IoUnregisterFileSystem
ZwOpenKey
ZwLoadDriver
SeAppendPrivileges
RtlInitString
RtlInsertUnicodePrefix
IoGetCurrentProcess
FsRtlIsNameInExpression
CcMdlRead
MmAllocateMappingAddress
IoUpdateShareAccess
MmUnlockPagableImageSection
KeAttachProcess
PsImpersonateClient
ZwFsControlFile
KeRundownQueue
FsRtlNotifyInitializeSync
IoAllocateErrorLogEntry
KeInitializeDeviceQueue
KeSetTimer
RtlWriteRegistryValue
RtlEqualString
KeInsertQueueDpc
CcFastMdlReadWait
IoSetDeviceInterfaceState
PoStartNextPowerIrp
SeReleaseSubjectContext
IoSetDeviceToVerify
IoCsqRemoveIrp
RtlDeleteRegistryValue
ZwSetSecurityObject
CcInitializeCacheMap
MmUnsecureVirtualMemory
IoQueryFileDosDeviceName
IoAllocateMdl
ObOpenObjectByPointer
ExSetTimerResolution
IoRegisterDeviceInterface
ObInsertObject
KeSetTargetProcessorDpc
KeReleaseMutex
SeFilterToken
ExGetExclusiveWaiterCount
IoGetRelatedDeviceObject
KeRemoveEntryDeviceQueue
ZwQueryInformationFile
RtlAnsiStringToUnicodeString
ExAllocatePoolWithQuota
FsRtlDeregisterUncProvider
RtlClearBits
PsGetCurrentThreadId
RtlLengthRequiredSid
RtlOemToUnicodeN
ZwPowerInformation
RtlTimeToSecondsSince1970
RtlNtStatusToDosError
SeImpersonateClientEx
RtlInitUnicodeString
KeUnstackDetachProcess
IoAcquireVpbSpinLock
ExRaiseDatatypeMisalignment
KeReadStateMutex
ZwOpenProcess
ObReferenceObjectByPointer
IoRequestDeviceEject
ExDeletePagedLookasideList
RtlCreateSecurityDescriptor
RtlUpcaseUnicodeChar
PsRevertToSelf
ExSystemTimeToLocalTime
ProbeForRead
KeInitializeEvent
IoGetDriverObjectExtension
CcRepinBcb
ZwCreateFile
ZwWriteFile
MmCanFileBeTruncated
IofCompleteRequest
ZwDeleteValueKey
MmUnmapIoSpace
KeFlushQueuedDpcs
CcFastCopyWrite
FsRtlFreeFileLock
RtlxUnicodeStringToAnsiSize
PsReferencePrimaryToken
PoRequestPowerIrp
SeSetSecurityDescriptorInfo
RtlUpperString
KeSetTimerEx
SeOpenObjectAuditAlarm
MmAddVerifierThunks
RtlStringFromGUID
RtlVolumeDeviceToDosName
SeDeleteObjectAuditAlarm
FsRtlCheckOplock
MmGetSystemRoutineAddress
RtlCopySid
ExNotifyCallback
MmFreePagesFromMdl
RtlClearAllBits
ExInitializeResourceLite
IoGetRequestorProcess
HalExamineMBR
MmUnmapReservedMapping
RtlIntegerToUnicodeString
IoFreeController
RtlSubAuthoritySid
RtlFindLongestRunClear
KeSynchronizeExecution
SeQueryInformationToken
MmMapIoSpace
MmIsThisAnNtAsSystem
RtlExtendedIntegerMultiply
CcIsThereDirtyData
KeInitializeTimerEx
ExVerifySuite
MmSetAddressRangeModified
RtlCreateUnicodeString
RtlOemStringToUnicodeString
ZwQueryVolumeInformationFile
IoAcquireCancelSpinLock
MmFreeContiguousMemory
IoDisconnectInterrupt
CcPreparePinWrite
RtlFindClearBits
IoMakeAssociatedIrp
IoCreateDevice
PoUnregisterSystemState
KeReleaseSemaphore
ExRegisterCallback
RtlInitializeBitMap
FsRtlCheckLockForWriteAccess
ObfDereferenceObject
ObReferenceObjectByHandle
KdEnableDebugger
RtlAppendStringToString
DbgPrompt
KeEnterCriticalRegion
KeRemoveQueueDpc
PsCreateSystemThread
RtlUnicodeStringToInteger
KeRemoveByKeyDeviceQueue
RtlIsNameLegalDOS8Dot3
ZwOpenFile
RtlDeleteElementGenericTable
ExLocalTimeToSystemTime
KeWaitForMultipleObjects
FsRtlIsTotalDeviceFailure
IoQueryDeviceDescription
RtlGUIDFromString
RtlCopyUnicodeString
IoCancelIrp
PsGetProcessExitTime
MmAllocatePagesForMdl
KeDetachProcess
RtlHashUnicodeString
IoInitializeIrp
RtlRemoveUnicodePrefix
RtlQueryRegistryValues
RtlFreeOemString
RtlInitializeSid
SeCreateClientSecurity
CcPinRead
SeSinglePrivilegeCheck
KeInitializeTimer
MmFreeNonCachedMemory
KeInsertHeadQueue
KeDelayExecutionThread
ZwCreateKey
ObfReferenceObject
MmHighestUserAddress
RtlUpperChar
RtlCompareMemory
SeValidSecurityDescriptor
CcUnpinData
KeQueryInterruptTime
RtlMapGenericMask
IoAllocateWorkItem
RtlInitializeUnicodePrefix
KeRemoveDeviceQueue
KeSetSystemAffinityThread
CcPurgeCacheSection
RtlDelete
FsRtlIsHpfsDbcsLegal
SePrivilegeCheck
RtlNumberOfClearBits
IofCallDriver
IoDeleteDevice
CcUnpinRepinnedBcb
CcUnpinDataForThread
MmProbeAndLockPages
IoGetDeviceAttachmentBaseRef
RtlFindSetBits
ZwSetVolumeInformationFile
KeRemoveQueue
RtlUnicodeStringToAnsiString
CcSetDirtyPinnedData
ExReinitializeResourceLite
ExAcquireResourceSharedLite
IoReleaseVpbSpinLock
KeDeregisterBugCheckCallback
ExAllocatePoolWithQuotaTag
KeSetBasePriorityThread
IoGetDeviceProperty
FsRtlCheckLockForReadAccess
KeInitializeSpinLock
MmFreeMappingAddress
PsSetLoadImageNotifyRoutine
IoSetTopLevelIrp
KeGetCurrentThread
KeInsertByKeyDeviceQueue
PoCallDriver
MmQuerySystemSize
RtlLengthSecurityDescriptor
IoStartPacket
IoConnectInterrupt
CcSetReadAheadGranularity
ObCreateObject
KeRegisterBugCheckCallback
ExFreePoolWithTag
PsChargeProcessPoolQuota
IoCreateSynchronizationEvent
PoRegisterSystemState
IoReadDiskSignature
IoRemoveShareAccess
KeLeaveCriticalRegion
IoCheckQuotaBufferValidity
IoCreateStreamFileObject
IoReleaseCancelSpinLock
KeQuerySystemTime
IoVerifyVolume
RtlEqualSid
IoFreeIrp
RtlFindClearRuns
MmIsDriverVerifying
ZwDeviceIoControlFile
ZwEnumerateValueKey
PsGetThreadProcessId
ZwCreateDirectoryObject
KeRevertToUserAffinityThread
RtlGenerate8dot3Name
IoQueryFileInformation
SeTokenIsAdmin
RtlVerifyVersionInfo
RtlCopyString
ObQueryNameString
ZwSetValueKey
KdDisableDebugger
PsLookupProcessByProcessId
RtlSetBits
CcCanIWrite
RtlDeleteNoSplay
KeInitializeQueue
ZwMakeTemporaryObject
CcGetFileObjectFromBcb
RtlUnicodeStringToOemString
FsRtlLookupLastLargeMcbEntry
CcSetFileSizes
KeCancelTimer
