1 SVC_(AcceptConnectPort, 6)
5 SVC_(AccessCheckByTypeAndAuditAlarm, 16)
7 SVC_(AccessCheckByTypeResultListAndAuditAlarm, 16)
8 SVC_(AccessCheckByTypeResultListAndAuditAlarmByHandle, 17)
11 SVC_(AddDriverEntry, 2)
12 SVC_(AdjustGroupsToken, 6)
13 SVC_(AdjustPrivilegesToken, 6)
14 SVC_(AlertResumeThread, 2)
18 SVC_(AllocateUuids, 4)
19 SVC_(AllocateVirtualMemory, 6)
20 SVC_(ApphelpCacheControl, 2)
21 SVC_(AreMappedFilesTheSame, 2)
23 SVC_(CallbackReturn, 3)
29 SVC_(CloseObjectAuditAlarm, 3)
31 SVC_(CompareTokens, 3)
32 SVC_(CompleteConnectPort, 1)
36 SVC_(CreateDebugObject, 4)
37 SVC_(CreateDirectoryObject, 3)
39 SVC_(CreateEventPair, 3)
41 SVC_(CreateIoCompletion, 4)
42 SVC_(CreateJobObject, 3)
45 SVC_(CreateMailslotFile, 8)
47 SVC_(CreateNamedPipeFile, 14)
48 SVC_(CreatePagingFile, 4)
51 SVC_(CreateProcessEx, 9)
53 SVC_(CreateSection, 7)
55 SVC_(CreateSymbolicLinkObject, 4)
59 SVC_(CreateWaitablePort, 5)
61 SVC_(DebugContinue, 3)
64 SVC_(DeleteBootEntry, 1)
65 SVC_(DeleteDriverEntry, 1)
68 SVC_(DeleteObjectAuditAlarm, 3)
69 SVC_(DeleteValueKey, 2)
70 SVC_(DeviceIoControlFile, 10)
72 SVC_(DuplicateObject, 7)
74 SVC_(EnumerateBootEntries, 2)
75 SVC_(EnumerateDriverEntries, 2)
77 SVC_(EnumerateSystemEnvironmentValuesEx, 3)
78 SVC_(EnumerateValueKey, 6)
79 SVC_(ExtendSection, 2)
82 SVC_(FlushBuffersFile, 2)
85 SVC_(FlushVirtualMemory, 4)
86 SVC_(FlushWriteBuffer, 0)
88 SVC_(FreeVirtualMemory, 4)
89 SVC_(FsControlFile, 10)
90 SVC_(GetContextThread, 2)
92 SVC_(GetPlugPlayEvent, 4)
95 SVC_(ImpersonateClientOfPort, 2)
96 SVC_(ImpersonateThread, 3)
97 SVC_(InitializeRegistry, 1)
98 SVC_(InitiatePowerAction, 4)
107 SVC_(LockProductActivationKeys, 2)
108 SVC_(LockRegistryKey, 1)
109 SVC_(LockVirtualMemory, 4)
110 SVC_(MakePermanentObject, 1)
111 SVC_(MakeTemporaryObject, 1)
114 SVC_(MapViewOfSection, 10)
115 SVC_(ModifyBootEntry, 1)
116 SVC_(ModifyDriverEntry, 1)
117 SVC_(NotifyChangeDirectoryFile, 9)
118 SVC_(NotifyChangeKey, 10)
119 SVC_(NotifyChangeMultipleKeys, 12)
120 SVC_(OpenDirectoryObject, 3)
122 SVC_(OpenEventPair, 3)
124 SVC_(OpenIoCompletion, 3)
125 SVC_(OpenJobObject, 3)
128 SVC_(OpenObjectAuditAlarm, 12)
131 SVC_(OpenProcessTokenEx, 4)
134 SVC_(OpenSymbolicLinkObject, 3)
137 SVC_(OpenThreadTokenEx, 5)
139 SVC_(PlugPlayControl, 3)
140 SVC_(PowerInformation, 5)
142 SVC_(PrivilegeObjectAuditAlarm, 6)
144 SVC_(ProtectVirtualMemory, 5)
146 SVC_(QueryAttributesFile, 2)
147 SVC_(QueryBootEntryOrder, 2)
148 SVC_(QueryBootOptions, 2)
149 SVC_(QueryDebugFilterState, 2)
150 SVC_(QueryDefaultLocale, 2)
151 SVC_(QueryDefaultUILanguage, 1)
152 SVC_(QueryDirectoryFile, 11)
153 SVC_(QueryDirectoryObject, 7)
154 SVC_(QueryDriverEntryOrder, 2)
157 SVC_(QueryFullAttributesFile, 2)
158 SVC_(QueryInformationAtom, 5)
159 SVC_(QueryInformationFile, 5)
161 SVC_(QueryInformationPort, 5)
162 SVC_(QueryInformationProcess, 5)
163 SVC_(QueryInformationThread, 5)
164 SVC_(QueryInformationToken, 5)
165 SVC_(QueryInstallUILanguage, 1)
166 SVC_(QueryIntervalProfile, 2)
167 SVC_(QueryIoCompletion, 5)
169 SVC_(QueryMultipleValueKey, 6)
172 SVC_(QueryOpenSubKeys, 2)
173 SVC_(QueryOpenSubKeysEx, 4)
175 SVC_(QueryQuotaInformationFile, 9)
176 SVC_(QuerySection, 5)
177 SVC_(QuerySecurityObject, 5)
178 SVC_(QuerySemaphore, 5)
179 SVC_(QuerySymbolicLinkObject, 3)
180 SVC_(QuerySystemEnvironmentValue, 4)
181 SVC_(QuerySystemEnvironmentValueEx, 5)
182 SVC_(QuerySystemInformation, 4)
183 SVC_(QuerySystemTime, 1)
185 SVC_(QueryTimerResolution, 3)
186 SVC_(QueryValueKey, 6)
188 SVC_(QueryVolumeInformationFile, 5)
189 SVC_(QueueApcThread, 5)
191 SVC_(RaiseHardError, 6)
194 SVC_(ReadRequestData, 6)
195 SVC_(ReadVirtualMemory, 5)
196 SVC_(RegisterThreadTerminatePort, 1)
197 SVC_(ReleaseMutant, 2)
199 SVC_(RemoveIoCompletion, 5)
200 SVC_(RemoveProcessDebug, 2)
204 SVC_(ReplyWaitReceivePort, 4)
205 SVC_(ReplyWaitReceivePortEx, 5)
206 SVC_(ReplyWaitReplyPort, 2)
209 SVC_(RequestWaitReplyPort, 3)
214 SVC_(ResumeProcess, 1)
218 SVC_(SaveMergedKeys, 3)
219 SVC_(SecureConnectPort, 9)
220 SVC_(SetBootEntryOrder, 2)
221 SVC_(SetBootOptions, 2)
222 SVC_(SetContextThread, 2)
223 SVC_(SetDebugFilterState, 3)
224 SVC_(SetDefaultHardErrorPort, 1)
225 SVC_(SetDefaultLocale, 2)
226 SVC_(SetDefaultUILanguage, 1)
227 SVC_(SetDriverEntryOrder, 2)
230 SVC_(SetEventBoostPriority, 1)
231 SVC_(SetHighEventPair, 1)
232 SVC_(SetHighWaitLowEventPair, 1)
233 SVC_(SetInformationDebugObject, 5)
234 SVC_(SetInformationFile, 5)
236 SVC_(SetInformationKey, 4)
237 SVC_(SetInformationObject, 4)
238 SVC_(SetInformationProcess, 4)
239 SVC_(SetInformationThread, 4)
240 SVC_(SetInformationToken, 4)
241 SVC_(SetIntervalProfile, 2)
242 SVC_(SetIoCompletion, 5)
243 SVC_(SetLdtEntries, 6)
244 SVC_(SetLowEventPair, 1)
245 SVC_(SetLowWaitHighEventPair, 1)
246 SVC_(SetQuotaInformationFile, 4)
247 SVC_(SetSecurityObject, 3)
248 SVC_(SetSystemEnvironmentValue, 2)
249 SVC_(SetSystemEnvironmentValueEx, 5)
250 SVC_(SetSystemInformation, 3)
255 SVC_(SetTimerResolution, 3)
258 SVC_(SetVolumeInformationFile, 5)
260 SVC_(SignalAndWaitForSingleObject, 4)
261 SVC_(StartProfile, 1)
263 SVC_(SuspendProcess, 1)
265 SVC_(SystemDebugControl, 6)
271 SVC_(TranslateFilePath, 4)
272 SVC_(UnloadDriver, 1)
277 SVC_(UnlockVirtualMemory, 4)
278 SVC_(UnmapViewOfSection, 2)
283 SVC_(WaitHighEventPair, 1)
284 SVC_(WaitLowEventPair, 1)
287 SVC_(WriteRequestData, 6)
288 SVC_(WriteVirtualMemory, 5)
289 SVC_(YieldExecution, 0)
290 SVC_(CreateKeyedEvent, 4)
291 SVC_(OpenKeyedEvent, 3)
292 SVC_(ReleaseKeyedEvent, 4)
293 SVC_(WaitForKeyedEvent, 4)
294 SVC_(QueryPortInformationProcess, 0)
295 SVC_(GetCurrentProcessorNumber, 0)
296 SVC_(WaitForMultipleObjects32, 5)
static VOID FilterToken(VOID)
VOID DisplayString(LPWSTR Msg)
BOOL DeleteKey(HWND hwnd, HKEY hKeyRoot, LPCWSTR keyPath)
LONG RenameKey(HKEY hKey, LPCWSTR lpSubKey, LPCWSTR lpNewName)
BOOL WINAPI ImpersonateAnonymousToken(IN HANDLE ThreadHandle)
BOOL WINAPI PrivilegeCheck(HANDLE ClientToken, PPRIVILEGE_SET RequiredPrivileges, LPBOOL pfResult)
BOOL WINAPI OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle)
BOOL WINAPI DuplicateToken(IN HANDLE ExistingTokenHandle, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, OUT PHANDLE DuplicateTokenHandle)
BOOL WINAPI AccessCheckByType(_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ HANDLE ClientToken, _In_ DWORD DesiredAccess, _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ DWORD ObjectTypeListLength, _In_ PGENERIC_MAPPING GenericMapping, _Out_writes_bytes_(*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet, _Inout_ LPDWORD PrivilegeSetLength, _Out_ LPDWORD GrantedAccess, _Out_ LPBOOL AccessStatus)
Determines whether security access can be granted to a client that requests such access on the object...
BOOL WINAPI AccessCheckByTypeResultList(_In_ PSECURITY_DESCRIPTOR pSecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ HANDLE ClientToken, _In_ DWORD DesiredAccess, _In_reads_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ DWORD ObjectTypeListLength, _In_ PGENERIC_MAPPING GenericMapping, _Out_writes_bytes_(*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet, _Inout_ LPDWORD PrivilegeSetLength, _Out_writes_(ObjectTypeListLength) LPDWORD GrantedAccess, _Out_writes_(ObjectTypeListLength) LPBOOL AccessStatus)
Determines whether security access can be granted to a client that requests such access on the object...
BOOL WINAPI AllocateLocallyUniqueId(PLUID Luid)
BOOL WINAPI OpenThreadToken(HANDLE ThreadHandle, DWORD DesiredAccess, BOOL OpenAsSelf, HANDLE *TokenHandle)
BOOL WINAPI AccessCheck(IN PSECURITY_DESCRIPTOR pSecurityDescriptor, IN HANDLE ClientToken, IN DWORD DesiredAccess, IN PGENERIC_MAPPING GenericMapping, OUT PPRIVILEGE_SET PrivilegeSet OPTIONAL, IN OUT LPDWORD PrivilegeSetLength, OUT LPDWORD GrantedAccess, OUT LPBOOL AccessStatus)
#define ReadFile(a, b, c, d, e)
ATOM WINAPI DeleteAtom(ATOM nAtom)
BOOL WINAPI DebugActiveProcess(IN DWORD dwProcessId)
BOOL WINAPI WaitForDebugEvent(IN LPDEBUG_EVENT lpDebugEvent, IN DWORD dwMilliseconds)
VOID WINAPI RaiseException(_In_ DWORD dwExceptionCode, _In_ DWORD dwExceptionFlags, _In_ DWORD nNumberOfArguments, _In_opt_ const ULONG_PTR *lpArguments)
HFILE WINAPI OpenFile(LPCSTR lpFileName, LPOFSTRUCT lpReOpenBuff, UINT uStyle)
BOOL WINAPI UnlockFile(IN HANDLE hFile, IN DWORD dwFileOffsetLow, IN DWORD dwFileOffsetHigh, IN DWORD nNumberOfBytesToUnlockLow, IN DWORD nNumberOfBytesToUnlockHigh)
BOOL WINAPI LockFile(IN HANDLE hFile, IN DWORD dwFileOffsetLow, IN DWORD dwFileOffsetHigh, IN DWORD nNumberOfBytesToLockLow, IN DWORD nNumberOfBytesToLockHigh)
BOOL WINAPI WriteFileGather(HANDLE hFile, FILE_SEGMENT_ELEMENT aSegmentArray[], DWORD nNumberOfBytesToWrite, LPDWORD lpReserved, LPOVERLAPPED lpOverlapped)
BOOL WINAPI ReadFileScatter(HANDLE hFile, FILE_SEGMENT_ELEMENT aSegmentArray[], DWORD nNumberOfBytesToRead, LPDWORD lpReserved, LPOVERLAPPED lpOverlapped)
BOOL WINAPI WriteFile(IN HANDLE hFile, IN LPCVOID lpBuffer, IN DWORD nNumberOfBytesToWrite OPTIONAL, OUT LPDWORD lpNumberOfBytesWritten, IN LPOVERLAPPED lpOverlapped OPTIONAL)
BOOL WINAPI QueryInformationJobObject(IN HANDLE hJob, IN JOBOBJECTINFOCLASS JobObjectInformationClass, IN LPVOID lpJobObjectInformation, IN DWORD cbJobObjectInformationLength, OUT LPDWORD lpReturnLength)
BOOL WINAPI AssignProcessToJobObject(IN HANDLE hJob, IN HANDLE hProcess)
BOOL WINAPI CreateJobSet(IN ULONG NumJob, IN PJOB_SET_ARRAY UserJobSet, IN ULONG Flags)
BOOL WINAPI IsProcessInJob(IN HANDLE ProcessHandle, IN HANDLE JobHandle, OUT PBOOL Result)
BOOL WINAPI SetInformationJobObject(IN HANDLE hJob, IN JOBOBJECTINFOCLASS JobObjectInformationClass, IN LPVOID lpJobObjectInformation, IN DWORD cbJobObjectInformationLength)
BOOL WINAPI TerminateJobObject(IN HANDLE hJob, IN UINT uExitCode)
BOOL WINAPI QueryPerformanceCounter(OUT PLARGE_INTEGER lpPerformanceCount)
BOOL WINAPI RequestWakeupLatency(IN LATENCY_TIME latency)
BOOL WINAPI RequestDeviceWakeup(IN HANDLE hDevice)
BOOL WINAPI SetSystemPowerState(IN BOOL fSuspend, IN BOOL fForce)
BOOL WINAPI CancelDeviceWakeupRequest(IN HANDLE hDevice)
EXECUTION_STATE WINAPI SetThreadExecutionState(EXECUTION_STATE esFlags)
BOOL WINAPI FlushInstructionCache(IN HANDLE hProcess, IN LPCVOID lpBaseAddress, IN SIZE_T nSize)
BOOL WINAPI TerminateProcess(IN HANDLE hProcess, IN UINT uExitCode)
HANDLE WINAPI OpenProcess(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN DWORD dwProcessId)
DWORD WINAPI ResumeThread(IN HANDLE hThread)
DWORD WINAPI SuspendThread(IN HANDLE hThread)
HANDLE WINAPI OpenThread(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN DWORD dwThreadId)
HANDLE WINAPI DECLSPEC_HOTPATCH CreateThread(IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN DWORD dwStackSize, IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter, IN DWORD dwCreationFlags, OUT LPDWORD lpThreadId)
BOOL WINAPI TerminateThread(IN HANDLE hThread, IN DWORD dwExitCode)
BOOL WINAPI SetSystemTime(IN CONST SYSTEMTIME *lpSystemTime)
MIXER_STATUS OpenKey(IN HANDLE hKey, IN LPWSTR SubKey, IN ULONG DesiredAccess, OUT PHANDLE OutKey)
EXTERN_C ULONG WMIAPI TraceEvent(IN TRACEHANDLE TraceHandle, IN PEVENT_TRACE_HEADER EventTrace)
return pDevice GetDevicePowerState()
return pRequest CreateTimer()
static LONG WINAPI CreateKey(HANDLE hcKey, LPCWSTR pszSubKey, DWORD dwOptions, REGSAM samDesired, PSECURITY_ATTRIBUTES pSecurityAttributes, PHANDLE phckResult, PDWORD pdwDisposition, HANDLE hSpooler)
BOOL CreateProfile(IN OUT PGINA_CONTEXT pgContext, IN PWSTR UserName, IN PWSTR Domain, IN PWSTR Password)
#define SVC_(name, argcount)
DWORD WINAPI WaitForMultipleObjects(IN DWORD nCount, IN CONST HANDLE *lpHandles, IN BOOL bWaitAll, IN DWORD dwMilliseconds)
DWORD WINAPI WaitForSingleObject(IN HANDLE hHandle, IN DWORD dwMilliseconds)
BOOL WINAPI DECLSPEC_HOTPATCH PulseEvent(IN HANDLE hEvent)
BOOL WINAPI DECLSPEC_HOTPATCH SetEvent(IN HANDLE hEvent)
BOOL WINAPI DECLSPEC_HOTPATCH ResetEvent(IN HANDLE hEvent)
BOOL WINAPI DECLSPEC_HOTPATCH ReleaseSemaphore(IN HANDLE hSemaphore, IN LONG lReleaseCount, IN LPLONG lpPreviousCount)
UINT WINAPI GetWriteWatch(IN DWORD dwFlags, IN PVOID lpBaseAddress, IN SIZE_T dwRegionSize, IN PVOID *lpAddresses, OUT PULONG_PTR lpdwCount, OUT PULONG lpdwGranularity)
BOOL WINAPI FreeUserPhysicalPages(IN HANDLE hProcess, IN PULONG_PTR NumberOfPages, IN PULONG_PTR PageArray)
BOOL WINAPI AllocateUserPhysicalPages(IN HANDLE hProcess, IN PULONG_PTR NumberOfPages, OUT PULONG_PTR UserPfnArray)
BOOL WINAPI MapUserPhysicalPages(IN PVOID VirtualAddress, IN ULONG_PTR NumberOfPages, OUT PULONG_PTR PageArray OPTIONAL)
BOOL WINAPI MapUserPhysicalPagesScatter(IN PVOID *VirtualAddresses, IN ULONG_PTR NumberOfPages, OUT PULONG_PTR PageArray OPTIONAL)
UINT WINAPI ResetWriteWatch(IN LPVOID lpBaseAddress, IN SIZE_T dwRegionSize)
BOOL WINAPI IsSystemResumeAutomatic(void)
#define AccessCheckAndAuditAlarm
#define PrivilegedServiceAuditAlarm
UINT_PTR WINAPI SetTimer(_In_opt_ HWND, _In_ UINT_PTR, _In_ UINT, _In_opt_ TIMERPROC)
1.9.6