//转自看雪,可以作为一个头文件使用,方便快捷
1 NTSTATUS 2 NTAPI 3 NtAcceptConnectPort( 4 OUT PHANDLE PortHandle, 5 IN PVOID PortIdentifier, 6 IN PPORT_MESSAGE Message, 7 IN BOOLEAN Accept, 8 IN OUT PPORT_VIEW ServerView OPTIONAL, 9 OUT PREMOTE_PORT_VIEW ClientView OPTIONAL 10 ); 11 12 NTSTATUS 13 NTAPI 14 NtAccessCheck( 15 IN PSECURITY_DESCRIPTOR SecurityDescriptor, 16 IN HANDLE TokenHandle, 17 IN ACCESS_MASK DesiredAccess, 18 IN PGENERIC_MAPPING GenericMapping, 19 OUT PPRIVILEGE_SET PrivilegeSet, 20 IN PULONG PrivilegeSetLength, 21 OUT PACCESS_MASK GrantedAccess, 22 OUT PBOOLEAN AccessStatus 23 ); 24 25 NTSYSAPI 26 NTSTATUS 27 NTAPI 28 NtAccessCheckAndAuditAlarm( 29 IN PUNICODE_STRING SubsystemName, 30 IN PVOID HandleId, 31 IN PUNICODE_STRING ObjectTypeName, 32 IN PUNICODE_STRING ObjectName, 33 IN PSECURITY_DESCRIPTOR SecurityDescriptor, 34 IN ACCESS_MASK DesiredAccess, 35 IN PGENERIC_MAPPING GenericMapping, 36 IN BOOLEAN ObjectCreation, 37 OUT PACCESS_MASK GrantedAccess, 38 OUT PBOOLEAN AccessStatus, 39 OUT PBOOLEAN GenerateOnClose 40 ); 41 42 NTSYSAPI 43 NTSTATUS 44 NTAPI 45 NtAccessCheckByType( 46 IN PSECURITY_DESCRIPTOR SecurityDescriptor, 47 IN PSID PrincipalSelfSid, 48 IN HANDLE TokenHandle, 49 IN ULONG DesiredAccess, 50 IN POBJECT_TYPE_LIST ObjectTypeList, 51 IN ULONG ObjectTypeListLength, 52 IN PGENERIC_MAPPING GenericMapping, 53 IN PPRIVILEGE_SET PrivilegeSet, 54 IN PULONG PrivilegeSetLength, 55 OUT PACCESS_MASK GrantedAccess, 56 OUT PULONG AccessStatus 57 ); 58 59 NTSYSAPI 60 NTSTATUS 61 NTAPI 62 NtAccessCheckByTypeAndAuditAlarm( 63 IN PUNICODE_STRING SubsystemName, 64 IN PVOID HandleId, 65 IN PUNICODE_STRING ObjectTypeName, 66 IN PUNICODE_STRING ObjectName, 67 IN PSECURITY_DESCRIPTOR SecurityDescriptor, 68 IN PSID PrincipalSelfSid, 69 IN ACCESS_MASK DesiredAccess, 70 IN AUDIT_EVENT_TYPE AuditType, 71 IN ULONG Flags, 72 IN POBJECT_TYPE_LIST ObjectTypeList, 73 IN ULONG ObjectTypeListLength, 74 IN PGENERIC_MAPPING GenericMapping, 75 IN BOOLEAN ObjectCreation, 76 OUT PACCESS_MASK GrantedAccess, 77 OUT PULONG AccessStatus, 78 OUT PBOOLEAN GenerateOnClose 79 ); 80 81 NTSYSAPI 82 NTSTATUS 83 NTAPI 84 NtAccessCheckByTypeResultList( 85 IN PSECURITY_DESCRIPTOR SecurityDescriptor, 86 IN PSID PrincipalSelfSid, 87 IN HANDLE TokenHandle, 88 IN ACCESS_MASK DesiredAccess, 89 IN POBJECT_TYPE_LIST ObjectTypeList, 90 IN ULONG ObjectTypeListLength, 91 IN PGENERIC_MAPPING GenericMapping, 92 IN PPRIVILEGE_SET PrivilegeSet, 93 IN PULONG PrivilegeSetLength, 94 OUT PACCESS_MASK GrantedAccessList, 95 OUT PULONG AccessStatusList 96 ); 97 98 NTSYSAPI 99 NTSTATUS 100 NTAPI 101 NtAccessCheckByTypeResultListAndAuditAlarm( 102 IN PUNICODE_STRING SubsystemName, 103 IN PVOID HandleId, 104 IN PUNICODE_STRING ObjectTypeName, 105 IN PUNICODE_STRING ObjectName, 106 IN PSECURITY_DESCRIPTOR SecurityDescriptor, 107 IN PSID PrincipalSelfSid, 108 IN ACCESS_MASK DesiredAccess, 109 IN AUDIT_EVENT_TYPE AuditType, 110 IN ULONG Flags, 111 IN POBJECT_TYPE_LIST ObjectTypeList, 112 IN ULONG ObjectTypeListLength, 113 IN PGENERIC_MAPPING GenericMapping, 114 IN BOOLEAN ObjectCreation, 115 OUT PACCESS_MASK GrantedAccessList, 116 OUT PULONG AccessStatusList, 117 OUT PULONG GenerateOnClose 118 ); 119 120 NTSYSAPI 121 NTSTATUS 122 NTAPI 123 NtAccessCheckByTypeResultListAndAuditAlarmByHandle( 124 IN PUNICODE_STRING SubsystemName, 125 IN PVOID HandleId, 126 IN HANDLE TokenHandle, 127 IN PUNICODE_STRING ObjectTypeName, 128 IN PUNICODE_STRING ObjectName, 129 IN PSECURITY_DESCRIPTOR SecurityDescriptor, 130 IN PSID PrincipalSelfSid, 131 IN ACCESS_MASK DesiredAccess, 132 IN AUDIT_EVENT_TYPE AuditType, 133 IN ULONG Flags, 134 IN POBJECT_TYPE_LIST ObjectTypeList, 135 IN ULONG ObjectTypeListLength, 136 IN PGENERIC_MAPPING GenericMapping, 137 IN BOOLEAN ObjectCreation, 138 OUT PACCESS_MASK GrantedAccessList, 139 OUT PULONG AccessStatusList, 140 OUT PULONG GenerateOnClose 141 ); 142 143 NTSYSAPI 144 NTSTATUS 145 NTAPI 146 NtAddAtom( 147 IN PWSTR String, 148 IN ULONG StringLength, 149 OUT PUSHORT Atom 150 ); 151 152 NTSYSAPI 153 NTSTATUS 154 NTAPI 155 NtAddBootEntry( 156 IN PUNICODE_STRING EntryName, 157 IN PUNICODE_STRING EntryValue 158 ); 159 160 NTSYSAPI 161 NTSTATUS 162 NTAPI 163 NtAddDriverEntry( 164 IN PUNICODE_STRING DriverName, 165 IN PUNICODE_STRING DriverPath 166 ); 167 168 NTSYSAPI 169 NTSTATUS 170 NTAPI 171 NtAdjustGroupsToken( 172 IN HANDLE TokenHandle, 173 IN BOOLEAN ResetToDefault, 174 IN PTOKEN_GROUPS NewState, 175 IN ULONG BufferLength, 176 OUT PTOKEN_GROUPS PreviousState OPTIONAL, 177 OUT PULONG ReturnLength 178 ); 179 180 NTSYSAPI 181 NTSTATUS 182 NTAPI 183 NtAdjustPrivilegesToken( 184 IN HANDLE TokenHandle, 185 IN BOOLEAN DisableAllPrivileges, 186 IN PTOKEN_PRIVILEGES NewState, 187 IN ULONG BufferLength, 188 OUT PTOKEN_PRIVILEGES PreviousState OPTIONAL, 189 OUT PULONG ReturnLength OPTIONAL 190 ); 191 192 NTSYSAPI 193 NTSTATUS 194 NTAPI 195 NtAlertResumeThread( 196 IN HANDLE ThreadHandle, 197 OUT PULONG PreviousSuspendCount OPTIONAL 198 ); 199 200 NTSYSAPI 201 NTSTATUS 202 NTAPI 203 NtAllocateLocallyUniqueId( 204 OUT PLUID Luid 205 ); 206 207 NTSYSAPI 208 NTSTATUS 209 NTAPI 210 NtAllocateUserPhysicalPages( 211 IN HANDLE ProcessHandle, 212 IN PULONG NumberOfPages, 213 OUT PULONG PageFrameNumbers 214 ); 215 216 NTSYSAPI 217 NTSTATUS 218 NTAPI 219 NtAllocateUuids( 220 OUT PLARGE_INTEGER UuidLastTimeAllocated, 221 OUT PULONG UuidDeltaTime, 222 OUT PULONG UuidSequenceNumber, 223 OUT PUCHAR UuidSeed 224 ); 225 NTSYSAPI 226 NTSTATUS 227 NTAPI 228 NtAllocateVirtualMemory( 229 IN HANDLE ProcessHandle, 230 IN OUT PVOID *BaseAddress, 231 IN ULONG ZeroBits, 232 IN OUT PULONG AllocationSize, 233 IN ULONG AllocationType, 234 IN ULONG Protect 235 ); 236 237 NTSYSAPI 238 NTSTATUS 239 NTAPI 240 NtApphelpCacheControl( 241 IN APPHELPCACHECONTROL ApphelpCacheControl, 242 IN PUNICODE_STRING ApphelpCacheObject 243 ); 244 245 NTSYSAPI 246 NTSTATUS 247 NTAPI 248 NtAreMappedFilesTheSame( 249 IN PVOID Address1, 250 IN PVOID Address2 251 ); 252 253 NTSYSAPI 254 NTSTATUS 255 NTAPI 256 NtAssignProcessToJobObject( 257 IN HANDLE JobHandle, 258 IN HANDLE ProcessHandle 259 ); 260 261 NTSYSAPI 262 NTSTATUS 263 NTAPI 264 NtCallbackReturn( 265 IN PVOID Result OPTIONAL, 266 IN ULONG ResultLength, 267 IN NTSTATUS Status 268 ); 269 270 NTSYSAPI 271 NTSTATUS 272 NTAPI 273 NtCancelDeviceWakeupRequest( 274 IN HANDLE DeviceHandle 275 ); 276 277 NTSYSAPI 278 NTSTATUS 279 NTAPI 280 NtCancelIoFile( 281 IN HANDLE FileHandle, 282 OUT PIO_STATUS_BLOCK IoStatusBlock 283 ); 284 285 NTSYSAPI 286 NTSTATUS 287 NTAPI 288 NtCancelTimer( 289 IN HANDLE TimerHandle, 290 OUT PBOOLEAN PreviousState OPTIONAL 291 ); 292 293 NTSYSAPI 294 NTSTATUS 295 NTAPI 296 NtClearEvent( 297 IN HANDLE EventHandle 298 ); 299 300 NTSYSAPI 301 NTSTATUS 302 NTAPI 303 NtClose( 304 IN HANDLE Handle 305 ); 306 307 NTSYSAPI 308 NTSTATUS 309 NTAPI 310 NtCloseObjectAuditAlarm( 311 IN PUNICODE_STRING SubsystemName, 312 IN PVOID HandleId, 313 IN BOOLEAN GenerateOnClose 314 ); 315 316 NTSYSAPI 317 NTSTATUS 318 NTAPI 319 NtCompactKeys( 320 IN ULONG Length, 321 IN HANDLE Key 322 ); 323 324 NTSYSAPI 325 NTSTATUS 326 NTAPI 327 NtCompareTokens( 328 IN HANDLE FirstTokenHandle, 329 IN HANDLE SecondTokenHandle, 330 OUT PBOOLEAN IdenticalTokens 331 ); 332 333 NTSYSAPI 334 NTSTATUS 335 NTAPI 336 NtCompleteConnectPort( 337 IN HANDLE PortHandle 338 ); 339 340 NTSYSAPI 341 NTSTATUS 342 NTAPI 343 NtCompressKey( 344 IN HANDLE Key 345 ); 346 347 NTSYSAPI 348 NTSTATUS 349 NTAPI 350 NtConnectPort( 351 OUT PHANDLE PortHandle, 352 IN PUNICODE_STRING PortName, 353 IN PSECURITY_QUALITY_OF_SERVICE SecurityQos, 354 IN OUT PPORT_VIEW ClientView OPTIONAL, 355 OUT PREMOTE_PORT_VIEW ServerView OPTIONAL, 356 OUT PULONG MaxMessageLength OPTIONAL, 357 IN OUT PVOID ConnectInformation OPTIONAL, 358 IN OUT PULONG ConnectInformationLength OPTIONAL 359 ); 360 361 NTSYSAPI 362 NTSTATUS 363 NTAPI 364 NtContinue( 365 IN PCONTEXT Context, 366 IN BOOLEAN TestAlert 367 ); 368 369 NTSYSAPI 370 NTSTATUS 371 NTAPI 372 NtCreateDebugObject( 373 OUT PHANDLE DebugObject, 374 IN ULONG AccessRequired, 375 IN POBJECT_ATTRIBUTES ObjectAttributes, 376 IN BOOLEAN KillProcessOnExit 377 ); 378 379 NTSYSAPI 380 NTSTATUS 381 NTAPI 382 NtCreateDirectoryObject( 383 OUT PHANDLE DirectoryHandle, 384 IN ACCESS_MASK DesiredAccess, 385 IN POBJECT_ATTRIBUTES ObjectAttributes 386 ); 387 388 NTSYSAPI 389 NTSTATUS 390 NTAPI 391 NtCreateEvent( 392 OUT PHANDLE EventHandle, 393 IN ACCESS_MASK DesiredAccess, 394 IN POBJECT_ATTRIBUTES ObjectAttributes, 395 IN EVENT_TYPE EventType, 396 IN BOOLEAN InitialState 397 ); 398 399 NTSYSAPI 400 NTSTATUS 401 NTAPI 402 NtCreateEventPair( 403 OUT PHANDLE EventPairHandle, 404 IN ACCESS_MASK DesiredAccess, 405 IN POBJECT_ATTRIBUTES ObjectAttributes 406 ); 407 408 NTSYSAPI 409 NTSTATUS 410 NTAPI 411 NtCreateFile( 412 OUT PHANDLE FileHandle, 413 IN ACCESS_MASK DesiredAccess, 414 IN POBJECT_ATTRIBUTES ObjectAttributes, 415 OUT PIO_STATUS_BLOCK IoStatusBlock, 416 IN PLARGE_INTEGER AllocationSize OPTIONAL, 417 IN ULONG FileAttributes, 418 IN ULONG ShareAccess, 419 IN ULONG CreateDisposition, 420 IN ULONG CreateOptions, 421 IN PVOID EaBuffer OPTIONAL, 422 IN ULONG EaLength 423 ); 424 425 NTSYSAPI 426 NTSTATUS 427 NTAPI 428 NtCreateIoCompletion( 429 OUT PHANDLE IoCompletionHandle, 430 IN ACCESS_MASK DesiredAccess, 431 IN POBJECT_ATTRIBUTES ObjectAttributes, 432 IN ULONG NumberOfConcurrentThreads 433 ); 434 435 NTSYSAPI 436 NTSTATUS 437 NTAPI 438 NtCreateJobObject( 439 OUT PHANDLE JobHandle, 440 IN ACCESS_MASK DesiredAccess, 441 IN POBJECT_ATTRIBUTES ObjectAttributes 442 ); 443 444 NTSYSAPI 445 NTSTATUS 446 NTAPI 447 NtCreateJobSet( 448 IN ULONG Jobs, 449 IN PJOB_SET_ARRAY JobSet, 450 IN ULONG Reserved 451 ); 452 453 NTSYSAPI 454 NTSTATUS 455 NTAPI 456 NtCreateKey( 457 OUT PHANDLE KeyHandle, 458 IN ACCESS_MASK DesiredAccess, 459 IN POBJECT_ATTRIBUTES ObjectAttributes, 460 IN ULONG TitleIndex, 461 IN PUNICODE_STRING Class OPTIONAL, 462 IN ULONG CreateOptions, 463 OUT PULONG Disposition OPTIONAL 464 ); 465 466 NTSYSAPI 467 NTSTATUS 468 NTAPI 469 NtCreateKeyedEvent( 470 OUT PHANDLE KeyedEventHandle, 471 IN ACCESS_MASK DesiredAccess, 472 IN POBJECT_ATTRIBUTES ObjectAttributes, 473 IN ULONG Reserved 474 ); 475 476 NTSYSAPI 477 NTSTATUS 478 NTAPI 479 NtCreateMailslotFile( 480 OUT PHANDLE FileHandle, 481 IN ACCESS_MASK DesiredAccess, 482 IN POBJECT_ATTRIBUTES ObjectAttributes, 483 OUT PIO_STATUS_BLOCK IoStatusBlock, 484 IN ULONG CreateOptions, 485 IN ULONG InBufferSize, 486 IN ULONG MaxMessageSize, 487 IN PLARGE_INTEGER ReadTimeout OPTIONAL 488 ); 489 490 NTSYSAPI 491 NTSTATUS 492 NTAPI 493 NtCreateMutant( 494 OUT PHANDLE MutantHandle, 495 IN ACCESS_MASK DesiredAccess, 496 IN POBJECT_ATTRIBUTES ObjectAttributes, 497 IN BOOLEAN InitialOwner 498 ); 499 500 NTSYSAPI 501 NTSTATUS 502 NTAPI 503 NtCreateNamedPipeFile( 504 OUT PHANDLE FileHandle, 505 IN ACCESS_MASK DesiredAccess, 506 IN POBJECT_ATTRIBUTES ObjectAttributes, 507 OUT PIO_STATUS_BLOCK IoStatusBlock, 508 IN ULONG ShareAccess, 509 IN ULONG CreateDisposition, 510 IN ULONG CreateOptions, 511 IN BOOLEAN TypeMessage, 512 IN BOOLEAN ReadmodeMessage, 513 IN BOOLEAN Nonblocking, 514 IN ULONG MaxInstances, 515 IN ULONG InBufferSize, 516 IN ULONG OutBufferSize, 517 IN PLARGE_INTEGER DefaultTimeout OPTIONAL 518 ); 519 520 NTSYSAPI 521 NTSTATUS 522 NTAPI 523 NtCreatePagingFile( 524 IN PUNICODE_STRING FileName, 525 IN PULARGE_INTEGER InitialSize, 526 IN PULARGE_INTEGER MaximumSize, 527 IN ULONG Priority OPTIONAL 528 ); 529 530 NTSYSAPI 531 NTSTATUS 532 NTAPI 533 NtCreatePort( 534 OUT PHANDLE PortHandle, 535 IN POBJECT_ATTRIBUTES ObjectAttributes, 536 IN ULONG MaxConnectionInfoLength, 537 IN ULONG MaxMessageLength, 538 IN ULONG MaxPoolUsage 539 ); 540 541 NTSYSAPI 542 NTSTATUS 543 NTAPI 544 NtCreateProcess( 545 OUT PHANDLE ProcessHandle, 546 IN ACCESS_MASK DesiredAccess, 547 IN POBJECT_ATTRIBUTES ObjectAttributes, 548 IN HANDLE InheritFromProcessHandle, 549 IN BOOLEAN InheritHandles, 550 IN HANDLE SectionHandle OPTIONAL, 551 IN HANDLE DebugPort OPTIONAL, 552 IN HANDLE ExceptionPort OPTIONAL 553 ); 554 555 NTSYSAPI 556 NTSTATUS 557 NTAPI 558 NtCreateProcessEx( 559 OUT PHANDLE ProcessHandle, 560 IN ACCESS_MASK DesiredAccess, 561 IN POBJECT_ATTRIBUTES ObjectAttributes, 562 IN HANDLE InheritFromProcessHandle, 563 IN ULONG CreateFlags, 564 IN HANDLE SectionHandle OPTIONAL, 565 IN HANDLE DebugObject OPTIONAL, 566 IN HANDLE ExceptionPort OPTIONAL, 567 IN ULONG JobMemberLevel 568 ); 569 570 NTSYSAPI 571 NTSTATUS 572 NTAPI 573 NtCreateProfile( 574 OUT PHANDLE ProfileHandle, 575 IN HANDLE ProcessHandle, 576 IN PVOID Base, 577 IN ULONG Size, 578 IN ULONG BucketShift, 579 IN PULONG Buffer, 580 IN ULONG BufferLength, 581 IN KPROFILE_SOURCE Source, 582 IN ULONG ProcessorMask 583 ); 584 585 NTSYSAPI 586 NTSTATUS 587 NTAPI 588 NtCreateSection( 589 OUT PHANDLE SectionHandle, 590 IN ACCESS_MASK DesiredAccess, 591 IN POBJECT_ATTRIBUTES ObjectAttributes, 592 IN PLARGE_INTEGER SectionSize OPTIONAL, 593 IN ULONG Protect, 594 IN ULONG Attributes, 595 IN HANDLE FileHandle 596 ); 597 598 NTSYSAPI 599 NTSTATUS 600 NTAPI 601 NtCreateSemaphore( 602 OUT PHANDLE SemaphoreHandle, 603 IN ACCESS_MASK DesiredAccess, 604 IN POBJECT_ATTRIBUTES ObjectAttributes, 605 IN LONG InitialCount, 606 IN LONG MaximumCount 607 ); 608 609 NTSYSAPI 610 NTSTATUS 611 NTAPI 612 NtCreateSymbolicLinkObject( 613 OUT PHANDLE SymbolicLinkHandle, 614 IN ACCESS_MASK DesiredAccess, 615 IN POBJECT_ATTRIBUTES ObjectAttributes, 616 IN PUNICODE_STRING TargetName 617 ); 618 619 NTSYSAPI 620 NTSTATUS 621 NTAPI 622 NtCreateThread( 623 OUT PHANDLE ThreadHandle, 624 IN ACCESS_MASK DesiredAccess, 625 IN POBJECT_ATTRIBUTES ObjectAttributes, 626 IN HANDLE ProcessHandle, 627 OUT PCLIENT_ID ClientId, 628 IN PCONTEXT ThreadContext, 629 IN PUSER_STACK UserStack, 630 IN BOOLEAN CreateSuspended 631 ); 632 633 NTSYSAPI 634 NTSTATUS 635 NTAPI 636 NtCreateTimer( 637 OUT PHANDLE TimerHandle, 638 IN ACCESS_MASK DesiredAccess, 639 IN POBJECT_ATTRIBUTES ObjectAttributes, 640 IN TIMER_TYPE TimerType 641 ); 642 643 NTSYSAPI 644 NTSTATUS 645 NTAPI 646 NtCreateToken( 647 OUT PHANDLE TokenHandle, 648 IN ACCESS_MASK DesiredAccess, 649 IN POBJECT_ATTRIBUTES ObjectAttributes, 650 IN TOKEN_TYPE Type, 651 IN PLUID AuthenticationId, 652 IN PLARGE_INTEGER ExpirationTime, 653 IN PTOKEN_USER User, 654 IN PTOKEN_GROUPS Groups, 655 IN PTOKEN_PRIVILEGES Privileges, 656 IN PTOKEN_OWNER Owner, 657 IN PTOKEN_PRIMARY_GROUP PrimaryGroup, 658 IN PTOKEN_DEFAULT_DACL DefaultDacl, 659 IN PTOKEN_SOURCE Source 660 ); 661 662 NTSYSAPI 663 NTSTATUS 664 NTAPI 665 NtCreateWaitablePort( 666 OUT PHANDLE PortHandle, 667 IN POBJECT_ATTRIBUTES ObjectAttributes, 668 IN ULONG MaxConnectionInfoLength, 669 IN ULONG MaxMessageLength, 670 IN ULONG MaxPoolUsage 671 ); 672 673 NTSYSAPI 674 NTSTATUS 675 NTAPI 676 NtDebugActiveProcess( 677 IN HANDLE Process, 678 IN HANDLE DebugObject 679 ); 680 681 NTSYSAPI 682 NTSTATUS 683 NTAPI 684 NtDebugContinue( 685 IN HANDLE DebugObject, 686 IN PCLIENT_ID AppClientId, 687 IN NTSTATUS ContinueStatus 688 ); 689 690 NTSYSAPI 691 NTSTATUS 692 NTAPI 693 NtDelayExecution( 694 IN BOOLEAN Alertable, 695 IN PLARGE_INTEGER Interval 696 ); 697 698 NTSYSAPI 699 NTSTATUS 700 NTAPI 701 NtDeleteAtom( 702 IN USHORT Atom 703 ); 704 705 NTSYSAPI 706 NTSTATUS 707 NTAPI 708 NtDeleteBootEntry( 709 IN PUNICODE_STRING EntryName, 710 IN PUNICODE_STRING EntryValue 711 ); 712 713 NTSYSAPI 714 NTSTATUS 715 NTAPI 716 NtDeleteDriverEntry( 717 IN PUNICODE_STRING DriverName, 718 IN PUNICODE_STRING DriverPath 719 ); 720 721 NTSYSAPI 722 NTSTATUS 723 NTAPI 724 NtDeleteFile( 725 IN POBJECT_ATTRIBUTES ObjectAttributes 726 ); 727 728 NTSYSAPI 729 NTSTATUS 730 NTAPI 731 NtDeleteKey( 732 IN HANDLE KeyHandle 733 ); 734 735 NTSYSAPI 736 NTSTATUS 737 NTAPI 738 NtDeleteObjectAuditAlarm( 739 IN PUNICODE_STRING SubsystemName, 740 IN PVOID HandleId, 741 IN BOOLEAN GenerateOnClose 742 ); 743 744 NTSYSAPI 745 NTSTATUS 746 NTAPI 747 NtDeleteValueKey( 748 IN HANDLE KeyHandle, 749 IN PUNICODE_STRING ValueName 750 ); 751 752 NTSYSAPI 753 NTSTATUS 754 NTAPI 755 NtDeviceIoControlFile( 756 IN HANDLE FileHandle, 757 IN HANDLE Event OPTIONAL, 758 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 759 IN PVOID ApcContext OPTIONAL, 760 OUT PIO_STATUS_BLOCK IoStatusBlock, 761 IN ULONG IoControlCode, 762 IN PVOID InputBuffer OPTIONAL, 763 IN ULONG InputBufferLength, 764 OUT PVOID OutputBuffer OPTIONAL, 765 IN ULONG OutputBufferLength 766 ); 767 768 NTSYSAPI 769 NTSTATUS 770 NTAPI 771 NtDisplayString( 772 IN PUNICODE_STRING String 773 ); 774 775 NTSYSAPI 776 NTSTATUS 777 NTAPI 778 NtDuplicateObject( 779 IN HANDLE SourceProcessHandle, 780 IN HANDLE SourceHandle, 781 IN HANDLE TargetProcessHandle, 782 OUT PHANDLE TargetHandle OPTIONAL, 783 IN ACCESS_MASK DesiredAccess, 784 IN ULONG Attributes, 785 IN ULONG Options 786 ); 787 788 NTSYSAPI 789 NTSTATUS 790 NTAPI 791 NtDuplicateToken( 792 IN HANDLE ExistingTokenHandle, 793 IN ACCESS_MASK DesiredAccess, 794 IN POBJECT_ATTRIBUTES ObjectAttributes, 795 IN BOOLEAN EffectiveOnly, 796 IN TOKEN_TYPE TokenType, 797 OUT PHANDLE NewTokenHandle 798 ); 799 800 NTSYSAPI 801 NTSTATUS 802 NTAPI 803 NtEnumerateBootEntries( 804 IN ULONG Unknown1, 805 IN ULONG Unknown2 806 ); 807 NTSYSAPI 808 NTSTATUS 809 NTAPI 810 NtEnumerateKey( 811 IN HANDLE KeyHandle, 812 IN ULONG Index, 813 IN KEY_INFORMATION_CLASS KeyInformationClass, 814 OUT PVOID KeyInformation, 815 IN ULONG KeyInformationLength, 816 OUT PULONG ResultLength 817 ); 818 819 NTSYSAPI 820 NTSTATUS 821 NTAPI 822 NtEnumerateSystemEnvironmentValuesEx( 823 IN ULONG Unknown1, 824 IN ULONG Unknown2, 825 IN ULONG Unknown3 826 ); 827 828 NTSYSAPI 829 NTSTATUS 830 NTAPI 831 NtEnumerateValueKey( 832 IN HANDLE KeyHandle, 833 IN ULONG Index, 834 IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass, 835 OUT PVOID KeyValueInformation, 836 IN ULONG KeyValueInformationLength, 837 OUT PULONG ResultLength 838 ); 839 840 NTSYSAPI 841 NTSTATUS 842 NTAPI 843 NtExtendSection( 844 IN HANDLE SectionHandle, 845 IN PLARGE_INTEGER SectionSize 846 ); 847 848 NTSYSAPI 849 NTSTATUS 850 NTAPI 851 NtFilterToken( 852 IN HANDLE ExistingTokenHandle, 853 IN ULONG Flags, 854 IN PTOKEN_GROUPS SidsToDisable, 855 IN PTOKEN_PRIVILEGES PrivilegesToDelete, 856 IN PTOKEN_GROUPS SidsToRestricted, 857 OUT PHANDLE NewTokenHandle 858 ); 859 860 NTSYSAPI 861 NTSTATUS 862 NTAPI 863 NtFindAtom( 864 IN PWSTR String, 865 IN ULONG StringLength, 866 OUT PUSHORT Atom 867 ); 868 869 NTSYSAPI 870 NTSTATUS 871 NTAPI 872 NtFlushBuffersFile( 873 IN HANDLE FileHandle, 874 OUT PIO_STATUS_BLOCK IoStatusBlock 875 ); 876 877 NTSYSAPI 878 NTSTATUS 879 NTAPI 880 NtFlushInstructionCache( 881 IN HANDLE ProcessHandle, 882 IN PVOID BaseAddress OPTIONAL, 883 IN ULONG FlushSize 884 ); 885 886 NTSYSAPI 887 NTSTATUS 888 NTAPI 889 NtFlushKey( 890 IN HANDLE KeyHandle 891 ); 892 893 NTSYSAPI 894 NTSTATUS 895 NTAPI 896 NtFlushVirtualMemory( 897 IN HANDLE ProcessHandle, 898 IN OUT PVOID *BaseAddress, 899 IN OUT PULONG FlushSize, 900 OUT PIO_STATUS_BLOCK IoStatusBlock 901 ); 902 903 NTSYSAPI 904 NTSTATUS 905 NTAPI 906 NtFlushWriteBuffer( 907 VOID 908 ); 909 910 NTSYSAPI 911 NTSTATUS 912 NTAPI 913 NtYieldExecution( 914 VOID 915 ); 916 917 NTSYSAPI 918 NTSTATUS 919 NTAPI 920 NtWriteVirtualMemory( 921 IN HANDLE ProcessHandle, 922 IN PVOID BaseAddress, 923 IN PVOID Buffer, 924 IN ULONG BufferLength, 925 OUT PULONG ReturnLength OPTIONAL 926 ); 927 928 NTSYSAPI 929 NTSTATUS 930 NTAPI 931 NtWriteRequestData( 932 IN HANDLE PortHandle, 933 IN PPORT_MESSAGE Message, 934 IN ULONG Index, 935 IN PVOID Buffer, 936 IN ULONG BufferLength, 937 OUT PULONG ReturnLength OPTIONAL 938 ); 939 940 NTSYSAPI 941 NTSTATUS 942 NTAPI 943 NtWriteFileGather( 944 IN HANDLE FileHandle, 945 IN HANDLE Event OPTIONAL, 946 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 947 IN PVOID ApcContext OPTIONAL, 948 OUT PIO_STATUS_BLOCK IoStatusBlock, 949 IN PFILE_SEGMENT_ELEMENT Buffer, 950 IN ULONG Length, 951 IN PLARGE_INTEGER ByteOffset OPTIONAL, 952 IN PULONG Key OPTIONAL 953 ); 954 955 NTSYSAPI 956 NTSTATUS 957 NTAPI 958 NtWriteFile( 959 IN HANDLE FileHandle, 960 IN HANDLE Event OPTIONAL, 961 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 962 IN PVOID ApcContext OPTIONAL, 963 OUT PIO_STATUS_BLOCK IoStatusBlock, 964 IN PVOID Buffer, 965 IN ULONG Length, 966 IN PLARGE_INTEGER ByteOffset OPTIONAL, 967 IN PULONG Key OPTIONAL 968 ); 969 NTSYSAPI 970 NTSTATUS 971 NTAPI 972 NtWaitLowEventPair( 973 IN HANDLE EventPairHandle 974 ); 975 976 NTSYSAPI 977 NTSTATUS 978 NTAPI 979 NtWaitHighEventPair( 980 IN HANDLE EventPairHandle 981 ); 982 983 NTSYSAPI 984 NTSTATUS 985 NTAPI 986 NtWaitForSingleObject( 987 IN HANDLE Handle, 988 IN BOOLEAN Alertable, 989 IN PLARGE_INTEGER Timeout OPTIONAL 990 ); 991 992 NTSYSAPI 993 NTSTATUS 994 NTAPI 995 NtWaitForMultipleObjects32( 996 IN ULONG HandleCount, 997 IN PHANDLE Handles, 998 IN WAIT_TYPE WaitType, 999 IN BOOLEAN Alertable, 1000 IN PLARGE_INTEGER Timeout OPTIONAL 1001 ); 1002 1003 NTSYSAPI 1004 NTSTATUS 1005 NTAPI 1006 NtWaitForMultipleObjects( 1007 IN ULONG HandleCount, 1008 IN PHANDLE Handles, 1009 IN WAIT_TYPE WaitType, 1010 IN BOOLEAN Alertable, 1011 IN PLARGE_INTEGER Timeout OPTIONAL 1012 ); 1013 1014 NTSYSAPI 1015 NTSTATUS 1016 NTAPI 1017 NtWaitForKeyedEvent( 1018 IN HANDLE KeyedEventHandle, 1019 IN PVOID Key, 1020 IN BOOLEAN Alertable, 1021 IN PLARGE_INTEGER Timeout OPTIONAL 1022 ); 1023 1024 NTSYSAPI 1025 NTSTATUS 1026 NTAPI 1027 NtWaitForDebugEvent( 1028 IN HANDLE DebugObject, 1029 IN BOOLEAN Alertable, 1030 IN PLARGE_INTEGER Timeout OPTIONAL, 1031 OUT PDBGUI_WAIT_STATE_CHANGE StateChange 1032 ); 1033 1034 NTSYSAPI 1035 NTSTATUS 1036 NTAPI 1037 NtVdmControl( 1038 IN VDMSERVICECLASS Service, 1039 IN OUT PVOID ServiceData 1040 ); 1041 1042 NTSYSAPI 1043 NTSTATUS 1044 NTAPI 1045 NtUnmapViewOfSection( 1046 IN HANDLE ProcessHandle, 1047 IN PVOID BaseAddress 1048 ); 1049 1050 NTSYSAPI 1051 NTSTATUS 1052 NTAPI 1053 NtUnlockVirtualMemory( 1054 IN HANDLE ProcessHandle, 1055 IN OUT PVOID *BaseAddress, 1056 IN OUT PULONG LockSize, 1057 IN ULONG LockType 1058 ); 1059 1060 NTSYSAPI 1061 NTSTATUS 1062 NTAPI 1063 NtUnlockFile( 1064 IN HANDLE FileHandle, 1065 OUT PIO_STATUS_BLOCK IoStatusBlock, 1066 IN PULARGE_INTEGER LockOffset, 1067 IN PULARGE_INTEGER LockLength, 1068 IN ULONG Key 1069 ); 1070 1071 NTSYSAPI 1072 NTSTATUS 1073 NTAPI 1074 NtUnloadKeyEx( 1075 IN POBJECT_ATTRIBUTES KeyObjectAttributes, 1076 IN HANDLE EventHandle OPTIONAL 1077 ); 1078 1079 NTSYSAPI 1080 NTSTATUS 1081 NTAPI 1082 NtUnloadKey2( 1083 IN POBJECT_ATTRIBUTES KeyObjectAttributes, 1084 IN BOOLEAN ForceUnload 1085 ); 1086 1087 NTSYSAPI 1088 NTSTATUS 1089 NTAPI 1090 NtUnloadKey( 1091 IN POBJECT_ATTRIBUTES KeyObjectAttributes 1092 ); 1093 1094 NTSYSAPI 1095 NTSTATUS 1096 NTAPI 1097 NtUnloadDriver( 1098 IN PUNICODE_STRING DriverServiceName 1099 ); 1100 1101 NTSYSAPI 1102 NTSTATUS 1103 NTAPI 1104 NtTranslateFilePath( 1105 PFILE_PATH InputFilePath, 1106 ULONG OutputType, 1107 PFILE_PATH OutputFilePath, 1108 ULONG OutputFilePathLength 1109 ); 1110 1111 NTSYSAPI 1112 NTSTATUS 1113 NTAPI 1114 NtTraceEvent( 1115 IN ULONG TraceHandle, 1116 IN ULONG Flags, 1117 IN ULONG TraceHeaderLength, 1118 IN PEVENT_TRACE_HEADER TraceHeader 1119 ); 1120 1121 NTSYSAPI 1122 NTSTATUS 1123 NTAPI 1124 NtTerminateThread( 1125 IN HANDLE ThreadHandle OPTIONAL, 1126 IN NTSTATUS ExitStatus 1127 ); 1128 1129 NTSYSAPI 1130 NTSTATUS 1131 NTAPI 1132 NtTerminateProcess( 1133 IN HANDLE ProcessHandle OPTIONAL, 1134 IN NTSTATUS ExitStatus 1135 ); 1136 1137 NTSYSAPI 1138 NTSTATUS 1139 NTAPI 1140 NtTerminateJobObject( 1141 IN HANDLE JobHandle, 1142 IN NTSTATUS ExitStatus 1143 ); 1144 1145 NTSYSAPI 1146 NTSTATUS 1147 NTAPI 1148 NtSystemDebugControl( 1149 IN DEBUG_CONTROL_CODE ControlCode, 1150 IN PVOID InputBuffer OPTIONAL, 1151 IN ULONG InputBufferLength, 1152 OUT PVOID OutputBuffer OPTIONAL, 1153 IN ULONG OutputBufferLength, 1154 OUT PULONG ReturnLength OPTIONAL 1155 ); 1156 1157 NTSYSAPI 1158 NTSTATUS 1159 NTAPI 1160 NtSuspendThread( 1161 IN HANDLE ThreadHandle, 1162 OUT PULONG PreviousSuspendCount OPTIONAL 1163 ); 1164 1165 NTSYSAPI 1166 NTSTATUS 1167 NTAPI 1168 NtSuspendProcess( 1169 IN HANDLE Process 1170 ); 1171 1172 NTSYSAPI 1173 NTSTATUS 1174 NTAPI 1175 NtStopProfile( 1176 IN HANDLE ProfileHandle 1177 ); 1178 NTSYSAPI 1179 NTSTATUS 1180 NTAPI 1181 NtStartProfile( 1182 IN HANDLE ProfileHandle 1183 ); 1184 1185 NTSYSAPI 1186 NTSTATUS 1187 NTAPI 1188 NtSignalAndWaitForSingleObject( 1189 IN HANDLE HandleToSignal, 1190 IN HANDLE HandleToWait, 1191 IN BOOLEAN Alertable, 1192 IN PLARGE_INTEGER Timeout OPTIONAL 1193 ); 1194 1195 NTSYSAPI 1196 NTSTATUS 1197 NTAPI 1198 NtShutdownSystem( 1199 IN SHUTDOWN_ACTION Action 1200 ); 1201 1202 NTSYSAPI 1203 NTSTATUS 1204 NTAPI 1205 NtSetVolumeInformationFile( 1206 IN HANDLE FileHandle, 1207 OUT PIO_STATUS_BLOCK IoStatusBlock, 1208 IN PVOID Buffer, 1209 IN ULONG BufferLength, 1210 IN FS_INFORMATION_CLASS VolumeInformationClass 1211 ); 1212 1213 NTSYSAPI 1214 NTSTATUS 1215 NTAPI 1216 NtSetValueKey( 1217 IN HANDLE KeyHandle, 1218 IN PUNICODE_STRING ValueName, 1219 IN ULONG TitleIndex, 1220 IN ULONG Type, 1221 IN PVOID Data, 1222 IN ULONG DataSize 1223 ); 1224 1225 NTSYSAPI 1226 NTSTATUS 1227 NTAPI 1228 NtSetUuidSeed( 1229 IN PUCHAR UuidSeed 1230 ); 1231 1232 NTSYSAPI 1233 NTSTATUS 1234 NTAPI 1235 NtSetTimerResolution( 1236 IN ULONG RequestedResolution, 1237 IN BOOLEAN Set, 1238 OUT PULONG ActualResolution 1239 ); 1240 1241 NTSYSAPI 1242 NTSTATUS 1243 NTAPI 1244 NtSetTimer( 1245 IN HANDLE TimerHandle, 1246 IN PLARGE_INTEGER DueTime, 1247 IN PTIMER_APC_ROUTINE TimerApcRoutine OPTIONAL, 1248 IN PVOID TimerContext, 1249 IN BOOLEAN Resume, 1250 IN LONG Period, 1251 OUT PBOOLEAN PreviousState OPTIONAL 1252 ); 1253 1254 NTSYSAPI 1255 NTSTATUS 1256 NTAPI 1257 NtSetThreadExecutionState( 1258 IN EXECUTION_STATE ExecutionState, 1259 OUT PEXECUTION_STATE PreviousExecutionState 1260 ); 1261 1262 NTSYSAPI 1263 NTSTATUS 1264 NTAPI 1265 NtSetSystemTime( 1266 IN PLARGE_INTEGER NewTime, 1267 OUT PLARGE_INTEGER OldTime OPTIONAL 1268 ); 1269 1270 NTSYSAPI 1271 NTSTATUS 1272 NTAPI 1273 NtSetSystemPowerState( 1274 IN POWER_ACTION SystemAction, 1275 IN SYSTEM_POWER_STATE MinSystemState, 1276 IN ULONG Flags 1277 ); 1278 1279 NTSYSAPI 1280 NTSTATUS 1281 NTAPI 1282 NtSetSystemInformation( 1283 IN SYSTEM_INFORMATION_CLASS SystemInformationClass, 1284 IN OUT PVOID SystemInformation, 1285 IN ULONG SystemInformationLength 1286 ); 1287 1288 NTSYSAPI 1289 NTSTATUS 1290 NTAPI 1291 NtSetSystemEnvironmentValue( 1292 IN PUNICODE_STRING Name, 1293 IN PUNICODE_STRING Value 1294 ); 1295 1296 NTSYSAPI 1297 NTSTATUS 1298 NTAPI 1299 NtSetSecurityObject( 1300 IN HANDLE Handle, 1301 IN SECURITY_INFORMATION SecurityInformation, 1302 IN PSECURITY_DESCRIPTOR SecurityDescriptor 1303 ); 1304 1305 NTSYSAPI 1306 NTSTATUS 1307 NTAPI 1308 NtSetQuotaInformationFile( 1309 IN HANDLE FileHandle, 1310 OUT PIO_STATUS_BLOCK IoStatusBlock, 1311 IN PFILE_USER_QUOTA_INFORMATION Buffer, 1312 IN ULONG BufferLength 1313 ); 1314 1315 NTSYSAPI 1316 NTSTATUS 1317 NTAPI 1318 NtSetLowWaitHighEventPair( 1319 IN HANDLE EventPairHandle 1320 ); 1321 1322 NTSYSAPI 1323 NTSTATUS 1324 NTAPI 1325 NtSetLowEventPair( 1326 IN HANDLE EventPairHandle 1327 ); 1328 1329 NTSYSAPI 1330 NTSTATUS 1331 NTAPI 1332 NtSetLdtEntries( 1333 IN ULONG Selector1, 1334 IN LDT_ENTRY LdtEntry1, 1335 IN ULONG Selector2, 1336 IN LDT_ENTRY LdtEntry2 1337 ); 1338 1339 NTSYSAPI 1340 NTSTATUS 1341 NTAPI 1342 NtSetIoCompletion( 1343 IN HANDLE IoCompletionHandle, 1344 IN ULONG CompletionKey, 1345 IN ULONG CompletionValue, 1346 IN NTSTATUS Status, 1347 IN ULONG Information 1348 ); 1349 1350 NTSYSAPI 1351 NTSTATUS 1352 NTAPI 1353 NtSetIntervalProfile( 1354 IN ULONG Interval, 1355 IN KPROFILE_SOURCE Source 1356 ); 1357 1358 NTSYSAPI 1359 NTSTATUS 1360 NTAPI 1361 NtSetInformationToken( 1362 IN HANDLE TokenHandle, 1363 IN TOKEN_INFORMATION_CLASS TokenInformationClass, 1364 IN PVOID TokenInformation, 1365 IN ULONG TokenInformationLength 1366 ); 1367 1368 NTSYSAPI 1369 NTSTATUS 1370 NTAPI 1371 NtSetInformationThread( 1372 IN HANDLE ThreadHandle, 1373 IN THREADINFOCLASS ThreadInformationClass, 1374 IN PVOID ThreadInformation, 1375 IN ULONG ThreadInformationLength 1376 ); 1377 1378 NTSYSAPI 1379 NTSTATUS 1380 NTAPI 1381 NtSetInformationProcess( 1382 IN HANDLE ProcessHandle, 1383 IN PROCESSINFOCLASS ProcessInformationClass, 1384 IN PVOID ProcessInformation, 1385 IN ULONG ProcessInformationLength 1386 ); 1387 1388 NTSYSAPI 1389 NTSTATUS 1390 NTAPI 1391 NtSetInformationObject( 1392 IN HANDLE ObjectHandle, 1393 IN OBJECT_INFORMATION_CLASS ObjectInformationClass, 1394 IN PVOID ObjectInformation, 1395 IN ULONG ObjectInformationLength 1396 ); 1397 1398 NTSYSAPI 1399 NTSTATUS 1400 NTAPI 1401 NtSetInformationKey( 1402 IN HANDLE KeyHandle, 1403 IN KEY_SET_INFORMATION_CLASS KeyInformationClass, 1404 IN PVOID KeyInformation, 1405 IN ULONG KeyInformationLength 1406 ); 1407 1408 NTSYSAPI 1409 NTSTATUS 1410 NTAPI 1411 NtSetInformationJobObject( 1412 IN HANDLE JobHandle, 1413 IN JOBOBJECTINFOCLASS JobInformationClass, 1414 IN PVOID JobInformation, 1415 IN ULONG JobInformationLength 1416 ); 1417 1418 NTSYSAPI 1419 NTSTATUS 1420 NTAPI 1421 NtSetInformationFile( 1422 IN HANDLE FileHandle, 1423 OUT PIO_STATUS_BLOCK IoStatusBlock, 1424 IN PVOID FileInformation, 1425 IN ULONG FileInformationLength, 1426 IN FILE_INFORMATION_CLASS FileInformationClass 1427 ); 1428 NTSYSAPI 1429 NTSTATUS 1430 NTAPI 1431 NtSetInformationDebugObject( 1432 IN HANDLE DebugObject, 1433 IN DEBUGOBJECTINFOCLASS DebugObjectInformationClass, 1434 IN PVOID DebugInformation, 1435 IN ULONG DebugInformationLength, 1436 OUT PULONG ReturnLength OPTIONAL 1437 ); 1438 1439 NTSYSAPI 1440 NTSTATUS 1441 NTAPI 1442 NtSetHighWaitLowEventPair( 1443 IN HANDLE EventPairHandle 1444 ); 1445 1446 NTSYSAPI 1447 NTSTATUS 1448 NTAPI 1449 NtSetHighEventPair( 1450 IN HANDLE EventPairHandle 1451 ); 1452 1453 NTSYSAPI 1454 NTSTATUS 1455 NTAPI 1456 NtSetEventBoostPriority( 1457 IN HANDLE EventHandle 1458 ); 1459 1460 NTSYSAPI 1461 NTSTATUS 1462 NTAPI 1463 NtSetEvent( 1464 IN HANDLE EventHandle, 1465 OUT PULONG PreviousState OPTIONAL 1466 ); 1467 1468 NTSYSAPI 1469 NTSTATUS 1470 NTAPI 1471 NtSetEaFile( 1472 IN HANDLE FileHandle, 1473 OUT PIO_STATUS_BLOCK IoStatusBlock, 1474 IN PFILE_FULL_EA_INFORMATION Buffer, 1475 IN ULONG BufferLength 1476 ); 1477 1478 NTSYSAPI 1479 NTSTATUS 1480 NTAPI 1481 NtSetDefaultUILanguage( 1482 IN LANGID LanguageId 1483 ); 1484 1485 NTSYSAPI 1486 NTSTATUS 1487 NTAPI 1488 NtSetDefaultLocale( 1489 IN BOOLEAN ThreadOrSystem, 1490 IN LCID Locale 1491 ); 1492 1493 NTSYSAPI 1494 NTSTATUS 1495 NTAPI 1496 NtSetDefaultHardErrorPort( 1497 IN HANDLE PortHandle 1498 ); 1499 1500 NTSYSAPI 1501 NTSTATUS 1502 NTAPI 1503 NtSetDebugFilterState( 1504 IN ULONG ComponentId, 1505 IN ULONG Level, 1506 IN BOOLEAN Enable 1507 ); 1508 1509 NTSYSAPI 1510 NTSTATUS 1511 NTAPI 1512 NtSetContextThread( 1513 IN HANDLE ThreadHandle, 1514 IN PCONTEXT Context 1515 ); 1516 1517 NTSYSAPI 1518 NTSTATUS 1519 NTAPI 1520 NtSetContextChannel( 1521 IN HANDLE CHannelHandle 1522 ); 1523 1524 1525 NTSYSAPI 1526 NTSTATUS 1527 NTAPI 1528 NtSetBootOptions( 1529 IN PBOOT_OPTIONS BootOptions, 1530 IN ULONG FieldsToChange 1531 ); 1532 1533 NTSYSAPI 1534 NTSTATUS 1535 NTAPI 1536 NtSetBootEntryOrder( 1537 IN ULONG Unknown1, 1538 IN ULONG Unknown2 1539 ); 1540 1541 1542 NTSYSAPI 1543 NTSTATUS 1544 NTAPI 1545 NtSecureConnectPort( 1546 OUT PHANDLE PortHandle, 1547 IN PUNICODE_STRING PortName, 1548 IN PSECURITY_QUALITY_OF_SERVICE SecurityQos, 1549 IN OUT PPORT_VIEW ClientView OPTIONAL, 1550 IN PSID ServerSid OPTIONAL, 1551 OUT PREMOTE_PORT_VIEW ServerView OPTIONAL, 1552 OUT PULONG MaxMessageLength OPTIONAL, 1553 IN OUT PVOID ConnectInformation OPTIONAL, 1554 IN OUT PULONG ConnectInformationLength OPTIONAL 1555 ); 1556 1557 NTSYSAPI 1558 NTSTATUS 1559 NTAPI 1560 NtSaveMergedKeys( 1561 IN HANDLE KeyHandle1, 1562 IN HANDLE KeyHandle2, 1563 IN HANDLE FileHandle 1564 ); 1565 1566 NTSYSAPI 1567 NTSTATUS 1568 NTAPI 1569 NtSaveKeyEx( 1570 IN HANDLE KeyHandle, 1571 IN HANDLE FileHandle, 1572 IN ULONG Flags 1573 ); 1574 1575 NTSYSAPI 1576 NTSTATUS 1577 NTAPI 1578 NtSaveKey( 1579 IN HANDLE KeyHandle, 1580 IN HANDLE FileHandle 1581 ); 1582 1583 NTSYSAPI 1584 NTSTATUS 1585 NTAPI 1586 NtResumeThread( 1587 IN HANDLE ThreadHandle, 1588 OUT PULONG PreviousSuspendCount OPTIONAL 1589 ); 1590 1591 NTSYSAPI 1592 NTSTATUS 1593 NTAPI 1594 NtResumeProcess( 1595 IN HANDLE Process 1596 ); 1597 1598 NTSYSAPI 1599 NTSTATUS 1600 NTAPI 1601 NtRestoreKey( 1602 IN HANDLE KeyHandle, 1603 IN HANDLE FileHandle, 1604 IN ULONG Flags 1605 ); 1606 1607 NTSYSAPI 1608 NTSTATUS 1609 NTAPI 1610 NtResetWriteWatch( 1611 IN HANDLE ProcessHandle, 1612 IN PVOID BaseAddress, 1613 IN ULONG RegionSize 1614 ); 1615 1616 NTSYSAPI 1617 NTSTATUS 1618 NTAPI 1619 NtResetEvent( 1620 IN HANDLE EventHandle, 1621 OUT PULONG PreviousState OPTIONAL 1622 ); 1623 1624 NTSYSAPI 1625 NTSTATUS 1626 NTAPI 1627 NtRequestWakeupLatency( 1628 IN LATENCY_TIME Latency 1629 ); 1630 1631 NTSYSAPI 1632 NTSTATUS 1633 NTAPI 1634 NtRequestWaitReplyPort( 1635 IN HANDLE PortHandle, 1636 IN PPORT_MESSAGE RequestMessage, 1637 OUT PPORT_MESSAGE ReplyMessage 1638 ); 1639 1640 NTSYSAPI 1641 NTSTATUS 1642 NTAPI 1643 NtRequestPort( 1644 IN HANDLE PortHandle, 1645 IN PPORT_MESSAGE RequestMessage 1646 ); 1647 1648 NTSYSAPI 1649 NTSTATUS 1650 NTAPI 1651 NtRequestDeviceWakeup( 1652 IN HANDLE DeviceHandle 1653 ); 1654 1655 1656 NTSYSAPI 1657 NTSTATUS 1658 NTAPI 1659 NtReplyWaitReplyPort( 1660 IN HANDLE PortHandle, 1661 IN OUT PPORT_MESSAGE ReplyMessage 1662 ); 1663 1664 NTSYSAPI 1665 NTSTATUS 1666 NTAPI 1667 NtReplyWaitReceivePortEx( 1668 IN HANDLE PortHandle, 1669 OUT PVOID* PortIdentifier OPTIONAL, 1670 IN PPORT_MESSAGE ReplyMessage OPTIONAL, 1671 OUT PPORT_MESSAGE Message, 1672 IN PLARGE_INTEGER Timeout 1673 ); 1674 1675 NTSYSAPI 1676 NTSTATUS 1677 NTAPI 1678 NtReplyWaitReceivePort( 1679 IN HANDLE PortHandle, 1680 OUT PULONG PortIdentifier OPTIONAL, 1681 IN PPORT_MESSAGE ReplyMessage OPTIONAL, 1682 OUT PPORT_MESSAGE Message 1683 ); 1684 1685 NTSYSAPI 1686 NTSTATUS 1687 NTAPI 1688 NtReplyPort( 1689 IN HANDLE PortHandle, 1690 IN PPORT_MESSAGE ReplyMessage 1691 ); 1692 1693 NTSYSAPI 1694 NTSTATUS 1695 NTAPI 1696 NtReplaceKey( 1697 IN POBJECT_ATTRIBUTES NewFileObjectAttributes, 1698 IN HANDLE KeyHandle, 1699 IN POBJECT_ATTRIBUTES OldFileObjectAttributes 1700 ); 1701 1702 NTSYSAPI 1703 NTSTATUS 1704 NTAPI 1705 NtRenameKey( 1706 IN HANDLE KeyHandle, 1707 IN PUNICODE_STRING ReplacementName 1708 ); 1709 1710 NTSYSAPI 1711 NTSTATUS 1712 NTAPI 1713 NtRemoveProcessDebug( 1714 IN HANDLE Process, 1715 IN HANDLE DebugObject 1716 ); 1717 1718 NTSYSAPI 1719 NTSTATUS 1720 NTAPI 1721 NtRemoveIoCompletion( 1722 IN HANDLE IoCompletionHandle, 1723 OUT PULONG CompletionKey, 1724 OUT PULONG CompletionValue, 1725 OUT PIO_STATUS_BLOCK IoStatusBlock, 1726 IN PLARGE_INTEGER Timeout OPTIONAL 1727 ); 1728 1729 NTSYSAPI 1730 NTSTATUS 1731 NTAPI 1732 NtReleaseSemaphore( 1733 IN HANDLE SemaphoreHandle, 1734 IN LONG ReleaseCount, 1735 OUT PLONG PreviousCount OPTIONAL 1736 ); 1737 1738 NTSYSAPI 1739 NTSTATUS 1740 NTAPI 1741 NtReleaseMutant( 1742 IN HANDLE MutantHandle, 1743 OUT PULONG PreviousState 1744 ); 1745 1746 NTSYSAPI 1747 NTSTATUS 1748 NTAPI 1749 NtReleaseKeyedEvent( 1750 IN HANDLE KeyedEventHandle, 1751 IN PVOID Key, 1752 IN BOOLEAN Alertable, 1753 IN PLARGE_INTEGER Timeout OPTIONAL 1754 ); 1755 1756 NTSYSAPI 1757 NTSTATUS 1758 NTAPI 1759 NtRegisterThreadTerminatePort( 1760 IN HANDLE PortHandle 1761 ); 1762 1763 NTSYSAPI 1764 NTSTATUS 1765 NTAPI 1766 NtReadVirtualMemory( 1767 IN HANDLE ProcessHandle, 1768 IN PVOID BaseAddress, 1769 OUT PVOID Buffer, 1770 IN ULONG BufferLength, 1771 OUT PULONG ReturnLength OPTIONAL 1772 ); 1773 1774 NTSYSAPI 1775 NTSTATUS 1776 NTAPI 1777 NtReadRequestData( 1778 IN HANDLE PortHandle, 1779 IN PPORT_MESSAGE Message, 1780 IN ULONG Index, 1781 OUT PVOID Buffer, 1782 IN ULONG BufferLength, 1783 OUT PULONG ReturnLength OPTIONAL 1784 ); 1785 1786 NTSYSAPI 1787 NTSTATUS 1788 NTAPI 1789 NtReadFileScatter( 1790 IN HANDLE FileHandle, 1791 IN HANDLE Event OPTIONAL, 1792 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 1793 IN PVOID ApcContext OPTIONAL, 1794 OUT PIO_STATUS_BLOCK IoStatusBlock, 1795 IN PFILE_SEGMENT_ELEMENT Buffer, 1796 IN ULONG Length, 1797 IN PLARGE_INTEGER ByteOffset OPTIONAL, 1798 IN PULONG Key OPTIONAL 1799 ); 1800 1801 NTSYSAPI 1802 NTSTATUS 1803 NTAPI 1804 NtReadFile( 1805 IN HANDLE FileHandle, 1806 IN HANDLE Event OPTIONAL, 1807 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 1808 IN PVOID ApcContext OPTIONAL, 1809 OUT PIO_STATUS_BLOCK IoStatusBlock, 1810 OUT PVOID Buffer, 1811 IN ULONG Length, 1812 IN PLARGE_INTEGER ByteOffset OPTIONAL, 1813 IN PULONG Key OPTIONAL 1814 ); 1815 1816 NTSYSAPI 1817 NTSTATUS 1818 NTAPI 1819 NtRaiseHardError( 1820 IN NTSTATUS Status, 1821 IN ULONG NumberOfArguments, 1822 IN ULONG StringArgumentsMask, 1823 IN PULONG_PTR Arguments, 1824 IN HARDERROR_RESPONSE_OPTION ResponseOption, 1825 OUT PHARDERROR_RESPONSE Response 1826 ); 1827 1828 NTSYSAPI 1829 NTSTATUS 1830 NTAPI 1831 NtRaiseException( 1832 IN PEXCEPTION_RECORD ExceptionRecord, 1833 IN PCONTEXT Context, 1834 IN BOOLEAN SearchFrames 1835 ); 1836 1837 NTSYSAPI 1838 NTSTATUS 1839 NTAPI 1840 NtQueueApcThread( 1841 IN HANDLE ThreadHandle, 1842 IN PKNORMAL_ROUTINE ApcRoutine, 1843 IN PVOID ApcContext OPTIONAL, 1844 IN PVOID Argument1 OPTIONAL, 1845 IN PVOID Argument2 OPTIONAL 1846 ); 1847 1848 NTSYSAPI 1849 NTSTATUS 1850 NTAPI 1851 NtQueryVolumeInformationFile( 1852 IN HANDLE FileHandle, 1853 OUT PIO_STATUS_BLOCK IoStatusBlock, 1854 OUT PVOID VolumeInformation, 1855 IN ULONG VolumeInformationLength, 1856 IN FS_INFORMATION_CLASS VolumeInformationClass 1857 ); 1858 1859 NTSYSAPI 1860 NTSTATUS 1861 NTAPI 1862 NtQueryVirtualMemory( 1863 IN HANDLE ProcessHandle, 1864 IN PVOID BaseAddress, 1865 IN MEMORY_INFORMATION_CLASS MemoryInformationClass, 1866 OUT PVOID MemoryInformation, 1867 IN ULONG MemoryInformationLength, 1868 OUT PULONG ReturnLength OPTIONAL 1869 ); 1870 1871 NTSYSAPI 1872 NTSTATUS 1873 NTAPI 1874 NtQueryValueKey( 1875 IN HANDLE KeyHandle, 1876 IN PUNICODE_STRING ValueName, 1877 IN KEY_VALUE_INFORMATION_CLASS KeyValueInformationClass, 1878 OUT PVOID KeyValueInformation, 1879 IN ULONG KeyValueInformationLength, 1880 OUT PULONG ResultLength 1881 ); 1882 1883 NTSYSAPI 1884 NTSTATUS 1885 NTAPI 1886 NtQueryTimerResolution( 1887 OUT PULONG CoarsestResolution, 1888 OUT PULONG FinestResolution, 1889 OUT PULONG ActualResolution 1890 ); 1891 1892 NTSYSAPI 1893 NTSTATUS 1894 NTAPI 1895 NtQueryTimer( 1896 IN HANDLE TimerHandle, 1897 IN TIMER_INFORMATION_CLASS TimerInformationClass, 1898 OUT PVOID TimerInformation, 1899 IN ULONG TimerInformationLength, 1900 OUT PULONG ResultLength OPTIONAL 1901 ); 1902 1903 NTSYSAPI 1904 NTSTATUS 1905 NTAPI 1906 NtQuerySystemTime( 1907 OUT PLARGE_INTEGER CurrentTime 1908 ); 1909 1910 NTSYSAPI 1911 NTSTATUS 1912 NTAPI 1913 NtQuerySystemInformation( 1914 IN SYSTEM_INFORMATION_CLASS SystemInformationClass, 1915 IN OUT PVOID SystemInformation, 1916 IN ULONG SystemInformationLength, 1917 OUT PULONG ReturnLength OPTIONAL 1918 ); 1919 1920 NTSYSAPI 1921 NTSTATUS 1922 NTAPI 1923 NtQuerySystemEnvironmentValueEx( 1924 IN ULONG Unknown1, 1925 IN ULONG Unknown2, 1926 IN ULONG Unknown3, 1927 IN ULONG Unknown4, 1928 IN ULONG Unknown5 1929 ); 1930 1931 NTSYSAPI 1932 NTSTATUS 1933 NTAPI 1934 NtQuerySystemEnvironmentValue( 1935 IN PUNICODE_STRING Name, 1936 OUT PVOID Value, 1937 IN ULONG ValueLength, 1938 OUT PULONG ReturnLength OPTIONAL 1939 ); 1940 1941 NTSYSAPI 1942 NTSTATUS 1943 NTAPI 1944 NtQuerySymbolicLinkObject( 1945 IN HANDLE SymbolicLinkHandle, 1946 IN OUT PUNICODE_STRING TargetName, 1947 OUT PULONG ReturnLength OPTIONAL 1948 ); 1949 1950 NTSYSAPI 1951 NTSTATUS 1952 NTAPI 1953 NtQuerySemaphore( 1954 IN HANDLE SemaphoreHandle, 1955 IN SEMAPHORE_INFORMATION_CLASS SemaphoreInformationClass, 1956 OUT PVOID SemaphoreInformation, 1957 IN ULONG SemaphoreInformationLength, 1958 OUT PULONG ResultLength OPTIONAL 1959 ); 1960 1961 NTSYSAPI 1962 NTSTATUS 1963 NTAPI 1964 NtQuerySecurityObject( 1965 IN HANDLE Handle, 1966 IN SECURITY_INFORMATION SecurityInformation, 1967 OUT PSECURITY_DESCRIPTOR SecurityDescriptor, 1968 IN ULONG SecurityDescriptorLength, 1969 OUT PULONG ReturnLength 1970 ); 1971 1972 NTSYSAPI 1973 NTSTATUS 1974 NTAPI 1975 NtQuerySection( 1976 IN HANDLE SectionHandle, 1977 IN SECTION_INFORMATION_CLASS SectionInformationClass, 1978 OUT PVOID SectionInformation, 1979 IN ULONG SectionInformationLength, 1980 OUT PULONG ResultLength OPTIONAL 1981 ); 1982 1983 NTSYSAPI 1984 NTSTATUS 1985 NTAPI 1986 NtQueryQuotaInformationFile( 1987 IN HANDLE FileHandle, 1988 OUT PIO_STATUS_BLOCK IoStatusBlock, 1989 OUT PFILE_USER_QUOTA_INFORMATION Buffer, 1990 IN ULONG BufferLength, 1991 IN BOOLEAN ReturnSingleEntry, 1992 IN PFILE_QUOTA_LIST_INFORMATION QuotaList OPTIONAL, 1993 IN ULONG QuotaListLength, 1994 IN PSID ResumeSid OPTIONAL, 1995 IN BOOLEAN RestartScan 1996 ); 1997 1998 NTSYSAPI 1999 BOOLEAN 2000 NTAPI 2001 NtQueryPortInformationProcess( 2002 VOID 2003 ); 2004 2005 NTSYSAPI 2006 NTSTATUS 2007 NTAPI 2008 NtQueryPerformanceCounter( 2009 OUT PLARGE_INTEGER PerformanceCount, 2010 OUT PLARGE_INTEGER PerformanceFrequency OPTIONAL 2011 ); 2012 2013 NTSYSAPI 2014 NTSTATUS 2015 NTAPI 2016 NtQueryOpenSubKeys( 2017 IN POBJECT_ATTRIBUTES KeyObjectAttributes, 2018 OUT PULONG NumberOfKeys 2019 ); 2020 2021 NTSYSAPI 2022 NTSTATUS 2023 NTAPI 2024 NtQueryObject( 2025 IN HANDLE ObjectHandle, 2026 IN OBJECT_INFORMATION_CLASS ObjectInformationClass, 2027 OUT PVOID ObjectInformation, 2028 IN ULONG ObjectInformationLength, 2029 OUT PULONG ReturnLength OPTIONAL 2030 ); 2031 2032 NTSYSAPI 2033 NTSTATUS 2034 NTAPI 2035 NtQueryMutant( 2036 IN HANDLE MutantHandle, 2037 IN MUTANT_INFORMATION_CLASS MutantInformationClass, 2038 OUT PVOID MutantInformation, 2039 IN ULONG MutantInformationLength, 2040 OUT PULONG ResultLength OPTIONAL 2041 ); 2042 2043 NTSYSAPI 2044 NTSTATUS 2045 NTAPI 2046 NtQueryMultipleValueKey( 2047 IN HANDLE KeyHandle, 2048 IN OUT PKEY_VALUE_ENTRY ValueList, 2049 IN ULONG NumberOfValues, 2050 OUT PVOID Buffer, 2051 IN OUT PULONG Length, 2052 OUT PULONG ReturnLength 2053 ); 2054 2055 NTSYSAPI 2056 NTSTATUS 2057 NTAPI 2058 NtQueryKey( 2059 IN HANDLE KeyHandle, 2060 IN KEY_INFORMATION_CLASS KeyInformationClass, 2061 OUT PVOID KeyInformation, 2062 IN ULONG KeyInformationLength, 2063 OUT PULONG ResultLength 2064 ); 2065 2066 NTSYSAPI 2067 NTSTATUS 2068 NTAPI 2069 NtQueryIoCompletion( 2070 IN HANDLE IoCompletionHandle, 2071 IN IO_COMPLETION_INFORMATION_CLASS IoCompletionInformationClass, 2072 OUT PVOID IoCompletionInformation, 2073 IN ULONG IoCompletionInformationLength, 2074 OUT PULONG ResultLength OPTIONAL 2075 ); 2076 2077 NTSYSAPI 2078 NTSTATUS 2079 NTAPI 2080 NtQueryIntervalProfile( 2081 IN KPROFILE_SOURCE Source, 2082 OUT PULONG Interval 2083 ); 2084 2085 NTSYSAPI 2086 NTSTATUS 2087 NTAPI 2088 NtQueryInstallUILanguage( 2089 OUT PLANGID LanguageId 2090 ); 2091 2092 NTSYSAPI 2093 NTSTATUS 2094 NTAPI 2095 NtQueryInformationToken( 2096 IN HANDLE TokenHandle, 2097 IN TOKEN_INFORMATION_CLASS TokenInformationClass, 2098 OUT PVOID TokenInformation, 2099 IN ULONG TokenInformationLength, 2100 OUT PULONG ReturnLength 2101 ); 2102 2103 NTSYSAPI 2104 NTSTATUS 2105 NTAPI 2106 NtQueryInformationThread( 2107 IN HANDLE ThreadHandle, 2108 IN THREADINFOCLASS ThreadInformationClass, 2109 OUT PVOID ThreadInformation, 2110 IN ULONG ThreadInformationLength, 2111 OUT PULONG ReturnLength OPTIONAL 2112 ); 2113 2114 NTSYSAPI 2115 NTSTATUS 2116 NTAPI 2117 NtQueryInformationProcess( 2118 IN HANDLE ProcessHandle, 2119 IN PROCESSINFOCLASS ProcessInformationClass, 2120 OUT PVOID ProcessInformation, 2121 IN ULONG ProcessInformationLength, 2122 OUT PULONG ReturnLength OPTIONAL 2123 ); 2124 2125 NTSYSAPI 2126 NTSTATUS 2127 NTAPI 2128 NtQueryInformationPort( 2129 IN HANDLE PortHandle, 2130 IN PORT_INFORMATION_CLASS PortInformationClass, 2131 OUT PVOID PortInformation, 2132 IN ULONG PortInformationLength, 2133 OUT PULONG ReturnLength OPTIONAL 2134 ); 2135 2136 NTSYSAPI 2137 NTSTATUS 2138 NTAPI 2139 NtQueryInformationJobObject( 2140 IN HANDLE JobHandle, 2141 IN JOBOBJECTINFOCLASS JobInformationClass, 2142 OUT PVOID JobInformation, 2143 IN ULONG JobInformationLength, 2144 OUT PULONG ReturnLength OPTIONAL 2145 ); 2146 2147 NTSYSAPI 2148 NTSTATUS 2149 NTAPI 2150 NtQueryInformationFile( 2151 IN HANDLE FileHandle, 2152 OUT PIO_STATUS_BLOCK IoStatusBlock, 2153 OUT PVOID FileInformation, 2154 IN ULONG FileInformationLength, 2155 IN FILE_INFORMATION_CLASS FileInformationClass 2156 ); 2157 2158 NTSYSAPI 2159 NTSTATUS 2160 NTAPI 2161 NtQueryInformationAtom( 2162 IN USHORT Atom, 2163 IN ATOM_INFORMATION_CLASS AtomInformationClass, 2164 OUT PVOID AtomInformation, 2165 IN ULONG AtomInformationLength, 2166 OUT PULONG ReturnLength OPTIONAL 2167 ); 2168 2169 NTSYSAPI 2170 NTSTATUS 2171 NTAPI 2172 NtQueryFullAttributesFile( 2173 IN POBJECT_ATTRIBUTES ObjectAttributes, 2174 OUT PFILE_NETWORK_OPEN_INFORMATION FileInformation 2175 ); 2176 2177 NTSYSAPI 2178 NTSTATUS 2179 NTAPI 2180 NtQueryEvent( 2181 IN HANDLE EventHandle, 2182 IN EVENT_INFORMATION_CLASS EventInformationClass, 2183 OUT PVOID EventInformation, 2184 IN ULONG EventInformationLength, 2185 OUT PULONG ResultLength OPTIONAL 2186 ); 2187 2188 NTSYSAPI 2189 NTSTATUS 2190 NTAPI 2191 NtQueryEaFile( 2192 IN HANDLE FileHandle, 2193 OUT PIO_STATUS_BLOCK IoStatusBlock, 2194 OUT PFILE_FULL_EA_INFORMATION Buffer, 2195 IN ULONG BufferLength, 2196 IN BOOLEAN ReturnSingleEntry, 2197 IN PFILE_GET_EA_INFORMATION EaList OPTIONAL, 2198 IN ULONG EaListLength, 2199 IN PULONG EaIndex OPTIONAL, 2200 IN BOOLEAN RestartScan 2201 ); 2202 2203 NTSYSAPI 2204 NTSTATUS 2205 NTAPI 2206 NtQueryDirectoryObject( 2207 IN HANDLE DirectoryHandle, 2208 OUT PVOID Buffer, 2209 IN ULONG BufferLength, 2210 IN BOOLEAN ReturnSingleEntry, 2211 IN BOOLEAN RestartScan, 2212 IN OUT PULONG Context, 2213 OUT PULONG ReturnLength OPTIONAL 2214 ); 2215 2216 NTSYSAPI 2217 NTSTATUS 2218 NTAPI 2219 NtQueryDirectoryFile( 2220 IN HANDLE FileHandle, 2221 IN HANDLE Event OPTIONAL, 2222 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 2223 IN PVOID ApcContext OPTIONAL, 2224 OUT PIO_STATUS_BLOCK IoStatusBlock, 2225 OUT PVOID FileInformation, 2226 IN ULONG FileInformationLength, 2227 IN FILE_INFORMATION_CLASS FileInformationClass, 2228 IN BOOLEAN ReturnSingleEntry, 2229 IN PUNICODE_STRING FileName OPTIONAL, 2230 IN BOOLEAN RestartScan 2231 ); 2232 2233 NTSYSAPI 2234 NTSTATUS 2235 NTAPI 2236 NtQueryDefaultUILanguage( 2237 OUT PLANGID LanguageId 2238 ); 2239 2240 NTSYSAPI 2241 NTSTATUS 2242 NTAPI 2243 NtQueryDefaultLocale( 2244 IN BOOLEAN ThreadOrSystem, 2245 OUT PLCID Locale 2246 ); 2247 2248 NTSYSAPI 2249 NTSTATUS 2250 NTAPI 2251 NtQueryDebugFilterState( 2252 IN ULONG ComponentId, 2253 IN ULONG Level 2254 ); 2255 2256 NTSYSAPI 2257 NTSTATUS 2258 NTAPI 2259 NtQueryBootOptions( 2260 IN ULONG Unknown1, 2261 IN ULONG Unknown2 2262 ); 2263 2264 NTSYSAPI 2265 NTSTATUS 2266 NTAPI 2267 NtQueryBootEntryOrder( 2268 IN ULONG Unknown1, 2269 IN ULONG Unknown2 2270 ); 2271 2272 NTSYSAPI 2273 NTSTATUS 2274 NTAPI 2275 NtQueryAttributesFile( 2276 IN POBJECT_ATTRIBUTES ObjectAttributes, 2277 OUT PFILE_BASIC_INFORMATION FileInformation 2278 ); 2279 2280 NTSYSAPI 2281 NTSTATUS 2282 NTAPI 2283 NtPulseEvent( 2284 IN HANDLE EventHandle, 2285 OUT PULONG PreviousState OPTIONAL 2286 ); 2287 2288 NTSYSAPI 2289 NTSTATUS 2290 NTAPI 2291 NtProtectVirtualMemory( 2292 IN HANDLE ProcessHandle, 2293 IN OUT PVOID *BaseAddress, 2294 IN OUT PULONG ProtectSize, 2295 IN ULONG NewProtect, 2296 OUT PULONG OldProtect 2297 ); 2298 2299 NTSYSAPI 2300 NTSTATUS 2301 NTAPI 2302 NtPrivilegedServiceAuditAlarm( 2303 IN PUNICODE_STRING SubsystemName, 2304 IN PUNICODE_STRING ServiceName, 2305 IN HANDLE TokenHandle, 2306 IN PPRIVILEGE_SET Privileges, 2307 IN BOOLEAN AccessGranted 2308 ); 2309 2310 NTSYSAPI 2311 NTSTATUS 2312 NTAPI 2313 NtPrivilegeObjectAuditAlarm( 2314 IN PUNICODE_STRING SubsystemName, 2315 IN PVOID HandleId, 2316 IN HANDLE TokenHandle, 2317 IN ACCESS_MASK DesiredAccess, 2318 IN PPRIVILEGE_SET Privileges, 2319 IN BOOLEAN AccessGranted 2320 ); 2321 2322 NTSYSAPI 2323 NTSTATUS 2324 NTAPI 2325 NtPrivilegeCheck( 2326 IN HANDLE TokenHandle, 2327 IN PPRIVILEGE_SET RequiredPrivileges, 2328 OUT PBOOLEAN Result 2329 ); 2330 2331 NTSYSAPI 2332 NTSTATUS 2333 NTAPI 2334 NtPowerInformation( 2335 IN POWER_INFORMATION_LEVEL PowerInformationLevel, 2336 IN PVOID InputBuffer OPTIONAL, 2337 IN ULONG InputBufferLength, 2338 OUT PVOID OutputBuffer OPTIONAL, 2339 IN ULONG OutputBufferLength 2340 ); 2341 2342 NTSYSAPI 2343 NTSTATUS 2344 NTAPI 2345 NtPlugPlayControl( 2346 IN ULONG ControlCode, 2347 IN OUT PVOID Buffer, 2348 IN ULONG BufferLength 2349 ); 2350 NTSYSAPI 2351 NTSTATUS 2352 NTAPI 2353 NtPlugPlayControl( 2354 IN ULONG ControlCode, 2355 IN OUT PVOID Buffer, 2356 IN ULONG BufferLength, 2357 IN PVOID Unknown OPTIONAL 2358 ); 2359 2360 NTSYSAPI 2361 NTSTATUS 2362 NTAPI 2363 NtOpenTimer( 2364 OUT PHANDLE TimerHandle, 2365 IN ACCESS_MASK DesiredAccess, 2366 IN POBJECT_ATTRIBUTES ObjectAttributes 2367 ); 2368 2369 NTSYSAPI 2370 NTSTATUS 2371 NTAPI 2372 NtOpenThreadTokenEx( 2373 IN HANDLE ThreadHandle, 2374 IN ACCESS_MASK DesiredAccess, 2375 IN BOOLEAN OpenAsSelf, 2376 IN ULONG HandleAttributes, 2377 OUT PHANDLE TokenHandle 2378 ); 2379 2380 NTSYSAPI 2381 NTSTATUS 2382 NTAPI 2383 NtOpenThreadToken( 2384 IN HANDLE ThreadHandle, 2385 IN ACCESS_MASK DesiredAccess, 2386 IN BOOLEAN OpenAsSelf, 2387 OUT PHANDLE TokenHandle 2388 ); 2389 2390 NTSYSAPI 2391 NTSTATUS 2392 NTAPI 2393 NtOpenThread( 2394 OUT PHANDLE ThreadHandle, 2395 IN ACCESS_MASK DesiredAccess, 2396 IN POBJECT_ATTRIBUTES ObjectAttributes, 2397 IN PCLIENT_ID ClientId 2398 ); 2399 2400 NTSYSAPI 2401 NTSTATUS 2402 NTAPI 2403 NtOpenSymbolicLinkObject( 2404 OUT PHANDLE SymbolicLinkHandle, 2405 IN ACCESS_MASK DesiredAccess, 2406 IN POBJECT_ATTRIBUTES ObjectAttributes 2407 ); 2408 2409 NTSYSAPI 2410 NTSTATUS 2411 NTAPI 2412 NtOpenSemaphore( 2413 OUT PHANDLE SemaphoreHandle, 2414 IN ACCESS_MASK DesiredAccess, 2415 IN POBJECT_ATTRIBUTES ObjectAttributes 2416 ); 2417 2418 NTSYSAPI 2419 NTSTATUS 2420 NTAPI 2421 NtOpenSection( 2422 OUT PHANDLE SectionHandle, 2423 IN ACCESS_MASK DesiredAccess, 2424 IN POBJECT_ATTRIBUTES ObjectAttributes 2425 ); 2426 2427 NTSYSAPI 2428 NTSTATUS 2429 NTAPI 2430 NtOpenProcessTokenEx( 2431 IN HANDLE ProcessHandle, 2432 IN ACCESS_MASK DesiredAccess, 2433 IN ULONG HandleAttributes, 2434 OUT PHANDLE TokenHandle 2435 ); 2436 2437 NTSYSAPI 2438 NTSTATUS 2439 NTAPI 2440 NtOpenProcessToken( 2441 IN HANDLE ProcessHandle, 2442 IN ACCESS_MASK DesiredAccess, 2443 OUT PHANDLE TokenHandle 2444 ); 2445 2446 NTSYSAPI 2447 NTSTATUS 2448 NTAPI 2449 NtOpenProcess( 2450 OUT PHANDLE ProcessHandle, 2451 IN ACCESS_MASK DesiredAccess, 2452 IN POBJECT_ATTRIBUTES ObjectAttributes, 2453 IN PCLIENT_ID ClientId OPTIONAL 2454 ); 2455 2456 NTSYSAPI 2457 NTSTATUS 2458 NTAPI 2459 NtOpenObjectAuditAlarm( 2460 IN PUNICODE_STRING SubsystemName, 2461 IN PVOID *HandleId, 2462 IN PUNICODE_STRING ObjectTypeName, 2463 IN PUNICODE_STRING ObjectName, 2464 IN PSECURITY_DESCRIPTOR SecurityDescriptor, 2465 IN HANDLE TokenHandle, 2466 IN ACCESS_MASK DesiredAccess, 2467 IN ACCESS_MASK GrantedAccess, 2468 IN PPRIVILEGE_SET Privileges OPTIONAL, 2469 IN BOOLEAN ObjectCreation, 2470 IN BOOLEAN AccessGranted, 2471 OUT PBOOLEAN GenerateOnClose 2472 ); 2473 2474 NTSYSAPI 2475 NTSTATUS 2476 NTAPI 2477 NtOpenMutant( 2478 OUT PHANDLE MutantHandle, 2479 IN ACCESS_MASK DesiredAccess, 2480 IN POBJECT_ATTRIBUTES ObjectAttributes 2481 ); 2482 2483 NTSYSAPI 2484 NTSTATUS 2485 NTAPI 2486 NtOpenKeyedEvent( 2487 OUT PHANDLE KeyedEventHandle, 2488 IN ACCESS_MASK DesiredAccess, 2489 IN POBJECT_ATTRIBUTES ObjectAttributes 2490 ); 2491 2492 NTSYSAPI 2493 NTSTATUS 2494 NTAPI 2495 NtOpenKey( 2496 OUT PHANDLE KeyHandle, 2497 IN ACCESS_MASK DesiredAccess, 2498 IN POBJECT_ATTRIBUTES ObjectAttributes 2499 ); 2500 2501 NTSYSAPI 2502 NTSTATUS 2503 NTAPI 2504 NtOpenJobObject( 2505 OUT PHANDLE JobHandle, 2506 IN ACCESS_MASK DesiredAccess, 2507 IN POBJECT_ATTRIBUTES ObjectAttributes 2508 ); 2509 2510 NTSYSAPI 2511 NTSTATUS 2512 NTAPI 2513 NtOpenIoCompletion( 2514 OUT PHANDLE IoCompletionHandle, 2515 IN ACCESS_MASK DesiredAccess, 2516 IN POBJECT_ATTRIBUTES ObjectAttributes 2517 ); 2518 2519 NTSYSAPI 2520 NTSTATUS 2521 NTAPI 2522 NtOpenFile( 2523 OUT PHANDLE FileHandle, 2524 IN ACCESS_MASK DesiredAccess, 2525 IN POBJECT_ATTRIBUTES ObjectAttributes, 2526 OUT PIO_STATUS_BLOCK IoStatusBlock, 2527 IN ULONG ShareAccess, 2528 IN ULONG OpenOptions 2529 ); 2530 2531 NTSYSAPI 2532 NTSTATUS 2533 NTAPI 2534 NtOpenEventPair( 2535 OUT PHANDLE EventPairHandle, 2536 IN ACCESS_MASK DesiredAccess, 2537 IN POBJECT_ATTRIBUTES ObjectAttributes 2538 ); 2539 2540 NTSYSAPI 2541 NTSTATUS 2542 NTAPI 2543 NtOpenEvent( 2544 OUT PHANDLE EventHandle, 2545 IN ACCESS_MASK DesiredAccess, 2546 IN POBJECT_ATTRIBUTES ObjectAttributes 2547 ); 2548 2549 NTSYSAPI 2550 NTSTATUS 2551 NTAPI 2552 NtOpenDirectoryObject( 2553 OUT PHANDLE DirectoryHandle, 2554 IN ACCESS_MASK DesiredAccess, 2555 IN POBJECT_ATTRIBUTES ObjectAttributes 2556 ); 2557 2558 2559 NTSYSAPI 2560 NTSTATUS 2561 NTAPI 2562 NtNotifyChangeMultipleKeys( 2563 IN HANDLE KeyHandle, 2564 IN ULONG Flags, 2565 IN POBJECT_ATTRIBUTES KeyObjectAttributes, 2566 IN HANDLE EventHandle OPTIONAL, 2567 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 2568 IN PVOID ApcContext OPTIONAL, 2569 OUT PIO_STATUS_BLOCK IoStatusBlock, 2570 IN ULONG NotifyFilter, 2571 IN BOOLEAN WatchSubtree, 2572 IN PVOID Buffer, 2573 IN ULONG BufferLength, 2574 IN BOOLEAN Asynchronous 2575 ); 2576 2577 NTSYSAPI 2578 NTSTATUS 2579 NTAPI 2580 NtNotifyChangeKey( 2581 IN HANDLE KeyHandle, 2582 IN HANDLE EventHandle OPTIONAL, 2583 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 2584 IN PVOID ApcContext OPTIONAL, 2585 OUT PIO_STATUS_BLOCK IoStatusBlock, 2586 IN ULONG NotifyFilter, 2587 IN BOOLEAN WatchSubtree, 2588 IN PVOID Buffer, 2589 IN ULONG BufferLength, 2590 IN BOOLEAN Asynchronous 2591 ); 2592 2593 NTSYSAPI 2594 NTSTATUS 2595 NTAPI 2596 NtNotifyChangeDirectoryFile( 2597 IN HANDLE FileHandle, 2598 IN HANDLE Event OPTIONAL, 2599 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 2600 IN PVOID ApcContext OPTIONAL, 2601 OUT PIO_STATUS_BLOCK IoStatusBlock, 2602 OUT PFILE_NOTIFY_INFORMATION Buffer, 2603 IN ULONG BufferLength, 2604 IN ULONG NotifyFilter, 2605 IN BOOLEAN WatchSubtree 2606 ); 2607 2608 NTSYSAPI 2609 NTSTATUS 2610 NTAPI 2611 NtModifyDriverEntry( 2612 IN PUNICODE_STRING DriverName, 2613 IN PUNICODE_STRING DriverPath 2614 ); 2615 2616 NTSYSAPI 2617 NTSTATUS 2618 NTAPI 2619 NtModifyBootEntry( 2620 IN PUNICODE_STRING EntryName, 2621 IN PUNICODE_STRING EntryValue 2622 ); 2623 2624 NTSYSAPI 2625 NTSTATUS 2626 NTAPI 2627 NtMapViewOfSection( 2628 IN HANDLE SectionHandle, 2629 IN HANDLE ProcessHandle, 2630 IN OUT PVOID *BaseAddress, 2631 IN ULONG ZeroBits, 2632 IN ULONG CommitSize, 2633 IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, 2634 IN OUT PULONG ViewSize, 2635 IN SECTION_INHERIT InheritDisposition, 2636 IN ULONG AllocationType, 2637 IN ULONG Protect 2638 ); 2639 2640 NTSYSAPI 2641 NTSTATUS 2642 NTAPI 2643 NtMapUserPhysicalPagesScatter( 2644 IN PVOID *BaseAddresses, 2645 IN PULONG NumberOfPages, 2646 IN PULONG PageFrameNumbers 2647 ); 2648 2649 NTSYSAPI 2650 NTSTATUS 2651 NTAPI 2652 NtMapUserPhysicalPages( 2653 IN PVOID BaseAddress, 2654 IN PULONG NumberOfPages, 2655 IN PULONG PageFrameNumbers 2656 ); 2657 2658 NTSYSAPI 2659 NTSTATUS 2660 NTAPI 2661 NtMakeTemporaryObject( 2662 IN HANDLE Handle 2663 ); 2664 2665 NTSYSAPI 2666 NTSTATUS 2667 NTAPI 2668 NtMakePermanentObject( 2669 IN HANDLE Object 2670 ); 2671 2672 NTSYSAPI 2673 NTSTATUS 2674 NTAPI 2675 NtLockVirtualMemory( 2676 IN HANDLE ProcessHandle, 2677 IN OUT PVOID *BaseAddress, 2678 IN OUT PULONG LockSize, 2679 IN ULONG LockType 2680 ); 2681 2682 NTSYSAPI 2683 NTSTATUS 2684 NTAPI 2685 NtLockRegistryKey( 2686 IN HANDLE Key 2687 ); 2688 2689 NTSYSAPI 2690 NTSTATUS 2691 NTAPI 2692 NtLockProductActivationKeys( 2693 IN OUT PULONG ProductBuild OPTIONAL, 2694 OUT PSAFEBOOT_MODE InitSafeBootMode OPTIONAL 2695 ); 2696 2697 NTSYSAPI 2698 NTSTATUS 2699 NTAPI 2700 NtLockFile( 2701 IN HANDLE FileHandle, 2702 IN HANDLE Event OPTIONAL, 2703 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 2704 IN PVOID ApcContext OPTIONAL, 2705 OUT PIO_STATUS_BLOCK IoStatusBlock, 2706 IN PULARGE_INTEGER LockOffset, 2707 IN PULARGE_INTEGER LockLength, 2708 IN ULONG Key, 2709 IN BOOLEAN FailImmediately, 2710 IN BOOLEAN ExclusiveLock 2711 ); 2712 2713 NTSYSAPI 2714 NTSTATUS 2715 NTAPI 2716 NtLoadKey2( 2717 IN POBJECT_ATTRIBUTES KeyObjectAttributes, 2718 IN POBJECT_ATTRIBUTES FileObjectAttributes, 2719 IN ULONG Flags 2720 ); 2721 2722 NTSYSAPI 2723 NTSTATUS 2724 NTAPI 2725 NtLoadKey( 2726 IN POBJECT_ATTRIBUTES KeyObjectAttributes, 2727 IN POBJECT_ATTRIBUTES FileObjectAttributes 2728 ); 2729 2730 NTSYSAPI 2731 NTSTATUS 2732 NTAPI 2733 NtLoadDriver( 2734 IN PUNICODE_STRING DriverServiceName 2735 ); 2736 2737 NTSYSAPI 2738 NTSTATUS 2739 NTAPI 2740 NtListenPort( 2741 IN HANDLE PortHandle, 2742 OUT PPORT_MESSAGE Message 2743 ); 2744 2745 2746 NTSYSAPI 2747 NTSTATUS 2748 NTAPI 2749 NtFreeUserPhysicalPages( 2750 IN HANDLE ProcessHandle, 2751 IN OUT PULONG NumberOfPages, 2752 IN PULONG PageFrameNumbers 2753 ); 2754 2755 NTSYSAPI 2756 NTSTATUS 2757 NTAPI 2758 NtFreeVirtualMemory( 2759 IN HANDLE ProcessHandle, 2760 IN OUT PVOID *BaseAddress, 2761 IN OUT PULONG FreeSize, 2762 IN ULONG FreeType 2763 ); 2764 2765 NTSYSAPI 2766 NTSTATUS 2767 NTAPI 2768 NtFsControlFile( 2769 IN HANDLE FileHandle, 2770 IN HANDLE Event OPTIONAL, 2771 IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, 2772 IN PVOID ApcContext OPTIONAL, 2773 OUT PIO_STATUS_BLOCK IoStatusBlock, 2774 IN ULONG FsControlCode, 2775 IN PVOID InputBuffer OPTIONAL, 2776 IN ULONG InputBufferLength, 2777 OUT PVOID OutputBuffer OPTIONAL, 2778 IN ULONG OutputBufferLength 2779 ); 2780 2781 NTSYSAPI 2782 NTSTATUS 2783 NTAPI 2784 NtGetContextThread( 2785 IN HANDLE ThreadHandle, 2786 OUT PCONTEXT Context 2787 ); 2788 2789 NTSYSAPI 2790 NTSTATUS 2791 NTAPI 2792 NtGetDevicePowerState( 2793 IN HANDLE DeviceHandle, 2794 OUT PDEVICE_POWER_STATE DevicePowerState 2795 ); 2796 2797 NTSYSAPI 2798 NTSTATUS 2799 NTAPI 2800 NtGetPlugPlayEvent( 2801 IN ULONG Reserved1, 2802 IN ULONG Reserved2, 2803 OUT PVOID Buffer, 2804 IN ULONG BufferLength 2805 ); 2806 2807 NTSYSAPI 2808 NTSTATUS 2809 NTAPI 2810 NtGetWriteWatch( 2811 IN HANDLE ProcessHandle, 2812 IN ULONG Flags, 2813 IN PVOID BaseAddress, 2814 IN ULONG RegionSize, 2815 OUT PULONG Buffer, 2816 IN OUT PULONG BufferEntries, 2817 OUT PULONG Granularity 2818 ); 2819 2820 NTSYSAPI 2821 NTSTATUS 2822 NTAPI 2823 NtImpersonateAnonymousToken( 2824 IN HANDLE ThreadHandle 2825 ); 2826 2827 NTSYSAPI 2828 NTSTATUS 2829 NTAPI 2830 NtImpersonateClientOfPort( 2831 IN HANDLE PortHandle, 2832 IN PPORT_MESSAGE Message 2833 ); 2834 2835 NTSYSAPI 2836 NTSTATUS 2837 NTAPI 2838 NtImpersonateThread( 2839 IN HANDLE ThreadHandle, 2840 IN HANDLE TargetThreadHandle, 2841 IN PSECURITY_QUALITY_OF_SERVICE SecurityQos 2842 ); 2843 2844 NTSYSAPI 2845 NTSTATUS 2846 NTAPI 2847 NtInitializeRegistry( 2848 IN BOOLEAN Setup 2849 ); 2850 2851 NTSYSAPI 2852 NTSTATUS 2853 NTAPI 2854 NtInitiatePowerAction( 2855 IN POWER_ACTION SystemAction, 2856 IN SYSTEM_POWER_STATE MinSystemState, 2857 IN ULONG Flags, 2858 IN BOOLEAN Asynchronous 2859 ); 2860 2861 NTSYSAPI 2862 NTSTATUS 2863 NTAPI 2864 NtIsProcessInJob( 2865 IN HANDLE ProcessHandle, 2866 IN HANDLE JobHandle OPTIONAL 2867 ); 2868 2869 NTSYSAPI 2870 BOOLEAN 2871 NTAPI 2872 NtIsSystemResumeAutomatic( 2873 VOID 2874 );