📄 native.pas
字号:
StateStandby,
StateTerminated,
StateWait,
StateTransition,
StateUnknown);
_SYSTEM_THREADS = record
KernelTime: LARGE_INTEGER;
UserTime: LARGE_INTEGER;
CreateTime: LARGE_INTEGER;
WaitTime: ULONG;
StartAddress: PVOID;
ClientId: CLIENT_ID;
Priority: KPRIORITY;
BasePriority: KPRIORITY;
ContextSwitchCount: ULONG;
State: THREAD_STATE;
WaitReason: KWAIT_REASON;
end;
SYSTEM_THREADS = _SYSTEM_THREADS;
PSYSTEM_THREADS = ^SYSTEM_THREADS;
TSystemThreads = SYSTEM_THREADS;
PSystemThreads = PSYSTEM_THREADS;
_SYSTEM_PROCESSES = record // Information Class 5
NextEntryDelta: ULONG;
ThreadCount: ULONG;
Reserved1: array [0..5] of ULONG;
CreateTime: LARGE_INTEGER;
UserTime: LARGE_INTEGER;
KernelTime: LARGE_INTEGER;
ProcessName: UNICODE_STRING;
BasePriority: KPRIORITY;
ProcessId: ULONG;
InheritedFromProcessId: ULONG;
HandleCount: ULONG;
// next two were Reserved2: array [0..1] of ULONG; thanks to Nico Bendlin
SessionId: ULONG;
Reserved2: ULONG;
VmCounters: VM_COUNTERS;
IoCounters: IO_COUNTERSEX; // Windows 2000 only
Threads: array [0..0] of SYSTEM_THREADS;
end;
SYSTEM_PROCESSES = _SYSTEM_PROCESSES;
PSYSTEM_PROCESSES = ^SYSTEM_PROCESSES;
TSystemProcesses = SYSTEM_PROCESSES;
PSystemProcesses = PSYSTEM_PROCESSES;
_SYSTEM_CALLS_INFORMATION = record // Information Class 6
Size: ULONG;
NumberOfDescriptorTables: ULONG;
NumberOfRoutinesInTable: array [0..0] of ULONG;
// ULONG CallCounts[];
end;
SYSTEM_CALLS_INFORMATION = _SYSTEM_CALLS_INFORMATION;
PSYSTEM_CALLS_INFORMATION = ^SYSTEM_CALLS_INFORMATION;
_SYSTEM_CONFIGURATION_INFORMATION = record // Information Class 7
DiskCount: ULONG;
FloppyCount: ULONG;
CdRomCount: ULONG;
TapeCount: ULONG;
SerialCount: ULONG;
ParallelCount: ULONG;
end;
SYSTEM_CONFIGURATION_INFORMATION = _SYSTEM_CONFIGURATION_INFORMATION;
PSYSTEM_CONFIGURATION_INFORMATION = ^SYSTEM_CONFIGURATION_INFORMATION;
_SYSTEM_PROCESSOR_TIMES = record // Information Class 8
IdleTime: LARGE_INTEGER;
KernelTime: LARGE_INTEGER;
UserTime: LARGE_INTEGER;
DpcTime: LARGE_INTEGER;
InterruptTime: LARGE_INTEGER;
InterruptCount: ULONG;
end;
SYSTEM_PROCESSOR_TIMES = _SYSTEM_PROCESSOR_TIMES;
PSYSTEM_PROCESSOR_TIMES = ^SYSTEM_PROCESSOR_TIMES;
_SYSTEM_GLOBAL_FLAG = record // Information Class 9
GlobalFlag: ULONG;
end;
SYSTEM_GLOBAL_FLAG = _SYSTEM_GLOBAL_FLAG;
PSYSTEM_GLOBAL_FLAG = ^SYSTEM_GLOBAL_FLAG;
_SYSTEM_MODULE_INFORMATION = record // Information Class 11
Reserved: array [0..1] of ULONG;
Base: PVOID;
Size: ULONG;
Flags: ULONG;
Index: USHORT;
Unknown: USHORT;
LoadCount: USHORT;
ModuleNameOffset: USHORT;
ImageName: array [0..255] of CHAR;
end;
SYSTEM_MODULE_INFORMATION = _SYSTEM_MODULE_INFORMATION;
PSYSTEM_MODULE_INFORMATION = ^SYSTEM_MODULE_INFORMATION;
TSystemModuleInformation = SYSTEM_MODULE_INFORMATION;
PSystemModuleInformation = PSYSTEM_MODULE_INFORMATION;
_SYSTEM_LOCK_INFORMATION = record // Information Class 12
Address: PVOID;
Type_: USHORT;
Reserved1: USHORT;
ExclusiveOwnerThreadId: ULONG;
ActiveCount: ULONG;
ContentionCount: ULONG;
Reserved2: array [0..1] of ULONG;
NumberOfSharedWaiters: ULONG;
NumberOfExclusiveWaiters: ULONG;
end;
SYSTEM_LOCK_INFORMATION = _SYSTEM_LOCK_INFORMATION;
PSYSTEM_LOCK_INFORMATION = ^SYSTEM_LOCK_INFORMATION;
_SYSTEM_HANDLE_TABLE_ENTRY_INFO = record
UniqueProcessId: ULONG;
ObjectTypeIndex: UCHAR;
HandleAttributes: UCHAR;
HandleValue: USHORT;
Object_: PVOID;
GrantedAccess: ULONG;
end;
SYSTEM_HANDLE_TABLE_ENTRY_INFO = _SYSTEM_HANDLE_TABLE_ENTRY_INFO;
PSYSTEM_HANDLE_TABLE_ENTRY_INFO = ^SYSTEM_HANDLE_TABLE_ENTRY_INFO;
_SYSTEM_HANDLE_INFORMATION = record // Information Class 16
NumberOfHandles: ULONG;
Handles: array [0..1] of SYSTEM_HANDLE_TABLE_ENTRY_INFO;
end;
SYSTEM_HANDLE_INFORMATION = _SYSTEM_HANDLE_INFORMATION;
PSYSTEM_HANDLE_INFORMATION = ^SYSTEM_HANDLE_INFORMATION;
_SYSTEM_OBJECT_TYPE_INFORMATION = record // Information Class 17
NextEntryOffset: ULONG;
ObjectCount: ULONG;
HandleCount: ULONG;
TypeNumber: ULONG;
InvalidAttributes: ULONG;
GenericMapping: GENERIC_MAPPING;
ValidAccessMask: ACCESS_MASK;
PoolType: POOL_TYPE;
Unknown: UCHAR;
Name: UNICODE_STRING;
end;
SYSTEM_OBJECT_TYPE_INFORMATION = _SYSTEM_OBJECT_TYPE_INFORMATION;
PSYSTEM_OBJECT_TYPE_INFORMATION = ^SYSTEM_OBJECT_TYPE_INFORMATION;
_SYSTEM_OBJECT_INFORMATION = record
NextEntryOffset: ULONG;
Object_: PVOID;
CreatorProcessId: ULONG;
Unknown: USHORT;
Flags: USHORT;
PointerCount: ULONG;
HandleCount: ULONG;
PagedPoolUsage: ULONG;
NonPagedPoolUsage: ULONG;
ExclusiveProcessId: ULONG;
SecurityDescriptor: PSECURITY_DESCRIPTOR;
Name: UNICODE_STRING;
end;
SYSTEM_OBJECT_INFORMATION = _SYSTEM_OBJECT_INFORMATION;
PSYSTEM_OBJECT_INFORMATION = ^SYSTEM_OBJECT_INFORMATION;
_SYSTEM_PAGEFILE_INFORMATION = record // Information Class 18
NextEntryOffset: ULONG;
CurrentSize: ULONG;
TotalUsed: ULONG;
PeakUsed: ULONG;
FileName: UNICODE_STRING;
end;
SYSTEM_PAGEFILE_INFORMATION = _SYSTEM_PAGEFILE_INFORMATION;
PSYSTEM_PAGEFILE_INFORMATION = ^SYSTEM_PAGEFILE_INFORMATION;
TSystemPageFileInformation = SYSTEM_PAGEFILE_INFORMATION;
PSystemPageFileInformation = PSYSTEM_PAGEFILE_INFORMATION;
_SYSTEM_INSTRUCTION_EMULATION_INFORMATION = record // Info Class 19
GenericInvalidOpcode: ULONG;
TwoByteOpcode: ULONG;
ESprefix: ULONG;
CSprefix: ULONG;
SSprefix: ULONG;
DSprefix: ULONG;
FSPrefix: ULONG;
GSprefix: ULONG;
OPER32prefix: ULONG;
ADDR32prefix: ULONG;
INSB: ULONG;
INSW: ULONG;
OUTSB: ULONG;
OUTSW: ULONG;
PUSHFD: ULONG;
POPFD: ULONG;
INTnn: ULONG;
INTO: ULONG;
IRETD: ULONG;
FloatingPointOpcode: ULONG;
INBimm: ULONG;
INWimm: ULONG;
OUTBimm: ULONG;
OUTWimm: ULONG;
INB: ULONG;
INW: ULONG;
OUTB: ULONG;
OUTW: ULONG;
LOCKprefix: ULONG;
REPNEprefix: ULONG;
REPprefix: ULONG;
CLI: ULONG;
STI: ULONG;
HLT: ULONG;
end;
SYSTEM_INSTRUCTION_EMULATION_INFORMATION = _SYSTEM_INSTRUCTION_EMULATION_INFORMATION;
PSYSTEM_INSTRUCTION_EMULATION_INFORMATION = ^SYSTEM_INSTRUCTION_EMULATION_INFORMATION;
_SYSTEM_CACHE_INFORMATION = record // Information Class 21
SystemCacheWsSize: ULONG;
SystemCacheWsPeakSize: ULONG;
SystemCacheWsFaults: ULONG;
SystemCacheWsMinimum: ULONG;
SystemCacheWsMaximum: ULONG;
TransitionSharedPages: ULONG;
TransitionSharedPagesPeak: ULONG;
Reserved: array [0..1] of ULONG;
end;
SYSTEM_CACHE_INFORMATION = _SYSTEM_CACHE_INFORMATION;
PSYSTEM_CACHE_INFORMATION = ^SYSTEM_CACHE_INFORMATION;
_SYSTEM_POOL_TAG_INFORMATION = record // Information Class 22
Tag: array [0..3] of CHAR;
PagedPoolAllocs: ULONG;
PagedPoolFrees: ULONG;
PagedPoolUsage: ULONG;
NonPagedPoolAllocs: ULONG;
NonPagedPoolFrees: ULONG;
NonPagedPoolUsage: ULONG;
end;
SYSTEM_POOL_TAG_INFORMATION = _SYSTEM_POOL_TAG_INFORMATION;
PSYSTEM_POOL_TAG_INFORMATION = ^SYSTEM_POOL_TAG_INFORMATION;
_SYSTEM_PROCESSOR_STATISTICS = record // Information Class 23
ContextSwitches: ULONG;
DpcCount: ULONG;
DpcRequestRate: ULONG;
TimeIncrement: ULONG;
DpcBypassCount: ULONG;
ApcBypassCount: ULONG;
end;
SYSTEM_PROCESSOR_STATISTICS = _SYSTEM_PROCESSOR_STATISTICS;
PSYSTEM_PROCESSOR_STATISTICS = ^SYSTEM_PROCESSOR_STATISTICS;
_SYSTEM_DPC_INFORMATION = record // Information Class 24
Reserved: ULONG;
MaximumDpcQueueDepth: ULONG;
MinimumDpcRate: ULONG;
AdjustDpcThreshold: ULONG;
IdealDpcRate: ULONG;
end;
SYSTEM_DPC_INFORMATION = _SYSTEM_DPC_INFORMATION;
PSYSTEM_DPC_INFORMATION = ^SYSTEM_DPC_INFORMATION;
_SYSTEM_LOAD_IMAGE = record // Information Class 26
ModuleName: UNICODE_STRING;
ModuleBase: PVOID;
Unknown: PVOID;
EntryPoint: PVOID;
ExportDirectory: PVOID;
end;
SYSTEM_LOAD_IMAGE = _SYSTEM_LOAD_IMAGE;
PSYSTEM_LOAD_IMAGE = ^SYSTEM_LOAD_IMAGE;
_SYSTEM_UNLOAD_IMAGE = record // Information Class 27
ModuleBase: PVOID;
end;
SYSTEM_UNLOAD_IMAGE = _SYSTEM_UNLOAD_IMAGE;
PSYSTEM_UNLOAD_IMAGE = ^SYSTEM_UNLOAD_IMAGE;
_SYSTEM_QUERY_TIME_ADJUSTMENT = record // Information Class 28
TimeAdjustment: ULONG;
MaximumIncrement: ULONG;
TimeSynchronization: ByteBool;
end;
SYSTEM_QUERY_TIME_ADJUSTMENT = _SYSTEM_QUERY_TIME_ADJUSTMENT;
PSYSTEM_QUERY_TIME_ADJUSTMENT = ^SYSTEM_QUERY_TIME_ADJUSTMENT;
_SYSTEM_SET_TIME_ADJUSTMENT = record // Information Class 28
TimeAdjustment: ULONG;
TimeSynchronization: ByteBool;
end;
SYSTEM_SET_TIME_ADJUSTMENT = _SYSTEM_SET_TIME_ADJUSTMENT;
PSYSTEM_SET_TIME_ADJUSTMENT = ^SYSTEM_SET_TIME_ADJUSTMENT;
_SYSTEM_CRASH_DUMP_INFORMATION = record // Information Class 32
CrashDumpSectionHandle: HANDLE;
Unknown: HANDLE; // Windows 2000 only
end;
SYSTEM_CRASH_DUMP_INFORMATION = _SYSTEM_CRASH_DUMP_INFORMATION;
PSYSTEM_CRASH_DUMP_INFORMATION = ^SYSTEM_CRASH_DUMP_INFORMATION;
_SYSTEM_EXCEPTION_INFORMATION = record // Information Class 33
AlignmentFixupCount: ULONG;
ExceptionDispatchCount: ULONG;
FloatingEmulationCount: ULONG;
Reserved: ULONG;
end;
SYSTEM_EXCEPTION_INFORMATION = _SYSTEM_EXCEPTION_INFORMATION;
PSYSTEM_EXCEPTION_INFORMATION = ^SYSTEM_EXCEPTION_INFORMATION;
_SYSTEM_CRASH_STATE_INFORMATION = record // Information Class 34
ValidCrashDump: ULONG;
Unknown: ULONG; // Windows 2000 only
end;
SYSTEM_CRASH_STATE_INFORMATION = _SYSTEM_CRASH_STATE_INFORMATION;
PSYSTEM_CRASH_STATE_INFORMATION = ^SYSTEM_CRASH_STATE_INFORMATION;
_SYSTEM_KERNEL_DEBUGGER_INFORMATION = record // Information Class 35
DebuggerEnabled: ByteBool;
DebuggerNotPresent: ByteBool;
end;
SYSTEM_KERNEL_DEBUGGER_INFORMATION = _SYSTEM_KERNEL_DEBUGGER_INFORMATION;
PSYSTEM_KERNEL_DEBUGGER_INFORMATION = ^SYSTEM_KERNEL_DEBUGGER_INFORMATION;
_SYSTEM_CONTEXT_SWITCH_INFORMATION = record // Information Class 36
ContextSwitches: ULONG;
ContextSwitchCounters: array [0..10] of ULONG;
end;
SYSTEM_CONTEXT_SWITCH_INFORMATION = _SYSTEM_CONTEXT_SWITCH_INFORMATION;
PSYSTEM_CONTEXT_SWITCH_INFORMATION = ^SYSTEM_CONTEXT_SWITCH_INFORMATION;
_SYSTEM_REGISTRY_QUOTA_INFORMATION = record // Information Class 37
RegistryQuota: ULONG;
RegistryQuotaInUse: ULONG;
PagedPoolSize: ULONG;
end;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -