSYSAPI NTSTATUS NTAPI RtlDowncaseUnicodeString	(	OUT PUNICODE_STRING	DestinationString,
		IN PUNICODE_STRING	SourceString,
		IN BOOLEAN	AllocateDestinationString
	)

RtlDuplicateUnicodeString()

NTSYSAPI NTSTATUS NTAPI RtlDuplicateUnicodeString	(	IN BOOLEAN	AllocateNew,
		IN PUNICODE_STRING	SourceString,
		OUT PUNICODE_STRING	TargetString
	)

RtlEnterCriticalSection()

NTSYSAPI NTSTATUS NTAPI RtlEnterCriticalSection

(

IN PRTL_CRITICAL_SECTION

CriticalSection

)

RtlEnumerateGenericTableWithoutSplaying()

NTSYSAPI PVOID NTAPI RtlEnumerateGenericTableWithoutSplaying	(	IN PRTL_GENERIC_TABLE	Table,
		IN PVOID *	RestartKey
	)

RtlEqualSid()

NTSYSAPI BOOLEAN NTAPI RtlEqualSid	(	IN PSID	Sid1,
		IN PSID	Sid2
	)

RtlEqualUnicodeString()

NTSYSAPI BOOLEAN NTAPI RtlEqualUnicodeString	(	IN PUNICODE_STRING	String1,
		IN PUNICODE_STRING	String2,
		IN BOOLEAN	CaseInSensitive
	)

RtlFormatCurrentUserKeyPath()

NTSYSAPI NTSTATUS NTAPI RtlFormatCurrentUserKeyPath

(

OUT PUNICODE_STRING

CurrentUserKeyPath

)

RtlFreeAnsiString()

NTSYSAPI VOID NTAPI RtlFreeAnsiString

(

IN PANSI_STRING

AnsiString

)

RtlFreeHandle()

NTSYSAPI BOOLEAN NTAPI RtlFreeHandle	(	IN PRTL_HANDLE_TABLE	HandleTable,
		IN PRTL_HANDLE_TABLE_ENTRY	Handle
	)

RtlFreeHeap()

NTSYSAPI BOOLEAN NTAPI RtlFreeHeap	(	IN HANDLE	HeapHandle,
		IN ULONG	Flags,
		IN PVOID	Address
	)

RtlFreeSid()

NTSYSAPI PVOID NTAPI RtlFreeSid

(

IN PSID

Sid

)

RtlFreeUnicodeString()

NTSYSAPI VOID NTAPI RtlFreeUnicodeString

(

IN PUNICODE_STRING

UnicodeString

)

RtlGetCallersAddress()

NTSYSAPI VOID NTAPI RtlGetCallersAddress	(	OUT PVOID *	CallersAddress,
		OUT PVOID *	CallersCaller
	)

RtlGetLastNtStatus()

NTSYSAPI NTSTATUS NTAPI RtlGetLastNtStatus

(

)

RtlGetLastWin32Error()

NTSYSAPI ULONG NTAPI RtlGetLastWin32Error

(

)

RtlGUIDFromString()

NTSYSAPI NTSTATUS NTAPI RtlGUIDFromString	(	IN PUNICODE_STRING	GuidString,
		OUT GUID *	Guid
	)

RtlImageDirectoryEntryToData()

NTSYSAPI PVOID NTAPI RtlImageDirectoryEntryToData	(	IN PVOID	Base,
		IN BOOLEAN	MappedAsImage,
		IN USHORT	DirectoryEntry,
		OUT PULONG	Size
	)

RtlImageNtHeader()

NTSYSAPI PVOID NTAPI RtlImageNtHeader

(

IN PVOID

BaseAddress

)

RtlInitAnsiString()

NTSYSAPI VOID NTAPI RtlInitAnsiString	(	OUT PANSI_STRING	DestinationString,
		IN PCHAR	SourceString
	)

RtlInitializeCriticalSection()

NTSYSAPI NTSTATUS NTAPI RtlInitializeCriticalSection

(

IN PRTL_CRITICAL_SECTION

CriticalSection

)

RtlInitializeGenericTable()

NTSYSAPI VOID NTAPI RtlInitializeGenericTable	(	IN PRTL_GENERIC_TABLE	Table,
		IN PRTL_GENERIC_COMPARE_ROUTINE	CompareRoutine,
		IN PRTL_GENERIC_ALLOCATE_ROUTINE	AllocateRoutine,
		IN PRTL_GENERIC_FREE_ROUTINE	FreeRoutine,
		IN PVOID	TableContext
	)

RtlInitializeHandleTable()

NTSYSAPI VOID NTAPI RtlInitializeHandleTable	(	IN ULONG	MaximumNumberOfHandles,
		IN ULONG	SizeOfHandleTableEntry,
		OUT PRTL_HANDLE_TABLE	HandleTable
	)

RtlInitUnicodeString()

NTSYSAPI VOID NTAPI RtlInitUnicodeString	(	PUNICODE_STRING	DestinationString,
		PCWSTR	SourceString
	)

RtlInsertElementGenericTable()

NTSYSAPI PVOID NTAPI RtlInsertElementGenericTable	(	IN PRTL_GENERIC_TABLE	Table,
		IN PVOID	Buffer,
		IN LONG	BufferSize,
		OUT PBOOLEAN NewElement	OPTIONAL
	)

RtlIntegerToUnicodeString()

NTSYSAPI NTSTATUS NTAPI RtlIntegerToUnicodeString	(	IN ULONG	Value,
		IN ULONG Base	OPTIONAL,
		IN OUT PUNICODE_STRING	String
	)

RtlIsGenericTableEmpty()

NTSYSAPI BOOLEAN NTAPI RtlIsGenericTableEmpty

(

IN PRTL_GENERIC_TABLE

Table

)

RtlIsValidIndexHandle()

NTSYSAPI BOOLEAN NTAPI RtlIsValidIndexHandle	(	IN PRTL_HANDLE_TABLE	HandleTable,
		IN ULONG	HandleIndex,
		OUT PRTL_HANDLE_TABLE_ENTRY *	Handle
	)

RtlLeaveCriticalSection()

NTSYSAPI NTSTATUS NTAPI RtlLeaveCriticalSection

(

IN PRTL_CRITICAL_SECTION

CriticalSection

)

RtlLengthSid()

NTSYSAPI ULONG NTAPI RtlLengthSid

(

IN PSID

Sid

)

RtlLockHeap()

NTSYSAPI BOOLEAN NTAPI RtlLockHeap

(

IN HANDLE

HeapHandle

)

RtlLookupElementGenericTable()

NTSYSAPI PVOID NTAPI RtlLookupElementGenericTable	(	IN PRTL_GENERIC_TABLE	Table,
		IN PVOID	Buffer
	)

RtlNtStatusToDosError()

NTSYSAPI ULONG NTAPI RtlNtStatusToDosError

(

NTSTATUS

Status

)

RtlNtStatusToDosErrorNoTeb()

NTSYSAPI ULONG NTAPI RtlNtStatusToDosErrorNoTeb

(

NTSTATUS

Status

)

RtlOpenCurrentUser()

NTSYSAPI NTSTATUS NTAPI RtlOpenCurrentUser	(	IN ULONG	DesiredAccess,
		OUT PHANDLE	CurrentUserKey
	)

RtlPrefixUnicodeString()

NTSYSAPI BOOLEAN NTAPI RtlPrefixUnicodeString	(	IN PUNICODE_STRING	String1,
		IN PUNICODE_STRING	String2,
		IN BOOLEAN	CaseInSensitive
	)

RtlQueryEnvironmentVariable_U()

NTSYSAPI NTSTATUS NTAPI RtlQueryEnvironmentVariable_U	(	PVOID	Environment,
		PUNICODE_STRING	Name,
		PUNICODE_STRING	Value
	)

RtlQueryRegistryValues()

NTSYSAPI NTSTATUS NTAPI RtlQueryRegistryValues	(	IN ULONG	RelativeTo,
		IN PCWSTR	Path,
		IN PRTL_QUERY_REGISTRY_TABLE	QueryTable,
		IN PVOID	Context,
		IN PVOID Environment	OPTIONAL
	)

RtlRaiseStatus()

NTSYSAPI VOID NTAPI RtlRaiseStatus

(

IN NTSTATUS

Status

)

RtlRandom()

NTSYSAPI ULONG NTAPI RtlRandom

(

IN OUT PULONG

Seed

)

RtlReAllocateHeap()

NTSYSAPI PVOID NTAPI RtlReAllocateHeap	(	IN HANDLE	HeapHandle,
		IN ULONG	Flags,
		IN PVOID	Address,
		IN ULONG	Size
	)

RtlSetDaclSecurityDescriptor()

NTSYSAPI NTSTATUS NTAPI RtlSetDaclSecurityDescriptor	(	IN PSECURITY_DESCRIPTOR	SecurityDescriptor,
		IN BOOLEAN	DaclPresent,
		IN PACL Dacl	OPTIONAL,
		IN BOOLEAN DaclDefaulted	OPTIONAL
	)

RtlSetEnvironmentVariable()

NTSYSAPI NTSTATUS NTAPI RtlSetEnvironmentVariable	(	PVOID *	Environment,
		PUNICODE_STRING	Name,
		PUNICODE_STRING	Value
	)

RtlSetLastWin32Error()

NTSYSAPI VOID NTAPI RtlSetLastWin32Error

(

ULONG

WinError

)

RtlSetLastWin32ErrorAndNtStatusFromNtStatus()

NTSYSAPI VOID NTAPI RtlSetLastWin32ErrorAndNtStatusFromNtStatus

(

NTSTATUS

Status

)

RtlSetOwnerSecurityDescriptor()

NTSYSAPI NTSTATUS NTAPI RtlSetOwnerSecurityDescriptor	(	IN PSECURITY_DESCRIPTOR	SecurityDescriptor,
		IN PSID Owner	OPTIONAL,
		IN BOOLEAN OwnerDefaulted	OPTIONAL
	)

RtlSizeHeap()

NTSYSAPI ULONG NTAPI RtlSizeHeap	(	IN HANDLE	HeapHandle,
		IN ULONG	Flags,
		IN PVOID	Address
	)

RtlStringFromGUID()

NTSYSAPI NTSTATUS NTAPI RtlStringFromGUID	(	IN REFGUID	Guid,
		OUT PUNICODE_STRING	GuidString
	)

RtlTryEnterCriticalSection()

NTSYSAPI BOOL NTAPI RtlTryEnterCriticalSection

(

IN PRTL_CRITICAL_SECTION

CriticalSection

)

RtlUnicodeStringToAnsiString()

NTSYSAPI NTSTATUS NTAPI RtlUnicodeStringToAnsiString	(	OUT PANSI_STRING	DestinationString,
		IN PUNICODE_STRING	SourceString,
		IN BOOLEAN	AllocateDestinationString
	)

RtlUnicodeStringToInteger()

NTSYSAPI NTSTATUS NTAPI RtlUnicodeStringToInteger	(	IN PUNICODE_STRING	String,
		IN ULONG Base	OPTIONAL,
		OUT PULONG	Value
	)

RtlUnlockHeap()

NTSYSAPI BOOLEAN NTAPI RtlUnlockHeap

(

IN HANDLE

HeapHandle

)

RtlUpcaseUnicodeString()

NTSYSAPI NTSTATUS NTAPI RtlUpcaseUnicodeString	(	OUT PUNICODE_STRING	DestinationString,
		IN PUNICODE_STRING	SourceString,
		IN BOOLEAN	AllocateDestinationString
	)

RtlValidateHeap()

NTSYSAPI BOOLEAN NTAPI RtlValidateHeap	(	IN HANDLE	HeapHandle,
		IN ULONG	Flags,
		IN PVOID Address	OPTIONAL
	)

ZwAllocateVirtualMemory()

NTSYSAPI NTSTATUS NTAPI ZwAllocateVirtualMemory	(	IN HANDLE	ProcessHandle,
		IN OUT PVOID *	BaseAddress,
		IN ULONG	ZeroBits,
		IN OUT PULONG	RegionSize,
		IN ULONG	AllocationType,
		IN ULONG	Protect
	)

ZwCancelIoFile()

NTSYSAPI NTSTATUS NTAPI ZwCancelIoFile	(	IN HANDLE	Filehandle,
		OUT PIO_STATUS_BLOCK	IoStatusBlock
	)

ZwClearEvent()

NTSYSAPI NTSTATUS NTAPI ZwClearEvent

(

IN HANDLE

Handle

)

ZwClose()

NTSYSAPI NTSTATUS NTAPI ZwClose

(

IN HANDLE

Handle

)

ZwCompleteConnectPort()

NTSYSAPI NTSTATUS NTAPI ZwCompleteConnectPort

(

IN HANDLE

PortHandle

)

ZwConnectPort()

NTSYSAPI NTSTATUS NTAPI ZwConnectPort	(	OUT PHANDLE	PortHandle,
		IN PUNICODE_STRING	PortName,
		IN PSECURITY_QUALITY_OF_SERVICE	SecurityQos,
		IN OUT PPORT_VIEW ClientView	OPTIONAL,
		OUT PREMOTE_PORT_VIEW ServerView	OPTIONAL,
		OUT PULONG MaxMessageLength	OPTIONAL,
		IN OUT PVOID ConnectionInformation	OPTIONAL,
		IN OUT PULONG ConnectionInformationLength	OPTIONAL
	)

ZwCreateEvent()

NTSYSAPI NTSTATUS NTAPI ZwCreateEvent	(	OUT PHANDLE	EventHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES ObjectAttributes	OPTIONAL,
		IN EVENT_TYPE	EventType,
		IN BOOLEAN	InitialState
	)

ZwCreateFile()

NTSYSAPI NTSTATUS NTAPI ZwCreateFile	(	OUT PHANDLE	FileHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES	ObjectAttributes,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		IN PLARGE_INTEGER	AllocationSize,
		IN ULONG	FileAttributes,
		IN ULONG	ShareAccess,
		IN ULONG	CreateDisposition,
		IN ULONG	CreateOptions,
		IN PVOID	EaBuffer,
		IN ULONG	EaLength
	)

ZwCreateSection()

NTSYSAPI NTSTATUS NTAPI ZwCreateSection	(	OUT PHANDLE	SectionHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES ObjectAttributes	OPTIONAL,
		IN PLARGE_INTEGER MaximumSize	OPTIONAL,
		IN ULONG	SectionPageProtection,
		IN ULONG	AllocationAttributes,
		IN HANDLE FileHandle	OPTIONAL
	)

ZwDeleteFile()

NTSYSAPI NTSTATUS NTAPI ZwDeleteFile

(

IN POBJECT_ATTRIBUTES

ObjectAttributes

)

ZwDeviceIoControlFile()

NTSYSAPI NTSTATUS NTAPI ZwDeviceIoControlFile	(	IN HANDLE	FileHandle,
		IN HANDLE	Event,
		IN PIO_APC_ROUTINE	ApcRoutine,
		IN PVOID	ApcContext,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		IN ULONG	IoControlCode,
		IN PVOID	InputBuffer,
		IN ULONG	InputBufferLength,
		IN PVOID	OutputBuffer,
		IN ULONG	OutputBufferLength
	)

ZwExtendSection()

NTSYSAPI NTSTATUS NTAPI ZwExtendSection	(	IN HANDLE	SectionHandle,
		IN OUT PLARGE_INTEGER	SectionSize
	)

ZwFlushBuffersFile()

NTSYSAPI NTSTATUS NTAPI ZwFlushBuffersFile	(	IN HANDLE	FileHandle,
		OUT PIO_STATUS_BLOCK	IoStatusBlock
	)

ZwFreeVirtualMemory()

NTSYSAPI NTSTATUS NTAPI ZwFreeVirtualMemory	(	IN HANDLE	ProcessHandle,
		IN OUT PVOID *	BaseAddress,
		IN OUT PULONG	RegionSize,
		IN ULONG	FreeType
	)

ZwMapViewOfSection()

NTSYSAPI NTSTATUS NTAPI ZwMapViewOfSection	(	IN HANDLE	SectionHandle,
		IN HANDLE	ProcessHandle,
		IN OUT PVOID *	BaseAddress,
		IN ULONG_PTR	ZeroBits,
		IN SIZE_T	CommitSize,
		IN OUT PLARGE_INTEGER SectionOffset	OPTIONAL,
		IN OUT PSIZE_T	ViewSize,
		IN SECTION_INHERIT	InheritDisposition,
		IN ULONG	AllocationType,
		IN ULONG	Protect
	)

ZwOpenEvent()

NTSYSAPI NTSTATUS NTAPI ZwOpenEvent	(	OUT PHANDLE	EventHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES	ObjectAttributes
	)

ZwOpenFile()

NTSYSAPI NTSTATUS NTAPI ZwOpenFile	(	OUT PHANDLE	FileHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES	ObjectAttributes,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		IN ULONG	ShareAccess,
		IN ULONG	OpenOptions
	)

ZwOpenSection()

NTSYSAPI NTSTATUS NTAPI ZwOpenSection	(	OUT PHANDLE	SectionHandle,
		IN ACCESS_MASK	DesiredAccess,
		IN POBJECT_ATTRIBUTES	ObjectAttributes
	)

ZwPulseEvent()

NTSYSAPI NTSTATUS NTAPI ZwPulseEvent	(	IN HANDLE	Handle,
		OUT PLONG PreviousState	OPTIONAL
	)

ZwQueryDirectoryFile()

NTSYSAPI NTSTATUS NTAPI ZwQueryDirectoryFile	(	IN HANDLE	FileHandle,
		IN HANDLE Event	OPTIONAL,
		IN PIO_APC_ROUTINE ApcRoutine	OPTIONAL,
		IN PVOID ApcContext	OPTIONAL,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		OUT PVOID	FileInformation,
		IN ULONG	Length,
		IN FILE_INFORMATION_CLASS	FileInformationClass,
		IN BOOLEAN	ReturnSingleEntry,
		IN PUNICODE_STRING FileName	OPTIONAL,
		IN BOOLEAN	RestartScan
	)

ZwQueryEaFile()

NTSYSAPI NTSTATUS NTAPI ZwQueryEaFile	(	IN HANDLE	FileHandle,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		OUT PVOID	Buffer,
		IN ULONG	Length,
		IN BOOLEAN	ReturnSingleEntry,
		IN PVOID EaList	OPTIONAL,
		IN ULONG	EaListLength,
		IN PULONG EaIndex	OPTIONAL,
		IN BOOLEAN	RestartScan
	)

ZwQueryEvent()

NTSYSAPI NTSTATUS NTAPI ZwQueryEvent	(	IN HANDLE	EventHandle,
		IN EVENT_INFORMATION_CLASS	EventInfoClass,
		OUT PVOID	EventInfo,
		IN ULONG	Length,
		OUT PULONG ResultLength	OPTIONAL
	)

ZwQueryInformationFile()

NTSYSAPI NTSTATUS NTAPI ZwQueryInformationFile	(	IN HANDLE	FileHandle,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		OUT PVOID	FileInformation,
		IN ULONG	Length,
		IN FILE_INFORMATION_CLASS	FileInformationClass
	)

ZwQuerySection()

NTSYSAPI NTSTATUS NTAPI ZwQuerySection	(	IN HANDLE	SectionHandle,
		IN SECTION_INFORMATION_CLASS	SectionInformationClass,
		OUT PVOID	SectionInformation,
		IN ULONG	Length,
		OUT PULONG ResultLength	OPTIONAL
	)

ZwQueryVolumeInformationFile()

NTSYSAPI NTSTATUS NTAPI ZwQueryVolumeInformationFile	(	IN HANDLE	FileHandle,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		OUT PVOID	FsInformation,
		IN ULONG	Length,
		IN FS_INFORMATION_CLASS	FsInformationClass
	)

ZwReadFile()

NTSYSAPI NTSTATUS NTAPI ZwReadFile	(	IN HANDLE	FileHandle,
		IN HANDLE Event	OPTIONAL,
		IN PIO_APC_ROUTINE ApcRoutine	OPTIONAL,
		IN PVOID ApcContext	OPTIONAL,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		OUT PVOID	Buffer,
		IN ULONG	Length,
		IN PLARGE_INTEGER ByteOffset	OPTIONAL,
		IN PULONG Key	OPTIONAL
	)

ZwRequestWaitReplyPort()

NTSYSAPI NTSTATUS NTAPI ZwRequestWaitReplyPort	(	IN HANDLE	PortHandle,
		IN PPORT_MESSAGE	RequestMessage,
		OUT PPORT_MESSAGE	ReplyMessage
	)

ZwResetEvent()

NTSYSAPI NTSTATUS NTAPI ZwResetEvent	(	IN HANDLE	Handle,
		OUT PLONG PreviousState	OPTIONAL
	)

ZwSetEaFile()

NTSYSAPI NTSTATUS NTAPI ZwSetEaFile	(	IN HANDLE	FileHandle,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		IN PVOID	Buffer,
		IN ULONG	Length
	)

ZwSetEvent()

NTSYSAPI NTSTATUS NTAPI ZwSetEvent	(	IN HANDLE	Handle,
		OUT PLONG PreviousState	OPTIONAL
	)

ZwSetInformationFile()

NTSYSAPI NTSTATUS NTAPI ZwSetInformationFile	(	IN HANDLE	FileHandle,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		IN PVOID	FileInformation,
		IN ULONG	Length,
		IN FILE_INFORMATION_CLASS	FileInformationClass
	)

ZwUnmapViewOfSection()

NTSYSAPI NTSTATUS NTAPI ZwUnmapViewOfSection	(	IN HANDLE	ProcessHandle,
		IN PVOID	BaseAddress
	)

ZwWaitForMultipleObjects()

NTSYSAPI NTSTATUS NTAPI ZwWaitForMultipleObjects	(	IN ULONG	Count,
		IN HANDLE	Handle[],
		IN WAIT_TYPE	WaitType,
		IN BOOLEAN	Alertable,
		IN PLARGE_INTEGER Timeout	OPTIONAL
	)

ZwWaitForSingleObject()

NTSYSAPI NTSTATUS NTAPI ZwWaitForSingleObject	(	IN HANDLE	Handle,
		IN BOOLEAN	Alertable,
		IN PLARGE_INTEGER Timeout	OPTIONAL
	)

ZwWriteFile()

NTSYSAPI NTSTATUS NTAPI ZwWriteFile	(	IN HANDLE	FileHandle,
		IN HANDLE Event	OPTIONAL,
		IN PIO_APC_ROUTINE ApcRoutine	OPTIONAL,
		IN PVOID ApcContext	OPTIONAL,
		OUT PIO_STATUS_BLOCK	IoStatusBlock,
		IN PVOID	Buffer,
		IN ULONG	Length,
		IN PLARGE_INTEGER ByteOffset	OPTIONAL,
		IN PULONG Key	OPTIONAL
	)