Import table
advapi32.dll
RegQueryValueExW, OpenProcessToken, RegCloseKey, AdjustTokenPrivileges, LookupPrivilegeValueW, RegOpenKeyExW
comctl32.dll
ImageList_GetIconSize, ImageList_DrawEx
gdi32.dll
GetStockObject, CreateDIBSection, DeleteObject, SelectObject, CreateCompatibleDC, DeleteDC
gdiplus.dll
GdipDrawImageRectRectI, GdipGetImageHeight, GdipAlloc, GdipFree, GdipGetImageGraphicsContext, GdipCloneImage, GdipDeleteGraphics, GdipCreateBitmapFromScan0, GdipSetCompositingMode, GdipGetImageWidth, GdipSetInterpolationMode, GdiplusStartup, GdipCreateBitmapFromStream, GdipDisposeImage
kernel32.dll
GetCurrentProcessId, CreateThread, GetDriveTypeW, SetProcessWorkingSetSize, CreateProcessW, GetCurrentProcess, GetLogicalDriveStringsW, ExpandEnvironmentStringsW, SearchPathW, GetModuleHandleW, GlobalAlloc, GetProcAddress, SizeofResource, ReadFile, CreateFileW, LockResource, EnumResourceNamesW, lstrcpyW, SetFilePointer, FindResourceW, FreeLibrary, LoadResource, LoadLibraryExW, WriteFile, GetLocaleInfoA, GetStringTypeW, CloseHandle, GetSystemTimeAsFileTime, GetTickCount, QueryPerformanceCounter, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, GetStartupInfoA, GetFileType, SetHandleCount, GetModuleFileNameA, GetStdHandle, VirtualAlloc, VirtualFree, HeapCreate, HeapDestroy, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, RaiseException, ExitProcess, HeapSize, LCMapStringW, MultiByteToWideChar, WideCharToMultiByte, LCMapStringA, SetLastError, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, GetModuleHandleA, IsValidCodePage, GetOEMCP, Sleep, GetCurrentThreadId, InitializeCriticalSection, LoadLibraryA, RtlUnwind, GetStringTypeA, GetACP, InterlockedDecrement, InterlockedIncrement, GetCPInfo, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, TerminateProcess, GetProcessHeap, GetVersionExA, GetCommandLineA, HeapFree, HeapAlloc, HeapReAlloc, GetLastError
ole32.dll
CreateStreamOnHGlobal, CoInitialize, CoUninitialize, CoCreateInstance
shell32.dll
ShellExecuteExW, SHQueryRecycleBinW, SHFileOperationW, SHGetFileInfoW, SHGetMalloc, SHGetPathFromIDListW, SHEmptyRecycleBinW
shlwapi.dll
StrStrIW, PathUnquoteSpacesW, PathFileExistsW
user32.dll
CreateWindowExW, DeregisterShellHookWindow, LoadCursorW, GetSystemMetrics, WindowFromPoint, IsWindowVisible, FindWindowW, GetParent, SendMessageW, GetForegroundWindow, DefWindowProcW, RegisterClassExW, UpdateLayeredWindowIndirect, GetWindowDC, ReleaseDC, IsWindow, GetWindow, EqualRect, CopyRect, GetDC, GetPropW, EnumWindows, wsprintfW, SetForegroundWindow, GetWindowThreadProcessId, IsZoomed, SetRect, GetWindowLongW, GetAncestor, SetTimer, GetWindowRect, GetWindowTextW, SystemParametersInfoW, RegisterWindowMessageW, GetClassNameW, RegisterShellHookWindow, GetCursorPos, PostMessageW, KillTimer
userenv.dll
CreateEnvironmentBlock, DestroyEnvironmentBlock
Export table
ActivateExisting
AdvancedResolveFile
CleanSet
CloseExisting
CreateDIBSpecial
CreateDIBwithDC
EmptyRecycleBin
FreeDIB
FreeDIBwithDC
GetDetectionVersion
GetMAActive
GetNoneActive
GetOwnedPopupsVisible
GetScreenState
GetSelfActive
InitDetection
IsRecycleBinEmpty
MyUpdateLayeredWindowIndirect
Pidl_Concatenate
Pidl_Free
Pidl_GetSize
ResetEnv
ResetMAActive
SetMA
SHDeleteFile
Shell_CheckExists
Shell_Execute
Shell_GetLnkIcon
Shell_GetLnkPath
Shell_GetTitle
Shell_GetUrlPath
ShellGraphics_LoadIconFromFile
ShellGraphics_LoadIconOfFile
ShellGraphics_SetImageSizeMode
ShutdownDetection
WorkAreaClose
WorkAreaGet
WorkAreaIDEdge
WorkAreaInit
