Wrapper for advapi32.dll in ctypes.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
OpenProcessToken(ProcessHandle,
DesiredAccess=983551) |
source code
|
|
|
OpenThreadToken(ThreadHandle,
DesiredAccess,
OpenAsSelf=True) |
source code
|
|
|
DuplicateToken(ExistingTokenHandle,
ImpersonationLevel=2) |
source code
|
|
|
DuplicateTokenEx(hExistingToken,
dwDesiredAccess=983551,
lpTokenAttributes=None,
ImpersonationLevel=2,
TokenType=1) |
source code
|
|
|
|
|
LookupPrivilegeValueA(lpSystemName,
lpName) |
source code
|
|
|
LookupPrivilegeValueW(lpSystemName,
lpName) |
source code
|
|
|
|
|
|
|
AdjustTokenPrivileges(TokenHandle,
NewState=( ) ) |
source code
|
|
|
GetTokenInformation(hTokenHandle,
TokenInformationClass) |
source code
|
|
|
_internal_GetTokenInformation(hTokenHandle,
TokenInformationClass,
TokenInformation) |
source code
|
|
|
CreateProcessWithLogonW(lpUsername=None,
lpDomain=None,
lpPassword=None,
dwLogonFlags=0,
lpApplicationName=None,
lpCommandLine=None,
dwCreationFlags=0,
lpEnvironment=None,
lpCurrentDirectory=None,
lpStartupInfo=None) |
source code
|
|
|
|
|
CreateProcessWithTokenW(hToken=None,
dwLogonFlags=0,
lpApplicationName=None,
lpCommandLine=None,
dwCreationFlags=0,
lpEnvironment=None,
lpCurrentDirectory=None,
lpStartupInfo=None) |
source code
|
|
|
|
|
CreateProcessAsUserA(hToken=None,
lpApplicationName=None,
lpCommandLine=None,
lpProcessAttributes=None,
lpThreadAttributes=None,
bInheritHandles=False,
dwCreationFlags=0,
lpEnvironment=None,
lpCurrentDirectory=None,
lpStartupInfo=None) |
source code
|
|
|
CreateProcessAsUserW(hToken=None,
lpApplicationName=None,
lpCommandLine=None,
lpProcessAttributes=None,
lpThreadAttributes=None,
bInheritHandles=False,
dwCreationFlags=0,
lpEnvironment=None,
lpCurrentDirectory=None,
lpStartupInfo=None) |
source code
|
|
|
OpenThreadWaitChainSession(Flags=0,
callback=None) |
source code
|
|
|
GetThreadWaitChain(WctHandle,
Context=None,
Flags=7,
ThreadId=-1,
NodeCount=16) |
source code
|
|
|
|
|
SaferCreateLevel(dwScopeId=2,
dwLevelId=131072,
OpenFlags=0) |
source code
|
|
|
SaferComputeTokenFromLevel(LevelHandle,
InAccessToken=None,
dwFlags=0) |
source code
|
|
|
|
|
SaferiIsExecutableFileType(szFullPath,
bFromShellExecute=False) |
source code
|
|
|
SaferIsExecutableFileType(szFullPath,
bFromShellExecute=False) |
source code
|
|
|
|
|
RegConnectRegistryA(lpMachineName=None,
hKey=2147483650) |
source code
|
|
|
RegConnectRegistryW(lpMachineName=None,
hKey=2147483650) |
source code
|
|
|
RegCreateKeyA(hKey=2147483650,
lpSubKey=None) |
source code
|
|
|
RegCreateKeyW(hKey=2147483650,
lpSubKey=None) |
source code
|
|
|
RegOpenKeyA(hKey=2147483650,
lpSubKey=None) |
source code
|
|
|
RegOpenKeyW(hKey=2147483650,
lpSubKey=None) |
source code
|
|
|
RegOpenKeyExA(hKey=2147483650,
lpSubKey=None,
samDesired=983103) |
source code
|
|
|
RegOpenKeyExW(hKey=2147483650,
lpSubKey=None,
samDesired=983103) |
source code
|
|
|
|
|
RegOpenUserClassesRoot(hToken,
samDesired=983103) |
source code
|
|
|
|
|
|
|
_internal_RegQueryValueEx(ansi,
hKey,
lpValueName=None,
bGetData=True) |
source code
|
|
|
|
|
RegQueryValueExA(hKey,
lpValueName=None,
bGetData=True) |
source code
|
|
|
RegQueryValueExW(hKey,
lpValueName=None,
bGetData=True) |
source code
|
|
|
RegSetValueEx(hKey,
lpValueName=None,
lpData=None,
dwType=None) |
source code
|
|
|
RegSetValueExW(hKey,
lpValueName=None,
lpData=None,
dwType=None) |
source code
|
|
|
RegSetValueExA(hKey,
lpValueName=None,
lpData=None,
dwType=None) |
source code
|
|
|
|
|
|
|
_internal_RegEnumValue(ansi,
hKey,
dwIndex,
bGetData=True) |
source code
|
|
|
RegEnumValueA(hKey,
dwIndex,
bGetData=True) |
source code
|
|
|
RegEnumValueW(hKey,
dwIndex,
bGetData=True) |
source code
|
|
|
|
|
|
|
RegDeleteKeyValueA(hKeySrc,
lpSubKey=None,
lpValueName=None) |
source code
|
|
|
RegDeleteKeyValueW(hKeySrc,
lpSubKey=None,
lpValueName=None) |
source code
|
|
|
|
|
|
|
RegDeleteKeyExA(hKeySrc,
lpSubKey=None,
samDesired=512) |
source code
|
|
|
RegDeleteKeyExW(hKeySrc,
lpSubKey=None,
samDesired=512) |
source code
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
OpenSCManagerA(lpMachineName=None,
lpDatabaseName=None,
dwDesiredAccess=983103) |
source code
|
|
|
OpenSCManagerW(lpMachineName=None,
lpDatabaseName=None,
dwDesiredAccess=983103) |
source code
|
|
|
OpenServiceA(hSCManager,
lpServiceName,
dwDesiredAccess=983551) |
source code
|
|
|
OpenServiceW(hSCManager,
lpServiceName,
dwDesiredAccess=983551) |
source code
|
|
|
CreateServiceA(hSCManager,
lpServiceName,
lpDisplayName=None,
dwDesiredAccess=983551,
dwServiceType=16,
dwStartType=3,
dwErrorControl=1,
lpBinaryPathName=None,
lpLoadOrderGroup=None,
lpDependencies=None,
lpServiceStartName=None,
lpPassword=None) |
source code
|
|
|
CreateServiceW(hSCManager,
lpServiceName,
lpDisplayName=None,
dwDesiredAccess=983551,
dwServiceType=16,
dwStartType=3,
dwErrorControl=1,
lpBinaryPathName=None,
lpLoadOrderGroup=None,
lpDependencies=None,
lpServiceStartName=None,
lpPassword=None) |
source code
|
|
|
|
|
GetServiceKeyNameA(hSCManager,
lpDisplayName) |
source code
|
|
|
GetServiceKeyNameW(hSCManager,
lpDisplayName) |
source code
|
|
|
GetServiceDisplayNameA(hSCManager,
lpServiceName) |
source code
|
|
|
GetServiceDisplayNameW(hSCManager,
lpServiceName) |
source code
|
|
|
StartServiceA(hService,
ServiceArgVectors=None) |
source code
|
|
|
StartServiceW(hService,
ServiceArgVectors=None) |
source code
|
|
|
|
|
|
|
QueryServiceStatusEx(hService,
InfoLevel=0) |
source code
|
|
|
EnumServicesStatusA(hSCManager,
dwServiceType=59,
dwServiceState=3) |
source code
|
|
|
EnumServicesStatusW(hSCManager,
dwServiceType=59,
dwServiceState=3) |
source code
|
|
|
EnumServicesStatusExA(hSCManager,
InfoLevel=0,
dwServiceType=59,
dwServiceState=3,
pszGroupName=None) |
source code
|
|
|
EnumServicesStatusExW(hSCManager,
InfoLevel=0,
dwServiceType=59,
dwServiceState=3,
pszGroupName=None) |
source code
|
|
|
__revision__ = ' $Id: advapi32.py 1299 2013-12-20 09:30:55Z qva ...
|
|
SLE_ERROR = 1
|
|
ERROR_CANNOT_DETECT_PROCESS_ABORT = 1081
|
|
STANDARD_RIGHTS_WRITE = 131072
|
|
THREAD_BASE_PRIORITY_LOWRT = 15
|
|
ERROR_PROC_NOT_FOUND = 127
|
|
CONTEXT_CONTROL = 65537
|
|
SM_CXVIRTUALSCREEN = 78
|
|
VOLUME_NAME_NONE = 4
|
|
PAGE_EXECUTE_WRITECOPY = 128
|
|
SM_CXSCREEN = 0
|
|
LoadLibrary = GuessStringType(LoadLibraryA, LoadLibraryW)
|
|
_LDT_ENTRY_HIGHWORD_
|
|
FOREGROUND_GREEN = 2
|
|
CREATE_SEPARATE_WOW_VDM = 2048
|
|
VER_LESS = 4
|
|
ERROR_ENVVAR_NOT_FOUND = 203
|
|
VOS_DOS_WINDOWS16 = 65537
|
|
SM_STARTER = 88
|
|
SM_IMMENABLED = 82
|
|
VER_SUITE_BLADE = 1024
|
|
STILL_ACTIVE = 259
|
|
SM_CYMENUSIZE = 55
|
|
EXCEPTION_FLT_UNDERFLOW = 3221225619
|
|
FILE_NAME_NORMALIZED = 0
|
|
OpenFileMapping = GuessStringType(OpenFileMappingA, OpenFileMa...
|
|
OS_NT = ' Windows NT '
|
|
CREATE_THREAD_DEBUG_EVENT = 2
|
|
CREATE_PROCESS_DEBUG_EVENT = 3
|
|
PAGE_NOACCESS = 1
|
|
VER_GREATER = 2
|
|
STATUS_PENDING = 259
|
|
PROCESSOR_PPC_620 = 620
|
|
ERROR_DBG_REPLY_LATER = 689
|
|
ERROR_CALL_NOT_IMPLEMENTED = 120
|
|
SM_CXHSCROLL = 21
|
|
GENERIC_EXECUTE = 536870912
|
|
PROCESSOR_ARCHITECTURE_ALPHA = 2
|
|
ERROR_INVALID_PARAMETER = 87
|
|
ANYSIZE_ARRAY = 1
|
|
GlobalFindAtom = GuessStringType(GlobalFindAtomA, GlobalFindAt...
|
|
BACKGROUND_RED = 64
|
|
DBG_NO_STATE_CHANGE = 3221291009
|
|
CONTEXT_i386 = 65536
|
|
ARCH_AMD64 = ' amd64 '
|
|
OS_WINDOWS_2008_64 = ' Windows 2008 (64 bits) '
|
|
BACKGROUND_BLUE = 16
|
|
SM_CXMIN = 28
|
|
VFT_DRV = 3
|
|
PAGE_READWRITE = 4
|
|
ERROR_FILE_NOT_FOUND = 2
|
|
ERROR_DBG_CONTROL_BREAK = 696
|
|
ERROR_SERVICE_NEVER_STARTED = 1077
|
|
VOS__PM32 = 3
|
|
ERROR_WOW_ASSERTION = 670
|
|
ERROR_NOT_ENOUGH_MEMORY = 8
|
|
MAXIMUM_SUSPEND_COUNT = 127
|
|
PRODUCT_STORAGE_ENTERPRISE_SERVER = 23
|
|
BACKGROUND_GREY = 112
|
|
ERROR_DBG_TERMINATE_THREAD = 691
|
|
VFT2_DRV_KEYBOARD = 2
|
|
RIP_EVENT = 9
|
|
WOW64_CS32
|
|
CONTEXT_FLOATING_POINT = 65544
|
|
NTDDI_WIN7SP1 = 100729088
|
|
VOS_NT = 262144
|
|
CONTEXT_EXCEPTION_REQUEST
|
|
SECTION_MAP_READ = 4
|
|
ERROR_INSUFFICIENT_BUFFER = 122
|
|
SECTION_MAP_EXECUTE = 8
|
|
PRODUCT_PROFESSIONAL_E = 69
|
|
ERROR_HANDLE_DISK_FULL = 39
|
|
CreateMutex = GuessStringType(CreateMutexA, CreateMutexW)
|
|
ERROR_BAD_LENGTH = 24
|
|
ERROR_SERVICE_DEPENDENCY_FAIL = 1068
|
|
SM_CYFRAME = 33
|
|
ProcThreadAttributeGroupAffinity = 3
|
|
PROCESSOR_INTEL_IA64 = 2200
|
|
COMMON_LVB_REVERSE_VIDEO = 16384
|
|
NTDDI_WIN2K = 83886080
|
|
PRODUCT_MEDIUMBUSINESS_SERVER_MESSAGING = 32
|
|
OS_WINDOWS_XP = ' Windows XP '
|
|
FILE_FLAG_WRITE_THROUGH = 2147483648
|
|
VS_FF_INFOINFERRED = 16
|
|
PROCESSOR_ALPHA_21064 = 21064
|
|
CONTEXT_FULL = 65543
|
|
FILE_SHARE_DELETE = 4
|
|
FILE_FLAG_NO_BUFFERING = 536870912
|
|
PRODUCT_ENTERPRISE_SERVER_CORE = 14
|
|
VOLUME_NAME_GUID = 1
|
|
SM_CXFULLSCREEN = 16
|
|
CTRL_CLOSE_EVENT = 2
|
|
STATUS_IN_PAGE_ERROR = 3221225478
|
|
EXCEPTION_ARRAY_BOUNDS_EXCEEDED = 3221225612
|
|
DBG_TERMINATE_THREAD = 1073807363
|
|
DBG_PRINTEXCEPTION_C = 1073807366
|
|
SEM_FAILCRITICALERRORS = 1
|
|
EXCEPTION_WX86_BREAKPOINT = 1073741855
|
|
STANDARD_RIGHTS_REQUIRED = 983040
|
|
SEMAPHORE_MODIFY_STATE = 2
|
|
THREAD_DIRECT_IMPERSONATION = 512
|
|
IDLE_PRIORITY_CLASS = 64
|
|
ERROR_SERVICE_NOT_ACTIVE = 1062
|
|
PRODUCT_WEB_SERVER_CORE = 29
|
|
STATUS_WX86_BREAKPOINT = 1073741855
|
|
PAGE_GUARD = 256
|
|
THREAD_SET_LIMITED_INFORMATION = 1024
|
|
PAGE_WRITECOPY = 8
|
|
VFT2_FONT_TRUETYPE = 3
|
|
ARCH_HITACHI = ' shx '
|
|
CONTEXT_EXCEPTION_ACTIVE
|
|
WOW64_CONTEXT_EXTENDED_REGISTERS
|
|
ARCH_SPARC = ' sparc '
|
|
EXCEPTION_BREAKPOINT = 2147483651
|
|
PRODUCT_PROFESSIONAL_N = 49
|
|
OUTPUT_DEBUG_STRING_EVENT = 8
|
|
CONTEXT_SEGMENTS = 65540
|
|
PROCESSOR_ARCHITECTURE_UNKNOWN = 65535
|
|
FILE_NAME_OPENED = 8
|
|
STACK_SIZE_PARAM_IS_A_RESERVATION = 65536
|
|
SM_CYCAPTION = 4
|
|
DBG_EXCEPTION_HANDLED = 65537
|
|
ARCH_ALPHA64 = ' alpha64 '
|
|
STATUS_FLOAT_MULTIPLE_FAULTS = 3221226164
|
|
THREAD_ALL_ACCESS_NT = 2032639
|
|
STATUS_FLOAT_INVALID_OPERATION = 3221225616
|
|
NTDDI_WIN8 = 100794368
|
|
SEM_NOOPENFILEERRORBOX = 2048
|
|
NTDDI_WIN7 = 100728832
|
|
OSVERSION_MASK = 4294901760
|
|
SM_CXFOCUSBORDER = 83
|
|
STATUS_WAIT_0 = 0
|
|
MAXIMUM_SUPPORTED_EXTENSION = 512
|
|
PROC_THREAD_ATTRIBUTE_PREFERRED_NODE = 131076
|
|
ProcThreadAttributeHandleList = 2
|
|
PROC_THREAD_ATTRIBUTE_GROUP_AFFINITY = 196611
|
|
OS_WINDOWS_2008_R2_64 = ' Windows 2008 R2 (64 bits) '
|
|
EXCEPTION_INT_DIVIDE_BY_ZERO = 3221225620
|
|
ProcThreadAttributeExtendedFlags = 1
|
|
SUBVERSION_MASK = 255
|
|
NTDDI_WIN2KSP2 = 83886592
|
|
STATUS_FLOAT_STACK_CHECK = 3221225618
|
|
MAXINTATOM = 49152
|
|
THREAD_BASE_PRIORITY_MAX = 2
|
|
Wow64GetThreadContext
|
|
PROCESSOR_ARM720 = 1824
|
|
WOW64_CONTEXT_i386
|
|
ERROR_PARTIAL_COPY = 299
|
|
MEM_COMMIT = 4096
|
|
COMMON_LVB_LEADING_BYTE = 256
|
|
SM_CMOUSEBUTTONS = 43
|
|
SM_CYSMICON = 50
|
|
ERROR_THREAD_NOT_IN_PROCESS = 566
|
|
OS_W2K3R2_64 = ' Windows 2003 R2 (64 bits) '
|
|
OS_SEVEN = ' Windows 7 '
|
|
SM_CXDLGFRAME = 7
|
|
DEBUG_PROCESS = 1
|
|
OS_W2K3_64 = ' Windows 2003 (64 bits) '
|
|
WOW64_CONTEXT_INTEGER
|
|
CreateFileMapping = GuessStringType(CreateFileMappingA, Create...
|
|
SM_ARRANGE = 56
|
|
FILE_FLAG_SEQUENTIAL_SCAN = 134217728
|
|
TIMER_QUERY_STATE = 1
|
|
GlobalGetAtomName = GuessStringType(GlobalGetAtomNameA, Global...
|
|
VS_FF_PRERELEASE = 2
|
|
PROCESS_SET_SESSIONID = 4
|
|
ERROR_DIR_NOT_EMPTY = 145
|
|
ProcThreadAttributeMitigationPolicy = 7
|
|
HEAP_CREATE_ENABLE_EXECUTE = 262144
|
|
ProcThreadAttributeMax = 8
|
|
PROCESS_ALL_ACCESS_VISTA = 2097151
|
|
VFT2_DRV_DISPLAY = 4
|
|
SM_DBCSENABLED = 42
|
|
ERROR_INVALID_ADDRESS = 487
|
|
WOW64_CONTEXT_CONTROL
|
|
ERROR_NO_RECOVERY_PROGRAM = 1082
|
|
SECTION_EXTEND_SIZE = 16
|
|
VER_SUITE_BACKOFFICE = 4
|
|
LPXMM_SAVE_AREA32
|
|
CREATE_SUSPENDED = 4
|
|
HANDLE_FLAG_INHERIT = 1
|
|
CONTEXT_EXTENDED_REGISTERS = 65568
|
|
THREAD_ALL_ACCESS_VISTA = 2097151
|
|
MEM_LARGE_PAGES = 536870912
|
|
EXCEPTION_FLT_STACK_CHECK = 3221225618
|
|
OpenMutex = GuessStringType(OpenMutexA, OpenMutexW)
|
|
VFT2_DRV_INSTALLABLE = 8
|
|
MEM_WRITE_WATCH = 2097152
|
|
THREAD_SET_THREAD_TOKEN = 128
|
|
PROCESS_VM_READ = 16
|
|
LOAD_DLL_DEBUG_EVENT = 6
|
|
VER_SUITE_WH_SERVER = 32768
|
|
STATUS_STACK_OVERFLOW = 3221225725
|
|
PROCESSOR_ARCHITECTURE_ALPHA64 = 7
|
|
OS_WINDOWS_2003_R2 = ' Windows 2003 R2 '
|
|
VFT2_DRV_SOUND = 9
|
|
THREAD_QUERY_LIMITED_INFORMATION = 2048
|
|
SM_RESERVED4 = 27
|
|
SM_RESERVED1 = 24
|
|
MS_VC_EXCEPTION = 1080890248
|
|
SM_RESERVED3 = 26
|
|
SM_RESERVED2 = 25
|
|
OS_WINDOWS_2008_R2 = ' Windows 2008 R2 '
|
|
VS_FF_DEBUG = 1
|
|
BACKGROUND_MAGENTA = 80
|
|
EXCEPTION_MAXIMUM_PARAMETERS = 15
|
|
SM_CXICONSPACING = 38
|
|
PROCESS_CREATION_MITIGATION_POLICY_DEP_ATL_THUNK_ENABLE = 2
|
|
INFINITE = -1
|
|
VER_SUITE_DATACENTER = 128
|
|
SEMAPHORE_ALL_ACCESS = 2031619
|
|
arch = ' amd64 '
|
|
PROCESSOR_INTEL_486 = 486
|
|
DBG_CONTROL_BREAK = 1073807368
|
|
ARCH_UNKNOWN = ' unknown '
|
|
MEM_RELEASE = 32768
|
|
Wow64GetThreadSelectorEntry
|
|
ERROR_DBG_EXCEPTION_HANDLED = 766
|
|
BACKGROUND_INTENSITY = 128
|
|
INHERIT_CALLER_PRIORITY = 131072
|
|
MEM_FREE = 65536
|
|
ERROR_MOD_NOT_FOUND = 126
|
|
GR_USEROBJECTS = 1
|
|
PWOW64_FLOATING_SAVE_AREA
|
|
PRODUCT_MEDIUMBUSINESS_SERVER_MANAGEMENT = 30
|
|
EXCEPTION_FLT_DIVIDE_BY_ZERO = 3221225614
|
|
ERROR_SERVICE_START_HANG = 1070
|
|
STATUS_BREAKPOINT = 2147483651
|
|
ERROR_SERVICE_LOGON_FAILED = 1069
|
|
ProcThreadAttributeIdealProcessor = 5
|
|
SM_SAMEDISPLAYFORMAT = 81
|
|
ERROR_BUFFER_OVERFLOW = 111
|
|
PRODUCT_MEDIUMBUSINESS_SERVER_SECURITY = 31
|
|
THREAD_BASE_PRIORITY_IDLE = -15
|
|
ARCH_SHX = ' shx '
|
|
CREATE_PRESERVE_CODE_AUTHZ_LEVEL = 33554432
|
|
OS_WINDOWS_XP_64 = ' Windows XP (64 bits) '
|
|
VFT2_DRV_LANGUAGE = 3
|
|
PROCESSOR_ARM820 = 2080
|
|
OS_WINDOWS_NT = ' Windows NT '
|
|
THREAD_PRIORITY_LOWEST = -2
|
|
EXCEPTION_ILLEGAL_INSTRUCTION = 3221225501
|
|
VS_FF_SPECIALBUILD = 32
|
|
TRUE = 1
|
|
THREAD_SUSPEND_RESUME = 2
|
|
SM_REMOTESESSION = 4096
|
|
PROC_THREAD_ATTRIBUTE_PARENT_PROCESS = 131072
|
|
MEM_RESET = 524288
|
|
ERROR_ALREADY_EXISTS = 183
|
|
ERROR_DIFFERENT_SERVICE_ACCOUNT = 1079
|
|
PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY = 131079
|
|
ARCH_POWERPC = ' ppc '
|
|
WIN32_VERBOSE_MODE = False
|
|
STATUS_INTEGER_OVERFLOW = 3221225621
|
|
COMMON_LVB_UNDERSCORE = 32768
|
|
VOS_DOS_WINDOWS32 = 65540
|
|
CreateFile = GuessStringType(CreateFileA, CreateFileW)
|
|
ERROR_INVALID_HANDLE = 6
|
|
EXCEPTION_FLT_INEXACT_RESULT = 3221225615
|
|
SM_CXMAXIMIZED = 61
|
|
ERROR_INVALID_FUNCTION = 1
|
|
FILE_SHARE_READ = 1
|
|
PROCESSOR_SHx_SH3 = 103
|
|
PROCESSOR_SHx_SH4 = 104
|
|
VER_LESS_EQUAL = 5
|
|
INHERIT_PARENT_AFFINITY = 65536
|
|
ARCH_ALPHA = ' alpha '
|
|
ProcThreadAttributePreferredNode = 4
|
|
PRODUCT_ENTERPRISE_SERVER = 10
|
|
ERROR_BAD_THREADID_ADDR = 159
|
|
FILE_FLAG_DELETE_ON_CLOSE = 67108864
|
|
VFT2_UNKNOWN = 0
|
|
OS_WINDOWS_2003_64 = ' Windows 2003 (64 bits) '
|
|
FOREGROUND_MAGENTA = 5
|
|
THREAD_PRIORITY_BELOW_NORMAL = -1
|
|
SM_MOUSEPRESENT = 19
|
|
PROCESS_CREATE_THREAD = 2
|
|
OPEN_ALWAYS = 4
|
|
WOW64_CONTEXT
|
|
STATUS_STACK_BUFFER_OVERRUN = 3221226505
|
|
OS_XP = ' Windows XP '
|
|
PRODUCT_PROFESSIONAL = 48
|
|
EXCEPTION_SINGLE_STEP = 2147483652
|
|
ARCH_MIPS = ' mips '
|
|
PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 = 10
|
|
ERROR_INVALID_NAME = 123
|
|
CREATE_NEW_CONSOLE = 16
|
|
PRODUCT_ULTIMATE_E = 71
|
|
SM_CYCURSOR = 14
|
|
DELETE = 65536
|
|
DETACHED_PROCESS = 8
|
|
VER_SUITE_SINGLEUSERTS = 256
|
|
EXIT_THREAD_DEBUG_EVENT = 4
|
|
GetLogicalDriveStrings = GuessStringType(GetLogicalDriveString...
|
|
MAX_MODULE_NAME32 = 255
|
|
SM_CYKANJIWINDOW = 18
|
|
STATUS_UNWIND_CONSOLIDATE = 2147483689
|
|
SM_CXVSCROLL = 2
|
|
FOREGROUND_CYAN = 3
|
|
PROFILE_KERNEL = 536870912
|
|
VER_OR = 7
|
|
SM_CYVIRTUALSCREEN = 79
|
|
PROCESSOR_ARM_7TDMI = 70001
|
|
SM_SLOWMACHINE = 73
|
|
SM_CYMINTRACK = 35
|
|
OS_W2K8 = ' Windows 2008 '
|
|
SM_SHUTTINGDOWN = 8192
|
|
SECTION_MAP_WRITE = 2
|
|
VOS_OS232_PM32 = 196611
|
|
OS_W2K3 = ' Windows 2003 '
|
|
SM_CYMAXTRACK = 60
|
|
PROCESSOR_ARCHITECTURE_IA64 = 6
|
|
STATUS_INTEGER_DIVIDE_BY_ZERO = 3221225620
|
|
EVENT_ALL_ACCESS = 2031619
|
|
MEM_4MB_PAGES = 2147483648
|
|
MEM_TOP_DOWN = 1048576
|
|
VFT_UNKNOWN = 0
|
|
WOW64_CONTEXT_FLOATING_POINT
|
|
SM_YVIRTUALSCREEN = 77
|
|
PXMM_SAVE_AREA32
|
|
ERROR_DBG_CONTROL_C = 693
|
|
GetFinalPathNameByHandle = GuessStringType(GetFinalPathNameByH...
|
|
GetFullPathName = GuessStringType(GetFullPathNameA, GetFullPat...
|
|
CONTEXT_i486 = 65536
|
|
MUTEX_MODIFY_STATE = 1
|
|
VOS_UNKNOWN = 0
|
|
OS_VISTA_64 = ' Windows Vista (64 bits) '
|
|
ERROR_SERVICE_EXISTS = 1073
|
|
OS_WINDOWS_VISTA_64 = ' Windows Vista (64 bits) '
|
|
NTDDI_VISTA = 100663296
|
|
THREAD_GET_CONTEXT = 8
|
|
PAGE_READONLY = 2
|
|
FILE_ATTRIBUTE_READONLY = 1
|
|
PROCESS_VM_OPERATION = 8
|
|
PROCESS_NAME_NATIVE = 1
|
|
LOAD_LIBRARY_AS_DATAFILE = 2
|
|
SPECIFIC_RIGHTS_ALL = 65535
|
|
context_i386
|
|
SM_CYFOCUSBORDER = 84
|
|
ACCESS_VIOLATION_TYPE_WRITE = 1
|
|
STATUS_PRIVILEGED_INSTRUCTION = 3221225622
|
|
VFT2_DRV_NETWORK = 6
|
|
SECTION_ALL_ACCESS = 983071
|
|
PRODUCT_STANDARD_SERVER = 7
|
|
VFT2_DRV_SYSTEM = 7
|
|
PAGE_EXECUTE_READ = 32
|
|
NTDDI_WINXPSP1 = 83951872
|
|
PROCESS_VM_WRITE = 32
|
|
NTDDI_WINXPSP2 = 83952128
|
|
PROCESSOR_HITACHI_SH3 = 10003
|
|
VER_EQUAL = 1
|
|
PROCESSOR_OPTIL = 18767
|
|
PRODUCT_STANDARD_SERVER_CORE_V = 40
|
|
PROCESSOR_AMD_X8664 = 8664
|
|
ERROR_DATABASE_DOES_NOT_EXIST = 1065
|
|
FILE_ATTRIBUTE_ARCHIVE = 32
|
|
SM_CXMENUSIZE = 54
|
|
ERROR_INVALID_SERVICE_LOCK = 1071
|
|
VFT_STATIC_LIB = 7
|
|
ERROR_PROCESS_ABORTED = 1067
|
|
EXCEPTION_EXECUTE_FAULT = 8
|
|
EXCEPTION_INVALID_HANDLE = 3221225480
|
|
VER_MINORVERSION = 1
|
|
LOAD_LIBRARY_AS_IMAGE_RESOURCE = 32
|
|
bits = 32
|
|
CONTEXT_MMX_REGISTERS
|
|
FORMAT_MESSAGE_FROM_SYSTEM = 4096
|
|
PROCESSOR_MIPS_R4000 = 4000
|
|
EXCEPTION_POSSIBLE_DEADLOCK = 3221225876
|
|
PROFILE_USER = 268435456
|
|
STANDARD_RIGHTS_EXECUTE = 131072
|
|
STATUS_GUARD_PAGE_VIOLATION = 2147483649
|
|
VER_SUITE_SMALLBUSINESS_RESTRICTED = 32
|
|
VOLUME_NAME_NT = 2
|
|
DUPLICATE_CLOSE_SOURCE = 1
|
|
SM_CYSIZEFRAME = 33
|
|
CONTEXT_SERVICE_ACTIVE
|
|
GetModuleHandle = GuessStringType(GetModuleHandleA, GetModuleH...
|
|
SM_CYDOUBLECLK = 37
|
|
PAGE_WRITECOMBINE = 1024
|
|
PRODUCT_ENTERPRISE_SERVER_V = 38
|
|
PROCESSOR_ARCHITECTURE_SHX = 4
|
|
THREAD_IMPERSONATE = 256
|
|
WOW64_CONTEXT_i486
|
|
wow64 = True
|
|
EXCEPTION_IN_PAGE_ERROR = 3221225478
|
|
FALSE = 0
|
|
VER_PLATFORMID = 8
|
|
STATUS_SEGMENT_NOTIFICATION = 1073741829
|
|
MEM_IMAGE = 16777216
|
|
VER_NT_WORKSTATION = 1
|
|
MAXIMUM_WAIT_OBJECTS = 64
|
|
THREAD_SET_INFORMATION = 32
|
|
DBG_UNABLE_TO_PROVIDE_HANDLE = 1073807362
|
|
SM_CYVSCROLL = 20
|
|
WinFuncHook
|
|
ERROR_DISK_FULL = 112
|
|
VER_AND = 6
|
|
PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE = 1
|
|
PRODUCT_WEB_SERVER = 17
|
|
ERROR_ELEVATION_REQUIRED = 740
|
|
STD_INPUT_HANDLE = 4294967286
|
|
SM_CXEDGE = 45
|
|
ERROR_FILENAME_EXCED_RANGE = 206
|
|
VFT_APP = 1
|
|
TH32CS_SNAPALL = 15
|
|
EXCEPTION_FLT_DENORMAL_OPERAND = 3221225613
|
|
STATUS_FLOAT_DIVIDE_BY_ZERO = 3221225614
|
|
LOAD_LIBRARY_AS_DATAFILE_EXCLUSIVE = 64
|
|
CREATE_DEFAULT_ERROR_MODE = 67108864
|
|
NTDDI_WS03SP2 = 84017664
|
|
NTDDI_WS03SP1 = 84017408
|
|
FILE_ATTRIBUTE_DEVICE = 64
|
|
PRODUCT_STANDARD_SERVER_V = 36
|
|
VOS_OS216 = 131072
|
|
OS_WINDOWS_2003_R2_64 = ' Windows 2003 R2 (64 bits) '
|
|
ERROR_SERVICE_DEPENDENCY_DELETED = 1075
|
|
PRODUCT_ULTIMATE = 1
|
|
ARCH_ARM = ' arm '
|
|
EXIT_PROCESS_DEBUG_EVENT = 5
|
|
ERROR_DBG_RIPEXCEPTION = 695
|
|
WOW64_LDT_ENTRY
|
|
PROCESS_TERMINATE = 1
|
|
ERROR_DBG_TERMINATE_PROCESS = 692
|
|
CreateProcess = GuessStringType(CreateProcessA, CreateProcessW)
|
|
SM_REMOTECONTROL = 8193
|
|
SM_CYFIXEDFRAME = 8
|
|
PRODUCT_ENTERPRISE_N = 27
|
|
SM_CXMENUCHECK = 71
|
|
FORMAT_MESSAGE_ALLOCATE_BUFFER = 256
|
|
BACKGROUND_YELLOW = 96
|
|
VFT2_FONT_VECTOR = 2
|
|
STATUS_ACCESS_VIOLATION = 3221225477
|
|
ERROR_DBG_EXCEPTION_NOT_HANDLED = 688
|
|
PRODUCT_SERVER_FOR_SMALLBUSINESS = 24
|
|
THREAD_PRIORITY_ERROR_RETURN = 4294967295
|
|
PROCESS_SET_QUOTA = 256
|
|
DBG_COMMAND_EXCEPTION = 1073807369
|
|
VFT2_DRV_MOUSE = 5
|
|
warnings
|
|
INITIAL_FPCSR
|
|
PROCESS_MODE_BACKGROUND_BEGIN = 1048576
|
|
READ_CONTROL = 131072
|
|
EXCEPTION_FLT_OVERFLOW = 3221225617
|
|
PROFILE_SERVER = 1073741824
|
|
PRODUCT_SERVER_FOR_SMALLBUSINESS_V = 35
|
|
PRODUCT_HOME_BASIC = 2
|
|
VS_FF_PRIVATEBUILD = 8
|
|
SM_CYSCREEN = 1
|
|
_LDT_ENTRY_BITS_
|
|
WOW64_FLOATING_SAVE_AREA
|
|
VFT_DLL = 2
|
|
WOW64_MAXIMUM_SUPPORTED_EXTENSION
|
|
STATUS_POSSIBLE_DEADLOCK = 3221225876
|
|
PRODUCT_HOME_PREMIUM_N = 26
|
|
EXCEPTION_PRIV_INSTRUCTION = 3221225622
|
|
ARCH_IA32 = ' i386 '
|
|
ACCESS_VIOLATION_TYPE_READ = 0
|
|
PRODUCT_UNLICENSED = 2882382797
|
|
EXCEPTION_INVALID_DISPOSITION = 3221225510
|
|
SM_CYBORDER = 6
|
|
NTDDI_VERSION = 100729088
|
|
SEM_NOGPFAULTERRORBOX = 2
|
|
OpenEvent = GuessStringType(OpenEventA, OpenEventW)
|
|
EXCEPTION_STACK_OVERFLOW = 3221225725
|
|
SM_CXSIZE = 30
|
|
PRODUCT_ENTERPRISE_SERVER_CORE_V = 41
|
|
ERROR_DBG_PRINTEXCEPTION_C = 694
|
|
SM_CYSMCAPTION = 51
|
|
OS_W7_64 = ' Windows 7 (64 bits) '
|
|
STATUS_HEAP_CORRUPTION = 3221226356
|
|
SLE_WARNING = 3
|
|
CREATE_UNICODE_ENVIRONMENT = 1024
|
|
CREATE_NO_WINDOW = 134217728
|
|
QueryDosDevice = GuessStringType(QueryDosDeviceA, QueryDosDevi...
|
|
ERROR_UNHANDLED_EXCEPTION = 574
|
|
EXCEPTION_DATATYPE_MISALIGNMENT = 2147483650
|
|
LEGACY_SAVE_AREA_LENGTH
|
|
THREAD_PRIORITY_IDLE = -15
|
|
HIGH_PRIORITY_CLASS = 128
|
|
FILE_ATTRIBUTE_NORMAL = 128
|
|
FILE_MAP_WRITE = 2
|
|
MEM_RESERVE = 8192
|
|
CTRL_SHUTDOWN_EVENT = 6
|
|
VOS_DOS = 65536
|
|
PRODUCT_HOME_PREMIUM = 3
|
|
ARCH_I386 = ' i386 '
|
|
VER_NT_DOMAIN_CONTROLLER = 2
|
|
_DEBUG_EVENT_UNION_
|
|
NORMAL_PRIORITY_CLASS = 32
|
|
FOREGROUND_YELLOW = 6
|
|
ERROR_NOT_SUPPORTED = 50
|
|
_LDT_ENTRY_BYTES_
|
|
BACKGROUND_GREEN = 32
|
|
ERROR_MORE_DATA = 234
|
|
ERROR_ACCESS_DENIED = 5
|
|
NTDDI_WINXPSP3 = 83952384
|
|
ARCH_AARCH32 = ' arm '
|
|
GR_GDIOBJECTS = 0
|
|
STATUS_SINGLE_STEP = 2147483652
|
|
OS_W7 = ' Windows 7 '
|
|
PRODUCT_STARTER_N = 47
|
|
STANDARD_RIGHTS_ALL = 2031616
|
|
ARCH_T32 = ' thumb '
|
|
WINVER = 1537
|
|
STATUS_INVALID_DISPOSITION = 3221225510
|
|
STANDARD_RIGHTS_READ = 131072
|
|
CREATE_IGNORE_SYSTEM_DEFAULT = 2147483648
|
|
OS_VISTA = ' Windows Vista '
|
|
OPEN_EXISTING = 3
|
|
WOW64_CONTEXT_SEGMENTS
|
|
FILE_MAP_READ = 4
|
|
VER_PLATFORM_WIN32_WINDOWS = 1
|
|
FILE_FLAG_OVERLAPPED = 1073741824
|
|
STATUS_SXS_EARLY_DEACTIVATION = 3222601743
|
|
SM_CLEANBOOT = 67
|
|
PROC_THREAD_ATTRIBUTE_EXTENDED_FLAGS = 393217
|
|
PRODUCT_DATACENTER_SERVER = 8
|
|
QueryFullProcessImageName = GuessStringType(QueryFullProcessIm...
|
|
VOS__PM16 = 2
|
|
VOS__WINDOWS16 = 1
|
|
TH32CS_INHERIT = 2147483648
|
|
SECTION_MAP_EXECUTE_EXPLICIT = 32
|
|
PROCESSOR_PPC_604 = 604
|
|
PWOW64_CONTEXT
|
|
PROCESSOR_HITACHI_SH4 = 10005
|
|
PROCESSOR_PPC_601 = 601
|
|
PROCESSOR_PPC_603 = 603
|
|
VFT_FONT = 4
|
|
DONT_RESOLVE_DLL_REFERENCES = 1
|
|
GetVersionEx = GuessStringType(GetVersionExA, GetVersionExW)
|
|
SEC_RESERVE = 67108864
|
|
MEM_DECOMMIT = 16384
|
|
SM_MIDEASTENABLED = 74
|
|
MAX_PATH = 260
|
|
CONTEXT_INTEGER = 65538
|
|
THREAD_QUERY_INFORMATION = 64
|
|
GlobalAddAtom = GuessStringType(GlobalAddAtomA, GlobalAddAtomW)
|
|
ERROR_DBG_CONTINUE = 767
|
|
FILE_SHARE_WRITE = 2
|
|
SM_SWAPBUTTON = 23
|
|
SM_DEBUG = 22
|
|
FOREGROUND_GREY = 7
|
|
ERROR_CIRCULAR_DEPENDENCY = 1059
|
|
EVENT_MODIFY_STATE = 2
|
|
ARCH_X86 = ' i386 '
|
|
EXCEPTION_NONCONTINUABLE = 1
|
|
ARCH_MSIL = ' msil '
|
|
ERROR_SERVICE_MARKED_FOR_DELETE = 1072
|
|
SM_CXBORDER = 5
|
|
COMMON_LVB_GRID_HORIZONTAL = 1024
|
|
FOREGROUND_BLUE = 1
|
|
STATUS_ARRAY_BOUNDS_EXCEEDED = 3221225612
|
|
SM_CYICONSPACING = 39
|
|
WRITE_DAC = 262144
|
|
PROC_THREAD_ATTRIBUTE_THREAD = 65536
|
|
NTDDI_WIN2KSP3 = 83886848
|
|
NTDDI_WIN2KSP1 = 83886336
|
|
WOW64_CONTEXT_DEBUG_REGISTERS
|
|
ARCH_X64 = ' amd64 '
|
|
DBG_REPLY_LATER = 1073807361
|
|
FILE_ATTRIBUTE_HIDDEN = 2
|
|
LOAD_WITH_ALTERED_SEARCH_PATH = 8
|
|
windll = WinDllHook()
|
|
NTDDI_WIN2KSP4 = 83887104
|
|
PROCESS_ALL_ACCESS_NT = 2035711
|
|
PROC_THREAD_ATTRIBUTE_INPUT = 131072
|
|
HEAP_NO_SERIALIZE = 1
|
|
SM_MOUSEWHEELPRESENT = 75
|
|
TIMER_MODIFY_STATE = 2
|
|
OutputDebugString = GuessStringType(OutputDebugStringA, Output...
|
|
REALTIME_PRIORITY_CLASS = 256
|
|
ERROR_DUPLICATE_SERVICE_NAME = 1078
|
|
TH32CS_SNAPMODULE = 8
|
|
ProcThreadAttributeUmsThread = 6
|
|
VER_GREATER_EQUAL = 3
|
|
ERROR_BAD_ARGUMENTS = 160
|
|
VER_PLATFORM_WIN32s = 0
|
|
SM_CYFULLSCREEN = 17
|
|
WRITE_OWNER = 524288
|
|
SM_CYICON = 12
|
|
GENERIC_ALL = 268435456
|
|
WinCallHook
|
|
ERROR_BAD_PATHNAME = 161
|
|
SM_CYDRAG = 69
|
|
EXCEPTION_FLT_INVALID_OPERATION = 3221225616
|
|
PRODUCT_BUSINESS = 6
|
|
SM_CYMINSPACING = 48
|
|
SM_CXMINSPACING = 47
|
|
OS_W2K3R2 = ' Windows 2003 R2 '
|
|
GetProcAddress = GuessStringType(GetProcAddressA, GetProcAddre...
|
|
PROCESS_CREATION_MITIGATION_POLICY_SEHOP_ENABLE = 4
|
|
SM_SERVERR2 = 89
|
|
WAIT_FAILED = -1
|
|
TRUNCATE_EXISTING = 5
|
|
SM_CXHTHUMB = 10
|
|
MEM_PRIVATE = 131072
|
|
PRODUCT_STANDARD_SERVER_CORE = 13
|
|
FOREGROUND_RED = 4
|
|
PRODUCT_ENTERPRISE_E = 70
|
|
ARCH_AARCH64 = ' arm64 '
|
|
VER_SERVICEPACKMAJOR = 32
|
|
WOW64_CONTEXT_ALL
|
|
ERROR_SERVICE_CANNOT_ACCEPT_CTRL = 1061
|
|
EXTENDED_STARTUPINFO_PRESENT = 524288
|
|
PROCESSOR_MOTOROLA_821 = 821
|
|
CONTEXT_EXCEPTION_REPORTING
|
|
XMM_SAVE_AREA32
|
|
THREAD_PRIORITY_NORMAL = 0
|
|
GENERIC_WRITE = 1073741824
|
|
THREAD_ALERT = 4
|
|
THREAD_ALL_ACCESS = 2097151
|
|
SM_CXDOUBLECLK = 36
|
|
INVALID_HANDLE_VALUE = 4294967295
|
|
STATUS_INVALID_HANDLE = 3221225480
|
|
VFT_RESERVED = 6
|
|
ERROR_SERVICE_DOES_NOT_EXIST = 1060
|
|
BACKGROUND_CYAN = 48
|
|
HEAP_GENERATE_EXCEPTIONS = 4
|
|
SEC_COMMIT = 134217728
|
|
NTDDI_WS03 = 84017152
|
|
SM_CMETRICS = 93
|
|
ERROR_NO_MORE_FILES = 18
|
|
PRODUCT_SERVER_FOUNDATION = 33
|
|
ERROR_SERVICE_SPECIFIC_ERROR = 1066
|
|
EXCEPTION_NONCONTINUABLE_EXCEPTION = 3221225509
|
|
ARCH_ITANIUM = ' ia64 '
|
|
TH32CS_SNAPTHREAD = 4
|
|
THREAD_PRIORITY_TIME_CRITICAL = 15
|
|
PROCESSOR_STRONGARM = 2577
|
|
ERROR_HANDLE_EOF = 38
|
|
PROCESSOR_ARM920 = 2336
|
|
SM_TABLETPC = 86
|
|
SECTION_QUERY = 1
|
|
PROCESS_SET_INFORMATION = 512
|
|
BACKGROUND_MASK = 240
|
|
TH32CS_SNAPHEAPLIST = 1
|
|
VFT_VXD = 5
|
|
DBG_TERMINATE_PROCESS = 1073807364
|
|
FOREGROUND_MASK = 15
|
|
VER_SUITE_EMBEDDEDNT = 64
|
|
PROCESS_CREATE_PROCESS = 128
|
|
SM_CXICON = 11
|
|
SM_CMONITORS = 80
|
|
FILE_ATTRIBUTE_TEMPORARY = 256
|
|
OS_WINDOWS_2008 = ' Windows 2008 '
|
|
SM_CXPADDEDBORDER = 92
|
|
DBG_RIPEXCEPTION = 1073807367
|
|
PROCESS_ALL_ACCESS = 2097151
|
|
STATUS_FLOAT_OVERFLOW = 3221225617
|
|
OS_WINDOWS_2003 = ' Windows 2003 '
|
|
OS_WINDOWS_2000 = ' Windows 2000 '
|
|
VS_FF_PATCHED = 4
|
|
SM_MENUDROPALIGNMENT = 40
|
|
LOAD_IGNORE_CODE_AUTHZ_LEVEL = 16
|
|
LoadLibraryEx = GuessStringType(LoadLibraryExA, LoadLibraryExW)
|
|
SM_CYMIN = 29
|
|
GetTempPath = GuessStringType(GetTempPathA, GetTempPathW)
|
|
STATUS_USER_APC = 192
|
|
ERROR_CANNOT_DETECT_DRIVER_FAILURE = 1080
|
|
SEC_IMAGE = 16777216
|
|
CREATE_SHARED_WOW_VDM = 4096
|
|
GetDllDirectory = GuessStringType(GetDllDirectoryA, GetDllDire...
|
|
SM_CYSMSIZE = 53
|
|
VER_SUITE_ENTERPRISE = 2
|
|
VOS_OS216_PM16 = 131074
|
|
EXCEPTION_READ_FAULT = 0
|
|
FILE_MAP_COPY = 1
|
|
THREAD_SET_CONTEXT = 16
|
|
STATUS_FLOAT_MULTIPLE_TRAPS = 3221226165
|
|
PROCESS_MODE_BACKGROUND_END = 2097152
|
|
PRODUCT_UNDEFINED = 0
|
|
ACCESS_VIOLATION_TYPE_DEP = 8
|
|
ERROR_PRIVILEGE_NOT_HELD = 1314
|
|
SM_CXSIZEFRAME = 32
|
|
PRODUCT_ENTERPRISE_SERVER_IA64 = 15
|
|
PRODUCT_STARTER_E = 66
|
|
THREAD_PRIORITY_ABOVE_NORMAL = 1
|
|
CTRL_BREAK_EVENT = 1
|
|
ERROR_DBG_UNABLE_TO_PROVIDE_HANDLE = 690
|
|
ATTACH_PARENT_PROCESS = 4294967295
|
|
NTDDI_LONGHORN = 100663296
|
|
ARCH_THUMB = ' thumb '
|
|
CREATE_FORCEDOS = 8192
|
|
OS_WINDOWS_SEVEN = ' Windows 7 '
|
|
HANDLE_FLAG_PROTECT_FROM_CLOSE = 2
|
|
FOREGROUND_BLACK = 0
|
|
SM_CYHSCROLL = 3
|
|
SEC_FILE = 8388608
|
|
SYNCHRONIZE = 1048576
|
|
psyco
|
|
OS_UNKNOWN = ' Unknown '
|
|
DBG_CONTROL_C = 1073807365
|
|
SM_CXMAXTRACK = 59
|
|
SM_CXMINTRACK = 34
|
|
SM_CYMENUCHECK = 72
|
|
UNLOAD_DLL_DEBUG_EVENT = 7
|
|
SEC_LARGE_PAGES = 2147483648
|
|
PRODUCT_STARTER = 11
|
|
WRITE_WATCH_FLAG_RESET = 1
|
|
context_amd64
|
|
SM_MOUSEHORIZONTALWHEELPRESENT = 91
|
|
PROCESSOR_INTEL_PENTIUM = 586
|
|
FOREGROUND_INTENSITY = 8
|
|
EXCEPTION_INT_OVERFLOW = 3221225621
|
|
CTRL_C_EVENT = 0
|
|
EXCEPTION_DEBUG_EVENT = 1
|
|
ERROR_FAILED_SERVICE_CONTROLLER_CONNECT = 1063
|
|
DBG_APP_NOT_IDLE = 3221291010
|
|
STATUS_INVALID_INFO_CLASS = 3221225475
|
|
ERROR_NONE_MAPPED = 1332
|
|
PRODUCT_DATACENTER_SERVER_V = 37
|
|
STATUS_NONCONTINUABLE_EXCEPTION = 3221225509
|
|
Wow64ResumeThread
|
|
COMMON_LVB_GRID_LVERTICAL = 2048
|
|
CTRL_LOGOFF_EVENT = 5
|
|
WOW64_CONTEXT_FULL
|
|
STATUS_FLOAT_INEXACT_RESULT = 3221225615
|
|
RPC_S_SERVER_UNAVAILABLE = 1722
|
|
SetDllDirectory = GuessStringType(SetDllDirectoryA, SetDllDire...
|
|
DBG_CONTINUE = 65538
|
|
ERROR_FILE_EXISTS = 80
|
|
SM_NETWORK = 63
|
|
PAGE_EXECUTE_READWRITE = 64
|
|
PROCESS_QUERY_LIMITED_INFORMATION = 4096
|
|
PRODUCT_HYPERV = 42
|
|
SM_CXDRAG = 68
|
|
EXCEPTION_GUARD_PAGE = 2147483649
|
|
PROC_THREAD_ATTRIBUTE_NUMBER = 65535
|
|
PROCESSOR_ARCHITECTURE_ARM = 5
|
|
ERROR_INVALID_DRIVE = 15
|
|
VER_SUITE_PERSONAL = 512
|
|
SM_PENWINDOWS = 41
|
|
CREATE_ALWAYS = 2
|
|
VER_BUILDNUMBER = 4
|
|
SM_CXCURSOR = 13
|
|
OS_WINDOWS_SEVEN_64 = ' Windows 7 (64 bits) '
|
|
MUTEX_ALL_ACCESS = 2031617
|
|
GENERIC_READ = 2147483648
|
|
ERROR_SERVICE_NOT_IN_EXE = 1083
|
|
COMMON_LVB_MASK = 65280
|
|
VER_MAJORVERSION = 2
|
|
VER_PLATFORM_WIN32_NT = 2
|
|
PROC_THREAD_ATTRIBUTE_HANDLE_LIST = 131074
|
|
SM_SHOWSOUNDS = 70
|
|
PRODUCT_HOME_BASIC_E = 67
|
|
EXCEPTION_WRITE_FAULT = 1
|
|
SM_CYMAXIMIZED = 62
|
|
VER_NT_SERVER = 3
|
|
DEBUG_ONLY_THIS_PROCESS = 2
|
|
ERROR_INVALID_FLAG_NUMBER = 186
|
|
PROCESS_DEP_ENABLE = 1
|
|
CREATE_BREAKAWAY_FROM_JOB = 16777216
|
|
ERROR_SUCCESS = 0
|
|
SLE_MINORERROR = 2
|
|
ERROR_NOT_SAFEBOOT_SERVICE = 1084
|
|
SEC_NOCACHE = 268435456
|
|
SM_CYMENU = 15
|
|
VER_SUITE_SMALLBUSINESS = 1
|
|
SM_SECURE = 44
|
|
VFT2_DRV_VERSIONED_PRINTER = 12
|
|
STATUS_TIMEOUT = 258
|
|
PRODUCT_CLUSTER_SERVER = 18
|
|
PROCESSOR_ARCHITECTURE_MIPS = 1
|
|
ARCH_ARM8 = ' arm64 '
|
|
ERROR_CONTROL_C_EXIT = 572
|
|
SM_CYVTHUMB = 9
|
|
STATUS_DATATYPE_MISALIGNMENT = 2147483650
|
|
ARCH_ARM7 = ' arm '
|
|
NTDDI_WINXP = 83951616
|
|
SearchPath = GuessStringType(SearchPathA, SearchPathW)
|
|
SM_CXFRAME = 32
|
|
SM_CARETBLINKINGENABLED = 8194
|
|
ARCH_PPC = ' ppc '
|
|
SM_CXMINIMIZED = 57
|
|
COMMON_LVB_GRID_RVERTICAL = 4096
|
|
VER_SUITE_STORAGE_SERVER = 8192
|
|
WAIT_OBJECT_0 = 0
|
|
FILE_MAP_ALL_ACCESS = 983071
|
|
OS_W2K8R2_64 = ' Windows 2008 R2 (64 bits) '
|
|
ERROR_ALREADY_RUNNING_LKG = 1074
|
|
PRODUCT_SMALLBUSINESS_SERVER = 9
|
|
ERROR_EXCEPTION_IN_SERVICE = 1064
|
|
CREATE_NEW = 1
|
|
STATUS_NO_MEMORY = 3221225495
|
|
STATUS_ABANDONED_WAIT_0 = 128
|
|
PROCESSOR_ARCHITECTURE_SPARC = 20
|
|
DUPLICATE_SAME_ACCESS = 2
|
|
OS_XP_64 = ' Windows XP (64 bits) '
|
|
PRODUCT_ENTERPRISE = 4
|
|
SM_MEDIACENTER = 87
|
|
VFT2_FONT_RASTER = 1
|
|
HEAP_ZERO_MEMORY = 8
|
|
PROCESSOR_INTEL_386 = 386
|
|
ARCH_ARM64 = ' arm64 '
|
|
PROCESS_QUERY_INFORMATION = 1024
|
|
ERROR_DEBUGGER_INACTIVE = 1284
|
|
TH32CS_SNAPPROCESS = 2
|
|
VOS__WINDOWS32 = 4
|
|
ERROR_PATH_NOT_FOUND = 3
|
|
OS_W2K8_64 = ' Windows 2008 (64 bits) '
|
|
PRODUCT_DATACENTER_SERVER_CORE_V = 39
|
|
VER_PRODUCT_TYPE = 128
|
|
ERROR_ASSERTION_FAILURE = 668
|
|
os = ' Windows 7 (64 bits) '
|
|
VerQueryValue = GuessStringType(VerQueryValueA, VerQueryValueW)
|
|
STD_OUTPUT_HANDLE = 4294967285
|
|
GetFileVersionInfo = GuessStringType(GetFileVersionInfoA, GetF...
|
|
TIMER_ALL_ACCESS = 2031619
|
|
STATUS_FLOAT_UNDERFLOW = 3221225619
|
|
DBG_EXCEPTION_NOT_HANDLED = 2147549185
|
|
PROCESSOR_HITACHI_SH3E = 10004
|
|
PROCESSOR_ARCHITECTURE_PPC = 3
|
|
SM_CXSMICON = 49
|
|
Wow64SetThreadContext
|
|
STATUS_CONTROL_C_EXIT = 3221225786
|
|
PAGE_NOCACHE = 512
|
|
VOS_OS232 = 196608
|
|
SM_CXFIXEDFRAME = 7
|
|
SM_CYEDGE = 46
|
|
VER_SUITE_COMPUTE_SERVER = 16384
|
|
NTDDI_VISTASP1 = 100663552
|
|
BELOW_NORMAL_PRIORITY_CLASS = 16384
|
|
PROCESSOR_ARCHITECTURE_MSIL = 8
|
|
OS_WINDOWS_VISTA = ' Windows Vista '
|
|
WOW64_SIZE_OF_80387_REGISTERS
|
|
CONTEXT_AMD64
|
|
FILE_ATTRIBUTE_DIRECTORY = 16
|
|
VER_SERVICEPACKMINOR = 16
|
|
VFT2_DRV_PRINTER = 1
|
|
PRODUCT_BUSINESS_N = 16
|
|
NTDDI_WINNT4 = 67108864
|
|
CREATE_NEW_PROCESS_GROUP = 512
|
|
BACKGROUND_BLACK = 0
|
|
ARCH_IA64 = ' ia64 '
|
|
SM_CYMINIMIZED = 58
|
|
ERROR_NOACCESS = 998
|
|
PRODUCT_ULTIMATE_N = 28
|
|
PRODUCT_STORAGE_STANDARD_SERVER = 21
|
|
PRODUCT_HOME_PREMIUM_E = 68
|
|
INITIAL_MXCSR
|
|
PROC_THREAD_ATTRIBUTE_ADDITIVE = 262144
|
|
PROCESS_DUP_HANDLE = 64
|
|
PROCESSOR_ARCHITECTURE_AMD64 = 9
|
|
OS_W2K8R2 = ' Windows 2008 R2 '
|
|
MEM_MAPPED = 262144
|
|
SM_CYDLGFRAME = 8
|
|
ERROR_BOOT_ALREADY_ACCEPTED = 1076
|
|
MEM_PHYSICAL = 4194304
|
|
THREAD_TERMINATE = 1
|
|
VOS_NT_WINDOWS32 = 262148
|
|
CreateEvent = GuessStringType(CreateEventA, CreateEventW)
|
|
PWOW64_LDT_ENTRY
|
|
SM_CYSIZE = 31
|
|
STD_ERROR_HANDLE = 4294967284
|
|
ContextArchMask = 268369920
|
|
STATUS_FLOAT_DENORMAL_OPERAND = 3221225613
|
|
WinDllHook
|
|
PROCESS_SUSPEND_RESUME = 2048
|
|
PROCESSOR_ARCHITECTURE_INTEL = 0
|
|
PROC_THREAD_ATTRIBUTE_IDEAL_PROCESSOR = 196613
|
|
PRODUCT_DATACENTER_SERVER_CORE = 12
|
|
STATUS_ILLEGAL_INSTRUCTION = 3221225501
|
|
PAGE_EXECUTE = 16
|
|
THREAD_PRIORITY_HIGHEST = 2
|
|
OS_SEVEN_64 = ' Windows 7 (64 bits) '
|
|
ERROR_DBG_COMMAND_EXCEPTION = 697
|
|
CONTROL_C_EXIT = 3221225786
|
|
PRODUCT_HOME_BASIC_N = 5
|
|
COMMON_LVB_TRAILING_BYTE = 512
|
|
NULL = None
hash(x)
|
|
NTDDI_WS08 = 100663552
|
|
SEM_NOALIGNMENTFAULTEXCEPT = 4
|
|
FILE_FLAG_RANDOM_ACCESS = 268435456
|
|
STATUS_SXS_INVALID_DEACTIVATION = 3222601744
|
|
VER_SUITENAME = 64
|
|
ERROR_SEM_TIMEOUT = 121
|
|
THREAD_BASE_PRIORITY_MIN = -2
|
|
VER_SUITE_TERMINAL = 16
|
|
SM_XVIRTUALSCREEN = 76
|
|
SM_CXSMSIZE = 52
|
|
ABOVE_NORMAL_PRIORITY_CLASS = 32768
|
|
OS_W2K = ' Windows 2000 '
|
|
PRODUCT_STORAGE_EXPRESS_SERVER = 20
|
|
PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION = 2
|
|
VFT2_DRV_COMM = 10
|
|
SIZE_OF_80387_REGISTERS = 80
|
|
PROC_THREAD_ATTRIBUTE_UMS_THREAD = 196614
|
|
CONTEXT_ALL = 65599
|
|
GetTempFileName = GuessStringType(GetTempFileNameA, GetTempFil...
|
|
STATUS_REG_NAT_CONSUMPTION = 3221226185
|
|
EXCEPTION_ACCESS_VIOLATION = 3221225477
|
|
GetCurrentDirectory = GuessStringType(GetCurrentDirectoryA, Ge...
|
|
VFT2_DRV_RESERVED = 11
|
|
FILE_ATTRIBUTE_SYSTEM = 4
|
|
FILE_MAP_EXECUTE = 32
|
|
CONTEXT_DEBUG_REGISTERS = 65552
|
|
ProcThreadAttributeParentProcess = 0
|
|
PRODUCT_STORAGE_WORKGROUP_SERVER = 22
|
|
WAIT_TIMEOUT = 258
|
|
SPVERSION_MASK = 65280
|
|
CREATE_PROTECTED_PROCESS = 262144
|
|
ERROR_NO_MORE_ITEMS = 259
|
|
VOLUME_NAME_DOS = 0
|
|
SE_ASSIGNPRIMARYTOKEN_NAME = ' SeAssignPrimaryTokenPrivilege '
|
|
SE_AUDIT_NAME = ' SeAuditPrivilege '
|
|
SE_BACKUP_NAME = ' SeBackupPrivilege '
|
|
SE_CHANGE_NOTIFY_NAME = ' SeChangeNotifyPrivilege '
|
|
SE_CREATE_GLOBAL_NAME = ' SeCreateGlobalPrivilege '
|
|
SE_CREATE_PAGEFILE_NAME = ' SeCreatePagefilePrivilege '
|
|
SE_CREATE_PERMANENT_NAME = ' SeCreatePermanentPrivilege '
|
|
SE_CREATE_SYMBOLIC_LINK_NAME = ' SeCreateSymbolicLinkPrivilege '
|
|
SE_CREATE_TOKEN_NAME = ' SeCreateTokenPrivilege '
|
|
SE_DEBUG_NAME = ' SeDebugPrivilege '
|
|
SE_ENABLE_DELEGATION_NAME = ' SeEnableDelegationPrivilege '
|
|
SE_IMPERSONATE_NAME = ' SeImpersonatePrivilege '
|
|
SE_INC_BASE_PRIORITY_NAME = ' SeIncreaseBasePriorityPrivilege '
|
|
SE_INCREASE_QUOTA_NAME = ' SeIncreaseQuotaPrivilege '
|
|
SE_INC_WORKING_SET_NAME = ' SeIncreaseWorkingSetPrivilege '
|
|
SE_LOAD_DRIVER_NAME = ' SeLoadDriverPrivilege '
|
|
SE_LOCK_MEMORY_NAME = ' SeLockMemoryPrivilege '
|
|
SE_MACHINE_ACCOUNT_NAME = ' SeMachineAccountPrivilege '
|
|
SE_MANAGE_VOLUME_NAME = ' SeManageVolumePrivilege '
|
|
SE_PROF_SINGLE_PROCESS_NAME = ' SeProfileSingleProcessPrivilege '
|
|
SE_RELABEL_NAME = ' SeRelabelPrivilege '
|
|
SE_REMOTE_SHUTDOWN_NAME = ' SeRemoteShutdownPrivilege '
|
|
SE_RESTORE_NAME = ' SeRestorePrivilege '
|
|
SE_SECURITY_NAME = ' SeSecurityPrivilege '
|
|
SE_SHUTDOWN_NAME = ' SeShutdownPrivilege '
|
|
SE_SYNC_AGENT_NAME = ' SeSyncAgentPrivilege '
|
|
SE_SYSTEM_ENVIRONMENT_NAME = ' SeSystemEnvironmentPrivilege '
|
|
SE_SYSTEM_PROFILE_NAME = ' SeSystemProfilePrivilege '
|
|
SE_SYSTEMTIME_NAME = ' SeSystemtimePrivilege '
|
|
SE_TAKE_OWNERSHIP_NAME = ' SeTakeOwnershipPrivilege '
|
|
SE_TCB_NAME = ' SeTcbPrivilege '
|
|
SE_TIME_ZONE_NAME = ' SeTimeZonePrivilege '
|
|
SE_TRUSTED_CREDMAN_ACCESS_NAME = ' SeTrustedCredManAccessPrivil ...
|
|
SE_UNDOCK_NAME = ' SeUndockPrivilege '
|
|
SE_UNSOLICITED_INPUT_NAME = ' SeUnsolicitedInputPrivilege '
|
|
SE_PRIVILEGE_ENABLED_BY_DEFAULT = 1
|
|
SE_PRIVILEGE_ENABLED = 2
|
|
SE_PRIVILEGE_REMOVED = 4
|
|
SE_PRIVILEGE_USED_FOR_ACCESS = 2147483648
|
|
LOGON_WITH_PROFILE = 1
|
|
LOGON_NETCREDENTIALS_ONLY = 2
|
|
TOKEN_ASSIGN_PRIMARY = 1
|
|
TOKEN_DUPLICATE = 2
|
|
TOKEN_IMPERSONATE = 4
|
|
TOKEN_QUERY = 8
|
|
TOKEN_QUERY_SOURCE = 16
|
|
TOKEN_ADJUST_PRIVILEGES = 32
|
|
TOKEN_ADJUST_GROUPS = 64
|
|
TOKEN_ADJUST_DEFAULT = 128
|
|
TOKEN_ADJUST_SESSIONID = 256
|
|
TOKEN_READ = 131080
|
|
TOKEN_ALL_ACCESS = 983551
|
|
HKEY_CLASSES_ROOT = 2147483648
|
|
HKEY_CURRENT_USER = 2147483649
|
|
HKEY_LOCAL_MACHINE = 2147483650
|
|
HKEY_USERS = 2147483651
|
|
HKEY_PERFORMANCE_DATA = 2147483652
|
|
HKEY_CURRENT_CONFIG = 2147483653
|
|
KEY_ALL_ACCESS = 983103
|
|
KEY_CREATE_LINK = 32
|
|
KEY_CREATE_SUB_KEY = 4
|
|
KEY_ENUMERATE_SUB_KEYS = 8
|
|
KEY_EXECUTE = 131097
|
|
KEY_NOTIFY = 16
|
|
KEY_QUERY_VALUE = 1
|
|
KEY_READ = 131097
|
|
KEY_SET_VALUE = 2
|
|
KEY_WOW64_32KEY = 512
|
|
KEY_WOW64_64KEY = 256
|
|
KEY_WRITE = 131078
|
|
REG_NONE = 0
|
|
REG_SZ = 1
|
|
REG_EXPAND_SZ = 2
|
|
REG_BINARY = 3
|
|
REG_DWORD = 4
|
|
REG_DWORD_LITTLE_ENDIAN = 4
|
|
REG_DWORD_BIG_ENDIAN = 5
|
|
REG_LINK = 6
|
|
REG_MULTI_SZ = 7
|
|
REG_RESOURCE_LIST = 8
|
|
REG_FULL_RESOURCE_DESCRIPTOR = 9
|
|
REG_RESOURCE_REQUIREMENTS_LIST = 10
|
|
REG_QWORD = 11
|
|
REG_QWORD_LITTLE_ENDIAN = 11
|
|
TokenUser = 1
|
|
TokenGroups = 2
|
|
TokenPrivileges = 3
|
|
TokenOwner = 4
|
|
TokenPrimaryGroup = 5
|
|
TokenDefaultDacl = 6
|
|
TokenSource = 7
|
|
TokenType = 8
|
|
TokenImpersonationLevel = 9
|
|
TokenStatistics = 10
|
|
TokenRestrictedSids = 11
|
|
TokenSessionId = 12
|
|
TokenGroupsAndPrivileges = 13
|
|
TokenSessionReference = 14
|
|
TokenSandBoxInert = 15
|
|
TokenAuditPolicy = 16
|
|
TokenOrigin = 17
|
|
TokenElevationType = 18
|
|
TokenLinkedToken = 19
|
|
TokenElevation = 20
|
|
TokenHasRestrictions = 21
|
|
TokenAccessInformation = 22
|
|
TokenVirtualizationAllowed = 23
|
|
TokenVirtualizationEnabled = 24
|
|
TokenIntegrityLevel = 25
|
|
TokenUIAccess = 26
|
|
TokenMandatoryPolicy = 27
|
|
TokenLogonSid = 28
|
|
TokenIsAppContainer = 29
|
|
TokenCapabilities = 30
|
|
TokenAppContainerSid = 31
|
|
TokenAppContainerNumber = 32
|
|
TokenUserClaimAttributes = 33
|
|
TokenDeviceClaimAttributes = 34
|
|
TokenRestrictedUserClaimAttributes = 35
|
|
TokenRestrictedDeviceClaimAttributes = 36
|
|
TokenDeviceGroups = 37
|
|
TokenRestrictedDeviceGroups = 38
|
|
TokenSecurityAttributes = 39
|
|
TokenIsRestricted = 40
|
|
MaxTokenInfoClass = 41
|
|
TokenPrimary = 1
|
|
TokenImpersonation = 2
|
|
TokenElevationTypeDefault = 1
|
|
TokenElevationTypeFull = 2
|
|
TokenElevationTypeLimited = 3
|
|
SecurityAnonymous = 0
|
|
SecurityIdentification = 1
|
|
SecurityImpersonation = 2
|
|
SecurityDelegation = 3
|
|
SidTypeUser = 1
|
|
SidTypeGroup = 2
|
|
SidTypeDomain = 3
|
|
SidTypeAlias = 4
|
|
SidTypeWellKnownGroup = 5
|
|
SidTypeDeletedAccount = 6
|
|
SidTypeInvalid = 7
|
|
SidTypeUnknown = 8
|
|
SidTypeComputer = 9
|
|
SidTypeLabel = 10
|
|
WCT_MAX_NODE_COUNT = 16
|
|
WCT_OBJNAME_LENGTH = 128
|
|
WCT_ASYNC_OPEN_FLAG = 1
|
|
WCTP_OPEN_ALL_FLAGS = 1
|
|
WCT_OUT_OF_PROC_FLAG = 1
|
|
WCT_OUT_OF_PROC_COM_FLAG = 2
|
|
WCT_OUT_OF_PROC_CS_FLAG = 4
|
|
WCTP_GETINFO_ALL_FLAGS = 7
|
|
WctCriticalSectionType = 1
|
|
WctSendMessageType = 2
|
|
WctMutexType = 3
|
|
WctAlpcType = 4
|
|
WctComType = 5
|
|
WctThreadWaitType = 6
|
|
WctProcessWaitType = 7
|
|
WctThreadType = 8
|
|
WctComActivationType = 9
|
|
WctUnknownType = 10
|
|
WctMaxType = 11
|
|
WctStatusNoAccess = 1
|
|
WctStatusRunning = 2
|
|
WctStatusBlocked = 3
|
|
WctStatusPidOnly = 4
|
|
WctStatusPidOnlyRpcss = 5
|
|
WctStatusOwned = 6
|
|
WctStatusNotOwned = 7
|
|
WctStatusAbandoned = 8
|
|
WctStatusUnknown = 9
|
|
WctStatusError = 10
|
|
WctStatusMax = 11
|
|
SAFER_SCOPEID_MACHINE = 1
|
|
SAFER_SCOPEID_USER = 2
|
|
SAFER_LEVEL_OPEN = 1
|
|
SAFER_LEVELID_DISALLOWED = 0
|
|
SAFER_LEVELID_UNTRUSTED = 4096
|
|
SAFER_LEVELID_CONSTRAINED = 65536
|
|
SAFER_LEVELID_NORMALUSER = 131072
|
|
SAFER_LEVELID_FULLYTRUSTED = 262144
|
|
SaferPolicyLevelList = 1
|
|
SaferPolicyEnableTransparentEnforcement = 2
|
|
SaferPolicyDefaultLevel = 3
|
|
SaferPolicyEvaluateUserScope = 4
|
|
SaferPolicyScopeFlags = 5
|
|
SAFER_TOKEN_NULL_IF_EQUAL = 1
|
|
SAFER_TOKEN_COMPARE_ONLY = 2
|
|
SAFER_TOKEN_MAKE_INERT = 4
|
|
SAFER_TOKEN_WANT_FLAGS = 8
|
|
SAFER_TOKEN_MASK = 15
|
|
SERVICES_ACTIVE_DATABASEW = u' ServicesActive '
|
|
SERVICES_FAILED_DATABASEW = u' ServicesFailed '
|
|
SERVICES_ACTIVE_DATABASEA = ' ServicesActive '
|
|
SERVICES_FAILED_DATABASEA = ' ServicesFailed '
|
|
SC_GROUP_IDENTIFIERW = u' + '
|
|
SC_GROUP_IDENTIFIERA = ' + '
|
|
SERVICE_NO_CHANGE = 4294967295
|
|
SC_STATUS_PROCESS_INFO = 0
|
|
SC_ENUM_PROCESS_INFO = 0
|
|
SERVICE_ALL_ACCESS = 983551
|
|
SERVICE_QUERY_CONFIG = 1
|
|
SERVICE_CHANGE_CONFIG = 2
|
|
SERVICE_QUERY_STATUS = 4
|
|
SERVICE_ENUMERATE_DEPENDENTS = 8
|
|
SERVICE_START = 16
|
|
SERVICE_STOP = 32
|
|
SERVICE_PAUSE_CONTINUE = 64
|
|
SERVICE_INTERROGATE = 128
|
|
SERVICE_USER_DEFINED_CONTROL = 256
|
|
SC_MANAGER_ALL_ACCESS = 983103
|
|
SC_MANAGER_CONNECT = 1
|
|
SC_MANAGER_CREATE_SERVICE = 2
|
|
SC_MANAGER_ENUMERATE_SERVICE = 4
|
|
SC_MANAGER_LOCK = 8
|
|
SC_MANAGER_QUERY_LOCK_STATUS = 16
|
|
SC_MANAGER_MODIFY_BOOT_CONFIG = 32
|
|
SERVICE_BOOT_START = 0
|
|
SERVICE_SYSTEM_START = 1
|
|
SERVICE_AUTO_START = 2
|
|
SERVICE_DEMAND_START = 3
|
|
SERVICE_DISABLED = 4
|
|
SERVICE_ERROR_IGNORE = 0
|
|
SERVICE_ERROR_NORMAL = 1
|
|
SERVICE_ERROR_SEVERE = 2
|
|
SERVICE_ERROR_CRITICAL = 3
|
|
SERVICE_ACTIVE = 1
|
|
SERVICE_INACTIVE = 2
|
|
SERVICE_STATE_ALL = 3
|
|
SERVICE_KERNEL_DRIVER = 1
|
|
SERVICE_FILE_SYSTEM_DRIVER = 2
|
|
SERVICE_ADAPTER = 4
|
|
SERVICE_RECOGNIZER_DRIVER = 8
|
|
SERVICE_WIN32_OWN_PROCESS = 16
|
|
SERVICE_WIN32_SHARE_PROCESS = 32
|
|
SERVICE_INTERACTIVE_PROCESS = 256
|
|
SERVICE_DRIVER = 11
|
|
SERVICE_WIN32 = 48
|
|
SERVICE_STOPPED = 1
|
|
SERVICE_START_PENDING = 2
|
|
SERVICE_STOP_PENDING = 3
|
|
SERVICE_RUNNING = 4
|
|
SERVICE_CONTINUE_PENDING = 5
|
|
SERVICE_PAUSE_PENDING = 6
|
|
SERVICE_PAUSED = 7
|
|
SERVICE_RUNS_IN_SYSTEM_PROCESS = 1
|
|
SERVICE_CONTROL_STOP = 1
|
|
SERVICE_CONTROL_PAUSE = 2
|
|
SERVICE_CONTROL_CONTINUE = 3
|
|
SERVICE_CONTROL_INTERROGATE = 4
|
|
SERVICE_CONTROL_SHUTDOWN = 5
|
|
SERVICE_CONTROL_PARAMCHANGE = 6
|
|
SERVICE_CONTROL_NETBINDADD = 7
|
|
SERVICE_CONTROL_NETBINDREMOVE = 8
|
|
SERVICE_CONTROL_NETBINDENABLE = 9
|
|
SERVICE_CONTROL_NETBINDDISABLE = 10
|
|
SERVICE_CONTROL_DEVICEEVENT = 11
|
|
SERVICE_CONTROL_HARDWAREPROFILECHANGE = 12
|
|
SERVICE_CONTROL_POWEREVENT = 13
|
|
SERVICE_CONTROL_SESSIONCHANGE = 14
|
|
SERVICE_ACCEPT_STOP = 1
|
|
SERVICE_ACCEPT_PAUSE_CONTINUE = 2
|
|
SERVICE_ACCEPT_SHUTDOWN = 4
|
|
SERVICE_ACCEPT_PARAMCHANGE = 8
|
|
SERVICE_ACCEPT_NETBINDCHANGE = 16
|
|
SERVICE_ACCEPT_HARDWAREPROFILECHANGE = 32
|
|
SERVICE_ACCEPT_POWEREVENT = 64
|
|
SERVICE_ACCEPT_SESSIONCHANGE = 128
|
|
SERVICE_ACCEPT_PRESHUTDOWN = 256
|
|
SERVICE_ACCEPT_TIMECHANGE = 512
|
|
SERVICE_ACCEPT_TRIGGEREVENT = 1024
|
|
SERVICE_ACCEPT_USERMODEREBOOT = 2048
|
|
SC_ACTION_NONE = 0
|
|
SC_ACTION_RESTART = 1
|
|
SC_ACTION_REBOOT = 2
|
|
SC_ACTION_RUN_COMMAND = 3
|
|
SERVICE_CONFIG_DESCRIPTION = 1
|
|
SERVICE_CONFIG_FAILURE_ACTIONS = 2
|
|
GetUserName = DefaultStringType(GetUserNameA, GetUserNameW)
|
|
LookupAccountSid = GuessStringType(LookupAccountSidA, LookupAc...
|
|
ConvertSidToStringSid = DefaultStringType(ConvertSidToStringSi...
|
|
ConvertStringSidToSid = GuessStringType(ConvertStringSidToSidA...
|
|
LookupPrivilegeValue = GuessStringType(LookupPrivilegeValueA, ...
|
|
LookupPrivilegeName = GuessStringType(LookupPrivilegeNameA, Lo...
|
|
CreateProcessWithLogon = DefaultStringType(CreateProcessWithLo...
|
|
CreateProcessWithToken = DefaultStringType(CreateProcessWithTo...
|
|
CreateProcessAsUser = GuessStringType(CreateProcessAsUserA, Cr...
|
|
RegConnectRegistry = GuessStringType(RegConnectRegistryA, RegC...
|
|
RegCreateKey = GuessStringType(RegCreateKeyA, RegCreateKeyW)
|
|
RegOpenKey = GuessStringType(RegOpenKeyA, RegOpenKeyW)
|
|
RegOpenKeyEx = GuessStringType(RegOpenKeyExA, RegOpenKeyExW)
|
|
RegQueryValue = GuessStringType(RegQueryValueA, RegQueryValueW)
|
|
RegQueryValueEx = GuessStringType(RegQueryValueExA, RegQueryVa...
|
|
RegEnumKey = DefaultStringType(RegEnumKeyA, RegEnumKeyW)
|
|
RegEnumValue = DefaultStringType(RegEnumValueA, RegEnumValueW)
|
|
RegDeleteValue = GuessStringType(RegDeleteValueA, RegDeleteVal...
|
|
RegDeleteKeyValue = GuessStringType(RegDeleteKeyValueA, RegDel...
|
|
RegDeleteKey = GuessStringType(RegDeleteKeyA, RegDeleteKeyW)
|
|
RegDeleteKeyEx = GuessStringType(RegDeleteKeyExA, RegDeleteKey...
|
|
RegCopyTree = GuessStringType(RegCopyTreeA, RegCopyTreeW)
|
|
RegDeleteTree = GuessStringType(RegDeleteTreeA, RegDeleteTreeW)
|
|
OpenSCManager = GuessStringType(OpenSCManagerA, OpenSCManagerW)
|
|
OpenService = GuessStringType(OpenServiceA, OpenServiceW)
|
|
CreateService = GuessStringType(CreateServiceA, CreateServiceW)
|
|
GetServiceKeyName = GuessStringType(GetServiceKeyNameA, GetSer...
|
|
GetServiceDisplayName = GuessStringType(GetServiceDisplayNameA...
|
|
StartService = GuessStringType(StartServiceA, StartServiceW)
|
|
EnumServicesStatus = DefaultStringType(EnumServicesStatusA, En...
|
|
EnumServicesStatusEx = DefaultStringType(EnumServicesStatusExA...
|
|
_all = set([ ' AdjustTokenPrivileges ' , ' CloseServiceHandle ' , ' Cl ...
|
|
__package__ = ' winappdbg.win32 '
|
|
_x = ' TokenIntegrityLevel '
|