typedef struct _KTHREAD                                 // 115 elements, 0x1E0 bytes (sizeof)
          {
/*0x000*/     struct _DISPATCHER_HEADER Header;                   // 13 elements, 0x10 bytes (sizeof)
/*0x010*/     UINT64       CycleTime;
/*0x018*/     ULONG32      HighCycleTime;
/*0x01C*/     UINT8        _PADDING0_[0x4];
/*0x020*/     UINT64       QuantumTarget;
/*0x028*/     VOID*        InitialStack;
/*0x02C*/     VOID*        StackLimit;
/*0x030*/     VOID*        KernelStack;
/*0x034*/     ULONG32      ThreadLock;
              union                                               // 2 elements, 0x18 bytes (sizeof)
              {
/*0x038*/         struct _KAPC_STATE ApcState;                    // 5 elements, 0x18 bytes (sizeof)
                  struct                                          // 2 elements, 0x18 bytes (sizeof)
                  {
/*0x038*/             UINT8        ApcStateFill[23];
/*0x04F*/             CHAR         Priority;
                  };
              };
/*0x050*/     UINT16       NextProcessor;
/*0x052*/     UINT16       DeferredProcessor;
/*0x054*/     ULONG32      ApcQueueLock;
/*0x058*/     ULONG32      ContextSwitches;
/*0x05C*/     UINT8        State;
/*0x05D*/     UINT8        NpxState;
/*0x05E*/     UINT8        WaitIrql;
/*0x05F*/     CHAR         WaitMode;
/*0x060*/     LONG32       WaitStatus;
              union                                               // 2 elements, 0x4 bytes (sizeof)
              {
/*0x064*/         struct _KWAIT_BLOCK* WaitBlockList;
/*0x064*/         struct _KGATE* GateObject;
              };
              union                                               // 2 elements, 0x4 bytes (sizeof)
              {
                  struct                                          // 9 elements, 0x4 bytes (sizeof)
                  {
/*0x068*/             ULONG32      KernelStackResident : 1;       // 0 BitPosition
/*0x068*/             ULONG32      ReadyTransition : 1;           // 1 BitPosition
/*0x068*/             ULONG32      ProcessReadyQueue : 1;         // 2 BitPosition
/*0x068*/             ULONG32      WaitNext : 1;                  // 3 BitPosition
/*0x068*/             ULONG32      SystemAffinityActive : 1;      // 4 BitPosition
/*0x068*/             ULONG32      Alertable : 1;                 // 5 BitPosition
/*0x068*/             ULONG32      GdiFlushActive : 1;            // 6 BitPosition
/*0x068*/             ULONG32      UserStackWalkActive : 1;       // 7 BitPosition
/*0x068*/             ULONG32      Reserved : 24;                 // 8 BitPosition
                  };
/*0x068*/         LONG32       MiscFlags;
              };
/*0x06C*/     UINT8        WaitReason;
/*0x06D*/     UINT8        SwapBusy;
/*0x06E*/     UINT8        Alerted[2];
              union                                               // 2 elements, 0x8 bytes (sizeof)
              {
/*0x070*/         struct _LIST_ENTRY WaitListEntry;               // 2 elements, 0x8 bytes (sizeof)
/*0x070*/         struct _SINGLE_LIST_ENTRY SwapListEntry;        // 1 elements, 0x4 bytes (sizeof)
              };
/*0x078*/     struct _KQUEUE* Queue;
/*0x07C*/     ULONG32      WaitTime;
              union                                               // 2 elements, 0x4 bytes (sizeof)
              {
                  struct                                          // 2 elements, 0x4 bytes (sizeof)
                  {
/*0x080*/             INT16        KernelApcDisable;
/*0x082*/             INT16        SpecialApcDisable;
                  };
/*0x080*/         ULONG32      CombinedApcDisable;
              };
/*0x084*/     VOID*        Teb;
              union                                               // 2 elements, 0x28 bytes (sizeof)
              {
/*0x088*/         struct _KTIMER Timer;                           // 5 elements, 0x28 bytes (sizeof)
/*0x088*/         UINT8        TimerFill[40];
              };
              union                                               // 2 elements, 0x8 bytes (sizeof)
              {
                  struct                                          // 10 elements, 0x4 bytes (sizeof)
                  {
/*0x0B0*/             ULONG32      AutoAlignment : 1;             // 0 BitPosition
/*0x0B0*/             ULONG32      DisableBoost : 1;              // 1 BitPosition
/*0x0B0*/             ULONG32      EtwStackTraceApc1Inserted : 1; // 2 BitPosition
/*0x0B0*/             ULONG32      EtwStackTraceApc2Inserted : 1; // 3 BitPosition
/*0x0B0*/             ULONG32      CycleChargePending : 1;        // 4 BitPosition
/*0x0B0*/             ULONG32      CalloutActive : 1;             // 5 BitPosition
/*0x0B0*/             ULONG32      ApcQueueable : 1;              // 6 BitPosition
/*0x0B0*/             ULONG32      EnableStackSwap : 1;           // 7 BitPosition
/*0x0B0*/             ULONG32      GuiThread : 1;                 // 8 BitPosition
/*0x0B0*/             ULONG32      ReservedFlags : 23;            // 9 BitPosition
                  };
/*0x0B0*/         LONG32       ThreadFlags;
              };
              union                                               // 5 elements, 0x60 bytes (sizeof)
              {
/*0x0B8*/         struct _KWAIT_BLOCK WaitBlock[4];
                  struct                                          // 2 elements, 0x60 bytes (sizeof)
                  {
/*0x0B8*/             UINT8        WaitBlockFill0[23];
/*0x0CF*/             UINT8        IdealProcessor;
/*0x0D0*/             UINT8        _PADDING1_[0x48];
                  };
                  struct                                          // 2 elements, 0x60 bytes (sizeof)
                  {
/*0x0B8*/             UINT8        WaitBlockFill1[47];
/*0x0E7*/             CHAR         PreviousMode;
/*0x0E8*/             UINT8        _PADDING2_[0x30];
                  };
                  struct                                          // 2 elements, 0x60 bytes (sizeof)
                  {
/*0x0B8*/             UINT8        WaitBlockFill2[71];
/*0x0FF*/             UINT8        ResourceIndex;
/*0x100*/             UINT8        _PADDING3_[0x18];
                  };
                  struct                                          // 2 elements, 0x60 bytes (sizeof)
                  {
/*0x0B8*/             UINT8        WaitBlockFill3[95];
/*0x117*/             UINT8        LargeStack;
                  };
              };
/*0x118*/     struct _LIST_ENTRY QueueListEntry;                  // 2 elements, 0x8 bytes (sizeof)
/*0x120*/     struct _KTRAP_FRAME* TrapFrame;
/*0x124*/     VOID*        FirstArgument;
              union                                               // 2 elements, 0x4 bytes (sizeof)
              {
/*0x128*/         VOID*        CallbackStack;
/*0x128*/         ULONG32      CallbackDepth;
              };
/*0x12C*/     VOID*        ServiceTable;
/*0x130*/     UINT8        ApcStateIndex;
/*0x131*/     CHAR         BasePriority;
/*0x132*/     CHAR         PriorityDecrement;
/*0x133*/     UINT8        Preempted;
/*0x134*/     UINT8        AdjustReason;
/*0x135*/     CHAR         AdjustIncrement;
/*0x136*/     UINT8        Spare01;
/*0x137*/     CHAR         Saturation;
/*0x138*/     ULONG32      SystemCallNumber;
/*0x13C*/     ULONG32      FreezeCount;
/*0x140*/     ULONG32      UserAffinity;
/*0x144*/     struct _KPROCESS* Process;
/*0x148*/     ULONG32      Affinity;
/*0x14C*/     struct _KAPC_STATE* ApcStatePointer[2];
              union                                               // 2 elements, 0x18 bytes (sizeof)
              {
/*0x154*/         struct _KAPC_STATE SavedApcState;               // 5 elements, 0x18 bytes (sizeof)
                  struct                                          // 2 elements, 0x18 bytes (sizeof)
                  {
/*0x154*/             UINT8        SavedApcStateFill[23];
/*0x16B*/             UINT8        Spare02;
                  };
              };
/*0x16C*/     CHAR         SuspendCount;
/*0x16D*/     UINT8        UserIdealProcessor;
/*0x16E*/     UINT8        Spare03;
/*0x16F*/     UINT8        OtherPlatformFill;
/*0x170*/     VOID*        Win32Thread;
/*0x174*/     VOID*        StackBase;
              union                                               // 7 elements, 0x30 bytes (sizeof)
              {
/*0x178*/         struct _KAPC SuspendApc;                        // 16 elements, 0x30 bytes (sizeof)
                  struct                                          // 2 elements, 0x30 bytes (sizeof)
                  {
/*0x178*/             UINT8        SuspendApcFill0[1];
/*0x179*/             CHAR         Spare04;
/*0x17A*/             UINT8        _PADDING4_[0x2E];
                  };
                  struct                                          // 2 elements, 0x30 bytes (sizeof)
                  {
/*0x178*/             UINT8        SuspendApcFill1[3];
/*0x17B*/             UINT8        QuantumReset;
/*0x17C*/             UINT8        _PADDING5_[0x2C];
                  };
                  struct                                          // 2 elements, 0x30 bytes (sizeof)
                  {
/*0x178*/             UINT8        SuspendApcFill2[4];
/*0x17C*/             ULONG32      KernelTime;
/*0x180*/             UINT8        _PADDING6_[0x28];
                  };
                  struct                                          // 2 elements, 0x30 bytes (sizeof)
                  {
/*0x178*/             UINT8        SuspendApcFill3[36];
/*0x19C*/             struct _KPRCB* WaitPrcb;
/*0x1A0*/             UINT8        _PADDING7_[0x8];
                  };
                  struct                                          // 2 elements, 0x30 bytes (sizeof)
                  {
/*0x178*/             UINT8        SuspendApcFill4[40];
/*0x1A0*/             VOID*        LegoData;
/*0x1A4*/             UINT8        _PADDING8_[0x4];
                  };
                  struct                                          // 2 elements, 0x30 bytes (sizeof)
                  {
/*0x178*/             UINT8        SuspendApcFill5[47];
/*0x1A7*/             UINT8        PowerState;
                  };
              };
/*0x1A8*/     ULONG32      UserTime;
              union                                               // 2 elements, 0x14 bytes (sizeof)
              {
/*0x1AC*/         struct _KSEMAPHORE SuspendSemaphore;            // 2 elements, 0x14 bytes (sizeof)
/*0x1AC*/         UINT8        SuspendSemaphorefill[20];
              };
/*0x1C0*/     ULONG32      SListFaultCount;
/*0x1C4*/     struct _LIST_ENTRY ThreadListEntry;                 // 2 elements, 0x8 bytes (sizeof)
/*0x1CC*/     struct _LIST_ENTRY MutantListHead;                  // 2 elements, 0x8 bytes (sizeof)
/*0x1D4*/     VOID*        SListFaultAddress;
/*0x1D8*/     VOID*        MdlForLockedTeb;
/*0x1DC*/     UINT8        _PADDING9_[0x4];
          }KTHREAD, *PKTHREAD;
Return to structures/enums list.
Return to O.S. version list.

(c) MoonSols 2010.