Windows XPにあって 2000にない関数(ntoskrnl.exe編)

* ExAcquireRundownProtection
* ExAcquireRundownProtectionEx
* ExInitializeRundownProtection
* ExReInitializeRundownProtection
* ExReleaseRundownProtection
* ExReleaseRundownProtectionEx
* ExRundownCompleted
* ExWaitForRundownProtectionRelease
ExfAcquirePushLockExclusive
ExfAcquirePushLockShared
* ExfInterlockedCompareExchange64
ExfReleasePushLock
HalExamineMBR
* InterlockedPopEntrySList
* InterlockedPushEntrySList
IoAssignDriveLetters
IoReadPartitionTable
IoSetPartitionInformation
IoWritePartitionTable
* KeAcquireInStackQueuedSpinLockAtDpcLevel
* KeReleaseInStackQueuedSpinLockFromDpcLevel
WmiGetClock
CcMdlWriteAbort
CmRegisterCallback
CmUnRegisterCallback
DbgPrintEx
DbgQueryDebugFilterState
DbgSetDebugFilterState
* ExGetCurrentProcessorCounts
* ExGetCurrentProcessorCpuUsage
ExVerifySuite
FsRtlIncrementCcFastReadNoWait
FsRtlIncrementCcFastReadNotPossible
FsRtlIncrementCcFastReadResourceMiss
FsRtlIncrementCcFastReadWait
HeadlessDispatch
IoCreateDisk
IoCreateStreamFileObjectEx
IoCsqInitialize
IoCsqInsertIrp
IoCsqRemoveIrp
IoCsqRemoveNextIrp
IoForwardAndCatchIrp
IoForwardIrpSynchronously
IoFreeErrorLogEntry
IoInitializeCrashDump
IoQueryFileDosDeviceName
IoReadDiskSignature
IoReadPartitionTableEx
* IoSetCompletionRoutineEx
IoSetPartitionInformationEx
IoSetStartIoAttributes
IoSetSystemPartition
IoValidateDeviceIoControlAccess
IoVerifyPartitionTable
IoWMIDeviceObjectToInstanceName
IoWMIExecuteMethod
IoWMIHandleToInstanceName
IoWMIOpenBlock
IoWMIQueryAllData
IoWMIQueryAllDataMultiple
IoWMIQuerySingleInstance
IoWMIQuerySingleInstanceMultiple
IoWMISetNotificationCallback
IoWMISetSingleInstance
IoWMISetSingleItem
IoWritePartitionTableEx
KdPowerTransition
KeAcquireInterruptSpinLock
KeAreApcsDisabled
KeCapturePersistentThreadState
KeDeregisterBugCheckReasonCallback
* KeFlushQueuedDpcs
KeGetRecommendedSharedDataAlignment
* KeIsAttachedProcess
KeQueryRuntimeThread
KeRegisterBugCheckReasonCallback
KeReleaseInterruptSpinLock
KeRemoveByKeyDeviceQueueIfBusy
KeRemoveSystemServiceTable
MmAdvanceMdl
MmMarkPhysicalMemoryAsBad
MmMarkPhysicalMemoryAsGood
MmPrefetchPages
MmProtectMdlSystemAddress
NtMakePermanentObject
NtOpenProcessTokenEx
NtOpenThread
NtOpenThreadToken
NtOpenThreadTokenEx
NtQueryInformationThread
NtShutdownSystem
NtTraceEvent
ObCloseHandle
ObDereferenceSecurityDescriptor
ObIsDosDeviceLocallyMapped
ObLogSecurityDescriptor
ObReferenceSecurityDescriptor
ObSetHandleAttributes
ObSetSecurityObjectByPointer
PoQueueShutdownWorkItem
PoRequestShutdownEvent
PsChargeProcessNonPagedPoolQuota
PsChargeProcessPagedPoolQuota
PsChargeProcessPoolQuota
PsDereferenceImpersonationToken
PsDereferencePrimaryToken
PsGetContextThread
* PsGetCurrentProcess
* PsGetCurrentProcessSessionId
* PsGetCurrentThread
PsGetCurrentThreadPreviousMode
* PsGetCurrentThreadStackBase
* PsGetCurrentThreadStackLimit
* PsGetJobLock
* PsGetJobSessionId
* PsGetJobUIRestrictionsClass
* PsGetProcessCreateTimeQuadPart
* PsGetProcessDebugPort
* PsGetProcessExitProcessCalled
* PsGetProcessExitStatus
* PsGetProcessInheritedFromUniqueProcessId
* PsGetProcessJob
* PsGetProcessPeb
* PsGetProcessPriorityClass
* PsGetProcessSectionBaseAddress
* PsGetProcessSecurityPort
* PsGetProcessSessionId
* PsGetProcessWin32Process
* PsGetProcessWin32WindowStation
* PsGetThreadFreezeCount
* PsGetThreadHardErrorsAreDisabled
* PsGetThreadId
* PsGetThreadProcess
* PsGetThreadProcessId
* PsGetThreadSessionId
* PsGetThreadTeb
PsGetThreadWin32Thread
* PsIsProcessBeingDebugged
PsIsSystemThread
PsIsThreadImpersonating
PsRemoveCreateThreadNotifyRoutine
PsRemoveLoadImageNotifyRoutine
PsReturnProcessNonPagedPoolQuota
PsReturnProcessPagedPoolQuota
PsRevertThreadToSelf
PsSetContextThread
PsSetJobUIRestrictionsClass
* PsSetProcessPriorityClass
* PsSetProcessSecurityPort
* PsSetProcessWin32Process
* PsSetProcessWindowStation
* PsSetThreadHardErrorsAreDisabled
* PsSetThreadWin32Thread
* RtlClearBit
RtlCreateSystemVolumeInformationFolder
RtlDeleteElementGenericTableAvl
RtlEnumerateGenericTableAvl
RtlEnumerateGenericTableLikeADirectory
RtlEnumerateGenericTableWithoutSplayingAvl
RtlGetElementGenericTableAvl
RtlGetSetBootStatusData
* RtlGetVersion
RtlHashUnicodeString
RtlInitializeGenericTableAvl
RtlInsertElementGenericTableAvl
RtlInsertElementGenericTableFullAvl
* RtlInt64ToUnicodeString
* RtlIntegerToUnicode
* RtlIpv4AddressToStringA
* RtlIpv4AddressToStringExA
* RtlIpv4AddressToStringExW
* RtlIpv4AddressToStringW
* RtlIpv4StringToAddressA
* RtlIpv4StringToAddressExA
* RtlIpv4StringToAddressExW
* RtlIpv4StringToAddressW
* RtlIpv6AddressToStringA
* RtlIpv6AddressToStringExA
* RtlIpv6AddressToStringExW
* RtlIpv6AddressToStringW
* RtlIpv6StringToAddressA
* RtlIpv6StringToAddressExA
* RtlIpv6StringToAddressExW
* RtlIpv6StringToAddressW
RtlIsGenericTableEmptyAvl
RtlLockBootStatusData
RtlLookupElementGenericTableAvl
RtlLookupElementGenericTableFullAvl
RtlMapSecurityErrorToNtStatus
RtlNumberGenericTableElementsAvl
* RtlRandomEx
* RtlSetBit
* RtlTestBit
RtlTimeToElapsedTimeFields
RtlUnlockBootStatusData
* RtlVerifyVersionInfo
SeAuditingFileEventsWithContext
SeAuditingHardLinkEventsWithContext
SeFilterToken
SeTokenIsWriteRestricted
SeTokenObjectType
VerSetConditionMask
VfFailDeviceNode
VfFailDriver
VfFailSystemBIOS
VfIsVerificationEnabled
WmiFlushTrace
WmiQueryTrace
WmiQueryTraceInformation
WmiStartTrace
WmiStopTrace
WmiTraceMessage
WmiTraceMessageVa
WmiUpdateTrace
XIPDispatch
ZwAddBootEntry
ZwAssignProcessToJobObject
ZwCreateJobObject
ZwDeleteBootEntry
ZwEnumerateBootEntries
ZwIsProcessInJob
ZwOpenJobObject
ZwOpenProcessTokenEx
ZwOpenThreadTokenEx
ZwQueryBootEntryOrder
ZwQueryBootOptions
ZwQueryFullAttributesFile
ZwQueryInformationJobObject
ZwQueryInformationThread
ZwSaveKeyEx
ZwSetBootEntryOrder
ZwSetBootOptions
ZwSetInformationJobObject
ZwTerminateJobObject
ZwTranslateFilePath
* _CIcos
* _CIsin
* _CIsqrt
* _alldvrm
* _alloca_probe
* _aulldvrm
* _vsnwprintf
vDbgPrintEx
vDbgPrintExWithPrefix

*は比較的容易に実装できる関数。