IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

RtlInitUnicodeString

DbgPrint

KeInitializeEvent

ProbeForRead

MmSystemRangeStart

_except_handler3

_snwprintf

wcsstr

_wcsnicmp

MmIsAddressValid

wcslen

_wcslwr

ZwDeleteFile

IoFreeIrp

KeSetEvent

IoFreeMdl

MmUnlockPages

KeWaitForSingleObject

IoBuildAsynchronousFsdRequest

KeInitializeSpinLock

wcsrchr

MmUnmapLockedPages

MmMapLockedPagesSpecifyCache

MmProbeAndLockPages

IoAllocateMdl

_snprintf

qsort

RtlImageDirectoryEntryToData

RtlFreeUnicodeString

RtlAnsiStringToUnicodeString

strchr

RtlEqualUnicodeString

RtlInitAnsiString

_wcsicmp

ExInitializeResourceLite

MmGetSystemRoutineAddress

_stricmp

KeAddSystemServiceTable

PsSetCreateProcessNotifyRoutine

NtQuerySystemInformation

KeInsertQueueDpc

KeSetTargetProcessorDpc

KeInitializeDpc

ExAllocatePoolWithTag

KeEnterCriticalRegion

ZwEnumerateValueKey

ZwEnumerateKey

IoCreateDevice

ZwClose

ObReferenceObjectByHandle

ZwOpenKey

KeBugCheckEx

ZwUnmapViewOfSection

_allmul

KeGetCurrentThread

MmHighestUserAddress

ZwWriteFile

ZwCreateFile

swprintf

MmGetVirtualForPhysical

MmGetPhysicalAddress

ObOpenObjectByPointer

IoFreeWorkItem

IoQueueWorkItem

IoAllocateWorkItem

PsTerminateSystemThread

KeInsertQueueApc

KeInitializeApc

NtAllocateVirtualMemory

PsCreateSystemThread

ObOpenObjectByName

RtlValidSecurityDescriptor

RtlImageNtHeader

RtlAppendUnicodeStringToString

RtlCopyUnicodeString

RtlVolumeDeviceToDosName

ZwYieldExecution

IoThreadToProcess

mbstowcs

IoBuildDeviceIoControlRequest

KeClearEvent

IoGetBaseFileSystemDeviceObject

IoGetDeviceObjectPointer

KeStackAttachProcess

KeUnstackDetachProcess

ZwQueryInformationFile

ZwOpenFile

ZwReadFile

ExAcquireResourceExclusiveLite

ExReleaseResourceLite

KeLeaveCriticalRegion

KeDelayExecutionThread

ExDeleteResourceLite

ExFreePoolWithTag

IoDeleteSymbolicLink

ZwTerminateProcess

IoCreateSymbolicLink

IoDeleteDevice

IoGetCurrentProcess

ObfDereferenceObject

PsLookupProcessByProcessId

KeNumberProcessors

IofCompleteRequest

ExReleaseFastMutex

KfAcquireSpinLock

KfLowerIrql

ExAcquireFastMutex

KfReleaseSpinLock

KeRaiseIrqlToDpcLevel

TdiRegisterNetAddress

NdisDeregisterProtocol

NdisOpenAdapter

NdisRegisterProtocol

ClassGetDescriptor

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_CODE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE