ntcruft.h

   1
   2 typedef struct {
   3         HANDLE Section;
   4         PVOID MappedBase;
   5         PVOID ImageBase;
   6         ULONG ImageSize;
   7         ULONG Flags;
   8         USHORT LoadOrderIndex;
   9         USHORT InitOrderIndex;
  10         USHORT LoadCount;
  11         USHORT OffsetToFileName;
  12         UCHAR FullPathName[256];
  13 } RTL_PROCESS_MODULE_INFORMATION;
  14 typedef struct {
  15         ULONG NumberOfModules;
  16         RTL_PROCESS_MODULE_INFORMATION Modules[1];
  17 } RTL_PROCESS_MODULES;
  18
  19 typedef struct {
  20         PVOID QueryRoutine;
  21         ULONG Flags;
  22         PCWSTR Name;
  23         PVOID EntryContext;
  24         ULONG DefaultType;
  25         PVOID DefaultData;
  26         ULONG DefaultLength;
  27 } RTL_QUERY_REGISTRY_TABLE;
  28
  29 NTSTATUS NTAPI NtLoadDriver(PUNICODE_STRING);
  30 NTSTATUS NTAPI NtUnloadDriver(PUNICODE_STRING);
  31 NTSTATUS NTAPI RtlCreateRegistryKey(ULONG,PWSTR);
  32 NTSTATUS NTAPI RtlWriteRegistryValue(ULONG,PCWSTR,PCWSTR,ULONG,PVOID,ULONG);
  33 NTSTATUS NTAPI NtOpenKey(PHANDLE,ACCESS_MASK,POBJECT_ATTRIBUTES);
  34 NTSTATUS NTAPI NtDeleteKey(HANDLE);
  35 NTSTATUS NTAPI RtlAdjustPrivilege(ULONG,BOOLEAN,BOOLEAN,PBOOLEAN);
  36
  37