Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Package winappdbg :: Package win32 :: Module advapi32
[hide private]
[frames] | no frames]

Module advapi32

source code

Wrapper for advapi32.dll in ctypes.

Classes [hide private]
  LUID
  PLUID
  LUID_AND_ATTRIBUTES
  TOKEN_PRIVILEGES
  PTOKEN_PRIVILEGES
  TOKEN_INFORMATION_CLASS
  TOKEN_TYPE
  PTOKEN_TYPE
  TOKEN_ELEVATION_TYPE
  PTOKEN_ELEVATION_TYPE
  SECURITY_IMPERSONATION_LEVEL
  PSECURITY_IMPERSONATION_LEVEL
  SID_AND_ATTRIBUTES
  PSID_AND_ATTRIBUTES
  TOKEN_USER
  PTOKEN_USER
  TOKEN_MANDATORY_LABEL
  PTOKEN_MANDATORY_LABEL
  TOKEN_OWNER
  PTOKEN_OWNER
  TOKEN_PRIMARY_GROUP
  PTOKEN_PRIMARY_GROUP
  TOKEN_APPCONTAINER_INFORMATION
  PTOKEN_APPCONTAINER_INFORMATION
  TOKEN_ORIGIN
  PTOKEN_ORIGIN
  TOKEN_LINKED_TOKEN
  PTOKEN_LINKED_TOKEN
  TOKEN_STATISTICS
  PTOKEN_STATISTICS
  HWCT
  WCT_OBJECT_TYPE
  WCT_OBJECT_STATUS
  _WAITCHAIN_NODE_INFO_STRUCT_1
  _WAITCHAIN_NODE_INFO_STRUCT_2
  _WAITCHAIN_NODE_INFO_UNION
  WAITCHAIN_NODE_INFO
  PWAITCHAIN_NODE_INFO
  WaitChainNodeInfo
Represents a node in the wait chain.
  ThreadWaitChainSessionHandle
Thread wait chain session handle.
  SAFER_LEVEL_HANDLE
  SAFER_POLICY_INFO_CLASS
  SC_HANDLE
  SC_STATUS_TYPE
  SC_ENUM_TYPE
  SERVICE_STATUS
  LPSERVICE_STATUS
  SERVICE_STATUS_PROCESS
  LPSERVICE_STATUS_PROCESS
  ENUM_SERVICE_STATUSA
  ENUM_SERVICE_STATUSW
  LPENUM_SERVICE_STATUSA
  LPENUM_SERVICE_STATUSW
  ENUM_SERVICE_STATUS_PROCESSA
  ENUM_SERVICE_STATUS_PROCESSW
  LPENUM_SERVICE_STATUS_PROCESSA
  LPENUM_SERVICE_STATUS_PROCESSW
  ServiceStatus
Wrapper for the SERVICE_STATUS structure.
  ServiceStatusProcess
Wrapper for the SERVICE_STATUS_PROCESS structure.
  ServiceStatusEntry
Service status entry returned by EnumServicesStatus.
  ServiceStatusProcessEntry
Service status entry returned by EnumServicesStatusEx.
  TokenHandle
Access token handle.
  RegistryKeyHandle
Registry key handle.
  SaferLevelHandle
Safer level handle.
  ServiceHandle
Service handle.
  ServiceControlManagerHandle
Service Control Manager (SCM) handle.
  PWAITCHAINCALLBACK
Functions [hide private]
 
GetUserNameA() source code
 
GetUserNameW() source code
 
LookupAccountSidA(lpSystemName, lpSid) source code
 
LookupAccountSidW(lpSystemName, lpSid) source code
 
ConvertSidToStringSidA(Sid) source code
 
ConvertSidToStringSidW(Sid) source code
 
ConvertStringSidToSidA(StringSid) source code
 
ConvertStringSidToSidW(StringSid) source code
 
IsValidSid(pSid) source code
 
EqualSid(pSid1, pSid2) source code
 
GetLengthSid(pSid) source code
 
CopySid(pSourceSid) source code
 
FreeSid(pSid) source code
 
OpenProcessToken(ProcessHandle, DesiredAccess=983551) source code
 
OpenThreadToken(ThreadHandle, DesiredAccess, OpenAsSelf=True) source code
 
DuplicateToken(ExistingTokenHandle, ImpersonationLevel=2) source code
 
DuplicateTokenEx(hExistingToken, dwDesiredAccess=983551, lpTokenAttributes=None, ImpersonationLevel=2, TokenType=1) source code
 
IsTokenRestricted(hTokenHandle) source code
 
LookupPrivilegeValueA(lpSystemName, lpName) source code
 
LookupPrivilegeValueW(lpSystemName, lpName) source code
 
LookupPrivilegeNameA(lpSystemName, lpLuid) source code
 
LookupPrivilegeNameW(lpSystemName, lpLuid) source code
 
AdjustTokenPrivileges(TokenHandle, NewState=()) source code
 
GetTokenInformation(hTokenHandle, TokenInformationClass) source code
 
_internal_GetTokenInformation(hTokenHandle, TokenInformationClass, TokenInformation) source code
 
CreateProcessWithLogonW(lpUsername=None, lpDomain=None, lpPassword=None, dwLogonFlags=0, lpApplicationName=None, lpCommandLine=None, dwCreationFlags=0, lpEnvironment=None, lpCurrentDirectory=None, lpStartupInfo=None) source code
 
CreateProcessWithLogonA(*argv, **argd) source code
 
CreateProcessWithTokenW(hToken=None, dwLogonFlags=0, lpApplicationName=None, lpCommandLine=None, dwCreationFlags=0, lpEnvironment=None, lpCurrentDirectory=None, lpStartupInfo=None) source code
 
CreateProcessWithTokenA(*argv, **argd) source code
 
CreateProcessAsUserA(hToken=None, lpApplicationName=None, lpCommandLine=None, lpProcessAttributes=None, lpThreadAttributes=None, bInheritHandles=False, dwCreationFlags=0, lpEnvironment=None, lpCurrentDirectory=None, lpStartupInfo=None) source code
 
CreateProcessAsUserW(hToken=None, lpApplicationName=None, lpCommandLine=None, lpProcessAttributes=None, lpThreadAttributes=None, bInheritHandles=False, dwCreationFlags=0, lpEnvironment=None, lpCurrentDirectory=None, lpStartupInfo=None) source code
 
OpenThreadWaitChainSession(Flags=0, callback=None) source code
 
GetThreadWaitChain(WctHandle, Context=None, Flags=7, ThreadId=-1, NodeCount=16) source code
 
CloseThreadWaitChainSession(WctHandle) source code
 
SaferCreateLevel(dwScopeId=2, dwLevelId=131072, OpenFlags=0) source code
 
SaferComputeTokenFromLevel(LevelHandle, InAccessToken=None, dwFlags=0) source code
 
SaferCloseLevel(hLevelHandle) source code
 
SaferiIsExecutableFileType(szFullPath, bFromShellExecute=False) source code
 
SaferIsExecutableFileType(szFullPath, bFromShellExecute=False) source code
 
RegCloseKey(hKey) source code
 
RegConnectRegistryA(lpMachineName=None, hKey=2147483650) source code
 
RegConnectRegistryW(lpMachineName=None, hKey=2147483650) source code
 
RegCreateKeyA(hKey=2147483650, lpSubKey=None) source code
 
RegCreateKeyW(hKey=2147483650, lpSubKey=None) source code
 
RegOpenKeyA(hKey=2147483650, lpSubKey=None) source code
 
RegOpenKeyW(hKey=2147483650, lpSubKey=None) source code
 
RegOpenKeyExA(hKey=2147483650, lpSubKey=None, samDesired=983103) source code
 
RegOpenKeyExW(hKey=2147483650, lpSubKey=None, samDesired=983103) source code
 
RegOpenCurrentUser(samDesired=983103) source code
 
RegOpenUserClassesRoot(hToken, samDesired=983103) source code
 
RegQueryValueA(hKey, lpSubKey=None) source code
 
RegQueryValueW(hKey, lpSubKey=None) source code
 
_internal_RegQueryValueEx(ansi, hKey, lpValueName=None, bGetData=True) source code
 
_caller_RegQueryValueEx(ansi) source code
 
RegQueryValueExA(hKey, lpValueName=None, bGetData=True) source code
 
RegQueryValueExW(hKey, lpValueName=None, bGetData=True) source code
 
RegSetValueEx(hKey, lpValueName=None, lpData=None, dwType=None) source code
 
RegSetValueExW(hKey, lpValueName=None, lpData=None, dwType=None) source code
 
RegSetValueExA(hKey, lpValueName=None, lpData=None, dwType=None) source code
 
RegEnumKeyA(hKey, dwIndex) source code
 
RegEnumKeyW(hKey, dwIndex) source code
 
_internal_RegEnumValue(ansi, hKey, dwIndex, bGetData=True) source code
 
RegEnumValueA(hKey, dwIndex, bGetData=True) source code
 
RegEnumValueW(hKey, dwIndex, bGetData=True) source code
 
RegDeleteValueA(hKeySrc, lpValueName=None) source code
 
RegDeleteValueW(hKeySrc, lpValueName=None) source code
 
RegDeleteKeyValueA(hKeySrc, lpSubKey=None, lpValueName=None) source code
 
RegDeleteKeyValueW(hKeySrc, lpSubKey=None, lpValueName=None) source code
 
RegDeleteKeyA(hKeySrc, lpSubKey=None) source code
 
RegDeleteKeyW(hKeySrc, lpSubKey=None) source code
 
RegDeleteKeyExA(hKeySrc, lpSubKey=None, samDesired=512) source code
 
RegDeleteKeyExW(hKeySrc, lpSubKey=None, samDesired=512) source code
 
RegCopyTreeA(hKeySrc, lpSubKey, hKeyDest) source code
 
RegCopyTreeW(hKeySrc, lpSubKey, hKeyDest) source code
 
RegDeleteTreeA(hKey, lpSubKey=None) source code
 
RegDeleteTreeW(hKey, lpSubKey=None) source code
 
RegFlushKey(hKey) source code
 
CloseServiceHandle(hSCObject) source code
 
OpenSCManagerA(lpMachineName=None, lpDatabaseName=None, dwDesiredAccess=983103) source code
 
OpenSCManagerW(lpMachineName=None, lpDatabaseName=None, dwDesiredAccess=983103) source code
 
OpenServiceA(hSCManager, lpServiceName, dwDesiredAccess=983551) source code
 
OpenServiceW(hSCManager, lpServiceName, dwDesiredAccess=983551) source code
 
CreateServiceA(hSCManager, lpServiceName, lpDisplayName=None, dwDesiredAccess=983551, dwServiceType=16, dwStartType=3, dwErrorControl=1, lpBinaryPathName=None, lpLoadOrderGroup=None, lpDependencies=None, lpServiceStartName=None, lpPassword=None) source code
 
CreateServiceW(hSCManager, lpServiceName, lpDisplayName=None, dwDesiredAccess=983551, dwServiceType=16, dwStartType=3, dwErrorControl=1, lpBinaryPathName=None, lpLoadOrderGroup=None, lpDependencies=None, lpServiceStartName=None, lpPassword=None) source code
 
DeleteService(hService) source code
 
GetServiceKeyNameA(hSCManager, lpDisplayName) source code
 
GetServiceKeyNameW(hSCManager, lpDisplayName) source code
 
GetServiceDisplayNameA(hSCManager, lpServiceName) source code
 
GetServiceDisplayNameW(hSCManager, lpServiceName) source code
 
StartServiceA(hService, ServiceArgVectors=None) source code
 
StartServiceW(hService, ServiceArgVectors=None) source code
 
ControlService(hService, dwControl) source code
 
QueryServiceStatus(hService) source code
 
QueryServiceStatusEx(hService, InfoLevel=0) source code
 
EnumServicesStatusA(hSCManager, dwServiceType=59, dwServiceState=3) source code
 
EnumServicesStatusW(hSCManager, dwServiceType=59, dwServiceState=3) source code
 
EnumServicesStatusExA(hSCManager, InfoLevel=0, dwServiceType=59, dwServiceState=3, pszGroupName=None) source code
 
EnumServicesStatusExW(hSCManager, InfoLevel=0, dwServiceType=59, dwServiceState=3, pszGroupName=None) source code
Variables [hide private]
  __revision__ = '$Id: advapi32.py 1299 2013-12-20 09:30:55Z qva...
  SLE_ERROR = 1
  ERROR_CANNOT_DETECT_PROCESS_ABORT = 1081
  STANDARD_RIGHTS_WRITE = 131072
  THREAD_BASE_PRIORITY_LOWRT = 15
  ERROR_PROC_NOT_FOUND = 127
  CONTEXT_CONTROL = 65537
  SM_CXVIRTUALSCREEN = 78
  VOLUME_NAME_NONE = 4
  PAGE_EXECUTE_WRITECOPY = 128
  SM_CXSCREEN = 0
  LoadLibrary = GuessStringType(LoadLibraryA, LoadLibraryW)
  _LDT_ENTRY_HIGHWORD_
  FOREGROUND_GREEN = 2
  CREATE_SEPARATE_WOW_VDM = 2048
  VER_LESS = 4
  ERROR_ENVVAR_NOT_FOUND = 203
  VOS_DOS_WINDOWS16 = 65537
  SM_STARTER = 88
  SM_IMMENABLED = 82
  VER_SUITE_BLADE = 1024
  STILL_ACTIVE = 259
  SM_CYMENUSIZE = 55
  EXCEPTION_FLT_UNDERFLOW = 3221225619
  FILE_NAME_NORMALIZED = 0
  OpenFileMapping = GuessStringType(OpenFileMappingA, OpenFileMa...
  OS_NT = 'Windows NT'
  CREATE_THREAD_DEBUG_EVENT = 2
  CREATE_PROCESS_DEBUG_EVENT = 3
  PAGE_NOACCESS = 1
  VER_GREATER = 2
  STATUS_PENDING = 259
  PROCESSOR_PPC_620 = 620
  ERROR_DBG_REPLY_LATER = 689
  ERROR_CALL_NOT_IMPLEMENTED = 120
  SM_CXHSCROLL = 21
  GENERIC_EXECUTE = 536870912
  PROCESSOR_ARCHITECTURE_ALPHA = 2
  ERROR_INVALID_PARAMETER = 87
  ANYSIZE_ARRAY = 1
  GlobalFindAtom = GuessStringType(GlobalFindAtomA, GlobalFindAt...
  BACKGROUND_RED = 64
  DBG_NO_STATE_CHANGE = 3221291009
  CONTEXT_i386 = 65536
  ARCH_AMD64 = 'amd64'
  OS_WINDOWS_2008_64 = 'Windows 2008 (64 bits)'
  BACKGROUND_BLUE = 16
  SM_CXMIN = 28
  VFT_DRV = 3
  PAGE_READWRITE = 4
  ERROR_FILE_NOT_FOUND = 2
  ERROR_DBG_CONTROL_BREAK = 696
  ERROR_SERVICE_NEVER_STARTED = 1077
  VOS__PM32 = 3
  ERROR_WOW_ASSERTION = 670
  ERROR_NOT_ENOUGH_MEMORY = 8
  MAXIMUM_SUSPEND_COUNT = 127
  PRODUCT_STORAGE_ENTERPRISE_SERVER = 23
  BACKGROUND_GREY = 112
  ERROR_DBG_TERMINATE_THREAD = 691
  VFT2_DRV_KEYBOARD = 2
  RIP_EVENT = 9
  WOW64_CS32
  CONTEXT_FLOATING_POINT = 65544
  NTDDI_WIN7SP1 = 100729088
  VOS_NT = 262144
  CONTEXT_EXCEPTION_REQUEST
  SECTION_MAP_READ = 4
  ERROR_INSUFFICIENT_BUFFER = 122
  SECTION_MAP_EXECUTE = 8
  PRODUCT_PROFESSIONAL_E = 69
  ERROR_HANDLE_DISK_FULL = 39
  CreateMutex = GuessStringType(CreateMutexA, CreateMutexW)
  ERROR_BAD_LENGTH = 24
  ERROR_SERVICE_DEPENDENCY_FAIL = 1068
  SM_CYFRAME = 33
  ProcThreadAttributeGroupAffinity = 3
  PROCESSOR_INTEL_IA64 = 2200
  COMMON_LVB_REVERSE_VIDEO = 16384
  NTDDI_WIN2K = 83886080
  PRODUCT_MEDIUMBUSINESS_SERVER_MESSAGING = 32
  OS_WINDOWS_XP = 'Windows XP'
  FILE_FLAG_WRITE_THROUGH = 2147483648
  VS_FF_INFOINFERRED = 16
  PROCESSOR_ALPHA_21064 = 21064
  CONTEXT_FULL = 65543
  FILE_SHARE_DELETE = 4
  FILE_FLAG_NO_BUFFERING = 536870912
  PRODUCT_ENTERPRISE_SERVER_CORE = 14
  VOLUME_NAME_GUID = 1
  SM_CXFULLSCREEN = 16
  CTRL_CLOSE_EVENT = 2
  STATUS_IN_PAGE_ERROR = 3221225478
  EXCEPTION_ARRAY_BOUNDS_EXCEEDED = 3221225612
  DBG_TERMINATE_THREAD = 1073807363
  DBG_PRINTEXCEPTION_C = 1073807366
  SEM_FAILCRITICALERRORS = 1
  EXCEPTION_WX86_BREAKPOINT = 1073741855
  STANDARD_RIGHTS_REQUIRED = 983040
  SEMAPHORE_MODIFY_STATE = 2
  THREAD_DIRECT_IMPERSONATION = 512
  IDLE_PRIORITY_CLASS = 64
  ERROR_SERVICE_NOT_ACTIVE = 1062
  PRODUCT_WEB_SERVER_CORE = 29
  STATUS_WX86_BREAKPOINT = 1073741855
  PAGE_GUARD = 256
  THREAD_SET_LIMITED_INFORMATION = 1024
  PAGE_WRITECOPY = 8
  VFT2_FONT_TRUETYPE = 3
  ARCH_HITACHI = 'shx'
  CONTEXT_EXCEPTION_ACTIVE
  WOW64_CONTEXT_EXTENDED_REGISTERS
  ARCH_SPARC = 'sparc'
  EXCEPTION_BREAKPOINT = 2147483651
  PRODUCT_PROFESSIONAL_N = 49
  OUTPUT_DEBUG_STRING_EVENT = 8
  CONTEXT_SEGMENTS = 65540
  PROCESSOR_ARCHITECTURE_UNKNOWN = 65535
  FILE_NAME_OPENED = 8
  STACK_SIZE_PARAM_IS_A_RESERVATION = 65536
  SM_CYCAPTION = 4
  DBG_EXCEPTION_HANDLED = 65537
  ARCH_ALPHA64 = 'alpha64'
  STATUS_FLOAT_MULTIPLE_FAULTS = 3221226164
  THREAD_ALL_ACCESS_NT = 2032639
  STATUS_FLOAT_INVALID_OPERATION = 3221225616
  NTDDI_WIN8 = 100794368
  SEM_NOOPENFILEERRORBOX = 2048
  NTDDI_WIN7 = 100728832
  OSVERSION_MASK = 4294901760
  SM_CXFOCUSBORDER = 83
  STATUS_WAIT_0 = 0
  MAXIMUM_SUPPORTED_EXTENSION = 512
  PROC_THREAD_ATTRIBUTE_PREFERRED_NODE = 131076
  ProcThreadAttributeHandleList = 2
  PROC_THREAD_ATTRIBUTE_GROUP_AFFINITY = 196611
  OS_WINDOWS_2008_R2_64 = 'Windows 2008 R2 (64 bits)'
  EXCEPTION_INT_DIVIDE_BY_ZERO = 3221225620
  ProcThreadAttributeExtendedFlags = 1
  SUBVERSION_MASK = 255
  NTDDI_WIN2KSP2 = 83886592
  STATUS_FLOAT_STACK_CHECK = 3221225618
  MAXINTATOM = 49152
  THREAD_BASE_PRIORITY_MAX = 2
  Wow64GetThreadContext
  PROCESSOR_ARM720 = 1824
  WOW64_CONTEXT_i386
  ERROR_PARTIAL_COPY = 299
  MEM_COMMIT = 4096
  COMMON_LVB_LEADING_BYTE = 256
  SM_CMOUSEBUTTONS = 43
  SM_CYSMICON = 50
  ERROR_THREAD_NOT_IN_PROCESS = 566
  OS_W2K3R2_64 = 'Windows 2003 R2 (64 bits)'
  OS_SEVEN = 'Windows 7'
  SM_CXDLGFRAME = 7
  DEBUG_PROCESS = 1
  OS_W2K3_64 = 'Windows 2003 (64 bits)'
  WOW64_CONTEXT_INTEGER
  CreateFileMapping = GuessStringType(CreateFileMappingA, Create...
  SM_ARRANGE = 56
  FILE_FLAG_SEQUENTIAL_SCAN = 134217728
  TIMER_QUERY_STATE = 1
  GlobalGetAtomName = GuessStringType(GlobalGetAtomNameA, Global...
  VS_FF_PRERELEASE = 2
  PROCESS_SET_SESSIONID = 4
  ERROR_DIR_NOT_EMPTY = 145
  ProcThreadAttributeMitigationPolicy = 7
  HEAP_CREATE_ENABLE_EXECUTE = 262144
  ProcThreadAttributeMax = 8
  PROCESS_ALL_ACCESS_VISTA = 2097151
  VFT2_DRV_DISPLAY = 4
  SM_DBCSENABLED = 42
  ERROR_INVALID_ADDRESS = 487
  WOW64_CONTEXT_CONTROL
  ERROR_NO_RECOVERY_PROGRAM = 1082
  SECTION_EXTEND_SIZE = 16
  VER_SUITE_BACKOFFICE = 4
  LPXMM_SAVE_AREA32
  CREATE_SUSPENDED = 4
  HANDLE_FLAG_INHERIT = 1
  CONTEXT_EXTENDED_REGISTERS = 65568
  THREAD_ALL_ACCESS_VISTA = 2097151
  MEM_LARGE_PAGES = 536870912
  EXCEPTION_FLT_STACK_CHECK = 3221225618
  OpenMutex = GuessStringType(OpenMutexA, OpenMutexW)
  VFT2_DRV_INSTALLABLE = 8
  MEM_WRITE_WATCH = 2097152
  THREAD_SET_THREAD_TOKEN = 128
  PROCESS_VM_READ = 16
  LOAD_DLL_DEBUG_EVENT = 6
  VER_SUITE_WH_SERVER = 32768
  STATUS_STACK_OVERFLOW = 3221225725
  PROCESSOR_ARCHITECTURE_ALPHA64 = 7
  OS_WINDOWS_2003_R2 = 'Windows 2003 R2'
  VFT2_DRV_SOUND = 9
  THREAD_QUERY_LIMITED_INFORMATION = 2048
  SM_RESERVED4 = 27
  SM_RESERVED1 = 24
  MS_VC_EXCEPTION = 1080890248
  SM_RESERVED3 = 26
  SM_RESERVED2 = 25
  OS_WINDOWS_2008_R2 = 'Windows 2008 R2'
  VS_FF_DEBUG = 1
  BACKGROUND_MAGENTA = 80
  EXCEPTION_MAXIMUM_PARAMETERS = 15
  SM_CXICONSPACING = 38
  PROCESS_CREATION_MITIGATION_POLICY_DEP_ATL_THUNK_ENABLE = 2
  INFINITE = -1
  VER_SUITE_DATACENTER = 128
  SEMAPHORE_ALL_ACCESS = 2031619
  arch = 'amd64'
  PROCESSOR_INTEL_486 = 486
  DBG_CONTROL_BREAK = 1073807368
  ARCH_UNKNOWN = 'unknown'
  MEM_RELEASE = 32768
  Wow64GetThreadSelectorEntry
  ERROR_DBG_EXCEPTION_HANDLED = 766
  BACKGROUND_INTENSITY = 128
  INHERIT_CALLER_PRIORITY = 131072
  MEM_FREE = 65536
  ERROR_MOD_NOT_FOUND = 126
  GR_USEROBJECTS = 1
  PWOW64_FLOATING_SAVE_AREA
  PRODUCT_MEDIUMBUSINESS_SERVER_MANAGEMENT = 30
  EXCEPTION_FLT_DIVIDE_BY_ZERO = 3221225614
  ERROR_SERVICE_START_HANG = 1070
  STATUS_BREAKPOINT = 2147483651
  ERROR_SERVICE_LOGON_FAILED = 1069
  ProcThreadAttributeIdealProcessor = 5
  SM_SAMEDISPLAYFORMAT = 81
  ERROR_BUFFER_OVERFLOW = 111
  PRODUCT_MEDIUMBUSINESS_SERVER_SECURITY = 31
  THREAD_BASE_PRIORITY_IDLE = -15
  ARCH_SHX = 'shx'
  CREATE_PRESERVE_CODE_AUTHZ_LEVEL = 33554432
  OS_WINDOWS_XP_64 = 'Windows XP (64 bits)'
  VFT2_DRV_LANGUAGE = 3
  PROCESSOR_ARM820 = 2080
  OS_WINDOWS_NT = 'Windows NT'
  THREAD_PRIORITY_LOWEST = -2
  EXCEPTION_ILLEGAL_INSTRUCTION = 3221225501
  VS_FF_SPECIALBUILD = 32
  TRUE = 1
  THREAD_SUSPEND_RESUME = 2
  SM_REMOTESESSION = 4096
  PROC_THREAD_ATTRIBUTE_PARENT_PROCESS = 131072
  MEM_RESET = 524288
  ERROR_ALREADY_EXISTS = 183
  ERROR_DIFFERENT_SERVICE_ACCOUNT = 1079
  PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY = 131079
  ARCH_POWERPC = 'ppc'
  WIN32_VERBOSE_MODE = False
  STATUS_INTEGER_OVERFLOW = 3221225621
  COMMON_LVB_UNDERSCORE = 32768
  VOS_DOS_WINDOWS32 = 65540
  CreateFile = GuessStringType(CreateFileA, CreateFileW)
  ERROR_INVALID_HANDLE = 6
  EXCEPTION_FLT_INEXACT_RESULT = 3221225615
  SM_CXMAXIMIZED = 61
  ERROR_INVALID_FUNCTION = 1
  FILE_SHARE_READ = 1
  PROCESSOR_SHx_SH3 = 103
  PROCESSOR_SHx_SH4 = 104
  VER_LESS_EQUAL = 5
  INHERIT_PARENT_AFFINITY = 65536
  ARCH_ALPHA = 'alpha'
  ProcThreadAttributePreferredNode = 4
  PRODUCT_ENTERPRISE_SERVER = 10
  ERROR_BAD_THREADID_ADDR = 159
  FILE_FLAG_DELETE_ON_CLOSE = 67108864
  VFT2_UNKNOWN = 0
  OS_WINDOWS_2003_64 = 'Windows 2003 (64 bits)'
  FOREGROUND_MAGENTA = 5
  THREAD_PRIORITY_BELOW_NORMAL = -1
  SM_MOUSEPRESENT = 19
  PROCESS_CREATE_THREAD = 2
  OPEN_ALWAYS = 4
  WOW64_CONTEXT
  STATUS_STACK_BUFFER_OVERRUN = 3221226505
  OS_XP = 'Windows XP'
  PRODUCT_PROFESSIONAL = 48
  EXCEPTION_SINGLE_STEP = 2147483652
  ARCH_MIPS = 'mips'
  PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 = 10
  ERROR_INVALID_NAME = 123
  CREATE_NEW_CONSOLE = 16
  PRODUCT_ULTIMATE_E = 71
  SM_CYCURSOR = 14
  DELETE = 65536
  DETACHED_PROCESS = 8
  VER_SUITE_SINGLEUSERTS = 256
  EXIT_THREAD_DEBUG_EVENT = 4
  GetLogicalDriveStrings = GuessStringType(GetLogicalDriveString...
  MAX_MODULE_NAME32 = 255
  SM_CYKANJIWINDOW = 18
  STATUS_UNWIND_CONSOLIDATE = 2147483689
  SM_CXVSCROLL = 2
  FOREGROUND_CYAN = 3
  PROFILE_KERNEL = 536870912
  VER_OR = 7
  SM_CYVIRTUALSCREEN = 79
  PROCESSOR_ARM_7TDMI = 70001
  SM_SLOWMACHINE = 73
  SM_CYMINTRACK = 35
  OS_W2K8 = 'Windows 2008'
  SM_SHUTTINGDOWN = 8192
  SECTION_MAP_WRITE = 2
  VOS_OS232_PM32 = 196611
  OS_W2K3 = 'Windows 2003'
  SM_CYMAXTRACK = 60
  PROCESSOR_ARCHITECTURE_IA64 = 6
  STATUS_INTEGER_DIVIDE_BY_ZERO = 3221225620
  EVENT_ALL_ACCESS = 2031619
  MEM_4MB_PAGES = 2147483648
  MEM_TOP_DOWN = 1048576
  VFT_UNKNOWN = 0
  WOW64_CONTEXT_FLOATING_POINT
  SM_YVIRTUALSCREEN = 77
  PXMM_SAVE_AREA32
  ERROR_DBG_CONTROL_C = 693
  GetFinalPathNameByHandle = GuessStringType(GetFinalPathNameByH...
  GetFullPathName = GuessStringType(GetFullPathNameA, GetFullPat...
  CONTEXT_i486 = 65536
  MUTEX_MODIFY_STATE = 1
  VOS_UNKNOWN = 0
  OS_VISTA_64 = 'Windows Vista (64 bits)'
  ERROR_SERVICE_EXISTS = 1073
  OS_WINDOWS_VISTA_64 = 'Windows Vista (64 bits)'
  NTDDI_VISTA = 100663296
  THREAD_GET_CONTEXT = 8
  PAGE_READONLY = 2
  FILE_ATTRIBUTE_READONLY = 1
  PROCESS_VM_OPERATION = 8
  PROCESS_NAME_NATIVE = 1
  LOAD_LIBRARY_AS_DATAFILE = 2
  SPECIFIC_RIGHTS_ALL = 65535
  context_i386
  SM_CYFOCUSBORDER = 84
  ACCESS_VIOLATION_TYPE_WRITE = 1
  STATUS_PRIVILEGED_INSTRUCTION = 3221225622
  VFT2_DRV_NETWORK = 6
  SECTION_ALL_ACCESS = 983071
  PRODUCT_STANDARD_SERVER = 7
  VFT2_DRV_SYSTEM = 7
  PAGE_EXECUTE_READ = 32
  NTDDI_WINXPSP1 = 83951872
  PROCESS_VM_WRITE = 32
  NTDDI_WINXPSP2 = 83952128
  PROCESSOR_HITACHI_SH3 = 10003
  VER_EQUAL = 1
  PROCESSOR_OPTIL = 18767
  PRODUCT_STANDARD_SERVER_CORE_V = 40
  PROCESSOR_AMD_X8664 = 8664
  ERROR_DATABASE_DOES_NOT_EXIST = 1065
  FILE_ATTRIBUTE_ARCHIVE = 32
  SM_CXMENUSIZE = 54
  ERROR_INVALID_SERVICE_LOCK = 1071
  VFT_STATIC_LIB = 7
  ERROR_PROCESS_ABORTED = 1067
  EXCEPTION_EXECUTE_FAULT = 8
  EXCEPTION_INVALID_HANDLE = 3221225480
  VER_MINORVERSION = 1
  LOAD_LIBRARY_AS_IMAGE_RESOURCE = 32
  bits = 32
  CONTEXT_MMX_REGISTERS
  FORMAT_MESSAGE_FROM_SYSTEM = 4096
  PROCESSOR_MIPS_R4000 = 4000
  EXCEPTION_POSSIBLE_DEADLOCK = 3221225876
  PROFILE_USER = 268435456
  STANDARD_RIGHTS_EXECUTE = 131072
  STATUS_GUARD_PAGE_VIOLATION = 2147483649
  VER_SUITE_SMALLBUSINESS_RESTRICTED = 32
  VOLUME_NAME_NT = 2
  DUPLICATE_CLOSE_SOURCE = 1
  SM_CYSIZEFRAME = 33
  CONTEXT_SERVICE_ACTIVE
  GetModuleHandle = GuessStringType(GetModuleHandleA, GetModuleH...
  SM_CYDOUBLECLK = 37
  PAGE_WRITECOMBINE = 1024
  PRODUCT_ENTERPRISE_SERVER_V = 38
  PROCESSOR_ARCHITECTURE_SHX = 4
  THREAD_IMPERSONATE = 256
  WOW64_CONTEXT_i486
  wow64 = True
  EXCEPTION_IN_PAGE_ERROR = 3221225478
  FALSE = 0
  VER_PLATFORMID = 8
  STATUS_SEGMENT_NOTIFICATION = 1073741829
  MEM_IMAGE = 16777216
  VER_NT_WORKSTATION = 1
  MAXIMUM_WAIT_OBJECTS = 64
  THREAD_SET_INFORMATION = 32
  DBG_UNABLE_TO_PROVIDE_HANDLE = 1073807362
  SM_CYVSCROLL = 20
  WinFuncHook
  ERROR_DISK_FULL = 112
  VER_AND = 6
  PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE = 1
  PRODUCT_WEB_SERVER = 17
  ERROR_ELEVATION_REQUIRED = 740
  STD_INPUT_HANDLE = 4294967286
  SM_CXEDGE = 45
  ERROR_FILENAME_EXCED_RANGE = 206
  VFT_APP = 1
  TH32CS_SNAPALL = 15
  EXCEPTION_FLT_DENORMAL_OPERAND = 3221225613
  STATUS_FLOAT_DIVIDE_BY_ZERO = 3221225614
  LOAD_LIBRARY_AS_DATAFILE_EXCLUSIVE = 64
  CREATE_DEFAULT_ERROR_MODE = 67108864
  NTDDI_WS03SP2 = 84017664
  NTDDI_WS03SP1 = 84017408
  FILE_ATTRIBUTE_DEVICE = 64
  PRODUCT_STANDARD_SERVER_V = 36
  VOS_OS216 = 131072
  OS_WINDOWS_2003_R2_64 = 'Windows 2003 R2 (64 bits)'
  ERROR_SERVICE_DEPENDENCY_DELETED = 1075
  PRODUCT_ULTIMATE = 1
  ARCH_ARM = 'arm'
  EXIT_PROCESS_DEBUG_EVENT = 5
  ERROR_DBG_RIPEXCEPTION = 695
  WOW64_LDT_ENTRY
  PROCESS_TERMINATE = 1
  ERROR_DBG_TERMINATE_PROCESS = 692
  CreateProcess = GuessStringType(CreateProcessA, CreateProcessW)
  SM_REMOTECONTROL = 8193
  SM_CYFIXEDFRAME = 8
  PRODUCT_ENTERPRISE_N = 27
  SM_CXMENUCHECK = 71
  FORMAT_MESSAGE_ALLOCATE_BUFFER = 256
  BACKGROUND_YELLOW = 96
  VFT2_FONT_VECTOR = 2
  STATUS_ACCESS_VIOLATION = 3221225477
  ERROR_DBG_EXCEPTION_NOT_HANDLED = 688
  PRODUCT_SERVER_FOR_SMALLBUSINESS = 24
  THREAD_PRIORITY_ERROR_RETURN = 4294967295
  PROCESS_SET_QUOTA = 256
  DBG_COMMAND_EXCEPTION = 1073807369
  VFT2_DRV_MOUSE = 5
  warnings
  INITIAL_FPCSR
  PROCESS_MODE_BACKGROUND_BEGIN = 1048576
  READ_CONTROL = 131072
  EXCEPTION_FLT_OVERFLOW = 3221225617
  PROFILE_SERVER = 1073741824
  PRODUCT_SERVER_FOR_SMALLBUSINESS_V = 35
  PRODUCT_HOME_BASIC = 2
  VS_FF_PRIVATEBUILD = 8
  SM_CYSCREEN = 1
  _LDT_ENTRY_BITS_
  WOW64_FLOATING_SAVE_AREA
  VFT_DLL = 2
  WOW64_MAXIMUM_SUPPORTED_EXTENSION
  STATUS_POSSIBLE_DEADLOCK = 3221225876
  PRODUCT_HOME_PREMIUM_N = 26
  EXCEPTION_PRIV_INSTRUCTION = 3221225622
  ARCH_IA32 = 'i386'
  ACCESS_VIOLATION_TYPE_READ = 0
  PRODUCT_UNLICENSED = 2882382797
  EXCEPTION_INVALID_DISPOSITION = 3221225510
  SM_CYBORDER = 6
  NTDDI_VERSION = 100729088
  SEM_NOGPFAULTERRORBOX = 2
  OpenEvent = GuessStringType(OpenEventA, OpenEventW)
  EXCEPTION_STACK_OVERFLOW = 3221225725
  SM_CXSIZE = 30
  PRODUCT_ENTERPRISE_SERVER_CORE_V = 41
  ERROR_DBG_PRINTEXCEPTION_C = 694
  SM_CYSMCAPTION = 51
  OS_W7_64 = 'Windows 7 (64 bits)'
  STATUS_HEAP_CORRUPTION = 3221226356
  SLE_WARNING = 3
  CREATE_UNICODE_ENVIRONMENT = 1024
  CREATE_NO_WINDOW = 134217728
  QueryDosDevice = GuessStringType(QueryDosDeviceA, QueryDosDevi...
  ERROR_UNHANDLED_EXCEPTION = 574
  EXCEPTION_DATATYPE_MISALIGNMENT = 2147483650
  LEGACY_SAVE_AREA_LENGTH
  THREAD_PRIORITY_IDLE = -15
  HIGH_PRIORITY_CLASS = 128
  FILE_ATTRIBUTE_NORMAL = 128
  FILE_MAP_WRITE = 2
  MEM_RESERVE = 8192
  CTRL_SHUTDOWN_EVENT = 6
  VOS_DOS = 65536
  PRODUCT_HOME_PREMIUM = 3
  ARCH_I386 = 'i386'
  VER_NT_DOMAIN_CONTROLLER = 2
  _DEBUG_EVENT_UNION_
  NORMAL_PRIORITY_CLASS = 32
  FOREGROUND_YELLOW = 6
  ERROR_NOT_SUPPORTED = 50
  _LDT_ENTRY_BYTES_
  BACKGROUND_GREEN = 32
  ERROR_MORE_DATA = 234
  ERROR_ACCESS_DENIED = 5
  NTDDI_WINXPSP3 = 83952384
  ARCH_AARCH32 = 'arm'
  GR_GDIOBJECTS = 0
  STATUS_SINGLE_STEP = 2147483652
  OS_W7 = 'Windows 7'
  PRODUCT_STARTER_N = 47
  STANDARD_RIGHTS_ALL = 2031616
  ARCH_T32 = 'thumb'
  WINVER = 1537
  STATUS_INVALID_DISPOSITION = 3221225510
  STANDARD_RIGHTS_READ = 131072
  CREATE_IGNORE_SYSTEM_DEFAULT = 2147483648
  OS_VISTA = 'Windows Vista'
  OPEN_EXISTING = 3
  WOW64_CONTEXT_SEGMENTS
  FILE_MAP_READ = 4
  VER_PLATFORM_WIN32_WINDOWS = 1
  FILE_FLAG_OVERLAPPED = 1073741824
  STATUS_SXS_EARLY_DEACTIVATION = 3222601743
  SM_CLEANBOOT = 67
  PROC_THREAD_ATTRIBUTE_EXTENDED_FLAGS = 393217
  PRODUCT_DATACENTER_SERVER = 8
  QueryFullProcessImageName = GuessStringType(QueryFullProcessIm...
  VOS__PM16 = 2
  VOS__WINDOWS16 = 1
  TH32CS_INHERIT = 2147483648
  SECTION_MAP_EXECUTE_EXPLICIT = 32
  PROCESSOR_PPC_604 = 604
  PWOW64_CONTEXT
  PROCESSOR_HITACHI_SH4 = 10005
  PROCESSOR_PPC_601 = 601
  PROCESSOR_PPC_603 = 603
  VFT_FONT = 4
  DONT_RESOLVE_DLL_REFERENCES = 1
  GetVersionEx = GuessStringType(GetVersionExA, GetVersionExW)
  SEC_RESERVE = 67108864
  MEM_DECOMMIT = 16384
  SM_MIDEASTENABLED = 74
  MAX_PATH = 260
  CONTEXT_INTEGER = 65538
  THREAD_QUERY_INFORMATION = 64
  GlobalAddAtom = GuessStringType(GlobalAddAtomA, GlobalAddAtomW)
  ERROR_DBG_CONTINUE = 767
  FILE_SHARE_WRITE = 2
  SM_SWAPBUTTON = 23
  SM_DEBUG = 22
  FOREGROUND_GREY = 7
  ERROR_CIRCULAR_DEPENDENCY = 1059
  EVENT_MODIFY_STATE = 2
  ARCH_X86 = 'i386'
  EXCEPTION_NONCONTINUABLE = 1
  ARCH_MSIL = 'msil'
  ERROR_SERVICE_MARKED_FOR_DELETE = 1072
  SM_CXBORDER = 5
  COMMON_LVB_GRID_HORIZONTAL = 1024
  FOREGROUND_BLUE = 1
  STATUS_ARRAY_BOUNDS_EXCEEDED = 3221225612
  SM_CYICONSPACING = 39
  WRITE_DAC = 262144
  PROC_THREAD_ATTRIBUTE_THREAD = 65536
  NTDDI_WIN2KSP3 = 83886848
  NTDDI_WIN2KSP1 = 83886336
  WOW64_CONTEXT_DEBUG_REGISTERS
  ARCH_X64 = 'amd64'
  DBG_REPLY_LATER = 1073807361
  FILE_ATTRIBUTE_HIDDEN = 2
  LOAD_WITH_ALTERED_SEARCH_PATH = 8
  windll = WinDllHook()
  NTDDI_WIN2KSP4 = 83887104
  PROCESS_ALL_ACCESS_NT = 2035711
  PROC_THREAD_ATTRIBUTE_INPUT = 131072
  HEAP_NO_SERIALIZE = 1
  SM_MOUSEWHEELPRESENT = 75
  TIMER_MODIFY_STATE = 2
  OutputDebugString = GuessStringType(OutputDebugStringA, Output...
  REALTIME_PRIORITY_CLASS = 256
  ERROR_DUPLICATE_SERVICE_NAME = 1078
  TH32CS_SNAPMODULE = 8
  ProcThreadAttributeUmsThread = 6
  VER_GREATER_EQUAL = 3
  ERROR_BAD_ARGUMENTS = 160
  VER_PLATFORM_WIN32s = 0
  SM_CYFULLSCREEN = 17
  WRITE_OWNER = 524288
  SM_CYICON = 12
  GENERIC_ALL = 268435456
  WinCallHook
  ERROR_BAD_PATHNAME = 161
  SM_CYDRAG = 69
  EXCEPTION_FLT_INVALID_OPERATION = 3221225616
  PRODUCT_BUSINESS = 6
  SM_CYMINSPACING = 48
  SM_CXMINSPACING = 47
  OS_W2K3R2 = 'Windows 2003 R2'
  GetProcAddress = GuessStringType(GetProcAddressA, GetProcAddre...
  PROCESS_CREATION_MITIGATION_POLICY_SEHOP_ENABLE = 4
  SM_SERVERR2 = 89
  WAIT_FAILED = -1
  TRUNCATE_EXISTING = 5
  SM_CXHTHUMB = 10
  MEM_PRIVATE = 131072
  PRODUCT_STANDARD_SERVER_CORE = 13
  FOREGROUND_RED = 4
  PRODUCT_ENTERPRISE_E = 70
  ARCH_AARCH64 = 'arm64'
  VER_SERVICEPACKMAJOR = 32
  WOW64_CONTEXT_ALL
  ERROR_SERVICE_CANNOT_ACCEPT_CTRL = 1061
  EXTENDED_STARTUPINFO_PRESENT = 524288
  PROCESSOR_MOTOROLA_821 = 821
  CONTEXT_EXCEPTION_REPORTING
  XMM_SAVE_AREA32
  THREAD_PRIORITY_NORMAL = 0
  GENERIC_WRITE = 1073741824
  THREAD_ALERT = 4
  THREAD_ALL_ACCESS = 2097151
  SM_CXDOUBLECLK = 36
  INVALID_HANDLE_VALUE = 4294967295
  STATUS_INVALID_HANDLE = 3221225480
  VFT_RESERVED = 6
  ERROR_SERVICE_DOES_NOT_EXIST = 1060
  BACKGROUND_CYAN = 48
  HEAP_GENERATE_EXCEPTIONS = 4
  SEC_COMMIT = 134217728
  NTDDI_WS03 = 84017152
  SM_CMETRICS = 93
  ERROR_NO_MORE_FILES = 18
  PRODUCT_SERVER_FOUNDATION = 33
  ERROR_SERVICE_SPECIFIC_ERROR = 1066
  EXCEPTION_NONCONTINUABLE_EXCEPTION = 3221225509
  ARCH_ITANIUM = 'ia64'
  TH32CS_SNAPTHREAD = 4
  THREAD_PRIORITY_TIME_CRITICAL = 15
  PROCESSOR_STRONGARM = 2577
  ERROR_HANDLE_EOF = 38
  PROCESSOR_ARM920 = 2336
  SM_TABLETPC = 86
  SECTION_QUERY = 1
  PROCESS_SET_INFORMATION = 512
  BACKGROUND_MASK = 240
  TH32CS_SNAPHEAPLIST = 1
  VFT_VXD = 5
  DBG_TERMINATE_PROCESS = 1073807364
  FOREGROUND_MASK = 15
  VER_SUITE_EMBEDDEDNT = 64
  PROCESS_CREATE_PROCESS = 128
  SM_CXICON = 11
  SM_CMONITORS = 80
  FILE_ATTRIBUTE_TEMPORARY = 256
  OS_WINDOWS_2008 = 'Windows 2008'
  SM_CXPADDEDBORDER = 92
  DBG_RIPEXCEPTION = 1073807367
  PROCESS_ALL_ACCESS = 2097151
  STATUS_FLOAT_OVERFLOW = 3221225617
  OS_WINDOWS_2003 = 'Windows 2003'
  OS_WINDOWS_2000 = 'Windows 2000'
  VS_FF_PATCHED = 4
  SM_MENUDROPALIGNMENT = 40
  LOAD_IGNORE_CODE_AUTHZ_LEVEL = 16
  LoadLibraryEx = GuessStringType(LoadLibraryExA, LoadLibraryExW)
  SM_CYMIN = 29
  GetTempPath = GuessStringType(GetTempPathA, GetTempPathW)
  STATUS_USER_APC = 192
  ERROR_CANNOT_DETECT_DRIVER_FAILURE = 1080
  SEC_IMAGE = 16777216
  CREATE_SHARED_WOW_VDM = 4096
  GetDllDirectory = GuessStringType(GetDllDirectoryA, GetDllDire...
  SM_CYSMSIZE = 53
  VER_SUITE_ENTERPRISE = 2
  VOS_OS216_PM16 = 131074
  EXCEPTION_READ_FAULT = 0
  FILE_MAP_COPY = 1
  THREAD_SET_CONTEXT = 16
  STATUS_FLOAT_MULTIPLE_TRAPS = 3221226165
  PROCESS_MODE_BACKGROUND_END = 2097152
  PRODUCT_UNDEFINED = 0
  ACCESS_VIOLATION_TYPE_DEP = 8
  ERROR_PRIVILEGE_NOT_HELD = 1314
  SM_CXSIZEFRAME = 32
  PRODUCT_ENTERPRISE_SERVER_IA64 = 15
  PRODUCT_STARTER_E = 66
  THREAD_PRIORITY_ABOVE_NORMAL = 1
  CTRL_BREAK_EVENT = 1
  ERROR_DBG_UNABLE_TO_PROVIDE_HANDLE = 690
  ATTACH_PARENT_PROCESS = 4294967295
  NTDDI_LONGHORN = 100663296
  ARCH_THUMB = 'thumb'
  CREATE_FORCEDOS = 8192
  OS_WINDOWS_SEVEN = 'Windows 7'
  HANDLE_FLAG_PROTECT_FROM_CLOSE = 2
  FOREGROUND_BLACK = 0
  SM_CYHSCROLL = 3
  SEC_FILE = 8388608
  SYNCHRONIZE = 1048576
  psyco
  OS_UNKNOWN = 'Unknown'
  DBG_CONTROL_C = 1073807365
  SM_CXMAXTRACK = 59
  SM_CXMINTRACK = 34
  SM_CYMENUCHECK = 72
  UNLOAD_DLL_DEBUG_EVENT = 7
  SEC_LARGE_PAGES = 2147483648
  PRODUCT_STARTER = 11
  WRITE_WATCH_FLAG_RESET = 1
  context_amd64
  SM_MOUSEHORIZONTALWHEELPRESENT = 91
  PROCESSOR_INTEL_PENTIUM = 586
  FOREGROUND_INTENSITY = 8
  EXCEPTION_INT_OVERFLOW = 3221225621
  CTRL_C_EVENT = 0
  EXCEPTION_DEBUG_EVENT = 1
  ERROR_FAILED_SERVICE_CONTROLLER_CONNECT = 1063
  DBG_APP_NOT_IDLE = 3221291010
  STATUS_INVALID_INFO_CLASS = 3221225475
  ERROR_NONE_MAPPED = 1332
  PRODUCT_DATACENTER_SERVER_V = 37
  STATUS_NONCONTINUABLE_EXCEPTION = 3221225509
  Wow64ResumeThread
  COMMON_LVB_GRID_LVERTICAL = 2048
  CTRL_LOGOFF_EVENT = 5
  WOW64_CONTEXT_FULL
  STATUS_FLOAT_INEXACT_RESULT = 3221225615
  RPC_S_SERVER_UNAVAILABLE = 1722
  SetDllDirectory = GuessStringType(SetDllDirectoryA, SetDllDire...
  DBG_CONTINUE = 65538
  ERROR_FILE_EXISTS = 80
  SM_NETWORK = 63
  PAGE_EXECUTE_READWRITE = 64
  PROCESS_QUERY_LIMITED_INFORMATION = 4096
  PRODUCT_HYPERV = 42
  SM_CXDRAG = 68
  EXCEPTION_GUARD_PAGE = 2147483649
  PROC_THREAD_ATTRIBUTE_NUMBER = 65535
  PROCESSOR_ARCHITECTURE_ARM = 5
  ERROR_INVALID_DRIVE = 15
  VER_SUITE_PERSONAL = 512
  SM_PENWINDOWS = 41
  CREATE_ALWAYS = 2
  VER_BUILDNUMBER = 4
  SM_CXCURSOR = 13
  OS_WINDOWS_SEVEN_64 = 'Windows 7 (64 bits)'
  MUTEX_ALL_ACCESS = 2031617
  GENERIC_READ = 2147483648
  ERROR_SERVICE_NOT_IN_EXE = 1083
  COMMON_LVB_MASK = 65280
  VER_MAJORVERSION = 2
  VER_PLATFORM_WIN32_NT = 2
  PROC_THREAD_ATTRIBUTE_HANDLE_LIST = 131074
  SM_SHOWSOUNDS = 70
  PRODUCT_HOME_BASIC_E = 67
  EXCEPTION_WRITE_FAULT = 1
  SM_CYMAXIMIZED = 62
  VER_NT_SERVER = 3
  DEBUG_ONLY_THIS_PROCESS = 2
  ERROR_INVALID_FLAG_NUMBER = 186
  PROCESS_DEP_ENABLE = 1
  CREATE_BREAKAWAY_FROM_JOB = 16777216
  ERROR_SUCCESS = 0
  SLE_MINORERROR = 2
  ERROR_NOT_SAFEBOOT_SERVICE = 1084
  SEC_NOCACHE = 268435456
  SM_CYMENU = 15
  VER_SUITE_SMALLBUSINESS = 1
  SM_SECURE = 44
  VFT2_DRV_VERSIONED_PRINTER = 12
  STATUS_TIMEOUT = 258
  PRODUCT_CLUSTER_SERVER = 18
  PROCESSOR_ARCHITECTURE_MIPS = 1
  ARCH_ARM8 = 'arm64'
  ERROR_CONTROL_C_EXIT = 572
  SM_CYVTHUMB = 9
  STATUS_DATATYPE_MISALIGNMENT = 2147483650
  ARCH_ARM7 = 'arm'
  NTDDI_WINXP = 83951616
  SearchPath = GuessStringType(SearchPathA, SearchPathW)
  SM_CXFRAME = 32
  SM_CARETBLINKINGENABLED = 8194
  ARCH_PPC = 'ppc'
  SM_CXMINIMIZED = 57
  COMMON_LVB_GRID_RVERTICAL = 4096
  VER_SUITE_STORAGE_SERVER = 8192
  WAIT_OBJECT_0 = 0
  FILE_MAP_ALL_ACCESS = 983071
  OS_W2K8R2_64 = 'Windows 2008 R2 (64 bits)'
  ERROR_ALREADY_RUNNING_LKG = 1074
  PRODUCT_SMALLBUSINESS_SERVER = 9
  ERROR_EXCEPTION_IN_SERVICE = 1064
  CREATE_NEW = 1
  STATUS_NO_MEMORY = 3221225495
  STATUS_ABANDONED_WAIT_0 = 128
  PROCESSOR_ARCHITECTURE_SPARC = 20
  DUPLICATE_SAME_ACCESS = 2
  OS_XP_64 = 'Windows XP (64 bits)'
  PRODUCT_ENTERPRISE = 4
  SM_MEDIACENTER = 87
  VFT2_FONT_RASTER = 1
  HEAP_ZERO_MEMORY = 8
  PROCESSOR_INTEL_386 = 386
  ARCH_ARM64 = 'arm64'
  PROCESS_QUERY_INFORMATION = 1024
  ERROR_DEBUGGER_INACTIVE = 1284
  TH32CS_SNAPPROCESS = 2
  VOS__WINDOWS32 = 4
  ERROR_PATH_NOT_FOUND = 3
  OS_W2K8_64 = 'Windows 2008 (64 bits)'
  PRODUCT_DATACENTER_SERVER_CORE_V = 39
  VER_PRODUCT_TYPE = 128
  ERROR_ASSERTION_FAILURE = 668
  os = 'Windows 7 (64 bits)'
  VerQueryValue = GuessStringType(VerQueryValueA, VerQueryValueW)
  STD_OUTPUT_HANDLE = 4294967285
  GetFileVersionInfo = GuessStringType(GetFileVersionInfoA, GetF...
  TIMER_ALL_ACCESS = 2031619
  STATUS_FLOAT_UNDERFLOW = 3221225619
  DBG_EXCEPTION_NOT_HANDLED = 2147549185
  PROCESSOR_HITACHI_SH3E = 10004
  PROCESSOR_ARCHITECTURE_PPC = 3
  SM_CXSMICON = 49
  Wow64SetThreadContext
  STATUS_CONTROL_C_EXIT = 3221225786
  PAGE_NOCACHE = 512
  VOS_OS232 = 196608
  SM_CXFIXEDFRAME = 7
  SM_CYEDGE = 46
  VER_SUITE_COMPUTE_SERVER = 16384
  NTDDI_VISTASP1 = 100663552
  BELOW_NORMAL_PRIORITY_CLASS = 16384
  PROCESSOR_ARCHITECTURE_MSIL = 8
  OS_WINDOWS_VISTA = 'Windows Vista'
  WOW64_SIZE_OF_80387_REGISTERS
  CONTEXT_AMD64
  FILE_ATTRIBUTE_DIRECTORY = 16
  VER_SERVICEPACKMINOR = 16
  VFT2_DRV_PRINTER = 1
  PRODUCT_BUSINESS_N = 16
  NTDDI_WINNT4 = 67108864
  CREATE_NEW_PROCESS_GROUP = 512
  BACKGROUND_BLACK = 0
  ARCH_IA64 = 'ia64'
  SM_CYMINIMIZED = 58
  ERROR_NOACCESS = 998
  PRODUCT_ULTIMATE_N = 28
  PRODUCT_STORAGE_STANDARD_SERVER = 21
  PRODUCT_HOME_PREMIUM_E = 68
  INITIAL_MXCSR
  PROC_THREAD_ATTRIBUTE_ADDITIVE = 262144
  PROCESS_DUP_HANDLE = 64
  PROCESSOR_ARCHITECTURE_AMD64 = 9
  OS_W2K8R2 = 'Windows 2008 R2'
  MEM_MAPPED = 262144
  SM_CYDLGFRAME = 8
  ERROR_BOOT_ALREADY_ACCEPTED = 1076
  MEM_PHYSICAL = 4194304
  THREAD_TERMINATE = 1
  VOS_NT_WINDOWS32 = 262148
  CreateEvent = GuessStringType(CreateEventA, CreateEventW)
  PWOW64_LDT_ENTRY
  SM_CYSIZE = 31
  STD_ERROR_HANDLE = 4294967284
  ContextArchMask = 268369920
  STATUS_FLOAT_DENORMAL_OPERAND = 3221225613
  WinDllHook
  PROCESS_SUSPEND_RESUME = 2048
  PROCESSOR_ARCHITECTURE_INTEL = 0
  PROC_THREAD_ATTRIBUTE_IDEAL_PROCESSOR = 196613
  PRODUCT_DATACENTER_SERVER_CORE = 12
  STATUS_ILLEGAL_INSTRUCTION = 3221225501
  PAGE_EXECUTE = 16
  THREAD_PRIORITY_HIGHEST = 2
  OS_SEVEN_64 = 'Windows 7 (64 bits)'
  ERROR_DBG_COMMAND_EXCEPTION = 697
  CONTROL_C_EXIT = 3221225786
  PRODUCT_HOME_BASIC_N = 5
  COMMON_LVB_TRAILING_BYTE = 512
  NULL = None
hash(x)
  NTDDI_WS08 = 100663552
  SEM_NOALIGNMENTFAULTEXCEPT = 4
  FILE_FLAG_RANDOM_ACCESS = 268435456
  STATUS_SXS_INVALID_DEACTIVATION = 3222601744
  VER_SUITENAME = 64
  ERROR_SEM_TIMEOUT = 121
  THREAD_BASE_PRIORITY_MIN = -2
  VER_SUITE_TERMINAL = 16
  SM_XVIRTUALSCREEN = 76
  SM_CXSMSIZE = 52
  ABOVE_NORMAL_PRIORITY_CLASS = 32768
  OS_W2K = 'Windows 2000'
  PRODUCT_STORAGE_EXPRESS_SERVER = 20
  PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION = 2
  VFT2_DRV_COMM = 10
  SIZE_OF_80387_REGISTERS = 80
  PROC_THREAD_ATTRIBUTE_UMS_THREAD = 196614
  CONTEXT_ALL = 65599
  GetTempFileName = GuessStringType(GetTempFileNameA, GetTempFil...
  STATUS_REG_NAT_CONSUMPTION = 3221226185
  EXCEPTION_ACCESS_VIOLATION = 3221225477
  GetCurrentDirectory = GuessStringType(GetCurrentDirectoryA, Ge...
  VFT2_DRV_RESERVED = 11
  FILE_ATTRIBUTE_SYSTEM = 4
  FILE_MAP_EXECUTE = 32
  CONTEXT_DEBUG_REGISTERS = 65552
  ProcThreadAttributeParentProcess = 0
  PRODUCT_STORAGE_WORKGROUP_SERVER = 22
  WAIT_TIMEOUT = 258
  SPVERSION_MASK = 65280
  CREATE_PROTECTED_PROCESS = 262144
  ERROR_NO_MORE_ITEMS = 259
  VOLUME_NAME_DOS = 0
  SE_ASSIGNPRIMARYTOKEN_NAME = 'SeAssignPrimaryTokenPrivilege'
  SE_AUDIT_NAME = 'SeAuditPrivilege'
  SE_BACKUP_NAME = 'SeBackupPrivilege'
  SE_CHANGE_NOTIFY_NAME = 'SeChangeNotifyPrivilege'
  SE_CREATE_GLOBAL_NAME = 'SeCreateGlobalPrivilege'
  SE_CREATE_PAGEFILE_NAME = 'SeCreatePagefilePrivilege'
  SE_CREATE_PERMANENT_NAME = 'SeCreatePermanentPrivilege'
  SE_CREATE_SYMBOLIC_LINK_NAME = 'SeCreateSymbolicLinkPrivilege'
  SE_CREATE_TOKEN_NAME = 'SeCreateTokenPrivilege'
  SE_DEBUG_NAME = 'SeDebugPrivilege'
  SE_ENABLE_DELEGATION_NAME = 'SeEnableDelegationPrivilege'
  SE_IMPERSONATE_NAME = 'SeImpersonatePrivilege'
  SE_INC_BASE_PRIORITY_NAME = 'SeIncreaseBasePriorityPrivilege'
  SE_INCREASE_QUOTA_NAME = 'SeIncreaseQuotaPrivilege'
  SE_INC_WORKING_SET_NAME = 'SeIncreaseWorkingSetPrivilege'
  SE_LOAD_DRIVER_NAME = 'SeLoadDriverPrivilege'
  SE_LOCK_MEMORY_NAME = 'SeLockMemoryPrivilege'
  SE_MACHINE_ACCOUNT_NAME = 'SeMachineAccountPrivilege'
  SE_MANAGE_VOLUME_NAME = 'SeManageVolumePrivilege'
  SE_PROF_SINGLE_PROCESS_NAME = 'SeProfileSingleProcessPrivilege'
  SE_RELABEL_NAME = 'SeRelabelPrivilege'
  SE_REMOTE_SHUTDOWN_NAME = 'SeRemoteShutdownPrivilege'
  SE_RESTORE_NAME = 'SeRestorePrivilege'
  SE_SECURITY_NAME = 'SeSecurityPrivilege'
  SE_SHUTDOWN_NAME = 'SeShutdownPrivilege'
  SE_SYNC_AGENT_NAME = 'SeSyncAgentPrivilege'
  SE_SYSTEM_ENVIRONMENT_NAME = 'SeSystemEnvironmentPrivilege'
  SE_SYSTEM_PROFILE_NAME = 'SeSystemProfilePrivilege'
  SE_SYSTEMTIME_NAME = 'SeSystemtimePrivilege'
  SE_TAKE_OWNERSHIP_NAME = 'SeTakeOwnershipPrivilege'
  SE_TCB_NAME = 'SeTcbPrivilege'
  SE_TIME_ZONE_NAME = 'SeTimeZonePrivilege'
  SE_TRUSTED_CREDMAN_ACCESS_NAME = 'SeTrustedCredManAccessPrivil...
  SE_UNDOCK_NAME = 'SeUndockPrivilege'
  SE_UNSOLICITED_INPUT_NAME = 'SeUnsolicitedInputPrivilege'
  SE_PRIVILEGE_ENABLED_BY_DEFAULT = 1
  SE_PRIVILEGE_ENABLED = 2
  SE_PRIVILEGE_REMOVED = 4
  SE_PRIVILEGE_USED_FOR_ACCESS = 2147483648
  LOGON_WITH_PROFILE = 1
  LOGON_NETCREDENTIALS_ONLY = 2
  TOKEN_ASSIGN_PRIMARY = 1
  TOKEN_DUPLICATE = 2
  TOKEN_IMPERSONATE = 4
  TOKEN_QUERY = 8
  TOKEN_QUERY_SOURCE = 16
  TOKEN_ADJUST_PRIVILEGES = 32
  TOKEN_ADJUST_GROUPS = 64
  TOKEN_ADJUST_DEFAULT = 128
  TOKEN_ADJUST_SESSIONID = 256
  TOKEN_READ = 131080
  TOKEN_ALL_ACCESS = 983551
  HKEY_CLASSES_ROOT = 2147483648
  HKEY_CURRENT_USER = 2147483649
  HKEY_LOCAL_MACHINE = 2147483650
  HKEY_USERS = 2147483651
  HKEY_PERFORMANCE_DATA = 2147483652
  HKEY_CURRENT_CONFIG = 2147483653
  KEY_ALL_ACCESS = 983103
  KEY_CREATE_LINK = 32
  KEY_CREATE_SUB_KEY = 4
  KEY_ENUMERATE_SUB_KEYS = 8
  KEY_EXECUTE = 131097
  KEY_NOTIFY = 16
  KEY_QUERY_VALUE = 1
  KEY_READ = 131097
  KEY_SET_VALUE = 2
  KEY_WOW64_32KEY = 512
  KEY_WOW64_64KEY = 256
  KEY_WRITE = 131078
  REG_NONE = 0
  REG_SZ = 1
  REG_EXPAND_SZ = 2
  REG_BINARY = 3
  REG_DWORD = 4
  REG_DWORD_LITTLE_ENDIAN = 4
  REG_DWORD_BIG_ENDIAN = 5
  REG_LINK = 6
  REG_MULTI_SZ = 7
  REG_RESOURCE_LIST = 8
  REG_FULL_RESOURCE_DESCRIPTOR = 9
  REG_RESOURCE_REQUIREMENTS_LIST = 10
  REG_QWORD = 11
  REG_QWORD_LITTLE_ENDIAN = 11
  TokenUser = 1
  TokenGroups = 2
  TokenPrivileges = 3
  TokenOwner = 4
  TokenPrimaryGroup = 5
  TokenDefaultDacl = 6
  TokenSource = 7
  TokenType = 8
  TokenImpersonationLevel = 9
  TokenStatistics = 10
  TokenRestrictedSids = 11
  TokenSessionId = 12
  TokenGroupsAndPrivileges = 13
  TokenSessionReference = 14
  TokenSandBoxInert = 15
  TokenAuditPolicy = 16
  TokenOrigin = 17
  TokenElevationType = 18
  TokenLinkedToken = 19
  TokenElevation = 20
  TokenHasRestrictions = 21
  TokenAccessInformation = 22
  TokenVirtualizationAllowed = 23
  TokenVirtualizationEnabled = 24
  TokenIntegrityLevel = 25
  TokenUIAccess = 26
  TokenMandatoryPolicy = 27
  TokenLogonSid = 28
  TokenIsAppContainer = 29
  TokenCapabilities = 30
  TokenAppContainerSid = 31
  TokenAppContainerNumber = 32
  TokenUserClaimAttributes = 33
  TokenDeviceClaimAttributes = 34
  TokenRestrictedUserClaimAttributes = 35
  TokenRestrictedDeviceClaimAttributes = 36
  TokenDeviceGroups = 37
  TokenRestrictedDeviceGroups = 38
  TokenSecurityAttributes = 39
  TokenIsRestricted = 40
  MaxTokenInfoClass = 41
  TokenPrimary = 1
  TokenImpersonation = 2
  TokenElevationTypeDefault = 1
  TokenElevationTypeFull = 2
  TokenElevationTypeLimited = 3
  SecurityAnonymous = 0
  SecurityIdentification = 1
  SecurityImpersonation = 2
  SecurityDelegation = 3
  SidTypeUser = 1
  SidTypeGroup = 2
  SidTypeDomain = 3
  SidTypeAlias = 4
  SidTypeWellKnownGroup = 5
  SidTypeDeletedAccount = 6
  SidTypeInvalid = 7
  SidTypeUnknown = 8
  SidTypeComputer = 9
  SidTypeLabel = 10
  WCT_MAX_NODE_COUNT = 16
  WCT_OBJNAME_LENGTH = 128
  WCT_ASYNC_OPEN_FLAG = 1
  WCTP_OPEN_ALL_FLAGS = 1
  WCT_OUT_OF_PROC_FLAG = 1
  WCT_OUT_OF_PROC_COM_FLAG = 2
  WCT_OUT_OF_PROC_CS_FLAG = 4
  WCTP_GETINFO_ALL_FLAGS = 7
  WctCriticalSectionType = 1
  WctSendMessageType = 2
  WctMutexType = 3
  WctAlpcType = 4
  WctComType = 5
  WctThreadWaitType = 6
  WctProcessWaitType = 7
  WctThreadType = 8
  WctComActivationType = 9
  WctUnknownType = 10
  WctMaxType = 11
  WctStatusNoAccess = 1
  WctStatusRunning = 2
  WctStatusBlocked = 3
  WctStatusPidOnly = 4
  WctStatusPidOnlyRpcss = 5
  WctStatusOwned = 6
  WctStatusNotOwned = 7
  WctStatusAbandoned = 8
  WctStatusUnknown = 9
  WctStatusError = 10
  WctStatusMax = 11
  SAFER_SCOPEID_MACHINE = 1
  SAFER_SCOPEID_USER = 2
  SAFER_LEVEL_OPEN = 1
  SAFER_LEVELID_DISALLOWED = 0
  SAFER_LEVELID_UNTRUSTED = 4096
  SAFER_LEVELID_CONSTRAINED = 65536
  SAFER_LEVELID_NORMALUSER = 131072
  SAFER_LEVELID_FULLYTRUSTED = 262144
  SaferPolicyLevelList = 1
  SaferPolicyEnableTransparentEnforcement = 2
  SaferPolicyDefaultLevel = 3
  SaferPolicyEvaluateUserScope = 4
  SaferPolicyScopeFlags = 5
  SAFER_TOKEN_NULL_IF_EQUAL = 1
  SAFER_TOKEN_COMPARE_ONLY = 2
  SAFER_TOKEN_MAKE_INERT = 4
  SAFER_TOKEN_WANT_FLAGS = 8
  SAFER_TOKEN_MASK = 15
  SERVICES_ACTIVE_DATABASEW = u'ServicesActive'
  SERVICES_FAILED_DATABASEW = u'ServicesFailed'
  SERVICES_ACTIVE_DATABASEA = 'ServicesActive'
  SERVICES_FAILED_DATABASEA = 'ServicesFailed'
  SC_GROUP_IDENTIFIERW = u'+'
  SC_GROUP_IDENTIFIERA = '+'
  SERVICE_NO_CHANGE = 4294967295
  SC_STATUS_PROCESS_INFO = 0
  SC_ENUM_PROCESS_INFO = 0
  SERVICE_ALL_ACCESS = 983551
  SERVICE_QUERY_CONFIG = 1
  SERVICE_CHANGE_CONFIG = 2
  SERVICE_QUERY_STATUS = 4
  SERVICE_ENUMERATE_DEPENDENTS = 8
  SERVICE_START = 16
  SERVICE_STOP = 32
  SERVICE_PAUSE_CONTINUE = 64
  SERVICE_INTERROGATE = 128
  SERVICE_USER_DEFINED_CONTROL = 256
  SC_MANAGER_ALL_ACCESS = 983103
  SC_MANAGER_CONNECT = 1
  SC_MANAGER_CREATE_SERVICE = 2
  SC_MANAGER_ENUMERATE_SERVICE = 4
  SC_MANAGER_LOCK = 8
  SC_MANAGER_QUERY_LOCK_STATUS = 16
  SC_MANAGER_MODIFY_BOOT_CONFIG = 32
  SERVICE_BOOT_START = 0
  SERVICE_SYSTEM_START = 1
  SERVICE_AUTO_START = 2
  SERVICE_DEMAND_START = 3
  SERVICE_DISABLED = 4
  SERVICE_ERROR_IGNORE = 0
  SERVICE_ERROR_NORMAL = 1
  SERVICE_ERROR_SEVERE = 2
  SERVICE_ERROR_CRITICAL = 3
  SERVICE_ACTIVE = 1
  SERVICE_INACTIVE = 2
  SERVICE_STATE_ALL = 3
  SERVICE_KERNEL_DRIVER = 1
  SERVICE_FILE_SYSTEM_DRIVER = 2
  SERVICE_ADAPTER = 4
  SERVICE_RECOGNIZER_DRIVER = 8
  SERVICE_WIN32_OWN_PROCESS = 16
  SERVICE_WIN32_SHARE_PROCESS = 32
  SERVICE_INTERACTIVE_PROCESS = 256
  SERVICE_DRIVER = 11
  SERVICE_WIN32 = 48
  SERVICE_STOPPED = 1
  SERVICE_START_PENDING = 2
  SERVICE_STOP_PENDING = 3
  SERVICE_RUNNING = 4
  SERVICE_CONTINUE_PENDING = 5
  SERVICE_PAUSE_PENDING = 6
  SERVICE_PAUSED = 7
  SERVICE_RUNS_IN_SYSTEM_PROCESS = 1
  SERVICE_CONTROL_STOP = 1
  SERVICE_CONTROL_PAUSE = 2
  SERVICE_CONTROL_CONTINUE = 3
  SERVICE_CONTROL_INTERROGATE = 4
  SERVICE_CONTROL_SHUTDOWN = 5
  SERVICE_CONTROL_PARAMCHANGE = 6
  SERVICE_CONTROL_NETBINDADD = 7
  SERVICE_CONTROL_NETBINDREMOVE = 8
  SERVICE_CONTROL_NETBINDENABLE = 9
  SERVICE_CONTROL_NETBINDDISABLE = 10
  SERVICE_CONTROL_DEVICEEVENT = 11
  SERVICE_CONTROL_HARDWAREPROFILECHANGE = 12
  SERVICE_CONTROL_POWEREVENT = 13
  SERVICE_CONTROL_SESSIONCHANGE = 14
  SERVICE_ACCEPT_STOP = 1
  SERVICE_ACCEPT_PAUSE_CONTINUE = 2
  SERVICE_ACCEPT_SHUTDOWN = 4
  SERVICE_ACCEPT_PARAMCHANGE = 8
  SERVICE_ACCEPT_NETBINDCHANGE = 16
  SERVICE_ACCEPT_HARDWAREPROFILECHANGE = 32
  SERVICE_ACCEPT_POWEREVENT = 64
  SERVICE_ACCEPT_SESSIONCHANGE = 128
  SERVICE_ACCEPT_PRESHUTDOWN = 256
  SERVICE_ACCEPT_TIMECHANGE = 512
  SERVICE_ACCEPT_TRIGGEREVENT = 1024
  SERVICE_ACCEPT_USERMODEREBOOT = 2048
  SC_ACTION_NONE = 0
  SC_ACTION_RESTART = 1
  SC_ACTION_REBOOT = 2
  SC_ACTION_RUN_COMMAND = 3
  SERVICE_CONFIG_DESCRIPTION = 1
  SERVICE_CONFIG_FAILURE_ACTIONS = 2
  GetUserName = DefaultStringType(GetUserNameA, GetUserNameW)
  LookupAccountSid = GuessStringType(LookupAccountSidA, LookupAc...
  ConvertSidToStringSid = DefaultStringType(ConvertSidToStringSi...
  ConvertStringSidToSid = GuessStringType(ConvertStringSidToSidA...
  LookupPrivilegeValue = GuessStringType(LookupPrivilegeValueA, ...
  LookupPrivilegeName = GuessStringType(LookupPrivilegeNameA, Lo...
  CreateProcessWithLogon = DefaultStringType(CreateProcessWithLo...
  CreateProcessWithToken = DefaultStringType(CreateProcessWithTo...
  CreateProcessAsUser = GuessStringType(CreateProcessAsUserA, Cr...
  RegConnectRegistry = GuessStringType(RegConnectRegistryA, RegC...
  RegCreateKey = GuessStringType(RegCreateKeyA, RegCreateKeyW)
  RegOpenKey = GuessStringType(RegOpenKeyA, RegOpenKeyW)
  RegOpenKeyEx = GuessStringType(RegOpenKeyExA, RegOpenKeyExW)
  RegQueryValue = GuessStringType(RegQueryValueA, RegQueryValueW)
  RegQueryValueEx = GuessStringType(RegQueryValueExA, RegQueryVa...
  RegEnumKey = DefaultStringType(RegEnumKeyA, RegEnumKeyW)
  RegEnumValue = DefaultStringType(RegEnumValueA, RegEnumValueW)
  RegDeleteValue = GuessStringType(RegDeleteValueA, RegDeleteVal...
  RegDeleteKeyValue = GuessStringType(RegDeleteKeyValueA, RegDel...
  RegDeleteKey = GuessStringType(RegDeleteKeyA, RegDeleteKeyW)
  RegDeleteKeyEx = GuessStringType(RegDeleteKeyExA, RegDeleteKey...
  RegCopyTree = GuessStringType(RegCopyTreeA, RegCopyTreeW)
  RegDeleteTree = GuessStringType(RegDeleteTreeA, RegDeleteTreeW)
  OpenSCManager = GuessStringType(OpenSCManagerA, OpenSCManagerW)
  OpenService = GuessStringType(OpenServiceA, OpenServiceW)
  CreateService = GuessStringType(CreateServiceA, CreateServiceW)
  GetServiceKeyName = GuessStringType(GetServiceKeyNameA, GetSer...
  GetServiceDisplayName = GuessStringType(GetServiceDisplayNameA...
  StartService = GuessStringType(StartServiceA, StartServiceW)
  EnumServicesStatus = DefaultStringType(EnumServicesStatusA, En...
  EnumServicesStatusEx = DefaultStringType(EnumServicesStatusExA...
  _all = set(['AdjustTokenPrivileges', 'CloseServiceHandle', 'Cl...
  __package__ = 'winappdbg.win32'
  _x = 'TokenIntegrityLevel'
Variables Details [hide private]

__revision__

Value:
'$Id: advapi32.py 1299 2013-12-20 09:30:55Z qvasimodo $'

OpenFileMapping

Value:
GuessStringType(OpenFileMappingA, OpenFileMappingW)

GlobalFindAtom

Value:
GuessStringType(GlobalFindAtomA, GlobalFindAtomW)

CreateFileMapping

Value:
GuessStringType(CreateFileMappingA, CreateFileMappingW)

GlobalGetAtomName

Value:
GuessStringType(GlobalGetAtomNameA, GlobalGetAtomNameW)

GetLogicalDriveStrings

Value:
GuessStringType(GetLogicalDriveStringsA, GetLogicalDriveStringsW)

GetFinalPathNameByHandle

Value:
GuessStringType(GetFinalPathNameByHandleA, GetFinalPathNameByHandleW)

GetFullPathName

Value:
GuessStringType(GetFullPathNameA, GetFullPathNameW)

GetModuleHandle

Value:
GuessStringType(GetModuleHandleA, GetModuleHandleW)

QueryDosDevice

Value:
GuessStringType(QueryDosDeviceA, QueryDosDeviceW)

QueryFullProcessImageName

Value:
GuessStringType(QueryFullProcessImageNameA, QueryFullProcessImageNameW\
)

OutputDebugString

Value:
GuessStringType(OutputDebugStringA, OutputDebugStringW)

GetProcAddress

Value:
GuessStringType(GetProcAddressA, GetProcAddressW)

GetDllDirectory

Value:
GuessStringType(GetDllDirectoryA, GetDllDirectoryW)

SetDllDirectory

Value:
GuessStringType(SetDllDirectoryA, SetDllDirectoryW)

GetFileVersionInfo

Value:
GuessStringType(GetFileVersionInfoA, GetFileVersionInfoW)

GetTempFileName

Value:
GuessStringType(GetTempFileNameA, GetTempFileNameW)

GetCurrentDirectory

Value:
GuessStringType(GetCurrentDirectoryA, GetCurrentDirectoryW)

SE_TRUSTED_CREDMAN_ACCESS_NAME

Value:
'SeTrustedCredManAccessPrivilege'

LookupAccountSid

Value:
GuessStringType(LookupAccountSidA, LookupAccountSidW)

ConvertSidToStringSid

Value:
DefaultStringType(ConvertSidToStringSidA, ConvertSidToStringSidW)

ConvertStringSidToSid

Value:
GuessStringType(ConvertStringSidToSidA, ConvertStringSidToSidW)

LookupPrivilegeValue

Value:
GuessStringType(LookupPrivilegeValueA, LookupPrivilegeValueW)

LookupPrivilegeName

Value:
GuessStringType(LookupPrivilegeNameA, LookupPrivilegeNameW)

CreateProcessWithLogon

Value:
DefaultStringType(CreateProcessWithLogonA, CreateProcessWithLogonW)

CreateProcessWithToken

Value:
DefaultStringType(CreateProcessWithTokenA, CreateProcessWithTokenW)

CreateProcessAsUser

Value:
GuessStringType(CreateProcessAsUserA, CreateProcessAsUserW)

RegConnectRegistry

Value:
GuessStringType(RegConnectRegistryA, RegConnectRegistryW)

RegQueryValueEx

Value:
GuessStringType(RegQueryValueExA, RegQueryValueExW)

RegDeleteValue

Value:
GuessStringType(RegDeleteValueA, RegDeleteValueW)

RegDeleteKeyValue

Value:
GuessStringType(RegDeleteKeyValueA, RegDeleteKeyValueW)

RegDeleteKeyEx

Value:
GuessStringType(RegDeleteKeyExA, RegDeleteKeyExW)

GetServiceKeyName

Value:
GuessStringType(GetServiceKeyNameA, GetServiceKeyNameW)

GetServiceDisplayName

Value:
GuessStringType(GetServiceDisplayNameA, GetServiceDisplayNameW)

EnumServicesStatus

Value:
DefaultStringType(EnumServicesStatusA, EnumServicesStatusW)

EnumServicesStatusEx

Value:
DefaultStringType(EnumServicesStatusExA, EnumServicesStatusExW)

_all

Value:
set(['AdjustTokenPrivileges',
     'CloseServiceHandle',
     'CloseThreadWaitChainSession',
     'ControlService',
     'ConvertSidToStringSid',
     'ConvertSidToStringSidA',
     'ConvertSidToStringSidW',
     'ConvertStringSidToSid',
...

   Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Generated by Epydoc 3.0.1 on Fri Dec 20 17:54:47 2013 http://epydoc.sourceforge.net