IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

malloc

_initterm

_except_handler4_common

free

_XcptFilter

memcpy

memcmp

_amsg_exit

memset

RtlAllocateHeap

RtlInitUnicodeString

NtQueryAttributesFile

NtQuerySystemInformation

NtSetThreadExecutionState

RtlLocalTimeToSystemTime

RtlFreeHeap

Sleep

UnhandledExceptionFilter

SetUnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

QueryPerformanceCounter

GetCurrentProcessId

GetCurrentThreadId

GetSystemTimeAsFileTime

GetTickCount

?SetBit@BITVECTOR@@QAEXKK@Z

?ResetBit@BITVECTOR@@QAEXKK@Z

??0OBJECT@@IAE@XZ

??1OBJECT@@UAE@XZ

?ComputeCountSet@BITVECTOR@@ABEKXZ

?Initialize@CLASS_DESCRIPTOR@@QAEEPBD@Z

??0CLASS_DESCRIPTOR@@QAE@XZ

?Stricmp@WSTRING@@SGHPAG0@Z

??1HMEM@@UAE@XZ

?QueryWSTR@WSTRING@@QBEPAGKKPAGKE@Z

?FreeLibraryHandle@SYSTEM@@SGXPAX@Z

?QueryLibraryEntryPoint@SYSTEM@@SGP6GHXZPBVWSTRING@@0PAPAX@Z

?Initialize@WSTRING@@QAEEPBGK@Z

?Strcat@WSTRING@@QAEEPBV1@@Z

?Initialize@WSTRING@@QAEEPBV1@KK@Z

?Initialize@WSTRING@@QAEEPBDK@Z

??1DSTRING@@UAE@XZ

??0DSTRING@@QAE@XZ

?Display@MESSAGE@@QAAEPBDZZ

??0HMEM@@QAE@XZ

?QuerySTR@WSTRING@@QBEPADKKPADKE@Z

?Initialize@HMEM@@QAEEXZ

??0FSTRING@@QAE@XZ

?DebugDump@OBJECT@@UBEXE@Z

?Compare@OBJECT@@UBEJPBV1@@Z

??1FSTRING@@UAE@XZ

?Stricmp@WSTRING@@QBEJPBV1@@Z

??0EA_SET@@QAE@XZ

??1EA_SET@@UAE@XZ

?QueryNthCluster@FAT@@QBEKKK@Z

?QueryEaSetClusterNumber@EA_HEADER@@QBEGG@Z

?Read@EA_SET@@UAEEXZ

?GetEa@EA_SET@@QAEPAU_EA@@KPAJPAE@Z

??0CLUSTER_CHAIN@@QAE@XZ

??1CLUSTER_CHAIN@@UAE@XZ

?Initialize@CLUSTER_CHAIN@@QAEEPAVMEM@@PAVLOG_IO_DP_DRIVE@@PAVFAT_SA@@PBVFAT@@KK@Z

?Initialize@FAT_DIRENT@@QAEEPAX@Z

?Initialize@EA_HEADER@@QAEEPAVMEM@@PAVLOG_IO_DP_DRIVE@@PAVFAT_SA@@PBVFAT@@KK@Z

?Initialize@EA_SET@@QAEEPAVMEM@@PAVLOG_IO_DP_DRIVE@@PAVFAT_SA@@PBVFAT@@KK@Z

?Initialize@FILEDIR@@QAEEPAVMEM@@PAVLOG_IO_DP_DRIVE@@PAVFAT_SA@@PBVFAT@@K@Z

?QueryLongName@FATDIR@@QAEEJPAVWSTRING@@@Z

?QueryName@FAT_DIRENT@@QBEEPAVWSTRING@@@Z

?QueryLastAccessTime@FAT_DIRENT@@QBEEPAT_LARGE_INTEGER@@@Z

?IsValidLastAccessTime@FAT_DIRENT@@QBEEXZ

?QueryCreationTime@FAT_DIRENT@@QBEEPAT_LARGE_INTEGER@@@Z

?IsValidCreationTime@FAT_DIRENT@@QBEEXZ

?QueryLastWriteTime@FAT_DIRENT@@QBEEPAT_LARGE_INTEGER@@@Z

??1FILEDIR@@UAE@XZ

??0FILEDIR@@QAE@XZ

?QueryCensusAndRelocate@FAT_SA@@QAEEPAU_CENSUS_REPORT@@PAVINTSTACK@@PAE@Z

?QueryFreeSectors@REAL_FAT_SA@@QBEKXZ

?SearchForDirEntry@FATDIR@@QAEPAXPBVWSTRING@@@Z

?Initialize@FAT_DIRENT@@QAEEPAXE@Z

??1FAT_DIRENT@@UAE@XZ

??0FAT_DIRENT@@QAE@XZ

??1EA_HEADER@@UAE@XZ

??0EA_HEADER@@QAE@XZ

?Read@CLUSTER_CHAIN@@UAEEXZ

??0REAL_FAT_SA@@QAE@XZ

??1REAL_FAT_SA@@UAE@XZ

?Initialize@REAL_FAT_SA@@UAEEPAVLOG_IO_DP_DRIVE@@PAVMESSAGE@@E@Z

?Read@REAL_FAT_SA@@UAEEPAVMESSAGE@@@Z

?Index12@FAT@@ABEKK@Z

??1NTFS_UPCASE_FILE@@UAE@XZ

??0NTFS_LOG_FILE@@QAE@XZ

??1NTFS_LOG_FILE@@UAE@XZ

?CreateElementaryStructures@NTFS_SA@@QAEEPAVNTFS_BITMAP@@KKKKPBVNUMBER_SET@@EEEEEKPAVMESSAGE@@PAUBIOS_PARAMETER_BLOCK@@PBVWSTRING@@E@Z

?Initialize@NTFS_MFT_FILE@@QAEEW4FIX_LEVEL@@PAVLOG_IO_DP_DRIVE@@VBIG_INT@@KK2PAVNTFS_BITMAP@@PAVNTFS_UPCASE_TABLE@@PAVNTFS_ATTRIBUTE@@@Z

?Initialize@NTFS_UPCASE_FILE@@QAEEW4FIX_LEVEL@@PAVNTFS_MASTER_FILE_TABLE@@@Z

?QueryAttribute@NTFS_FILE_RECORD_SEGMENT@@QAEEPAVNTFS_ATTRIBUTE@@PAEKPBVWSTRING@@@Z

?Initialize@NTFS_UPCASE_TABLE@@QAEEPAVNTFS_ATTRIBUTE@@PA_K@Z

?Flush@NTFS_MFT_FILE@@QAEEXZ

?Initialize@NTFS_LOG_FILE@@QAEEW4FIX_LEVEL@@PAVNTFS_MASTER_FILE_TABLE@@@Z

??0NTFS_BITMAP_FILE@@QAE@XZ

??1NTFS_BITMAP_FILE@@UAE@XZ

?IsFree@NTFS_BITMAP@@QBEEVBIG_INT@@0@Z

?Initialize@NTFS_BITMAP_FILE@@QAEEW4FIX_LEVEL@@PAVNTFS_MASTER_FILE_TABLE@@@Z

?Write@NTFS_BITMAP@@QAEEPAVNTFS_ATTRIBUTE@@PAV1@@Z

?QuerySectorsInElementaryStructures@NTFS_SA@@SGKPAVDP_DRIVE@@KKKKE@Z

?WriteRemainingBootCode@NTFS_SA@@QAEEXZ

?Initialize@NTFS_ATTRIBUTE@@QAEEPAVLOG_IO_DP_DRIVE@@KPBVNTFS_EXTENT_LIST@@VBIG_INT@@2KPBVWSTRING@@G@Z

?AddExtent@NTFS_EXTENT_LIST@@QAEEVBIG_INT@@00@Z

?Initialize@NTFS_EXTENT_LIST@@QAEEVBIG_INT@@0@Z

??1NTFS_EXTENT_LIST@@UAE@XZ

??0NTFS_EXTENT_LIST@@QAE@XZ

?MakeNonresident@NTFS_ATTRIBUTE@@UAEEPAVNTFS_BITMAP@@@Z

?InsertEntry@NTFS_INDEX_TREE@@QAEEKPAXU_MFT_SEGMENT_REFERENCE@@E@Z

?AddFileNameAttribute@NTFS_FILE_RECORD_SEGMENT@@QAEEPAU_FILE_NAME@@@Z

?QueryDuplicatedInformation@NTFS_FILE_RECORD_SEGMENT@@QAEEPAU_DUPLICATED_INFORMATION@@@Z

?AddSecurityDescriptor@NTFS_FILE_RECORD_SEGMENT@@QAEEW4_CANNED_SECURITY_TYPE@@PAVNTFS_BITMAP@@@Z

?Create@NTFS_FILE_RECORD_SEGMENT@@QAEEPBU_STANDARD_INFORMATION@@G@Z

NtfsUpcaseCompare

?Initialize@NTFS_INDEX_TREE@@QAEEKPAVLOG_IO_DP_DRIVE@@KPAVNTFS_BITMAP@@PAVNTFS_UPCASE_TABLE@@KKKPBVWSTRING@@@Z

??0NTFS_UPCASE_FILE@@QAE@XZ

??0NTFS_BITMAP@@QAE@XZ

??1NTFS_BITMAP@@UAE@XZ

??0NTFS_ATTRIBUTE@@QAE@XZ

??1NTFS_ATTRIBUTE@@UAE@XZ

?Initialize@NTFS_ATTRIBUTE@@QAEEPAVLOG_IO_DP_DRIVE@@KPBXKKPBVWSTRING@@G@Z

?InsertIntoFile@NTFS_ATTRIBUTE@@UAEEPAVNTFS_FILE_RECORD_SEGMENT@@PAVNTFS_BITMAP@@@Z

?IsAttributePresent@NTFS_FILE_RECORD_SEGMENT@@QAEEKPBVWSTRING@@E@Z

?AllocateFileRecordSegment@NTFS_MASTER_FILE_TABLE@@QAEEPAVBIG_INT@@E@Z

?Extend@NTFS_MASTER_FILE_TABLE@@QAEEK@Z

??0NTFS_SA@@QAE@XZ

??1NTFS_SA@@UAE@XZ

??0NTFS_UPCASE_TABLE@@QAE@XZ

??1NTFS_UPCASE_TABLE@@UAE@XZ

??0NTFS_MFT_FILE@@QAE@XZ

??1NTFS_MFT_FILE@@UAE@XZ

?QueryDefaultClustersPerIndexBuffer@NTFS_SA@@SGKPBVDP_DRIVE@@K@Z

?Initialize@NTFS_SA@@QAEEPAVLOG_IO_DP_DRIVE@@PAVMESSAGE@@VBIG_INT@@2KE@Z

??0NTFS_FILE_RECORD_SEGMENT@@QAE@XZ

??1NTFS_FILE_RECORD_SEGMENT@@UAE@XZ

??0NTFS_INDEX_TREE@@QAE@XZ

??1NTFS_INDEX_TREE@@UAE@XZ

?Initialize@NTFS_FILE_RECORD_SEGMENT@@QAEEW4FIX_LEVEL@@VBIG_INT@@PAVNTFS_MFT_FILE@@@Z

?Read@NTFS_FRS_STRUCTURE@@UAEEXZ

?Initialize@NTFS_INDEX_TREE@@QAEEPAVLOG_IO_DP_DRIVE@@KPAVNTFS_BITMAP@@PAVNTFS_UPCASE_TABLE@@KPAVNTFS_FILE_RECORD_SEGMENT@@PBVWSTRING@@@Z

?Save@NTFS_INDEX_TREE@@QAEEPAVNTFS_FILE_RECORD_SEGMENT@@@Z

?Flush@NTFS_FILE_RECORD_SEGMENT@@QAEEPAVNTFS_BITMAP@@PAVNTFS_INDEX_TREE@@E@Z

?Initialize@NTFS_BITMAP@@QAEEVBIG_INT@@EPAVLOG_IO_DP_DRIVE@@KE@Z

??0READ_WRITE_CACHE@@QAE@XZ

?Initialize@READ_WRITE_CACHE@@QAEEPAVIO_DP_DRIVE@@KE@Z

?SetCache@IO_DP_DRIVE@@QAEXPAVDRIVE_CACHE@@@Z

RestoreThreadExecutionState

??0LOG_IO_DP_DRIVE@@QAE@XZ

?Initialize@LOG_IO_DP_DRIVE@@QAEEPBVWSTRING@@PAVMESSAGE@@E@Z

?Lock@IO_DP_DRIVE@@QAEEXZ

?DismountVolume@IFS_SYSTEM@@SGEPBVWSTRING@@@Z

?Remove@NUMBER_SET@@QAEEVBIG_INT@@0@Z

?Add@NUMBER_SET@@QAEEVBIG_INT@@0@Z

??0NUMBER_SET@@QAE@XZ

??1NUMBER_SET@@UAE@XZ

??0INTSTACK@@QAE@XZ

?Write@IO_DP_DRIVE@@QAEEVBIG_INT@@KPAX@Z

?Push@INTSTACK@@QAEEVBIG_INT@@@Z

?Initialize@INTSTACK@@QAEEXZ

??1INTSTACK@@UAE@XZ

?Initialize@NUMBER_SET@@QAEEXZ

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ