| 0x117 | 未定义的访问(无效)位 7 |
Undefined Access (no effect) Bit 7 |
| 0x600 | 没有使用的消息 ID |
Unused message ID |
| 0x601 | DELETE |
DELETE |
| 0x602 | READ_CONTROL |
READ_CONTROL |
| 0x603 | WRITE_DAC |
WRITE_DAC |
| 0x604 | WRITE_OWNER |
WRITE_OWNER |
| 0x605 | SYNCHRONIZE |
SYNCHRONIZE |
| 0x606 | ACCESS_SYS_SEC |
ACCESS_SYS_SEC |
| 0x607 | MAX_ALLOWED |
MAX_ALLOWED |
| 0x610 | 指定的访问权未知(bit 0) |
Unknown specific access (bit 0) |
| 0x611 | 指定的访问权未知(bit 1) |
Unknown specific access (bit 1) |
| 0x612 | 指定的访问权未知(bit 2) |
Unknown specific access (bit 2) |
| 0x613 | 指定的访问权未知(bit 3) |
Unknown specific access (bit 3) |
| 0x614 | 指定的访问权未知(bit 4) |
Unknown specific access (bit 4) |
| 0x615 | 指定的访问权未知(bit 5) |
Unknown specific access (bit 5) |
| 0x616 | 指定的访问权未知(bit 6) |
Unknown specific access (bit 6) |
| 0x617 | 指定的访问权未知(bit 7) |
Unknown specific access (bit 7) |
| 0x618 | 指定的访问权未知(bit 8) |
Unknown specific access (bit 8) |
| 0x619 | 指定的访问权未知(bit 9) |
Unknown specific access (bit 9) |
| 0x61A | 指定的访问权未知(bit 10) |
Unknown specific access (bit 10) |
| 0x61B | 指定的访问权未知(bit 11) |
Unknown specific access (bit 11) |
| 0x61C | 指定的访问权未知(bit 12) |
Unknown specific access (bit 12) |
| 0x61D | 指定的访问权未知(bit 13) |
Unknown specific access (bit 13) |
| 0x61E | 指定的访问权未知(bit 14) |
Unknown specific access (bit 14) |
| 0x61F | 指定的访问权未知(bit 15) |
Unknown specific access (bit 15) |
| 0x641 | 未使用 |
Not used |
| 0x643 | 指派主要令牌特权 |
Assign Primary Token Privilege |
| 0x644 | 锁定内存特权 |
Lock Memory Privilege |
| 0x645 | 增加内存配额特权 |
Increase Memory Quota Privilege |
| 0x646 | 主动输入特权 |
Unsolicited Input Privilege |
| 0x647 | 受信任的计算机基本特权 |
Trusted Computer Base Privilege |
| 0x648 | 安全特权 |
Security Privilege |
| 0x649 | 获得拥有权特权 |
Take Ownership Privilege |
| 0x64A | 加载/卸载驱动程序特权 |
Load/Unload Driver Privilege |
| 0x64B | 配置文件系统特权 |
Profile System Privilege |
| 0x64C | 设置系统时间特权 |
Set System Time Privilege |
| 0x64D | 配置文件单一进程特权 |
Profile Single Process Privilege |
| 0x64E | 增加基础优先级特权 |
Increment Base Priority Privilege |
| 0x64F | 创建页面文件特权 |
Create Pagefile Privilege |
| 0x650 | 创建永久对象特权 |
Create Permanent Object Privilege |
| 0x651 | 制作备份特权 |
Backup Privilege |
| 0x652 | 从备份还原数据特权 |
Restore From Backup Privilege |
| 0x653 | 系统关机特权 |
Shutdown System Privilege |
| 0x654 | 调试特权 |
Debug Privilege |
| 0x655 | 查看或更改审核日志特权 |
View or Change Audit Log Privilege |
| 0x656 | 更改硬件环境特权 |
Change Hardware Environment Privilege |
| 0x657 | 更改通知(及遍历)特权 |
Change Notify (and Traverse) Privilege |
| 0x658 | 远程系统关机特权 |
Remotely Shut System Down Privilege |
| 0x700 | |
|
| 0x703 | 已启用 |
Enabled |
| 0x704 | 已禁用 |
Disabled |
| 0x705 | 全部 |
All |
| 0x706 | 无 |
None |
| 0x707 | 审核策略查询/设置 API 操作 |
Audit Policy query/set API Operation |
| 0x709 | 授权者 |
Granted by |
| 0x70A | 拒绝者 |
Denied by |
| 0x70B | 通过完整性策略检查拒绝 |
Denied by Integrity Policy check |
| 0x70C | 通过所有权授权 |
Granted by Ownership |
| 0x70D | 未授予 |
Not granted |
| 0x70E | 通过 NULL DACL 授权 |
Granted by NULL DACL |
| 0x70F | 通过空 DACL 拒绝 |
Denied by Empty DACL |
| 0x710 | 通过 NULL 安全描述符授权 |
Granted by NULL Security Descriptor |
| 0x711 | 未知或未检查 |
Unknown or unchecked |
| 0x712 | 由于丢失而未授予权限 |
Not granted due to missing |
| 0x713 | 在父文件夹上由 ACE 授予权限 |
Granted by ACE on parent folder |
| 0x714 | 在父文件夹上由 ACE 拒绝 |
Denied by ACE on parent folder |
| 0x715 | 已由中心访问规则授予 |
Granted by Central Access Rule |
| 0x716 | 未由中心访问规则授予 |
NOT Granted by Central Access Rule |
| 0x717 | 已由父文件夹的中心访问规则授予 |
Granted by parent folder's Central Access Rule |
| 0x718 | 未由父文件夹的中心访问规则授予 |
NOT Granted by parent folder's Central Access Rule |
| 0x719 | 未知类型 |
Unknown Type |
| 0x71A | 字符串 |
String |
| 0x71B | 无符号 64 位整数 |
Unsigned 64-bit Integer |
| 0x71C | 64 位整数 |
64-bit Integer |
| 0x71D | FQBN |
FQBN |
| 0x71E | Blob |
Blob |
| 0x71F | Sid |
Sid |
| 0x720 | 布尔型 |
Boolean |
| 0x721 | True |
True |
| 0x722 | False |
False |
| 0x723 | 无效 |
Invalid |
| 0x724 | ACE 过长,无法显示 |
an ACE too long to display |
| 0x725 | 安全描述符过长,无法显示 |
a Security Descriptor too long to display |
| 0x726 | 未授予 AppContainers |
Not granted to AppContainers |
| 0x727 | ... |
... |
| 0x728 | 标识 |
Identification |
| 0x729 | 模拟 |
Impersonation |
| 0x730 | 委派 |
Delegation |
| 0x731 | 已被进程信任标签 ACE 拒绝 |
Denied by Process Trust Label ACE |
| 0x732 | 是 |
Yes |
| 0x733 | 否 |
No |
| 0x734 | 系统 |
System |
| 0x735 | 不可用 |
Not Available |
| 0x736 | 默认 |
Default |
| 0x737 | DisallowMmConfig |
DisallowMmConfig |
| 0x738 | 关 |
Off |
| 0x739 | 自动 |
Auto |
| 0x740 | 被访问筛选器 ACE 拒绝 |
Denied by Access Filter Ace |
| 0x750 | REG_NONE |
REG_NONE |
| 0x751 | REG_SZ |
REG_SZ |
| 0x752 | REG_EXPAND_SZ |
REG_EXPAND_SZ |
| 0x753 | REG_BINARY |
REG_BINARY |
| 0x754 | REG_DWORD |
REG_DWORD |
| 0x755 | REG_DWORD_BIG_ENDIAN |
REG_DWORD_BIG_ENDIAN |
| 0x756 | REG_LINK |
REG_LINK |
| 0x757 | REG_MULTI_SZ (New lines are replaced with *. A * is replaced with **) |
REG_MULTI_SZ (New lines are replaced with *. A * is replaced with **) |
| 0x758 | REG_RESOURCE_LIST |
REG_RESOURCE_LIST |
| 0x759 | REG_FULL_RESOURCE_DESCRIPTOR |
REG_FULL_RESOURCE_DESCRIPTOR |
| 0x75A | REG_RESOURCE_REQUIREMENTS_LIST |
REG_RESOURCE_REQUIREMENTS_LIST |
| 0x75B | REG_QWORD |
REG_QWORD |
| 0x770 | 已新建注册表值 |
New registry value created |
| 0x771 | 已修改现有注册表值 |
Existing registry value modified |
| 0x772 | 已删除注册表值 |
Registry value deleted |
| 0x780 | 星期日 |
Sunday |
| 0x781 | 星期一 |
Monday |
| 0x782 | 星期二 |
Tuesday |
| 0x783 | 星期三 |
Wednesday |
| 0x784 | 星期四 |
Thursday |
| 0x785 | 星期五 |
Friday |
| 0x786 | 星期六 |
Saturday |
| 0x790 | TokenElevationTypeDefault (1) |
TokenElevationTypeDefault (1) |
| 0x791 | TokenElevationTypeFull (2) |
TokenElevationTypeFull (2) |
| 0x792 | TokenElevationTypeLimited (3) |
TokenElevationTypeLimited (3) |
| 0x800 | 启用的帐户 |
Account Enabled |
| 0x801 | '要求主目录' - 已禁用 |
'Home Directory Required' - Disabled |
| 0x802 | '不要求密码' - 已禁用 |
'Password Not Required' - Disabled |
| 0x803 | '临时重复帐户' - 已禁用 |
'Temp Duplicate Account' - Disabled |
| 0x804 | '普通帐户' - 已禁用 |
'Normal Account' - Disabled |
| 0x805 | 'MNS 登录帐户' - 已禁用 |
'MNS Logon Account' - Disabled |
| 0x806 | '域间信任帐户' - 已禁用 |
'Interdomain Trust Account' - Disabled |
| 0x807 | '工作站信任帐户' - 已禁用 |
'Workstation Trust Account' - Disabled |
| 0x808 | '服务器信任帐户' - 已禁用 |
'Server Trust Account' - Disabled |
| 0x809 | '不过期密码' - 已禁用 |
'Don't Expire Password' - Disabled |
| 0x80A | 已解锁帐户 |
Account Unlocked |
| 0x80B | '允许加密的文本密码' - 已禁用 |
'Encrypted Text Password Allowed' - Disabled |
| 0x80C | '要求智能卡' - 已禁用 |
'Smartcard Required' - Disabled |
| 0x80D | '已为委派信任' - 已禁用 |
'Trusted For Delegation' - Disabled |
| 0x80E | '未委派' - 已禁用 |
'Not Delegated' - Disabled |
| 0x80F | '仅使用 DES 密钥' - 已禁用 |
'Use DES Key Only' - Disabled |
| 0x810 | '不要求预身份验证' - 已禁用 |
'Don't Require Preauth' - Disabled |
| 0x811 | '过期的密码' - 已禁用 |
'Password Expired' - Disabled |
| 0x812 | '到委派的身份验证已信任' - 已禁用 |
'Trusted To Authenticate For Delegation' - Disabled |
| 0x813 | “排除授权信息”- 已禁用 |
'Exclude Authorization Information' - Disabled |
| 0x814 | '未定义的 UserAccountControl 位 20' - 已禁用 |
'Undefined UserAccountControl Bit 20' - Disabled |
| 0x815 | “使用 AES 密钥保护 Kerberos 服务票证”- 已禁用 |
'Protect Kerberos Service Tickets with AES Keys' - Disabled |
| 0x816 | '未定义的 UserAccountControl 位 22' - 已禁用 |
'Undefined UserAccountControl Bit 22' - Disabled |
| 0x817 | '未定义的 UserAccountControl 位 23' - 已禁用 |
'Undefined UserAccountControl Bit 23' - Disabled |
| 0x818 | '未定义的 UserAccountControl 位 24' - 已禁用 |
'Undefined UserAccountControl Bit 24' - Disabled |
| 0x819 | '未定义的 UserAccountControl 位 25' - 已禁用 |
'Undefined UserAccountControl Bit 25' - Disabled |
| 0x81A | '未定义的 UserAccountControl 位 26' - 已禁用 |
'Undefined UserAccountControl Bit 26' - Disabled |
| 0x81B | '未定义的 UserAccountControl 位 27' - 已禁用 |
'Undefined UserAccountControl Bit 27' - Disabled |
| 0x81C | '未定义的 UserAccountControl 位 28' - 已禁用 |
'Undefined UserAccountControl Bit 28' - Disabled |
| 0x81D | '未定义的 UserAccountControl 位 29' - 已禁用 |
'Undefined UserAccountControl Bit 29' - Disabled |
| 0x81E | '未定义的 UserAccountControl 位 30' - 已禁用 |
'Undefined UserAccountControl Bit 30' - Disabled |
| 0x81F | '未定义的 UserAccountControl 位 31' - 已禁用 |
'Undefined UserAccountControl Bit 31' - Disabled |
| 0x820 | 已禁用的帐户 |
Account Disabled |
| 0x821 | '要求主目录' - 已启用 |
'Home Directory Required' - Enabled |
| 0x822 | '不要求密码' - 已启用 |
'Password Not Required' - Enabled |
| 0x823 | '临时重复帐户' - 已启用 |
'Temp Duplicate Account' - Enabled |
| 0x824 | '普通帐户' - 已启用 |
'Normal Account' - Enabled |
| 0x825 | 'MNS 登录帐户' - 已启用 |
'MNS Logon Account' - Enabled |
| 0x826 | '域间信任帐户' - 已启用 |
'Interdomain Trust Account' - Enabled |
| 0x827 | '工作站信任帐户' - 已启用 |
'Workstation Trust Account' - Enabled |
| 0x828 | '服务器信任帐户' - 已启用 |
'Server Trust Account' - Enabled |
| 0x829 | '不过期密码' - 已启用 |
'Don't Expire Password' - Enabled |
| 0x82A | 已锁定帐户 |
Account Locked |
| 0x82B | '允许加密的文本密码' - 已启用 |
'Encrypted Text Password Allowed' - Enabled |
| 0x82C | '要求智能卡' - 已启用 |
'Smartcard Required' - Enabled |
| 0x82D | '已为委派信任' - 已启用 |
'Trusted For Delegation' - Enabled |
| 0x82E | '未委派' - 已启用 |
'Not Delegated' - Enabled |
| 0x82F | '仅使用 DES 密钥' - 已启用 |
'Use DES Key Only' - Enabled |
| 0x830 | '不要求预身份验证' - 已启用 |
'Don't Require Preauth' - Enabled |
| 0x831 | '过期的密码' - 已启用 |
'Password Expired' - Enabled |
| 0x832 | '到委派的身份验证已信任' - 已启用 |
'Trusted To Authenticate For Delegation' - Enabled |
| 0x833 | “排除授权信息”- 已启用 |
'Exclude Authorization Information' - Enabled |
| 0x834 | '未定义的 UserAccountControl 位 20' - 已启用 |
'Undefined UserAccountControl Bit 20' - Enabled |
| 0x835 | “使用 AES 密钥保护 Kerberos 服务票证”- 已启用 |
'Protect Kerberos Service Tickets with AES Keys' - Enabled |
| 0x836 | '未定义的 UserAccountControl 位 22' - 已启用 |
'Undefined UserAccountControl Bit 22' - Enabled |
| 0x837 | '未定义的 UserAccountControl 位 23' - 已启用 |
'Undefined UserAccountControl Bit 23' - Enabled |
| 0x838 | '未定义的 UserAccountControl 位 24' - 已启用 |
'Undefined UserAccountControl Bit 24' - Enabled |
| 0x839 | '未定义的 UserAccountControl 位 25' - 已启用 |
'Undefined UserAccountControl Bit 25' - Enabled |
| 0x83A | '未定义的 UserAccountControl 位 26' - 已启用 |
'Undefined UserAccountControl Bit 26' - Enabled |
| 0x83B | '未定义的 UserAccountControl 位 27' - 已启用 |
'Undefined UserAccountControl Bit 27' - Enabled |
| 0x83C | '未定义的 UserAccountControl 位 28' - 已启用 |
'Undefined UserAccountControl Bit 28' - Enabled |
| 0x83D | '未定义的 UserAccountControl 位 29' - 已启用 |
'Undefined UserAccountControl Bit 29' - Enabled |
| 0x83E | '未定义的 UserAccountControl 位 30' - 已启用 |
'Undefined UserAccountControl Bit 30' - Enabled |
| 0x83F | '未定义的 UserAccountControl 位 31' - 已启用 |
'Undefined UserAccountControl Bit 31' - Enabled |
| 0x900 | 登录期间出错。 |
An Error occured during Logon. |
| 0x901 | 指定的用户帐户已过期。 |
The specified user account has expired. |
| 0x902 | NetLogon 组件不处于活动状态。 |
The NetLogon component is not active. |
| 0x903 | 帐户已锁定。 |
Account locked out. |
| 0x904 | 此计算机上未授予用户请求的登录类型。 |
The user has not been granted the requested logon type at this machine. |
| 0x905 | 指定帐户的密码已过期。 |
The specified account's password has expired. |
| 0x906 | 帐户当前已禁用。 |
Account currently disabled. |
| 0x907 | 帐户登录时间限制被破坏。 |
Account logon time restriction violation. |
| 0x908 | 不允许用户登录此计算机。 |
User not allowed to logon at this computer. |
| 0x909 | 未知用户名或密码错误。 |
Unknown user name or bad password. |
| 0x90A | 域 SID 不一致。 |
Domain sid inconsistent. |
| 0x90B | 要求智能卡登录,但没有使用。 |
Smartcard logon is required and was not used. |
| 0x980 | 不可用。 |
Not Available. |
| 0x984 | 随机数生成程序失败。 |
Random number generator failure. |
| 0x985 | 随机数生成未通过 FIPS-140 预哈希检查。 |
Random number generation failed FIPS-140 pre-hash check. |
| 0x986 | 机密数据归零失败。 |
Failed to zero secret data. |
| 0x987 | 密钥未通过成对一致性检查。 |
Key failed pair wise consistency check. |
| 0x990 | 取消永久加密密钥保护失败。 |
Failed to unprotect persistent cryptographic key. |
| 0x991 | 密钥导出检查失败。 |
Key export checks failed. |
| 0x992 | 公钥验证失败。 |
Validation of public key failed. |
| 0x993 | 签名验证失败。 |
Signature verification failed. |
| 0x998 | 打开密钥文件。 |
Open key file. |
| 0x999 | 删除密钥文件。 |
Delete key file. |
| 0x99A | 从文件中读取保留的密钥。 |
Read persisted key from file. |
| 0x99B | 将保留的密钥写入文件。 |
Write persisted key to file. |
| 0x9A0 | 导出永久加密密钥。 |
Export of persistent cryptographic key. |
| 0x9A1 | 导入永久加密密钥。 |
Import of persistent cryptographic key. |
| 0x9B0 | 打开密钥。 |
Open Key. |
| 0x9B1 | 创建密钥。 |
Create Key. |
| 0x9B2 | 删除密钥。 |
Delete Key. |
| 0x9B3 | 加密。 |
Encrypt. |
| 0x9B4 | 解密。 |
Decrypt. |
| 0x9B5 | 签名哈希。 |
Sign hash. |
| 0x9B6 | 机密协议。 |
Secret agreement. |
| 0x9B7 | 域设置 |
Domain settings |
| 0x9B8 | 本地设置 |
Local settings |
| 0x9B9 | 添加提供程序。 |
Add provider. |
| 0x9BA | 删除提供程序。 |
Remove provider. |
| 0x9BB | 添加上下文。 |
Add context. |
| 0x9BC | 删除上下文。 |
Remove context. |
| 0x9BD | 添加功能。 |
Add function. |
| 0x9BE | 删除功能。 |
Remove function. |
| 0x9BF | 添加功能提供程序。 |
Add function provider. |
| 0x9C0 | 删除功能提供程序。 |
Remove function provider. |
| 0x9C1 | 添加功能属性。 |
Add function property. |
| 0x9C2 | 删除功能属性。 |
Remove function property. |
| 0x9C3 | 计算机密钥。 |
Machine key. |
| 0x9C4 | 用户密钥。 |
User key. |
| 0x9C5 | 密钥派生。 |
Key Derivation. |
| 0x1100 | 设备访问位 0 |
Device Access Bit 0 |
| 0x1101 | 设备访问 Bit 1 |
Device Access Bit 1 |
| 0x1102 | 设备访问 Bit 2 |
Device Access Bit 2 |
| 0x1103 | 设备访问 Bit 3 |
Device Access Bit 3 |
| 0x1104 | 设备访问 Bit 4 |
Device Access Bit 4 |
| 0x1105 | 设备访问 Bit 5 |
Device Access Bit 5 |
| 0x1106 | 设备访问 Bit 6 |
Device Access Bit 6 |
| 0x1107 | 设备访问 Bit 7 |
Device Access Bit 7 |
| 0x1108 | 设备访问 Bit 8 |
Device Access Bit 8 |
| 0x1109 | 未定义的访问(无效)位 9 |
Undefined Access (no effect) Bit 9 |
| 0x110A | 未定义的访问(无效)位 10 |
Undefined Access (no effect) Bit 10 |
| 0x110B | 未定义的访问(无效)位 11 |
Undefined Access (no effect) Bit 11 |
| 0x110C | 未定义的访问(无效)位 12 |
Undefined Access (no effect) Bit 12 |
| 0x110D | 未定义的访问(无效)位 13 |
Undefined Access (no effect) Bit 13 |
| 0x110E | 未定义的访问(无效)位 14 |
Undefined Access (no effect) Bit 14 |
| 0x110F | 未定义的访问(无效)位 15 |
Undefined Access (no effect) Bit 15 |
| 0x1110 | 查询目录 |
Query directory |
| 0x1111 | 遍历 |
Traverse |
| 0x1112 | 在目录下创建对象 |
Create object in directory |
| 0x1113 | 创建子目录 |
Create sub-directory |
| 0x1114 | 未定义的访问(无效)位 4 |
Undefined Access (no effect) Bit 4 |
| 0x1115 | 未定义的访问(无效)位 5 |
Undefined Access (no effect) Bit 5 |
| 0x1116 | 未定义的访问(无效)位 6 |
Undefined Access (no effect) Bit 6 |
| 0x1118 | 未定义的访问(无效)位 8 |
Undefined Access (no effect) Bit 8 |
| 0x1120 | 查询事件状态 |
Query event state |
| 0x1121 | 修改事件状态 |
Modify event state |
| 0x1122 | 未定义的访问(无效)位 2 |
Undefined Access (no effect) Bit 2 |
| 0x1123 | 未定义的访问(无效)位 3 |
Undefined Access (no effect) Bit 3 |
| 0x1140 | ReadData (或 ListDirectory) |
ReadData (or ListDirectory) |
| 0x1141 | WriteData (或 AddFile) |
WriteData (or AddFile) |
| 0x1142 | AppendData (或 AddSubdirectory 或 CreatePipeInstance) |
AppendData (or AddSubdirectory or CreatePipeInstance) |
| 0x1143 | ReadEA |
ReadEA |
| 0x1144 | WriteEA |
WriteEA |
| 0x1145 | 执行/遍历 |
Execute/Traverse |
| 0x1146 | DeleteChild |
DeleteChild |
| 0x1147 | ReadAttributes |
ReadAttributes |
| 0x1148 | WriteAttributes |
WriteAttributes |
| 0x1150 | 查询项值 |
Query key value |
| 0x1151 | 设置项值 |
Set key value |
| 0x1152 | 创建子项 |
Create sub-key |
| 0x1153 | 枚举子项 |
Enumerate sub-keys |
| 0x1154 | 对项的改动进行通知 |
Notify about changes to keys |
| 0x1155 | 创建链接 |
Create Link |
| 0x1158 | 启用 64(或 32)位应用程序以打开 64 位密钥 |
Enable 64(or 32) bit application to open 64 bit key |
| 0x1159 | 启用 64(或 32)位应用程序以打开 32 位密钥 |
Enable 64(or 32) bit application to open 32 bit key |
| 0x1160 | 查询变异状态 |
Query mutant state |
| 0x1161 | 未定义的访问(无效)位 1 |
Undefined Access (no effect) Bit 1 |
| 0x1170 | 通过端口通讯 |
Communicate using port |
| 0x1180 | 强制终止进程 |
Force process termination |
| 0x1181 | 在进程中创建线程 |
Create new thread in process |
| 0x1182 | 设置进程会话 ID |
Set process session ID |
| 0x1183 | 执行虚拟内存操作 |
Perform virtual memory operation |
| 0x1184 | 读取进程内存 |
Read from process memory |
| 0x1185 | 写入进程内存 |
Write to process memory |
| 0x1186 | 将句柄复制到进程或从过程复制句柄 |
Duplicate handle into or out of process |
| 0x1187 | 创建子进程 |
Create a subprocess of process |
| 0x1188 | 设置进程配额 |
Set process quotas |
| 0x1189 | 设置进程信息 |
Set process information |
| 0x118A | 查询进程信息 |
Query process information |
| 0x118B | 设置进程终止端口 |
Set process termination port |
| 0x1190 | 控制配置文件 |
Control profile |
| 0x11A0 | 查询节状态 |
Query section state |
| 0x11A1 | 映射节以供写入 |
Map section for write |
| 0x11A2 | 映射节以供读取 |
Map section for read |
| 0x11A3 | 映射节以供运行 |
Map section for execute |
| 0x11A4 | 扩展大小 |
Extend size |
| 0x11B0 | 查询信号灯状态 |
Query semaphore state |
| 0x11B1 | 修改信号灯状态 |
Modify semaphore state |
| 0x11C0 | 使用符号链接 |
Use symbolic link |
| 0x11D0 | 强制终止线程 |
Force thread termination |
| 0x11D1 | 暂停或恢复线程 |
Suspend or resume thread |
| 0x11D2 | 向线程发送警报 |
Send an alert to thread |
| 0x11D3 | 取得线程上下文 |
Get thread context |
| 0x11D4 | 设置线程上下文 |
Set thread context |
| 0x11D5 | 设置线程信息 |
Set thread information |
| 0x11D6 | 查询线程信息 |
Query thread information |
| 0x11D7 | 将令牌指派给线程 |
Assign a token to the thread |
| 0x11D8 | 使线程直接模拟另一线程 |
Cause thread to directly impersonate another thread |
| 0x11D9 | 直接模拟这个线程 |
Directly impersonate this thread |
| 0x11E0 | 查询计时器状态 |
Query timer state |
| 0x11E1 | 修改计时器状态 |
Modify timer state |
| 0x11F0 | AssignAsPrimary |
AssignAsPrimary |
| 0x11F1 | Duplicate |
Duplicate |
| 0x11F2 | Impersonate |
Impersonate |
| 0x11F3 | Query |
Query |
| 0x11F4 | QuerySource |
QuerySource |
| 0x11F5 | AdjustPrivileges |
AdjustPrivileges |
| 0x11F6 | AdjustGroups |
AdjustGroups |
| 0x11F7 | AdjustDefaultDacl |
AdjustDefaultDacl |
| 0x11F8 | AdjustSessionID |
AdjustSessionID |
| 0x1200 | 创建对象类型的范例 |
Create instance of object type |
| 0x1300 | 查询状态 |
Query State |
| 0x1301 | 修改状态 |
Modify State |
| 0x1400 | 频道读取消息 |
Channel read message |
| 0x1401 | 频道写入消息 |
Channel write message |
| 0x1402 | 频道查询信息 |
Channel query information |
| 0x1403 | 频道设置信息 |
Channel set information |
| 0x1410 | 指派进程 |
Assign process |
| 0x1411 | 设定属性 |
Set Attributes |
| 0x1412 | 查询属性 |
Query Attributes |
| 0x1413 | 结束作业 |
Terminate Job |
| 0x1414 | 设定安全属性 |
Set Security Attributes |
| 0x1500 | ConnectToServer |
ConnectToServer |
| 0x1501 | ShutdownServer |
ShutdownServer |
| 0x1502 | InitializeServer |
InitializeServer |
| 0x1503 | CreateDomain |
CreateDomain |
| 0x1504 | EnumerateDomains |
EnumerateDomains |
| 0x1505 | LookupDomain |
LookupDomain |
| 0x1510 | ReadPasswordParameters |
ReadPasswordParameters |
| 0x1511 | WritePasswordParameters |
WritePasswordParameters |
| 0x1512 | ReadOtherParameters |
ReadOtherParameters |
| 0x1513 | WriteOtherParameters |
WriteOtherParameters |
| 0x1514 | CreateUser |
CreateUser |
| 0x1515 | CreateGlobalGroup |
CreateGlobalGroup |
| 0x1516 | CreateLocalGroup |
CreateLocalGroup |
| 0x1517 | GetLocalGroupMembership |
GetLocalGroupMembership |
| 0x1518 | ListAccounts |
ListAccounts |
| 0x1519 | LookupIDs |
LookupIDs |
| 0x151A | AdministerServer |
AdministerServer |
| 0x1520 | ReadInformation |
ReadInformation |
| 0x1521 | WriteAccount |
WriteAccount |
| 0x1522 | AddMember |
AddMember |
| 0x1523 | RemoveMember |
RemoveMember |
| 0x1524 | ListMembers |
ListMembers |
| 0x1540 | ReadGeneralInformation |
ReadGeneralInformation |
| 0x1541 | ReadPreferences |
ReadPreferences |
| 0x1542 | WritePreferences |
WritePreferences |
| 0x1543 | ReadLogon |
ReadLogon |
| 0x1544 | ReadAccount |
ReadAccount |
| 0x1546 | ChangePassword (已知旧密码) |
ChangePassword (with knowledge of old password) |
| 0x1547 | SetPassword (不知旧密码) |
SetPassword (without knowledge of old password) |
| 0x1548 | ListGroups |
ListGroups |
| 0x1549 | ReadGroupMembership |
ReadGroupMembership |
| 0x154A | ChangeGroupMembership |
ChangeGroupMembership |
| 0x1600 | 查看非保密的策略信息 |
View non-sensitive policy information |
| 0x1601 | 查看系统审核要求 |
View system audit requirements |
| 0x1602 | 取得保密的策略信息 |
Get sensitive policy information |
| 0x1603 | 修改域信任关系 |
Modify domain trust relationships |
| 0x1604 | 创建特别帐户(用于用户权限指派) |
Create special accounts (for assignment of user rights) |
| 0x1605 | 创建机密对象 |
Create a secret object |
| 0x1606 | 创建特权 |
Create a privilege |
| 0x1607 | 设置默认的配额限制 |
Set default quota limits |
| 0x1608 | 更改系统审核要求 |
Change system audit requirements |
| 0x1609 | 管理审核日志属性 |
Administer audit log attributes |
| 0x160A | 启用/停用 LSA |
Enable/Disable LSA |
| 0x160B | 查找名称/SID |
Lookup Names/SIDs |
| 0x1610 | 更改机密值 |
Change secret value |
| 0x1611 | 查询机密值 |
Query secret value |
| 0x1620 | 查询受信域的域名/SID |
Query trusted domain name/SID |
| 0x1621 | 检索受信域内的控制器 |
Retrieve the controllers in the trusted domain |
| 0x1622 | 更改受信域内的控制器 |
Change the controllers in the trusted domain |
| 0x1623 | 查询指派给受信域的 Posix 标识偏移量 |
Query the Posix ID offset assigned to the trusted domain |
| 0x1624 | 更改指派给受信域的 Posix 标识偏移量 |
Change the Posix ID offset assigned to the trusted domain |
| 0x1630 | 查询帐户信息 |
Query account information |
| 0x1631 | 更改指派给帐户的特权 |
Change privileges assigned to account |
| 0x1632 | 更改指派给帐户的配额 |
Change quotas assigned to account |
| 0x1633 | 更改指派给帐户的登录功能 |
Change logon capabilities assigned to account |
| 0x1634 | 更改指派给帐户域的 Posix ID 偏移量 |
Change the Posix ID offset assigned to the accounted domain |
| 0x1640 | KeyedEvent 等待 |
KeyedEvent Wait |
| 0x1641 | KeyedEvent 唤醒 |
KeyedEvent Wake |
| 0x1A00 | 枚举桌面 |
Enumerate desktops |
| 0x1A01 | 读取属性 |
Read attributes |
| 0x1A02 | 访问剪贴板 |
Access Clipboard |
| 0x1A03 | 创建桌面 |
Create desktop |
| 0x1A04 | 写入属性 |
Write attributes |
| 0x1A05 | 访问全局原子 |
Access global atoms |
| 0x1A06 | 退出窗口 |
Exit windows |
| 0x1A07 | 未使用的访问标志 |
Unused Access Flag |
| 0x1A08 | 枚举时包括这个窗口 |
Include this windowstation in enumerations |
| 0x1A09 | 读取屏幕 |
Read screen |
| 0x1A10 | 读取对象 |
Read Objects |
| 0x1A11 | 创建窗口 |
Create window |
| 0x1A12 | 创建菜单 |
Create menu |
| 0x1A13 | 挂钩控制 |
Hook control |
| 0x1A14 | 日志(记录) |
Journal (record) |
| 0x1A15 | 日志(播放) |
Journal (playback) |
| 0x1A16 | 枚举时包括这个桌面 |
Include this desktop in enumerations |
| 0x1A17 | 写入对象 |
Write objects |
| 0x1A18 | 切换到这个桌面 |
Switch to this desktop |
| 0x1B00 | 管理打印服务器 |
Administer print server |
| 0x1B01 | 枚举打印机 |
Enumerate printers |
| 0x1B12 | 完全控制 |
Full Control |
| 0x1B13 | 打印 |
Print |
| 0x1B24 | 管理文档 |
Administer Document |
| 0x1C00 | 连接到服务控制器 |
Connect to service controller |
| 0x1C01 | 创建新的服务 |
Create a new service |
| 0x1C02 | 枚举服务 |
Enumerate services |
| 0x1C03 | 锁定服务数据库,防止他人访问 |
Lock service database for exclusive access |
| 0x1C04 | 查询服务数据库锁定状态 |
Query service database lock state |
| 0x1C05 | 设置服务数据库的最后所知的好的状态 |
Set last-known-good state of service database |
| 0x1C10 | 查询服务配置信息 |
Query service configuration information |
| 0x1C11 | 设置服务配置信息 |
Set service configuration information |
| 0x1C12 | 查询服务状态 |
Query status of service |
| 0x1C13 | 枚举服务依存关系 |
Enumerate dependencies of service |
| 0x1C14 | 启动服务 |
Start the service |
| 0x1C15 | 停止服务 |
Stop the service |
| 0x1C16 | 暂停或继续服务 |
Pause or continue the service |
| 0x1C17 | 从服务查询信息 |
Query information from service |
| 0x1C18 | 颁发服务相关控制命令 |
Issue service-specific control commands |
| 0x1D00 | DDE 共享读取 |
DDE Share Read |
| 0x1D01 | DDE 共享写入 |
DDE Share Write |
| 0x1D02 | DDE 共享初始静态 |
DDE Share Initiate Static |
| 0x1D03 | DDE 共享初始链接 |
DDE Share Initiate Link |
| 0x1D04 | DDE 共享请求 |
DDE Share Request |
| 0x1D05 | DDE 共享建议 |
DDE Share Advise |
| 0x1D06 | DDE 共享发送 |
DDE Share Poke |
| 0x1D07 | DDE 共享执行 |
DDE Share Execute |
| 0x1D08 | DDE 共享添加项目 |
DDE Share Add Items |
| 0x1D09 | DDE 共享列表项目 |
DDE Share List Items |
| 0x1E01 | 删除子项 |
Delete Child |
| 0x1E02 | 列表内容 |
List Contents |
| 0x1E03 | 自身写入 |
Write Self |
| 0x1E06 | 删除目录树 |
Delete Tree |
| 0x1E07 | 列出对象 |
List Object |
| 0x1E08 | 控制访问 |
Control Access |
| 0x1F00 | 审核设置系统策略 |
Audit Set System Policy |
| 0x1F01 | 审核查询系统策略 |
Audit Query System Policy |
| 0x1F02 | 审核设置每用户策略 |
Audit Set Per User Policy |
| 0x1F03 | 审核查询每用户策略 |
Audit Query Per User Policy |
| 0x1F04 | 审核枚举用户 |
Audit Enumerate Users |
| 0x1F05 | 审核设置选项 |
Audit Set Options |
| 0x1F06 | 审核查询选项 |
Audit Query Options |
| 0x1F80 | 端口共享(读) |
Port sharing (read) |
| 0x1F81 | 端口共享(写) |
Port sharing (write) |
| 0x1FA0 | 默认凭据 |
Default credentials |
| 0x1FA1 | 凭据管理器 |
Credentials manager |
| 0x1FA2 | 新的凭据 |
Fresh credentials |
| 0x2000 | Kerberos |
Kerberos |
| 0x2001 | 预共享密钥 |
Preshared key |
| 0x2002 | 未知的身份验证 |
Unknown authentication |
| 0x2003 | DES |
DES |
| 0x2004 | 3DES |
3DES |
| 0x2005 | MD5 |
MD5 |
| 0x2006 | SHA1 |
SHA1 |
| 0x2007 | 本地计算机 |
Local computer |
| 0x2008 | 远程计算机 |
Remote computer |
| 0x2009 | 无状态 |
No state |
| 0x200A | 发送第一个(SA)负载 |
Sent first (SA) payload |
| 0x200B | 发送第二个(KE)有效负载 |
Sent second (KE) payload |
| 0x200C | 发送第三个(ID)有效负载 |
Sent third (ID) payload |
| 0x200D | 发起程序 |
Initiator |
| 0x200E | 响应程序 |
Responder |
| 0x2011 | 发送最终有效负载 |
Sent final payload |
| 0x2012 | 完成 |
Complete |
| 0x2013 | 未知 |
Unknown |
| 0x2014 | 传输 |
Transport |
| 0x2015 | 隧道 |
Tunnel |
| 0x2016 | IKE/AuthIP DoS 阻止模式已启动 |
IKE/AuthIP DoS prevention mode started |
| 0x2017 | IKE/AuthIP DoS 阻止模式已停止 |
IKE/AuthIP DoS prevention mode stopped |
| 0x2019 | 未启用 |
Not enabled |
| 0x201B | 发送第一个(EM 属性)有效负载 |
Sent first (EM attributes) payload |
| 0x201C | 发送第二个(SSPI)有效负载 |
Sent second (SSPI) payload |
| 0x201D | 发送第三个(哈希)有效负载 |
Sent third (hash) payload |
| 0x201E | IKEv1 |
IKEv1 |
| 0x201F | AuthIP |
AuthIP |
| 0x2020 | 匿名 |
Anonymous |
| 0x2021 | NTLM V2 |
NTLM V2 |
| 0x2022 | CGA |
CGA |
| 0x2023 | 证书 |
Certificate |
| 0x2024 | SSL |
SSL |
| 0x2026 | DH 组 1 |
DH group 1 |
| 0x2027 | DH 组 2 |
DH group 2 |
| 0x2028 | DH 组 14 |
DH group 14 |
| 0x2029 | DH 组 ECP 256 |
DH group ECP 256 |
| 0x202A | DH 组 ECP 384 |
DH group ECP 384 |
| 0x202B | AES-128 |
AES-128 |
| 0x202C | AES-192 |
AES-192 |
| 0x202D | AES-256 |
AES-256 |
| 0x202E | 证书 ECDSA P256 |
Certificate ECDSA P256 |
| 0x202F | 证书 ECDSA P384 |
Certificate ECDSA P384 |
| 0x2030 | SSL ECDSA P256 |
SSL ECDSA P256 |
| 0x2031 | SSL ECDSA P384 |
SSL ECDSA P384 |
| 0x2032 | SHA 256 |
SHA 256 |
| 0x2033 | SHA 384 |
SHA 384 |
| 0x2034 | IKEv2 |
IKEv2 |
| 0x2035 | 已发送 EAP 负载 |
EAP payload sent |
| 0x2036 | 已发送身份验证负载 |
Authentication payload sent |
| 0x2037 | EAP |
EAP |
| 0x2038 | DH 组 24 |
DH group 24 |
| 0x2051 | 登录/注销 |
Logon/Logoff |
| 0x2052 | 对象访问 |
Object Access |
| 0x2053 | 特权使用 |
Privilege Use |
| 0x2054 | 详细追踪 |
Detailed Tracking |
| 0x2055 | 策略改动 |
Policy Change |
| 0x2056 | 帐户管理 |
Account Management |
| 0x2057 | DS 访问 |
DS Access |
| 0x2058 | 帐户登录 |
Account Logon |
| 0x2100 | 删除成功 |
Success removed |
| 0x2101 | 添加成功 |
Success Added |
| 0x2102 | 删除失败 |
Failure removed |
| 0x2103 | 添加失败 |
Failure added |
| 0x2104 | 删除成功包括 |
Success include removed |
| 0x2105 | 添加成功包括 |
Success include added |
| 0x2106 | 删除成功排除 |
Success exclude removed |
| 0x2107 | 添加成功排除 |
Success exclude added |
| 0x2108 | 删除包括失败 |
Failure include removed |
| 0x2109 | 添加包括失败 |
Failure include added |
| 0x210A | 删除排除失败 |
Failure exclude removed |
| 0x210B | 添加排除失败 |
Failure exclude added |
| 0x00003000 | 安全状态更改 |
Security State Change |
| 0x00003001 | 安全系统扩展 |
Security System Extension |
| 0x00003002 | 系统完整性 |
System Integrity |
| 0x00003003 | IPsec 驱动程序 |
IPsec Driver |
| 0x00003004 | 其他系统事件 |
Other System Events |
| 0x00003100 | 登录 |
Logon |
| 0x00003101 | 注销 |
Logoff |
| 0x00003102 | 帐户锁定 |
Account Lockout |
| 0x00003103 | IPsec 主模式 |
IPsec Main Mode |
| 0x00003104 | 特殊登录 |
Special Logon |
| 0x00003105 | IPsec 快速模式 |
IPsec Quick Mode |
| 0x00003106 | IPsec 扩展模式 |
IPsec Extended Mode |
| 0x00003107 | 其他登录/注销事件 |
Other Logon/Logoff Events |
| 0x00003108 | 网络策略服务器 |
Network Policy Server |
| 0x00003109 | 用户/设备声明 |
User / Device Claims |
| 0x0000310A | 组成员身份 |
Group Membership |
| 0x00003200 | 文件系统 |
File System |
| 0x00003201 | 注册表 |
Registry |
| 0x00003202 | 内核对象 |
Kernel Object |
| 0x00003203 | SAM |
SAM |
| 0x00003204 | 其他对象访问事件 |
Other Object Access Events |
| 0x00003205 | 证书服务 |
Certification Services |
| 0x00003206 | 已生成应用程序 |
Application Generated |
| 0x00003207 | 句柄操作 |
Handle Manipulation |
| 0x00003208 | 文件共享 |
File Share |
| 0x00003209 | 筛选平台数据包丢弃 |
Filtering Platform Packet Drop |
| 0x0000320A | 筛选平台连接 |
Filtering Platform Connection |
| 0x0000320B | 详细的文件共享 |
Detailed File Share |
| 0x0000320C | 可移动存储 |
Removable Storage |
| 0x0000320D | 中心策略暂存 |
Central Policy Staging |
| 0x00003300 | 敏感权限使用 |
Sensitive Privilege Use |
| 0x00003301 | 非敏感权限使用 |
Non Sensitive Privilege Use |
| 0x00003302 | 其他权限使用事件 |
Other Privilege Use Events |
| 0x00003400 | 进程创建 |
Process Creation |
| 0x00003401 | 进程终止 |
Process Termination |
| 0x00003402 | DPAPI 活动 |
DPAPI Activity |
| 0x00003403 | RPC 事件 |
RPC Events |
| 0x00003404 | “即插即用”事件 |
Plug and Play Events |
| 0x00003405 | 令牌权限已调整事件 |
Token Right Adjusted Events |
| 0x00003500 | 审核策略更改 |
Audit Policy Change |
| 0x00003501 | 身份验证策略更改 |
Authentication Policy Change |
| 0x00003502 | 授权策略更改 |
Authorization Policy Change |
| 0x00003503 | MPSSVC 规则级别策略更改 |
MPSSVC Rule-Level Policy Change |
| 0x00003504 | 筛选平台策略更改 |
Filtering Platform Policy Change |
| 0x00003505 | 其他策略更改事件 |
Other Policy Change Events |
| 0x00003600 | 用户帐户管理 |
User Account Management |
| 0x00003601 | 计算机帐户管理 |
Computer Account Management |
| 0x00003602 | 安全组管理 |
Security Group Management |
| 0x00003603 | 分发组管理 |
Distribution Group Management |
| 0x00003604 | 应用程序组管理 |
Application Group Management |
| 0x00003605 | 其他帐户管理事件 |
Other Account Management Events |
| 0x00003700 | 目录服务访问 |
Directory Service Access |
| 0x00003701 | 目录服务更改 |
Directory Service Changes |
| 0x00003702 | 目录服务复制 |
Directory Service Replication |
| 0x00003703 | 详细的目录服务复制 |
Detailed Directory Service Replication |
| 0x00003800 | 凭据验证 |
Credential Validation |
| 0x00003801 | Kerberos 服务票证操作 |
Kerberos Service Ticket Operations |
| 0x00003802 | 其他帐户登录事件 |
Other Account Logon Events |
| 0x00003803 | Kerberos 身份验证服务 |
Kerberos Authentication Service |
| 0x00003900 | 入站 |
Inbound |
| 0x00003901 | 出站 |
Outbound |
| 0x00003902 | 前向 |
Forward |
| 0x00003903 | 双向 |
Bidirectional |
| 0x00003904 | IP 数据包 |
IP Packet |
| 0x00003907 | 数据流 |
Stream |
| 0x00003908 | 数据报数据 |
Datagram Data |
| 0x00003909 | ICMP 错误 |
ICMP Error |
| 0x0000390A | MAC 802.3 |
MAC 802.3 |
| 0x0000390B | MAC 本机 |
MAC Native |
| 0x0000390C | vSwitch |
vSwitch |
| 0x00003910 | 资源分配 |
Resource Assignment |
| 0x00003911 | 侦听 |
Listen |
| 0x00003912 | 接收/接受 |
Receive/Accept |
| 0x00003913 | 连接 |
Connect |
| 0x00003914 | 已建立流 |
Flow Established |
| 0x00003916 | 资源释放 |
Resource Release |
| 0x00003917 | 终结点关闭 |
Endpoint Closure |
| 0x00003918 | 连接重定向 |
Connect Redirect |
| 0x00003919 | 绑定重定向 |
Bind Redirect |
| 0x00003920 | 流数据包 |
Stream Packet |
| 0x00003930 | ICMP 回显请求 |
ICMP Echo-Request |
| 0x00003931 | vSwitch 入口 |
vSwitch Ingress |
| 0x00003932 | vSwitch 出口 |
vSwitch Egress |
| 0x00003951 | [NULL] |
[NULL] |
| 0x00003952 | 已添加值 |
Value Added |
| 0x00003953 | 已删除值 |
Value Deleted |
| 0x00003954 | Active Directory 域服务 |
Active Directory Domain Services |
| 0x00003955 | Active Directory 轻型目录服务 |
Active Directory Lightweight Directory Services |
| 0x00003958 | 已为到期时间添加值 |
Value Added With Expiration Time |
| 0x00003959 | 已删除到期时间的值 |
Value Deleted With Expiration Time |
| 0x00003960 | 根据过期时间自动删除的值 |
Value Auto Deleted With Expiration Time |
| 0x00004000 | 添加 |
Add |
| 0x00004001 | 删除 |
Delete |
| 0x00004002 | 启动时间 |
Boot-time |
| 0x00004003 | 永久 |
Persistent |
| 0x00004004 | 非永久 |
Not persistent |
| 0x00004005 | 阻止 |
Block |
| 0x00004006 | 允许 |
Permit |
| 0x00004007 | 标注 |
Callout |
| 0x00004009 | SHA-1 |
SHA-1 |
| 0x0000400A | SHA-256 |
SHA-256 |
| 0x0000400B | AES-GCM 128 |
AES-GCM 128 |
| 0x0000400C | AES-GCM 192 |
AES-GCM 192 |
| 0x0000400D | AES-GCM 256 |
AES-GCM 256 |
| 0x00004017 | AES-GMAC 128 |
AES-GMAC 128 |
| 0x00004018 | AES-GMAC 192 |
AES-GMAC 192 |
| 0x00004019 | AES-GMAC 256 |
AES-GMAC 256 |
| 0x00004020 | AuthNoEncap 传输 |
AuthNoEncap Transport |
| 0x00004200 | 启用 WMI 帐户 |
Enable WMI Account |
| 0x00004201 | 执行方法 |
Execute Method |
| 0x00004202 | 全部写入 |
Full Write |
| 0x00004203 | 部分写入 |
Partial Write |
| 0x00004204 | 提供程序写入 |
Provider Write |
| 0x00004205 | 远程访问 |
Remote Access |
| 0x00004206 | 预订 |
Subscribe |
| 0x00004207 | 发布 |
Publish |