IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

GetPerAdapterInfo

GetAdaptersInfo

GetAdaptersAddresses

FormatMessageA

SleepEx

GetUserDefaultLangID

lstrcpyA

GetLongPathNameA

GetFileAttributesA

ExpandEnvironmentStringsA

GetLogicalDrives

GetVolumeNameForVolumeMountPointW

CreatePipe

MoveFileW

DefineDosDeviceW

DeleteVolumeMountPointW

SetVolumeMountPointW

SetHandleInformation

FileTimeToLocalFileTime

FileTimeToSystemTime

lstrcmpA

GetEnvironmentVariableW

FindFirstVolumeW

CreateToolhelp32Snapshot

Process32NextW

QueryDosDeviceW

Process32FirstW

InterlockedCompareExchange

FindNextVolumeW

FindVolumeClose

GetVolumeInformationW

GetSystemInfo

IsWow64Process

GetLongPathNameW

GetFileSizeEx

GetExitCodeProcess

GetComputerNameW

CreateDirectoryW

HeapAlloc

GetFileSize

HeapReAlloc

GetTimeFormatW

GetDateFormatW

WriteFile

LoadLibraryA

IsProcessorFeaturePresent

VirtualFree

VirtualAlloc

HeapDestroy

HeapSize

InterlockedExchange

RtlUnwind

GetSystemTimeAsFileTime

GetCurrentThreadId

UnhandledExceptionFilter

IsDebuggerPresent

VirtualProtect

VirtualQuery

GetStartupInfoW

ExitProcess

GetDriveTypeA

FindFirstFileA

ExitThread

LCMapStringA

LCMapStringW

GetCPInfo

GetStringTypeW

TlsGetValue

TlsAlloc

TlsSetValue

TlsFree

GetACP

GetOEMCP

IsValidCodePage

GetTimeZoneInformation

GetStdHandle

GetModuleFileNameA

GetModuleHandleA

HeapCreate

GetConsoleCP

GetConsoleMode

SetHandleCount

GetFileType

GetStartupInfoA

SetEnvironmentVariableA

SetEnvironmentVariableW

FreeEnvironmentStringsW

GetEnvironmentStringsW

GetCommandLineW

QueryPerformanceCounter

GetFullPathNameW

GetFileInformationByHandle

PeekNamedPipe

GetCurrentDirectoryA

InitializeCriticalSectionAndSpinCount

GetStringTypeA

FlushFileBuffers

GetFullPathNameA

CreateFileA

GetUserDefaultLCID

GetLocaleInfoA

EnumSystemLocalesA

IsValidLocale

GetLocaleInfoW

SetStdHandle

WriteConsoleA

GetConsoleOutputCP

WriteConsoleW

SetEndOfFile

CompareStringA

CompareStringW

FlushInstructionCache

GetCurrentProcess

EnterCriticalSection

LeaveCriticalSection

SetLastError

RaiseException

Sleep

WaitForMultipleObjects

SystemTimeToTzSpecificLocalTime

WideCharToMultiByte

GetVersion

GetProcessHeap

HeapFree

MoveFileExW

MulDiv

ReleaseMutex

SystemTimeToFileTime

LocalAlloc

LocalFree

GetSystemTime

DeviceIoControl

SetFilePointer

ReadFile

CreateEventW

GetFileTime

GetLastError

CreateThread

GetExitCodeThread

GetTickCount

OutputDebugStringA

OutputDebugStringW

FindClose

FindNextFileW

FindFirstFileW

lstrcatW

lstrcpyW

TerminateThread

lstrcmpW

CreateProcessW

TerminateProcess

SetLocaleInfoW

SetFileAttributesW

GetLogicalDriveStringsW

GetDriveTypeW

LoadLibraryExW

MultiByteToWideChar

InterlockedDecrement

InterlockedIncrement

SetUnhandledExceptionFilter

FreeLibrary

SetErrorMode

GetModuleFileNameW

OpenMutexW

WaitForSingleObject

LoadLibraryW

CreateFileW

GetCurrentProcessId

GlobalMemoryStatusEx

CopyFileW

DeleteCriticalSection

CreateMutexW

InitializeCriticalSection

GetLocalTime

CompareFileTime

DeleteFileW

ExpandEnvironmentStringsW

GetFileAttributesW

FindResourceW

SizeofResource

LoadResource

LockResource

GlobalAlloc

GlobalLock

GlobalUnlock

GlobalFree

VirtualFreeEx

OpenProcess

VirtualAllocEx

ReadProcessMemory

lstrcpynW

lstrlenA

lstrcpynA

lstrlenW

lstrcmpiW

GetModuleHandleW

GetProcAddress

CloseHandle

GetVersionExW

GetVolumePathNamesForVolumeNameW

CreateAcceleratorTableW

ShowWindow

InvalidateRect

IsWindowVisible

SetWindowLongW

CreateWindowExW

GetClassInfoExW

WaitForInputIdle

IsCharAlphaW

SendMessageTimeoutW

EnumDisplaySettingsW

IsCharAlphaNumericA

SetFocus

SetTimer

GetActiveWindow

EnableWindow

SetCursor

GetSystemMenu

GetWindowLongW

FlashWindowEx

wsprintfA

MoveWindow

LoadIconW

SetMenuItemInfoW

GetMenuItemInfoW

SetMenuDefaultItem

SetRect

PtInRect

IsDialogMessageW

SendMessageW

DispatchMessageW

TranslateMessage

PeekMessageW

SetForegroundWindow

RegisterWindowMessageW

MapWindowPoints

GetMonitorInfoW

MonitorFromWindow

GetWindowRect

GetWindow

GetParent

KillTimer

ReleaseCapture

BeginPaint

EndPaint

MessageBeep

GetDesktopWindow

CheckMenuItem

DestroyMenu

CreatePopupMenu

AppendMenuW

EnableMenuItem

CreateDialogParamW

TranslateAcceleratorW

DestroyWindow

SetWindowTextW

DialogBoxParamW

LoadStringW

LoadCursorW

PostQuitMessage

LoadStringA

DefWindowProcW

TrackPopupMenu

GetCursorPos

PostMessageW

IsWindowEnabled

GetWindowDC

ReleaseDC

GetMenuItemCount

IsZoomed

SetWindowRgn

OffsetRect

TrackPopupMenuEx

RemoveMenu

MonitorFromPoint

CallWindowProcW

GetWindowThreadProcessId

wsprintfW

MessageBoxW

RegisterClassW

GetClassInfoW

GetMessageW

InflateRect

FindWindowW

DrawTextW

LoadBitmapW

LoadAcceleratorsW

LoadMenuW

LoadImageW

wvsprintfW

CharNextW

FindWindowExW

EndDialog

BringWindowToTop

SetActiveWindow

GetWindowTextW

ScreenToClient

FillRect

RegisterClassExW

SetWindowPos

IsWindow

GetClientRect

UpdateWindow

UnregisterClassA

GetSystemMetrics

GetDC

SetCapture

IsCharAlphaNumericW

DrawIcon

GetDlgCtrlID

SetRectEmpty

IsRectEmpty

TrackMouseEvent

DrawFocusRect

GetClassLongW

DrawIconEx

SetLayeredWindowAttributes

SystemParametersInfoW

GetScrollInfo

SetScrollPos

ScrollWindowEx

SetScrollInfo

SetMenu

CopyRect

InvalidateRgn

ClientToScreen

GetCapture

GetClassNameW

RedrawWindow

IsChild

GetSysColor

DestroyAcceleratorTable

GetMenu

AdjustWindowRectEx

AdjustWindowRect

GetDlgItem

DestroyIcon

OpenClipboard

EmptyClipboard

CloseClipboard

SetClipboardData

GetFocus

GetWindowTextLengthW

BroadcastSystemMessageW

CreateFontW

OffsetViewportOrgEx

SetStretchBltMode

StartDocW

StartPage

SetMapMode

EndPage

EndDoc

SetViewportOrgEx

ExtCreatePen

GetObjectW

GetDeviceCaps

MoveToEx

LineTo

GetStockObject

Rectangle

CreateBrushIndirect

TextOutW

GetTextExtentPoint32W

SetTextColor

SetBkMode

ExcludeClipRect

SelectClipRgn

CreateRoundRectRgn

CreateRectRgn

CreateSolidBrush

CreatePen

SetBkColor

ExtTextOutW

RoundRect

StretchBlt

DeleteDC

GetObjectA

CreateCompatibleBitmap

CreateCompatibleDC

SelectObject

BitBlt

DeleteObject

CombineRgn

CreateBitmap

CreatePatternBrush

GetTextColor

GetDIBits

PrintDlgW

OpenServiceW

GetTokenInformation

IsTextUnicode

ConvertSidToStringSidW

ControlService

RegEnumKeyW

StartServiceW

QueryServiceStatusEx

ChangeServiceConfigW

OpenProcessToken

RegCreateKeyExW

RegCloseKey

RegSetValueExW

RegDeleteKeyW

RegDeleteValueW

RegOpenKeyExW

RegEnumKeyExW

RegQueryInfoKeyW

RegQueryValueExW

RegNotifyChangeKeyValue

CloseServiceHandle

QueryServiceConfigW

RegFlushKey

EnumServicesStatusW

OpenSCManagerW

GetUserNameW

RegEnumValueW

ShellExecuteW

Shell_NotifyIconW

ShellExecuteExW

SHGetFileInfoW

SHChangeNotify

OleLockRunning

StringFromGUID2

CLSIDFromString

CLSIDFromProgID

CoGetClassObject

OleInitialize

OleUninitialize

CreateStreamOnHGlobal

CoTaskMemRealloc

CoTaskMemAlloc

CoTaskMemFree

CoCreateInstance

CoUninitialize

CoInitialize

VariantClear

VariantInit

SysAllocString

SysStringLen

SysAllocStringLen

SysFreeString

OleCreateFontIndirect

LoadRegTypeLi

LoadTypeLi

SysStringByteLen

SysAllocStringByteLen

VarUI4FromStr

?Start@CExecutionGuard@@SA_NXZ

?Stop@CExecutionGuard@@SA_NXZ

?HostMonitorLinks@CDefManager@@QAEPB_WXZ

?GetPublicDNS@CDefManager@@QAE_NIPA_WK@Z

?PrstDescription@CDefManager@@QAEPB_WI@Z

?Exists@CWhiteList@@SA_NAAVCMd5Value@@_K@Z

?Get@CWhiteList@@SAAAV1@XZ

?UntrustedProvider@CDefManager@@QAE_NPB_W@Z

?Get@CDeStrSht@@QAEPAVCDeStr@@PB_W@Z

?ProtectedFiles@CDefManager@@QAEAAVCDeStrSht@@XZ

?GetSurveyID@CDefManager@@QAEHXZ

?Str@CDeStr@@QAEPB_WI@Z

?Get@CDeStrVector@@QAEPAVCDeStr@@I@Z

?Count@CDeStrVector@@QAEIXZ

?MalwareDNSList@CDefManager@@QAEAAVCDeStrVector@@XZ

?SpecialHelpdesk@CDefManager@@QAE_NXZ

?SetProductID@CDefManager@@QAEXK@Z

?GetNumeralVersion@CDefManager@@QAEIXZ

??1CUnknownCacheItemInfo@@QAE@XZ

?Expired@CUnknownCacheItemInfo@@QAE_NXZ

?GetStatusInfo@CUnknownCache@@QAE_NPB_W_KAAVCUnknownCacheItemInfo@@@Z

?Get@CUnknownCache@@SAAAV1@XZ

??0CUnknownCacheItemInfo@@QAE@XZ

?Save@CUnknownCache@@QAE_NXZ

?AddItem@CUnknownCache@@QAEXPB_WIW4EUnknownStatus@@00H_J@Z

?ParseDangerLvl@CDefManager@@SAHH@Z

?BlockedActiveX@CDefManager@@QAEAAVCDeStrVector@@XZ

??1CDefUrlInfo@@QAE@XZ

?Link@CDefUrlInfo@@QAEPB_WXZ

?GetUrl@CDefManager@@QAEXW4EDefUrlId@@AAVCDefUrlInfo@@@Z

?Get@CDefManager@@SAAAV1@XZ

??0CDefUrlInfo@@QAE@XZ

?GetVersion@CDefManager@@QAEPB_WXZ

?GetAffiliateID@CDefManager@@QAEHXZ

?AddArg@CDefUrlInfo@@QAEXPB_WK@Z

?AddArg@CDefUrlInfo@@QAEXPB_W0@Z

?FinishMerge@CDefManager@@QAEXXZ

?GetProductIDOrg@CDefManager@@QAEKXZ

?AddSiteIdArg@CDefManager@@QAEXAAVCDefUrlInfo@@@Z

??0CDefUrlInfo@@QAE@PB_W@Z

?DefEntryCount@CDefManager@@QBEIXZ

?GetProductID@CDefManager@@QAEKXZ

?Load@CDefManager@@QAEX_N0@Z

?VerifySh4Files@CWhiteList@@SA_NXZ

?PrstExists@CDefManager@@QAE_NI@Z

?PrstName@CDefManager@@QAEPB_WI@Z

?LoadPurlData@CDefManager@@QAEXXZ

?GetInfectedItem@CShResults@@QAEPAVCFoundItem@@I@Z

?InfectionsFound@CShResults@@QAEIXZ

?GetSafeObject@CShResults@@QAEPAVCPoeObject@@I@Z

?SafeObjectsFound@CShResults@@QAEIXZ

?Driver@CUnknownObject@@QAE_NXZ

?FinishGuiAction@CShScanner@@QAEXH@Z

?WritePlainScanLog@CShResults@@QAEXXZ

?Save@CSafeObjManager@@QAEXXZ

?Safes@@YAAAVCSafeObjManager@@XZ

?DenyUnknownsDisabling@CShResults@@QAE_NXZ

?Execute@CShRemover@@QAE_NH_N@Z

?Result@CShRemover@@QAE?AW4ERemoverResult@@XZ

?SetScannerWindow@CShScanner@@QAEXPAUHWND__@@@Z

?SLog_ScanRegistry@CShScanner@@SAPAU_SSupportLogFile@@XZ

?SLog_FreeLogFiles@CShScanner@@SAXPAU_SSupportLogFile@@@Z

?SLog_ScanFiles@CShScanner@@SAPAU_SSupportLogFile@@XZ

?TaskLocation@CPoeEntryTask@@QBEPB_WXZ

?ValuePart@CPoeEntryRegistry@@QBEPB_WXZ

?Value@CPoeEntryRegistry@@QBEPB_WXZ

?FullKey@CPoeEntryRegistry@@QBEPB_WXZ

?FileMd5@CPoeObject@@QAEPB_WXZ

?FileSize@CPoeObject@@QAE_KXZ

?FilePath@CPoeObject@@QAEPB_WXZ

?FileDescription@CPoeObject@@QAEPB_WXZ

?Title@CPoeObject@@QAEPB_WXZ

?DisableTime@CUnknownObject@@QAEPB_WXZ

?ReviewAfterIdent@CUnknownObjManager@@QAEXXZ

?Enable@CUnknownObject@@QAE_NXZ

?Type@CFoundItem@@QAE?AW4EFoundItemType@@XZ

?SystemComponentsCorrupted@CShResults@@QAE_NXZ

?ProcessedItem@CShResults@@QAEPB_WPA_WK@Z

?Operation@CShResults@@QAE?AW4ESeOperation@@XZ

?Progress@CShResults@@QAEIXZ

?StartScan@CShScanner@@QAEXH@Z

?StopScan@CShScanner@@QAEXXZ

?ItemsScanned@CShResults@@QAEIXZ

?GetModule@CUnknownObjManager@@QAEPAVCUnknownModule@@I@Z

?ModuleCount@CUnknownObjManager@@QAEIXZ

?Get@CUnknownObjManager@@QAEPAVCUnknownObject@@I@Z

?Count@CUnknownObjManager@@QAEIXZ

?WriteShOsFixEntries@CUnknownObject@@QAEXAAVCFixWriter@@_N@Z

?Rollback@CUnknownObject@@QAE_N_N@Z

?FindUnknownObject@CShResults@@QAEPAVCUnknownObject@@PB_W_K0@Z

?CreateXmlScanLog@CShResults@@QAEPB_WXZ

?UcStatusExpired@CUnknownObject@@QAE_NXZ

?Path@CUnknownModule@@QAEPB_WXZ

?Md5@CUnknownModule@@QAEPB_WXZ

?Size@CUnknownModule@@QAE_KXZ

?Reset@CWantedFiles@@QAEXXZ

?WantedFiles@CShScanner@@QAEAAVCWantedFiles@@XZ

?GetExecutionInfo@CGuardHelper@@SAAAUSExecutionInfo@@XZ

?Path@CWantedFile@@QAEPB_WXZ

?FileData@CWantedFile@@QAE_NPAPAEAAJ_N@Z

?RuleID@CWantedFile@@QAEHXZ

?Visible@CFoundItem@@QAE_NXZ

?FileVersion@CWantedFile@@QAEPB_WXZ

?ProductVersion@CWantedFile@@QAEPB_WXZ

?ProductName@CWantedFile@@QAEPB_WXZ

?OriginalName@CWantedFile@@QAEPB_WXZ

?InternalName@CWantedFile@@QAEPB_WXZ

?CompanyName@CWantedFile@@QAEPB_WXZ

?Size@CWantedFile@@QAEIXZ

?Md5@CWantedFile@@QAEPB_WXZ

?AddWantedFile@CWantedFiles@@QAEXIPB_W0H@Z

?SetLimits@CWantedFiles@@QAEXII@Z

?GetWantedFile@CWantedFiles@@QAEPAVCWantedFile@@I@Z

?WantedFilesFound@CWantedFiles@@QAEIXZ

?AnyFoundFiles@CWantedFiles@@QAE_NXZ

?GetFrsTestDataXmlStr@CShScanner@@QAEPB_WXZ

?FileVersion@CPoeObject@@QAEPB_WXZ

?FileCompanyName@CPoeObject@@QAEPB_WXZ

?Icon@CPoeObject@@QAEPAUHICON__@@XZ

?HKey@CPoeEntryRegistry@@QBEPAUHKEY__@@XZ

?Key@CPoeEntryRegistry@@QBEPB_WXZ

?FileName@CPoeObject@@QAEPB_WXZ

?Disable@CUnknownObject@@QAE_N_N@Z

?Undefined@CUnknownObject@@QBE_NXZ

?PartOfTheSystem@CPoeObject@@QAE_NXZ

?Enabled@CUnknownObject@@QBE_NXZ

?Exists@CUnknownObject@@QAE_NXZ

?SetAction@CUnknownObject@@QAEXH@Z

?PoeEntryCount@CPoeObject@@QAEIXZ

?DisableOrEnableUserUnknowns@CShRemover@@QAE_NXZ

?ClearScanDrives@CShScanner@@QAEXXZ

?AddDrive@CShScanner@@QAEXPB_W@Z

?AddMemoryScanEmuPath@CShScanner@@QAEXPB_W@Z

?Init@CGuardHelper@@SAXXZ

?Status@CShScanner@@QAE?AW4EScanStatus@@XZ

?Get@CShScanner@@SAPAV1@XZ

?Finalize@CShScanner@@QAEXXZ

?Dispose@CGuardHelper@@SAXXZ

?ScanComplete@CShResults@@QAE_NXZ

?Unknowns@@YAAAVCUnknownObjManager@@XZ

?IdentificationRequired@CUnknownObjManager@@QAE_NXZ

?Get@CShResults@@SAAAV1@XZ

?ShowTopParasitesDlg@CShResults@@QAE_NXZ

?Get@CShRemover@@SAAAV1@XZ

?Finished@CShRemover@@QAE_NXZ

?RebootNeeded@CShRemover@@QAE?AW4ERebootNeeded@@XZ

?GetDetection@CGuardHelper@@SAPAVCGiInterface@@XZ

?Silent@CGiInterface@@QAEHXZ

?AddGuardAlertStats@@YAXIPB_W0_K000@Z

?RemoveDetection@CGuardHelper@@SAXPAVCGiInterface@@@Z

?Count@CExclusions@@QAEIXZ

?Get@CExclusions@@QAEII@Z

?Get@CExclusions@@SAAAV1@XZ

?GetPoeEntry@CPoeObject@@QAEPBVCPoeEntry@@I@Z

?Remove@CExclusions@@QAEXI@Z

?Disabled@CUnknownObject@@QBE_NXZ

?PrstName@CFoundItem@@QAEPB_WXZ

?PrstDesc@CFoundItem@@QAEPB_WXZ

?ThreatLevel@CFoundItem@@QAEIXZ

?PID@CFoundItem@@QAEIXZ

?PathExpanded@CWantedFile@@QAEPB_WXZ

?ExecutionAlertDlgNeeded@CGuardHelper@@SA_NXZ

?UnknownObjectsFound@CShResults@@QAEIXZ

?DeleteMemoryDump@CWantedFile@@QAEXXZ

?GetUnknownObject@CShResults@@QAEPAVCUnknownObject@@I@Z

ord27

ord8

ord1

ord14

ord5

ord11

ord29

ord16

ord30

ord6

ord41

ord7

ord15

ord9

ord3

ord12

ord13

ord4

ord26

ord2

ord10

ord19

ord20

ord31

ord24

ord32

ord37

ord35

ord38

ord39

ord36

ord25

StrCmpNW

StrToIntW

SHDeleteKeyW

StrCmpIW

PathUnExpandEnvStringsW

ImageList_Remove

ImageList_ReplaceIcon

ImageList_Destroy

ImageList_AddMasked

ImageList_Create

ImageList_Draw

InitCommonControlsEx

AlphaBlend

TransparentBlt

VerQueryValueW

GetFileVersionInfoSizeW

GetFileVersionInfoW

GdipGetImageGraphicsContext

GdipAddPathLine

GdipFillPath

GdipCreateBitmapFromHBITMAP

GdipSetInterpolationMode

GdipSetTextRenderingHint

GdipSetImageAttributesColorMatrix

GdipDisposeImageAttributes

GdipCreateImageAttributes

GdipDrawPath

GdipSetSmoothingMode

GdipAddPathArc

GdipClosePathFigure

GdipDrawLine

GdipCreatePath

GdipGraphicsClear

GdipDeleteFontFamily

GdipGetGenericFontFamilySansSerif

GdipCreateFontFamilyFromName

GdipCreateFont

GdipMeasureString

GdipSetPageUnit

GdipCreatePen1

GdipSetLineColors

GdipCreateLineBrush

GdipCreateHICONFromBitmap

GdipDrawImageI

GdipReleaseDC

GdipDrawImageRectRectI

GdipCloneImage

GdipDisposeImage

GdipCreateBitmapFromStreamICM

GdipCreateBitmapFromStream

GdiplusStartup

GdiplusShutdown

GdipGetImageHeight

GdipGetImageWidth

GdipDrawImagePointRectI

GdipDrawImageRectRect

GdipDrawImageRectI

GdipDrawString

GdipCreateFontFromLogfontA

GdipCreateFontFromDC

GdipDeleteGraphics

GdipCreateFromHDC

GdipSetStringFormatLineAlign

GdipSetStringFormatAlign

GdipCreateStringFormat

GdipCreateSolidFill

GdipDeleteFont

GdipDeleteStringFormat

GdipDeletePen

GdipAlloc

GdipFree

GdipCloneBrush

GdipDeleteBrush

GdipCreateBitmapFromScan0

GdipSetPenDashStyle

GdipDeletePath

GdipDrawImageRect

InternetCheckConnectionW

InternetSetOptionW

send

connect

WSAGetLastError

htons

ntohs

getsockname

setsockopt

WSASetLastError

bind

socket

getsockopt

closesocket

WSAStartup

WSACleanup

inet_ntoa

inet_addr

__WSAFDIsSet

select

ioctlsocket

freeaddrinfo

recv

getaddrinfo

GetModuleInformation

GetModuleFileNameExW

GetProcessImageFileNameW

EnumProcessModules

GetProcessMemoryInfo

WinVerifyTrustEx

CryptCATAdminEnumCatalogFromHash

CryptDecodeObject

CryptQueryObject

CryptMsgClose

CertFreeCertificateContext

CertFindCertificateInStore

CertCloseStore

CryptMsgGetParam

CertGetNameStringW

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ