wince_coredll_funcions.py

import idaapi

# windows CE function name fixing for coredll functions

coredll_exports = {1572: "??0exception@std@@QAE@ABV01@@Z", 1571: "??0exception@std@@QAE@PBD@Z", 1570: "??0exception@std@@QAE@XZ", 1568: "??0type_info@@AAE@ABV0@@Z", 1574: "??1exception@std@@UAE@XZ", 1562: "??1type_info@@UAE@XZ", 1095: "??2@YAPAXI@Z", 1646: "??2@YAPAXIABUnothrow_t@std@@@Z", 1094: "??3@YAXPAX@Z", 1662: "??3@YAXPAXABUnothrow_t@std@@@Z", 1573: "??4exception@std@@QAEAAV01@ABV01@@Z", 1569: "??4type_info@@AAEAAV0@ABV0@@Z", 1563: "??8type_info@@QBEHABV0@@Z", 1564: "??9type_info@@QBEHABV0@@Z", 1579: "??_7exception@std@@6B@", 1580: "??_7type_info@@6B@", 1576: "??_L@YGXPAXIHP6EX0@Z1@Z", 1578: "??_M@YGXPAXIHP6EX0@Z@Z", 1577: "??_N@YGXPAXIHP6EX0@Z1@Z", 1456: "??_U@YAPAXI@Z", 1661: "??_U@YAPAXIABUnothrow_t@std@@@Z", 1457: "??_V@YAXPAX@Z", 1663: "??_V@YAXPAXABUnothrow_t@std@@@Z", 2694: "??__C@YGXPAX0IHP6EX00@ZP6EX0@Z@Z", 2695: "??__D@YGXPAX0IHP6EX00@ZP6EX0@Z@Z", 1660: "?_Nomemory@std@@YAXXZ", 1658: "?_Xlen@std@@YAXXZ", 1659: "?_Xran@std@@YAXXZ", 1555: "?__set_inconsistency@@YAP6AXXZP6AXXZ@Z", 1558: "?_inconsistency@@YAXXZ", 1618: "?_query_new_handler@@YAP6AHI@ZXZ", 1649: "?_query_new_mode@@YAHXZ", 1650: "?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z", 1648: "?_set_new_mode@@YAHH@Z", 1565: "?before@type_info@@QBEHABV1@@Z", 1566: "?name@type_info@@QBEPBDXZ", 1647: "?nothrow@std@@3Unothrow_t@1@B", 1567: "?raw_name@type_info@@QBEPBDXZ", 1619: "?set_new_handler@@YAP6AXXZP6AXXZ@Z", 1552: "?set_terminate@std@@YAP6AXXZP6AXXZ@Z", 1553: "?set_unexpected@std@@YAP6AXXZP6AXXZ@Z", 1556: "?terminate@std@@YAXXZ", 1967: "?uncaught_exception@std@@YA_NXZ", 1557: "?unexpected@std@@YAXXZ", 1575: "?what@exception@std@@UBEPBDXZ", 2613: "AFDSelect", 2612: "AFDSocket", 655: "AFS_CloseAllFileHandles", 644: "AFS_CreateDirectoryW", 648: "AFS_CreateFileW", 649: "AFS_DeleteFileW", 1685: "AFS_FindFirstChangeNotificationW", 651: "AFS_FindFirstFileW", 1966: "AFS_FsIoControlW", 656: "AFS_GetDiskFreeSpace", 646: "AFS_GetFileAttributesW", 2710: "AFS_GetFileSecurityW", 650: "AFS_MoveFileW", 657: "AFS_NotifyMountedFS", 654: "AFS_PrestoChangoFileName", 652: "AFS_RegisterFileSystemFunction", 645: "AFS_RemoveDirectoryW", 647: "AFS_SetFileAttributesW", 2709: "AFS_SetFileSecurityW", 643: "AFS_Unmount", 1791: "A_SHAFinal", 1789: "A_SHAInit", 1790: "A_SHAUpdate", 1540: "AccessibilitySoundSentryEvent", 1179: "ActivateDevice", 1494: "ActivateDeviceEx", 1508: "ActivateService", 558: "AddEventAccess", 578: "AddTrackedItem", 2546: "AddVectoredExceptionHandler", 1687: "AdvertiseInterface", 1486: "AllocPhysMem", 2707: "AnimateRects", 157: "AttachDebugger", 1955: "AttachHdstub", 1956: "AttachOsAxsT0", 1982: "AttachOsAxsT1", 1972: "BackupEventLogW", 1157: "BeginDeferWindowPos", 260: "BeginPaint", 593: "BinaryCompress", 594: "BinaryDecompress", 275: "BringWindowToTop", 1765: "CacheRangeFlush", 577: "CacheSync", 285: "CallWindowProcW", 1960: "CaptureDumpFileOnDevice", 1927: "CeAccessCheck", 2571: "CeAllocAsynchronousBuffer", 2573: "CeAllocDuplicateBuffer", 2606: "CeCallUserProc", 2509: "CeCertVerify", 340: "CeChangeDatabaseLCID", 474: "CeClearUserNotification", 2570: "CeCloseCallerBuffer", 2704: "CeClosePolicy", 1931: "CeConvertSDToStr", 1930: "CeConvertStrToSD", 315: "CeCreateDatabase", 1190: "CeCreateDatabaseEx", 1468: "CeCreateDatabaseEx2", 1932: "CeCreateToken", 1929: "CeCreateTokenFromAccount", 318: "CeDeleteDatabase", 1193: "CeDeleteDatabaseEx", 320: "CeDeleteRecord", 1165: "CeEnumDBVolumes", 479: "CeEventHasOccurred", 1952: "CeFindCloseRegChange", 313: "CeFindFirstDatabase", 1196: "CeFindFirstDatabaseEx", 1950: "CeFindFirstRegChange", 314: "CeFindNextDatabase", 1189: "CeFindNextDatabaseEx", 1951: "CeFindNextRegChange", 2607: "CeFlushAsynchronousBuffer", 1217: "CeFlushDBVol", 2572: "CeFreeAsynchronousBuffer", 2574: "CeFreeDuplicateBuffer", 1226: "CeFreeNotification", 1965: "CeFsIoControlW", 1601: "CeGenRandom", 1395: "CeGetCallerTrust", 1957: "CeGetCanonicalPathNameW", 1357: "CeGetCurrentTrust", 1473: "CeGetDBInformationByHandle", 1798: "CeGetFileNotificationInfo", 2568: "CeGetGroupSID", 2713: "CeGetModuleHeapInfo", 1994: "CeGetModuleInfo", 1823: "CeGetNotificationThreadId", 2567: "CeGetOwnerSID", 2703: "CeGetPolicyInfo", 2510: "CeGetProcessTrust", 1443: "CeGetRandomSeed", 2537: "CeGetRawTime", 2529: "CeGetRawTimeOffset", 622: "CeGetThreadPriority", 1245: "CeGetThreadQuantum", 1354: "CeGetUserNotification", 1353: "CeGetUserNotificationHandles", 478: "CeGetUserNotificationPreferences", 1978: "CeGetVolumeInfoW", 477: "CeHandleAppNotifications", 1836: "CeHeapCreate", 1935: "CeImpersonateCurrentProcess", 1933: "CeImpersonateToken", 1451: "CeLogData", 1681: "CeLogGetZones", 1467: "CeLogReSync", 1452: "CeLogSetZones", 1446: "CeMapArgumentArray", 53: "CeModuleJit", 1164: "CeMountDBVol", 312: "CeOidGetInfo", 1195: "CeOidGetInfoEx", 1472: "CeOidGetInfoEx2", 2569: "CeOpenCallerBuffer", 317: "CeOpenDatabase", 1192: "CeOpenDatabaseEx", 1469: "CeOpenDatabaseEx2", 2511: "CeOpenFileHandle", 2699: "CeOpenModuleByPolicy", 2701: "CeOpenPolicy", 2700: "CePolicyCheck", 2702: "CePolicyCheckByHandle", 1928: "CePrivilegeCheck", 321: "CeReadRecordProps", 1194: "CeReadRecordPropsEx", 2505: "CeRegGetInfo", 2506: "CeRegGetNotificationInfo", 2504: "CeRegTestSetValueW", 331: "CeRegisterFileSystemNotification", 2544: "CeRemoteHeapCreate", 2545: "CeRemoteHeapTranslatePointer", 1425: "CeResyncFilesys", 1926: "CeRevertToSelf", 476: "CeRunAppAtEvent", 475: "CeRunAppAtTime", 2508: "CeSafeCopyMemory", 319: "CeSeekDatabase", 1470: "CeSeekDatabaseEx", 316: "CeSetDatabaseInfo", 1191: "CeSetDatabaseInfoEx", 1471: "CeSetDatabaseInfoEx2", 2542: "CeSetDirectCall", 1455: "CeSetExtendedPdata", 1688: "CeSetPowerOnEvent", 1775: "CeSetProcessVersion", 621: "CeSetThreadPriority", 1244: "CeSetThreadQuantum", 473: "CeSetUserNotification", 1352: "CeSetUserNotificationEx", 1197: "CeUnmountDBVol", 1812: "CeVirtualSharedAlloc", 322: "CeWriteRecordProps", 1781: "CeZeroPointer", 1611: "ChangeDisplaySettingsEx", 222: "CharLowerBuffW", 221: "CharLowerW", 226: "CharNextW", 225: "CharPrevW", 223: "CharUpperBuffW", 224: "CharUpperW", 2507: "CheckRemoteDebuggerPresent", 253: "ChildWindowFromPoint", 107: "ClearCommBreak", 108: "ClearCommError", 1818: "ClearEventLogW", 254: "ClientToScreen", 242: "CloseAllFileHandles", 1511: "CloseAllServiceHandles", 1971: "CloseEventLog", 553: "CloseHandle", 1533: "CloseMsgQueue", 1240: "ComThreadBaseFunc", 54: "CompactAllHeaps", 18: "CompareFileTime", 198: "CompareStringW", 633: "ConnectDebugger", 1953: "ConnectHdstub", 1954: "ConnectOsAxsT0", 1983: "ConnectOsAxsT1", 504: "ContinueDebugEvent", 210: "ConvertDefaultLocale", 1958: "CopyFileExW", 164: "CopyFileW", 96: "CopyRect", 636: "CreateAPIHandle", 2539: "CreateAPISet", 688: "CreateDialogIndirectParamW", 160: "CreateDirectoryW", 1976: "CreateEnrollmentConfigDialog", 495: "CreateEventW", 552: "CreateFileForMapping", 1167: "CreateFileForMappingW", 548: "CreateFileMappingW", 168: "CreateFileW", 1466: "CreateLocaleView", 1529: "CreateMsgQueue", 555: "CreateMutexW", 2584: "CreatePartition", 2585: "CreatePartitionEx", 493: "CreateProcessW", 1238: "CreateSemaphoreW", 1512: "CreateServiceHandle", 1539: "CreateStaticMapping", 492: "CreateThread", 2530: "CreateWatchDogTimer", 246: "CreateWindowExW", 1881: "CredDelete", 1882: "CredFree", 1879: "CredRead", 1880: "CredUpdate", 1878: "CredWrite", 126: "CryptAcquireContextW", 154: "CryptContextAddRef", 137: "CryptCreateHash", 136: "CryptDecrypt", 129: "CryptDeriveKey", 140: "CryptDestroyHash", 130: "CryptDestroyKey", 156: "CryptDuplicateHash", 155: "CryptDuplicateKey", 135: "CryptEncrypt", 152: "CryptEnumProviderTypesW", 153: "CryptEnumProvidersW", 133: "CryptExportKey", 128: "CryptGenKey", 143: "CryptGenRandom", 151: "CryptGetDefaultProviderW", 146: "CryptGetHashParam", 132: "CryptGetKeyParam", 148: "CryptGetProvParam", 144: "CryptGetUserKey", 139: "CryptHashData", 138: "CryptHashSessionKey", 134: "CryptImportKey", 1599: "CryptProtectData", 127: "CryptReleaseContext", 147: "CryptSetHashParam", 131: "CryptSetKeyParam", 149: "CryptSetProvParam", 150: "CryptSetProviderExW", 145: "CryptSetProviderW", 141: "CryptSignHashW", 1600: "CryptUnprotectData", 142: "CryptVerifySignatureW", 233: "DBCanonicalize", 1669: "DDKReg_GetIsrInfo", 1670: "DDKReg_GetPciInfo", 1668: "DDKReg_GetWindowInfo", 1180: "DeactivateDevice", 505: "DebugActiveProcess", 1991: "DebugActiveProcessStop", 642: "DebugNotify", 1992: "DebugSetProcessKillOnExit", 1776: "DecompressBinaryBlock", 264: "DefWindowProcW", 1218: "DefaultImcGet", 1219: "DefaultImeWndGet", 1158: "DeferWindowPos", 183: "DeleteAndRenameFile", 3: "DeleteCriticalSection", 165: "DeleteFileW", 2586: "DeletePartition", 1826: "DeleteStaticMapping", 579: "DeleteTrackedItem", 335: "DeregisterAFS", 339: "DeregisterAFSName", 236: "DeregisterDevice", 1821: "DeregisterEventSource", 1510: "DeregisterService", 265: "DestroyWindow", 179: "DeviceIoControl", 1588: "DevicePowerNotify", 690: "DialogBoxIndirectParamW", 1232: "DisableThreadLibraryCalls", 2589: "DismountPartition", 2578: "DismountStore", 859: "DispatchMessageW", 341: "DumpFileSystemHeap", 510: "DumpKCallProfile", 1535: "DuplicateHandle", 287: "EnableWindow", 1159: "EndDeferWindowPos", 261: "EndPaint", 4: "EnterCriticalSection", 206: "EnumCalendarInfoW", 208: "EnumDateFormatsW", 1874: "EnumDeviceInterfaces", 124: "EnumDevices", 123: "EnumPnpIds", 1517: "EnumServices", 220: "EnumSystemCodePagesW", 219: "EnumSystemLocalesW", 207: "EnumTimeFormatsW", 1320: "EnumUILanguagesW", 291: "EnumWindows", 97: "EqualRect", 109: "EscapeCommFunction", 494: "EventModify", 6: "ExitThread", 573: "ExtractResource", 241: "FileSystemPowerFunction", 21: "FileTimeToLocalFileTime", 20: "FileTimeToSystemTime", 585: "FilterTrackedItem", 180: "FindClose", 1684: "FindCloseChangeNotification", 2597: "FindClosePartition", 2582: "FindCloseStore", 1682: "FindFirstChangeNotificationW", 1872: "FindFirstDevice", 1235: "FindFirstFileExW", 167: "FindFirstFileW", 2595: "FindFirstPartition", 2580: "FindFirstStore", 1683: "FindNextChangeNotification", 1873: "FindNextDevice", 181: "FindNextFileW", 2596: "FindNextPartition", 2581: "FindNextStore", 531: "FindResource", 532: "FindResourceW", 286: "FindWindowW", 175: "FlushFileBuffers", 508: "FlushInstructionCache", 551: "FlushViewOfFile", 1215: "FlushViewOfFileMaybe", 218: "FoldStringW", 540: "ForcePageout", 1829: "ForcePixelDoubling", 234: "FormatMessageW", 2593: "FormatPartition", 2594: "FormatPartitionEx", 2579: "FormatStore", 2605: "ForwardDeviceIoControl", 1476: "FreeIntChainHandler", 529: "FreeLibrary", 1216: "FreeLibraryAndExitThread", 1487: "FreePhysMem", 186: "GetACP", 32: "GetAPIAddress", 300: "GetAssociatedMenu", 188: "GetCPInfo", 1228: "GetCRTFlags", 1760: "GetCallStackSnapshot", 607: "GetCallerProcess", 641: "GetCallerProcessIndex", 2603: "GetCallerVMProcessId", 878: "GetClassInfoW", 881: "GetClassLong", 879: "GetClassLongW", 283: "GetClassNameW", 249: "GetClientRect", 110: "GetCommMask", 111: "GetCommModemStatus", 112: "GetCommProperties", 113: "GetCommState", 114: "GetCommTimeouts", 1231: "GetCommandLineW", 205: "GetCurrencyFormatW", 29: "GetCurrentFT", 612: "GetCurrentPermissions", 262: "GetDC", 1185: "GetDCEx", 203: "GetDateFormatW", 1397: "GetDesktopWindow", 1236: "GetDeviceByIndex", 1961: "GetDeviceHandleFromContext", 1870: "GetDeviceInformationByDeviceHandle", 1871: "GetDeviceInformationByFileHandle", 125: "GetDeviceKeys", 1679: "GetDevicePower", 1993: "GetDeviceUniqueID", 2604: "GetDirectCallerProcessId", 184: "GetDiskFreeSpaceExW", 1527: "GetEventData", 519: "GetExitCodeProcess", 518: "GetExitCodeThread", 603: "GetFSHeapInfo", 1237: "GetFileAttributesExW", 166: "GetFileAttributesW", 174: "GetFileInformationByHandle", 2712: "GetFileSecurityW", 172: "GetFileSize", 176: "GetFileTime", 1461: "GetFileVersionInfoSizeW", 1460: "GetFileVersionInfoW", 1867: "GetGweApiSetTables", 2575: "GetHandleServerId", 52: "GetHeapSnapshot", 608: "GetIdleTime", 581: "GetKPhys", 860: "GetKeyState", 516: "GetLastError", 23: "GetLocalTime", 200: "GetLocaleInfoW", 862: "GetMessagePos", 1477: "GetMessageQueueReadyTimeStamp", 872: "GetMessageSource", 861: "GetMessageW", 863: "GetMessageWNoWait", 537: "GetModuleFileNameW", 1177: "GetModuleHandleW", 1721: "GetModuleInformation", 1532: "GetMsgQueueInfo", 1886: "GetNlsTables", 204: "GetNumberFormatW", 187: "GetOEMCP", 606: "GetOwnerProcess", 269: "GetParent", 2592: "GetPartitionInfo", 602: "GetProcAddrBits", 1230: "GetProcAddressA", 2599: "GetProcAddressInProcess", 530: "GetProcAddressW", 600: "GetProcFromPtr", 624: "GetProcName", 50: "GetProcessHeap", 1727: "GetProcessIDFromIndex", 2560: "GetProcessId", 2559: "GetProcessIdOfThread", 640: "GetProcessIndexFromID", 536: "GetProcessVersion", 1420: "GetQueueStatus", 570: "GetRealTime", 576: "GetRomFileBytes", 575: "GetRomFileInfo", 1513: "GetServiceByIndex", 1518: "GetServiceHandle", 1149: "GetStdioPathW", 2583: "GetStoreInfo", 323: "GetStoreInformation", 217: "GetStringTypeExW", 216: "GetStringTypeW", 213: "GetSystemDefaultLCID", 211: "GetSystemDefaultLangID", 1317: "GetSystemDefaultUILanguage", 542: "GetSystemInfo", 336: "GetSystemMemoryDivision", 885: "GetSystemMetrics", 1581: "GetSystemPowerState", 25: "GetSystemTime", 2536: "GetSystemTimeAsFileTime", 1234: "GetTempFileNameW", 162: "GetTempPathW", 1811: "GetThreadCallStack", 1148: "GetThreadContext", 2558: "GetThreadId", 515: "GetThreadPriority", 1186: "GetThreadTimes", 535: "GetTickCount", 202: "GetTimeFormatW", 27: "GetTimeZoneInformation", 274: "GetUpdateRect", 273: "GetUpdateRgn", 215: "GetUserDefaultLCID", 212: "GetUserDefaultLangID", 1318: "GetUserDefaultUILanguage", 1686: "GetUserDirectory", 1503: "GetUserNameExW", 17: "GetVersionEx", 717: "GetVersionExW", 251: "GetWindow", 270: "GetWindowDC", 259: "GetWindowLongW", 248: "GetWindowRect", 1399: "GetWindowRgn", 276: "GetWindowTextLengthW", 257: "GetWindowTextW", 1454: "GetWindowTextWDirect", 292: "GetWindowThreadProcessId", 582: "GiveKPhys", 88: "GlobalMemoryStatus", 1722: "GwesPowerDown", 296: "GwesPowerOffSystem", 1723: "GwesPowerUp", 46: "HeapAlloc", 1999: "HeapAllocTrace", 1884: "HeapCompact", 44: "HeapCreate", 45: "HeapDestroy", 49: "HeapFree", 47: "HeapReAlloc", 48: "HeapSize", 51: "HeapValidate", 1979: "ImmActivateLayout", 770: "ImmAssociateContext", 1205: "ImmAssociateContextEx", 771: "ImmConfigureIMEW", 1198: "ImmCreateContext", 772: "ImmCreateIMCC", 1199: "ImmDestroyContext", 773: "ImmDestroyIMCC", 1206: "ImmDisableIME", 1541: "ImmEnableIME", 774: "ImmEnumRegisterWordW", 775: "ImmEscapeW", 776: "ImmGenerateMessage", 778: "ImmGetCandidateListCountW", 777: "ImmGetCandidateListW", 779: "ImmGetCandidateWindow", 780: "ImmGetCompositionFontW", 781: "ImmGetCompositionStringW", 782: "ImmGetCompositionWindow", 783: "ImmGetContext", 784: "ImmGetConversionListW", 785: "ImmGetConversionStatus", 786: "ImmGetDefaultIMEWnd", 787: "ImmGetDescriptionW", 788: "ImmGetGuideLineW", 813: "ImmGetHotKey", 789: "ImmGetIMCCLockCount", 790: "ImmGetIMCCSize", 791: "ImmGetIMCLockCount", 1207: "ImmGetIMEFileNameW", 2610: "ImmGetImcInfo", 1211: "ImmGetImeMenuItemsW", 1769: "ImmGetKeyboardLayout", 792: "ImmGetOpenStatus", 793: "ImmGetProperty", 794: "ImmGetRegisterWordStyleW", 1200: "ImmGetStatusWindowPos", 1223: "ImmGetUIClassName", 1210: "ImmGetVirtualKey", 1209: "ImmIsIME", 796: "ImmIsUIMessageW", 797: "ImmLockIMC", 798: "ImmLockIMCC", 800: "ImmNotifyIME", 1220: "ImmProcessKey", 801: "ImmReSizeIMCC", 802: "ImmRegisterWordW", 803: "ImmReleaseContext", 1242: "ImmRequestMessageW", 804: "ImmSIPanelState", 1980: "ImmSendNotification", 806: "ImmSetActiveContext", 807: "ImmSetCandidateWindow", 808: "ImmSetCompositionFontW", 809: "ImmSetCompositionStringW", 810: "ImmSetCompositionWindow", 811: "ImmSetConversionStatus", 812: "ImmSetHotKey", 1222: "ImmSetImeWndIMC", 814: "ImmSetOpenStatus", 815: "ImmSetStatusWindowPos", 816: "ImmSimulateHotKey", 1221: "ImmTranslateMessage", 817: "ImmUnlockIMC", 818: "ImmUnlockIMCC", 819: "ImmUnregisterWordW", 2598: "Imm_DllEntry", 1419: "InSendMessage", 98: "InflateRect", 8: "InitLocale", 2: "InitializeCriticalSection", 2561: "InitializeUsrCoredllCallbacks", 595: "InputDebugCharW", 2614: "IntChainHandlerIoControl", 1492: "InterlockedCompareExchange", 11: "InterlockedDecrement", 12: "InterlockedExchange", 1491: "InterlockedExchangeAdd", 10: "InterlockedIncrement", 629: "InterruptDisable", 628: "InterruptDone", 627: "InterruptInitialize", 1797: "InterruptMask", 99: "IntersectRect", 250: "InvalidateRect", 1615: "InvalidateRgn", 30: "IsAPIReady", 521: "IsBadCodePtr", 601: "IsBadPtr", 522: "IsBadReadPtr", 523: "IsBadWritePtr", 277: "IsChild", 191: "IsDBCSLeadByte", 192: "IsDBCSLeadByteEx", 613: "IsEncryptionPermitted", 159: "IsExiting", 1830: "IsForcePixelDoubling", 1981: "IsNamedEventSignaled", 610: "IsPrimaryThread", 1213: "IsProcessDying", 1758: "IsProcessorFeaturePresent", 100: "IsRectEmpty", 1680: "IsSystemFile", 185: "IsValidCodePage", 209: "IsValidLocale", 271: "IsWindow", 288: "IsWindowEnabled", 886: "IsWindowVisible", 574: "KernExtractIcons", 557: "KernelIoControl", 1489: "KernelLibIoControl", 2518: "LASSClose", 2517: "LASSGetResult", 2515: "LASSGetValue", 1828: "LASSReloadConfig", 199: "LCMapStringW", 5: "LeaveCriticalSection", 626: "LoadDriver", 237: "LoadFSD", 1421: "LoadFSDEx", 1475: "LoadIntChainHandler", 1671: "LoadKernelLibrary", 1241: "LoadLibraryExW", 528: "LoadLibraryW", 533: "LoadResource", 874: "LoadStringW", 33: "LocalAlloc", 41: "LocalAllocInProcess", 2602: "LocalAllocTrace", 22: "LocalFileTimeToFileTime", 36: "LocalFree", 42: "LocalFreeInProcess", 34: "LocalReAlloc", 35: "LocalSize", 43: "LocalSizeInProcess", 2553: "LockAPIHandle", 1973: "LockEventLog", 1968: "LockFileEx", 1161: "LockPages", 1794: "MD5Final", 1792: "MD5Init", 1793: "MD5Update", 14: "MainThreadBaseFunc", 1602: "MapCallerPtr", 1603: "MapPtrToProcWithSize", 598: "MapPtrToProcess", 599: "MapPtrUnsecure", 549: "MapViewOfFile", 284: "MapWindowPoints", 1959: "MatchesWildcardMask", 858: "MessageBoxW", 2588: "MountPartition", 163: "MoveFileW", 272: "MoveWindow", 871: "MsgWaitForMultipleObjectsEx", 1877: "MulDiv", 196: "MultiByteToWideChar", 545: "NKDbgPrintfW", 568: "NKvDbgPrintfW", 513: "NotifyForceCleanboot", 716: "NotifyWinUserSystem", 101: "OffsetRect", 1396: "OpenDeviceKey", 1970: "OpenEventLogW", 1496: "OpenEventW", 1536: "OpenMsgQueue", 2587: "OpenPartition", 509: "OpenProcess", 2577: "OpenStore", 2551: "OpenThread", 2531: "OpenWatchDogTimer", 541: "OutputDebugStringW", 638: "PPSHRestart", 7: "PSLNotify", 1780: "PageOutModule", 864: "PeekMessageW", 468: "PegClearUserNotification", 304: "PegCreateDatabase", 307: "PegDeleteDatabase", 309: "PegDeleteRecord", 302: "PegFindFirstDatabase", 303: "PegFindNextDatabase", 472: "PegGetUserNotificationPreferences", 471: "PegHandleAppNotifications", 301: "PegOidGetInfo", 306: "PegOpenDatabase", 310: "PegReadRecordProps", 470: "PegRunAppAtEvent", 469: "PegRunAppAtTime", 308: "PegSeekDatabase", 305: "PegSetDatabaseInfo", 467: "PegSetUserNotification", 311: "PegWriteRecordProps", 1448: "PerformCallBack4", 865: "PostMessageW", 866: "PostQuitMessage", 290: "PostThreadMessageW", 617: "PowerOffSystem", 1764: "PowerPolicyNotify", 605: "PrepareThreadExit", 580: "PrintTrackedItem", 1800: "ProfileCaptureStatus", 82: "ProfileStart", 1801: "ProfileStartEx", 83: "ProfileStop", 569: "ProfileSyscall", 102: "PtInRect", 115: "PurgeComm", 490: "QueryAPISetID", 1677: "QueryInstructionSet", 538: "QueryPerformanceCounter", 539: "QueryPerformanceFrequency", 2576: "REL_UDriverProcIoControl", 543: "RaiseException", 80: "Random", 1975: "ReadEventLogRaw", 170: "ReadFile", 1831: "ReadFileScatter", 243: "ReadFileWithSeek", 1530: "ReadMsgQueue", 2538: "ReadMsgQueueEx", 506: "ReadProcessMemory", 1153: "ReadRegistryFromOEM", 294: "RectangleAnimation", 1672: "RedrawWindow", 587: "RefreshKernelAlarm", 2534: "RefreshWatchDogTimer", 455: "RegCloseKey", 465: "RegCopyFile", 456: "RegCreateKeyExW", 457: "RegDeleteKeyW", 458: "RegDeleteValueW", 460: "RegEnumKeyExW", 459: "RegEnumValueW", 1152: "RegFlushKey", 461: "RegOpenKeyExW", 1542: "RegOpenProcessKey", 462: "RegQueryInfoKeyW", 463: "RegQueryValueExW", 1479: "RegReplaceKey", 466: "RegRestoreFile", 1478: "RegSaveKey", 464: "RegSetValueExW", 1490: "RegisterAFSEx", 338: "RegisterAFSName", 635: "RegisterAPISet", 95: "RegisterClassW", 546: "RegisterDbgZones", 235: "RegisterDevice", 2555: "RegisterDirectMethods", 1820: "RegisterEventSourceW", 1609: "RegisterPowerRelationship", 293: "RegisterSIPanel", 1509: "RegisterService", 584: "RegisterTrackedItem", 1799: "ReinitLocale", 263: "ReleaseDC", 556: "ReleaseMutex", 1610: "ReleasePowerRelationship", 1584: "ReleasePowerRequirement", 1239: "ReleaseSemaphore", 1604: "RemoteHeapAlloc", 1606: "RemoteHeapFree", 1605: "RemoteHeapReAlloc", 1607: "RemoteHeapSize", 37: "RemoteLocalAlloc", 40: "RemoteLocalFree", 38: "RemoteLocalReAlloc", 39: "RemoteLocalSize", 161: "RemoveDirectoryW", 2547: "RemoveVectoredExceptionHandler", 2590: "RenamePartition", 1819: "ReportEventW", 1964: "ReportFault", 1504: "RequestDeviceNotifications", 1585: "RequestPowerNotifications", 1612: "ResourceCreateList", 1835: "ResourceDestroyList", 1834: "ResourceMarkAsShareable", 1614: "ResourceRelease", 1613: "ResourceRequest", 1833: "ResourceRequestEx", 500: "ResumeThread", 255: "ScreenToClient", 289: "ScrollWindowEx", 1495: "SendMessageTimeout", 868: "SendMessageW", 869: "SendNotifyMessageW", 1515: "ServiceAddPort", 1759: "ServiceClosePort", 1514: "ServiceIoControl", 1516: "ServiceUnbindPorts", 189: "SetACP", 2611: "SetAPIErrorHandler", 299: "SetAssociatedMenu", 882: "SetClassLong", 880: "SetClassLongW", 615: "SetCleanRebootFlag", 116: "SetCommBreak", 117: "SetCommMask", 118: "SetCommState", 119: "SetCommTimeouts", 1501: "SetCurrentUser", 547: "SetDaylightTime", 618: "SetDbgZone", 1678: "SetDevicePower", 178: "SetEndOfFile", 1528: "SetEventData", 583: "SetExceptionHandler", 169: "SetFileAttributesW", 173: "SetFilePointer", 2711: "SetFileSecurityW", 177: "SetFileTime", 590: "SetGwesOOMEvent", 632: "SetGwesPowerHandler", 625: "SetHandleOwner", 2550: "SetHandleOwnerWorkaround", 634: "SetHardwareWatch", 158: "SetInterruptEvent", 630: "SetKMode", 586: "SetKernelAlarm", 517: "SetLastError", 24: "SetLocalTime", 201: "SetLocaleInfoW", 609: "SetLowestScheduledPriority", 190: "SetOEMCP", 1462: "SetOOMEvent", 268: "SetParent", 2591: "SetPartitionAttributes", 631: "SetPowerOffHandler", 1583: "SetPowerRequirement", 611: "SetProcPermissions", 571: "SetRealTime", 103: "SetRect", 104: "SetRectEmpty", 1150: "SetStdioPathW", 214: "SetSystemDefaultLCID", 337: "SetSystemMemoryDivision", 1582: "SetSystemPowerState", 26: "SetSystemTime", 502: "SetThreadContext", 514: "SetThreadPriority", 614: "SetTimeZoneBias", 28: "SetTimeZoneInformation", 1502: "SetUserData", 1795: "SetUserDefaultLCID", 1319: "SetUserDefaultUILanguage", 258: "SetWindowLongW", 247: "SetWindowPos", 1398: "SetWindowRgn", 256: "SetWindowTextW", 120: "SetupComm", 1810: "ShowStartupWindow", 266: "ShowWindow", 639: "SignalStarted", 534: "SizeofResource", 496: "Sleep", 1534: "SleepTillTick", 2532: "StartWatchDogTimer", 1505: "StopDeviceNotifications", 1586: "StopPowerNotifications", 2533: "StopWatchDogTimer", 1710: "StringCbCatA", 1712: "StringCbCatExA", 1696: "StringCbCatExW", 1753: "StringCbCatNA", 1755: "StringCbCatNExA", 1747: "StringCbCatNExW", 1745: "StringCbCatNW", 1694: "StringCbCatW", 1706: "StringCbCopyA", 1708: "StringCbCopyExA", 1692: "StringCbCopyExW", 1751: "StringCbCopyNA", 1869: "StringCbCopyNExW", 1743: "StringCbCopyNW", 1690: "StringCbCopyW", 1757: "StringCbLengthA", 1749: "StringCbLengthW", 1716: "StringCbPrintfA", 1718: "StringCbPrintfExA", 1702: "StringCbPrintfExW", 1700: "StringCbPrintfW", 1714: "StringCbVPrintfA", 1720: "StringCbVPrintfExA", 1704: "StringCbVPrintfExW", 1698: "StringCbVPrintfW", 1709: "StringCchCatA", 1711: "StringCchCatExA", 1695: "StringCchCatExW", 1752: "StringCchCatNA", 1754: "StringCchCatNExA", 1746: "StringCchCatNExW", 1744: "StringCchCatNW", 1693: "StringCchCatW", 1705: "StringCchCopyA", 1707: "StringCchCopyExA", 1691: "StringCchCopyExW", 1750: "StringCchCopyNA", 1868: "StringCchCopyNExW", 1742: "StringCchCopyNW", 1689: "StringCchCopyW", 1756: "StringCchLengthA", 1748: "StringCchLengthW", 1715: "StringCchPrintfA", 1717: "StringCchPrintfExA", 1701: "StringCchPrintfExW", 1699: "StringCchPrintfW", 1713: "StringCchVPrintfA", 1719: "StringCchVPrintfExA", 1703: "StringCchVPrintfExW", 1697: "StringCchVPrintfW", 591: "StringCompress", 592: "StringDecompress", 105: "SubtractRect", 499: "SuspendThread", 720: "SystemMemoryLow", 89: "SystemParametersInfoW", 19: "SystemTimeToFileTime", 511: "THCreateSnapshot", 544: "TerminateProcess", 491: "TerminateThread", 13: "ThreadBaseFunc", 1474: "ThreadExceptionExit", 520: "TlsCall", 15: "TlsGetValue", 16: "TlsSetValue", 870: "TranslateMessage", 121: "TransmitCommChar", 1233: "TryEnterCriticalSection", 620: "TurnOffProfiling", 619: "TurnOnProfiling", 567: "U_rclose", 566: "U_rlseek", 563: "U_ropen", 564: "U_rread", 565: "U_rwrite", 1974: "UnLockEventLog", 106: "UnionRect", 2554: "UnlockAPIHandle", 1969: "UnlockFileEx", 1162: "UnlockPages", 550: "UnmapViewOfFile", 884: "UnregisterClassW", 1447: "UpdateNLSInfo", 1796: "UpdateNLSInfoEx", 267: "UpdateWindow", 278: "ValidateRect", 1616: "ValidateRgn", 1459: "VerQueryValueW", 637: "VerifyAPIHandle", 1827: "VerifyUser", 2516: "VerifyUserAsync", 524: "VirtualAlloc", 2566: "VirtualAllocCopyEx", 2563: "VirtualAllocEx", 560: "VirtualCopy", 2565: "VirtualCopyEx", 525: "VirtualFree", 2564: "VirtualFreeEx", 526: "VirtualProtect", 2541: "VirtualProtectEx", 527: "VirtualQuery", 2540: "VirtualQueryEx", 1724: "VirtualSetAttributes", 444: "WNetAddConnection3W", 445: "WNetCancelConnection2W", 453: "WNetCloseEnum", 446: "WNetConnectionDialog1W", 447: "WNetDisconnectDialog", 448: "WNetDisconnectDialog1W", 454: "WNetEnumResourceW", 449: "WNetGetConnectionW", 450: "WNetGetUniversalNameW", 451: "WNetGetUserW", 452: "WNetOpenEnumW", 122: "WaitCommEvent", 2562: "WaitForAPIReady", 503: "WaitForDebugEvent", 498: "WaitForMultipleObjects", 497: "WaitForSingleObject", 197: "WideCharToMultiByte", 252: "WindowFromPoint", 1155: "WriteDebugLED", 171: "WriteFile", 1832: "WriteFileGather", 718: "WriteFileWithSeek", 1531: "WriteMsgQueue", 507: "WriteProcessMemory", 1154: "WriteRegistryToOEM", 2020: "_CIacos", 2019: "_CIasin", 2021: "_CIatan", 2022: "_CIatan2", 2017: "_CIcos", 2024: "_CIcosh", 2015: "_CIexp", 2026: "_CIfmod", 2013: "_CIlog", 2014: "_CIlog10", 2012: "_CIpow", 2016: "_CIsin", 2023: "_CIsinh", 2011: "_CIsqrt", 2018: "_CItan", 2025: "_CItanh", 1551: "_CxxThrowException", 1620: "_EH_prolog", 2040: "_EH_prolog2", 1181: "_HUGE", 1151: "_InitStdioLib", 2038: "_SEH_epilog", 2037: "_SEH_prolog", 1645: "_XcptFilter", 1550: "__CxxFrameHandler", 2512: "__CxxFrameHandler3", 2528: "__GetUserKData", 1559: "__RTCastToVoid", 1561: "__RTDynamicCast", 1560: "__RTtypeid", 86: "__abnormal_termination", 1876: "__report_gsfailure", 1875: "__security_gen_cookie", 2696: "__security_gen_cookie2", 1089: "__strgtold12", 1621: "_abs64", 2001: "_alldiv", 2035: "_alldvrm", 2002: "_allmul", 2010: "_alloca_probe", 2042: "_alloca_probe_16", 2041: "_alloca_probe_8", 2003: "_allrem", 2005: "_allshl", 2004: "_allshr", 996: "_atodbl", 997: "_atoflt", 1418: "_atoi64", 2006: "_aulldiv", 2036: "_aulldvrm", 2008: "_aullrem", 2007: "_aullshr", 1622: "_byteswap_uint64", 1623: "_byteswap_ulong", 1624: "_byteswap_ushort", 998: "_cabs", 1000: "_chgsign", 2009: "_chkstk", 1001: "_clearfp", 1002: "_controlfp", 2644: "_controlfp_s", 1003: "_copysign", 1008: "_ecvt", 2645: "_ecvt_s", 84: "_except_handler3", 87: "_except_handler4_common", 1119: "_fcloseall", 1011: "_fcvt", 2646: "_fcvt_s", 1124: "_fileno", 1012: "_finite", 2027: "_fload", 1093: "_fltused", 1123: "_flushall", 1015: "_fpclass", 1016: "_fpieee_flt", 1017: "_fpreset", 1020: "_frnd", 1021: "_fsqrt", 2028: "_ftol", 2039: "_ftol2", 2043: "_ftol2_sse", 2044: "_ftol2_sse_excpt", 1022: "_gcvt", 2648: "_gcvt_s", 2698: "_get_invalid_parameter_handler", 1100: "_getstdfilex", 1138: "_getws", 2689: "_getws_s", 1023: "_hypot", 2029: "_inp", 2031: "_inpd", 2030: "_inpw", 2708: "_invalid_parameter", 1417: "_isctype", 1024: "_isnan", 1025: "_itoa", 2649: "_itoa_s", 1026: "_itow", 2647: "_itow_s", 1027: "_j0", 1028: "_j1", 1029: "_jn", 1087: "_ld12tod", 1088: "_ld12tof", 85: "_local_unwind2", 2045: "_local_unwind4", 1035: "_logb", 1037: "_lrotl", 1038: "_lrotr", 1039: "_ltoa", 2650: "_ltoa_s", 1040: "_ltow", 2651: "_ltow_s", 1042: "_memccpy", 1045: "_memicmp", 1049: "_msize", 1050: "_nextafter", 2032: "_outp", 2034: "_outpd", 2033: "_outpw", 1092: "_purecall", 1139: "_putws", 2656: "_recalloc", 1055: "_rotl", 1638: "_rotl64", 1056: "_rotr", 1639: "_rotr64", 1057: "_scalb", 2697: "_set_invalid_parameter_handler", 2000: "_setjmp3", 1187: "_setmode", 729: "_snprintf", 2672: "_snprintf_s", 1096: "_snwprintf", 2667: "_snwprintf_s", 1062: "_statusfp", 1409: "_strdup", 1410: "_stricmp", 1415: "_strlwr", 2640: "_strlwr_s", 1411: "_strnicmp", 1412: "_strnset", 2638: "_strnset_s", 1413: "_strrev", 1414: "_strset", 2639: "_strset_s", 1416: "_strupr", 2641: "_strupr_s", 1074: "_swab", 1079: "_ultoa", 2663: "_ultoa_s", 1080: "_ultow", 2664: "_ultow_s", 1147: "_vsnprintf", 2673: "_vsnprintf_s", 1132: "_vsnwprintf", 2668: "_vsnwprintf_s", 74: "_wcsdup", 230: "_wcsicmp", 231: "_wcslwr", 2642: "_wcslwr_s", 229: "_wcsnicmp", 67: "_wcsnset", 2633: "_wcsnset_s", 70: "_wcsrev", 71: "_wcsset", 2634: "_wcsset_s", 232: "_wcsupr", 2643: "_wcsupr_s", 1117: "_wfdopen", 1145: "_wfopen", 2690: "_wfopen_s", 1201: "_wfreopen", 2682: "_wfreopen_s", 78: "_wtol", 79: "_wtoll", 1084: "_y0", 1085: "_y1", 1086: "_yn", 988: "abs", 989: "acos", 990: "asin", 991: "atan", 992: "atan2", 995: "atof", 993: "atoi", 994: "atol", 1346: "calloc", 999: "ceil", 1640: "ceilf", 1127: "clearerr", 2684: "clearerr_s", 1004: "cos", 1005: "cosh", 1006: "difftime", 1007: "div", 1009: "exp", 1010: "fabs", 1641: "fabsf", 1118: "fclose", 1125: "feof", 1126: "ferror", 1122: "fflush", 1108: "fgetc", 1128: "fgetpos", 1109: "fgets", 1140: "fgetwc", 1143: "fgetws", 1013: "floor", 1642: "floorf", 1014: "fmod", 1643: "fmodf", 1113: "fopen", 2678: "fopen_s", 1115: "fprintf", 2680: "fprintf_s", 1110: "fputc", 1111: "fputs", 1141: "fputwc", 1144: "fputws", 1120: "fread", 2683: "fread_s", 1018: "free", 1019: "frexp", 1114: "fscanf", 2679: "fscanf_s", 1130: "fseek", 1129: "fsetpos", 1131: "ftell", 867: "fwprintf", 2692: "fwprintf_s", 1121: "fwrite", 735: "fwscanf", 2691: "fwscanf_s", 2543: "g_hProcessHeap", 1104: "getchar", 1106: "gets", 2677: "gets_s", 1136: "getwchar", 193: "iswctype", 1030: "labs", 1031: "ldexp", 1032: "ldiv", 1033: "log", 1034: "log10", 1036: "longjmp", 227: "lstrcmpW", 228: "lstrcmpiW", 1041: "malloc", 76: "mbstowcs", 2636: "mbstowcs_s", 31: "memchr", 1043: "memcmp", 1044: "memcpy", 2652: "memcpy_s", 1046: "memmove", 2653: "memmove_s", 1047: "memset", 1048: "modf", 1051: "pow", 1102: "printf", 2675: "printf_s", 1105: "putchar", 1107: "puts", 1137: "putwchar", 1052: "qsort", 2654: "qsort_s", 1053: "rand", 2655: "rand_s", 1054: "realloc", 1101: "scanf", 2674: "scanf_s", 1608: "setvbuf", 1058: "sin", 1059: "sinh", 719: "sprintf", 2670: "sprintf_s", 1060: "sqrt", 1644: "sqrtf", 1061: "srand", 653: "sscanf", 2669: "sscanf_s", 1063: "strcat", 2657: "strcat_s", 1064: "strchr", 1065: "strcmp", 1066: "strcpy", 2658: "strcpy_s", 1067: "strcspn", 1068: "strlen", 1069: "strncat", 2660: "strncat_s", 1070: "strncmp", 1071: "strncpy", 2661: "strncpy_s", 2659: "strnlen", 1406: "strpbrk", 1407: "strrchr", 1408: "strspn", 1072: "strstr", 1403: "strtod", 1073: "strtok", 2662: "strtok_s", 1404: "strtol", 1405: "strtoul", 1097: "swprintf", 2665: "swprintf_s", 1098: "swscanf", 2685: "swscanf_s", 1075: "tan", 1076: "tanh", 1090: "tolower", 1091: "toupper", 194: "towlower", 195: "towupper", 1112: "ungetc", 1142: "ungetwc", 1116: "vfprintf", 2681: "vfprintf_s", 721: "vfwprintf", 2693: "vfwprintf_s", 1103: "vprintf", 2676: "vprintf_s", 1146: "vsprintf", 2671: "vsprintf_s", 1099: "vswprintf", 2666: "vswprintf_s", 1135: "vwprintf", 2688: "vwprintf_s", 58: "wcscat", 2628: "wcscat_s", 59: "wcschr", 60: "wcscmp", 61: "wcscpy", 2629: "wcscpy_s", 62: "wcscspn", 63: "wcslen", 64: "wcsncat", 2631: "wcsncat_s", 65: "wcsncmp", 66: "wcsncpy", 2632: "wcsncpy_s", 2630: "wcsnlen", 68: "wcspbrk", 69: "wcsrchr", 72: "wcsspn", 73: "wcsstr", 1081: "wcstod", 77: "wcstok", 2637: "wcstok_s", 1082: "wcstol", 75: "wcstombs", 2635: "wcstombs_s", 1083: "wcstoul", 1134: "wprintf", 2687: "wprintf_s", 1133: "wscanf", 2686: "wscanf_s", 56: "wsprintfW", 57: "wvsprintfW", 2548: "[NONAME]", 2867: "[NONAME]"}

coredll_funcs = list()

def foo(ea, name, ord):
	if not name:
		print("%08x: ord#%d" % (ea, ord))
	else:
		if 'coredll' in name.lower():
			coredll_funcs.append((ea, name, ord))
		#print "%08x: %s (ord#%d)" % (ea, name, ord)

	return True


def get_all_coredll_funcs():
	nm = idaapi.get_import_module_qty()
	for i in range(nm):
		idaapi.enum_import_names(i, foo)


get_all_coredll_funcs()
for addr, name, ordinal in coredll_funcs:
	idaapi.set_name(addr, 'i_%s' % coredll_exports[ordinal])