IoGetAttachedDeviceReference
SeQueryAuthenticationIdToken
RtlTimeToTimeFields
ProbeForRead
MmUnsecureVirtualMemory
ZwCreateEvent
RtlFreeOemString
RtlIsNameLegalDOS8Dot3
CcPreparePinWrite
RtlTimeToSecondsSince1970
CcUnpinDataForThread
ZwReadFile
IoIsWdmVersionAvailable
SeCreateClientSecurity
ExRaiseAccessViolation
KeInitializeDpc
MmUnmapReservedMapping
KeSetSystemAffinityThread
RtlUnicodeToMultiByteN
RtlCreateRegistryKey
SeReleaseSubjectContext
PoUnregisterSystemState
FsRtlCheckLockForReadAccess
PsSetLoadImageNotifyRoutine
RtlVolumeDeviceToDosName
IoCreateDisk
IoRequestDeviceEject
RtlFindUnicodePrefix
DbgBreakPoint
RtlInitializeGenericTable
PsRevertToSelf
IoAllocateController
PsGetCurrentProcessId
KeAttachProcess
KeReadStateMutex
ExGetExclusiveWaiterCount
RtlAppendStringToString
ExLocalTimeToSystemTime
IoCheckEaBufferValidity
PsGetCurrentProcess
MmAllocatePagesForMdl
MmGetSystemRoutineAddress
IoBuildPartialMdl
IoSetHardErrorOrVerifyDevice
RtlFindNextForwardRunClear
RtlDowncaseUnicodeString
KeLeaveCriticalRegion
KeQueryActiveProcessors
IoConnectInterrupt
MmFlushImageSection
RtlInitAnsiString
KeDelayExecutionThread
MmMapLockedPagesSpecifyCache
IoReportResourceForDetection
FsRtlAllocateFileLock
MmHighestUserAddress
ExSystemTimeToLocalTime
KeBugCheck
RtlInitUnicodeString
ZwOpenSection
IoGetDeviceObjectPointer
MmQuerySystemSize
KeDetachProcess
RtlDeleteNoSplay
IoCsqRemoveIrp
KdEnableDebugger
IoIsOperationSynchronous
RtlEqualString
CcSetReadAheadGranularity
IoCreateFile
IoReadDiskSignature
IoDeviceObjectType
IoIsSystemThread
MmIsThisAnNtAsSystem
PoSetPowerState
PoSetSystemState
KeSynchronizeExecution
IoInitializeRemoveLockEx
FsRtlIsFatDbcsLegal
KeQueryInterruptTime
IoGetDeviceInterfaceAlias
RtlSecondsSince1970ToTime
MmAllocateContiguousMemory
RtlUnicodeStringToOemString
ObfReferenceObject
RtlValidSecurityDescriptor
MmBuildMdlForNonPagedPool
RtlCreateAcl
RtlVerifyVersionInfo
MmSecureVirtualMemory
IoMakeAssociatedIrp
ZwWriteFile
ZwQuerySymbolicLinkObject
PsTerminateSystemThread
ExGetPreviousMode
IoUnregisterFileSystem
PsLookupProcessByProcessId
MmCanFileBeTruncated
PoRequestPowerIrp
RtlxUnicodeStringToAnsiSize
ObReferenceObjectByHandle
FsRtlIsHpfsDbcsLegal
KeQuerySystemTime
RtlInitializeUnicodePrefix
KeResetEvent
IoReleaseVpbSpinLock
RtlCreateUnicodeString
IoBuildSynchronousFsdRequest
IoAllocateMdl
SeSetSecurityDescriptorInfo
RtlInsertUnicodePrefix
PsCreateSystemThread
ZwCreateSection
SeAssignSecurity
RtlUpcaseUnicodeString
IoAllocateAdapterChannel
FsRtlFastCheckLockForRead
RtlNumberOfClearBits
RtlCompareString
FsRtlCheckLockForWriteAccess
IoFreeWorkItem
RtlValidSid
ObReferenceObjectByPointer
IoGetAttachedDevice
RtlLengthRequiredSid
RtlAddAccessAllowedAceEx
MmMapLockedPages
KeInsertHeadQueue
ZwOpenSymbolicLinkObject
MmFreeContiguousMemory
IoSetStartIoAttributes
KeRemoveQueue
ZwDeleteValueKey
IoAllocateWorkItem
KeInsertQueueDpc
CcCopyRead
ObOpenObjectByPointer
ZwCreateFile
KeFlushQueuedDpcs
PsGetThreadProcessId
KeSetPriorityThread
ZwQueryKey
IoCreateSynchronizationEvent
PsGetVersion
RtlUnicodeStringToInteger
KeSetTimer
FsRtlGetNextFileLock
MmFreeMappingAddress
PsGetCurrentThreadId
ObfDereferenceObject
IoSetPartitionInformation
ExUnregisterCallback
IoGetDmaAdapter
RtlUnicodeToOemN
MmAllocateNonCachedMemory
RtlStringFromGUID
MmProbeAndLockProcessPages
RtlFillMemoryUlong
RtlInt64ToUnicodeString
ExAcquireFastMutexUnsafe
ExAllocatePoolWithQuotaTag
ExDeleteNPagedLookasideList
RtlExtendedIntegerMultiply
PsReturnPoolQuota
IoSetSystemPartition
IoAllocateIrp
ZwSetVolumeInformationFile
ObInsertObject
RtlCopySid
ObQueryNameString
RtlWriteRegistryValue
ExRaiseStatus
IoRegisterFileSystem
RtlDeleteElementGenericTable
IoGetBootDiskInformation
CcMapData
FsRtlIsTotalDeviceFailure
RtlAddAccessAllowedAce
RtlInitializeBitMap
MmAllocateMappingAddress
MmUnlockPagableImageSection
RtlFindSetBits
IoGetDeviceInterfaces
CcCopyWrite
PsIsThreadTerminating
SeDeassignSecurity
FsRtlNotifyUninitializeSync
ZwQueryVolumeInformationFile
RtlCreateSecurityDescriptor
CcCanIWrite
FsRtlDeregisterUncProvider
ExVerifySuite
RtlUnicodeStringToAnsiString
RtlCheckRegistryKey
CcMdlWriteAbort
PsChargeProcessPoolQuota
HalExamineMBR
IoVolumeDeviceToDosName
RtlGetNextRange
ZwOpenFile
RtlDeleteRegistryValue
KeSetTargetProcessorDpc
PoRegisterSystemState
FsRtlIsDbcsInExpression
MmIsVerifierEnabled
RtlRemoveUnicodePrefix
IoCheckQuotaBufferValidity
IoStartPacket
RtlHashUnicodeString
KeRemoveByKeyDeviceQueue
IoWriteErrorLogEntry
SeUnlockSubjectContext
ZwOpenKey
RtlCopyLuid
KeGetCurrentThread
FsRtlFreeFileLock
RtlFindLastBackwardRunClear
DbgBreakPointWithStatus
MmIsAddressValid
RtlNtStatusToDosError
CcPinMappedData
SeDeleteObjectAuditAlarm
FsRtlFastUnlockSingle
PsImpersonateClient
ZwDeviceIoControlFile
KeSetEvent
ObGetObjectSecurity
RtlIntegerToUnicodeString
KeReadStateTimer
ZwFreeVirtualMemory
RtlSplay
DbgPrompt
IoAcquireCancelSpinLock
KdDisableDebugger
RtlFindClearBits
KeCancelTimer
IoAcquireVpbSpinLock
KeInsertDeviceQueue
IoDetachDevice
PsReferencePrimaryToken
RtlFindClearBitsAndSet
ZwPowerInformation
IoQueryFileInformation
RtlOemStringToUnicodeString
IoGetDriverObjectExtension
KeInitializeEvent
RtlAnsiCharToUnicodeChar
KeSetImportanceDpc
RtlTimeToSecondsSince1980
ExDeletePagedLookasideList
FsRtlLookupLastLargeMcbEntry
IoRegisterDeviceInterface
ZwFlushKey
RtlUpperChar
RtlSetBits
IoOpenDeviceRegistryKey
ZwClose
RtlCopyString
IoRemoveShareAccess
