Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Package winappdbg :: Package win32 :: Module wtsapi32
[hide private]
[frames] | no frames]

Module wtsapi32

source code

Wrapper for wtsapi32.dll in ctypes.

Classes [hide private]
  WTS_PROCESS_INFOA
  PWTS_PROCESS_INFOA
  WTS_PROCESS_INFOW
  PWTS_PROCESS_INFOW
  WTS_INFO_CLASS
  WTS_CONNECTSTATE_CLASS
  WTS_CLIENT_DISPLAY
  PWTS_CLIENT_DISPLAY
Functions [hide private]
 
WTSFreeMemory(pMemory) source code
 
WTSEnumerateProcessesA(hServer=0) source code
 
WTSEnumerateProcessesW(hServer=0) source code
 
WTSTerminateProcess(hServer, ProcessId, ExitCode) source code
 
ProcessIdToSessionId(dwProcessId) source code
 
WTSGetActiveConsoleSessionId() source code
Variables [hide private]
  __revision__ = '$Id: wtsapi32.py 1299 2013-12-20 09:30:55Z qva...
  SLE_ERROR
  STANDARD_RIGHTS_WRITE = 131072
  THREAD_BASE_PRIORITY_LOWRT
  WaitForSingleObject
  DBG_REPLY_LATER
  GetGuiResources
  SERVICES_FAILED_DATABASEW = u'ServicesFailed'
  CONTEXT_FULL
  EXCEPTION_FLT_UNDERFLOW
  OpenFileMapping
  ReleaseMutex
  KEY_QUERY_VALUE = 1
  STATUS_PENDING
  WctUnknownType = 10
  ANYSIZE_ARRAY = 1
  ARCH_AMD64
  OS_WINDOWS_2008_64
  GetProcessAffinityMask
  VFT_DRV
  FreeConsole
  ERROR_WOW_ASSERTION = 670
  ERROR_DBG_TERMINATE_THREAD = 691
  PAGE_EXECUTE_READ
  SEC_COMMIT
  NTDDI_WIN7SP1
  TokenRestrictedDeviceGroups = 38
  VerQueryValueW
  SetConsoleActiveScreenBuffer
  ERROR_HANDLE_DISK_FULL = 39
  VerQueryValueA
  ProcThreadAttributeGroupAffinity
  OSVERSIONINFOW
  LPSECURITY_ATTRIBUTES
  OSVERSIONINFOA
  SC_MANAGER_ENUMERATE_SERVICE = 4
  SERVICE_STOP_PENDING = 3
  EXCEPTION_ARRAY_BOUNDS_EXCEEDED
  VOS_OS216
  KEY_WOW64_32KEY = 512
  SEMAPHORE_MODIFY_STATE
  SetHandleInformation
  LOGON_WITH_PROFILE = 1
  SAFER_LEVELID_DISALLOWED = 0
  PAGE_WRITECOPY
  RIP_INFO
  SC_STATUS_PROCESS_INFO = 0
  EXCEPTION_BREAKPOINT
  STACK_SIZE_PARAM_IS_A_RESERVATION
  SEM_NOOPENFILEERRORBOX
  OpenProcess
  SidTypeDomain = 3
  SetProcessPriorityBoost
  SERVICE_CONFIG_DESCRIPTION = 1
  MAXINTATOM
  Wow64GetThreadContext
  COMMON_LVB_LEADING_BYTE
  TokenDefaultDacl = 6
  OS_SEVEN
  SM_CXDLGFRAME
  DEBUG_PROCESS
  OS_W2K3_64
  GetFileInformationByHandleEx
  SM_ARRANGE
  SE_LOCK_MEMORY_NAME = 'SeLockMemoryPrivilege'
  LookupPrivilegeValue = GuessStringType(LookupPrivilegeValueA, ...
  THREADNAME_INFO
  STARTUPINFOEXW
  SERVICE_ERROR_SEVERE = 2
  PROCESS_ALL_ACCESS_VISTA
  VFT2_DRV_DISPLAY
  WOW64_CONTEXT_CONTROL
  VirtualAllocEx
  VER_SUITE_BACKOFFICE
  LPXMM_SAVE_AREA32
  KEY_ENUMERATE_SUB_KEYS = 8
  STATUS_STACK_OVERFLOW
  SE_CREATE_PAGEFILE_NAME = 'SeCreatePagefilePrivilege'
  SE_PROF_SINGLE_PROCESS_NAME = 'SeProfileSingleProcessPrivilege'
  ContinueDebugEvent
  MEM_4MB_PAGES
  PCHAR_INFO
  VER_SUITE_DATACENTER
  arch
  Wow64GetThreadSelectorEntry
  ERROR_DBG_EXCEPTION_HANDLED = 766
  MS_VC_EXCEPTION
  OS_WINDOWS_2003_R2_64
  GR_USEROBJECTS
  FILE_INFO_BY_HANDLE_CLASS
  PWOW64_FLOATING_SAVE_AREA
  ERROR_SERVICE_START_HANG = 1070
  VOS_NT_WINDOWS32
  PRODUCT_MEDIUMBUSINESS_SERVER_SECURITY
  LOGON_NETCREDENTIALS_ONLY = 2
  ARCH_SHX
  OS_WINDOWS_XP_64
  OS_WINDOWS_NT
  SERVICE_ALL_ACCESS = 983551
  TRUE = 1
  THREAD_SUSPEND_RESUME
  TH32CS_INHERIT
  ERROR_DIFFERENT_SERVICE_ACCOUNT = 1079
  ARCH_POWERPC
  WIN32_VERBOSE_MODE = False
  COMMON_LVB_UNDERSCORE
  GetThreadContext
  VOS__PM16
  EXCEPTION_FLT_INEXACT_RESULT
  TokenElevationTypeLimited = 3
  FILE_SHARE_READ
  PROCESSOR_SHx_SH3
  PROCESSOR_SHx_SH4
  VER_LESS_EQUAL
  INHERIT_PARENT_AFFINITY
  FOREGROUND_BLACK
  PRODUCT_ENTERPRISE_SERVER
  SC_ACTION_REBOOT = 2
  ERROR_BAD_THREADID_ADDR = 159
  GetLogicalDriveStringsA
  VER_SUITE_STORAGE_SERVER
  GetLogicalDriveStringsW
  CREATE_NEW_CONSOLE
  HEAP_ZERO_MEMORY
  FOREGROUND_RED
  OpenMutexA
  SM_CYKANJIWINDOW
  STATUS_UNWIND_CONSOLIDATE
  SM_CYVIRTUALSCREEN
  PROCESSOR_ARM_7TDMI
  PROCESSOR_INTEL_386
  SM_CYMINTRACK
  SE_MACHINE_ACCOUNT_NAME = 'SeMachineAccountPrivilege'
  SM_CYMAXTRACK
  CreateMutexA
  STARTUPINFO
  CreateMutexW
  SetDllDirectoryA
  OS_VISTA_64
  OS_WINDOWS_VISTA_64
  TokenUserClaimAttributes = 33
  THREAD_GET_CONTEXT
  SearchPathW
  REG_RESOURCE_REQUIREMENTS_LIST = 10
  PROCESS_NAME_NATIVE
  SearchPathA
  VirtualQueryEx
  LOAD_LIBRARY_AS_DATAFILE
  THREADENTRY32
  STATUS_PRIVILEGED_INSTRUCTION
  ERROR_SERVICE_LOGON_FAILED = 1069
  VFT2_DRV_SYSTEM
  NTDDI_WINXPSP1
  EXCEPTION_FLT_INVALID_OPERATION
  NTDDI_WINXPSP3
  NTDDI_WINXPSP2
  SERVICE_ACTIVE = 1
  SetDllDirectoryW
  PROCESSOR_AMD_X8664
  GetSystemMetrics
  ERROR_DATABASE_DOES_NOT_EXIST = 1065
  FILE_ATTRIBUTE_ARCHIVE
  SERVICE_RUNS_IN_SYSTEM_PROCESS = 1
  OutputDebugString
  VOLUME_NAME_NT
  VirtualProtectEx
  PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE
  HKEY_USERS = 2147483651
  PROCESS_CREATION_MITIGATION_POLICY_SEHOP_ENABLE
  SM_CYDOUBLECLK
  FALSE = 0
  QueryFullProcessImageName
  CreateFileW
  TokenPrimaryGroup = 5
  SM_CYVSCROLL
  CreateFileA
  STD_INPUT_HANDLE
  TH32CS_SNAPALL
  POSVERSIONINFOA
  CREATE_DEFAULT_ERROR_MODE
  WAIT_FAILED
  PRODUCT_ULTIMATE
  POSVERSIONINFOW
  ARCH_ARM
  SERVICE_START_PENDING = 2
  SERVICE_START = 16
  ARCH_THUMB
  SM_CXMENUCHECK
  FORMAT_MESSAGE_ALLOCATE_BUFFER
  PROCESSOR_ARCHITECTURE_ARM
  WctStatusPidOnlyRpcss = 5
  LPMODULEENTRY32
  EXCEPTION_PRIV_INSTRUCTION
  NTDDI_VERSION
  SAFER_TOKEN_MAKE_INERT = 4
  ERROR_DBG_PRINTEXCEPTION_C = 694
  GetProcessDEPPolicy
  EXCEPTION_DATATYPE_MISALIGNMENT
  LEGACY_SAVE_AREA_LENGTH
  HIGH_PRIORITY_CLASS
  ARCH_SPARC
  PRODUCT_HOME_PREMIUM
  STATUS_FLOAT_MULTIPLE_FAULTS
  NORMAL_PRIORITY_CLASS
  MEMORY_BASIC_INFORMATION64
  ARCH_AARCH32
  SERVICE_PAUSED = 7
  SERVICE_ACCEPT_SESSIONCHANGE = 128
  SEC_FILE
  OS_VISTA
  GetLogicalDriveStrings
  PRODUCT_DATACENTER_SERVER
  SetLastError
  PWOW64_CONTEXT
  REG_FULL_RESOURCE_DESCRIPTOR = 9
  MEM_MAPPED
  WOW64_LDT_ENTRY
  VerSetConditionMask
  KEY_ALL_ACCESS = 983103
  GetThreadErrorMode
  ARCH_X86
  ProcessHandle
  ERROR_SERVICE_MARKED_FOR_DELETE = 1072
  SERVICE_CONTROL_POWEREVENT = 13
  SERVICE_STATE_ALL = 3
  GetProcAddressW
  SaferPolicyDefaultLevel = 3
  GetProcAddressA
  ARCH_X64
  SetThreadContext
  GetVersion
  SE_BACKUP_NAME = 'SeBackupPrivilege'
  GetCurrentThreadId
  TH32CS_SNAPMODULE
  VER_GREATER_EQUAL
  OUTPUT_DEBUG_STRING_INFO
  SE_AUDIT_NAME = 'SeAuditPrivilege'
  GENERIC_ALL
  WinCallHook
  REG_DWORD_BIG_ENDIAN = 5
  GetProcAddress
  STATUS_SXS_EARLY_DEACTIVATION
  GetCurrentProcessorNumber
  MEM_PRIVATE
  PRODUCT_STANDARD_SERVER_CORE
  SERVICES_FAILED_DATABASEA = 'ServicesFailed'
  SE_PRIVILEGE_REMOVED = 4
  TokenVirtualizationEnabled = 24
  SM_CXDOUBLECLK
  STATUS_INVALID_HANDLE
  SidTypeWellKnownGroup = 5
  ERROR_SERVICE_DOES_NOT_EXIST = 1060
  BACKGROUND_CYAN
  SERVICE_ACCEPT_HARDWAREPROFILECHANGE = 32
  TokenUser = 1
  ARCH_ITANIUM
  THREAD_PRIORITY_TIME_CRITICAL
  SE_ENABLE_DELEGATION_NAME = 'SeEnableDelegationPrivilege'
  SECTION_QUERY
  VER_SUITE_EMBEDDEDNT
  PROCESS_CREATE_PROCESS
  RegDeleteValue = GuessStringType(RegDeleteValueA, RegDeleteVal...
  MEMORY_BASIC_INFORMATION
  SM_MENUDROPALIGNMENT
  MapViewOfFile
  PPROC_THREAD_ATTRIBUTE_LIST
  GetModuleHandleA
  ERROR_CANNOT_DETECT_DRIVER_FAILURE = 1080
  SEC_IMAGE
  Wow64RevertWow64FsRedirection
  VER_SUITE_ENTERPRISE
  VOLUME_NAME_DOS
  GetModuleHandleW
  GetFileVersionInfoA
  PRODUCT_WEB_SERVER
  GetFileVersionInfoW
  SE_IMPERSONATE_NAME = 'SeImpersonatePrivilege'
  ERROR_DBG_UNABLE_TO_PROVIDE_HANDLE = 690
  TokenPrimary = 1
  NTDDI_LONGHORN
  BACKGROUND_INTENSITY
  CreateProcessWithLogon = DefaultStringType(CreateProcessWithLo...
  QueryFullProcessImageNameA
  CREATE_IGNORE_SYSTEM_DEFAULT
  psyco
  EXCEPTION_RECORD
  QueryFullProcessImageNameW
  SM_MOUSEHORIZONTALWHEELPRESENT
  SetErrorMode
  ERROR_FAILED_SERVICE_CONTROLLER_CONNECT = 1063
  STATUS_NONCONTINUABLE_EXCEPTION
  Wow64ResumeThread
  SaferPolicyEvaluateUserScope = 4
  GetSystemTimeAsFileTime
  PROC_THREAD_ATTRIBUTE_NUMBER
  ERROR_INVALID_DRIVE = 15
  VER_SUITE_PERSONAL
  SnapshotHandle
  WAIT_OBJECT_0
  GetUserName = DefaultStringType(GetUserNameA, GetUserNameW)
  GENERIC_READ
  SidTypeAlias = 4
  INITIAL_MXCSR
  OpenEvent
  SE_INC_BASE_PRIORITY_NAME = 'SeIncreaseBasePriorityPrivilege'
  RegCopyTree = GuessStringType(RegCopyTreeA, RegCopyTreeW)
  SEC_NOCACHE
  SERVICES_ACTIVE_DATABASEW = u'ServicesActive'
  _LDT_ENTRY_HIGHWORD_
  REG_QWORD = 11
  SM_CXMIN
  VOS__PM32
  NTDDI_WINXP
  BACKGROUND_MASK
  OS_XP_64
  PRODUCT_ENTERPRISE
  TerminateProcess
  VOS__WINDOWS32
  OS_W2K8_64
  ERROR_ASSERTION_FAILURE = 668
  LPJIT_DEBUG_INFO64
  DBG_EXCEPTION_NOT_HANDLED
  FreeLibrary
  PROCESSOR_HITACHI_SH3E
  SM_CXSMICON
  SERVICE_CONTROL_DEVICEEVENT = 11
  TokenElevationType = 18
  MEM_IMAGE
  SidTypeInvalid = 7
  ERROR_NOACCESS = 998
  SE_INC_WORKING_SET_NAME = 'SeIncreaseWorkingSetPrivilege'
  PRODUCT_HOME_PREMIUM_E
  THREAD_QUERY_LIMITED_INFORMATION
  PROC_THREAD_ATTRIBUTE_ADDITIVE
  PROCESSOR_ARCHITECTURE_AMD64
  EXCEPTION_INVALID_HANDLE
  WaitForMultipleObjects
  FOREGROUND_YELLOW
  THREAD_TERMINATE
  ContextArchMask
  PROCESSOR_ARCHITECTURE_INTEL
  RegQueryValue = GuessStringType(RegQueryValueA, RegQueryValueW)
  PAGE_EXECUTE
  OS_SEVEN_64
  SERVICE_DEMAND_START = 3
  CONTROL_C_EXIT
  SE_RELABEL_NAME = 'SeRelabelPrivilege'
  Handle
  MaxTokenInfoClass = 41
  ERROR_SEM_TIMEOUT = 121
  ABOVE_NORMAL_PRIORITY_CLASS
  Heap32ListNext
  VFT2_DRV_COMM
  EXIT_PROCESS_DEBUG_INFO
  PRODUCT_DATACENTER_SERVER_CORE_V
  TokenSessionReference = 14
  LPLDT_ENTRY
  FILE_ATTRIBUTE_SYSTEM
  EnumServicesStatus = DefaultStringType(EnumServicesStatusA, En...
  VER_SUITE_TERMINAL
  PRODUCT_STORAGE_EXPRESS_SERVER
  VER_LESS
  CONTEXT_CONTROL
  PAGE_EXECUTE_WRITECOPY
  SM_CXSCREEN
  GetHandleInformation
  CREATE_SEPARATE_WOW_VDM
  ERROR_ENVVAR_NOT_FOUND = 203
  DBG_PRINTEXCEPTION_C
  OpenFileMappingW
  OpenFileMappingA
  OS_NT
  CREATE_THREAD_DEBUG_EVENT
  VER_GREATER
  PRODUCT_STANDARD_SERVER_V
  CheckRemoteDebuggerPresent
  ERROR_CALL_NOT_IMPLEMENTED = 120
  PROCESSOR_ARCHITECTURE_ALPHA
  GlobalFindAtom
  CONTEXT_i386
  STATUS_INTEGER_OVERFLOW
  SetConsoleCP
  ERROR_FILE_NOT_FOUND = 2
  ERROR_DBG_CONTROL_BREAK = 696
  ERROR_SERVICE_NEVER_STARTED = 1077
  CreateFileMapping
  SERVICE_CONTROL_NETBINDENABLE = 9
  VFT_STATIC_LIB
  CONTEXT_EXCEPTION_REQUEST
  LPJIT_DEBUG_INFO
  SECTION_MAP_READ
  SECTION_MAP_EXECUTE
  EVENT_ALL_ACCESS
  STARTUPINFOEX
  VS_FF_INFOINFERRED
  FILE_SHARE_DELETE
  TokenHasRestrictions = 21
  SM_CXFULLSCREEN
  SERVICE_ACCEPT_STOP = 1
  STANDARD_RIGHTS_REQUIRED = 983040
  WctStatusMax = 11
  CREATE_BREAKAWAY_FROM_JOB
  SERVICE_RECOGNIZER_DRIVER = 8
  ERROR_SERVICE_NOT_ACTIVE = 1062
  VS_FF_PATCHED
  VFT2_FONT_TRUETYPE
  CONTEXT_EXCEPTION_ACTIVE
  PROCESS_QUERY_LIMITED_INFORMATION
  SM_CYCAPTION
  STATUS_FLOAT_INVALID_OPERATION
  NTDDI_WIN8
  NTDDI_WIN7
  HEAPENTRY32
  SECURITY_ATTRIBUTES
  JIT_DEBUG_INFO32
  OS_WINDOWS_2008_R2_64
  SidTypeComputer = 9
  SM_CLEANBOOT
  SERVICE_RUNNING = 4
  FILE_FLAG_SEQUENTIAL_SCAN
  TokenLinkedToken = 19
  LPFILETIME
  ProcThreadAttributeMax
  EXCEPTION_WX86_BREAKPOINT
  ERROR_INVALID_ADDRESS = 487
  GlobalGetAtomNameW
  SECTION_EXTEND_SIZE
  GetSystemInfo
  SC_GROUP_IDENTIFIERW = u'+'
  GlobalGetAtomNameA
  THREAD_ALL_ACCESS_VISTA
  SERVICE_CONTROL_NETBINDREMOVE = 8
  PROCESS_VM_READ
  VER_SUITE_WH_SERVER
  TOKEN_ALL_ACCESS = 983551
  ERROR_PATH_NOT_FOUND = 3
  TokenDeviceClaimAttributes = 34
  OS_WINDOWS_2003_R2
  LPTHREADENTRY32
  TokenSandBoxInert = 15
  SE_PRIVILEGE_USED_FOR_ACCESS = 2147483648
  FOREGROUND_CYAN
  GetServiceKeyName = GuessStringType(GetServiceKeyNameA, GetSer...
  LPFLOATING_SAVE_AREA
  SM_CXICONSPACING
  SEMAPHORE_ALL_ACCESS
  PROCESSOR_INTEL_486
  ARCH_UNKNOWN
  MEM_RELEASE
  AllocConsole
  CreateProcessA
  INHERIT_CALLER_PRIORITY
  CreateFile
  CreateProcessW
  VFT2_FONT_VECTOR
  ERROR_BUFFER_OVERFLOW = 111
  VerifyVersionInfoA
  FileTimeToSystemTime
  SERVICE_NO_CHANGE = 4294967295
  VFT2_DRV_LANGUAGE
  PROCESSOR_ARM820
  KEY_CREATE_SUB_KEY = 4
  VS_FF_SPECIALBUILD
  SM_CXCURSOR
  VerifyVersionInfoW
  SERVICE_AUTO_START = 2
  SM_CYMINSPACING
  SM_XVIRTUALSCREEN
  TOKEN_ADJUST_GROUPS = 64
  PROCESSOR_STRONGARM
  VFT2_UNKNOWN
  OS_WINDOWS_2003_64
  LocalFree
  PROCESSENTRY32
  THREAD_PRIORITY_BELOW_NORMAL
  RegQueryValueEx = GuessStringType(RegQueryValueExA, RegQueryVa...
  WOW64_CONTEXT
  PRODUCT_PROFESSIONAL
  HKEY_CLASSES_ROOT = 2147483648
  EXCEPTION_ACCESS_VIOLATION
  ATTACH_PARENT_PROCESS
  OpenThread
  VER_SUITE_SINGLEUSERTS
  SaferPolicyLevelList = 1
  REG_SZ = 1
  EXIT_THREAD_DEBUG_EVENT
  KEY_NOTIFY = 16
  MAX_MODULE_NAME32 = 255
  SetConsoleOutputCP
  WCTP_GETINFO_ALL_FLAGS = 7
  SERVICE_KERNEL_DRIVER = 1
  PAGE_READONLY
  VER_OR
  SERVICE_CONTROL_SESSIONCHANGE = 14
  FOREGROUND_GREEN
  SM_SHUTTINGDOWN
  SERVICE_CONFIG_FAILURE_ACTIONS = 2
  PAGE_READWRITE
  MAXIMUM_SUSPEND_COUNT
  STATUS_TIMEOUT
  SE_SYSTEMTIME_NAME = 'SeSystemtimePrivilege'
  MEM_TOP_DOWN
  SM_YVIRTUALSCREEN
  PXMM_SAVE_AREA32
  ERROR_DBG_CONTROL_C = 693
  CONTEXT_i486
  MUTEX_MODIFY_STATE
  OVERLAPPED
  THREAD_SET_LIMITED_INFORMATION
  FILE_ATTRIBUTE_READONLY
  ThreadHandle
  SPECIFIC_RIGHTS_ALL = 65535
  TokenUIAccess = 26
  MEM_COMMIT
  SC_MANAGER_CREATE_SERVICE = 2
  SetConsoleTextAttribute
  FlushFileBuffers
  PROCESSOR_OPTIL
  STATUS_WX86_BREAKPOINT
  SM_CXMENUSIZE
  ACCESS_VIOLATION_TYPE_WRITE
  ERROR_PROCESS_ABORTED = 1067
  SE_UNDOCK_NAME = 'SeUndockPrivilege'
  TokenIsAppContainer = 29
  PAGE_EXECUTE_READWRITE
  LPSYSTEM_INFO
  CTRL_SHUTDOWN_EVENT
  bits
  CONTEXT_MMX_REGISTERS
  FORMAT_MESSAGE_FROM_SYSTEM
  VER_SUITE_SMALLBUSINESS_RESTRICTED
  DUPLICATE_CLOSE_SOURCE
  ResetEvent
  wow64
  TOKEN_READ = 131080
  PROCESSOR_ARCHITECTURE_SHX
  THREAD_IMPERSONATE
  WOW64_CONTEXT_i486
  SE_TRUSTED_CREDMAN_ACCESS_NAME = 'SeTrustedCredManAccessPrivil...
  VOS__WINDOWS16
  SMALL_RECT
  WinFuncHook
  ERROR_ELEVATION_REQUIRED = 740
  SM_CXEDGE
  ERROR_FILENAME_EXCED_RANGE = 206
  OS_W2K3R2
  STATUS_FLOAT_DIVIDE_BY_ZERO
  WctMaxType = 11
  NTDDI_WS03SP2
  NTDDI_WS03SP1
  ERROR_SERVICE_DEPENDENCY_DELETED = 1075
  WctProcessWaitType = 7
  SE_CREATE_SYMBOLIC_LINK_NAME = 'SeCreateSymbolicLinkPrivilege'
  PROCESS_TERMINATE
  SM_CYFULLSCREEN
  LPOVERLAPPED
  ERROR_DBG_EXCEPTION_NOT_HANDLED = 688
  DBG_COMMAND_EXCEPTION
  TokenSessionId = 12
  KEY_EXECUTE = 131097
  PRODUCT_SERVER_FOR_SMALLBUSINESS_V
  PRODUCT_HOME_BASIC
  SM_CYSCREEN
  WOW64_FLOATING_SAVE_AREA
  STATUS_POSSIBLE_DEADLOCK
  SERVICE_ACCEPT_USERMODEREBOOT = 2048
  ACCESS_VIOLATION_TYPE_READ
  ProcThreadAttributeIdealProcessor
  EXCEPTION_INVALID_DISPOSITION
  SM_CYBORDER
  PRODUCT_ENTERPRISE_SERVER_CORE_V
  WctThreadType = 8
  CREATE_UNICODE_ENVIRONMENT
  ERROR_BAD_LENGTH = 24
  STATUS_IN_PAGE_ERROR
  VER_NT_DOMAIN_CONTROLLER
  GetFileInformationByHandle
  SE_SYNC_AGENT_NAME = 'SeSyncAgentPrivilege'
  OS_W2K3R2_64
  GlobalGetAtomName
  SERVICE_INTERROGATE = 128
  GR_GDIOBJECTS
  STATUS_SINGLE_STEP
  TOKEN_QUERY = 8
  WINVER
  OPEN_EXISTING
  WOW64_CONTEXT_SEGMENTS
  FILE_MAP_READ
  VER_PLATFORM_WIN32_WINDOWS
  RegOpenKeyEx = GuessStringType(RegOpenKeyExA, RegOpenKeyExW)
  GetVersionEx
  MAX_PATH = 260
  THREAD_QUERY_INFORMATION
  WctStatusAbandoned = 8
  ERROR_DBG_CONTINUE = 767
  SC_MANAGER_QUERY_LOCK_STATUS = 16
  FOREGROUND_GREY
  ERROR_CIRCULAR_DEPENDENCY = 1059
  EVENT_MODIFY_STATE
  _DEBUG_EVENT_UNION_
  JIT_DEBUG_INFO
  PROC_THREAD_ATTRIBUTE_EXTENDED_FLAGS
  SidTypeGroup = 2
  SM_CXBORDER
  NTDDI_WIN2KSP4
  SM_REMOTESESSION
  NTDDI_WIN2KSP2
  NTDDI_WIN2KSP3
  NTDDI_WIN2KSP1
  LOAD_WITH_ALTERED_SEARCH_PATH
  windll = WinDllHook()
  PROCESS_ALL_ACCESS_NT
  HEAP_NO_SERIALIZE
  SERVICE_WIN32 = 48
  SM_MOUSEWHEELPRESENT
  RegConnectRegistry = GuessStringType(RegConnectRegistryA, RegC...
  ERROR_DUPLICATE_SERVICE_NAME = 1078
  SM_CXMAXTRACK
  GetErrorMode
  ERROR_BAD_ARGUMENTS = 160
  STATUS_FLOAT_INEXACT_RESULT
  FILE_FLAG_DELETE_ON_CLOSE
  EXCEPTION_FLT_STACK_CHECK
  TOKEN_ADJUST_SESSIONID = 256
  PRODUCT_BUSINESS
  _LDT_ENTRY_BITS_
  SM_SERVERR2
  DEBUG_EVENT
  VER_SERVICEPACKMAJOR
  GetConsoleCP
  WOW64_CONTEXT_ALL
  ERROR_SERVICE_CANNOT_ACCEPT_CTRL = 1061
  SM_CYMENUSIZE
  SERVICE_ENUMERATE_DEPENDENTS = 8
  GENERIC_WRITE
  TokenStatistics = 10
  VFT_RESERVED
  RegDeleteKeyValue = GuessStringType(RegDeleteKeyValueA, RegDel...
  HEAP_GENERATE_EXCEPTIONS
  ERROR_NO_MORE_FILES = 18
  TokenGroupsAndPrivileges = 13
  EXCEPTION_NONCONTINUABLE_EXCEPTION
  SM_DBCSENABLED
  PROC_THREAD_ATTRIBUTE_PARENT_PROCESS
  DBG_TERMINATE_PROCESS
  REG_MULTI_SZ = 7
  Wow64DisableWow64FsRedirection
  SM_CXPADDEDBORDER
  SERVICE_ERROR_IGNORE = 0
  FILE_FLAG_WRITE_THROUGH
  CREATE_SHARED_WOW_VDM
  GetDllDirectory
  SM_CYSMSIZE
  SERVICE_ACCEPT_TRIGGEREVENT = 1024
  EXCEPTION_READ_FAULT
  FILE_MAP_COPY
  TokenDeviceGroups = 37
  GetProcessVersion
  THREAD_PRIORITY_ABOVE_NORMAL
  CREATE_FORCEDOS
  LPPROCESSENTRY32
  WCT_OUT_OF_PROC_CS_FLAG = 4
  TH32CS_SNAPPROCESS
  CreateProcessAsUser = GuessStringType(CreateProcessAsUserA, Cr...
  SM_CXMINTRACK
  GetExitCodeProcess
  GetProcessId
  FOREGROUND_BLUE
  SE_ASSIGNPRIMARYTOKEN_NAME = 'SeAssignPrimaryTokenPrivilege'
  SecurityDelegation = 3
  DBG_APP_NOT_IDLE
  PRODUCT_DATACENTER_SERVER_V
  PROC_THREAD_ATTRIBUTE_PREFERRED_NODE
  VFT_UNKNOWN
  FILE_MAP_EXECUTE
  Thread32First
  SM_CXDRAG
  EXCEPTION_GUARD_PAGE
  STATUS_FLOAT_OVERFLOW
  CTRL_LOGOFF_EVENT
  SM_PENWINDOWS
  PEXCEPTION_RECORD
  GlobalFindAtomW
  ERROR_SERVICE_NOT_IN_EXE = 1083
  VER_PLATFORM_WIN32_NT
  GlobalFindAtomA
  SM_CYMAXIMIZED
  VER_NT_SERVER
  GENERIC_EXECUTE
  ERROR_INVALID_FLAG_NUMBER = 186
  PROCESS_DEP_ENABLE
  LPHEAPLIST32
  Heap32First
  PROCESSOR_ARCHITECTURE_MIPS
  Process32Next
  SM_CYVTHUMB
  STATUS_DATATYPE_MISALIGNMENT
  LPVS_FIXEDFILEINFO
  TOKEN_ADJUST_PRIVILEGES = 32
  ARCH_PPC
  MEM_FREE
  CTRL_CLOSE_EVENT
  SidTypeUnknown = 8
  FILE_MAP_ALL_ACCESS
  WctStatusPidOnly = 4
  PRODUCT_SMALLBUSINESS_SERVER
  CREATE_NEW
  SE_CREATE_PERMANENT_NAME = 'SeCreatePermanentPrivilege'
  UNLOAD_DLL_DEBUG_INFO
  TokenCapabilities = 30
  ARCH_ARM64
  os
  PHANDLER_ROUTINE
  SE_MANAGE_VOLUME_NAME = 'SeManageVolumePrivilege'
  LoadLibraryW
  STATUS_CONTROL_C_EXIT
  PAGE_NOCACHE
  LoadLibraryA
  SM_CYEDGE
  VER_SUITE_COMPUTE_SERVER
  BELOW_NORMAL_PRIORITY_CLASS
  SERVICE_ACCEPT_NETBINDCHANGE = 16
  OS_WINDOWS_VISTA
  CONTEXT_AMD64
  LPOSVERSIONINFOEXW
  ReadProcessMemory
  GetConsoleScreenBufferInfo
  LPOSVERSIONINFOEXA
  CREATE_NEW_PROCESS_GROUP
  ProcThreadAttributeList
  PRODUCT_STORAGE_WORKGROUP_SERVER
  SERVICE_PAUSE_PENDING = 6
  EXCEPTION_RECORD32
  SM_CYDLGFRAME
  DuplicateHandle
  WCT_OUT_OF_PROC_FLAG = 1
  ERROR_BOOT_ALREADY_ACCEPTED = 1076
  PLDT_ENTRY
  WinDllHook
  STATUS_ILLEGAL_INSTRUCTION
  NTDDI_WS03
  EXTENDED_STARTUPINFO_PRESENT
  NTDDI_WS08
  LPPROC_THREAD_ATTRIBUTE_LIST
  THREAD_BASE_PRIORITY_MIN
  EXCEPTION_DEBUG_EVENT
  WctStatusBlocked = 3
  SM_CXSMSIZE
  SERVICE_CONTROL_PAUSE = 2
  SIZE_OF_80387_REGISTERS
  CONTEXT_ALL
  WctStatusRunning = 2
  WAIT_TIMEOUT = 258
  WctStatusOwned = 6
  TokenIntegrityLevel = 25
  FileHandle
  JIT_DEBUG_INFO64
  GetStdHandle
  VER_SUITE_BLADE
  SERVICE_ACCEPT_PARAMCHANGE = 8
  VOS_OS216_PM16
  SM_IMMENABLED
  STILL_ACTIVE
  MemoryBasicInformation
  SYSTEM_INFO
  CREATE_PROCESS_DEBUG_EVENT
  NTDDI_VISTA
  PROCESSOR_PPC_620
  WctThreadWaitType = 6
  LPHEAPENTRY32
  ERROR_INVALID_PARAMETER = 87
  DBG_NO_STATE_CHANGE
  WctCriticalSectionType = 1
  PROCESS_DUP_HANDLE
  WCTP_OPEN_ALL_FLAGS = 1
  GlobalAddAtom
  BACKGROUND_GREY
  VFT2_DRV_KEYBOARD
  WOW64_CS32
  VOS_NT
  REG_EXPAND_SZ = 2
  EXCEPTION_FLT_DENORMAL_OPERAND
  SE_SHUTDOWN_NAME = 'SeShutdownPrivilege'
  LoadLibraryExA
  SM_CYFRAME
  OpenSCManager = GuessStringType(OpenSCManagerA, OpenSCManagerW)
  COMMON_LVB_REVERSE_VIDEO
  NTDDI_WIN2K
  LoadLibraryExW
  PROCESSOR_ALPHA_21064
  CreateEvent
  PRODUCT_ENTERPRISE_SERVER_CORE
  SERVICE_DISABLED = 4
  STATUS_ARRAY_BOUNDS_EXCEEDED
  THREAD_DIRECT_IMPERSONATION
  SE_PRIVILEGE_ENABLED = 2
  SAFER_TOKEN_COMPARE_ONLY = 2
  SAFER_LEVELID_NORMALUSER = 131072
  PRODUCT_STORAGE_ENTERPRISE_SERVER
  ARCH_HITACHI
  CreateToolhelp32Snapshot
  WOW64_CONTEXT_EXTENDED_REGISTERS
  CONTEXT_SEGMENTS
  DBG_EXCEPTION_HANDLED
  ARCH_ALPHA64
  THREAD_ALL_ACCESS_NT
  OSVERSION_MASK
  SM_CXFOCUSBORDER
  ProcessInformation
  STATUS_WAIT_0
  ProcThreadAttributeHandleList
  EXCEPTION_INT_DIVIDE_BY_ZERO
  ProcThreadAttributeExtendedFlags
  SUBVERSION_MASK
  SM_CYSMICON
  ERROR_CANNOT_DETECT_PROCESS_ABORT = 1081
  VS_FF_PRERELEASE
  UpdateProcThreadAttribute
  ERROR_DIR_NOT_EMPTY = 145
  SLE_MINORERROR
  ERROR_HANDLE_EOF = 38
  SC_GROUP_IDENTIFIERA = '+'
  CONTEXT_EXTENDED_REGISTERS
  SE_TCB_NAME = 'SeTcbPrivilege'
  PCOORD
  SAFER_SCOPEID_USER = 2
  THREAD_SET_THREAD_TOKEN
  LPSYSTEMTIME
  SE_REMOTE_SHUTDOWN_NAME = 'SeRemoteShutdownPrivilege'
  GetCurrentThread
  SM_RESERVED4
  SM_RESERVED1
  SM_RESERVED3
  SM_RESERVED2
  OS_WINDOWS_2008_R2
  BACKGROUND_MAGENTA
  PROCESS_CREATION_MITIGATION_POLICY_DEP_ATL_THUNK_ENABLE
  TokenGroups = 2
  EXIT_THREAD_DEBUG_INFO
  EXCEPTION_EXECUTE_FAULT
  DeleteProcThreadAttributeList
  ERROR_DISK_FULL = 112
  SE_CREATE_GLOBAL_NAME = 'SeCreateGlobalPrivilege'
  SC_ACTION_RUN_COMMAND = 3
  TokenRestrictedUserClaimAttributes = 35
  FILE_ATTRIBUTE_DEVICE
  VerifyVersionInfo
  LPSTARTUPINFOEX
  TokenMandatoryPolicy = 27
  GetCurrentProcess
  MEM_RESET
  REG_LINK = 6
  FlushProcessWriteBuffers
  FILE_ATTRIBUTE_HIDDEN
  LPJIT_DEBUG_INFO32
  ProcThreadAttributePreferredNode
  SERVICE_WIN32_OWN_PROCESS = 16
  FLOATING_SAVE_AREA
  SM_MOUSEPRESENT
  EXCEPTION_SINGLE_STEP
  ARCH_MIPS
  PROCESSOR_ARCHITECTURE_IA32_ON_WIN64
  CREATE_THREAD_DEBUG_INFO
  SERVICE_CONTROL_STOP = 1
  DELETE = 65536
  SE_DEBUG_NAME = 'SeDebugPrivilege'
  RegDeleteTree = GuessStringType(RegDeleteTreeA, RegDeleteTreeW)
  SM_CXVSCROLL
  ConvertStringSidToSid = GuessStringType(ConvertStringSidToSidA...
  PROFILE_KERNEL
  SM_SLOWMACHINE
  WCT_OBJNAME_LENGTH = 128
  SECTION_MAP_WRITE
  TokenOwner = 4
  LOAD_DLL_DEBUG_INFO
  VOS_OS232_PM32
  FlushInstructionCache
  PROCESSOR_ARCHITECTURE_IA64
  STATUS_INTEGER_DIVIDE_BY_ZERO
  PRODUCT_PROFESSIONAL_E
  PRODUCT_PROFESSIONAL_N
  OpenService = GuessStringType(OpenServiceA, OpenServiceW)
  WctComType = 5
  VOS_UNKNOWN
  DUPLICATE_SAME_ACCESS
  STATUS_FLOAT_STACK_CHECK
  PROC_THREAD_ATTRIBUTE_HANDLE_LIST
  VFT2_DRV_NETWORK
  SE_SYSTEM_PROFILE_NAME = 'SeSystemProfilePrivilege'
  PFLOATING_SAVE_AREA
  STATUS_ABANDONED_WAIT_0
  GetServiceDisplayName = GuessStringType(GetServiceDisplayNameA...
  ERROR_SERVICE_EXISTS = 1073
  SERVICE_FILE_SYSTEM_DRIVER = 2
  TOKEN_DUPLICATE = 2
  VER_MINORVERSION
  SAFER_TOKEN_MASK = 15
  TokenVirtualizationAllowed = 23
  GetTempFileNameW
  TokenSource = 7
  PROCESSOR_MIPS_R4000
  STANDARD_RIGHTS_EXECUTE = 131072
  STATUS_GUARD_PAGE_VIOLATION
  SM_CYSIZEFRAME
  EXCEPTION_RECORD64
  CONTEXT_SERVICE_ACTIVE
  Thread32Next
  VER_PLATFORMID
  VER_NT_WORKSTATION
  MAXIMUM_WAIT_OBJECTS
  TokenAppContainerNumber = 32
  COMMON_LVB_GRID_HORIZONTAL
  ProcThreadAttributeUmsThread
  RegCreateKey = GuessStringType(RegCreateKeyA, RegCreateKeyW)
  LOAD_LIBRARY_AS_DATAFILE_EXCLUSIVE
  GetProcessTimes
  TH32CS_SNAPTHREAD
  ERROR_DBG_RIPEXCEPTION = 695
  SC_MANAGER_MODIFY_BOOT_CONFIG = 32
  FileMappingHandle
  CreateProcess
  SM_REMOTECONTROL
  PRODUCT_ENTERPRISE_N
  PRODUCT_ENTERPRISE_E
  CREATE_ALWAYS
  PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY
  THREAD_PRIORITY_ERROR_RETURN
  PROCESS_SET_QUOTA
  VFT2_DRV_MOUSE
  warnings
  PROCESS_MODE_BACKGROUND_BEGIN
  READ_CONTROL = 131072
  PulseEvent
  FOREGROUND_MASK
  UnmapViewOfFile
  COMMON_LVB_MASK
  STATUS_SEGMENT_NOTIFICATION
  VFT2_DRV_RESERVED
  SEM_NOGPFAULTERRORBOX
  SM_CXSIZE
  CreateService = GuessStringType(CreateServiceA, CreateServiceW)
  LPSTARTUPINFOW
  GetTempFileNameA
  GetConsoleOutputCP
  OS_W7_64
  STATUS_HEAP_CORRUPTION
  SERVICE_ERROR_CRITICAL = 3
  Wow64SuspendThread
  ERROR_UNHANDLED_EXCEPTION = 574
  OS_WINDOWS_SEVEN
  MEM_RESERVE
  VOS_DOS
  SERVICE_CONTINUE_PENDING = 5
  ERROR_NOT_SUPPORTED = 50
  PROCESS_SET_SESSIONID
  ERROR_ACCESS_DENIED = 5
  STATUS_BREAKPOINT
  WctStatusUnknown = 9
  STANDARD_RIGHTS_ALL = 2031616
  REG_DWORD_LITTLE_ENDIAN = 4
  OPEN_ALWAYS
  QueryDosDevice
  SE_CHANGE_NOTIFY_NAME = 'SeChangeNotifyPrivilege'
  SERVICE_USER_DEFINED_CONTROL = 256
  FILE_FLAG_OVERLAPPED
  PROCESSOR_PPC_604
  DeviceIoControl
  PROCESSOR_PPC_601
  PROCESSOR_PPC_603
  SidTypeLabel = 10
  SM_MIDEASTENABLED
  CONTEXT_INTEGER
  FILE_SHARE_WRITE
  SetProcessAffinityMask
  EnumServicesStatusEx = DefaultStringType(EnumServicesStatusExA...
  EXCEPTION_NONCONTINUABLE
  PEXCEPTION_RECORD64
  ARCH_MSIL
  SE_SECURITY_NAME = 'SeSecurityPrivilege'
  WRITE_DAC = 262144
  LPSTARTUPINFO
  WOW64_CONTEXT_DEBUG_REGISTERS
  GlobalAddAtomA
  GetThreadSelectorEntry
  PROC_THREAD_ATTRIBUTE_INPUT
  SERVICE_ADAPTER = 4
  TIMER_MODIFY_STATE
  TokenRestrictedDeviceClaimAttributes = 36
  PRODUCT_STANDARD_SERVER_CORE_V
  GetVersionExW
  VER_PLATFORM_WIN32s
  WRITE_OWNER = 524288
  GetVersionExA
  ERROR_BAD_PATHNAME = 161
  SM_CYDRAG
  Process32First
  UserModeHandle
  ARCH_IA64
  PWOW64_LDT_ENTRY
  SERVICE_CHANGE_CONFIG = 2
  REG_QWORD_LITTLE_ENDIAN = 11
  CONTEXT_EXCEPTION_REPORTING
  SERVICE_DRIVER = 11
  XMM_SAVE_AREA32
  HEAPLIST32
  THREAD_PRIORITY_NORMAL
  CreateEventW
  THREAD_ALL_ACCESS
  ERROR_SERVICE_DEPENDENCY_FAIL = 1068
  CreateEventA
  WCT_MAX_NODE_COUNT = 16
  PRODUCT_ULTIMATE_N
  PRODUCT_ULTIMATE_E
  PROC_THREAD_ATTRIBUTE_GROUP_AFFINITY
  SERVICES_ACTIVE_DATABASEA = 'ServicesActive'
  PROCESSOR_ARM920
  SM_TABLETPC
  PROCESS_SET_INFORMATION
  TH32CS_SNAPHEAPLIST
  SC_ACTION_RESTART = 1
  SM_CXICON
  SM_CMONITORS
  DBG_RIPEXCEPTION
  PROCESS_ALL_ACCESS
  DETACHED_PROCESS
  LoadLibraryEx
  SM_CYMIN
  GetTempPath
  COORD
  SERVICE_STOP = 32
  OpenMutexW
  SAFER_TOKEN_NULL_IF_EQUAL = 1
  SE_PRIVILEGE_ENABLED_BY_DEFAULT = 1
  PRODUCT_ENTERPRISE_SERVER_IA64
  SecurityAnonymous = 0
  GetFinalPathNameByHandle
  REG_RESOURCE_LIST = 8
  FILE_NAME_NORMALIZED
  Toolhelp32ReadProcessMemory
  SE_RESTORE_NAME = 'SeRestorePrivilege'
  DBG_CONTROL_C
  UNLOAD_DLL_DEBUG_EVENT
  SEC_LARGE_PAGES
  PRODUCT_STARTER
  Heap32Next
  RegEnumKey = DefaultStringType(RegEnumKeyA, RegEnumKeyW)
  EXCEPTION_FLT_DIVIDE_BY_ZERO
  EXCEPTION_INT_OVERFLOW
  THREAD_PRIORITY_HIGHEST
  WOW64_CONTEXT_FULL
  CreateProcessWithToken = DefaultStringType(CreateProcessWithTo...
  WaitForDebugEvent
  RPC_S_SERVER_UNAVAILABLE = 1722
  ERROR_FILE_EXISTS = 80
  RegEnumValue = DefaultStringType(RegEnumValueA, RegEnumValueW)
  ResumeThread
  VS_FIXEDFILEINFO
  SAFER_LEVELID_UNTRUSTED = 4096
  VER_EQUAL
  STATUS_ACCESS_VIOLATION
  OS_WINDOWS_SEVEN_64
  LPBY_HANDLE_FILE_INFORMATION
  PAGE_GUARD
  EXCEPTION_WRITE_FAULT
  DEBUG_ONLY_THIS_PROCESS
  ERROR_NOT_SAFEBOOT_SERVICE = 1084
  ERROR_THREAD_NOT_IN_PROCESS = 566
  ProcThreadAttributeParentProcess
  SM_SECURE
  ERROR_CONTROL_C_EXIT = 572
  EXIT_PROCESS_DEBUG_EVENT
  CREATE_PRESERVE_CODE_AUTHZ_LEVEL
  SearchPath
  KEY_READ = 131097
  TokenRestrictedSids = 11
  COMMON_LVB_TRAILING_BYTE
  THREAD_PRIORITY_IDLE
  ERROR_ALREADY_RUNNING_LKG = 1074
  GetProcessPriorityBoost
  PROCESSOR_ARCHITECTURE_SPARC
  SecurityIdentification = 1
  SE_CREATE_TOKEN_NAME = 'SeCreateTokenPrivilege'
  WOW64_CONTEXT_i386
  WaitForMultipleObjectsEx
  WOW64_CONTEXT_INTEGER
  ERROR_DEBUGGER_INACTIVE = 1284
  EXCEPTION_FLT_OVERFLOW
  VER_PRODUCT_TYPE
  LPCONTEXT
  VerQueryValue
  STD_OUTPUT_HANDLE
  SYSTEMTIME
  TIMER_ALL_ACCESS
  PROCESSOR_ARCHITECTURE_PPC
  Wow64SetThreadContext
  VOS_OS232
  EXCEPTION_IN_PAGE_ERROR
  PROCESSOR_ARCHITECTURE_MSIL
  SE_SYSTEM_ENVIRONMENT_NAME = 'SeSystemEnvironmentPrivilege'
  CreateFileMappingW
  SERVICE_ERROR_NORMAL = 1
  SM_CYMINIMIZED
  PRODUCT_STORAGE_STANDARD_SERVER
  HKEY_LOCAL_MACHINE = 2147483650
  CreateFileMappingA
  StartService = GuessStringType(StartServiceA, StartServiceW)
  MEM_PHYSICAL
  SERVICE_CONTROL_CONTINUE = 3
  SM_CYSIZE
  SERVICE_CONTROL_PARAMCHANGE = 6
  PRODUCT_DATACENTER_SERVER_CORE
  GetLastError
  ERROR_DBG_COMMAND_EXCEPTION = 697
  KEY_WRITE = 131078
  STATUS_SXS_INVALID_DEACTIVATION
  SERVICE_STOPPED = 1
  SERVICE_QUERY_STATUS = 4
  ERROR_INVALID_NAME = 123
  SuspendThread
  PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION
  SM_CXFRAME
  CreateMutex
  TokenAuditPolicy = 16
  CloseHandle
  SAFER_TOKEN_WANT_FLAGS = 8
  GetProcessHandleCount
  GetThreadId
  CONTEXT_DEBUG_REGISTERS
  OpenEventW
  OpenEventA
  ERROR_PROC_NOT_FOUND = 127
  SM_CXVIRTUALSCREEN
  EXCEPTION_STACK_OVERFLOW
  SM_STARTER
  SAFER_LEVELID_CONSTRAINED = 65536
  THREAD_BASE_PRIORITY_IDLE
  GetTempPathA
  ERROR_DBG_REPLY_LATER = 689
  SM_CXHSCROLL
  GetTempPathW
  SERVICE_CONTROL_SHUTDOWN = 5
  LOAD_LIBRARY_AS_IMAGE_RESOURCE
  OutputDebugStringW
  ERROR_NOT_ENOUGH_MEMORY = 8
  OutputDebugStringA
  SERVICE_CONTROL_NETBINDADD = 7
  WriteProcessMemory
  ERROR_INSUFFICIENT_BUFFER = 122
  WctStatusNoAccess = 1
  FlushViewOfFile
  TokenImpersonationLevel = 9
  PROCESSOR_INTEL_IA64
  SetThreadErrorMode
  SM_CXMINIMIZED
  InitializeProcThreadAttributeList
  PRODUCT_MEDIUMBUSINESS_SERVER_MESSAGING
  OS_WINDOWS_XP
  ARCH_T32
  FILE_FLAG_NO_BUFFERING
  VOLUME_NAME_GUID
  PCONSOLE_SCREEN_BUFFER_INFO
  GlobalAddAtomW
  DBG_TERMINATE_THREAD
  SC_ACTION_NONE = 0
  SEM_FAILCRITICALERRORS
  KEY_CREATE_LINK = 32
  LDT_ENTRY
  SetPriorityClass
  TokenAccessInformation = 22
  SERVICE_PAUSE_CONTINUE = 64
  ERROR_EXCEPTION_IN_SERVICE = 1064
  PROCESSOR_ARCHITECTURE_UNKNOWN
  PRODUCT_HYPERV
  BACKGROUND_RED
  CreateRemoteThread
  POSVERSIONINFOEXA
  STATUS_FLOAT_UNDERFLOW
  MEMORY_BASIC_INFORMATION32
  KEY_WOW64_64KEY = 256
  POSVERSIONINFOEXW
  LPDEBUG_EVENT
  GetDllDirectoryW
  ERROR_PARTIAL_COPY = 299
  SM_CMOUSEBUTTONS
  PAGE_NOACCESS
  KEY_SET_VALUE = 2
  BACKGROUND_BLUE
  TIMER_QUERY_STATE
  CONTEXT_FLOATING_POINT
  SC_MANAGER_ALL_ACCESS = 983103
  HEAP_CREATE_ENABLE_EXECUTE
  HANDLE_FLAG_INHERIT
  ERROR_NO_RECOVERY_PROGRAM = 1082
  SidTypeUser = 1
  SAFER_LEVELID_FULLYTRUSTED = 262144
  CREATE_SUSPENDED
  MEM_LARGE_PAGES
  PVS_FIXEDFILEINFO
  VFT2_DRV_INSTALLABLE
  MEM_WRITE_WATCH
  SAFER_SCOPEID_MACHINE = 1
  FOREGROUND_MAGENTA
  TokenType = 8
  GetCurrentDirectoryW
  VirtualFreeEx
  LOAD_DLL_DEBUG_EVENT
  PROFILE_SERVER
  GetCurrentDirectoryA
  PROCESSOR_ARCHITECTURE_ALPHA64
  VFT2_DRV_SOUND
  WctSendMessageType = 2
  VS_FF_DEBUG
  EXCEPTION_MAXIMUM_PARAMETERS
  INFINITE = -1
  DBG_CONTROL_BREAK
  ERROR_MOD_NOT_FOUND = 126
  REG_DWORD = 4
  TokenIsRestricted = 40
  PMEMORY_BASIC_INFORMATION
  SM_CYSMCAPTION
  WctStatusNotOwned = 7
  SM_SAMEDISPLAYFORMAT
  THREAD_PRIORITY_LOWEST
  ERROR_ALREADY_EXISTS = 183
  EXCEPTION_DEBUG_INFO
  VOS_DOS_WINDOWS32
  SC_MANAGER_CONNECT = 1
  PROCESS_VM_WRITE
  ERROR_INVALID_HANDLE = 6
  SM_CXMAXIMIZED
  ERROR_INVALID_FUNCTION = 1
  GetCurrentDirectory
  PROCESS_CREATE_THREAD
  RegOpenKey = GuessStringType(RegOpenKeyA, RegOpenKeyW)
  STATUS_STACK_BUFFER_OVERRUN
  OS_XP
  REG_NONE = 0
  SM_CARETBLINKINGENABLED
  LPSTARTUPINFOEXW
  SE_INCREASE_QUOTA_NAME = 'SeIncreaseQuotaPrivilege'
  SAFER_LEVEL_OPEN = 1
  RaiseIfLastError
  SM_CYCURSOR
  SERVICE_ACCEPT_SHUTDOWN = 4
  FILETIME
  CONTEXT
  FILE_FLAG_RANDOM_ACCESS
  STATUS_REG_NAT_CONSUMPTION
  VOLUME_NAME_NONE
  OS_W2K8
  OS_W2K3
  PROCESSOR_ARM720
  WOW64_CONTEXT_FLOATING_POINT
  PROCESS_VM_OPERATION
  context_i386
  SM_CYFOCUSBORDER
  CONSOLE_SCREEN_BUFFER_INFO
  PRODUCT_STANDARD_SERVER
  SecurityImpersonation = 2
  SaferPolicyEnableTransparentEnforcement = 2
  ERROR_INVALID_SERVICE_LOCK = 1071
  TokenElevation = 20
  GenerateConsoleCtrlEvent
  HKEY_CURRENT_CONFIG = 2147483653
  PEXCEPTION_RECORD32
  EXCEPTION_POSSIBLE_DEADLOCK
  PROFILE_USER
  GetTempFileName
  GetModuleHandle
  PRODUCT_HOME_PREMIUM_N
  PAGE_WRITECOMBINE
  PRODUCT_ENTERPRISE_SERVER_V
  GetDllDirectoryA
  WctComActivationType = 9
  BY_HANDLE_FILE_INFORMATION
  VER_AND
  WctMutexType = 3
  GetNativeSystemInfo
  VFT_APP
  Heap32ListFirst
  SERVICE_ACCEPT_POWEREVENT = 64
  TokenElevationTypeDefault = 1
  COMMON_LVB_GRID_LVERTICAL
  ERROR_DBG_TERMINATE_PROCESS = 692
  GetFinalPathNameByHandleW
  SM_CYFIXEDFRAME
  SE_UNSOLICITED_INPUT_NAME = 'SeUnsolicitedInputPrivilege'
  SM_NETWORK
  GetFinalPathNameByHandleA
  TokenOrigin = 17
  PRODUCT_SERVER_FOR_SMALLBUSINESS
  INITIAL_FPCSR
  VS_FF_PRIVATEBUILD
  SE_TAKE_OWNERSHIP_NAME = 'SeTakeOwnershipPrivilege'
  VFT_DLL
  ARCH_IA32
  PRODUCT_UNLICENSED
  RIP_EVENT
  GetLargePageMinimum
  SLE_WARNING
  CREATE_NO_WINDOW
  STATUS_INVALID_DISPOSITION
  SERVICE_CONTROL_HARDWAREPROFILECHANGE = 12
  CHAR_INFO
  TOKEN_QUERY_SOURCE = 16
  FILE_MAP_WRITE
  DebugActiveProcessStop
  CREATE_PROCESS_DEBUG_INFO
  ARCH_I386
  OUTPUT_DEBUG_STRING_EVENT
  SaferPolicyScopeFlags = 5
  WctAlpcType = 4
  ERROR_MORE_DATA = 234
  RegDeleteKey = GuessStringType(RegDeleteKeyA, RegDeleteKeyW)
  OS_W7
  ARCH_ALPHA
  IsWow64Process
  STANDARD_RIGHTS_READ = 131072
  SERVICE_ACCEPT_TIMECHANGE = 512
  TokenSecurityAttributes = 39
  SECTION_ALL_ACCESS
  PROCESSOR_HITACHI_SH3
  PROCESSOR_HITACHI_SH4
  VFT_FONT
  DONT_RESOLVE_DLL_REFERENCES
  REG_BINARY = 3
  SEC_RESERVE
  MEM_DECOMMIT
  SERVICE_ACCEPT_PAUSE_CONTINUE = 2
  BACKGROUND_YELLOW
  SM_SWAPBUTTON
  SM_DEBUG
  SetConsoleCtrlHandler
  PROCESS_INFORMATION
  RegDeleteKeyEx = GuessStringType(RegDeleteKeyExA, RegDeleteKey...
  Module32First
  WctStatusError = 10
  SM_CYICONSPACING
  GetExitCodeThread
  PROC_THREAD_ATTRIBUTE_THREAD
  Module32Next
  SM_CYICON
  SetDllDirectory
  TOKEN_IMPERSONATE = 4
  TOKEN_ASSIGN_PRIMARY = 1
  DebugActiveProcess
  REALTIME_PRIORITY_CLASS
  SM_CXSIZEFRAME
  TokenPrivileges = 3
  CTRL_C_EVENT
  MUTEX_ALL_ACCESS
  VER_MAJORVERSION
  DBG_UNABLE_TO_PROVIDE_HANDLE
  RtlPcToFileHeader
  PRODUCT_BUSINESS_N
  SM_CXMINSPACING
  SE_TIME_ZONE_NAME = 'SeTimeZonePrivilege'
  TRUNCATE_EXISTING
  SM_CXHTHUMB
  DebugBreakProcess
  ARCH_AARCH64
  VER_SUITE_SMALLBUSINESS
  TokenAppContainerSid = 31
  PROCESSOR_MOTOROLA_821
  THREAD_ALERT
  WCT_ASYNC_OPEN_FLAG = 1
  INVALID_HANDLE_VALUE = 4294967295
  IDLE_PRIORITY_CLASS
  PRODUCT_WEB_SERVER_CORE
  SM_CMETRICS
  AttachConsole
  ERROR_SERVICE_SPECIFIC_ERROR = 1066
  GlobalDeleteAtom
  THREAD_BASE_PRIORITY_MAX
  SidTypeDeletedAccount = 6
  WaitForSingleObjectEx
  VFT_VXD
  MODULEENTRY32
  FILE_ATTRIBUTE_TEMPORARY
  OS_WINDOWS_2008
  ConvertSidToStringSid = DefaultStringType(ConvertSidToStringSi...
  OS_WINDOWS_2003
  OS_WINDOWS_2000
  LOAD_IGNORE_CODE_AUTHZ_LEVEL
  STATUS_USER_APC
  SetSearchPathMode
  HKEY_CURRENT_USER = 2147483649
  SERVICE_SYSTEM_START = 1
  THREAD_SET_CONTEXT
  SERVICE_BOOT_START = 0
  STATUS_FLOAT_MULTIPLE_TRAPS
  PROCESS_MODE_BACKGROUND_END
  PRODUCT_UNDEFINED
  SERVICE_QUERY_CONFIG = 1
  PRODUCT_STARTER_N
  PRODUCT_STARTER_E
  CTRL_BREAK_EVENT
  WOW64_MAXIMUM_SUPPORTED_EXTENSION
  SERVICE_ACCEPT_PRESHUTDOWN = 256
  SC_ENUM_PROCESS_INFO = 0
  FILE_ATTRIBUTE_NORMAL
  HANDLE_FLAG_PROTECT_FROM_CLOSE
  SM_CYHSCROLL
  SYNCHRONIZE = 1048576
  TOKEN_ADJUST_DEFAULT = 128
  OS_UNKNOWN
  WCT_OUT_OF_PROC_COM_FLAG = 2
  SC_MANAGER_LOCK = 8
  SM_CYMENUCHECK
  ERROR_PRIVILEGE_NOT_HELD = 1314
  WRITE_WATCH_FLAG_RESET
  context_amd64
  PROCESSOR_INTEL_PENTIUM
  FOREGROUND_INTENSITY
  SERVICE_INTERACTIVE_PROCESS = 256
  ACCESS_VIOLATION_TYPE_DEP
  SERVICE_CONTROL_INTERROGATE = 4
  STATUS_INVALID_INFO_CLASS
  ERROR_NONE_MAPPED = 1332
  DBG_CONTINUE
  GetCurrentProcessId
  SERVICE_INACTIVE = 2
  GetFullPathNameA
  SetEvent
  QueryDosDeviceA
  PCONTEXT
  LPOSVERSIONINFOA
  QueryDosDeviceW
  GetFullPathNameW
  LPOSVERSIONINFOW
  ProcThreadAttributeMitigationPolicy
  SM_SHOWSOUNDS
  PRODUCT_HOME_BASIC_E
  PRODUCT_HOME_BASIC_N
  ERROR_SUCCESS = 0
  LPPROCESS_INFORMATION
  GetPriorityClass
  SM_CYMENU
  VFT2_DRV_VERSIONED_PRINTER
  PRODUCT_CLUSTER_SERVER
  ARCH_ARM8
  ARCH_ARM7
  VOS_DOS_WINDOWS16
  COMMON_LVB_GRID_RVERTICAL
  DebugSetProcessKillOnExit
  TokenElevationTypeFull = 2
  OS_W2K8R2_64
  STATUS_NO_MEMORY
  FILE_NAME_OPENED
  OS_W2K8R2
  SM_MEDIACENTER
  VFT2_FONT_RASTER
  PROCESS_QUERY_INFORMATION
  SECTION_MAP_EXECUTE_EXPLICIT
  PSMALL_RECT
  SetConsoleWindowInfo
  PRODUCT_MEDIUMBUSINESS_SERVER_MANAGEMENT
  GetFileVersionInfo
  EXCEPTION_ILLEGAL_INSTRUCTION
  TerminateThread
  OpenMutex
  LookupAccountSid = GuessStringType(LookupAccountSidA, LookupAc...
  SM_CXFIXEDFRAME
  NTDDI_VISTASP1
  _LDT_ENTRY_BYTES_
  WOW64_SIZE_OF_80387_REGISTERS
  FILE_ATTRIBUTE_DIRECTORY
  HKEY_PERFORMANCE_DATA = 2147483652
  VER_SERVICEPACKMINOR
  VFT2_DRV_PRINTER
  NTDDI_WINNT4
  SERVICE_CONTROL_NETBINDDISABLE = 10
  TokenImpersonation = 2
  BACKGROUND_BLACK
  LookupPrivilegeName = GuessStringType(LookupPrivilegeNameA, Lo...
  THREAD_SET_INFORMATION
  STARTUPINFOW
  LoadLibrary
  GetFullPathName
  GetProductInfo
  TokenLogonSid = 28
  SE_LOAD_DRIVER_NAME = 'SeLoadDriverPrivilege'
  STD_ERROR_HANDLE
  STATUS_FLOAT_DENORMAL_OPERAND
  PROCESS_SUSPEND_RESUME
  PROC_THREAD_ATTRIBUTE_IDEAL_PROCESSOR
  OSVERSIONINFOEXW
  GetProcessIdOfThread
  OSVERSIONINFOEXA
  PRODUCT_SERVER_FOUNDATION
  NULL = None
hash(x)
  SEM_NOALIGNMENTFAULTEXCEPT
  VER_SUITENAME
  Wow64EnableWow64FsRedirection
  MAXIMUM_SUPPORTED_EXTENSION
  SERVICE_WIN32_SHARE_PROCESS = 32
  VER_BUILDNUMBER
  OS_W2K
  PROC_THREAD_ATTRIBUTE_UMS_THREAD
  Context
  BACKGROUND_GREEN
  SPVERSION_MASK
  CREATE_PROTECTED_PROCESS
  ERROR_NO_MORE_ITEMS = 259
  WTS_CURRENT_SERVER_HANDLE = 0
  WTS_CURRENT_SESSION = 1
  WTSInitialProgram = 0
  WTSApplicationName = 1
  WTSWorkingDirectory = 2
  WTSOEMId = 3
  WTSSessionId = 4
  WTSUserName = 5
  WTSWinStationName = 6
  WTSDomainName = 7
  WTSConnectState = 8
  WTSClientBuildNumber = 9
  WTSClientName = 10
  WTSClientDirectory = 11
  WTSClientProductId = 12
  WTSClientHardwareId = 13
  WTSClientAddress = 14
  WTSClientDisplay = 15
  WTSClientProtocolType = 16
  WTSIdleTime = 17
  WTSLogonTime = 18
  WTSIncomingBytes = 19
  WTSOutgoingBytes = 20
  WTSIncomingFrames = 21
  WTSOutgoingFrames = 22
  WTSClientInfo = 23
  WTSSessionInfo = 24
  WTSSessionInfoEx = 25
  WTSConfigInfo = 26
  WTSValidationInfo = 27
  WTSSessionAddressV4 = 28
  WTSIsRemoteSession = 29
  WTSActive = 0
  WTSConnected = 1
  WTSConnectQuery = 2
  WTSShadow = 3
  WTSDisconnected = 4
  WTSIdle = 5
  WTSListen = 6
  WTSReset = 7
  WTSDown = 8
  WTSInit = 9
  WTSEnumerateProcesses = DefaultStringType(WTSEnumerateProcesse...
  _all = set(['PWTS_CLIENT_DISPLAY', 'PWTS_PROCESS_INFOA', 'PWTS...
  __package__ = 'winappdbg.win32'
  _x = 'WTSShadow'
Variables Details [hide private]

__revision__

Value:
'$Id: wtsapi32.py 1299 2013-12-20 09:30:55Z qvasimodo $'

LookupPrivilegeValue

Value:
GuessStringType(LookupPrivilegeValueA, LookupPrivilegeValueW)

RegDeleteValue

Value:
GuessStringType(RegDeleteValueA, RegDeleteValueW)

CreateProcessWithLogon

Value:
DefaultStringType(CreateProcessWithLogonA, CreateProcessWithLogonW)

EnumServicesStatus

Value:
DefaultStringType(EnumServicesStatusA, EnumServicesStatusW)

GetServiceKeyName

Value:
GuessStringType(GetServiceKeyNameA, GetServiceKeyNameW)

RegQueryValueEx

Value:
GuessStringType(RegQueryValueExA, RegQueryValueExW)

SE_TRUSTED_CREDMAN_ACCESS_NAME

Value:
'SeTrustedCredManAccessPrivilege'

RegConnectRegistry

Value:
GuessStringType(RegConnectRegistryA, RegConnectRegistryW)

RegDeleteKeyValue

Value:
GuessStringType(RegDeleteKeyValueA, RegDeleteKeyValueW)

CreateProcessAsUser

Value:
GuessStringType(CreateProcessAsUserA, CreateProcessAsUserW)

ConvertStringSidToSid

Value:
GuessStringType(ConvertStringSidToSidA, ConvertStringSidToSidW)

GetServiceDisplayName

Value:
GuessStringType(GetServiceDisplayNameA, GetServiceDisplayNameW)

EnumServicesStatusEx

Value:
DefaultStringType(EnumServicesStatusExA, EnumServicesStatusExW)

CreateProcessWithToken

Value:
DefaultStringType(CreateProcessWithTokenA, CreateProcessWithTokenW)

RegDeleteKeyEx

Value:
GuessStringType(RegDeleteKeyExA, RegDeleteKeyExW)

ConvertSidToStringSid

Value:
DefaultStringType(ConvertSidToStringSidA, ConvertSidToStringSidW)

LookupAccountSid

Value:
GuessStringType(LookupAccountSidA, LookupAccountSidW)

LookupPrivilegeName

Value:
GuessStringType(LookupPrivilegeNameA, LookupPrivilegeNameW)

WTSEnumerateProcesses

Value:
DefaultStringType(WTSEnumerateProcessesA, WTSEnumerateProcessesW)

_all

Value:
set(['PWTS_CLIENT_DISPLAY',
     'PWTS_PROCESS_INFOA',
     'PWTS_PROCESS_INFOW',
     'ProcessIdToSessionId',
     'WTSActive',
     'WTSApplicationName',
     'WTSClientAddress',
     'WTSClientBuildNumber',
...

   Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Generated by Epydoc 3.0.1 on Fri Dec 20 17:54:48 2013 http://epydoc.sourceforge.net