IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

GetTraceEnableFlags

GetTraceEnableLevel

GetTraceLoggerHandle

RegisterTraceGuidsW

UnregisterTraceGuids

SetServiceStatus

RegisterServiceCtrlHandlerExW

StartServiceCtrlDispatcherW

ConvertStringSecurityDescriptorToSecurityDescriptorW

SetSecurityDescriptorDacl

InitializeSecurityDescriptor

AddAccessAllowedAce

InitializeAcl

RegCloseKey

RegSetValueExW

RegCreateKeyExW

RegQueryValueExW

RegOpenKeyExW

RegEnumKeyExW

LookupAccountSidW

ConvertSidToStringSidW

GetLengthSid

FreeSid

AllocateAndInitializeSid

GetTokenInformation

AddAccessDeniedAceEx

AddAccessAllowedAceEx

AdjustTokenPrivileges

LookupPrivilegeValueW

OpenProcessToken

ConvertStringSidToSidW

EqualSid

OpenThreadToken

DuplicateToken

CheckTokenMembership

PrivilegeCheck

AccessCheck

CreateWellKnownSid

RegDeleteValueW

RegEnumValueW

RegQueryInfoKeyW

TraceMessage

DeregisterEventSource

ReportEventW

RegisterEventSourceW

GetAce

AddAce

LookupAccountNameW

SetSecurityDescriptorGroup

SetSecurityDescriptorOwner

CopySid

GetAclInformation

SetErrorMode

GetDiskFreeSpaceW

CreateDirectoryW

SetFileAttributesW

WriteFile

EncodePointer

DeleteFileW

FormatMessageW

HeapFree

GetProcessHeap

HeapAlloc

GetVolumeInformationW

GetEnvironmentVariableW

GetVersionExW

GetTimeZoneInformation

GetSystemWindowsDirectoryW

LoadLibraryW

GetProcAddress

FreeLibrary

FindFirstVolumeW

FindNextVolumeW

FindFirstFileW

FindNextFileW

ExpandEnvironmentStringsW

FindClose

LoadLibraryExW

GetModuleHandleW

GetComputerNameExW

GetVolumePathNamesForVolumeNameW

ReadFile

DefineDosDeviceW

FindVolumeClose

GetComputerNameW

SetLastError

GetCurrentThread

UnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

GetCurrentProcessId

GetTickCount

QueryPerformanceCounter

GetModuleHandleA

SetUnhandledExceptionFilter

GetStartupInfoW

InterlockedExchange

MoveFileExW

GetFileAttributesW

GetSystemTimeAsFileTime

LocalAlloc

GetTickCount64

FlushFileBuffers

SetThreadPriority

WaitForMultipleObjects

ResumeThread

DeleteVolumeMountPointW

RaiseException

lstrlenW

QueryDosDeviceW

SetVolumeMountPointW

GetDriveTypeW

CreateFileW

ResetEvent

DeviceIoControl

GetSystemDirectoryW

GetVolumePathNameW

GetVolumeNameForVolumeMountPointW

LocalFree

HeapSetInformation

GetCommandLineW

CompareStringW

OpenThread

CreateWaitableTimerW

CreateEventW

SetEvent

GetCurrentThreadId

CancelWaitableTimer

SetWaitableTimer

LeaveCriticalSection

EnterCriticalSection

Sleep

InterlockedCompareExchange

InitializeCriticalSectionAndSpinCount

InterlockedDecrement

InterlockedIncrement

DeleteCriticalSection

InitializeCriticalSection

CreateThread

GetLastError

WaitForSingleObject

CloseHandle

LoadStringW

UnregisterDeviceNotification

RegisterDeviceNotificationW

_CxxThrowException

_beginthreadex

memcpy

malloc

memset

_errno

realloc

memmove

wcsncmp

free

_wcsicmp

_wcsnicmp

qsort

_wcslwr

_snwscanf_s

_vsnwprintf

strncmp

wcsnlen

_ultow_s

wcscpy_s

wcscat_s

swprintf_s

wcstoul

wcschr

wcsrchr

iswspace

towupper

wcsstr

??0exception@@QAE@ABQBD@Z

?what@exception@@UBEPBDXZ

??1exception@@UAE@XZ

??0exception@@QAE@ABV0@@Z

memcpy_s

memmove_s

??0exception@@QAE@XZ

_callnewh

__wgetmainargs

_cexit

_exit

_XcptFilter

__CxxFrameHandler3

_purecall

_vscwprintf

_wcsupr

exit

_wcmdln

_initterm

_amsg_exit

__setusermatherr

_adjust_fdiv

__p__commode

__p__fmode

__set_app_type

??1type_info@@UAE@XZ

?terminate@@YAXXZ

_except_handler4_common

_unlock

__dllonexit

_lock

_onexit

_controlfp

ord58

ord18

ord32

ord30

ord20

ord17

ord23

ord16

CoImpersonateClient

CoRevertToSelf

CoTaskMemRealloc

CoSetProxyBlanket

CoUninitialize

StringFromCLSID

CoGetObjectContext

CoFreeUnusedLibraries

CLSIDFromString

CoCreateGuid

CoTaskMemAlloc

CoTaskMemFree

CoInitialize

CoInitializeSecurity

CoCreateInstance

CoDisconnectContext

CoInitializeEx

SHDeleteKeyW

VariantInit

SysFreeString

SysAllocStringLen

SysAllocString

SysStringLen

LoadRegTypeLi

VariantClear

VariantCopy

VariantChangeType

UuidToStringW

I_RpcBindingInqLocalClientPID

RpcStringFreeW

RtlStringFromGUID

RtlGetVersion

NtCreateEvent

NtDeviceIoControlFile

NtWaitForSingleObject

NtResetEvent

LdrGetDllHandle

RtlInitAnsiString

LdrGetProcedureAddress

NtAllocateUuids

RtlFreeUnicodeString

RtlGUIDFromString

NtOpenFile

RtlNtStatusToDosErrorNoTeb

NtQueryVolumeInformationFile

NtQuerySystemInformation

NtFreezeTransactions

NtThawTransactions

NtClose

NtCreateSymbolicLinkObject

RtlInitUnicodeString

RtlAllocateHeap

RtlFreeHeap

NtDeleteKey

NtSetValueKey

NtQueryValueKey

NtDeleteValueKey

NtCreateKey

NtSetSecurityObject

RtlAllocateAndInitializeSid

RtlLengthSid

RtlCreateAcl

RtlAddAccessAllowedAceEx

RtlCreateSecurityDescriptor

RtlSetDaclSecurityDescriptor

RtlLengthSecurityDescriptor

RtlSetOwnerSecurityDescriptor

RtlFreeSid

NtOpenThreadToken

NtOpenProcessToken

NtAdjustPrivilegesToken

NtLoadKey

NtUnloadKey

NtQueryAttributesFile

NtQueryKey

NtEnumerateKey

NtOpenKey

NtFreezeRegistry

NtThawRegistry

RtlNtStatusToDosError

NtQuerySymbolicLinkObject

NtOpenSymbolicLinkObject

DbgBreakPoint

?TranslateProviderError@CVssFunctionTracer@@QAAXUCVssDebugInfo@@U_GUID@@PBGZZ

?AddOperation@CVssFunctionTracer@@QAAXUCVssDebugInfo@@IZZ

?AddContext@CVssFunctionTracer@@QAEXUCVssDebugInfo@@IPBG@Z

?TraceBuffer@CVssFunctionTracer@@QAEXUCVssDebugInfo@@KPAE@Z

?TranslateInternalLovelaceError@CVssFunctionTracer@@QAAXUCVssDebugInfo@@JHPBGZZ

?TranslateInternalProviderError@CVssFunctionTracer@@QAAXUCVssDebugInfo@@JJPBGZZ

?Exit@CVssFunctionTracer@@QAE_N_N@Z

??0CVssDebugInfo@@QAE@PBGPBDKKK@Z

??0CVssDebugInfo@@QAE@ABU0@@Z

?TranslateWin32Error@CVssFunctionTracer@@QAAXUCVssDebugInfo@@PBGZZ

?ComDisableSEH@CVssFunctionTracer@@QAEXUCVssDebugInfo@@@Z

?ms_bInitialized@CVssSKU@@0HA

?Initialize@CVssSKU@@CGXXZ

?ms_eSKU@CVssSKU@@0W4EVssSKUType@1@A

?CoCreateInstanceWithLog@CVssFunctionTracer@@QAEXUCVssDebugInfo@@U_GUID@@PBGK1PAPAUIUnknown@@@Z

?CheckForError@CVssFunctionTracer@@QAAXUCVssDebugInfo@@PBG@Z

?LogGenericWarning@CVssFunctionTracer@@QAAXUCVssDebugInfo@@PBGZZ

??6CVssDebugInfo@@QAE?AU0@H@Z

?ThrowIf@CVssFunctionTracer@@QAAXHUCVssDebugInfo@@JPBGZZ

??6CVssDebugInfo@@QAE?AU0@J@Z

?LogError@CVssFunctionTracer@@QAAXKUCVssDebugInfo@@GPAG@Z

??1CVssDebugInfo@@QAE@XZ

?TranslateGenericError@CVssFunctionTracer@@QAAXUCVssDebugInfo@@JPBGZZ

??0CVssFunctionTracer@@QAE@UCVssDebugInfo@@PBG@Z

?Throw@CVssFunctionTracer@@QAAXUCVssDebugInfo@@JPBGZZ

?GetHr@CVssFunctionTracer@@QAEJXZ

?HrSucceeded@CVssFunctionTracer@@QAE_NXZ

?SetHr@CVssFunctionTracer@@QAEJJ@Z

?HrFailed@CVssFunctionTracer@@QAE_NXZ

?ms_bTransportableShadowsAllowed@CVssSKU@@0HA

?CheckForErrorInternal@CVssFunctionTracer@@QAAXUCVssDebugInfo@@PBG@Z

??6CVssDebugInfo@@QAE?AU0@PBG@Z

?AddContextEx@CVssFunctionTracer@@QAAXUCVssDebugInfo@@IPBGZZ

?ThrowOutOfMemory@CVssFunctionTracer@@QAAXUCVssDebugInfo@@@Z

?TranslateError@CVssFunctionTracer@@QAAXUCVssDebugInfo@@JPBG@Z

?InterpretWaitForMultipleObjects@CVssFunctionTracer@@QAEXK@Z

?ExitCachedMode@CBsDbgTrace@@QAEXXZ

?EnterCachedMode@CBsDbgTrace@@QAEXXZ

?GetTraceFileVolume@CBsDbgTrace@@QAEPAGXZ

?g_cDbgTrace@@3VCBsDbgTrace@@A

??6CVssDebugInfo@@QAE?AU0@K@Z

?TranslateWriterReturnCode@CVssFunctionTracer@@QAAXUCVssDebugInfo@@PBGZZ

??6CVssDebugInfo@@QAE?AU0@U_GUID@@@Z

?LogSecurityAudit@CVssFunctionTracer@@QAAXKUCVssDebugInfo@@@Z

?AddOperation@CVssFunctionTracer@@QAAXUCVssDebugInfo@@PBGZZ

?ReThrow@CVssFunctionTracer@@QAEXXZ

?AddGenericErrorContext@CVssFunctionTracer@@QAAXUCVssDebugInfo@@JPBGZZ

?LogGenericInfo@CVssFunctionTracer@@QAAXUCVssDebugInfo@@PBGZZ

??6CVssDebugInfo@@QAE?AU0@PAD@Z

?Trace@CVssFunctionTracer@@QAAXUCVssDebugInfo@@PBGZZ

??1CVssFunctionTracer@@QAE@XZ

?Exit@CVssFunctionTracer@@QAEPAGPAG@Z

CM_Locate_DevNodeW

CM_Get_Device_IDW

CM_Get_Device_ID_Size_Ex

SetupDiDestroyDeviceInfoList

SetupDiGetDeviceRegistryPropertyW

SetupDiOpenDeviceInfoW

CM_Reenumerate_DevNode_Ex

CM_Get_Device_ID_List_ExW

CM_Get_Parent

SetupDiCallClassInstaller

SetupDiSetClassInstallParamsW

SetupDiGetDeviceInterfaceDetailW

SetupDiEnumDeviceInterfaces

SetupDiGetClassDevsW

SetupDiEnumDeviceInfo

SetupDiCreateDeviceInfoList

CM_Get_Device_ID_List_Size_ExW

CreateWriterEx

?LoadVssSnapshotSetDescription@@YGJPBGPAPAVIVssSnapshotSetDescription@@U_GUID@@@Z

CreateWriter

?CreateVssSnapshotSetDescription@@YGJU_GUID@@JPAPAVIVssSnapshotSetDescription@@@Z

VssFreeSnapshotPropertiesInternal

NetShareAdd

NetShareDel

NetShareGetInfo

NetShareEnum

NetLocalGroupGetMembers

NetApiBufferFree

OpenCluster

CloseCluster

GetNodeClusterState

ord9

ord8

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE