IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

IoAllocateErrorLogEntry

MmUnmapIoSpace

RtlGenerate8dot3Name

RtlFindSetBits

IoCreateFile

IoCreateSynchronizationEvent

IoReportDetectedDevice

MmIsThisAnNtAsSystem

IoFreeIrp

SeTokenIsRestricted

SeSinglePrivilegeCheck

IoQueueWorkItem

KeClearEvent

ObfDereferenceObject

RtlSplay

IoRegisterFileSystem

IoInitializeIrp

IoDeleteDevice

KeSaveFloatingPointState

SeTokenIsAdmin

RtlUpcaseUnicodeString

ExIsProcessorFeaturePresent

IoVerifyPartitionTable

KeRemoveByKeyDeviceQueue

RtlLengthSecurityDescriptor

MmHighestUserAddress

IoEnumerateDeviceObjectList

RtlCharToInteger

RtlFindNextForwardRunClear

PsGetCurrentThread

SeAccessCheck

IoIsSystemThread

IoGetBootDiskInformation

ProbeForRead

ExGetPreviousMode

RtlInitAnsiString

PoCallDriver

RtlAnsiCharToUnicodeChar

IoInitializeRemoveLockEx

KeInitializeApc

FsRtlIsDbcsInExpression

ExLocalTimeToSystemTime

RtlUpperString

MmAllocateMappingAddress

ZwReadFile

RtlVerifyVersionInfo

KeResetEvent

IoGetRequestorProcessId

RtlDeleteElementGenericTable

RtlOemToUnicodeN

IoRemoveShareAccess

RtlUpperChar

FsRtlNotifyUninitializeSync

SeReleaseSubjectContext

MmUnlockPagableImageSection

IoReadDiskSignature

IoGetDiskDeviceObject

IoGetCurrentProcess

ZwWriteFile

MmCanFileBeTruncated

MmAllocateNonCachedMemory

ExDeleteNPagedLookasideList

IoFreeErrorLogEntry

IoSetShareAccess

RtlClearBits

PsGetProcessId

IoInvalidateDeviceState

RtlTimeToSecondsSince1970

IoVerifyVolume

ObfReferenceObject

IoGetRequestorProcess

PoUnregisterSystemState

ExReleaseFastMutexUnsafe

IoGetDeviceAttachmentBaseRef

MmIsDriverVerifying

KeGetCurrentThread

KeQueryTimeIncrement

HalExamineMBR

MmMapUserAddressesToPage

PsGetCurrentThreadId

ZwQueryValueKey

IoCreateDevice

RtlCompareMemory

MmAdvanceMdl

ZwLoadDriver

RtlFindUnicodePrefix

ExUnregisterCallback

ExReleaseResourceLite

PoSetPowerState

ExFreePoolWithTag

RtlSecondsSince1980ToTime

IoUpdateShareAccess

SeUnlockSubjectContext

SeFilterToken

ZwOpenFile

PoStartNextPowerIrp

RtlAddAccessAllowedAceEx

RtlRemoveUnicodePrefix

IoSetTopLevelIrp

SeSetSecurityDescriptorInfo

ExReinitializeResourceLite

ZwSetSecurityObject

IoUnregisterFileSystem

SeLockSubjectContext

RtlLengthRequiredSid

PsDereferencePrimaryToken

MmUnsecureVirtualMemory

KeCancelTimer

FsRtlGetNextFileLock

MmUnmapReservedMapping

RtlAreBitsClear

IofCompleteRequest

FsRtlIsFatDbcsLegal

RtlIntegerToUnicodeString

RtlDowncaseUnicodeString

RtlxOemStringToUnicodeSize

DbgBreakPoint

IoRaiseHardError

ExFreePool

PsIsThreadTerminating

RtlFindLeastSignificantBit

CcFastCopyRead

ZwPowerInformation

IoCreateStreamFileObject

KeInitializeTimerEx

KeSetSystemAffinityThread

SePrivilegeCheck

CcMapData

MmMapLockedPagesSpecifyCache

CcMdlRead

PsRevertToSelf

KeReadStateSemaphore

ObReferenceObjectByPointer

ExAllocatePool

KeWaitForSingleObject

ExAcquireResourceSharedLite

IoBuildSynchronousFsdRequest

CcInitializeCacheMap

MmFreeContiguousMemory

ZwNotifyChangeKey

SeQueryInformationToken

FsRtlCheckLockForWriteAccess

IoWriteErrorLogEntry

PsLookupThreadByThreadId

MmPageEntireDriver

IoDeleteSymbolicLink

RtlWriteRegistryValue

CcSetBcbOwnerPointer

CcSetDirtyPinnedData

RtlUnicodeToMultiByteN

RtlClearAllBits

MmSetAddressRangeModified

MmGetPhysicalAddress

IoGetDeviceProperty

ZwOpenSection

IoOpenDeviceRegistryKey

SeAppendPrivileges

KeDetachProcess

RtlSetAllBits

CcMdlReadComplete

PoRequestPowerIrp

RtlUnicodeStringToInteger

ObMakeTemporaryObject

IoSetStartIoAttributes

KeInitializeMutex

PsTerminateSystemThread

IoAllocateController

ZwQueryObject

ZwDeleteValueKey

IoSetPartitionInformation

KeSetKernelStackSwapEnable

CcFastMdlReadWait

MmProbeAndLockProcessPages

RtlSubAuthoritySid

MmBuildMdlForNonPagedPool

RtlInitializeSid

ZwMakeTemporaryObject

RtlPrefixUnicodeString

KeReleaseMutex

KeStackAttachProcess

KeQuerySystemTime

PsGetThreadProcessId

ExSetResourceOwnerPointer

KeEnterCriticalRegion

RtlAddAccessAllowedAce

IoRequestDeviceEject

IoGetStackLimits

IoSetDeviceInterfaceState

KdEnableDebugger

RtlAppendUnicodeToString

IoAcquireVpbSpinLock

RtlGetNextRange

FsRtlLookupLastLargeMcbEntry

CcPurgeCacheSection

SeImpersonateClientEx

KeInitializeDeviceQueue

RtlCompareString

IoGetDeviceInterfaces

SeDeassignSecurity

FsRtlAllocateFileLock

IoCheckShareAccess

FsRtlDeregisterUncProvider

IoAcquireCancelSpinLock

ZwSetValueKey

IoFreeMdl

RtlCreateRegistryKey

MmMapLockedPages

IofCallDriver

IoInitializeTimer

IoSetPartitionInformationEx

IoGetRelatedDeviceObject

CcPinRead

RtlCompareUnicodeString

RtlValidSid

KeLeaveCriticalRegion

IoAllocateAdapterChannel

IoGetDeviceObjectPointer

PsImpersonateClient

ZwCreateKey

PsReferencePrimaryToken

ExAllocatePoolWithTag

IoAllocateIrp

RtlSecondsSince1970ToTime

SeOpenObjectAuditAlarm

RtlInt64ToUnicodeString

CcFastCopyWrite

PsLookupProcessByProcessId

KeInitializeSemaphore

KeReleaseSemaphore

IoDeviceObjectType

CcUnpinDataForThread

RtlDeleteRegistryValue

IoCheckEaBufferValidity

KeQueryActiveProcessors

RtlFreeAnsiString

KeBugCheck

RtlMapGenericMask

FsRtlFastUnlockSingle

KeRegisterBugCheckCallback

KeDelayExecutionThread

MmResetDriverPaging

ZwClose

ZwOpenKey

ObCreateObject

ZwQuerySymbolicLinkObject

KeRemoveQueueDpc

IoIsOperationSynchronous

RtlIsNameLegalDOS8Dot3

PsSetLoadImageNotifyRoutine

MmProbeAndLockPages

RtlEqualString

ExRaiseDatatypeMisalignment

RtlxUnicodeStringToAnsiSize

RtlAnsiStringToUnicodeString

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ