IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

CcInitializeCacheMap

ExGetPreviousMode

PsGetCurrentThread

RtlValidSecurityDescriptor

ZwReadFile

MmAddVerifierThunks

IoRemoveShareAccess

CcUnpinRepinnedBcb

SeQueryAuthenticationIdToken

ZwSetValueKey

RtlLengthSecurityDescriptor

IoInitializeIrp

IoAllocateErrorLogEntry

ExReleaseResourceLite

ProbeForWrite

SeAccessCheck

RtlSplay

ExAllocatePoolWithQuotaTag

RtlAnsiStringToUnicodeString

RtlQueryRegistryValues

PsImpersonateClient

SeImpersonateClientEx

RtlAreBitsSet

ExDeleteNPagedLookasideList

FsRtlCheckLockForReadAccess

IoGetDeviceInterfaces

RtlUnicodeStringToOemString

RtlAddAccessAllowedAce

ZwFsControlFile

RtlxAnsiStringToUnicodeSize

IoCheckShareAccess

ZwUnloadDriver

PsGetVersion

IoSetDeviceToVerify

IofCompleteRequest

CcCopyWrite

RtlEqualString

RtlCompareString

ZwMakeTemporaryObject

KeSetPriorityThread

FsRtlMdlWriteCompleteDev

IoCreateNotificationEvent

ExRaiseAccessViolation

IoStopTimer

IoQueryDeviceDescription

MmUnsecureVirtualMemory

IoGetRelatedDeviceObject

ZwAllocateVirtualMemory

ZwQueryVolumeInformationFile

ExGetSharedWaiterCount

RtlGetVersion

FsRtlIsNameInExpression

IoReleaseCancelSpinLock

KeDeregisterBugCheckCallback

IoWriteErrorLogEntry

KeQuerySystemTime

ZwCreateKey

CcSetDirtyPinnedData

RtlAnsiCharToUnicodeChar

RtlEqualSid

IoStartPacket

IofCallDriver

KeSetSystemAffinityThread

RtlVolumeDeviceToDosName

IoIsSystemThread

KeAttachProcess

ExAllocatePoolWithQuota

KeSetImportanceDpc

RtlSetAllBits

IoStartNextPacket

KeRundownQueue

KeSaveFloatingPointState

IoGetDeviceProperty

IoCreateStreamFileObjectLite

IoGetTopLevelIrp

ProbeForRead

IoRaiseHardError

RtlUpcaseUnicodeString

IoCreateDisk

RtlCreateSecurityDescriptor

IoDeleteDevice

ZwLoadDriver

MmResetDriverPaging

IoAcquireRemoveLockEx

KeRemoveEntryDeviceQueue

ExSystemTimeToLocalTime

MmLockPagableDataSection

RtlClearBits

VerSetConditionMask

RtlFindLastBackwardRunClear

FsRtlIsDbcsInExpression

ZwEnumerateKey

IoCsqRemoveIrp

MmIsThisAnNtAsSystem

ObInsertObject

DbgBreakPointWithStatus

IoAcquireCancelSpinLock

KdDisableDebugger

KeSetEvent

ExDeleteResourceLite

MmIsDriverVerifying

KeRemoveQueueDpc

IoInitializeTimer

KeResetEvent

KeClearEvent

PsGetThreadProcessId

RtlUpcaseUnicodeChar

IoGetDmaAdapter

IoFreeMdl

IoAllocateWorkItem

MmSecureVirtualMemory

CcMdlWriteComplete

ZwDeviceIoControlFile

IoMakeAssociatedIrp

IoGetLowerDeviceObject

RtlOemStringToUnicodeString

PoCallDriver

RtlFindNextForwardRunClear

RtlCopyUnicodeString

ZwOpenFile

MmForceSectionClosed

ExUnregisterCallback

MmMapIoSpace

RtlMultiByteToUnicodeN

PoRegisterSystemState

IoGetDriverObjectExtension

IoCheckEaBufferValidity

IoDeleteSymbolicLink

ZwClose

PsIsThreadTerminating

MmGetPhysicalAddress

RtlClearAllBits

CcMdlReadComplete

MmAllocateNonCachedMemory

IoReportDetectedDevice

ObfReferenceObject

IoGetAttachedDeviceReference

KeSetTimerEx

IoRegisterFileSystem

CcMdlWriteAbort

RtlUpcaseUnicodeToOemN

ZwFlushKey

KeInitializeQueue

KeInsertQueueDpc

PoUnregisterSystemState

ZwOpenKey

MmGetSystemRoutineAddress

SeTokenIsRestricted

KeReadStateEvent

ExLocalTimeToSystemTime

IoSetHardErrorOrVerifyDevice

ExSetTimerResolution

ZwEnumerateValueKey

IoWMIRegistrationControl

RtlNtStatusToDosError

RtlInitAnsiString

MmUnlockPages

FsRtlIsTotalDeviceFailure

IoGetDeviceInterfaceAlias

ZwOpenSection

RtlDeleteNoSplay

MmIsVerifierEnabled

ExUuidCreate

RtlDeleteElementGenericTable

MmAllocatePagesForMdl

RtlAppendUnicodeToString

PsGetProcessExitTime

KeInitializeSpinLock

ZwSetVolumeInformationFile

IoSetTopLevelIrp

RtlInitializeBitMap

FsRtlNotifyInitializeSync

RtlEqualUnicodeString

RtlFindClearBitsAndSet

IoDeviceObjectType

IoFreeIrp

IoQueryFileDosDeviceName

KeLeaveCriticalRegion

IoCreateFile

RtlInsertUnicodePrefix

IoWritePartitionTableEx

ExFreePoolWithTag

RtlSecondsSince1970ToTime

CcUnpinData

MmMapLockedPagesSpecifyCache

IoThreadToProcess

SeDeleteObjectAuditAlarm

RtlRandom

RtlCopyLuid

RtlTimeFieldsToTime

RtlxOemStringToUnicodeSize

MmAllocateMappingAddress

IoSetThreadHardErrorMode

ObQueryNameString

PoSetSystemState

KeInitializeTimer

IoReadPartitionTable

ObMakeTemporaryObject

CcPurgeCacheSection

IoGetBootDiskInformation

RtlCopyString

MmProbeAndLockPages

CcFastMdlReadWait

KeBugCheckEx

ObGetObjectSecurity

IoDetachDevice

RtlFindLeastSignificantBit

CcSetFileSizes

SeDeassignSecurity

KeRestoreFloatingPointState

ObCreateObject

IoDeleteController

SeLockSubjectContext

IoIsWdmVersionAvailable

HalExamineMBR

IoOpenDeviceRegistryKey

FsRtlCheckOplock

KeEnterCriticalRegion

PsSetLoadImageNotifyRoutine

KeQueryActiveProcessors

RtlInitializeGenericTable

MmFreeContiguousMemory

ExInitializeResourceLite

ZwCreateFile

PsLookupThreadByThreadId

KeSetBasePriorityThread

IoAllocateController

ExReinitializeResourceLite

MmHighestUserAddress

ExQueueWorkItem

ZwCreateDirectoryObject

KeInsertQueue

RtlCopySid

KeWaitForMultipleObjects

ExSetResourceOwnerPointer

MmFreePagesFromMdl

KeReadStateSemaphore

FsRtlCheckLockForWriteAccess

RtlFindSetBits

RtlGenerate8dot3Name

KeRemoveQueue

SeAssignSecurity

RtlCompareMemory

KeStackAttachProcess

MmAdvanceMdl

RtlHashUnicodeString

IoFreeErrorLogEntry

IoCreateDevice

RtlFreeOemString

ExReleaseFastMutexUnsafe

MmBuildMdlForNonPagedPool

CcFastCopyRead

MmFreeMappingAddress

KeInitializeSemaphore

KeSetKernelStackSwapEnable

CcSetReadAheadGranularity

RtlAppendStringToString

FsRtlNotifyUninitializeSync

RtlxUnicodeStringToAnsiSize

RtlSecondsSince1980ToTime

RtlWriteRegistryValue

ObReferenceObjectByPointer

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ