IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

NtRegisterThreadTerminatePort

RtlSecondsSince1980ToTime

RtlLookupAtomInAtomTable

RtlUlongByteSwap

RtlSetIoCompletionCallback

NtOpenObjectAuditAlarm

CsrClientCallServer

ZwCreateProcessEx

RtlpNtCreateKey

NtDelayExecution

RtlNewSecurityGrantedAccess

RtlLargeIntegerAdd

ZwSetBootOptions

NtOpenIoCompletion

wcspbrk

RtlInitUnicodeStringEx

ZwClearEvent

NtAccessCheckByTypeResultListAndAuditAlarm

NtResumeThread

LdrFindResource_U

RtlVerifyVersionInfo

_fltused

NtSetTimerResolution

ZwMapViewOfSection

ZwRequestPort

ZwDeleteAtom

RtlFindLastBackwardRunClear

NtLoadDriver

ZwPrivilegeCheck

RtlCreateBootStatusDataFile

ZwTerminateProcess

RtlSubtreePredecessor

ZwQueryTimerResolution

ZwSetSystemPowerState

RtlZombifyActivationContext

DbgUiRemoteBreakin

NtVdmControl

NtRemoveProcessDebug

RtlConvertExclusiveToShared

ZwReplyWaitReceivePort

_aullshr

NtCreateProfile

RtlTimeToSecondsSince1970

RtlUniform

islower

RtlLengthSid

NtQueryDirectoryObject

ZwQuerySystemEnvironmentValue

RtlImageDirectoryEntryToData

NtNotifyChangeDirectoryFile

DbgUiSetThreadDebugObject

ZwCreateJobSet

RtlDestroyEnvironment

_ultoa

RtlEqualComputerName

RtlExtendedMagicDivide

wcschr

RtlSetProcessIsCritical

NtDebugContinue

RtlInitializeGenericTableAvl

isdigit

ZwQuerySymbolicLinkObject

RtlRestoreLastWin32Error

RtlGUIDFromString

NtOpenSemaphore

RtlFindClearRuns

NtQueryDefaultUILanguage

ZwAccessCheckByTypeResultListAndAuditAlarmByHandle

RtlEnterCriticalSection

RtlDeleteElementGenericTableAvl

RtlGetCompressionWorkSpaceSize

SetContextAttributesA

SaslEnumerateProfilesW

InitializeSecurityContextA

AddCredentialsA

ExportSecurityContext

SaslEnumerateProfilesA

SaslGetProfilePackageA

QuerySecurityContextToken

LsaEnumerateLogonSessions

SecpFreeMemory

SetContextAttributesW

LsaRegisterLogonProcess

QueryContextAttributesW

DeleteSecurityPackageA

QuerySecurityPackageInfoW

CredUnmarshalTargetInfo

VerifySignature

GetComputerObjectNameA

AddSecurityPackageA

LsaFreeReturnBuffer

SaslGetProfilePackageW

AddCredentialsW

InitializeSecurityContextW

FreeContextBuffer

SaslInitializeSecurityContextA

TranslateNameW

CredMarshalTargetInfo

GetUserNameExW

SetupInstallServicesFromInfSectionExA

SetupFreeSourceListA

CM_Add_Empty_Log_Conf

SetupScanFileQueue

SetupInstallFileExA

SetupDiInstallDeviceInterfaces

SetupDiEnumDriverInfoW

SetupDiSetDriverInstallParamsW

SetupDiOpenDeviceInterfaceA

pSetupVerifyQueuedCatalogs

pSetupMakeSurePathExists

SetupGetLineCountW

SetupDiGetINFClassA

pSetupSetArrayToMultiSzValue

SetupQueueDefaultCopyW

SetupScanFileQueueA

CM_Query_Arbitrator_Free_Data

pSetupModifyGlobalFlags

SetupDiGetSelectedDevice

CM_Get_Resource_Conflict_DetailsW

CM_Set_HW_Prof_FlagsA

CM_Open_Class_Key_ExW

CM_Intersect_Range_List

SetupDiSetClassRegistryPropertyA

SetupQueueRenameA

CM_Set_HW_Prof_Ex

SetupDiGetClassImageListExW

SetupDiClassNameFromGuidExW

CM_Get_Device_Interface_Alias_ExW

CM_Set_DevNode_Registry_PropertyA

SetupPrepareQueueForRestoreW

CM_Get_Device_Interface_AliasA

pSetupDestroyRunOnceNodeList

CM_Get_Child

pSetupStringTableAddStringEx

SetupDiClassGuidsFromNameExA

pSetupStringTableLookUpStringEx

CM_Get_Device_Interface_List_SizeA

CM_Get_Device_ID_ListW

SetupAddToSourceListA

?AddLocationHistory@CTitle@@QAEKKPBD00PBVCLocation@@00H@Z

??1CFIFOString@@QAE@XZ

??4CTitle@@QAEAAV0@ABV0@@Z

?RemoveAll@CFIFOString@@QAEXXZ

?GetParent@CFolder@@QAEPAV1@XZ

?Close@CCollection@@QAEKXZ

?AddTitle@CCollection@@QAEPAVCTitle@@PBG0000GIPAVCLocation@@PAKH0@Z

?Add@CPointerList@@QAEPAUListItem@@PAX@Z

?GetIdW@CLocation@@QAEPBGXZ

??1CPointerList@@QAE@XZ

?SetMasterCHM@CCollection@@QAEXPBDG@Z

?AddChildFolder@CFolder@@QAEPAV1@PBGKPAKG@Z

?SetTitle@CLocation@@QAEXPBG@Z

?GetNextFolder@CFolder@@QAEPAV1@XZ

?SetFirstChildFolder@CFolder@@QAEXPAV1@@Z

?GetOrder@CFolder@@QAEKXZ

?AddFolder@CCollection@@QAEPAVCFolder@@PBDKPAKG@Z

?GetNextLocation@CLocation@@QAEPAV1@XZ

?GetId@CLocation@@QBEPADXZ

?GetNextTitle@CTitle@@QAEPAV1@XZ

?SetMasterCHM@CCollection@@QAEXPBGG@Z

?GetVersion@CCollection@@QAEKXZ

?FindLocation@CCollection@@QAEPAVCLocation@@PBGPAI@Z

?GetVolumeW@CLocation@@QAEPBGXZ

?GetIdW@CTitle@@QAEPBGXZ

??0CFIFOString@@QAE@XZ

?HandleTitle@CCollection@@AAEKPAVCParseXML@@PAD@Z

?FirstLocation@CCollection@@QAEPAVCLocation@@XZ

?SetExTitlePtr@CFolder@@QAEXPAVCExTitle@@@Z

?DeleteFolders@CCollection@@AAEXPAPAVCFolder@@@Z

?Dirty@CCollection@@QAEXXZ

?DeleteChildren@CCollection@@AAEXPAPAVCFolder@@@Z

?SetVolume@CLocation@@QAEXPBG@Z

?AddLocation@CCollection@@QAEPAVCLocation@@PBD000PAK@Z

?AddCollection@CCollection@@QAEPAVCColList@@XZ

??1CCollection@@QAE@XZ

?Open@CCollection@@QAEKPBD@Z

?GetLangId@CCollection@@QAEGPBG@Z

?GetTitleW@CLocation@@QAEPBGXZ

?GetColNo@CCollection@@QAEKXZ

SystemFunction033

RegDeleteKeyW

LsaLookupSids

QueryServiceLockStatusA

CopySid

BuildImpersonateExplicitAccessWithNameA

SetSecurityDescriptorControl

CryptSetProviderExW

StartServiceCtrlDispatcherW

GetPrivateObjectSecurity

SystemFunction019

ConvertSDToStringSDRootDomainW

GetEffectiveRightsFromAclW

ConvertSecurityDescriptorToAccessW

EnumDependentServicesA

EnumServicesStatusW

ElfReportEventW

CryptSignHashA

DuplicateTokenEx

GetServiceDisplayNameA

UnlockServiceDatabase

SystemFunction022

LogonUserW

LsaQueryTrustedDomainInfoByName

CredIsMarshaledCredentialA

SystemFunction024

DeregisterEventSource

?open@filebuf@@QAEPAV1@PBDHH@Z

tmpnam

_environ

atof

_fcloseall

??5istream@@QAEAAV0@PAD@Z

_itoa

_outpd

?xalloc@ios@@SAHXZ

_mtlock

??_Estrstream@@UAEPAXI@Z

_clearfp

printf

_execve

_abnormal_termination

_ismbckata

__argv

_execlp

?binary@filebuf@@2HB

_wsystem

?endl@@YAAAVostream@@AAV1@@Z

_pwctype

?open@fstream@@QAEXPBDHH@Z

_mbctolower

wcscpy

GetProfileStringA

SetConsoleTitleW

OpenJobObjectW

lstrcatW

DeleteCriticalSection

LockResource

GetNumaNodeProcessorMask

TryEnterCriticalSection

GetTimeZoneInformation

TlsAlloc

VirtualAlloc

GetEnvironmentVariableW

FillConsoleOutputCharacterW

CreateNamedPipeA

GetVolumePathNamesForVolumeNameW

CopyLZFile

FindNextVolumeW

GetCurrentDirectoryW

LeaveCriticalSection

GetPrivateProfileIntA

GlobalAddAtomW

LocalUnlock

GetExpandedNameA

GetWindowsDirectoryA

FoldStringA

GetNamedPipeHandleStateW

FindFirstChangeNotificationA

GetProcessHeaps

GetFileSizeEx

CreateFiber

InterlockedPushEntrySList

GetProcessVersion

SetCommState

SetConsoleDisplayMode

SetConsoleCP

HeapAlloc

GetThreadContext

LoadLibraryA

CreateProcessInternalW

ContinueDebugEvent

GetNamedPipeHandleStateA

GetBinaryType

EnterCriticalSection

GetSystemTimeAsFileTime

QueryPerformanceFrequency

WideCharToMultiByte

Process32NextW

GetProcAddress

exit

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ