| Windows 7 DLL File Information - FirewallAPI.dll |
The following DLL report was generated by automatic DLL script that scanned and loaded all DLL files in the system32 directory of Windows 7, extracted the information from them, and then saved it into HTML reports. If you want to view a report of another DLL, go to the main page of this Web site.
General Information
| File Description: | Windows Firewall API |
| File Version: | 6.1.7100.0 (winmain_win7rc.090421-1700) |
| Company: | Microsoft Corporation |
| Product Name: | Microsoft Windows Operating System |
| DLL popularity | Medium - 16 other DLL files in system32 directory are statically linked to this file. |
| File Size: | 452 KB |
| Total Number of Exported Functions: | 216 |
| Total Number of Exported Functions With Names: | 216 |
Section Headers
| Name | Virtual Address | Raw Data Size | % of File | Characteristics | Section Contains... |
|---|---|---|---|---|---|
| .text | 0x00001000 | 397,824 Bytes | 86.0% | Read, Execute | Code |
| .orpc | 0x00063000 | 512 Bytes | 0.1% | Read, Execute | Code |
| .data | 0x00064000 | 12,800 Bytes | 2.8% | Write, Read | Initialized Data |
| .rsrc | 0x00068000 | 25,088 Bytes | 5.4% | Read | Initialized Data |
| .reloc | 0x0006f000 | 25,600 Bytes | 5.5% | Read, Discardable | Initialized Data |
Static Linking
FirewallAPI.dll is statically linked to the following files:msvcrt.dll
ntdll.dll
RPCRT4.dll
VERSION.dll
KERNEL32.dll
This means that when FirewallAPI.dll is loaded, the above files are automatically loaded too. If one of these files is corrupted or missing, FirewallAPI.dll won't be loaded.
General Resources Information
| Resource Type | Number of Items | Total Size | % of File |
|---|---|---|---|
| Icons | 0 | 0 Bytes | 0.0% |
| Animated Icons | 0 | 0 Bytes | 0.0% |
| Cursors | 0 | 0 Bytes | 0.0% |
| Animated Cursors | 0 | 0 Bytes | 0.0% |
| Bitmaps | 0 | 0 Bytes | 0.0% |
| AVI Files | 0 | 0 Bytes | 0.0% |
| Dialog-Boxes | 0 | 0 Bytes | 0.0% |
| HTML Related Files | 0 | 0 Bytes | 0.0% |
| Menus | 0 | 0 Bytes | 0.0% |
| Strings | 790 | 101,512 Bytes | 21.9% |
| Type Libraries | 1 | 20,000 Bytes | 4.3% |
| Manifest | 0 | 0 Bytes | 0.0% |
| All Others | 3 | 4,507 Bytes | 1.0% |
| Total | 794 | 126,019 Bytes | 27.2% |
Icons in this file
No icons found in this file
Cursors in this file
No cursors found in this file
Dialog-boxes list (up to 200 dialogs)
No dialog resources in this file.
String resources in this dll (up to 200 strings)
| String ID | String Text |
|---|---|
| 1657 | Firewall log files (*.log) |
| 1658 | Browse |
| 1675 | The value entered for the log file size is not valid. Enter a value between 1 and 32767 k. |
| 23000 | File and Printer Sharing |
| 23001 | NetBIOS Name Service |
| 23002 | NetBIOS Datagram Service |
| 23004 | NetBIOS Session Service |
| 23005 | SMB over TCP |
| 23006 | UPnP Framework |
| 23007 | SSDP Component of UPnP Framework |
| 23008 | UPnP Framework over TCP |
| 23009 | Remote Desktop |
| 23012 | Domain Name Server (DNS) |
| 23013 | Dynamic Host Configuration Protocol Server (DHCP) |
| 23014 | Dynamic Host Configuration Protocol Client (DHCP) |
| 23015 | Incoming Connection VPN (PPTP) |
| 23016 | Incoming Connection VPN (L2TP) |
| 23017 | IP Security (IPsec - IKE) |
| 23018 | IP Security (IPsec - IKE/NAT-T) |
| 23038 | Phase 1: Local address = %s, Remote address = %s |
| 23039 | Phase 2: Local address = %s, Remote address = %s |
| 23040 | , Protocol = 0x%x |
| 23041 | , Protocol = Any |
| 23042 | , Local port = 0x%x |
| 23043 | , Local port = Any |
| 23044 | , Remote port = 0x%x |
| 23045 | , Remote port = Any |
| 23090 | Windows Firewall |
| 23091 | Windows Firewall helps protect your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network. |
| 23092 | Windows Firewall Authorization Driver |
| 23093 | Windows Firewall Authorization Driver is a kernel mode driver that provides deep inspection services on inbound and outbound network traffic. |
| 23094 | Allow authenticated IPsec bypass |
| 23095 | Allows specific computers to have unrestricted, but authenticated, access to the computer. |
| 23102 | Enabled |
| 23103 | Disabled |
| 23104 | Group Policy |
| 23105 | Local Policy |
| 23106 | Group and Local Policy |
| 23107 | Domain |
| 23108 | Private |
| 23109 | All interfaces |
| 23112 | Don't allow exceptions |
| 23113 | All subnets |
| 23114 | Local subnet only |
| 23115 | Custom subnets |
| 23117 | Remove |
| 23118 | Modify |
| 23119 | Allow outgoing destination unreachable |
| 23120 | Allow outgoing source quench |
| 23121 | Allow redirect |
| 23122 | Allow incoming echo request |
| 23123 | Allow incoming router request |
| 23124 | Allow outgoing time exceeded |
| 23125 | Allow outgoing parameter problem |
| 23126 | Allow incoming timestamp request |
| 23127 | Allow incoming mask request |
| 23128 | Allow outgoing packet too big |
| 23129 | The rule was parsed successfully from the store |
| 23130 | The rule has fields that the service can successfully ignore |
| 23131 | The rule has a higher version that the service must ignore |
| 23132 | The name contains invalid characters or length |
| 23133 | The description contains invalid characters or length |
| 23134 | The application contains invalid characters or length |
| 23135 | The service contains invalid characters or length |
| 23136 | The authorized remote machines list contains invalid characters or length |
| 23137 | The authorized remote users list contains invalid characters or length |
| 23138 | The embedded context contains invalid characters or length |
| 23139 | The rule failed to be parsed correctly |
| 23140 | A semantic error: End smaller than Begin, or the port specified was zero (0) |
| 23141 | A property on Remote Addresses does not belong to the Remote Address |
| 23142 | Number of interfaces and interface buffer don't match |
| 23143 | Invalid interface type specified |
| 23144 | A rule must have a valid action |
| 23145 | A rule must include a valid direction |
| 23146 | A semantic error because the protocol and protocol dependent fields don't match |
| 23147 | There is a semantic error when considering the fields of the rule in conjunction |
| 23148 | An error occurred |
| 23149 | Enable Windows Firewall |
| 23150 | Disable Stealth Mode |
| 23151 | Windows Firewall Shielded Mode |
| 23152 | Disable Unicast Responses to Multicast |
| 23153 | Log Dropped Packets |
| 23154 | Log Successful Connections |
| 23155 | Log Ignored Rules |
| 23156 | Maximum Log File Size |
| 23157 | Log File Path |
| 23158 | Disable Inbound Notifications |
| 23159 | Allow User preferred merge of Authorized Applications |
| 23160 | Allow User preferred merge of Globally open ports |
| 23161 | Allow Local Policy Merge |
| 23162 | Allow Local IPsec Policy Merge |
| 23163 | Disabled Interfaces |
| 23164 | Default Outbound Action |
| 23165 | Default Inbound Action |
| 23166 | Current Profile |
| 23167 | Disable Stateful FTP |
| 23168 | Ignored Disable Stateful PPTP |
| 23169 | IPsec SA Idle time |
| 23170 | IPsec preshared key encoding |
| 23171 | IPsec Exempt |
| 23172 | IPsec CRL Check |
| 23173 | <All> |
| 23174 | Allow |
| 23175 | Block |
| 23176 | The rule Id contains invalid characters or length |
| 23177 | The Phase1 auth set Id contains invalid characters or length |
| 23178 | The Phase2 crypto set Id contains invalid characters or length |
| 23179 | The Phase2 auth set Id contains invalid characters or length |
| 23180 | The application name could not be resolved |
| 23181 | RuleId not specified |
| 23182 | Mismatch in number of ports and ports buffer |
| 23183 | Invalid port keyword |
| 23184 | Mismatch in number of V4 address subnets and subnets buffer |
| 23185 | Mismatch in number of V6 address subnets and subnets buffer |
| 23186 | Mismatch in number of V4 address ranges and ranges buffer |
| 23187 | Mismatch in number of V6 address ranges and ranges buffer |
| 23188 | Address range end is less than begin |
| 23189 | Invalid Mask specified on a v4 SubNet |
| 23190 | Invalid prefix specified on a V6 subnet |
| 23191 | An invalid address keyword was specified |
| 23192 | A property on Local Addresses does not belong to the LocalAddress |
| 23193 | Mismatch in number of ICMP and ICMP buffer |
| 23194 | Invalid ICMP code specified |
| 23195 | Allow-Bypass action specified, but the rule does not meet allow-bypass criteria (inbound, authenticate/encrypt flags set, remote machine auth list specified) |
| 23196 | Invalid protocol specified |
| 23197 | Invalid flags specified |
| 23198 | Autogenerate flag is set but Authenticate / Authenticate-encrypt flags not set |
| 23199 | Autogenerate flag is set but the action is block |
| 23200 | Autogenerate flag is set along with Dynamic RPC flag |
| 23201 | Authenticate and Authenticate-encrypt flags both specified |
| 23202 | Authorized remote machines or users list specified, but authenticate/encryption flags not set |
| 23203 | Number of valid OS Platforms and the list of valid OS Platforms don't match |
| 23204 | Phase1 auth set Id not specified |
| 23205 | Phase2 crypto set Id not specified |
| 23206 | Set Id not specified |
| 23207 | Invalid IPsec phase specified |
| 23208 | No suites specified in the set |
| 23209 | Invalid Phase1 auth method |
| 23210 | Invalid Phase2 auth method |
| 23211 | Anonymous auth specified as sole auth proposal (suite) |
| 23212 | Invalid auth suite flags specified |
| 23213 | Machine cert must be Health cert for phase2 auth |
| 23214 | Machine Shared Key not specified |
| 23215 | CA name not specified |
| 23216 | Both machine and user auth specified |
| 23217 | Phase 1 crypto set id is not the default |
| 23218 | Invalid Phase1 crypto set flags |
| 23219 | Invalid Phase1 crypto set timeout minutes |
| 23220 | Invalid Phase1 crypto set timeout sessions |
| 23221 | Invalid Phase1 crypto set key exchange |
| 23222 | Invalid Phase1 crypto set encryption |
| 23223 | Invalid Phase1 crypto set hash |
| 23224 | Invalid Phase2 crypto set PFS |
| 23225 | Invalid Phase2 crypto set protocol |
| 23226 | Invalid Phase2 crypto set encryption |
| 23227 | Invalid Phase2 crypto set hash |
| 23228 | Invalid Phase2 crypto set timeout seconds |
| 23229 | Invalid Phase2 crypto set timeout KBytes |
| 23230 | Authorized remote users list specified on outbound direction |
| 23231 | An unspecified, multicast, broadcast or loopback Ipv6 address was specified |
| 23232 | DoNotSecure action specified along with authentication and/or crypto sets |
| 23233 | Crypto suite encryption and hash both not specified |
| 23234 | Block action was specified in conjunction with require security or require encryption |
| 23235 | Main Mode authentication set was not found. |
| 23236 | Quick Mode authentication set was not found. |
| 23237 | Quick Mode cryptographic set was not found |
| 23238 | Specified Main Mode authentication set and Quick Mode authentication set contradict. Quick Mode authentication set cannot be specified when the Main Mode authentication set contains a pre-shared key as an authentication method. |
| 23239 | A local address cannot be used in conjunction with either an interface or interface type |
| 23240 | Program Name |
| 23241 | Interfaces |
| 23242 | Local Addresses |
| 23243 | Remote Addresses |
| 23244 | Local Port |
| 23245 | Remote Port |
| 23246 | EndPoint 1 Addresses |
| 23247 | EndPoint 2 Addresses |
| 23248 | Endpoint 1 Port |
| 23249 | Endpoint 2 Port |
| 23250 | Not Configured |
| 23251 | Invalid Profile Type specified |
| 23252 | Public |
| 23253 | An unspecified, multicast, broadcast or loopback Ipv4 address was specified |
| 23254 | Health certs cannot be specified together with regular certs |
| 23255 | None |
| 23256 | Endpoint 'any' cannot be specified for a tunnel mode rule |
| 23257 | IPsec Through NAT |
| 23258 | Policy Version |
| 23259 | Schema version specified is lesser than the schema version supported |
| 23260 | Duplicate auth methods not supported yet specified. |
| 23261 | All certificates from same CA type within a signing block must be grouped together. |
| 23262 | Port range is not supported |
| 23263 | Authenticate-DynamicEncrypt flag is not valid for outbound direction |
| 23264 | Authenticate-DynamicEncrypt flag is set but Authenticate flag is not set |
| 23265 | Authenticate-DynamicEncrypt flag is not supported |
| 23266 | Allow-Bypass action is not supported |
| 23267 | Allow-Bypass action specified, but the rule does not meet allow-bypass criteria (authenticate/encrypt flags set) |
| 23268 | 'Defer to user' setting can only be used in a firewall rule where program path and TCP/UDP protocol are specified with no additional scopes |
| 23269 | A semantic error because port range is used when the connection security rule is not an exemption rule |
| 23270 | Schema version does not support the platform operator specified. |
| 23271 | DTM rule specified but all tunnel endpoints are also specified |
COM Classes/Interfaces
| Name | Type | Description |
|---|---|---|
| INetFwAuthorizedApplication | Dispatch | |
| INetFwAuthorizedApplications | Dispatch | |
| INetFwIcmpSettings | Dispatch | |
| INetFwMgr | Dispatch | |
| INetFwOpenPort | Dispatch | |
| INetFwOpenPorts | Dispatch | |
| INetFwPolicy | Dispatch | |
| INetFwPolicy2 | Dispatch | |
| INetFwProduct | Dispatch | |
| INetFwProducts | Dispatch | |
| INetFwProfile | Dispatch | |
| INetFwRemoteAdminSettings | Dispatch | |
| INetFwRule | Dispatch | |
| INetFwRule2 | Dispatch | |
| INetFwRules | Dispatch | |
| INetFwService | Dispatch | |
| INetFwServiceRestriction | Dispatch | |
| INetFwServices | Dispatch |
Exported Functions List
The following functions are exported by this dll:| CalculateOpenPortOrAuthAppAddrStringSize | CreateDefaultPerInterfaceIcmpRule |
| CreateDefaultPerInterfaceOpenPortRule | DllCanUnloadNow |
| DllGetClassObject | DllRegisterServer |
| DllUnregisterServer | FWAddAuthenticationSet |
| FWAddConnectionSecurityRule | FWAddCryptoSet |
| FWAddFirewallRule | FWAddMainModeRule |
| FWChangeNotificationCreate | FWChangeNotificationDestroy |
| FWChangeTransactionalState | FWClosePolicyStore |
| FWCopyAuthenticationSet | FWCopyConnectionSecurityRule |
| FWCopyCryptoSet | FWCopyFirewallRule |
| FWDeleteAllAuthenticationSets | FWDeleteAllConnectionSecurityRules |
| FWDeleteAllCryptoSets | FWDeleteAllFirewallRules |
| FWDeleteAllMainModeRules | FWDeleteAuthenticationSet |
| FWDeleteConnectionSecurityRule | FWDeleteCryptoSet |
| FWDeleteFirewallRule | FWDeleteMainModeRule |
| FWDeletePhase1SAs | FWDeletePhase2SAs |
| FWDiagGetAppList | FWEnumAdapters |
| FWEnumAuthenticationSets | FWEnumConnectionSecurityRules |
| FWEnumCryptoSets | FWEnumFirewallRules |
| FWEnumMainModeRules | FWEnumNetworks |
| FWEnumPhase1SAs | FWEnumPhase2SAs |
| FWEnumProducts | FWExportPolicy |
| FWFreeAdapters | FWFreeAuthenticationSet |
| FWFreeAuthenticationSets | FWFreeConnectionSecurityRule |
| FWFreeConnectionSecurityRules | FWFreeCryptoSet |
| FWFreeCryptoSets | FWFreeDiagAppList |
| FWFreeFirewallRule | FWFreeFirewallRules |
| FWFreeFirewallRulesOld | FWFreeMainModeRule |
| FWFreeMainModeRules | FWFreeNetworks |
| FWFreePhase1SAs | FWFreePhase2SAs |
| FWFreeProducts | FWGPLock |
| FWGPUnlock | FWGetConfig |
| FWGetConfig2 | FWGetGlobalConfig |
| FWGetGlobalConfig2 | FWGetIndicatedPortInUse |
| FWImportPolicy | FWIndicatePortInUse |
| FWOpenPolicyStore | FWQueryAuthenticationSets |
| FWQueryConnectionSecurityRules | FWQueryCryptoSets |
| FWQueryFirewallRules | FWQueryMainModeRules |
| FWRegisterProduct | FWResetIndicatedPortInUse |
| FWResolveGPONames | FWRestoreDefaults |
| FWRestoreGPODefaults | FWRevertTransaction |
| FWSetAuthenticationSet | FWSetConfig |
| FWSetConnectionSecurityRule | FWSetCryptoSet |
| FWSetFirewallRule | FWSetGPHelperFnPtrs |
| FWSetGlobalConfig | FWSetMainModeRule |
| FWStatusMessageFromStatusCode | FWUnregisterProduct |
| FWVerifyAuthenticationSet | FWVerifyAuthenticationSetQuery |
| FWVerifyConnectionSecurityRule | FWVerifyConnectionSecurityRuleQuery |
| FWVerifyCryptoSet | FWVerifyCryptoSetQuery |
| FWVerifyFirewallRule | FWVerifyFirewallRuleQuery |
| FWVerifyMainModeRule | FWVerifyMainModeRuleQuery |
| FreeAbsoluteInterfaces | FwActivate |
| FwAddRule | FwAddSet |
| FwAddrChangeSourceInitialize | FwAddrChangeSourceShutdown |
| FwAddrChangeSourceSignal | FwAdvPolicyDecodeFirewallRule |
| FwAdvPolicyEncodeRule | FwAlloc |
| FwAllocCheckSize | FwAnalyzeFirewallPolicy |
| FwAnalyzeFirewallPolicyOnProfile | FwBstrToPorts |
| FwCSRuleEmpty | FwCSRuleVerify |
| FwChangeSourceInitialize | FwChangeSourceShutdown |
| FwChangeSourceSignal | FwChangeSourceSignalStart |
| FwClosePolicyStore | FwCopyAuthSet |
| FwCopyCSRule | FwCopyCryptoSet |
| FwCopyICMPTypeCode | FwCopyLUID |
| FwCopyMMRule | FwCopyMainModeRule |
| FwCopyPlatform | FwCopyPortRange |
| FwCopyPortsContents | FwCopyRule |
| FwCopyWFAddressesContents | FwCreateLocalTempStore |
| FwDeleteAllRules | FwDeleteAllSets |
| FwDeleteRule | FwDeleteSet |
| FwDestroyLocalTempStore | FwDoNothingOnObject |
| FwEmptyWFAddresses | FwEmptyWFRule |
| FwEnableMemTracing | FwEnumRules |
| FwEnumSets | FwFree |
| FwFreeAddresses | FwFreeRules |
| FwFreeSets | FwFreeWFRule |
| FwGetAddressesAsString | FwGetConfig |
| FwGetCurrentProfile | FwGetGlobalConfig |
| FwGetGlobalConfigFromLocalTempStore | FwGetVersionField |
| FwICFProfileToWfProfile | FwICFProtocolToWfProtocol |
| FwIPV4RangeContainsMulticast | FwIPV6RangeContainsMulticast |
| FwIsGroupPolicyEnforced | FwIsRemoteManagementEnabled |
| FwMMRuleVerify | FwMigrateLegacyAuthenticatedBypassSddl |
| FwMigrateLegacySettings | FwOpenPolicyStore |
| FwParseAddressToken | FwPortsToBstr |
| FwReduceObjectsToVersion | FwResolveIndirectString |
| FwRuleResolveFlags | FwSddlStringVerify |
| FwSetConfig | FwSetGlobalConfig |
| FwSetMemLeakPolicy | FwSetResolveFlags |
| FwSetRule | FwSetSet |
| FwStringToAddresses | FwUniteWFAddressesContents |
| FwVerifyNoHeapLeaks | FwVerifyWFRuleSemantics |
| FwWfProtocolToICFProtocol | GetDisabledInterfaces |
| GetOpenPortOrAuthAppAddrScope | IcfAddrChangeNotificationCreate |
| IcfChangeNotificationCreate | IcfChangeNotificationDestroy |
| IcfConnect | IcfDisconnect |
| IcfFreeDynamicFwPorts | IcfFreeProfile |
| IcfFreeTickets | IcfGetCurrentProfileType |
| IcfGetDynamicFwPorts | IcfGetOperationalMode |
| IcfGetProfile | IcfGetTickets |
| IcfIsPortAllowed | IcfOpenDynamicFwPortWithoutSocket |
| IcfSubNetsGetScope | IsAddressesEmpty |
| IsPortOrICMPAllowed | IsPortsEmpty |
| IsRuleOldAuthApp | IsRuleOldGlobalOpenPort |
| IsRuleOpenPortOrAuthApp | IsRulePerInterfaceIcmp |
| IsRulePerInterfaceOpenPort | Isv4Orv6AddressesEmpty |
| LoadGPExtensionDll | MakeAbsoluteInterfaces |
| OpenPortOrAuthAppAddrToString | ValidatePortOrAppAddressString |
Imported Functions List
The following functions are imported by this dll:- msvcrt.dll:
_CxxThrowException _XcptFilter __CxxFrameHandler _amsg_exit _except_handler4_common _initterm _ultow _vsnwprintf _wcsicmp _wcsnicmp free iswalpha iswdigit malloc memcpy memmove memset public: virtual __thiscall type_info::~type_info(void) qsort realloc towupper void * __cdecl operator new(unsigned int) void * __cdecl operator new[](unsigned int) void __cdecl operator delete(void *) void __cdecl operator delete[](void *) void __cdecl terminate(void) wcschr wcsncmp wcspbrk wcstok wcstoul - ntdll.dll:
EtwEventRegister EtwEventUnregister EtwEventWrite EtwGetTraceEnableFlags EtwGetTraceEnableLevel EtwGetTraceLoggerHandle EtwRegisterTraceGuidsW EtwTraceMessage EtwUnregisterTraceGuids NtClose NtOpenSymbolicLinkObject NtQueryObject NtQuerySymbolicLinkObject RtlInitUnicodeString RtlIpv4AddressToStringW RtlIpv4StringToAddressW RtlIpv6AddressToStringW RtlIpv6StringToAddressW RtlNtStatusToDosError - RPCRT4.dll:
IUnknown_AddRef_Proxy IUnknown_QueryInterface_Proxy IUnknown_Release_Proxy NdrCStdStubBuffer2_Release NdrClientCall2 NdrDllCanUnloadNow NdrDllGetClassObject NdrDllRegisterProxy NdrDllUnregisterProxy NdrOleAllocate NdrOleFree NdrStubCall2 NdrStubForwardingFunction RpcBindingFree RpcBindingFromStringBindingW RpcBindingSetAuthInfoExW RpcBindingSetOption RpcEpResolveBinding RpcStringBindingComposeW RpcStringFreeW UuidCreate UuidToStringW - VERSION.dll:
GetFileVersionInfoSizeW GetFileVersionInfoW VerQueryValueW - KERNEL32.dll:
CloseHandle CompareStringOrdinal CompareStringW CreateEventW CreateFileW DelayLoadFailureHook DisableThreadLibraryCalls ExpandEnvironmentStringsW FindResourceW FormatMessageW FreeLibrary GetComputerNameExW GetCurrentProcess GetCurrentProcessId GetCurrentThread GetCurrentThreadId GetLastError GetLongPathNameW GetModuleFileNameW GetModuleHandleW GetProcAddress GetProcessHeap GetSystemInfo GetSystemTimeAsFileTime GetTickCount GetVersionExW HeapDestroy HeapFree InitializeCriticalSectionAndSpinCount InterlockedCompareExchange InterlockedDecrement InterlockedExchange InterlockedIncrement LoadLibraryExA LoadLibraryExW LoadLibraryW LoadResource LocalAlloc LocalFree MultiByteToWideChar QueryPerformanceCounter QueueUserWorkItem RegisterWaitForSingleObject SetEvent SetLastError SetUnhandledExceptionFilter SizeofResource Sleep TerminateProcess UnhandledExceptionFilter UnregisterWaitEx VirtualAlloc VirtualProtect VirtualQuery WaitForSingleObject lstrcatW lstrcmpiW lstrcpyW lstrcpynW lstrlen lstrlenW ntdll!RtlAllocateHeap ntdll!RtlDeleteCriticalSection ntdll!RtlEnterCriticalSection ntdll!RtlInitializeCriticalSection ntdll!RtlLeaveCriticalSection