prefix
windows - What is the significance of the Ki and Ke prefixes
Windows API Function Naming Convention
<Prefix><Operation><Object>: NtCloseHandle
NT: new tech
Zw: 无意义,相对NT来说,少了一些检查,因此效率更高
Ldr: loader
Ki: Kernel Internal
Ke: kernel
Rtl: run time library
Psp: process support internal/private
Coding Style Conventions - Win32 apps | Microsoft Learn
dw: DWORD
cb: Count of bytes
lp: LPVOID
f: flag
sz: string end with zero \x00
BSOD: blue screen of death