cafc1243ebcf0f59efc99dab412f7a9b

resource
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$SYSDIR/atl71.dll
unpack002/$SYSDIR/jscript.dll
unpack002/$SYSDIR/msscript.ocx
unpack002/$SYSDIR/msvcp71.dll
unpack002/$SYSDIR/msvcr71.dll
unpack002/ThunderService/atl71.dll
unpack002/ThunderService/libexpat.dll
unpack002/ThunderService/liblua.dll
unpack002/ThunderService/mini_unzip_dll.dll
unpack002/ThunderService/minizip.dll
unpack002/ThunderService/msvcp71.dll
unpack002/ThunderService/msvcr71.dll
unpack002/ThunderService/zlib1.dll
unpack002/xl_client/zlib1.dll
unpack002/xl_skin/giflib4.dll
unpack002/xl_skin/jscript.dll
unpack002/xl_skin/libjpeg6b.dll
unpack002/xl_skin/libpng13.dll
unpack002/xl_skin/msscript.ocx
unpack002/xl_skin/zlib1.dll

resource	yara_rule
static1/unpack001/VASetup_1.0.0.12.exe	nsis_installer_1
static1/unpack001/VASetup_1.0.0.12.exe	nsis_installer_2

.rar

VASetup_1.0.0.12.exe

.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

1b:f4:37:cb:40:e7:c3:e6:b6:63:b3:e3:ba:45:2f:de
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26/05/2009, 00:00

Not After

26/05/2011, 23:59

Subject

CN=ShenZhen Thunder Networking Technologies Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=ShenZhen Thunder Networking Technologies Ltd.,L=ShenZhen,ST=GuangDong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:ae:b6:82:86:63:fe:d9:75:55:f8:fe:24:f3:3b:1a
Certificate

Issuer

Not Before

01/04/2009, 00:00

Not After

31/03/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

37:6b:32:55:7f:a1:c6:24:8e:c1:05:1d:57:2b:ac:40:b1:fd:f6:28
Signer

Actual PE Digest

37:6b:32:55:7f:a1:c6:24:8e:c1:05:1d:57:2b:ac:40:b1:fd:f6:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime

SearchPathA

GetShortPathNameA

GetFullPathNameA

MoveFileA

SetCurrentDirectoryA

GetFileAttributesA

GetLastError

CreateDirectoryA

SetFileAttributesA

Sleep

GetTickCount

GetFileSize

GetModuleFileNameA

GetCurrentProcess

CopyFileA

ExitProcess

GetWindowsDirectoryA

SetFileTime

GetCommandLineA

SetErrorMode

LoadLibraryA

lstrcpynA

GetDiskFreeSpaceA

GlobalUnlock

GlobalLock

CreateThread

CreateProcessA

RemoveDirectoryA

CreateFileA

GetTempFileNameA

lstrlenA

lstrcatA

GetSystemDirectoryA

GetVersion

CloseHandle

lstrcmpiA

lstrcmpA

ExpandEnvironmentStringsA

GlobalFree

GlobalAlloc

WaitForSingleObject

GetExitCodeProcess

GetModuleHandleA

LoadLibraryExA

GetProcAddress

FreeLibrary

MultiByteToWideChar

WritePrivateProfileStringA

GetPrivateProfileStringA

WriteFile

ReadFile

MulDiv

SetFilePointer

FindClose

FindNextFileA

FindFirstFileA

DeleteFileA

GetTempPathA

user32

EndDialog

ScreenToClient

GetWindowRect

EnableMenuItem

GetSystemMenu

SetClassLongA

IsWindowEnabled

SetWindowPos

GetSysColor

GetWindowLongA

SetCursor

LoadCursorA

CheckDlgButton

GetMessagePos

LoadBitmapA

CallWindowProcA

IsWindowVisible

CloseClipboard

SetClipboardData

EmptyClipboard

RegisterClassA

TrackPopupMenu

AppendMenuA

CreatePopupMenu

GetSystemMetrics

SetDlgItemTextA

GetDlgItemTextA

MessageBoxIndirectA

CharPrevA

DispatchMessageA

PeekMessageA

DestroyWindow

CreateDialogParamA

SetTimer

SetWindowTextA

PostQuitMessage

SetForegroundWindow

wsprintfA

SendMessageTimeoutA

FindWindowExA

SystemParametersInfoA

CreateWindowExA

GetClassInfoA

DialogBoxParamA

CharNextA

OpenClipboard

ExitWindowsEx

IsWindow

GetDlgItem

SetWindowLongA

LoadImageA

GetDC

EnableWindow

InvalidateRect

SendMessageA

DefWindowProcA

BeginPaint

GetClientRect

FillRect

DrawTextA

EndPaint

ShowWindow

gdi32

SetBkColor

GetDeviceCaps

DeleteObject

CreateBrushIndirect

CreateFontIndirectA

SetBkMode

SetTextColor

SelectObject

shell32

SHGetPathFromIDListA

SHBrowseForFolderA

SHGetFileInfoA

ShellExecuteA

SHFileOperationA

SHGetSpecialFolderLocation

advapi32

RegQueryValueExA

RegSetValueExA

RegEnumKeyA

RegEnumValueA

RegOpenKeyExA

RegDeleteKeyA

RegDeleteValueA

RegCloseKey

RegCreateKeyExA

comctl32

ImageList_AddMasked

ImageList_Destroy

ord17

ImageList_Create

ole32

CoTaskMemFree

OleInitialize

OleUninitialize

CoCreateInstance

version

GetFileVersionInfoSizeA

GetFileVersionInfoA

VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

$0/va.cfg

.js

$0/va.lua

.js

$PLUGINSDIR/InstallOptions.dll

.dll windows:4 windows x86 arch:x86

295fc8c35dee88b924b0f6bafc807c6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA

GetCurrentDirectoryA

GetTickCount

MultiByteToWideChar

GetPrivateProfileIntA

GlobalLock

GetModuleHandleA

lstrcmpiA

GetPrivateProfileStringA

lstrcatA

lstrcpynA

WritePrivateProfileStringA

lstrlenA

lstrcpyA

GlobalFree

GlobalUnlock

GlobalAlloc

user32

LoadCursorA

PtInRect

MapWindowPoints

GetDlgCtrlID

CloseClipboard

SetCursor

OpenClipboard

GetClientRect

SetWindowRgn

LoadIconA

LoadImageA

SetWindowLongA

CreateWindowExA

MapDialogRect

SetWindowPos

GetWindowRect

CreateDialogParamA

ShowWindow

EnableMenuItem

GetSystemMenu

EnableWindow

GetDlgItem

DestroyIcon

DestroyWindow

DispatchMessageA

TranslateMessage

GetMessageA

IsDialogMessageA

DrawTextA

GetWindowLongA

DrawFocusRect

MessageBoxA

CallWindowProcA

PostMessageA

SetTimer

KillTimer

CharNextA

wsprintfA

GetWindowTextA

SetWindowTextA

SendMessageA

GetClipboardData

gdi32

SetTextColor

CreateCompatibleDC

GetObjectA

GetDIBits

CreateRectRgn

CombineRgn

DeleteObject

SelectObject

shell32

SHBrowseForFolderA

SHGetDesktopFolder

SHGetPathFromIDListA

ShellExecuteA

comdlg32

GetOpenFileNameA

GetSaveFileNameA

CommDlgExtendedError

ole32

CoTaskMemFree

Exports

dialog

initDialog

show

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/System.dll

.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc

GlobalFree

GlobalSize

GetLastError

lstrcpyA

lstrcpynA

FreeLibrary

lstrcatA

GetProcAddress

LoadLibraryA

GetModuleHandleA

MultiByteToWideChar

lstrlenA

WideCharToMultiByte

VirtualAlloc

VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2

CLSIDFromString

Exports

Alloc

Call

Copy

Free

Get

Int64Op

Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 470B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/ioSpecial.ini

$PLUGINSDIR/modern-header.bmp

$PLUGINSDIR/modern-wizard.bmp

$SYSDIR/atl71.dll

.dll windows:4 windows x86 arch:x86

a0bd0cbc6c3c1f3095dd9342b630fcb9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

atl71.pdb

Imports

kernel32

InterlockedExchange

GetACP

GetLocaleInfoA

GetThreadLocale

GetVersionExW

RaiseException

EnterCriticalSection

LeaveCriticalSection

InitializeCriticalSection

DeleteCriticalSection

GetCurrentThreadId

lstrlenW

lstrcpyW

GetLastError

DisableThreadLibraryCalls

GetVersionExA

InterlockedIncrement

InterlockedDecrement

FreeLibrary

MultiByteToWideChar

SizeofResource

LoadResource

FindResourceW

LoadLibraryExW

lstrcmpiW

lstrcpynW

CloseHandle

ReadFile

GetFileSize

CreateFileW

GetModuleHandleW

GetModuleFileNameW

WideCharToMultiByte

WaitForSingleObject

GlobalAlloc

FindResourceA

MulDiv

lstrcatW

FlushInstructionCache

GetCurrentProcess

GlobalUnlock

GlobalLock

lstrcmpW

SetLastError

GlobalFree

GlobalHandle

LockResource

lstrcmpA

GetModuleHandleA

GetTickCount

LocalAlloc

VirtualQuery

HeapFree

GetProcessHeap

InterlockedCompareExchange

HeapAlloc

GetProcAddress

LoadLibraryA

IsProcessorFeaturePresent

VirtualFree

VirtualAlloc

ExitProcess

HeapSize

DebugBreak

HeapReAlloc

QueryPerformanceCounter

GetCurrentProcessId

GetSystemTimeAsFileTime

lstrcatA

lstrcpyA

lstrlenA

GetModuleFileNameA

RtlUnwind

shlwapi

PathFindExtensionW

Exports

AtlAdvise

AtlAxAttachControl

AtlAxCreateControl

AtlAxCreateControlEx

AtlAxCreateControlLic

AtlAxCreateControlLicEx

AtlAxCreateDialogA

AtlAxCreateDialogW

AtlAxDialogBoxA

AtlAxDialogBoxW

AtlAxGetControl

AtlAxGetHost

AtlAxWinInit

AtlCallTermFunc

AtlComModuleGetClassObject

AtlComModuleRegisterClassObjects

AtlComModuleRegisterServer

AtlComModuleRevokeClassObjects

AtlComModuleUnregisterServer

AtlComPtrAssign

AtlComQIPtrAssign

AtlCreateRegistrar

AtlCreateTargetDC

AtlDevModeW2A

AtlFreeMarshalStream

AtlGetObjectSourceInterface

AtlGetVersion

AtlHiMetricToPixel

AtlIPersistPropertyBag_Load

AtlIPersistPropertyBag_Save

AtlIPersistStreamInit_Load

AtlIPersistStreamInit_Save

AtlInternalQueryInterface

AtlLoadTypeLib

AtlMarshalPtrInProc

AtlModuleAddTermFunc

AtlPixelToHiMetric

AtlRegisterClassCategoriesHelper

AtlRegisterTypeLib

AtlSetErrorInfo

AtlUnRegisterTypeLib

AtlUnadvise

AtlUnmarshalPtr

AtlUpdateRegistryFromResourceD

AtlWaitWithMessageLoop

AtlWinModuleAddCreateWndData

AtlWinModuleExtractCreateWndData

AtlWinModuleInit

AtlWinModuleRegisterClassExA

AtlWinModuleRegisterClassExW

AtlWinModuleRegisterWndClassInfoA

AtlWinModuleRegisterWndClassInfoW

AtlWinModuleTerm

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$SYSDIR/jscript.dll

.dll regsvr32 windows:6 windows x86 arch:x86

f5c2ec3f2d0669defbf38fcfa1d3e83f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

jscript.pdb

Imports

msvcrt

__pioinfo

__badioinfo

wcstombs

ferror

wctomb

_itoa

_snprintf

localeconv

isxdigit

isleadbyte

mbtowc

calloc

iswctype

memcpy

memset

_onexit

_lock

__dllonexit

_unlock

_amsg_exit

_initterm

_XcptFilter

_iob

__mb_cur_max

_errno

_isnan

sin

asin

exp

_read

acos

fmod

tan

_ftime

log

pow

cos

sqrt

atan2

bsearch

_ismbblead

_wasctime

_tzset

isdigit

localtime

_vsnwprintf

isalpha

_wcslwr

ceil

iswxdigit

wcsstr

towlower

atoi

wcscspn

_clearfp

_statusfp

strrchr

_ltow

_ultow

longjmp

strtoul

_control87

_mbsrchr

_mbsicmp

_wcsicmp

_purecall

_fileno

_lseeki64

_write

_wcsnicmp

??2@YAPAXI@Z

_wcsdup

realloc

wcsncmp

??3@YAXPAX@Z

??_V@YAXPAX@Z

??_U@YAPAXI@Z

memmove

wcschr

malloc

free

_isatty

atan

ungetc

floor

_CIfmod

_CIlog

_setjmp3

oleaut32

SysAllocStringByteLen

VariantChangeTypeEx

SafeArrayCopy

SafeArrayGetElement

CreateTypeLi

SafeArrayRedim

LoadTypeLibEx

GetActiveObject

LoadTypeLi

GetErrorInfo

SafeArrayCreate

SafeArrayDestroy

SysStringByteLen

VariantInit

VariantCopy

VariantCopyInd

SysAllocString

VariantClear

SysAllocStringLen

CreateTypeLib2

SysFreeString

LoadRegTypeLi

SysStringLen

kernel32

GetTimeFormatA

SearchPathW

GetUserDefaultUILanguage

GetSystemDefaultUILanguage

UnmapViewOfFile

GetVersionExW

CreateFileW

CreateFileMappingW

CloseHandle

MapViewOfFile

LoadLibraryExW

FindResourceExW

SetUnhandledExceptionFilter

UnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

GetSystemTimeAsFileTime

RtlUnwind

OutputDebugStringA

Sleep

VirtualQuery

GetSystemInfo

GetModuleHandleW

VirtualAlloc

VirtualProtect

InterlockedCompareExchange

GetLastError

DelayLoadFailureHook

LCMapStringW

GetVersion

CompareStringA

GetNumberFormatW

SetLastError

LCMapStringA

CompareStringW

GetTimeFormatW

GetLocaleInfoW

GetDateFormatA

GetNumberFormatA

InterlockedIncrement

GetDateFormatW

MulDiv

GetSystemTime

GetTimeZoneInformation

GetCurrentProcessId

GetTickCount

QueryPerformanceCounter

GetEnvironmentVariableW

MultiByteToWideChar

GetComputerNameA

GetProcAddress

TlsSetValue

GetStringTypeW

WideCharToMultiByte

GetStringTypeA

TlsFree

TlsAlloc

FreeLibrary

GetVersionExA

LoadLibraryExA

LockResource

GetModuleFileNameW

SizeofResource

LoadResource

FreeResource

FindResourceA

IsValidCodePage

GetACP

IsValidLocale

GetSystemDefaultLCID

GetUserDefaultLCID

GetLocaleInfoA

GetCurrentThreadId

DeleteCriticalSection

EnterCriticalSection

InterlockedExchange

LeaveCriticalSection

InitializeCriticalSection

TlsGetValue

GetModuleHandleA

GetModuleFileNameA

InterlockedDecrement

shlwapi

PathRemoveFileSpecW

PathCombineW

version

VerQueryValueW

GetFileVersionInfoW

GetFileVersionInfoSizeW

Exports

DllCanUnloadNow

DllGetClassObject

DllRegisterServer

DllUnregisterServer

Sections

.text
Size: 620KB - Virtual size: 620KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$SYSDIR/msscript.ocx

.dll regsvr32 windows:5 windows x86 arch:x86

3793b90a92464f525c430a6b5fdf224f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

msscript.pdb

Imports

msvcrt

??1type_info@@UAE@XZ

?terminate@@YAXXZ

_beginthreadex

wcslen

_purecall

__CxxFrameHandler

_wcsicmp

_vsnprintf

_onexit

__dllonexit

_adjust_fdiv

malloc

_initterm

free

_except_handler3

oleaut32

VariantCopyInd

SetErrorInfo

CreateErrorInfo

SysFreeString

SysAllocStringLen

SysStringLen

OleCreatePropertyFrame

LoadRegTypeLi

VariantChangeType

LoadTypeLibEx

UnRegisterTypeLi

LoadTypeLi

RegisterTypeLi

SysAllocString

VariantChangeTypeEx

VariantClear

SafeArrayGetUBound

SafeArrayGetLBound

SafeArrayAccessData

SafeArrayUnaccessData

LHashValOfNameSys

ole32

CoCreateInstance

CLSIDFromProgID

CoTaskMemAlloc

CreateOleAdviseHolder

CoTaskMemFree

advapi32

RegCloseKey

RegQueryValueExA

RegSetValueExA

RegOpenKeyExA

RegCreateKeyExA

RegEnumKeyExA

RegDeleteValueA

RegDeleteKeyA

kernel32

lstrlenW

HeapFree

HeapAlloc

GetVersion

GetWindowsDirectoryA

lstrcatA

lstrlenA

lstrcpynA

OpenFile

SetUnhandledExceptionFilter

UnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

GetSystemTimeAsFileTime

GetCurrentProcessId

QueryPerformanceCounter

InterlockedIncrement

ResetEvent

WaitForSingleObject

InterlockedDecrement

TlsGetValue

GetCurrentThreadId

lstrcpyA

GetLastError

GetModuleFileNameA

LoadLibraryA

GetLocaleInfoA

HeapReAlloc

WideCharToMultiByte

GetProcessHeap

InitializeCriticalSection

DeleteCriticalSection

EnterCriticalSection

LeaveCriticalSection

FreeLibrary

MultiByteToWideChar

GetTickCount

SetEvent

TlsAlloc

CloseHandle

TlsFree

TlsSetValue

CreateEventA

user32

PtInRect

GetKeyState

TranslateMessage

LoadStringA

IsWindow

EndDialog

DialogBoxParamA

DrawIcon

DrawEdge

LoadIconA

RegisterClassA

LoadCursorA

EnableWindow

GetSystemMetrics

DestroyWindow

SendMessageTimeoutA

EnumThreadWindows

PostThreadMessageA

SetWindowLongA

GetWindowLongA

CreateDialogParamA

KillTimer

DispatchMessageA

IsDialogMessageA

GetMessageA

SetTimer

UnregisterClassA

wsprintfA

ReleaseDC

GetDC

CharNextA

SetParent

DefWindowProcA

EndPaint

GetClientRect

BeginPaint

SetFocus

SendMessageA

SetWindowPos

CreateWindowExA

IsWindowVisible

GetWindowRect

ClientToScreen

GetParent

SetWindowRgn

OffsetRect

EqualRect

IntersectRect

ShowWindow

GetActiveWindow

gdi32

SetWindowOrgEx

SetViewportExtEx

CreateRectRgnIndirect

GetDeviceCaps

SetWindowExtEx

SetMapMode

CreateDCA

GetViewportExtEx

GetWindowExtEx

LPtoDP

DeleteDC

SetViewportOrgEx

Exports

DLLGetDocumentation

DllCanUnloadNow

DllGetClassObject

DllRegisterServer

DllUnregisterServer

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$SYSDIR/msvcp71.dll

.dll windows:4 windows x86 arch:x86

5e2398adb60a70c7ab04e7cba75a7983

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

msvcp71.pdb

Imports

msvcr71

setvbuf

fflush

ungetc

fgetc

fwrite

fputc

_Getdays

_Getmonths

fgetpos

fseek

fsetpos

fclose

__iob_func

fopen

atan2

cos

exp

ldexp

log

pow

sin

sqrt

tan

fgetwc

fputwc

ungetwc

strtol

_errno

_Strftime

strcspn

strtoul

_strtoi64

_strtoui64

sprintf

abort

realloc

setlocale

_CxxThrowException

??0exception@@QAE@XZ

malloc

?what@exception@@UBEPBDXZ

??0exception@@QAE@ABQBD@Z

?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z

__uncaught_exception

towlower

towupper

strcmp

__pctype_func

___lc_codepage_func

___lc_handle_func

_unlock

_lock

___setlc_active_func

___unguarded_readlc_active_add_func

_except_handler3

_local_unwind2

__crtCompareStringA

___lc_collate_cp_func

__crtLCMapStringA

isupper

islower

__crtGetStringTypeW

__crtLCMapStringW

_callnewh

__crtCompareStringW

strtod

??1type_info@@UAE@XZ

?terminate@@YAXXZ

__security_error_handler

__dllonexit

_onexit

_initterm

_adjust_fdiv

__CppXcptFilter

??0bad_cast@@QAE@PBD@Z

??1bad_cast@@UAE@XZ

??0bad_cast@@QAE@ABV0@@Z

??0exception@@QAE@ABV0@@Z

__CxxFrameHandler

___mb_cur_max_func

??_V@YAXPAX@Z

??3@YAXPAX@Z

_Gettnames

localeconv

free

memset

memchr

strlen

memcmp

wcslen

memmove

??1exception@@UAE@XZ

memcpy

kernel32

GetSystemTimeAsFileTime

GetCurrentProcessId

GetCurrentThreadId

GetTickCount

QueryPerformanceCounter

ExitProcess

LeaveCriticalSection

EnterCriticalSection

DeleteCriticalSection

InitializeCriticalSection

GetLocaleInfoA

WideCharToMultiByte

InterlockedIncrement

InterlockedDecrement

MultiByteToWideChar

DisableThreadLibraryCalls

Exports

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAC@Z

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAE@Z

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAC@Z

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAD@Z

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAE@Z

??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z

??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAG@Z

??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@PAG@Z

??$?5GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z

??$?5MDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@M@0@@Z

??$?5MGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@M@0@@Z

??$?5M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@M@0@@Z

??$?5NDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@N@0@@Z

??$?5NGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@N@0@@Z

??$?5N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@N@0@@Z

??$?5ODU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@O@0@@Z

??$?5OGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@O@0@@Z

??$?5O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@O@0@@Z

??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AA_W@Z

??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@PA_W@Z

??$?5_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z

??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z

??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@G@Z

??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z

??$?6GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z

??$?6MDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@M@0@@Z

??$?6MGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@M@0@@Z

??$?6M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@M@0@@Z

??$?6NDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@N@0@@Z

??$?6NGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@N@0@@Z

??$?6N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@N@0@@Z

??$?6ODU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@O@0@@Z

??$?6OGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@O@0@@Z

??$?6O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@O@0@@Z

??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@C@Z

??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z

??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@E@Z

??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBC@Z

??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z

??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBE@Z

??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@PB_W@Z

??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@_W@Z

??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z

??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z

??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z

??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z

??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z

??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z

??$?8M@std@@YA_NABMABV?$complex@M@0@@Z

??$?8M@std@@YA_NABV?$complex@M@0@0@Z

??$?8M@std@@YA_NABV?$complex@M@0@ABM@Z

??$?8N@std@@YA_NABNABV?$complex@N@0@@Z

??$?8N@std@@YA_NABV?$complex@N@0@0@Z

??$?8N@std@@YA_NABV?$complex@N@0@ABN@Z

??$?8O@std@@YA_NABOABV?$complex@O@0@@Z

??$?8O@std@@YA_NABV?$complex@O@0@0@Z

??$?8O@std@@YA_NABV?$complex@O@0@ABO@Z

??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z

??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z

??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z

??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z

??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z

??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z

??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z

??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z

??$?9M@std@@YA_NABMABV?$complex@M@0@@Z

??$?9M@std@@YA_NABV?$complex@M@0@0@Z

??$?9M@std@@YA_NABV?$complex@M@0@ABM@Z

??$?9N@std@@YA_NABNABV?$complex@N@0@@Z

??$?9N@std@@YA_NABV?$complex@N@0@0@Z

??$?9N@std@@YA_NABV?$complex@N@0@ABN@Z

??$?9O@std@@YA_NABOABV?$complex@O@0@@Z

??$?9O@std@@YA_NABV?$complex@O@0@0@Z

??$?9O@std@@YA_NABV?$complex@O@0@ABO@Z

??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z

??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z

??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z

??$?DM@std@@YA?AV?$complex@M@0@ABMABV10@@Z

??$?DM@std@@YA?AV?$complex@M@0@ABV10@0@Z

??$?DM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z

??$?DN@std@@YA?AV?$complex@N@0@ABNABV10@@Z

??$?DN@std@@YA?AV?$complex@N@0@ABV10@0@Z

??$?DN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z

??$?DO@std@@YA?AV?$complex@O@0@ABOABV10@@Z

??$?DO@std@@YA?AV?$complex@O@0@ABV10@0@Z

??$?DO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z

??$?GM@std@@YA?AV?$complex@M@0@ABMABV10@@Z

??$?GM@std@@YA?AV?$complex@M@0@ABV10@0@Z

??$?GM@std@@YA?AV?$complex@M@0@ABV10@@Z

??$?GM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z

??$?GN@std@@YA?AV?$complex@N@0@ABNABV10@@Z

??$?GN@std@@YA?AV?$complex@N@0@ABV10@0@Z

??$?GN@std@@YA?AV?$complex@N@0@ABV10@@Z

??$?GN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z

??$?GO@std@@YA?AV?$complex@O@0@ABOABV10@@Z

??$?GO@std@@YA?AV?$complex@O@0@ABV10@0@Z

??$?GO@std@@YA?AV?$complex@O@0@ABV10@@Z

??$?GO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@DABV10@@Z

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z

??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z

??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@G@Z

??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z

??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@GABV10@@Z

??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z

??$?HM@std@@YA?AV?$complex@M@0@ABMABV10@@Z

??$?HM@std@@YA?AV?$complex@M@0@ABV10@0@Z

??$?HM@std@@YA?AV?$complex@M@0@ABV10@@Z

??$?HM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z

??$?HN@std@@YA?AV?$complex@N@0@ABNABV10@@Z

??$?HN@std@@YA?AV?$complex@N@0@ABV10@0@Z

??$?HN@std@@YA?AV?$complex@N@0@ABV10@@Z

??$?HN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z

??$?HO@std@@YA?AV?$complex@O@0@ABOABV10@@Z

??$?HO@std@@YA?AV?$complex@O@0@ABV10@0@Z

??$?HO@std@@YA?AV?$complex@O@0@ABV10@@Z

??$?HO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z

??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z

??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z

??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z

??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z

??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_WABV10@@Z

??$?KM@std@@YA?AV?$complex@M@0@ABMABV10@@Z

??$?KM@std@@YA?AV?$complex@M@0@ABV10@0@Z

??$?KM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z

??$?KN@std@@YA?AV?$complex@N@0@ABNABV10@@Z

??$?KN@std@@YA?AV?$complex@N@0@ABV10@0@Z

??$?KN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z

??$?KO@std@@YA?AV?$complex@O@0@ABOABV10@@Z

??$?KO@std@@YA?AV?$complex@O@0@ABV10@0@Z

??$?KO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z

??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z

??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z

??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z

??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z

??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z

??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z

??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z

??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z

??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z

??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z

??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z

??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z

??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z

??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z

??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z

??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z

??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z

??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z

??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z

??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z

??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z

??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z

??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z

??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z

??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z

??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z

??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z

??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z

??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z

??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z

??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z

??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z

??$_Fabs@M@std@@YAMABV?$complex@M@0@PAH@Z

??$_Fabs@N@std@@YANABV?$complex@N@0@PAH@Z

??$_Fabs@O@std@@YAOABV?$complex@O@0@PAH@Z

??$abs@M@std@@YAMABV?$complex@M@0@@Z

??$abs@N@std@@YANABV?$complex@N@0@@Z

??$abs@O@std@@YAOABV?$complex@O@0@@Z

??$arg@M@std@@YAMABV?$complex@M@0@@Z

??$arg@N@std@@YANABV?$complex@N@0@@Z

??$arg@O@std@@YAOABV?$complex@O@0@@Z

??$conj@M@std@@YA?AV?$complex@M@0@ABV10@@Z

??$conj@N@std@@YA?AV?$complex@N@0@ABV10@@Z

??$conj@O@std@@YA?AV?$complex@O@0@ABV10@@Z

??$cos@M@std@@YA?AV?$complex@M@0@ABV10@@Z

??$cos@N@std@@YA?AV?$complex@N@0@ABV10@@Z

??$cos@O@std@@YA?AV?$complex@O@0@ABV10@@Z

??$cosh@M@std@@YA?AV?$complex@M@0@ABV10@@Z

??$cosh@N@std@@YA?AV?$complex@N@0@ABV10@@Z

??$cosh@O@std@@YA?AV?$complex@O@0@ABV10@@Z

??$exp@M@std@@YA?AV?$complex@M@0@ABV10@@Z

??$exp@N@std@@YA?AV?$complex@N@0@ABV10@@Z

??$exp@O@std@@YA?AV?$complex@O@0@ABV10@@Z

??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z

??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z

??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z

??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@G@Z

??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z

??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_W@Z

??$imag@M@std@@YAMABV?$complex@M@0@@Z

??$imag@N@std@@YANABV?$complex@N@0@@Z

??$imag@O@std@@YAOABV?$complex@O@0@@Z

??$log10@M@std@@YA?AV?$complex@M@0@ABV10@@Z

??$log10@N@std@@YA?AV?$complex@N@0@ABV10@@Z

??$log10@O@std@@YA?AV?$complex@O@0@ABV10@@Z

??$log@M@std@@YA?AV?$complex@M@0@ABV10@@Z

??$log@N@std@@YA?AV?$complex@N@0@ABV10@@Z

??$log@O@std@@YA?AV?$complex@O@0@ABV10@@Z

??$norm@M@std@@YAMABV?$complex@M@0@@Z

??$norm@N@std@@YANABV?$complex@N@0@@Z

??$norm@O@std@@YAOABV?$complex@O@0@@Z

??$polar@M@std@@YA?AV?$complex@M@0@ABM0@Z

??$polar@M@std@@YA?AV?$complex@M@0@ABM@Z

??$polar@N@std@@YA?AV?$complex@N@0@ABN0@Z

??$polar@N@std@@YA?AV?$complex@N@0@ABN@Z

??$polar@O@std@@YA?AV?$complex@O@0@ABO0@Z

??$polar@O@std@@YA?AV?$complex@O@0@ABO@Z

??$pow@M@std@@YA?AV?$complex@M@0@ABMABV10@@Z

??$pow@M@std@@YA?AV?$complex@M@0@ABV10@0@Z

??$pow@M@std@@YA?AV?$complex@M@0@ABV10@ABM@Z

??$pow@M@std@@YA?AV?$complex@M@0@ABV10@H@Z

??$pow@N@std@@YA?AV?$complex@N@0@ABNABV10@@Z

??$pow@N@std@@YA?AV?$complex@N@0@ABV10@0@Z

??$pow@N@std@@YA?AV?$complex@N@0@ABV10@ABN@Z

??$pow@N@std@@YA?AV?$complex@N@0@ABV10@H@Z

??$pow@O@std@@YA?AV?$complex@O@0@ABOABV10@@Z

??$pow@O@std@@YA?AV?$complex@O@0@ABV10@0@Z

??$pow@O@std@@YA?AV?$complex@O@0@ABV10@ABO@Z

??$pow@O@std@@YA?AV?$complex@O@0@ABV10@H@Z

??$real@M@std@@YAMABV?$complex@M@0@@Z

??$real@N@std@@YANABV?$complex@N@0@@Z

??$real@O@std@@YAOABV?$complex@O@0@@Z

??$sin@M@std@@YA?AV?$complex@M@0@ABV10@@Z

??$sin@N@std@@YA?AV?$complex@N@0@ABV10@@Z

??$sin@O@std@@YA?AV?$complex@O@0@ABV10@@Z

??$sinh@M@std@@YA?AV?$complex@M@0@ABV10@@Z

??$sinh@N@std@@YA?AV?$complex@N@0@ABV10@@Z

??$sinh@O@std@@YA?AV?$complex@O@0@ABV10@@Z

??$sqrt@M@std@@YA?AV?$complex@M@0@ABV10@@Z

??$sqrt@N@std@@YA?AV?$complex@N@0@ABV10@@Z

??$sqrt@O@std@@YA?AV?$complex@O@0@ABV10@@Z

??$tan@M@std@@YA?AV?$complex@M@0@ABV10@@Z

??$tan@N@std@@YA?AV?$complex@N@0@ABV10@@Z

??$tan@O@std@@YA?AV?$complex@O@0@ABV10@@Z

??$tanh@M@std@@YA?AV?$complex@M@0@ABV10@@Z

??$tanh@N@std@@YA?AV?$complex@N@0@ABV10@@Z

??$tanh@O@std@@YA?AV?$complex@O@0@ABV10@@Z

??0?$_Complex_base@MU_C_float_complex@@@std@@QAE@ABM0@Z

??0?$_Complex_base@NU_C_double_complex@@@std@@QAE@ABN0@Z

??0?$_Complex_base@OU_C_ldouble_complex@@@std@@QAE@ABO0@Z

??0?$_Mpunct@D@std@@QAE@ABV_Locinfo@1@I_N@Z

??0?$_Mpunct@D@std@@QAE@I_N@Z

??0?$_Mpunct@G@std@@QAE@ABV_Locinfo@1@I_N@Z

??0?$_Mpunct@G@std@@QAE@I_N@Z

??0?$_Mpunct@_W@std@@QAE@ABV_Locinfo@1@I_N@Z

??0?$_Mpunct@_W@std@@QAE@I_N@Z

??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z

??0?$_String_val@DV?$allocator@D@std@@@std@@QAE@ABV01@@Z

??0?$_String_val@GV?$allocator@G@std@@@std@@IAE@V?$allocator@G@1@@Z

??0?$_String_val@GV?$allocator@G@std@@@std@@QAE@ABV01@@Z

??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z

??0?$_String_val@_WV?$allocator@_W@std@@@std@@QAE@ABV01@@Z

??0?$allocator@X@std@@QAE@ABV01@@Z

??0?$allocator@X@std@@QAE@XZ

??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z

??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z

??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z

??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z

??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z

??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z

??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z

??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z

??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ

??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z

??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z

??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@XZ

??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z

??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z

??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ

??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z

??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z

??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ

??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z

??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z

??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@XZ

??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z

??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z

??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ

??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z

??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z

??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z

??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z

??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z

??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z

??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z

??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z

??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z

??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z

??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z

??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ

??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z

??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z

??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@XZ

??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z

??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z

??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z

??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z

??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z

??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z

??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z

??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z

??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z

??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z

??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z

??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ

??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z

??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@IDABV?$allocator@D@1@@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@Vconst_iterator@01@0@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@II@Z

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@IIABV?$allocator@G@1@@Z

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IGABV?$allocator@G@1@@Z

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG0@Z

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGIABV?$allocator@G@1@@Z

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@Vconst_iterator@01@0@Z

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@II@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@IIABV?$allocator@_W@1@@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$allocator@_W@1@@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_WABV?$allocator@_W@1@@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W0@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WABV?$allocator@_W@1@@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WIABV?$allocator@_W@1@@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@Vconst_iterator@01@0@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z

??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z

??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z

??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z

??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z

??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z

??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z

??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z

??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z

??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z

??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z

??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z

??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z

??0?$codecvt@DDH@std@@QAE@I@Z

??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z

??0?$codecvt@GDH@std@@QAE@I@Z

??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z

??0?$codecvt@_WDH@std@@QAE@I@Z

??0?$collate@D@std@@QAE@ABV_Locinfo@1@I@Z

??0?$collate@D@std@@QAE@I@Z

??0?$collate@G@std@@QAE@ABV_Locinfo@1@I@Z

??0?$collate@G@std@@QAE@I@Z

??0?$collate@_W@std@@QAE@ABV_Locinfo@1@I@Z

??0?$collate@_W@std@@QAE@I@Z

??0?$complex@M@std@@QAE@ABM0@Z

??0?$complex@M@std@@QAE@ABU_C_float_complex@@@Z

??0?$complex@M@std@@QAE@ABV?$complex@N@1@@Z

??0?$complex@M@std@@QAE@ABV?$complex@O@1@@Z

??0?$complex@N@std@@QAE@ABN0@Z

??0?$complex@N@std@@QAE@ABU_C_double_complex@@@Z

??0?$complex@N@std@@QAE@ABV?$complex@M@1@@Z

??0?$complex@N@std@@QAE@ABV?$complex@O@1@@Z

??0?$complex@O@std@@QAE@ABO0@Z

??0?$complex@O@std@@QAE@ABU_C_ldouble_complex@@@Z

??0?$complex@O@std@@QAE@ABV?$complex@M@1@@Z

??0?$complex@O@std@@QAE@ABV?$complex@N@1@@Z

??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z

??0?$ctype@D@std@@QAE@PBF_NI@Z

??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z

??0?$ctype@G@std@@QAE@I@Z

??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z

??0?$ctype@_W@std@@QAE@I@Z

??0?$messages@D@std@@QAE@ABV_Locinfo@1@I@Z

??0?$messages@D@std@@QAE@I@Z

??0?$messages@G@std@@QAE@ABV_Locinfo@1@I@Z

??0?$messages@G@std@@QAE@I@Z

??0?$messages@_W@std@@QAE@ABV_Locinfo@1@I@Z

??0?$messages@_W@std@@QAE@I@Z

??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

??0?$moneypunct@D$00@std@@QAE@ABV_Locinfo@1@I@Z

??0?$moneypunct@D$00@std@@QAE@I@Z

??0?$moneypunct@D$0A@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$moneypunct@D$0A@@std@@QAE@I@Z

??0?$moneypunct@G$00@std@@QAE@ABV_Locinfo@1@I@Z

??0?$moneypunct@G$00@std@@QAE@I@Z

??0?$moneypunct@G$0A@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$moneypunct@G$0A@@std@@QAE@I@Z

??0?$moneypunct@_W$00@std@@QAE@ABV_Locinfo@1@I@Z

??0?$moneypunct@_W$00@std@@QAE@I@Z

??0?$moneypunct@_W$0A@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$moneypunct@_W$0A@@std@@QAE@I@Z

??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

??0?$numpunct@D@std@@QAE@ABV_Locinfo@1@I@Z

??0?$numpunct@D@std@@QAE@I@Z

??0?$numpunct@G@std@@QAE@ABV_Locinfo@1@I@Z

??0?$numpunct@G@std@@QAE@I@Z

??0?$numpunct@_W@std@@QAE@ABV_Locinfo@1@I@Z

??0?$numpunct@_W@std@@QAE@I@Z

??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

??0Init@ios_base@std@@QAE@XZ

??0_Locimp@locale@std@@AAE@ABV012@@Z

??0_Locinfo@std@@QAE@HPBD@Z

??0_Locinfo@std@@QAE@PBD@Z

??0_Lockit@std@@QAE@H@Z

??0_Lockit@std@@QAE@XZ

??0_Mutex@std@@QAE@XZ

??0_Timevec@std@@QAE@ABV01@@Z

??0_Timevec@std@@QAE@PAX@Z

??0_UShinit@std@@QAE@XZ

??0_Winit@std@@QAE@XZ

??0codecvt_base@std@@QAE@I@Z

??0ctype_base@std@@QAE@I@Z

??0facet@locale@std@@IAE@I@Z

??0id@locale@std@@QAE@I@Z

??0ios_base@std@@IAE@XZ

??0ios_base@std@@QAE@ABV01@@Z

??0locale@std@@AAE@PAV_Locimp@01@@Z

??0locale@std@@QAE@ABV01@0H@Z

??0locale@std@@QAE@ABV01@@Z

??0locale@std@@QAE@ABV01@PBDH@Z

??0locale@std@@QAE@PBDH@Z

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$SYSDIR/msvcr71.dll

.dll windows:4 windows x86 arch:x86

7acc8c379c768a1ecd81ec502ff5f33e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

msvcr71.pdb

Imports

kernel32

GetModuleFileNameA

GetModuleFileNameW

ExitProcess

GetProcAddress

GetModuleHandleA

TerminateProcess

GetCurrentProcess

WriteFile

GetStdHandle

GetCurrentThreadId

GetCommandLineA

GetVersionExA

DeleteCriticalSection

LeaveCriticalSection

EnterCriticalSection

ExitThread

CloseHandle

GetLastError

ResumeThread

CreateThread

TlsAlloc

SetLastError

GetCurrentThread

TlsFree

TlsSetValue

TlsGetValue

FindNextFileA

FindFirstFileA

FindClose

FindNextFileW

FindFirstFileW

HeapAlloc

HeapFree

GetEnvironmentVariableA

HeapDestroy

HeapCreate

VirtualFree

VirtualAlloc

HeapReAlloc

IsBadWritePtr

SetHandleCount

GetFileType

GetStartupInfoA

GetACP

GetOEMCP

GetCPInfo

LoadLibraryA

MultiByteToWideChar

GetCommandLineW

FreeEnvironmentStringsA

GetEnvironmentStrings

FreeEnvironmentStringsW

WideCharToMultiByte

GetEnvironmentStringsW

InitializeCriticalSection

RtlUnwind

UnhandledExceptionFilter

LCMapStringA

LCMapStringW

GetStringTypeA

GetStringTypeW

SetConsoleCtrlHandler

InterlockedExchange

VirtualQuery

QueryPerformanceCounter

GetTickCount

GetCurrentProcessId

GetSystemTimeAsFileTime

SetEnvironmentVariableA

SetEnvironmentVariableW

GetUserDefaultLCID

GetLocaleInfoA

EnumSystemLocalesA

IsValidLocale

IsValidCodePage

GetLocaleInfoW

GetTimeFormatA

GetDateFormatA

GetTimeZoneInformation

HeapSize

VirtualProtect

GetSystemInfo

FlushFileBuffers

SetFilePointer

SetStdHandle

CompareStringA

CompareStringW

Sleep

Beep

FileTimeToSystemTime

FileTimeToLocalFileTime

GetDiskFreeSpaceA

GetLogicalDrives

SetErrorMode

GetFileAttributesA

GetCurrentDirectoryA

SetCurrentDirectoryA

SetFileAttributesA

GetFullPathNameA

GetDriveTypeA

CreateDirectoryA

RemoveDirectoryA

DeleteFileA

GetFileAttributesW

GetCurrentDirectoryW

SetCurrentDirectoryW

SetFileAttributesW

GetFullPathNameW

CreateDirectoryW

DeleteFileW

MoveFileW

RemoveDirectoryW

GetDriveTypeW

MoveFileA

RaiseException

IsBadReadPtr

SetUnhandledExceptionFilter

IsBadCodePtr

GetExitCodeProcess

WaitForSingleObject

FreeLibrary

CreateProcessA

CreateProcessW

HeapValidate

HeapCompact

HeapWalk

ReadConsoleA

SetConsoleMode

GetConsoleMode

IsDBCSLeadByteEx

GetConsoleCP

ReadConsoleW

SetEndOfFile

WriteConsoleA

GetConsoleOutputCP

WriteConsoleW

DuplicateHandle

GetFileInformationByHandle

PeekNamedPipe

ReadConsoleInputA

PeekConsoleInputA

GetNumberOfConsoleInputEvents

ReadConsoleInputW

LockFile

UnlockFile

CreateFileA

CreatePipe

ReadFile

CreateFileW

SetFileTime

LocalFileTimeToFileTime

SystemTimeToFileTime

GetLocalTime

SetLocalTime

Exports

$I10_OUTPUT

??0__non_rtti_object@@QAE@ABV0@@Z

??0__non_rtti_object@@QAE@PBD@Z

??0bad_cast@@AAE@PBQBD@Z

??0bad_cast@@QAE@ABQBD@Z

??0bad_cast@@QAE@ABV0@@Z

??0bad_cast@@QAE@PBD@Z

??0bad_typeid@@QAE@ABV0@@Z

??0bad_typeid@@QAE@PBD@Z

??0exception@@QAE@ABQBD@Z

??0exception@@QAE@ABV0@@Z

??0exception@@QAE@XZ

??1__non_rtti_object@@UAE@XZ

??1bad_cast@@UAE@XZ

??1bad_typeid@@UAE@XZ

??1exception@@UAE@XZ

??1type_info@@UAE@XZ

??2@YAPAXI@Z

??3@YAXPAX@Z

??4__non_rtti_object@@QAEAAV0@ABV0@@Z

??4bad_cast@@QAEAAV0@ABV0@@Z

??4bad_typeid@@QAEAAV0@ABV0@@Z

??4exception@@QAEAAV0@ABV0@@Z

??8type_info@@QBEHABV0@@Z

??9type_info@@QBEHABV0@@Z

??_7__non_rtti_object@@6B@

??_7bad_cast@@6B@

??_7bad_typeid@@6B@

??_7exception@@6B@

??_Fbad_cast@@QAEXXZ

??_Fbad_typeid@@QAEXXZ

??_U@YAPAXI@Z

??_V@YAXPAX@Z

?_query_new_handler@@YAP6AHI@ZXZ

?_query_new_mode@@YAHXZ

?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z

?_set_new_mode@@YAHH@Z

?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z

?before@type_info@@QBEHABV1@@Z

?name@type_info@@QBEPBDXZ

?raw_name@type_info@@QBEPBDXZ

?set_new_handler@@YAP6AXXZP6AXXZ@Z

?set_terminate@@YAP6AXXZP6AXXZ@Z

?set_unexpected@@YAP6AXXZP6AXXZ@Z

?swprintf@@YAHPAGIPBGZZ

?swprintf@@YAHPA_WIPB_WZZ

?terminate@@YAXXZ

?unexpected@@YAXXZ

?vswprintf@@YAHPAGIPBGPAD@Z

?vswprintf@@YAHPA_WIPB_WPAD@Z

?what@exception@@UBEPBDXZ

_CIacos

_CIasin

_CIatan

_CIatan2

_CIcos

_CIcosh

_CIexp

_CIfmod

_CIlog

_CIlog10

_CIpow

_CIsin

_CIsinh

_CIsqrt

_CItan

_CItanh

_CRT_RTC_INIT

_CxxThrowException

_EH_prolog

_Getdays

_Getmonths

_Gettnames

_HUGE

_Strftime

_XcptFilter

__CppXcptFilter

__CxxCallUnwindDtor

__CxxCallUnwindVecDtor

__CxxDetectRethrow

__CxxExceptionFilter

__CxxFrameHandler

__CxxLongjmpUnwind

__CxxQueryExceptionSize

__CxxRegisterExceptionObject

__CxxUnregisterExceptionObject

__DestructExceptionObject

__RTCastToVoid

__RTDynamicCast

__RTtypeid

__STRINGTOLD

___lc_codepage_func

___lc_collate_cp_func

___lc_handle_func

___mb_cur_max_func

___setlc_active_func

___unguarded_readlc_active_add_func

__argc

__argv

__badioinfo

__buffer_overrun

__crtCompareStringA

__crtCompareStringW

__crtGetLocaleInfoW

__crtGetStringTypeW

__crtLCMapStringA

__crtLCMapStringW

__dllonexit

__doserrno

__fpecode

__getmainargs

__initenv

__iob_func

__isascii

__iscsym

__iscsymf

__lc_clike

__lc_codepage

__lc_collate_cp

__lc_handle

__lconv_init

__mb_cur_max

__p___argc

__p___argv

__p___initenv

__p___mb_cur_max

__p___wargv

__p___winitenv

__p__acmdln

__p__amblksiz

__p__commode

__p__daylight

__p__dstbias

__p__environ

__p__fileinfo

__p__fmode

__p__iob

__p__mbcasemap

__p__mbctype

__p__osver

__p__pctype

__p__pgmptr

__p__pwctype

__p__timezone

__p__tzname

__p__wcmdln

__p__wenviron

__p__winmajor

__p__winminor

__p__winver

__p__wpgmptr

__pctype_func

__pioinfo

__pwctype_func

__pxcptinfoptrs

__security_error_handler

__set_app_type

__set_buffer_overrun_handler

__setlc_active

__setusermatherr

__threadhandle

__threadid

__toascii

__unDName

__unDNameEx

__uncaught_exception

__unguarded_readlc_active

__wargv

__wcserror

__wgetmainargs

__winitenv

_abnormal_termination

_access

_acmdln

_adj_fdiv_m16i

_adj_fdiv_m32

_adj_fdiv_m32i

_adj_fdiv_m64

_adj_fdiv_r

_adj_fdivr_m16i

_adj_fdivr_m32

_adj_fdivr_m32i

_adj_fdivr_m64

_adj_fpatan

_adj_fprem

_adj_fprem1

_adj_fptan

_adjust_fdiv

_aexit_rtn

_aligned_free

_aligned_malloc

_aligned_offset_malloc

_aligned_offset_realloc

_aligned_realloc

_amsg_exit

_assert

_atodbl

_atoi64

_atoldbl

_beep

_beginthread

_beginthreadex

_c_exit

_cabs

_callnewh

_cexit

_cgets

_cgetws

_chdir

_chdrive

_chgsign

_chkesp

_chmod

_chsize

_clearfp

_close

_commit

_commode

_control87

_controlfp

_copysign

_cprintf

_cputs

_cputws

_creat

_cscanf

_ctime64

_cwait

_cwprintf

_cwscanf

_daylight

_dstbias

_dup

_dup2

_ecvt

_endthread

_endthreadex

_environ

_eof

_errno

_except_handler2

_except_handler3

_execl

_execle

_execlp

_execlpe

_execv

_execve

_execvp

_execvpe

_exit

_expand

_fcloseall

_fcvt

_fdopen

_fgetchar

_fgetwchar

_filbuf

_fileinfo

_filelength

_filelengthi64

_fileno

_findclose

_findfirst

_findfirst64

_findfirsti64

_findnext

_findnext64

_findnexti64

_finite

_flsbuf

_flushall

_fmode

_fpclass

_fpieee_flt

_fpreset

_fputchar

_fputwchar

_fsopen

_fstat

_fstat64

_fstati64

_ftime

_ftime64

_ftol

_fullpath

_futime

_futime64

_gcvt

_get_heap_handle

_get_osfhandle

_get_sbh_threshold

_getch

_getche

_getcwd

_getdcwd

_getdiskfree

_getdllprocaddr

_getdrive

_getdrives

_getmaxstdio

_getmbcp

_getpid

_getsystime

_getw

_getwch

_getwche

_getws

_global_unwind2

_gmtime64

_heapadd

_heapchk

_heapmin

_heapset

_heapused

_heapwalk

_hypot

_i64toa

_i64tow

_initterm

_inp

_inpd

_inpw

_iob

_isatty

_isctype

_ismbbalnum

_ismbbalpha

_ismbbgraph

_ismbbkalnum

_ismbbkana

_ismbbkprint

_ismbbkpunct

_ismbblead

_ismbbprint

_ismbbpunct

_ismbbtrail

_ismbcalnum

_ismbcalpha

_ismbcdigit

_ismbcgraph

_ismbchira

_ismbckata

_ismbcl0

_ismbcl1

_ismbcl2

_ismbclegal

_ismbclower

_ismbcprint

_ismbcpunct

_ismbcspace

_ismbcsymbol

_ismbcupper

_ismbslead

_ismbstrail

_isnan

_itoa

_itow

_j0

_j1

_jn

_kbhit

_lfind

_loaddll

_local_unwind2

_localtime64

_lock

_locking

_logb

_longjmpex

_lrotl

_lrotr

_lsearch

_lseek

_lseeki64

_ltoa

_ltow

_makepath

_mbbtombc

_mbbtype

_mbcasemap

_mbccpy

_mbcjistojms

_mbcjmstojis

_mbclen

_mbctohira

_mbctokata

_mbctolower

_mbctombb

_mbctoupper

_mbctype

_mbsbtype

_mbscat

_mbschr

_mbscmp

_mbscoll

_mbscpy

_mbscspn

_mbsdec

_mbsdup

_mbsicmp

_mbsicoll

_mbsinc

_mbslen

_mbslwr

_mbsnbcat

_mbsnbcmp

_mbsnbcnt

_mbsnbcoll

_mbsnbcpy

_mbsnbicmp

_mbsnbicoll

_mbsnbset

_mbsncat

_mbsnccnt

_mbsncmp

_mbsncoll

_mbsncpy

_mbsnextc

_mbsnicmp

_mbsnicoll

_mbsninc

_mbsnset

_mbspbrk

_mbsrchr

_mbsrev

_mbsset

_mbsspn

_mbsspnp

_mbsstr

_mbstok

_mbstrlen

_mbsupr

_memccpy

_memicmp

_mkdir

_mktemp

_mktime64

_msize

_nextafter

_onexit

_open

_open_osfhandle

_osplatform

_osver

_outp

_outpd

_outpw

_pclose

_pctype

_pgmptr

_pipe

_popen

_purecall

_putch

_putenv

_putw

_putwch

_putws

_pwctype

_read

_resetstkoflw

_rmdir

_rmtmp

_rotl

_rotr

_safe_fdiv

_safe_fdivr

_safe_fprem

_safe_fprem1

_scalb

_scprintf

_scwprintf

_searchenv

_seh_longjmp_unwind

_set_SSE2_enable

_set_error_mode

_set_purecall_handler

_set_sbh_threshold

_set_security_error_handler

_seterrormode

_setjmp

_setjmp3

_setmaxstdio

_setmbcp

_setmode

_setsystime

_sleep

_snprintf

_snscanf

_snwprintf

_snwscanf

_sopen

_spawnl

_spawnle

_spawnlp

_spawnlpe

_spawnv

_spawnve

_spawnvp

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$TEMP/VASetupHelper.dll

.dll windows:4 windows x86 arch:x86

74d85950366534c61bcf9e072a064709

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

1b:f4:37:cb:40:e7:c3:e6:b6:63:b3:e3:ba:45:2f:de
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26/05/2009, 00:00

Not After

26/05/2011, 23:59

Subject

CN=ShenZhen Thunder Networking Technologies Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=ShenZhen Thunder Networking Technologies Ltd.,L=ShenZhen,ST=GuangDong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:ae:b6:82:86:63:fe:d9:75:55:f8:fe:24:f3:3b:1a
Certificate

Issuer

Not Before

01/04/2009, 00:00

Not After

31/03/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

90:d5:8a:18:9a:26:ae:11:24:77:e6:df:d2:42:94:4e:58:00:73:0d
Signer

Actual PE Digest

90:d5:8a:18:9a:26:ae:11:24:77:e6:df:d2:42:94:4e:58:00:73:0d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

e:\Code\ThunderVA\kankan_va\Publish\VASetupHelper.pdb

Imports

kernel32

InitializeCriticalSection

DeleteCriticalSection

GetWindowsDirectoryW

GetDiskFreeSpaceExW

GetDriveTypeW

GetLogicalDriveStringsW

lstrlenW

CloseHandle

Process32NextW

Process32FirstW

GetCurrentProcessId

CreateToolhelp32Snapshot

TerminateProcess

OpenProcess

lstrlenA

GetLastError

DeleteFileW

RemoveDirectoryW

InterlockedIncrement

LoadLibraryW

FreeLibrary

InterlockedDecrement

GetProcAddress

SetCurrentDirectoryW

WideCharToMultiByte

MultiByteToWideChar

GetVersionExW

GetThreadLocale

GetLocaleInfoA

GetACP

Sleep

ExitProcess

QueryPerformanceCounter

GetTickCount

GetCurrentThreadId

GetSystemTimeAsFileTime

GetVersionExA

InterlockedExchange

shell32

SHGetFolderPathW

ole32

CoTaskMemFree

msvcr71

_CxxThrowException

_except_handler3

wcslen

_wcsicmp

wcscpy

__CppXcptFilter

_adjust_fdiv

_initterm

_onexit

__dllonexit

?terminate@@YAXXZ

??1type_info@@UAE@XZ

__security_error_handler

wcsrchr

??3@YAXPAX@Z

__CxxFrameHandler

??0exception@@QAE@ABV0@@Z

malloc

swprintf

free

??0exception@@QAE@XZ

??1exception@@UAE@XZ

??2@YAPAXI@Z

memset

msvcp71

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z

??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z

??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z

shlwapi

PathAppendW

PathAddBackslashW

urlmon

URLDownloadToCacheFileW

atl71

ord30

Exports

DeleteVADir

DeleteVAFile

GetDefaultMoviePath

GetUserDataPath

InstallStat

IsVARunning

QuitProcess

UninstallStat

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

AdminShell.dll

.dll regsvr32 windows:4 windows x86 arch:x86

9f5ade8c56b27fa3971d1d736a7ffff9

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

1b:f4:37:cb:40:e7:c3:e6:b6:63:b3:e3:ba:45:2f:de
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26/05/2009, 00:00

Not After

26/05/2011, 23:59

Subject

CN=ShenZhen Thunder Networking Technologies Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=ShenZhen Thunder Networking Technologies Ltd.,L=ShenZhen,ST=GuangDong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:ae:b6:82:86:63:fe:d9:75:55:f8:fe:24:f3:3b:1a
Certificate

Issuer

Not Before

01/04/2009, 00:00

Not After

31/03/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

20:68:54:39:6f:2a:9b:14:98:dd:70:67:f2:8c:bd:9f:41:0f:25:10
Signer

Actual PE Digest

20:68:54:39:6f:2a:9b:14:98:dd:70:67:f2:8c:bd:9f:41:0f:25:10

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

e:\Code\ThunderVA\Symbols\Publish\AdminShell\AdminShell.pdb

Imports

kernel32

SetEvent

FreeLibrary

GetProcAddress

lstrlenW

SetCurrentDirectoryW

EnterCriticalSection

GetSystemTimeAsFileTime

GetCurrentThreadId

GetTickCount

QueryPerformanceCounter

ExitProcess

LeaveCriticalSection

CreateEventW

GetCurrentProcessId

GetModuleFileNameW

GetVersionExA

InitializeCriticalSection

WaitForMultipleObjects

LoadLibraryW

GetProcessId

CloseHandle

GetVersionExW

GetThreadLocale

GetLocaleInfoA

GetACP

InterlockedExchange

WaitForSingleObject

InterlockedDecrement

InterlockedIncrement

DeleteCriticalSection

user32

GetClassNameW

EnumWindows

wsprintfW

SendMessageW

GetWindowThreadProcessId

advapi32

RegCloseKey

RegOpenKeyExW

RegQueryValueExW

shell32

ShellExecuteExW

ord680

ole32

CoCreateInstance

oleaut32

SysAllocString

SysFreeString

SysAllocStringByteLen

SysStringByteLen

VariantInit

VariantClear

LoadRegTypeLi

LoadTypeLi

SysStringLen

BSTR_UserFree

BSTR_UserUnmarshal

BSTR_UserMarshal

BSTR_UserSize

atl71

ord23

ord61

ord32

ord30

ord64

ord31

ord22

ord18

ord58

ord15

msvcp71

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z

?_Nomemory@std@@YAXXZ

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z

??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z

msvcr71

_resetstkoflw

__CppXcptFilter

_adjust_fdiv

_initterm

?terminate@@YAXXZ

??1type_info@@UAE@XZ

__security_error_handler

_onexit

__dllonexit

_callnewh

memset

wcsrchr

??0exception@@QAE@ABV0@@Z

swprintf

wcscpy

malloc

realloc

??_V@YAXPAX@Z

??0exception@@QAE@XZ

??1exception@@UAE@XZ

free

_CxxThrowException

_wcsicmp

wcslen

_except_handler3

__CxxFrameHandler

??3@YAXPAX@Z

rpcrt4

NdrCStdStubBuffer2_Release

NdrDllRegisterProxy

NdrDllCanUnloadNow

NdrDllUnregisterProxy

NdrDllGetClassObject

NdrStubCall2

NdrStubForwardingFunction

IUnknown_Release_Proxy

IUnknown_AddRef_Proxy

IUnknown_QueryInterface_Proxy

NdrOleFree

NdrOleAllocate

Exports

DllCanUnloadNow

DllGetClassObject

DllRegisterServer

DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 46B

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

EventX.dll

.dll regsvr32 windows:4 windows x86 arch:x86

cb788b53e23df0827675a7f5030e1849

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

1b:f4:37:cb:40:e7:c3:e6:b6:63:b3:e3:ba:45:2f:de
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26/05/2009, 00:00

Not After

26/05/2011, 23:59

Subject

CN=ShenZhen Thunder Networking Technologies Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=ShenZhen Thunder Networking Technologies Ltd.,L=ShenZhen,ST=GuangDong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:ae:b6:82:86:63:fe:d9:75:55:f8:fe:24:f3:3b:1a
Certificate

Issuer

Not Before

01/04/2009, 00:00

Not After

31/03/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

a5:1e:98:c4:65:f2:6a:16:fb:0a:45:87:12:cd:77:26:a9:68:6f:dd
Signer

Actual PE Digest

a5:1e:98:c4:65:f2:6a:16:fb:0a:45:87:12:cd:77:26:a9:68:6f:dd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

e:\Code\ThunderVA\Symbols\Publish\EventX\EventX.pdb

Imports

kernel32

GetVersionExA

GetSystemTimeAsFileTime

GetCurrentProcessId

GetTickCount

QueryPerformanceCounter

ExitProcess

lstrlenW

GetModuleFileNameW

InterlockedDecrement

EnterCriticalSection

InterlockedIncrement

LeaveCriticalSection

DeleteCriticalSection

InitializeCriticalSection

InterlockedExchange

GetVersionExW

GetThreadLocale

GetLocaleInfoA

GetACP

GetCurrentThreadId

ole32

CoCreateInstance

oleaut32

BSTR_UserMarshal

BSTR_UserSize

SysFreeString

VariantInit

VarCmp

VariantClear

VariantCopy

LoadRegTypeLi

LoadTypeLi

SysStringLen

SysAllocString

VARIANT_UserUnmarshal

VARIANT_UserMarshal

VARIANT_UserFree

VARIANT_UserSize

BSTR_UserFree

BSTR_UserUnmarshal

rpcrt4

NdrCStdStubBuffer2_Release

NdrDllCanUnloadNow

NdrDllGetClassObject

NdrOleAllocate

NdrDllRegisterProxy

NdrDllUnregisterProxy

NdrStubForwardingFunction

NdrStubCall2

IUnknown_Release_Proxy

IUnknown_QueryInterface_Proxy

NdrOleFree

IUnknown_AddRef_Proxy

msvcr71

__CppXcptFilter

_adjust_fdiv

malloc

_initterm

_onexit

__dllonexit

?terminate@@YAXXZ

??1type_info@@UAE@XZ

__security_error_handler

free

wcscmp

??_U@YAPAXI@Z

??_V@YAXPAX@Z

??2@YAPAXI@Z

??0exception@@QAE@ABV0@@Z

_except_handler3

_CxxThrowException

??3@YAXPAX@Z

__CxxFrameHandler

??0exception@@QAE@XZ

??1exception@@UAE@XZ

memset

atl71

ord30

ord61

ord32

ord58

ord31

ord11

ord10

ord15

ord18

ord22

ord64

ord23

msvcp71

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z

??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

Exports

DllCanUnloadNow

DllGetClassObject

DllRegisterServer

DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 115B

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Skin.db

.js

TaskSechduler.dll

.dll regsvr32 windows:4 windows x86 arch:x86

9b8d1a675ff35d0c52faf505052d87fd

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

1b:f4:37:cb:40:e7:c3:e6:b6:63:b3:e3:ba:45:2f:de
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26/05/2009, 00:00

Not After

26/05/2011, 23:59

Subject

CN=ShenZhen Thunder Networking Technologies Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=ShenZhen Thunder Networking Technologies Ltd.,L=ShenZhen,ST=GuangDong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:ae:b6:82:86:63:fe:d9:75:55:f8:fe:24:f3:3b:1a
Certificate

Issuer

Not Before

01/04/2009, 00:00

Not After

31/03/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

24:8b:c2:ea:d7:4f:cf:09:89:0f:3f:25:ed:98:40:c9:2f:15:46:15
Signer

Actual PE Digest

24:8b:c2:ea:d7:4f:cf:09:89:0f:3f:25:ed:98:40:c9:2f:15:46:15

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

e:\Code\ThunderVA\Symbols\Publish\TaskSechduler\TaskSechduler.pdb

Imports

kernel32

CloseHandle

WaitForSingleObject

GetQueuedCompletionStatus

CreateThread

PostQueuedCompletionStatus

CreateIoCompletionPort

lstrlenW

GetVersionExA

GetSystemTimeAsFileTime

GetCurrentProcessId

GetCurrentThreadId

GetTickCount

QueryPerformanceCounter

ExitProcess

GetModuleFileNameW

EnterCriticalSection

LeaveCriticalSection

InterlockedDecrement

InterlockedIncrement

DeleteCriticalSection

InitializeCriticalSection

GetVersionExW

GetThreadLocale

GetLocaleInfoA

GetACP

InterlockedExchange

ole32

CoCreateInstance

oleaut32

SysFreeString

LoadTypeLi

SysStringLen

LoadRegTypeLi

rpcrt4

NdrDllGetClassObject

NdrOleAllocate

NdrOleFree

IUnknown_QueryInterface_Proxy

IUnknown_AddRef_Proxy

IUnknown_Release_Proxy

NdrStubForwardingFunction

NdrStubCall2

NdrDllCanUnloadNow

CStdStubBuffer_AddRef

CStdStubBuffer_Connect

CStdStubBuffer_Disconnect

CStdStubBuffer_Invoke

CStdStubBuffer_IsIIDSupported

CStdStubBuffer_CountRefs

CStdStubBuffer_DebugServerQueryInterface

CStdStubBuffer_DebugServerRelease

NdrCStdStubBuffer_Release

NdrDllRegisterProxy

CStdStubBuffer_QueryInterface

NdrDllUnregisterProxy

NdrCStdStubBuffer2_Release

msvcr71

__CppXcptFilter

_adjust_fdiv

_initterm

_onexit

__dllonexit

?terminate@@YAXXZ

??1type_info@@UAE@XZ

__security_error_handler

_resetstkoflw

??_U@YAPAXI@Z

malloc

realloc

??0exception@@QAE@XZ

??1exception@@UAE@XZ

memmove

??2@YAPAXI@Z

_except_handler3

??_V@YAXPAX@Z

??3@YAXPAX@Z

_CxxThrowException

??0exception@@QAE@ABV0@@Z

free

__CxxFrameHandler

memset

atl71

ord15

ord18

ord22

ord64

ord23

ord61

ord30

ord32

ord58

ord31

msvcp71

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Exports

DllCanUnloadNow

DllGetClassObject

DllRegisterServer

DllUnregisterServer

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

ThunderService/DownloadServerNeedFileList.dat

ThunderService/LiveUpdateLanguage/Language.ini

ThunderService/LiveUpdateLanguage/zh_CN/LiveUpdate.xml

ThunderService/LiveUpdateLanguage/zh_CN/UpdateCtrl.xml

ThunderService/ThunderFW.exe

.exe windows:5 windows x86 arch:x86

7717b5d034e4ed74403172187d115c63

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

1b:f4:37:cb:40:e7:c3:e6:b6:63:b3:e3:ba:45:2f:de
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26/05/2009, 00:00

Not After

26/05/2011, 23:59

Subject

CN=ShenZhen Thunder Networking Technologies Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=ShenZhen Thunder Networking Technologies Ltd.,L=ShenZhen,ST=GuangDong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:ae:b6:82:86:63:fe:d9:75:55:f8:fe:24:f3:3b:1a
Certificate

Issuer

Not Before

01/04/2009, 00:00

Not After

31/03/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

1e:15:fb:80:96:52:4c:76:ec:5c:15:5d:78:82:96:2d:99:cf:72:60
Signer

Actual PE Digest

1e:15:fb:80:96:52:4c:76:ec:5c:15:5d:78:82:96:2d:99:cf:72:60

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA

RaiseException

GetProcessHeap

lstrlenA

GetModuleHandleW

Sleep

GetProcAddress

ExitProcess

GetCommandLineA

GetStartupInfoA

TerminateProcess

GetCurrentProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

TlsGetValue

TlsAlloc

TlsSetValue

TlsFree

InterlockedIncrement

SetLastError

GetCurrentThreadId

GetLastError

InterlockedDecrement

WriteFile

GetStdHandle

GetModuleFileNameA

DeleteCriticalSection

LeaveCriticalSection

EnterCriticalSection

LoadLibraryA

InitializeCriticalSectionAndSpinCount

FreeEnvironmentStringsA

GetEnvironmentStrings

FreeEnvironmentStringsW

WideCharToMultiByte

GetEnvironmentStringsW

SetHandleCount

GetFileType

HeapCreate

VirtualFree

HeapFree

QueryPerformanceCounter

GetTickCount

GetCurrentProcessId

GetSystemTimeAsFileTime

GetCPInfo

GetACP

GetOEMCP

IsValidCodePage

HeapSize

RtlUnwind

GetLocaleInfoA

HeapAlloc

VirtualAlloc

HeapReAlloc

GetStringTypeA

MultiByteToWideChar

GetStringTypeW

LCMapStringA

LCMapStringW

GetModuleHandleA

ole32

CoUninitialize

CoInitialize

CLSIDFromProgID

CoCreateInstance

CoInitializeEx

oleaut32

VariantClear

SysAllocString

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

ThunderService/ThunderLiveUD.exe

.exe windows:4 windows x86 arch:x86

6d21328934c8bef8fb603479ab60530f

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

1b:f4:37:cb:40:e7:c3:e6:b6:63:b3:e3:ba:45:2f:de
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26/05/2009, 00:00

Not After

26/05/2011, 23:59

Subject

CN=ShenZhen Thunder Networking Technologies Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=ShenZhen Thunder Networking Technologies Ltd.,L=ShenZhen,ST=GuangDong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:ae:b6:82:86:63:fe:d9:75:55:f8:fe:24:f3:3b:1a
Certificate

Issuer

Not Before

01/04/2009, 00:00

Not After

31/03/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

50:ca:90:f3:c7:b4:46:ca:82:b1:0f:66:29:8c:3d:17:a1:96:ee:8b
Signer

Actual PE Digest

50:ca:90:f3:c7:b4:46:ca:82:b1:0f:66:29:8c:3d:17:a1:96:ee:8b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\xunlei_component_new\xunlei_client_sdk\ProductRelease\Program\LiveUpdate.pdb

Imports

comctl32

InitCommonControlsEx

ws2_32

ntohs

htons

socket

WSAGetLastError

send

connect

gethostbyname

WSAStartup

WSACancelAsyncRequest

closesocket

recv

WSAAsyncGetHostByName

WSACleanup

kernel32

VerifyVersionInfoW

VerSetConditionMask

RaiseException

GetTempPathW

GetLocalTime

CreateDirectoryW

UnmapViewOfFile

MapViewOfFile

CreateFileMappingW

GetFileSize

CreateFileW

LeaveCriticalSection

EnterCriticalSection

VirtualQuery

IsBadCodePtr

GetFileAttributesW

CreateEventW

SetEvent

ResumeThread

CreateThread

ResetEvent

GetModuleFileNameA

GetCurrentProcessId

WaitForMultipleObjects

OpenEventA

GetModuleHandleW

OpenFileMappingA

OpenMutexA

CreateFileMappingA

CreateMutexA

ReadFile

GetFileSizeEx

lstrcmpiW

FindClose

GetSystemTimeAsFileTime

GetTickCount

QueryPerformanceCounter

GetStartupInfoW

GetModuleHandleA

ExitProcess

HeapSize

HeapReAlloc

HeapDestroy

GetVersionExA

GetACP

GetLocaleInfoA

GetThreadLocale

GetVersionExW

MultiByteToWideChar

HeapFree

GetProcessHeap

lstrlenA

LockResource

LoadResource

FindResourceW

SetLastError

GlobalUnlock

GlobalLock

GlobalAlloc

GetLastError

WideCharToMultiByte

FlushInstructionCache

GetCurrentProcess

HeapAlloc

SizeofResource

FindResourceExW

InitializeCriticalSection

DeleteCriticalSection

FileTimeToSystemTime

FileTimeToLocalFileTime

GetPrivateProfileStringW

InterlockedIncrement

InterlockedDecrement

CloseHandle

lstrlenW

LoadLibraryW

GetProcAddress

GetModuleFileNameW

FreeLibrary

InterlockedExchange

OpenProcess

TerminateProcess

GetCurrentThreadId

TerminateThread

WaitForSingleObject

GetExitCodeProcess

CreateMutexW

OutputDebugStringW

FindFirstFileW

DeleteFileW

FindNextFileW

ReleaseMutex

user32

GetWindowRect

ShowWindow

DestroyWindow

SetWindowLongW

SetWindowContextHelpId

MapDialogRect

CreateWindowExW

EndDialog

GetWindowLongW

MapWindowPoints

SystemParametersInfoW

SetWindowTextW

GetActiveWindow

SetDlgItemTextW

LoadIconW

DrawTextW

InvalidateRect

SetTimer

KillTimer

BeginPaint

EndPaint

GetSysColor

IsWindow

DispatchMessageW

TranslateMessage

GetMessageW

PostMessageW

FindWindowW

IsWindowVisible

SetForegroundWindow

GetWindowTextW

GetWindowTextLengthW

GetSystemMenu

MoveWindow

MessageBoxW

EnableMenuItem

BringWindowToTop

PostQuitMessage

AttachThreadInput

GetForegroundWindow

GetWindowThreadProcessId

DefWindowProcW

CallWindowProcW

RegisterWindowMessageW

DrawEdge

GetDC

ReleaseDC

PtInRect

SetCursor

LoadCursorW

GetCursorPos

DrawStateW

CopyRect

LoadBitmapW

DialogBoxParamW

GetDesktopWindow

EnumChildWindows

OffsetRect

GetClientRect

ScreenToClient

SendDlgItemMessageW

GetWindow

GetParent

GetDlgItem

SendMessageW

EnableWindow

SetWindowPos

CharLowerBuffW

gdi32

GetStockObject

SetTextColor

SelectObject

DeleteDC

ExtTextOutW

SetBkColor

DeleteObject

MoveToEx

LineTo

CreateSolidBrush

CreateCompatibleDC

BitBlt

CreateCompatibleBitmap

CreateFontIndirectW

GetObjectW

CreatePen

SetBkMode

advapi32

RegQueryValueExW

RegOpenKeyExW

RegCloseKey

shell32

SHGetMalloc

SHGetSpecialFolderLocation

SHGetPathFromIDListW

SHGetSpecialFolderPathW

ShellExecuteExW

ShellExecuteW

ole32

CoInitialize

CoUninitialize

CoCreateInstance

CreateStreamOnHGlobal

CoTaskMemFree

oleaut32

SafeArrayCreateVector

SafeArrayRedim

SafeArrayDestroy

SafeArrayCopy

SafeArrayGetVartype

VariantCopy

SysFreeString

SysAllocStringLen

SysStringLen

SysAllocString

VarBstrCmp

VariantInit

VariantClear

SysAllocStringByteLen

SysStringByteLen

atl71

ord66

ord65

ord42

ord60

ord48

ord43

ord44

ord35

ord30

ord32

ord45

ord23

ord61

ord37

ord64

shlwapi

PathFileExistsW

PathIsRootW

PathIsDirectoryW

PathIsUNCW

PathAppendW

StrCpyW

PathFindExtensionW

PathCombineW

msvcp71

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z

??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z

?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z

?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z

?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z

?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z

?unget@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z

??1ostrstream@std@@UAE@XZ

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z

??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z

?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z

??0ostrstream@std@@QAE@PADHH@Z

??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ

?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z

?rfind@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z

?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z

?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ

??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z

?at@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAGI@Z

?length@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ

?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z

??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z

??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z

??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z

?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIABV12@I@Z

?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z

??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z

?clear@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXXZ

??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z

??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEABGI@Z

?size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ

??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ

??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z

??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z

?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z

?_Nomemory@std@@YAXXZ

??1ios_base@std@@UAE@XZ

??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ

??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ

??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z

??1istrstream@std@@UAE@XZ

??_7ios_base@std@@6B@

??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

??1strstreambuf@std@@UAE@XZ

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

?_Init@strstreambuf@std@@IAEXHPAD0H@Z

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

?overflow@strstreambuf@std@@MAEHH@Z

?pbackfail@strstreambuf@std@@MAEHH@Z

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?underflow@strstreambuf@std@@MAEHXZ

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPADH@Z

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPBDH@Z

?seekoff@strstreambuf@std@@MAE?AV?$fpos@H@2@JHH@Z

?seekpos@strstreambuf@std@@MAE?AV?$fpos@H@2@V32@H@Z

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PADH@Z

?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

?_Unlock@_Mutex@std@@QAEXXZ

?_Lock@_Mutex@std@@QAEXXZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z

??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

?uncaught_exception@std@@YA_NXZ

?clear@ios_base@std@@QAEXH_N@Z

msvcr71

_stricmp

??0exception@@QAE@XZ

__CxxFrameHandler

??3@YAXPAX@Z

memset

free

_CxxThrowException

??0exception@@QAE@ABV0@@Z

memcpy

_controlfp

__set_app_type

__p__fmode

__p__commode

_adjust_fdiv

__setusermatherr

_initterm

__wgetmainargs

_amsg_exit

_wcmdln

exit

_cexit

_XcptFilter

memmove

strlen

wcslen

wcstoul

_vscwprintf

vswprintf

_except_handler3

wcscmp

_mktime64

_time64

_wtoi

wcschr

wcsspn

_exit

_c_exit

?terminate@@YAXXZ

_onexit

__dllonexit

??1type_info@@UAE@XZ

wcscspn

isdigit

iswdigit

_wtoi64

_waccess

_purecall

??_V@YAXPAX@Z

_wcslwr

__security_error_handler

_callnewh

realloc

fseek

ftell

fwrite

fopen

_wfopen

fread

fclose

wcsncmp

wcsncat

swprintf

wcsstr

iswspace

iswalpha

wcscpy

wcscat

wcsrchr

malloc

_mbscmp

strcpy

_beginthreadex

??1exception@@UAE@XZ

version

VerQueryValueW

GetFileVersionInfoW

GetFileVersionInfoSizeW

Exports

AdjustWindowText

XLI18N_ActiveLanguage

XLI18N_GetActiveLanguageName

XLI18N_GetSupportLocationList

XLI18N_Initialize

XLI18N_IsSupportLanguage

XLI18N_LoadText

XLI18N_LoadTextEx

XLI18N_RegisterLanguageChangeNotifyWnd

XLI18N_ReigisterLocationChangeEvent

XLI18N_RemoveLanguageChangeNotifyWnd

XLI18N_RemoveLocationChangeEvent

XLI18N_ScanLanguage

XLI18N_Uninitialize

Sections

.text
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

ThunderService/ThunderService.exe

.exe windows:4 windows x86 arch:x86

3ee8942114492dbefe20a1f307fd839e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

1b:f4:37:cb:40:e7:c3:e6:b6:63:b3:e3:ba:45:2f:de
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26/05/2009, 00:00

Not After

26/05/2011, 23:59

Subject

CN=ShenZhen Thunder Networking Technologies Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=ShenZhen Thunder Networking Technologies Ltd.,L=ShenZhen,ST=GuangDong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:ae:b6:82:86:63:fe:d9:75:55:f8:fe:24:f3:3b:1a
Certificate

Issuer

Not Before

01/04/2009, 00:00

Not After

31/03/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:b3:85:f5:52:cf:da:be:fa:62:b6:bf:75:10:82:7a:ba:c0:8a:7c
Signer

Actual PE Digest

0e:b3:85:f5:52:cf:da:be:fa:62:b6:bf:75:10:82:7a:ba:c0:8a:7c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar

WritePrivateProfileStringW

ReadFile

OpenFile

LoadLibraryExW

LeaveCriticalSection

EnterCriticalSection

LocalFree

OpenEventW

MapViewOfFile

CreateFileMappingW

GetExitCodeProcess

FindClose

FindNextFileW

FindFirstFileW

CreateProcessW

RaiseException

VirtualQuery

IsBadCodePtr

CreateDirectoryW

GetFileAttributesW

lstrcatW

GetTempPathW

SuspendThread

lstrlenA

ResetEvent

GetModuleHandleW

GetCurrentDirectoryW

SetCurrentDirectoryW

RemoveDirectoryW

SetFileAttributesW

DeleteFileW

SetLastError

FormatMessageW

GetProcessHeap

HeapFree

GetCurrentProcess

HeapAlloc

GetModuleFileNameA

GetSystemTimeAsFileTime

GetCurrentProcessId

QueryPerformanceCounter

DebugBreak

LoadLibraryA

GetSystemDirectoryW

GetPrivateProfileStringW

CopyFileW

InitializeCriticalSection

DeleteCriticalSection

WaitForSingleObject

CreateEventW

CreateThread

lstrcpyW

Sleep

GetCurrentThreadId

GetModuleFileNameW

GetCurrentThread

SetThreadPriority

GetCommandLineW

FreeLibrary

GetLastError

WideCharToMultiByte

lstrlenW

GetTickCount

CreateMutexW

GetThreadLocale

GetLocaleInfoA

ExitProcess

GetStartupInfoW

GetModuleHandleA

GetVersionExA

GetACP

InterlockedExchange

GetVersionExW

InterlockedDecrement

OpenMutexW

InterlockedIncrement

WaitForMultipleObjects

SetEvent

CloseHandle

UnmapViewOfFile

LoadLibraryW

ResumeThread

GetProcAddress

user32

MessageBoxW

LoadStringW

GetMessageW

TranslateMessage

UnregisterClassW

UnregisterClassA

CharUpperW

CharNextW

DispatchMessageW

PostThreadMessageW

advapi32

RegSetValueExW

RegisterServiceCtrlHandlerW

DeregisterEventSource

ReportEventW

RegisterEventSourceW

SetServiceStatus

RegCloseKey

RegOpenKeyExW

RegQueryValueExW

CloseServiceHandle

CreateServiceW

OpenSCManagerW

RegDeleteKeyW

ConvertStringSecurityDescriptorToSecurityDescriptorW

GetSecurityDescriptorSacl

SetSecurityInfo

StartServiceCtrlDispatcherW

RegCreateKeyExW

RegDeleteValueW

OpenServiceW

ControlService

DeleteService

shell32

SHGetSpecialFolderPathW

ShellExecuteExW

ole32

CoUninitialize

IIDFromString

StringFromIID

CoTaskMemFree

StringFromGUID2

CLSIDFromString

CoCreateInstance

CoInitialize

oleaut32

LoadRegTypeLi

SysFreeString

SysAllocString

SysStringLen

LoadTypeLi

atl71

ord31

ord58

ord32

ord66

ord65

ord61

ord23

ord64

ord22

ord18

ord17

ord20

shlwapi

PathFindFileNameW

PathRemoveFileSpecW

msvcp71

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z

?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z

?_Unlock@_Mutex@std@@QAEXXZ

?_Lock@_Mutex@std@@QAEXXZ

?_Id_cnt@id@locale@std@@0HA

?clear@ios_base@std@@QAEXH_N@Z

??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z

??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z

?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z

?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z

?_Nomemory@std@@YAXXZ

?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z

?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ

?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ