CfgMgr32.dll!CM_Register_Notification registered callbacks

Declaration of CM_Register_Notification:

CMAPI CONFIGRET CM_Register_Notification(
  PCM_NOTIFY_FILTER   pFilter,
  PVOID               pContext,
  PCM_NOTIFY_CALLBACK pCallback,
  PHCMNOTIFICATION    pNotifyContext
);

It`s easy to recover structures stored in EventSystemClientList:

field	32bit offset	64bit offset
WORD - signature 0xF097	0	0
LIST_ENTRY	0xC	0x18
CM_NOTIFY_FILTER	0x24	0x40
pCallback	0x1c4	0x1e0

sample of output on windows w10 build 18898: