RtlInitUnicodeString
RtlEncodePointer
RtlDecodePointer
NtOpenKey
NtTerminateProcess
NtSuspendProcess
NtResumeProcess
NtSetValueKey
RtlFreeSid
RtlAllocateAndInitializeSid
RtlLengthSid
RtlNtStatusToDosError
RtlSetLastWin32Error
NtOpenProcessToken
NtSetEvent
NtCreateEvent
NtQueryInformationToken
NtSetInformationToken
NtOpenProcess
NtSetInformationThread
NtDeleteFile
LdrAccessResource
LdrFindResource_U
LdrGetProcedureAddress
RtlInitString
RtlPrefixUnicodeString
RtlExpandEnvironmentStrings_U
RtlFormatCurrentUserKeyPath
LdrEnumerateLoadedModules
RtlAllocateHeap
RtlFreeHeap
RtlImageDirectoryEntryToData
RtlEnterCriticalSection
RtlLeaveCriticalSection
NtQuerySystemInformation
NtCreateDirectoryObject
NtFsControlFile
NtReadFile
NtQueryInformationFile
NtQueryValueKey
NtQueryInformationProcess
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlDosPathNameToNtPathName_U
RtlFreeUnicodeString
NtFreeVirtualMemory
NtAllocateVirtualMemory
RtlDecompressBuffer
RtlQueryElevationFlags
RtlCreateHeap
RtlGetVersion
RtlGetFrame
RtlPopFrame
RtlPushFrame
RtlImageNtHeader
LdrGetDllHandle
NtNotifyChangeDirectoryFile
NtCreateFile
NtWaitForSingleObject
RtlGetCurrentPeb
NtClose
NtFilterToken
NtDuplicateToken
