IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

OutputDebugStringA

CloseHandle

HeapCreate

SetComputerNameExA

LoadLibraryA

GetPrivateProfileSectionNamesW

SetFileAttributesW

RegisterWowBaseHandlers

GetProcessShutdownParameters

Heap32Next

_lopen

GetConsoleProcessList

DuplicateHandle

GetComputerNameW

CreateJobSet

GetACP

GetCurrentActCtx

FindNextFileW

CommConfigDialogW

LockFileEx

CreateTimerQueue

GlobalFindAtomA

GetNumberOfConsoleMouseButtons

VirtualAlloc

PrivMoveFileIdentityW

GetDefaultCommConfigA

DeleteVolumeMountPointW

MoveFileExW

ExpandEnvironmentStringsW

WaitNamedPipeW

QueryPerformanceCounter

_lclose

EnumCalendarInfoA

IsBadReadPtr

SetProcessWorkingSetSize

BaseInitAppcompatCacheSupport

EnumSystemGeoID

CreateActCtxW

ZombifyActCtx

GetSystemDefaultUILanguage

ReadFileEx

ReadConsoleOutputA

FindActCtxSectionStringA

DebugActiveProcessStop

GetGeoInfoW

?SaCreateData@@YGHAAVPVarAllocator@@GAAUtagSAFEARRAY@@1H@Z

?QueryVirtualScopeList@CiStorage@@QAEPAVPRcovStorageObj@@K@Z

??0CDFA@@QAE@PBGAAVCTimeLimit@@E@Z

?PropertyToPropid@CFwPropertyMapper@@UAGJPBUtagFULLPROPSPEC@@HPAK@Z

?QueryInterface@CFwPropertyMapper@@UAGJABU_GUID@@PAPAX@Z

?OpenFileFromPath@@YGPAU_iobuf@@PBG@Z

?Marshall@CNatLanguageRestriction@@QBEXAAVPSerStream@@@Z

??1CScopeAdmin@@QAE@XZ

??1CRangeRestriction@@QAE@XZ

??8CDbColId@@QBEHABV0@@Z

?SetUI8@CStorageVariant@@QAEXT_ULARGE_INTEGER@@I@Z

??1CCatState@@QAE@XZ

??1CDbSortKey@@QAE@XZ

??1CFullPropSpec@@QAE@XZ

??0CWorkQueue@@QAE@IW4WorkQueueType@0@@Z

?_dwLastCheckMoment@CGlobalPropFileRefresher@@0KA

?RemoveCatalogFiles@CMachineAdmin@@QAEXPBG@Z

?Eof@CMmStreamConsecBuf@@QAEHXZ

?Next@CScopeEnum@@QAEHXZ

?IsStopped@CCatalogAdmin@@QAEHXZ

?Read@CRcovStrmTrans@@QAEKPAXK@Z

CIMakeICommand

?Clone@CNodeRestriction@@QBEPAV1@XZ

?CloseRecord@CPropStoreManager@@QAEXPAVCCompositePropRecord@@@Z

?AcqLine@CQueryScanner@@QAEPAGH@Z

?Marshall@CDbPropSet@@QBEXAAVPSerStream@@@Z

??1CWin32RegAccess@@QAE@XZ

??1CRegNotify@@MAE@XZ

?Find@CPropertyList@@UAEPBVCPropEntry@@ABVCDbColId@@@Z

?SetFILETIME@CStorageVariant@@QAEXU_FILETIME@@I@Z

?SetProperty@CFullPropSpec@@QAEHPBG@Z

??0CDbContentRestriction@@QAE@PBGABVCDbColumnNode@@KK@Z

?GetLocation@CCatalogAdmin@@QAEPBGXZ

??1CImpersonationTokenCache@@QAE@XZ

?CheckError@CPropListFile@@QAEJAAKPAPAG@Z

?ChangeCurrentMachine@CCatState@@QAEXPBG@Z

?AddRef@CEnumWorkid@@UAGKXZ

??0CDynStream@@QAE@PAVPMmStream@@@Z

?DeleteRegistryParamNoThrow@CCatalogAdmin@@QAEXPBG@Z

?Cleanup@CDbColId@@QAEXXZ

??0CRangeKeyRepository@@QAE@XZ

CIBuildQueryTree

?ReadProperty@CPropertyStore@@QAEHKKAAUtagPROPVARIANT@@@Z

?MinPageInUse@CBufferCache@@QAEHAAK@Z

OleQueryBounds

DibGetData

LeSaveToStream

DibEqual

LeSetBounds

MfGetData

BmRelease

ErrObjectLong

BmQueryBounds

OleObjectConvert

OleEqual

LeRelease

OleIsDcMeta

GenEqual

LeQueryOutOfDate

DibChangeData

OleLockServer

MfRelease

LeClose

OleEnumObjects

MfClone

OleReconnect

GenClone

OleGetLinkUpdateOptions

DocWndProc

MfCallbackFunc

LeSetHostNames

RtlGetElementGenericTable

RtlRestoreLastWin32Error

_ui64toa

RtlEqualComputerName

NtQueryInformationJobObject

RtlGetLengthWithoutTrailingPathSeperators

ZwOpenEventPair

wcslen

ZwQuerySystemEnvironmentValue

RtlAddAccessDeniedAce

RtlAcquireResourceExclusive

NtDebugActiveProcess

NtSetQuotaInformationFile

ZwCompactKeys

PfxInsertPrefix

NtQuerySymbolicLinkObject

RtlTimeToSecondsSince1970

sscanf

NtQueryAttributesFile

RtlCheckRegistryKey

RtlNormalizeProcessParams

ZwQueryInformationThread

LdrLockLoaderLock

ZwQueryMultipleValueKey

_ultoa

RtlTimeToElapsedTimeFields

RtlFormatCurrentUserKeyPath

LdrInitializeThunk

NtAllocateVirtualMemory

LdrFindResourceEx_U

NtSetContextThread

_allmul

NtModifyBootEntry

RtlUnicodeToMultiByteSize

ZwAdjustPrivilegesToken

RtlImageDirectoryEntryToData

ZwOpenIoCompletion

ZwCreatePagingFile

NtVdmControl

RtlLengthSecurityDescriptor

QueryApplication

SetActionName

RunDLL32_UnregisterApplication

DllGetClassObject

SetActionLogFile

RunDLL32_RegisterApplication

OpenAppRegEnum

RegisterApplication

CloseAppRegEnum

AppRegEnum

SetActionEnum

UnregisterApplication

ExecuteAction

SetActionLogModeSz

RefreshAppRegEnum

SetSilent

SetActionLogMode

CM_Get_Log_Conf_Priority

CM_Get_Device_Interface_List_Size_ExA

CM_Get_HW_Prof_FlagsA

CM_Set_DevNode_Registry_Property_ExW

CM_Get_Device_Interface_AliasW

CM_Get_Class_Registry_PropertyA

CM_Delete_DevNode_Key_Ex

CM_Get_Device_Interface_AliasA

CM_Get_Parent

CM_Set_HW_Prof

CM_Connect_MachineW

CM_Query_Arbitrator_Free_Data_Ex

CM_Add_ID_ExW

CM_Unregister_Device_Interface_ExW

CM_Get_Next_Res_Des

CM_Locate_DevNode_ExW

CM_Free_Resource_Conflict_Handle

CM_Open_DevNode_Key_Ex

CM_Request_Eject_PC_Ex

CM_Get_Device_ID_List_ExW

CM_Get_Sibling_Ex

CM_Delete_DevNode_Key

CM_Set_Class_Registry_PropertyA

CM_Get_Device_ID_ListW

CM_Get_Class_NameW

CM_Get_Depth

CM_Enumerate_Enumerators_ExA

CM_Enumerate_Classes_Ex

CM_Get_HW_Prof_Flags_ExA

CM_Set_HW_Prof_FlagsW

CM_Get_Res_Des_Data_Size_Ex

CM_Get_Device_ID_List_SizeW

CM_Free_Range_List

CM_Get_Res_Des_Data_Ex

CM_First_Range

CM_Create_DevNode_ExW

CM_Get_Device_Interface_List_ExA

CM_Query_Resource_Conflict_List

CM_Create_Range_List

CM_Set_DevNode_Registry_PropertyW

CM_Get_Device_Interface_List_SizeW

CM_Add_IDW

CM_Get_Next_Log_Conf_Ex

CM_Get_Global_State_Ex

CM_Create_DevNodeA

AMGetErrorTextW

DBToAmpFactor

AmpFactorToDB

DllGetClassObject

AMGetErrorTextA

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ