IoRegisterShutdownNotification
IoCreateSymbolicLink
IoCreateDevice
KeInitializeMutex
_vsnwprintf
KeDelayExecutionThread
_allmul
ZwClose
ZwWriteFile
IoCreateFile
ZwDeleteFile
KeTickCount
KeQueryTimeIncrement
_alldiv
ZwCreateFile
ZwQueryInformationFile
ZwReadFile
ObfDereferenceObject
ObReferenceObjectByHandle
IoFileObjectType
ZwOpenKey
ExFreePoolWithTag
ExAllocatePoolWithTag
ZwEnumerateKey
memcpy
memset
ZwDeleteKey
RtlCopyUnicodeString
ObOpenObjectByPointer
PsProcessType
PsLookupProcessByProcessId
MmGetSystemRoutineAddress
ZwTerminateProcess
ZwOpenProcess
ZwOpenFile
ZwCreateKey
ZwSetValueKey
ZwFlushKey
ExAllocatePool
ZwQueryKey
ZwQueryValueKey
_wcsicmp
ZwQuerySystemInformation
ZwLoadDriver
KeQuerySystemTime
_vsnprintf
IoRegisterDriverReinitialization
_strnicmp
strstr
MmIsAddressValid
KeInitializeEvent
IofCallDriver
IoBuildDeviceIoControlRequest
IoGetRelatedDeviceObject
IoFreeMdl
MmUnlockPages
MmProbeAndLockPages
IoAllocateMdl
IoGetDeviceAttachmentBaseRef
IoFreeIrp
KeSetEvent
IoAllocateIrp
PsTerminateSystemThread
PsGetCurrentThreadId
KeReleaseMutex
PsLookupThreadByThreadId
PsCreateSystemThread
RtlCompareMemory
ZwSetInformationFile
KeGetCurrentThread
wcsstr
RtlCompareString
RtlInitString
ZwMapViewOfSection
ZwCreateSection
KeServiceDescriptorTable
ProbeForRead
KeUnstackDetachProcess
KeStackAttachProcess
_wcslwr
PsSetCreateProcessNotifyRoutine
InterlockedPopEntrySList
ExInitializeNPagedLookasideList
ObQueryNameString
CmRegisterCallback
SeCreateAccessState
IoGetFileObjectGenericMapping
ObCreateObject
KeClearEvent
IoGetAttachedDevice
KeBugCheckEx
IofCompleteRequest
KeWaitForSingleObject
RtlInitUnicodeString
strncpy
RtlGetVersion
RtlUnwind
