IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

malloc

free

_amsg_exit

_XcptFilter

wcschr

_get_errno

_set_errno

_wtoi

_vsnwprintf

_lock

memmove

_except_handler4_common

memcpy

memcmp

_ftol2_sse

_unlock

memmove_s

wcsncmp

memcpy_s

_initterm

__CxxFrameHandler3

_onexit

__dllonexit

memset

SHStrDupA

SHStrDupW

SHAnsiToUnicode

SHUnicodeToAnsi

IUnknown_QueryService

IUnknown_Set

IUnknown_SetSite

SHRegGetValueFromHKCUHKLM

IStream_Reset

IStream_Size

SHCreateMemStream

IStream_Write

SHCreateStreamOnFileEx

IStream_Read

SHQueryValueExW

SHRegGetValueW

ord141

ord200

ord143

ord193

ord130

ord123

ord190

ord142

ord150

SHCreateShellItemArrayFromIDLists

ord895

ord824

ord51

SHEvaluateSystemCommandTemplate

SHGetNameFromIDList

SHGetKnownFolderIDList

SHGetKnownFolderItem

ord21

SHCreateItemFromParsingName

ord880

SHCreateItemWithParent

ord152

SHBindToParent

ord256

SHCreateDefaultContextMenu

AssocCreateForClasses

ord702

ord898

SHChangeNotify

SHBindToFolderIDListParent

ord171

ord75

ord241

Shell_GetCachedImageIndexW

SHGetKnownFolderPath

SHGetSpecialFolderLocation

ord866

ord6

SHParseDisplayName

SHCreateShellItemArrayFromShellItem

ord16

ord155

ord18

ord19

ord25

ord100

SHGetIDListFromObject

SHCreateItemInKnownFolder

SHCreateItemFromIDList

ord102

SHBindToObject

ord850

ord823

ord17

SHBindToFolderIDListParentEx

StrCmpNIW

ord24

StrDupW

ord152

ord172

UrlCompareW

UrlIsW

StrStrA

UrlEscapeW

PathCreateFromUrlW

PathIsRootW

PathRemoveBackslashW

PathRemoveFileSpecW

StrRChrW

PathMatchSpecW

ord331

ord29

PathFileExistsW

StrCmpW

StrStrNIW

StrToIntA

ord456

ord15

UrlHashW

PathParseIconLocationW

ord156

PathFindExtensionW

ord219

ord158

ord157

PathIsUNCW

StrStrIW

ord2

PathSkipRootW

PathIsURLW

PathFindNextComponentW

PathCompactPathExW

PathRemoveExtensionW

PathFindFileNameW

ord388

ord164

UrlGetPartW

ord236

StrPBrkW

ord154

PathMatchSpecExW

PathGetArgsW

PathRemoveArgsW

PathQuoteSpacesW

StrCmpIW

PathRemoveBlanksW

SizeofResource

DisableThreadLibraryCalls

GetProcAddress

GetModuleHandleW

LoadLibraryExW

GetModuleFileNameA

LoadStringA

LockResource

LoadStringW

LoadResource

FindResourceExW

GetModuleFileNameW

GetModuleHandleExW

CreateSemaphoreExW

ReleaseSemaphore

EnterCriticalSection

WaitForSingleObject

ReleaseSRWLockShared

AcquireSRWLockShared

AcquireSRWLockExclusive

DeleteCriticalSection

ReleaseSRWLockExclusive

ReleaseMutex

WaitForSingleObjectEx

CreateMutexW

OpenSemaphoreW

CreateMutexExW

InitializeCriticalSectionEx

LeaveCriticalSection

HeapFree

HeapReAlloc

GetProcessHeap

HeapAlloc

SetUnhandledExceptionFilter

UnhandledExceptionFilter

SetLastError

GetLastError

CoCreateFreeThreadedMarshaler

CoTaskMemAlloc

CoGetMalloc

CoGetApartmentType

CoTaskMemRealloc

PropVariantCopy

StringFromGUID2

CoCreateInstance

CoTaskMemFree

PropVariantClear

CreateStreamOnHGlobal

GetHGlobalFromStream

TlsAlloc

GetCurrentProcessId

TlsGetValue

TlsFree

TerminateProcess

GetCurrentThreadId

GetCurrentProcess

TlsSetValue

ResolveLocaleName

GetSystemPreferredUILanguages

IsDBCSLeadByteEx

LCMapStringEx

FindNLSStringEx

FindNLSString

IsDBCSLeadByte

FormatMessageW

LocaleNameToLCID

GetSystemDefaultLCID

LCMapStringW

OutputDebugStringW

IsDebuggerPresent

DebugBreak

CloseHandle

MultiByteToWideChar

WideCharToMultiByte

CompareStringW

CompareStringOrdinal

InitOnceComplete

Sleep

SleepConditionVariableSRW

InitOnceExecuteOnce

InitOnceBeginInitialize

WakeAllConditionVariable

LocalFree

LocalReAlloc

LocalAlloc

GetPersistedRegistryLocationW

RegOpenKeyExW

RegCloseKey

RegGetValueW

RegQueryInfoKeyW

GetTickCount

GetTickCount64

GetLocalTime

GetSystemTime

GetSystemTimeAsFileTime

GetVersionExW

WaitForThreadpoolTimerCallbacks

CreateThreadpoolTimer

CloseThreadpoolTimer

SetThreadpoolTimer

EtwEventWrite

EtwEventActivityIdControl

EtwEventSetInformation

EtwEventRegister

EtwEventUnregister

EtwEventWriteTransfer

EtwEventEnabled

RegisterClipboardFormatW

GlobalSize

GlobalLock

GlobalUnlock

GetWindowRect

GetCursorPos

SendMessageW

lstrlenA

lstrlenW

lstrcmpiW

lstrcmpiA

lstrcmpW

RegSetKeyValueW

PathCchCombine

PathCchAppend

PathCchRemoveFileSpec

SEARCH_WriteAutoListContents

GetGatherAdmin

IsMSSearchEnabled

SHCreateAutoListWithID

SHCreateScopeItemFromShellItem

SHCreateScope

SHCreateScopeItemFromKnownFolder

CreateResultSetFactory

CreateSingleVisibleInList

SHCreateScopeItemFromIDList

SHCreateTransientVFolderIDList

SHCreateScopeFromIDListsEx

SHCreateScopeFromShellItemArray

SHCreateSearchIDListFromAutoList

SEARCH_RemoteLocationsCscStateCache_IsRemoteLocationInCsc

CreateDefaultProviderResolver

GetScopeFolderType

SHCreateAutoList

RoOriginateError

EncodePointer

DecodePointer

CoRevokeInitializeSpy

CoRegisterInitializeSpy

CharLowerW

WaitForMultipleObjects

QueryPerformanceCounter

GetTimeZoneInformation

SystemTimeToFileTime

FileTimeToSystemTime

EventWriteTransfer

DeactivateActCtx

CreateActCtxW

ReleaseActCtx

ActivateActCtx

GetTempPathW

GetStringTypeExA

ResolveDelayLoadedAPI

DelayLoadFailureHook

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ