NtSaveKey - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers

#ifndef _NTREGAPI_H

/**
 * Saves the specified registry key to a file.
 *
 * @param KeyHandle Handle to the registry key.
 * @param FileHandle Handle to the file where the key will be saved.
 * @return NTSTATUS Successful or errant status.
 */
NTSYSCALLAPI
NTSTATUS
NTAPI
NtSaveKey(
    _In_ HANDLE KeyHandle,
    _In_ HANDLE FileHandle
    );

#endif
View code on GitHub

#ifndef _NTZWAPI_H

NTSYSCALLAPI
NTSTATUS
NTAPI
ZwSaveKey(
    _In_ HANDLE KeyHandle,
    _In_ HANDLE FileHandle
    );

#endif
View code on GitHub

NtDoc

No description available.

Edit description on GitHub

NTinternals.net (undocumented.ntinternals.net)

KeyHandle

FileHandle

HANDLE to any file created with write access.

Before use FileHandle in other registry function without closing it, call NtFlushKey with KeyHandle
as param.

Requirements

Privilege: SE_BACKUP_NAME

See also

NtOpenKey
NtRestoreKey

Edit description on GitHub