IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

ZwAllocateVirtualMemory

RtlInitializeBitMap

KeWaitForMultipleObjects

MmSecureVirtualMemory

MmLockPagableDataSection

IoIsWdmVersionAvailable

IoAcquireVpbSpinLock

KeRegisterBugCheckCallback

RtlCopyString

MmAllocateMappingAddress

KeFlushQueuedDpcs

IoRequestDeviceEject

KeReleaseMutex

CcSetBcbOwnerPointer

IoCsqRemoveIrp

IoDeleteSymbolicLink

RtlCreateSecurityDescriptor

ZwCreateSection

IoGetCurrentProcess

CcFastCopyWrite

RtlTimeToTimeFields

IoCheckQuotaBufferValidity

RtlCopySid

MmFlushImageSection

RtlUnicodeStringToOemString

RtlCreateUnicodeString

IoInitializeIrp

MmFreeMappingAddress

MmSetAddressRangeModified

RtlFindLeastSignificantBit

KdDisableDebugger

PsReturnPoolQuota

FsRtlAllocateFileLock

PsReferencePrimaryToken

KeRestoreFloatingPointState

MmMapIoSpace

RtlValidSecurityDescriptor

KeSaveFloatingPointState

IoInitializeTimer

KeEnterCriticalRegion

ExDeleteNPagedLookasideList

FsRtlIsNameInExpression

IoFreeErrorLogEntry

PsSetLoadImageNotifyRoutine

RtlAreBitsSet

IoReleaseRemoveLockEx

FsRtlDeregisterUncProvider

IoGetDeviceAttachmentBaseRef

IoReleaseRemoveLockAndWaitEx

RtlPrefixUnicodeString

RtlInitAnsiString

PoSetPowerState

IoWritePartitionTableEx

MmUnmapLockedPages

RtlLengthSid

CcRemapBcb

IoUpdateShareAccess

PsImpersonateClient

IoReleaseCancelSpinLock

RtlAnsiStringToUnicodeString

ExDeleteResourceLite

MmQuerySystemSize

KeReadStateTimer

RtlInt64ToUnicodeString

IoAllocateIrp

RtlSetAllBits

IoReuseIrp

ExRaiseStatus

PsChargeProcessPoolQuota

IoCreateFile

KeReleaseSemaphore

SeOpenObjectAuditAlarm

IoDeviceObjectType

ZwDeviceIoControlFile

ExSystemTimeToLocalTime

CcPurgeCacheSection

IoSetDeviceToVerify

ZwCreateEvent

IoAcquireCancelSpinLock

ZwUnloadDriver

ZwDeleteValueKey

IoGetAttachedDevice

PoRegisterSystemState

IoGetBootDiskInformation

KeInitializeDpc

DbgBreakPointWithStatus

CcCopyWrite

RtlFindLongestRunClear

RtlDeleteElementGenericTable

RtlSetDaclSecurityDescriptor

FsRtlFastUnlockSingle

IoDetachDevice

KeInitializeMutex

ZwCreateDirectoryObject

IoFreeController

PsGetProcessExitTime

KeInsertHeadQueue

MmIsAddressValid

SeLockSubjectContext

CcSetDirtyPinnedData

ZwSetValueKey

ExAcquireFastMutexUnsafe

RtlUpcaseUnicodeToOemN

RtlEnumerateGenericTable

SeTokenIsRestricted

ExInitializeResourceLite

CcIsThereDirtyData

RtlCreateRegistryKey

ExRaiseDatatypeMisalignment

RtlFindUnicodePrefix

ProbeForWrite

ExDeletePagedLookasideList

SeSetSecurityDescriptorInfo

CcZeroData

ObReferenceObjectByHandle

RtlMultiByteToUnicodeN

ZwFlushKey

IoFreeMdl

MmAllocatePagesForMdl

PsLookupProcessByProcessId

ZwSetSecurityObject

ObfReferenceObject

IoGetRelatedDeviceObject

MmIsVerifierEnabled

CcMdlReadComplete

IoCheckEaBufferValidity

RtlUpcaseUnicodeChar

RtlDeleteNoSplay

CcFastCopyRead

IoIsSystemThread

RtlClearBits

KeReadStateEvent

RtlInsertUnicodePrefix

RtlUnicodeStringToAnsiString

IoCreateStreamFileObjectLite

IoCreateDisk

ZwPowerInformation

IoCreateSymbolicLink

RtlxUnicodeStringToAnsiSize

IoVerifyPartitionTable

ObReleaseObjectSecurity

PsGetProcessId

ExLocalTimeToSystemTime

ExQueueWorkItem

KeInsertDeviceQueue

DbgPrompt

SeAccessCheck

ExReleaseResourceLite

IoSetTopLevelIrp

RtlAddAccessAllowedAce

IoEnumerateDeviceObjectList

KeSetEvent

IoGetRequestorProcess

MmProbeAndLockProcessPages

ZwOpenProcess

FsRtlNotifyUninitializeSync

IoGetAttachedDeviceReference

ZwNotifyChangeKey

RtlLengthSecurityDescriptor

RtlFindClearBits

FsRtlIsTotalDeviceFailure

FsRtlLookupLastLargeMcbEntry

IoCreateStreamFileObject

RtlDowncaseUnicodeString

PsDereferencePrimaryToken

PsTerminateSystemThread

SeFilterToken

KeQueryInterruptTime

KeInitializeDeviceQueue

RtlxAnsiStringToUnicodeSize

IoInitializeRemoveLockEx

IofCompleteRequest

IoReadDiskSignature

FsRtlGetNextFileLock

ExGetExclusiveWaiterCount

IoGetDeviceInterfaceAlias

RtlAppendStringToString

RtlDelete

ZwEnumerateValueKey

RtlValidSid

ObReferenceObjectByPointer

RtlUpperString

RtlVolumeDeviceToDosName

KeInitializeEvent

SeDeassignSecurity

RtlQueryRegistryValues

KeInitializeTimer

CcRepinBcb

ObInsertObject

KeBugCheckEx

IoReleaseVpbSpinLock

RtlCompareString

RtlInitializeGenericTable

IoCheckShareAccess

KeRemoveEntryDeviceQueue

IoMakeAssociatedIrp

RtlHashUnicodeString

ZwQueryValueKey

PsGetCurrentThread

RtlSecondsSince1980ToTime

RtlNumberOfClearBits

KeInsertByKeyDeviceQueue

IoRegisterDeviceInterface

CcMdlWriteComplete

KeReadStateSemaphore

SeAssignSecurity

PsGetCurrentThreadId

RtlGetNextRange

IoGetDeviceInterfaces

ObMakeTemporaryObject

RtlSecondsSince1970ToTime

KeQuerySystemTime

PsGetCurrentProcessId

KeGetCurrentThread

MmMapLockedPagesSpecifyCache

CcPinRead

IoAllocateErrorLogEntry

IoConnectInterrupt

RtlUnicodeToOemN

FsRtlCheckOplock

FsRtlIsDbcsInExpression

KeInsertQueueDpc

CcSetReadAheadGranularity

IoStartPacket

ZwOpenKey

RtlAnsiCharToUnicodeChar

KeSetBasePriorityThread

PsLookupThreadByThreadId

ZwOpenSection

MmUnsecureVirtualMemory

RtlExtendedIntegerMultiply

PoRequestPowerIrp

IoGetDmaAdapter

IoGetDeviceProperty

ZwOpenFile

IoRaiseHardError

RtlFreeOemString

MmUnmapReservedMapping

KeQueryTimeIncrement

RtlStringFromGUID

RtlInitializeSid

ExUuidCreate

ObfDereferenceObject

KeBugCheck

SeCreateClientSecurity

MmLockPagableSectionByHandle

SePrivilegeCheck

IoOpenDeviceRegistryKey

RtlWriteRegistryValue

KdEnableDebugger

RtlEqualSid

CcMdlWriteAbort

SeSinglePrivilegeCheck

ExAllocatePoolWithTag

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ