ExFreePoolWithTag
RtlTimeToSecondsSince1970
ZwReadFile
RtlInitUnicodeString
swprintf
ZwSetInformationFile
KeDelayExecutionThread
ZwWaitForSingleObject
ZwCreateFile
ZwQueryDirectoryFile
PsGetCurrentThreadId
ZwOpenFile
ZwQueryInformationFile
ZwWriteFile
IoFileObjectType
ZwClose
ObReferenceObjectByHandle
ObfDereferenceObject
IoQueryFileDosDeviceName
DbgPrint
PsCreateSystemThread
ZwConnectPort
ZwCreateEvent
ExReleaseFastMutex
ExAcquireFastMutex
KeInitializeEvent
LpcPortObjectType
LpcRequestPort
ZwSetEvent
ZwCreateSection
ZwFsControlFile
ZwCancelIoFile
ZwWaitForMultipleObjects
RtlUnicodeStringToAnsiString
ZwSetValueKey
ZwQueryValueKey
RtlxUnicodeStringToAnsiSize
NlsMbOemCodePageTag
ZwOpenKey
_stricmp
MmIsAddressValid
PsSetCreateProcessNotifyRoutine
IofCompleteRequest
KeWaitForSingleObject
KeSetEvent
IoCreateFile
IoFreeMdl
IoAllocateMdl
RtlAnsiStringToUnicodeString
ExInitializeNPagedLookasideList
ExpInterlockedPushEntrySList
ExpInterlockedPopEntrySList
ExSystemTimeToLocalTime
PsTerminateSystemThread
_vsnprintf
ExQueryDepthSList
RtlTimeToTimeFields
PsThreadType
ExInterlockedRemoveHeadList
PsGetCurrentProcessId
KeWaitForMultipleObjects
ExDeleteNPagedLookasideList
PsLookupProcessByProcessId
ExGetPreviousMode
ZwQuerySystemInformation
KeUnstackDetachProcess
ExAllocatePoolWithTag
PsGetProcessId
KeStackAttachProcess
ProbeForRead
ObOpenObjectByPointer
MmSectionObjectType
_wcsicmp
IoThreadToProcess
PsProcessType
PsGetProcessImageFileName
KeInitializeApc
KeInsertQueueApc
PsGetThreadId
IoGetCurrentProcess
ZwQueryInformationProcess
ZwTerminateProcess
ZwQueryInformationThread
PsLookupThreadByThreadId
RtlxAnsiStringToUnicodeSize
MmProbeAndLockPages
isspace
_wcsnicmp
isdigit
isupper
RtlGetVersion
MmUserProbeAddress
ExAcquireResourceExclusiveLite
KeLeaveCriticalRegion
ZwMapViewOfSection
MmHighestUserAddress
RtlSetBits
RtlInitializeBitMap
KeEnterCriticalRegion
MmMapViewInSystemSpace
ZwUnmapViewOfSection
RtlAreBitsSet
ExAcquireResourceSharedLite
ExReleaseResourceLite
RtlClearAllBits
MmUnmapViewInSystemSpace
ExDeleteResourceLite
ExInitializeResourceLite
RtlFindNextForwardRunClear
RtlClearBits
KeInitializeMutex
MmFreeMappingAddress
KeReleaseMutex
MmMapLockedPagesWithReservedMapping
MmAllocateMappingAddress
MmUnmapReservedMapping
MmUnlockPages
strchr
MmGetSystemRoutineAddress
atoi
_snprintf
strncpy
ZwFreeVirtualMemory
ZwSetInformationThread
RtlRandom
ZwAllocateVirtualMemory
ZwSetTimer
ZwCreateTimer
ZwCancelTimer
sprintf
strncmp
ExEventObjectType
MmUnmapLockedPages
IoDeleteSymbolicLink
PsRemoveCreateThreadNotifyRoutine
IoDeleteDevice
PsSetCreateThreadNotifyRoutine
MmMapLockedPagesSpecifyCache
ZwSetInformationProcess
IoCreateSymbolicLink
IoCreateDevice
ExSetTimerResolution
strrchr
ZwOpenEvent
wcsrchr
_itoa
RtlCaptureContext
ProbeForWrite
ZwYieldExecution
qsort
strstr
RtlSecondsSince1970ToTime
__C_specific_handler
