Doubt in Native API

>What does Zw stand for?
It's a mystery. The common assumption is that Zw was chosen because it meant absolutely nothing and there was little chance of something popping up that would make it significant.

>I'm not able to understand this thing in the italics.
Put simply, the Zw* versions will do some magic kernel stuff when called in kernel mode, and the Nt* versions won't. In user mode, both evaluate to the same thing.

>What does Zw stand for?
It's a mystery. The common assumption is that Zw was chosen because it meant absolutely nothing and there was little chance of something popping up that would make it significant.

That is interesting!!

If possible, I'm needing some more elaborate explanation for this:

Zw versions are stubs that go through the system call mechanism.

meaning what are stubs and the need for going through the system call mechanism..

You might find this enlightening, but it's pretty in depth.

Narue has pointed to a great article. To udestand this article you may need Debugging tools for windows. http://www.microsoft.com/whdc/devtools/debugging/default.mspx
However, these are non-documented APIs you should avoid calling from user mode application.

Yes, the article is pretty in depth. I appreciate it for the details. I'm familiar with some of the terms used. The unfamiliar ones will help me to go into enough depth in my reversing course. Thank you Narue :)

Thanks dubeyprateek for that link.

these are non-documented APIs you should avoid calling from user mode application.

Why is that so?

Why is that so?

Two reasons::
1) Microsoft may change behaviour of these APIs without any notifications. Therefore your application may break.
2) Microsoft does not 'supports' usage of thses APIs.

Got it. Thanks :)