windows 8 系统SSDT函数
COUNT: 000001A9SSTD Function List
--------------------------------------------------------------------------------------
ADDR:81151438 | NtYieldExecution
--------------------------------------------------------------------------------------
ADDR:813A7064 | NtWriteVirtualMemory
--------------------------------------------------------------------------------------
ADDR:8138DC4F | NtWriteRequestData
--------------------------------------------------------------------------------------
ADDR:81340D39 | NtWriteFileGather
--------------------------------------------------------------------------------------
ADDR:81340519 | NtWriteFile
--------------------------------------------------------------------------------------
ADDR:81205E67 | NtWorkerFactoryWorkerReady
--------------------------------------------------------------------------------------
ADDR:814A35D3 | NtWaitLowEventPair
--------------------------------------------------------------------------------------
ADDR:814A363C | NtWaitHighEventPair
--------------------------------------------------------------------------------------
ADDR:81205402 | NtWaitForWorkViaWorkerFactory
--------------------------------------------------------------------------------------
ADDR:81495C0F | NtWaitForWnfNotifications
--------------------------------------------------------------------------------------
ADDR:813C6B03 | NtWaitForSingleObject
--------------------------------------------------------------------------------------
ADDR:813C70E7 | NtWaitForMultipleObjects32
--------------------------------------------------------------------------------------
ADDR:813C6FE6 | NtWaitForMultipleObjects
--------------------------------------------------------------------------------------
ADDR:814A3DB5 | NtWaitForKeyedEvent
--------------------------------------------------------------------------------------
ADDR:8131FAEB | NtWaitForDebugEvent
--------------------------------------------------------------------------------------
ADDR:81406F16 | NtWaitForAlertByThreadId
--------------------------------------------------------------------------------------
ADDR:8145CD47 | NtVdmControl
--------------------------------------------------------------------------------------
ADDR:81495984 | NtUnsubscribeWnfStateChange
--------------------------------------------------------------------------------------
ADDR:81494B5B | NtUpdateWnfStateData
--------------------------------------------------------------------------------------
ADDR:813B0994 | NtUnmapViewOfSection
--------------------------------------------------------------------------------------
ADDR:813B0913 | NtUnmapViewOfSectionEx
--------------------------------------------------------------------------------------
ADDR:811929AD | NtUnlockVirtualMemory
--------------------------------------------------------------------------------------
ADDR:8133B03B | NtUnlockFile
--------------------------------------------------------------------------------------
ADDR:812EB40B | NtUnloadKeyEx
--------------------------------------------------------------------------------------
ADDR:812EABE1 | NtUnloadKey2
--------------------------------------------------------------------------------------
ADDR:812EABC4 | NtUnloadKey
--------------------------------------------------------------------------------------
ADDR:81345716 | NtUnloadDriver
--------------------------------------------------------------------------------------
ADDR:81388110 | NtUmsThreadYield
--------------------------------------------------------------------------------------
ADDR:8149ACB9 | NtTranslateFilePath
--------------------------------------------------------------------------------------
ADDR:811F32BB | NtTraceEvent
--------------------------------------------------------------------------------------
ADDR:8146D30C | NtTraceControl
--------------------------------------------------------------------------------------
ADDR:81450A12 | NtThawTransactions
--------------------------------------------------------------------------------------
ADDR:81275A2B | NtThawRegistry
--------------------------------------------------------------------------------------
ADDR:81404D0E | NtTestAlert
--------------------------------------------------------------------------------------
ADDR:814025C8 | NtTerminateThread
--------------------------------------------------------------------------------------
ADDR:81402133 | NtTerminateProcess
--------------------------------------------------------------------------------------
ADDR:81409FEF | NtTerminateJobObject
--------------------------------------------------------------------------------------
ADDR:814A4102 | NtSystemDebugControl
--------------------------------------------------------------------------------------
ADDR:814048C2 | NtSuspendThread
--------------------------------------------------------------------------------------
ADDR:81404AD6 | NtSuspendProcess
--------------------------------------------------------------------------------------
ADDR:81495903 | NtSubscribeWnfStateChange
--------------------------------------------------------------------------------------
ADDR:814A4E37 | NtStopProfile
--------------------------------------------------------------------------------------
ADDR:814A4C36 | NtStartProfile
--------------------------------------------------------------------------------------
ADDR:8144F604 | NtSinglePhaseReject
--------------------------------------------------------------------------------------
ADDR:811A3913 | NtSignalAndWaitForSingleObject
--------------------------------------------------------------------------------------
ADDR:81205EFF | NtShutdownWorkerFactory
--------------------------------------------------------------------------------------
ADDR:814885C5 | NtShutdownSystem
--------------------------------------------------------------------------------------
ADDR:8133F295 | NtSetVolumeInformationFile
--------------------------------------------------------------------------------------
ADDR:812E9F19 | NtSetValueKey
--------------------------------------------------------------------------------------
ADDR:81497701 | NtSetUuidSeed
--------------------------------------------------------------------------------------
ADDR:81486B7F | NtSetTimerResolution
--------------------------------------------------------------------------------------
ADDR:81206DC9 | NtSetTimerEx
--------------------------------------------------------------------------------------
ADDR:81206CE6 | NtSetTimer
--------------------------------------------------------------------------------------
ADDR:813E742F | NtSetThreadExecutionState
--------------------------------------------------------------------------------------
ADDR:8148685E | NtSetSystemTime
--------------------------------------------------------------------------------------
ADDR:81505358 | NtSetSystemPowerState
--------------------------------------------------------------------------------------
ADDR:8148F71E | NtSetSystemInformation
--------------------------------------------------------------------------------------
ADDR:81498CB7 | NtSetSystemEnvironmentValueEx
--------------------------------------------------------------------------------------
ADDR:8149869F | NtSetSystemEnvironmentValue
--------------------------------------------------------------------------------------
ADDR:81443A23 | NtSetSystemCodeIntegrityRoots
--------------------------------------------------------------------------------------
ADDR:813C5B32 | NtSetSecurityObject
--------------------------------------------------------------------------------------
ADDR:8133ECEB | NtSetQuotaInformationFile
--------------------------------------------------------------------------------------
ADDR:814A36A5 | NtSetLowWaitHighEventPair
--------------------------------------------------------------------------------------
ADDR:814A377B | NtSetLowEventPair
--------------------------------------------------------------------------------------
ADDR:81406B7B | NtSetLdtEntries
--------------------------------------------------------------------------------------
ADDR:81336468 | NtSetIoCompletionEx
--------------------------------------------------------------------------------------
ADDR:81336401 | NtSetIoCompletion
--------------------------------------------------------------------------------------
ADDR:814A4F05 | NtSetIntervalProfile
--------------------------------------------------------------------------------------
ADDR:81205791 | NtSetInformationWorkerFactory
--------------------------------------------------------------------------------------
ADDR:814520FB | NtSetInformationTransactionManager
--------------------------------------------------------------------------------------
ADDR:81450675 | NtSetInformationTransaction
--------------------------------------------------------------------------------------
ADDR:81433927 | NtSetInformationToken
--------------------------------------------------------------------------------------
ADDR:813F8641 | NtSetInformationThread
--------------------------------------------------------------------------------------
ADDR:814512CF | NtSetInformationResourceManager
--------------------------------------------------------------------------------------
ADDR:813F562C | NtSetInformationProcess
--------------------------------------------------------------------------------------
ADDR:813CA583 | NtSetInformationObject
--------------------------------------------------------------------------------------
ADDR:812EBAE0 | NtSetInformationKey
--------------------------------------------------------------------------------------
ADDR:814080DF | NtSetInformationJobObject
--------------------------------------------------------------------------------------
ADDR:8133D7D1 | NtSetInformationFile
--------------------------------------------------------------------------------------
ADDR:8144EE90 | NtSetInformationEnlistment
--------------------------------------------------------------------------------------
ADDR:813200F7 | NtSetInformationDebugObject
--------------------------------------------------------------------------------------
ADDR:814A3710 | NtSetHighWaitLowEventPair
--------------------------------------------------------------------------------------
ADDR:814A37DE | NtSetHighEventPair
--------------------------------------------------------------------------------------
ADDR:8149404F | NtSetEventBoostPriority
--------------------------------------------------------------------------------------
ADDR:81493F80 | NtSetEvent
--------------------------------------------------------------------------------------
ADDR:8133C5AB | NtSetEaFile
--------------------------------------------------------------------------------------
ADDR:8149AAA3 | NtSetDriverEntryOrder
--------------------------------------------------------------------------------------
ADDR:8148B5B7 | NtSetDefaultUILanguage
--------------------------------------------------------------------------------------
ADDR:8148A2BB | NtSetDefaultLocale
--------------------------------------------------------------------------------------
ADDR:81496A4B | NtSetDefaultHardErrorPort
--------------------------------------------------------------------------------------
ADDR:814D806C | NtSetDebugFilterState
--------------------------------------------------------------------------------------
ADDR:81401D05 | NtSetContextThread
--------------------------------------------------------------------------------------
ADDR:81499FBA | NtSetBootOptions
--------------------------------------------------------------------------------------
ADDR:81499AB3 | NtSetBootEntryOrder
--------------------------------------------------------------------------------------
ADDR:814D7B22 | NtSerializeBoot
--------------------------------------------------------------------------------------
ADDR:8138CF40 | NtSecureConnectPort
--------------------------------------------------------------------------------------
ADDR:812E9D32 | NtSaveMergedKeys
--------------------------------------------------------------------------------------
ADDR:812E9A57 | NtSaveKeyEx
--------------------------------------------------------------------------------------
ADDR:812E97F4 | NtSaveKey
--------------------------------------------------------------------------------------
ADDR:81451A37 | NtRollforwardTransactionManager
--------------------------------------------------------------------------------------
ADDR:8145060C | NtRollbackTransaction
--------------------------------------------------------------------------------------
ADDR:8144F2D8 | NtRollbackEnlistment
--------------------------------------------------------------------------------------
ADDR:8144F796 | NtRollbackComplete
--------------------------------------------------------------------------------------
ADDR:814049FB | NtResumeThread
--------------------------------------------------------------------------------------
ADDR:81404B3D | NtResumeProcess
--------------------------------------------------------------------------------------
ADDR:812E957B | NtRestoreKey
--------------------------------------------------------------------------------------
ADDR:8119362B | NtResetWriteWatch
--------------------------------------------------------------------------------------
ADDR:81493EB5 | NtResetEvent
--------------------------------------------------------------------------------------
ADDR:8138D9E8 | NtRequestWaitReplyPort
--------------------------------------------------------------------------------------
ADDR:8138D91B | NtRequestPort
--------------------------------------------------------------------------------------
ADDR:8138E037 | NtReplyWaitReplyPort
--------------------------------------------------------------------------------------
ADDR:8138DDF3 | NtReplyWaitReceivePortEx
--------------------------------------------------------------------------------------
ADDR:8138DDCB | NtReplyWaitReceivePort
--------------------------------------------------------------------------------------
ADDR:8138DCBE | NtReplyPort
--------------------------------------------------------------------------------------
ADDR:8121871A | NtReplacePartitionUnit
--------------------------------------------------------------------------------------
ADDR:812EC039 | NtReplaceKey
--------------------------------------------------------------------------------------
ADDR:814518CE | NtRenameTransactionManager
--------------------------------------------------------------------------------------
ADDR:812ECF51 | NtRenameKey
--------------------------------------------------------------------------------------
ADDR:8131F6F6 | NtRemoveProcessDebug
--------------------------------------------------------------------------------------
ADDR:813366D7 | NtRemoveIoCompletionEx
--------------------------------------------------------------------------------------
ADDR:8133653B | NtRemoveIoCompletion
--------------------------------------------------------------------------------------
ADDR:81205343 | NtReleaseWorkerFactoryWorker
--------------------------------------------------------------------------------------
ADDR:81497273 | NtReleaseSemaphore
--------------------------------------------------------------------------------------
ADDR:814A57CA | NtReleaseMutant
--------------------------------------------------------------------------------------
ADDR:814A3A77 | NtReleaseKeyedEvent
--------------------------------------------------------------------------------------
ADDR:8140369F | NtRegisterThreadTerminatePort
--------------------------------------------------------------------------------------
ADDR:81452267 | NtRegisterProtocolAddressInformation
--------------------------------------------------------------------------------------
ADDR:81451B02 | NtRecoverTransactionManager
--------------------------------------------------------------------------------------
ADDR:81450F0E | NtRecoverResourceManager
--------------------------------------------------------------------------------------
ADDR:8144EB7B | NtRecoverEnlistment
--------------------------------------------------------------------------------------
ADDR:813A703B | NtReadVirtualMemory
--------------------------------------------------------------------------------------
ADDR:8138DBDA | NtReadRequestData
--------------------------------------------------------------------------------------
ADDR:8144F6CD | NtReadOnlyEnlistment
--------------------------------------------------------------------------------------
ADDR:8133FEB7 | NtReadFileScatter
--------------------------------------------------------------------------------------
ADDR:8133F733 | NtReadFile
--------------------------------------------------------------------------------------
ADDR:814966EF | NtRaiseHardError
--------------------------------------------------------------------------------------
ADDR:8123293C | NtRaiseException
--------------------------------------------------------------------------------------
ADDR:81401760 | NtQueueApcThreadEx
--------------------------------------------------------------------------------------
ADDR:814016F6 | NtQueueApcThread
--------------------------------------------------------------------------------------
ADDR:81494EEF | NtQueryWnfStateData
--------------------------------------------------------------------------------------
ADDR:814952A3 | NtQueryWnfStateNameInformation
--------------------------------------------------------------------------------------
ADDR:8133ED00 | NtQueryVolumeInformationFile
--------------------------------------------------------------------------------------
ADDR:813B81FB | NtQueryVirtualMemory
--------------------------------------------------------------------------------------
ADDR:812E90AF | NtQueryValueKey
--------------------------------------------------------------------------------------
ADDR:81486A9C | NtQueryTimerResolution
--------------------------------------------------------------------------------------
ADDR:814A52FB | NtQueryTimer
--------------------------------------------------------------------------------------
ADDR:814867C4 | NtQuerySystemTime
--------------------------------------------------------------------------------------
ADDR:8148C09B | NtQuerySystemInformationEx
--------------------------------------------------------------------------------------
ADDR:8148C013 | NtQuerySystemInformation
--------------------------------------------------------------------------------------
ADDR:81498993 | NtQuerySystemEnvironmentValueEx
--------------------------------------------------------------------------------------
ADDR:8149838D | NtQuerySystemEnvironmentValue
--------------------------------------------------------------------------------------
ADDR:813BE945 | NtQuerySymbolicLinkObject
--------------------------------------------------------------------------------------
ADDR:8149713F | NtQuerySemaphore
--------------------------------------------------------------------------------------
ADDR:813C5E1C | NtQuerySecurityObject
--------------------------------------------------------------------------------------
ADDR:8143227F | NtQuerySecurityAttributesToken
--------------------------------------------------------------------------------------
ADDR:813B56F7 | NtQuerySection
--------------------------------------------------------------------------------------
ADDR:8133E60B | NtQueryQuotaInformationFile
--------------------------------------------------------------------------------------
ADDR:813F523D | NtQueryPortInformationProcess
--------------------------------------------------------------------------------------
ADDR:814A4FFA | NtQueryPerformanceCounter
--------------------------------------------------------------------------------------
ADDR:812ECC43 | NtQueryOpenSubKeysEx
--------------------------------------------------------------------------------------
ADDR:812ECA99 | NtQueryOpenSubKeys
--------------------------------------------------------------------------------------
ADDR:813C9DE1 | NtQueryObject
--------------------------------------------------------------------------------------
ADDR:814A563F | NtQueryMutant
--------------------------------------------------------------------------------------
ADDR:812EC348 | NtQueryMultipleValueKey
--------------------------------------------------------------------------------------
ADDR:814833F7 | NtQueryLicenseValue
--------------------------------------------------------------------------------------
ADDR:812E8C42 | NtQueryKey
--------------------------------------------------------------------------------------
ADDR:813362B3 | NtQueryIoCompletion
--------------------------------------------------------------------------------------
ADDR:814A4F5F | NtQueryIntervalProfile
--------------------------------------------------------------------------------------
ADDR:8148A56A | NtQueryInstallUILanguage
--------------------------------------------------------------------------------------
ADDR:81205C69 | NtQueryInformationWorkerFactory
--------------------------------------------------------------------------------------
ADDR:81451B5D | NtQueryInformationTransactionManager
--------------------------------------------------------------------------------------
ADDR:8144FD7B | NtQueryInformationTransaction
--------------------------------------------------------------------------------------
ADDR:8142F021 | NtQueryInformationToken
--------------------------------------------------------------------------------------
ADDR:813F7839 | NtQueryInformationThread
--------------------------------------------------------------------------------------
ADDR:8145108C | NtQueryInformationResourceManager
--------------------------------------------------------------------------------------
ADDR:813F2E2B | NtQueryInformationProcess
--------------------------------------------------------------------------------------
ADDR:8138DAF7 | NtQueryInformationPort
--------------------------------------------------------------------------------------
ADDR:814074DB | NtQueryInformationJobObject
--------------------------------------------------------------------------------------
ADDR:8133CC3F | NtQueryInformationFile
--------------------------------------------------------------------------------------
ADDR:8144EBD7 | NtQueryInformationEnlistment
--------------------------------------------------------------------------------------
ADDR:81498194 | NtQueryInformationAtom
--------------------------------------------------------------------------------------
ADDR:81337866 | NtQueryFullAttributesFile
--------------------------------------------------------------------------------------
ADDR:81493D92 | NtQueryEvent
--------------------------------------------------------------------------------------
ADDR:8133BF43 | NtQueryEaFile
--------------------------------------------------------------------------------------
ADDR:8149A1D0 | NtQueryDriverEntryOrder
--------------------------------------------------------------------------------------
ADDR:813C1D43 | NtQueryDirectoryObject
--------------------------------------------------------------------------------------
ADDR:8133BABC | NtQueryDirectoryFile
--------------------------------------------------------------------------------------
ADDR:8148A5E3 | NtQueryDefaultUILanguage
--------------------------------------------------------------------------------------
ADDR:8148A233 | NtQueryDefaultLocale
--------------------------------------------------------------------------------------
ADDR:8121897F | NtQueryDebugFilterState
--------------------------------------------------------------------------------------
ADDR:81499CC9 | NtQueryBootOptions
--------------------------------------------------------------------------------------
ADDR:81499869 | NtQueryBootEntryOrder
--------------------------------------------------------------------------------------
ADDR:813376D8 | NtQueryAttributesFile
--------------------------------------------------------------------------------------
ADDR:81493CC3 | NtPulseEvent
--------------------------------------------------------------------------------------
ADDR:813B8927 | NtProtectVirtualMemory
--------------------------------------------------------------------------------------
ADDR:81452509 | NtPropagationFailed
--------------------------------------------------------------------------------------
ADDR:8145242A | NtPropagationComplete
--------------------------------------------------------------------------------------
ADDR:8143B71C | NtPrivilegeObjectAuditAlarm
--------------------------------------------------------------------------------------
ADDR:8143B97B | NtPrivilegedServiceAuditAlarm
--------------------------------------------------------------------------------------
ADDR:81443034 | NtPrivilegeCheck
--------------------------------------------------------------------------------------
ADDR:813AFCB9 | NtPrefetchVirtualMemory
--------------------------------------------------------------------------------------
ADDR:8144F142 | NtPrePrepareEnlistment
--------------------------------------------------------------------------------------
ADDR:8144F46E | NtPrePrepareComplete
--------------------------------------------------------------------------------------
ADDR:8144F077 | NtPrepareEnlistment
--------------------------------------------------------------------------------------
ADDR:8144F3A3 | NtPrepareComplete
**** Hidden Message ***** 我不是随便的人。我随便起来不是人
页:
[1]