NTAMD64_X.H

The public symbol file NTKRPAMP.PDB for the original release of Windows 10 tells that the kernel is built with the NTAMD64_X.H header at

d:\th.public.fre\internal\sdk\inc

and draws from it the following type definition:

The header NTAMD64_X.H is not known in any Device Driver Kit (DDK) or Windows Driver Kit (WDK), but this one type that the kernel is known to pick up from it is defined in the standard header NTDDK.H. The line number on the left is from the unseen NTAMD64_X.H but is known from the symbol file. The line number on the right is from the NTDDK.H that is readily available in the WDK for Windows 10.

From URLMON.PDB:

NTAMD64.H

Though the public symbol files for the kernel make no mention of it, there is an NTAMD64.H in the same directory. This is known from private symbol files that Microsoft has distributed in packages of otherwise public symbol files. All these private symbols are for user-mode modules. Some, such as URLMON.DLL from Internet Explorer, are very far removed from kernel-mode programming, but let’s leave that wonder for some other time. If NTAMD64.H for the amd64 processor architecture follows the pattern of NTARM.H and NTARM_X.H, then NTAMD64.H includes NTAMD64_X.H. It’s not impossible, and may even be likely, that the kernel’s source code includes NTAMD64.H but just doesn’t use any of its contents in a way that survives into the public symbol files.