KeSetEvent
FsRtlIsNameInExpression
RtlDeleteRegistryValue
KeEnterCriticalRegion
RtlFindUnicodePrefix
IoRegisterDeviceInterface
RtlUpcaseUnicodeToOemN
CcUnpinDataForThread
RtlRandom
CcZeroData
PoSetPowerState
KeQueryTimeIncrement
KeStackAttachProcess
SeDeleteObjectAuditAlarm
IoInvalidateDeviceState
MmBuildMdlForNonPagedPool
IoCheckShareAccess
KeRemoveByKeyDeviceQueue
KeSetTimer
ExGetSharedWaiterCount
KeSetPriorityThread
ZwQueryValueKey
RtlSetAllBits
RtlWriteRegistryValue
ExDeleteNPagedLookasideList
RtlHashUnicodeString
ZwOpenSymbolicLinkObject
ExIsProcessorFeaturePresent
RtlPrefixUnicodeString
MmPageEntireDriver
KeDelayExecutionThread
RtlTimeToTimeFields
ZwOpenProcess
IoDetachDevice
IoCreateDevice
PoRequestPowerIrp
RtlFillMemoryUlong
MmUnlockPagableImageSection
KeRemoveDeviceQueue
RtlInitAnsiString
KeSetTargetProcessorDpc
RtlEqualString
IoSetThreadHardErrorMode
KeInitializeSpinLock
ZwCreateDirectoryObject
PsIsThreadTerminating
KeRegisterBugCheckCallback
RtlFindClearBits
RtlFindLongestRunClear
MmLockPagableDataSection
SeCreateClientSecurity
IoInitializeIrp
KeInitializeTimerEx
IoGetStackLimits
RtlAppendStringToString
SeTokenIsRestricted
IoReportResourceForDetection
RtlMapGenericMask
RtlUpperChar
IoFreeController
ZwEnumerateKey
RtlGetNextRange
RtlEnumerateGenericTable
IoGetDeviceObjectPointer
MmQuerySystemSize
MmFreePagesFromMdl
FsRtlSplitLargeMcb
RtlEqualSid
IoSetSystemPartition
IoAllocateController
RtlUpperString
RtlCompareUnicodeString
RtlGetVersion
KeFlushQueuedDpcs
ExFreePoolWithTag
RtlAnsiCharToUnicodeChar
KeQueryActiveProcessors
PsDereferencePrimaryToken
KeInsertQueue
MmFreeContiguousMemory
RtlNtStatusToDosError
FsRtlIsDbcsInExpression
KeLeaveCriticalRegion
KeSaveFloatingPointState
ZwQueryVolumeInformationFile
RtlUpcaseUnicodeString
IoGetDeviceProperty
ExLocalTimeToSystemTime
IoStartPacket
RtlInitString
RtlInsertUnicodePrefix
MmSetAddressRangeModified
SeDeassignSecurity
RtlAppendUnicodeToString
RtlCheckRegistryKey
ExNotifyCallback
ZwDeviceIoControlFile
ZwOpenKey
ExGetExclusiveWaiterCount
IoGetRelatedDeviceObject
KeRemoveQueue
FsRtlAllocateFileLock
IoDeleteSymbolicLink
IoIsSystemThread
KeQueryInterruptTime
IoGetDeviceInterfaces
RtlCompareMemory
IoStartNextPacket
KeSetImportanceDpc
RtlInitializeBitMap
ZwFsControlFile
FsRtlIsHpfsDbcsLegal
KeWaitForMultipleObjects
KeWaitForSingleObject
IoUpdateShareAccess
MmUnsecureVirtualMemory
PsCreateSystemThread
RtlUpcaseUnicodeChar
ZwOpenFile
ExRaiseStatus
KeInitializeSemaphore
KeInitializeQueue
PoUnregisterSystemState
CcFastMdlReadWait
ZwReadFile
IoRaiseHardError
KeInsertDeviceQueue
RtlCompareString
CcPreparePinWrite
IoDeviceObjectType
MmResetDriverPaging
KeInsertQueueDpc
IoConnectInterrupt
KdDisableDebugger
KeReadStateEvent
RtlEqualUnicodeString
RtlCreateSecurityDescriptor
MmHighestUserAddress
RtlLengthRequiredSid
IoReportDetectedDevice
IoWMIRegistrationControl
ExDeleteResourceLite
RtlTimeToSecondsSince1980
KdEnableDebugger
RtlAreBitsClear
KeInitializeTimer
KeReadStateSemaphore
PsGetCurrentThreadId
ObReferenceObjectByPointer
RtlFindLeastSignificantBit
KePulseEvent
KeBugCheck
ExUuidCreate
IoInvalidateDeviceRelations
ExInitializeResourceLite
IoGetDmaAdapter
ZwCreateKey
IoSetShareAccess
IoRequestDeviceEject
ExFreePool
RtlAreBitsSet
RtlOemStringToUnicodeString
IoGetDriverObjectExtension
KeReleaseSemaphore
IoGetDeviceToVerify
IoMakeAssociatedIrp
RtlCharToInteger
IoReleaseCancelSpinLock
SeAccessCheck
IoGetCurrentProcess
RtlInitUnicodeString
RtlSetDaclSecurityDescriptor
KeSynchronizeExecution
IoOpenDeviceRegistryKey
RtlInt64ToUnicodeString
SeValidSecurityDescriptor
SeOpenObjectAuditAlarm
MmGetSystemRoutineAddress
ZwCreateFile
IoGetBootDiskInformation
ExSystemTimeToLocalTime
RtlDowncaseUnicodeString
IoRemoveShareAccess
RtlNumberOfClearBits
RtlSetBits
IoWriteErrorLogEntry
RtlUnicodeStringToInteger
KeInsertHeadQueue
IoBuildPartialMdl
KeCancelTimer
RtlMultiByteToUnicodeN
FsRtlFreeFileLock
CcRemapBcb
RtlCopyLuid
ExSetTimerResolution
SeQueryInformationToken
IoStopTimer
RtlCopySid
SeAssignSecurity
ExRaiseDatatypeMisalignment
PsLookupProcessByProcessId
RtlCopyString
IoAllocateWorkItem
RtlFindClearRuns
KeReadStateMutex
IoDisconnectInterrupt
MmUnmapLockedPages
FsRtlDeregisterUncProvider
PsGetVersion
ObGetObjectSecurity
FsRtlFastCheckLockForRead
RtlInitializeGenericTable
PsGetCurrentProcess
MmLockPagableSectionByHandle
FsRtlLookupLastLargeMcbEntry
IoGetAttachedDevice
ZwQuerySymbolicLinkObject
SeSinglePrivilegeCheck
MmForceSectionClosed
CcDeferWrite
KeBugCheckEx
SeCaptureSubjectContext
IoAllocateErrorLogEntry
IoInitializeTimer
MmMapLockedPagesSpecifyCache
MmAllocateNonCachedMemory
ExRegisterCallback
MmUnmapIoSpace
IoFreeWorkItem
IoCancelIrp
FsRtlIsFatDbcsLegal
ObQueryNameString
ZwFreeVirtualMemory
RtlFindClearBitsAndSet
CcCopyWrite
RtlCreateUnicodeString
RtlQueryRegistryValues
ZwQueryKey
MmSizeOfMdl
KeUnstackDetachProcess
ZwOpenSection
ZwQueryObject
PsGetCurrentProcessId
KeRestoreFloatingPointState
RtlCopyUnicodeString
KeInitializeDpc
KeRemoveEntryDeviceQueue
ExSetResourceOwnerPointer
KeSetBasePriorityThread
PoSetSystemState
KeGetCurrentThread
RtlClearBits
ExAcquireFastMutexUnsafe
ZwMapViewOfSection
FsRtlFastUnlockSingle
RtlSecondsSince1980ToTime
