NtSetCachedSigningLevel
RtlCopyUnicodeString
RtlFindMessage
RtlFormatMessage
NtDrawText
NtDisplayString
NtQueryInformationFile
NtOpenProcess
NtQueryInformationProcess
_wcstoui64
RtlInitUnicodeString
NtOpenProcessToken
NtAdjustPrivilegesToken
NtOpenKey
NtLoadKey
NtUnloadKey
NtCreateTransaction
NtCommitTransaction
RtlSetSystemBootStatus
NtShutdownSystem
NtCreateKey
NtFlushKey
RtlExpandEnvironmentStrings_U
NtFlushBuffersFile
NtReadFile
NtCreateFile
DbgPrintEx
RtlNtStatusToDosError
RtlAllocateHeap
RtlFreeHeap
RtlRaiseStatus
NtDelayExecution
NtRollbackTransaction
NtQueryVolumeInformationFile
NtQueryAttributesFile
NtQuerySecurityObject
NtSetSecurityObject
NtCreateKeyTransacted
NtOpenKeyTransactedEx
NtOpenKeyEx
NtDeleteKey
NtQueryValueKey
NtSetValueKey
NtDeleteValueKey
NtFsControlFile
NtTerminateProcess
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlUnhandledExceptionFilter
memmove
NtClose
NtSetInformationFile
NtOpenFile
NtQuerySystemTime
NtWriteFile
RtlSetHeapInformation
sprintf_s
RtlNormalizeProcessParams
RtlFreeUnicodeString
NtOpenThreadToken
NtQueryInformationToken
RtlCreateAcl
RtlCreateSecurityDescriptor
RtlSetDaclSecurityDescriptor
RtlDuplicateUnicodeString
RtlGetOwnerSecurityDescriptor
RtlGetGroupSecurityDescriptor
RtlGetDaclSecurityDescriptor
RtlGetSaclSecurityDescriptor
RtlNewSecurityObjectEx
RtlDeleteSecurityObject
RtlEqualUnicodeString
LdrLoadDll
LdrGetProcedureAddress
NtQueryPerformanceCounter
NtSetIoCompletion
NtWaitForMultipleObjects
RtlGetControlSecurityDescriptor
RtlFindAceByType
NtQuerySystemInformation
NtCreateIoCompletion
NtCreateEvent
TpSimpleTryPost
NtRemoveIoCompletion
NtSetEvent
RtlTimeToTimeFields
NtQueryKey
RtlSetOwnerSecurityDescriptor
RtlSetCurrentTransaction
NtEnumerateKey
RtlGetLengthWithoutLastFullDosOrNtPathElement
NtEnumerateValueKey
RtlGetAce
RtlpApplyLengthFunction
LdrUnloadDll
RtlQueryInformationAcl
RtlAddAccessAllowedAceEx
NtDeleteFile
RtlGetCurrentTransaction
RtlAddAce
RtlLengthSid
NtDuplicateObject
NtYieldExecution
NtSetInformationKey
NtQueryObject
RtlDestroyEnvironment
NtQueryDirectoryFile
RtlDeleteCriticalSection
RtlEnterCriticalSection
RtlInitializeCriticalSection
RtlLeaveCriticalSection
RtlConvertSidToUnicodeString
RtlValidAcl
RtlSetSaclSecurityDescriptor
RtlLengthSecurityDescriptor
RtlValidSid
RtlMakeSelfRelativeSD
NtDuplicateToken
NtSetInformationThread
RtlCopySid
RtlSetGroupSecurityDescriptor
RtlCreateEnvironmentEx
RtlUpcaseUnicodeChar
RtlDowncaseUnicodeChar
RtlReAllocateHeap
RtlDosPathNameToNtPathName_U
LdrGetDllHandleEx
RtlQueryEnvironmentVariable_U
DbgPrint
RtlCreateUnicodeStringFromAsciiz
iswspace
wcscpy_s
memcpy_s
strncmp
_snprintf_s
wcstoul
memcmp
memcpy
memset
