ZwQueryValueKey
IoSetDeviceInterfaceState
RtlAnsiCharToUnicodeChar
ZwDeleteKey
ObReleaseObjectSecurity
MmAllocateMappingAddress
ZwEnumerateValueKey
IoCreateDevice
KeInitializeSpinLock
MmFlushImageSection
RtlFindClearRuns
RtlLengthRequiredSid
ObReferenceObjectByPointer
IoAllocateErrorLogEntry
RtlSecondsSince1970ToTime
KeDeregisterBugCheckCallback
CcPurgeCacheSection
MmUnlockPages
RtlSplay
IoCreateSymbolicLink
IoGetRelatedDeviceObject
MmIsAddressValid
ZwPowerInformation
IoVerifyVolume
IoFreeErrorLogEntry
RtlGetCallersAddress
ProbeForWrite
RtlInitUnicodeString
IoReleaseCancelSpinLock
MmGetSystemRoutineAddress
RtlGenerate8dot3Name
VerSetConditionMask
IofCallDriver
KeReadStateEvent
KeInitializeSemaphore
SeLockSubjectContext
MmLockPagableSectionByHandle
MmQuerySystemSize
RtlRandom
ExInitializeResourceLite
RtlLengthSecurityDescriptor
ExReleaseFastMutexUnsafe
PsGetProcessId
IoGetTopLevelIrp
KeFlushQueuedDpcs
PsImpersonateClient
IoStartPacket
RtlCreateAcl
RtlAddAccessAllowedAceEx
ExIsProcessorFeaturePresent
RtlxOemStringToUnicodeSize
FsRtlIsTotalDeviceFailure
RtlFreeOemString
CcUninitializeCacheMap
ZwOpenSection
RtlCopySid
ExQueueWorkItem
IoDeleteController
IoInvalidateDeviceState
RtlFindLeastSignificantBit
SeAccessCheck
MmFreeNonCachedMemory
RtlInitializeBitMap
IoFreeController
MmFreeMappingAddress
KeInsertDeviceQueue
IoGetLowerDeviceObject
PsLookupThreadByThreadId
IoAcquireCancelSpinLock
KeRemoveEntryDeviceQueue
IoAllocateWorkItem
KeBugCheckEx
ExAcquireResourceSharedLite
IoQueryFileInformation
KeRundownQueue
SeAppendPrivileges
ObfDereferenceObject
IoInvalidateDeviceRelations
IoCreateStreamFileObjectLite
ZwCreateEvent
PsGetCurrentThreadId
RtlFreeAnsiString
FsRtlNotifyInitializeSync
SeAssignSecurity
CcPinRead
IoInitializeTimer
MmAdvanceMdl
KeResetEvent
ZwOpenKey
FsRtlCheckLockForReadAccess
RtlCopyLuid
ObGetObjectSecurity
RtlPrefixUnicodeString
IoGetDriverObjectExtension
ZwSetSecurityObject
IoDisconnectInterrupt
MmIsVerifierEnabled
KeQuerySystemTime
ExFreePoolWithTag
IoBuildPartialMdl
IoGetDeviceInterfaceAlias
RtlCreateUnicodeString
CcSetDirtyPinnedData
PsIsThreadTerminating
KeRemoveQueue
ExSetTimerResolution
MmBuildMdlForNonPagedPool
ZwOpenProcess
ZwCreateSection
KeRemoveDeviceQueue
IoInitializeIrp
ExVerifySuite
CcSetFileSizes
IoVolumeDeviceToDosName
KeUnstackDetachProcess
RtlUnicodeStringToOemString
WmiQueryTraceInformation
KeQueryActiveProcessors
KeSetSystemAffinityThread
ZwFreeVirtualMemory
IoIsOperationSynchronous
IoSetPartitionInformationEx
MmProbeAndLockProcessPages
PsRevertToSelf
CcMdlWriteAbort
MmSetAddressRangeModified
FsRtlMdlWriteCompleteDev
ExReleaseResourceLite
RtlFindMostSignificantBit
ZwQueryKey
CcFastMdlReadWait
MmMapIoSpace
RtlInsertUnicodePrefix
RtlInitAnsiString
RtlOemStringToUnicodeString
ExRaiseStatus
RtlTimeToSecondsSince1970
IoGetAttachedDeviceReference
RtlVolumeDeviceToDosName
IoRegisterDeviceInterface
KeDetachProcess
RtlCompareString
ObQueryNameString
KeEnterCriticalRegion
MmIsThisAnNtAsSystem
FsRtlFastUnlockSingle
KeReadStateSemaphore
ZwClose
IoReportResourceForDetection
KeSetImportanceDpc
KeLeaveCriticalRegion
PsGetCurrentProcess
MmUnlockPagableImageSection
IoCheckEaBufferValidity
KeReadStateTimer
IoFreeIrp
MmProbeAndLockPages
SeValidSecurityDescriptor
RtlSetAllBits
SeQueryInformationToken
KeSetEvent
ExRaiseDatatypeMisalignment
SeReleaseSubjectContext
CcUnpinDataForThread
KeSetKernelStackSwapEnable
IoReadPartitionTable
ZwUnloadDriver
MmSizeOfMdl
KeInsertHeadQueue
ZwCreateKey
HalExamineMBR
IoVerifyPartitionTable
PsChargeProcessPoolQuota
KeSetTimer
SeSinglePrivilegeCheck
ProbeForRead
RtlInt64ToUnicodeString
RtlEqualString
ZwFlushKey
PsGetCurrentProcessId
ZwCreateDirectoryObject
PsGetThreadProcessId
SeQueryAuthenticationIdToken
ExSetResourceOwnerPointer
RtlStringFromGUID
IofCompleteRequest
ExUuidCreate
RtlDowncaseUnicodeString
RtlGetVersion
IoWMIWriteEvent
RtlInitializeSid
RtlFillMemoryUlong
MmResetDriverPaging
MmUnsecureVirtualMemory
KeSynchronizeExecution
IoOpenDeviceRegistryKey
IoReleaseRemoveLockAndWaitEx
RtlGetNextRange
ZwMakeTemporaryObject
MmIsDriverVerifying
KefAcquireSpinLockAtDpcLevel
ZwLoadDriver
KeRevertToUserAffinityThread
IoAcquireVpbSpinLock
RtlEnumerateGenericTable
IoIsSystemThread
IoDeviceObjectType
ZwNotifyChangeKey
ZwSetVolumeInformationFile
FsRtlAllocateFileLock
RtlInitString
DbgBreakPoint
ExAcquireFastMutexUnsafe
MmFreeContiguousMemory
IoCheckShareAccess
RtlAppendUnicodeToString
MmPageEntireDriver
ZwReadFile
PsReturnPoolQuota
PsGetProcessExitTime
IoStopTimer
ObReferenceObjectByHandle
KeReadStateMutex
PsTerminateSystemThread
IoDeleteSymbolicLink
MmHighestUserAddress
KeQueryInterruptTime
KeReleaseSemaphore
KeInitializeDeviceQueue
RtlAnsiStringToUnicodeString
PoRequestPowerIrp
IoGetDiskDeviceObject
RtlValidSid
IoReuseIrp
IoGetAttachedDevice
RtlUnicodeStringToAnsiString
IoFreeWorkItem
RtlClearBits
IoAcquireRemoveLockEx
ExGetSharedWaiterCount
KeWaitForMultipleObjects
IoDetachDevice
FsRtlSplitLargeMcb
CcMdlReadComplete
IoCsqRemoveIrp
MmSecureVirtualMemory
SeFilterToken
RtlEqualSid
IoThreadToProcess
IoRemoveShareAccess
CcMdlRead
ZwFsControlFile
IoSetHardErrorOrVerifyDevice
SeCaptureSubjectContext
RtlAppendStringToString
IoStartNextPacket
CcMapData
ExReinitializeResourceLite
CcGetFileObjectFromBcb
