IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

FileTimeToDosDateTime

CreateFileA

FreeLibrary

LoadLibraryW

GetFileAttributesA

GetLastError

GetProcAddress

CloseHandle

FileTimeToLocalFileTime

GetFileInformationByHandle

GetTempPathA

CreateEventW

GetSystemTimeAsFileTime

GetTickCount

QueryPerformanceCounter

GetStartupInfoW

HeapSetInformation

InterlockedCompareExchange

Sleep

InterlockedExchange

DecodePointer

EncodePointer

WaitForMultipleObjectsEx

GetModuleHandleW

GetCurrentProcess

CancelIo

DeviceIoControl

GetOverlappedResult

CreateFileW

WaitForMultipleObjects

CreateProcessW

GetCurrentProcessId

GetCurrentThreadId

SetUnhandledExceptionFilter

ZwFlushVirtualMemory

ZwMapViewOfSection

ZwFsControlFile

ZwAllocateVirtualMemory

ZwFreeVirtualMemory

ZwSetEvent

ZwWriteFile

ZwWaitForSingleObject

ZwReadFile

RtlOpenCurrentUser

NtClose

ZwQueryInformationFile

ZwOpenFile

ZwCreateFile

RtlFreeUnicodeString

ZwSetInformationFile

RtlAllocateHeap

RtlReAllocateHeap

RtlFreeHeap

RtlNtStatusToDosError

ZwQueryVirtualMemory

RtlAddVectoredExceptionHandler

RtlRemoveVectoredExceptionHandler

ZwWaitForMultipleObjects

ZwDuplicateObject

ZwClose

RtlInitUnicodeString

ZwCreateEvent

RtlCreateUserProcess

ZwResumeThread

_stricmp

ZwUnmapViewOfSection

ZwCreateSection

RtlCreateUnicodeString

ZwCancelIoFile

ZwTerminateProcess

RtlAcquirePebLock

RtlReleasePebLock

memmove

memcpy

memset

_allmul

_chkstk

_aulldiv

ZwQuerySystemInformation

?GetSpecialFolder@AvgEnvironment@@YGHW4SpecialFolder@1@AAV?$IAvgString@_W$0A@@@@Z

?Sleep@AvgBasThread@@SGHH@Z

??0AvgTimeStruct@@QAE@XZ

?Delete@AvgBasFs@@YGHPB_WV?$AvgFlags@W4FileDeleteFlagItems@AvgBasFs@@@@@Z

?GetFullName@Item@AvgBasFs@@QBGHABU?$AvgMutableStringRefBase@_W$0A@@@@Z

??1Item@AvgBasFs@@QAE@XZ

?AvgFormatStringV@@YGHW4AvgCodePage@@PA_WIPB_WPAIPAD@Z

?AvgGetSystemTime@@YGHAA_K@Z

?AvgPrintV@@YGHPB_WPAD@Z

?AvgConvertStructToAvgTime@@YGHAA_KABUAvgTimeStruct@@@Z

?AvgConvertString2Number@@YGHAAGPB_WIHPAPB_W@Z

?AvgConvertString2Number@@YGHAAKPB_WIHPAPB_W@Z

?AvgGetUtf162MbStringSize@@YGHAAIPB_WW4AvgCodePage@@I@Z

?Initialize@AvgWinMandatoryLabel@@QAGHW4Label@1@V?$AvgFlags@W4FlagsValues@AvgWinMandatoryLabel@@@@@Z

?AvgMemXor@@YGXPAEPBEI@Z

?Assign@AvgUtf16CharHeapBuffer@@QAGHPB_WI@Z

??1AvgUtf16CharHeapBuffer@@QAE@XZ

??0AvgUtf16CharHeapBuffer@@QAE@XZ

?AppendDescriptorToObject@AvgWinSecurity@@YGHAAVAvgWinSecurityDescriptor@@ABVAvgWinObject@@_N@Z

?CreateDir@AvgBasFs@@YGHPB_W_NPAVAvgSecurityCtx@@@Z

?FileExists@AvgBasFs@@YGHPB_W@Z

?GetName@Item@AvgBasFs@@QBGPB_WXZ

?IsSupported@AvgBasWinWow64FsRedirection@@QAG_NXZ

??1AvgBasWinWow64FsRedirection@@QAE@XZ

??0AvgBasWinWow64FsRedirection@@QAE@XZ

?AvgGenerateRandomBuffer@@YGXPAEI@Z

?Initialize@AvgWinSecurityDescriptor@@QAGHXZ

?AddDaclAce@AvgWinSecurityDescriptor@@QAGHW4WellKnownSidType@AvgWinSecurityIdentifier@@HW4Type@AvgWinAce@@V?$AvgFlags@W4FlagsValues@AvgWinAce@@@@@Z

?EnablePrivilege@AvgBasWinRegistryHandle@@SGHW4AvgBasWinRegistryPrivilege@@_N@Z

?UnLoadKey@AvgBasWinRegistryHandle@@QAGHABU?$AvgStringRefBase@_W$0A@@@@Z

?LoadKey@AvgBasWinRegistryHandle@@QAGHABU?$AvgStringRefBase@_W$0A@@@0@Z

?GetWinUsernameSid@AvgEnvironment@@YGHAAV?$IAvgString@_W$0A@@@@Z

?GetSpecialFolderForUser@AvgEnvironment@@YGHW4SpecialFolder@1@AAV?$IAvgString@_W$0A@@@ABU?$AvgStringRefBase@_W$0A@@@@Z

?AvgConvertUtf162MbString@@YGHPADIPB_WW4AvgCodePage@@PAII@Z

?AvgKernel32ForceInitialize@@YGXXZ

?UnloadSharedLibraries@AvgBasObjectFactoryImpl@detail@@QAGX_N@Z

?GetAvgObject@AvgBasObjectFactoryImpl@detail@@QAGHABU_AvgGuid@@PAPAX@Z

?SetProgramPath@AvgBasObjectFactoryImpl@detail@@QAGHPB_W@Z

?Initialize@AvgBasObjectFactoryImpl@detail@@QAGHPBUAvgBasObjectFactoryMapping@@I@Z

??1AvgBasObjectFactoryImpl@detail@@QAE@XZ

??0AvgBasObjectFactoryImpl@detail@@QAE@XZ

?Wait@AvgBasEvent@@QAGHH@Z

?Create@AvgBasEvent@@QAGHW4ResetType@1@_N@Z

?AvgCreateErrorCodeFromWin32@@YGHW4_AvgErrorCodeSeverity@@K@Z

?GetHandle@AvgBasWaitable@@IBGPAXXZ

?AvgCopyString@@YGHPA_WIPB_WI@Z

?GetNormalizedPath@AvgBasPath@@YGHAAU_AVG_UTF16CHAR_STR@@PB_WIPAI@Z

?GetRandomTempFileNameSize@AvgBasPath@@YGIXZ

?GetRandomTempFileName@AvgBasPath@@YGHAAU_AVG_UTF16CHAR_STR@@PAI@Z

?GetFullPath@AvgBasPath@@YGHAAU_AVG_UTF16CHAR_STR@@PB_WIPAI@Z

?GetFilenameWithoutExtension@AvgBasPath@@YGHAAU_AVG_UTF16CHAR_STR@@PB_WIPAI@Z

?GetTempDirPath@AvgBasPath@@YGHAAU_AVG_UTF16CHAR_STR@@PAI@Z

?GetDirectoryPathFromFilenamePath@AvgBasPath@@YGHAAU_AVG_UTF16CHAR_STR@@PB_WIPAI@Z

?IsPathRooted@AvgBasPath@@YG_NPB_WI@Z

??1AvgSpinLockLocker@@QAE@XZ

??0AvgSpinLockLocker@@QAE@PAUAvgSpinLock@@_N@Z

?AvgDestroySysMini@@YGXXZ

?AvgInitializeSysMini@@YGHXZ

?InitializeEnvironment@AvgEnvironment@@YGHXZ

?DestroyEnvironment@AvgEnvironment@@YGXXZ

?GetValue@AvgUtf16CharHeapBuffer@@QBGPB_WXZ

?GetSize@AvgUtf16CharHeapBuffer@@QBGIXZ

?AvgBasGetStackFrameModulePath@@YGHAAV?$IAvgString@_W$0A@@@ABUAvgBasStackFrameX86@@@Z

?AvgCompareStringNoCase@@YGHW4AvgCodePage@@PB_W1II@Z

?AvgConvertString2Number@@YGHAAHPB_WIHPAPB_W@Z

?New@Impl@DirectoryEnumerator@AvgBasFs@@SGHAAPAU123@PB_W1V?$AvgFlags@W4DirectoryEnumerationFlagItems@AvgBasFs@@@@PAVAvgWinTransaction@@@Z

?Initialize@Item@AvgBasFs@@QAGHPBEIABU?$AvgStringRefBase@_W$0A@@@@Z

??0Item@AvgBasFs@@QAE@XZ

?AvgBufferXor@@YGXPAEPBEI1I_J@Z

?AvgNtdll_RtlDosPathNameToNtPathName_T_EliminateDosDevice@@YGHPB_WPAU_UNICODE_STRING@@@Z

?GetDirectoryItem@AvgBasFs@@YGHAAVItem@1@PB_W@Z

??1AvgBasSharedLibraryLoader@@UAE@XZ

?AvgUpperString@@YGHW4AvgCodePage@@PA_WIPB_WPAII@Z

?OpenRegistryRoot@AvgBasWinRegistryHandle@@QAGHW4AvgBasWinRegistryRootType@@@Z

??0AvgBasWinRegistryHandle@@QAE@PAV0@@Z

?WinExpandString@AvgEnvironment@@YGHAAV?$IAvgString@_W$0A@@@PB_WPAX@Z

?GetMaxPathLength@AvgEnvironment@@YGHAAIPB_W@Z

?Set@AvgBasEvent@@QAGHXZ

?AvgCreateErrorCodeFromWin32@@YGHK@Z

?GetForward@AvgBasWaitable@@IBGPAV1@XZ

?GetResourceType@AvgBasWaitable@@IBG?AW4AvgBasWaitableResourceType@@XZ

?Destroy@AvgBasWaitable@@UAGHXZ

?GetThreadExitCode@AvgBasThread@@QAGHAAH@Z

?StopThread@AvgBasThread@@QAGHH@Z

?StartThread@AvgBasThread@@QAGHW4AvgPriority@@PAVAvgSecurityCtx@@V?$AvgFlags@W4ThreadFlag@AvgBasThread@@@@PBD@Z

?Initialize@AvgBasThread@@QAGHPAVAvgBasEvent@@@Z

?Cleanup@AvgBasThread@@MAGXXZ

?KeyExists@AvgBasWinRegistryHandle@@QAG_NABU?$AvgStringRefBase@_W$0A@@@@Z

?Reset@AvgBasEvent@@QAGHXZ

?Release@AvgBasCriticalSection@@QAGHXZ

?Acquire@AvgBasCriticalSection@@QAGHXZ

?Create@AvgBasCriticalSection@@QAGHXZ

??1AvgBasCriticalSection@@QAE@XZ

??0AvgBasCriticalSection@@QAE@XZ

?Release@AvgBasMutex@@QAGHXZ

?Acquire@AvgBasMutex@@QAGHH@Z

?Create@AvgBasMutex@@QAGH_N@Z

?Move@AvgBasFs@@YGHPB_W0W4FileOverwriteParamters@1@@Z

?GetPathRootLength@AvgBasPath@@YGIPB_WI@Z

?AvgWinZwOpenFile@@YGHPB_WPAPAXKPAU_IO_STATUS_BLOCK@@KK@Z

?ReserveElements@AvgUtf16CharHeapBuffer@@QAGHI@Z

?AvgGetTimestamp@@YGKXZ

?ParseWinSecDes@AvgWinSecurityDescriptor@@KGHAAV1@PBXV?$AvgFlags@W4InformationValues@AvgWinSecurityDescriptor@@@@@Z

?ReleaseClonedObject@AvgWinSecurityDescriptor@@UAEXXZ

?ClearSecurityAttributes@AvgWinSecurityDescriptor@@QAGXXZ

?CloneImpl@AvgWinSecurityDescriptor@@MBEHAAPAVAvgSecurityCtx@@@Z

?GetInformationType@AvgWinSecurityDescriptor@@QBG?AV?$AvgFlags@W4InformationValues@AvgWinSecurityDescriptor@@@@XZ

?AvgKernel32IsFnLoaded_UnhandledExceptionFilter@@YG_NXZ

?AvgKernel32_SetUnhandledExceptionFilter@@YGP6GJPAU_EXCEPTION_POINTERS@@@ZP6GJ0@Z@Z

?AvgWinIsProcessBeingDebugged@@YG_NXZ

?AvgKernel32_UnhandledExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z

?Append@AvgUtf16CharHeapBuffer@@QAGHPB_WI@Z

?Append@AvgUtf16CharHeapBuffer@@QAGH_W@Z

??AAvgUtf16CharHeapBuffer@@QAGAA_WI@Z

?FreeResource@AvgBasWaitable@@IAGHXZ

?CreateLuid@AvgGuidUtils@@YGHAAU_AvgGuid@@@Z

?Assign@AvgGuidUtils@@YGXAAU_AvgGuid@@ABU2@@Z

?GetCurrentModuleHandle@AvgProcess@@YGPAXXZ

?Load@AvgBasSharedLibraryLoader@@QAGHPB_W@Z

?Unload@AvgBasSharedLibraryLoader@@UAGXXZ

?AttachTo@AvgBasSharedLibraryLoader@@QAGHPBDPCRAX@Z

?Parse@AvgGuidUtils@@YGHAAU_AvgGuid@@PB_W@Z

??0AvgBasWinRegistryHandle@@QAE@W4AvgBasWinRegistryRootType@@@Z

??1AvgBasWinRegistryHandle@@QAE@XZ

?OpenKeyIfExists@AvgBasWinRegistryHandle@@QAGHABU?$AvgStringRefBase@_W$0A@@@@Z

?IsWow64ViewModeSupported@AvgBasWinRegistryHandle@@SG_NXZ

?SetViewMode@AvgBasWinRegistryHandle@@QAGHV?$AvgFlags@W4AvgBasWinRegistryViewModeValues@@@@@Z

?GetStringValue@AvgBasWinRegistryHandle@@QAGHAAV?$IAvgString@_W$0A@@@ABU?$AvgStringRefBase@_W$0A@@@@Z

?CloseKey@AvgBasWinRegistryHandle@@QAGXXZ

?AvgCompareString@@YGHPB_W0II@Z

?AvgConvertMb2Utf16String@@YGHPA_WIPBDW4AvgCodePage@@PAII@Z

?AvgGetMb2Utf16StringSize@@YGHAAIPBDW4AvgCodePage@@I@Z

?DirectoryExists@AvgBasFs@@YGHPB_W@Z

?AvgGetStringSizeInElements@@YGIPB_W@Z

?AvgGetStringSizeInElements@@YGIPBD@Z

?GetModuleDirectory@AvgModule@@YGHPAXAAU_AVG_UTF16CHAR_STR@@PAI@Z

?GetChildrenEnumeratorImpl@AvgBasWinRegistryHandle@@AAGHAAPAV?$IAvgEnumerator@U?$AvgStringzRefBase@_W$0A@@@@@@Z

??0AvgBasSharedLibraryLoader@@QAE@PB_W@Z

_controlfp_s

?_type_info_dtor_internal_method@type_info@@QAEXXZ

_except_handler4_common

?terminate@@YAXXZ

__set_app_type

_fmode

_commode

__setusermatherr

_configthreadlocale

_initterm_e

_initterm

_acmdln

exit

_ismbblead

_XcptFilter

_exit

_cexit

__getmainargs

_amsg_exit

__CxxFrameHandler3

_onexit

_lock

__dllonexit

_unlock

strncpy

swprintf_s

_set_invalid_parameter_handler

_invoke_watson

??2@YAPAXI@Z

_close

_write

_lseek

_sopen_s

strcpy_s

_read

remove

_errno

sprintf_s

??3@YAXPAX@Z

_purecall

??_V@YAXPAX@Z

_CxxThrowException

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE