1b148b3ea0dcbe4b02c0d5a5febb64fb

Sharing

Copy URL Twitter E-mail

General

Target

1b148b3ea0dcbe4b02c0d5a5febb64fb
Size

1.4MB
MD5

1b148b3ea0dcbe4b02c0d5a5febb64fb
SHA1

56208412bb757d8cda9e331a46c1b9c6d2d6e72e
SHA256

828829d7ca6676c662f685412131559550130a2e0c93132872c2dbe356145fa7
SHA512

25c22cdaf09dfb0f807dbbec98ab5796597ae1de283f6b36f312eb6473881029a90006dd05758aa56b122573b09c705d1dcd91a90e500c55e958f12b621b3bb6
SSDEEP

24576:BEIOGZ+mrP3BLwvVotrFvcNU63MUa39sdbF08hmIiNxWiohm9zMXKFlB3ylvswuR:BGGjPRLMotB013MUaNlMiNjSKFPiSadi

Score

3^/10

Malware Config

Signatures

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Windows 优化专家/ActionUP.exe
unpack001/Windows 优化专家/AppSpeed.exe
unpack001/Windows 优化专家/AutoDetect.exe
unpack001/Windows 优化专家/DiskDrag.exe
unpack001/Windows 优化专家/MyUpdate.exe
unpack001/Windows 优化专家/OptSysVISTA.exe
unpack001/Windows 优化专家/PC Turbo Memory.exe
unpack001/Windows 优化专家/SkinPlusPlus.dll
unpack001/Windows 优化专家/SysStatus.exe
unpack001/Windows 优化专家/UnZip.exe
unpack001/Windows 优化专家/WmOptimize.exe
unpack001/Windows 优化专家/advOptimize.exe

Files

1b148b3ea0dcbe4b02c0d5a5febb64fb
.rar
Windows 优化专家/Action.inf
Windows 优化专家/ActionUP.exe
.exe windows:4 windows x86 arch:x86

36d19efdcb373fc81ccbd035dfec0258

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord641
ord686
ord693
ord2514
ord2621
ord1134
ord800
ord3790
ord1105
ord823
ord2764
ord4202
ord6907
ord3998
ord858
ord537
ord535
ord2818
ord540
ord5265
ord4376
ord4853
ord4998
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord2582
ord6055
ord4078
ord1776
ord4402
ord5241
ord2385
ord5163
ord3262
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord3370
ord4627
ord3640
ord1146
ord1168
ord567
ord384
ord324
ord2302
ord4234
ord3996
ord2862
ord2096
ord4710
ord2379
ord755
ord470
ord6215
ord3663
ord2448
ord5710
ord4129
ord6929
ord6927
ord860
ord665
ord354
ord2044
ord5834
ord5450
ord6394
ord5440
ord6383
ord541
ord801
ord5861
ord6143
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord6374
ord4673
ord1576

msvcrt

__p___argc
_mbsicmp
rename
_mbscmp
_setmbcp
__dllonexit
_onexit
_controlfp
_exit
_XcptFilter
exit
_acmdln
sprintf
__CxxFrameHandler
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
strrchr

kernel32

CloseHandle
MoveFileExA
DeleteFileA
WinExec
TerminateProcess
OpenProcess
GetProcAddress
LoadLibraryA
Module32First
CreateToolhelp32Snapshot
GetVersionExA
Process32Next
GetPriorityClass
Process32First
FreeLibrary
GetModuleHandleA
GetStartupInfoA
Module32Next
GetModuleFileNameA

user32

EnableWindow
KillTimer
IsIconic
GetClientRect
DrawIcon
SendMessageA
SetWindowPos
SetTimer
LoadIconA
GetSystemMetrics

comctl32

ImageList_ReplaceIcon

skinplusplus

ord1

msvcirt

??0ifstream@@QAE@XZ
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
?close@ifstream@@QAEXXZ
??_Difstream@@QAEXXZ
_mtunlock
?get@istream@@IAEAAV1@PADHH@Z
_mtlock

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows 优化专家/AppSpeed.exe
.exe windows:4 windows x86 arch:x86

6c6b73df1f2e077e950330601057df0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord641
ord686
ord790
ord693
ord2514
ord2621
ord1134
ord3402
ord3716
ord2582
ord6055
ord1776
ord4402
ord5290
ord3370
ord3640
ord5265
ord4998
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord2764
ord860
ord1146
ord1168
ord567
ord384
ord324
ord2982
ord2302
ord4234
ord5953
ord6111
ord2862
ord2096
ord3996
ord6215
ord6880
ord3092
ord3825
ord2379
ord755
ord470
ord6907
ord3998
ord3337
ord3811
ord4224
ord6334
ord3742
ord818
ord4275
ord6197
ord1641
ord3571
ord3619
ord3663
ord3626
ord2414
ord5875
ord283
ord640
ord5785
ord1640
ord323
ord6453
ord2405
ord613
ord289
ord5788
ord472
ord5787
ord3706
ord4133
ord4297
ord1871
ord4220
ord2584
ord3654
ord6270
ord1175
ord2863
ord2438
ord1644
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord537
ord858
ord540
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord4710
ord3147
ord2818
ord535
ord800
ord2301
ord4673
ord1576

msvcrt

_setmbcp
strrchr
__CxxFrameHandler
sprintf
_ftol
__p___argc
strstr
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

kernel32

GetVersion
lstrlenA
OpenProcess
SetPriorityClass
CloseHandle
GetVersionExA
GetModuleHandleA
GetProcAddress
GetModuleFileNameA
GetStartupInfoA

user32

LoadMenuA
GetSubMenu
SetMenuDefaultItem
GetCursorPos
SetForegroundWindow
GetMenuItemID
IsWindow
FillRect
SendMessageA
InvalidateRect
EnableWindow
PostQuitMessage
KillTimer
GetForegroundWindow
GetWindowTextA
GetWindowThreadProcessId
SetTimer
LoadIconA
SetWindowPos
IsIconic
GetSystemMetrics
UpdateWindow
GetWindowRect
GetClientRect
DrawIcon

gdi32

GetTextExtentPoint32A
CreateEllipticRgn
CreateRectRgn
CombineRgn
FillRgn
Arc
Ellipse
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
StretchBlt
Polygon
CreateFontA

advapi32

RegSetValueExA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA

shell32

Shell_NotifyIconA
ShellExecuteA

comctl32

ImageList_ReplaceIcon

skinplusplus

ord1

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 464KB - Virtual size: 462KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows 优化专家/AutoDetect.exe
.exe windows:4 windows x86 arch:x86

72d44b5babdf1c50056e2519e6d94d96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord858
ord6877
ord3790
ord5265
ord4998
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord1146
ord1168
ord860
ord324
ord2289
ord2370
ord2301
ord4234
ord4710
ord2379
ord755
ord470
ord1105
ord2864
ord1175
ord6334
ord4853
ord4224
ord6374
ord3663
ord541
ord801
ord5861
ord6143
ord823
ord5440
ord6383
ord5450
ord6394
ord4275
ord3571
ord3626
ord640
ord2414
ord5873
ord2860
ord2754
ord5785
ord1641
ord1640
ord323
ord1871
ord4220
ord2584
ord3654
ord2863
ord2438
ord1644
ord2764
ord537
ord2818
ord535
ord540
ord1134
ord2621
ord2514
ord800
ord641
ord815
ord825
ord561
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord6215
ord4673
ord1576

msvcrt

__set_app_type
__p__fmode
_setmbcp
sprintf
strrchr
__CxxFrameHandler
strstr
__p___argc
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
_controlfp

kernel32

CloseHandle
GetModuleFileNameA
Sleep
ReleaseMutex
GetStartupInfoA
GetLastError
CreateMutexA
GetModuleHandleA
GetProcAddress
LoadLibraryA
OpenProcess
Module32Next
Module32First
CreateToolhelp32Snapshot
GetVersionExA
Process32Next
GetPriorityClass
Process32First
FreeLibrary
GetVersion
lstrlenA

user32

SetMenuDefaultItem
GetSubMenu
LoadMenuA
EnableWindow
RegisterHotKey
FindWindowA
ShowWindow
UnregisterHotKey
KillTimer
GetWindow
FindWindowExA
EnableMenuItem
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SetTimer
LoadIconA
SendMessageA
IsWindow
SetForegroundWindow
PostMessageA
CheckMenuItem
GetCursorPos
TrackPopupMenu
GetClassNameA
GetMenuItemID
ModifyMenuA

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
BitBlt
MaskBlt

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA

shell32

Shell_NotifyIconA
ShellExecuteA

skinplusplus

ord1

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows 优化专家/DiskDrag.exe
.exe windows:4 windows x86 arch:x86

86fc11bfe170e5cd29bac9e675ce3150

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
GetTickCount
HeapAlloc
HeapFree
GetTimeZoneInformation
ExitProcess
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
RtlUnwind
HeapSize
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
GetOEMCP
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
CreateFileA
GetFullPathNameA
FindFirstFileA
DuplicateHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GlobalFree
GlobalAlloc
LocalFree
InterlockedDecrement
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetCurrentThreadId
GlobalLock
GlobalUnlock
MulDiv
CompareStringA
InterlockedExchange
CompareStringW
GetLogicalDriveStringsW
FindVolumeMountPointClose
FindNextVolumeMountPointW
FindFirstVolumeMountPointW
GetVolumeInformationW
GetDriveTypeW
GetDiskFreeSpaceExW
GetVolumeNameForVolumeMountPointW
GetVolumePathNameW
GetCurrentProcess
GetSystemTimeAsFileTime
GetFileAttributesExW
FindNextFileW
FindClose
FindFirstFileW
SystemTimeToFileTime
GetSystemTime
FlushFileBuffers
DeviceIoControl
GetFileInformationByHandle
CreateFileW
Sleep
FormatMessageA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetDriveTypeA
CreateThread
DeleteFileA
GetLongPathNameW
GetShortPathNameW
GetModuleFileNameW
SetThreadExecutionState
GetModuleFileNameA
CloseHandle
Process32Next
Process32First
GetCurrentProcessId
CreateToolhelp32Snapshot
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetLastError
SetLastError
FreeResource
SizeofResource
WideCharToMultiByte
LockResource
LoadResource
FindResourceA
GetACP
GetCPInfo
MultiByteToWideChar
lstrlenA
GetVersionExA
SetUnhandledExceptionFilter
GetVersion

user32

RegisterClipboardFormatA
PostThreadMessageA
LoadCursorA
GetWindowThreadProcessId
CreateDialogIndirectParamA
EndDialog
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
IsWindowEnabled
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
MessageBeep
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
CopyAcceleratorTableA
SetForegroundWindow
UpdateWindow
GetMenu
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
GetWindowPlacement
GetWindow
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
IntersectRect
DestroyMenu
IsWindow
EndPaint
BeginPaint
GetWindowDC
GetNextDlgGroupItem
InvalidateRgn
IsRectEmpty
CharUpperA
KillTimer
DrawIcon
IsIconic
SetTimer
LoadIconA
EnableWindow
OffsetRect
GetClientRect
PostMessageA
SendMessageA
CharNextA
SetCapture
UnregisterClassA
GetWindowRect
GetActiveWindow
ClientToScreen
ReleaseCapture
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
GetWindowLongA
GrayStringA
DrawTextExA
TabbedTextOutA
GetSubMenu
LoadBitmapA
GetSysColorBrush
FillRect
GetMenuItemID
GetMenuState
ModifyMenuA
GetMenuItemCount
ReleaseDC
DrawTextA
GetDC
GetDesktopWindow
GetSystemMetrics
SystemParametersInfoA
SetRect
GetSysColor
CopyRect

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreateRectRgnIndirect
SetViewportExtEx
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
GetClipBox
SetMapMode
CreateCompatibleBitmap
RestoreDC
SaveDC
LineTo
MoveToEx
SetDCPenColor
SetTextColor
SetBkColor
CreateBitmap
GetStockObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetObjectA
DeleteDC
DeleteObject
CreateSolidBrush
BitBlt
SelectObject
CreateCompatibleDC
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegCloseKey
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
SysFreeString
VariantClear

skinplusplus

ord1

Exports

Exports

AddArrayString
FragmentCount
GetItemLcn
IsFragmented
RunJkDefrag
StopJkDefrag
SystemErrorStr
TreeBiggest
TreeDetach
TreeFirst
TreeInsert
TreeNext
TreeNextPrev
TreePrev
TreeSmallest
stristr
stristrW

Sections

.text
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows 优化专家/English.ini
Windows 优化专家/Local.htm
Windows 优化专家/MainCon.ini
Windows 优化专家/MyUpdate.exe
.exe windows:4 windows x86 arch:x86

f3f54229ba80b29626a635e6f6549888

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpQueryInfoA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetGetConnectedState
InternetReadFile

winmm

timeGetTime
PlaySoundA

mfc42

ord536
ord2452
ord2753
ord1195
ord5440
ord6383
ord5450
ord6394
ord2575
ord5290
ord5277
ord3402
ord6055
ord4078
ord1776
ord4396
ord5241
ord2385
ord5163
ord6374
ord4353
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord609
ord567
ord4275
ord2379
ord5053
ord4774
ord5981
ord6270
ord2448
ord5710
ord6929
ord6927
ord665
ord3790
ord354
ord2044
ord2818
ord5834
ord5265
ord5856
ord4998
ord4710
ord2514
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord324
ord641
ord4234
ord4224
ord4673
ord1168
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord692
ord818
ord1768
ord6215
ord1651
ord2621
ord1134
ord1199
ord1247
ord2725
ord1200
ord1105
ord348
ord2393
ord690
ord5207
ord389
ord4204
ord541
ord801
ord3584
ord543
ord803
ord6883
ord6143
ord5953
ord2652
ord1669
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord2135
ord2301
ord2302
ord2642
ord3092
ord1576
ord470
ord6334
ord4853
ord5861
ord1871
ord1949
ord4202
ord2764
ord537
ord1621
ord4297
ord4133
ord5787
ord941
ord940
ord939
ord2919
ord5572
ord1146
ord1644
ord554
ord2120
ord4163
ord2012
ord2920
ord807
ord5860
ord2408
ord2096
ord1175
ord2864
ord2405
ord5785
ord323
ord1640
ord6194
ord640
ord3596
ord5864
ord6061
ord5571
ord5579
ord5736
ord5678
ord5794
ord5789
ord5873
ord6172
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord2971
ord3619
ord1641
ord858
ord2614
ord5788
ord2567
ord2414
ord5683
ord4277
ord2763
ord4129
ord5875
ord3626
ord3693
ord3573
ord3571
ord2859
ord5606
ord2863
ord4083
ord6142
ord823
ord2438
ord3663
ord3654
ord2584
ord4220
ord1862
ord825
ord500
ord3701
ord772
ord540
ord1574
ord860
ord535
ord800
ord1099
ord686
ord384
ord755

msvcrt

__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_initterm
_setmbcp
free
malloc
__CxxFrameHandler
wcscpy
wcslen
_ftol
memmove
_mbscmp
exit
strrchr
__p___argc
fflush
fclose
sprintf
fwrite
fopen
_mbsicmp
__p___argv
atol
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
_acmdln
__getmainargs
_controlfp

kernel32

lstrlenA
CreateToolhelp32Snapshot
GetVersionExA
lstrlenW
GetModuleHandleA
GetStartupInfoA
GetCPInfo
GetACP
LockResource
LoadResource
FindResourceA
lstrcmpiA
CloseHandle
Sleep
GetModuleFileNameA
WaitForSingleObject
SetEvent
WaitForMultipleObjects
CreateProcessA
TerminateProcess
OpenProcess
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CopyFileA
WinExec
GetCurrentProcessId
GetProcAddress
LoadLibraryA
Module32Next
Process32Next
Module32First
GetPriorityClass
Process32First
FreeLibrary
GetVersion

user32

IsWindow
SetForegroundWindow
GetCursorPos
SetMenuDefaultItem
UpdateWindow
SendDlgItemMessageA
SetDlgItemTextA
FindWindowA
PeekMessageA
PostQuitMessage
EnableWindow
GetClientRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
KillTimer
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetSubMenu
GrayStringA
TabbedTextOutA
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
IsIconic
DrawIcon
SetWindowPos
ModifyMenuA
GetMenuItemCount
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
SetTimer
LoadIconA
InvalidateRect
ReleaseDC
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
CopyRect
FillRect
DrawEdge
SetRect
GetMenuItemInfoA
MessageBoxA

gdi32

GetStockObject
Escape
ExtTextOutA
TextOutA
PatBlt
RectVisible
PtVisible
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetBkMode
GetDeviceCaps

advapi32

RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteExA

comctl32

ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetIcon
ImageList_GetImageCount
_TrackMouseEvent
ImageList_Draw

skinplusplus

ord1
ord32

msvcirt

?endl@@YAAAVostream@@AAV1@@Z
_mtlock
?get@istream@@IAEAAV1@PADHH@Z
_mtunlock
??0ofstream@@QAE@XZ
?open@ofstream@@QAEXPBDHH@Z
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@E@Z
??_Difstream@@QAEXXZ
?close@ofstream@@QAEXXZ
??1ofstream@@UAE@XZ
??_Dofstream@@QAEXXZ
??0ifstream@@QAE@XZ
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
?close@ifstream@@QAEXXZ

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows 优化专家/NewVersion.ini
.html
Windows 优化专家/OptSys.ini
Windows 优化专家/OptSysVISTA.exe
.exe windows:4 windows x86 arch:x86

1c2983171889989110bb68b55a9cff9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3079
ord4080
ord4627
ord4425
ord3597
ord801
ord641
ord541
ord324
ord4234
ord4710
ord3663
ord2448
ord2764
ord6929
ord6927
ord665
ord3790
ord354
ord537
ord2044
ord5834
ord5450
ord6394
ord5440
ord6383
ord1200
ord6883
ord6143
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord6055
ord1776
ord5290
ord3402
ord4424
ord3721
ord795
ord567
ord616
ord2302
ord5861
ord2652
ord1669
ord1168
ord4224
ord6334
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord2385
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord5943
ord2621
ord1134
ord2725
ord3825
ord790
ord2614
ord1146
ord6646
ord2370
ord2301
ord1768
ord5953
ord6111
ord2379
ord755
ord470
ord2642
ord3092
ord6199
ord941
ord2582
ord4402
ord3370
ord3640
ord693
ord686
ord384
ord3996
ord2862
ord2096
ord6888
ord3998
ord6877
ord4277
ord5608
ord6675
ord6907
ord4275
ord3571
ord3626
ord640
ord2414
ord5873
ord2860
ord2754
ord5785
ord1641
ord1640
ord323
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord4376
ord5265
ord2818
ord535
ord5710
ord4129
ord858
ord540
ord860
ord800
ord823
ord3441
ord3435
ord5628
ord825
ord5634
ord4191
ord702
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord3716
ord5163
ord400
ord696
ord3346
ord394
ord1576

msvcrt

_setmbcp
__CxxFrameHandler
_mbscmp
sprintf
strrchr
exit
atoi
memmove
fclose
fopen
fprintf
__p___argv
__p___argc
_ftol
_CIpow
__dllonexit
_onexit
_exit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter

kernel32

LocalAlloc
LocalFree
lstrlenA
GetDriveTypeA
SetFileAttributesA
GetFileAttributesA
FindFirstFileA
FindNextFileA
FindClose
GlobalMemoryStatus
GetSystemDirectoryA
ExitProcess
GetModuleHandleA
GetModuleFileNameA
GetVersionExA
GetCurrentThreadId
GetStartupInfoA

user32

GetClientRect
EnableWindow
SendMessageA
LoadIconA
SetWindowPos
DrawIcon
IsIconic
GetSystemMetrics
SetWindowLongA
UnhookWindowsHookEx
KillTimer

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
BitBlt
MaskBlt

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
QueryServiceConfigA
QueryServiceStatus
ControlService
StartServiceA
OpenServiceA
CloseServiceHandle
OpenSCManagerA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteA
SHGetFileInfoA

comctl32

ImageList_GetImageCount
ImageList_ReplaceIcon

skinplusplus

ord32
ord1

msvcirt

?close@ifstream@@QAEXXZ
_mtlock
?get@istream@@IAEAAV1@PADHH@Z
_mtunlock
??0ofstream@@QAE@XZ
?open@ofstream@@QAEXPBDHH@Z
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@E@Z
?endl@@YAAAVostream@@AAV1@@Z
?close@ofstream@@QAEXXZ
??1ofstream@@UAE@XZ
??_Dofstream@@QAEXXZ
??0ifstream@@QAE@XZ
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
??_Difstream@@QAEXXZ

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 356KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows 优化专家/PC Turbo Memory.exe
.exe windows:4 windows x86 arch:x86

4f9d2c8fd67bffb622bbe38705cb6184

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
PlaySoundA

kernel32

GetStartupInfoA
InterlockedDecrement
LocalAlloc
GetSystemDirectoryA
Process32First
Process32Next
CreateToolhelp32Snapshot
Module32First
Module32Next
TerminateProcess
TerminateThread
GetProcessTimes
OpenProcess
SetProcessWorkingSetSize
LocalFree
GetCurrentProcess
GetPriorityClass
SetPriorityClass
GetModuleHandleA
VirtualAlloc
VirtualFree
GetSystemInfo
GlobalMemoryStatus
GetTickCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateMutexA
GetLastError
GetModuleFileNameA
Sleep
WaitForSingleObject
lstrcatA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
QueryPerformanceCounter
QueryPerformanceFrequency
MulDiv
lstrcpyA
GetProcAddress
GetCurrentThreadId
CloseHandle
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA
WinExec
MultiByteToWideChar

imagehlp

MapFileAndCheckSumA

user32

RedrawWindow
SetWindowLongA
DefWindowProcA
GetCursorPos
SetTimer
RegisterHotKey
UnhookWindowsHookEx
ReleaseCapture
FrameRect
LoadImageA
DrawIcon
CreateIconIndirect
DrawStateA
OffsetRect
InflateRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCapture
GetParent
GetNextDlgTabItem
IsMenu
GetWindowLongA
DestroyCursor
GetSubMenu
GrayStringA
TabbedTextOutA
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
ModifyMenuA
GetMenuItemCount
AppendMenuA
GetSystemMetrics
GetDC
DrawTextA
ReleaseDC
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
CopyRect
DrawEdge
SetRect
MessageBeep
ScreenToClient
PtInRect
SetCursor
GetMenuItemInfoA
SendMessageA
wsprintfA
GetDesktopWindow
MessageBoxA
EnableWindow
GetClientRect
FillRect
IsWindow
CopyIcon
LoadCursorA
IsRectEmpty
UpdateWindow
ShowWindow
FindWindowA
RegisterWindowMessageA
CloseClipboard
EmptyClipboard
OpenClipboard
LoadIconA
KillTimer
SetWindowPos
IsIconic
UnregisterHotKey
FindWindowExA
GetClassInfoA
SetWindowRgn
ChildWindowFromPointEx
SetForegroundWindow
EnableMenuItem
SetMenuDefaultItem
GetIconInfo

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

mfc42

ord1601
ord861
ord3408
ord3227
ord3054
ord3425
ord3880
ord1871
ord3302
ord2362
ord2294
ord3998
ord922
ord3996
ord5861
ord3301
ord6663
ord4278
ord5862
ord562
ord816
ord6119
ord2380
ord6605
ord3089
ord6453
ord6144
ord559
ord1232
ord1270
ord812
ord2107
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord641
ord324
ord825
ord2302
ord4234
ord3663
ord3706
ord3573
ord3626
ord755
ord2414
ord1641
ord283
ord470
ord535
ord4277
ord5953
ord800
ord858
ord537
ord540
ord4710
ord3619
ord939
ord941
ord2818
ord4129
ord2764
ord860
ord4204
ord801
ord926
ord924
ord6883
ord6143
ord541
ord823
ord2582
ord6055
ord1776
ord4402
ord5290
ord3370
ord4424
ord3640
ord686
ord567
ord384
ord693
ord2642
ord3092
ord6199
ord2862
ord2096
ord6907
ord609
ord793
ord4224
ord1099
ord1574
ord772
ord3701
ord500
ord1862
ord4220
ord2584
ord3654
ord2438
ord6142
ord4083
ord2863
ord5606
ord2859
ord3571
ord3693
ord5875
ord2763
ord5683
ord2567
ord5788
ord2614
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord640
ord6194
ord1640
ord323
ord5785
ord2405
ord2864
ord1175
ord2408
ord5860
ord1576
ord807
ord2920
ord2012
ord2120
ord554
ord4163
ord1644
ord1146
ord5572
ord2919
ord940
ord5787
ord4133
ord4297
ord1621
ord4202
ord5856
ord536
ord2452
ord2753
ord1195
ord472
ord5440
ord6383
ord5450
ord6394
ord2575
ord4396
ord3402
ord3574
ord809
ord556
ord4275
ord4284
ord2379
ord5053
ord4774
ord5981
ord6270
ord3874
ord613
ord6880
ord289
ord2122
ord6358
ord1088
ord6197
ord3716
ord790
ord2301
ord6334
ord6111
ord394
ord696
ord400
ord702
ord4191
ord5634
ord5628
ord3435
ord3441
ord2754
ord3742
ord818
ord2152
ord1233
ord3721
ord795
ord2860
ord3797
ord2915
ord1200
ord2448
ord5710
ord6929
ord6927
ord665
ord3790
ord354
ord2044
ord5834
ord1105
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord656
ord616
ord5943
ord2621
ord1134
ord3584
ord543
ord803
ord2652
ord1669
ord1168
ord3610
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord3719
ord2289
ord2370
ord6282
ord6215
ord3337
ord3811
ord4476
ord6170
ord5781
ord3097
ord2841

msvcrt

wcslen
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
_CxxThrowException
_setmbcp
_onexit
__dllonexit
?terminate@@YAXXZ
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__CxxFrameHandler
atoi
atol
_mbscmp
sprintf
free
malloc
wcscpy
_initterm
_ftol
memmove
_mbsnbcpy
_except_handler3
_mbsicmp
_mbsstr
strrchr
exit
__p___argc
__p___argv
strtoul
rand

gdi32

RectVisible
PatBlt
TextOutA
ExtTextOutA
Escape
Rectangle
GetStockObject
SetBkColor
GetBkColor
DPtoLP
PtVisible
LPtoDP
CreateFontA
CreatePolygonRgn
Polygon
Arc
Pie
CreateRectRgn
FrameRgn
OffsetRgn
CombineRgn
GetTextMetricsA
StretchBlt
GetTextColor
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateSolidBrush
CreatePen
GetBkMode
GetDeviceCaps
GetObjectA
CreateFontIndirectA
FillRgn
CreateRoundRectRgn
GetMapMode

advapi32

RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA
RegCloseKey
RegSetValueExA
RegCreateKeyExA

shell32

SHGetFileInfoA
ExtractIconA
ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA

comctl32

ImageList_Draw
ImageList_GetIcon
ImageList_Remove
_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_AddMasked

ole32

CoCreateInstance
CoSetProxyBlanket
CoUninitialize
CoInitializeSecurity
CoInitializeEx

oleaut32

VariantInit
SysFreeString
SysAllocString
VariantClear
SafeArrayUnaccessData
SafeArrayAccessData

msvcirt

_mtlock
?get@istream@@IAEAAV1@PADHH@Z
_mtunlock
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@E@Z
?endl@@YAAAVostream@@AAV1@@Z
?close@ofstream@@QAEXXZ
??1ofstream@@UAE@XZ
??_Dofstream@@QAEXXZ
??0ifstream@@QAE@XZ
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
?close@ifstream@@QAEXXZ
??_Difstream@@QAEXXZ
??0ofstream@@QAE@XZ
?open@ofstream@@QAEXPBDHH@Z

Sections

.text
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 441KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 520KB - Virtual size: 518KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows 优化专家/Resource.ini
Windows 优化专家/Skin.ssk
Windows 优化专家/SkinPlusPlus.dll
.dll windows:4 windows x86 arch:x86

598ae977394a6b93fbf9769d688859f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord2725
ord3953
ord823
ord641
ord2513
ord293
ord800
ord537
ord665
ord1979
ord6385
ord353
ord3573
ord540
ord6194
ord6170
ord5781
ord2753
ord2567
ord3920
ord2713
ord2243
ord4129
ord2763
ord2919
ord2380
ord4023
ord809
ord556
ord5875
ord4297
ord4133
ord5787
ord5788
ord3693
ord2864
ord2860
ord1644
ord2455
ord2438
ord3654
ord2584
ord4220
ord1270
ord2859
ord3706
ord5590
ord3643
ord4185
ord696
ord394
ord909
ord5628
ord3435
ord2452
ord922
ord924
ord3790
ord939
ord5710
ord858
ord2044
ord5834
ord6394
ord6383
ord5440
ord5450
ord535
ord2714
ord3596
ord3663
ord1116
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord941
ord860
ord5572
ord2915
ord3626
ord2764
ord5442
ord3619
ord1641
ord3571
ord640
ord2405
ord2754
ord5785
ord1640
ord323
ord4204
ord861
ord2450
ord2448
ord2841
ord2818
ord2107
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord2414

msvcrt

__CxxFrameHandler
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
__dllonexit
_EH_prolog
_CxxThrowException
getc
fputc
fflush
toupper
_except_handler3
fseek
ftell
fread
fopen
fwrite
realloc
strncpy
_mbsstr
_mbsnbcpy
gmtime
strstr
calloc
memchr
fclose
strchr
ceil
floor
malloc
free
sprintf
_purecall
atoi
memmove
_mbscmp
_mbsicmp
_ftol
__RTDynamicCast

kernel32

LocalAlloc
LocalFree
WaitForSingleObject
ReleaseMutex
CreateMutexA
FlushInstructionCache
VirtualProtect
SetLastError
UnmapViewOfFile
WriteFile
SetFileTime
CreateDirectoryA
lstrcpyA
DosDateTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetFileType
SetFilePointer
MulDiv
GetVersionExA
Sleep
ExitThread
TerminateThread
CloseHandle
CreateThread
lstrcmpA
lstrlenA
lstrcmpiA
GetCurrentThreadId
lstrlenW
WideCharToMultiByte
GetVersion
GetProcAddress
FindFirstFileA
FindClose
DeleteFileA
GetTempPathA
GetModuleHandleA
GetModuleFileNameA
FindResourceA
LoadResource
SizeofResource
GlobalAlloc
GlobalLock
LockResource
GlobalUnlock
GlobalFree
LoadLibraryA

user32

DeferWindowPos
EndDeferWindowPos
BeginDeferWindowPos
EqualRect
RegisterClassExA
IsZoomed
IsIconic
GetWindowInfo
ShowWindow
SetActiveWindow
EnableWindow
DestroyWindow
SetWindowTextA
GetMenuState
GetMenuItemRect
MenuItemFromPoint
GetMenuDefaultItem
GetMenuCheckMarkDimensions
DestroyMenu
SystemParametersInfoA
UnionRect
GetForegroundWindow
GetSystemMenu
DestroyIcon
GetMessagePos
KillTimer
SetTimer
IntersectRect
MoveWindow
SetCursor
LoadCursorA
ReleaseCapture
GetFocus
SetFocus
SetCapture
GetAsyncKeyState
CreateIconIndirect
SetRect
SendMessageTimeoutA
DrawIconEx
IsMenu
CreatePopupMenu
GetMenuItemID
AppendMenuA
SetMenuItemInfoA
SetWindowRgn
UpdateWindow
IsWindowVisible
GetCapture
GetMenuStringA
SetWindowPos
ClientToScreen
MapWindowPoints
GetMenuItemCount
GetMenuItemInfoA
SetRectEmpty
LoadImageA
LoadCursorFromFileA
CallNextHookEx
GetWindowRect
IsWindowEnabled
GrayStringA
TabbedTextOutA
GetDlgCtrlID
InvalidateRect
IsRectEmpty
SetClassLongA
FindWindowExA
GetDlgItem
GetWindowTextA
PostMessageA
SetWindowsHookExA
UnhookWindowsHookEx
ScreenToClient
GetClientRect
RemovePropA
GetParent
ShowScrollBar
LockWindowUpdate
GetDesktopWindow
SetPropA
GetClassNameA
WindowFromDC
DrawStateA
DrawFocusRect
DefWindowProcA
GetCursorPos
IsWindow
GetPropA
PtInRect
InflateRect
LoadBitmapA
CallWindowProcA
EndPaint
BeginPaint
GetSubMenu
CheckMenuItem
DrawEdge
ModifyMenuW
ModifyMenuA
CreateWindowExA
ReleaseDC
GetWindowDC
GetDC
FillRect
SetMenu
GetMenu
DrawTextW
TrackPopupMenuEx
TrackPopupMenu
RemoveMenu
EnableMenuItem
InsertMenuW
InsertMenuA
InsertMenuItemW
InsertMenuItemA
DeleteMenu
DrawFrameControl
GetClassLongA
GetSysColor
SetScrollRange
SetScrollPos
SetScrollInfo
GetScrollRange
SetWindowLongA
GetWindowLongA
GetScrollPos
GetScrollInfo
EnableScrollBar
CopyRect
OffsetRect
DrawTextA
MessageBoxA
SendMessageA
RedrawWindow
GetSystemMetrics
GetWindow

gdi32

ExtTextOutA
Rectangle
BitBlt
SetBkColor
CreatePen
PatBlt
CreateCompatibleDC
DeleteDC
ExcludeClipRect
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
GetPixel
GetClipBox
PtVisible
RectVisible
Escape
GetObjectA
GetStockObject
CombineRgn
GetTextExtentPointW
StretchBlt
SetStretchBltMode
CreateBitmap
SetPixelV
CreateDIBSection
ExtCreateRegion
GetDIBits
CreateICA
GetDeviceCaps
SetPixel
RoundRect
OffsetRgn
GetRegionData
CreateRectRgn
GetNearestColor
CreateDIBitmap
RealizePalette
SetDIBitsToDevice
ExtSelectClipRgn
StretchDIBits
RestoreDC
SelectClipRgn
SaveDC
GetCharWidthA
CreateFontA
SetRectRgn
PlgBlt
SetBoundsRect
GetCurrentObject
GetTextColor
GetBkMode
GetBkColor
GetTextExtentPointA
SetTextAlign
GetWindowOrgEx
GetTextExtentPoint32A
GetViewportOrgEx
SetViewportOrgEx
TextOutA
SetBkMode
CreateFontIndirectA
SetTextColor
CreateRectRgnIndirect
SelectObject

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA

comctl32

ImageList_Destroy
ImageList_Draw
ImageList_GetImageInfo
ImageList_Duplicate
_TrackMouseEvent
ImageList_GetIcon
ImageList_GetIconSize

msvcp60

??1_Lockit@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??0_Lockit@std@@QAE@XZ

winmm

sndPlaySoundA

Exports

Exports

sppColorize
sppDrawSkinBitmap
sppDrawSkinImage
sppExitSkin
sppGetDefaultSysColor
sppGetFreeWindowID
sppGetHookAPI
sppGetHookAPIStyle
sppGetSkinResFile
sppGetSkinSysColor
sppGetSystemMetrics
sppGetWindowResID
sppInitializeSkin
sppLoadSkin
sppLoadSkinFromRes
sppModifyHookAPIStyle
sppRemoveSkin
sppRemoveSkinHwnd
sppSelectSkin
sppSetButtonTooltip
sppSetCustSysBtnStatus
sppSetCustSysBtnVisible
sppSetCustomDraw
sppSetDialogBkClipRgn
sppSetDialogEraseBkgnd
sppSetFreeWindowID
sppSetHookAPI
sppSetHookMessage
sppSetListHeaderSortInfo
sppSetNoSkinHwnd
sppSetRedraw
sppSetRgnEnable
sppSetSkinHwnd
sppSetTabCtrlItemsStatus
sppSetTabCtrlPosition
sppSetWindowResID
sppTakeoutSysMenu
sppValidateDevTools

Sections

.text
Size: 528KB - Virtual size: 527KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Windows 优化专家/SrvConfig.ini
Windows 优化专家/SysStatus.exe
.exe windows:4 windows x86 arch:x86

9c1727b12a563a0f4dc3f52b0a3ca90d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA
timeGetTime

mfc42

ord939
ord940
ord941
ord5787
ord4133
ord4297
ord1621
ord537
ord2764
ord4202
ord5856
ord536
ord2452
ord2753
ord1195
ord472
ord5440
ord6383
ord5450
ord6394
ord2575
ord6055
ord4078
ord1776
ord4396
ord5241
ord2385
ord5163
ord6374
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord809
ord609
ord556
ord567
ord4275
ord4284
ord2379
ord5053
ord4774
ord5981
ord6270
ord3874
ord613
ord6880
ord289
ord2122
ord283
ord4330
ord6282
ord6883
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord2919
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord641
ord818
ord795
ord656
ord810
ord2514
ord2621
ord1134
ord2725
ord3398
ord3733
ord3610
ord3721
ord5265
ord4376
ord4998
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord1168
ord324
ord2135
ord2302
ord4234
ord1768
ord4224
ord4710
ord755
ord470
ord2652
ord801
ord6143
ord541
ord4000
ord5953
ord1576
ord6215
ord2862
ord4299
ord1949
ord3880
ord3425
ord3054
ord3227
ord3408
ord861
ord1601
ord6186
ord5756
ord6192
ord5759
ord2971
ord1641
ord858
ord2614
ord5788
ord2567
ord2414
ord5683
ord4277
ord2763
ord4129
ord5875
ord3626
ord3693
ord3573
ord3571
ord2859
ord5606
ord2863
ord4083
ord6142
ord823
ord2438
ord3663
ord3654
ord2584
ord4220
ord1862
ord825
ord500
ord5572
ord1146
ord1644
ord554
ord2120
ord4163
ord2012
ord2920
ord807
ord5860
ord2408
ord2096
ord1175
ord2864
ord2405
ord5785
ord323
ord1640
ord6194
ord640
ord3619
ord3596
ord5864
ord6061
ord5571
ord5579
ord5736
ord5678
ord5794
ord5789
ord5873
ord3701
ord772
ord540
ord1574
ord860
ord535
ord800
ord1099
ord686
ord384
ord6172
ord6021
ord5300
ord6189
ord2818
ord1669

msvcrt

_XcptFilter
_setmbcp
??1type_info@@UAE@XZ
free
malloc
__CxxFrameHandler
wcscpy
wcslen
_ftol
memmove
_mbscmp
_mbsnbcpy
sprintf
strrchr
_except_handler3
_mbsicmp
sscanf
atol
__dllonexit
_onexit
?terminate@@YAXXZ
_exit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_CxxThrowException

kernel32

LocalFree
MultiByteToWideChar
GetLastError
GetStartupInfoA
GetModuleHandleA
InterlockedDecrement
WinExec
GetDriveTypeA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetComputerNameA
GetCurrentProcess
GetPriorityClass
SetPriorityClass
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
GetSystemInfo
GlobalMemoryStatus
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetACP
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA

user32

KillTimer
IsIconic
DrawIcon
PostQuitMessage
SetTimer
SetWindowPos
LoadIconA
EnableWindow
FrameRect
LoadImageA
GetMenuItemCount
CreateIconIndirect
DrawStateA
AppendMenuA
OffsetRect
GetClientRect
InflateRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
GetActiveWindow
InvalidateRect
ReleaseDC
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
GetMenuItemInfoA
SetRect
DrawEdge
FillRect
GetIconInfo
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetWindowLongA
DestroyCursor
GetSubMenu
GrayStringA
TabbedTextOutA
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
ModifyMenuA
CopyRect

gdi32

RectVisible
PatBlt
TextOutA
ExtTextOutA
Escape
PtVisible
GetStockObject
CreateFontA
SetTextColor
SetBkColor
CreateBitmap
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetDeviceCaps
GetBkMode

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteExA

comctl32

ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Draw
_TrackMouseEvent

ole32

CoInitializeSecurity
CoCreateInstance
CoSetProxyBlanket
CoUninitialize
CoInitializeEx

oleaut32

VariantInit
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysFreeString
VariantClear

skinplusplus

ord1
ord27

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 304KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows 优化专家/UnZip.exe
.exe windows:4 windows x86 arch:x86

e791bd94ae9d9fa3ba03d79cea7f12fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord858
ord2621
ord1134
ord4698
ord1168
ord4234
ord2379
ord755
ord470
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord540
ord2818
ord535
ord800
ord4673
ord1576

msvcrt

exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
_onexit
__dllonexit
calloc
fclose
fseek
ftell
fwrite
fread
fopen
malloc
_strdup
free
_splitpath
sprintf
__CxxFrameHandler
strrchr
_setmbcp
_XcptFilter

kernel32

GetModuleFileNameA
GetFileAttributesA
lstrcmpiA
lstrlenA
CloseHandle
WriteFile
CreateFileA
lstrcatA
CreateDirectoryA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
GetModuleHandleA
GetStartupInfoA
lstrcpyA

user32

DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageA

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows 优化专家/UpdateInfo.INI
Windows 优化专家/UpdateUrl.ini
Windows 优化专家/WmOptimize.exe
.exe windows:4 windows x86 arch:x86

5655ff86f10b672161615bf2a1ce13ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5440
ord6383
ord5450
ord6394
ord2575
ord5290
ord5277
ord3402
ord6055
ord4078
ord1776
ord4396
ord5241
ord2385
ord5163
ord6374
ord4353
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord809
ord609
ord556
ord567
ord4275
ord4284
ord2379
ord5053
ord4774
ord5981
ord6270
ord3874
ord613
ord6880
ord289
ord2122
ord4160
ord6358
ord1088
ord6197
ord283
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord323
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord818
ord641
ord795
ord2514
ord472
ord2621
ord1134
ord2818
ord3337
ord3811
ord5265
ord4376
ord4853
ord4998
ord6052
ord1775
ord4407
ord5280
ord4425
ord3597
ord324
ord2302
ord4234
ord3721
ord1168
ord6199
ord4710
ord755
ord470
ord6215
ord4299
ord2086
ord5953
ord3097
ord1929
ord2860
ord3797
ord2915
ord1200
ord926
ord2448
ord5710
ord6929
ord6927
ord665
ord3790
ord354
ord2044
ord5834
ord2393
ord690
ord5207
ord389
ord2135
ord1105
ord1572
ord2754
ord1949
ord4034
ord1640
ord6194
ord640
ord3596
ord5864
ord6061
ord5571
ord5579
ord5736
ord5678
ord5794
ord5789
ord5873
ord6172
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord2971
ord3619
ord1641
ord858
ord2614
ord5788
ord2567
ord2414
ord5683
ord4277
ord2763
ord4129
ord5875
ord3626
ord1195
ord2753
ord2452
ord536
ord5856
ord4202
ord2764
ord537
ord1621
ord4297
ord4133
ord5787
ord941
ord940
ord939
ord2919
ord5572
ord1146
ord1644
ord554
ord2120
ord4163
ord2012
ord2920
ord807
ord5860
ord2408
ord2096
ord1175
ord2864
ord2405
ord5943
ord5785
ord3693
ord3573
ord3571
ord2859
ord5606
ord2863
ord4083
ord6142
ord823
ord2438
ord3663
ord3654
ord2584
ord4220
ord1862
ord825
ord500
ord3701
ord772
ord540
ord1574
ord860
ord535
ord800
ord1099
ord686
ord2396
ord384
ord1576

msvcrt

_setmbcp
free
malloc
__CxxFrameHandler
wcscpy
wcslen
_ftol
memmove
_mbscmp
_mbsnbcpy
sprintf
strrchr
_mbsstr
fclose
fwrite
fopen
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

kernel32

GetModuleHandleA
GetSystemDirectoryA
DeleteFileA
lstrcatA
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
WinExec
SetCurrentDirectoryA
GetModuleFileNameA
CreateMutexA
GetLastError
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetACP
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA
GetStartupInfoA

user32

GetMenuItemInfoA
GetDesktopWindow
GetSystemMetrics
AppendMenuA
GetMenuItemCount
ModifyMenuA
GetMenuState
GetMenuItemID
CreatePopupMenu
CreateMenu
GetMenuStringA
GetSysColorBrush
LoadBitmapA
TabbedTextOutA
SetRect
UpdateWindow
KillTimer
SetTimer
LoadCursorA
CopyIcon
IsWindow
SetWindowLongA
PtInRect
ReleaseCapture
DrawEdge
FillRect
CopyRect
RedrawWindow
SetCapture
MessageBeep
IsIconic
DrawIcon
GetSystemMenu
LoadIconA
EnableWindow
GetSubMenu
DestroyCursor
GetSysColor
SystemParametersInfoA
DestroyIcon
DrawIconEx
ReleaseDC
DrawTextA
MessageBoxA
GetDC
GetWindowLongA
SendMessageA
FrameRect
LoadImageA
DrawStateA
OffsetRect
GetClientRect
InflateRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
GrayStringA

gdi32

PatBlt
TextOutA
ExtTextOutA
Escape
GetStockObject
CreateFontA
SetTextColor
SetBkColor
CreateBitmap
RectVisible
MaskBlt
PtVisible
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetDeviceCaps
GetBkMode

advapi32

RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteExA
ShellExecuteA

comctl32

ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Draw
_TrackMouseEvent

oleaut32

VariantClear

skinplusplus

ord27
ord1

winmm

PlaySoundA

msvcirt

?close@ifstream@@QAEXXZ
_mtlock
?get@istream@@IAEAAV1@PADHH@Z
_mtunlock
??0ifstream@@QAE@XZ
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
??_Difstream@@QAEXXZ

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows 优化专家/advOptimize.exe
.exe windows:4 windows x86 arch:x86

835ded0cea18f1e6c4b9e30b885c0b04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4224
ord354
ord4710
ord2379
ord2764
ord535
ord2818
ord1200
ord537
ord6883
ord6143
ord2652
ord801
ord5861
ord541
ord1669
ord1168
ord3698
ord2582
ord4402
ord3370
ord3640
ord765
ord686
ord384
ord693
ord3996
ord2862
ord1146
ord2096
ord6905
ord3998
ord5953
ord1099
ord1574
ord772
ord3701
ord500
ord1862
ord4220
ord2584
ord3654
ord3663
ord2438
ord823
ord6142
ord4083
ord2863
ord5606
ord2859
ord3571
ord3573
ord3693
ord3626
ord5875
ord4129
ord2763
ord4277
ord5683
ord2414
ord2567
ord5788
ord2614
ord1641
ord3619
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord640
ord6194
ord1640
ord323
ord5785
ord2405
ord2864
ord1175
ord2408
ord5860
ord3597
ord807
ord2920
ord2012
ord2120
ord554
ord4163
ord1644
ord6334
ord2919
ord939
ord940
ord941
ord5787
ord4133
ord4297
ord1621
ord4202
ord5856
ord536
ord2452
ord2753
ord1195
ord472
ord5440
ord6383
ord5450
ord6394
ord2575
ord4396
ord3574
ord809
ord609
ord556
ord4275
ord4284
ord5053
ord4774
ord5981
ord6270
ord3874
ord283
ord613
ord6880
ord289
ord2122
ord2135
ord818
ord1576
ord2362
ord2448
ord5710
ord6929
ord6927
ord2044
ord5834
ord1949
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord5943
ord2621
ord1134
ord2725
ord755
ord470
ord6888
ord6907
ord6675
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord858
ord3790
ord5186
ord5442
ord6385
ord1979
ord5773
ord665
ord4234
ord2302
ord2301
ord2370
ord825
ord324
ord540
ord567
ord860
ord641
ord800
ord5572
ord616
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord4376
ord5265
ord3582
ord4424
ord3402
ord5290
ord4398
ord1776
ord6055
ord2578
ord4218
ord2023
ord2411

msvcrt

malloc
__set_app_type
_setmbcp
__CxxFrameHandler
strrchr
fclose
fopen
fprintf
free
_controlfp
__p__fmode
__p__commode
wcscpy
wcslen
_ftol
memmove
_mbscmp
_mbsnbcpy
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv

kernel32

GetModuleHandleA
LocalAlloc
LocalFree
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA
Sleep
ExitProcess
GetModuleFileNameA
GetStartupInfoA

user32

KillTimer
EnableWindow
SendMessageA
LoadIconA
InvalidateRect
GetMenuItemInfoA
SetRect
DrawEdge
FillRect
CopyRect
GetSysColor
SystemParametersInfoA
DestroyIcon
DrawIconEx
ReleaseDC
DrawTextA
GetDC
GetDesktopWindow
GetSystemMetrics
AppendMenuA
GetMenuItemCount
IsIconic
DrawIcon
LoadImageA
GetIconInfo
CreateIconIndirect
DrawStateA
GetClientRect
FrameRect
InflateRect
OffsetRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
GetWindowLongA
DestroyCursor
GetSubMenu
GrayStringA
TabbedTextOutA
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
SetTimer
ModifyMenuA

gdi32

GetStockObject
CreateBitmap
Escape
ExtTextOutA
TextOutA
PatBlt
RectVisible
PtVisible
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
SetBkColor
GetDeviceCaps
GetBkMode

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
QueryServiceConfigA
QueryServiceStatus
ControlService
StartServiceA
OpenServiceA
RegCloseKey
CloseServiceHandle
OpenSCManagerA

shell32

ShellExecuteExA

comctl32

ImageList_Draw
ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
_TrackMouseEvent
ImageList_ReplaceIcon

msvcirt

?close@ofstream@@QAEXXZ
_mtlock
?get@istream@@IAEAAV1@PADHH@Z
_mtunlock
??0ofstream@@QAE@XZ
?open@ofstream@@QAEXPBDHH@Z
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@E@Z
?endl@@YAAAVostream@@AAV1@@Z
??_Difstream@@QAEXXZ
??1ofstream@@UAE@XZ
??_Dofstream@@QAEXXZ
??0ifstream@@QAE@XZ
?openprot@filebuf@@2HB
?open@ifstream@@QAEXPBDHH@Z
??1ifstream@@UAE@XZ
??1ios@@UAE@XZ
?close@ifstream@@QAEXXZ

skinplusplus

ord1

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Windows 优化专家/license.TXT
Windows 优化专家/个性定制.cfg
Windows 优化专家/办公软件.cfg
Windows 优化专家/安全设置.cfg
Windows 优化专家/安装脚本.iss
Windows 优化专家/应用软件.cfg
Windows 优化专家/新云软件.url
.url
Windows 优化专家/硬件设置.cfg
Windows 优化专家/终极优化.cfg
Windows 优化专家/网络设置.cfg

Sharing

General

Malware Config

Signatures

Files

36d19efdcb373fc81ccbd035dfec0258

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

comctl32

skinplusplus

msvcirt

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 636B

.rsrc Size: 8KB - Virtual size: 5KB

6c6b73df1f2e077e950330601057df0a

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

skinplusplus

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 840B

.rsrc Size: 464KB - Virtual size: 462KB

72d44b5babdf1c50056e2519e6d94d96

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

skinplusplus

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 192KB - Virtual size: 190KB

86fc11bfe170e5cd29bac9e675ce3150

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

skinplusplus

Exports

Exports

Sections

.text Size: 252KB - Virtual size: 249KB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 12KB - Virtual size: 31KB

.rsrc Size: 224KB - Virtual size: 221KB

f3f54229ba80b29626a635e6f6549888

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 636B

.rsrc
Size: 8KB - Virtual size: 5KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 840B

.rsrc
Size: 464KB - Virtual size: 462KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 192KB - Virtual size: 190KB

.text
Size: 252KB - Virtual size: 249KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 12KB - Virtual size: 31KB

.rsrc
Size: 224KB - Virtual size: 221KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 100KB - Virtual size: 97KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 356KB - Virtual size: 354KB

.text
Size: 248KB - Virtual size: 244KB

.rdata
Size: 48KB - Virtual size: 44KB

.data
Size: 20KB - Virtual size: 441KB

.rsrc
Size: 520KB - Virtual size: 518KB