IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

GetLengthSid

CreateProcessAsUserW

InitializeAcl

InitializeSecurityDescriptor

OpenProcessToken

AddAce

IsValidSid

GetSecurityDescriptorOwner

InitializeSid

CopySid

GetSecurityDescriptorControl

GetSidLengthRequired

GetSidSubAuthority

LookupAccountSidW

GetAclInformation

GetSecurityDescriptorDacl

SetSecurityDescriptorDacl

GetSecurityDescriptorSacl

RegQueryValueExW

OpenServiceW

ConvertSidToStringSidW

RegOpenKeyExW

ChangeServiceConfig2W

OpenSCManagerW

CloseServiceHandle

EqualSid

RegCloseKey

GetSecurityDescriptorLength

MakeSelfRelativeSD

MakeAbsoluteSD

GetSecurityDescriptorGroup

InitiateSystemShutdownExW

SetNamedSecurityInfoW

ConvertStringSecurityDescriptorToSecurityDescriptorW

LogonUserW

LookupPrivilegeValueA

GetTokenInformation

GetNumberOfEventLogRecords

CloseEventLog

ReadEventLogW

OpenEventLogW

NotifyChangeEventLog

GetOldestEventLogRecord

DeregisterEventSource

RegisterEventSourceW

ReportEventW

CryptDestroyKey

CryptGetKeyParam

CryptAcquireContextW

CryptEncrypt

CryptDecrypt

QueryServiceStatusEx

QueryServiceConfig2W

ChangeServiceConfigW

QueryServiceConfigW

EnumServicesStatusExW

StartServiceW

EnumDependentServicesW

ControlService

DeleteService

QueryServiceStatus

CreateServiceW

OpenThreadToken

PrivilegeCheck

AdjustTokenPrivileges

LookupPrivilegeValueW

SetSecurityDescriptorGroup

GetSecurityInfo

RegEnumValueW

RegDeleteValueW

SetSecurityInfo

RegLoadKeyW

RegUnLoadKeyW

SetThreadToken

RegSetValueExW

SetSecurityDescriptorSacl

ImpersonateSelf

RegSaveKeyExW

RegEnumKeyExW

RegCreateKeyExW

RegFlushKey

RegDeleteKeyW

GetAce

SetSecurityDescriptorOwner

RegQueryInfoKeyW

RevertToSelf

SaferComputeTokenFromLevel

DuplicateTokenEx

DuplicateToken

CheckTokenMembership

SaferCreateLevel

ImpersonateLoggedOnUser

GetSidSubAuthorityCount

SetTokenInformation

IsTokenRestricted

SaferCloseLevel

RegOpenCurrentUser

SetKernelObjectSecurity

GetKernelObjectSecurity

GetNamedSecurityInfoW

SetEntriesInAclW

AccessCheck

GetSidIdentifierAuthority

LookupAccountNameW

LsaClose

LsaAddAccountRights

LsaOpenPolicy

LsaNtStatusToWinError

SetSecurityDescriptorControl

IsWellKnownSid

ConvertStringSidToSidW

CreateWellKnownSid

ConvertSecurityDescriptorToStringSecurityDescriptorW

LookupPrivilegeNameW

LsaRemoveAccountRights

CryptReleaseContext

CryptGetHashParam

CryptDestroyHash

CryptHashData

CryptDeriveKey

CryptCreateHash

?SetDoPrintFor@D_Support_c@@SAHW4D_Support_Scope@@PBDHH@Z

D_C_Support_GetConfigFile

D_C_Support_SetRotation

D_C_Support_SetStdStreamsToConsole

D_C_Support_SetPrefix

D_C_Support_SetRefreshInterval

D_C_Support_SetD_File

??0CvfIostreamInit@@QAE@XZ

??0D_LevelName_c@@QAE@PBDH@Z

??1D_LevelName_c@@QAE@XZ

D_C_Support_SetConfigFile

??1D_StackName_c@@QAE@XZ

?DoPrintFor@D_Support_c@@SAHPBD0I@Z

?Prefix@D_Support_c@@SAPBDPBDK0H@Z

?D_Stream@D_Support_c@@SAAAVostream@@XZ

D_C_Support_SetD_Stream

D_C_Support_GetFileName

??6@YAAAVostream@@AAV0@_W@Z

?Enter@D_Support_c@@SAXXZ

??6@YAAAVostream@@AAV0@ABU_GUID@@@Z

??6@YAAAVostream@@AAV0@N@Z

??6@YAAAVostream@@AAV0@E@Z

??0D_StackName_c@@QAE@PBD0@Z

?Leave@D_Support_c@@SAXXZ

??6@YAAAVostream@@AAV0@_J@Z

??6@YAAAVostream@@AAV0@PB_W@Z

??6@YAAAVostream@@AAV0@PAX@Z

??6@YAAAVostream@@AAV0@K@Z

??6@YAAAVostream@@AAV0@J@Z

??6@YAAAVostream@@AAV0@PBD@Z

?flush@ostream@@QAEAAV1@XZ

VirtualAllocEx

AcquireSRWLockShared

GetThreadTimes

Module32NextW

K32EnumProcessModules

VirtualFreeEx

GetProcessTimes

VirtualQueryEx

CheckRemoteDebuggerPresent

CreateThread

SleepEx

GetComputerNameW

GlobalFree

OpenFileMappingW

UnmapViewOfFile

CreateFileMappingW

MapViewOfFile

VirtualQuery

ReadFile

GetLogicalDrives

VirtualFree

FindNextFileW

DeviceIoControl

VirtualAlloc

RemoveDirectoryW

SetFileTime

LockFile

GetCompressedFileSizeW

SetEndOfFile

SetFileAttributesW

DeleteFileW

UnlockFile

SetFilePointerEx

MoveFileExW

FlushFileBuffers

GetVolumeInformationW

GetVolumeNameForVolumeMountPointW

GetLogicalDriveStringsW

GetDiskFreeSpaceExW

GetSystemInfo

K32GetPerformanceInfo

ExpandEnvironmentStringsW

GetNativeSystemInfo

IsWow64Process

GetModuleHandleExW

GetTempPathW

GetSystemDirectoryW

FormatMessageW

LocalFileTimeToFileTime

FileTimeToSystemTime

ResetEvent

FileTimeToLocalFileTime

GetTimeFormatW

GetThreadId

SystemTimeToFileTime

GetSystemTimeAsFileTime

GetSystemWindowsDirectoryW

GetDateFormatW

IsDebuggerPresent

CancelWaitableTimer

GetSystemTime

LockFileEx

HeapCompact

DeleteFileA

LoadLibraryA

CreateFileA

FlushViewOfFile

GetFileAttributesA

GetDiskFreeSpaceA

GetTempPathA

HeapValidate

UnlockFileEx

GetFullPathNameA

Module32FirstW

GetDiskFreeSpaceW

HeapCreate

AreFileApisANSI

WriteConsoleW

SetStdHandle

SetEnvironmentVariableW

FreeEnvironmentStringsW

GetEnvironmentStringsW

GetCommandLineA

GetOEMCP

GetACP

IsValidCodePage

FindFirstFileExW

SetConsoleCtrlHandler

ReadConsoleW

PeekConsoleInputA

ReadConsoleInputW

GetNumberOfConsoleInputEvents

SetConsoleMode

GetConsoleMode

GetFileType

EnumSystemLocalesW

GetUserDefaultLCID

IsValidLocale

LCMapStringW

CompareStringW

ExitProcess

FreeLibraryAndExitThread

ExitThread

GetConsoleCP

GetFileAttributesExW

VirtualProtect

InterlockedFlushSList

InterlockedPushEntrySList

RtlUnwind

InitializeSListHead

GetStartupInfoW

InitializeCriticalSectionAndSpinCount

IsProcessorFeaturePresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

GetCPInfo

CompareStringEx

GetLocaleInfoEx

CreateSymbolicLinkW

GetFileInformationByHandleEx

CloseThreadpoolWait

SetThreadpoolWait

CreateThreadpoolWait

CloseThreadpoolTimer

WaitForThreadpoolTimerCallbacks

SetThreadpoolTimer

CreateThreadpoolTimer

CloseThreadpoolWork

SubmitThreadpoolWork

CreateThreadpoolWork

FreeLibraryWhenCallbackReturns

GetCurrentProcessorNumber

FlushProcessWriteBuffers

CreateSemaphoreExW

CreateEventExW

SleepConditionVariableSRW

SleepConditionVariableCS

WakeAllConditionVariable

WakeConditionVariable

InitializeConditionVariable

InitOnceExecuteOnce

InitializeSRWLock

FlsFree

FlsSetValue

FlsGetValue

FlsAlloc

LCMapStringEx

EncodePointer

QueryPerformanceFrequency

QueryPerformanceCounter

GetStringTypeW

FormatMessageA

WaitNamedPipeW

GetTickCount64

VerifyVersionInfoW

WTSGetActiveConsoleSessionId

SetCurrentDirectoryW

GetCurrentDirectoryW

WaitForMultipleObjectsEx

TryEnterCriticalSection

SetThreadPriority

ResumeThread

SuspendThread

TlsFree

TlsGetValue

TlsAlloc

TlsSetValue

QueueUserAPC

LoadLibraryExW

EnumResourceNamesW

ConnectNamedPipe

GetOverlappedResult

DisconnectNamedPipe

CreateNamedPipeW

lstrcatA

GlobalUnlock

GlobalLock

lstrcpyA

GlobalAlloc

PeekNamedPipe

CreatePipe

SetProcessWorkingSetSize

GetLocalTime

CreateWaitableTimerW

SetWaitableTimer

GetFileTime

SystemTimeToTzSpecificLocalTime

GetFileSize

SetHandleInformation

TerminateThread

GetCurrentThreadId

WaitForMultipleObjects

OutputDebugStringW

DeleteProcThreadAttributeList

K32GetModuleInformation

ReleaseSRWLockShared

Process32FirstW

AcquireSRWLockExclusive

Process32NextW

ReleaseSRWLockExclusive

UpdateProcThreadAttribute

CreateToolhelp32Snapshot

K32GetProcessImageFileNameW

lstrlenA

Thread32First

Thread32Next

K32GetModuleFileNameExW

InitializeProcThreadAttributeList

lstrlenW

SetFileInformationByHandle

LocalAlloc

GetFileSizeEx

FindFirstFileW

OpenThread

GetLocaleInfoW

ReadProcessMemory

OpenMutexW

WaitForSingleObjectEx

GetCurrentThread

CreateEventW

OpenProcess

ReleaseMutex

WriteProcessMemory

GetFileInformationByHandle

FindClose

GetDriveTypeW

FindNextVolumeW

GetVolumePathNamesForVolumeNameW

FindVolumeClose

GetWindowsDirectoryW

GetFileAttributesW

GetShortPathNameW

GetLongPathNameW

GetFullPathNameW

FindFirstVolumeW

QueryDosDeviceW

GetExitCodeProcess

CreateProcessW

WaitForSingleObject

GetProcessId

TerminateProcess

InitializeCriticalSection

AllocConsole

GetTickCount

GetConsoleWindow

FreeLibrary

GetModuleHandleW

GetProcAddress

LoadLibraryW

FreeConsole

SetEvent

AttachConsole

GetTimeZoneInformation

GetComputerNameExW

OpenEventW

SetFilePointer

LeaveCriticalSection

GetModuleFileNameW

GetStdHandle

GetCommandLineW

EnterCriticalSection

CreateDirectoryW

WideCharToMultiByte

GetProcessHeap

GetCurrentProcessId

DeleteCriticalSection

LocalFree

HeapDestroy

DecodePointer

HeapAlloc

FindResourceW

LoadResource

FindResourceExW

RaiseException

CloseHandle

HeapReAlloc

LockResource

GetLastError

Sleep

ProcessIdToSessionId

MultiByteToWideChar

HeapSize

DuplicateHandle

CreateFileW

InitializeCriticalSectionEx

CreateMutexW

WriteFile

GetCurrentProcess

SetLastError

HeapFree

SizeofResource

GetExitCodeThread

CreateRemoteThread

GlobalMemoryStatusEx

SetProcessAffinityMask

K32EnumProcesses

GetProcessAffinityMask

FileTimeToDosDateTime

lstrcpynA

GetThreadContext

SetThreadContext

FlushInstructionCache

VirtualProtectEx

LoadLibraryExA

GetEnvironmentVariableA

GetEnvironmentVariableW

OutputDebugStringA

CreateProcessA

CloseDesktop

CloseWindowStation

SendNotifyMessageW

ExitWindowsEx

IsCharAlphaW

UnregisterClassW

MessageBoxW

GetWindowThreadProcessId

wsprintfW

GetUserObjectInformationW

GetSystemMetrics

SHGetFolderPathW

CommandLineToArgvW

SHGetDesktopFolder

SHGetKnownFolderPath

CLSIDFromString

CreateStreamOnHGlobal

CoUninitialize

CoCreateInstance

CoTaskMemFree

CoSetProxyBlanket

CoInitializeSecurity

CoInitializeEx

StringFromGUID2

IIDFromString

CoCreateGuid

CoUnmarshalInterface

CoInitialize

GetErrorInfo

SafeArrayCopy

SafeArrayUnaccessData

SafeArrayAccessData

CreateErrorInfo

SafeArrayGetUBound

SafeArrayGetLBound

SafeArrayCreate

SysStringByteLen

SetErrorInfo

SysAllocStringByteLen

VariantCopy

VariantInit

VariantChangeType

VariantClear

SysStringLen

SafeArrayDestroy

SafeArrayUnlock

SysFreeString

SafeArrayGetVartype

SysAllocString

SafeArrayLock

SysAllocStringLen

?VfUtil_MatchFileLocation@@YA_NABVIvfPathProvider@@PB_W1_N@Z

?VfUtil_MatchFileMsiInfo@@YA_NABVCvfTargetInfoFile@@PB_W1_NW4EvfStrCompareAs@@@Z

?ExpandCommonEnvStringsOnly@CvfUserEnvMap@@SA_NPB_WAAVCvfUtilStr@@@Z

?QueryPublisherProvider@CvfTargetInfoFile@@UBEPBVIvfPublisherProvider@@XZ

?QueryOwnerProvider@CvfTargetInfoFile@@UBEPBVIvfOwnerProvider@@XZ

?QueryVersionInfoProvider@CvfTargetInfoFile@@UBEPBVIvfVersionInfoProvider@@XZ

?TargetType@CvfTargetInfoFile@@UBE?AW4EvfPolicyTarget@@XZ

?PreexistedScanFinished@CvfSupplementalFileData@@SA_NXZ

?LastParseResult@CvfMsiIpiReader@@QBEJXZ

?ClientPid@CvfMsiIpiReader@@QBEKXZ

?IpiFilePath@CvfMsiIpiReader@@QBEABVCvfUtilStr@@XZ

?MsiFilePathLocal@CvfMsiIpiReader@@QBEABVCvfUtilStr@@XZ

?MsiFilePathSource@CvfMsiIpiReader@@QBEABVCvfUtilStr@@XZ

?VarSetupExeDir@CvfMsiIpiReader@@QBEABVCvfUtilStr@@XZ

?VarInstallDir@CvfMsiIpiReader@@QBEABVCvfUtilStr@@XZ

?ProductName@CvfMsiIpiReader@@QBEABVCvfUtilStr@@XZ

?ProductId@CvfMsiIpiReader@@QBEABVCvfUtilStr@@XZ

?VfUtilProcMap_GetParentSvcName@@YA_NKAAVCvfUtilStr@@@Z

?VfUtil_IsFileLocationTypeFixed@@YA_NPB_W@Z

?VfUtil_IsGoogleChromePid@@YA_NK_N@Z

?_m_theScanFinished@CvfSupplementalFileData@@0_NA

?VfUtil_IsMSEdge@@YA_NABVCvfTargetInfoFile@@_N@Z

?SetParentSvcName@CvfTargetInfoProcess@@QAEXPB_W@Z

?SetTargetSvcName@CvfTargetInfoProcess@@QAEXK@Z

?SetSoftwareDistributorName@CvfTargetInfoProcess@@QAEXPB_W@Z

?_GetFromCache@CvfTargetInfo@@MBEPB_WPB_W@Z

?_IsMissingValue@CvfTargetInfo@@MBE_NPB_W@Z

?_SaveToCache@CvfTargetInfo@@MBEXPB_WABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z

?_RemoveFromCache@CvfTargetInfo@@MBEXPB_W@Z

?_SetMissingValue@CvfTargetInfo@@MBEXPB_W@Z

?Copy@CvfSupplementalFileData@@SAKPB_W0@Z

?IsSystemProcess@CvfTargetInfoFile@@UBE_NXZ

?GetVersion@CvfTargetInfoFile@@UBE?AUSvfVersion@@XZ

?_GetDescriptionForAlert@CvfTargetInfoFile@@MBEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z

?_GetDescriptionForEvent@CvfTargetInfoFile@@MBEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z

?VfUtil_IsBrowserBroker@@YA_NABVCvfTargetInfoFile@@_N@Z

?VfUtil_MatchFilenameAndHash@@YA_NABVIvfHashProvider@@PB_WW4EvfStrCompareAs@@11_J@Z

?VfUtil_GetProcStartTriggerForUser@@YA?AW4EvfAlertTrigger@@W4EvfPolicyAction@@PAX_N@Z

?RunsInsideAgent@CvfBlFlAcAl@@SAXXZ

?IsEmpty@SvfTriggerPolicyShortInfo@@QBE_NXZ

?IsEmpty@SvfProcessPolicyData@@QBE_NXZ

?IsPolicyAction@SvfTokenPolicyData@@QBE_NW4EvfPolicyAction@@@Z

?IsEmpty@CvfUtilStr@@QBE_NXZ

?SoftwareDistributorName@CvfFileSrcProcess@@QBEABVCvfUtilStr@@XZ

?SetSoftwareDistributorName@CvfFileSrcProcess@@QAEXPB_W@Z

?Installer@CvfFileOrigin@@QAEAAVCvfFileSrcInstaller@@XZ

?ParentInstaller@CvfFileOrigin@@QAEAAVCvfFileSrcParentInstaller@@XZ

?SetSoftwareDistributorUpdateHelper@CvfSharedPoliciesData@@SAXP6A_NAAVCvfFileOrigin@@@Z@Z

?UpdateAppCompatFlagsForAll@CvfAdminTaskJavaUpdate@@SAXXZ

?VfUtil_IsMSEdgePid@@YA_NK_N@Z

?FillFromProcess@CvfFileOrigin@@QAE_NPB_WAAVCvfTargetInfoProcess@@0@Z

?FillFromMsi@CvfFileOrigin@@QAE_NPB_WABVCvfMsiIpiReader@@AAVCvfTargetInfoFile@@AAVCvfTargetInfoProcess@@@Z

?INSTALLER_INPROGRESS_REG_PATH_DRV@CvfMsiTargetUtil@@2QB_WB

?VfUtil_PolicyActionStrEx@@YAPB_WKABU_GUID@@@Z

??0CvfMsiIpiReader@@QAE@XZ

??1CvfMsiIpiReader@@QAE@XZ

?ParseCurrent@CvfMsiIpiReader@@QAEJXZ

?INSTALLER_REG_PATH_DRV@CvfMsiTargetUtil@@2QB_WB

?SafeString@CvfUtilStr@@QBEPB_WXZ

??0CvfSimplePathProvider@@QAE@PB_WPAX@Z

??1CvfSimplePathProvider@@QAE@XZ

?IsGreaterThan@SvfVersion@@QBE_NABU1@@Z

?VfUtil_MatchFilename@@YA_NABVIvfPathProvider@@PB_WW4EvfStrCompareAs@@@Z

?ImageFileModified@CvfTargetInfoFile@@QBE_NXZ

?ProcessesCount@CvfFileSrcInstaller@@QBEKXZ

?GetProcess@CvfFileSrcInstaller@@QAEPAVCvfFileSrcProcess@@K@Z

?ClearMap@CvfUserEnvMap@@SAXXZ

?_m_theInsideAgent@CvfBlFlAcAl@@0_NA

?GetDebugString@SvfTokenPolicyData@@QBEPB_WAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z

?VfUtil_MatchPublisher@@YA_NABVIvfPublisherProvider@@PB_W_NW4EvfStrCompareAs@@@Z

?NeedFeelWellKnown@CvfFileSrcProcess@@QAE_NXZ

?FillWellKnown@CvfFileSrcProcess@@QAE_NXZ

?VfUtil_FindParentPolicyData@@YA_NABVCvfTargetInfo@@AAUSvfProcessPolicyData@@@Z

?SetOnDemandElevationRequested@CvfTargetInfo@@QAEX_N@Z

?VfUtil_ThisOrLinkedHasAdminRights@@YA_NPAX@Z

??0CvfTokenPolicyData@@QAE@_NKABUSvfTriggerPolicyShortInfo@@@Z

?SetToToken@CvfTokenPolicyData@@QBE_NPAX_N@Z

??0CvfTargetInfoActiveX@@QAE@ABVCvfConsentData@@@Z

?GetDescriptionForAlert@CvfTargetInfo@@QBEPB_WXZ

?GetDescriptionForEvent@CvfTargetInfo@@QBEPB_WXZ

??0CvfTargetInfoFile@@QAE@ABVCvfConsentData@@@Z

?IsGreaterThan@SvfVersion@@QBE_NKK@Z

??1CvfTargetInfoUacCOM@@UAE@XZ

??0SvfTriggerPolicyShortInfo@@QAE@ABU0@@Z

?SessionId@CvfProcessData@@QBEKXZ

?IsPolicyAction@CvfProcessData@@QBE_NW4EvfPolicyAction@@@Z

?HasZeroTouchState@CvfProcessData@@QBEKK@Z

?Path@CvfProcessData@@QBEABVCvfUtilStr@@XZ

??0CvfTargetInfoProcess@@QAE@ABVCvfProcessData@@PAX@Z

??1CvfTargetInfoProcess@@UAE@XZ

?Clone@CvfTargetInfoProcess@@QBEPAV1@XZ

??0CvfTargetInfoActiveX@@QAE@K_KK@Z

??1CvfTargetInfoActiveX@@UAE@XZ

?VfUtil_GetProcessImagePath@@YA_NKAAVCvfUtilStr@@@Z

??0CvfProcessData@@QAE@XZ

??1CvfProcessData@@QAE@XZ

?VfUtilProcMap_FindProcessData@@YA_NKAAVCvfProcessData@@@Z

?DecomposeChallengeResponse@CvfOPAGHelper@@SA?AW4EvfOpagActionResult@@PB_W0000_NAAUSvfOpagAction@@@Z

?DecomposeResponseLongToken@CvfOPAGHelper@@SA_NPB_WABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0K_NAAK@Z

?VfUtil_GetDefaultVfHostPath@@YAPB_WXZ

??0CvfShortcut@@QAE@XZ

??1CvfShortcut@@QAE@XZ

?GetTargetPath@CvfShortcut@@QBEPB_WXZ

?GetDescription@CvfShortcut@@QBEPB_WXZ

?GetWorkingDirectory@CvfShortcut@@QBEPB_WXZ

?GetIconLocation@CvfShortcut@@QBEPB_WAAH@Z

?Load@CvfShortcut@@QAE_NPB_W_NK@Z

?VfUtil_GetAgentConfigDir@@YAPB_WXZ

?IsEmpty@SvfVersion@@QBE_NXZ

?FromString@SvfVersion@@QAEXPB_W@Z

?VerifyHash@CvfFileHash@@SA_NPB_W00@Z

?ParseAlgAndHash@IvfHashProvider@@SA_NPB_WAAVCvfUtilStr@@1@Z

??0SvfProcessPolicyData@@QAE@XZ

?IsTargetType@CvfTargetInfo@@QBE_NW4EvfPolicyTarget@@@Z

?Pid@CvfTargetInfoProcess@@QBEKXZ

?ParentSvcName@CvfTargetInfoProcess@@QBEPB_WXZ

?CreationTime@CvfTargetInfoProcess@@QBE_KXZ

?Action@CvfShBufPolicy@@QBE?AW4EvfPolicyAction@@XZ

?Id@CvfShBufPolicy@@QBEKXZ

?Active@CvfShBufPolicy@@QBE_NXZ

?Order@CvfShBufPolicy@@QBE_KXZ

?IsImplicit@CvfShBufPolicy@@QBE_NXZ

?GuiType@CvfShBufPolicy@@QBEKXZ

?ReportUsageState@CvfShBufPolicy@@QBEKXZ

?IsEmpty@CvfExtFileAttributes@@QBE_NXZ

?HasFlags@SvfTokenPolicyData@@QBE_NG@Z

?CreatedByUacElevator@SvfTokenPolicyData@@QBE_NXZ

?GetInheritable@SvfTokenPolicyData@@QBE_NXZ

?GetProtectInstalledFiles@SvfTokenPolicyData@@QBE_NXZ

?GetRestrictFileDlg@SvfTokenPolicyData@@QBE_NXZ

?GetPid@SvfTokenPolicyData@@QBEKXZ

?GetClientPid@SvfTokenPolicyData@@QBEKXZ

?GetPolicyId@SvfTokenPolicyData@@QBEKXZ

?GetPolicyAction@SvfTokenPolicyData@@QBE?AW4EvfPolicyAction@@XZ

?GetOriginalPolicyAction@SvfTokenPolicyData@@QBE?AW4EvfPolicyAction@@XZ

?GetTargetType@SvfTokenPolicyData@@QBE?AW4EvfPolicyTarget@@XZ

?GetPolicyTargetId@SvfTokenPolicyData@@QBEABU_GUID@@XZ

??0CvfTokenPolicyData@@QAE@XZ

??1CvfTokenPolicyData@@QAE@XZ

?VfUtil_FindPolicyData@@YA_NKAAUSvfProcessPolicyData@@@Z

?CreateFromPid@CvfTargetInfoProcess@@SAPAV1@KKPAX@Z

?AdminTaskId@CvfTargetInfoProcess@@QBE?AW4EvfAdminTaskId@@XZ

?VfUtil_ObfuscateDeObfuscateByteArray@@YA_NPAEI@Z

?VfUtil_ServiceNotificationMask2Str@@YAXKAAPA_W@Z

?VfUtil_ServiceState2Str@@YAPB_WK@Z

?DownloadParamsOnly@CvfTargetInfoActiveX@@QBE_NXZ

?Contains@CvfVersionRange@@QBE_NABUSvfVersion@@@Z

?VfUtil_MatchFileOwner@@YA_NAAVIvfOwnerProvider@@ABVCSid@ATL@@@Z

?IsPackageType@CvfFileSrcPackage@@QBE_NPB_W@Z

?GetMainSourceType@CvfFileSrcInstaller@@QBE?AW4EvfType@CvfFileSrcType@@XZ

?GetSourcePath@CvfFileSrcInstaller@@QBEPB_WXZ

?GetCallerProcessInfo@CvfTargetInfoFile@@QAEPAVCvfTargetInfoProcess@@XZ

?IsPreexisted@CvfTargetInfoFile@@QAE_N_N@Z

?IsLocationType@CvfFileSrcCopyData@@QBE_NPB_W@Z

?VfUtil_MatchCmdLineArguments@@YA_NPB_W00_NW4EvfStrCompareAs@@@Z

?VfUtil_MatchStr@@YA_NPB_W0_NW4EvfStrCompareAs@@@Z

?FromStr@CvfFileSrcType@@SA?AW4EvfType@1@PB_W@Z

?VfUtil_IsValidRegExp@@YA_NPB_W_N@Z

?VfUtil_MatchServiceName@@YA_NPB_W0@Z

?UserEqualsOrBelongsTo@CvfFileOrigin@@QBE_NABVCSid@ATL@@@Z

?VfUtil_GetVfHostPath@@YAPB_WW4EvfImageType@@@Z

?IsClsidInUserHive@CvfTargetInfoUacCOM@@QBE_NXZ

?IsElevatorType@CvfTargetInfoElevator@@QBE_NW4EvfElevatorType@@@Z

?Args@CvfFileSrcProcess@@QBEABVCvfUtilStr@@XZ

?ProcessImageFileModified@CvfTargetInfoProcess@@QBE_NXZ

?GetProductVersion@CvfTargetInfoFile@@QBE?AUSvfVersion@@XZ

?VfUtil_GetProcTargetOfType@@YA_NABVCvfTargetInfo@@W4EvfPolicyTarget@@AAPAVCvfTargetInfoProcess@@@Z

?MediaType@CvfRemovableMedia@@QBE?AW4EvfMediaType@1@XZ

?VfUtil_GetFileProcTargetsOfType@@YA_NABVCvfTargetInfo@@W4EvfPolicyTarget@@AAPAVCvfTargetInfoFile@@AAPAVCvfTargetInfoProcess@@@Z

?SetAdminTaskId@CvfTargetInfoProcess@@QAEXW4EvfAdminTaskId@@@Z

?CreateInstance@CvfAdminTask@@SAPAV1@W4EvfAdminTaskId@@@Z

?DeleteInstance@CvfAdminTask@@SAXPAV1@@Z

?GetBufferSize@SvfVersion@@QBEKXZ

??0CvfVersionRange@@QAE@XZ

?IsInfinite@CvfVersionRange@@QBE_NXZ

?GetProperty@CvfRemovableMedia@@QBE_NPB_WAAVCvfUtilStr@@@Z

?IsAdminTask@CvfTargetInfoProcess@@QBE_NXZ

?GetAppPackageFullName@CvfTargetInfoProcess@@QBEPB_WXZ

?GetAppPackageId@CvfTargetInfoProcess@@QBEPBUPACKAGE_ID@@XZ

?GetAppPackageName@CvfTargetInfoProcess@@QBEPB_WXZ

?GetAppPackagePath@CvfTargetInfoProcess@@QBEPB_WXZ

?GetAppPackagePublisher@CvfTargetInfoProcess@@QBEPB_WXZ

?GetAppPackagePublisherDisplayName@CvfTargetInfoProcess@@QBEPB_WXZ

?GetAppPackageVersion@CvfTargetInfoProcess@@QBEABUSvfVersion@@XZ

?GetAppPackageDisplayName@CvfTargetInfoProcess@@QBEPB_WXZ

?GetProcessServiceNames@CvfTargetInfoProcess@@QAEPB_WXZ

?SoftwareDistributorName@CvfTargetInfoProcess@@QBEPB_WXZ

?VfUtil_MatchFileVersionInfo@@YA_NABVIvfVersionInfoProvider@@PB_W1_NW4EvfStrCompareAs@@@Z

?GetFileSize@CvfTargetInfoFile@@UBE_JXZ

?GetServiceProcessType@CvfSvcUtil@@SA?AW4EvfSvcProcType@1@K@Z

?ExpandEnvStringsForUser@CvfUserEnvMap@@SA_NPAXPB_WAAVCvfUtilStr@@@Z

??0SvfTriggerPolicyShortInfo@@QAE@ABUSvfTokenPolicyData@@@Z

?CallerPid@CvfTargetInfoFile@@QBEKXZ

?Clsid@CvfTargetInfoActiveX@@QBEABU_GUID@@XZ

?CodeURL@CvfTargetInfoActiveX@@QBEPB_WXZ

?MimeType@CvfTargetInfoActiveX@@QBEPB_WXZ

?Version@CvfTargetInfoActiveX@@QBEABUSvfVersion@@XZ

?CleanCacheFileName@CvfTargetInfoActiveX@@QBEPB_WXZ

?Url@CvfTargetInfoElevator@@QBEPB_WXZ

?Clsid@CvfTargetInfoUacCOM@@QBEABU_GUID@@XZ

?AdminTaskId@CvfTargetInfoUacCOM@@QBE?AW4EvfAdminTaskId@@XZ

?AdminTaskId@CvfTargetInfoElevator@@QBE?AW4EvfAdminTaskId@@XZ

?VfUtil_GetFileLocationType@@YAPB_WPAXPB_W@Z

?GetMsiInfo@CvfTargetInfoFile@@QBEPB_WPB_W@Z

?ToXml@CvfFileOrigin@@QBE_NAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@_N1@Z

?VfUtil_GetProcessImagePathAndCmdLine@@YA_NKAAVCvfUtilStr@@0@Z

?InstallTime@CvfFileSrcInstaller@@QBE_KXZ

?Hash@CvfFileSrcFile@@QBEABVCvfUtilStr@@XZ

?File@CvfFileOrigin@@QBEABVCvfFileSrcFile@@XZ

?File@CvfFileOrigin@@QAEAAVCvfFileSrcFile@@XZ

?LastError@CvfSupplementalFileData@@QBEKXZ

?m_thePreexisted@CvfFileOrigin@@2V1@B

?Fill@CvfFileSrcFile@@QAE_NAAVCvfTargetInfoFile@@@Z

??0CvfSupplementalFileData@@QAE@ABVCvfFileOrigin@@@Z

?ToFile@CvfSupplementalFileData@@QAE_NPB_WPAX@Z

?_SetScanFinished@CvfSupplementalFileData@@CA_N_N@Z

?IsDefaultPolicy@SvfTriggerPolicyShortInfo@@QBE_NXZ

?FilePath2TargetType@CvfTargetInfoFile@@SA?AW4EvfPolicyTarget@@PB_W@Z

?GetOwner@CvfTargetInfoFile@@UBEPBVCSid@ATL@@XZ

?GetOwnerDomainUserName@CvfTargetInfoFile@@UBEPB_WXZ

?GetVersionStr@CvfTargetInfoFile@@UBEPB_WXZ

?GetProductVersionStr@CvfTargetInfoFile@@QBEPB_WXZ

?GetProductName@CvfTargetInfoFile@@QBEPB_WXZ

?GetRequestedExecutionLevel@CvfTargetInfoFile@@QBEPB_WXZ

?GetUrlSecurityZoneId@CvfTargetInfoFile@@QBE?AW4tagURLZONE@@XZ

?IsInTempDir@CvfTargetInfoFile@@QBE_NXZ

?VfUtil_FindVfInjData@@YA_NKAAUSvfInjData@@@Z

?VfUtilProcMap_GetProcParamsForNetAccess@@YA_NKAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0AA_K@Z

?ParentTid@CvfTargetInfoProcess@@QBEKXZ

?VfUtil_IsSipPath@@YA_NPB_W@Z

?VfUtil_IsServicesPid@@YA_NK_N@Z

?VfUtil_IsPASAgentPid@@YA_NK@Z

?VfUtil_IsVfHostPid@@YA_NK@Z

?VfUtil_IsPASAgentPath@@YA_NPB_W@Z

??0SvfMatchWinFileParams@@QAE@PB_W0_NK@Z

??4SvfTriggerPolicyShortInfo@@QAEAAU0@ABU0@@Z

??4SvfProcessPolicyData@@QAEAAU0@ABU0@@Z

?SetTriggerPolicyShortInfo@SvfProcessPolicyData@@QAEXABUSvfTriggerPolicyShortInfo@@@Z

?GetDescriptionBase@CvfTargetInfo@@QBEPB_WXZ

?IsPublisherStatus@CvfTargetInfoFile@@QBE_NW4EvfPublisherStatus@@@Z

?SetCallerPid@CvfTargetInfoFile@@QAEXK@Z

?SetRequestedFileAccess@CvfTargetInfoFile@@QAEXK@Z

?RequestedFileAccess@CvfTargetInfoFile@@QBEKXZ

?SetDrvFlagsOnFileOpen@CvfTargetInfoFile@@QAEXK@Z

?ParentPidReal@CvfTargetInfoProcess@@QBEKXZ

?GetDisplayName@CvfAdminTask@@SAPB_WW4EvfAdminTaskId@@@Z

?VfUtil_PolicyActionHeritageTypeStr@@YAPB_WK@Z

?GetFromToken@CvfTokenPolicyData@@QAE_NPAX@Z

?VfUtil_PolicyTargetTypeStr@@YAPB_WK@Z

?VfUtil_MultifileCreatorTypeStr@@YAPB_WW4EvfMultifileCreatorType@@@Z

?VfUtil_IsWindowsExplorerPid@@YA_NK_N@Z

?SetDrvEaHelper@CvfExtFileAttributes@@SAXP6AJPAXPBXK@Z@Z

?VfUtil_MatchFilePublisher@@YA_NPB_W0_NW4EvfStrCompareAs@@@Z

??1CvfRemovableMedia@@QAE@XZ

??0CvfRemovableMedia@@QAE@PB_W00KW4EvfMediaType@0@@Z

??0SvfVersion@@QAE@XZ

?ExtractFromFile@CvfManifestReader@@SA_NPB_WAAPA_W@Z

??1CvfSupplementalFileData@@UAE@XZ

??0CvfFileFullEaInfo@@QAE@XZ

??1CvfFileFullEaInfo@@QAE@XZ

??0CvfExtFileAttributes@@QAE@XZ

?Name@CvfShBufPolicy@@QBEPB_WXZ

?GetTargetPolicyAction@CvfSharedPoliciesData@@SA_NABVCvfTargetInfo@@AAUSvfTriggerPolicyShortInfo@@@Z

?IsMultifileCreator@CvfSharedPoliciesData@@SA_NAAVCvfTargetInfo@@AAUSvfTriggerPolicyShortInfo@@@Z

?GetPolicyById@CvfSharedPoliciesData@@SA_NKAAPAVCvfShBufPolicy@@@Z

?IsSpecificPublisherTrusted@CvfFileSignature@@SA_NPB_W0@Z

?EaCacheBuf2DebugStr@CvfFileSignature@@SAXPBEGAAV?$CvfProcHeapPtr@D@@@Z

?ExtractFromFile@CvfManifestReader@@SA_NPB_WPAXAAPA_W@Z

?VfUtil_SavePreBootVersion@@YA_NXZ

?CheckOpagAction@CvfOPAGHelper@@SA?AW4EvfOpagActionResult@@PB_WPAXAAUSvfOpagAction@@@Z

VfUtil_RedirectTrace

?GetAt@SvfVersion@@QBEGE@Z

??1CvfExtFileAttributes@@QAE@XZ

?LoadAllFromFile@CvfExtFileAttributes@@QAE_NPB_W@Z

?GetHeadPosition@CvfExtFileAttributes@@QBEPAU__POSITION@@XZ

?GetNext@CvfExtFileAttributes@@QAE_NAAPAU__POSITION@@AAVCvfFileFullEaInfo@@_N@Z

?VfUtil_GetFileLocationType@@YAPB_WABVIvfPathProvider@@@Z

?VfUtil_PolicyActionStr@@YAPB_WK@Z

??0CvfSupplementalFileData@@QAE@XZ

?FromFile@CvfSupplementalFileData@@QAE_NPB_WPAX_N@Z

?ToXml@CvfSupplementalFileData@@QBE_NAAV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@KPB_W@Z

?ReadScanFinishedFlag@CvfSupplementalFileData@@SA_NXZ

?GetHashStringUsing@CvfTargetInfoFile@@UBEPB_WPB_W@Z

?GetPublisher@CvfTargetInfoFile@@UBEPB_W_NAAW4EvfPublisherStatus@@@Z

?GetVersionInfo@CvfTargetInfoFile@@UBEPB_WPB_W@Z

?VfUtil_GetAgentTraceDir@@YAPB_WXZ

?VfUtil_ParseRegPath@@YAPB_WPB_WAAPAUHKEY__@@@Z

?Name@CvfFileFullEaInfo@@QBEPBDXZ

?ValueLength@CvfFileFullEaInfo@@QBEGXZ

?Value@CvfFileFullEaInfo@@QBEPBEXZ

?VfUtil_GetInternetExplorerVersion@@YA_NAAUSvfVersion@@@Z

?Dump@CvfAppxManifestReader@@SAXPB_WAAPA_W@Z

?VfUtil_PublisherStatusStr@@YAPB_WK@Z

??0SvfTriggerPolicyShortInfo@@QAE@XZ

?UserToken@CvfTargetInfo@@QBEPAXXZ

?Path@CvfTargetInfoFile@@QBEPB_WXZ

?ParentPid@CvfTargetInfoProcess@@QBEKXZ

?SessionId@CvfTargetInfoProcess@@QBEKXZ

?CommandLine@CvfTargetInfoProcess@@QBEPB_WXZ

??0CvfUtilStr@@QAE@XZ

??1CvfUtilStr@@QAE@XZ

??BCvfUtilStr@@QBEPB_WXZ

?Empty@CvfUtilStr@@QAEXXZ

?VfUtil_IsVfEPMMfaUIPath@@YA_NPB_W@Z

?VfUtil_IsLogonUIPath@@YA_NPB_W_N@Z

?VfUtilProcMap_Dump@@YAXPB_W@Z

?IsPublisherTrusted@CvfFileSignature@@SA_NPB_W@Z

?VfUtil_IsInternetExplorerPath@@YA_NPB_W_N@Z

?VfUtil_FillTargetInfo@@YA_NAAVCvfTargetInfo@@AAPAEAAH@Z

?GetEffectiveProcess@CvfTargetInfoProcess@@QAEAAV1@XZ

?GetHashStringUsing@CvfFileHash@@SA_NPB_W0AAVCvfUtilStr@@@Z

??0CvfThreadStack@@QAE@KK@Z

??1CvfThreadStack@@UAE@XZ

?FrameCount@CvfThreadStack@@QBEKXZ

?GetFrame@CvfThreadStack@@QBEPBUSvfStackFrameInfo@@K@Z

?VfUtil_IsVfElevate@@YA_NPB_W@Z

?CreateFromConsentData@CvfTargetInfo@@SAPAV1@ABVCvfConsentData@@K@Z

?Delete@CvfTargetInfo@@SAXPAV1@@Z

?VfUtil_GetAgentARMDir@@YAPB_WXZ

??0CvfTargetInfoFile@@QAE@PAXPB_W@Z

??1CvfTargetInfoFile@@UAE@XZ

?VfUtil_IsWindowsExplorerPath@@YA_NPB_W_N@Z

?VfUtil_GetAgentX32Dir@@YAPB_WXZ

?GetFileHashStringByProcess@IvfHashProvider@@SA_NPB_WK0AAVCvfUtilStr@@@Z

?VfUtil_GetPVErrorMsgId@@YAPBDW4EvfPVError@@@Z

?VfUtil_GetAgentX64Dir@@YAPB_WXZ

?VfUtil_IsEPMMfaUIPath@@YA_NPB_W_N@Z

?VfUtil_FillGuiInfo@@YA_NPAXAAPAEAAH@Z

?IsMsiSvcOrDescendant@CvfMsiTargetUtil@@SA_NK@Z

?VfUtil_IsConsentPath@@YA_NPB_W_N@Z

?VfUtil_IsRunAsVfLauncherUserAllowed@@YA_NPB_W@Z

?VfUtil_ValidateOutputFile@@YA?AW4EvfPVError@@PB_W_N0@Z

?VfUtil_IsVfHostPath@@YA_NPB_W@Z

?VfUtil_IsVfAgenPath@@YA_NPB_W@Z

?VfUtil_SaveFileRep@@YA_NPB_WKKK@Z

?SetParentPid@CvfTargetInfoProcess@@QAEXK@Z

?RunPath@CvfTargetInfoProcess@@QBEPB_WXZ

?IsEmpty@SvfTokenPolicyData@@QBE_NXZ

?MsiSvcName@CvfMsiTargetUtil@@SAPB_WXZ

??4CvfUtilStr@@QAEAAV0@PB_W@Z

?ServiceNames@CvfFileSrcProcess@@QBEABVCvfUtilStr@@XZ

?Preexisted@CvfFileOrigin@@QBE_NXZ

?Installer@CvfFileOrigin@@QBEABVCvfFileSrcInstaller@@XZ

?FileOrigin@CvfSupplementalFileData@@QAEAAVCvfFileOrigin@@XZ

?ParentPid@CvfProcessData@@QBEKXZ

?ParentSvcName@CvfProcessData@@QBEABVCvfUtilStr@@XZ

?CmdLine@CvfProcessData@@QBEABVCvfUtilStr@@XZ

??0CvfTargetInfoElevator@@QAE@PB_WW4EvfElevatorType@@PAX@Z

??1CvfTargetInfoElevator@@UAE@XZ

??0CvfTargetInfoProcess@@QAE@PAXPB_W1@Z

?GetEffectiveProcessByType@CvfTargetInfoProcess@@QAEAAV1@W4EvfPolicyTarget@@@Z

?AdminTaskIdNoCheck@CvfTargetInfoProcess@@QBE?AW4EvfAdminTaskId@@AA_N@Z

?GetUser@CvfTargetInfoProcess@@QBEPBVCSid@ATL@@XZ

?IsUser@CvfTargetInfoProcess@@QBE_NABVCSid@ATL@@@Z

?VfUtil_MatchBitmask@@YA_NKKW4EvfBitmaskCompareAs@@@Z

?VfUtil_MatchHash@@YA_NABVIvfHashProvider@@PB_W1_J@Z

?OnDemandElevationRequested@CvfTargetInfo@@QBE_NXZ

?GetHashStringUsing@CvfFileHash@@SA_NPAXPB_WAAVCvfUtilStr@@@Z

?CopyPayloadToProcessByPid@CvfProcessPayload@@SA_NKPB_WPAXK@Z

?IsTargetInfoElevator@CvfTargetInfo@@UBE_NXZ

?QueryHashProvider@CvfTargetInfoFile@@UBEPBVIvfHashProvider@@XZ

?QueryPathProvider@CvfTargetInfoFile@@UBEPBVIvfPathProvider@@XZ

?IsTargetInfoFile@CvfTargetInfoFile@@UBE_NXZ

?GetEffectiveTarget@CvfTargetInfo@@UAEAAV1@XZ

?GetDomainUserName@CvfTargetInfoProcess@@QBEPB_WXZ

?GetParentProcessInfo@CvfTargetInfoProcess@@QAEPAV1@XZ

?GetDuplicatedToken@CvfTargetInfoProcess@@QAEPAXXZ

?VfUtil_IsCMD@@YA_NABVCvfTargetInfoFile@@_N@Z

?VfUtilProcMap_GetZeroTouchState@@YA_NKAAK@Z

?VfUtilProcMap_AddZeroTouchState@@YAXKK@Z

?IsModuleInStack@CvfThreadStack@@SA_NKKPB_W@Z

?VfUtil_IsVfAgentMsi@@YA_NABVCvfTargetInfo@@_N@Z

?VfUtil_IsSvcHostPath@@YA_NPB_W_N@Z

?VfUtil_IsInternetExplorer@@YA_NABVCvfTargetInfoFile@@_N@Z

?SetDescriptionBase@CvfTargetInfo@@QBEXPB_W@Z

?VfUtil_IsVfElevatorProcess@@YA_NPB_W0AAW4EvfElevatorType@@AAPA_W@Z

?VfUtil_IsConHostPath@@YA_NPB_W_N@Z

?VfUtil_IsActiveXInstallElevator@@YA_NPB_W0AAKAA_K1@Z

?VfUtilProcMap_GetAndSetRestrEventFlag@@YA_NKW4EvfRestrictedAccessTargetType@@AA_N@Z

?VfUtil_IsGoogleChrome@@YA_NABVCvfTargetInfoFile@@_N@Z

?GetRequestedExecutionLevel@CvfTargetInfoFile@@QBE_NAAW4EvfRequestedExecutionLevel@@AA_N@Z

?GetFileOrigin@CvfTargetInfoFile@@QAEPBVCvfFileOrigin@@_N@Z

?VfUtil_MatchWindowsFile@@YA_NABVCvfTargetInfoFile@@ABUSvfMatchWinFileParams@@@Z

?VfUtil_GetAgentDir@@YAPB_WXZ

?VfUtil_ProcessAccessMask2Str@@YAPA_WKAAPA_W@Z

?VfUtilProcMap_SetPolicyData@@YAXKABUSvfProcessPolicyData@@@Z

?GetProcess@CvfFileSrcInstaller@@QBEPBVCvfFileSrcProcess@@K@Z

?IsTargetInfoUacCOM@CvfTargetInfo@@UBE_NXZ

?IsTargetInfoProcess@CvfTargetInfo@@UBE_NXZ

?GetSubsystem@CvfTargetInfoProcess@@QBEHXZ

?IsTargetInfoActiveX@CvfTargetInfo@@UBE_NXZ

?IsSoftwareDistributor@CvfFileSrcInstaller@@QBE_NPB_W@Z

?VfUtil_IsSvcHostPid@@YA_NK_N@Z

?VfUtilProcMap_OnProcessStart@@YAXKKKPB_W00K@Z

?VfUtilProcMap_GetAndSetRestrDlgFlag@@YA_NKW4EvfRestrictedAccessTargetType@@AA_N@Z

?CopySignedDataToProcess@CvfProcessPayload@@SA_NPB_WKPBEK@Z

?VfUtil_IsShexEventReady@@YA_NK@Z

?ParseMsuCmdLine@CvfMsuTargetUtil@@SA_NPB_W0AAPA_W@Z

?ParseMsiCmdLine@CvfMsiTargetUtil@@SA_NPB_W0AAPA_W@Z

?IsInProgressInstallInfoFile@CvfMsiTargetUtil@@SA_NPB_W@Z

?FromString@CvfVersionRange@@QAEXPB_W0@Z

?GetBufferSize@CvfVersionRange@@QBEKXZ

?ToBuffer@CvfVersionRange@@QBE_NAAPAEAAK@Z

?TargetSvcName@CvfTargetInfoProcess@@QBEPB_WXZ

?SrcPath@CvfFileSrcCopyData@@QBEABVCvfUtilStr@@XZ

?CopySrcData@CvfFileSrcInstaller@@QBEABVCvfFileSrcCopyData@@XZ

?Package@CvfFileSrcInstaller@@QBEPBVCvfFileSrcPackage@@XZ

?IsMultifileCreator@CvfFileSrcProcess@@QBE_NXZ

?Path@CvfFileSrcProcess@@QBEABVCvfUtilStr@@XZ

?IsMsiInstallationInProgress@CvfMsiTargetUtil@@SA_NXZ

?VfUtil_IsSupportUtilPath@@YA_NPB_W@Z

?CompareNoCase@CvfUtilStr@@QBEHPB_W@Z

?DeleteFromToken@CvfTokenPolicyData@@SA_NPAX@Z

?VfUtil_IsIEDebuggedByDevEnv@@YA_NAAVCvfTargetInfoProcess@@H@Z

?AppendDebugString@CvfRemovableMedia@@QBEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z

?ParseScriptCmdLine@CvfScriptTargetUtil@@SA_NPB_W0AAW4EvfScriptEngine@@AAPA_W2@Z

?VfUtil_IsDevEnv@@YA_NABVCvfTargetInfoFile@@_N@Z

?VfUtilProcMap_OnProcessEnd@@YAXK@Z

?VfUtilProcMap_UpdateParentInfo@@YAXKKK@Z

?MSI_SVC_NAME@CvfMsiTargetUtil@@2QB_WB

?VfUtil_IsWindowsExplorer@@YA_NABVCvfTargetInfoFile@@_N@Z

?VfUtil_IsShellReady@@YA_NK@Z

?VfUtil_FileAccessMask2Str@@YAPA_WK_NAAPA_W@Z

??0CvfTargetInfoUacCOM@@QAE@ABVCvfConsentDataCOM@@K@Z

?VfUtil_IsControlExe@@YA_NABVCvfTargetInfoFile@@_N@Z

?VfUtil_IsBrowserBrokerPid@@YA_NK_N@Z

StrStrW

StrCpyNW

ord487

PathUnquoteSpacesW

PathAddBackslashW

StrCmpW

PathIsRelativeW

UrlCanonicalizeA

PathAppendW

PathRenameExtensionW

PathRemoveBackslashW

PathIsDirectoryW

PathSearchAndQualifyW

PathRemoveExtensionW

PathRelativePathToW

StrCmpIW

PathFindExtensionW

PathFindFileNameW

PathRemoveFileSpecW

PathFileExistsW

StrCpyW

PathFindOnPathW

StrStrIW

PathIsPrefixW

PathIsFileSpecW

GetDefaultUserProfileDirectoryW

GetProfilesDirectoryW

GetAllUsersProfileDirectoryW

ExpandEnvironmentStringsForUserW

CreateEnvironmentBlock

DestroyEnvironmentBlock

LoadUserProfileW

UnloadUserProfile

BCryptDestroyKey

BCryptFinalizeKeyPair

BCryptDecrypt

BCryptGenerateKeyPair

BCryptDeriveKeyPBKDF2

BCryptGenRandom

BCryptExportKey

BCryptCloseAlgorithmProvider

BCryptImportKeyPair

BCryptGetProperty

BCryptFinishHash

BCryptDestroyHash

BCryptHashData

BCryptSetProperty

BCryptCreateHash

BCryptGenerateSymmetricKey

BCryptEncrypt

BCryptOpenAlgorithmProvider

BCryptDeriveKeyCapi

InternetConnectW

InternetCloseHandle

HttpSendRequestW

InternetCanonicalizeUrlW

HttpSendRequestExW

HttpEndRequestW

InternetCrackUrlW

InternetSetCookieW

HttpQueryInfoW

InternetGetCookieW

InternetOpenW

InternetSetStatusCallbackW

InternetWriteFile

InternetQueryDataAvailable

InternetQueryOptionW

HttpOpenRequestW

InternetGetCookieExW

InternetReadFile

InternetSetOptionW

inet_addr

ntohl

gethostbyname

htonl

WSAGetLastError

shutdown

inet_ntoa

GetAddrInfoW

FreeAddrInfoW

getaddrinfo

WSAStartup

gethostbyaddr

closesocket

WSACleanup

accept

setsockopt

ioctlsocket

freeaddrinfo

WSAEnumNetworkEvents

WSARecv

connect

ntohs

WSAEventSelect

getsockname

WSASocketW

WSACreateEvent

WSACloseEvent

listen

WSASend

bind

Icmp6SendEcho2

IcmpCreateFile

IcmpCloseHandle

Icmp6CreateFile

IcmpSendEcho2

IcmpParseReplies

Icmp6ParseReplies

GetNetworkParams

GetPerAdapterInfo

GetAdaptersInfo

GetAdaptersAddresses

GetIpAddrTable

GetIfTable

IcmpSendEcho

CM_Locate_DevNodeW

SetupDefaultQueueCallbackW

SetupTermDefaultQueueCallback

SetupInitDefaultQueueCallback

SetupCommitFileQueueW

SetupCloseFileQueue

SetupOpenFileQueue

SetupCloseInfFile

SetupOpenInfFileW

InstallHinfSectionW

SetupInstallServicesFromInfSectionW

SetupInstallFilesFromInfSectionW

CM_Get_Child

CM_Get_Device_IDW

CM_Get_Sibling

SetupInstallFromInfSectionW

DecryptMessage

InitSecurityInterfaceW

TranslateNameW

LsaEnumerateLogonSessions

LsaFreeReturnBuffer

LsaGetLogonSessionData

WTSFreeMemory

WTSEnumerateSessionsW

WTSQueryUserToken

WTSQuerySessionInformationW

WTSLogoffSession

WTSEnumerateProcessesW

WTSSendMessageW

ord118

ord181

ord70

ord173

ord179

ord45

ord37

ord32

ord20

ord158

ord41

ord116

ord80

ord8

ord160

ord74

ord92

ord34

ord94

ord159

ord246

FilterGetDosName

FilterLoad

FilterUnload

FilterConnectCommunicationPort

FilterSendMessage

FilterFindNext

FilterFindClose

FilterFindFirst

ord3

ord4

ord13

ord9

WNetGetConnectionW

WNetAddConnection3W

WNetGetResourceInformationW

WNetAddConnection2W

WNetCancelConnection2W

WNetCloseEnum

WNetEnumResourceW

WNetOpenEnumW

WinHttpSetTimeouts

WinHttpQueryDataAvailable

WinHttpReceiveResponse

WinHttpAddRequestHeaders

WinHttpQueryHeaders

WinHttpReadData

WinHttpOpenRequest

WinHttpSetOption

WinHttpWriteData

WinHttpSendRequest

WinHttpSetStatusCallback

WinHttpGetProxyForUrl

WinHttpGetIEProxyConfigForCurrentUser

WinHttpCloseHandle

WinHttpDetectAutoProxyConfigUrl

WinHttpOpen

WinHttpGetDefaultProxyConfiguration

WinHttpCrackUrl

WinHttpConnect

CertOpenStore

CertFindCertificateInStore

CertCloseStore

CertFreeCertificateContext

CryptProtectData

CryptUnprotectData

CryptProtectMemory

CryptUnprotectMemory

NetLocalGroupAddMembers

NetLocalGroupDelMembers

NetGetJoinInformation

NetApiBufferFree

NetUserModalsGet

NetUserAdd

NetUserDel

NetUserGetInfo

NetLocalGroupGetMembers

DsGetDcNameW

NetLocalGroupEnum

NetQueryDisplayInformation

SetSuspendState

VerQueryValueW

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ