KeQuerySystemTime
IoCheckQuotaBufferValidity
FsRtlSplitLargeMcb
IoCreateFile
PsGetCurrentProcessId
IoDetachDevice
RtlFillMemoryUlong
RtlInitString
IoFreeController
ZwCreateSection
RtlInsertUnicodePrefix
IoSetDeviceInterfaceState
PoRegisterSystemState
RtlCompareUnicodeString
IoGetAttachedDeviceReference
IoInitializeIrp
IoGetDeviceObjectPointer
RtlFindUnicodePrefix
MmUnmapLockedPages
RtlTimeToSecondsSince1970
ObCreateObject
SeDeassignSecurity
IoConnectInterrupt
ProbeForRead
ZwFreeVirtualMemory
RtlDeleteRegistryValue
RtlLengthSecurityDescriptor
DbgBreakPointWithStatus
ZwOpenFile
ObReferenceObjectByPointer
KeResetEvent
IoSetShareAccess
KeEnterCriticalRegion
ExReinitializeResourceLite
KeInsertDeviceQueue
MmHighestUserAddress
MmQuerySystemSize
KeInitializeApc
KeInsertByKeyDeviceQueue
MmLockPagableSectionByHandle
CcDeferWrite
IoGetAttachedDevice
KeRemoveDeviceQueue
PoUnregisterSystemState
PsGetCurrentThreadId
ZwDeleteValueKey
ZwDeleteKey
IoInitializeTimer
ExAllocatePoolWithQuotaTag
IoAllocateIrp
ZwQueryInformationFile
RtlUnicodeStringToAnsiString
RtlUpcaseUnicodeChar
MmGetSystemRoutineAddress
IoBuildSynchronousFsdRequest
SeQueryInformationToken
MmFreeMappingAddress
ExAcquireFastMutexUnsafe
ZwQueryKey
RtlUpperString
FsRtlFastUnlockSingle
IoDeleteDevice
ExReleaseResourceLite
MmFreePagesFromMdl
KeGetCurrentThread
RtlFreeAnsiString
RtlMapGenericMask
IoStartPacket
KeReadStateSemaphore
RtlCopyString
IoAllocateWorkItem
MmCanFileBeTruncated
RtlInt64ToUnicodeString
IoRegisterDeviceInterface
RtlAreBitsClear
IoGetDmaAdapter
MmIsAddressValid
ZwEnumerateKey
KeRemoveByKeyDeviceQueue
KeInitializeTimer
PsDereferencePrimaryToken
KeStackAttachProcess
MmAllocateMappingAddress
RtlSecondsSince1980ToTime
IoInvalidateDeviceState
KeDeregisterBugCheckCallback
RtlFindLongestRunClear
FsRtlIsNameInExpression
KeQueryTimeIncrement
KeCancelTimer
ExFreePool
IoGetDriverObjectExtension
ObReleaseObjectSecurity
KeSynchronizeExecution
RtlNtStatusToDosError
IoBuildPartialMdl
KeRestoreFloatingPointState
RtlFindClearRuns
RtlStringFromGUID
ExFreePoolWithTag
RtlAreBitsSet
RtlClearBits
IoAllocateMdl
RtlOemStringToUnicodeString
KeSetKernelStackSwapEnable
IoOpenDeviceRegistryKey
ExReleaseFastMutexUnsafe
ExAllocatePoolWithTag
RtlCreateUnicodeString
FsRtlCheckOplock
KeFlushQueuedDpcs
ZwClose
KeReleaseMutex
ZwQueryValueKey
KeLeaveCriticalRegion
IoGetDeviceInterfaces
SeTokenIsRestricted
RtlCreateSecurityDescriptor
IoRemoveShareAccess
RtlUnicodeToMultiByteN
MmIsDriverVerifying
RtlAppendStringToString
SeImpersonateClientEx
IoIsSystemThread
MmFreeContiguousMemory
IoGetRequestorProcessId
IoSetThreadHardErrorMode
ExSetTimerResolution
RtlNumberOfClearBits
IoFreeMdl
PoRequestPowerIrp
RtlClearAllBits
MmGetPhysicalAddress
RtlxAnsiStringToUnicodeSize
ZwQuerySymbolicLinkObject
IoAcquireCancelSpinLock
KeInitializeSemaphore
KeInitializeDeviceQueue
ZwCreateFile
ZwOpenSection
RtlLengthRequiredSid
PsLookupProcessByProcessId
IoGetStackLimits
RtlFindNextForwardRunClear
SeAccessCheck
IoGetDeviceProperty
IoDeleteController
KeInsertHeadQueue
RtlFindClearBits
RtlAddAccessAllowedAceEx
ExAcquireResourceSharedLite
IoStartTimer
ZwQueryObject
IoCreateStreamFileObjectLite
RtlEqualUnicodeString
MmBuildMdlForNonPagedPool
MmResetDriverPaging
MmLockPagableDataSection
KeReadStateMutex
KeInitializeMutex
IoReuseIrp
RtlValidSecurityDescriptor
IoCreateDevice
KeRemoveQueue
PoStartNextPowerIrp
KeUnstackDetachProcess
RtlAppendUnicodeToString
RtlTimeToSecondsSince1980
IoReportResourceForDetection
ExUuidCreate
ZwCreateDirectoryObject
MmFreeNonCachedMemory
KdDisableDebugger
RtlUnicodeToOemN
MmUnlockPagableImageSection
PoSetPowerState
ExDeleteNPagedLookasideList
RtlSubAuthoritySid
CcCopyRead
FsRtlNotifyInitializeSync
KePulseEvent
RtlSetDaclSecurityDescriptor
IoWMIRegistrationControl
PsIsThreadTerminating
ExSetResourceOwnerPointer
ExGetExclusiveWaiterCount
SeOpenObjectAuditAlarm
RtlHashUnicodeString
IoGetDeviceInterfaceAlias
IoReleaseCancelSpinLock
CcIsThereDirtyData
IoCreateNotificationEvent
RtlUpcaseUnicodeString
MmSecureVirtualMemory
IoSetHardErrorOrVerifyDevice
FsRtlDeregisterUncProvider
ZwReadFile
ExSystemTimeToLocalTime
KeBugCheck
FsRtlFastCheckLockForRead
RtlInitializeBitMap
RtlValidSid
RtlTimeFieldsToTime
MmMapLockedPagesSpecifyCache
IoFreeWorkItem
KeSetEvent
ExGetPreviousMode
IoDeleteSymbolicLink
ZwMakeTemporaryObject
IoUpdateShareAccess
KeReadStateTimer
PsCreateSystemThread
KeQueryActiveProcessors
SeCaptureSubjectContext
CcRemapBcb
ZwFsControlFile
KeInsertQueueDpc
FsRtlIsFatDbcsLegal
PsGetCurrentThread
RtlSecondsSince1970ToTime
IoAttachDeviceToDeviceStack
SeDeleteObjectAuditAlarm
IoQueueWorkItem
IoGetRelatedDeviceObject
SeValidSecurityDescriptor
PsGetCurrentProcess
MmPageEntireDriver
IoCreateSynchronizationEvent
SeCreateClientSecurity
RtlFindLastBackwardRunClear
RtlInitAnsiString
KeRemoveQueueDpc
ObGetObjectSecurity
KeSetImportanceDpc
KeInsertQueue
KeClearEvent
KeSaveFloatingPointState
ExLocalTimeToSystemTime
RtlInitializeUnicodePrefix
RtlGetVersion
FsRtlGetNextFileLock
KeRemoveEntryDeviceQueue
CcZeroData
MmForceSectionClosed
IoCreateSymbolicLink
RtlCopySid
IoCheckEaBufferValidity
ZwEnumerateValueKey
PsGetVersion
RtlDeleteNoSplay
ExRaiseAccessViolation
MmMapIoSpace
ObReferenceObjectByHandle
KeQueryInterruptTime
