IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_AGGRESIVE_WS_TRIM

IMAGE_FILE_32BIT_MACHINE

_adjust_fdiv

__setusermatherr

_initterm

__getmainargs

__initenv

exit

_cexit

_XcptFilter

_exit

_c_exit

_ultow

wcscspn

memmove

__p__commode

wcsrchr

_itow

_wcsnicmp

wcscat

wcsncpy

_wcsicmp

wcslen

wcsncmp

_wtol

wcscpy

__p__fmode

__set_app_type

_except_handler3

time

_controlfp

wcschr

LogonUserExW

RegOpenKeyW

ConvertSidToStringSidW

LsaStorePrivateData

LsaLookupNames

LsaQueryInformationPolicy

OpenThreadToken

RegNotifyChangeKeyValue

InitializeSecurityDescriptor

SetSecurityDescriptorOwner

GetSecurityDescriptorDacl

GetLengthSid

CopySid

InitializeAcl

SystemFunction005

SystemFunction029

AllocateAndInitializeSid

SetServiceStatus

RegisterServiceCtrlHandlerW

StartServiceCtrlDispatcherW

AddAce

SetSecurityDescriptorDacl

LsaOpenPolicy

LsaLookupSids

LsaFreeMemory

LsaClose

ImpersonateLoggedOnUser

CreateProcessAsUserW

RevertToSelf

InitiateSystemShutdownW

GetTokenInformation

RegCloseKey

RegQueryValueExW

RegOpenKeyExW

GetCurrentProcessId

LoadLibraryW

GetDriveTypeW

OpenEventW

GetCurrentThread

CreateMutexW

ReleaseMutex

ExitThread

FormatMessageW

FreeLibrary

GetExitCodeThread

DelayLoadFailureHook

SetProcessShutdownParameters

SetConsoleCtrlHandler

SetErrorMode

SetUnhandledExceptionFilter

InterlockedCompareExchange

GetTickCount

LoadLibraryA

GetModuleHandleA

GetProcAddress

LocalAlloc

LocalFree

Sleep

LeaveCriticalSection

EnterCriticalSection

SetLastError

CloseHandle

CreateThread

GetLastError

CreateProcessW

ExpandEnvironmentStringsW

InitializeCriticalSection

HeapAlloc

HeapFree

TerminateProcess

WaitForSingleObject

HeapCreate

CreateNamedPipeW

ReadFile

CancelIo

GetOverlappedResult

WaitForMultipleObjects

ConnectNamedPipe

TransactNamedPipe

WriteFile

ResumeThread

GetSystemTimeAsFileTime

GetModuleHandleW

GetComputerNameW

CreateEventW

SetEvent

ResetEvent

DeviceIoControl

CreateFileW

LoadStringW

wsprintfW

BroadcastSystemMessageW

MessageBoxW

RegisterServicesProcess

RpcEpResolveBinding

RpcBindingFromStringBindingW

RpcStringFreeW

RpcServerRegisterAuthInfoW

RpcStringBindingComposeW

NdrClientCall2

RpcAsyncCompleteCall

RpcAsyncInitializeHandle

NdrAsyncServerCall

RpcBindingFree

NdrAsyncClientCall

RpcMgmtStopServerListening

RpcMgmtWaitServerListen

RpcServerUnregisterIf

RpcServerListen

NdrServerCall2

RpcRevertToSelf

RpcImpersonateClient

I_RpcMapWin32Status

RpcServerUseProtseqEpW

RpcServerRegisterIf

RtlCreateSecurityDescriptor

RtlAddAccessAllowedAce

RtlCreateAcl

NtCreateKey

NtQueryValueKey

NtSetValueKey

NtDeleteValueKey

NtEnumerateKey

NtQuerySecurityObject

RtlFreeHeap

NtOpenKey

NtDeleteKey

RtlSetControlSecurityDescriptor

RtlValidSecurityDescriptor

RtlLengthSecurityDescriptor

NtAccessCheckAndAuditAlarm

NtSetInformationThread

NtAdjustPrivilegesToken

NtDuplicateToken

NtOpenProcessToken

NtQueryInformationToken

NtOpenThreadToken

RtlQuerySecurityObject

RtlSetSecurityObject

RtlValidRelativeSecurityDescriptor

NtPrivilegeObjectAuditAlarm

NtPrivilegeCheck

RtlMapGenericMask

RtlCopyUnicodeString

NtSetInformationFile

NtQueryInformationFile

RtlAppendUnicodeStringToString

RtlAppendUnicodeToString

NtWaitForSingleObject

NtQueryDirectoryFile

NtDeleteFile

NtSetInformationProcess

RtlUnhandledExceptionFilter

NtSetEvent

RtlGetAce

RtlQueryInformationAcl

RtlGetDaclSecurityDescriptor

RtlAllocateHeap

RtlSetDaclSecurityDescriptor

RtlConvertSharedToExclusive

RtlConvertExclusiveToShared

RtlRegisterWait

RtlGetNtProductType

RtlEqualUnicodeString

RtlLengthSid

RtlCopySid

NtOpenDirectoryObject

RtlUnicodeStringToAnsiString

RtlInitAnsiString

RtlAnsiStringToUnicodeString

RtlNewSecurityObject

RtlAddAce

RtlSetOwnerSecurityDescriptor

RtlSetGroupSecurityDescriptor

RtlSetSaclSecurityDescriptor

RtlSubAuthorityCountSid

NtQueryDirectoryObject

RtlCompareUnicodeString

NtLoadDriver

NtUnloadDriver

RtlExpandEnvironmentStrings_U

RtlAdjustPrivilege

NtFlushKey

NtOpenFile

RtlDosPathNameToNtPathName_U

NtOpenSymbolicLinkObject

NtQuerySymbolicLinkObject

RtlFreeUnicodeString

RtlAreAllAccessesGranted

NtDeleteObjectAuditAlarm

NtCloseObjectAuditAlarm

RtlQueueWorkItem

RtlCopyLuid

RtlDeregisterWait

RtlReleaseResource

RtlAcquireResourceExclusive

RtlAcquireResourceShared

RtlInitializeResource

RtlDeleteSecurityObject

RtlLockBootStatusData

RtlGetSetBootStatusData

RtlUnlockBootStatusData

NtInitializeRegistry

NtQueryKey

NtClose

RtlInitUnicodeString

RtlNtStatusToDosError

NtShutdownSystem

NtSetSystemEnvironmentValue

RtlMakeSelfRelativeSD

RtlInitializeSid

RtlLengthRequiredSid

RtlSubAuthoritySid

NtSetSecurityObject

UnloadUserProfile

CreateEnvironmentBlock

LoadUserProfileW

DestroyEnvironmentBlock

ScesrvInitializeServer

ScesrvTerminateServer

RegisterScmCallback

PNP_SetActiveService

PNP_GetDeviceRegProp

PNP_GetDeviceListSize

PNP_GetDeviceList

PNP_HwProfFlags

RegisterServiceNotification

DeleteServicePlugPlayRegKeys

WmiEventSourceConnect

WmiSetAndCommitObject

WmiCreateObjectWithFormat

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ