bbbe1ad21debe13574b6acefc3f8e9c8

Sharing

Copy URL Twitter E-mail

General

Target

bbbe1ad21debe13574b6acefc3f8e9c8
Size

12.6MB
MD5

bbbe1ad21debe13574b6acefc3f8e9c8
SHA1

0bbc481df75883fec5e99a8b4aedeeb65394e665
SHA256

9216deabbc8208e737e04bbd52a08aa261625b1da2f6646914e8425ec123fe7c
SHA512

bae83ca751646c67df2cf5286f5f4fe9e448852fbe94d80d6e443028ec9eed5abd650de96a2d508c969596fc70879e01fafe9f6cf85019ebe3e814cade9851cf
SSDEEP

393216:ltDMI617R26RXj3xx2MAUMht1l50h/nvr493:fMI61fx8/ht170h/nDU

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/$PLUGINSDIR/pnsis.dll
unpack001/$PLUGINSDIR/time.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

bbbe1ad21debe13574b6acefc3f8e9c8
.exe windows:5 windows x86 arch:x86

ff8d8dbb96b7ab762c0ce51911e4d104

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b1:80:4e:14:69:af:33:8c:c4:83:5b:e5:7a:79:b2:11:ac:d0:7b:32
Signer

Actual PE Digest

b1:80:4e:14:69:af:33:8c:c4:83:5b:e5:7a:79:b2:11:ac:d0:7b:32

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
GetTempPathA
SetFileTime
SetErrorMode
lstrcpynA
GetDiskFreeSpaceA
LocalFree
WideCharToMultiByte
OutputDebugStringA
GetCommandLineW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryA
CreateProcessA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
RemoveDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
MulDiv
WriteFile
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetCommandLineA

user32

GetMessagePos
CallWindowProcA
IsWindowVisible
LoadBitmapA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuA
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
ScreenToClient
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
FindWindowExA
CheckDlgButton
LoadCursorA
SetCursor
GetWindowLongA
GetSysColor
CharNextA
DialogBoxParamA
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SendMessageTimeoutA

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

CommandLineToArgvW
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegEnumKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumValueA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 413KB - Virtual size: 413KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$COMMONFILES/PPLiveNetwork/$OUTDIR/GdiPlus.dll
.dll windows:6 windows x86 arch:x86

ef4c749f5dec4632456950949469f18c

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a2:a6:cc:12:37:a1:26:cf:f3:5f:5a:8f:20:a6:d0:87:fd:44:0f:67
Signer

Actual PE Digest

a2:a6:cc:12:37:a1:26:cf:f3:5f:5a:8f:20:a6:d0:87:fd:44:0f:67

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

gdiplus.pdb

Imports

msvcrt

_isatty
_write
_lseeki64
_fileno
__pioinfo
__badioinfo
wctomb
_itoa
_snprintf
isleadbyte
memmove
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
_CIatan2
_CIsqrt
_CIsin
_CIcos
??3@YAXPAX@Z
_iob
_CIexp
_CIatan
_vsnprintf
_vsnwprintf
_errno
memset
memcpy
_purecall
_CIlog

kernel32

GetFileInformationByHandle
RaiseException
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
InterlockedCompareExchange
HeapAlloc
InterlockedExchange
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
HeapFree
VirtualAlloc
GetProcAddress
GetModuleHandleW
GetSystemInfo
GetVersion
HeapReAlloc
CloseHandle
WaitForSingleObject
SetEvent
lstrcmpiA
IsValidLocale
ConvertDefaultLocale
GetLocaleInfoW
GetModuleFileNameW
GetModuleFileNameA
FindResourceA
LockResource
GetProfileIntA
GetProfileStringA
lstrcmpiW
LocalReAlloc
MulDiv
SetLastError
LocalAlloc
LocalFree
IsDBCSLeadByteEx
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
RtlUnwind
OutputDebugStringA
Sleep
GetFileTime
SearchPathW
SearchPathA
GetOEMCP
SetEndOfFile
WriteFile
SetFilePointer
ReadFile
UnlockFile
LoadResource
LockFile
FlushFileBuffers
CreateSemaphoreA
CreateFileW
LoadLibraryW
GetSystemDirectoryA
CreateFileMappingW
ReleaseSemaphore
GetFileAttributesW
GetProfileSectionA
GetLastError
VirtualFree
GlobalAlloc
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
HeapCreate
GetModuleHandleA
FreeLibrary
HeapDestroy
LoadLibraryA
GetSystemDirectoryW
GetWindowsDirectoryA
GetVersionExA
GetACP
GetSystemDefaultLCID
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
CreateEventA
CreateThread

user32

ReleaseDC
GetDC
GetSysColor
UnregisterClassA
DestroyWindow
GetSystemMetrics
DefWindowProcA
CreateWindowExA
RegisterWindowMessageA
RegisterClassA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
GetClientRect
GetDesktopWindow
GetWindowRect
WindowFromDC
CreateIconIndirect
LoadBitmapW
LoadBitmapA
ClientToScreen
SystemParametersInfoA
GetClassLongA
GetWindowLongA
GetDCEx
GetIconInfo

gdi32

ModifyWorldTransform
GetTextCharsetInfo
TranslateCharsetInfo
GetCurrentPositionEx
ArcTo
SetArcDirection
GetPath
AbortPath
FlattenPath
WidenPath
Ellipse
AngleArc
RoundRect
PolyDraw
Pie
Chord
Arc
OffsetClipRgn
GetRgnBox
CombineRgn
SetPaletteEntries
ResizePalette
ExcludeClipRect
PlayEnhMetaFile
GetWinMetaFileBits
PlgBlt
BitBlt
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineTransform
SetMapperFlags
CreateDIBitmap
CreatePen
CreatePatternBrush
GetBkMode
GetTextAlign
ExtCreateRegion
Polyline
PolyPolyline
StrokeAndFillPath
FillPath
SetPolyFillMode
PolyBezier
SelectClipPath
BeginPath
PolylineTo
PolyBezierTo
MoveToEx
CloseFigure
EndPath
StrokePath
ExtSelectClipRgn
GetPixel
ExtTextOutA
CreateSolidBrush
SetMiterLimit
FillRgn
GetDIBColorTable
GetNearestPaletteIndex
StretchBlt
CreateCompatibleBitmap
ExtCreatePen
GetWorldTransform
GetROP2
Rectangle
Polygon
SetBrushOrgEx
GetClipRgn
SelectClipRgn
GetBkColor
GetTextColor
CreatePenIndirect
GetObjectW
DPtoLP
CreateDIBPatternBrushPt
GetNearestColor
SetStretchBltMode
StretchDIBits
SetTextAlign
SetTextJustification
SetROP2
PolyPolygon
IntersectClipRect
PlayMetaFileRecord
ExtTextOutW
SetBitmapBits
SetDIBColorTable
CreateEnhMetaFileW
GdiComment
GetMetaFileW
GetMetaFileA
GetEnhMetaFileW
GetEnhMetaFileA
SaveDC
SetWindowOrgEx
SetViewportOrgEx
SetGraphicsMode
SetWorldTransform
GetEnhMetaFileBits
CopyEnhMetaFileA
CopyMetaFileA
DeleteMetaFile
GetEnhMetaFileHeader
SetMetaFileBitsEx
SetEnhMetaFileBits
CreateEnhMetaFileA
SetMapMode
SetViewportExtEx
SetWindowExtEx
PlayMetaFile
CloseEnhMetaFile
DeleteEnhMetaFile
SetMetaRgn
GetObjectType
GetMetaFileBitsEx
EnumMetaFile
EnumEnhMetaFile
PlayEnhMetaFileRecord
RestoreDC
GetStockObject
CreateBitmap
SetTextColor
SetBkColor
SetBkMode
SetDIBits
CreateBrushIndirect
PatBlt
GdiFlush
GetPaletteEntries
RealizePalette
CreateDIBSection
CreateCompatibleDC
GetDIBits
GetCurrentObject
GetObjectA
GetDCOrgEx
Escape
SetICMMode
GetMapMode
GetViewportOrgEx
GetWindowOrgEx
GetGraphicsMode
GetViewportExtEx
GetWindowExtEx
LPtoDP
GetRandomRgn
ExtEscape
CreateRectRgn
CreateICA
CreateDCA
DeleteDC
GetRegionData
CreateFontIndirectA
CreateFontIndirectW
SelectObject
EnumFontFamiliesExW
EnumFontFamiliesExA
GetTextMetricsW
GetTextFaceW
GetTextMetricsA
GetTextFaceA
SelectPalette
DeleteObject
GetDeviceCaps
GetSystemPaletteUse
GetSystemPaletteEntries
CreatePalette
LineTo

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal

advapi32

RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegEnumKeyExW
RegEnumKeyExA
RegOpenKeyW
RegOpenKeyA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueW
RegCloseKey
RegEnumValueA
RegDeleteKeyW
RegSetValueExA
RegSetValueExW

Exports

Exports

GdipAddPathArc
GdipAddPathArcI
GdipAddPathBezier
GdipAddPathBezierI
GdipAddPathBeziers
GdipAddPathBeziersI
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathClosedCurve2I
GdipAddPathClosedCurveI
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathCurve2I
GdipAddPathCurve3
GdipAddPathCurve3I
GdipAddPathCurveI
GdipAddPathEllipse
GdipAddPathEllipseI
GdipAddPathLine
GdipAddPathLine2
GdipAddPathLine2I
GdipAddPathLineI
GdipAddPathPath
GdipAddPathPie
GdipAddPathPieI
GdipAddPathPolygon
GdipAddPathPolygonI
GdipAddPathRectangle
GdipAddPathRectangleI
GdipAddPathRectangles
GdipAddPathRectanglesI
GdipAddPathString
GdipAddPathStringI
GdipAlloc
GdipBeginContainer
GdipBeginContainer2
GdipBeginContainerI
GdipBitmapGetPixel
GdipBitmapLockBits
GdipBitmapSetPixel
GdipBitmapSetResolution
GdipBitmapUnlockBits
GdipClearPathMarkers
GdipCloneBitmapArea
GdipCloneBitmapAreaI
GdipCloneBrush
GdipCloneCustomLineCap
GdipCloneFont
GdipCloneFontFamily
GdipCloneImage
GdipCloneImageAttributes
GdipCloneMatrix
GdipClonePath
GdipClonePen
GdipCloneRegion
GdipCloneStringFormat
GdipClosePathFigure
GdipClosePathFigures
GdipCombineRegionPath
GdipCombineRegionRect
GdipCombineRegionRectI
GdipCombineRegionRegion
GdipComment
GdipCreateAdjustableArrowCap
GdipCreateBitmapFromDirectDrawSurface
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateCachedBitmap
GdipCreateCustomLineCap
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCreateFontFromLogfontW
GdipCreateFromHDC
GdipCreateFromHDC2
GdipCreateFromHWND
GdipCreateFromHWNDICM
GdipCreateHBITMAPFromBitmap
GdipCreateHICONFromBitmap
GdipCreateHalftonePalette
GdipCreateHatchBrush
GdipCreateImageAttributes
GdipCreateLineBrush
GdipCreateLineBrushFromRect
GdipCreateLineBrushFromRectI
GdipCreateLineBrushFromRectWithAngle
GdipCreateLineBrushFromRectWithAngleI
GdipCreateLineBrushI
GdipCreateMatrix
GdipCreateMatrix2
GdipCreateMatrix3
GdipCreateMatrix3I
GdipCreateMetafileFromEmf
GdipCreateMetafileFromFile
GdipCreateMetafileFromStream
GdipCreateMetafileFromWmf
GdipCreateMetafileFromWmfFile
GdipCreatePath
GdipCreatePath2
GdipCreatePath2I
GdipCreatePathGradient
GdipCreatePathGradientFromPath
GdipCreatePathGradientI
GdipCreatePathIter
GdipCreatePen1
GdipCreatePen2
GdipCreateRegion
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRect
GdipCreateRegionRectI
GdipCreateRegionRgnData
GdipCreateSolidFill
GdipCreateStreamOnFile
GdipCreateStringFormat
GdipCreateTexture
GdipCreateTexture2
GdipCreateTexture2I
GdipCreateTextureIA
GdipCreateTextureIAI
GdipDeleteBrush
GdipDeleteCachedBitmap
GdipDeleteCustomLineCap
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeleteMatrix
GdipDeletePath
GdipDeletePathIter
GdipDeletePen
GdipDeletePrivateFontCollection
GdipDeleteRegion
GdipDeleteStringFormat
GdipDisposeImage
GdipDisposeImageAttributes
GdipDrawArc
GdipDrawArcI
GdipDrawBezier
GdipDrawBezierI
GdipDrawBeziers
GdipDrawBeziersI
GdipDrawCachedBitmap
GdipDrawClosedCurve
GdipDrawClosedCurve2
GdipDrawClosedCurve2I
GdipDrawClosedCurveI
GdipDrawCurve
GdipDrawCurve2
GdipDrawCurve2I
GdipDrawCurve3
GdipDrawCurve3I
GdipDrawCurveI
GdipDrawDriverString
GdipDrawEllipse
GdipDrawEllipseI
GdipDrawImage
GdipDrawImageI
GdipDrawImagePointRect
GdipDrawImagePointRectI
GdipDrawImagePoints
GdipDrawImagePointsI
GdipDrawImagePointsRect
GdipDrawImagePointsRectI
GdipDrawImageRect
GdipDrawImageRectI
GdipDrawImageRectRect
GdipDrawImageRectRectI
GdipDrawLine
GdipDrawLineI
GdipDrawLines
GdipDrawLinesI
GdipDrawPath
GdipDrawPie
GdipDrawPieI
GdipDrawPolygon
GdipDrawPolygonI
GdipDrawRectangle
GdipDrawRectangleI
GdipDrawRectangles
GdipDrawRectanglesI
GdipDrawString
GdipEmfToWmfBits
GdipEndContainer
GdipEnumerateMetafileDestPoint
GdipEnumerateMetafileDestPointI
GdipEnumerateMetafileDestPoints
GdipEnumerateMetafileDestPointsI
GdipEnumerateMetafileDestRect
GdipEnumerateMetafileDestRectI
GdipEnumerateMetafileSrcRectDestPoint
GdipEnumerateMetafileSrcRectDestPointI
GdipEnumerateMetafileSrcRectDestPoints
GdipEnumerateMetafileSrcRectDestPointsI
GdipEnumerateMetafileSrcRectDestRect
GdipEnumerateMetafileSrcRectDestRectI
GdipFillClosedCurve
GdipFillClosedCurve2
GdipFillClosedCurve2I
GdipFillClosedCurveI
GdipFillEllipse
GdipFillEllipseI
GdipFillPath
GdipFillPie
GdipFillPieI
GdipFillPolygon
GdipFillPolygon2
GdipFillPolygon2I
GdipFillPolygonI
GdipFillRectangle
GdipFillRectangleI
GdipFillRectangles
GdipFillRectanglesI
GdipFillRegion
GdipFlattenPath
GdipFlush
GdipFree
GdipGetAdjustableArrowCapFillState
GdipGetAdjustableArrowCapHeight
GdipGetAdjustableArrowCapMiddleInset
GdipGetAdjustableArrowCapWidth
GdipGetAllPropertyItems
GdipGetBrushType
GdipGetCellAscent
GdipGetCellDescent
GdipGetClip
GdipGetClipBounds
GdipGetClipBoundsI
GdipGetCompositingMode
GdipGetCompositingQuality
GdipGetCustomLineCapBaseCap
GdipGetCustomLineCapBaseInset
GdipGetCustomLineCapStrokeCaps
GdipGetCustomLineCapStrokeJoin
GdipGetCustomLineCapType
GdipGetCustomLineCapWidthScale
GdipGetDC
GdipGetDpiX
GdipGetDpiY
GdipGetEmHeight
GdipGetEncoderParameterList
GdipGetEncoderParameterListSize
GdipGetFamily
GdipGetFamilyName
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipGetFontHeight
GdipGetFontHeightGivenDPI
GdipGetFontSize
GdipGetFontStyle
GdipGetFontUnit
GdipGetGenericFontFamilyMonospace
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetHatchBackgroundColor
GdipGetHatchForegroundColor
GdipGetHatchStyle
GdipGetHemfFromMetafile
GdipGetImageAttributesAdjustedPalette
GdipGetImageBounds
GdipGetImageDecoders
GdipGetImageDecodersSize
GdipGetImageDimension
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageFlags
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageThumbnail
GdipGetImageType
GdipGetImageVerticalResolution
GdipGetImageWidth
GdipGetInterpolationMode
GdipGetLineBlend
GdipGetLineBlendCount
GdipGetLineColors
GdipGetLineGammaCorrection
GdipGetLinePresetBlend
GdipGetLinePresetBlendCount
GdipGetLineRect
GdipGetLineRectI
GdipGetLineSpacing
GdipGetLineTransform
GdipGetLineWrapMode
GdipGetLogFontA
GdipGetLogFontW
GdipGetMatrixElements
GdipGetMetafileDownLevelRasterizationLimit
GdipGetMetafileHeaderFromEmf
GdipGetMetafileHeaderFromFile
GdipGetMetafileHeaderFromMetafile
GdipGetMetafileHeaderFromStream
GdipGetMetafileHeaderFromWmf
GdipGetNearestColor
GdipGetPageScale
GdipGetPageUnit
GdipGetPathData
GdipGetPathFillMode
GdipGetPathGradientBlend
GdipGetPathGradientBlendCount
GdipGetPathGradientCenterColor
GdipGetPathGradientCenterPoint
GdipGetPathGradientCenterPointI
GdipGetPathGradientFocusScales
GdipGetPathGradientGammaCorrection
GdipGetPathGradientPath
GdipGetPathGradientPointCount
GdipGetPathGradientPresetBlend
GdipGetPathGradientPresetBlendCount
GdipGetPathGradientRect
GdipGetPathGradientRectI
GdipGetPathGradientSurroundColorCount
GdipGetPathGradientSurroundColorsWithCount
GdipGetPathGradientTransform
GdipGetPathGradientWrapMode
GdipGetPathLastPoint
GdipGetPathPoints
GdipGetPathPointsI
GdipGetPathTypes
GdipGetPathWorldBounds
GdipGetPathWorldBoundsI
GdipGetPenBrushFill
GdipGetPenColor
GdipGetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenCustomEndCap
GdipGetPenCustomStartCap
GdipGetPenDashArray
GdipGetPenDashCap197819
GdipGetPenDashCount
GdipGetPenDashOffset
GdipGetPenDashStyle
GdipGetPenEndCap
GdipGetPenFillType
GdipGetPenLineJoin
GdipGetPenMiterLimit
GdipGetPenMode
GdipGetPenStartCap
GdipGetPenTransform
GdipGetPenUnit
GdipGetPenWidth
GdipGetPixelOffsetMode
GdipGetPointCount
GdipGetPropertyCount
GdipGetPropertyIdList
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipGetPropertySize
GdipGetRegionBounds
GdipGetRegionBoundsI
GdipGetRegionData
GdipGetRegionDataSize
GdipGetRegionHRgn
GdipGetRegionScans
GdipGetRegionScansCount
GdipGetRegionScansI
GdipGetRenderingOrigin
GdipGetSmoothingMode
GdipGetSolidFillColor
GdipGetStringFormatAlign
GdipGetStringFormatDigitSubstitution
GdipGetStringFormatFlags
GdipGetStringFormatHotkeyPrefix
GdipGetStringFormatLineAlign
GdipGetStringFormatMeasurableCharacterRangeCount
GdipGetStringFormatTabStopCount
GdipGetStringFormatTabStops
GdipGetStringFormatTrimming
GdipGetTextContrast
GdipGetTextRenderingHint
GdipGetTextureImage
GdipGetTextureTransform
GdipGetTextureWrapMode
GdipGetVisibleClipBounds
GdipGetVisibleClipBoundsI
GdipGetWorldTransform
GdipGraphicsClear
GdipImageForceValidation
GdipImageGetFrameCount
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageRotateFlip
GdipImageSelectActiveFrame
GdipInvertMatrix
GdipIsClipEmpty
GdipIsEmptyRegion
GdipIsEqualRegion
GdipIsInfiniteRegion
GdipIsMatrixEqual
GdipIsMatrixIdentity
GdipIsMatrixInvertible
GdipIsOutlineVisiblePathPoint
GdipIsOutlineVisiblePathPointI
GdipIsStyleAvailable
GdipIsVisibleClipEmpty
GdipIsVisiblePathPoint
GdipIsVisiblePathPointI
GdipIsVisiblePoint
GdipIsVisiblePointI
GdipIsVisibleRect
GdipIsVisibleRectI
GdipIsVisibleRegionPoint
GdipIsVisibleRegionPointI
GdipIsVisibleRegionRect
GdipIsVisibleRegionRectI
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipMeasureCharacterRanges
GdipMeasureDriverString
GdipMeasureString
GdipMultiplyLineTransform
GdipMultiplyMatrix
GdipMultiplyPathGradientTransform
GdipMultiplyPenTransform
GdipMultiplyTextureTransform
GdipMultiplyWorldTransform
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPathIterCopyData
GdipPathIterEnumerate
GdipPathIterGetCount
GdipPathIterGetSubpathCount
GdipPathIterHasCurve
GdipPathIterIsValid
GdipPathIterNextMarker
GdipPathIterNextMarkerPath
GdipPathIterNextPathType
GdipPathIterNextSubpath
GdipPathIterNextSubpathPath
GdipPathIterRewind
GdipPlayMetafileRecord
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipRecordMetafile
GdipRecordMetafileFileName
GdipRecordMetafileFileNameI
GdipRecordMetafileI
GdipRecordMetafileStream
GdipRecordMetafileStreamI
GdipReleaseDC
GdipRemovePropertyItem
GdipResetClip
GdipResetImageAttributes
GdipResetLineTransform
GdipResetPageTransform
GdipResetPath
GdipResetPathGradientTransform
GdipResetPenTransform
GdipResetTextureTransform
GdipResetWorldTransform
GdipRestoreGraphics
GdipReversePath
GdipRotateLineTransform
GdipRotateMatrix
GdipRotatePathGradientTransform
GdipRotatePenTransform
GdipRotateTextureTransform
GdipRotateWorldTransform
GdipSaveAdd
GdipSaveAddImage
GdipSaveGraphics
GdipSaveImageToFile
GdipSaveImageToStream
GdipScaleLineTransform
GdipScaleMatrix
GdipScalePathGradientTransform
GdipScalePenTransform
GdipScaleTextureTransform
GdipScaleWorldTransform
GdipSetAdjustableArrowCapFillState
GdipSetAdjustableArrowCapHeight
GdipSetAdjustableArrowCapMiddleInset
GdipSetAdjustableArrowCapWidth
GdipSetClipGraphics
GdipSetClipHrgn
GdipSetClipPath
GdipSetClipRect
GdipSetClipRectI
GdipSetClipRegion
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetCustomLineCapBaseCap
GdipSetCustomLineCapBaseInset
GdipSetCustomLineCapStrokeCaps
GdipSetCustomLineCapStrokeJoin

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$COMMONFILES/PPLiveNetwork/$OUTDIR/MngModule.dll
.dll windows:5 windows x86 arch:x86

be2cdd69a77d75f2dbcae5190204885d

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

76:c9:c7:c4:6f:ff:3d:c2:e6:06:c3:95:77:87:10:5a:2d:2c:6e:12
Signer

Actual PE Digest

76:c9:c7:c4:6f:ff:3d:c2:e6:06:c3:95:77:87:10:5a:2d:2c:6e:12

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\pplive\pptv_client\mngmodule\ReleaseU\mngmodule.pdb

Imports

urlmon

CreateURLMoniker
RegisterBindStatusCallback
RevokeBindStatusCallback

kernel32

CreateFileA
GetVersionExW
GetModuleFileNameA
Sleep
FreeLibrary
WritePrivateProfileStringW
GetTempPathW
GetCurrentThreadId
GetCurrentProcess
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
GetFileAttributesW
GetLocalTime
GetSystemInfo
GlobalMemoryStatusEx
CreateProcessW
WriteFile
ResumeThread
CreateThread
WaitForSingleObject
CreateEventW
TerminateThread
GetExitCodeThread
SetEvent
CreateDirectoryW
SystemTimeToTzSpecificLocalTime
ReadFile
GetFileSize
OutputDebugStringW
DuplicateHandle
DisableThreadLibraryCalls
DeviceIoControl
ResetEvent
LocalFree
LocalAlloc
GetEnvironmentVariableW
SetFilePointer
OutputDebugStringA
RemoveDirectoryW
SetFileAttributesW
SetFileTime
GetTempFileNameW
FlushFileBuffers
GetSystemDirectoryW
RaiseException
VirtualQuery
FindResourceExW
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
DecodePointer
LoadResource
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
CreateMutexW
GetModuleFileNameW
LockResource
SizeofResource
FindResourceW
DeleteCriticalSection
FindClose
FindNextFileW
FindFirstFileW
GetFullPathNameW
SetLastError
FileTimeToLocalFileTime
CloseHandle
GetModuleHandleW
GetProcAddress
CreateFileW
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
GetLastError
GetTickCount
GetFileTime
GetSystemTime
FileTimeToSystemTime
DeleteFileW
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrlenA
SystemTimeToFileTime
GetCurrentProcessId
CopyFileW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetCommandLineW
TerminateProcess
EncodePointer

user32

GetLastInputInfo
KillTimer
SetTimer
LoadCursorW
GetClassInfoExW
LoadCursorA
GetClassInfoExA
RegisterClassExW
RegisterClassExA
UnregisterClassW
wsprintfW
DispatchMessageW
GetMessageW
IsWindowVisible
GetAncestor
IsWindow
SendMessageTimeoutW
CharUpperBuffW
WindowFromPoint
GetDesktopWindow
GetSystemMetrics
PostThreadMessageW
CloseDesktop
OpenInputDesktop
SystemParametersInfoW
GetWindowTextW
CharNextW

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegEnumValueA
GetNamedSecurityInfoW
SetNamedSecurityInfoW
GetSecurityInfo
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetSecurityInfo
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExW
RegOpenKeyW

shell32

ShellExecuteExW
SHGetFolderPathW
SHCreateDirectoryExW
CommandLineToArgvW
ord165

ole32

CoInitialize
CoRegisterClassObject
CoTaskMemFree
CoInitializeEx
CreateBindCtx
CoUninitialize
CoSuspendClassObjects
CoRevokeClassObject
CoCreateInstance

oleaut32

CreateErrorInfo
SetErrorInfo
VariantChangeType
GetErrorInfo
SysFreeString
SysAllocString
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi
VarBstrCmp
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
VariantClear
VariantInit
SystemTimeToVariantTime
VariantTimeToSystemTime

atl100

ord17
ord32
ord23
ord61
ord68
ord56
ord49
ord64
ord15
ord58
ord31
ord20
ord30

shlwapi

PathFileExistsW
PathAppendW
PathFindExtensionW
StrStrIW
PathFindFileNameW
PathRemoveFileSpecW

msvcp100

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ

sqlite3

sqlite3_open
sqlite3_free
sqlite3_exec
sqlite3_vmprintf
sqlite3_prepare_v2
sqlite3_close
sqlite3_finalize
sqlite3_next_stmt
sqlite3_errcode
sqlite3_backup_finish
sqlite3_backup_step
sqlite3_backup_init
sqlite3_step
sqlite3_reset
sqlite3_column_count
sqlite3_column_double
sqlite3_column_int64
sqlite3_column_text
sqlite3_column_type
sqlite3_column_name

uilib

inflateEnd
inflate
inflateInit2_
ord392
PP_GetDiskId

wininet

InternetTimeToSystemTimeW
DeleteUrlCacheEntryW
InternetCloseHandle
HttpQueryInfoA
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetOpenW
InternetReadFile

msvcr100

vswprintf_s
_vscwprintf
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_except_handler4_common
_recalloc
calloc
memmove_s
memcpy_s
memmove
memcpy
free
wcsnlen
malloc
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
wcsrchr
wcscpy_s
ceil
_mktime64
fread
sprintf
strcat
strrchr
__clean_type_info_names_internal
strncpy
strcpy
isupper
isdigit
_time64
atoi
_wtoi64
atol
_wcsicmp
_ultoa_s
_strlwr_s
strncmp
wmemcpy_s
_wcslwr_s
_wcsupr_s
wcsstr
memchr
fclose
ftell
_stricmp
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
tolower
strchr
isalpha
_vsnprintf_s
atof
sscanf_s
fputc
ferror
fprintf
fopen_s
swprintf_s
sprintf_s
wcscat
_snprintf
strstr
strcmp
??0exception@std@@QAE@XZ
_wcsdup
_localtime64_s
wcsftime
_resetstkoflw
wcsncpy_s
wcsncpy
_i64tow
_itow
_wcsnicmp
_errno
_wcserror
wcstol
wcsncmp
wcschr
fwrite
_wfopen
??3@YAXPAX@Z
??_V@YAXPAX@Z
__CxxFrameHandler3
_swprintf
wcslen
_snwprintf
memset
_wtol
_wtoi
isspace
isalnum
strlen
wcscpy
abs
rand
srand
__RTDynamicCast
memcmp
_CxxThrowException
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
_purecall
wcscmp
fseek

psapi

GetProcessMemoryInfo

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiClassGuidsFromNameW
SetupDiDestroyDeviceInfoList

wintrust

WTHelperGetProvCertFromChain
WinVerifyTrust
WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain

crypt32

CertGetNameStringW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

CheckSource
DllCanUnloadNow
DllGetClassObject
ExecCommand
RD_XXXX
TestPushServer
Upload

Sections

.text
Size: 378KB - Virtual size: 378KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$COMMONFILES/PPLiveNetwork/$OUTDIR/PPAP.exe
.exe windows:5 windows x86 arch:x86

bbfdf8708da887867f58223fc4d890b3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d7:ad:7a:80:59:94:6d:8d:b2:3b:50:60:57:c6:3f:2c:fa:7b:53:22
Signer

Actual PE Digest

d7:ad:7a:80:59:94:6d:8d:b2:3b:50:60:57:c6:3f:2c:fa:7b:53:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\project\pptv\bin\PE.pdb

Imports

kernel32

FindClose
FindFirstFileA
GetLongPathNameA
GetModuleFileNameA
WideCharToMultiByte
GetLongPathNameW
GetCurrentProcessId
GetCommandLineA
GetLastError
GetCurrentProcess
GetLocalTime
GetTempPathA
lstrcatA
lstrcpyA
CreateProcessA
GetModuleHandleA
OpenProcess
CreateEventW
ReleaseMutex
CreateToolhelp32Snapshot
SetUnhandledExceptionFilter
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrlenW
GetPrivateProfileStringW
WaitForSingleObject
TerminateProcess
GetVersionExW
LocalFree
LocalAlloc
GetTempPathW
GetEnvironmentVariableW
CreateProcessW
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
Module32FirstW
VirtualQuery
OutputDebugStringA
GetPrivateProfileStringA
GetModuleFileNameW
LoadLibraryW
GetEnvironmentVariableA
Module32NextW
CloseHandle
FreeLibrary
LoadLibraryA
GetProcAddress
GetCommandLineW
GetCurrentThread
GetCurrentThreadId
CreateFileA
GetFileSize
CreateFileMappingW
MapViewOfFile
IsBadReadPtr
CreateMutexW
lstrcmpiW
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

user32

GetDesktopWindow
GetShellWindow
GetWindowThreadProcessId
wsprintfW

advapi32

ConvertStringSidToSidW
GetLengthSid
SetTokenInformation
SetThreadToken
LookupPrivilegeValueW
AdjustTokenPrivileges
DuplicateTokenEx
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ImpersonateSelf

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetFolderPathA

ole32

StringFromCLSID
CoCreateGuid
CoInitialize
CoUninitialize
CoCreateInstance

msvcp100

?_Decref@facet@locale@std@@QAEPAV123@XZ
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
??0_Lockit@std@@QAE@H@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
??1_Lockit@std@@QAE@XZ
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??Bid@locale@std@@QAEIXZ
?id@?$codecvt@_WDH@std@@2V0locale@2@A

msvcr100

_controlfp_s
__dllonexit
_invoke_watson
memcpy
memmove
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
_snprintf
??_V@YAXPAX@Z
memset
fflush
vfprintf
memchr
sprintf
__wargv
__argc
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
strncpy
fopen
toupper
fclose
free
_wcsdup
wcschr
_wcsicmp
_unlock
_except_handler4_common
_lock
_onexit
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

PathRemoveFileSpecA
PathFindFileNameA
PathAppendA
PathAppendW
PathRemoveFileSpecW
PathStripPathW

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 375KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$COMMONFILES/PPLiveNetwork/$OUTDIR/admodule.dll
.dll regsvr32 windows:5 windows x86 arch:x86

84d3fae859555f3fa806d87efe60a956

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9f:68:c5:88:c9:86:20:30:e3:28:d3:79:38:ec:c6:cb:8f:b1:42:e5
Signer

Actual PE Digest

9f:68:c5:88:c9:86:20:30:e3:28:d3:79:38:ec:c6:cb:8f:b1:42:e5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\pplive\admodule\ReleaseUMinSize\admodule.pdb

Imports

kernel32

HeapAlloc
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualAlloc
GetCommandLineA
HeapReAlloc
ExitProcess
HeapSize
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
LCMapStringA
SetHandleCount
GetFileType
GetStartupInfoA
HeapFree
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryA
GetDriveTypeA
GetProcessHeap
SetEnvironmentVariableA
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
InterlockedCompareExchange
GetFileSizeEx
GetFileAttributesW
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
LocalAlloc
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GlobalAddAtomW
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
FindNextFileW
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetModuleHandleA
FormatMessageW
WaitForSingleObject
TerminateProcess
lstrcpyW
CreateProcessW
Sleep
VirtualQuery
ReadFile
LocalFree
SetFileTime
GlobalReAlloc
GlobalFree
CreateDirectoryW
GetEnvironmentVariableW
CreateFileA
WriteFile
CompareFileTime
GetPrivateProfileIntA
GetPrivateProfileStringA
LoadLibraryW
GetSystemInfo
GetProcAddress
CopyFileW
GetPrivateProfileStringW
SystemTimeToFileTime
GetCurrentProcessId
GetCommandLineW
DeleteFileW
lstrlenA
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
WideCharToMultiByte
GetTickCount
GetSystemTime
WritePrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
CloseHandle
OutputDebugStringW
GetModuleHandleW
LoadLibraryExW
MultiByteToWideChar
FreeLibrary
SetLastError
GetCurrentThreadId
GetModuleFileNameW
MulDiv
lstrcmpW
GetCurrentProcess
FlushInstructionCache
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
InterlockedDecrement
InterlockedIncrement
lstrcmpiW
GetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetConsoleCP
lstrlenW

user32

DestroyMenu
GetSysColorBrush
UnregisterClassW
WinHelpW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
SetMenu
SetForegroundWindow
GetClassInfoW
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
PeekMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostQuitMessage
CharUpperW
UnhookWindowsHookEx
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetAncestor
WaitForInputIdle
LoadIconW
MapWindowPoints
GetDoubleClickTime
BringWindowToTop
SetRect
DestroyWindow
SetRectEmpty
UnregisterClassA
IsWindow
EnableWindow
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
LoadImageW
LoadBitmapW
OffsetRect
PostThreadMessageW
GetSystemMetrics
InflateRect
DrawEdge
DrawFocusRect
GetCapture
AdjustWindowRectEx
GetDlgCtrlID
IsWindowEnabled
UpdateWindow
GetMenu
SystemParametersInfoW
IsWindowVisible
PostMessageW
wsprintfW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetCursor
ValidateRect
KillTimer
CharNextW
SetWindowLongW
GetWindowLongW
DefWindowProcW
CopyRect
IsRectEmpty
GetClientRect
UpdateLayeredWindow
ClientToScreen
GetWindowDC
GetParent
PtInRect
ScreenToClient
GetCursorPos
EqualRect
GetWindowRect
ReleaseDC
GetDC
SetWindowRgn
GetSysColor
MoveWindow
SetWindowPos
InvalidateRect
InvalidateRgn
RedrawWindow
SetCapture
IsChild
GetDlgItem
GetClassNameW
ReleaseCapture
SetTimer
ShowWindow
CreateAcceleratorTableW
CreateWindowExW
RegisterClassExW
LoadCursorW
GetClassInfoExW
SendMessageW
SetFocus
GetFocus
GetWindow
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
FillRect
RegisterClassW

gdi32

ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkMode
RestoreDC
SaveDC
CreateBitmap
CreateFontW
CreateDIBSection
ExtCreateRegion
OffsetRgn
CombineRgn
CreateRectRgn
Escape
TextOutW
RectVisible
PtVisible
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
CreateFontIndirectW
SetViewportOrgEx
SetBkColor
ExtTextOutW
GetStockObject
GetObjectW
CreateSolidBrush
CreateCompatibleBitmap
CreateRoundRectRgn
CreateCompatibleDC
SelectObject
GetDeviceCaps
BitBlt
DeleteDC

msimg32

GradientFill

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

BuildExplicitAccessWithNameW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
GetNamedSecurityInfoW
RegDeleteKeyW
SetEntriesInAclW
SetNamedSecurityInfoW
RegQueryValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegEnumKeyExW
RegQueryInfoKeyW

shell32

SHGetFolderPathW
ShellExecuteW
ord165

comctl32

ImageList_GetIconSize
ImageList_Draw
_TrackMouseEvent
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathFindExtensionW
StrStrIW
PathFindFileNameW
PathStripPathW
PathStripToRootW
PathIsUNCW
PathAppendW

ole32

CoTaskMemRealloc
CoTaskMemFree
CreateStreamOnHGlobal
OleDraw
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleInitialize
OleUninitialize
OleSetContainedObject
OleCreate
CreateBindCtx
CoTaskMemAlloc

oleaut32

SysFreeString
SysAllocString
SysAllocStringLen
VarUI4FromStr
VariantInit
VariantClear
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
DispCallFunc
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantCopy
SysAllocStringByteLen
SysStringByteLen
UnRegisterTypeLi
RegisterTypeLi
VariantChangeType
VarBstrCmp
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SysStringLen
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayDestroy
SafeArrayGetLBound

urlmon

RegisterBindStatusCallback
RevokeBindStatusCallback
CreateURLMoniker

gdiplus

GdipBitmapGetPixel
GdipDrawImageRectI
GdipCreateFromHDC
GdipCreateBitmapFromFile
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipLoadImageFromStream
GdipAlloc
GdipFree
GdiplusShutdown

wininet

InternetTimeToSystemTimeW

Exports

Exports

Cleanup
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
DownloadFodder
NSGetModule
ShowABM
StartPlay

Sections

.text
Size: 553KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$COMMONFILES/PPLiveNetwork/$OUTDIR/crashreporter.exe
.exe windows:4 windows x86 arch:x86

54224128218851b97ad74d04b5915baf

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:04:1d:5f:18:58:7b:db:26:de:3b:07:c4:24:58:eb:a3:fd:31:d1
Signer

Actual PE Digest

52:04:1d:5f:18:58:7b:db:26:de:3b:07:c4:24:58:eb:a3:fd:31:d1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetWriteFile
HttpSendRequestExA
InternetCloseHandle
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetOpenA
HttpEndRequestA

mfc42

ord3079
ord4080
ord4622
ord4424
ord3738
ord815
ord2614
ord540
ord561
ord2514
ord2818
ord858
ord535
ord2621
ord1134
ord1199
ord1247
ord641
ord656
ord922
ord924
ord926
ord5710
ord1997
ord939
ord941
ord5465
ord798
ord5194
ord533
ord860
ord4202
ord6392
ord825
ord5448
ord823
ord3318
ord6877
ord5572
ord2915
ord4129
ord6663
ord3573
ord3626
ord2414
ord3663
ord5265
ord4376
ord4853
ord4998
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord3825
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord2302
ord4234
ord1779
ord6199
ord3092
ord4710
ord2754
ord755
ord470
ord3874
ord6215
ord3089
ord4476
ord1168
ord1641
ord2379
ord6055
ord1776
ord5290
ord3402
ord3610
ord567
ord1146
ord4396
ord3574
ord609
ord4275
ord2243
ord5875
ord2859
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord1576
ord5571
ord6061
ord5864
ord3596
ord640
ord323
ord6194
ord2567
ord3619
ord3571
ord1640
ord5785
ord2864
ord2575
ord1929
ord795
ord2244
ord4133
ord5788
ord472
ord3693
ord4297
ord3721
ord2764
ord5683
ord2763
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord800
ord537
ord4673
ord2446
ord5579

msvcrt

fseek
fopen
rewind
malloc
atoi
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
ftell
_setmbcp
__CxxFrameHandler
sprintf
strtol
strncpy
isalnum
strlen
strcmp
memset
_stricmp
strcpy
free
fread
fclose

kernel32

lstrlenA
MultiByteToWideChar
CreateProcessA
CloseHandle
Sleep
GetModuleHandleA
GetStartupInfoA
LoadLibraryA
GetProcAddress
FreeLibrary
GetTickCount
GetEnvironmentVariableA
OutputDebugStringA
GetCommandLineW
lstrlenW
GetTempPathA
CopyFileA
GetModuleFileNameA
WideCharToMultiByte
DeleteFileA
GetPrivateProfileIntA

user32

UpdateWindow
PostMessageA
InvalidateRect
SetWindowPos
TabbedTextOutA
WaitForInputIdle
GetCapture
GetParent
GrayStringA
LoadBitmapA
OffsetRect
InflateRect
GetWindowLongA
GetAncestor
DrawTextA
PtInRect
CopyRect
GetSysColor
ReleaseCapture
LoadIconA
EnableWindow
GetClientRect
IsIconic
SendMessageA
DrawIcon
LoadCursorA
SetCursor
GetSystemMetrics
LoadImageA
SetCapture

gdi32

BitBlt
Escape
ExtTextOutA
TextOutA
PtVisible
LPtoDP
DPtoLP
GetMapMode
GetBkColor
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
CreateFontIndirectA
CreateSolidBrush
RectVisible

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetFolderPathA
CommandLineToArgvW
ShellExecuteA

msvcp60

??1Init@ios_base@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??_D?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??Bios_base@std@@QBEPAXXZ
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

shlwapi

PathRemoveFileSpecA
PathAppendA
PathFileExistsA

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$OUTDIR/GdiPlus.dll
.dll windows:6 windows x86 arch:x86

ef4c749f5dec4632456950949469f18c

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a2:a6:cc:12:37:a1:26:cf:f3:5f:5a:8f:20:a6:d0:87:fd:44:0f:67
Signer

Actual PE Digest

a2:a6:cc:12:37:a1:26:cf:f3:5f:5a:8f:20:a6:d0:87:fd:44:0f:67

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

gdiplus.pdb

Imports

msvcrt

_isatty
_write
_lseeki64
_fileno
__pioinfo
__badioinfo
wctomb
_itoa
_snprintf
isleadbyte
memmove
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
_CIatan2
_CIsqrt
_CIsin
_CIcos
??3@YAXPAX@Z
_iob
_CIexp
_CIatan
_vsnprintf
_vsnwprintf
_errno
memset
memcpy
_purecall
_CIlog

kernel32

GetFileInformationByHandle
RaiseException
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
InterlockedCompareExchange
HeapAlloc
InterlockedExchange
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
HeapFree
VirtualAlloc
GetProcAddress
GetModuleHandleW
GetSystemInfo
GetVersion
HeapReAlloc
CloseHandle
WaitForSingleObject
SetEvent
lstrcmpiA
IsValidLocale
ConvertDefaultLocale
GetLocaleInfoW
GetModuleFileNameW
GetModuleFileNameA
FindResourceA
LockResource
GetProfileIntA
GetProfileStringA
lstrcmpiW
LocalReAlloc
MulDiv
SetLastError
LocalAlloc
LocalFree
IsDBCSLeadByteEx
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
RtlUnwind
OutputDebugStringA
Sleep
GetFileTime
SearchPathW
SearchPathA
GetOEMCP
SetEndOfFile
WriteFile
SetFilePointer
ReadFile
UnlockFile
LoadResource
LockFile
FlushFileBuffers
CreateSemaphoreA
CreateFileW
LoadLibraryW
GetSystemDirectoryA
CreateFileMappingW
ReleaseSemaphore
GetFileAttributesW
GetProfileSectionA
GetLastError
VirtualFree
GlobalAlloc
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
HeapCreate
GetModuleHandleA
FreeLibrary
HeapDestroy
LoadLibraryA
GetSystemDirectoryW
GetWindowsDirectoryA
GetVersionExA
GetACP
GetSystemDefaultLCID
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
CreateEventA
CreateThread

user32

ReleaseDC
GetDC
GetSysColor
UnregisterClassA
DestroyWindow
GetSystemMetrics
DefWindowProcA
CreateWindowExA
RegisterWindowMessageA
RegisterClassA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
GetClientRect
GetDesktopWindow
GetWindowRect
WindowFromDC
CreateIconIndirect
LoadBitmapW
LoadBitmapA
ClientToScreen
SystemParametersInfoA
GetClassLongA
GetWindowLongA
GetDCEx
GetIconInfo

gdi32

ModifyWorldTransform
GetTextCharsetInfo
TranslateCharsetInfo
GetCurrentPositionEx
ArcTo
SetArcDirection
GetPath
AbortPath
FlattenPath
WidenPath
Ellipse
AngleArc
RoundRect
PolyDraw
Pie
Chord
Arc
OffsetClipRgn
GetRgnBox
CombineRgn
SetPaletteEntries
ResizePalette
ExcludeClipRect
PlayEnhMetaFile
GetWinMetaFileBits
PlgBlt
BitBlt
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineTransform
SetMapperFlags
CreateDIBitmap
CreatePen
CreatePatternBrush
GetBkMode
GetTextAlign
ExtCreateRegion
Polyline
PolyPolyline
StrokeAndFillPath
FillPath
SetPolyFillMode
PolyBezier
SelectClipPath
BeginPath
PolylineTo
PolyBezierTo
MoveToEx
CloseFigure
EndPath
StrokePath
ExtSelectClipRgn
GetPixel
ExtTextOutA
CreateSolidBrush
SetMiterLimit
FillRgn
GetDIBColorTable
GetNearestPaletteIndex
StretchBlt
CreateCompatibleBitmap
ExtCreatePen
GetWorldTransform
GetROP2
Rectangle
Polygon
SetBrushOrgEx
GetClipRgn
SelectClipRgn
GetBkColor
GetTextColor
CreatePenIndirect
GetObjectW
DPtoLP
CreateDIBPatternBrushPt
GetNearestColor
SetStretchBltMode
StretchDIBits
SetTextAlign
SetTextJustification
SetROP2
PolyPolygon
IntersectClipRect
PlayMetaFileRecord
ExtTextOutW
SetBitmapBits
SetDIBColorTable
CreateEnhMetaFileW
GdiComment
GetMetaFileW
GetMetaFileA
GetEnhMetaFileW
GetEnhMetaFileA
SaveDC
SetWindowOrgEx
SetViewportOrgEx
SetGraphicsMode
SetWorldTransform
GetEnhMetaFileBits
CopyEnhMetaFileA
CopyMetaFileA
DeleteMetaFile
GetEnhMetaFileHeader
SetMetaFileBitsEx
SetEnhMetaFileBits
CreateEnhMetaFileA
SetMapMode
SetViewportExtEx
SetWindowExtEx
PlayMetaFile
CloseEnhMetaFile
DeleteEnhMetaFile
SetMetaRgn
GetObjectType
GetMetaFileBitsEx
EnumMetaFile
EnumEnhMetaFile
PlayEnhMetaFileRecord
RestoreDC
GetStockObject
CreateBitmap
SetTextColor
SetBkColor
SetBkMode
SetDIBits
CreateBrushIndirect
PatBlt
GdiFlush
GetPaletteEntries
RealizePalette
CreateDIBSection
CreateCompatibleDC
GetDIBits
GetCurrentObject
GetObjectA
GetDCOrgEx
Escape
SetICMMode
GetMapMode
GetViewportOrgEx
GetWindowOrgEx
GetGraphicsMode
GetViewportExtEx
GetWindowExtEx
LPtoDP
GetRandomRgn
ExtEscape
CreateRectRgn
CreateICA
CreateDCA
DeleteDC
GetRegionData
CreateFontIndirectA
CreateFontIndirectW
SelectObject
EnumFontFamiliesExW
EnumFontFamiliesExA
GetTextMetricsW
GetTextFaceW
GetTextMetricsA
GetTextFaceA
SelectPalette
DeleteObject
GetDeviceCaps
GetSystemPaletteUse
GetSystemPaletteEntries
CreatePalette
LineTo

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal

advapi32

RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegEnumKeyExW
RegEnumKeyExA
RegOpenKeyW
RegOpenKeyA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueW
RegCloseKey
RegEnumValueA
RegDeleteKeyW
RegSetValueExA
RegSetValueExW

Exports

Exports

GdipAddPathArc
GdipAddPathArcI
GdipAddPathBezier
GdipAddPathBezierI
GdipAddPathBeziers
GdipAddPathBeziersI
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathClosedCurve2I
GdipAddPathClosedCurveI
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathCurve2I
GdipAddPathCurve3
GdipAddPathCurve3I
GdipAddPathCurveI
GdipAddPathEllipse
GdipAddPathEllipseI
GdipAddPathLine
GdipAddPathLine2
GdipAddPathLine2I
GdipAddPathLineI
GdipAddPathPath
GdipAddPathPie
GdipAddPathPieI
GdipAddPathPolygon
GdipAddPathPolygonI
GdipAddPathRectangle
GdipAddPathRectangleI
GdipAddPathRectangles
GdipAddPathRectanglesI
GdipAddPathString
GdipAddPathStringI
GdipAlloc
GdipBeginContainer
GdipBeginContainer2
GdipBeginContainerI
GdipBitmapGetPixel
GdipBitmapLockBits
GdipBitmapSetPixel
GdipBitmapSetResolution
GdipBitmapUnlockBits
GdipClearPathMarkers
GdipCloneBitmapArea
GdipCloneBitmapAreaI
GdipCloneBrush
GdipCloneCustomLineCap
GdipCloneFont
GdipCloneFontFamily
GdipCloneImage
GdipCloneImageAttributes
GdipCloneMatrix
GdipClonePath
GdipClonePen
GdipCloneRegion
GdipCloneStringFormat
GdipClosePathFigure
GdipClosePathFigures
GdipCombineRegionPath
GdipCombineRegionRect
GdipCombineRegionRectI
GdipCombineRegionRegion
GdipComment
GdipCreateAdjustableArrowCap
GdipCreateBitmapFromDirectDrawSurface
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateCachedBitmap
GdipCreateCustomLineCap
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCreateFontFromLogfontW
GdipCreateFromHDC
GdipCreateFromHDC2
GdipCreateFromHWND
GdipCreateFromHWNDICM
GdipCreateHBITMAPFromBitmap
GdipCreateHICONFromBitmap
GdipCreateHalftonePalette
GdipCreateHatchBrush
GdipCreateImageAttributes
GdipCreateLineBrush
GdipCreateLineBrushFromRect
GdipCreateLineBrushFromRectI
GdipCreateLineBrushFromRectWithAngle
GdipCreateLineBrushFromRectWithAngleI
GdipCreateLineBrushI
GdipCreateMatrix
GdipCreateMatrix2
GdipCreateMatrix3
GdipCreateMatrix3I
GdipCreateMetafileFromEmf
GdipCreateMetafileFromFile
GdipCreateMetafileFromStream
GdipCreateMetafileFromWmf
GdipCreateMetafileFromWmfFile
GdipCreatePath
GdipCreatePath2
GdipCreatePath2I
GdipCreatePathGradient
GdipCreatePathGradientFromPath
GdipCreatePathGradientI
GdipCreatePathIter
GdipCreatePen1
GdipCreatePen2
GdipCreateRegion
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRect
GdipCreateRegionRectI
GdipCreateRegionRgnData
GdipCreateSolidFill
GdipCreateStreamOnFile
GdipCreateStringFormat
GdipCreateTexture
GdipCreateTexture2
GdipCreateTexture2I
GdipCreateTextureIA
GdipCreateTextureIAI
GdipDeleteBrush
GdipDeleteCachedBitmap
GdipDeleteCustomLineCap
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeleteMatrix
GdipDeletePath
GdipDeletePathIter
GdipDeletePen
GdipDeletePrivateFontCollection
GdipDeleteRegion
GdipDeleteStringFormat
GdipDisposeImage
GdipDisposeImageAttributes
GdipDrawArc
GdipDrawArcI
GdipDrawBezier
GdipDrawBezierI
GdipDrawBeziers
GdipDrawBeziersI
GdipDrawCachedBitmap
GdipDrawClosedCurve
GdipDrawClosedCurve2
GdipDrawClosedCurve2I
GdipDrawClosedCurveI
GdipDrawCurve
GdipDrawCurve2
GdipDrawCurve2I
GdipDrawCurve3
GdipDrawCurve3I
GdipDrawCurveI
GdipDrawDriverString
GdipDrawEllipse
GdipDrawEllipseI
GdipDrawImage
GdipDrawImageI
GdipDrawImagePointRect
GdipDrawImagePointRectI
GdipDrawImagePoints
GdipDrawImagePointsI
GdipDrawImagePointsRect
GdipDrawImagePointsRectI
GdipDrawImageRect
GdipDrawImageRectI
GdipDrawImageRectRect
GdipDrawImageRectRectI
GdipDrawLine
GdipDrawLineI
GdipDrawLines
GdipDrawLinesI
GdipDrawPath
GdipDrawPie
GdipDrawPieI
GdipDrawPolygon
GdipDrawPolygonI
GdipDrawRectangle
GdipDrawRectangleI
GdipDrawRectangles
GdipDrawRectanglesI
GdipDrawString
GdipEmfToWmfBits
GdipEndContainer
GdipEnumerateMetafileDestPoint
GdipEnumerateMetafileDestPointI
GdipEnumerateMetafileDestPoints
GdipEnumerateMetafileDestPointsI
GdipEnumerateMetafileDestRect
GdipEnumerateMetafileDestRectI
GdipEnumerateMetafileSrcRectDestPoint
GdipEnumerateMetafileSrcRectDestPointI
GdipEnumerateMetafileSrcRectDestPoints
GdipEnumerateMetafileSrcRectDestPointsI
GdipEnumerateMetafileSrcRectDestRect
GdipEnumerateMetafileSrcRectDestRectI
GdipFillClosedCurve
GdipFillClosedCurve2
GdipFillClosedCurve2I
GdipFillClosedCurveI
GdipFillEllipse
GdipFillEllipseI
GdipFillPath
GdipFillPie
GdipFillPieI
GdipFillPolygon
GdipFillPolygon2
GdipFillPolygon2I
GdipFillPolygonI
GdipFillRectangle
GdipFillRectangleI
GdipFillRectangles
GdipFillRectanglesI
GdipFillRegion
GdipFlattenPath
GdipFlush
GdipFree
GdipGetAdjustableArrowCapFillState
GdipGetAdjustableArrowCapHeight
GdipGetAdjustableArrowCapMiddleInset
GdipGetAdjustableArrowCapWidth
GdipGetAllPropertyItems
GdipGetBrushType
GdipGetCellAscent
GdipGetCellDescent
GdipGetClip
GdipGetClipBounds
GdipGetClipBoundsI
GdipGetCompositingMode
GdipGetCompositingQuality
GdipGetCustomLineCapBaseCap
GdipGetCustomLineCapBaseInset
GdipGetCustomLineCapStrokeCaps
GdipGetCustomLineCapStrokeJoin
GdipGetCustomLineCapType
GdipGetCustomLineCapWidthScale
GdipGetDC
GdipGetDpiX
GdipGetDpiY
GdipGetEmHeight
GdipGetEncoderParameterList
GdipGetEncoderParameterListSize
GdipGetFamily
GdipGetFamilyName
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipGetFontHeight
GdipGetFontHeightGivenDPI
GdipGetFontSize
GdipGetFontStyle
GdipGetFontUnit
GdipGetGenericFontFamilyMonospace
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetHatchBackgroundColor
GdipGetHatchForegroundColor
GdipGetHatchStyle
GdipGetHemfFromMetafile
GdipGetImageAttributesAdjustedPalette
GdipGetImageBounds
GdipGetImageDecoders
GdipGetImageDecodersSize
GdipGetImageDimension
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageFlags
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageThumbnail
GdipGetImageType
GdipGetImageVerticalResolution
GdipGetImageWidth
GdipGetInterpolationMode
GdipGetLineBlend
GdipGetLineBlendCount
GdipGetLineColors
GdipGetLineGammaCorrection
GdipGetLinePresetBlend
GdipGetLinePresetBlendCount
GdipGetLineRect
GdipGetLineRectI
GdipGetLineSpacing
GdipGetLineTransform
GdipGetLineWrapMode
GdipGetLogFontA
GdipGetLogFontW
GdipGetMatrixElements
GdipGetMetafileDownLevelRasterizationLimit
GdipGetMetafileHeaderFromEmf
GdipGetMetafileHeaderFromFile
GdipGetMetafileHeaderFromMetafile
GdipGetMetafileHeaderFromStream
GdipGetMetafileHeaderFromWmf
GdipGetNearestColor
GdipGetPageScale
GdipGetPageUnit
GdipGetPathData
GdipGetPathFillMode
GdipGetPathGradientBlend
GdipGetPathGradientBlendCount
GdipGetPathGradientCenterColor
GdipGetPathGradientCenterPoint
GdipGetPathGradientCenterPointI
GdipGetPathGradientFocusScales
GdipGetPathGradientGammaCorrection
GdipGetPathGradientPath
GdipGetPathGradientPointCount
GdipGetPathGradientPresetBlend
GdipGetPathGradientPresetBlendCount
GdipGetPathGradientRect
GdipGetPathGradientRectI
GdipGetPathGradientSurroundColorCount
GdipGetPathGradientSurroundColorsWithCount
GdipGetPathGradientTransform
GdipGetPathGradientWrapMode
GdipGetPathLastPoint
GdipGetPathPoints
GdipGetPathPointsI
GdipGetPathTypes
GdipGetPathWorldBounds
GdipGetPathWorldBoundsI
GdipGetPenBrushFill
GdipGetPenColor
GdipGetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenCustomEndCap
GdipGetPenCustomStartCap
GdipGetPenDashArray
GdipGetPenDashCap197819
GdipGetPenDashCount
GdipGetPenDashOffset
GdipGetPenDashStyle
GdipGetPenEndCap
GdipGetPenFillType
GdipGetPenLineJoin
GdipGetPenMiterLimit
GdipGetPenMode
GdipGetPenStartCap
GdipGetPenTransform
GdipGetPenUnit
GdipGetPenWidth
GdipGetPixelOffsetMode
GdipGetPointCount
GdipGetPropertyCount
GdipGetPropertyIdList
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipGetPropertySize
GdipGetRegionBounds
GdipGetRegionBoundsI
GdipGetRegionData
GdipGetRegionDataSize
GdipGetRegionHRgn
GdipGetRegionScans
GdipGetRegionScansCount
GdipGetRegionScansI
GdipGetRenderingOrigin
GdipGetSmoothingMode
GdipGetSolidFillColor
GdipGetStringFormatAlign
GdipGetStringFormatDigitSubstitution
GdipGetStringFormatFlags
GdipGetStringFormatHotkeyPrefix
GdipGetStringFormatLineAlign
GdipGetStringFormatMeasurableCharacterRangeCount
GdipGetStringFormatTabStopCount
GdipGetStringFormatTabStops
GdipGetStringFormatTrimming
GdipGetTextContrast
GdipGetTextRenderingHint
GdipGetTextureImage
GdipGetTextureTransform
GdipGetTextureWrapMode
GdipGetVisibleClipBounds
GdipGetVisibleClipBoundsI
GdipGetWorldTransform
GdipGraphicsClear
GdipImageForceValidation
GdipImageGetFrameCount
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageRotateFlip
GdipImageSelectActiveFrame
GdipInvertMatrix
GdipIsClipEmpty
GdipIsEmptyRegion
GdipIsEqualRegion
GdipIsInfiniteRegion
GdipIsMatrixEqual
GdipIsMatrixIdentity
GdipIsMatrixInvertible
GdipIsOutlineVisiblePathPoint
GdipIsOutlineVisiblePathPointI
GdipIsStyleAvailable
GdipIsVisibleClipEmpty
GdipIsVisiblePathPoint
GdipIsVisiblePathPointI
GdipIsVisiblePoint
GdipIsVisiblePointI
GdipIsVisibleRect
GdipIsVisibleRectI
GdipIsVisibleRegionPoint
GdipIsVisibleRegionPointI
GdipIsVisibleRegionRect
GdipIsVisibleRegionRectI
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipMeasureCharacterRanges
GdipMeasureDriverString
GdipMeasureString
GdipMultiplyLineTransform
GdipMultiplyMatrix
GdipMultiplyPathGradientTransform
GdipMultiplyPenTransform
GdipMultiplyTextureTransform
GdipMultiplyWorldTransform
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPathIterCopyData
GdipPathIterEnumerate
GdipPathIterGetCount
GdipPathIterGetSubpathCount
GdipPathIterHasCurve
GdipPathIterIsValid
GdipPathIterNextMarker
GdipPathIterNextMarkerPath
GdipPathIterNextPathType
GdipPathIterNextSubpath
GdipPathIterNextSubpathPath
GdipPathIterRewind
GdipPlayMetafileRecord
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipRecordMetafile
GdipRecordMetafileFileName
GdipRecordMetafileFileNameI
GdipRecordMetafileI
GdipRecordMetafileStream
GdipRecordMetafileStreamI
GdipReleaseDC
GdipRemovePropertyItem
GdipResetClip
GdipResetImageAttributes
GdipResetLineTransform
GdipResetPageTransform
GdipResetPath
GdipResetPathGradientTransform
GdipResetPenTransform
GdipResetTextureTransform
GdipResetWorldTransform
GdipRestoreGraphics
GdipReversePath
GdipRotateLineTransform
GdipRotateMatrix
GdipRotatePathGradientTransform
GdipRotatePenTransform
GdipRotateTextureTransform
GdipRotateWorldTransform
GdipSaveAdd
GdipSaveAddImage
GdipSaveGraphics
GdipSaveImageToFile
GdipSaveImageToStream
GdipScaleLineTransform
GdipScaleMatrix
GdipScalePathGradientTransform
GdipScalePenTransform
GdipScaleTextureTransform
GdipScaleWorldTransform
GdipSetAdjustableArrowCapFillState
GdipSetAdjustableArrowCapHeight
GdipSetAdjustableArrowCapMiddleInset
GdipSetAdjustableArrowCapWidth
GdipSetClipGraphics
GdipSetClipHrgn
GdipSetClipPath
GdipSetClipRect
GdipSetClipRectI
GdipSetClipRegion
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetCustomLineCapBaseCap
GdipSetCustomLineCapBaseInset
GdipSetCustomLineCapStrokeCaps
GdipSetCustomLineCapStrokeJoin

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$OUTDIR/PPLive.exe
.exe windows:5 windows x86 arch:x86

bbfdf8708da887867f58223fc4d890b3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d7:ad:7a:80:59:94:6d:8d:b2:3b:50:60:57:c6:3f:2c:fa:7b:53:22
Signer

Actual PE Digest

d7:ad:7a:80:59:94:6d:8d:b2:3b:50:60:57:c6:3f:2c:fa:7b:53:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\project\pptv\bin\PE.pdb

Imports

kernel32

FindClose
FindFirstFileA
GetLongPathNameA
GetModuleFileNameA
WideCharToMultiByte
GetLongPathNameW
GetCurrentProcessId
GetCommandLineA
GetLastError
GetCurrentProcess
GetLocalTime
GetTempPathA
lstrcatA
lstrcpyA
CreateProcessA
GetModuleHandleA
OpenProcess
CreateEventW
ReleaseMutex
CreateToolhelp32Snapshot
SetUnhandledExceptionFilter
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrlenW
GetPrivateProfileStringW
WaitForSingleObject
TerminateProcess
GetVersionExW
LocalFree
LocalAlloc
GetTempPathW
GetEnvironmentVariableW
CreateProcessW
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
Module32FirstW
VirtualQuery
OutputDebugStringA
GetPrivateProfileStringA
GetModuleFileNameW
LoadLibraryW
GetEnvironmentVariableA
Module32NextW
CloseHandle
FreeLibrary
LoadLibraryA
GetProcAddress
GetCommandLineW
GetCurrentThread
GetCurrentThreadId
CreateFileA
GetFileSize
CreateFileMappingW
MapViewOfFile
IsBadReadPtr
CreateMutexW
lstrcmpiW
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

user32

GetDesktopWindow
GetShellWindow
GetWindowThreadProcessId
wsprintfW

advapi32

ConvertStringSidToSidW
GetLengthSid
SetTokenInformation
SetThreadToken
LookupPrivilegeValueW
AdjustTokenPrivileges
DuplicateTokenEx
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ImpersonateSelf

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetFolderPathA

ole32

StringFromCLSID
CoCreateGuid
CoInitialize
CoUninitialize
CoCreateInstance

msvcp100

?_Decref@facet@locale@std@@QAEPAV123@XZ
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
??0_Lockit@std@@QAE@H@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
??1_Lockit@std@@QAE@XZ
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??Bid@locale@std@@QAEIXZ
?id@?$codecvt@_WDH@std@@2V0locale@2@A

msvcr100

_controlfp_s
__dllonexit
_invoke_watson
memcpy
memmove
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
_snprintf
??_V@YAXPAX@Z
memset
fflush
vfprintf
memchr
sprintf
__wargv
__argc
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
strncpy
fopen
toupper
fclose
free
_wcsdup
wcschr
_wcsicmp
_unlock
_except_handler4_common
_lock
_onexit
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

PathRemoveFileSpecA
PathFindFileNameA
PathAppendA
PathAppendW
PathRemoveFileSpecW
PathStripPathW

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 375KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$OUTDIR/PPLiveU.exe
.exe windows:5 windows x86 arch:x86

bbfdf8708da887867f58223fc4d890b3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d7:ad:7a:80:59:94:6d:8d:b2:3b:50:60:57:c6:3f:2c:fa:7b:53:22
Signer

Actual PE Digest

d7:ad:7a:80:59:94:6d:8d:b2:3b:50:60:57:c6:3f:2c:fa:7b:53:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\project\pptv\bin\PE.pdb

Imports

kernel32

FindClose
FindFirstFileA
GetLongPathNameA
GetModuleFileNameA
WideCharToMultiByte
GetLongPathNameW
GetCurrentProcessId
GetCommandLineA
GetLastError
GetCurrentProcess
GetLocalTime
GetTempPathA
lstrcatA
lstrcpyA
CreateProcessA
GetModuleHandleA
OpenProcess
CreateEventW
ReleaseMutex
CreateToolhelp32Snapshot
SetUnhandledExceptionFilter
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrlenW
GetPrivateProfileStringW
WaitForSingleObject
TerminateProcess
GetVersionExW
LocalFree
LocalAlloc
GetTempPathW
GetEnvironmentVariableW
CreateProcessW
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
Module32FirstW
VirtualQuery
OutputDebugStringA
GetPrivateProfileStringA
GetModuleFileNameW
LoadLibraryW
GetEnvironmentVariableA
Module32NextW
CloseHandle
FreeLibrary
LoadLibraryA
GetProcAddress
GetCommandLineW
GetCurrentThread
GetCurrentThreadId
CreateFileA
GetFileSize
CreateFileMappingW
MapViewOfFile
IsBadReadPtr
CreateMutexW
lstrcmpiW
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

user32

GetDesktopWindow
GetShellWindow
GetWindowThreadProcessId
wsprintfW

advapi32

ConvertStringSidToSidW
GetLengthSid
SetTokenInformation
SetThreadToken
LookupPrivilegeValueW
AdjustTokenPrivileges
DuplicateTokenEx
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ImpersonateSelf

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetFolderPathA

ole32

StringFromCLSID
CoCreateGuid
CoInitialize
CoUninitialize
CoCreateInstance

msvcp100

?_Decref@facet@locale@std@@QAEPAV123@XZ
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
??0_Lockit@std@@QAE@H@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
??1_Lockit@std@@QAE@XZ
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??Bid@locale@std@@QAEIXZ
?id@?$codecvt@_WDH@std@@2V0locale@2@A

msvcr100

_controlfp_s
__dllonexit
_invoke_watson
memcpy
memmove
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
_snprintf
??_V@YAXPAX@Z
memset
fflush
vfprintf
memchr
sprintf
__wargv
__argc
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
strncpy
fopen
toupper
fclose
free
_wcsdup
wcschr
_wcsicmp
_unlock
_except_handler4_common
_lock
_onexit
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

PathRemoveFileSpecA
PathFindFileNameA
PathAppendA
PathAppendW
PathRemoveFileSpecW
PathStripPathW

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 375KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$OUTDIR/omng.dll
.dll regsvr32 windows:4 windows x86 arch:x86

a6e5006b188407994d8c582dbcefc07b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

70:9e:35:c4:32:63:da:17:47:69:bd:bc:13:85:58:cb:1b:50:3c:06
Signer

Actual PE Digest

70:9e:35:c4:32:63:da:17:47:69:bd:bc:13:85:58:cb:1b:50:3c:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WritePrivateProfileStringW
GetPrivateProfileIntW
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
DisableThreadLibraryCalls
lstrlenW
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
GetPrivateProfileStringW
GetEnvironmentVariableW
UnlockFile
LockFile
RemoveDirectoryA
GetHandleInformation
SetHandleInformation
GetFileInformationByHandle
GetDriveTypeA
GetFullPathNameA
DeleteFileA
FlushFileBuffers
WriteFile
ReadFile
ReleaseSemaphore
SuspendThread
GetProcessAffinityMask
SetThreadAffinityMask
SetThreadPriority
Sleep
ResumeThread
GetCurrentProcess
GetCurrentThread
DuplicateHandle
CreateSemaphoreA
TlsFree
TlsAlloc
TlsSetValue
TlsGetValue
UnmapViewOfFile
MapViewOfFile
FormatMessageA
GetSystemInfo
CreateFileMappingA
TerminateProcess
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
GetSystemTimeAsFileTime
OutputDebugStringA
LoadLibraryW
CreatePipe
InterlockedExchange
GlobalAddAtomA
CreateEventA
DebugBreak
CreateProcessA
GetLastError
FindNextFileA
FindNextFileW
FindClose
CloseHandle
GetUserDefaultLangID
FindFirstFileA
FindFirstFileW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetEndOfFile
SetFilePointer
GetLogicalDriveStringsA
GlobalMemoryStatus
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
GetEnvironmentVariableA
SetLastError
CreateDirectoryA
CreateFileA
CopyFileA
MoveFileA
GetFileAttributesA
GetShortPathNameA
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetSystemDirectoryW
GetWindowsDirectoryW
GetTempPathW
CreateDirectoryW
CreateFileW
CopyFileW
MoveFileW
GetFileAttributesW
GetShortPathNameW
GetDiskFreeSpaceW
LoadLibraryA
GetVersionExA
FreeLibrary
GetExitCodeProcess
WaitForSingleObject

user32

CreateWindowExA
RemovePropA
KillTimer
PostMessageA
GetQueueStatus
wsprintfW
SetTimer
RegisterWindowMessageA
GetClassInfoA
RegisterClassA
SendMessageA
SetPropA
DefWindowProcA
PeekMessageA
GetCursorPos
GetPropA

advapi32

AddAccessAllowedAce
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumKeyExW
RegEnumValueA
RegEnumValueW
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegNotifyChangeKeyValue
AllocateAndInitializeSid
CopySid
GetLengthSid
GetTokenInformation
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
SetSecurityDescriptorGroup
InitializeAcl
RegOpenKeyExA
SetSecurityDescriptorDacl
FreeSid
OpenProcessToken

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteW
ShellExecuteA
SHGetFolderPathW

oleaut32

SysAllocStringLen
LoadTypeLi
SysStringLen
SysFreeString

atl

ord57
ord21
ord16
ord15
ord18
ord58
ord30
ord32

msvcp60

?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ

shlwapi

PathRemoveFileSpecW
PathAppendW

msvcrt

_access
_mbspbrk
_mbsdec
_stat
_mbsinc
_beginthreadex
_stricmp
__p__environ
qsort
abort
fwrite
setvbuf
fclose
sscanf
strftime
__mb_cur_max
_isctype
_pctype
mktime
localtime
strstr
sprintf
strtol
fputs
strchr
fmod
_onexit
__dllonexit
strtoul
_initterm
?terminate@@YAXXZ
_except_handler3
malloc
_wcsdup
free
??2@YAPAXI@Z
_iob
fprintf
fflush
getenv
raise
_exit
strrchr
_wchmod
_wrmdir
_wremove
_wfopen
_wgetdcwd
_wgetcwd
_chmod
_rmdir
wcslen
wcscpy
__CxxFrameHandler
wcsncpy
remove
fopen
_getdcwd
strerror
isspace
isdigit
_strdup
_putenv
_strcmpi
tolower
_adjust_fdiv
_getcwd
wcspbrk
memset
setlocale
strcmp
strncmp
strcpy
atoi
_purecall
memcmp
realloc
memmove
memchr
_wcsnicmp
_wcsicmp
strpbrk
printf
wcsrchr
_ftol
_wsplitpath
wcscat
_errno
calloc
wcschr
memcpy
strlen
wcsncat

ws2_32

closesocket
select
__WSAFDIsSet
setsockopt
WSAGetLastError
gethostname
WSACleanup
WSAStartup
htonl
gethostbyname
gethostbyaddr
getprotobyname
getprotobynumber
htons
inet_addr
ntohs
ntohl
getsockopt
ioctlsocket
socket
accept
connect
bind
listen
recv
send
sendto
recvfrom
shutdown
getsockname
getpeername

winmm

timeGetTime

ole32

CoInitialize
CoCreateGuid
CoCreateInstance
CoUninitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetObjectManager
InitObjectManager
InitObjectManagerEx
ShutdownObjectManager

Sections

.text
Size: 388KB - Virtual size: 386KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$OUTDIR/ui.dll
.dll windows:5 windows x86 arch:x86

d9772e29942b5b6e6f5974b37ba9f6ad

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

bb:58:cf:2d:32:23:9b:a4:e3:8b:3a:c6:1e:d4:19:b0:af:2d:01:29
Signer

Actual PE Digest

bb:58:cf:2d:32:23:9b:a4:e3:8b:3a:c6:1e:d4:19:b0:af:2d:01:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\pptv\ui\Release\ui.pdb

Imports

kernel32

SetEvent
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
Sleep
GetEnvironmentVariableW
SystemTimeToFileTime
EncodePointer
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
CreateEventW
CreateProcessW
DecodePointer
GetSystemTime
ResetEvent
ResumeThread
FindResourceExW
DeviceIoControl
GetModuleFileNameA
CreateFileA
HeapDestroy
HeapReAlloc
HeapSize
FindFirstFileW
GetFullPathNameW
FindClose
FindNextFileW
lstrcmpW
GetVersionExW
MulDiv
ExpandEnvironmentStringsW
GetProcAddress
SetPriorityClass
GetCommandLineW
WideCharToMultiByte
WaitForSingleObject
DisableThreadLibraryCalls
ReleaseMutex
CreateMutexW
OpenProcess
LoadLibraryA
LocalAlloc
LocalFree
CloseHandle
GetUserDefaultLCID
GetCurrentThreadId
GetPrivateProfileIntW
RaiseException
GetTickCount
lstrlenA
OutputDebugStringW
DebugBreak
GlobalLock
SetLastError
lstrlenW
GetCurrentProcess
FlushInstructionCache
LoadLibraryW
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
MultiByteToWideChar
LoadLibraryExW
FreeLibrary
InterlockedExchange

user32

UpdateWindow
IsWindowVisible
IsWindowEnabled
GetWindowLongW
GetClientRect
GetDlgItem
SetWindowPos
SendMessageW
GetClassInfoExW
LoadCursorW
LoadStringW
CallWindowProcW
DefWindowProcW
CreateWindowExW
BeginPaint
EndPaint
RegisterClassExW
UnregisterClassA
LoadImageW
GetSystemMetrics
DestroyIcon
DestroyWindow
PostQuitMessage
wsprintfW
MessageBoxW
CreatePopupMenu
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
CopyRect
GetWindowThreadProcessId
GetShellWindow
DrawTextW
SetTimer
GetWindowRect
InvalidateRect
IsDialogMessageW
SetWindowRgn
GetCursorPos
KillTimer
RegisterClassW
GetSysColorBrush
GetClassInfoW
PostMessageW
SetWindowTextW
GetAncestor
EnableWindow
GetParent
GetForegroundWindow
GetClassNameW
SetRect
ShowWindow
DestroyMenu
SetForegroundWindow
SetFocus
ReplyMessage
MoveWindow
SetWindowLongW
IsWindow
RegisterWindowMessageW
IsIconic
GetDesktopWindow
FindWindowExW
SendMessageTimeoutW
CharNextW
SetActiveWindow
BringWindowToTop
SwitchToThisWindow
ReleaseCapture
GetCapture
SetCursor
GetWindowTextW
GetWindowTextLengthW
SetCapture
OffsetRect
EqualRect
SystemParametersInfoW
GetMessageTime
ScreenToClient
GetMessagePos
GetKeyState
GetDC
ReleaseDC
EndDeferWindowPos
BeginDeferWindowPos
UpdateLayeredWindow
ClientToScreen
IntersectRect
SetRectEmpty
GetWindowDC
SetParent
DeferWindowPos
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
GetMenuItemCount
GetMenuItemInfoW
EnableMenuItem
CheckMenuItem
SetMenuItemInfoW
CheckMenuRadioItem
SetMenuDefaultItem
MonitorFromPoint
TrackPopupMenuEx
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
MonitorFromRect
EnumDisplayMonitors
GetSysColor
IsChild
UnregisterHotKey
RegisterHotKey
RemoveMenu
AppendMenuW
IsZoomed

gdi32

GetObjectW
CreateBitmap
CreatePatternBrush
PatBlt
GetClipBox
GetStockObject
SetTextColor
BitBlt
DeleteDC
DeleteObject
CreateCompatibleBitmap
SetViewportOrgEx
SelectObject
SetBkMode
CreateFontIndirectW
SetBkColor
GetObjectA
CreateDCW
ExcludeClipRect
GetDeviceCaps
CreateSolidBrush
CreateCompatibleDC

advapi32

OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
DuplicateTokenEx
AdjustTokenPrivileges
LookupPrivilegeValueW

shell32

SHGetFolderPathW
ShellExecuteW
ShellExecuteExW
DragQueryFileW

ole32

CoUninitialize
CoCreateInstance
RegisterDragDrop
RevokeDragDrop
PropVariantClear
OleUninitialize
OleInitialize
CoInitialize

oleaut32

VariantCopy
SysStringByteLen
SysAllocStringByteLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
VarCmp
VariantChangeType
VariantInit
VariantClear
SysAllocString
LoadTypeLi
SysStringLen
LoadRegTypeLi

msvcp100

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ

atl100

ord32
ord43
ord58
ord31
ord56
ord64
ord23
ord61
ord10
ord44
ord11
ord30

shlwapi

PathFileExistsW
PathIsRootW
SHStrDupW
PathRemoveFileSpecW
PathAppendW
StrStrIW
PathAddExtensionW

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_Create
ImageList_Add
ImageList_Destroy

gdiplus

GdipCreateFontFromDC
GdipSetSolidFillColor
GdipCloneRegion
GdipTranslateRegionI
GdipCombineRegionRegion
GdipMeasureString
GdipSetStringFormatTrimming
GdipSetStringFormatHotkeyPrefix
GdipFree
GdipCreateFontFromLogfontA
GdipGetPropertyItem
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdipCloneImage
GdipDeleteBrush
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipGetImageRawFormat
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipAlloc
GdipGetPropertyItemSize
GdipDeleteFont
GdipCreateFont
GdipDisposeImage
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipCreateStringFormat
GdipDrawImageRectI
GdipCreateLineBrushFromRectI
GdipCreateSolidFill
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateRegion
GdipSetClipRegion
GdipSetClipRectI
GdipGetWorldTransform
GdipSetWorldTransform
GdipSetMatrixElements
GdipGetMatrixElements
GdipCreateMatrix
GdipDeleteMatrix
GdipCreateTexture2I
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateRegionRectI
GdipCreateFromHWND
GdipGetRegionHRgn
GdipCombineRegionRectI
GdipDeleteGraphics
GdipGetFontHeight
GdipGetFontStyle
GdipGetFamily
GdipGetLineSpacing
GdipGetEmHeight
GdipDrawString
GdipGetStringFormatLineAlign
GdipSetStringFormatLineAlign
GdipDeleteFontFamily
GdipDeleteStringFormat
GdipCloneStringFormat
GdiplusStartup
GdiplusShutdown
GdipCloneBrush
GdipCreateRegionPath
GdipSetTextureWrapMode
GdipCreatePath
GdipDrawImageRectRectI
GdipDrawImageRectRect
GdipFillRectangleI
GdipAddPathRectangleI
GdipCreateTextureIAI
GdipBitmapGetPixel
GdipDeleteRegion
GdipDeletePath
GdipGetClip

msvcr100

vswprintf_s
memcpy_s
malloc
getc
fputc
ferror
feof
fflush
ftell
fseek
fwrite
fread
fclose
_wfopen
_purecall
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z
memmove
memcpy
swprintf_s
_ismbcspace
_mbsinc
wmemcpy_s
free
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
__CxxFrameHandler3
??_V@YAXPAX@Z
??3@YAXPAX@Z
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
iswdigit
_wtoi
calloc
_recalloc
memset
wcsncpy
_wcsdup
memmove_s
wcscpy_s
memchr
strncpy
_swprintf
__argc
wcstol
_wcsicmp
wcstok
wcsspn
_time64
toupper
fprintf
atoi
_vsnprintf_s
isspace
tolower
isalpha
isalnum
strncmp
strchr
iswspace
wcstoul
_errno
_wcsnicmp
wcstod
wcsrchr
strrchr
_strnicmp
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_stricmp
realloc
sprintf
wcsstr
_beginthreadex
strtoul
_strdup
strtok_s
?terminate@@YAXXZ

omng

ord8
ord7
ord5
ord6

uilib

PP_OpenUrlW
ord5

urlmon

URLDownloadToCacheFileW

imm32

ImmGetVirtualKey

wintrust

WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain
WTHelperGetProvCertFromChain
WinVerifyTrust

crypt32

CertGetNameStringW

wininet

DeleteUrlCacheEntryW

rpcrt4

UuidFromStringW

Exports

Exports

RD_XXXX
RD_XXXX2

Sections

.text
Size: 450KB - Virtual size: 449KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$OUTDIR/uilib.dll
.dll regsvr32 windows:5 windows x86 arch:x86

e589471521ba2bca69e3d39695462c84

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e7:45:ab:bc:b4:d1:57:b7:a7:12:60:c6:85:fb:d1:c7:73:8e:ba:55
Signer

Actual PE Digest

e7:45:ab:bc:b4:d1:57:b7:a7:12:60:c6:85:fb:d1:c7:73:8e:ba:55

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\winclient\pptv\uilib\Release\uilib.pdb

Imports

kernel32

GetLastError
InitializeCriticalSectionAndSpinCount
GetProcAddress
GetModuleHandleW
lstrcmpiW
LocalFree
FreeLibrary
LoadLibraryExW
ExpandEnvironmentStringsW
GetCurrentThreadId
DisableThreadLibraryCalls
LoadLibraryW
Sleep
DeviceIoControl
GetVersionExW
GetModuleFileNameA
CreateFileA
LoadLibraryA
GetSystemDirectoryA
SetLastError
GetTempFileNameW
CreateDirectoryW
GetTempPathW
GetTickCount
WriteFile
CreateFileW
SetEvent
ResetEvent
CreateEventW
RaiseException
InterlockedExchange
CreateThread
SetEnvironmentVariableW
CompareStringW
GetDateFormatA
GetTimeFormatA
GetDateFormatW
GetTimeFormatW
GetTimeZoneInformation
DeleteFileW
MoveFileW
CreateProcessW
WaitForSingleObject
CloseHandle
TerminateProcess
InitializeCriticalSection
DeleteCriticalSection
GetPrivateProfileStringW
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetEnvironmentVariableW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetACP
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
OutputDebugStringW
AllocConsole
SetEndOfFile
WriteConsoleW
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetFilePointer
ReadFile
GetStartupInfoW
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
SetEnvironmentVariableA
GetLocaleInfoW
GetStdHandle
ExitProcess
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsProcessorFeaturePresent
LCMapStringW
GetCPInfo
GetCommandLineA
ResumeThread
ExitThread
RtlUnwind
DecodePointer
EncodePointer
InterlockedCompareExchange
GetStringTypeW
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy

user32

CharNextW
RegisterClassW
UnregisterClassW
CreateWindowExW
GetWindowLongW
SetWindowPos
WaitForInputIdle
GetAncestor
DestroyWindow
PostMessageW
DefWindowProcW

advapi32

CopySid
GetTokenInformation
OpenProcessToken
DeregisterEventSource
RegisterEventSourceW
RegOpenKeyExA
RegQueryValueExA
RegEnumValueA
RegEnumKeyExW
GetNamedSecurityInfoW
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetNamedSecurityInfoW
RegQueryInfoKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
ReportEventW
GetLengthSid

shell32

ShellExecuteW
ord165
SHGetFolderPathW

ole32

StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CLSIDFromString

oleaut32

RegisterTypeLi
VarUI4FromStr
SysAllocStringLen
SysAllocString
SysStringLen
LoadTypeLi
SysFreeString
UnRegisterTypeLi

shlwapi

PathAppendW
PathRemoveFileSpecW
PathFileExistsW
StrCmpNIW
PathFindExtensionW

ws2_32

WSAGetLastError
gethostbyname
inet_ntoa
getservbyname
gethostbyaddr
getservbyport
ntohs
WSASetLastError
closesocket
recvfrom
__WSAFDIsSet
select
inet_addr
bind
ioctlsocket
socket
WSAStartup
recv
send
setsockopt
connect
gethostname
sendto
WSACleanup
htons
htonl

rpcrt4

UuidFromStringA
UuidFromStringW

wininet

CreateUrlCacheEntryW
CommitUrlCacheEntryW
HttpQueryInfoW
HttpSendRequestW
InternetCrackUrlW
DeleteUrlCacheEntryW
InternetOpenA
InternetReadFile
InternetConnectW
InternetSetStatusCallbackA
HttpOpenRequestW
InternetQueryDataAvailable
InternetQueryOptionW
InternetSetOptionW
InternetCloseHandle
HttpQueryInfoA
InternetLockRequestFile
InternetQueryOptionA

Exports

Exports

??0TiXmlAttribute@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
??0TiXmlAttribute@@QAE@PBD0@Z
??0TiXmlAttribute@@QAE@XZ
??0TiXmlAttributeSet@@QAE@XZ
??0TiXmlBase@@QAE@XZ
??0TiXmlComment@@QAE@ABV0@@Z
??0TiXmlComment@@QAE@XZ
??0TiXmlDeclaration@@QAE@ABV0@@Z
??0TiXmlDeclaration@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00@Z
??0TiXmlDeclaration@@QAE@PBD00@Z
??0TiXmlDeclaration@@QAE@XZ
??0TiXmlDocument@@QAE@ABV0@@Z
??0TiXmlDocument@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0TiXmlDocument@@QAE@PBD@Z
??0TiXmlDocument@@QAE@XZ
??0TiXmlElement@@QAE@ABV0@@Z
??0TiXmlElement@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0TiXmlElement@@QAE@PBD@Z
??0TiXmlNode@@IAE@W4NodeType@0@@Z
??0TiXmlText@@QAE@ABV0@@Z
??0TiXmlText@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0TiXmlText@@QAE@PBD@Z
??0TiXmlUnknown@@QAE@ABV0@@Z
??0TiXmlUnknown@@QAE@XZ
??1TiXmlAttribute@@UAE@XZ
??1TiXmlAttributeSet@@QAE@XZ
??1TiXmlBase@@UAE@XZ
??1TiXmlComment@@UAE@XZ
??1TiXmlDeclaration@@UAE@XZ
??1TiXmlDocument@@UAE@XZ
??1TiXmlElement@@UAE@XZ
??1TiXmlNode@@UAE@XZ
??1TiXmlText@@UAE@XZ
??1TiXmlUnknown@@UAE@XZ
??4TiXmlComment@@QAEXABV0@@Z
??4TiXmlDeclaration@@QAEXABV0@@Z
??4TiXmlDocument@@QAEXABV0@@Z
??4TiXmlElement@@QAEXABV0@@Z
??4TiXmlText@@QAEXABV0@@Z
??4TiXmlUnknown@@QAEXABV0@@Z
??8TiXmlAttribute@@QBE_NABV0@@Z
??MTiXmlAttribute@@QBE_NABV0@@Z
??OTiXmlAttribute@@QBE_NABV0@@Z
??_7TiXmlAttribute@@6B@
??_7TiXmlBase@@6B@
??_7TiXmlComment@@6B@
??_7TiXmlDeclaration@@6B@
??_7TiXmlDocument@@6B@
??_7TiXmlElement@@6B@
??_7TiXmlNode@@6B@
??_7TiXmlText@@6B@
??_7TiXmlUnknown@@6B@
?Add@TiXmlAttributeSet@@QAEXPAVTiXmlAttribute@@@Z
?Attribute@TiXmlElement@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Attribute@TiXmlElement@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAH@Z
?Attribute@TiXmlElement@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAN@Z
?Attribute@TiXmlElement@@QBEPBDPBD@Z
?Attribute@TiXmlElement@@QBEPBDPBDPAH@Z
?Attribute@TiXmlElement@@QBEPBDPBDPAN@Z
?Blank@TiXmlText@@IBE_NXZ
?CDATA@TiXmlText@@QAE_NXZ
?Clear@TiXmlNode@@QAEXXZ
?ClearError@TiXmlDocument@@QAEXXZ
?ClearThis@TiXmlElement@@IAEXXZ
?Clone@TiXmlComment@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlDeclaration@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlDocument@@MBEPAVTiXmlNode@@XZ
?Clone@TiXmlElement@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlText@@MBEPAVTiXmlNode@@XZ
?Clone@TiXmlUnknown@@UBEPAVTiXmlNode@@XZ
?Column@TiXmlBase@@QBEHXZ
?ConvertUTF32ToUTF8@TiXmlBase@@KAXKPADPAH@Z
?CopyTo@TiXmlComment@@IBEXPAV1@@Z
?CopyTo@TiXmlDeclaration@@IBEXPAV1@@Z
?CopyTo@TiXmlDocument@@ABEXPAV1@@Z
?CopyTo@TiXmlElement@@IBEXPAV1@@Z
?CopyTo@TiXmlNode@@IBEXPAV1@@Z
?CopyTo@TiXmlText@@IBEXPAV1@@Z
?CopyTo@TiXmlUnknown@@IBEXPAV1@@Z
?DoubleValue@TiXmlAttribute@@QBENXZ
?Encoding@TiXmlDeclaration@@QBEPBDXZ
?Error@TiXmlDocument@@QBE_NXZ
?ErrorCol@TiXmlDocument@@QAEHXZ
?ErrorDesc@TiXmlDocument@@QBEPBDXZ
?ErrorId@TiXmlDocument@@QBEHXZ
?ErrorRow@TiXmlDocument@@QAEHXZ
?Find@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@PBD@Z
?Find@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@PBD@Z
?First@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@XZ
?First@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@XZ
?FirstAttribute@TiXmlElement@@QAEPAVTiXmlAttribute@@XZ
?FirstAttribute@TiXmlElement@@QBEPBVTiXmlAttribute@@XZ
?FirstChild@TiXmlNode@@QAEPAV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?FirstChild@TiXmlNode@@QAEPAV1@PBD@Z
?FirstChild@TiXmlNode@@QAEPAV1@XZ
?FirstChild@TiXmlNode@@QBEPBV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?FirstChild@TiXmlNode@@QBEPBV1@PBD@Z
?FirstChild@TiXmlNode@@QBEPBV1@XZ
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ
?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@PBD@Z
?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ
?GetChar@TiXmlBase@@KAPBDPBDPADPAHW4TiXmlEncoding@@@Z
?GetDocument@TiXmlNode@@QAEPAVTiXmlDocument@@XZ
?GetDocument@TiXmlNode@@QBEPBVTiXmlDocument@@XZ
?GetEncoding@TiXmlDocument@@QAE?AW4TiXmlEncoding@@XZ
?GetEntity@TiXmlBase@@KAPBDPBDPADPAHW4TiXmlEncoding@@@Z
?GetText@TiXmlElement@@QBEPBDXZ
?GetUserData@TiXmlBase@@QAEPAXXZ
?Identify@TiXmlNode@@IAEPAV1@PBDW4TiXmlEncoding@@@Z
?InsertAfterChild@TiXmlNode@@QAEPAV1@PAV1@ABV1@@Z
?InsertBeforeChild@TiXmlNode@@QAEPAV1@PAV1@ABV1@@Z
?InsertEndChild@TiXmlNode@@QAEPAV1@ABV1@@Z
?IntValue@TiXmlAttribute@@QBEHXZ
?IsAlpha@TiXmlBase@@KAHEW4TiXmlEncoding@@@Z
?IsAlphaNum@TiXmlBase@@KAHEW4TiXmlEncoding@@@Z
?IsWhiteSpace@TiXmlBase@@KA_ND@Z
?IsWhiteSpaceCondensed@TiXmlBase@@SA_NXZ
?IterateChildren@TiXmlNode@@QAEPAV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAV1@@Z
?IterateChildren@TiXmlNode@@QAEPAV1@PAV1@@Z
?IterateChildren@TiXmlNode@@QAEPAV1@PBDPAV1@@Z
?IterateChildren@TiXmlNode@@QBEPBV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBV1@@Z
?IterateChildren@TiXmlNode@@QBEPBV1@PBDPBV1@@Z
?IterateChildren@TiXmlNode@@QBEPBV1@PBV1@@Z
?Last@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@XZ
?Last@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@XZ
?LastAttribute@TiXmlElement@@QAEPAVTiXmlAttribute@@XZ
?LastAttribute@TiXmlElement@@QBEPBVTiXmlAttribute@@XZ
?LastChild@TiXmlNode@@QAEPAV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?LastChild@TiXmlNode@@QAEPAV1@PBD@Z
?LastChild@TiXmlNode@@QAEPAV1@XZ
?LastChild@TiXmlNode@@QBEPBV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?LastChild@TiXmlNode@@QBEPBV1@PBD@Z
?LastChild@TiXmlNode@@QBEPBV1@XZ
?LinkEndChild@TiXmlNode@@QAEPAV1@PAV1@@Z
?LoadFile@TiXmlDocument@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4TiXmlEncoding@@@Z
?LoadFile@TiXmlDocument@@QAE_NPBDW4TiXmlEncoding@@@Z
?LoadFile@TiXmlDocument@@QAE_NW4TiXmlEncoding@@@Z
?Name@TiXmlAttribute@@QBEPBDXZ
?Next@TiXmlAttribute@@QAEPAV1@XZ
?Next@TiXmlAttribute@@QBEPBV1@XZ
?NextSibling@TiXmlNode@@QAEPAV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?NextSibling@TiXmlNode@@QAEPAV1@PBD@Z
?NextSibling@TiXmlNode@@QAEPAV1@XZ
?NextSibling@TiXmlNode@@QBEPBV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?NextSibling@TiXmlNode@@QBEPBV1@PBD@Z
?NextSibling@TiXmlNode@@QBEPBV1@XZ
?NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z
?NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ
?NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@PBD@Z
?NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ
?NoChildren@TiXmlNode@@QBE_NXZ
?Parent@TiXmlNode@@QAEPAV1@XZ
?Parent@TiXmlNode@@QBEPBV1@XZ
?Parse@TiXmlAttribute@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlComment@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlDeclaration@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlDocument@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlElement@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlText@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlUnknown@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Previous@TiXmlAttribute@@QAEPAV1@XZ
?Previous@TiXmlAttribute@@QBEPBV1@XZ
?PreviousSibling@TiXmlNode@@QAEPAV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?PreviousSibling@TiXmlNode@@QAEPAV1@PBD@Z
?PreviousSibling@TiXmlNode@@QAEPAV1@XZ
?PreviousSibling@TiXmlNode@@QBEPBV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?PreviousSibling@TiXmlNode@@QBEPBV1@PBD@Z
?PreviousSibling@TiXmlNode@@QBEPBV1@XZ
?Print@TiXmlAttribute@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlComment@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlDeclaration@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlDocument@@QBEXXZ
?Print@TiXmlDocument@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlElement@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlText@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlUnknown@@UBEXPAU_iobuf@@H@Z
?PutString@TiXmlBase@@KAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAV23@@Z
?PutString@TiXmlBase@@KAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAV?$basic_ostream@DU?$char_traits@D@std@@@3@@Z
?QueryDoubleAttribute@TiXmlElement@@QBEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAN@Z
?QueryDoubleAttribute@TiXmlElement@@QBEHPBDPAN@Z
?QueryDoubleValue@TiXmlAttribute@@QBEHPAN@Z
?QueryFloatAttribute@TiXmlElement@@QBEHPBDPAM@Z
?QueryIntAttribute@TiXmlElement@@QBEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAH@Z
?QueryIntAttribute@TiXmlElement@@QBEHPBDPAH@Z
?QueryIntValue@TiXmlAttribute@@QBEHPAH@Z
?ReadName@TiXmlBase@@KAPBDPBDPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4TiXmlEncoding@@@Z
?ReadText@TiXmlBase@@KAPBDPBDPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N02W4TiXmlEncoding@@@Z
?ReadValue@TiXmlElement@@IAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Remove@TiXmlAttributeSet@@QAEXPAVTiXmlAttribute@@@Z
?RemoveAttribute@TiXmlElement@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?RemoveAttribute@TiXmlElement@@QAEXPBD@Z
?RemoveChild@TiXmlNode@@QAE_NPAV1@@Z
?ReplaceChild@TiXmlNode@@QAEPAV1@PAV1@ABV1@@Z
?RootElement@TiXmlDocument@@QAEPAVTiXmlElement@@XZ
?RootElement@TiXmlDocument@@QBEPBVTiXmlElement@@XZ
?Row@TiXmlBase@@QBEHXZ
?SaveFile@TiXmlDocument@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SaveFile@TiXmlDocument@@QBE_NPBD@Z
?SaveFile@TiXmlDocument@@QBE_NXZ
?SetAttribute@TiXmlElement@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?SetAttribute@TiXmlElement@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?SetAttribute@TiXmlElement@@QAEXPBD0@Z
?SetAttribute@TiXmlElement@@QAEXPBDH@Z
?SetCDATA@TiXmlText@@QAEX_N@Z
?SetCondenseWhiteSpace@TiXmlBase@@SAX_N@Z
?SetDocument@TiXmlAttribute@@QAEXPAVTiXmlDocument@@@Z
?SetDoubleAttribute@TiXmlElement@@QAEXPBDN@Z
?SetDoubleValue@TiXmlAttribute@@QAEXN@Z
?SetError@TiXmlDocument@@QAEXHPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?SetIntValue@TiXmlAttribute@@QAEXH@Z
?SetName@TiXmlAttribute@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetName@TiXmlAttribute@@QAEXPBD@Z
?SetTabSize@TiXmlDocument@@QAEXH@Z
?SetUserData@TiXmlBase@@QAEXPAX@Z
?SetValue@TiXmlAttribute@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetValue@TiXmlAttribute@@QAEXPBD@Z
?SetValue@TiXmlNode@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetValue@TiXmlNode@@QAEXPBD@Z
?SkipWhiteSpace@TiXmlBase@@KAPBDPBDW4TiXmlEncoding@@@Z
?Standalone@TiXmlDeclaration@@QBEPBDXZ
?StreamIn@TiXmlComment@@MAEXPAV?$basic_istream@DU?$char_traits@D@std@@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StreamIn@TiXmlDeclaration@@MAEXPAV?$basic_istream@DU?$char_traits@D@std@@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StreamIn@TiXmlDocument@@MAEXPAV?$basic_istream@DU?$char_traits@D@std@@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StreamIn@TiXmlElement@@MAEXPAV?$basic_istream@DU?$char_traits@D@std@@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StreamIn@TiXmlText@@MAEXPAV?$basic_istream@DU?$char_traits@D@std@@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StreamIn@TiXmlUnknown@@MAEXPAV?$basic_istream@DU?$char_traits@D@std@@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StreamOut@TiXmlAttribute@@UBEXPAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
?StreamOut@TiXmlComment@@MBEXPAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
?StreamOut@TiXmlDeclaration@@MBEXPAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
?StreamOut@TiXmlDocument@@MBEXPAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
?StreamOut@TiXmlElement@@MBEXPAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
?StreamOut@TiXmlText@@MBEXPAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
?StreamOut@TiXmlUnknown@@MBEXPAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
?StreamTo@TiXmlBase@@KA_NPAV?$basic_istream@DU?$char_traits@D@std@@@std@@HPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StreamWhiteSpace@TiXmlBase@@KA_NPAV?$basic_istream@DU?$char_traits@D@std@@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StringEqual@TiXmlBase@@KA_NPBD0_NW4TiXmlEncoding@@@Z
?TabSize@TiXmlDocument@@QBEHXZ
?ToComment@TiXmlNode@@QAEPAVTiXmlComment@@XZ
?ToComment@TiXmlNode@@QBEPBVTiXmlComment@@XZ
?ToDeclaration@TiXmlNode@@QAEPAVTiXmlDeclaration@@XZ
?ToDeclaration@TiXmlNode@@QBEPBVTiXmlDeclaration@@XZ
?ToDocument@TiXmlNode@@QAEPAVTiXmlDocument@@XZ
?ToDocument@TiXmlNode@@QBEPBVTiXmlDocument@@XZ
?ToElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ
?ToElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ
?ToLower@TiXmlBase@@KAHHW4TiXmlEncoding@@@Z
?ToText@TiXmlNode@@QAEPAVTiXmlText@@XZ
?ToText@TiXmlNode@@QBEPBVTiXmlText@@XZ
?ToUnknown@TiXmlNode@@QAEPAVTiXmlUnknown@@XZ
?ToUnknown@TiXmlNode@@QBEPBVTiXmlUnknown@@XZ
?Type@TiXmlNode@@QBEHXZ
?Value@TiXmlAttribute@@QBEPBDXZ
?Value@TiXmlNode@@QBEPBDXZ
?ValueStr@TiXmlNode@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?Version@TiXmlDeclaration@@QBEPBDXZ
?condenseWhiteSpace@TiXmlBase@@0_NA
?entity@TiXmlBase@@0PAUEntity@1@A
?errorString@TiXmlBase@@1PAPBDA
?utf8ByteTable@TiXmlBase@@2QBHB
CreatePlayLink
DllCanUnloadNow
DllGetClassObject
DllGetInstance
DllGetInstanceEx
DllRegisterServer
DllUnregisterServer
MD5
MD5Final
MD5Init
MD5StringA
MD5StringW
MD5Update
PPTVLogOutA
PPTVLogOutW
PP_AddEveryoneAccessToFile
PP_AtlEscapeUrlA
PP_AtlEscapeUrlW
PP_AtlUnescapeUrlA
PP_AtlUnescapeUrlW
PP_Base64DecoderA
PP_Base64DecoderW
PP_Base64EncoderA
PP_Base64EncoderW
PP_GetAllUserAppData
PP_GetComManager
PP_GetCurrentUserAppdata
PP_GetDiskId
PP_GetMachineGUID
PP_GetPPGuid
PP_GetPPLiveNetworkPath
PP_OpenUrlA
PP_OpenUrlW
PP_ReleaseComManager
PP_URLXXX
PP_URLYYY
PP_free
PP_malloc
ReloadConfig
adler32
compress
compress2
compressBound
crc32
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
get_crc_table
gzclearerr
gzclose
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzungetc
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateInit2_
inflateInit_
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
uncompress
zError

Sections

.text
Size: 573KB - Virtual size: 573KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MYSHARE
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FindProcDLL.dll
.dll windows:4 windows x86 arch:x86

37c57c99267b241d11cb1f6f96b0ba5e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:e1:44:24:72:8a:43:62:21:7c:81:fd:58:2a:bb:12:3f:ca:57:02
Signer

Actual PE Digest

1d:e1:44:24:72:8a:43:62:21:7c:81:fd:58:2a:bb:12:3f:ca:57:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetCurrentProcessId
GetVersionExA
GlobalFree
lstrcpyA
DisableThreadLibraryCalls

user32

wsprintfA

msvcrt

malloc
_strupr
toupper
free
_initterm
_adjust_fdiv

Exports

Exports

FindProc

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 603B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/GdiPlus.dll
.dll windows:6 windows x86 arch:x86

ef4c749f5dec4632456950949469f18c

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a2:a6:cc:12:37:a1:26:cf:f3:5f:5a:8f:20:a6:d0:87:fd:44:0f:67
Signer

Actual PE Digest

a2:a6:cc:12:37:a1:26:cf:f3:5f:5a:8f:20:a6:d0:87:fd:44:0f:67

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

gdiplus.pdb

Imports

msvcrt

_isatty
_write
_lseeki64
_fileno
__pioinfo
__badioinfo
wctomb
_itoa
_snprintf
isleadbyte
memmove
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
_CIatan2
_CIsqrt
_CIsin
_CIcos
??3@YAXPAX@Z
_iob
_CIexp
_CIatan
_vsnprintf
_vsnwprintf
_errno
memset
memcpy
_purecall
_CIlog

kernel32

GetFileInformationByHandle
RaiseException
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
InterlockedCompareExchange
HeapAlloc
InterlockedExchange
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
HeapFree
VirtualAlloc
GetProcAddress
GetModuleHandleW
GetSystemInfo
GetVersion
HeapReAlloc
CloseHandle
WaitForSingleObject
SetEvent
lstrcmpiA
IsValidLocale
ConvertDefaultLocale
GetLocaleInfoW
GetModuleFileNameW
GetModuleFileNameA
FindResourceA
LockResource
GetProfileIntA
GetProfileStringA
lstrcmpiW
LocalReAlloc
MulDiv
SetLastError
LocalAlloc
LocalFree
IsDBCSLeadByteEx
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
RtlUnwind
OutputDebugStringA
Sleep
GetFileTime
SearchPathW
SearchPathA
GetOEMCP
SetEndOfFile
WriteFile
SetFilePointer
ReadFile
UnlockFile
LoadResource
LockFile
FlushFileBuffers
CreateSemaphoreA
CreateFileW
LoadLibraryW
GetSystemDirectoryA
CreateFileMappingW
ReleaseSemaphore
GetFileAttributesW
GetProfileSectionA
GetLastError
VirtualFree
GlobalAlloc
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
HeapCreate
GetModuleHandleA
FreeLibrary
HeapDestroy
LoadLibraryA
GetSystemDirectoryW
GetWindowsDirectoryA
GetVersionExA
GetACP
GetSystemDefaultLCID
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
CreateEventA
CreateThread

user32

ReleaseDC
GetDC
GetSysColor
UnregisterClassA
DestroyWindow
GetSystemMetrics
DefWindowProcA
CreateWindowExA
RegisterWindowMessageA
RegisterClassA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
GetClientRect
GetDesktopWindow
GetWindowRect
WindowFromDC
CreateIconIndirect
LoadBitmapW
LoadBitmapA
ClientToScreen
SystemParametersInfoA
GetClassLongA
GetWindowLongA
GetDCEx
GetIconInfo

gdi32

ModifyWorldTransform
GetTextCharsetInfo
TranslateCharsetInfo
GetCurrentPositionEx
ArcTo
SetArcDirection
GetPath
AbortPath
FlattenPath
WidenPath
Ellipse
AngleArc
RoundRect
PolyDraw
Pie
Chord
Arc
OffsetClipRgn
GetRgnBox
CombineRgn
SetPaletteEntries
ResizePalette
ExcludeClipRect
PlayEnhMetaFile
GetWinMetaFileBits
PlgBlt
BitBlt
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineTransform
SetMapperFlags
CreateDIBitmap
CreatePen
CreatePatternBrush
GetBkMode
GetTextAlign
ExtCreateRegion
Polyline
PolyPolyline
StrokeAndFillPath
FillPath
SetPolyFillMode
PolyBezier
SelectClipPath
BeginPath
PolylineTo
PolyBezierTo
MoveToEx
CloseFigure
EndPath
StrokePath
ExtSelectClipRgn
GetPixel
ExtTextOutA
CreateSolidBrush
SetMiterLimit
FillRgn
GetDIBColorTable
GetNearestPaletteIndex
StretchBlt
CreateCompatibleBitmap
ExtCreatePen
GetWorldTransform
GetROP2
Rectangle
Polygon
SetBrushOrgEx
GetClipRgn
SelectClipRgn
GetBkColor
GetTextColor
CreatePenIndirect
GetObjectW
DPtoLP
CreateDIBPatternBrushPt
GetNearestColor
SetStretchBltMode
StretchDIBits
SetTextAlign
SetTextJustification
SetROP2
PolyPolygon
IntersectClipRect
PlayMetaFileRecord
ExtTextOutW
SetBitmapBits
SetDIBColorTable
CreateEnhMetaFileW
GdiComment
GetMetaFileW
GetMetaFileA
GetEnhMetaFileW
GetEnhMetaFileA
SaveDC
SetWindowOrgEx
SetViewportOrgEx
SetGraphicsMode
SetWorldTransform
GetEnhMetaFileBits
CopyEnhMetaFileA
CopyMetaFileA
DeleteMetaFile
GetEnhMetaFileHeader
SetMetaFileBitsEx
SetEnhMetaFileBits
CreateEnhMetaFileA
SetMapMode
SetViewportExtEx
SetWindowExtEx
PlayMetaFile
CloseEnhMetaFile
DeleteEnhMetaFile
SetMetaRgn
GetObjectType
GetMetaFileBitsEx
EnumMetaFile
EnumEnhMetaFile
PlayEnhMetaFileRecord
RestoreDC
GetStockObject
CreateBitmap
SetTextColor
SetBkColor
SetBkMode
SetDIBits
CreateBrushIndirect
PatBlt
GdiFlush
GetPaletteEntries
RealizePalette
CreateDIBSection
CreateCompatibleDC
GetDIBits
GetCurrentObject
GetObjectA
GetDCOrgEx
Escape
SetICMMode
GetMapMode
GetViewportOrgEx
GetWindowOrgEx
GetGraphicsMode
GetViewportExtEx
GetWindowExtEx
LPtoDP
GetRandomRgn
ExtEscape
CreateRectRgn
CreateICA
CreateDCA
DeleteDC
GetRegionData
CreateFontIndirectA
CreateFontIndirectW
SelectObject
EnumFontFamiliesExW
EnumFontFamiliesExA
GetTextMetricsW
GetTextFaceW
GetTextMetricsA
GetTextFaceA
SelectPalette
DeleteObject
GetDeviceCaps
GetSystemPaletteUse
GetSystemPaletteEntries
CreatePalette
LineTo

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal

advapi32

RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegEnumKeyExW
RegEnumKeyExA
RegOpenKeyW
RegOpenKeyA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueW
RegCloseKey
RegEnumValueA
RegDeleteKeyW
RegSetValueExA
RegSetValueExW

Exports

Exports

GdipAddPathArc
GdipAddPathArcI
GdipAddPathBezier
GdipAddPathBezierI
GdipAddPathBeziers
GdipAddPathBeziersI
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathClosedCurve2I
GdipAddPathClosedCurveI
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathCurve2I
GdipAddPathCurve3
GdipAddPathCurve3I
GdipAddPathCurveI
GdipAddPathEllipse
GdipAddPathEllipseI
GdipAddPathLine
GdipAddPathLine2
GdipAddPathLine2I
GdipAddPathLineI
GdipAddPathPath
GdipAddPathPie
GdipAddPathPieI
GdipAddPathPolygon
GdipAddPathPolygonI
GdipAddPathRectangle
GdipAddPathRectangleI
GdipAddPathRectangles
GdipAddPathRectanglesI
GdipAddPathString
GdipAddPathStringI
GdipAlloc
GdipBeginContainer
GdipBeginContainer2
GdipBeginContainerI
GdipBitmapGetPixel
GdipBitmapLockBits
GdipBitmapSetPixel
GdipBitmapSetResolution
GdipBitmapUnlockBits
GdipClearPathMarkers
GdipCloneBitmapArea
GdipCloneBitmapAreaI
GdipCloneBrush
GdipCloneCustomLineCap
GdipCloneFont
GdipCloneFontFamily
GdipCloneImage
GdipCloneImageAttributes
GdipCloneMatrix
GdipClonePath
GdipClonePen
GdipCloneRegion
GdipCloneStringFormat
GdipClosePathFigure
GdipClosePathFigures
GdipCombineRegionPath
GdipCombineRegionRect
GdipCombineRegionRectI
GdipCombineRegionRegion
GdipComment
GdipCreateAdjustableArrowCap
GdipCreateBitmapFromDirectDrawSurface
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateCachedBitmap
GdipCreateCustomLineCap
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCreateFontFromLogfontW
GdipCreateFromHDC
GdipCreateFromHDC2
GdipCreateFromHWND
GdipCreateFromHWNDICM
GdipCreateHBITMAPFromBitmap
GdipCreateHICONFromBitmap
GdipCreateHalftonePalette
GdipCreateHatchBrush
GdipCreateImageAttributes
GdipCreateLineBrush
GdipCreateLineBrushFromRect
GdipCreateLineBrushFromRectI
GdipCreateLineBrushFromRectWithAngle
GdipCreateLineBrushFromRectWithAngleI
GdipCreateLineBrushI
GdipCreateMatrix
GdipCreateMatrix2
GdipCreateMatrix3
GdipCreateMatrix3I
GdipCreateMetafileFromEmf
GdipCreateMetafileFromFile
GdipCreateMetafileFromStream
GdipCreateMetafileFromWmf
GdipCreateMetafileFromWmfFile
GdipCreatePath
GdipCreatePath2
GdipCreatePath2I
GdipCreatePathGradient
GdipCreatePathGradientFromPath
GdipCreatePathGradientI
GdipCreatePathIter
GdipCreatePen1
GdipCreatePen2
GdipCreateRegion
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRect
GdipCreateRegionRectI
GdipCreateRegionRgnData
GdipCreateSolidFill
GdipCreateStreamOnFile
GdipCreateStringFormat
GdipCreateTexture
GdipCreateTexture2
GdipCreateTexture2I
GdipCreateTextureIA
GdipCreateTextureIAI
GdipDeleteBrush
GdipDeleteCachedBitmap
GdipDeleteCustomLineCap
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeleteMatrix
GdipDeletePath
GdipDeletePathIter
GdipDeletePen
GdipDeletePrivateFontCollection
GdipDeleteRegion
GdipDeleteStringFormat
GdipDisposeImage
GdipDisposeImageAttributes
GdipDrawArc
GdipDrawArcI
GdipDrawBezier
GdipDrawBezierI
GdipDrawBeziers
GdipDrawBeziersI
GdipDrawCachedBitmap
GdipDrawClosedCurve
GdipDrawClosedCurve2
GdipDrawClosedCurve2I
GdipDrawClosedCurveI
GdipDrawCurve
GdipDrawCurve2
GdipDrawCurve2I
GdipDrawCurve3
GdipDrawCurve3I
GdipDrawCurveI
GdipDrawDriverString
GdipDrawEllipse
GdipDrawEllipseI
GdipDrawImage
GdipDrawImageI
GdipDrawImagePointRect
GdipDrawImagePointRectI
GdipDrawImagePoints
GdipDrawImagePointsI
GdipDrawImagePointsRect
GdipDrawImagePointsRectI
GdipDrawImageRect
GdipDrawImageRectI
GdipDrawImageRectRect
GdipDrawImageRectRectI
GdipDrawLine
GdipDrawLineI
GdipDrawLines
GdipDrawLinesI
GdipDrawPath
GdipDrawPie
GdipDrawPieI
GdipDrawPolygon
GdipDrawPolygonI
GdipDrawRectangle
GdipDrawRectangleI
GdipDrawRectangles
GdipDrawRectanglesI
GdipDrawString
GdipEmfToWmfBits
GdipEndContainer
GdipEnumerateMetafileDestPoint
GdipEnumerateMetafileDestPointI
GdipEnumerateMetafileDestPoints
GdipEnumerateMetafileDestPointsI
GdipEnumerateMetafileDestRect
GdipEnumerateMetafileDestRectI
GdipEnumerateMetafileSrcRectDestPoint
GdipEnumerateMetafileSrcRectDestPointI
GdipEnumerateMetafileSrcRectDestPoints
GdipEnumerateMetafileSrcRectDestPointsI
GdipEnumerateMetafileSrcRectDestRect
GdipEnumerateMetafileSrcRectDestRectI
GdipFillClosedCurve
GdipFillClosedCurve2
GdipFillClosedCurve2I
GdipFillClosedCurveI
GdipFillEllipse
GdipFillEllipseI
GdipFillPath
GdipFillPie
GdipFillPieI
GdipFillPolygon
GdipFillPolygon2
GdipFillPolygon2I
GdipFillPolygonI
GdipFillRectangle
GdipFillRectangleI
GdipFillRectangles
GdipFillRectanglesI
GdipFillRegion
GdipFlattenPath
GdipFlush
GdipFree
GdipGetAdjustableArrowCapFillState
GdipGetAdjustableArrowCapHeight
GdipGetAdjustableArrowCapMiddleInset
GdipGetAdjustableArrowCapWidth
GdipGetAllPropertyItems
GdipGetBrushType
GdipGetCellAscent
GdipGetCellDescent
GdipGetClip
GdipGetClipBounds
GdipGetClipBoundsI
GdipGetCompositingMode
GdipGetCompositingQuality
GdipGetCustomLineCapBaseCap
GdipGetCustomLineCapBaseInset
GdipGetCustomLineCapStrokeCaps
GdipGetCustomLineCapStrokeJoin
GdipGetCustomLineCapType
GdipGetCustomLineCapWidthScale
GdipGetDC
GdipGetDpiX
GdipGetDpiY
GdipGetEmHeight
GdipGetEncoderParameterList
GdipGetEncoderParameterListSize
GdipGetFamily
GdipGetFamilyName
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipGetFontHeight
GdipGetFontHeightGivenDPI
GdipGetFontSize
GdipGetFontStyle
GdipGetFontUnit
GdipGetGenericFontFamilyMonospace
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetHatchBackgroundColor
GdipGetHatchForegroundColor
GdipGetHatchStyle
GdipGetHemfFromMetafile
GdipGetImageAttributesAdjustedPalette
GdipGetImageBounds
GdipGetImageDecoders
GdipGetImageDecodersSize
GdipGetImageDimension
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageFlags
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageThumbnail
GdipGetImageType
GdipGetImageVerticalResolution
GdipGetImageWidth
GdipGetInterpolationMode
GdipGetLineBlend
GdipGetLineBlendCount
GdipGetLineColors
GdipGetLineGammaCorrection
GdipGetLinePresetBlend
GdipGetLinePresetBlendCount
GdipGetLineRect
GdipGetLineRectI
GdipGetLineSpacing
GdipGetLineTransform
GdipGetLineWrapMode
GdipGetLogFontA
GdipGetLogFontW
GdipGetMatrixElements
GdipGetMetafileDownLevelRasterizationLimit
GdipGetMetafileHeaderFromEmf
GdipGetMetafileHeaderFromFile
GdipGetMetafileHeaderFromMetafile
GdipGetMetafileHeaderFromStream
GdipGetMetafileHeaderFromWmf
GdipGetNearestColor
GdipGetPageScale
GdipGetPageUnit
GdipGetPathData
GdipGetPathFillMode
GdipGetPathGradientBlend
GdipGetPathGradientBlendCount
GdipGetPathGradientCenterColor
GdipGetPathGradientCenterPoint
GdipGetPathGradientCenterPointI
GdipGetPathGradientFocusScales
GdipGetPathGradientGammaCorrection
GdipGetPathGradientPath
GdipGetPathGradientPointCount
GdipGetPathGradientPresetBlend
GdipGetPathGradientPresetBlendCount
GdipGetPathGradientRect
GdipGetPathGradientRectI
GdipGetPathGradientSurroundColorCount
GdipGetPathGradientSurroundColorsWithCount
GdipGetPathGradientTransform
GdipGetPathGradientWrapMode
GdipGetPathLastPoint
GdipGetPathPoints
GdipGetPathPointsI
GdipGetPathTypes
GdipGetPathWorldBounds
GdipGetPathWorldBoundsI
GdipGetPenBrushFill
GdipGetPenColor
GdipGetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenCustomEndCap
GdipGetPenCustomStartCap
GdipGetPenDashArray
GdipGetPenDashCap197819
GdipGetPenDashCount
GdipGetPenDashOffset
GdipGetPenDashStyle
GdipGetPenEndCap
GdipGetPenFillType
GdipGetPenLineJoin
GdipGetPenMiterLimit
GdipGetPenMode
GdipGetPenStartCap
GdipGetPenTransform
GdipGetPenUnit
GdipGetPenWidth
GdipGetPixelOffsetMode
GdipGetPointCount
GdipGetPropertyCount
GdipGetPropertyIdList
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipGetPropertySize
GdipGetRegionBounds
GdipGetRegionBoundsI
GdipGetRegionData
GdipGetRegionDataSize
GdipGetRegionHRgn
GdipGetRegionScans
GdipGetRegionScansCount
GdipGetRegionScansI
GdipGetRenderingOrigin
GdipGetSmoothingMode
GdipGetSolidFillColor
GdipGetStringFormatAlign
GdipGetStringFormatDigitSubstitution
GdipGetStringFormatFlags
GdipGetStringFormatHotkeyPrefix
GdipGetStringFormatLineAlign
GdipGetStringFormatMeasurableCharacterRangeCount
GdipGetStringFormatTabStopCount
GdipGetStringFormatTabStops
GdipGetStringFormatTrimming
GdipGetTextContrast
GdipGetTextRenderingHint
GdipGetTextureImage
GdipGetTextureTransform
GdipGetTextureWrapMode
GdipGetVisibleClipBounds
GdipGetVisibleClipBoundsI
GdipGetWorldTransform
GdipGraphicsClear
GdipImageForceValidation
GdipImageGetFrameCount
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageRotateFlip
GdipImageSelectActiveFrame
GdipInvertMatrix
GdipIsClipEmpty
GdipIsEmptyRegion
GdipIsEqualRegion
GdipIsInfiniteRegion
GdipIsMatrixEqual
GdipIsMatrixIdentity
GdipIsMatrixInvertible
GdipIsOutlineVisiblePathPoint
GdipIsOutlineVisiblePathPointI
GdipIsStyleAvailable
GdipIsVisibleClipEmpty
GdipIsVisiblePathPoint
GdipIsVisiblePathPointI
GdipIsVisiblePoint
GdipIsVisiblePointI
GdipIsVisibleRect
GdipIsVisibleRectI
GdipIsVisibleRegionPoint
GdipIsVisibleRegionPointI
GdipIsVisibleRegionRect
GdipIsVisibleRegionRectI
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipMeasureCharacterRanges
GdipMeasureDriverString
GdipMeasureString
GdipMultiplyLineTransform
GdipMultiplyMatrix
GdipMultiplyPathGradientTransform
GdipMultiplyPenTransform
GdipMultiplyTextureTransform
GdipMultiplyWorldTransform
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPathIterCopyData
GdipPathIterEnumerate
GdipPathIterGetCount
GdipPathIterGetSubpathCount
GdipPathIterHasCurve
GdipPathIterIsValid
GdipPathIterNextMarker
GdipPathIterNextMarkerPath
GdipPathIterNextPathType
GdipPathIterNextSubpath
GdipPathIterNextSubpathPath
GdipPathIterRewind
GdipPlayMetafileRecord
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipRecordMetafile
GdipRecordMetafileFileName
GdipRecordMetafileFileNameI
GdipRecordMetafileI
GdipRecordMetafileStream
GdipRecordMetafileStreamI
GdipReleaseDC
GdipRemovePropertyItem
GdipResetClip
GdipResetImageAttributes
GdipResetLineTransform
GdipResetPageTransform
GdipResetPath
GdipResetPathGradientTransform
GdipResetPenTransform
GdipResetTextureTransform
GdipResetWorldTransform
GdipRestoreGraphics
GdipReversePath
GdipRotateLineTransform
GdipRotateMatrix
GdipRotatePathGradientTransform
GdipRotatePenTransform
GdipRotateTextureTransform
GdipRotateWorldTransform
GdipSaveAdd
GdipSaveAddImage
GdipSaveGraphics
GdipSaveImageToFile
GdipSaveImageToStream
GdipScaleLineTransform
GdipScaleMatrix
GdipScalePathGradientTransform
GdipScalePenTransform
GdipScaleTextureTransform
GdipScaleWorldTransform
GdipSetAdjustableArrowCapFillState
GdipSetAdjustableArrowCapHeight
GdipSetAdjustableArrowCapMiddleInset
GdipSetAdjustableArrowCapWidth
GdipSetClipGraphics
GdipSetClipHrgn
GdipSetClipPath
GdipSetClipRect
GdipSetClipRectI
GdipSetClipRegion
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetCustomLineCapBaseCap
GdipSetCustomLineCapBaseInset
GdipSetCustomLineCapStrokeCaps
GdipSetCustomLineCapStrokeJoin

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InetLoad.dll
.dll windows:4 windows x86 arch:x86

55e79df82a11a9c3b96f7ebb44d55181

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

77:55:ff:b4:4e:7e:c1:ad:a5:1c:e9:bd:33:5b:d4:08:97:17:92:6a
Signer

Actual PE Digest

77:55:ff:b4:4e:7e:c1:ad:a5:1c:e9:bd:33:5b:d4:08:97:17:92:6a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
malloc
_initterm
free
sprintf
memset
strstr
strtol
strncmp
strtoul
time
strchr
strrchr

kernel32

CreateThread
WaitForSingleObject
TerminateThread
OutputDebugStringA
GetModuleHandleA
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrcmpiA
CreateFileA
lstrcatA
SleepEx
lstrcmpA
lstrlenA
MulDiv
WriteFile
GetLastError
GlobalFree
DeleteFileA
CloseHandle
lstrcpynA

user32

SendMessageA
SetWindowTextA
wsprintfA
GetDlgItem
RegisterWindowMessageA
CallWindowProcA
PostMessageA
DestroyWindow
EnableWindow
GetWindowLongA
CreateWindowExA
GetWindowRect
GetClientRect
ShowWindow
IsWindowVisible
GetFocus
MessageBoxA
SendDlgItemMessageA
SetDlgItemTextA
SetTimer
LoadIconA
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
IsWindow
CreateDialogParamA
FindWindowExA
RedrawWindow
GetWindowTextA
SetWindowLongA

wininet

InternetSetFilePointer
HttpQueryInfoA
InternetQueryOptionA
HttpSendRequestA
HttpAddRequestHeadersA
InternetSetOptionA
HttpOpenRequestA
FtpOpenFileA
InternetGetLastResponseInfoA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetCloseHandle
InternetReadFile
InternetErrorDlg

comctl32

ord17

Exports

Exports

load

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

109c032cfbd301a5463d71c5477714b2

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:5b:3b:37:9d:8f:e7:dd:85:32:c9:5c:a1:b1:80:57:22:f1:e7:55
Signer

Actual PE Digest

08:5b:3b:37:9d:8f:e7:dd:85:32:c9:5c:a1:b1:80:57:22:f1:e7:55

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetCurrentProcessId
GetVersionExA
GlobalFree
lstrcpyA
DisableThreadLibraryCalls

msvcrt

toupper
free
_initterm
malloc
_adjust_fdiv
_strupr
_itoa

Exports

Exports

KillProc

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 587B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/MngModule.dll
.dll windows:5 windows x86 arch:x86

be2cdd69a77d75f2dbcae5190204885d

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

76:c9:c7:c4:6f:ff:3d:c2:e6:06:c3:95:77:87:10:5a:2d:2c:6e:12
Signer

Actual PE Digest

76:c9:c7:c4:6f:ff:3d:c2:e6:06:c3:95:77:87:10:5a:2d:2c:6e:12

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\pplive\pptv_client\mngmodule\ReleaseU\mngmodule.pdb

Imports

urlmon

CreateURLMoniker
RegisterBindStatusCallback
RevokeBindStatusCallback

kernel32

CreateFileA
GetVersionExW
GetModuleFileNameA
Sleep
FreeLibrary
WritePrivateProfileStringW
GetTempPathW
GetCurrentThreadId
GetCurrentProcess
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
GetFileAttributesW
GetLocalTime
GetSystemInfo
GlobalMemoryStatusEx
CreateProcessW
WriteFile
ResumeThread
CreateThread
WaitForSingleObject
CreateEventW
TerminateThread
GetExitCodeThread
SetEvent
CreateDirectoryW
SystemTimeToTzSpecificLocalTime
ReadFile
GetFileSize
OutputDebugStringW
DuplicateHandle
DisableThreadLibraryCalls
DeviceIoControl
ResetEvent
LocalFree
LocalAlloc
GetEnvironmentVariableW
SetFilePointer
OutputDebugStringA
RemoveDirectoryW
SetFileAttributesW
SetFileTime
GetTempFileNameW
FlushFileBuffers
GetSystemDirectoryW
RaiseException
VirtualQuery
FindResourceExW
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
DecodePointer
LoadResource
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
CreateMutexW
GetModuleFileNameW
LockResource
SizeofResource
FindResourceW
DeleteCriticalSection
FindClose
FindNextFileW
FindFirstFileW
GetFullPathNameW
SetLastError
FileTimeToLocalFileTime
CloseHandle
GetModuleHandleW
GetProcAddress
CreateFileW
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
GetLastError
GetTickCount
GetFileTime
GetSystemTime
FileTimeToSystemTime
DeleteFileW
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrlenA
SystemTimeToFileTime
GetCurrentProcessId
CopyFileW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetCommandLineW
TerminateProcess
EncodePointer

user32

GetLastInputInfo
KillTimer
SetTimer
LoadCursorW
GetClassInfoExW
LoadCursorA
GetClassInfoExA
RegisterClassExW
RegisterClassExA
UnregisterClassW
wsprintfW
DispatchMessageW
GetMessageW
IsWindowVisible
GetAncestor
IsWindow
SendMessageTimeoutW
CharUpperBuffW
WindowFromPoint
GetDesktopWindow
GetSystemMetrics
PostThreadMessageW
CloseDesktop
OpenInputDesktop
SystemParametersInfoW
GetWindowTextW
CharNextW

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegEnumValueA
GetNamedSecurityInfoW
SetNamedSecurityInfoW
GetSecurityInfo
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetSecurityInfo
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExW
RegOpenKeyW

shell32

ShellExecuteExW
SHGetFolderPathW
SHCreateDirectoryExW
CommandLineToArgvW
ord165

ole32

CoInitialize
CoRegisterClassObject
CoTaskMemFree
CoInitializeEx
CreateBindCtx
CoUninitialize
CoSuspendClassObjects
CoRevokeClassObject
CoCreateInstance

oleaut32

CreateErrorInfo
SetErrorInfo
VariantChangeType
GetErrorInfo
SysFreeString
SysAllocString
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi
VarBstrCmp
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
VariantClear
VariantInit
SystemTimeToVariantTime
VariantTimeToSystemTime

atl100

ord17
ord32
ord23
ord61
ord68
ord56
ord49
ord64
ord15
ord58
ord31
ord20
ord30

shlwapi

PathFileExistsW
PathAppendW
PathFindExtensionW
StrStrIW
PathFindFileNameW
PathRemoveFileSpecW

msvcp100

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ

sqlite3

sqlite3_open
sqlite3_free
sqlite3_exec
sqlite3_vmprintf
sqlite3_prepare_v2
sqlite3_close
sqlite3_finalize
sqlite3_next_stmt
sqlite3_errcode
sqlite3_backup_finish
sqlite3_backup_step
sqlite3_backup_init
sqlite3_step
sqlite3_reset
sqlite3_column_count
sqlite3_column_double
sqlite3_column_int64
sqlite3_column_text
sqlite3_column_type
sqlite3_column_name

uilib

inflateEnd
inflate
inflateInit2_
ord392
PP_GetDiskId

wininet

InternetTimeToSystemTimeW
DeleteUrlCacheEntryW
InternetCloseHandle
HttpQueryInfoA
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetOpenW
InternetReadFile

msvcr100

vswprintf_s
_vscwprintf
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_except_handler4_common
_recalloc
calloc
memmove_s
memcpy_s
memmove
memcpy
free
wcsnlen
malloc
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
wcsrchr
wcscpy_s
ceil
_mktime64
fread
sprintf
strcat
strrchr
__clean_type_info_names_internal
strncpy
strcpy
isupper
isdigit
_time64
atoi
_wtoi64
atol
_wcsicmp
_ultoa_s
_strlwr_s
strncmp
wmemcpy_s
_wcslwr_s
_wcsupr_s
wcsstr
memchr
fclose
ftell
_stricmp
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
tolower
strchr
isalpha
_vsnprintf_s
atof
sscanf_s
fputc
ferror
fprintf
fopen_s
swprintf_s
sprintf_s
wcscat
_snprintf
strstr
strcmp
??0exception@std@@QAE@XZ
_wcsdup
_localtime64_s
wcsftime
_resetstkoflw
wcsncpy_s
wcsncpy
_i64tow
_itow
_wcsnicmp
_errno
_wcserror
wcstol
wcsncmp
wcschr
fwrite
_wfopen
??3@YAXPAX@Z
??_V@YAXPAX@Z
__CxxFrameHandler3
_swprintf
wcslen
_snwprintf
memset
_wtol
_wtoi
isspace
isalnum
strlen
wcscpy
abs
rand
srand
__RTDynamicCast
memcmp
_CxxThrowException
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
_purecall
wcscmp
fseek

psapi

GetProcessMemoryInfo

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiClassGuidsFromNameW
SetupDiDestroyDeviceInfoList

wintrust

WTHelperGetProvCertFromChain
WinVerifyTrust
WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain

crypt32

CertGetNameStringW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

CheckSource
DllCanUnloadNow
DllGetClassObject
ExecCommand
RD_XXXX
TestPushServer
Upload

Sections

.text
Size: 378KB - Virtual size: 378KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/PPAP.exe
.exe windows:5 windows x86 arch:x86

bbfdf8708da887867f58223fc4d890b3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d7:ad:7a:80:59:94:6d:8d:b2:3b:50:60:57:c6:3f:2c:fa:7b:53:22
Signer

Actual PE Digest

d7:ad:7a:80:59:94:6d:8d:b2:3b:50:60:57:c6:3f:2c:fa:7b:53:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\project\pptv\bin\PE.pdb

Imports

kernel32

FindClose
FindFirstFileA
GetLongPathNameA
GetModuleFileNameA
WideCharToMultiByte
GetLongPathNameW
GetCurrentProcessId
GetCommandLineA
GetLastError
GetCurrentProcess
GetLocalTime
GetTempPathA
lstrcatA
lstrcpyA
CreateProcessA
GetModuleHandleA
OpenProcess
CreateEventW
ReleaseMutex
CreateToolhelp32Snapshot
SetUnhandledExceptionFilter
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrlenW
GetPrivateProfileStringW
WaitForSingleObject
TerminateProcess
GetVersionExW
LocalFree
LocalAlloc
GetTempPathW
GetEnvironmentVariableW
CreateProcessW
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
Module32FirstW
VirtualQuery
OutputDebugStringA
GetPrivateProfileStringA
GetModuleFileNameW
LoadLibraryW
GetEnvironmentVariableA
Module32NextW
CloseHandle
FreeLibrary
LoadLibraryA
GetProcAddress
GetCommandLineW
GetCurrentThread
GetCurrentThreadId
CreateFileA
GetFileSize
CreateFileMappingW
MapViewOfFile
IsBadReadPtr
CreateMutexW
lstrcmpiW
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

user32

GetDesktopWindow
GetShellWindow
GetWindowThreadProcessId
wsprintfW

advapi32

ConvertStringSidToSidW
GetLengthSid
SetTokenInformation
SetThreadToken
LookupPrivilegeValueW
AdjustTokenPrivileges
DuplicateTokenEx
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ImpersonateSelf

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetFolderPathA

ole32

StringFromCLSID
CoCreateGuid
CoInitialize
CoUninitialize
CoCreateInstance

msvcp100

?_Decref@facet@locale@std@@QAEPAV123@XZ
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
??0_Lockit@std@@QAE@H@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
??1_Lockit@std@@QAE@XZ
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??Bid@locale@std@@QAEIXZ
?id@?$codecvt@_WDH@std@@2V0locale@2@A

msvcr100

_controlfp_s
__dllonexit
_invoke_watson
memcpy
memmove
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
_snprintf
??_V@YAXPAX@Z
memset
fflush
vfprintf
memchr
sprintf
__wargv
__argc
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
strncpy
fopen
toupper
fclose
free
_wcsdup
wcschr
_wcsicmp
_unlock
_except_handler4_common
_lock
_onexit
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

PathRemoveFileSpecA
PathFindFileNameA
PathAppendA
PathAppendW
PathRemoveFileSpecW
PathStripPathW

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 375KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/PPInstallLog.dll
.dll windows:4 windows x86 arch:x86

256af4ebe940c94257ae641d926c73e1

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ff:d5:b8:6e:c3:34:ec:95:13:1b:45:d8:63:a7:b1:e1:c9:08:e0:10
Signer

Actual PE Digest

ff:d5:b8:6e:c3:34:ec:95:13:1b:45:d8:63:a7:b1:e1:c9:08:e0:10

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord2554
ord561
ord815
ord354
ord665
ord825
ord823
ord1979
ord858
ord5442
ord3318
ord5186
ord6385
ord537
ord6467
ord6663
ord668
ord3178
ord3181
ord4058
ord2781
ord2770
ord356
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord4486
ord6375
ord4274
ord2614
ord2818
ord939
ord535
ord800
ord3738
ord540
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord1116

msvcrt

__CxxFrameHandler
__dllonexit
_onexit
??1type_info@@UAE@XZ
free
_initterm
malloc
_adjust_fdiv

kernel32

LocalFree
GlobalAlloc
lstrcpynA
lstrcpyA
GlobalFree
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA
LocalAlloc

user32

wsprintfA

shlwapi

PathFileExistsA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

CloseLog
FileLog
FolderLog
OpenLog
StringLog

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/PPLive.exe
.exe windows:5 windows x86 arch:x86

bbfdf8708da887867f58223fc4d890b3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d7:ad:7a:80:59:94:6d:8d:b2:3b:50:60:57:c6:3f:2c:fa:7b:53:22
Signer

Actual PE Digest

d7:ad:7a:80:59:94:6d:8d:b2:3b:50:60:57:c6:3f:2c:fa:7b:53:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\project\pptv\bin\PE.pdb

Imports

kernel32

FindClose
FindFirstFileA
GetLongPathNameA
GetModuleFileNameA
WideCharToMultiByte
GetLongPathNameW
GetCurrentProcessId
GetCommandLineA
GetLastError
GetCurrentProcess
GetLocalTime
GetTempPathA
lstrcatA
lstrcpyA
CreateProcessA
GetModuleHandleA
OpenProcess
CreateEventW
ReleaseMutex
CreateToolhelp32Snapshot
SetUnhandledExceptionFilter
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrlenW
GetPrivateProfileStringW
WaitForSingleObject
TerminateProcess
GetVersionExW
LocalFree
LocalAlloc
GetTempPathW
GetEnvironmentVariableW
CreateProcessW
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
Module32FirstW
VirtualQuery
OutputDebugStringA
GetPrivateProfileStringA
GetModuleFileNameW
LoadLibraryW
GetEnvironmentVariableA
Module32NextW
CloseHandle
FreeLibrary
LoadLibraryA
GetProcAddress
GetCommandLineW
GetCurrentThread
GetCurrentThreadId
CreateFileA
GetFileSize
CreateFileMappingW
MapViewOfFile
IsBadReadPtr
CreateMutexW
lstrcmpiW
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

user32

GetDesktopWindow
GetShellWindow
GetWindowThreadProcessId
wsprintfW

advapi32

ConvertStringSidToSidW
GetLengthSid
SetTokenInformation
SetThreadToken
LookupPrivilegeValueW
AdjustTokenPrivileges
DuplicateTokenEx
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ImpersonateSelf

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetFolderPathA

ole32

StringFromCLSID
CoCreateGuid
CoInitialize
CoUninitialize
CoCreateInstance

msvcp100

?_Decref@facet@locale@std@@QAEPAV123@XZ
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
??0_Lockit@std@@QAE@H@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
??1_Lockit@std@@QAE@XZ
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??Bid@locale@std@@QAEIXZ
?id@?$codecvt@_WDH@std@@2V0locale@2@A

msvcr100

_controlfp_s
__dllonexit
_invoke_watson
memcpy
memmove
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
_snprintf
??_V@YAXPAX@Z
memset
fflush
vfprintf
memchr
sprintf
__wargv
__argc
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
strncpy
fopen
toupper
fclose
free
_wcsdup
wcschr
_wcsicmp
_unlock
_except_handler4_common
_lock
_onexit
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

PathRemoveFileSpecA
PathFindFileNameA
PathAppendA
PathAppendW
PathRemoveFileSpecW
PathStripPathW

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 375KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/PPLiveU.exe
.exe windows:5 windows x86 arch:x86

bbfdf8708da887867f58223fc4d890b3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d7:ad:7a:80:59:94:6d:8d:b2:3b:50:60:57:c6:3f:2c:fa:7b:53:22
Signer

Actual PE Digest

d7:ad:7a:80:59:94:6d:8d:b2:3b:50:60:57:c6:3f:2c:fa:7b:53:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\project\pptv\bin\PE.pdb

Imports

kernel32

FindClose
FindFirstFileA
GetLongPathNameA
GetModuleFileNameA
WideCharToMultiByte
GetLongPathNameW
GetCurrentProcessId
GetCommandLineA
GetLastError
GetCurrentProcess
GetLocalTime
GetTempPathA
lstrcatA
lstrcpyA
CreateProcessA
GetModuleHandleA
OpenProcess
CreateEventW
ReleaseMutex
CreateToolhelp32Snapshot
SetUnhandledExceptionFilter
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrlenW
GetPrivateProfileStringW
WaitForSingleObject
TerminateProcess
GetVersionExW
LocalFree
LocalAlloc
GetTempPathW
GetEnvironmentVariableW
CreateProcessW
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
Module32FirstW
VirtualQuery
OutputDebugStringA
GetPrivateProfileStringA
GetModuleFileNameW
LoadLibraryW
GetEnvironmentVariableA
Module32NextW
CloseHandle
FreeLibrary
LoadLibraryA
GetProcAddress
GetCommandLineW
GetCurrentThread
GetCurrentThreadId
CreateFileA
GetFileSize
CreateFileMappingW
MapViewOfFile
IsBadReadPtr
CreateMutexW
lstrcmpiW
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

user32

GetDesktopWindow
GetShellWindow
GetWindowThreadProcessId
wsprintfW

advapi32

ConvertStringSidToSidW
GetLengthSid
SetTokenInformation
SetThreadToken
LookupPrivilegeValueW
AdjustTokenPrivileges
DuplicateTokenEx
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ImpersonateSelf

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetFolderPathA

ole32

StringFromCLSID
CoCreateGuid
CoInitialize
CoUninitialize
CoCreateInstance

msvcp100

?_Decref@facet@locale@std@@QAEPAV123@XZ
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
??0_Lockit@std@@QAE@H@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
??1_Lockit@std@@QAE@XZ
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??Bid@locale@std@@QAEIXZ
?id@?$codecvt@_WDH@std@@2V0locale@2@A

msvcr100

_controlfp_s
__dllonexit
_invoke_watson
memcpy
memmove
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
_snprintf
??_V@YAXPAX@Z
memset
fflush
vfprintf
memchr
sprintf
__wargv
__argc
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
strncpy
fopen
toupper
fclose
free
_wcsdup
wcschr
_wcsicmp
_unlock
_except_handler4_common
_lock
_onexit
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

PathRemoveFileSpecA
PathFindFileNameA
PathAppendA
PathAppendW
PathRemoveFileSpecW
PathStripPathW

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 375KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/PluginInstaller.exe
.exe windows:4 windows x86 arch:x86

b4dd414adf75859560fa6af81972f8d5

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a4:7d:36:e1:62:1d:2a:82:49:8e:81:01:fa:ba:a3:69:75:d8:48:79
Signer

Actual PE Digest

a4:7d:36:e1:62:1d:2a:82:49:8e:81:01:fa:ba:a3:69:75:d8:48:79

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord860
ord1225
ord2822
ord927
ord2606
ord535
ord925
ord940
ord942
ord858
ord823
ord861
ord825
ord538
ord540
ord2810
ord800

msvcrt

wcscpy
wcstoul
_wcsicmp
memcpy
wcscspn
_wtoi
wcscmp
_ftol
memcmp
_wtol
isspace
isalnum
_wcsdup
rand
iswdigit
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
atoi
??0exception@@QAE@XZ
_CxxThrowException
strlen
strcpy
sprintf
strcat
strrchr
strncpy
__dllonexit
_onexit
malloc
free
__CxxFrameHandler
memset
wcsncpy
wcslen
_wcsnicmp
wcsspn
_except_handler3
__set_app_type
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
__p__fmode
__p__commode
_adjust_fdiv
_initterm
__setusermatherr
_controlfp

kernel32

CloseHandle
GetLastError
GetTempPathW
WaitForSingleObject
OpenFileMappingW
lstrlenA
CreateMutexW
SetLastError
OpenEventW
CreateProcessW
GetEnvironmentVariableW
CreateFileMappingW
CreateEventW
SetEvent
MapViewOfFile
UnmapViewOfFile
GetTempFileNameW
GetVersionExW
GetStartupInfoA
GetModuleHandleA
GetModuleHandleW
GetModuleFileNameA
CreateThread
CreateFileA
DeviceIoControl
CreateFileW
WriteFile
FlushFileBuffers
DebugBreak
InterlockedDecrement
GetModuleFileNameW
OutputDebugStringW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CopyFileW
GetCurrentProcess
FlushInstructionCache
EnterCriticalSection
LeaveCriticalSection
DeleteFileW
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
GetTickCount
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
ResetEvent

user32

CharNextW
RegisterClassExW
LoadCursorW
UpdateWindow
wvsprintfW
IsWindow
PostMessageW
GetClassInfoExW
wsprintfW
KillTimer
SetTimer
CallWindowProcW
GetWindowLongW
SetWindowLongW
SendMessageW
DestroyWindow
PostQuitMessage
DefWindowProcW
FindWindowW
GetMessageW
TranslateMessage
DispatchMessageW
CreateWindowExW
ShowWindow

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW

shell32

ShellExecuteExW
SHGetFolderPathW

ole32

CoTaskMemFree
CoInitialize
CreateBindCtx
CoUninitialize
CoTaskMemAlloc

oleaut32

SysAllocString
SysFreeString

urlmon

RevokeBindStatusCallback
RegisterBindStatusCallback
CreateURLMoniker
URLDownloadToFileW

msvcp60

?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
?empty@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE_NXZ
?length@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAGI@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?data@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1_Winit@std@@QAE@XZ
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z

wintrust

WTHelperGetProvCertFromChain
WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData

crypt32

CertGetNameStringW

wininet

HttpQueryInfoW
InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetCrackUrlW

shlwapi

PathRemoveFileSpecW
StrStrIW
PathFileExistsW
StrCmpW
PathFindFileNameW
PathAppendW

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ef:57:50:85:4a:2b:8d:e7:3a:4d:39:1e:27:77:6a:19:aa:e6:d3:c7
Signer

Actual PE Digest

ef:57:50:85:4a:2b:8d:e7:3a:4d:39:1e:27:77:6a:19:aa:e6:d3:c7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/admodule.dll
.dll regsvr32 windows:5 windows x86 arch:x86

84d3fae859555f3fa806d87efe60a956

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9f:68:c5:88:c9:86:20:30:e3:28:d3:79:38:ec:c6:cb:8f:b1:42:e5
Signer

Actual PE Digest

9f:68:c5:88:c9:86:20:30:e3:28:d3:79:38:ec:c6:cb:8f:b1:42:e5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\pplive\admodule\ReleaseUMinSize\admodule.pdb

Imports

kernel32

HeapAlloc
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualAlloc
GetCommandLineA
HeapReAlloc
ExitProcess
HeapSize
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
LCMapStringA
SetHandleCount
GetFileType
GetStartupInfoA
HeapFree
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryA
GetDriveTypeA
GetProcessHeap
SetEnvironmentVariableA
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
InterlockedCompareExchange
GetFileSizeEx
GetFileAttributesW
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
LocalAlloc
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GlobalAddAtomW
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
FindNextFileW
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetModuleHandleA
FormatMessageW
WaitForSingleObject
TerminateProcess
lstrcpyW
CreateProcessW
Sleep
VirtualQuery
ReadFile
LocalFree
SetFileTime
GlobalReAlloc
GlobalFree
CreateDirectoryW
GetEnvironmentVariableW
CreateFileA
WriteFile
CompareFileTime
GetPrivateProfileIntA
GetPrivateProfileStringA
LoadLibraryW
GetSystemInfo
GetProcAddress
CopyFileW
GetPrivateProfileStringW
SystemTimeToFileTime
GetCurrentProcessId
GetCommandLineW
DeleteFileW
lstrlenA
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
WideCharToMultiByte
GetTickCount
GetSystemTime
WritePrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
CloseHandle
OutputDebugStringW
GetModuleHandleW
LoadLibraryExW
MultiByteToWideChar
FreeLibrary
SetLastError
GetCurrentThreadId
GetModuleFileNameW
MulDiv
lstrcmpW
GetCurrentProcess
FlushInstructionCache
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
InterlockedDecrement
InterlockedIncrement
lstrcmpiW
GetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetConsoleCP
lstrlenW

user32

DestroyMenu
GetSysColorBrush
UnregisterClassW
WinHelpW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
SetMenu
SetForegroundWindow
GetClassInfoW
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
PeekMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostQuitMessage
CharUpperW
UnhookWindowsHookEx
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetAncestor
WaitForInputIdle
LoadIconW
MapWindowPoints
GetDoubleClickTime
BringWindowToTop
SetRect
DestroyWindow
SetRectEmpty
UnregisterClassA
IsWindow
EnableWindow
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
LoadImageW
LoadBitmapW
OffsetRect
PostThreadMessageW
GetSystemMetrics
InflateRect
DrawEdge
DrawFocusRect
GetCapture
AdjustWindowRectEx
GetDlgCtrlID
IsWindowEnabled
UpdateWindow
GetMenu
SystemParametersInfoW
IsWindowVisible
PostMessageW
wsprintfW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetCursor
ValidateRect
KillTimer
CharNextW
SetWindowLongW
GetWindowLongW
DefWindowProcW
CopyRect
IsRectEmpty
GetClientRect
UpdateLayeredWindow
ClientToScreen
GetWindowDC
GetParent
PtInRect
ScreenToClient
GetCursorPos
EqualRect
GetWindowRect
ReleaseDC
GetDC
SetWindowRgn
GetSysColor
MoveWindow
SetWindowPos
InvalidateRect
InvalidateRgn
RedrawWindow
SetCapture
IsChild
GetDlgItem
GetClassNameW
ReleaseCapture
SetTimer
ShowWindow
CreateAcceleratorTableW
CreateWindowExW
RegisterClassExW
LoadCursorW
GetClassInfoExW
SendMessageW
SetFocus
GetFocus
GetWindow
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
FillRect
RegisterClassW

gdi32

ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkMode
RestoreDC
SaveDC
CreateBitmap
CreateFontW
CreateDIBSection
ExtCreateRegion
OffsetRgn
CombineRgn
CreateRectRgn
Escape
TextOutW
RectVisible
PtVisible
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
CreateFontIndirectW
SetViewportOrgEx
SetBkColor
ExtTextOutW
GetStockObject
GetObjectW
CreateSolidBrush
CreateCompatibleBitmap
CreateRoundRectRgn
CreateCompatibleDC
SelectObject
GetDeviceCaps
BitBlt
DeleteDC

msimg32

GradientFill

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

BuildExplicitAccessWithNameW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
GetNamedSecurityInfoW
RegDeleteKeyW
SetEntriesInAclW
SetNamedSecurityInfoW
RegQueryValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegEnumKeyExW
RegQueryInfoKeyW

shell32

SHGetFolderPathW
ShellExecuteW
ord165

comctl32

ImageList_GetIconSize
ImageList_Draw
_TrackMouseEvent
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathFindExtensionW
StrStrIW
PathFindFileNameW
PathStripPathW
PathStripToRootW
PathIsUNCW
PathAppendW

ole32

CoTaskMemRealloc
CoTaskMemFree
CreateStreamOnHGlobal
OleDraw
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleInitialize
OleUninitialize
OleSetContainedObject
OleCreate
CreateBindCtx
CoTaskMemAlloc

oleaut32

SysFreeString
SysAllocString
SysAllocStringLen
VarUI4FromStr
VariantInit
VariantClear
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
DispCallFunc
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantCopy
SysAllocStringByteLen
SysStringByteLen
UnRegisterTypeLi
RegisterTypeLi
VariantChangeType
VarBstrCmp
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SysStringLen
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayDestroy
SafeArrayGetLBound

urlmon

RegisterBindStatusCallback
RevokeBindStatusCallback
CreateURLMoniker

gdiplus

GdipBitmapGetPixel
GdipDrawImageRectI
GdipCreateFromHDC
GdipCreateBitmapFromFile
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipLoadImageFromStream
GdipAlloc
GdipFree
GdiplusShutdown

wininet

InternetTimeToSystemTimeW

Exports

Exports

Cleanup
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
DownloadFodder
NSGetModule
ShowABM
StartPlay

Sections

.text
Size: 553KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/atl100.dll
.dll windows:5 windows x86 arch:x86

0bbf1228f837ecb83ec693b705100bde

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

92:7e:29:5e:8b:e5:14:0d:44:a7:03:2e:dd:40:1f:17:0d:88:ed:d2
Signer

Actual PE Digest

92:7e:29:5e:8b:e5:14:0d:44:a7:03:2e:dd:40:1f:17:0d:88:ed:d2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

atl100.i386.pdb

Imports

kernel32

lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
GetProcAddress
GetModuleHandleW
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
CloseHandle
ReadFile
GetFileSize
CreateFileW
GetModuleFileNameW
WideCharToMultiByte
WaitForSingleObject
GlobalAlloc
FindResourceA
MulDiv
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
lstrcmpW
GlobalUnlock
GlobalLock
SetLastError
GlobalFree
GlobalHandle
LockResource
LocalAlloc
InterlockedExchange
LoadLibraryA
HeapFree
DecodePointer
EncodePointer
HeapAlloc
GetCommandLineA
HeapCreate
HeapDestroy
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
WriteFile
GetStdHandle
ExitProcess
HeapReAlloc
HeapSize
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetHandleCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
WriteConsoleW
LCMapStringW
GetStringTypeW
FlushFileBuffers
InterlockedCompareExchange
InterlockedPushEntrySList
GetProcessHeap
VirtualFree
VirtualAlloc
InterlockedPopEntrySList

Exports

Exports

AtlAdvise
AtlAxAttachControl
AtlAxCreateControl
AtlAxCreateControlEx
AtlAxCreateControlLic
AtlAxCreateControlLicEx
AtlAxCreateDialogA
AtlAxCreateDialogW
AtlAxDialogBoxA
AtlAxDialogBoxW
AtlAxGetControl
AtlAxGetHost
AtlAxWinInit
AtlCallTermFunc
AtlComModuleGetClassObject
AtlComModuleRegisterClassObjects
AtlComModuleRevokeClassObjects
AtlComModuleUnregisterServer
AtlComPtrAssign
AtlComQIPtrAssign
AtlCreateRegistrar
AtlCreateTargetDC
AtlDevModeW2A
AtlFreeMarshalStream
AtlGetObjectSourceInterface
AtlGetPerUserRegistration
AtlGetVersion
AtlHiMetricToPixel
AtlIPersistPropertyBag_Load
AtlIPersistPropertyBag_Save
AtlIPersistStreamInit_Load
AtlIPersistStreamInit_Save
AtlInternalQueryInterface
AtlLoadTypeLib
AtlMarshalPtrInProc
AtlModuleAddTermFunc
AtlPixelToHiMetric
AtlRegisterClassCategoriesHelper
AtlSetErrorInfo
AtlSetPerUserRegistration
AtlUnadvise
AtlUnmarshalPtr
AtlUpdateRegistryFromResourceD
AtlWaitWithMessageLoop
AtlWinModuleAddCreateWndData
AtlWinModuleExtractCreateWndData
AtlWinModuleInit
AtlWinModuleRegisterClassExA
AtlWinModuleRegisterClassExW
AtlWinModuleRegisterWndClassInfoA
AtlWinModuleRegisterWndClassInfoW
AtlWinModuleTerm

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/cmdline.dll
.dll regsvr32 windows:5 windows x86 arch:x86

fb710db50f09303a58e3e6abf171df01

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

97:82:45:07:56:05:1e:3b:65:45:08:87:c3:89:c2:ed:96:c2:60:ac
Signer

Actual PE Digest

97:82:45:07:56:05:1e:3b:65:45:08:87:c3:89:c2:ed:96:c2:60:ac

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\geoegeliu\.hudson\jobs\PPTV\workspace\cmdline\Release\cmdline.pdb

Imports

kernel32

GetModuleFileNameW
RaiseException
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
lstrlenW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
GetModuleHandleW
GetProcAddress
DisableThreadLibraryCalls
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
LeaveCriticalSection
IsDebuggerPresent
EnterCriticalSection
EncodePointer
WideCharToMultiByte
GetSystemTimeAsFileTime

user32

UnregisterClassW
CharNextW

ole32

CoCreateInstance

oleaut32

SysStringLen
SysAllocString
SysAllocStringLen
LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi
SysFreeString

atl100

ord58
ord32
ord15
ord49
ord56
ord68
ord61
ord23
ord64
ord31

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ

msvcr100

wcsncpy_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
_CxxThrowException
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
??_V@YAXPAX@Z
_purecall
free
__CxxFrameHandler3
memmove
_wcsicmp
malloc
wcsncpy
memset
memcpy
_recalloc
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__clean_type_info_names_internal
??3@YAXPAX@Z
memmove_s
??1exception@std@@UAE@XZ

omng

ord7

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
NSGetModule

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/crashreporter.exe
.exe windows:4 windows x86 arch:x86

54224128218851b97ad74d04b5915baf

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:04:1d:5f:18:58:7b:db:26:de:3b:07:c4:24:58:eb:a3:fd:31:d1
Signer

Actual PE Digest

52:04:1d:5f:18:58:7b:db:26:de:3b:07:c4:24:58:eb:a3:fd:31:d1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetWriteFile
HttpSendRequestExA
InternetCloseHandle
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetOpenA
HttpEndRequestA

mfc42

ord3079
ord4080
ord4622
ord4424
ord3738
ord815
ord2614
ord540
ord561
ord2514
ord2818
ord858
ord535
ord2621
ord1134
ord1199
ord1247
ord641
ord656
ord922
ord924
ord926
ord5710
ord1997
ord939
ord941
ord5465
ord798
ord5194
ord533
ord860
ord4202
ord6392
ord825
ord5448
ord823
ord3318
ord6877
ord5572
ord2915
ord4129
ord6663
ord3573
ord3626
ord2414
ord3663
ord5265
ord4376
ord4853
ord4998
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord3825
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord2302
ord4234
ord1779
ord6199
ord3092
ord4710
ord2754
ord755
ord470
ord3874
ord6215
ord3089
ord4476
ord1168
ord1641
ord2379
ord6055
ord1776
ord5290
ord3402
ord3610
ord567
ord1146
ord4396
ord3574
ord609
ord4275
ord2243
ord5875
ord2859
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord1576
ord5571
ord6061
ord5864
ord3596
ord640
ord323
ord6194
ord2567
ord3619
ord3571
ord1640
ord5785
ord2864
ord2575
ord1929
ord795
ord2244
ord4133
ord5788
ord472
ord3693
ord4297
ord3721
ord2764
ord5683
ord2763
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord800
ord537
ord4673
ord2446
ord5579

msvcrt

fseek
fopen
rewind
malloc
atoi
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
ftell
_setmbcp
__CxxFrameHandler
sprintf
strtol
strncpy
isalnum
strlen
strcmp
memset
_stricmp
strcpy
free
fread
fclose

kernel32

lstrlenA
MultiByteToWideChar
CreateProcessA
CloseHandle
Sleep
GetModuleHandleA
GetStartupInfoA
LoadLibraryA
GetProcAddress
FreeLibrary
GetTickCount
GetEnvironmentVariableA
OutputDebugStringA
GetCommandLineW
lstrlenW
GetTempPathA
CopyFileA
GetModuleFileNameA
WideCharToMultiByte
DeleteFileA
GetPrivateProfileIntA

user32

UpdateWindow
PostMessageA
InvalidateRect
SetWindowPos
TabbedTextOutA
WaitForInputIdle
GetCapture
GetParent
GrayStringA
LoadBitmapA
OffsetRect
InflateRect
GetWindowLongA
GetAncestor
DrawTextA
PtInRect
CopyRect
GetSysColor
ReleaseCapture
LoadIconA
EnableWindow
GetClientRect
IsIconic
SendMessageA
DrawIcon
LoadCursorA
SetCursor
GetSystemMetrics
LoadImageA
SetCapture

gdi32

BitBlt
Escape
ExtTextOutA
TextOutA
PtVisible
LPtoDP
DPtoLP
GetMapMode
GetBkColor
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
CreateFontIndirectA
CreateSolidBrush
RectVisible

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetFolderPathA
CommandLineToArgvW
ShellExecuteA

msvcp60

??1Init@ios_base@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??_D?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??Bios_base@std@@QBEPAXXZ
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

shlwapi

PathRemoveFileSpecA
PathAppendA
PathFileExistsA

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/filepick.dll
.dll regsvr32 windows:4 windows x86 arch:x86

b19a32b747d480a5fa1152cef53c4bf1

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c0:c6:fd:e6:30:54:eb:1c:0f:fa:fc:ef:fe:65:f0:d7:0d:de:1a:5e
Signer

Actual PE Digest

c0:c6:fd:e6:30:54:eb:1c:0f:fa:fc:ef:fe:65:f0:d7:0d:de:1a:5e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OpenMutexW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
CreateMutexW
WritePrivateProfileSectionW
ExpandEnvironmentStringsW
GetCurrentProcess
InitializeCriticalSection
GetLogicalDriveStringsW
GetDriveTypeW
GetTempFileNameW
CreateFileW
WriteFile
GetDiskFreeSpaceExW
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
WideCharToMultiByte
DisableThreadLibraryCalls
EnterCriticalSection
LeaveCriticalSection
lstrlenW
GetModuleHandleW
GetModuleFileNameW
CreateProcessW
WaitForSingleObject
GetPrivateProfileSectionNamesW
CloseHandle

user32

MessageBoxIndirectW
GetSystemMenu
EnableMenuItem
ExitWindowsEx
GetWindowLongW
BringWindowToTop
PostMessageW
ShowWindow
FindWindowExW
SendMessageW
FindWindowW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegSetValueExW

shell32

SHGetPathFromIDListW
ord165
SHGetFolderPathW
ShellExecuteExW
SHBrowseForFolderW

ole32

CoTaskMemFree

oleaut32

SysAllocString
VariantCopy
SysStringLen
LoadTypeLi
SysAllocStringLen
SysFreeString
VariantClear

atl

ord30
ord23
ord21
ord16
ord15
ord18
ord57
ord32
ord58

msvcp60

?_Eos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?_Freeze@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEPAGPAG0@Z
?end@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEPAGXZ
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?_Xlen@std@@YAXXZ
?_Copy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_Split@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??Mstd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z

shlwapi

PathAddBackslashW
PathRemoveFileSpecW
PathUnExpandEnvStringsW
SHDeleteKeyW
PathAppendW
PathFindExtensionW
PathFileExistsW

msvcrt

iswdigit
??2@YAPAXI@Z
__CxxFrameHandler
_purecall
wcslen
wcsncpy
_onexit
__dllonexit
wcscpy
_adjust_fdiv
_initterm
?terminate@@YAXXZ
wcstol
wcscmp
_itow
_except_handler3
free
malloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
NSGetModule

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/mframe.dll
.dll regsvr32 windows:4 windows x86 arch:x86

efd9769dbbb5eb5c4b7f43e947c98ae2

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:13:a6:a1:c8:16:1a:87:ba:80:96:cf:b0:25:e2:38:f9:cf:10:8e
Signer

Actual PE Digest

0a:13:a6:a1:c8:16:1a:87:ba:80:96:cf:b0:25:e2:38:f9:cf:10:8e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42u

ord2371
ord2810
ord956
ord861
ord2362
ord858
ord2634
ord2966
ord5755
ord6188
ord5752
ord6182
ord4324
ord6185
ord6017
ord5869
ord5790
ord5674
ord5732
ord5575
ord5567
ord6057
ord5860
ord3591
ord535
ord925
ord4124
ord6354
ord2756
ord4197
ord2859
ord3566
ord6190
ord5781
ord922
ord940
ord5706
ord6195
ord5795
ord1173
ord2862
ord4269
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord5783
ord5193
ord2388
ord3341
ord5296
ord5298
ord4074
ord4692
ord5303
ord5285
ord5710
ord4616
ord3733
ord561
ord815
ord3948
ord2717
ord1165
ord2606
ord6193
ord6107
ord6238
ord2105
ord2559
ord2444
ord927
ord3711
ord790
ord5977
ord3541
ord4118
ord1143
ord2822
ord3016
ord1115
ord1568
ord1570
ord1179
ord342
ord1240
ord1194
ord1563
ord1248
ord1250
ord1571
ord600
ord826
ord269
ord5784
ord6871
ord6168
ord5785
ord537
ord3688
ord2114
ord1088
ord1634
ord860
ord2910
ord5568
ord942
ord556
ord809
ord3614
ord538
ord2078
ord4294
ord2294
ord795
ord3716
ord3397
ord4470
ord4704
ord6330
ord3087
ord4229
ord2356
ord2287
ord2350
ord2293
ord641
ord324
ord3592
ord4419
ord5276
ord4401
ord1767
ord6048
ord2506
ord4992
ord4847
ord4370
ord5261
ord6211
ord6466
ord3658
ord470
ord825
ord755
ord2854
ord2746
ord283
ord2406
ord5871
ord540
ord3798
ord323
ord1633
ord2397
ord640
ord800
ord3621
ord6451
ord5047
ord4270
ord692
ord567
ord3634
ord4418
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5273
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord5286
ord4347
ord6370
ord5157
ord2377
ord5237
ord4395
ord1768
ord4073
ord6051
ord2016
ord2405
ord6362
ord1764
ord823
ord1089

msvcrt

wcscmp
abs
swprintf
_ftol
atoi
_purecall
_wcsicmp
memset
malloc
free
_wcsnicmp
fflush
vfprintf
fopen
strlen
_snprintf
strncpy
fclose
memcmp
realloc
wcslen
iswdigit
_wtoi
_wcsdup
_getdrives
isspace
wcscpy
srand
rand
_except_handler3
memcpy
__CxxFrameHandler
isalnum
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
strcpy

kernel32

DeleteCriticalSection
InitializeCriticalSection
LoadLibraryExW
GetPrivateProfileStringW
InterlockedIncrement
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
GetLongPathNameW
GetCurrentProcess
FlushInstructionCache
LoadLibraryA
lstrcpynW
WideCharToMultiByte
GetWindowsDirectoryW
FreeLibrary
GetTickCount
GetModuleFileNameW
LoadLibraryW
OutputDebugStringA
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetLastError
SetLastError
InterlockedDecrement
lstrlenW
OutputDebugStringW
lstrcmpW
SetUnhandledExceptionFilter
GetLocalTime
lstrcatA
lstrcpyA
GetModuleFileNameA
CloseHandle
Module32NextW
GetLongPathNameA
Module32FirstW
CreateToolhelp32Snapshot
FindClose
FindFirstFileA
GetCurrentThread
VirtualQuery
DebugBreak
lstrlenA
GetPrivateProfileIntW
WritePrivateProfileStringW
GetEnvironmentVariableW
MultiByteToWideChar
LocalFree
LocalAlloc
lstrcpyW
GetCurrentThreadId

user32

EndDeferWindowPos
EnableWindow
DrawTextW
GetSysColor
CopyRect
InflateRect
FillRect
RedrawWindow
CreateWindowExW
DestroyWindow
SetWindowsHookExW
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos
GetParent
SetDlgItemTextW
GetDlgItem
SendMessageW
GetKeyState
CallNextHookEx
GetMenuItemInfoW
SetMenuItemInfoW
SetMenuDefaultItem
CreateDialogParamW
GetDoubleClickTime
PostMessageW
DeferWindowPos
ScreenToClient
ShowWindow
BeginDeferWindowPos
IsWindow
ReleaseDC
LoadStringW
GetDC
LoadMenuW
InvalidateRect
UnhookWindowsHookEx
UpdateWindow
PtInRect
ClientToScreen
GetCapture
SetRect
wsprintfW
DialogBoxParamW
SetRectEmpty
GetAncestor
MonitorFromWindow
GetMonitorInfoW
SetParent
SetForegroundWindow
EndDialog
SetFocus
GetClassNameW
WindowFromPoint
SetActiveWindow
GetCursorPos
IsChild
TrackPopupMenu
DestroyMenu
BringWindowToTop
IsWindowVisible
RegisterWindowMessageW
GrayStringW
TabbedTextOutW
EndPaint
GetMenu
AdjustWindowRectEx
IsWindowEnabled
DrawEdge
GetSystemMetrics
DrawFocusRect
SetWindowLongW
KillTimer
ReleaseCapture
SetCapture
CallWindowProcW
SetTimer
BeginPaint
LoadBitmapW
DefWindowProcW
CharNextW
wvsprintfW
IsRectEmpty
SetWindowTextW
MoveWindow
LoadImageW
GetFocus
GetSubMenu
GetWindowTextW
SetClassLongW
LoadCursorW
CopyIcon
GetDlgCtrlID
GetWindowLongW
SetCursor

gdi32

SetTextColor
GetBkColor
GetViewportExtEx
SetBkMode
LPtoDP
FloodFill
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DPtoLP
CreateBitmap
CreateCompatibleBitmap
GetMapMode
SetMapMode
SetBkColor
CreatePen
Rectangle
GetObjectW
CreateFontIndirectW
GetTextExtentPoint32W
CreateSolidBrush
CreateDIBSection
SelectObject
StretchBlt
DeleteDC
BitBlt
DeleteObject
CreateCompatibleDC
GetWindowExtEx

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey

shell32

ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFolderPathW
SHGetMalloc

ole32

CoTaskMemFree
CreateBindCtx

oleaut32

VariantClear
SysFreeString
SysAllocString
SysStringLen
SysAllocStringLen
LoadTypeLi
DispCallFunc
LoadRegTypeLi

urlmon

RegisterBindStatusCallback
CreateURLMoniker

atl

ord11
ord10
ord45
ord43
ord15
ord44
ord32
ord18
ord57
ord21
ord42
ord30
ord53
ord58
ord16

msimg32

GradientFill

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

pplugin2

?GetCurrentVersionW@@YGHIPAGK@Z

shlwapi

PathAppendA
PathStripPathW
PathFileExistsW
PathRemoveFileSpecW
PathFindFileNameA
PathRemoveFileSpecA
PathAppendW

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/msvcp100.dll
.dll windows:5 windows x86 arch:x86

7a0d9f66efd1839f136ca6896fa52dfa

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

a7:21:d1:9b:3f:b9:03:98:98:4f:d3:16:37:f9:36:ae:51:91:65:b9
Signer

Actual PE Digest

a7:21:d1:9b:3f:b9:03:98:98:4f:d3:16:37:f9:36:ae:51:91:65:b9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp100.i386.pdb

Imports

msvcr100

rand_s
memset
memmove
fgetc
ungetc
_lock_file
_unlock_file
fflush
setvbuf
memcpy_s
fwrite
fgetpos
_fseeki64
fsetpos
fclose
_fsopen
_wfsopen
fseek
ldexp
wcslen
memchr
memmove_s
sprintf_s
_Strftime
strcspn
setlocale
_realloc_crt
strcmp
_malloc_crt
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_purecall
strerror
fgetwc
fputwc
ungetwc
__uncaught_exception
towlower
towupper
_create_locale
_ui64toa_s
_free_locale
__pctype_func
_errno
___mb_cur_max_l_func
___lc_codepage_func
___lc_handle_func
__crtCompareStringA
memcmp
___lc_collate_cp_func
__crtLCMapStringA
__iob_func
?Alloc@Concurrency@@YAPAXI@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?Yield@Context@Concurrency@@SAXXZ
??1critical_section@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0bad_target@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
?set@event@Concurrency@@QAEXXZ
?wait@event@Concurrency@@QAEII@Z
??1event@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
?Free@Concurrency@@YAXPAX@Z
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
?Log2@details@Concurrency@@YAKI@Z
isupper
_calloc_crt
islower
__crtLCMapStringW
isspace
tolower
strtod
__crtCompareStringW
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__clean_type_info_names_internal
fputs
fputc
abort
log
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
_Getmonths
_Getdays
malloc
__CxxFrameHandler3
??2@YAPAXI@Z
___mb_cur_max_func
memcpy
strlen
??_V@YAXPAX@Z
_Gettnames
localeconv
free
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBDH@Z
??3@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??1exception@std@@UAE@XZ
??0operation_timed_out@Concurrency@@QAE@XZ
??0exception@std@@QAE@XZ

kernel32

GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
Sleep
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
GetLocaleInfoW
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
InterlockedCompareExchange
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetSystemTimeAsFileTime

Exports

Exports

??0?$_Yarn@D@std@@QAE@ABV01@@Z
??0?$_Yarn@D@std@@QAE@PBD@Z
??0?$_Yarn@D@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Concurrent_queue_base_v4@details@Concurrency@@IAE@I@Z
??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@ABV_Concurrent_queue_base_v4@12@@Z
??0_Container_base12@std@@QAE@ABU01@@Z
??0_Container_base12@std@@QAE@XZ
??0_Init_locks@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locimp@locale@std@@AAE@_N@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Mutex@std@@QAE@W4_Uninitialized@1@@Z
??0_Mutex@std@@QAE@XZ
??0_Runtime_object@details@Concurrency@@QAE@H@Z
??0_Runtime_object@details@Concurrency@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0agent@Concurrency@@QAE@AAVScheduleGroup@1@@Z
??0agent@Concurrency@@QAE@AAVScheduler@1@@Z
??0agent@Concurrency@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0ios_base@std@@QAE@ABV01@@Z
??0time_base@std@@QAE@I@Z
??1?$_Yarn@D@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$codecvt@DDH@std@@MAE@XZ
??1?$codecvt@GDH@std@@MAE@XZ
??1?$codecvt@_WDH@std@@MAE@XZ
??1?$ctype@D@std@@MAE@XZ
??1?$ctype@G@std@@MAE@XZ
??1?$ctype@_W@std@@MAE@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Concurrent_queue_base_v4@details@Concurrency@@MAE@XZ
??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@XZ
??1_Concurrent_vector_base_v4@details@Concurrency@@IAE@XZ
??1_Container_base12@std@@QAE@XZ
??1_Init_locks@std@@QAE@XZ
??1_Locimp@locale@std@@MAE@XZ
??1_Locinfo@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Mutex@std@@QAE@XZ
??1_Timevec@std@@QAE@XZ
??1_UShinit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1agent@Concurrency@@UAE@XZ
??1codecvt_base@std@@UAE@XZ
??1ctype_base@std@@UAE@XZ
??1facet@locale@std@@UAE@XZ
??1ios_base@std@@UAE@XZ
??1time_base@std@@UAE@XZ
??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z
??4?$numeric_limits@C@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@D@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@E@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@F@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@G@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@H@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@I@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@J@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@K@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@M@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@N@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@O@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_J@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_K@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_N@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_W@std@@QAEAAV01@ABV01@@Z
??4Init@ios_base@std@@QAEAAV012@ABV012@@Z
??4_Container_base0@std@@QAEAAU01@ABU01@@Z
??4_Container_base12@std@@QAEAAU01@ABU01@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
??4_Num_base@std@@QAEAAU01@ABU01@@Z
??4_Num_float_base@std@@QAEAAU01@ABU01@@Z
??4_Num_int_base@std@@QAEAAU01@ABU01@@Z
??4_Timevec@std@@QAEAAV01@ABV01@@Z
??4_UShinit@std@@QAEAAV01@ABV01@@Z
??4_Winit@std@@QAEAAV01@ABV01@@Z
??4ios_base@std@@QAEAAV01@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??7ios_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
??Bios_base@std@@QBEPAXXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDH@std@@6B@
??_7?$codecvt@GDH@std@@6B@
??_7?$codecvt@_WDH@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_F?$codecvt@DDH@std@@QAEXXZ
??_F?$codecvt@GDH@std@@QAEXXZ
??_F?$codecvt@_WDH@std@@QAEXXZ
??_F?$ctype@D@std@@QAEXXZ
??_F?$ctype@G@std@@QAEXXZ
??_F?$ctype@_W@std@@QAEXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F_Locimp@locale@std@@QAEXXZ
??_F_Locinfo@std@@QAEXXZ
??_F_Timevec@std@@QAEXXZ
??_Fcodecvt_base@std@@QAEXXZ
??_Fctype_base@std@@QAEXXZ
??_Ffacet@locale@std@@QAEXXZ
??_Fid@locale@std@@QAEXXZ
??_Ftime_base@std@@QAEXXZ
?NFS_Allocate@details@Concurrency@@YAPAXIIPAX@Z
?NFS_Free@details@Concurrency@@YAXPAX@Z
?NFS_GetLineSize@details@Concurrency@@YAIXZ
?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Addstd@ios_base@std@@SAXPAV12@@Z
?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXXZ
?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXABV123@@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_C_str@?$_Yarn@D@std@@QBEPBDXZ
?_Callfns@ios_base@std@@AAEXW4event@12@@Z
?_Clocptr@_Locimp@locale@std@@0PAV123@A
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Donarrow@?$ctype@G@std@@IBEDGD@Z
?_Donarrow@?$ctype@_W@std@@IBED_WD@Z
?_Dowiden@?$ctype@G@std@@IBEGD@Z
?_Dowiden@?$ctype@_W@std@@IBE_WD@Z
?_Empty@?$_Yarn@D@std@@QBE_NXZ
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z
?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDIIII@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDIIII@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDIIII@Z
?_GetCombinableSize@details@Concurrency@@YAIXZ
?_GetCurrentThreadId@details@Concurrency@@YAKXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@GDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QBEHXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAH@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAH@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAH@Z
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getmonths@_Locinfo@std@@QBEPBDXZ
?_Getname@_Locinfo@std@@QBEPBDXZ
?_Getpfirst@_Container_base12@std@@QBEPAPAU_Iterator_base12@2@XZ
?_Getptr@_Timevec@std@@QBEPAXXZ
?_Gettnames@_Locinfo@std@@QBE?AV_Timevec@2@XZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBE_JXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Hexdig@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHDDDD@Z
?_Hexdig@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHGGGG@Z
?_Hexdig@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAH_W000@Z
?_Id_cnt@id@locale@std@@0HA
?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Incref@facet@locale@std@@QAEXXZ

Sections

.text
Size: 371KB - Virtual size: 371KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/msvcr100.dll
.dll windows:5 windows x86 arch:x86

5271d5ce8b44dd47bc92563e27585466

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

05:c5:93:9c:0d:cd:fc:08:2e:51:ee:8e:e1:e0:0f:4b:d3:83:4c:d6
Signer

Actual PE Digest

05:c5:93:9c:0d:cd:fc:08:2e:51:ee:8e:e1:e0:0f:4b:d3:83:4c:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr100.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetCurrentThreadId
TlsGetValue
GetCommandLineW
GetCommandLineA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileExA
FindClose
FindNextFileW
FindFirstFileExW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Sleep
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameA
GetDriveTypeW
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
GetDriveTypeA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
CreateTimerQueueTimer
DeleteTimerQueueTimer
SetEvent
CreateEventW
SwitchToThread
SignalObjectAndWait
TryEnterCriticalSection
GetTickCount
VirtualFree
GetVersionExW
SetThreadPriority
VirtualAlloc
GetSystemInfo
GetProcessAffinityMask
VirtualProtect
SetThreadAffinityMask
InitializeSListHead
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
GetThreadPriority
LoadLibraryW
SleepEx
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
DebugBreak
MultiByteToWideChar
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeFormatW
GetDateFormatW
RtlUnwind
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
HeapQueryInformation
HeapReAlloc
HeapSize
HeapValidate
HeapCompact
HeapWalk
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoW
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
CreateFileW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreatePipe
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleW
ReadConsoleW
SetEndOfFile
GetProcessHeap
InterlockedExchange
LockFile
UnlockFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
SetConsoleCtrlHandler
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringW
CompareStringW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsProcessorFeaturePresent

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@details@Concurrency@@QAE@PBD@Z
??0task_canceled@details@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@IAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_ConcRT_Assert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_DumpMessage@details@Concurrency@@YAXPB_WZZ
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p

Sections

.text
Size: 709KB - Virtual size: 708KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/omng.dll
.dll regsvr32 windows:4 windows x86 arch:x86

a6e5006b188407994d8c582dbcefc07b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

70:9e:35:c4:32:63:da:17:47:69:bd:bc:13:85:58:cb:1b:50:3c:06
Signer

Actual PE Digest

70:9e:35:c4:32:63:da:17:47:69:bd:bc:13:85:58:cb:1b:50:3c:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WritePrivateProfileStringW
GetPrivateProfileIntW
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
DisableThreadLibraryCalls
lstrlenW
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
GetPrivateProfileStringW
GetEnvironmentVariableW
UnlockFile
LockFile
RemoveDirectoryA
GetHandleInformation
SetHandleInformation
GetFileInformationByHandle
GetDriveTypeA
GetFullPathNameA
DeleteFileA
FlushFileBuffers
WriteFile
ReadFile
ReleaseSemaphore
SuspendThread
GetProcessAffinityMask
SetThreadAffinityMask
SetThreadPriority
Sleep
ResumeThread
GetCurrentProcess
GetCurrentThread
DuplicateHandle
CreateSemaphoreA
TlsFree
TlsAlloc
TlsSetValue
TlsGetValue
UnmapViewOfFile
MapViewOfFile
FormatMessageA
GetSystemInfo
CreateFileMappingA
TerminateProcess
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
GetSystemTimeAsFileTime
OutputDebugStringA
LoadLibraryW
CreatePipe
InterlockedExchange
GlobalAddAtomA
CreateEventA
DebugBreak
CreateProcessA
GetLastError
FindNextFileA
FindNextFileW
FindClose
CloseHandle
GetUserDefaultLangID
FindFirstFileA
FindFirstFileW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetEndOfFile
SetFilePointer
GetLogicalDriveStringsA
GlobalMemoryStatus
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
GetEnvironmentVariableA
SetLastError
CreateDirectoryA
CreateFileA
CopyFileA
MoveFileA
GetFileAttributesA
GetShortPathNameA
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetSystemDirectoryW
GetWindowsDirectoryW
GetTempPathW
CreateDirectoryW
CreateFileW
CopyFileW
MoveFileW
GetFileAttributesW
GetShortPathNameW
GetDiskFreeSpaceW
LoadLibraryA
GetVersionExA
FreeLibrary
GetExitCodeProcess
WaitForSingleObject

user32

CreateWindowExA
RemovePropA
KillTimer
PostMessageA
GetQueueStatus
wsprintfW
SetTimer
RegisterWindowMessageA
GetClassInfoA
RegisterClassA
SendMessageA
SetPropA
DefWindowProcA
PeekMessageA
GetCursorPos
GetPropA

advapi32

AddAccessAllowedAce
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumKeyExW
RegEnumValueA
RegEnumValueW
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegNotifyChangeKeyValue
AllocateAndInitializeSid
CopySid
GetLengthSid
GetTokenInformation
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
SetSecurityDescriptorGroup
InitializeAcl
RegOpenKeyExA
SetSecurityDescriptorDacl
FreeSid
OpenProcessToken

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteW
ShellExecuteA
SHGetFolderPathW

oleaut32

SysAllocStringLen
LoadTypeLi
SysStringLen
SysFreeString

atl

ord57
ord21
ord16
ord15
ord18
ord58
ord30
ord32

msvcp60

?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ

shlwapi

PathRemoveFileSpecW
PathAppendW

msvcrt

_access
_mbspbrk
_mbsdec
_stat
_mbsinc
_beginthreadex
_stricmp
__p__environ
qsort
abort
fwrite
setvbuf
fclose
sscanf
strftime
__mb_cur_max
_isctype
_pctype
mktime
localtime
strstr
sprintf
strtol
fputs
strchr
fmod
_onexit
__dllonexit
strtoul
_initterm
?terminate@@YAXXZ
_except_handler3
malloc
_wcsdup
free
??2@YAPAXI@Z
_iob
fprintf
fflush
getenv
raise
_exit
strrchr
_wchmod
_wrmdir
_wremove
_wfopen
_wgetdcwd
_wgetcwd
_chmod
_rmdir
wcslen
wcscpy
__CxxFrameHandler
wcsncpy
remove
fopen
_getdcwd
strerror
isspace
isdigit
_strdup
_putenv
_strcmpi
tolower
_adjust_fdiv
_getcwd
wcspbrk
memset
setlocale
strcmp
strncmp
strcpy
atoi
_purecall
memcmp
realloc
memmove
memchr
_wcsnicmp
_wcsicmp
strpbrk
printf
wcsrchr
_ftol
_wsplitpath
wcscat
_errno
calloc
wcschr
memcpy
strlen
wcsncat

ws2_32

closesocket
select
__WSAFDIsSet
setsockopt
WSAGetLastError
gethostname
WSACleanup
WSAStartup
htonl
gethostbyname
gethostbyaddr
getprotobyname
getprotobynumber
htons
inet_addr
ntohs
ntohl
getsockopt
ioctlsocket
socket
accept
connect
bind
listen
recv
send
sendto
recvfrom
shutdown
getsockname
getpeername

winmm

timeGetTime

ole32

CoInitialize
CoCreateGuid
CoCreateInstance
CoUninitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetObjectManager
InitObjectManager
InitObjectManagerEx
ShutdownObjectManager

Sections

.text
Size: 388KB - Virtual size: 386KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/pnsis.dll
.dll windows:4 windows x86 arch:x86

31c6ac2144003ec772b515931addb3ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetCurrentProcessId
GetLongPathNameA
FreeLibrary
GlobalFree
lstrcpyA
GetVersionExA
CloseHandle
OpenProcess
TerminateProcess
DisableThreadLibraryCalls
LocalFree
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
HeapAlloc
GetStringTypeA
GetStringTypeW
RtlUnwind
Sleep
InterlockedDecrement
InterlockedIncrement
UnhandledExceptionFilter
VirtualAlloc
HeapReAlloc
IsBadWritePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

advapi32

BuildExplicitAccessWithNameA
SetEntriesInAclA
SetNamedSecurityInfoA
GetNamedSecurityInfoA

Exports

Exports

AddEveryoneToAcl
KillLinger

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/pplugin2.dll
.dll regsvr32 windows:4 windows x86 arch:x86

b0379d55e3f335965f3a537e8e98546c

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

46:72:65:69:08:83:b1:24:81:63:26:1a:94:f3:44:c4:65:eb:ac:dc
Signer

Actual PE Digest

46:72:65:69:08:83:b1:24:81:63:26:1a:94:f3:44:c4:65:eb:ac:dc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
InitializeCriticalSection
lstrcatW
OutputDebugStringW
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
MulDiv
FlushInstructionCache
HeapDestroy
CreateFileW
SetEndOfFile
ReadFile
WriteFile
LocalFree
GetVersionExW
LoadLibraryA
DisableThreadLibraryCalls
lstrcpynW
lstrcmpiW
FindResourceW
LoadResource
SizeofResource
GetShortPathNameW
OpenEventW
OpenFileMappingW
ResetEvent
MapViewOfFile
SetEvent
CreateEventW
FindClose
WaitForSingleObject
FindNextFileW
lstrcpyW
FindFirstFileW
SetLastError
MultiByteToWideChar
WideCharToMultiByte
GetPrivateProfileIntW
GetPrivateProfileStringW
LoadLibraryExW
GetModuleFileNameW
TerminateProcess
GetEnvironmentVariableW
CreateProcessW
UnmapViewOfFile
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
FreeLibrary
OpenMutexW
lstrlenA
lstrlenW
InterlockedDecrement
InterlockedIncrement
CreateDirectoryW
GetLastError
CopyFileW
CloseHandle
GetCurrentProcess
GetModuleHandleW
GetProcAddress
WritePrivateProfileStringW

user32

GetClassInfoExW
GetParent
wsprintfW
RegisterClassExW
InvalidateRect
CreateDialogParamW
LoadCursorW
SetFocus
RedrawWindow
DefWindowProcW
RegisterWindowMessageW
PostMessageW
DrawTextW
MapWindowPoints
IsWindow
SendMessageW
CreateWindowExW
DestroyWindow
GetWindowLongW
SetWindowTextW
GetWindowRect
GetClientRect
ScreenToClient
SetTimer
KillTimer
SetDlgItemTextW
GetDlgItem
SetWindowPos
SetWindowLongW
BeginPaint
EndPaint
CharNextW
LoadStringW
MoveWindow
IsChild
WaitForInputIdle
ShowWindow
FindWindowW
GetKeyState
PtInRect
UnionRect
GetFocus
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
ReleaseDC
GetDC
CallWindowProcW

gdi32

CreateDCW
LPtoDP
SetMapMode
SetViewportOrgEx
GetDeviceCaps
CreateMetaFileW
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
DeleteDC
GetObjectW
CreateFontIndirectW
DeleteObject
SetBkColor
ExtTextOutW
SetTextColor
SetBkMode
SelectObject
GetStockObject

advapi32

RegCreateKeyExW
GetTokenInformation
OpenProcessToken
RegEnumValueW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetFolderPathW
ShellExecuteA
ShellExecuteExW
ShellExecuteW

ole32

OleRegGetUserType
CreateDataAdviseHolder
OleRegEnumVerbs
OleRegGetMiscStatus
CoTaskMemRealloc
CoTaskMemAlloc
CLSIDFromString
CoCreateInstance
CreateBindCtx
CreateOleAdviseHolder
OleLoadFromStream
WriteClassStm
OleSaveToStream
CoTaskMemFree

oleaut32

SysAllocStringByteLen
VariantChangeType
SysStringByteLen
OleCreatePropertyFrame
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
VarUI4FromStr
SysStringLen
SysAllocStringLen
VariantInit
VariantCopy
VariantClear
SysAllocString
SysFreeString

urlmon

RegisterBindStatusCallback
CreateURLMoniker

msvcp60

??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?data@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
?empty@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE_NXZ
??Mstd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcrt

wcsncpy
memset
wcscpy
realloc
free
wcscmp
memcpy
??2@YAPAXI@Z
vswprintf
swprintf
wcslen
iswdigit
_wtoi
malloc
atol
atoi
wcscat
_wcsicmp
strlen
_wfullpath
wcsrchr
memcmp
_purecall
_wcsdup
_snwprintf
wcstoul
rand
_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
_CxxThrowException
__CxxFrameHandler

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

PathFileExistsW
PathRemoveFileSpecW
PathAppendW

Exports

Exports

?GetCurrentVersionW@@YGHIPAGK@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ppp.dll
.dll regsvr32 windows:4 windows x86 arch:x86

edf4943e70bdf926606a4e8b4df57bc2

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:cf:85:75:18:3c:0c:1b:a8:37:11:e1:06:2a:ac:ea:1e:7c:cc:24
Signer

Actual PE Digest

39:cf:85:75:18:3c:0c:1b:a8:37:11:e1:06:2a:ac:ea:1e:7c:cc:24

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42u

ord1115
ord1173
ord1568
ord1165
ord1570
ord1179
ord342
ord1240
ord1563
ord1248
ord1250
ord1571
ord600
ord826
ord269
ord5852
ord3658
ord1863
ord268
ord1560
ord4199
ord4272
ord2756
ord2859
ord470
ord2746
ord755
ord942
ord5679
ord5706
ord4124
ord6770
ord2822
ord2910
ord5568
ord6139
ord940
ord925
ord6466
ord1128
ord2717
ord3948
ord815
ord561
ord3733
ord4418
ord4616
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5710
ord5285
ord5303
ord4692
ord4074
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord927
ord860
ord823
ord538
ord834
ord537
ord541
ord6874
ord5857
ord922
ord801
ord6868
ord1594
ord535
ord858
ord2606
ord2810
ord800
ord861
ord825
ord540
ord1194

msvcrt

_wfopen
fgetws
fclose
srand
rand
_findfirst
_findnext
wcsncpy
swprintf
strcat
strrchr
wcscmp
atol
strncpy
sscanf
memset
_ftol
wcscpy
sprintf
strcpy
wcstoul
_wtoi
malloc
free
strlen
_findclose
tolower
islower
toupper
isalnum
isspace
wcslen
realloc
memcpy
_wcsicmp
_purecall
_itow
memcmp
_i64tow
atoi
__CxxFrameHandler
_CxxThrowException
_wcsdup
_snprintf
strcmp
fprintf
fread
ftell
fseek
fopen
fputs
isalpha
strncmp
strchr
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv

kernel32

GetEnvironmentVariableW
GetPrivateProfileStringW
lstrlenW
WideCharToMultiByte
GetACP
lstrlenA
MultiByteToWideChar
SetFileTime
CopyFileW
WritePrivateProfileStringW
LocalFree
LocalAlloc
GetProcAddress
DeviceIoControl
CreateFileA
GetVersionExA
GetModuleFileNameA
GetModuleHandleA
CreateMutexW
MapViewOfFile
OpenFileMappingW
ReleaseMutex
FlushViewOfFile
UnmapViewOfFile
LoadLibraryW
FreeLibrary
GetTickCount
DeleteFileW
GetTempPathW
CreateDirectoryW
LeaveCriticalSection
EnterCriticalSection
FlushInstructionCache
GetCurrentProcess
InterlockedDecrement
CloseHandle
CreateProcessW
TerminateProcess
WaitForSingleObject
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
OutputDebugStringW
LoadLibraryExW
GetSystemInfo
GetModuleHandleW
GetVersionExW
GetPrivateProfileIntW
VirtualQuery
SystemTimeToFileTime
GetSystemTime
GetFileTime
GetLastError
Sleep
CreateFileW

user32

SetTimer
SetWindowLongW
DefWindowProcW
RegisterWindowMessageW
GetWindowLongW
CallWindowProcW
GetClientRect
IsWindow
PostMessageW
FindWindowW
SendMessageW
SetWindowTextW
ShowWindow
BringWindowToTop
MoveWindow
GetWindowRect
GetWindowThreadProcessId
DestroyWindow
KillTimer
SetWindowPos
GetAncestor
CreateWindowExW
WaitForInputIdle

advapi32

RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
OpenProcessToken
RegCloseKey

shell32

SHGetFolderPathW

ole32

CoCreateGuid
CoCreateInstance

oleaut32

SysAllocStringLen
LoadTypeLi
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
VariantInit
SysAllocString
SysStringLen
LoadRegTypeLi
DispCallFunc
VariantClear
SysFreeString

atl

ord42
ord23
ord21
ord58
ord11
ord10
ord15
ord18
ord57
ord32
ord16
ord53
ord45
ord44
ord43
ord48
ord30
ord47

msvcp60

?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDH@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
?resize@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXI@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBDI@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?_Xran@std@@YAXXZ
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??9std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ

rpcrt4

UuidToStringW
UuidFromStringA

ws2_32

gethostname
gethostbyname
inet_addr
inet_ntoa

shlwapi

PathRemoveExtensionW
PathFindExtensionW
PathRemoveFileSpecW
PathFileExistsW
PathAppendW
StrStrIW
StrStrIA
PathStripPathW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
NSGetModule

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/time.dll
.dll windows:4 windows x86 arch:x86

2e3a4d1f132aea64d421c1e936bcc407

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
lstrcmpiA
lstrcpynA
GlobalFree
lstrcpyA
GlobalAlloc
GetSystemTime
GetLocalTime
SetSystemTime
SetLocalTime
FindClose
FindFirstFileA
CloseHandle
SetFileTime
CreateFileA
lstrcatA

user32

SendMessageA
wsprintfA

Exports

Exports

_GetFileTime
_GetFileTimeUTC
_GetLocalTime
_GetLocalTimeUTC
_MathTime
_SetFileTime
_SetFileTimeUTC
_SetLocalTime
_SetLocalTimeUTC
_TimeString
_Unload

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ui.dll
.dll windows:5 windows x86 arch:x86

d9772e29942b5b6e6f5974b37ba9f6ad

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

bb:58:cf:2d:32:23:9b:a4:e3:8b:3a:c6:1e:d4:19:b0:af:2d:01:29
Signer

Actual PE Digest

bb:58:cf:2d:32:23:9b:a4:e3:8b:3a:c6:1e:d4:19:b0:af:2d:01:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\pptv\ui\Release\ui.pdb

Imports

kernel32

SetEvent
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
Sleep
GetEnvironmentVariableW
SystemTimeToFileTime
EncodePointer
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
CreateEventW
CreateProcessW
DecodePointer
GetSystemTime
ResetEvent
ResumeThread
FindResourceExW
DeviceIoControl
GetModuleFileNameA
CreateFileA
HeapDestroy
HeapReAlloc
HeapSize
FindFirstFileW
GetFullPathNameW
FindClose
FindNextFileW
lstrcmpW
GetVersionExW
MulDiv
ExpandEnvironmentStringsW
GetProcAddress
SetPriorityClass
GetCommandLineW
WideCharToMultiByte
WaitForSingleObject
DisableThreadLibraryCalls
ReleaseMutex
CreateMutexW
OpenProcess
LoadLibraryA
LocalAlloc
LocalFree
CloseHandle
GetUserDefaultLCID
GetCurrentThreadId
GetPrivateProfileIntW
RaiseException
GetTickCount
lstrlenA
OutputDebugStringW
DebugBreak
GlobalLock
SetLastError
lstrlenW
GetCurrentProcess
FlushInstructionCache
LoadLibraryW
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
MultiByteToWideChar
LoadLibraryExW
FreeLibrary
InterlockedExchange

user32

UpdateWindow
IsWindowVisible
IsWindowEnabled
GetWindowLongW
GetClientRect
GetDlgItem
SetWindowPos
SendMessageW
GetClassInfoExW
LoadCursorW
LoadStringW
CallWindowProcW
DefWindowProcW
CreateWindowExW
BeginPaint
EndPaint
RegisterClassExW
UnregisterClassA
LoadImageW
GetSystemMetrics
DestroyIcon
DestroyWindow
PostQuitMessage
wsprintfW
MessageBoxW
CreatePopupMenu
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
CopyRect
GetWindowThreadProcessId
GetShellWindow
DrawTextW
SetTimer
GetWindowRect
InvalidateRect
IsDialogMessageW
SetWindowRgn
GetCursorPos
KillTimer
RegisterClassW
GetSysColorBrush
GetClassInfoW
PostMessageW
SetWindowTextW
GetAncestor
EnableWindow
GetParent
GetForegroundWindow
GetClassNameW
SetRect
ShowWindow
DestroyMenu
SetForegroundWindow
SetFocus
ReplyMessage
MoveWindow
SetWindowLongW
IsWindow
RegisterWindowMessageW
IsIconic
GetDesktopWindow
FindWindowExW
SendMessageTimeoutW
CharNextW
SetActiveWindow
BringWindowToTop
SwitchToThisWindow
ReleaseCapture
GetCapture
SetCursor
GetWindowTextW
GetWindowTextLengthW
SetCapture
OffsetRect
EqualRect
SystemParametersInfoW
GetMessageTime
ScreenToClient
GetMessagePos
GetKeyState
GetDC
ReleaseDC
EndDeferWindowPos
BeginDeferWindowPos
UpdateLayeredWindow
ClientToScreen
IntersectRect
SetRectEmpty
GetWindowDC
SetParent
DeferWindowPos
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
GetMenuItemCount
GetMenuItemInfoW
EnableMenuItem
CheckMenuItem
SetMenuItemInfoW
CheckMenuRadioItem
SetMenuDefaultItem
MonitorFromPoint
TrackPopupMenuEx
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
MonitorFromRect
EnumDisplayMonitors
GetSysColor
IsChild
UnregisterHotKey
RegisterHotKey
RemoveMenu
AppendMenuW
IsZoomed

gdi32

GetObjectW
CreateBitmap
CreatePatternBrush
PatBlt
GetClipBox
GetStockObject
SetTextColor
BitBlt
DeleteDC
DeleteObject
CreateCompatibleBitmap
SetViewportOrgEx
SelectObject
SetBkMode
CreateFontIndirectW
SetBkColor
GetObjectA
CreateDCW
ExcludeClipRect
GetDeviceCaps
CreateSolidBrush
CreateCompatibleDC

advapi32

OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
DuplicateTokenEx
AdjustTokenPrivileges
LookupPrivilegeValueW

shell32

SHGetFolderPathW
ShellExecuteW
ShellExecuteExW
DragQueryFileW

ole32

CoUninitialize
CoCreateInstance
RegisterDragDrop
RevokeDragDrop
PropVariantClear
OleUninitialize
OleInitialize
CoInitialize

oleaut32

VariantCopy
SysStringByteLen
SysAllocStringByteLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
VarCmp
VariantChangeType
VariantInit
VariantClear
SysAllocString
LoadTypeLi
SysStringLen
LoadRegTypeLi

msvcp100

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ

atl100

ord32
ord43
ord58
ord31
ord56
ord64
ord23
ord61
ord10
ord44
ord11
ord30

shlwapi

PathFileExistsW
PathIsRootW
SHStrDupW
PathRemoveFileSpecW
PathAppendW
StrStrIW
PathAddExtensionW

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_Create
ImageList_Add
ImageList_Destroy

gdiplus

GdipCreateFontFromDC
GdipSetSolidFillColor
GdipCloneRegion
GdipTranslateRegionI
GdipCombineRegionRegion
GdipMeasureString
GdipSetStringFormatTrimming
GdipSetStringFormatHotkeyPrefix
GdipFree
GdipCreateFontFromLogfontA
GdipGetPropertyItem
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdipCloneImage
GdipDeleteBrush
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipGetImageRawFormat
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipAlloc
GdipGetPropertyItemSize
GdipDeleteFont
GdipCreateFont
GdipDisposeImage
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipCreateStringFormat
GdipDrawImageRectI
GdipCreateLineBrushFromRectI
GdipCreateSolidFill
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateRegion
GdipSetClipRegion
GdipSetClipRectI
GdipGetWorldTransform
GdipSetWorldTransform
GdipSetMatrixElements
GdipGetMatrixElements
GdipCreateMatrix
GdipDeleteMatrix
GdipCreateTexture2I
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateRegionRectI
GdipCreateFromHWND
GdipGetRegionHRgn
GdipCombineRegionRectI
GdipDeleteGraphics
GdipGetFontHeight
GdipGetFontStyle
GdipGetFamily
GdipGetLineSpacing
GdipGetEmHeight
GdipDrawString
GdipGetStringFormatLineAlign
GdipSetStringFormatLineAlign
GdipDeleteFontFamily
GdipDeleteStringFormat
GdipCloneStringFormat
GdiplusStartup
GdiplusShutdown
GdipCloneBrush
GdipCreateRegionPath
GdipSetTextureWrapMode
GdipCreatePath
GdipDrawImageRectRectI
GdipDrawImageRectRect
GdipFillRectangleI
GdipAddPathRectangleI
GdipCreateTextureIAI
GdipBitmapGetPixel
GdipDeleteRegion
GdipDeletePath
GdipGetClip

msvcr100

vswprintf_s
memcpy_s
malloc
getc
fputc
ferror
feof
fflush
ftell
fseek
fwrite
fread
fclose
_wfopen
_purecall
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z
memmove
memcpy
swprintf_s
_ismbcspace
_mbsinc
wmemcpy_s
free
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
__CxxFrameHandler3
??_V@YAXPAX@Z
??3@YAXPAX@Z
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
iswdigit
_wtoi
calloc
_recalloc
memset
wcsncpy
_wcsdup
memmove_s
wcscpy_s
memchr
strncpy
_swprintf
__argc
wcstol
_wcsicmp
wcstok
wcsspn
_time64
toupper
fprintf
atoi
_vsnprintf_s
isspace
tolower
isalpha
isalnum
strncmp
strchr
iswspace
wcstoul
_errno
_wcsnicmp
wcstod
wcsrchr
strrchr
_strnicmp
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_stricmp
realloc
sprintf
wcsstr
_beginthreadex
strtoul
_strdup
strtok_s
?terminate@@YAXXZ

omng

ord8
ord7
ord5
ord6

uilib

PP_OpenUrlW
ord5

urlmon

URLDownloadToCacheFileW

imm32

ImmGetVirtualKey

wintrust

WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain
WTHelperGetProvCertFromChain
WinVerifyTrust

crypt32

CertGetNameStringW

wininet

DeleteUrlCacheEntryW

rpcrt4

UuidFromStringW

Exports

Exports

RD_XXXX
RD_XXXX2

Sections

.text
Size: 450KB - Virtual size: 449KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/uilib.dll
.dll regsvr32 windows:5 windows x86 arch:x86

e589471521ba2bca69e3d39695462c84

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e7:45:ab:bc:b4:d1:57:b7:a7:12:60:c6:85:fb:d1:c7:73:8e:ba:55
Signer

Actual PE Digest

e7:45:ab:bc:b4:d1:57:b7:a7:12:60:c6:85:fb:d1:c7:73:8e:ba:55

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\winclient\pptv\uilib\Release\uilib.pdb

Imports

kernel32

GetLastError
InitializeCriticalSectionAndSpinCount
GetProcAddress
GetModuleHandleW
lstrcmpiW
LocalFree
FreeLibrary
LoadLibraryExW
ExpandEnvironmentStringsW
GetCurrentThreadId
DisableThreadLibraryCalls
LoadLibraryW
Sleep
DeviceIoControl
GetVersionExW
GetModuleFileNameA
CreateFileA
LoadLibraryA
GetSystemDirectoryA
SetLastError
GetTempFileNameW
CreateDirectoryW
GetTempPathW
GetTickCount
WriteFile
CreateFileW
SetEvent
ResetEvent
CreateEventW
RaiseException
InterlockedExchange
CreateThread
SetEnvironmentVariableW
CompareStringW
GetDateFormatA
GetTimeFormatA
GetDateFormatW
GetTimeFormatW
GetTimeZoneInformation
DeleteFileW
MoveFileW
CreateProcessW
WaitForSingleObject
CloseHandle
TerminateProcess
InitializeCriticalSection
DeleteCriticalSection
GetPrivateProfileStringW
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetEnvironmentVariableW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetACP
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
OutputDebugStringW
AllocConsole
SetEndOfFile
WriteConsoleW
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetFilePointer
ReadFile
GetStartupInfoW
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
SetEnvironmentVariableA
GetLocaleInfoW
GetStdHandle
ExitProcess
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsProcessorFeaturePresent
LCMapStringW
GetCPInfo
GetCommandLineA
ResumeThread
ExitThread
RtlUnwind
DecodePointer
EncodePointer
InterlockedCompareExchange
GetStringTypeW
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy

user32

CharNextW
RegisterClassW
UnregisterClassW
CreateWindowExW
GetWindowLongW
SetWindowPos
WaitForInputIdle
GetAncestor
DestroyWindow
PostMessageW
DefWindowProcW

advapi32

CopySid
GetTokenInformation
OpenProcessToken
DeregisterEventSource
RegisterEventSourceW
RegOpenKeyExA
RegQueryValueExA
RegEnumValueA
RegEnumKeyExW
GetNamedSecurityInfoW
BuildExplicitAccessWithNameW
SetEntriesInAclW
SetNamedSecurityInfoW
RegQueryInfoKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
ReportEventW
GetLengthSid

shell32

ShellExecuteW
ord165
SHGetFolderPathW

ole32

StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CLSIDFromString

oleaut32

RegisterTypeLi
VarUI4FromStr
SysAllocStringLen
SysAllocString
SysStringLen
LoadTypeLi
SysFreeString
UnRegisterTypeLi

shlwapi

PathAppendW
PathRemoveFileSpecW
PathFileExistsW
StrCmpNIW
PathFindExtensionW

ws2_32

WSAGetLastError
gethostbyname
inet_ntoa
getservbyname
gethostbyaddr
getservbyport
ntohs
WSASetLastError
closesocket
recvfrom
__WSAFDIsSet
select
inet_addr
bind
ioctlsocket
socket
WSAStartup
recv
send
setsockopt
connect
gethostname
sendto
WSACleanup
htons
htonl

rpcrt4

UuidFromStringA
UuidFromStringW

wininet

CreateUrlCacheEntryW
CommitUrlCacheEntryW
HttpQueryInfoW
HttpSendRequestW
InternetCrackUrlW
DeleteUrlCacheEntryW
InternetOpenA
InternetReadFile
InternetConnectW
InternetSetStatusCallbackA
HttpOpenRequestW
InternetQueryDataAvailable
InternetQueryOptionW
InternetSetOptionW
InternetCloseHandle
HttpQueryInfoA
InternetLockRequestFile
InternetQueryOptionA

Exports

Exports

??0TiXmlAttribute@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
??0TiXmlAttribute@@QAE@PBD0@Z
??0TiXmlAttribute@@QAE@XZ
??0TiXmlAttributeSet@@QAE@XZ
??0TiXmlBase@@QAE@XZ
??0TiXmlComment@@QAE@ABV0@@Z
??0TiXmlComment@@QAE@XZ
??0TiXmlDeclaration@@QAE@ABV0@@Z
??0TiXmlDeclaration@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00@Z
??0TiXmlDeclaration@@QAE@PBD00@Z
??0TiXmlDeclaration@@QAE@XZ
??0TiXmlDocument@@QAE@ABV0@@Z
??0TiXmlDocument@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0TiXmlDocument@@QAE@PBD@Z
??0TiXmlDocument@@QAE@XZ
??0TiXmlElement@@QAE@ABV0@@Z
??0TiXmlElement@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0TiXmlElement@@QAE@PBD@Z
??0TiXmlNode@@IAE@W4NodeType@0@@Z
??0TiXmlText@@QAE@ABV0@@Z
??0TiXmlText@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0TiXmlText@@QAE@PBD@Z
??0TiXmlUnknown@@QAE@ABV0@@Z
??0TiXmlUnknown@@QAE@XZ
??1TiXmlAttribute@@UAE@XZ
??1TiXmlAttributeSet@@QAE@XZ
??1TiXmlBase@@UAE@XZ
??1TiXmlComment@@UAE@XZ
??1TiXmlDeclaration@@UAE@XZ
??1TiXmlDocument@@UAE@XZ
??1TiXmlElement@@UAE@XZ
??1TiXmlNode@@UAE@XZ
??1TiXmlText@@UAE@XZ
??1TiXmlUnknown@@UAE@XZ
??4TiXmlComment@@QAEXABV0@@Z
??4TiXmlDeclaration@@QAEXABV0@@Z
??4TiXmlDocument@@QAEXABV0@@Z
??4TiXmlElement@@QAEXABV0@@Z
??4TiXmlText@@QAEXABV0@@Z
??4TiXmlUnknown@@QAEXABV0@@Z
??8TiXmlAttribute@@QBE_NABV0@@Z
??MTiXmlAttribute@@QBE_NABV0@@Z
??OTiXmlAttribute@@QBE_NABV0@@Z
??_7TiXmlAttribute@@6B@
??_7TiXmlBase@@6B@
??_7TiXmlComment@@6B@
??_7TiXmlDeclaration@@6B@
??_7TiXmlDocument@@6B@
??_7TiXmlElement@@6B@
??_7TiXmlNode@@6B@
??_7TiXmlText@@6B@
??_7TiXmlUnknown@@6B@
?Add@TiXmlAttributeSet@@QAEXPAVTiXmlAttribute@@@Z
?Attribute@TiXmlElement@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Attribute@TiXmlElement@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAH@Z
?Attribute@TiXmlElement@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAN@Z
?Attribute@TiXmlElement@@QBEPBDPBD@Z
?Attribute@TiXmlElement@@QBEPBDPBDPAH@Z
?Attribute@TiXmlElement@@QBEPBDPBDPAN@Z
?Blank@TiXmlText@@IBE_NXZ
?CDATA@TiXmlText@@QAE_NXZ
?Clear@TiXmlNode@@QAEXXZ
?ClearError@TiXmlDocument@@QAEXXZ
?ClearThis@TiXmlElement@@IAEXXZ
?Clone@TiXmlComment@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlDeclaration@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlDocument@@MBEPAVTiXmlNode@@XZ
?Clone@TiXmlElement@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlText@@MBEPAVTiXmlNode@@XZ
?Clone@TiXmlUnknown@@UBEPAVTiXmlNode@@XZ
?Column@TiXmlBase@@QBEHXZ
?ConvertUTF32ToUTF8@TiXmlBase@@KAXKPADPAH@Z
?CopyTo@TiXmlComment@@IBEXPAV1@@Z
?CopyTo@TiXmlDeclaration@@IBEXPAV1@@Z
?CopyTo@TiXmlDocument@@ABEXPAV1@@Z
?CopyTo@TiXmlElement@@IBEXPAV1@@Z
?CopyTo@TiXmlNode@@IBEXPAV1@@Z
?CopyTo@TiXmlText@@IBEXPAV1@@Z
?CopyTo@TiXmlUnknown@@IBEXPAV1@@Z
?DoubleValue@TiXmlAttribute@@QBENXZ
?Encoding@TiXmlDeclaration@@QBEPBDXZ
?Error@TiXmlDocument@@QBE_NXZ
?ErrorCol@TiXmlDocument@@QAEHXZ
?ErrorDesc@TiXmlDocument@@QBEPBDXZ
?ErrorId@TiXmlDocument@@QBEHXZ
?ErrorRow@TiXmlDocument@@QAEHXZ
?Find@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@PBD@Z
?Find@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@PBD@Z
?First@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@XZ
?First@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@XZ
?FirstAttribute@TiXmlElement@@QAEPAVTiXmlAttribute@@XZ
?FirstAttribute@TiXmlElement@@QBEPBVTiXmlAttribute@@XZ
?FirstChild@TiXmlNode@@QAEPAV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?FirstChild@TiXmlNode@@QAEPAV1@PBD@Z
?FirstChild@TiXmlNode@@QAEPAV1@XZ
?FirstChild@TiXmlNode@@QBEPBV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?FirstChild@TiXmlNode@@QBEPBV1@PBD@Z
?FirstChild@TiXmlNode@@QBEPBV1@XZ
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ
?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@PBD@Z
?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ
?GetChar@TiXmlBase@@KAPBDPBDPADPAHW4TiXmlEncoding@@@Z
?GetDocument@TiXmlNode@@QAEPAVTiXmlDocument@@XZ
?GetDocument@TiXmlNode@@QBEPBVTiXmlDocument@@XZ
?GetEncoding@TiXmlDocument@@QAE?AW4TiXmlEncoding@@XZ
?GetEntity@TiXmlBase@@KAPBDPBDPADPAHW4TiXmlEncoding@@@Z
?GetText@TiXmlElement@@QBEPBDXZ
?GetUserData@TiXmlBase@@QAEPAXXZ
?Identify@TiXmlNode@@IAEPAV1@PBDW4TiXmlEncoding@@@Z
?InsertAfterChild@TiXmlNode@@QAEPAV1@PAV1@ABV1@@Z
?InsertBeforeChild@TiXmlNode@@QAEPAV1@PAV1@ABV1@@Z
?InsertEndChild@TiXmlNode@@QAEPAV1@ABV1@@Z
?IntValue@TiXmlAttribute@@QBEHXZ
?IsAlpha@TiXmlBase@@KAHEW4TiXmlEncoding@@@Z
?IsAlphaNum@TiXmlBase@@KAHEW4TiXmlEncoding@@@Z
?IsWhiteSpace@TiXmlBase@@KA_ND@Z
?IsWhiteSpaceCondensed@TiXmlBase@@SA_NXZ
?IterateChildren@TiXmlNode@@QAEPAV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAV1@@Z
?IterateChildren@TiXmlNode@@QAEPAV1@PAV1@@Z
?IterateChildren@TiXmlNode@@QAEPAV1@PBDPAV1@@Z
?IterateChildren@TiXmlNode@@QBEPBV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBV1@@Z
?IterateChildren@TiXmlNode@@QBEPBV1@PBDPBV1@@Z
?IterateChildren@TiXmlNode@@QBEPBV1@PBV1@@Z
?Last@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@XZ
?Last@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@XZ
?LastAttribute@TiXmlElement@@QAEPAVTiXmlAttribute@@XZ
?LastAttribute@TiXmlElement@@QBEPBVTiXmlAttribute@@XZ
?LastChild@TiXmlNode@@QAEPAV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?LastChild@TiXmlNode@@QAEPAV1@PBD@Z
?LastChild@TiXmlNode@@QAEPAV1@XZ
?LastChild@TiXmlNode@@QBEPBV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?LastChild@TiXmlNode@@QBEPBV1@PBD@Z
?LastChild@TiXmlNode@@QBEPBV1@XZ
?LinkEndChild@TiXmlNode@@QAEPAV1@PAV1@@Z
?LoadFile@TiXmlDocument@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4TiXmlEncoding@@@Z
?LoadFile@TiXmlDocument@@QAE_NPBDW4TiXmlEncoding@@@Z
?LoadFile@TiXmlDocument@@QAE_NW4TiXmlEncoding@@@Z
?Name@TiXmlAttribute@@QBEPBDXZ
?Next@TiXmlAttribute@@QAEPAV1@XZ
?Next@TiXmlAttribute@@QBEPBV1@XZ
?NextSibling@TiXmlNode@@QAEPAV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?NextSibling@TiXmlNode@@QAEPAV1@PBD@Z
?NextSibling@TiXmlNode@@QAEPAV1@XZ
?NextSibling@TiXmlNode@@QBEPBV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?NextSibling@TiXmlNode@@QBEPBV1@PBD@Z
?NextSibling@TiXmlNode@@QBEPBV1@XZ
?NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z
?NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ
?NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@PBD@Z
?NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ
?NoChildren@TiXmlNode@@QBE_NXZ
?Parent@TiXmlNode@@QAEPAV1@XZ
?Parent@TiXmlNode@@QBEPBV1@XZ
?Parse@TiXmlAttribute@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlComment@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlDeclaration@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlDocument@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlElement@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlText@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlUnknown@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Previous@TiXmlAttribute@@QAEPAV1@XZ
?Previous@TiXmlAttribute@@QBEPBV1@XZ
?PreviousSibling@TiXmlNode@@QAEPAV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?PreviousSibling@TiXmlNode@@QAEPAV1@PBD@Z
?PreviousSibling@TiXmlNode@@QAEPAV1@XZ
?PreviousSibling@TiXmlNode@@QBEPBV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?PreviousSibling@TiXmlNode@@QBEPBV1@PBD@Z
?PreviousSibling@TiXmlNode@@QBEPBV1@XZ
?Print@TiXmlAttribute@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlComment@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlDeclaration@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlDocument@@QBEXXZ
?Print@TiXmlDocument@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlElement@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlText@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlUnknown@@UBEXPAU_iobuf@@H@Z
?PutString@TiXmlBase@@KAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAV23@@Z
?PutString@TiXmlBase@@KAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAV?$basic_ostream@DU?$char_traits@D@std@@@3@@Z
?QueryDoubleAttribute@TiXmlElement@@QBEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAN@Z
?QueryDoubleAttribute@TiXmlElement@@QBEHPBDPAN@Z
?QueryDoubleValue@TiXmlAttribute@@QBEHPAN@Z
?QueryFloatAttribute@TiXmlElement@@QBEHPBDPAM@Z
?QueryIntAttribute@TiXmlElement@@QBEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAH@Z
?QueryIntAttribute@TiXmlElement@@QBEHPBDPAH@Z
?QueryIntValue@TiXmlAttribute@@QBEHPAH@Z
?ReadName@TiXmlBase@@KAPBDPBDPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4TiXmlEncoding@@@Z
?ReadText@TiXmlBase@@KAPBDPBDPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N02W4TiXmlEncoding@@@Z
?ReadValue@TiXmlElement@@IAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Remove@TiXmlAttributeSet@@QAEXPAVTiXmlAttribute@@@Z
?RemoveAttribute@TiXmlElement@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?RemoveAttribute@TiXmlElement@@QAEXPBD@Z
?RemoveChild@TiXmlNode@@QAE_NPAV1@@Z
?ReplaceChild@TiXmlNode@@QAEPAV1@PAV1@ABV1@@Z
?RootElement@TiXmlDocument@@QAEPAVTiXmlElement@@XZ
?RootElement@TiXmlDocument@@QBEPBVTiXmlElement@@XZ
?Row@TiXmlBase@@QBEHXZ
?SaveFile@TiXmlDocument@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SaveFile@TiXmlDocument@@QBE_NPBD@Z
?SaveFile@TiXmlDocument@@QBE_NXZ
?SetAttribute@TiXmlElement@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?SetAttribute@TiXmlElement@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?SetAttribute@TiXmlElement@@QAEXPBD0@Z
?SetAttribute@TiXmlElement@@QAEXPBDH@Z
?SetCDATA@TiXmlText@@QAEX_N@Z
?SetCondenseWhiteSpace@TiXmlBase@@SAX_N@Z
?SetDocument@TiXmlAttribute@@QAEXPAVTiXmlDocument@@@Z
?SetDoubleAttribute@TiXmlElement@@QAEXPBDN@Z
?SetDoubleValue@TiXmlAttribute@@QAEXN@Z
?SetError@TiXmlDocument@@QAEXHPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?SetIntValue@TiXmlAttribute@@QAEXH@Z
?SetName@TiXmlAttribute@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetName@TiXmlAttribute@@QAEXPBD@Z
?SetTabSize@TiXmlDocument@@QAEXH@Z
?SetUserData@TiXmlBase@@QAEXPAX@Z
?SetValue@TiXmlAttribute@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetValue@TiXmlAttribute@@QAEXPBD@Z
?SetValue@TiXmlNode@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetValue@TiXmlNode@@QAEXPBD@Z
?SkipWhiteSpace@TiXmlBase@@KAPBDPBDW4TiXmlEncoding@@@Z
?Standalone@TiXmlDeclaration@@QBEPBDXZ
?StreamIn@TiXmlComment@@MAEXPAV?$basic_istream@DU?$char_traits@D@std@@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StreamIn@TiXmlDeclaration@@MAEXPAV?$basic_istream@DU?$char_traits@D@std@@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StreamIn@TiXmlDocument@@MAEXPAV?$basic_istream@DU?$char_traits@D@std@@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StreamIn@TiXmlElement@@MAEXPAV?$basic_istream@DU?$char_traits@D@std@@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StreamIn@TiXmlText@@MAEXPAV?$basic_istream@DU?$char_traits@D@std@@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StreamIn@TiXmlUnknown@@MAEXPAV?$basic_istream@DU?$char_traits@D@std@@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StreamOut@TiXmlAttribute@@UBEXPAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
?StreamOut@TiXmlComment@@MBEXPAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
?StreamOut@TiXmlDeclaration@@MBEXPAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
?StreamOut@TiXmlDocument@@MBEXPAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
?StreamOut@TiXmlElement@@MBEXPAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
?StreamOut@TiXmlText@@MBEXPAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
?StreamOut@TiXmlUnknown@@MBEXPAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
?StreamTo@TiXmlBase@@KA_NPAV?$basic_istream@DU?$char_traits@D@std@@@std@@HPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StreamWhiteSpace@TiXmlBase@@KA_NPAV?$basic_istream@DU?$char_traits@D@std@@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?StringEqual@TiXmlBase@@KA_NPBD0_NW4TiXmlEncoding@@@Z
?TabSize@TiXmlDocument@@QBEHXZ
?ToComment@TiXmlNode@@QAEPAVTiXmlComment@@XZ
?ToComment@TiXmlNode@@QBEPBVTiXmlComment@@XZ
?ToDeclaration@TiXmlNode@@QAEPAVTiXmlDeclaration@@XZ
?ToDeclaration@TiXmlNode@@QBEPBVTiXmlDeclaration@@XZ
?ToDocument@TiXmlNode@@QAEPAVTiXmlDocument@@XZ
?ToDocument@TiXmlNode@@QBEPBVTiXmlDocument@@XZ
?ToElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ
?ToElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ
?ToLower@TiXmlBase@@KAHHW4TiXmlEncoding@@@Z
?ToText@TiXmlNode@@QAEPAVTiXmlText@@XZ
?ToText@TiXmlNode@@QBEPBVTiXmlText@@XZ
?ToUnknown@TiXmlNode@@QAEPAVTiXmlUnknown@@XZ
?ToUnknown@TiXmlNode@@QBEPBVTiXmlUnknown@@XZ
?Type@TiXmlNode@@QBEHXZ
?Value@TiXmlAttribute@@QBEPBDXZ
?Value@TiXmlNode@@QBEPBDXZ
?ValueStr@TiXmlNode@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?Version@TiXmlDeclaration@@QBEPBDXZ
?condenseWhiteSpace@TiXmlBase@@0_NA
?entity@TiXmlBase@@0PAUEntity@1@A
?errorString@TiXmlBase@@1PAPBDA
?utf8ByteTable@TiXmlBase@@2QBHB
CreatePlayLink
DllCanUnloadNow
DllGetClassObject
DllGetInstance
DllGetInstanceEx
DllRegisterServer
DllUnregisterServer
MD5
MD5Final
MD5Init
MD5StringA
MD5StringW
MD5Update
PPTVLogOutA
PPTVLogOutW
PP_AddEveryoneAccessToFile
PP_AtlEscapeUrlA
PP_AtlEscapeUrlW
PP_AtlUnescapeUrlA
PP_AtlUnescapeUrlW
PP_Base64DecoderA
PP_Base64DecoderW
PP_Base64EncoderA
PP_Base64EncoderW
PP_GetAllUserAppData
PP_GetComManager
PP_GetCurrentUserAppdata
PP_GetDiskId
PP_GetMachineGUID
PP_GetPPGuid
PP_GetPPLiveNetworkPath
PP_OpenUrlA
PP_OpenUrlW
PP_ReleaseComManager
PP_URLXXX
PP_URLYYY
PP_free
PP_malloc
ReloadConfig
adler32
compress
compress2
compressBound
crc32
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
get_crc_table
gzclearerr
gzclose
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzungetc
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateInit2_
inflateInit_
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
uncompress
zError

Sections

.text
Size: 573KB - Virtual size: 573KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MYSHARE
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Internet Explorer/PPLite/plugin/$OUTDIR/PluginInstaller.exe
.exe windows:4 windows x86 arch:x86

b4dd414adf75859560fa6af81972f8d5

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a4:7d:36:e1:62:1d:2a:82:49:8e:81:01:fa:ba:a3:69:75:d8:48:79
Signer

Actual PE Digest

a4:7d:36:e1:62:1d:2a:82:49:8e:81:01:fa:ba:a3:69:75:d8:48:79

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord860
ord1225
ord2822
ord927
ord2606
ord535
ord925
ord940
ord942
ord858
ord823
ord861
ord825
ord538
ord540
ord2810
ord800

msvcrt

wcscpy
wcstoul
_wcsicmp
memcpy
wcscspn
_wtoi
wcscmp
_ftol
memcmp
_wtol
isspace
isalnum
_wcsdup
rand
iswdigit
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
atoi
??0exception@@QAE@XZ
_CxxThrowException
strlen
strcpy
sprintf
strcat
strrchr
strncpy
__dllonexit
_onexit
malloc
free
__CxxFrameHandler
memset
wcsncpy
wcslen
_wcsnicmp
wcsspn
_except_handler3
__set_app_type
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
__p__fmode
__p__commode
_adjust_fdiv
_initterm
__setusermatherr
_controlfp

kernel32

CloseHandle
GetLastError
GetTempPathW
WaitForSingleObject
OpenFileMappingW
lstrlenA
CreateMutexW
SetLastError
OpenEventW
CreateProcessW
GetEnvironmentVariableW
CreateFileMappingW
CreateEventW
SetEvent
MapViewOfFile
UnmapViewOfFile
GetTempFileNameW
GetVersionExW
GetStartupInfoA
GetModuleHandleA
GetModuleHandleW
GetModuleFileNameA
CreateThread
CreateFileA
DeviceIoControl
CreateFileW
WriteFile
FlushFileBuffers
DebugBreak
InterlockedDecrement
GetModuleFileNameW
OutputDebugStringW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CopyFileW
GetCurrentProcess
FlushInstructionCache
EnterCriticalSection
LeaveCriticalSection
DeleteFileW
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
GetTickCount
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
ResetEvent

user32

CharNextW
RegisterClassExW
LoadCursorW
UpdateWindow
wvsprintfW
IsWindow
PostMessageW
GetClassInfoExW
wsprintfW
KillTimer
SetTimer
CallWindowProcW
GetWindowLongW
SetWindowLongW
SendMessageW
DestroyWindow
PostQuitMessage
DefWindowProcW
FindWindowW
GetMessageW
TranslateMessage
DispatchMessageW
CreateWindowExW
ShowWindow

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW

shell32

ShellExecuteExW
SHGetFolderPathW

ole32

CoTaskMemFree
CoInitialize
CreateBindCtx
CoUninitialize
CoTaskMemAlloc

oleaut32

SysAllocString
SysFreeString

urlmon

RevokeBindStatusCallback
RegisterBindStatusCallback
CreateURLMoniker
URLDownloadToFileW

msvcp60

?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
?empty@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE_NXZ
?length@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAGI@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?data@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1_Winit@std@@QAE@XZ
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z

wintrust

WTHelperGetProvCertFromChain
WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData

crypt32

CertGetNameStringW

wininet

HttpQueryInfoW
InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetCrackUrlW

shlwapi

PathRemoveFileSpecW
StrStrIW
PathFileExistsW
StrCmpW
PathFindFileNameW
PathAppendW

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Internet Explorer/PPLite/plugin/$OUTDIR/pplugin2.dll
.dll regsvr32 windows:4 windows x86 arch:x86

b0379d55e3f335965f3a537e8e98546c

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

46:72:65:69:08:83:b1:24:81:63:26:1a:94:f3:44:c4:65:eb:ac:dc
Signer

Actual PE Digest

46:72:65:69:08:83:b1:24:81:63:26:1a:94:f3:44:c4:65:eb:ac:dc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
InitializeCriticalSection
lstrcatW
OutputDebugStringW
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
MulDiv
FlushInstructionCache
HeapDestroy
CreateFileW
SetEndOfFile
ReadFile
WriteFile
LocalFree
GetVersionExW
LoadLibraryA
DisableThreadLibraryCalls
lstrcpynW
lstrcmpiW
FindResourceW
LoadResource
SizeofResource
GetShortPathNameW
OpenEventW
OpenFileMappingW
ResetEvent
MapViewOfFile
SetEvent
CreateEventW
FindClose
WaitForSingleObject
FindNextFileW
lstrcpyW
FindFirstFileW
SetLastError
MultiByteToWideChar
WideCharToMultiByte
GetPrivateProfileIntW
GetPrivateProfileStringW
LoadLibraryExW
GetModuleFileNameW
TerminateProcess
GetEnvironmentVariableW
CreateProcessW
UnmapViewOfFile
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
FreeLibrary
OpenMutexW
lstrlenA
lstrlenW
InterlockedDecrement
InterlockedIncrement
CreateDirectoryW
GetLastError
CopyFileW
CloseHandle
GetCurrentProcess
GetModuleHandleW
GetProcAddress
WritePrivateProfileStringW

user32

GetClassInfoExW
GetParent
wsprintfW
RegisterClassExW
InvalidateRect
CreateDialogParamW
LoadCursorW
SetFocus
RedrawWindow
DefWindowProcW
RegisterWindowMessageW
PostMessageW
DrawTextW
MapWindowPoints
IsWindow
SendMessageW
CreateWindowExW
DestroyWindow
GetWindowLongW
SetWindowTextW
GetWindowRect
GetClientRect
ScreenToClient
SetTimer
KillTimer
SetDlgItemTextW
GetDlgItem
SetWindowPos
SetWindowLongW
BeginPaint
EndPaint
CharNextW
LoadStringW
MoveWindow
IsChild
WaitForInputIdle
ShowWindow
FindWindowW
GetKeyState
PtInRect
UnionRect
GetFocus
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
ReleaseDC
GetDC
CallWindowProcW

gdi32

CreateDCW
LPtoDP
SetMapMode
SetViewportOrgEx
GetDeviceCaps
CreateMetaFileW
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
DeleteDC
GetObjectW
CreateFontIndirectW
DeleteObject
SetBkColor
ExtTextOutW
SetTextColor
SetBkMode
SelectObject
GetStockObject

advapi32

RegCreateKeyExW
GetTokenInformation
OpenProcessToken
RegEnumValueW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetFolderPathW
ShellExecuteA
ShellExecuteExW
ShellExecuteW

ole32

OleRegGetUserType
CreateDataAdviseHolder
OleRegEnumVerbs
OleRegGetMiscStatus
CoTaskMemRealloc
CoTaskMemAlloc
CLSIDFromString
CoCreateInstance
CreateBindCtx
CreateOleAdviseHolder
OleLoadFromStream
WriteClassStm
OleSaveToStream
CoTaskMemFree

oleaut32

SysAllocStringByteLen
VariantChangeType
SysStringByteLen
OleCreatePropertyFrame
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
VarUI4FromStr
SysStringLen
SysAllocStringLen
VariantInit
VariantCopy
VariantClear
SysAllocString
SysFreeString

urlmon

RegisterBindStatusCallback
CreateURLMoniker

msvcp60

??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?data@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
?empty@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE_NXZ
??Mstd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcrt

wcsncpy
memset
wcscpy
realloc
free
wcscmp
memcpy
??2@YAPAXI@Z
vswprintf
swprintf
wcslen
iswdigit
_wtoi
malloc
atol
atoi
wcscat
_wcsicmp
strlen
_wfullpath
wcsrchr
memcmp
_purecall
_wcsdup
_snwprintf
wcstoul
rand
_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
_CxxThrowException
__CxxFrameHandler

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

PathFileExistsW
PathRemoveFileSpecW
PathAppendW

Exports

Exports

?GetCurrentVersionW@@YGHIPAGK@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Internet Explorer/PPLite/plugin/1.0.0.745/$OUTDIR/atl100.dll
.dll windows:5 windows x86 arch:x86

0bbf1228f837ecb83ec693b705100bde

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

92:7e:29:5e:8b:e5:14:0d:44:a7:03:2e:dd:40:1f:17:0d:88:ed:d2
Signer

Actual PE Digest

92:7e:29:5e:8b:e5:14:0d:44:a7:03:2e:dd:40:1f:17:0d:88:ed:d2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

atl100.i386.pdb

Imports

kernel32

lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
GetProcAddress
GetModuleHandleW
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
CloseHandle
ReadFile
GetFileSize
CreateFileW
GetModuleFileNameW
WideCharToMultiByte
WaitForSingleObject
GlobalAlloc
FindResourceA
MulDiv
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
lstrcmpW
GlobalUnlock
GlobalLock
SetLastError
GlobalFree
GlobalHandle
LockResource
LocalAlloc
InterlockedExchange
LoadLibraryA
HeapFree
DecodePointer
EncodePointer
HeapAlloc
GetCommandLineA
HeapCreate
HeapDestroy
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
WriteFile
GetStdHandle
ExitProcess
HeapReAlloc
HeapSize
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetHandleCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
WriteConsoleW
LCMapStringW
GetStringTypeW
FlushFileBuffers
InterlockedCompareExchange
InterlockedPushEntrySList
GetProcessHeap
VirtualFree
VirtualAlloc
InterlockedPopEntrySList

Exports

Exports

AtlAdvise
AtlAxAttachControl
AtlAxCreateControl
AtlAxCreateControlEx
AtlAxCreateControlLic
AtlAxCreateControlLicEx
AtlAxCreateDialogA
AtlAxCreateDialogW
AtlAxDialogBoxA
AtlAxDialogBoxW
AtlAxGetControl
AtlAxGetHost
AtlAxWinInit
AtlCallTermFunc
AtlComModuleGetClassObject
AtlComModuleRegisterClassObjects
AtlComModuleRevokeClassObjects
AtlComModuleUnregisterServer
AtlComPtrAssign
AtlComQIPtrAssign
AtlCreateRegistrar
AtlCreateTargetDC
AtlDevModeW2A
AtlFreeMarshalStream
AtlGetObjectSourceInterface
AtlGetPerUserRegistration
AtlGetVersion
AtlHiMetricToPixel
AtlIPersistPropertyBag_Load
AtlIPersistPropertyBag_Save
AtlIPersistStreamInit_Load
AtlIPersistStreamInit_Save
AtlInternalQueryInterface
AtlLoadTypeLib
AtlMarshalPtrInProc
AtlModuleAddTermFunc
AtlPixelToHiMetric
AtlRegisterClassCategoriesHelper
AtlSetErrorInfo
AtlSetPerUserRegistration
AtlUnadvise
AtlUnmarshalPtr
AtlUpdateRegistryFromResourceD
AtlWaitWithMessageLoop
AtlWinModuleAddCreateWndData
AtlWinModuleExtractCreateWndData
AtlWinModuleInit
AtlWinModuleRegisterClassExA
AtlWinModuleRegisterClassExW
AtlWinModuleRegisterWndClassInfoA
AtlWinModuleRegisterWndClassInfoW
AtlWinModuleTerm

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Internet Explorer/PPLite/plugin/1.0.0.745/$OUTDIR/mframe.dll
.dll regsvr32 windows:4 windows x86 arch:x86

efd9769dbbb5eb5c4b7f43e947c98ae2

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:13:a6:a1:c8:16:1a:87:ba:80:96:cf:b0:25:e2:38:f9:cf:10:8e
Signer

Actual PE Digest

0a:13:a6:a1:c8:16:1a:87:ba:80:96:cf:b0:25:e2:38:f9:cf:10:8e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42u

ord2371
ord2810
ord956
ord861
ord2362
ord858
ord2634
ord2966
ord5755
ord6188
ord5752
ord6182
ord4324
ord6185
ord6017
ord5869
ord5790
ord5674
ord5732
ord5575
ord5567
ord6057
ord5860
ord3591
ord535
ord925
ord4124
ord6354
ord2756
ord4197
ord2859
ord3566
ord6190
ord5781
ord922
ord940
ord5706
ord6195
ord5795
ord1173
ord2862
ord4269
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord5783
ord5193
ord2388
ord3341
ord5296
ord5298
ord4074
ord4692
ord5303
ord5285
ord5710
ord4616
ord3733
ord561
ord815
ord3948
ord2717
ord1165
ord2606
ord6193
ord6107
ord6238
ord2105
ord2559
ord2444
ord927
ord3711
ord790
ord5977
ord3541
ord4118
ord1143
ord2822
ord3016
ord1115
ord1568
ord1570
ord1179
ord342
ord1240
ord1194
ord1563
ord1248
ord1250
ord1571
ord600
ord826
ord269
ord5784
ord6871
ord6168
ord5785
ord537
ord3688
ord2114
ord1088
ord1634
ord860
ord2910
ord5568
ord942
ord556
ord809
ord3614
ord538
ord2078
ord4294
ord2294
ord795
ord3716
ord3397
ord4470
ord4704
ord6330
ord3087
ord4229
ord2356
ord2287
ord2350
ord2293
ord641
ord324
ord3592
ord4419
ord5276
ord4401
ord1767
ord6048
ord2506
ord4992
ord4847
ord4370
ord5261
ord6211
ord6466
ord3658
ord470
ord825
ord755
ord2854
ord2746
ord283
ord2406
ord5871
ord540
ord3798
ord323
ord1633
ord2397
ord640
ord800
ord3621
ord6451
ord5047
ord4270
ord692
ord567
ord3634
ord4418
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5273
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord5286
ord4347
ord6370
ord5157
ord2377
ord5237
ord4395
ord1768
ord4073
ord6051
ord2016
ord2405
ord6362
ord1764
ord823
ord1089

msvcrt

wcscmp
abs
swprintf
_ftol
atoi
_purecall
_wcsicmp
memset
malloc
free
_wcsnicmp
fflush
vfprintf
fopen
strlen
_snprintf
strncpy
fclose
memcmp
realloc
wcslen
iswdigit
_wtoi
_wcsdup
_getdrives
isspace
wcscpy
srand
rand
_except_handler3
memcpy
__CxxFrameHandler
isalnum
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
strcpy

kernel32

DeleteCriticalSection
InitializeCriticalSection
LoadLibraryExW
GetPrivateProfileStringW
InterlockedIncrement
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
GetLongPathNameW
GetCurrentProcess
FlushInstructionCache
LoadLibraryA
lstrcpynW
WideCharToMultiByte
GetWindowsDirectoryW
FreeLibrary
GetTickCount
GetModuleFileNameW
LoadLibraryW
OutputDebugStringA
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetLastError
SetLastError
InterlockedDecrement
lstrlenW
OutputDebugStringW
lstrcmpW
SetUnhandledExceptionFilter
GetLocalTime
lstrcatA
lstrcpyA
GetModuleFileNameA
CloseHandle
Module32NextW
GetLongPathNameA
Module32FirstW
CreateToolhelp32Snapshot
FindClose
FindFirstFileA
GetCurrentThread
VirtualQuery
DebugBreak
lstrlenA
GetPrivateProfileIntW
WritePrivateProfileStringW
GetEnvironmentVariableW
MultiByteToWideChar
LocalFree
LocalAlloc
lstrcpyW
GetCurrentThreadId

user32

EndDeferWindowPos
EnableWindow
DrawTextW
GetSysColor
CopyRect
InflateRect
FillRect
RedrawWindow
CreateWindowExW
DestroyWindow
SetWindowsHookExW
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos
GetParent
SetDlgItemTextW
GetDlgItem
SendMessageW
GetKeyState
CallNextHookEx
GetMenuItemInfoW
SetMenuItemInfoW
SetMenuDefaultItem
CreateDialogParamW
GetDoubleClickTime
PostMessageW
DeferWindowPos
ScreenToClient
ShowWindow
BeginDeferWindowPos
IsWindow
ReleaseDC
LoadStringW
GetDC
LoadMenuW
InvalidateRect
UnhookWindowsHookEx
UpdateWindow
PtInRect
ClientToScreen
GetCapture
SetRect
wsprintfW
DialogBoxParamW
SetRectEmpty
GetAncestor
MonitorFromWindow
GetMonitorInfoW
SetParent
SetForegroundWindow
EndDialog
SetFocus
GetClassNameW
WindowFromPoint
SetActiveWindow
GetCursorPos
IsChild
TrackPopupMenu
DestroyMenu
BringWindowToTop
IsWindowVisible
RegisterWindowMessageW
GrayStringW
TabbedTextOutW
EndPaint
GetMenu
AdjustWindowRectEx
IsWindowEnabled
DrawEdge
GetSystemMetrics
DrawFocusRect
SetWindowLongW
KillTimer
ReleaseCapture
SetCapture
CallWindowProcW
SetTimer
BeginPaint
LoadBitmapW
DefWindowProcW
CharNextW
wvsprintfW
IsRectEmpty
SetWindowTextW
MoveWindow
LoadImageW
GetFocus
GetSubMenu
GetWindowTextW
SetClassLongW
LoadCursorW
CopyIcon
GetDlgCtrlID
GetWindowLongW
SetCursor

gdi32

SetTextColor
GetBkColor
GetViewportExtEx
SetBkMode
LPtoDP
FloodFill
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DPtoLP
CreateBitmap
CreateCompatibleBitmap
GetMapMode
SetMapMode
SetBkColor
CreatePen
Rectangle
GetObjectW
CreateFontIndirectW
GetTextExtentPoint32W
CreateSolidBrush
CreateDIBSection
SelectObject
StretchBlt
DeleteDC
BitBlt
DeleteObject
CreateCompatibleDC
GetWindowExtEx

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey

shell32

ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFolderPathW
SHGetMalloc

ole32

CoTaskMemFree
CreateBindCtx

oleaut32

VariantClear
SysFreeString
SysAllocString
SysStringLen
SysAllocStringLen
LoadTypeLi
DispCallFunc
LoadRegTypeLi

urlmon

RegisterBindStatusCallback
CreateURLMoniker

atl

ord11
ord10
ord45
ord43
ord15
ord44
ord32
ord18
ord57
ord21
ord42
ord30
ord53
ord58
ord16

msimg32

GradientFill

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

pplugin2

?GetCurrentVersionW@@YGHIPAGK@Z

shlwapi

PathAppendA
PathStripPathW
PathFileExistsW
PathRemoveFileSpecW
PathFindFileNameA
PathRemoveFileSpecA
PathAppendW

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Internet Explorer/PPLite/plugin/1.0.0.745/$OUTDIR/msvcp100.dll
.dll windows:5 windows x86 arch:x86

7a0d9f66efd1839f136ca6896fa52dfa

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

a7:21:d1:9b:3f:b9:03:98:98:4f:d3:16:37:f9:36:ae:51:91:65:b9
Signer

Actual PE Digest

a7:21:d1:9b:3f:b9:03:98:98:4f:d3:16:37:f9:36:ae:51:91:65:b9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp100.i386.pdb

Imports

msvcr100

rand_s
memset
memmove
fgetc
ungetc
_lock_file
_unlock_file
fflush
setvbuf
memcpy_s
fwrite
fgetpos
_fseeki64
fsetpos
fclose
_fsopen
_wfsopen
fseek
ldexp
wcslen
memchr
memmove_s
sprintf_s
_Strftime
strcspn
setlocale
_realloc_crt
strcmp
_malloc_crt
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_purecall
strerror
fgetwc
fputwc
ungetwc
__uncaught_exception
towlower
towupper
_create_locale
_ui64toa_s
_free_locale
__pctype_func
_errno
___mb_cur_max_l_func
___lc_codepage_func
___lc_handle_func
__crtCompareStringA
memcmp
___lc_collate_cp_func
__crtLCMapStringA
__iob_func
?Alloc@Concurrency@@YAPAXI@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?Yield@Context@Concurrency@@SAXXZ
??1critical_section@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0bad_target@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
?set@event@Concurrency@@QAEXXZ
?wait@event@Concurrency@@QAEII@Z
??1event@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
?Free@Concurrency@@YAXPAX@Z
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
?Log2@details@Concurrency@@YAKI@Z
isupper
_calloc_crt
islower
__crtLCMapStringW
isspace
tolower
strtod
__crtCompareStringW
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__clean_type_info_names_internal
fputs
fputc
abort
log
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
_Getmonths
_Getdays
malloc
__CxxFrameHandler3
??2@YAPAXI@Z
___mb_cur_max_func
memcpy
strlen
??_V@YAXPAX@Z
_Gettnames
localeconv
free
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBDH@Z
??3@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??1exception@std@@UAE@XZ
??0operation_timed_out@Concurrency@@QAE@XZ
??0exception@std@@QAE@XZ

kernel32

GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
Sleep
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
GetLocaleInfoW
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
InterlockedCompareExchange
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetSystemTimeAsFileTime

Exports

Exports

??0?$_Yarn@D@std@@QAE@ABV01@@Z
??0?$_Yarn@D@std@@QAE@PBD@Z
??0?$_Yarn@D@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Concurrent_queue_base_v4@details@Concurrency@@IAE@I@Z
??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@ABV_Concurrent_queue_base_v4@12@@Z
??0_Container_base12@std@@QAE@ABU01@@Z
??0_Container_base12@std@@QAE@XZ
??0_Init_locks@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locimp@locale@std@@AAE@_N@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Mutex@std@@QAE@W4_Uninitialized@1@@Z
??0_Mutex@std@@QAE@XZ
??0_Runtime_object@details@Concurrency@@QAE@H@Z
??0_Runtime_object@details@Concurrency@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0agent@Concurrency@@QAE@AAVScheduleGroup@1@@Z
??0agent@Concurrency@@QAE@AAVScheduler@1@@Z
??0agent@Concurrency@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0ios_base@std@@QAE@ABV01@@Z
??0time_base@std@@QAE@I@Z
??1?$_Yarn@D@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$codecvt@DDH@std@@MAE@XZ
??1?$codecvt@GDH@std@@MAE@XZ
??1?$codecvt@_WDH@std@@MAE@XZ
??1?$ctype@D@std@@MAE@XZ
??1?$ctype@G@std@@MAE@XZ
??1?$ctype@_W@std@@MAE@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Concurrent_queue_base_v4@details@Concurrency@@MAE@XZ
??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@XZ
??1_Concurrent_vector_base_v4@details@Concurrency@@IAE@XZ
??1_Container_base12@std@@QAE@XZ
??1_Init_locks@std@@QAE@XZ
??1_Locimp@locale@std@@MAE@XZ
??1_Locinfo@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Mutex@std@@QAE@XZ
??1_Timevec@std@@QAE@XZ
??1_UShinit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1agent@Concurrency@@UAE@XZ
??1codecvt_base@std@@UAE@XZ
??1ctype_base@std@@UAE@XZ
??1facet@locale@std@@UAE@XZ
??1ios_base@std@@UAE@XZ
??1time_base@std@@UAE@XZ
??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z
??4?$numeric_limits@C@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@D@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@E@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@F@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@G@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@H@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@I@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@J@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@K@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@M@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@N@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@O@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_J@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_K@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_N@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_W@std@@QAEAAV01@ABV01@@Z
??4Init@ios_base@std@@QAEAAV012@ABV012@@Z
??4_Container_base0@std@@QAEAAU01@ABU01@@Z
??4_Container_base12@std@@QAEAAU01@ABU01@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
??4_Num_base@std@@QAEAAU01@ABU01@@Z
??4_Num_float_base@std@@QAEAAU01@ABU01@@Z
??4_Num_int_base@std@@QAEAAU01@ABU01@@Z
??4_Timevec@std@@QAEAAV01@ABV01@@Z
??4_UShinit@std@@QAEAAV01@ABV01@@Z
??4_Winit@std@@QAEAAV01@ABV01@@Z
??4ios_base@std@@QAEAAV01@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??7ios_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
??Bios_base@std@@QBEPAXXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDH@std@@6B@
??_7?$codecvt@GDH@std@@6B@
??_7?$codecvt@_WDH@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_F?$codecvt@DDH@std@@QAEXXZ
??_F?$codecvt@GDH@std@@QAEXXZ
??_F?$codecvt@_WDH@std@@QAEXXZ
??_F?$ctype@D@std@@QAEXXZ
??_F?$ctype@G@std@@QAEXXZ
??_F?$ctype@_W@std@@QAEXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F_Locimp@locale@std@@QAEXXZ
??_F_Locinfo@std@@QAEXXZ
??_F_Timevec@std@@QAEXXZ
??_Fcodecvt_base@std@@QAEXXZ
??_Fctype_base@std@@QAEXXZ
??_Ffacet@locale@std@@QAEXXZ
??_Fid@locale@std@@QAEXXZ
??_Ftime_base@std@@QAEXXZ
?NFS_Allocate@details@Concurrency@@YAPAXIIPAX@Z
?NFS_Free@details@Concurrency@@YAXPAX@Z
?NFS_GetLineSize@details@Concurrency@@YAIXZ
?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Addstd@ios_base@std@@SAXPAV12@@Z
?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXXZ
?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXABV123@@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_C_str@?$_Yarn@D@std@@QBEPBDXZ
?_Callfns@ios_base@std@@AAEXW4event@12@@Z
?_Clocptr@_Locimp@locale@std@@0PAV123@A
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Donarrow@?$ctype@G@std@@IBEDGD@Z
?_Donarrow@?$ctype@_W@std@@IBED_WD@Z
?_Dowiden@?$ctype@G@std@@IBEGD@Z
?_Dowiden@?$ctype@_W@std@@IBE_WD@Z
?_Empty@?$_Yarn@D@std@@QBE_NXZ
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z
?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDIIII@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDIIII@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDIIII@Z
?_GetCombinableSize@details@Concurrency@@YAIXZ
?_GetCurrentThreadId@details@Concurrency@@YAKXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@GDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QBEHXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAH@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAH@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAH@Z
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getmonths@_Locinfo@std@@QBEPBDXZ
?_Getname@_Locinfo@std@@QBEPBDXZ
?_Getpfirst@_Container_base12@std@@QBEPAPAU_Iterator_base12@2@XZ
?_Getptr@_Timevec@std@@QBEPAXXZ
?_Gettnames@_Locinfo@std@@QBE?AV_Timevec@2@XZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBE_JXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Hexdig@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHDDDD@Z
?_Hexdig@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHGGGG@Z
?_Hexdig@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAH_W000@Z
?_Id_cnt@id@locale@std@@0HA
?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Incref@facet@locale@std@@QAEXXZ

Sections

.text
Size: 371KB - Virtual size: 371KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Internet Explorer/PPLite/plugin/1.0.0.745/$OUTDIR/msvcr100.dll
.dll windows:5 windows x86 arch:x86

5271d5ce8b44dd47bc92563e27585466

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

05:c5:93:9c:0d:cd:fc:08:2e:51:ee:8e:e1:e0:0f:4b:d3:83:4c:d6
Signer

Actual PE Digest

05:c5:93:9c:0d:cd:fc:08:2e:51:ee:8e:e1:e0:0f:4b:d3:83:4c:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr100.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetCurrentThreadId
TlsGetValue
GetCommandLineW
GetCommandLineA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileExA
FindClose
FindNextFileW
FindFirstFileExW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Sleep
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameA
GetDriveTypeW
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
GetDriveTypeA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
CreateTimerQueueTimer
DeleteTimerQueueTimer
SetEvent
CreateEventW
SwitchToThread
SignalObjectAndWait
TryEnterCriticalSection
GetTickCount
VirtualFree
GetVersionExW
SetThreadPriority
VirtualAlloc
GetSystemInfo
GetProcessAffinityMask
VirtualProtect
SetThreadAffinityMask
InitializeSListHead
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
GetThreadPriority
LoadLibraryW
SleepEx
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
DebugBreak
MultiByteToWideChar
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeFormatW
GetDateFormatW
RtlUnwind
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
HeapQueryInformation
HeapReAlloc
HeapSize
HeapValidate
HeapCompact
HeapWalk
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoW
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
CreateFileW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreatePipe
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleW
ReadConsoleW
SetEndOfFile
GetProcessHeap
InterlockedExchange
LockFile
UnlockFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
SetConsoleCtrlHandler
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringW
CompareStringW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsProcessorFeaturePresent

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@details@Concurrency@@QAE@PBD@Z
??0task_canceled@details@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@IAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_ConcRT_Assert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_DumpMessage@details@Concurrency@@YAXPB_WZZ
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p

Sections

.text
Size: 709KB - Virtual size: 708KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Internet Explorer/PPLite/plugin/1.0.0.745/$OUTDIR/ppp.dll
.dll regsvr32 windows:4 windows x86 arch:x86

edf4943e70bdf926606a4e8b4df57bc2

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:cf:85:75:18:3c:0c:1b:a8:37:11:e1:06:2a:ac:ea:1e:7c:cc:24
Signer

Actual PE Digest

39:cf:85:75:18:3c:0c:1b:a8:37:11:e1:06:2a:ac:ea:1e:7c:cc:24

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42u

ord1115
ord1173
ord1568
ord1165
ord1570
ord1179
ord342
ord1240
ord1563
ord1248
ord1250
ord1571
ord600
ord826
ord269
ord5852
ord3658
ord1863
ord268
ord1560
ord4199
ord4272
ord2756
ord2859
ord470
ord2746
ord755
ord942
ord5679
ord5706
ord4124
ord6770
ord2822
ord2910
ord5568
ord6139
ord940
ord925
ord6466
ord1128
ord2717
ord3948
ord815
ord561
ord3733
ord4418
ord4616
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5710
ord5285
ord5303
ord4692
ord4074
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord927
ord860
ord823
ord538
ord834
ord537
ord541
ord6874
ord5857
ord922
ord801
ord6868
ord1594
ord535
ord858
ord2606
ord2810
ord800
ord861
ord825
ord540
ord1194

msvcrt

_wfopen
fgetws
fclose
srand
rand
_findfirst
_findnext
wcsncpy
swprintf
strcat
strrchr
wcscmp
atol
strncpy
sscanf
memset
_ftol
wcscpy
sprintf
strcpy
wcstoul
_wtoi
malloc
free
strlen
_findclose
tolower
islower
toupper
isalnum
isspace
wcslen
realloc
memcpy
_wcsicmp
_purecall
_itow
memcmp
_i64tow
atoi
__CxxFrameHandler
_CxxThrowException
_wcsdup
_snprintf
strcmp
fprintf
fread
ftell
fseek
fopen
fputs
isalpha
strncmp
strchr
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv

kernel32

GetEnvironmentVariableW
GetPrivateProfileStringW
lstrlenW
WideCharToMultiByte
GetACP
lstrlenA
MultiByteToWideChar
SetFileTime
CopyFileW
WritePrivateProfileStringW
LocalFree
LocalAlloc
GetProcAddress
DeviceIoControl
CreateFileA
GetVersionExA
GetModuleFileNameA
GetModuleHandleA
CreateMutexW
MapViewOfFile
OpenFileMappingW
ReleaseMutex
FlushViewOfFile
UnmapViewOfFile
LoadLibraryW
FreeLibrary
GetTickCount
DeleteFileW
GetTempPathW
CreateDirectoryW
LeaveCriticalSection
EnterCriticalSection
FlushInstructionCache
GetCurrentProcess
InterlockedDecrement
CloseHandle
CreateProcessW
TerminateProcess
WaitForSingleObject
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
OutputDebugStringW
LoadLibraryExW
GetSystemInfo
GetModuleHandleW
GetVersionExW
GetPrivateProfileIntW
VirtualQuery
SystemTimeToFileTime
GetSystemTime
GetFileTime
GetLastError
Sleep
CreateFileW

user32

SetTimer
SetWindowLongW
DefWindowProcW
RegisterWindowMessageW
GetWindowLongW
CallWindowProcW
GetClientRect
IsWindow
PostMessageW
FindWindowW
SendMessageW
SetWindowTextW
ShowWindow
BringWindowToTop
MoveWindow
GetWindowRect
GetWindowThreadProcessId
DestroyWindow
KillTimer
SetWindowPos
GetAncestor
CreateWindowExW
WaitForInputIdle

advapi32

RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
OpenProcessToken
RegCloseKey

shell32

SHGetFolderPathW

ole32

CoCreateGuid
CoCreateInstance

oleaut32

SysAllocStringLen
LoadTypeLi
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
VariantInit
SysAllocString
SysStringLen
LoadRegTypeLi
DispCallFunc
VariantClear
SysFreeString

atl

ord42
ord23
ord21
ord58
ord11
ord10
ord15
ord18
ord57
ord32
ord16
ord53
ord45
ord44
ord43
ord48
ord30
ord47

msvcp60

?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDH@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
?resize@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXI@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBDI@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?_Xran@std@@YAXXZ
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??9std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ

rpcrt4

UuidToStringW
UuidFromStringA

ws2_32

gethostname
gethostbyname
inet_addr
inet_ntoa

shlwapi

PathRemoveExtensionW
PathFindExtensionW
PathRemoveFileSpecW
PathFileExistsW
PathAppendW
StrStrIW
StrStrIA
PathStripPathW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
NSGetModule

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
components/$OUTDIR/cmdline.dll
.dll regsvr32 windows:5 windows x86 arch:x86

fb710db50f09303a58e3e6abf171df01

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

97:82:45:07:56:05:1e:3b:65:45:08:87:c3:89:c2:ed:96:c2:60:ac
Signer

Actual PE Digest

97:82:45:07:56:05:1e:3b:65:45:08:87:c3:89:c2:ed:96:c2:60:ac

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\geoegeliu\.hudson\jobs\PPTV\workspace\cmdline\Release\cmdline.pdb

Imports

kernel32

GetModuleFileNameW
RaiseException
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
lstrlenW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
GetModuleHandleW
GetProcAddress
DisableThreadLibraryCalls
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
LeaveCriticalSection
IsDebuggerPresent
EnterCriticalSection
EncodePointer
WideCharToMultiByte
GetSystemTimeAsFileTime

user32

UnregisterClassW
CharNextW

ole32

CoCreateInstance

oleaut32

SysStringLen
SysAllocString
SysAllocStringLen
LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi
SysFreeString

atl100

ord58
ord32
ord15
ord49
ord56
ord68
ord61
ord23
ord64
ord31

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ

msvcr100

wcsncpy_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
_CxxThrowException
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
??_V@YAXPAX@Z
_purecall
free
__CxxFrameHandler3
memmove
_wcsicmp
malloc
wcsncpy
memset
memcpy
_recalloc
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__clean_type_info_names_internal
??3@YAXPAX@Z
memmove_s
??1exception@std@@UAE@XZ

omng

ord7

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
NSGetModule

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
components/$OUTDIR/filepick.dll
.dll regsvr32 windows:4 windows x86 arch:x86

b19a32b747d480a5fa1152cef53c4bf1

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

19/11/2009, 00:00

Not After

18/11/2012, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c0:c6:fd:e6:30:54:eb:1c:0f:fa:fc:ef:fe:65:f0:d7:0d:de:1a:5e
Signer

Actual PE Digest

c0:c6:fd:e6:30:54:eb:1c:0f:fa:fc:ef:fe:65:f0:d7:0d:de:1a:5e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OpenMutexW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
CreateMutexW
WritePrivateProfileSectionW
ExpandEnvironmentStringsW
GetCurrentProcess
InitializeCriticalSection
GetLogicalDriveStringsW
GetDriveTypeW
GetTempFileNameW
CreateFileW
WriteFile
GetDiskFreeSpaceExW
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
WideCharToMultiByte
DisableThreadLibraryCalls
EnterCriticalSection
LeaveCriticalSection
lstrlenW
GetModuleHandleW
GetModuleFileNameW
CreateProcessW
WaitForSingleObject
GetPrivateProfileSectionNamesW
CloseHandle

user32

MessageBoxIndirectW
GetSystemMenu
EnableMenuItem
ExitWindowsEx
GetWindowLongW
BringWindowToTop
PostMessageW
ShowWindow
FindWindowExW
SendMessageW
FindWindowW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegSetValueExW

shell32

SHGetPathFromIDListW
ord165
SHGetFolderPathW
ShellExecuteExW
SHBrowseForFolderW

ole32

CoTaskMemFree

oleaut32

SysAllocString
VariantCopy
SysStringLen
LoadTypeLi
SysAllocStringLen
SysFreeString
VariantClear

atl

ord30
ord23
ord21
ord16
ord15
ord18
ord57
ord32
ord58

msvcp60

?_Eos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?_Freeze@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEPAGPAG0@Z
?end@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEPAGXZ
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?_Xlen@std@@YAXXZ
?_Copy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_Split@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??Mstd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z

shlwapi

PathAddBackslashW
PathRemoveFileSpecW
PathUnExpandEnvStringsW
SHDeleteKeyW
PathAppendW
PathFindExtensionW
PathFileExistsW

msvcrt

iswdigit
??2@YAPAXI@Z
__CxxFrameHandler
_purecall
wcslen
wcsncpy
_onexit
__dllonexit
wcscpy
_adjust_fdiv
_initterm
?terminate@@YAXXZ
wcstol
wcscmp
_itow
_except_handler3
free
malloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
NSGetModule

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
skins/3xgiving/common/checkbox.bmp
skins/3xgiving/common/checkbox_checked.bmp
skins/3xgiving/common/checkbox_checked_disabled.bmp
skins/3xgiving/common/checkbox_checked_down.bmp
skins/3xgiving/common/checkbox_checked_hover.bmp
skins/3xgiving/common/checkbox_disabled.bmp
skins/3xgiving/common/checkbox_down.bmp
skins/3xgiving/common/checkbox_hover.bmp
skins/classic/common/checkbox.bmp
skins/classic/common/checkbox_checked.bmp
skins/classic/common/checkbox_checked_disabled.bmp
skins/classic/common/checkbox_checked_down.bmp
skins/classic/common/checkbox_checked_hover.bmp
skins/classic/common/checkbox_disabled.bmp
skins/classic/common/checkbox_down.bmp
skins/classic/common/checkbox_hover.bmp
skins/classic_b/common/checkbox.bmp
skins/classic_b/common/checkbox_checked.bmp
skins/classic_b/common/checkbox_checked_disabled.bmp
skins/classic_b/common/checkbox_checked_down.bmp
skins/classic_b/common/checkbox_checked_hover.bmp
skins/classic_b/common/checkbox_disabled.bmp
skins/classic_b/common/checkbox_down.bmp
skins/classic_b/common/checkbox_hover.bmp
skins/common/common/checkbox.bmp
skins/common/common/checkbox_checked.bmp
skins/common/common/checkbox_checked_disabled.bmp
skins/common/common/checkbox_checked_down.bmp
skins/common/common/checkbox_checked_hover.bmp
skins/common/common/checkbox_disabled.bmp
skins/common/common/checkbox_down.bmp
skins/common/common/checkbox_hover.bmp
skins/default/common/checkbox.bmp
skins/default/common/checkbox_checked.bmp
skins/default/common/checkbox_checked_disabled.bmp
skins/default/common/checkbox_checked_down.bmp
skins/default/common/checkbox_checked_hover.bmp
skins/default/common/checkbox_disabled.bmp
skins/default/common/checkbox_down.bmp
skins/default/common/checkbox_hover.bmp

Sharing

General

Malware Config

Signatures

Files

ff8d8dbb96b7ab762c0ce51911e4d104

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65Certificate

Extended Key Usages

Key Usages

b1:80:4e:14:69:af:33:8c:c4:83:5b:e5:7a:79:b2:11:ac:d0:7b:32Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 107KB

.ndata Size: - Virtual size: 116KB

.rsrc Size: 413KB - Virtual size: 413KB

ef4c749f5dec4632456950949469f18c

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65Certificate

Extended Key Usages

Key Usages

a2:a6:cc:12:37:a1:26:cf:f3:5f:5a:8f:20:a6:d0:87:fd:44:0f:67Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

gdi32

ole32

advapi32

Exports

Exports

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.data Size: 36KB - Virtual size: 34KB

Shared Size: 4KB - Virtual size: 3KB

.rsrc Size: 72KB - Virtual size: 70KB

.reloc Size: 32KB - Virtual size: 28KB

be2cdd69a77d75f2dbcae5190204885d

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

b1:80:4e:14:69:af:33:8c:c4:83:5b:e5:7a:79:b2:11:ac:d0:7b:32
Signer

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 107KB

.ndata
Size: - Virtual size: 116KB

.rsrc
Size: 413KB - Virtual size: 413KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

a2:a6:cc:12:37:a1:26:cf:f3:5f:5a:8f:20:a6:d0:87:fd:44:0f:67
Signer

.text
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 36KB - Virtual size: 34KB

Shared
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 72KB - Virtual size: 70KB

.reloc
Size: 32KB - Virtual size: 28KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

76:c9:c7:c4:6f:ff:3d:c2:e6:06:c3:95:77:87:10:5a:2d:2c:6e:12
Signer

.text
Size: 378KB - Virtual size: 378KB

.rdata
Size: 99KB - Virtual size: 98KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 17KB - Virtual size: 16KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

6d:52:7f:4d:7d:6c:1a:2b:a7:ef:81:d5:0c:89:d7:65
Certificate

d7:ad:7a:80:59:94:6d:8d:b2:3b:50:60:57:c6:3f:2c:fa:7b:53:22
Signer

.text
Size: 38KB - Virtual size: 37KB