PsImpersonateClient
CcMdlWriteAbort
FsRtlCheckLockForReadAccess
RtlFillMemoryUlong
RtlAddAccessAllowedAceEx
IoInvalidateDeviceState
SePrivilegeCheck
IoQueryFileDosDeviceName
ZwAllocateVirtualMemory
IoInitializeTimer
CcMdlWriteComplete
ExFreePool
RtlCreateAcl
RtlSplay
SeImpersonateClientEx
RtlCheckRegistryKey
RtlFindLeastSignificantBit
SeAssignSecurity
RtlTimeToSecondsSince1970
MmAllocateContiguousMemory
PsGetVersion
CcFastCopyWrite
RtlVolumeDeviceToDosName
RtlFreeAnsiString
IoBuildPartialMdl
CcPurgeCacheSection
FsRtlIsDbcsInExpression
ExGetSharedWaiterCount
KeBugCheck
IoCreateDevice
RtlGenerate8dot3Name
IoGetLowerDeviceObject
PsReferencePrimaryToken
IoIsWdmVersionAvailable
SeFreePrivileges
SeTokenIsAdmin
RtlCompareMemory
IoCreateDisk
FsRtlGetNextFileLock
RtlInitUnicodeString
IoCreateFile
KdDisableDebugger
ExReleaseFastMutexUnsafe
ZwCreateDirectoryObject
RtlCopyLuid
MmIsThisAnNtAsSystem
ZwCreateEvent
KeReadStateMutex
IoAllocateWorkItem
KeInitializeMutex
PsLookupThreadByThreadId
PsGetCurrentProcessId
MmProbeAndLockProcessPages
ZwQueryValueKey
KeWaitForSingleObject
RtlFindLastBackwardRunClear
MmAllocateMappingAddress
ProbeForWrite
IoGetDeviceInterfaceAlias
ZwEnumerateKey
IoThreadToProcess
ExRaiseAccessViolation
IoSetDeviceInterfaceState
KeFlushQueuedDpcs
IoAcquireRemoveLockEx
KeReadStateEvent
IoReleaseRemoveLockAndWaitEx
IoStartNextPacket
ExReleaseResourceLite
RtlInitString
RtlGetVersion
IoFreeMdl
IoEnumerateDeviceObjectList
RtlDeleteNoSplay
RtlFindClearBitsAndSet
CcUninitializeCacheMap
KeWaitForMultipleObjects
KeInitializeApc
RtlSetDaclSecurityDescriptor
ZwSetVolumeInformationFile
IoFreeController
ExDeleteNPagedLookasideList
RtlAddAccessAllowedAce
RtlInitializeSid
PoStartNextPowerIrp
CcFastCopyRead
FsRtlIsHpfsDbcsLegal
RtlUpcaseUnicodeChar
IoCreateStreamFileObjectLite
FsRtlCheckLockForWriteAccess
RtlDowncaseUnicodeString
RtlOemStringToUnicodeString
IoAcquireCancelSpinLock
CcSetReadAheadGranularity
FsRtlNotifyInitializeSync
ZwFlushKey
MmHighestUserAddress
PsGetCurrentThread
KeQuerySystemTime
IoGetStackLimits
IoVerifyPartitionTable
IoCsqRemoveIrp
ZwQueryObject
IoReleaseVpbSpinLock
IoVolumeDeviceToDosName
KeResetEvent
IoCreateStreamFileObject
RtlClearBits
RtlAppendUnicodeToString
IoQueryFileInformation
RtlCompareString
KeDetachProcess
CcSetDirtyPinnedData
IoGetTopLevelIrp
PsGetCurrentThreadId
KeGetCurrentThread
KeTickCount
KeQueryActiveProcessors
RtlWriteRegistryValue
CcUnpinRepinnedBcb
KeInitializeQueue
IoFreeIrp
CcMdlRead
MmUnmapReservedMapping
IoGetDeviceProperty
RtlFindClearBits
MmIsDriverVerifying
ZwSetValueKey
IoDetachDevice
IofCallDriver
KeInitializeSemaphore
MmFlushImageSection
ExCreateCallback
ZwDeleteValueKey
RtlAreBitsSet
IoGetDiskDeviceObject
RtlLengthSecurityDescriptor
RtlFindUnicodePrefix
IoCheckQuotaBufferValidity
ZwUnloadDriver
SeSetSecurityDescriptorInfo
RtlGUIDFromString
MmFreeMappingAddress
ExSystemTimeToLocalTime
IoDeleteDevice
RtlTimeFieldsToTime
ObfReferenceObject
ExGetExclusiveWaiterCount
KeEnterCriticalRegion
ExInitializeResourceLite
SeAppendPrivileges
ExAllocatePoolWithTag
IoMakeAssociatedIrp
CcSetFileSizes
KeUnstackDetachProcess
ZwQuerySymbolicLinkObject
MmGetPhysicalAddress
MmUnsecureVirtualMemory
KeInitializeDeviceQueue
IoUnregisterFileSystem
SeValidSecurityDescriptor
CcSetBcbOwnerPointer
CcIsThereDirtyData
RtlCreateSecurityDescriptor
ExQueueWorkItem
ObCreateObject
ObOpenObjectByPointer
KeRemoveQueue
ExLocalTimeToSystemTime
ZwPowerInformation
IoSetSystemPartition
FsRtlDeregisterUncProvider
RtlFindClearRuns
KeReleaseMutex
RtlValidSid
ExDeleteResourceLite
PsDereferencePrimaryToken
KeReleaseSemaphore
RtlUpperChar
RtlSetBits
IoGetAttachedDeviceReference
IoCreateSynchronizationEvent
IoGetDeviceAttachmentBaseRef
ObfDereferenceObject
KeLeaveCriticalRegion
RtlCopyString
RtlInitializeBitMap
IoWMIRegistrationControl
RtlExtendedIntegerMultiply
IoGetDmaAdapter
FsRtlCheckOplock
RtlUnicodeToMultiByteN
PoUnregisterSystemState
FsRtlIsNameInExpression
IoVerifyVolume
ObReleaseObjectSecurity
PsGetThreadProcessId
PsRevertToSelf
MmQuerySystemSize
RtlUnicodeToOemN
IoReportDetectedDevice
RtlRandom
MmMapLockedPagesSpecifyCache
DbgBreakPoint
IoCreateSymbolicLink
KeReadStateTimer
IoDisconnectInterrupt
PsLookupProcessByProcessId
ExReinitializeResourceLite
IoGetDriverObjectExtension
KeRestoreFloatingPointState
MmUnlockPages
IoSetHardErrorOrVerifyDevice
KeInitializeDpc
IoReleaseRemoveLockEx
RtlLengthSid
IoStopTimer
IoGetRequestorProcessId
RtlxOemStringToUnicodeSize
ZwClose
KeRundownQueue
IoAllocateIrp
IoRemoveShareAccess
IoAcquireVpbSpinLock
DbgBreakPointWithStatus
FsRtlSplitLargeMcb
MmMapIoSpace
PsGetCurrentProcess
CcUnpinData
MmLockPagableSectionByHandle
RtlInitAnsiString
HalExamineMBR
RtlQueryRegistryValues
RtlLengthRequiredSid
RtlPrefixUnicodeString
ZwLoadDriver
RtlHashUnicodeString
ExRegisterCallback
IoUpdateShareAccess
IoAllocateMdl
CcCanIWrite
SeReleaseSubjectContext
RtlUnicodeStringToAnsiString
ZwDeviceIoControlFile
MmAllocatePagesForMdl
IoAllocateErrorLogEntry
KePulseEvent
MmUnmapIoSpace
ExGetPreviousMode
ExUnregisterCallback
IoGetCurrentProcess
IoGetAttachedDevice
IoReadDiskSignature
VerSetConditionMask
IoDeleteSymbolicLink
RtlIntegerToUnicodeString
FsRtlFastCheckLockForRead
MmMapUserAddressesToPage
MmFreeNonCachedMemory
IoCheckEaBufferValidity
IoReuseIrp
KeInsertByKeyDeviceQueue
