IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

GetTraceEnableFlags

GetTraceEnableLevel

GetTraceLoggerHandle

RegisterTraceGuidsW

UnregisterTraceGuids

SetServiceStatus

RegisterServiceCtrlHandlerExW

StartServiceCtrlDispatcherW

SetSecurityDescriptorDacl

InitializeSecurityDescriptor

AddAccessAllowedAce

InitializeAcl

RegCloseKey

RegSetValueExW

RegCreateKeyExW

RegQueryValueExW

RegOpenKeyExW

RegEnumKeyExW

LookupAccountSidW

ConvertSidToStringSidW

GetLengthSid

FreeSid

AllocateAndInitializeSid

RegQueryInfoKeyW

RegEnumValueW

RegDeleteValueW

LookupAccountNameW

GetSidSubAuthorityCount

EqualDomainSid

IsValidSid

CreateWellKnownSid

AccessCheck

AdjustTokenPrivileges

LookupPrivilegeValueW

PrivilegeCheck

CheckTokenMembership

DuplicateToken

EqualSid

ConvertStringSidToSidW

AddAccessAllowedAceEx

AddAccessDeniedAceEx

GetAclInformation

GetAce

AddAce

SetSecurityDescriptorGroup

SetSecurityDescriptorOwner

CopySid

RegisterEventSourceW

ReportEventW

DeregisterEventSource

OpenThreadToken

OpenProcessToken

GetTokenInformation

InitializeCriticalSection

DeleteCriticalSection

InterlockedIncrement

InterlockedDecrement

GetLastError

EncodePointer

GetComputerNameW

GetComputerNameExW

GetVolumeInformationW

GetVolumePathNamesForVolumeNameW

GetModuleHandleW

GetTimeZoneInformation

SetErrorMode

GetDiskFreeSpaceW

InitializeCriticalSectionAndSpinCount

InterlockedCompareExchange

Sleep

EnterCriticalSection

LeaveCriticalSection

DefineDosDeviceW

ReadFile

CreateDirectoryW

SetFileAttributesW

GetEnvironmentVariableW

GetSystemWindowsDirectoryW

LoadLibraryW

GetProcAddress

CreateThread

FindFirstVolumeW

FindNextVolumeW

FindFirstFileW

FindNextFileW

ExpandEnvironmentStringsW

FindClose

FindVolumeClose

SetLastError

GetVersionExW

LoadLibraryExW

FormatMessageW

FreeLibrary

GetCurrentThread

MultiByteToWideChar

UnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

WriteFile

DeleteFileW

MoveFileExW

GetFileAttributesW

GetProcessHeap

HeapAlloc

GetCurrentProcessId

GetTickCount

QueryPerformanceCounter

GetModuleHandleA

SetUnhandledExceptionFilter

GetStartupInfoW

InterlockedExchange

WaitForSingleObject

CloseHandle

SetWaitableTimer

CancelWaitableTimer

GetCurrentThreadId

SetEvent

CreateEventW

CreateWaitableTimerW

OpenThread

CompareStringW

GetCommandLineW

HeapSetInformation

LocalAlloc

GetVolumeNameForVolumeMountPointW

GetVolumePathNameW

GetSystemDirectoryW

LocalFree

ResetEvent

DeviceIoControl

CreateFileW

GetDriveTypeW

HeapFree

GetSystemTimeAsFileTime

GetTickCount64

FlushFileBuffers

GetOverlappedResult

SetThreadPriority

WaitForMultipleObjects

ResumeThread

DeleteVolumeMountPointW

RaiseException

lstrlenW

QueryDosDeviceW

SetVolumeMountPointW

RegisterDeviceNotificationW

LoadStringW

UnregisterDeviceNotification

memset

_snwscanf_s

_wcsupr

strncmp

wcsnlen

_ultow_s

wcscpy_s

wcscat_s

swprintf_s

__CxxFrameHandler3

_purecall

_vsnwprintf

_CxxThrowException

_wcsicmp

free

_controlfp

_onexit

_lock

__dllonexit

_unlock

??1type_info@@UAE@XZ

_except_handler4_common

?terminate@@YAXXZ

wcschr

_vscwprintf

realloc

memmove

wcsncmp

_errno

_beginthreadex

memcpy

malloc

_wcsnicmp

wcsstr

qsort

??0exception@@QAE@ABQBD@Z

?what@exception@@UBEPBDXZ

wcstoul

wcsrchr

iswspace

__set_app_type

towupper

iswdigit

_vsnprintf

??1exception@@UAE@XZ

??0exception@@QAE@ABV0@@Z

_wcslwr

memcpy_s

memmove_s

__p__fmode

__p__commode

__setusermatherr

_amsg_exit

_initterm

_wcmdln

exit

_XcptFilter

_exit

_cexit

__wgetmainargs

_callnewh

??0exception@@QAE@XZ

ord16

ord23

ord17

ord20

ord30

ord32

ord58

CoRevertToSelf

CoImpersonateClient

CoDisconnectContext

CoCreateInstance

CoInitializeSecurity

CoInitializeEx

CoUninitialize

CoTaskMemFree

CoTaskMemAlloc

CoCreateGuid

CLSIDFromString

CoFreeUnusedLibraries

CoGetObjectContext

StringFromCLSID

CoSetProxyBlanket

CoTaskMemRealloc

SHDeleteKeyW

VariantClear

SysAllocStringLen

SysAllocString

SysFreeString

VariantChangeType

GetErrorInfo

VariantCopy

VariantInit

LoadRegTypeLi

SysStringLen

I_RpcBindingInqLocalClientPID

UuidToStringW

RpcStringFreeW

NtThawTransactions

NtFreezeTransactions

NtQueryVolumeInformationFile

RtlNtStatusToDosErrorNoTeb

NtOpenSymbolicLinkObject

NtQuerySymbolicLinkObject

RtlNtStatusToDosError

NtUnloadKey

NtLoadKey

NtAdjustPrivilegesToken

NtOpenProcessToken

NtOpenThreadToken

EtwTraceMessage

RtlFreeSid

RtlSetOwnerSecurityDescriptor

RtlLengthSecurityDescriptor

RtlSetDaclSecurityDescriptor

RtlCreateSecurityDescriptor

RtlAddAccessAllowedAceEx

NtClose

NtCreateSymbolicLinkObject

RtlInitUnicodeString

RtlCreateAcl

RtlLengthSid

RtlAllocateAndInitializeSid

NtSetSecurityObject

NtCreateKey

NtDeleteValueKey

NtQueryValueKey

NtSetValueKey

NtFreezeRegistry

NtThawRegistry

NtQuerySystemInformation

RtlFreeHeap

RtlAllocateHeap

NtOpenFile

RtlGUIDFromString

RtlFreeUnicodeString

RtlStringFromGUID

NtWaitForSingleObject

NtDeviceIoControlFile

NtCreateEvent

NtAllocateUuids

LdrGetProcedureAddress

RtlInitAnsiString

LdrGetDllHandle

NtResetEvent

RtlGetVersion

NtOpenKey

NtEnumerateKey

NtQueryKey

NtQueryAttributesFile

NtDeleteKey

?CreateVssSnapshotSetDescription@@YGJU_GUID@@JPAPAVIVssSnapshotSetDescription@@@Z

?LoadVssSnapshotSetDescription@@YGJPBGPAPAVIVssSnapshotSetDescription@@U_GUID@@@Z

VssFreeSnapshotPropertiesInternal

CreateWriter

CreateWriterEx

NetApiBufferFree

NetShareEnum

NetLocalGroupGetMembers

NetShareGetInfo

NetShareDel

NetShareAdd

OpenCluster

ClusterResourceControl

GetClusterResourceState

CloseClusterResource

CloseCluster

OpenClusterResource

GetNodeClusterState

ord9

ord8

ResUtilEnumResourcesEx

ResUtilGetResourceName

SetupDiGetDeviceInstallParamsW

SetupDiGetDeviceRegistryPropertyW

SetupDiEnumDeviceInfo

SetupDiSetClassInstallParamsW

SetupDiCallClassInstaller

SetupDiGetClassDevsW

SetupDiEnumDeviceInterfaces

SetupDiGetDeviceInterfaceDetailW

SetupDiDestroyDeviceInfoList

CM_Get_Parent

ord7

ord9

ord4

ord10

ord11

ord8

ord2

ord1

ord3

ord5

ord6

AuthzReportSecurityEventFromParams

AuthzUnregisterSecurityEventSource

AuthzRegisterSecurityEventSource

GetStorageDependencyInformation

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_CODE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE