Description
TmComm.sys is a vulnerable driver and more information will be added as found.
- UUID: d35cb48d-2aca-4d7d-a194-f4566183bcd9
- Created: 2023-05-06
- Author: Nasreddine Bencherchali
- Acknowledgement: |
Download
This download link contains the vulnerable driver!
Commands
sc.exe create TmComm.sys binPath=C:\windows\temp\TmComm.sys type=kernel && sc.exe start TmComm.sys
| Use Case | Privileges | Operating System |
|---|
| Elevate privileges | kernel | Windows 10 |
Detections
Sigma 🛡️
Expand
Names
detects loading using name only
Hashes
detects loading using hashes only
Resources
Internal ResearchKnown Vulnerable Samples
Download
Certificates
Expand
Certificate 7e93ebfb7cc64e59ea4b9a77d406fc3b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d0785ad36e427c92b19f6826ab1e8020 |
| ToBeSigned (TBS) SHA1 | 365b7a9c21bd9373e49052c3e7b3e4646ddd4d43 |
| ToBeSigned (TBS) SHA256 | c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2 |
| ValidFrom | 2012-12-21 00:00:00 |
| ValidTo | 2020-12-30 23:59:59 |
| Signature | 03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 7e93ebfb7cc64e59ea4b9a77d406fc3b |
| Version | 3 |
Certificate 0ecff438c8febf356e04d86a981b1a50
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e9d38360b914c8863f6cba3ee58764d3 |
| ToBeSigned (TBS) SHA1 | 4cba8eae47b6bf76f20b3504b98b8f062694a89b |
| ToBeSigned (TBS) SHA256 | 88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4 |
| ValidFrom | 2012-10-18 00:00:00 |
| ValidTo | 2020-12-29 23:59:59 |
| Signature | 783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0ecff438c8febf356e04d86a981b1a50 |
| Version | 3 |
Certificate 497c4fad471540e6e453d0cafb155740
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78eaa337666217b1c16a9a0ebd0b8434 |
| ToBeSigned (TBS) SHA1 | ff9cb835e78f6185eed4372096c3bae53b17d18d |
| ToBeSigned (TBS) SHA256 | 1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2017-04-27 00:00:00 |
| ValidTo | 2018-07-16 23:59:59 |
| Signature | f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 497c4fad471540e6e453d0cafb155740 |
| Version | 3 |
Certificate 611993e400000000001c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78a717e082dcc1cda3458d917e677d14 |
| ToBeSigned (TBS) SHA1 | 4a872e0e51f9b304469cd1dedb496ee9b8b983a4 |
| ToBeSigned (TBS) SHA256 | 317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2011-02-22 19:25:17 |
| ValidTo | 2021-02-22 19:35:17 |
| Signature | 812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 611993e400000000001c |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- IoGetCurrentProcess
- ObfReferenceObject
- DbgBreakPoint
- ZwRequestWaitReplyPort
- ExFreePoolWithTag
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- PsGetProcessExitTime
- MmSectionObjectType
- PsThreadType
- ObReleaseObjectSecurity
- SeReleaseSubjectContext
- SeAccessCheck
- SeCaptureSubjectContext
- ObGetObjectSecurity
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- ExAllocatePoolWithTag
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- PsGetCurrentThreadId
- RtlInitAnsiString
- ZwDeviceIoControlFile
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- _vsnprintf
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- ExGetPreviousMode
- KeWaitForSingleObject
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeDelayExecutionThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- IoFileObjectType
- _allrem
- ZwQuerySecurityObject
- memcpy
- RtlLengthSecurityDescriptor
- MmHighestUserAddress
- IoFreeIrp
- IoFreeMdl
- _purecall
- IoBuildAsynchronousFsdRequest
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ObQueryNameString
- MmGetSystemRoutineAddress
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- RtlImageNtHeader
- RtlCompareMemory
- RtlUpcaseUnicodeString
- _snwprintf
- MmSystemRangeStart
- wcsncmp
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- _allmul
- KeReleaseSemaphore
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- KeInitializeSemaphore
- IofCompleteRequest
- ExEventObjectType
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- RtlUpperChar
- ObReferenceObjectByName
- IoDriverObjectType
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- NtQueryInformationProcess
- PsIsThreadTerminating
- KeAddSystemServiceTable
- ZwFsControlFile
- ObInsertObject
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- wcsstr
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- RtlFreeAnsiString
- RtlUnicodeStringToAnsiString
- strncat
- wcschr
- wcsncat
- wcstombs
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- ZwSetSecurityObject
- ExAcquireFastMutexUnsafe
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- MmUnlockPages
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- ExAcquireFastMutex
- ExReleaseFastMutex
- KeGetCurrentIrql
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDebugLogEx@@QAE@ABV0@@Z
- ??0CDebugLogEx@@QAE@K@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z01@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0CWorkerThreadPoolEx@@QAE@ABV0@@Z
- ??0CWorkerThreadPoolEx@@QAE@KK@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDebugLogEx@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1CWorkerThreadPoolEx@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDebugLogEx@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MAEXXZ
- ?FinishIt@CWorkerThreadJob@@QAEJXZ
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetLogFlag@CDebugLogEx@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitProcMon@CDebugLogEx@@IAEXXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QAEJP6GXPAX@Z0E1@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReadWIRP@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetLogFlag@CDebugLogEx@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?Terminate@CWorkerThreadPoolEx@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QAEXXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CDebugLogEx@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteDataToFile@CDebugLogEx@@IAEXPADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IAEXPAD@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemInformation@CDebugLogEx@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IAEXPAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKm2UmCommunication@0
- _DeInitKmLPC@0
- _DuplicateFullFileName@4
- _FreeFullFileName@4
- _GetKm2UmMode@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKm2UmCommunication@8
- _InitKmLPC@0
- _IsVerifierCodeCheckFlagOn@0
- _IsWindows8_1_update@4
- _KmCallUm@8
- _KmCallUmByLPC@8
- _KmCallUmEx@12
- _KmCleanupCommPortAPIs@0
- _KmGetUmInitProcess@0
- _KmSetCommPortAPIs@4
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilAddReparsePointMapping@8
- _UtilCleanFileReadOnly@4
- _UtilCloseExclusiveHandle@12
- _UtilCreateDosFileName@8
- _UtilDeleteFileForce@4
- _UtilGetDeviceObjectName@8
- _UtilGetFileNameFromFileObject@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilPostJobToWorkerThread@12
- _UtilQueryExclusiveHandle@12
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- _ValidateAddressWithSize@20
- __ResetProtectFromClose@4
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 0ea0fe4dfb74cc64bc32143103c27c8b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e93e004baa6013b41135ac0648e29d5b |
| ToBeSigned (TBS) SHA1 | dc91e26674d4b627319c700d3ebb1a6cf83d358e |
| ToBeSigned (TBS) SHA256 | 0d20335edb166a303411548471bee6f301c8b4f7f7e453d09c15303de2c888d7 |
| Subject | C=TW, L=Taipei, O=Trend Micro, Inc., OU=Taipei, TW, CN=Trend Micro, Inc. |
| ValidFrom | 2019-07-12 00:00:00 |
| ValidTo | 2020-07-10 12:00:00 |
| Signature | 5c08ae5d586a4751195382d6889dc2fc500e7c39c641e1a58def8d923e12b754e2cc35720cc8d3d29382980debf7d98fcc17d764187126dd07c134fdbb96dd44fe8a40195df6f6acd1881fa5ba2921dadceb3f64422344672834813916bbdf317533cf6aaf3317d78197d7d6c560ad681de135f39e2d4ad345b7fe491162660a5462c6075fd725382df1e6e6bc3a4c443be778f79b07f181082e38150ca28ab932f99e4bc4185dc5b3b6edf22c187fdfd84e23a21e7da1989837f43b89aa172e6b34dbcb297bffd511a1d1c100b25e0e921f622a0845e23317f9fec83659ca21c241800683e0dd66ce4d042a8aefc4142b5923a6fa93ee72c48e8dc04c13b4b0 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0ea0fe4dfb74cc64bc32143103c27c8b |
| Version | 3 |
Certificate 61204db4000000000027
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 8e3ffc222fbcebdbb8b23115ab259be7 |
| ToBeSigned (TBS) SHA1 | ee20bff28ffe13be731c294c90d6ded5aae0ec0e |
| ToBeSigned (TBS) SHA256 | 59826b69bc8c28118c96323b627da59aaca0b142cc5d8bad25a8fcfd399aa821 |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA |
| ValidFrom | 2011-04-15 19:45:33 |
| ValidTo | 2021-04-15 19:55:33 |
| Signature | 208cc159ed6f9c6b2dc14a3e751d454c41501cbd80ead9b0928b062a133f53169e56396a8a63b6782479f57db8b947a10a96c2f6cbbda2669f06e1acd279090efd3cdcac020c70af3f1bec787ed4eb4b056026d973619121edb06863e09712ab6fa012edd99fd2da273cb3e456f9d1d4810f71bd427ca689dccdd5bd95a2abf193117de8ac3129a85d6670419dfc75c9d5b31a392ad08505508bac91cac493cb71a59da4946f580cfa6e20c40831b5859d7e81f9d23dca5b18856c0a86ec22091ba574344f7f28bc954aab1db698b05d09a477767eefa78e5d84f61824cbd16da6c3a19cc2107580ff9d32fde6cf433a82f7ce8fe1722a9b62b75fed951a395c2f946d48b7015f332fbbdc2d73348904420a1c8b79f9a3fa17effaa11a10dfe0b2c195eb5c0c05973b353e18884ddb6cbf24898dc8bdd89f7b393a24a0d5dfd1f34a1a97f6a66f7a1fb090a9b3ac013991d361b764f13e573803afce7ad2b590f5aedc3999d5b63c97eda6cb16c77d6b2a4c9094e64c54fd1ecd20ecce689c8758e96160beeb0ec9d5197d9fe978bd0eac2175078fa96ee08c6a2a6b9ce3e765bcbc2d3c6ddc04dc67453632af0481bca8006e614c95c55cd48e8e9f2fc13274bdbd11650307cdefb75e0257da86d41a2834af8849b2cfa5dd82566f68aa14e25954feffeaeeefea9270226081e32523c09fcc0f49b235aa58c33ac3d9169410 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 61204db4000000000027 |
| Version | 3 |
Certificate 03019a023aff58b16bd6d5eae617f066
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | a752afee44f017e8d74e3f3eb7914ae3 |
| ToBeSigned (TBS) SHA1 | 8eca80a6b80e9c69dcef7745748524afb8019e2d |
| ToBeSigned (TBS) SHA256 | 82560fa7efec30b5ff82af643e6f3bf3d46868bbd5e7d76f93db185e9e3553a1 |
| Subject | C=US, O=DigiCert, CN=DigiCert Timestamp Responder |
| ValidFrom | 2014-10-22 00:00:00 |
| ValidTo | 2024-10-22 00:00:00 |
| Signature | 9d257e1b334db226815c9b86ce23200f8087e588ffffb1d46a2c31ed3a17197117cda91bbc5a1639009de36c84e45a40fbde06018c37fa9bb19d247efe20a457ad5bb79ab06026ea6957215d342f1f71b0839419056b359010a07b97c7f63fe7e21141a6bd62d9f0273d381d286f3a5209f0ec7062d3624bb0e073a692c0d38e31d82fe36d171306eee403b614abf38f43a7719d21dd14ca155d9241daf90f81d199740d26c40e7f1bb5f5a0f1c677062815e9d893e55516f0bb0aab1cdb5c482766c8a38b0a1ce595daaec42e59a061dddaf36da261e98a0b6dec1218bdf755544003922b6bc251c20a48afb0d46ee0f4140a3a1be38f3dcaaf6a8d7bdcd844 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 03019a023aff58b16bd6d5eae617f066 |
| Version | 3 |
Certificate 02c4d1e58a4a680c568da3047e7e4d5f
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 829995f702421dea833a24fb2c7f4442 |
| ToBeSigned (TBS) SHA1 | 1d7e838accd498c2e5ba9373af819ec097bb955c |
| ToBeSigned (TBS) SHA256 | 92914d016cc46e125e50c4bd0bd7f72db87eed4ba68f3c589b4e86aa563108db |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance Code Signing CA,1 |
| ValidFrom | 2011-02-11 12:00:00 |
| ValidTo | 2026-02-10 12:00:00 |
| Signature | 49eb7c60beaeefc97cb3c5ba4b64df1669e286fa29d9de98857d406626332f4455aaaa90e935700a34bed3ae542e8e6500d67a32203e6c26b898a939b1bc95c7aae9f5ee4666c6b3e812f8b3979dff74588234997550ac448fe892ce7d8b0f3196c7dcd31130987416c6e56b4576a39401cd33007a48f66f8631c9562b3322d5f801b644ce8cb4ca88d2e416e3e7f6e23ee109c09d7943437f555c05ad9310c62c0d6bc09eea78e5d277d6b8da9a987fba4c922b9dbda488b1ddafc34cd2979b03c6ae5f1b440f333715e3cbff2f56d316a45b55679da2cadb346c0c734ab57ba4b6b3e935027870ec007acbfc4b4f2236bb1484c98f91dd0f3c758cca0b88e7 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 02c4d1e58a4a680c568da3047e7e4d5f |
| Version | 3 |
Certificate 06fdf9039603adea000aeb3f27bbba1b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 4e5ad189638cf52ba9cd881d4d44668c |
| ToBeSigned (TBS) SHA1 | cdc115e98d798b33904c820d63cc1e1afc19251d |
| ToBeSigned (TBS) SHA256 | 37560fb9d548ab62cc3ed4669a4ab74828b5a108e67e829937ffb2d10a5f78dd |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID CA,1 |
| ValidFrom | 2006-11-10 00:00:00 |
| ValidTo | 2021-11-10 00:00:00 |
| Signature | 46503ec9b72824a7381db65b29af52cf52e93147ab565c7bd50d0b41b3efec751f7438f2b25c61a29c95c350e482b923d1ba3a8672ad3878ac755d1717347247859456d1ebbb368477cc24a5f3041955a9e7e3e7ab62cdfb8b2d90c2c0d2b594bd5e4fb105d20e3d1aa9145ba6863162a8a833e49b39a7c4f5ce1d7876942573e42aabcf9c764bed5fc24b16e44b704c00891efcc579bc4c1257fe5fe11ebc025da8fefb07384f0dc65d91b90f6745cdd683ede7920d8db1698c4ffb59e0230fd2aaae007cee9c420ecf91d727b716ee0fc3bd7c0aa0ee2c08558522b8eb181a4dfc2a21ad49318347957771dcb11b4b4b1c109c7714c19d4f2f5a9508291026 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 06fdf9039603adea000aeb3f27bbba1b |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- KeLeaveCriticalRegion
- wcsncpy
- KeEnterCriticalRegion
- ExAcquireFastMutexUnsafe
- wcsrchr
- ExAcquireResourceSharedLite
- ExReleaseResourceLite
- _purecall
- ZwOpenEvent
- ZwConnectPort
- KeClearEvent
- PsProcessType
- ExFreePoolWithTag
- RtlInitUnicodeString
- KeSetEvent
- ProbeForWrite
- KeUnstackDetachProcess
- ZwRequestWaitReplyPort
- ZwWaitForSingleObject
- DbgBreakPoint
- ZwSetEvent
- IoGetCurrentProcess
- ZwFreeVirtualMemory
- ZwClose
- ObfReferenceObject
- ObfDereferenceObject
- RtlUnicodeStringToInteger
- ZwCreateSection
- ObOpenObjectByPointer
- KeStackAttachProcess
- KePulseEvent
- ZwAllocateVirtualMemory
- ObGetObjectSecurity
- SeAccessCheck
- SeReleaseSubjectContext
- SeCaptureSubjectContext
- PsThreadType
- ObReleaseObjectSecurity
- PsGetProcessExitTime
- MmSectionObjectType
- DbgPrint
- ExDeleteResourceLite
- ExInitializeResourceLite
- ZwReadFile
- swprintf
- ZwSetInformationFile
- ZwCreateFile
- ZwQueryInformationFile
- ZwWriteFile
- _wcsnicmp
- towupper
- ExAllocatePoolWithTag
- KeInitializeEvent
- ZwCreateEvent
- ZwCreateKey
- RtlAnsiStringToUnicodeString
- ZwNotifyChangeKey
- RtlInitAnsiString
- _snprintf
- RtlFreeUnicodeString
- ExSystemTimeToLocalTime
- _vsnprintf
- ObReferenceObjectByHandle
- RtlTimeToTimeFields
- ZwDeviceIoControlFile
- PsGetCurrentThreadId
- PsGetCurrentProcessId
- KeWaitForMultipleObjects
- ExGetPreviousMode
- RtlEqualUnicodeString
- RtlPrefixUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- KeWaitForSingleObject
- KeSetPriorityThread
- PsCreateSystemThread
- PsTerminateSystemThread
- MmIsAddressValid
- KeDelayExecutionThread
- KeNumberProcessors
- PsLookupProcessByProcessId
- PsSetCreateProcessNotifyRoutine
- ZwOpenDirectoryObject
- ZwQueryInformationProcess
- ZwQuerySecurityObject
- NtSetInformationFile
- ZwDeleteValueKey
- ZwSetValueKey
- ZwQuerySystemInformation
- NtQueryInformationFile
- IoFileObjectType
- ZwQueryValueKey
- ZwQueryDirectoryFile
- NtCreateFile
- ZwEnumerateValueKey
- RtlLengthSecurityDescriptor
- ZwQueryDirectoryObject
- ZwSetSecurityObject
- ZwDuplicateObject
- ZwOpenProcess
- ZwTerminateProcess
- ExReleaseFastMutexUnsafe
- ZwEnumerateKey
- ZwQueryKey
- ZwOpenKey
- MmSystemRangeStart
- _stricmp
- _strnicmp
- mbstowcs
- ProbeForRead
- RtlUpcaseUnicodeString
- _snwprintf
- ZwQuerySymbolicLinkObject
- ZwMapViewOfSection
- MmGetSystemRoutineAddress
- RtlAppendUnicodeToString
- IoCreateFile
- RtlQueryRegistryValues
- MmBuildMdlForNonPagedPool
- ZwOpenSymbolicLinkObject
- IoFreeMdl
- ObQueryNameString
- ZwUnmapViewOfSection
- NtClose
- IoFreeIrp
- PsGetVersion
- IoAllocateIrp
- RtlCompareMemory
- MmUnlockPages
- ZwSetInformationObject
- ZwOpenFile
- wcsncmp
- RtlImageNtHeader
- IoAllocateMdl
- IofCallDriver
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- RtlSubAuthoritySid
- RtlLengthRequiredSid
- ExReleaseFastMutex
- ExAcquireFastMutex
- RtlCreateAcl
- RtlSetDaclSecurityDescriptor
- RtlAddAccessAllowedAce
- KeInitializeSemaphore
- KeReleaseSemaphore
- RtlInitializeSid
- RtlCreateSecurityDescriptor
- IoDeleteSymbolicLink
- IoDeleteDevice
- IoGetDeviceObjectPointer
- ExEventObjectType
- IofCompleteRequest
- IoCreateSymbolicLink
- ObOpenObjectByName
- NtQueryInformationProcess
- strncpy
- NtOpenProcess
- ObInsertObject
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- KeAcquireQueuedSpinLock
- KeReleaseQueuedSpinLock
- IoReleaseVpbSpinLock
- wcschr
- strncat
- RtlUnicodeStringToAnsiString
- wcsncat
- RtlFreeAnsiString
- wcstombs
- IoGetConfigurationInformation
- IoRegisterPlugPlayNotification
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- KeReleaseSpinLock
- ExpInterlockedPopEntrySList
- FsRtlIsNameInExpression
- wcsstr
- ExAllocatePool
- IoUnregisterPlugPlayNotification
- MmProbeAndLockPages
- RtlCompareUnicodeString
- IoGetDeviceInterfaces
- KeAcquireSpinLockRaiseToDpc
- KeBugCheckEx
- IoCreateDevice
- IoDeviceObjectType
- SeCaptureSecurityDescriptor
- RtlAbsoluteToSelfRelativeSD
- IoIsWdmVersionAvailable
- SeExports
- RtlLengthSid
- RtlGetSaclSecurityDescriptor
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- ZwDeleteKey
- ExAcquireResourceExclusiveLite
- __C_specific_handler
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QEAA@AEBV0@@Z
- ??0CAutoUpdateConfigThread@@QEAA@PEAU_UNICODE_STRING@@P6AX0PEAX@Z1@Z
- ??0CBlobConfig@@QEAA@AEBV0@@Z
- ??0CBlobConfig@@QEAA@K@Z
- ??0CContext@@QEAA@AEBV0@@Z
- ??0CContext@@QEAA@KP6AJPEAU_EVENT_REPORT@@PEAXPEAU_TMCE_REPORT@@PEAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QEAA@AEBV0@@Z
- ??0CContextList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QEAA@AEBV0@@Z
- ??0CDebugLog@@QEAA@PEBG@Z
- ??0CDebugLogEx@@QEAA@AEBV0@@Z
- ??0CDebugLogEx@@QEAA@K@Z
- ??0CDelayLoadThread@@QEAA@AEBV0@@Z
- ??0CDelayLoadThread@@QEAA@XZ
- ??0CExclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CExclusionExtConfig@@QEAA@KKE@Z
- ??0CExclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFileNameConfig@@QEAA@KK@Z
- ??0CExclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFilePathConfig@@QEAA@KK@Z
- ??0CExclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFolderConfig@@QEAA@KK@Z
- ??0CExclusionRegistryConfig@@QEAA@AEBV0@@Z
- ??0CExclusionRegistryConfig@@QEAA@KK@Z
- ??0CFile@@QEAA@AEBV0@@Z
- ??0CFile@@QEAA@E@Z
- ??0CFileExtension@@QEAA@AEBV0@@Z
- ??0CFileExtension@@QEAA@KEEPEAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CInclusionExtConfig@@QEAA@KKE@Z
- ??0CInclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFileNameConfig@@QEAA@KK@Z
- ??0CInclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFilePathConfig@@QEAA@KK@Z
- ??0CInclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFolderConfig@@QEAA@KK@Z
- ??0CKEvent@@QEAA@AEBV0@@Z
- ??0CKEvent@@QEAA@W4_EVENT_TYPE@@E@Z
- ??0CList@@QEAA@AEBV0@@Z
- ??0CList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QEAA@AEBV0@@Z
- ??0CLockEvent@@QEAA@XZ
- ??0CLockList@@QEAA@AEBV0@@Z
- ??0CLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IEAA@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QEAA@AEBV0@@Z
- ??0CMemoryPoolAllocator@@IEAA@W4_POOL_TYPE@@_K1K@Z
- ??0CMemoryPoolAllocator@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@XZ
- ??0CModuleConfigList@@QEAA@AEBV0@@Z
- ??0CModuleConfigList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QEAA@AEBV0@@Z
- ??0CModuleFileExtConfig@@QEAA@KKE@Z
- ??0CModuleFlagConfig@@QEAA@AEBV0@@Z
- ??0CModuleFlagConfig@@QEAA@K@Z
- ??0CModuleMultiStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleMultiStringConfig@@QEAA@KK@Z
- ??0CModuleStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleStringConfig@@QEAA@K@Z
- ??0CNoLockList@@QEAA@AEBV0@@Z
- ??0CNoLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QEAA@AEAVCLockEvent@@@Z
- ??0CSmartLock@@QEAA@XZ
- ??0CSmartReference@@QEAA@AEAJ@Z
- ??0CSmartReference@@QEAA@AEAK@Z
- ??0CSmartResource@@QEAA@AEAVCResource@@E@Z
- ??0CStrList@@QEAA@AEBV0@@Z
- ??0CStrList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QEAA@AEBV0@@Z
- ??0CSystemThread@@QEAA@K@Z
- ??0CUserFuncAdapterJob@@QEAA@AEBV0@@Z
- ??0CUserFuncAdapterJob@@QEAA@P6AXPEAX@Z01@Z
- ??0CWorkerThread@@IEAA@PEAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@E@Z
- ??0CWorkerThreadJobQueue@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJobQueue@@QEAA@K@Z
- ??0CWorkerThreadPool@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPool@@QEAA@K@Z
- ??0CWorkerThreadPoolEx@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPoolEx@@QEAA@KK@Z
- ??0IMemoryAllocator@@QEAA@AEBV0@@Z
- ??0IMemoryAllocator@@QEAA@XZ
- ??1CAutoUpdateConfigThread@@UEAA@XZ
- ??1CBlobConfig@@UEAA@XZ
- ??1CContext@@UEAA@XZ
- ??1CContextList@@UEAA@XZ
- ??1CDebugLog@@UEAA@XZ
- ??1CDebugLogEx@@UEAA@XZ
- ??1CDelayLoadThread@@UEAA@XZ
- ??1CExclusionExtConfig@@UEAA@XZ
- ??1CExclusionFileNameConfig@@UEAA@XZ
- ??1CExclusionFilePathConfig@@UEAA@XZ
- ??1CExclusionFolderConfig@@UEAA@XZ
- ??1CExclusionRegistryConfig@@UEAA@XZ
- ??1CFile@@UEAA@XZ
- ??1CFileExtension@@UEAA@XZ
- ??1CInclusionExtConfig@@UEAA@XZ
- ??1CInclusionFileNameConfig@@UEAA@XZ
- ??1CInclusionFilePathConfig@@UEAA@XZ
- ??1CInclusionFolderConfig@@UEAA@XZ
- ??1CKEvent@@UEAA@XZ
- ??1CList@@UEAA@XZ
- ??1CLockEvent@@UEAA@XZ
- ??1CLockList@@UEAA@XZ
- ??1CMemoryAllocator@@UEAA@XZ
- ??1CMemoryPoolAllocator@@UEAA@XZ
- ??1CModuleConfig@@UEAA@XZ
- ??1CModuleConfigList@@UEAA@XZ
- ??1CModuleFileExtConfig@@UEAA@XZ
- ??1CModuleFlagConfig@@UEAA@XZ
- ??1CModuleMultiStringConfig@@UEAA@XZ
- ??1CModuleStringConfig@@UEAA@XZ
- ??1CNoLockList@@UEAA@XZ
- ??1CSmartLock@@QEAA@XZ
- ??1CSmartReference@@QEAA@XZ
- ??1CSmartResource@@QEAA@XZ
- ??1CStrList@@UEAA@XZ
- ??1CSystemThread@@UEAA@XZ
- ??1CUserFuncAdapterJob@@UEAA@XZ
- ??1CWorkerThread@@UEAA@XZ
- ??1CWorkerThreadJob@@UEAA@XZ
- ??1CWorkerThreadJobQueue@@UEAA@XZ
- ??1CWorkerThreadPool@@UEAA@XZ
- ??1CWorkerThreadPoolEx@@UEAA@XZ
- ??1IMemoryAllocator@@UEAA@XZ
- ??2@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??2CMemoryAllocator@@SAPEAX_K@Z
- ??2CMemoryPoolAllocator@@SAPEAX_K@Z
- ??3@YAXPEAX@Z
- ??3IMemoryAllocator@@SAXPEAX@Z
- ??4CAutoUpdateConfigThread@@QEAAAEAV0@AEBV0@@Z
- ??4CBlobConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CContext@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLog@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLogEx@@QEAAAEAV0@AEBV0@@Z
- ??4CDelayLoadThread@@QEAAAEAV0@AEBV0@@Z
- ??4CFile@@QEAAAEAV0@AEBV0@@Z
- ??4CKEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CLockEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryPoolAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleFlagConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleStringConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEBV0@AEAVCLockEvent@@@Z
- ??4CSmartResource@@QEAAAEAV0@AEBV0@@Z
- ??4CSystemThread@@QEAAAEAV0@AEBV0@@Z
- ??4CUserFuncAdapterJob@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThread@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThreadJob@@QEAAAEAV0@AEBV0@@Z
- ??4IMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QEAAXXZ
- ??_FCFile@@QEAAXXZ
- ??_FCFileExtension@@QEAAXXZ
- ??_FCModuleConfigList@@QEAAXXZ
- ??_FCStrList@@QEAAXXZ
- ??_FCSystemThread@@QEAAXXZ
- ??_FCWorkerThread@@QEAAXXZ
- ??_FCWorkerThreadJob@@QEAAXXZ
- ??_FCWorkerThreadJobQueue@@QEAAXXZ
- ??_U@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??_V@YAXPEAX@Z
- ?Acquire@CLockEvent@@QEAAXXZ
- ?Add@CContextList@@QEAAEPEAVCContext@@@Z
- ?Add@CFileExtension@@QEAAEPEBGK@Z
- ?Add@CModuleConfigList@@QEAAEPEAVCModuleConfig@@@Z
- ?Add@CStrList@@QEAAEPEBG@Z
- ?AddNode@CLockList@@UEAAEQEAXE@Z
- ?AddNode@CNoLockList@@UEAAEQEAXE@Z
- ?Alloc@CMemoryAllocator@@UEAAPEAX_KPEBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UEAAPEAX_KPEBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IEAAPEAX_K@Z
- ?AttachJobQueue@CWorkerThread@@QEAAXPEAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QEAAXXZ
- ?CheckNode@CLockList@@UEAAHQEAX@Z
- ?CheckNode@CNoLockList@@UEAAHQEAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QEAAXXZ
- ?Cleanup@CBlobConfig@@AEAAXXZ
- ?Cleanup@CModuleFileExtConfig@@IEAAXXZ
- ?Cleanup@CModuleMultiStringConfig@@IEAAXXZ
- ?Cleanup@CModuleStringConfig@@AEAAXXZ
- ?Close@CFile@@QEAAJXZ
- ?Count@CLockList@@QEAAKXZ
- ?Count@CNoLockList@@QEAAKXZ
- ?Create@CFile@@QEAAJPEBGKKKK@Z
- ?Create@CSystemThread@@QEAAEXZ
- ?CreateInstance@CMemoryAllocator@@SAPEAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SAPEAV1@W4_POOL_TYPE@@_K1K@Z
- ?CreatePool@CWorkerThreadPool@@QEAAEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QEAAEXZ
- ?CreateThreads@CWorkerThreadPool@@QEAAEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QEAAEK@Z
- ?CreateWIRP@CFile@@QEAAJPEBGKKKK@Z
- ?Delete@CFile@@QEAAJXZ
- ?Delete@CFileExtension@@QEAAEPEBGK@Z
- ?Delete@CStrList@@QEAAEPEBG@Z
- ?DeleteAll@CList@@UEAAXXZ
- ?DeleteAll@CLockList@@UEAAXXZ
- ?DeleteAll@CNoLockList@@UEAAXXZ
- ?DeleteNode@CContextList@@MEAAXPEAX@Z
- ?DeleteNode@CList@@UEAAXPEAX@Z
- ?DeleteNode@CModuleConfigList@@MEAAXPEAX@Z
- ?DeleteNode@CStrList@@EEAAXPEAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YAXPEAPEAX@Z
- ?DoIt@CWorkerThreadJob@@QEAAJXZ
- ?EntryPoint@CSystemThread@@KAXPEAX@Z
- ?Find@CContextList@@QEAAPEAVCContext@@K@Z
- ?Find@CContextList@@QEAAPEAVCContext@@PEAX@Z
- ?Find@CFileExtension@@QEAAPEAU_STR_LIST_NODE@CStrList@@PEBGK@Z
- ?Find@CModuleConfigList@@QEAAPEAVCModuleConfig@@K@Z
- ?Find@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FindNode@CContextList@@IEAAPEAXPEAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?FinishIt@CWorkerThreadJob@@QEAAJXZ
- ?First@CList@@UEAAPEAXXZ
- ?First@CLockList@@UEAAPEAXXZ
- ?First@CNoLockList@@UEAAPEAXXZ
- ?Free@CMemoryAllocator@@UEAAXPEAX@Z
- ?Free@CMemoryPoolAllocator@@UEAAXPEAX@Z
- ?GetAttributes@CFile@@QEAAKXZ
- ?GetBasicInfomration@CFile@@IEAAJXZ
- ?GetBlobCofig@CContext@@UEAAJKPEAXPEAK@Z
- ?GetCategory@CContext@@QEAAKXZ
- ?GetData@CBlobConfig@@QEAAHPEAXPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAPEAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QEAAKXZ
- ?GetData@CModuleMultiStringConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleMultiStringConfig@@QEAAPEAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QEAAPEAGXZ
- ?GetData@CStrList@@QEAAEPEAGPEAK@Z
- ?GetDataType@CModuleConfig@@QEAAKXZ
- ?GetEngineContext@CContext@@QEAAPEAXXZ
- ?GetFileExtensionConfig@CContext@@QEAAPEAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetFileSize@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UEAAJKPEAK@Z
- ?GetID@CModuleConfig@@QEAAKXZ
- ?GetJob@CWorkerThreadJobQueue@@QEAAPEAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QEAAKXZ
- ?GetLinkContext@CContext@@QEAAPEAXXZ
- ?GetLogFlag@CDebugLog@@QEAAKXZ
- ?GetLogFlag@CDebugLogEx@@QEAAKXZ
- ?GetModuleId@CModuleConfig@@QEAAKXZ
- ?GetMultiStringConfig@CContext@@QEAAPEAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QEAA_KXZ
- ?GetSize@CBlobConfig@@QEAAKXZ
- ?GetStringConfig@CContext@@QEAAPEAGK@Z
- ?GetStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QEAAKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QEAAKXZ
- ?GetThreadID@CSystemThread@@QEAA_KXZ
- ?GetType@CContext@@QEAAKXZ
- ?GetUserParameter@CContext@@QEAA_KXZ
- ?InitProcMon@CDebugLogEx@@IEAAXXZ
- ?InitializeBlobConfig@CContext@@QEAAHKPEAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeFlagConfig@CContext@@QEAAHKK@Z
- ?InitializeMultiStringConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeStringConfig@CContext@@QEAAHKPEBG@Z
- ?Insert@CList@@UEAAXQEAXE@Z
- ?Insert@CLockList@@UEAAXQEAXE@Z
- ?Insert@CNoLockList@@UEAAXQEAXE@Z
- ?InsertAfter@CList@@UEAAXPEAX0@Z
- ?InsertBefore@CList@@UEAAXPEAX0@Z
- ?Instance@CWorkerThreadPool@@SAPEAV1@XZ
- ?IsEmpty@CList@@UEAAEXZ
- ?IsEmpty@CLockList@@UEAAEXZ
- ?IsEmpty@CNoLockList@@UEAAEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IEAAEK@Z
- ?IsFull@CLockList@@QEBAEXZ
- ?IsFull@CNoLockList@@QEBAEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QEAAEPEBG@Z
- ?IsOpened@CFile@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPool@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QEAAEXZ
- ?IsValid@CMemoryAllocator@@UEAAEXZ
- ?IsValid@CMemoryPoolAllocator@@UEAAEXZ
- ?IsValid@IMemoryAllocator@@UEAAEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QEAAE_K@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QEAAE_K@Z
- ?JobFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?JobQueue@CWorkerThreadPool@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QEAAKXZ
- ?Limit@CNoLockList@@QEAAKXZ
- ?MatchAllExtensions@CFileExtension@@QEAAEXZ
- ?MatchNoExtensions@CFileExtension@@QEAAEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?NeedDelete@CWorkerThreadJob@@QEAAEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QEAAXE@Z
- ?NewNode@CList@@UEAAPEAXXZ
- ?NewNode@CStrList@@EEAAPEAXXZ
- ?NewNodeVariant@CList@@IEAAPEAXK@Z
- ?Next@CList@@UEBAPEAXQEAX@Z
- ?Next@CLockList@@UEBAPEAXQEAX@Z
- ?Next@CNoLockList@@UEBAPEAXQEAX@Z
- ?NextPool@CMemoryPoolAllocator@@QEAAPEAV1@XZ
- ?NotityTerminate@CWorkerThread@@QEAAXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QEAAJP6AXPEAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QEAAJP6AXPEAX@Z0E1@Z
- ?Pulse@CKEvent@@QEAAJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QEAAEPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SAPEAV1@XZ
- ?Read@CFile@@QEAAJPEADKPEAK@Z
- ?ReadWIRP@CFile@@QEAAJPEADKPEAK@Z
- ?ReferenceCount@CContext@@QEAAAEAKXZ
- ?Release@CLockEvent@@QEAAXXZ
- ?Remove@CContextList@@UEAAEQEAX@Z
- ?Remove@CList@@UEAAEQEAX@Z
- ?Remove@CLockList@@UEAAEQEAX@Z
- ?Remove@CNoLockList@@UEAAEQEAX@Z
- ?RemoveHead@CList@@UEAAPEAXXZ
- ?RemoveHead@CLockList@@UEAAPEAXXZ
- ?RemoveHead@CNoLockList@@UEAAPEAXXZ
- ?RemoveTail@CList@@UEAAPEAXXZ
- ?RemoveTail@CLockList@@UEAAPEAXXZ
- ?RemoveTail@CNoLockList@@UEAAPEAXXZ
- ?Reset@CKEvent@@QEAAXXZ
- ?ResetData@CInclusionExtConfig@@QEAAXXZ
- ?ResetData@CInclusionFileNameConfig@@QEAAXXZ
- ?ResetData@CInclusionFilePathConfig@@QEAAXXZ
- ?ResetData@CInclusionFolderConfig@@QEAAXXZ
- ?RestoreCR0@@YAXPEAX@Z
- ?Run@CAutoUpdateConfigThread@@UEAAXXZ
- ?Run@CDelayLoadThread@@UEAAXXZ
- ?Run@CWorkerThread@@UEAAXXZ
- ?SeekToEnd@CFile@@QEAAJXZ
- ?Set@CKEvent@@QEAAJJE@Z
- ?SetAttributes@CFile@@QEAAJK@Z
- ?SetBlobCofig@CContext@@UEAAJKPEAXK@Z
- ?SetData@CBlobConfig@@QEAAHPEAXK@Z
- ?SetData@CModuleFileExtConfig@@QEAAHPEBG@Z
- ?SetData@CModuleFlagConfig@@QEAAHK@Z
- ?SetData@CModuleMultiStringConfig@@QEAAHPEBGK@Z
- ?SetData@CModuleStringConfig@@QEAAHPEBG@Z
- ?SetEngineContext@CContext@@QEAAXPEAX@Z
- ?SetFileExtensionConfig@CContext@@UEAAJKPEBG@Z
- ?SetFlagConfig@CContext@@UEAAJKK@Z
- ?SetLinkContext@CContext@@QEAAXPEAX@Z
- ?SetLogFlag@CDebugLog@@QEAAEK@Z
- ?SetLogFlag@CDebugLogEx@@QEAAEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QEAAXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QEAAXE@Z
- ?SetMultiStringConfig@CContext@@UEAAJKPEBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QEAAXXZ
- ?SetPriority@CSystemThread@@QEAAXK@Z
- ?SetStopUse@CContext@@QEAAXXZ
- ?SetStringConfig@CContext@@UEAAJKPEBG@Z
- ?Setup@CSystemThread@@MEAAXXZ
- ?StopUse@CContext@@QEAAHXZ
- ?TearDown@CSystemThread@@MEAAXXZ
- ?Terminate@CSystemThread@@QEAAXE@Z
- ?Terminate@CWorkerThreadPool@@QEAAEXZ
- ?Terminate@CWorkerThreadPoolEx@@QEAAEXZ
- ?TmExceptionFilter@@YAJPEAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QEAAJPEAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QEAAXXZ
- ?WaitForInit@CDelayLoadThread@@QEAAEXZ
- ?WaitForLoad@CDelayLoadThread@@QEAAEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QEAAEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QEAAXXZ
- ?Write@CDebugLog@@QEAAXPEBDZZ
- ?Write@CDebugLogEx@@QEAAXPEBDZZ
- ?Write@CFile@@QEAAJPEADKPEAT_LARGE_INTEGER@@PEAK@Z
- ?WriteDataToFile@CDebugLogEx@@IEAAXPEADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IEAAXPEAD@Z
- ?WriteSystemInformation@CDebugLog@@QEAAXXZ
- ?WriteSystemInformation@CDebugLogEx@@QEAAXXZ
- ?WriteSystemStringInformation@CDebugLog@@IEAAXPEBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IEAAXPEBG@Z
- ?WriteToFile@CDebugLog@@IEAAXPEADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IEAAXPEAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?_pPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?m_lpInstance@CWorkerThreadPool@@1PEAV1@EA
- ?m_lpRCMInstance@CWorkerThreadPool@@1PEAV1@EA
- DeInitKm2UmCommunication
- DeInitKmLPC
- DuplicateFullFileName
- FreeFullFileName
- GetKm2UmMode
- GetModuleInfoByAddress
- GetModuleInfoByModuleName
- InitKm2UmCommunication
- InitKmLPC
- IsVerifierCodeCheckFlagOn
- IsWindows8_1_update
- KmCallUm
- KmCallUmByLPC
- KmCallUmEx
- KmCleanupCommPortAPIs
- KmGetUmInitProcess
- KmSetCommPortAPIs
- ModGetExportProcAddress
- ModLoadDLLToBuffer
- ModLoadDLLToBufferWithImageSize
- ModLoadModule
- ModUnLoadModule
- NormalizeFileName
- NormalizeFullNtPathToDosName
- TmCommConfigRoutine
- UtilAddDeviceInDriveTable
- UtilAddReparsePointMapping
- UtilCleanFileReadOnly
- UtilCloseExclusiveHandle
- UtilCreateDosFileName
- UtilDeleteFileForce
- UtilGetDeviceObjectName
- UtilGetFileNameFromFileObject
- UtilGetFileObjectForProcessByEPROC
- UtilGetFileObjectFromFileName
- UtilGetProcessName
- UtilGetSystemDirectory
- UtilGetSystemDirectoryEx
- UtilGetSystemDirectoryLength
- UtilGetSystemTime
- UtilIoSetFileInfo
- UtilIopCreateFileIRP
- UtilKeGetLowFileDevice
- UtilModuleIATHook
- UtilModuleIATUnHook
- UtilPostJobToWorkerThread
- UtilQueryExclusiveHandle
- UtilQueryKeyValue
- UtilRemoveDeviceFromDriveTable
- UtilVolumeDeviceToDosName
- UtilWaitValueChangeToZero
- UtilWriteVersionToRegistry
- UtilbuildDynamicDiskMappingTable
- UtlWriteBinValueKeyToRegistry
- ValidateAddressWithSize
- _ResetProtectFromClose
- _UtilDosPathNameToNtPathName
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 009feac811b0f16247a5fc20d80523ace6
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b6aa9cf28bcfc9f07ec1069fb425ab61 |
| ToBeSigned (TBS) SHA1 | ca7a166fcd53878ba5a38d4cac37c63513cfc1fa |
| ToBeSigned (TBS) SHA256 | 711394fc49f8948a831f687d42ced6b18514f57786ecc6cdbc3c3eb72e568a40 |
| Subject | C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Time Stamping Signer |
| ValidFrom | 2015-05-05 00:00:00 |
| ValidTo | 2015-12-31 23:59:59 |
| Signature | 0dbbad60111bb5f00dcce6483a7a3e0e33dc1cb9ead620fea34dd0cc764ee818d879dfd34f9a4264238a29728a3a6c66a63c3a17a8704565c673c3d0ce8954fbac690f58b019cb869f7eb97eeb5192bf9bddebd165f0257b887cdebda5c8b51451bcc081308a85387be679fe67559387fe4fe88d0eedf37292b5c289806dd159e31d0deab138ee039d0019a5ab219b79c3ccc23e687ebdc94d694db46451fbb22874e25389ce9dfaade2dbceab7b7e064474fd0aa3c9b7a730cd49d29264f122a6b828457479e9a7ce3b33f98350947d68c01d49c760787a3c6426d5befa0a6de41ee109538fa9c523acc79d614221f02c1671493b10af2c6f1ae631f114fd6c |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 009feac811b0f16247a5fc20d80523ace6 |
| Version | 3 |
Certificate 250ce8e030612e9f2b89f7054d7cf8fd
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 918d9eb6a6cd36c531eceb926170a7e1 |
| ToBeSigned (TBS) SHA1 | 0ae95700d65e6f59715aa47048993ca7858e676a |
| ToBeSigned (TBS) SHA256 | 47c46e6eaa3780eace3d0d891346cd373359d246b21a957219dbab4c8f37c166 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2006-11-08 00:00:00 |
| ValidTo | 2021-11-07 23:59:59 |
| Signature | 1302ddf8e88600f25af8f8200c59886207cecef74ef9bb59a198e5e138dd4ebc6618d3adeb18f20dc96d3e4a9420c33cbabd6554c6af44b310ad2c6b3eabd707b6b88163c5f95e2ee52a67cecd330c2ad7895603231fb3bee83a0859b4ec4535f78a5bff66cf50afc66d578d1978b7b9a2d157ea1f9a4bafbac98e127ec6bdff |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 250ce8e030612e9f2b89f7054d7cf8fd |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 1519396ee230f02cad1fcfdb077a35f0
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 7e2a6f93403382b4ec42463426d0a4b5 |
| ToBeSigned (TBS) SHA1 | 62acc697c0e2dc37f3d37ab79751637346e051e2 |
| ToBeSigned (TBS) SHA256 | 3e9a51973a839e5bc6e81c886e085b777d08ce2b24f816b7552cf2c44e322d59 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2015-02-20 00:00:00 |
| ValidTo | 2016-05-21 23:59:59 |
| Signature | e480eb7f78216a855e34dbcb712d3879d6b1744c823c8e78c3661e55182a5c1f3a03686169393ef8778c893a49604a79769f5ba7156426c5431ae729a8dc5f8e22b14d124e46eff3f4f660552a57250a15e15d07ad548a02cddf8a204b5010be387a05b1019f618cf15078d80a809a7272b1822a63862c7db194f12697a786001ef630ac9d8bf9f5475191f327b8ed4839dff1ef65e5eb8f91379a66366451f99cb633848c57d4392096e6080fa327b23fc3834ad4f6043904d6c5aeb35454a265b3fda38167cffa8394f092a74bad1ea386f63b7baeb95271a97fc3bff0a2bc96a834f280a254d7170e5cc2830f3bd0649178f8b04514ecd1103753b1762902 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 1519396ee230f02cad1fcfdb077a35f0 |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeInitializeSemaphore
- KeWaitForSingleObject
- KeReleaseSemaphore
- KeStackAttachProcess
- KeUnstackDetachProcess
- RtlSubAuthoritySid
- RtlInitializeSid
- ExAllocatePoolWithTag
- RtlLengthRequiredSid
- ExFreePoolWithTag
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwRequestWaitReplyPort
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- ObfReferenceObject
- IoGetCurrentProcess
- DbgBreakPoint
- PsGetProcessExitTime
- MmSectionObjectType
- PsThreadType
- MmGetSystemRoutineAddress
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- PsGetCurrentThreadId
- _vsnprintf
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- KeDelayExecutionThread
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ExGetPreviousMode
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- IoFileObjectType
- memcpy
- ZwQuerySecurityObject
- ZwSetSecurityObject
- RtlLengthSecurityDescriptor
- MmHighestUserAddress
- IoFreeIrp
- _purecall
- MmUnlockPages
- IoBuildAsynchronousFsdRequest
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- RtlEqualUnicodeString
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- RtlCopyUnicodeString
- RtlFreeUnicodeString
- RtlCompareMemory
- RtlUpcaseUnicodeString
- _snwprintf
- RtlImageNtHeader
- RtlAnsiStringToUnicodeString
- RtlInitAnsiString
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- ObQueryNameString
- IoBuildDeviceIoControlRequest
- IofCompleteRequest
- ExEventObjectType
- _allmul
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- RtlUpperChar
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- IoDriverObjectType
- RtlAppendUnicodeStringToString
- NtQueryInformationProcess
- IoThreadToProcess
- PsIsThreadTerminating
- KeAddSystemServiceTable
- ZwQueryObject
- ObInsertObject
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- MmSystemRangeStart
- wcsstr
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- RtlFreeAnsiString
- RtlUnicodeStringToAnsiString
- strncat
- wcschr
- wcsncat
- wcstombs
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- _allrem
- ExAcquireFastMutexUnsafe
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- IoFreeMdl
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- KeGetCurrentIrql
- ExAcquireFastMutex
- ExReleaseFastMutex
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z0@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReadWIRP@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKmLPC@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKmLPC@0
- _IsVerifierCodeCheckFlagOn@0
- _IsWindows8_1_update@4
- _KmCallUm@8
- _KmCallUmEx@12
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilCleanFileReadOnly@4
- _UtilDeleteFileForce@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 1688f039255e638e69143907e6330b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 0179e8ddeebaf8998fec419d65cdf13d |
| ToBeSigned (TBS) SHA1 | 34c724c3369f2da8c25b591808962f66f10bde28 |
| ToBeSigned (TBS) SHA256 | 35b0bac11602847aaab65fb35199d3c8976cde3ccf7e061b130177c712cbd92f |
| Subject | C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO SHA,1 Time Stamping Signer |
| ValidFrom | 2015-12-31 00:00:00 |
| ValidTo | 2019-07-09 18:40:36 |
| Signature | ba332440408c7cdb589fb36098b2f5c031feeb1f6e50f60ae0e4e681ad2687a2dffdb3daf473f300fb291b891b153edb6b52932bc4ac3981d73c67579a3936e028089ae3394f9b89097f7bc5617f598932250a6aae1a3ef0a227a8b6c3b887f7160448413d5cd8ec9f4d203104d965a1edcd690753163ddd36020a88eb40e506300bb8164bdcefbc5509ffc63e122e76b3dcce42eff97657e1b70a054098589a5d711693718c6581ea6ff389f7fb73adb4e7bfd98e6faa0b4f25f3b8e1d5dd75986881f8aac0d180c2c4c43989c1f6c99e6cd774f9d997f84fc29a0acd5e8ff819e9e0a59fc4f09221e62d7925c922f9c3f03a8457ad3a16f46394101d5dd0c6 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 1688f039255e638e69143907e6330b |
| Version | 3 |
Certificate 774d49c5649436de6bf3190a67eedcdf
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b3ca7d6b821d8e3432b29874980af55e |
| ToBeSigned (TBS) SHA1 | 618d7e55a24c1d8b65a0bcce79120c5e3b13fa4d |
| ToBeSigned (TBS) SHA256 | c645c6a7dc7243a4a3f78a6569c029401a7bda8bc4732ce7198d9f21f19b12fa |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2016-03-29 00:00:00 |
| ValidTo | 2017-06-28 23:59:59 |
| Signature | 27351697f046d1d43fe306dff30b83e7a404e3e6431c1e06829c558d99eb3f21776021e3e1bd4e485aba08b89bb0972f23daa471d7b432a44a591270f9a838f13dbda32ee936c0df792cff8c493e1f27b2282b3d896ae7b4155ca1a50bf7111f3f4bbbe11f17cfe5d49c0589c210966ef7e567153e802d2e783ff498c59585598d9d3e93273d1e81c07ce85c0cfb24834d448c3930120f1686bd472d916ac8f9475acfdb27be8528311f668d71dfc132a0ff62df7baa575a0cc732b3de003beca214954d4d97cf9511b9329eccbb7b716675b31e543a43570080dffce3fc8ca8fbb17d954b9678e2d0c1e1710a5cf03952a687fede59dcba3bf98900f9934f12 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 774d49c5649436de6bf3190a67eedcdf |
| Version | 3 |
Certificate 611993e400000000001c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78a717e082dcc1cda3458d917e677d14 |
| ToBeSigned (TBS) SHA1 | 4a872e0e51f9b304469cd1dedb496ee9b8b983a4 |
| ToBeSigned (TBS) SHA256 | 317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2011-02-22 19:25:17 |
| ValidTo | 2021-02-22 19:35:17 |
| Signature | 812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 611993e400000000001c |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- IoGetCurrentProcess
- ObfReferenceObject
- DbgBreakPoint
- ZwRequestWaitReplyPort
- ExFreePoolWithTag
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- PsGetProcessExitTime
- MmSectionObjectType
- PsThreadType
- ObReleaseObjectSecurity
- SeReleaseSubjectContext
- SeAccessCheck
- SeCaptureSubjectContext
- ObGetObjectSecurity
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- ExAllocatePoolWithTag
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- PsGetCurrentThreadId
- RtlInitAnsiString
- ZwDeviceIoControlFile
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- _vsnprintf
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- ExGetPreviousMode
- KeWaitForSingleObject
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeDelayExecutionThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- IoFileObjectType
- _allrem
- ZwQuerySecurityObject
- memcpy
- RtlLengthSecurityDescriptor
- MmHighestUserAddress
- IoFreeIrp
- IoFreeMdl
- _purecall
- IoBuildAsynchronousFsdRequest
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ObQueryNameString
- MmGetSystemRoutineAddress
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- RtlImageNtHeader
- RtlCompareMemory
- RtlUpcaseUnicodeString
- _snwprintf
- MmSystemRangeStart
- wcsncmp
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- _allmul
- KeReleaseSemaphore
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- KeInitializeSemaphore
- IofCompleteRequest
- ExEventObjectType
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- RtlUpperChar
- ObReferenceObjectByName
- IoDriverObjectType
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- NtQueryInformationProcess
- PsIsThreadTerminating
- KeAddSystemServiceTable
- ZwFsControlFile
- ObInsertObject
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- wcsstr
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- RtlFreeAnsiString
- RtlUnicodeStringToAnsiString
- strncat
- wcschr
- wcsncat
- wcstombs
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- ZwSetSecurityObject
- ExAcquireFastMutexUnsafe
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- MmUnlockPages
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- ExAcquireFastMutex
- ExReleaseFastMutex
- KeGetCurrentIrql
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDebugLogEx@@QAE@ABV0@@Z
- ??0CDebugLogEx@@QAE@K@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z01@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0CWorkerThreadPoolEx@@QAE@ABV0@@Z
- ??0CWorkerThreadPoolEx@@QAE@KK@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDebugLogEx@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1CWorkerThreadPoolEx@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDebugLogEx@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MAEXXZ
- ?FinishIt@CWorkerThreadJob@@QAEJXZ
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetLogFlag@CDebugLogEx@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitProcMon@CDebugLogEx@@IAEXXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QAEJP6GXPAX@Z0E1@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReadWIRP@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetLogFlag@CDebugLogEx@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?Terminate@CWorkerThreadPoolEx@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QAEXXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CDebugLogEx@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteDataToFile@CDebugLogEx@@IAEXPADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IAEXPAD@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemInformation@CDebugLogEx@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IAEXPAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKm2UmCommunication@0
- _DeInitKmLPC@0
- _DuplicateFullFileName@4
- _FreeFullFileName@4
- _GetKm2UmMode@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKm2UmCommunication@8
- _InitKmLPC@0
- _IsVerifierCodeCheckFlagOn@0
- _IsWindows8_1_update@4
- _KmCallUm@8
- _KmCallUmByLPC@8
- _KmCallUmEx@12
- _KmCleanupCommPortAPIs@0
- _KmGetUmInitProcess@0
- _KmSetCommPortAPIs@4
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilAddReparsePointMapping@8
- _UtilCleanFileReadOnly@4
- _UtilCloseExclusiveHandle@12
- _UtilCreateDosFileName@8
- _UtilDeleteFileForce@4
- _UtilGetDeviceObjectName@8
- _UtilGetFileNameFromFileObject@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilPostJobToWorkerThread@12
- _UtilQueryExclusiveHandle@12
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- _ValidateAddressWithSize@20
- __ResetProtectFromClose@4
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 7e93ebfb7cc64e59ea4b9a77d406fc3b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d0785ad36e427c92b19f6826ab1e8020 |
| ToBeSigned (TBS) SHA1 | 365b7a9c21bd9373e49052c3e7b3e4646ddd4d43 |
| ToBeSigned (TBS) SHA256 | c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2 |
| ValidFrom | 2012-12-21 00:00:00 |
| ValidTo | 2020-12-30 23:59:59 |
| Signature | 03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 7e93ebfb7cc64e59ea4b9a77d406fc3b |
| Version | 3 |
Certificate 0ecff438c8febf356e04d86a981b1a50
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e9d38360b914c8863f6cba3ee58764d3 |
| ToBeSigned (TBS) SHA1 | 4cba8eae47b6bf76f20b3504b98b8f062694a89b |
| ToBeSigned (TBS) SHA256 | 88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4 |
| ValidFrom | 2012-10-18 00:00:00 |
| ValidTo | 2020-12-29 23:59:59 |
| Signature | 783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0ecff438c8febf356e04d86a981b1a50 |
| Version | 3 |
Certificate 497c4fad471540e6e453d0cafb155740
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78eaa337666217b1c16a9a0ebd0b8434 |
| ToBeSigned (TBS) SHA1 | ff9cb835e78f6185eed4372096c3bae53b17d18d |
| ToBeSigned (TBS) SHA256 | 1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2017-04-27 00:00:00 |
| ValidTo | 2018-07-16 23:59:59 |
| Signature | f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 497c4fad471540e6e453d0cafb155740 |
| Version | 3 |
Certificate 611993e400000000001c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78a717e082dcc1cda3458d917e677d14 |
| ToBeSigned (TBS) SHA1 | 4a872e0e51f9b304469cd1dedb496ee9b8b983a4 |
| ToBeSigned (TBS) SHA256 | 317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2011-02-22 19:25:17 |
| ValidTo | 2021-02-22 19:35:17 |
| Signature | 812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 611993e400000000001c |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- RtlInitUnicodeString
- KeInitializeEvent
- KeClearEvent
- KeSetEvent
- KeEnterCriticalRegion
- KeLeaveCriticalRegion
- KeWaitForSingleObject
- ExFreePoolWithTag
- ExAcquireFastMutexUnsafe
- ExReleaseFastMutexUnsafe
- ProbeForRead
- ProbeForWrite
- ExAcquireResourceSharedLite
- ExAcquireResourceExclusiveLite
- ExReleaseResourceLite
- MmProbeAndLockPages
- MmUnlockPages
- MmMapLockedPagesSpecifyCache
- IoAllocateMdl
- IoFreeMdl
- IoGetCurrentProcess
- ObfReferenceObject
- ObfDereferenceObject
- ZwClose
- ZwCreateSection
- ZwOpenSection
- ZwMapViewOfSection
- ZwUnmapViewOfSection
- ZwOpenEvent
- KePulseEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObOpenObjectByPointer
- ZwAllocateVirtualMemory
- ZwFreeVirtualMemory
- ZwSetEvent
- __C_specific_handler
- PsProcessType
- wcslen
- wcsncpy
- wcsrchr
- RtlUnicodeStringToInteger
- ZwWaitForSingleObject
- ZwRequestWaitReplyPort
- ZwConnectPort
- _stricmp
- ExAllocatePoolWithTag
- MmIsAddressValid
- RtlImageNtHeader
- ZwQuerySystemInformation
- SeCaptureSubjectContext
- SeReleaseSubjectContext
- SeAccessCheck
- ObGetObjectSecurity
- ObReleaseObjectSecurity
- PsGetProcessExitTime
- PsThreadType
- MmSectionObjectType
- RtlCreateSecurityDescriptor
- RtlSetDaclSecurityDescriptor
- KeInitializeSemaphore
- KeReleaseSemaphore
- ExAcquireFastMutex
- ExReleaseFastMutex
- RtlCreateAcl
- RtlAddAccessAllowedAce
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- KeDelayExecutionThread
- ExGetPreviousMode
- DbgPrint
- swprintf
- RtlCopyUnicodeString
- IofCompleteRequest
- IoCreateSymbolicLink
- IoDeleteDevice
- IoDeleteSymbolicLink
- ObReferenceObjectByHandle
- PsGetCurrentProcessId
- ZwCreateEvent
- ExEventObjectType
- _wcsnicmp
- PsSetCreateProcessNotifyRoutine
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwCreateFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwReadFile
- ZwWriteFile
- towupper
- MmGetSystemRoutineAddress
- ObReferenceObjectByPointer
- PsGetCurrentThreadId
- ObQueryNameString
- PsGetVersion
- _snprintf
- _vsnprintf
- RtlInitAnsiString
- wcscat
- RtlFreeUnicodeString
- RtlTimeToTimeFields
- KeWaitForMultipleObjects
- ExSystemTimeToLocalTime
- ZwCreateKey
- ZwDeviceIoControlFile
- ZwNotifyChangeKey
- ZwOpenFile
- ZwQueryVolumeInformationFile
- mbstowcs
- IoGetDeviceObjectPointer
- IoBuildDeviceIoControlRequest
- IofCallDriver
- IoCreateFile
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlUpcaseUnicodeChar
- _snwprintf
- strlen
- _strnicmp
- strncpy
- NtOpenProcess
- NtQueryInformationProcess
- ObOpenObjectByName
- KeSetPriorityThread
- PsCreateSystemThread
- PsTerminateSystemThread
- KeNumberProcessors
- RtlLengthSecurityDescriptor
- ZwOpenKey
- ZwDeleteKey
- ZwDeleteValueKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryKey
- ZwQueryValueKey
- ZwSetValueKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwDuplicateObject
- ZwQuerySecurityObject
- ZwSetSecurityObject
- ZwQueryDirectoryObject
- ZwQueryDirectoryFile
- NtCreateFile
- NtQueryInformationFile
- NtSetInformationFile
- IoFileObjectType
- ObInsertObject
- wcschr
- wcsncmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- RtlCompareMemory
- MmBuildMdlForNonPagedPool
- IoAllocateIrp
- IoFreeIrp
- ZwOpenSymbolicLinkObject
- ZwQuerySymbolicLinkObject
- RtlUpcaseUnicodeString
- NtClose
- ZwSetInformationObject
- SeQueryAuthenticationIdToken
- MmSystemRangeStart
- IoGetFileObjectGenericMapping
- ObCreateObject
- SeCreateAccessState
- IoAcquireVpbSpinLock
- IoReleaseVpbSpinLock
- wcstombs
- strncat
- wcsncat
- RtlUnicodeStringToAnsiString
- RtlFreeAnsiString
- strcpy
- wcsstr
- RtlCompareUnicodeString
- DbgPrintEx
- KeAcquireSpinLockRaiseToDpc
- KeReleaseSpinLock
- ExAllocatePool
- ExpInterlockedPopEntrySList
- IoBuildSynchronousFsdRequest
- IoGetStackLimits
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- IoUnregisterPlugPlayNotification
- IoGetConfigurationInformation
- FsRtlIsNameInExpression
- IoDeviceObjectType
- IoCreateDevice
- RtlGetOwnerSecurityDescriptor
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- SeCaptureSecurityDescriptor
- RtlLengthSid
- SeExports
- IoIsWdmVersionAvailable
- RtlAbsoluteToSelfRelativeSD
- RtlAnsiStringToUnicodeString
- _purecall
- KeBugCheckEx
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QEAA@AEBV0@@Z
- ??0CAutoUpdateConfigThread@@QEAA@PEAU_UNICODE_STRING@@P6AX0PEAX@Z1@Z
- ??0CBlobConfig@@QEAA@AEBV0@@Z
- ??0CBlobConfig@@QEAA@K@Z
- ??0CContext@@QEAA@AEBV0@@Z
- ??0CContext@@QEAA@KP6AJPEAU_EVENT_REPORT@@PEAXPEAU_TMCE_REPORT@@PEAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QEAA@AEBV0@@Z
- ??0CContextList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QEAA@AEBV0@@Z
- ??0CDebugLog@@QEAA@PEBG@Z
- ??0CDebugLogEx@@QEAA@AEBV0@@Z
- ??0CDebugLogEx@@QEAA@K@Z
- ??0CDelayLoadThread@@QEAA@AEBV0@@Z
- ??0CDelayLoadThread@@QEAA@XZ
- ??0CExclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CExclusionExtConfig@@QEAA@KKE@Z
- ??0CExclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFileNameConfig@@QEAA@KK@Z
- ??0CExclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFilePathConfig@@QEAA@KK@Z
- ??0CExclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFolderConfig@@QEAA@KK@Z
- ??0CExclusionRegistryConfig@@QEAA@AEBV0@@Z
- ??0CExclusionRegistryConfig@@QEAA@KK@Z
- ??0CFile@@QEAA@AEBV0@@Z
- ??0CFile@@QEAA@E@Z
- ??0CFileExtension@@QEAA@AEBV0@@Z
- ??0CFileExtension@@QEAA@KEEPEAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CInclusionExtConfig@@QEAA@KKE@Z
- ??0CInclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFileNameConfig@@QEAA@KK@Z
- ??0CInclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFilePathConfig@@QEAA@KK@Z
- ??0CInclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFolderConfig@@QEAA@KK@Z
- ??0CKEvent@@QEAA@AEBV0@@Z
- ??0CKEvent@@QEAA@W4_EVENT_TYPE@@E@Z
- ??0CList@@QEAA@AEBV0@@Z
- ??0CList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QEAA@AEBV0@@Z
- ??0CLockEvent@@QEAA@XZ
- ??0CLockList@@QEAA@AEBV0@@Z
- ??0CLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IEAA@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QEAA@AEBV0@@Z
- ??0CMemoryPoolAllocator@@IEAA@W4_POOL_TYPE@@_K1K@Z
- ??0CMemoryPoolAllocator@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@XZ
- ??0CModuleConfigList@@QEAA@AEBV0@@Z
- ??0CModuleConfigList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QEAA@AEBV0@@Z
- ??0CModuleFileExtConfig@@QEAA@KKE@Z
- ??0CModuleFlagConfig@@QEAA@AEBV0@@Z
- ??0CModuleFlagConfig@@QEAA@K@Z
- ??0CModuleMultiStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleMultiStringConfig@@QEAA@KK@Z
- ??0CModuleStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleStringConfig@@QEAA@K@Z
- ??0CNoLockList@@QEAA@AEBV0@@Z
- ??0CNoLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QEAA@AEAVCLockEvent@@@Z
- ??0CSmartLock@@QEAA@XZ
- ??0CSmartReference@@QEAA@AEAJ@Z
- ??0CSmartReference@@QEAA@AEAK@Z
- ??0CSmartResource@@QEAA@AEAVCResource@@E@Z
- ??0CStrList@@QEAA@AEBV0@@Z
- ??0CStrList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QEAA@AEBV0@@Z
- ??0CSystemThread@@QEAA@K@Z
- ??0CUserFuncAdapterJob@@QEAA@AEBV0@@Z
- ??0CUserFuncAdapterJob@@QEAA@P6AXPEAX@Z01@Z
- ??0CWorkerThread@@IEAA@PEAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@E@Z
- ??0CWorkerThreadJobQueue@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJobQueue@@QEAA@K@Z
- ??0CWorkerThreadPool@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPool@@QEAA@K@Z
- ??0CWorkerThreadPoolEx@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPoolEx@@QEAA@KK@Z
- ??0IMemoryAllocator@@QEAA@AEBV0@@Z
- ??0IMemoryAllocator@@QEAA@XZ
- ??1CAutoUpdateConfigThread@@UEAA@XZ
- ??1CBlobConfig@@UEAA@XZ
- ??1CContext@@UEAA@XZ
- ??1CContextList@@UEAA@XZ
- ??1CDebugLog@@UEAA@XZ
- ??1CDebugLogEx@@UEAA@XZ
- ??1CDelayLoadThread@@UEAA@XZ
- ??1CExclusionExtConfig@@UEAA@XZ
- ??1CExclusionFileNameConfig@@UEAA@XZ
- ??1CExclusionFilePathConfig@@UEAA@XZ
- ??1CExclusionFolderConfig@@UEAA@XZ
- ??1CExclusionRegistryConfig@@UEAA@XZ
- ??1CFile@@UEAA@XZ
- ??1CFileExtension@@UEAA@XZ
- ??1CInclusionExtConfig@@UEAA@XZ
- ??1CInclusionFileNameConfig@@UEAA@XZ
- ??1CInclusionFilePathConfig@@UEAA@XZ
- ??1CInclusionFolderConfig@@UEAA@XZ
- ??1CKEvent@@UEAA@XZ
- ??1CList@@UEAA@XZ
- ??1CLockEvent@@UEAA@XZ
- ??1CLockList@@UEAA@XZ
- ??1CMemoryAllocator@@UEAA@XZ
- ??1CMemoryPoolAllocator@@UEAA@XZ
- ??1CModuleConfig@@UEAA@XZ
- ??1CModuleConfigList@@UEAA@XZ
- ??1CModuleFileExtConfig@@UEAA@XZ
- ??1CModuleFlagConfig@@UEAA@XZ
- ??1CModuleMultiStringConfig@@UEAA@XZ
- ??1CModuleStringConfig@@UEAA@XZ
- ??1CNoLockList@@UEAA@XZ
- ??1CSmartLock@@QEAA@XZ
- ??1CSmartReference@@QEAA@XZ
- ??1CSmartResource@@QEAA@XZ
- ??1CStrList@@UEAA@XZ
- ??1CSystemThread@@UEAA@XZ
- ??1CUserFuncAdapterJob@@UEAA@XZ
- ??1CWorkerThread@@UEAA@XZ
- ??1CWorkerThreadJob@@UEAA@XZ
- ??1CWorkerThreadJobQueue@@UEAA@XZ
- ??1CWorkerThreadPool@@UEAA@XZ
- ??1CWorkerThreadPoolEx@@UEAA@XZ
- ??1IMemoryAllocator@@UEAA@XZ
- ??2@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??2CMemoryAllocator@@SAPEAX_K@Z
- ??2CMemoryPoolAllocator@@SAPEAX_K@Z
- ??3@YAXPEAX@Z
- ??3@YAXPEAX_K@Z
- ??3IMemoryAllocator@@SAXPEAX@Z
- ??4CAutoUpdateConfigThread@@QEAAAEAV0@AEBV0@@Z
- ??4CBlobConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CContext@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLog@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLogEx@@QEAAAEAV0@AEBV0@@Z
- ??4CDelayLoadThread@@QEAAAEAV0@AEBV0@@Z
- ??4CFile@@QEAAAEAV0@AEBV0@@Z
- ??4CKEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CLockEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryPoolAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleFlagConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleStringConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEBV0@AEAVCLockEvent@@@Z
- ??4CSmartResource@@QEAAAEAV0@AEBV0@@Z
- ??4CSystemThread@@QEAAAEAV0@AEBV0@@Z
- ??4CUserFuncAdapterJob@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThread@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThreadJob@@QEAAAEAV0@AEBV0@@Z
- ??4IMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QEAAXXZ
- ??_FCFile@@QEAAXXZ
- ??_FCFileExtension@@QEAAXXZ
- ??_FCModuleConfigList@@QEAAXXZ
- ??_FCStrList@@QEAAXXZ
- ??_FCSystemThread@@QEAAXXZ
- ??_FCWorkerThread@@QEAAXXZ
- ??_FCWorkerThreadJob@@QEAAXXZ
- ??_FCWorkerThreadJobQueue@@QEAAXXZ
- ??_U@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??_V@YAXPEAX@Z
- ??_V@YAXPEAX_K@Z
- ?Acquire@CLockEvent@@QEAAXXZ
- ?Add@CContextList@@QEAAEPEAVCContext@@@Z
- ?Add@CFileExtension@@QEAAEPEBGK@Z
- ?Add@CModuleConfigList@@QEAAEPEAVCModuleConfig@@@Z
- ?Add@CStrList@@QEAAEPEBG@Z
- ?AddNode@CLockList@@UEAAEQEAXE@Z
- ?AddNode@CNoLockList@@UEAAEQEAXE@Z
- ?Alloc@CMemoryAllocator@@UEAAPEAX_KPEBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UEAAPEAX_KPEBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IEAAPEAX_K@Z
- ?AttachJobQueue@CWorkerThread@@QEAAXPEAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QEAAXXZ
- ?CheckNode@CLockList@@UEAAHQEAX@Z
- ?CheckNode@CNoLockList@@UEAAHQEAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QEAAXXZ
- ?Cleanup@CBlobConfig@@AEAAXXZ
- ?Cleanup@CModuleFileExtConfig@@IEAAXXZ
- ?Cleanup@CModuleMultiStringConfig@@IEAAXXZ
- ?Cleanup@CModuleStringConfig@@AEAAXXZ
- ?Close@CFile@@QEAAJXZ
- ?Count@CLockList@@QEAAKXZ
- ?Count@CNoLockList@@QEAAKXZ
- ?Create@CFile@@QEAAJPEBGKKKK@Z
- ?Create@CSystemThread@@QEAAEXZ
- ?CreateInstance@CMemoryAllocator@@SAPEAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SAPEAV1@W4_POOL_TYPE@@_K1K@Z
- ?CreatePool@CWorkerThreadPool@@QEAAEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QEAAEXZ
- ?CreateThreads@CWorkerThreadPool@@QEAAEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QEAAEK@Z
- ?CreateWIRP@CFile@@QEAAJPEBGKKKK@Z
- ?Delete@CFile@@QEAAJXZ
- ?Delete@CFileExtension@@QEAAEPEBGK@Z
- ?Delete@CStrList@@QEAAEPEBG@Z
- ?DeleteAll@CList@@UEAAXXZ
- ?DeleteAll@CLockList@@UEAAXXZ
- ?DeleteAll@CNoLockList@@UEAAXXZ
- ?DeleteNode@CContextList@@MEAAXPEAX@Z
- ?DeleteNode@CList@@UEAAXPEAX@Z
- ?DeleteNode@CModuleConfigList@@MEAAXPEAX@Z
- ?DeleteNode@CStrList@@EEAAXPEAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YAXPEAPEAX@Z
- ?DoIt@CWorkerThreadJob@@QEAAJXZ
- ?EntryPoint@CSystemThread@@KAXPEAX@Z
- ?Find@CContextList@@QEAAPEAVCContext@@K@Z
- ?Find@CContextList@@QEAAPEAVCContext@@PEAX@Z
- ?Find@CFileExtension@@QEAAPEAU_STR_LIST_NODE@CStrList@@PEBGK@Z
- ?Find@CModuleConfigList@@QEAAPEAVCModuleConfig@@K@Z
- ?Find@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FindNode@CContextList@@IEAAPEAXPEAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?FinishIt@CWorkerThreadJob@@QEAAJXZ
- ?First@CList@@UEAAPEAXXZ
- ?First@CLockList@@UEAAPEAXXZ
- ?First@CNoLockList@@UEAAPEAXXZ
- ?Free@CMemoryAllocator@@UEAAXPEAX@Z
- ?Free@CMemoryPoolAllocator@@UEAAXPEAX@Z
- ?GetAttributes@CFile@@QEAAKXZ
- ?GetBasicInfomration@CFile@@IEAAJXZ
- ?GetBlobCofig@CContext@@UEAAJKPEAXPEAK@Z
- ?GetCategory@CContext@@QEAAKXZ
- ?GetData@CBlobConfig@@QEAAHPEAXPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAPEAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QEAAKXZ
- ?GetData@CModuleMultiStringConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleMultiStringConfig@@QEAAPEAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QEAAPEAGXZ
- ?GetData@CStrList@@QEAAEPEAGPEAK@Z
- ?GetDataType@CModuleConfig@@QEAAKXZ
- ?GetEngineContext@CContext@@QEAAPEAXXZ
- ?GetFileExtensionConfig@CContext@@QEAAPEAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetFileSize@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UEAAJKPEAK@Z
- ?GetID@CModuleConfig@@QEAAKXZ
- ?GetJob@CWorkerThreadJobQueue@@QEAAPEAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QEAAKXZ
- ?GetLinkContext@CContext@@QEAAPEAXXZ
- ?GetLogFlag@CDebugLog@@QEAAKXZ
- ?GetLogFlag@CDebugLogEx@@QEAAKXZ
- ?GetModuleId@CModuleConfig@@QEAAKXZ
- ?GetMultiStringConfig@CContext@@QEAAPEAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QEAA_KXZ
- ?GetSize@CBlobConfig@@QEAAKXZ
- ?GetStringConfig@CContext@@QEAAPEAGK@Z
- ?GetStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QEAAKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QEAAKXZ
- ?GetThreadID@CSystemThread@@QEAA_KXZ
- ?GetType@CContext@@QEAAKXZ
- ?GetUserParameter@CContext@@QEAA_KXZ
- ?InitProcMon@CDebugLogEx@@IEAAXXZ
- ?InitializeBlobConfig@CContext@@QEAAHKPEAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeFlagConfig@CContext@@QEAAHKK@Z
- ?InitializeMultiStringConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeStringConfig@CContext@@QEAAHKPEBG@Z
- ?Insert@CList@@UEAAXQEAXE@Z
- ?Insert@CLockList@@UEAAXQEAXE@Z
- ?Insert@CNoLockList@@UEAAXQEAXE@Z
- ?InsertAfter@CList@@UEAAXPEAX0@Z
- ?InsertBefore@CList@@UEAAXPEAX0@Z
- ?Instance@CWorkerThreadPool@@SAPEAV1@XZ
- ?IsEmpty@CList@@UEAAEXZ
- ?IsEmpty@CLockList@@UEAAEXZ
- ?IsEmpty@CNoLockList@@UEAAEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IEAAEK@Z
- ?IsFull@CLockList@@QEBAEXZ
- ?IsFull@CNoLockList@@QEBAEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QEAAEPEBG@Z
- ?IsOpened@CFile@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPool@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QEAAEXZ
- ?IsValid@CMemoryAllocator@@UEAAEXZ
- ?IsValid@CMemoryPoolAllocator@@UEAAEXZ
- ?IsValid@IMemoryAllocator@@UEAAEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QEAAE_K@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QEAAE_K@Z
- ?JobFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?JobQueue@CWorkerThreadPool@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QEAAKXZ
- ?Limit@CNoLockList@@QEAAKXZ
- ?MatchAllExtensions@CFileExtension@@QEAAEXZ
- ?MatchNoExtensions@CFileExtension@@QEAAEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?NeedDelete@CWorkerThreadJob@@QEAAEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QEAAXE@Z
- ?NewNode@CList@@UEAAPEAXXZ
- ?NewNode@CStrList@@EEAAPEAXXZ
- ?NewNodeVariant@CList@@IEAAPEAXK@Z
- ?Next@CList@@UEBAPEAXQEAX@Z
- ?Next@CLockList@@UEBAPEAXQEAX@Z
- ?Next@CNoLockList@@UEBAPEAXQEAX@Z
- ?NextPool@CMemoryPoolAllocator@@QEAAPEAV1@XZ
- ?NotityTerminate@CWorkerThread@@QEAAXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QEAAJP6AXPEAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QEAAJP6AXPEAX@Z0E1@Z
- ?Pulse@CKEvent@@QEAAJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QEAAEPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SAPEAV1@XZ
- ?Read@CFile@@QEAAJPEADKPEAK@Z
- ?ReadWIRP@CFile@@QEAAJPEADKPEAK@Z
- ?ReferenceCount@CContext@@QEAAAEAKXZ
- ?Release@CLockEvent@@QEAAXXZ
- ?Remove@CContextList@@UEAAEQEAX@Z
- ?Remove@CList@@UEAAEQEAX@Z
- ?Remove@CLockList@@UEAAEQEAX@Z
- ?Remove@CNoLockList@@UEAAEQEAX@Z
- ?RemoveHead@CList@@UEAAPEAXXZ
- ?RemoveHead@CLockList@@UEAAPEAXXZ
- ?RemoveHead@CNoLockList@@UEAAPEAXXZ
- ?RemoveTail@CList@@UEAAPEAXXZ
- ?RemoveTail@CLockList@@UEAAPEAXXZ
- ?RemoveTail@CNoLockList@@UEAAPEAXXZ
- ?Reset@CKEvent@@QEAAXXZ
- ?ResetData@CInclusionExtConfig@@QEAAXXZ
- ?ResetData@CInclusionFileNameConfig@@QEAAXXZ
- ?ResetData@CInclusionFilePathConfig@@QEAAXXZ
- ?ResetData@CInclusionFolderConfig@@QEAAXXZ
- ?RestoreCR0@@YAXPEAX@Z
- ?Run@CAutoUpdateConfigThread@@UEAAXXZ
- ?Run@CDelayLoadThread@@UEAAXXZ
- ?Run@CWorkerThread@@UEAAXXZ
- ?SeekToEnd@CFile@@QEAAJXZ
- ?Set@CKEvent@@QEAAJJE@Z
- ?SetAttributes@CFile@@QEAAJK@Z
- ?SetBlobCofig@CContext@@UEAAJKPEAXK@Z
- ?SetData@CBlobConfig@@QEAAHPEAXK@Z
- ?SetData@CModuleFileExtConfig@@QEAAHPEBG@Z
- ?SetData@CModuleFlagConfig@@QEAAHK@Z
- ?SetData@CModuleMultiStringConfig@@QEAAHPEBGK@Z
- ?SetData@CModuleStringConfig@@QEAAHPEBG@Z
- ?SetEngineContext@CContext@@QEAAXPEAX@Z
- ?SetFileExtensionConfig@CContext@@UEAAJKPEBG@Z
- ?SetFlagConfig@CContext@@UEAAJKK@Z
- ?SetLinkContext@CContext@@QEAAXPEAX@Z
- ?SetLogFlag@CDebugLog@@QEAAEK@Z
- ?SetLogFlag@CDebugLogEx@@QEAAEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QEAAXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QEAAXE@Z
- ?SetMultiStringConfig@CContext@@UEAAJKPEBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QEAAXXZ
- ?SetPriority@CSystemThread@@QEAAXK@Z
- ?SetStopUse@CContext@@QEAAXXZ
- ?SetStringConfig@CContext@@UEAAJKPEBG@Z
- ?Setup@CSystemThread@@MEAAXXZ
- ?StopUse@CContext@@QEAAHXZ
- ?TearDown@CSystemThread@@MEAAXXZ
- ?Terminate@CSystemThread@@QEAAXE@Z
- ?Terminate@CWorkerThreadPool@@QEAAEXZ
- ?Terminate@CWorkerThreadPoolEx@@QEAAEXZ
- ?TmExceptionFilter@@YAJPEAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QEAAJPEAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QEAAXXZ
- ?WaitForInit@CDelayLoadThread@@QEAAEXZ
- ?WaitForLoad@CDelayLoadThread@@QEAAEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QEAAEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QEAAXXZ
- ?Write@CDebugLog@@QEAAXPEBDZZ
- ?Write@CDebugLogEx@@QEAAXPEBDZZ
- ?Write@CFile@@QEAAJPEADKPEAT_LARGE_INTEGER@@PEAK@Z
- ?WriteDataToFile@CDebugLogEx@@IEAAXPEADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IEAAXPEAD@Z
- ?WriteSystemInformation@CDebugLog@@QEAAXXZ
- ?WriteSystemInformation@CDebugLogEx@@QEAAXXZ
- ?WriteSystemStringInformation@CDebugLog@@IEAAXPEBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IEAAXPEBG@Z
- ?WriteToFile@CDebugLog@@IEAAXPEADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IEAAXPEAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?_pPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?m_lpInstance@CWorkerThreadPool@@1PEAV1@EA
- ?m_lpRCMInstance@CWorkerThreadPool@@1PEAV1@EA
- AllocFullFileName
- DeInitKm2UmCommunication
- DeInitKmLPC
- DuplicateFullFileName
- FreeFullFileName
- GetKm2UmMode
- GetModuleInfoByAddress
- GetModuleInfoByModuleName
- InitKm2UmCommunication
- InitKmLPC
- IsVerifierCodeCheckFlagOn
- IsWindows8_1_update
- KmCallUm
- KmCallUmByLPC
- KmCallUmEx
- KmCleanupCommPortAPIs
- KmGetUmInitProcess
- KmSetBackupCommPortAPIs
- KmSetCommPortAPIs
- ModGetExportProcAddress
- ModLoadDLLToBuffer
- ModLoadDLLToBufferWithImageSize
- ModLoadModule
- ModUnLoadModule
- NormalizeFileName
- NormalizeFullNtPathToDosName
- TmCommConfigRoutine
- UtilAddDeviceInDriveTable
- UtilAddReparsePointMapping
- UtilCleanFileReadOnly
- UtilCloseExclusiveHandle
- UtilCreateDosFileName
- UtilDeleteFileForce
- UtilGetDeviceObjectName
- UtilGetFileNameFromFileObject
- UtilGetFileObjectForProcessByEPROC
- UtilGetFileObjectFromFileName
- UtilGetProcessName
- UtilGetSystemDirectory
- UtilGetSystemDirectoryEx
- UtilGetSystemDirectoryLength
- UtilGetSystemTime
- UtilIoSetFileInfo
- UtilIopCreateFileIRP
- UtilKeGetLowFileDevice
- UtilModuleIATHook
- UtilModuleIATUnHook
- UtilPostJobToWorkerThread
- UtilQueryExclusiveHandle
- UtilQueryKeyValue
- UtilRemoveDeviceFromDriveTable
- UtilVolumeDeviceToDosName
- UtilWaitValueChangeToZero
- UtilWriteVersionToRegistry
- UtilbuildDynamicDiskMappingTable
- UtlWriteBinValueKeyToRegistry
- ValidateAddressWithSize
- _ResetProtectFromClose
- _UtilDosPathNameToNtPathName
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- .gfids
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 0ea0fe4dfb74cc64bc32143103c27c8b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e93e004baa6013b41135ac0648e29d5b |
| ToBeSigned (TBS) SHA1 | dc91e26674d4b627319c700d3ebb1a6cf83d358e |
| ToBeSigned (TBS) SHA256 | 0d20335edb166a303411548471bee6f301c8b4f7f7e453d09c15303de2c888d7 |
| Subject | C=TW, L=Taipei, O=Trend Micro, Inc., OU=Taipei, TW, CN=Trend Micro, Inc. |
| ValidFrom | 2019-07-12 00:00:00 |
| ValidTo | 2020-07-10 12:00:00 |
| Signature | 5c08ae5d586a4751195382d6889dc2fc500e7c39c641e1a58def8d923e12b754e2cc35720cc8d3d29382980debf7d98fcc17d764187126dd07c134fdbb96dd44fe8a40195df6f6acd1881fa5ba2921dadceb3f64422344672834813916bbdf317533cf6aaf3317d78197d7d6c560ad681de135f39e2d4ad345b7fe491162660a5462c6075fd725382df1e6e6bc3a4c443be778f79b07f181082e38150ca28ab932f99e4bc4185dc5b3b6edf22c187fdfd84e23a21e7da1989837f43b89aa172e6b34dbcb297bffd511a1d1c100b25e0e921f622a0845e23317f9fec83659ca21c241800683e0dd66ce4d042a8aefc4142b5923a6fa93ee72c48e8dc04c13b4b0 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0ea0fe4dfb74cc64bc32143103c27c8b |
| Version | 3 |
Certificate 61204db4000000000027
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 8e3ffc222fbcebdbb8b23115ab259be7 |
| ToBeSigned (TBS) SHA1 | ee20bff28ffe13be731c294c90d6ded5aae0ec0e |
| ToBeSigned (TBS) SHA256 | 59826b69bc8c28118c96323b627da59aaca0b142cc5d8bad25a8fcfd399aa821 |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA |
| ValidFrom | 2011-04-15 19:45:33 |
| ValidTo | 2021-04-15 19:55:33 |
| Signature | 208cc159ed6f9c6b2dc14a3e751d454c41501cbd80ead9b0928b062a133f53169e56396a8a63b6782479f57db8b947a10a96c2f6cbbda2669f06e1acd279090efd3cdcac020c70af3f1bec787ed4eb4b056026d973619121edb06863e09712ab6fa012edd99fd2da273cb3e456f9d1d4810f71bd427ca689dccdd5bd95a2abf193117de8ac3129a85d6670419dfc75c9d5b31a392ad08505508bac91cac493cb71a59da4946f580cfa6e20c40831b5859d7e81f9d23dca5b18856c0a86ec22091ba574344f7f28bc954aab1db698b05d09a477767eefa78e5d84f61824cbd16da6c3a19cc2107580ff9d32fde6cf433a82f7ce8fe1722a9b62b75fed951a395c2f946d48b7015f332fbbdc2d73348904420a1c8b79f9a3fa17effaa11a10dfe0b2c195eb5c0c05973b353e18884ddb6cbf24898dc8bdd89f7b393a24a0d5dfd1f34a1a97f6a66f7a1fb090a9b3ac013991d361b764f13e573803afce7ad2b590f5aedc3999d5b63c97eda6cb16c77d6b2a4c9094e64c54fd1ecd20ecce689c8758e96160beeb0ec9d5197d9fe978bd0eac2175078fa96ee08c6a2a6b9ce3e765bcbc2d3c6ddc04dc67453632af0481bca8006e614c95c55cd48e8e9f2fc13274bdbd11650307cdefb75e0257da86d41a2834af8849b2cfa5dd82566f68aa14e25954feffeaeeefea9270226081e32523c09fcc0f49b235aa58c33ac3d9169410 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 61204db4000000000027 |
| Version | 3 |
Certificate 03019a023aff58b16bd6d5eae617f066
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | a752afee44f017e8d74e3f3eb7914ae3 |
| ToBeSigned (TBS) SHA1 | 8eca80a6b80e9c69dcef7745748524afb8019e2d |
| ToBeSigned (TBS) SHA256 | 82560fa7efec30b5ff82af643e6f3bf3d46868bbd5e7d76f93db185e9e3553a1 |
| Subject | C=US, O=DigiCert, CN=DigiCert Timestamp Responder |
| ValidFrom | 2014-10-22 00:00:00 |
| ValidTo | 2024-10-22 00:00:00 |
| Signature | 9d257e1b334db226815c9b86ce23200f8087e588ffffb1d46a2c31ed3a17197117cda91bbc5a1639009de36c84e45a40fbde06018c37fa9bb19d247efe20a457ad5bb79ab06026ea6957215d342f1f71b0839419056b359010a07b97c7f63fe7e21141a6bd62d9f0273d381d286f3a5209f0ec7062d3624bb0e073a692c0d38e31d82fe36d171306eee403b614abf38f43a7719d21dd14ca155d9241daf90f81d199740d26c40e7f1bb5f5a0f1c677062815e9d893e55516f0bb0aab1cdb5c482766c8a38b0a1ce595daaec42e59a061dddaf36da261e98a0b6dec1218bdf755544003922b6bc251c20a48afb0d46ee0f4140a3a1be38f3dcaaf6a8d7bdcd844 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 03019a023aff58b16bd6d5eae617f066 |
| Version | 3 |
Certificate 02c4d1e58a4a680c568da3047e7e4d5f
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 829995f702421dea833a24fb2c7f4442 |
| ToBeSigned (TBS) SHA1 | 1d7e838accd498c2e5ba9373af819ec097bb955c |
| ToBeSigned (TBS) SHA256 | 92914d016cc46e125e50c4bd0bd7f72db87eed4ba68f3c589b4e86aa563108db |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance Code Signing CA,1 |
| ValidFrom | 2011-02-11 12:00:00 |
| ValidTo | 2026-02-10 12:00:00 |
| Signature | 49eb7c60beaeefc97cb3c5ba4b64df1669e286fa29d9de98857d406626332f4455aaaa90e935700a34bed3ae542e8e6500d67a32203e6c26b898a939b1bc95c7aae9f5ee4666c6b3e812f8b3979dff74588234997550ac448fe892ce7d8b0f3196c7dcd31130987416c6e56b4576a39401cd33007a48f66f8631c9562b3322d5f801b644ce8cb4ca88d2e416e3e7f6e23ee109c09d7943437f555c05ad9310c62c0d6bc09eea78e5d277d6b8da9a987fba4c922b9dbda488b1ddafc34cd2979b03c6ae5f1b440f333715e3cbff2f56d316a45b55679da2cadb346c0c734ab57ba4b6b3e935027870ec007acbfc4b4f2236bb1484c98f91dd0f3c758cca0b88e7 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 02c4d1e58a4a680c568da3047e7e4d5f |
| Version | 3 |
Certificate 06fdf9039603adea000aeb3f27bbba1b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 4e5ad189638cf52ba9cd881d4d44668c |
| ToBeSigned (TBS) SHA1 | cdc115e98d798b33904c820d63cc1e1afc19251d |
| ToBeSigned (TBS) SHA256 | 37560fb9d548ab62cc3ed4669a4ab74828b5a108e67e829937ffb2d10a5f78dd |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID CA,1 |
| ValidFrom | 2006-11-10 00:00:00 |
| ValidTo | 2021-11-10 00:00:00 |
| Signature | 46503ec9b72824a7381db65b29af52cf52e93147ab565c7bd50d0b41b3efec751f7438f2b25c61a29c95c350e482b923d1ba3a8672ad3878ac755d1717347247859456d1ebbb368477cc24a5f3041955a9e7e3e7ab62cdfb8b2d90c2c0d2b594bd5e4fb105d20e3d1aa9145ba6863162a8a833e49b39a7c4f5ce1d7876942573e42aabcf9c764bed5fc24b16e44b704c00891efcc579bc4c1257fe5fe11ebc025da8fefb07384f0dc65d91b90f6745cdd683ede7920d8db1698c4ffb59e0230fd2aaae007cee9c420ecf91d727b716ee0fc3bd7c0aa0ee2c08558522b8eb181a4dfc2a21ad49318347957771dcb11b4b4b1c109c7714c19d4f2f5a9508291026 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 06fdf9039603adea000aeb3f27bbba1b |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- KePulseEvent
- KeClearEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- IoGetCurrentProcess
- ObfReferenceObject
- DbgBreakPoint
- ZwRequestWaitReplyPort
- ExFreePoolWithTag
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- PsGetProcessExitTime
- MmSectionObjectType
- PsThreadType
- ObReleaseObjectSecurity
- SeReleaseSubjectContext
- SeAccessCheck
- SeCaptureSubjectContext
- ObGetObjectSecurity
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- ExAllocatePoolWithTag
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- PsGetCurrentThreadId
- RtlInitAnsiString
- ZwDeviceIoControlFile
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- _vsnprintf
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- RtlPrefixUnicodeString
- ExGetPreviousMode
- KeWaitForSingleObject
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeDelayExecutionThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- IoFileObjectType
- KeSetEvent
- ZwQuerySecurityObject
- ZwSetSecurityObject
- RtlLengthSecurityDescriptor
- MmHighestUserAddress
- IoFreeIrp
- _purecall
- MmUnlockPages
- IoBuildAsynchronousFsdRequest
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ObQueryNameString
- MmGetSystemRoutineAddress
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- RtlImageNtHeader
- RtlCompareMemory
- RtlUpcaseUnicodeString
- _snwprintf
- MmSystemRangeStart
- wcsncmp
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- _allmul
- KeReleaseSemaphore
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- KeInitializeSemaphore
- IoGetDeviceObjectPointer
- IofCompleteRequest
- ExEventObjectType
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- RtlUpperChar
- ObReferenceObjectByName
- IoDriverObjectType
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- NtQueryInformationProcess
- PsIsThreadTerminating
- KeAddSystemServiceTable
- ZwFsControlFile
- ObInsertObject
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- wcsstr
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- wcschr
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsrchr
- memcpy
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- _allrem
- ExAcquireFastMutexUnsafe
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- IoFreeMdl
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- KeAcquireQueuedSpinLock
- KeReleaseQueuedSpinLock
- ExAcquireFastMutex
- ExReleaseFastMutex
- KeGetCurrentIrql
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDebugLogEx@@QAE@ABV0@@Z
- ??0CDebugLogEx@@QAE@K@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z01@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0CWorkerThreadPoolEx@@QAE@ABV0@@Z
- ??0CWorkerThreadPoolEx@@QAE@KK@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDebugLogEx@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1CWorkerThreadPoolEx@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDebugLogEx@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MAEXXZ
- ?FinishIt@CWorkerThreadJob@@QAEJXZ
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetLogFlag@CDebugLogEx@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitProcMon@CDebugLogEx@@IAEXXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QAEJP6GXPAX@Z0E1@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReadWIRP@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetLogFlag@CDebugLogEx@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?Terminate@CWorkerThreadPoolEx@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QAEXXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CDebugLogEx@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteDataToFile@CDebugLogEx@@IAEXPADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IAEXPAD@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemInformation@CDebugLogEx@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IAEXPAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKm2UmCommunication@0
- _DeInitKmLPC@0
- _DuplicateFullFileName@4
- _FreeFullFileName@4
- _GetFileVersionOfNtoskrnl@16
- _GetKm2UmMode@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKm2UmCommunication@8
- _InitKmLPC@0
- _IsWindows8_1_update@4
- _KmCallUm@8
- _KmCallUmByLPC@8
- _KmCallUmEx@12
- _KmCleanupCommPortAPIs@0
- _KmGetUmInitProcess@0
- _KmSetCommPortAPIs@4
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilAddReparsePointMapping@8
- _UtilCleanFileReadOnly@4
- _UtilCloseExclusiveHandle@12
- _UtilCreateDosFileName@8
- _UtilDeleteFileForce@4
- _UtilGetDeviceObjectName@8
- _UtilGetFileNameFromFileObject@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilPostJobToWorkerThread@12
- _UtilQueryExclusiveHandle@12
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- _ValidateAddressWithSize@20
- __ResetProtectFromClose@4
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 4d6290e58c54f0f1eb17341a1310e6a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b7d8444a70054990435f35a5630df5e1 |
| ToBeSigned (TBS) SHA1 | 4678c6e4a8787a8e6ed2bce8792b122f6c08afd8 |
| ToBeSigned (TBS) SHA256 | 0a8b4b359ea7890b358e56e436e9cfc6f32b037b2599b597ca7f7a80d475ec98 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-09-30 00:00:00 |
| ValidTo | 2014-01-01 23:59:59 |
| Signature | aedd211d5f8f807ad25209eadb6ed25d8be8c21b6904be51a5010e59fa37d174a3eedced89742b62d5a6bf4fad361754f013e0a345d24c26cbe26da21fd01e7a070fb6b37b6f5068a2e931b3b7997d8070a0a7de0b1ea4fff34d811bdd20c91cc4afcff18ffad9da95f0ecdc5cbfe88c5a3e7ab0a3eb59437411e09b1a6af36f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4d6290e58c54f0f1eb17341a1310e6a4 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 24e3d70b86ed54d0b22c3450b960984e
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 8ddf6d6623a3f10024af513804bb606d |
| ToBeSigned (TBS) SHA1 | 4daedaec405b6dfefce005517e230b2419ad08bc |
| ToBeSigned (TBS) SHA256 | 54894db2dab64a4991b4deab1a3415d4ea0d9905711af3b67242a0568d799b95 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=RD, CN=Trend Micro, Inc. |
| ValidFrom | 2011-01-31 00:00:00 |
| ValidTo | 2012-02-16 23:59:59 |
| Signature | 5ae5a2abcc8bbf832dd651a0cb396ee5af87305e67d20288d6d830699286ce0b1b3ec77c732d80564e6a482461bda52329dc301ec6286011fe60413c97f4207bf675a71460365e9d917b19d7b5e7c49ff035a5488f8fc703a61512b1588cb6fc8ceef0f6353d47c66a5edbef40e53197431ada77acef71cca7db0dbaa88d02355af0a62a7901e91bc8c59ad48b4ecfd67f137023601c308691ad14d6859c9d6b28c6a3e15314e55832cea94793436a5610bbe5f0901cedc6796c9ca53b5d55f79974cd6be7093bba119675614c1654139096e506c3fb92460d45879bdbc196bd833ae4dc31da6e14130df14a20c05615db7ea7e25aa0fe59801ec30a56501e56 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 24e3d70b86ed54d0b22c3450b960984e |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
- SCSIPORT.SYS
Imported Functions
Expand
- KeWaitForSingleObject
- KeReleaseSemaphore
- KeStackAttachProcess
- KeUnstackDetachProcess
- RtlSubAuthoritySid
- RtlInitializeSid
- ExAllocatePoolWithTag
- RtlLengthRequiredSid
- ExFreePoolWithTag
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwRequestWaitReplyPort
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- ObfReferenceObject
- IoGetCurrentProcess
- DbgBreakPoint
- PsGetProcessExitTime
- MmSectionObjectType
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- PsGetCurrentThreadId
- _vsnprintf
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- KeDelayExecutionThread
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ExGetPreviousMode
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- MmHighestUserAddress
- IoFreeIrp
- IoFreeMdl
- MmUnlockPages
- KeInitializeSemaphore
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- RtlEqualUnicodeString
- IoFileObjectType
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- MmGetSystemRoutineAddress
- RtlCopyUnicodeString
- RtlCompareMemory
- _snwprintf
- RtlImageNtHeader
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlInitAnsiString
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- ObQueryNameString
- IoBuildDeviceIoControlRequest
- IofCompleteRequest
- ExEventObjectType
- _allmul
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- RtlUpperChar
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- IoDriverObjectType
- RtlAppendUnicodeStringToString
- NtQueryInformationProcess
- PsIsThreadTerminating
- PsThreadType
- KeAddSystemServiceTable
- ZwQueryObject
- ZwQuerySecurityObject
- ObInsertObject
- _allrem
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- RtlUpcaseUnicodeString
- ObCreateObject
- _allshr
- MmUnmapIoSpace
- MmGetPhysicalAddress
- MmFreeContiguousMemory
- MmAllocateContiguousMemory
- MmMapIoSpace
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- KeClearEvent
- KePulseEvent
- KeSetEvent
- wcsrchr
- memcpy
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- wcschr
- RtlAbsoluteToSelfRelativeSD
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- ExAcquireFastMutexUnsafe
- _purecall
- IoBuildAsynchronousFsdRequest
- KeGetCurrentThread
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- ExReleaseFastMutex
- ExAcquireFastMutex
- ClassInitialize
- ScsiPortReadPortBufferUshort
- ScsiPortReadPortUchar
- ScsiPortWritePortUchar
- ScsiPortStallExecution
- ScsiPortWritePortBufferUshort
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z0@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBG@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForReady@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKmLPC@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKmLPC@0
- _KmCallUm@8
- _KmCallUmEx@12
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilCleanFileReadOnly@4
- _UtilDeleteFileForce@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 4191a15a3978dfcf496566381d4c75c2
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 41011f8d0e7c7a6408334ca387914c61 |
| ToBeSigned (TBS) SHA1 | c7fc1727f5b75a6421a1f95c73bbdb23580c48e5 |
| ToBeSigned (TBS) SHA256 | 88dd3952638ee82738c03168e6fd863fe4eab1059ee5e2926ad8cb587c255dc0 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)04, CN=VeriSign Class 3 Code Signing 2004 CA |
| ValidFrom | 2004-07-16 00:00:00 |
| ValidTo | 2014-07-15 23:59:59 |
| Signature | ae3a17b84a7b55fa6455ec40a4ed494190999c89bcaf2e1dca7823f91c190f7feb68bc32d98838dedc3fd389b43fb18296f1a45abaed2e26d3de7c016e000a00a4069211480940f91c1879672324e0bbd5e150ae1bf50edde02e81cd80a36c524f9175558aba22f2d2ea4175882f63557d1e545a9559cad93481c05f5ef67ab5 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4191a15a3978dfcf496566381d4c75c2 |
| Version | 3 |
Certificate 645212f783f4d7aba3555729e99ce065
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e00f0a38c65f7c0b9f19b97448d6a0e3 |
| ToBeSigned (TBS) SHA1 | 91c033a2f289418c4101654dceacef1b25bb55d0 |
| ToBeSigned (TBS) SHA256 | 38b3fcbdb734b0e3439f3c9a3c4c1712091f577d2b616d41224137faf7ba7c86 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=RD, CN=Trend Micro, Inc. |
| ValidFrom | 2008-01-16 00:00:00 |
| ValidTo | 2011-02-16 23:59:59 |
| Signature | 5a693868cea6ba49064b801a0d9e12887a37cbb92cca2950cc5e99c2df9aec5697422e67cd042836daf09a09e739f625255841fed1ec9657cb8b3edc08c55c302574cbdb3f7de2798ed769d766402619b48041f9d90f8c904488788412b1c632055e1afc4a5bbac642cb626bd20fece0feaa6cf9b287887788cf64586309a14a644b5f0595c0ddcb7d789831faedb48451e40e342da4ccbc38a5e992e57e7ce5328d531a8c68e61f9dc9be65605c1bedf3358579000b91a19b3be388bac36b58ca76b72358bd8e74e0a7b08b0587bb7a29758c01af40b80e8e72c76abd3a2babfe7c1ed6e7b1cd9b0221a605062b6d9d0ceb57e0eb305fdc5eb5bf6ea442f4c9 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 645212f783f4d7aba3555729e99ce065 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- ExReleaseFastMutexUnsafe
- wcsncpy
- memcpy
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeInitializeSemaphore
- KeWaitForSingleObject
- DbgPrint
- KeReleaseSemaphore
- RtlSubAuthoritySid
- RtlInitializeSid
- ExAllocatePoolWithTag
- RtlLengthRequiredSid
- ExFreePoolWithTag
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- KeUnstackDetachProcess
- ZwRequestWaitReplyPort
- memmove
- KeStackAttachProcess
- ZwConnectPort
- RtlInitUnicodeString
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- ObfReferenceObject
- IoGetCurrentProcess
- memset
- MmIsAddressValid
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- PsGetCurrentThreadId
- _vsnprintf
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeNumberProcessors
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwOpenDirectoryObject
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ExGetPreviousMode
- ZwTerminateProcess
- ObOpenObjectByPointer
- PsProcessType
- KeLeaveCriticalRegion
- ZwQueryKey
- ZwSetValueKey
- MmHighestUserAddress
- IoFreeIrp
- IoFreeMdl
- MmUnlockPages
- _purecall
- ProbeForWrite
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- KeDelayExecutionThread
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- RtlEqualUnicodeString
- IoFileObjectType
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- PsGetVersion
- MmGetSystemRoutineAddress
- RtlCompareMemory
- RtlCopyUnicodeString
- RtlImageNtHeader
- PsLookupProcessByProcessId
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlInitAnsiString
- strrchr
- KeBugCheckEx
- RtlAppendUnicodeStringToString
- IofCompleteRequest
- ExEventObjectType
- _allmul
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- ProbeForRead
- IoGetDeviceObjectPointer
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- RtlUpperChar
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObReferenceObjectByPointer
- MmSectionObjectType
- ObQueryNameString
- ObOpenObjectByName
- IoDriverObjectType
- NtQueryInformationProcess
- _snwprintf
- ZwAllocateVirtualMemory
- ZwFreeVirtualMemory
- KeAddSystemServiceTable
- ZwQueryObject
- ZwQuerySecurityObject
- ObInsertObject
- _allrem
- IoBuildDeviceIoControlRequest
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- _allshr
- KeTickCount
- RtlUnwind
- KeEnterCriticalRegion
- ZwOpenProcess
- ExAcquireFastMutexUnsafe
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- wcschr
- RtlAbsoluteToSelfRelativeSD
- IoBuildAsynchronousFsdRequest
- KeGetCurrentThread
- KfLowerIrql
- KeRaiseIrqlToDpcLevel
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z0@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFBCallBackRoutine@CContext@@QAEKXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBG@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKmLPC@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKmLPC@0
- _KmCallUm@8
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilCleanFileReadOnly@4
- _UtilDeleteFileForce@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilQueryKeyValue@24
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 0ea0fe4dfb74cc64bc32143103c27c8b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e93e004baa6013b41135ac0648e29d5b |
| ToBeSigned (TBS) SHA1 | dc91e26674d4b627319c700d3ebb1a6cf83d358e |
| ToBeSigned (TBS) SHA256 | 0d20335edb166a303411548471bee6f301c8b4f7f7e453d09c15303de2c888d7 |
| Subject | C=TW, L=Taipei, O=Trend Micro, Inc., OU=Taipei, TW, CN=Trend Micro, Inc. |
| ValidFrom | 2019-07-12 00:00:00 |
| ValidTo | 2020-07-10 12:00:00 |
| Signature | 5c08ae5d586a4751195382d6889dc2fc500e7c39c641e1a58def8d923e12b754e2cc35720cc8d3d29382980debf7d98fcc17d764187126dd07c134fdbb96dd44fe8a40195df6f6acd1881fa5ba2921dadceb3f64422344672834813916bbdf317533cf6aaf3317d78197d7d6c560ad681de135f39e2d4ad345b7fe491162660a5462c6075fd725382df1e6e6bc3a4c443be778f79b07f181082e38150ca28ab932f99e4bc4185dc5b3b6edf22c187fdfd84e23a21e7da1989837f43b89aa172e6b34dbcb297bffd511a1d1c100b25e0e921f622a0845e23317f9fec83659ca21c241800683e0dd66ce4d042a8aefc4142b5923a6fa93ee72c48e8dc04c13b4b0 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0ea0fe4dfb74cc64bc32143103c27c8b |
| Version | 3 |
Certificate 61204db4000000000027
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 8e3ffc222fbcebdbb8b23115ab259be7 |
| ToBeSigned (TBS) SHA1 | ee20bff28ffe13be731c294c90d6ded5aae0ec0e |
| ToBeSigned (TBS) SHA256 | 59826b69bc8c28118c96323b627da59aaca0b142cc5d8bad25a8fcfd399aa821 |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA |
| ValidFrom | 2011-04-15 19:45:33 |
| ValidTo | 2021-04-15 19:55:33 |
| Signature | 208cc159ed6f9c6b2dc14a3e751d454c41501cbd80ead9b0928b062a133f53169e56396a8a63b6782479f57db8b947a10a96c2f6cbbda2669f06e1acd279090efd3cdcac020c70af3f1bec787ed4eb4b056026d973619121edb06863e09712ab6fa012edd99fd2da273cb3e456f9d1d4810f71bd427ca689dccdd5bd95a2abf193117de8ac3129a85d6670419dfc75c9d5b31a392ad08505508bac91cac493cb71a59da4946f580cfa6e20c40831b5859d7e81f9d23dca5b18856c0a86ec22091ba574344f7f28bc954aab1db698b05d09a477767eefa78e5d84f61824cbd16da6c3a19cc2107580ff9d32fde6cf433a82f7ce8fe1722a9b62b75fed951a395c2f946d48b7015f332fbbdc2d73348904420a1c8b79f9a3fa17effaa11a10dfe0b2c195eb5c0c05973b353e18884ddb6cbf24898dc8bdd89f7b393a24a0d5dfd1f34a1a97f6a66f7a1fb090a9b3ac013991d361b764f13e573803afce7ad2b590f5aedc3999d5b63c97eda6cb16c77d6b2a4c9094e64c54fd1ecd20ecce689c8758e96160beeb0ec9d5197d9fe978bd0eac2175078fa96ee08c6a2a6b9ce3e765bcbc2d3c6ddc04dc67453632af0481bca8006e614c95c55cd48e8e9f2fc13274bdbd11650307cdefb75e0257da86d41a2834af8849b2cfa5dd82566f68aa14e25954feffeaeeefea9270226081e32523c09fcc0f49b235aa58c33ac3d9169410 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 61204db4000000000027 |
| Version | 3 |
Certificate 03019a023aff58b16bd6d5eae617f066
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | a752afee44f017e8d74e3f3eb7914ae3 |
| ToBeSigned (TBS) SHA1 | 8eca80a6b80e9c69dcef7745748524afb8019e2d |
| ToBeSigned (TBS) SHA256 | 82560fa7efec30b5ff82af643e6f3bf3d46868bbd5e7d76f93db185e9e3553a1 |
| Subject | C=US, O=DigiCert, CN=DigiCert Timestamp Responder |
| ValidFrom | 2014-10-22 00:00:00 |
| ValidTo | 2024-10-22 00:00:00 |
| Signature | 9d257e1b334db226815c9b86ce23200f8087e588ffffb1d46a2c31ed3a17197117cda91bbc5a1639009de36c84e45a40fbde06018c37fa9bb19d247efe20a457ad5bb79ab06026ea6957215d342f1f71b0839419056b359010a07b97c7f63fe7e21141a6bd62d9f0273d381d286f3a5209f0ec7062d3624bb0e073a692c0d38e31d82fe36d171306eee403b614abf38f43a7719d21dd14ca155d9241daf90f81d199740d26c40e7f1bb5f5a0f1c677062815e9d893e55516f0bb0aab1cdb5c482766c8a38b0a1ce595daaec42e59a061dddaf36da261e98a0b6dec1218bdf755544003922b6bc251c20a48afb0d46ee0f4140a3a1be38f3dcaaf6a8d7bdcd844 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 03019a023aff58b16bd6d5eae617f066 |
| Version | 3 |
Certificate 02c4d1e58a4a680c568da3047e7e4d5f
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 829995f702421dea833a24fb2c7f4442 |
| ToBeSigned (TBS) SHA1 | 1d7e838accd498c2e5ba9373af819ec097bb955c |
| ToBeSigned (TBS) SHA256 | 92914d016cc46e125e50c4bd0bd7f72db87eed4ba68f3c589b4e86aa563108db |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance Code Signing CA,1 |
| ValidFrom | 2011-02-11 12:00:00 |
| ValidTo | 2026-02-10 12:00:00 |
| Signature | 49eb7c60beaeefc97cb3c5ba4b64df1669e286fa29d9de98857d406626332f4455aaaa90e935700a34bed3ae542e8e6500d67a32203e6c26b898a939b1bc95c7aae9f5ee4666c6b3e812f8b3979dff74588234997550ac448fe892ce7d8b0f3196c7dcd31130987416c6e56b4576a39401cd33007a48f66f8631c9562b3322d5f801b644ce8cb4ca88d2e416e3e7f6e23ee109c09d7943437f555c05ad9310c62c0d6bc09eea78e5d277d6b8da9a987fba4c922b9dbda488b1ddafc34cd2979b03c6ae5f1b440f333715e3cbff2f56d316a45b55679da2cadb346c0c734ab57ba4b6b3e935027870ec007acbfc4b4f2236bb1484c98f91dd0f3c758cca0b88e7 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 02c4d1e58a4a680c568da3047e7e4d5f |
| Version | 3 |
Certificate 06fdf9039603adea000aeb3f27bbba1b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 4e5ad189638cf52ba9cd881d4d44668c |
| ToBeSigned (TBS) SHA1 | cdc115e98d798b33904c820d63cc1e1afc19251d |
| ToBeSigned (TBS) SHA256 | 37560fb9d548ab62cc3ed4669a4ab74828b5a108e67e829937ffb2d10a5f78dd |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID CA,1 |
| ValidFrom | 2006-11-10 00:00:00 |
| ValidTo | 2021-11-10 00:00:00 |
| Signature | 46503ec9b72824a7381db65b29af52cf52e93147ab565c7bd50d0b41b3efec751f7438f2b25c61a29c95c350e482b923d1ba3a8672ad3878ac755d1717347247859456d1ebbb368477cc24a5f3041955a9e7e3e7ab62cdfb8b2d90c2c0d2b594bd5e4fb105d20e3d1aa9145ba6863162a8a833e49b39a7c4f5ce1d7876942573e42aabcf9c764bed5fc24b16e44b704c00891efcc579bc4c1257fe5fe11ebc025da8fefb07384f0dc65d91b90f6745cdd683ede7920d8db1698c4ffb59e0230fd2aaae007cee9c420ecf91d727b716ee0fc3bd7c0aa0ee2c08558522b8eb181a4dfc2a21ad49318347957771dcb11b4b4b1c109c7714c19d4f2f5a9508291026 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 06fdf9039603adea000aeb3f27bbba1b |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- KePulseEvent
- KeClearEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- IoGetCurrentProcess
- ObfReferenceObject
- DbgBreakPoint
- ZwRequestWaitReplyPort
- ExFreePoolWithTag
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- PsGetProcessExitTime
- MmSectionObjectType
- PsThreadType
- MmGetSystemRoutineAddress
- ObReleaseObjectSecurity
- SeReleaseSubjectContext
- SeAccessCheck
- SeCaptureSubjectContext
- ObGetObjectSecurity
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- ExAllocatePoolWithTag
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- PsGetCurrentThreadId
- RtlInitAnsiString
- ZwDeviceIoControlFile
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- _vsnprintf
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- ExGetPreviousMode
- KeWaitForSingleObject
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeDelayExecutionThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- IoFileObjectType
- _allrem
- KeSetEvent
- ZwSetSecurityObject
- RtlLengthSecurityDescriptor
- MmHighestUserAddress
- IoFreeIrp
- _purecall
- MmUnlockPages
- IoBuildAsynchronousFsdRequest
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ObQueryNameString
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- RtlImageNtHeader
- RtlCompareMemory
- RtlUpcaseUnicodeString
- _snwprintf
- MmSystemRangeStart
- wcsncmp
- RtlCompareUnicodeString
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- _allmul
- KeReleaseSemaphore
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- KeInitializeSemaphore
- IoGetDeviceObjectPointer
- IofCompleteRequest
- ExEventObjectType
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- RtlUpperChar
- ObReferenceObjectByName
- IoDriverObjectType
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- NtQueryInformationProcess
- PsIsThreadTerminating
- KeAddSystemServiceTable
- ZwQueryObject
- ZwFsControlFile
- ObInsertObject
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- wcsstr
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- RtlFreeAnsiString
- RtlUnicodeStringToAnsiString
- strncat
- wcschr
- wcsncat
- wcstombs
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsrchr
- memcpy
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- ZwQuerySecurityObject
- ExAcquireFastMutexUnsafe
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- IoFreeMdl
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- KeAcquireQueuedSpinLock
- KeReleaseQueuedSpinLock
- ExAcquireFastMutex
- ExReleaseFastMutex
- KeGetCurrentIrql
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDebugLogEx@@QAE@ABV0@@Z
- ??0CDebugLogEx@@QAE@K@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z01@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0CWorkerThreadPoolEx@@QAE@ABV0@@Z
- ??0CWorkerThreadPoolEx@@QAE@KK@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDebugLogEx@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1CWorkerThreadPoolEx@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDebugLogEx@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MAEXXZ
- ?FinishIt@CWorkerThreadJob@@QAEJXZ
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetLogFlag@CDebugLogEx@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitProcMon@CDebugLogEx@@IAEXXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QAEJP6GXPAX@Z0E1@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReadWIRP@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetLogFlag@CDebugLogEx@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?Terminate@CWorkerThreadPoolEx@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QAEXXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CDebugLogEx@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteDataToFile@CDebugLogEx@@IAEXPADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IAEXPAD@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemInformation@CDebugLogEx@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IAEXPAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKm2UmCommunication@0
- _DeInitKmLPC@0
- _DuplicateFullFileName@4
- _FreeFullFileName@4
- _GetFileVersionOfNtoskrnl@16
- _GetKm2UmMode@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKm2UmCommunication@8
- _InitKmLPC@0
- _IsVerifierCodeCheckFlagOn@0
- _IsWindows8_1_update@4
- _KmCallUm@8
- _KmCallUmByLPC@8
- _KmCallUmEx@12
- _KmCleanupCommPortAPIs@0
- _KmGetUmInitProcess@0
- _KmSetCommPortAPIs@4
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilAddReparsePointMapping@8
- _UtilCleanFileReadOnly@4
- _UtilCloseExclusiveHandle@12
- _UtilCreateDosFileName@8
- _UtilDeleteFileForce@4
- _UtilGetDeviceObjectName@8
- _UtilGetFileNameFromFileObject@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilPostJobToWorkerThread@12
- _UtilQueryExclusiveHandle@12
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- _ValidateAddressWithSize@20
- __ResetProtectFromClose@4
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 4191a15a3978dfcf496566381d4c75c2
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 41011f8d0e7c7a6408334ca387914c61 |
| ToBeSigned (TBS) SHA1 | c7fc1727f5b75a6421a1f95c73bbdb23580c48e5 |
| ToBeSigned (TBS) SHA256 | 88dd3952638ee82738c03168e6fd863fe4eab1059ee5e2926ad8cb587c255dc0 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)04, CN=VeriSign Class 3 Code Signing 2004 CA |
| ValidFrom | 2004-07-16 00:00:00 |
| ValidTo | 2014-07-15 23:59:59 |
| Signature | ae3a17b84a7b55fa6455ec40a4ed494190999c89bcaf2e1dca7823f91c190f7feb68bc32d98838dedc3fd389b43fb18296f1a45abaed2e26d3de7c016e000a00a4069211480940f91c1879672324e0bbd5e150ae1bf50edde02e81cd80a36c524f9175558aba22f2d2ea4175882f63557d1e545a9559cad93481c05f5ef67ab5 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4191a15a3978dfcf496566381d4c75c2 |
| Version | 3 |
Certificate 645212f783f4d7aba3555729e99ce065
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e00f0a38c65f7c0b9f19b97448d6a0e3 |
| ToBeSigned (TBS) SHA1 | 91c033a2f289418c4101654dceacef1b25bb55d0 |
| ToBeSigned (TBS) SHA256 | 38b3fcbdb734b0e3439f3c9a3c4c1712091f577d2b616d41224137faf7ba7c86 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=RD, CN=Trend Micro, Inc. |
| ValidFrom | 2008-01-16 00:00:00 |
| ValidTo | 2011-02-16 23:59:59 |
| Signature | 5a693868cea6ba49064b801a0d9e12887a37cbb92cca2950cc5e99c2df9aec5697422e67cd042836daf09a09e739f625255841fed1ec9657cb8b3edc08c55c302574cbdb3f7de2798ed769d766402619b48041f9d90f8c904488788412b1c632055e1afc4a5bbac642cb626bd20fece0feaa6cf9b287887788cf64586309a14a644b5f0595c0ddcb7d789831faedb48451e40e342da4ccbc38a5e992e57e7ce5328d531a8c68e61f9dc9be65605c1bedf3358579000b91a19b3be388bac36b58ca76b72358bd8e74e0a7b08b0587bb7a29758c01af40b80e8e72c76abd3a2babfe7c1ed6e7b1cd9b0221a605062b6d9d0ceb57e0eb305fdc5eb5bf6ea442f4c9 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 645212f783f4d7aba3555729e99ce065 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- ExReleaseFastMutexUnsafe
- wcsncpy
- memcpy
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeInitializeSemaphore
- KeWaitForSingleObject
- KeReleaseSemaphore
- KeStackAttachProcess
- KeUnstackDetachProcess
- RtlSubAuthoritySid
- RtlInitializeSid
- ExAllocatePoolWithTag
- RtlLengthRequiredSid
- ExFreePoolWithTag
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwRequestWaitReplyPort
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- ObfReferenceObject
- IoGetCurrentProcess
- PsGetProcessExitTime
- DbgPrint
- memset
- MmIsAddressValid
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- PsGetCurrentThreadId
- _vsnprintf
- MmMapLockedPagesSpecifyCache
- MmBuildMdlForNonPagedPool
- MmCreateMdl
- MmUnmapLockedPages
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeNumberProcessors
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwOpenDirectoryObject
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- KeLeaveCriticalRegion
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ExGetPreviousMode
- ZwTerminateProcess
- _purecall
- ZwQueryKey
- ZwSetValueKey
- IoFreeIrp
- IoFreeMdl
- MmUnlockPages
- IoBuildAsynchronousFsdRequest
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- KeDelayExecutionThread
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- PsLookupProcessByProcessId
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- RtlEqualUnicodeString
- IoFileObjectType
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- MmGetSystemRoutineAddress
- RtlCopyUnicodeString
- RtlCompareMemory
- _snwprintf
- RtlImageNtHeader
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlInitAnsiString
- strrchr
- KeBugCheckEx
- RtlAppendUnicodeStringToString
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- ObQueryNameString
- IofCompleteRequest
- ExEventObjectType
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- RtlUpperChar
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- MmSectionObjectType
- ObOpenObjectByName
- IoDriverObjectType
- NtQueryInformationProcess
- KeAddSystemServiceTable
- ZwQueryObject
- ZwQuerySecurityObject
- ObInsertObject
- _allrem
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- KeTickCount
- RtlUnwind
- KeEnterCriticalRegion
- ZwEnumerateKey
- ExAcquireFastMutexUnsafe
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- wcschr
- RtlAbsoluteToSelfRelativeSD
- ZwOpenProcess
- KeGetCurrentThread
- KfLowerIrql
- KeRaiseIrqlToDpcLevel
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z0@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBG@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKmLPC@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKmLPC@0
- _KmCallUm@8
- _MapMem@12
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UnMapMem@8
- _UtilCleanFileReadOnly@4
- _UtilDeleteFileForce@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilQueryKeyValue@24
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 33000000b5213fca1e4aa03de40000000000b5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | a0dd89c33c4973bf6758331e200fb6de |
| ToBeSigned (TBS) SHA1 | 65ff7fa429c0f08f8a8bf30509e8ca2919d9edb5 |
| ToBeSigned (TBS) SHA256 | 29a7b646af062aee3bf37d1ba190211365116db7d7aa4cb87ba268843262ae47 |
| Subject | C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Hardware Compatibility Publisher |
| ValidFrom | 2020-12-15 22:15:33 |
| ValidTo | 2021-12-02 22:15:33 |
| Signature | 0d2d53cd15a8feddcb17e2df1bf7dc1aef21e98c6cd220f58b593824849c134a0f1add59ce42ef80ddf47860273013604d9568ec5894a797bd4e571432a9aaf10ab04dd1c038b26ab7c5ca3a9c88d009267fab56254525546a0a055fb37b9cd8029c7d501809fc8b11482c7a4347b3ad29f35427c9570e87117db52cc94864259274b9e2e758f918a3af1fdb9f9d40ffa3ae2e2ae012fb97a436258642a2a4223dc6690db88103a6e5220646bd8afb3d12eb894ac28b527396a1965408487f6ab878b3c474b8c960842861ae8e799a3d2a8d6f918f50f8e26bb1ed6ced47be36e447574e8568582964ff31cd288b9c7f8d7e6a46d6c3d92f5c101fe1522a720c |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.11 |
| IsCertificateAuthority | False |
| SerialNumber | 33000000b5213fca1e4aa03de40000000000b5 |
| Version | 3 |
Certificate 610baac1000000000009
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | a569061297e8e824767dbc3184a69bea |
| ToBeSigned (TBS) SHA1 | adbb26a587a8f44b4fccaecb306f980d1c55a150 |
| ToBeSigned (TBS) SHA256 | cec1afd0e310c55c1dcc601ab8e172917706aa32fb5eaf826813547fdf02dd46 |
| Subject | C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Third Party Component CA 2012 |
| ValidFrom | 2012-04-18 23:48:38 |
| ValidTo | 2027-04-18 23:58:38 |
| Signature | 5a8a67daccd5fd0d264177bf0a4678b4b3de12692b7723c2652f015fd203f461ba509d2e8c3972f36c3e6ab11e766decb7f382dcccbbc56970287366173f54ebee011648c446d91b80ae813a8d0f796d68b09eea2d3f39d3ca387ebd5e7c086e19dcc6c2f438336861e2524783e1000156d2bacb878205310a418b4ee77f5f5fed5fd3392d45eba213bffd1ec298417161165fc80a70257c59693124e471e70abb0417f79f721ec9d2bb1abe3d02fe090cb243b4591a99539396215fe0d6b72601429536ac27fdbef48577683d18bdf4be98882211865216f345ec0397107087a37043713cdbc98603170cf5735bc67de15c64edd7c548d7ed32e2d1aad3cfa7f6574e61f977eb67f288b3de00da038fd08a34373e1dd862b8d2b1f3e12f8b723b81967c6ffcec667672601b24f2a0896d5b6d002eef28dd868705c2b4b9e5be64c22af24a155c98e2c42785ff52e3627e0fb2020bd766c70ab2d33d200414503259830a7d9bed5a38120152ba2f5e20728e4af1fde771028c3be107bec973f4dd47d8b4efb4a4b330b9893e76cab90098567eabea8ab8a5d038ab6977130b142fe9aa411ff7babd3a2b348aee0aab63e663f788248e200d2b3b9de3c24952ac9f1f0e393b5dd46e506ae67d523aaa7c3315290d265e0158a74ea93d7a846f743f609fe4324f3600af6d71d33ea646655f8174f1fec171da4ca0415a82ddf11f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.11 |
| IsCertificateAuthority | True |
| SerialNumber | 610baac1000000000009 |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- KeLeaveCriticalRegion
- wcsncpy
- KeEnterCriticalRegion
- ExAcquireFastMutexUnsafe
- wcsrchr
- ExAcquireResourceSharedLite
- ExReleaseResourceLite
- _purecall
- ZwOpenEvent
- ZwConnectPort
- KeClearEvent
- PsProcessType
- ExFreePoolWithTag
- RtlInitUnicodeString
- KeSetEvent
- ProbeForWrite
- KeUnstackDetachProcess
- ZwRequestWaitReplyPort
- ZwWaitForSingleObject
- DbgBreakPoint
- ZwSetEvent
- IoGetCurrentProcess
- ZwFreeVirtualMemory
- ZwClose
- ObfReferenceObject
- ObfDereferenceObject
- RtlUnicodeStringToInteger
- ZwCreateSection
- ObOpenObjectByPointer
- KeStackAttachProcess
- KePulseEvent
- ZwAllocateVirtualMemory
- ObGetObjectSecurity
- SeAccessCheck
- SeReleaseSubjectContext
- SeCaptureSubjectContext
- PsThreadType
- ObReleaseObjectSecurity
- PsGetProcessExitTime
- MmSectionObjectType
- DbgPrint
- ExDeleteResourceLite
- ExInitializeResourceLite
- ZwReadFile
- swprintf
- ZwSetInformationFile
- ZwCreateFile
- ZwQueryInformationFile
- ZwWriteFile
- _wcsnicmp
- towupper
- ExAllocatePoolWithTag
- KeInitializeEvent
- ZwCreateEvent
- ZwCreateKey
- RtlAnsiStringToUnicodeString
- ZwNotifyChangeKey
- RtlInitAnsiString
- _snprintf
- RtlFreeUnicodeString
- ExSystemTimeToLocalTime
- _vsnprintf
- ObReferenceObjectByHandle
- RtlTimeToTimeFields
- ZwDeviceIoControlFile
- PsGetCurrentThreadId
- PsGetCurrentProcessId
- KeWaitForMultipleObjects
- ExGetPreviousMode
- RtlEqualUnicodeString
- RtlPrefixUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- KeWaitForSingleObject
- KeSetPriorityThread
- PsCreateSystemThread
- PsTerminateSystemThread
- MmIsAddressValid
- KeDelayExecutionThread
- KeNumberProcessors
- PsLookupProcessByProcessId
- PsSetCreateProcessNotifyRoutine
- ZwOpenDirectoryObject
- ZwQueryInformationProcess
- ZwQuerySecurityObject
- NtSetInformationFile
- ZwDeleteValueKey
- ZwSetValueKey
- ZwQuerySystemInformation
- NtQueryInformationFile
- IoFileObjectType
- ZwQueryValueKey
- ZwQueryDirectoryFile
- NtCreateFile
- ZwEnumerateValueKey
- RtlLengthSecurityDescriptor
- ZwQueryDirectoryObject
- ZwSetSecurityObject
- ZwDuplicateObject
- ZwOpenProcess
- ExReleaseFastMutexUnsafe
- ZwDeleteKey
- ZwEnumerateKey
- ZwQueryKey
- ZwOpenKey
- MmSystemRangeStart
- _stricmp
- _strnicmp
- mbstowcs
- ProbeForRead
- RtlUpcaseUnicodeString
- _snwprintf
- ZwQuerySymbolicLinkObject
- ZwMapViewOfSection
- MmGetSystemRoutineAddress
- RtlAppendUnicodeToString
- IoCreateFile
- RtlQueryRegistryValues
- MmBuildMdlForNonPagedPool
- ZwOpenSymbolicLinkObject
- IoFreeMdl
- ObQueryNameString
- ZwUnmapViewOfSection
- NtClose
- IoFreeIrp
- PsGetVersion
- IoAllocateIrp
- RtlCompareMemory
- MmUnlockPages
- ZwSetInformationObject
- ZwOpenFile
- wcsncmp
- RtlImageNtHeader
- IoAllocateMdl
- IofCallDriver
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- RtlSubAuthoritySid
- RtlLengthRequiredSid
- ExReleaseFastMutex
- ExAcquireFastMutex
- RtlCreateAcl
- RtlSetDaclSecurityDescriptor
- RtlAddAccessAllowedAce
- KeInitializeSemaphore
- KeReleaseSemaphore
- RtlInitializeSid
- RtlCreateSecurityDescriptor
- IoDeleteSymbolicLink
- IoDeleteDevice
- IoGetDeviceObjectPointer
- ExEventObjectType
- IofCompleteRequest
- IoCreateSymbolicLink
- ObOpenObjectByName
- NtQueryInformationProcess
- strncpy
- NtOpenProcess
- ObInsertObject
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- KeAcquireQueuedSpinLock
- KeReleaseQueuedSpinLock
- IoReleaseVpbSpinLock
- wcschr
- IoGetConfigurationInformation
- IoRegisterPlugPlayNotification
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- KeReleaseSpinLock
- ExpInterlockedPopEntrySList
- FsRtlIsNameInExpression
- wcsstr
- ExAllocatePool
- IoUnregisterPlugPlayNotification
- MmProbeAndLockPages
- RtlCompareUnicodeString
- IoGetDeviceInterfaces
- KeAcquireSpinLockRaiseToDpc
- KeBugCheckEx
- IoCreateDevice
- IoDeviceObjectType
- SeCaptureSecurityDescriptor
- RtlAbsoluteToSelfRelativeSD
- IoIsWdmVersionAvailable
- SeExports
- RtlLengthSid
- RtlGetSaclSecurityDescriptor
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- ZwTerminateProcess
- ExAcquireResourceExclusiveLite
- __C_specific_handler
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QEAA@AEBV0@@Z
- ??0CAutoUpdateConfigThread@@QEAA@PEAU_UNICODE_STRING@@P6AX0PEAX@Z1@Z
- ??0CBlobConfig@@QEAA@AEBV0@@Z
- ??0CBlobConfig@@QEAA@K@Z
- ??0CContext@@QEAA@AEBV0@@Z
- ??0CContext@@QEAA@KP6AJPEAU_EVENT_REPORT@@PEAXPEAU_TMCE_REPORT@@PEAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QEAA@AEBV0@@Z
- ??0CContextList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QEAA@AEBV0@@Z
- ??0CDebugLog@@QEAA@PEBG@Z
- ??0CDebugLogEx@@QEAA@AEBV0@@Z
- ??0CDebugLogEx@@QEAA@K@Z
- ??0CDelayLoadThread@@QEAA@AEBV0@@Z
- ??0CDelayLoadThread@@QEAA@XZ
- ??0CExclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CExclusionExtConfig@@QEAA@KKE@Z
- ??0CExclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFileNameConfig@@QEAA@KK@Z
- ??0CExclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFilePathConfig@@QEAA@KK@Z
- ??0CExclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFolderConfig@@QEAA@KK@Z
- ??0CExclusionRegistryConfig@@QEAA@AEBV0@@Z
- ??0CExclusionRegistryConfig@@QEAA@KK@Z
- ??0CFile@@QEAA@AEBV0@@Z
- ??0CFile@@QEAA@E@Z
- ??0CFileExtension@@QEAA@AEBV0@@Z
- ??0CFileExtension@@QEAA@KEEPEAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CInclusionExtConfig@@QEAA@KKE@Z
- ??0CInclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFileNameConfig@@QEAA@KK@Z
- ??0CInclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFilePathConfig@@QEAA@KK@Z
- ??0CInclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFolderConfig@@QEAA@KK@Z
- ??0CKEvent@@QEAA@AEBV0@@Z
- ??0CKEvent@@QEAA@W4_EVENT_TYPE@@E@Z
- ??0CList@@QEAA@AEBV0@@Z
- ??0CList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QEAA@AEBV0@@Z
- ??0CLockEvent@@QEAA@XZ
- ??0CLockList@@QEAA@AEBV0@@Z
- ??0CLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IEAA@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QEAA@AEBV0@@Z
- ??0CMemoryPoolAllocator@@IEAA@W4_POOL_TYPE@@_K1K@Z
- ??0CMemoryPoolAllocator@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@XZ
- ??0CModuleConfigList@@QEAA@AEBV0@@Z
- ??0CModuleConfigList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QEAA@AEBV0@@Z
- ??0CModuleFileExtConfig@@QEAA@KKE@Z
- ??0CModuleFlagConfig@@QEAA@AEBV0@@Z
- ??0CModuleFlagConfig@@QEAA@K@Z
- ??0CModuleMultiStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleMultiStringConfig@@QEAA@KK@Z
- ??0CModuleStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleStringConfig@@QEAA@K@Z
- ??0CNoLockList@@QEAA@AEBV0@@Z
- ??0CNoLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QEAA@AEAVCLockEvent@@@Z
- ??0CSmartLock@@QEAA@XZ
- ??0CSmartReference@@QEAA@AEAJ@Z
- ??0CSmartReference@@QEAA@AEAK@Z
- ??0CSmartResource@@QEAA@AEAVCResource@@E@Z
- ??0CStrList@@QEAA@AEBV0@@Z
- ??0CStrList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QEAA@AEBV0@@Z
- ??0CSystemThread@@QEAA@K@Z
- ??0CUserFuncAdapterJob@@QEAA@AEBV0@@Z
- ??0CUserFuncAdapterJob@@QEAA@P6AXPEAX@Z01@Z
- ??0CWorkerThread@@IEAA@PEAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@E@Z
- ??0CWorkerThreadJobQueue@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJobQueue@@QEAA@K@Z
- ??0CWorkerThreadPool@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPool@@QEAA@K@Z
- ??0CWorkerThreadPoolEx@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPoolEx@@QEAA@KK@Z
- ??0IMemoryAllocator@@QEAA@AEBV0@@Z
- ??0IMemoryAllocator@@QEAA@XZ
- ??1CAutoUpdateConfigThread@@UEAA@XZ
- ??1CBlobConfig@@UEAA@XZ
- ??1CContext@@UEAA@XZ
- ??1CContextList@@UEAA@XZ
- ??1CDebugLog@@UEAA@XZ
- ??1CDebugLogEx@@UEAA@XZ
- ??1CDelayLoadThread@@UEAA@XZ
- ??1CExclusionExtConfig@@UEAA@XZ
- ??1CExclusionFileNameConfig@@UEAA@XZ
- ??1CExclusionFilePathConfig@@UEAA@XZ
- ??1CExclusionFolderConfig@@UEAA@XZ
- ??1CExclusionRegistryConfig@@UEAA@XZ
- ??1CFile@@UEAA@XZ
- ??1CFileExtension@@UEAA@XZ
- ??1CInclusionExtConfig@@UEAA@XZ
- ??1CInclusionFileNameConfig@@UEAA@XZ
- ??1CInclusionFilePathConfig@@UEAA@XZ
- ??1CInclusionFolderConfig@@UEAA@XZ
- ??1CKEvent@@UEAA@XZ
- ??1CList@@UEAA@XZ
- ??1CLockEvent@@UEAA@XZ
- ??1CLockList@@UEAA@XZ
- ??1CMemoryAllocator@@UEAA@XZ
- ??1CMemoryPoolAllocator@@UEAA@XZ
- ??1CModuleConfig@@UEAA@XZ
- ??1CModuleConfigList@@UEAA@XZ
- ??1CModuleFileExtConfig@@UEAA@XZ
- ??1CModuleFlagConfig@@UEAA@XZ
- ??1CModuleMultiStringConfig@@UEAA@XZ
- ??1CModuleStringConfig@@UEAA@XZ
- ??1CNoLockList@@UEAA@XZ
- ??1CSmartLock@@QEAA@XZ
- ??1CSmartReference@@QEAA@XZ
- ??1CSmartResource@@QEAA@XZ
- ??1CStrList@@UEAA@XZ
- ??1CSystemThread@@UEAA@XZ
- ??1CUserFuncAdapterJob@@UEAA@XZ
- ??1CWorkerThread@@UEAA@XZ
- ??1CWorkerThreadJob@@UEAA@XZ
- ??1CWorkerThreadJobQueue@@UEAA@XZ
- ??1CWorkerThreadPool@@UEAA@XZ
- ??1CWorkerThreadPoolEx@@UEAA@XZ
- ??1IMemoryAllocator@@UEAA@XZ
- ??2@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??2CMemoryAllocator@@SAPEAX_K@Z
- ??2CMemoryPoolAllocator@@SAPEAX_K@Z
- ??3@YAXPEAX@Z
- ??3IMemoryAllocator@@SAXPEAX@Z
- ??4CAutoUpdateConfigThread@@QEAAAEAV0@AEBV0@@Z
- ??4CBlobConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CContext@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLog@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLogEx@@QEAAAEAV0@AEBV0@@Z
- ??4CDelayLoadThread@@QEAAAEAV0@AEBV0@@Z
- ??4CFile@@QEAAAEAV0@AEBV0@@Z
- ??4CKEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CLockEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryPoolAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleFlagConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleStringConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEBV0@AEAVCLockEvent@@@Z
- ??4CSmartResource@@QEAAAEAV0@AEBV0@@Z
- ??4CSystemThread@@QEAAAEAV0@AEBV0@@Z
- ??4CUserFuncAdapterJob@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThread@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThreadJob@@QEAAAEAV0@AEBV0@@Z
- ??4IMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QEAAXXZ
- ??_FCFile@@QEAAXXZ
- ??_FCFileExtension@@QEAAXXZ
- ??_FCModuleConfigList@@QEAAXXZ
- ??_FCStrList@@QEAAXXZ
- ??_FCSystemThread@@QEAAXXZ
- ??_FCWorkerThread@@QEAAXXZ
- ??_FCWorkerThreadJob@@QEAAXXZ
- ??_FCWorkerThreadJobQueue@@QEAAXXZ
- ??_U@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??_V@YAXPEAX@Z
- ?Acquire@CLockEvent@@QEAAXXZ
- ?Add@CContextList@@QEAAEPEAVCContext@@@Z
- ?Add@CFileExtension@@QEAAEPEBGK@Z
- ?Add@CModuleConfigList@@QEAAEPEAVCModuleConfig@@@Z
- ?Add@CStrList@@QEAAEPEBG@Z
- ?AddNode@CLockList@@UEAAEQEAXE@Z
- ?AddNode@CNoLockList@@UEAAEQEAXE@Z
- ?Alloc@CMemoryAllocator@@UEAAPEAX_KPEBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UEAAPEAX_KPEBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IEAAPEAX_K@Z
- ?AttachJobQueue@CWorkerThread@@QEAAXPEAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QEAAXXZ
- ?CheckNode@CLockList@@UEAAHQEAX@Z
- ?CheckNode@CNoLockList@@UEAAHQEAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QEAAXXZ
- ?Cleanup@CBlobConfig@@AEAAXXZ
- ?Cleanup@CModuleFileExtConfig@@IEAAXXZ
- ?Cleanup@CModuleMultiStringConfig@@IEAAXXZ
- ?Cleanup@CModuleStringConfig@@AEAAXXZ
- ?Close@CFile@@QEAAJXZ
- ?Count@CLockList@@QEAAKXZ
- ?Count@CNoLockList@@QEAAKXZ
- ?Create@CFile@@QEAAJPEBGKKKK@Z
- ?Create@CSystemThread@@QEAAEXZ
- ?CreateInstance@CMemoryAllocator@@SAPEAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SAPEAV1@W4_POOL_TYPE@@_K1K@Z
- ?CreatePool@CWorkerThreadPool@@QEAAEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QEAAEXZ
- ?CreateThreads@CWorkerThreadPool@@QEAAEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QEAAEK@Z
- ?CreateWIRP@CFile@@QEAAJPEBGKKKK@Z
- ?Delete@CFile@@QEAAJXZ
- ?Delete@CFileExtension@@QEAAEPEBGK@Z
- ?Delete@CStrList@@QEAAEPEBG@Z
- ?DeleteAll@CList@@UEAAXXZ
- ?DeleteAll@CLockList@@UEAAXXZ
- ?DeleteAll@CNoLockList@@UEAAXXZ
- ?DeleteNode@CContextList@@MEAAXPEAX@Z
- ?DeleteNode@CList@@UEAAXPEAX@Z
- ?DeleteNode@CModuleConfigList@@MEAAXPEAX@Z
- ?DeleteNode@CStrList@@EEAAXPEAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YAXPEAPEAX@Z
- ?DoIt@CWorkerThreadJob@@QEAAJXZ
- ?EntryPoint@CSystemThread@@KAXPEAX@Z
- ?Find@CContextList@@QEAAPEAVCContext@@K@Z
- ?Find@CContextList@@QEAAPEAVCContext@@PEAX@Z
- ?Find@CFileExtension@@QEAAPEAU_STR_LIST_NODE@CStrList@@PEBGK@Z
- ?Find@CModuleConfigList@@QEAAPEAVCModuleConfig@@K@Z
- ?Find@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FindNode@CContextList@@IEAAPEAXPEAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?FinishIt@CWorkerThreadJob@@QEAAJXZ
- ?First@CList@@UEAAPEAXXZ
- ?First@CLockList@@UEAAPEAXXZ
- ?First@CNoLockList@@UEAAPEAXXZ
- ?Free@CMemoryAllocator@@UEAAXPEAX@Z
- ?Free@CMemoryPoolAllocator@@UEAAXPEAX@Z
- ?GetAttributes@CFile@@QEAAKXZ
- ?GetBasicInfomration@CFile@@IEAAJXZ
- ?GetBlobCofig@CContext@@UEAAJKPEAXPEAK@Z
- ?GetCategory@CContext@@QEAAKXZ
- ?GetData@CBlobConfig@@QEAAHPEAXPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAPEAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QEAAKXZ
- ?GetData@CModuleMultiStringConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleMultiStringConfig@@QEAAPEAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QEAAPEAGXZ
- ?GetData@CStrList@@QEAAEPEAGPEAK@Z
- ?GetDataType@CModuleConfig@@QEAAKXZ
- ?GetEngineContext@CContext@@QEAAPEAXXZ
- ?GetFileExtensionConfig@CContext@@QEAAPEAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetFileSize@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UEAAJKPEAK@Z
- ?GetID@CModuleConfig@@QEAAKXZ
- ?GetJob@CWorkerThreadJobQueue@@QEAAPEAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QEAAKXZ
- ?GetLinkContext@CContext@@QEAAPEAXXZ
- ?GetLogFlag@CDebugLog@@QEAAKXZ
- ?GetLogFlag@CDebugLogEx@@QEAAKXZ
- ?GetModuleId@CModuleConfig@@QEAAKXZ
- ?GetMultiStringConfig@CContext@@QEAAPEAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QEAA_KXZ
- ?GetSize@CBlobConfig@@QEAAKXZ
- ?GetStringConfig@CContext@@QEAAPEAGK@Z
- ?GetStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QEAAKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QEAAKXZ
- ?GetThreadID@CSystemThread@@QEAA_KXZ
- ?GetType@CContext@@QEAAKXZ
- ?GetUserParameter@CContext@@QEAA_KXZ
- ?InitProcMon@CDebugLogEx@@IEAAXXZ
- ?InitializeBlobConfig@CContext@@QEAAHKPEAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeFlagConfig@CContext@@QEAAHKK@Z
- ?InitializeMultiStringConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeStringConfig@CContext@@QEAAHKPEBG@Z
- ?Insert@CList@@UEAAXQEAXE@Z
- ?Insert@CLockList@@UEAAXQEAXE@Z
- ?Insert@CNoLockList@@UEAAXQEAXE@Z
- ?InsertAfter@CList@@UEAAXPEAX0@Z
- ?InsertBefore@CList@@UEAAXPEAX0@Z
- ?Instance@CWorkerThreadPool@@SAPEAV1@XZ
- ?IsEmpty@CList@@UEAAEXZ
- ?IsEmpty@CLockList@@UEAAEXZ
- ?IsEmpty@CNoLockList@@UEAAEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IEAAEK@Z
- ?IsFull@CLockList@@QEBAEXZ
- ?IsFull@CNoLockList@@QEBAEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QEAAEPEBG@Z
- ?IsOpened@CFile@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPool@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QEAAEXZ
- ?IsValid@CMemoryAllocator@@UEAAEXZ
- ?IsValid@CMemoryPoolAllocator@@UEAAEXZ
- ?IsValid@IMemoryAllocator@@UEAAEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QEAAE_K@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QEAAE_K@Z
- ?JobFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?JobQueue@CWorkerThreadPool@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QEAAKXZ
- ?Limit@CNoLockList@@QEAAKXZ
- ?MatchAllExtensions@CFileExtension@@QEAAEXZ
- ?MatchNoExtensions@CFileExtension@@QEAAEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?NeedDelete@CWorkerThreadJob@@QEAAEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QEAAXE@Z
- ?NewNode@CList@@UEAAPEAXXZ
- ?NewNode@CStrList@@EEAAPEAXXZ
- ?NewNodeVariant@CList@@IEAAPEAXK@Z
- ?Next@CList@@UEBAPEAXQEAX@Z
- ?Next@CLockList@@UEBAPEAXQEAX@Z
- ?Next@CNoLockList@@UEBAPEAXQEAX@Z
- ?NextPool@CMemoryPoolAllocator@@QEAAPEAV1@XZ
- ?NotityTerminate@CWorkerThread@@QEAAXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QEAAJP6AXPEAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QEAAJP6AXPEAX@Z0E1@Z
- ?Pulse@CKEvent@@QEAAJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QEAAEPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SAPEAV1@XZ
- ?Read@CFile@@QEAAJPEADKPEAK@Z
- ?ReadWIRP@CFile@@QEAAJPEADKPEAK@Z
- ?ReferenceCount@CContext@@QEAAAEAKXZ
- ?Release@CLockEvent@@QEAAXXZ
- ?Remove@CContextList@@UEAAEQEAX@Z
- ?Remove@CList@@UEAAEQEAX@Z
- ?Remove@CLockList@@UEAAEQEAX@Z
- ?Remove@CNoLockList@@UEAAEQEAX@Z
- ?RemoveHead@CList@@UEAAPEAXXZ
- ?RemoveHead@CLockList@@UEAAPEAXXZ
- ?RemoveHead@CNoLockList@@UEAAPEAXXZ
- ?RemoveTail@CList@@UEAAPEAXXZ
- ?RemoveTail@CLockList@@UEAAPEAXXZ
- ?RemoveTail@CNoLockList@@UEAAPEAXXZ
- ?Reset@CKEvent@@QEAAXXZ
- ?ResetData@CInclusionExtConfig@@QEAAXXZ
- ?ResetData@CInclusionFileNameConfig@@QEAAXXZ
- ?ResetData@CInclusionFilePathConfig@@QEAAXXZ
- ?ResetData@CInclusionFolderConfig@@QEAAXXZ
- ?RestoreCR0@@YAXPEAX@Z
- ?Run@CAutoUpdateConfigThread@@UEAAXXZ
- ?Run@CDelayLoadThread@@UEAAXXZ
- ?Run@CWorkerThread@@UEAAXXZ
- ?SeekToEnd@CFile@@QEAAJXZ
- ?Set@CKEvent@@QEAAJJE@Z
- ?SetAttributes@CFile@@QEAAJK@Z
- ?SetBlobCofig@CContext@@UEAAJKPEAXK@Z
- ?SetData@CBlobConfig@@QEAAHPEAXK@Z
- ?SetData@CModuleFileExtConfig@@QEAAHPEBG@Z
- ?SetData@CModuleFlagConfig@@QEAAHK@Z
- ?SetData@CModuleMultiStringConfig@@QEAAHPEBGK@Z
- ?SetData@CModuleStringConfig@@QEAAHPEBG@Z
- ?SetEngineContext@CContext@@QEAAXPEAX@Z
- ?SetFileExtensionConfig@CContext@@UEAAJKPEBG@Z
- ?SetFlagConfig@CContext@@UEAAJKK@Z
- ?SetLinkContext@CContext@@QEAAXPEAX@Z
- ?SetLogFlag@CDebugLog@@QEAAEK@Z
- ?SetLogFlag@CDebugLogEx@@QEAAEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QEAAXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QEAAXE@Z
- ?SetMultiStringConfig@CContext@@UEAAJKPEBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QEAAXXZ
- ?SetPriority@CSystemThread@@QEAAXK@Z
- ?SetStopUse@CContext@@QEAAXXZ
- ?SetStringConfig@CContext@@UEAAJKPEBG@Z
- ?Setup@CSystemThread@@MEAAXXZ
- ?StopUse@CContext@@QEAAHXZ
- ?TearDown@CSystemThread@@MEAAXXZ
- ?Terminate@CSystemThread@@QEAAXE@Z
- ?Terminate@CWorkerThreadPool@@QEAAEXZ
- ?Terminate@CWorkerThreadPoolEx@@QEAAEXZ
- ?TmExceptionFilter@@YAJPEAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QEAAJPEAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QEAAXXZ
- ?WaitForInit@CDelayLoadThread@@QEAAEXZ
- ?WaitForLoad@CDelayLoadThread@@QEAAEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QEAAEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QEAAXXZ
- ?Write@CDebugLog@@QEAAXPEBDZZ
- ?Write@CDebugLogEx@@QEAAXPEBDZZ
- ?Write@CFile@@QEAAJPEADKPEAT_LARGE_INTEGER@@PEAK@Z
- ?WriteDataToFile@CDebugLogEx@@IEAAXPEADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IEAAXPEAD@Z
- ?WriteSystemInformation@CDebugLog@@QEAAXXZ
- ?WriteSystemInformation@CDebugLogEx@@QEAAXXZ
- ?WriteSystemStringInformation@CDebugLog@@IEAAXPEBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IEAAXPEBG@Z
- ?WriteToFile@CDebugLog@@IEAAXPEADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IEAAXPEAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?_pPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?m_lpInstance@CWorkerThreadPool@@1PEAV1@EA
- ?m_lpRCMInstance@CWorkerThreadPool@@1PEAV1@EA
- DeInitKm2UmCommunication
- DeInitKmLPC
- DuplicateFullFileName
- FreeFullFileName
- GetFileVersionOfNtoskrnl
- GetKm2UmMode
- GetModuleInfoByAddress
- GetModuleInfoByModuleName
- InitKm2UmCommunication
- InitKmLPC
- IsWindows8_1_update
- KmCallUm
- KmCallUmByLPC
- KmCallUmEx
- KmCleanupCommPortAPIs
- KmGetUmInitProcess
- KmSetCommPortAPIs
- ModGetExportProcAddress
- ModLoadDLLToBuffer
- ModLoadDLLToBufferWithImageSize
- ModLoadModule
- ModUnLoadModule
- NormalizeFileName
- NormalizeFileName1
- NormalizeFullNtPathToDosName
- NormalizeFullNtPathToDosName1
- TmCommConfigRoutine
- UtilAddDeviceInDriveTable
- UtilAddReparsePointMapping
- UtilCleanFileReadOnly
- UtilCloseExclusiveHandle
- UtilCreateDosFileName
- UtilDeleteFileForce
- UtilGetDeviceObjectName
- UtilGetFileNameFromFileObject
- UtilGetFileObjectForProcessByEPROC
- UtilGetFileObjectFromFileName
- UtilGetProcessName
- UtilGetSystemDirectory
- UtilGetSystemDirectoryEx
- UtilGetSystemDirectoryLength
- UtilGetSystemTime
- UtilIoSetFileInfo
- UtilIopCreateFileIRP
- UtilKeGetLowFileDevice
- UtilModuleIATHook
- UtilModuleIATUnHook
- UtilPostJobToWorkerThread
- UtilQueryExclusiveHandle
- UtilQueryKeyValue
- UtilRemoveDeviceFromDriveTable
- UtilVolumeDeviceToDosName
- UtilWaitValueChangeToZero
- UtilWriteVersionToRegistry
- UtilbuildDynamicDiskMappingTable
- UtlWriteBinValueKeyToRegistry
- ValidateAddressWithSize
- _ResetProtectFromClose
- _UtilDosPathNameToNtPathName
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 79a2a585f9d1154213d9b83ef6b68ded
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e6d820afb23af20a65cf0b03247ea05e |
| ToBeSigned (TBS) SHA1 | 7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7 |
| ToBeSigned (TBS) SHA256 | 7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3 |
| ValidFrom | 2012-05-01 00:00:00 |
| ValidTo | 2012-12-31 23:59:59 |
| Signature | 1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 79a2a585f9d1154213d9b83ef6b68ded |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 4d6290e58c54f0f1eb17341a1310e6a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b7d8444a70054990435f35a5630df5e1 |
| ToBeSigned (TBS) SHA1 | 4678c6e4a8787a8e6ed2bce8792b122f6c08afd8 |
| ToBeSigned (TBS) SHA256 | 0a8b4b359ea7890b358e56e436e9cfc6f32b037b2599b597ca7f7a80d475ec98 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-09-30 00:00:00 |
| ValidTo | 2014-01-01 23:59:59 |
| Signature | aedd211d5f8f807ad25209eadb6ed25d8be8c21b6904be51a5010e59fa37d174a3eedced89742b62d5a6bf4fad361754f013e0a345d24c26cbe26da21fd01e7a070fb6b37b6f5068a2e931b3b7997d8070a0a7de0b1ea4fff34d811bdd20c91cc4afcff18ffad9da95f0ecdc5cbfe88c5a3e7ab0a3eb59437411e09b1a6af36f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4d6290e58c54f0f1eb17341a1310e6a4 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 6326c00ead256b6837eeb29b5ee84720
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 11b208a45459069f827186fe81c6badd |
| ToBeSigned (TBS) SHA1 | 456356986e8ecbb7b05e4617d37cb8cd69ce4969 |
| ToBeSigned (TBS) SHA256 | 4a0336d7ffa5db42ece4b342e1244f5c2bd0681827f68f847d99195c83740145 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=RD, CN=Trend Micro, Inc. |
| ValidFrom | 2011-12-27 00:00:00 |
| ValidTo | 2013-02-15 23:59:59 |
| Signature | 840ba0fc35187fe2edc7b17c101fd2bf035bbad8f3de048e250741e96a3f4ecee86f1f065ea76f2f8f430a13a75ff3eab29a8b11a13006d27bf3173fa49aabf9cef98fc4554f1732317c4b821c740eb58a91977d85e86574dd712718b15d24f7eb88b6d4520aef788478e1ef8cebd7fff06fadbc87ca6ca2b77da85be3c30b4d590bcb8945a0acfa013f89073933494d9c465c0036280a5af39f6802e60bd175a2603366dd935cb3458b1791411a06b6e5f38e3171de4238051c79b33117cb94674d0625c402bdfb0f99b80625dc0f827911c6c11263884a4e41d1abf60070ad46b7296e19e1cfcda7304a650d7a814319cc11e5a947e82b2d00a169e798b871 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 6326c00ead256b6837eeb29b5ee84720 |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeInitializeSemaphore
- KeWaitForSingleObject
- KeReleaseSemaphore
- KeStackAttachProcess
- KeUnstackDetachProcess
- RtlSubAuthoritySid
- RtlInitializeSid
- ExAllocatePoolWithTag
- RtlLengthRequiredSid
- ExFreePoolWithTag
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwRequestWaitReplyPort
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- ObfReferenceObject
- IoGetCurrentProcess
- DbgBreakPoint
- PsGetProcessExitTime
- MmSectionObjectType
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- PsGetCurrentThreadId
- _vsnprintf
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- KeDelayExecutionThread
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ExGetPreviousMode
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- MmHighestUserAddress
- IoFreeIrp
- memcpy
- MmUnlockPages
- IoBuildAsynchronousFsdRequest
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- mbstowcs
- _purecall
- ZwOpenSymbolicLinkObject
- NtClose
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- RtlEqualUnicodeString
- IoFileObjectType
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- MmGetSystemRoutineAddress
- RtlCopyUnicodeString
- RtlCompareMemory
- _snwprintf
- RtlImageNtHeader
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlInitAnsiString
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- ObQueryNameString
- IoBuildDeviceIoControlRequest
- IofCompleteRequest
- ExEventObjectType
- _allmul
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- RtlUpperChar
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- IoDriverObjectType
- RtlAppendUnicodeStringToString
- strncmp
- NtQueryInformationProcess
- PsIsThreadTerminating
- PsThreadType
- KeAddSystemServiceTable
- ZwQueryObject
- ZwQuerySecurityObject
- ObInsertObject
- _allrem
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- RtlUpcaseUnicodeString
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- MmSystemRangeStart
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- wcsstr
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- RtlFreeAnsiString
- RtlUnicodeStringToAnsiString
- strncat
- wcschr
- wcsncat
- wcstombs
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- IoFreeMdl
- ExAcquireFastMutexUnsafe
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- ZwQuerySymbolicLinkObject
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- KeGetCurrentIrql
- ExAcquireFastMutex
- ExReleaseFastMutex
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z0@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKmLPC@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKmLPC@0
- _KmCallUm@8
- _KmCallUmEx@12
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilCleanFileReadOnly@4
- _UtilDeleteFileForce@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 009feac811b0f16247a5fc20d80523ace6
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b6aa9cf28bcfc9f07ec1069fb425ab61 |
| ToBeSigned (TBS) SHA1 | ca7a166fcd53878ba5a38d4cac37c63513cfc1fa |
| ToBeSigned (TBS) SHA256 | 711394fc49f8948a831f687d42ced6b18514f57786ecc6cdbc3c3eb72e568a40 |
| Subject | C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Time Stamping Signer |
| ValidFrom | 2015-05-05 00:00:00 |
| ValidTo | 2015-12-31 23:59:59 |
| Signature | 0dbbad60111bb5f00dcce6483a7a3e0e33dc1cb9ead620fea34dd0cc764ee818d879dfd34f9a4264238a29728a3a6c66a63c3a17a8704565c673c3d0ce8954fbac690f58b019cb869f7eb97eeb5192bf9bddebd165f0257b887cdebda5c8b51451bcc081308a85387be679fe67559387fe4fe88d0eedf37292b5c289806dd159e31d0deab138ee039d0019a5ab219b79c3ccc23e687ebdc94d694db46451fbb22874e25389ce9dfaade2dbceab7b7e064474fd0aa3c9b7a730cd49d29264f122a6b828457479e9a7ce3b33f98350947d68c01d49c760787a3c6426d5befa0a6de41ee109538fa9c523acc79d614221f02c1671493b10af2c6f1ae631f114fd6c |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 009feac811b0f16247a5fc20d80523ace6 |
| Version | 3 |
Certificate 250ce8e030612e9f2b89f7054d7cf8fd
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 918d9eb6a6cd36c531eceb926170a7e1 |
| ToBeSigned (TBS) SHA1 | 0ae95700d65e6f59715aa47048993ca7858e676a |
| ToBeSigned (TBS) SHA256 | 47c46e6eaa3780eace3d0d891346cd373359d246b21a957219dbab4c8f37c166 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2006-11-08 00:00:00 |
| ValidTo | 2021-11-07 23:59:59 |
| Signature | 1302ddf8e88600f25af8f8200c59886207cecef74ef9bb59a198e5e138dd4ebc6618d3adeb18f20dc96d3e4a9420c33cbabd6554c6af44b310ad2c6b3eabd707b6b88163c5f95e2ee52a67cecd330c2ad7895603231fb3bee83a0859b4ec4535f78a5bff66cf50afc66d578d1978b7b9a2d157ea1f9a4bafbac98e127ec6bdff |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 250ce8e030612e9f2b89f7054d7cf8fd |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 1519396ee230f02cad1fcfdb077a35f0
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 7e2a6f93403382b4ec42463426d0a4b5 |
| ToBeSigned (TBS) SHA1 | 62acc697c0e2dc37f3d37ab79751637346e051e2 |
| ToBeSigned (TBS) SHA256 | 3e9a51973a839e5bc6e81c886e085b777d08ce2b24f816b7552cf2c44e322d59 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2015-02-20 00:00:00 |
| ValidTo | 2016-05-21 23:59:59 |
| Signature | e480eb7f78216a855e34dbcb712d3879d6b1744c823c8e78c3661e55182a5c1f3a03686169393ef8778c893a49604a79769f5ba7156426c5431ae729a8dc5f8e22b14d124e46eff3f4f660552a57250a15e15d07ad548a02cddf8a204b5010be387a05b1019f618cf15078d80a809a7272b1822a63862c7db194f12697a786001ef630ac9d8bf9f5475191f327b8ed4839dff1ef65e5eb8f91379a66366451f99cb633848c57d4392096e6080fa327b23fc3834ad4f6043904d6c5aeb35454a265b3fda38167cffa8394f092a74bad1ea386f63b7baeb95271a97fc3bff0a2bc96a834f280a254d7170e5cc2830f3bd0649178f8b04514ecd1103753b1762902 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 1519396ee230f02cad1fcfdb077a35f0 |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- IoGetCurrentProcess
- ObfReferenceObject
- DbgBreakPoint
- ZwRequestWaitReplyPort
- ExFreePoolWithTag
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- PsGetProcessExitTime
- MmSectionObjectType
- PsThreadType
- ObReleaseObjectSecurity
- SeReleaseSubjectContext
- SeAccessCheck
- SeCaptureSubjectContext
- ObGetObjectSecurity
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- ExAllocatePoolWithTag
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- PsGetCurrentThreadId
- RtlInitAnsiString
- ZwDeviceIoControlFile
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- _vsnprintf
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- ExGetPreviousMode
- KeWaitForSingleObject
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeDelayExecutionThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- IoFileObjectType
- _allrem
- ZwQuerySecurityObject
- memcpy
- RtlLengthSecurityDescriptor
- MmHighestUserAddress
- IoFreeIrp
- IoFreeMdl
- _purecall
- IoBuildAsynchronousFsdRequest
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ObQueryNameString
- MmGetSystemRoutineAddress
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- RtlImageNtHeader
- RtlCompareMemory
- RtlUpcaseUnicodeString
- _snwprintf
- MmSystemRangeStart
- wcsncmp
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- _allmul
- KeReleaseSemaphore
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- KeInitializeSemaphore
- IofCompleteRequest
- ExEventObjectType
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- RtlUpperChar
- ObReferenceObjectByName
- IoDriverObjectType
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- NtQueryInformationProcess
- PsIsThreadTerminating
- KeAddSystemServiceTable
- ZwFsControlFile
- ObInsertObject
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- wcsstr
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- RtlFreeAnsiString
- RtlUnicodeStringToAnsiString
- strncat
- wcschr
- wcsncat
- wcstombs
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- ZwSetSecurityObject
- ExAcquireFastMutexUnsafe
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- MmUnlockPages
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- ExAcquireFastMutex
- ExReleaseFastMutex
- KeGetCurrentIrql
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDebugLogEx@@QAE@ABV0@@Z
- ??0CDebugLogEx@@QAE@K@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z01@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0CWorkerThreadPoolEx@@QAE@ABV0@@Z
- ??0CWorkerThreadPoolEx@@QAE@KK@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDebugLogEx@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1CWorkerThreadPoolEx@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDebugLogEx@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MAEXXZ
- ?FinishIt@CWorkerThreadJob@@QAEJXZ
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetLogFlag@CDebugLogEx@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitProcMon@CDebugLogEx@@IAEXXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QAEJP6GXPAX@Z0E1@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReadWIRP@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetLogFlag@CDebugLogEx@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?Terminate@CWorkerThreadPoolEx@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QAEXXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CDebugLogEx@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteDataToFile@CDebugLogEx@@IAEXPADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IAEXPAD@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemInformation@CDebugLogEx@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IAEXPAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKm2UmCommunication@0
- _DeInitKmLPC@0
- _DuplicateFullFileName@4
- _FreeFullFileName@4
- _GetKm2UmMode@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKm2UmCommunication@8
- _InitKmLPC@0
- _IsVerifierCodeCheckFlagOn@0
- _IsWindows8_1_update@4
- _KmCallUm@8
- _KmCallUmByLPC@8
- _KmCallUmEx@12
- _KmCleanupCommPortAPIs@0
- _KmGetUmInitProcess@0
- _KmSetCommPortAPIs@4
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilAddReparsePointMapping@8
- _UtilCleanFileReadOnly@4
- _UtilCloseExclusiveHandle@12
- _UtilCreateDosFileName@8
- _UtilDeleteFileForce@4
- _UtilGetDeviceObjectName@8
- _UtilGetFileNameFromFileObject@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilPostJobToWorkerThread@12
- _UtilQueryExclusiveHandle@12
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- _ValidateAddressWithSize@20
- __ResetProtectFromClose@4
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 4191a15a3978dfcf496566381d4c75c2
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 41011f8d0e7c7a6408334ca387914c61 |
| ToBeSigned (TBS) SHA1 | c7fc1727f5b75a6421a1f95c73bbdb23580c48e5 |
| ToBeSigned (TBS) SHA256 | 88dd3952638ee82738c03168e6fd863fe4eab1059ee5e2926ad8cb587c255dc0 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)04, CN=VeriSign Class 3 Code Signing 2004 CA |
| ValidFrom | 2004-07-16 00:00:00 |
| ValidTo | 2014-07-15 23:59:59 |
| Signature | ae3a17b84a7b55fa6455ec40a4ed494190999c89bcaf2e1dca7823f91c190f7feb68bc32d98838dedc3fd389b43fb18296f1a45abaed2e26d3de7c016e000a00a4069211480940f91c1879672324e0bbd5e150ae1bf50edde02e81cd80a36c524f9175558aba22f2d2ea4175882f63557d1e545a9559cad93481c05f5ef67ab5 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4191a15a3978dfcf496566381d4c75c2 |
| Version | 3 |
Certificate 645212f783f4d7aba3555729e99ce065
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e00f0a38c65f7c0b9f19b97448d6a0e3 |
| ToBeSigned (TBS) SHA1 | 91c033a2f289418c4101654dceacef1b25bb55d0 |
| ToBeSigned (TBS) SHA256 | 38b3fcbdb734b0e3439f3c9a3c4c1712091f577d2b616d41224137faf7ba7c86 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=RD, CN=Trend Micro, Inc. |
| ValidFrom | 2008-01-16 00:00:00 |
| ValidTo | 2011-02-16 23:59:59 |
| Signature | 5a693868cea6ba49064b801a0d9e12887a37cbb92cca2950cc5e99c2df9aec5697422e67cd042836daf09a09e739f625255841fed1ec9657cb8b3edc08c55c302574cbdb3f7de2798ed769d766402619b48041f9d90f8c904488788412b1c632055e1afc4a5bbac642cb626bd20fece0feaa6cf9b287887788cf64586309a14a644b5f0595c0ddcb7d789831faedb48451e40e342da4ccbc38a5e992e57e7ce5328d531a8c68e61f9dc9be65605c1bedf3358579000b91a19b3be388bac36b58ca76b72358bd8e74e0a7b08b0587bb7a29758c01af40b80e8e72c76abd3a2babfe7c1ed6e7b1cd9b0221a605062b6d9d0ceb57e0eb305fdc5eb5bf6ea442f4c9 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 645212f783f4d7aba3555729e99ce065 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- KeEnterCriticalRegion
- KeGetCurrentThread
- KeLeaveCriticalRegion
- ExReleaseFastMutexUnsafe
- wcsncpy
- memcpy
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeInitializeSemaphore
- KeWaitForSingleObject
- DbgPrint
- KeReleaseSemaphore
- RtlSubAuthoritySid
- RtlInitializeSid
- ExAllocatePoolWithTag
- RtlLengthRequiredSid
- ExFreePoolWithTag
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- KeUnstackDetachProcess
- ZwRequestWaitReplyPort
- memmove
- KeStackAttachProcess
- ZwConnectPort
- RtlInitUnicodeString
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- ObfReferenceObject
- IoGetCurrentProcess
- memset
- MmIsAddressValid
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- PsGetCurrentThreadId
- _vsnprintf
- MmMapLockedPagesSpecifyCache
- MmBuildMdlForNonPagedPool
- MmCreateMdl
- MmUnmapLockedPages
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeNumberProcessors
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwOpenDirectoryObject
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ExGetPreviousMode
- ExAcquireFastMutexUnsafe
- ObOpenObjectByPointer
- PsProcessType
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- IoFreeIrp
- IoBuildAsynchronousFsdRequest
- ProbeForWrite
- KeBugCheckEx
- RtlImageNtHeader
- _stricmp
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- KeDelayExecutionThread
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- RtlEqualUnicodeString
- IoFileObjectType
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- IoFreeMdl
- IoAllocateMdl
- PsGetVersion
- MmGetSystemRoutineAddress
- RtlCompareMemory
- RtlCopyUnicodeString
- RtlAppendUnicodeStringToString
- IofCompleteRequest
- ExEventObjectType
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- ProbeForRead
- IoGetDeviceObjectPointer
- ExAllocatePool
- RtlUpperChar
- RtlCompareUnicodeString
- PsLookupProcessByProcessId
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObReferenceObjectByPointer
- MmSectionObjectType
- ObQueryNameString
- ObOpenObjectByName
- NtQueryInformationProcess
- _snwprintf
- RtlAnsiStringToUnicodeString
- KeAddSystemServiceTable
- ZwQueryObject
- ZwQuerySecurityObject
- ObInsertObject
- _allrem
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- KeTickCount
- RtlUnwind
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- wcschr
- RtlAbsoluteToSelfRelativeSD
- RtlFreeUnicodeString
- ZwTerminateProcess
- _purecall
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z0@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBG@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKmLPC@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKmLPC@0
- _KmCallUm@8
- _MapMem@12
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UnMapMem@8
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetProcessName@12
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilQueryKeyValue@24
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 1688f039255e638e69143907e6330b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 0179e8ddeebaf8998fec419d65cdf13d |
| ToBeSigned (TBS) SHA1 | 34c724c3369f2da8c25b591808962f66f10bde28 |
| ToBeSigned (TBS) SHA256 | 35b0bac11602847aaab65fb35199d3c8976cde3ccf7e061b130177c712cbd92f |
| Subject | C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO SHA,1 Time Stamping Signer |
| ValidFrom | 2015-12-31 00:00:00 |
| ValidTo | 2019-07-09 18:40:36 |
| Signature | ba332440408c7cdb589fb36098b2f5c031feeb1f6e50f60ae0e4e681ad2687a2dffdb3daf473f300fb291b891b153edb6b52932bc4ac3981d73c67579a3936e028089ae3394f9b89097f7bc5617f598932250a6aae1a3ef0a227a8b6c3b887f7160448413d5cd8ec9f4d203104d965a1edcd690753163ddd36020a88eb40e506300bb8164bdcefbc5509ffc63e122e76b3dcce42eff97657e1b70a054098589a5d711693718c6581ea6ff389f7fb73adb4e7bfd98e6faa0b4f25f3b8e1d5dd75986881f8aac0d180c2c4c43989c1f6c99e6cd774f9d997f84fc29a0acd5e8ff819e9e0a59fc4f09221e62d7925c922f9c3f03a8457ad3a16f46394101d5dd0c6 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 1688f039255e638e69143907e6330b |
| Version | 3 |
Certificate 774d49c5649436de6bf3190a67eedcdf
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b3ca7d6b821d8e3432b29874980af55e |
| ToBeSigned (TBS) SHA1 | 618d7e55a24c1d8b65a0bcce79120c5e3b13fa4d |
| ToBeSigned (TBS) SHA256 | c645c6a7dc7243a4a3f78a6569c029401a7bda8bc4732ce7198d9f21f19b12fa |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2016-03-29 00:00:00 |
| ValidTo | 2017-06-28 23:59:59 |
| Signature | 27351697f046d1d43fe306dff30b83e7a404e3e6431c1e06829c558d99eb3f21776021e3e1bd4e485aba08b89bb0972f23daa471d7b432a44a591270f9a838f13dbda32ee936c0df792cff8c493e1f27b2282b3d896ae7b4155ca1a50bf7111f3f4bbbe11f17cfe5d49c0589c210966ef7e567153e802d2e783ff498c59585598d9d3e93273d1e81c07ce85c0cfb24834d448c3930120f1686bd472d916ac8f9475acfdb27be8528311f668d71dfc132a0ff62df7baa575a0cc732b3de003beca214954d4d97cf9511b9329eccbb7b716675b31e543a43570080dffce3fc8ca8fbb17d954b9678e2d0c1e1710a5cf03952a687fede59dcba3bf98900f9934f12 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 774d49c5649436de6bf3190a67eedcdf |
| Version | 3 |
Certificate 611993e400000000001c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78a717e082dcc1cda3458d917e677d14 |
| ToBeSigned (TBS) SHA1 | 4a872e0e51f9b304469cd1dedb496ee9b8b983a4 |
| ToBeSigned (TBS) SHA256 | 317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2011-02-22 19:25:17 |
| ValidTo | 2021-02-22 19:35:17 |
| Signature | 812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 611993e400000000001c |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- CLASSPNP.SYS
- HAL.dll
Imported Functions
Expand
- ExAcquireFastMutexUnsafe
- ExReleaseFastMutexUnsafe
- ProbeForRead
- ProbeForWrite
- ExAcquireResourceSharedLite
- ExAcquireResourceExclusiveLite
- ExReleaseResourceLite
- MmProbeAndLockPages
- MmUnlockPages
- MmMapLockedPagesSpecifyCache
- IoAllocateMdl
- IoFreeMdl
- IoGetCurrentProcess
- ObfReferenceObject
- ObfDereferenceObject
- ZwClose
- ZwCreateSection
- ZwOpenSection
- ZwMapViewOfSection
- ZwUnmapViewOfSection
- ZwOpenEvent
- KePulseEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObOpenObjectByPointer
- ZwAllocateVirtualMemory
- ZwFreeVirtualMemory
- ZwSetEvent
- _allmul
- memcpy
- memset
- PsProcessType
- wcsncpy
- wcsrchr
- RtlUnicodeStringToInteger
- ZwWaitForSingleObject
- ZwRequestWaitReplyPort
- ZwConnectPort
- swprintf
- RtlCopyUnicodeString
- DbgPrint
- KeDelayExecutionThread
- KeQuerySystemTime
- ExAllocatePoolWithTag
- PsGetVersion
- IofCompleteRequest
- IoCreateSymbolicLink
- IoDeleteDevice
- IoDeleteSymbolicLink
- ObReferenceObjectByHandle
- PsGetCurrentProcessId
- ZwCreateEvent
- ExEventObjectType
- SeCaptureSubjectContext
- SeReleaseSubjectContext
- SeAccessCheck
- ObGetObjectSecurity
- ObReleaseObjectSecurity
- PsGetProcessExitTime
- PsThreadType
- MmSectionObjectType
- RtlCreateSecurityDescriptor
- RtlSetDaclSecurityDescriptor
- KeInitializeSemaphore
- KeReleaseSemaphore
- RtlCreateAcl
- RtlAddAccessAllowedAce
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- ExGetPreviousMode
- _wcsnicmp
- PsSetCreateProcessNotifyRoutine
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwCreateFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwReadFile
- ZwWriteFile
- towupper
- MmGetSystemRoutineAddress
- ObReferenceObjectByPointer
- ObQueryNameString
- MmHighestUserAddress
- _snprintf
- _vsnprintf
- RtlInitAnsiString
- RtlAnsiStringToUnicodeString
- RtlFreeUnicodeString
- RtlTimeToTimeFields
- KeWaitForMultipleObjects
- ExSystemTimeToLocalTime
- ZwCreateKey
- PsGetCurrentThreadId
- ZwDeviceIoControlFile
- ZwNotifyChangeKey
- ZwOpenFile
- ExFreePoolWithTag
- mbstowcs
- _stricmp
- IoGetDeviceObjectPointer
- RtlImageNtHeader
- ZwQuerySystemInformation
- _strnicmp
- RtlCompareUnicodeString
- RtlCompareMemory
- MmBuildMdlForNonPagedPool
- IoAllocateIrp
- IofCallDriver
- IoFreeIrp
- RtlUpperChar
- ObReferenceObjectByName
- IoFileObjectType
- IoDriverObjectType
- IoBuildDeviceIoControlRequest
- IoCreateFile
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlUpcaseUnicodeChar
- _snwprintf
- strncpy
- NtOpenProcess
- NtQueryInformationProcess
- PsIsThreadTerminating
- ObOpenObjectByName
- KeServiceDescriptorTable
- KeAddSystemServiceTable
- KeSetPriorityThread
- PsCreateSystemThread
- PsTerminateSystemThread
- KeNumberProcessors
- RtlLengthSecurityDescriptor
- ZwOpenKey
- ZwDeleteKey
- ZwDeleteValueKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryKey
- ZwQueryValueKey
- ZwSetValueKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwQuerySecurityObject
- ZwSetSecurityObject
- ZwQueryDirectoryObject
- ZwQueryDirectoryFile
- _allrem
- RtlAppendUnicodeToString
- ZwFsControlFile
- ObInsertObject
- strrchr
- wcschr
- wcsncmp
- RtlQueryRegistryValues
- IoBuildAsynchronousFsdRequest
- ZwOpenSymbolicLinkObject
- ZwQuerySymbolicLinkObject
- RtlUpcaseUnicodeString
- NtClose
- ZwSetInformationObject
- SeQueryAuthenticationIdToken
- MmSystemRangeStart
- IoGetFileObjectGenericMapping
- ObCreateObject
- SeCreateAccessState
- IoAcquireVpbSpinLock
- IoReleaseVpbSpinLock
- wcstombs
- strncat
- wcsncat
- RtlUnicodeStringToAnsiString
- RtlFreeAnsiString
- wcsstr
- ExAllocatePool
- ExInterlockedPopEntrySList
- IoBuildSynchronousFsdRequest
- IoGetStackLimits
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- IoUnregisterPlugPlayNotification
- IoGetConfigurationInformation
- FsRtlIsNameInExpression
- RtlUnwind
- IoDeviceObjectType
- IoCreateDevice
- RtlGetOwnerSecurityDescriptor
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- SeCaptureSecurityDescriptor
- RtlLengthSid
- SeExports
- IoIsWdmVersionAvailable
- RtlAbsoluteToSelfRelativeSD
- KeWaitForSingleObject
- KeLeaveCriticalRegion
- KeBugCheckEx
- KeEnterCriticalRegion
- KeSetEvent
- KeClearEvent
- KeInitializeEvent
- RtlInitUnicodeString
- KeGetCurrentThread
- memmove
- ZwQueryVolumeInformationFile
- _purecall
- ClassInitialize
- KeRaiseIrqlToDpcLevel
- KfAcquireSpinLock
- KeGetCurrentIrql
- ExReleaseFastMutex
- ExAcquireFastMutex
- KfLowerIrql
- KfRaiseIrql
- KfReleaseSpinLock
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDebugLogEx@@QAE@ABV0@@Z
- ??0CDebugLogEx@@QAE@K@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z01@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0CWorkerThreadPoolEx@@QAE@ABV0@@Z
- ??0CWorkerThreadPoolEx@@QAE@KK@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDebugLogEx@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1CWorkerThreadPoolEx@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3@YAXPAXI@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDebugLogEx@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MAEXXZ
- ?FinishIt@CWorkerThreadJob@@QAEJXZ
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetLogFlag@CDebugLogEx@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitProcMon@CDebugLogEx@@IAEXXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QAEJP6GXPAX@Z0E1@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReadWIRP@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetLogFlag@CDebugLogEx@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?Terminate@CWorkerThreadPoolEx@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QAEXXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CDebugLogEx@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteDataToFile@CDebugLogEx@@IAEXPADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IAEXPAD@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemInformation@CDebugLogEx@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IAEXPAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _AllocFullFileName@8
- _DeInitKm2UmCommunication@0
- _DeInitKmLPC@0
- _DuplicateFullFileName@4
- _FreeFullFileName@4
- _GetKm2UmMode@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKm2UmCommunication@8
- _InitKmLPC@0
- _IsVerifierCodeCheckFlagOn@0
- _IsWindows8_1_update@4
- _KmCallUm@8
- _KmCallUmByLPC@8
- _KmCallUmEx@12
- _KmCleanupCommPortAPIs@0
- _KmGetUmInitProcess@0
- _KmSetBackupCommPortAPIs@4
- _KmSetCommPortAPIs@4
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilAddReparsePointMapping@8
- _UtilCleanFileReadOnly@4
- _UtilCloseExclusiveHandle@12
- _UtilCreateDosFileName@8
- _UtilDeleteFileForce@4
- _UtilGetDeviceObjectName@8
- _UtilGetFileNameFromFileObject@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilPostJobToWorkerThread@12
- _UtilQueryExclusiveHandle@12
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- _ValidateAddressWithSize@20
- __ResetProtectFromClose@4
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 478a8efb59e1d83f0ce142d2a28707be
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | f13ede9179075999ef7f856ec31e364b |
| ToBeSigned (TBS) SHA1 | 2f09867166e6107e17808317f5c8d4ee157f45bc |
| ToBeSigned (TBS) SHA256 | 089a2c4c6ac7432020acdb65c33bf39130da6f37c002ba79128bd4c94e4fa101 |
| Subject | C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Time Stamping Signer |
| ValidFrom | 2010-05-10 00:00:00 |
| ValidTo | 2015-05-10 23:59:59 |
| Signature | c8fb63f80b75752c3af1f213a72db6a31a9cad0107d3348e77e0c26eae025d484fa4d221b636fd2a35437c6bdf80870b15f0763200b4ceb567a42f2f201b9c549e833f1f5f149562820f2241221f70b3f3f742de6c51cd4bf821ac9b3b8cb1e5e6288fce2a8af9aa524d8c5b77ba4d5a58dbbb6a04cc521e9de228370ebbe70e91c7f8dbf18198ebcd37b30eab65d362ec3aa576eb13a83593c92e0a01ecc0e8cc3d7eb6ebe2c1ecd3149282668750dcfd5097acb34a767306c486113ab35f4304526feab3d074364ccaf11b7984377063ad74b9aa0ef398b08608ebdbe01f8c10f239649bae4f0a2c928a4f18b591e58d1a935f1faef1a6f02e97d0d2f62b3c |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 478a8efb59e1d83f0ce142d2a28707be |
| Version | 3 |
Certificate 4d6290e58c54f0f1eb17341a1310e6a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b7d8444a70054990435f35a5630df5e1 |
| ToBeSigned (TBS) SHA1 | 4678c6e4a8787a8e6ed2bce8792b122f6c08afd8 |
| ToBeSigned (TBS) SHA256 | 0a8b4b359ea7890b358e56e436e9cfc6f32b037b2599b597ca7f7a80d475ec98 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-09-30 00:00:00 |
| ValidTo | 2014-01-01 23:59:59 |
| Signature | aedd211d5f8f807ad25209eadb6ed25d8be8c21b6904be51a5010e59fa37d174a3eedced89742b62d5a6bf4fad361754f013e0a345d24c26cbe26da21fd01e7a070fb6b37b6f5068a2e931b3b7997d8070a0a7de0b1ea4fff34d811bdd20c91cc4afcff18ffad9da95f0ecdc5cbfe88c5a3e7ab0a3eb59437411e09b1a6af36f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4d6290e58c54f0f1eb17341a1310e6a4 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 1a9d178ad334acdf47c8a0d15bb50e6e
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 685d99029d38a9d263ea82cd02a49f6c |
| ToBeSigned (TBS) SHA1 | 93464d8f54b4ee7caf22ca1db15a4211e0d3c79e |
| ToBeSigned (TBS) SHA256 | 894991f1477dff88c7c0707531073bb59483750bcad672fc388179affca07aa9 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=Trend Micro, Inc. |
| ValidFrom | 2013-01-17 00:00:00 |
| ValidTo | 2014-03-18 23:59:59 |
| Signature | 65c7e1e0f4051179852b819153b528c88db47ef50e897cd8ce0d03a7cc2dc896c89790410182186fecaf9da5c317bf57b5038311c10c2ec5ddb5c18165a7e92f92a6f39c042262126c714337a7c528041a04679217c1475a30231c967ca63b4430ccea52fe4f16fabb5c454d2aa8cdde347b8beaa973d76b3f9ba99d2597939a33d67ec4abc3974ef3792b8bc90d092cce62309d205129bbcbd3554382f24b2911b4904b09e7f52f24f2cc5a52fa49f3a163c32fde076e917301f22dd45d643b95319bae922bc861e5a8f90d4dd72603c7b1ea0229eca869ab8d086ae5286baeba9b99a12856dc1d3cd9f6d9da4b8d5a85896ba4587d8eba506a4fbba4a7bb49 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 1a9d178ad334acdf47c8a0d15bb50e6e |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- KeLeaveCriticalRegion
- wcsncpy
- KeEnterCriticalRegion
- ExAcquireFastMutexUnsafe
- wcsrchr
- ExAcquireResourceSharedLite
- ExReleaseResourceLite
- _purecall
- ZwOpenEvent
- ZwConnectPort
- KeClearEvent
- PsProcessType
- ExFreePoolWithTag
- RtlInitUnicodeString
- KeSetEvent
- ProbeForWrite
- KeUnstackDetachProcess
- ZwRequestWaitReplyPort
- ZwWaitForSingleObject
- DbgBreakPoint
- ZwSetEvent
- IoGetCurrentProcess
- ZwFreeVirtualMemory
- ZwClose
- ObfReferenceObject
- ObfDereferenceObject
- RtlUnicodeStringToInteger
- ZwCreateSection
- ObOpenObjectByPointer
- KeStackAttachProcess
- KePulseEvent
- ZwAllocateVirtualMemory
- ObGetObjectSecurity
- SeAccessCheck
- SeReleaseSubjectContext
- SeCaptureSubjectContext
- PsThreadType
- ObReleaseObjectSecurity
- PsGetProcessExitTime
- MmSectionObjectType
- DbgPrint
- ExDeleteResourceLite
- ExInitializeResourceLite
- ZwReadFile
- swprintf
- ZwSetInformationFile
- ZwCreateFile
- ZwQueryInformationFile
- ZwWriteFile
- _wcsnicmp
- towupper
- ExAllocatePoolWithTag
- KeInitializeEvent
- ZwCreateEvent
- ZwCreateKey
- RtlAnsiStringToUnicodeString
- ZwNotifyChangeKey
- RtlInitAnsiString
- _snprintf
- RtlFreeUnicodeString
- ExSystemTimeToLocalTime
- _vsnprintf
- ObReferenceObjectByHandle
- RtlTimeToTimeFields
- ZwDeviceIoControlFile
- PsGetCurrentThreadId
- PsGetCurrentProcessId
- KeWaitForMultipleObjects
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- KeWaitForSingleObject
- KeSetPriorityThread
- PsCreateSystemThread
- PsTerminateSystemThread
- MmIsAddressValid
- KeDelayExecutionThread
- KeNumberProcessors
- PsLookupProcessByProcessId
- PsSetCreateProcessNotifyRoutine
- ZwOpenDirectoryObject
- ZwQueryInformationProcess
- ExGetPreviousMode
- NtSetInformationFile
- ZwDeleteValueKey
- ZwSetValueKey
- ZwQuerySystemInformation
- NtQueryInformationFile
- IoFileObjectType
- ZwQueryValueKey
- ZwQueryDirectoryFile
- NtCreateFile
- ZwEnumerateValueKey
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenProcess
- ZwTerminateProcess
- ZwDeleteKey
- ZwEnumerateKey
- ZwQueryKey
- ZwOpenKey
- ExReleaseFastMutexUnsafe
- _stricmp
- _strnicmp
- mbstowcs
- ProbeForRead
- _snwprintf
- ZwQuerySymbolicLinkObject
- ZwMapViewOfSection
- MmGetSystemRoutineAddress
- RtlAppendUnicodeToString
- IoCreateFile
- RtlQueryRegistryValues
- MmBuildMdlForNonPagedPool
- ZwOpenSymbolicLinkObject
- IoFreeMdl
- ObQueryNameString
- ZwUnmapViewOfSection
- NtClose
- IoFreeIrp
- PsGetVersion
- IoAllocateIrp
- RtlCompareMemory
- MmUnlockPages
- ZwOpenFile
- wcsncmp
- RtlImageNtHeader
- IoAllocateMdl
- IofCallDriver
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- RtlSubAuthoritySid
- RtlLengthRequiredSid
- ExReleaseFastMutex
- ExAcquireFastMutex
- RtlCreateAcl
- RtlSetDaclSecurityDescriptor
- RtlAddAccessAllowedAce
- KeInitializeSemaphore
- KeReleaseSemaphore
- RtlInitializeSid
- RtlCreateSecurityDescriptor
- IoDeleteSymbolicLink
- IoDeleteDevice
- ExEventObjectType
- IofCompleteRequest
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- strncpy
- NtOpenProcess
- ObInsertObject
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- IoReleaseVpbSpinLock
- wcschr
- strncat
- RtlUnicodeStringToAnsiString
- wcsncat
- RtlFreeAnsiString
- wcstombs
- IoGetConfigurationInformation
- IoRegisterPlugPlayNotification
- RtlUpcaseUnicodeString
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- KeReleaseSpinLock
- ExpInterlockedPopEntrySList
- FsRtlIsNameInExpression
- wcsstr
- ExAllocatePool
- IoUnregisterPlugPlayNotification
- MmProbeAndLockPages
- RtlCompareUnicodeString
- IoGetDeviceInterfaces
- DbgPrintEx
- KeAcquireSpinLockRaiseToDpc
- KeBugCheckEx
- IoCreateDevice
- ZwSetSecurityObject
- IoDeviceObjectType
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- RtlAbsoluteToSelfRelativeSD
- IoIsWdmVersionAvailable
- SeExports
- RtlLengthSid
- RtlGetSaclSecurityDescriptor
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- MmSystemRangeStart
- ExAcquireResourceExclusiveLite
- __C_specific_handler
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QEAA@AEBV0@@Z
- ??0CAutoUpdateConfigThread@@QEAA@PEAU_UNICODE_STRING@@P6AX0PEAX@Z1@Z
- ??0CBlobConfig@@QEAA@AEBV0@@Z
- ??0CBlobConfig@@QEAA@K@Z
- ??0CContext@@QEAA@AEBV0@@Z
- ??0CContext@@QEAA@KP6AJPEAU_EVENT_REPORT@@PEAXPEAU_TMCE_REPORT@@PEAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QEAA@AEBV0@@Z
- ??0CContextList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QEAA@AEBV0@@Z
- ??0CDebugLog@@QEAA@PEBG@Z
- ??0CDebugLogEx@@QEAA@AEBV0@@Z
- ??0CDebugLogEx@@QEAA@K@Z
- ??0CDelayLoadThread@@QEAA@AEBV0@@Z
- ??0CDelayLoadThread@@QEAA@XZ
- ??0CExclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CExclusionExtConfig@@QEAA@KKE@Z
- ??0CExclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFileNameConfig@@QEAA@KK@Z
- ??0CExclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFilePathConfig@@QEAA@KK@Z
- ??0CExclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFolderConfig@@QEAA@KK@Z
- ??0CExclusionRegistryConfig@@QEAA@AEBV0@@Z
- ??0CExclusionRegistryConfig@@QEAA@KK@Z
- ??0CFile@@QEAA@AEBV0@@Z
- ??0CFile@@QEAA@E@Z
- ??0CFileExtension@@QEAA@AEBV0@@Z
- ??0CFileExtension@@QEAA@KEEPEAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CInclusionExtConfig@@QEAA@KKE@Z
- ??0CInclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFileNameConfig@@QEAA@KK@Z
- ??0CInclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFilePathConfig@@QEAA@KK@Z
- ??0CInclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFolderConfig@@QEAA@KK@Z
- ??0CKEvent@@QEAA@AEBV0@@Z
- ??0CKEvent@@QEAA@W4_EVENT_TYPE@@E@Z
- ??0CList@@QEAA@AEBV0@@Z
- ??0CList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QEAA@AEBV0@@Z
- ??0CLockEvent@@QEAA@XZ
- ??0CLockList@@QEAA@AEBV0@@Z
- ??0CLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IEAA@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QEAA@AEBV0@@Z
- ??0CMemoryPoolAllocator@@IEAA@W4_POOL_TYPE@@_K1K@Z
- ??0CMemoryPoolAllocator@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@XZ
- ??0CModuleConfigList@@QEAA@AEBV0@@Z
- ??0CModuleConfigList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QEAA@AEBV0@@Z
- ??0CModuleFileExtConfig@@QEAA@KKE@Z
- ??0CModuleFlagConfig@@QEAA@AEBV0@@Z
- ??0CModuleFlagConfig@@QEAA@K@Z
- ??0CModuleMultiStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleMultiStringConfig@@QEAA@KK@Z
- ??0CModuleStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleStringConfig@@QEAA@K@Z
- ??0CNoLockList@@QEAA@AEBV0@@Z
- ??0CNoLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QEAA@AEAVCLockEvent@@@Z
- ??0CSmartLock@@QEAA@XZ
- ??0CSmartReference@@QEAA@AEAJ@Z
- ??0CSmartReference@@QEAA@AEAK@Z
- ??0CSmartResource@@QEAA@AEAVCResource@@E@Z
- ??0CStrList@@QEAA@AEBV0@@Z
- ??0CStrList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QEAA@AEBV0@@Z
- ??0CSystemThread@@QEAA@K@Z
- ??0CUserFuncAdapterJob@@QEAA@AEBV0@@Z
- ??0CUserFuncAdapterJob@@QEAA@P6AXPEAX@Z01@Z
- ??0CWorkerThread@@IEAA@PEAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@E@Z
- ??0CWorkerThreadJobQueue@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJobQueue@@QEAA@K@Z
- ??0CWorkerThreadPool@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPool@@QEAA@K@Z
- ??0CWorkerThreadPoolEx@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPoolEx@@QEAA@KK@Z
- ??0IMemoryAllocator@@QEAA@AEBV0@@Z
- ??0IMemoryAllocator@@QEAA@XZ
- ??1CAutoUpdateConfigThread@@UEAA@XZ
- ??1CBlobConfig@@UEAA@XZ
- ??1CContext@@UEAA@XZ
- ??1CContextList@@UEAA@XZ
- ??1CDebugLog@@UEAA@XZ
- ??1CDebugLogEx@@UEAA@XZ
- ??1CDelayLoadThread@@UEAA@XZ
- ??1CExclusionExtConfig@@UEAA@XZ
- ??1CExclusionFileNameConfig@@UEAA@XZ
- ??1CExclusionFilePathConfig@@UEAA@XZ
- ??1CExclusionFolderConfig@@UEAA@XZ
- ??1CExclusionRegistryConfig@@UEAA@XZ
- ??1CFile@@UEAA@XZ
- ??1CFileExtension@@UEAA@XZ
- ??1CInclusionExtConfig@@UEAA@XZ
- ??1CInclusionFileNameConfig@@UEAA@XZ
- ??1CInclusionFilePathConfig@@UEAA@XZ
- ??1CInclusionFolderConfig@@UEAA@XZ
- ??1CKEvent@@UEAA@XZ
- ??1CList@@UEAA@XZ
- ??1CLockEvent@@UEAA@XZ
- ??1CLockList@@UEAA@XZ
- ??1CMemoryAllocator@@UEAA@XZ
- ??1CMemoryPoolAllocator@@UEAA@XZ
- ??1CModuleConfig@@UEAA@XZ
- ??1CModuleConfigList@@UEAA@XZ
- ??1CModuleFileExtConfig@@UEAA@XZ
- ??1CModuleFlagConfig@@UEAA@XZ
- ??1CModuleMultiStringConfig@@UEAA@XZ
- ??1CModuleStringConfig@@UEAA@XZ
- ??1CNoLockList@@UEAA@XZ
- ??1CSmartLock@@QEAA@XZ
- ??1CSmartReference@@QEAA@XZ
- ??1CSmartResource@@QEAA@XZ
- ??1CStrList@@UEAA@XZ
- ??1CSystemThread@@UEAA@XZ
- ??1CUserFuncAdapterJob@@UEAA@XZ
- ??1CWorkerThread@@UEAA@XZ
- ??1CWorkerThreadJob@@UEAA@XZ
- ??1CWorkerThreadJobQueue@@UEAA@XZ
- ??1CWorkerThreadPool@@UEAA@XZ
- ??1CWorkerThreadPoolEx@@UEAA@XZ
- ??1IMemoryAllocator@@UEAA@XZ
- ??2@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??2CMemoryAllocator@@SAPEAX_K@Z
- ??2CMemoryPoolAllocator@@SAPEAX_K@Z
- ??3@YAXPEAX@Z
- ??3IMemoryAllocator@@SAXPEAX@Z
- ??4CAutoUpdateConfigThread@@QEAAAEAV0@AEBV0@@Z
- ??4CBlobConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CContext@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLog@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLogEx@@QEAAAEAV0@AEBV0@@Z
- ??4CDelayLoadThread@@QEAAAEAV0@AEBV0@@Z
- ??4CFile@@QEAAAEAV0@AEBV0@@Z
- ??4CKEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CLockEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryPoolAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleFlagConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleStringConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEBV0@AEAVCLockEvent@@@Z
- ??4CSmartResource@@QEAAAEAV0@AEBV0@@Z
- ??4CSystemThread@@QEAAAEAV0@AEBV0@@Z
- ??4CUserFuncAdapterJob@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThread@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThreadJob@@QEAAAEAV0@AEBV0@@Z
- ??4IMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QEAAXXZ
- ??_FCFile@@QEAAXXZ
- ??_FCFileExtension@@QEAAXXZ
- ??_FCModuleConfigList@@QEAAXXZ
- ??_FCStrList@@QEAAXXZ
- ??_FCSystemThread@@QEAAXXZ
- ??_FCWorkerThread@@QEAAXXZ
- ??_FCWorkerThreadJob@@QEAAXXZ
- ??_FCWorkerThreadJobQueue@@QEAAXXZ
- ??_U@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??_V@YAXPEAX@Z
- ?Acquire@CLockEvent@@QEAAXXZ
- ?Add@CContextList@@QEAAEPEAVCContext@@@Z
- ?Add@CFileExtension@@QEAAEPEBGK@Z
- ?Add@CModuleConfigList@@QEAAEPEAVCModuleConfig@@@Z
- ?Add@CStrList@@QEAAEPEBG@Z
- ?AddNode@CLockList@@UEAAEQEAXE@Z
- ?AddNode@CNoLockList@@UEAAEQEAXE@Z
- ?Alloc@CMemoryAllocator@@UEAAPEAX_KPEBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UEAAPEAX_KPEBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IEAAPEAX_K@Z
- ?AttachJobQueue@CWorkerThread@@QEAAXPEAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QEAAXXZ
- ?CheckNode@CLockList@@UEAAHQEAX@Z
- ?CheckNode@CNoLockList@@UEAAHQEAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QEAAXXZ
- ?Cleanup@CBlobConfig@@AEAAXXZ
- ?Cleanup@CModuleFileExtConfig@@IEAAXXZ
- ?Cleanup@CModuleMultiStringConfig@@IEAAXXZ
- ?Cleanup@CModuleStringConfig@@AEAAXXZ
- ?Close@CFile@@QEAAJXZ
- ?Count@CLockList@@QEAAKXZ
- ?Count@CNoLockList@@QEAAKXZ
- ?Create@CFile@@QEAAJPEBGKKKK@Z
- ?Create@CSystemThread@@QEAAEXZ
- ?CreateInstance@CMemoryAllocator@@SAPEAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SAPEAV1@W4_POOL_TYPE@@_K1K@Z
- ?CreatePool@CWorkerThreadPool@@QEAAEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QEAAEXZ
- ?CreateThreads@CWorkerThreadPool@@QEAAEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QEAAEK@Z
- ?CreateWIRP@CFile@@QEAAJPEBGKKKK@Z
- ?Delete@CFile@@QEAAJXZ
- ?Delete@CFileExtension@@QEAAEPEBGK@Z
- ?Delete@CStrList@@QEAAEPEBG@Z
- ?DeleteAll@CList@@UEAAXXZ
- ?DeleteAll@CLockList@@UEAAXXZ
- ?DeleteAll@CNoLockList@@UEAAXXZ
- ?DeleteNode@CContextList@@MEAAXPEAX@Z
- ?DeleteNode@CList@@UEAAXPEAX@Z
- ?DeleteNode@CModuleConfigList@@MEAAXPEAX@Z
- ?DeleteNode@CStrList@@EEAAXPEAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YAXPEAPEAX@Z
- ?DoIt@CWorkerThreadJob@@QEAAJXZ
- ?EntryPoint@CSystemThread@@KAXPEAX@Z
- ?Find@CContextList@@QEAAPEAVCContext@@K@Z
- ?Find@CContextList@@QEAAPEAVCContext@@PEAX@Z
- ?Find@CFileExtension@@QEAAPEAU_STR_LIST_NODE@CStrList@@PEBGK@Z
- ?Find@CModuleConfigList@@QEAAPEAVCModuleConfig@@K@Z
- ?Find@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FindNode@CContextList@@IEAAPEAXPEAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?FinishIt@CWorkerThreadJob@@QEAAJXZ
- ?First@CList@@UEAAPEAXXZ
- ?First@CLockList@@UEAAPEAXXZ
- ?First@CNoLockList@@UEAAPEAXXZ
- ?Free@CMemoryAllocator@@UEAAXPEAX@Z
- ?Free@CMemoryPoolAllocator@@UEAAXPEAX@Z
- ?GetAttributes@CFile@@QEAAKXZ
- ?GetBasicInfomration@CFile@@IEAAJXZ
- ?GetBlobCofig@CContext@@UEAAJKPEAXPEAK@Z
- ?GetCategory@CContext@@QEAAKXZ
- ?GetData@CBlobConfig@@QEAAHPEAXPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAPEAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QEAAKXZ
- ?GetData@CModuleMultiStringConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleMultiStringConfig@@QEAAPEAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QEAAPEAGXZ
- ?GetData@CStrList@@QEAAEPEAGPEAK@Z
- ?GetDataType@CModuleConfig@@QEAAKXZ
- ?GetEngineContext@CContext@@QEAAPEAXXZ
- ?GetFileExtensionConfig@CContext@@QEAAPEAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetFileSize@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UEAAJKPEAK@Z
- ?GetID@CModuleConfig@@QEAAKXZ
- ?GetJob@CWorkerThreadJobQueue@@QEAAPEAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QEAAKXZ
- ?GetLinkContext@CContext@@QEAAPEAXXZ
- ?GetLogFlag@CDebugLog@@QEAAKXZ
- ?GetLogFlag@CDebugLogEx@@QEAAKXZ
- ?GetModuleId@CModuleConfig@@QEAAKXZ
- ?GetMultiStringConfig@CContext@@QEAAPEAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QEAA_KXZ
- ?GetSize@CBlobConfig@@QEAAKXZ
- ?GetStringConfig@CContext@@QEAAPEAGK@Z
- ?GetStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QEAAKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QEAAKXZ
- ?GetThreadID@CSystemThread@@QEAA_KXZ
- ?GetType@CContext@@QEAAKXZ
- ?GetUserParameter@CContext@@QEAA_KXZ
- ?InitProcMon@CDebugLogEx@@IEAAXXZ
- ?InitializeBlobConfig@CContext@@QEAAHKPEAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeFlagConfig@CContext@@QEAAHKK@Z
- ?InitializeMultiStringConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeStringConfig@CContext@@QEAAHKPEBG@Z
- ?Insert@CList@@UEAAXQEAXE@Z
- ?Insert@CLockList@@UEAAXQEAXE@Z
- ?Insert@CNoLockList@@UEAAXQEAXE@Z
- ?InsertAfter@CList@@UEAAXPEAX0@Z
- ?InsertBefore@CList@@UEAAXPEAX0@Z
- ?Instance@CWorkerThreadPool@@SAPEAV1@XZ
- ?IsEmpty@CList@@UEAAEXZ
- ?IsEmpty@CLockList@@UEAAEXZ
- ?IsEmpty@CNoLockList@@UEAAEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IEAAEK@Z
- ?IsFull@CLockList@@QEBAEXZ
- ?IsFull@CNoLockList@@QEBAEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QEAAEPEBG@Z
- ?IsOpened@CFile@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPool@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QEAAEXZ
- ?IsValid@CMemoryAllocator@@UEAAEXZ
- ?IsValid@CMemoryPoolAllocator@@UEAAEXZ
- ?IsValid@IMemoryAllocator@@UEAAEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QEAAE_K@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QEAAE_K@Z
- ?JobFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?JobQueue@CWorkerThreadPool@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QEAAKXZ
- ?Limit@CNoLockList@@QEAAKXZ
- ?MatchAllExtensions@CFileExtension@@QEAAEXZ
- ?MatchNoExtensions@CFileExtension@@QEAAEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?NeedDelete@CWorkerThreadJob@@QEAAEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QEAAXE@Z
- ?NewNode@CList@@UEAAPEAXXZ
- ?NewNode@CStrList@@EEAAPEAXXZ
- ?NewNodeVariant@CList@@IEAAPEAXK@Z
- ?Next@CList@@UEBAPEAXQEAX@Z
- ?Next@CLockList@@UEBAPEAXQEAX@Z
- ?Next@CNoLockList@@UEBAPEAXQEAX@Z
- ?NextPool@CMemoryPoolAllocator@@QEAAPEAV1@XZ
- ?NotityTerminate@CWorkerThread@@QEAAXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QEAAJP6AXPEAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QEAAJP6AXPEAX@Z0E1@Z
- ?Pulse@CKEvent@@QEAAJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QEAAEPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SAPEAV1@XZ
- ?Read@CFile@@QEAAJPEADKPEAK@Z
- ?ReadWIRP@CFile@@QEAAJPEADKPEAK@Z
- ?ReferenceCount@CContext@@QEAAAEAKXZ
- ?Release@CLockEvent@@QEAAXXZ
- ?Remove@CContextList@@UEAAEQEAX@Z
- ?Remove@CList@@UEAAEQEAX@Z
- ?Remove@CLockList@@UEAAEQEAX@Z
- ?Remove@CNoLockList@@UEAAEQEAX@Z
- ?RemoveHead@CList@@UEAAPEAXXZ
- ?RemoveHead@CLockList@@UEAAPEAXXZ
- ?RemoveHead@CNoLockList@@UEAAPEAXXZ
- ?RemoveTail@CList@@UEAAPEAXXZ
- ?RemoveTail@CLockList@@UEAAPEAXXZ
- ?RemoveTail@CNoLockList@@UEAAPEAXXZ
- ?Reset@CKEvent@@QEAAXXZ
- ?ResetData@CInclusionExtConfig@@QEAAXXZ
- ?ResetData@CInclusionFileNameConfig@@QEAAXXZ
- ?ResetData@CInclusionFilePathConfig@@QEAAXXZ
- ?ResetData@CInclusionFolderConfig@@QEAAXXZ
- ?RestoreCR0@@YAXPEAX@Z
- ?Run@CAutoUpdateConfigThread@@UEAAXXZ
- ?Run@CDelayLoadThread@@UEAAXXZ
- ?Run@CWorkerThread@@UEAAXXZ
- ?SeekToEnd@CFile@@QEAAJXZ
- ?Set@CKEvent@@QEAAJJE@Z
- ?SetAttributes@CFile@@QEAAJK@Z
- ?SetBlobCofig@CContext@@UEAAJKPEAXK@Z
- ?SetData@CBlobConfig@@QEAAHPEAXK@Z
- ?SetData@CModuleFileExtConfig@@QEAAHPEBG@Z
- ?SetData@CModuleFlagConfig@@QEAAHK@Z
- ?SetData@CModuleMultiStringConfig@@QEAAHPEBGK@Z
- ?SetData@CModuleStringConfig@@QEAAHPEBG@Z
- ?SetEngineContext@CContext@@QEAAXPEAX@Z
- ?SetFileExtensionConfig@CContext@@UEAAJKPEBG@Z
- ?SetFlagConfig@CContext@@UEAAJKK@Z
- ?SetLinkContext@CContext@@QEAAXPEAX@Z
- ?SetLogFlag@CDebugLog@@QEAAEK@Z
- ?SetLogFlag@CDebugLogEx@@QEAAEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QEAAXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QEAAXE@Z
- ?SetMultiStringConfig@CContext@@UEAAJKPEBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QEAAXXZ
- ?SetPriority@CSystemThread@@QEAAXK@Z
- ?SetStopUse@CContext@@QEAAXXZ
- ?SetStringConfig@CContext@@UEAAJKPEBG@Z
- ?Setup@CSystemThread@@MEAAXXZ
- ?StopUse@CContext@@QEAAHXZ
- ?TearDown@CSystemThread@@MEAAXXZ
- ?Terminate@CSystemThread@@QEAAXE@Z
- ?Terminate@CWorkerThreadPool@@QEAAEXZ
- ?Terminate@CWorkerThreadPoolEx@@QEAAEXZ
- ?TmExceptionFilter@@YAJPEAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QEAAJPEAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QEAAXXZ
- ?WaitForInit@CDelayLoadThread@@QEAAEXZ
- ?WaitForLoad@CDelayLoadThread@@QEAAEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QEAAEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QEAAXXZ
- ?Write@CDebugLog@@QEAAXPEBDZZ
- ?Write@CDebugLogEx@@QEAAXPEBDZZ
- ?Write@CFile@@QEAAJPEADKPEAT_LARGE_INTEGER@@PEAK@Z
- ?WriteDataToFile@CDebugLogEx@@IEAAXPEADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IEAAXPEAD@Z
- ?WriteSystemInformation@CDebugLog@@QEAAXXZ
- ?WriteSystemInformation@CDebugLogEx@@QEAAXXZ
- ?WriteSystemStringInformation@CDebugLog@@IEAAXPEBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IEAAXPEBG@Z
- ?WriteToFile@CDebugLog@@IEAAXPEADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IEAAXPEAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?_pPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?m_lpInstance@CWorkerThreadPool@@1PEAV1@EA
- ?m_lpRCMInstance@CWorkerThreadPool@@1PEAV1@EA
- DeInitKm2UmCommunication
- DeInitKmLPC
- DuplicateFullFileName
- FreeFullFileName
- GetKm2UmMode
- GetModuleInfoByAddress
- GetModuleInfoByModuleName
- InitKm2UmCommunication
- InitKmLPC
- KmCallUm
- KmCallUmByLPC
- KmCallUmEx
- KmCleanupCommPortAPIs
- KmGetUmInitProcess
- KmSetCommPortAPIs
- ModGetExportProcAddress
- ModLoadDLLToBuffer
- ModLoadDLLToBufferWithImageSize
- ModLoadModule
- ModUnLoadModule
- NormalizeFileName
- NormalizeFullNtPathToDosName
- TmCommConfigRoutine
- UtilAddDeviceInDriveTable
- UtilAddReparsePointMapping
- UtilCleanFileReadOnly
- UtilCreateDosFileName
- UtilDeleteFileForce
- UtilGetDeviceObjectName
- UtilGetFileNameFromFileObject
- UtilGetFileObjectForProcessByEPROC
- UtilGetFileObjectFromFileName
- UtilGetProcessName
- UtilGetSystemDirectory
- UtilGetSystemDirectoryEx
- UtilGetSystemDirectoryLength
- UtilGetSystemTime
- UtilIoSetFileInfo
- UtilIopCreateFileIRP
- UtilKeGetLowFileDevice
- UtilModuleIATHook
- UtilModuleIATUnHook
- UtilPostJobToWorkerThread
- UtilQueryKeyValue
- UtilRemoveDeviceFromDriveTable
- UtilVolumeDeviceToDosName
- UtilWaitValueChangeToZero
- UtilWriteVersionToRegistry
- UtilbuildDynamicDiskMappingTable
- UtlWriteBinValueKeyToRegistry
- ValidateAddressWithSize
- _UtilDosPathNameToNtPathName
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 4d6290e58c54f0f1eb17341a1310e6a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b7d8444a70054990435f35a5630df5e1 |
| ToBeSigned (TBS) SHA1 | 4678c6e4a8787a8e6ed2bce8792b122f6c08afd8 |
| ToBeSigned (TBS) SHA256 | 0a8b4b359ea7890b358e56e436e9cfc6f32b037b2599b597ca7f7a80d475ec98 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-09-30 00:00:00 |
| ValidTo | 2014-01-01 23:59:59 |
| Signature | aedd211d5f8f807ad25209eadb6ed25d8be8c21b6904be51a5010e59fa37d174a3eedced89742b62d5a6bf4fad361754f013e0a345d24c26cbe26da21fd01e7a070fb6b37b6f5068a2e931b3b7997d8070a0a7de0b1ea4fff34d811bdd20c91cc4afcff18ffad9da95f0ecdc5cbfe88c5a3e7ab0a3eb59437411e09b1a6af36f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4d6290e58c54f0f1eb17341a1310e6a4 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 24e3d70b86ed54d0b22c3450b960984e
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 8ddf6d6623a3f10024af513804bb606d |
| ToBeSigned (TBS) SHA1 | 4daedaec405b6dfefce005517e230b2419ad08bc |
| ToBeSigned (TBS) SHA256 | 54894db2dab64a4991b4deab1a3415d4ea0d9905711af3b67242a0568d799b95 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=RD, CN=Trend Micro, Inc. |
| ValidFrom | 2011-01-31 00:00:00 |
| ValidTo | 2012-02-16 23:59:59 |
| Signature | 5ae5a2abcc8bbf832dd651a0cb396ee5af87305e67d20288d6d830699286ce0b1b3ec77c732d80564e6a482461bda52329dc301ec6286011fe60413c97f4207bf675a71460365e9d917b19d7b5e7c49ff035a5488f8fc703a61512b1588cb6fc8ceef0f6353d47c66a5edbef40e53197431ada77acef71cca7db0dbaa88d02355af0a62a7901e91bc8c59ad48b4ecfd67f137023601c308691ad14d6859c9d6b28c6a3e15314e55832cea94793436a5610bbe5f0901cedc6796c9ca53b5d55f79974cd6be7093bba119675614c1654139096e506c3fb92460d45879bdbc196bd833ae4dc31da6e14130df14a20c05615db7ea7e25aa0fe59801ec30a56501e56 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 24e3d70b86ed54d0b22c3450b960984e |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
- SCSIPORT.SYS
Imported Functions
Expand
- KeWaitForSingleObject
- KeReleaseSemaphore
- KeStackAttachProcess
- KeUnstackDetachProcess
- RtlSubAuthoritySid
- RtlInitializeSid
- ExAllocatePoolWithTag
- RtlLengthRequiredSid
- ExFreePoolWithTag
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwRequestWaitReplyPort
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- ObfReferenceObject
- IoGetCurrentProcess
- PsGetProcessExitTime
- MmSectionObjectType
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- PsGetCurrentThreadId
- _vsnprintf
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- KeDelayExecutionThread
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ExGetPreviousMode
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- MmHighestUserAddress
- IoFreeIrp
- IoFreeMdl
- MmUnlockPages
- KeInitializeSemaphore
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- RtlEqualUnicodeString
- IoFileObjectType
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- MmGetSystemRoutineAddress
- RtlCopyUnicodeString
- RtlCompareMemory
- _snwprintf
- RtlImageNtHeader
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlInitAnsiString
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- ObQueryNameString
- IoBuildDeviceIoControlRequest
- IofCompleteRequest
- ExEventObjectType
- _allmul
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- RtlUpperChar
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- IoDriverObjectType
- RtlAppendUnicodeStringToString
- NtQueryInformationProcess
- PsIsThreadTerminating
- PsThreadType
- KeAddSystemServiceTable
- ZwQueryObject
- ZwQuerySecurityObject
- ObInsertObject
- _allrem
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- RtlUpcaseUnicodeString
- ObCreateObject
- _allshr
- MmUnmapIoSpace
- MmGetPhysicalAddress
- MmFreeContiguousMemory
- MmAllocateContiguousMemory
- MmMapIoSpace
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- KeClearEvent
- KePulseEvent
- KeSetEvent
- wcsrchr
- memcpy
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- wcschr
- RtlAbsoluteToSelfRelativeSD
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- ExAcquireFastMutexUnsafe
- _purecall
- IoBuildAsynchronousFsdRequest
- KeGetCurrentThread
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- ExReleaseFastMutex
- ExAcquireFastMutex
- ClassInitialize
- ScsiPortReadPortBufferUshort
- ScsiPortReadPortUchar
- ScsiPortWritePortUchar
- ScsiPortStallExecution
- ScsiPortWritePortBufferUshort
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z0@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBG@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForReady@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKmLPC@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKmLPC@0
- _KmCallUm@8
- _KmCallUmEx@12
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilCleanFileReadOnly@4
- _UtilDeleteFileForce@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 478a8efb59e1d83f0ce142d2a28707be
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | f13ede9179075999ef7f856ec31e364b |
| ToBeSigned (TBS) SHA1 | 2f09867166e6107e17808317f5c8d4ee157f45bc |
| ToBeSigned (TBS) SHA256 | 089a2c4c6ac7432020acdb65c33bf39130da6f37c002ba79128bd4c94e4fa101 |
| Subject | C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Time Stamping Signer |
| ValidFrom | 2010-05-10 00:00:00 |
| ValidTo | 2015-05-10 23:59:59 |
| Signature | c8fb63f80b75752c3af1f213a72db6a31a9cad0107d3348e77e0c26eae025d484fa4d221b636fd2a35437c6bdf80870b15f0763200b4ceb567a42f2f201b9c549e833f1f5f149562820f2241221f70b3f3f742de6c51cd4bf821ac9b3b8cb1e5e6288fce2a8af9aa524d8c5b77ba4d5a58dbbb6a04cc521e9de228370ebbe70e91c7f8dbf18198ebcd37b30eab65d362ec3aa576eb13a83593c92e0a01ecc0e8cc3d7eb6ebe2c1ecd3149282668750dcfd5097acb34a767306c486113ab35f4304526feab3d074364ccaf11b7984377063ad74b9aa0ef398b08608ebdbe01f8c10f239649bae4f0a2c928a4f18b591e58d1a935f1faef1a6f02e97d0d2f62b3c |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 478a8efb59e1d83f0ce142d2a28707be |
| Version | 3 |
Certificate 4d6290e58c54f0f1eb17341a1310e6a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b7d8444a70054990435f35a5630df5e1 |
| ToBeSigned (TBS) SHA1 | 4678c6e4a8787a8e6ed2bce8792b122f6c08afd8 |
| ToBeSigned (TBS) SHA256 | 0a8b4b359ea7890b358e56e436e9cfc6f32b037b2599b597ca7f7a80d475ec98 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-09-30 00:00:00 |
| ValidTo | 2014-01-01 23:59:59 |
| Signature | aedd211d5f8f807ad25209eadb6ed25d8be8c21b6904be51a5010e59fa37d174a3eedced89742b62d5a6bf4fad361754f013e0a345d24c26cbe26da21fd01e7a070fb6b37b6f5068a2e931b3b7997d8070a0a7de0b1ea4fff34d811bdd20c91cc4afcff18ffad9da95f0ecdc5cbfe88c5a3e7ab0a3eb59437411e09b1a6af36f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4d6290e58c54f0f1eb17341a1310e6a4 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 1a9d178ad334acdf47c8a0d15bb50e6e
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 685d99029d38a9d263ea82cd02a49f6c |
| ToBeSigned (TBS) SHA1 | 93464d8f54b4ee7caf22ca1db15a4211e0d3c79e |
| ToBeSigned (TBS) SHA256 | 894991f1477dff88c7c0707531073bb59483750bcad672fc388179affca07aa9 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=Trend Micro, Inc. |
| ValidFrom | 2013-01-17 00:00:00 |
| ValidTo | 2014-03-18 23:59:59 |
| Signature | 65c7e1e0f4051179852b819153b528c88db47ef50e897cd8ce0d03a7cc2dc896c89790410182186fecaf9da5c317bf57b5038311c10c2ec5ddb5c18165a7e92f92a6f39c042262126c714337a7c528041a04679217c1475a30231c967ca63b4430ccea52fe4f16fabb5c454d2aa8cdde347b8beaa973d76b3f9ba99d2597939a33d67ec4abc3974ef3792b8bc90d092cce62309d205129bbcbd3554382f24b2911b4904b09e7f52f24f2cc5a52fa49f3a163c32fde076e917301f22dd45d643b95319bae922bc861e5a8f90d4dd72603c7b1ea0229eca869ab8d086ae5286baeba9b99a12856dc1d3cd9f6d9da4b8d5a85896ba4587d8eba506a4fbba4a7bb49 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 1a9d178ad334acdf47c8a0d15bb50e6e |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- IoGetCurrentProcess
- ObfReferenceObject
- DbgBreakPoint
- ZwRequestWaitReplyPort
- ExFreePoolWithTag
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- PsGetProcessExitTime
- MmSectionObjectType
- PsThreadType
- ObReleaseObjectSecurity
- SeReleaseSubjectContext
- SeAccessCheck
- SeCaptureSubjectContext
- ObGetObjectSecurity
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- ExAllocatePoolWithTag
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- PsGetCurrentThreadId
- RtlInitAnsiString
- ZwDeviceIoControlFile
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- _vsnprintf
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- KeWaitForSingleObject
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeDelayExecutionThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ExGetPreviousMode
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- IoFileObjectType
- _allrem
- memcpy
- IoFreeIrp
- IoFreeMdl
- MmUnlockPages
- IoBuildAsynchronousFsdRequest
- _strnicmp
- _purecall
- RtlAppendUnicodeToString
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ObQueryNameString
- MmGetSystemRoutineAddress
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- RtlCompareMemory
- _snwprintf
- MmSystemRangeStart
- RtlImageNtHeader
- wcsncmp
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- _allmul
- KeReleaseSemaphore
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- KeInitializeSemaphore
- IofCompleteRequest
- ExEventObjectType
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- RtlUpperChar
- ObReferenceObjectByName
- IoDriverObjectType
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- NtQueryInformationProcess
- PsIsThreadTerminating
- KeAddSystemServiceTable
- ZwQueryObject
- ZwQuerySecurityObject
- ObInsertObject
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- wcsstr
- RtlUpcaseUnicodeString
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- RtlFreeAnsiString
- RtlUnicodeStringToAnsiString
- strncat
- wcschr
- wcsncat
- wcstombs
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- MmHighestUserAddress
- ExAcquireFastMutexUnsafe
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- RtlQueryRegistryValues
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- ExAcquireFastMutex
- ExReleaseFastMutex
- KeGetCurrentIrql
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDebugLogEx@@QAE@ABV0@@Z
- ??0CDebugLogEx@@QAE@K@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z01@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0CWorkerThreadPoolEx@@QAE@ABV0@@Z
- ??0CWorkerThreadPoolEx@@QAE@KK@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDebugLogEx@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1CWorkerThreadPoolEx@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDebugLogEx@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MAEXXZ
- ?FinishIt@CWorkerThreadJob@@QAEJXZ
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetLogFlag@CDebugLogEx@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitProcMon@CDebugLogEx@@IAEXXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QAEJP6GXPAX@Z0E1@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReadWIRP@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetLogFlag@CDebugLogEx@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?Terminate@CWorkerThreadPoolEx@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QAEXXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CDebugLogEx@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteDataToFile@CDebugLogEx@@IAEXPADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IAEXPAD@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemInformation@CDebugLogEx@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IAEXPAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKm2UmCommunication@0
- _DeInitKmLPC@0
- _DuplicateFullFileName@4
- _FreeFullFileName@4
- _GetKm2UmMode@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKm2UmCommunication@8
- _InitKmLPC@0
- _KmCallUm@8
- _KmCallUmByLPC@8
- _KmCallUmEx@12
- _KmCleanupCommPortAPIs@0
- _KmGetUmInitProcess@0
- _KmSetCommPortAPIs@4
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilAddReparsePointMapping@8
- _UtilCleanFileReadOnly@4
- _UtilCreateDosFileName@8
- _UtilDeleteFileForce@4
- _UtilGetDeviceObjectName@8
- _UtilGetFileNameFromFileObject@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilPostJobToWorkerThread@12
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- _ValidateAddressWithSize@20
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 1688f039255e638e69143907e6330b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 0179e8ddeebaf8998fec419d65cdf13d |
| ToBeSigned (TBS) SHA1 | 34c724c3369f2da8c25b591808962f66f10bde28 |
| ToBeSigned (TBS) SHA256 | 35b0bac11602847aaab65fb35199d3c8976cde3ccf7e061b130177c712cbd92f |
| Subject | C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO SHA,1 Time Stamping Signer |
| ValidFrom | 2015-12-31 00:00:00 |
| ValidTo | 2019-07-09 18:40:36 |
| Signature | ba332440408c7cdb589fb36098b2f5c031feeb1f6e50f60ae0e4e681ad2687a2dffdb3daf473f300fb291b891b153edb6b52932bc4ac3981d73c67579a3936e028089ae3394f9b89097f7bc5617f598932250a6aae1a3ef0a227a8b6c3b887f7160448413d5cd8ec9f4d203104d965a1edcd690753163ddd36020a88eb40e506300bb8164bdcefbc5509ffc63e122e76b3dcce42eff97657e1b70a054098589a5d711693718c6581ea6ff389f7fb73adb4e7bfd98e6faa0b4f25f3b8e1d5dd75986881f8aac0d180c2c4c43989c1f6c99e6cd774f9d997f84fc29a0acd5e8ff819e9e0a59fc4f09221e62d7925c922f9c3f03a8457ad3a16f46394101d5dd0c6 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 1688f039255e638e69143907e6330b |
| Version | 3 |
Certificate 774d49c5649436de6bf3190a67eedcdf
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b3ca7d6b821d8e3432b29874980af55e |
| ToBeSigned (TBS) SHA1 | 618d7e55a24c1d8b65a0bcce79120c5e3b13fa4d |
| ToBeSigned (TBS) SHA256 | c645c6a7dc7243a4a3f78a6569c029401a7bda8bc4732ce7198d9f21f19b12fa |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2016-03-29 00:00:00 |
| ValidTo | 2017-06-28 23:59:59 |
| Signature | 27351697f046d1d43fe306dff30b83e7a404e3e6431c1e06829c558d99eb3f21776021e3e1bd4e485aba08b89bb0972f23daa471d7b432a44a591270f9a838f13dbda32ee936c0df792cff8c493e1f27b2282b3d896ae7b4155ca1a50bf7111f3f4bbbe11f17cfe5d49c0589c210966ef7e567153e802d2e783ff498c59585598d9d3e93273d1e81c07ce85c0cfb24834d448c3930120f1686bd472d916ac8f9475acfdb27be8528311f668d71dfc132a0ff62df7baa575a0cc732b3de003beca214954d4d97cf9511b9329eccbb7b716675b31e543a43570080dffce3fc8ca8fbb17d954b9678e2d0c1e1710a5cf03952a687fede59dcba3bf98900f9934f12 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 774d49c5649436de6bf3190a67eedcdf |
| Version | 3 |
Certificate 611993e400000000001c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78a717e082dcc1cda3458d917e677d14 |
| ToBeSigned (TBS) SHA1 | 4a872e0e51f9b304469cd1dedb496ee9b8b983a4 |
| ToBeSigned (TBS) SHA256 | 317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2011-02-22 19:25:17 |
| ValidTo | 2021-02-22 19:35:17 |
| Signature | 812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 611993e400000000001c |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- IoGetCurrentProcess
- ObfReferenceObject
- DbgBreakPoint
- ZwRequestWaitReplyPort
- ExFreePoolWithTag
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- PsGetProcessExitTime
- MmSectionObjectType
- PsThreadType
- MmGetSystemRoutineAddress
- ObReleaseObjectSecurity
- SeReleaseSubjectContext
- SeAccessCheck
- SeCaptureSubjectContext
- ObGetObjectSecurity
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- ExAllocatePoolWithTag
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- PsGetCurrentThreadId
- RtlInitAnsiString
- ZwDeviceIoControlFile
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- _vsnprintf
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- ExGetPreviousMode
- KeWaitForSingleObject
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeDelayExecutionThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- IoFileObjectType
- _allrem
- memcpy
- ZwSetSecurityObject
- RtlLengthSecurityDescriptor
- MmHighestUserAddress
- IoFreeIrp
- IoFreeMdl
- _purecall
- IoBuildAsynchronousFsdRequest
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ObQueryNameString
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- RtlImageNtHeader
- RtlCompareMemory
- RtlUpcaseUnicodeString
- _snwprintf
- MmSystemRangeStart
- wcsncmp
- RtlCompareUnicodeString
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- _allmul
- KeReleaseSemaphore
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- KeInitializeSemaphore
- IofCompleteRequest
- ExEventObjectType
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- RtlUpperChar
- ObReferenceObjectByName
- IoDriverObjectType
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- NtQueryInformationProcess
- PsIsThreadTerminating
- KeAddSystemServiceTable
- ZwQueryObject
- ZwFsControlFile
- ObInsertObject
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- wcsstr
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- RtlFreeAnsiString
- RtlUnicodeStringToAnsiString
- strncat
- wcschr
- wcsncat
- wcstombs
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- ZwQuerySecurityObject
- ExAcquireFastMutexUnsafe
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- MmUnlockPages
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- ExAcquireFastMutex
- ExReleaseFastMutex
- KeGetCurrentIrql
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDebugLogEx@@QAE@ABV0@@Z
- ??0CDebugLogEx@@QAE@K@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z01@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0CWorkerThreadPoolEx@@QAE@ABV0@@Z
- ??0CWorkerThreadPoolEx@@QAE@KK@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDebugLogEx@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1CWorkerThreadPoolEx@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDebugLogEx@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MAEXXZ
- ?FinishIt@CWorkerThreadJob@@QAEJXZ
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetLogFlag@CDebugLogEx@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitProcMon@CDebugLogEx@@IAEXXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QAEJP6GXPAX@Z0E1@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReadWIRP@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetLogFlag@CDebugLogEx@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?Terminate@CWorkerThreadPoolEx@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QAEXXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CDebugLogEx@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteDataToFile@CDebugLogEx@@IAEXPADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IAEXPAD@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemInformation@CDebugLogEx@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IAEXPAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKm2UmCommunication@0
- _DeInitKmLPC@0
- _DuplicateFullFileName@4
- _FreeFullFileName@4
- _GetKm2UmMode@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKm2UmCommunication@8
- _InitKmLPC@0
- _IsVerifierCodeCheckFlagOn@0
- _IsWindows8_1_update@4
- _KmCallUm@8
- _KmCallUmByLPC@8
- _KmCallUmEx@12
- _KmCleanupCommPortAPIs@0
- _KmGetUmInitProcess@0
- _KmSetCommPortAPIs@4
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilAddReparsePointMapping@8
- _UtilCleanFileReadOnly@4
- _UtilCloseExclusiveHandle@12
- _UtilCreateDosFileName@8
- _UtilDeleteFileForce@4
- _UtilGetDeviceObjectName@8
- _UtilGetFileNameFromFileObject@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilPostJobToWorkerThread@12
- _UtilQueryExclusiveHandle@12
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- _ValidateAddressWithSize@20
- __ResetProtectFromClose@4
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 61204db4000000000027
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 8e3ffc222fbcebdbb8b23115ab259be7 |
| ToBeSigned (TBS) SHA1 | ee20bff28ffe13be731c294c90d6ded5aae0ec0e |
| ToBeSigned (TBS) SHA256 | 59826b69bc8c28118c96323b627da59aaca0b142cc5d8bad25a8fcfd399aa821 |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA |
| ValidFrom | 2011-04-15 19:45:33 |
| ValidTo | 2021-04-15 19:55:33 |
| Signature | 208cc159ed6f9c6b2dc14a3e751d454c41501cbd80ead9b0928b062a133f53169e56396a8a63b6782479f57db8b947a10a96c2f6cbbda2669f06e1acd279090efd3cdcac020c70af3f1bec787ed4eb4b056026d973619121edb06863e09712ab6fa012edd99fd2da273cb3e456f9d1d4810f71bd427ca689dccdd5bd95a2abf193117de8ac3129a85d6670419dfc75c9d5b31a392ad08505508bac91cac493cb71a59da4946f580cfa6e20c40831b5859d7e81f9d23dca5b18856c0a86ec22091ba574344f7f28bc954aab1db698b05d09a477767eefa78e5d84f61824cbd16da6c3a19cc2107580ff9d32fde6cf433a82f7ce8fe1722a9b62b75fed951a395c2f946d48b7015f332fbbdc2d73348904420a1c8b79f9a3fa17effaa11a10dfe0b2c195eb5c0c05973b353e18884ddb6cbf24898dc8bdd89f7b393a24a0d5dfd1f34a1a97f6a66f7a1fb090a9b3ac013991d361b764f13e573803afce7ad2b590f5aedc3999d5b63c97eda6cb16c77d6b2a4c9094e64c54fd1ecd20ecce689c8758e96160beeb0ec9d5197d9fe978bd0eac2175078fa96ee08c6a2a6b9ce3e765bcbc2d3c6ddc04dc67453632af0481bca8006e614c95c55cd48e8e9f2fc13274bdbd11650307cdefb75e0257da86d41a2834af8849b2cfa5dd82566f68aa14e25954feffeaeeefea9270226081e32523c09fcc0f49b235aa58c33ac3d9169410 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 61204db4000000000027 |
| Version | 3 |
Certificate 0f6146af9397c7fa04b13c2d0279a1ba
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | df4ab4b67a0e9b1f9ec4a1ad9ea6052a |
| ToBeSigned (TBS) SHA1 | dc1d0c4be3072afed8b0739a21b87b14292815e0 |
| ToBeSigned (TBS) SHA256 | 9c8450b3fa641a421a545e7e4fa7e1bcb657db4796bef147312c44b7a1b5ffe0 |
| Subject | ??=TW, ??=Private Organization, serialNumber=23310837, C=TW, ST=Taipei City, L=Daan District, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2020-08-07 00:00:00 |
| ValidTo | 2021-04-15 12:00:00 |
| Signature | 578aa329d98f23e576b6937a3146ca65f1ec8da04b5ec5f4c499436cfe710be5660f7c864950d9276a6dfdd2341048e6fe4f51044e7fce164f3b9203035bc3d311991685fbce0d90a4c7b2b511d0d3ba37b3558eae76db3ab30f4a2ef102faad1820e26b5fcbc216b368980655de80fe7177f9f1a80c75e4a0a21451a59c86986e5348318da4d295e8d02520fa674ce89756903b25521b5ad358f8328c5591a9702494cc24e340418dbcf08ef06214a8e90c4836dc6f8465fd59385bd56407d83bfc8a633e8125c523ff23dd8c669169848668d5aefe059ee5091e1776ec4686efd0d6ccee0e0bea5922ee41fb36e63d5704633f85115f9584926bdb708a9edb |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0f6146af9397c7fa04b13c2d0279a1ba |
| Version | 3 |
Certificate 03019a023aff58b16bd6d5eae617f066
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | a752afee44f017e8d74e3f3eb7914ae3 |
| ToBeSigned (TBS) SHA1 | 8eca80a6b80e9c69dcef7745748524afb8019e2d |
| ToBeSigned (TBS) SHA256 | 82560fa7efec30b5ff82af643e6f3bf3d46868bbd5e7d76f93db185e9e3553a1 |
| Subject | C=US, O=DigiCert, CN=DigiCert Timestamp Responder |
| ValidFrom | 2014-10-22 00:00:00 |
| ValidTo | 2024-10-22 00:00:00 |
| Signature | 9d257e1b334db226815c9b86ce23200f8087e588ffffb1d46a2c31ed3a17197117cda91bbc5a1639009de36c84e45a40fbde06018c37fa9bb19d247efe20a457ad5bb79ab06026ea6957215d342f1f71b0839419056b359010a07b97c7f63fe7e21141a6bd62d9f0273d381d286f3a5209f0ec7062d3624bb0e073a692c0d38e31d82fe36d171306eee403b614abf38f43a7719d21dd14ca155d9241daf90f81d199740d26c40e7f1bb5f5a0f1c677062815e9d893e55516f0bb0aab1cdb5c482766c8a38b0a1ce595daaec42e59a061dddaf36da261e98a0b6dec1218bdf755544003922b6bc251c20a48afb0d46ee0f4140a3a1be38f3dcaaf6a8d7bdcd844 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 03019a023aff58b16bd6d5eae617f066 |
| Version | 3 |
Certificate 0dd0e3374ac95bdbfa6b434b2a48ec06
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | f92649915476229b093c211c2b18e6c4 |
| ToBeSigned (TBS) SHA1 | 2d54c16a8f8b69ccdea48d0603c132f547a5cf75 |
| ToBeSigned (TBS) SHA256 | 2cd702a7dec30aa441345672e8992ef9770ce4946f276d767b45b0ed627658fb |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert EV Code Signing CA |
| ValidFrom | 2012-04-18 12:00:00 |
| ValidTo | 2027-04-18 12:00:00 |
| Signature | 9e5b963a2e1288acab016da49f75e40187a3a532d7bcbaa97ea3d61417f7c2136b7c738f2b6ae50f265968b08e259b6ceffa6c939208c14dcf459e9c46d61e74a19b14a3fa012f4ab101e1724048111368b9369d914bd7c2391210c1c4dcbb6214142a615d4f387c661fc61bffadbe4f7f945b7343000f4d73b751cf0ef677c05bcd348cd96313aa0e6111d6f28e27fcb47bb8b91120918678ea0ed428ff2ad52438e837b2ec96bb9fbc4a1650e15ebf517d23a032c7c1949e7ac9c026a2cc2587a0127e749f2d8db1c8e784beb9d1e9debb6a4e887371e12238cb2487e9737e51b2ff98eb4e7e2fe0ca0efab35ed1ba0542a8489f83f63fc4caa8df68a05061 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 0dd0e3374ac95bdbfa6b434b2a48ec06 |
| Version | 3 |
Certificate 06fdf9039603adea000aeb3f27bbba1b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 4e5ad189638cf52ba9cd881d4d44668c |
| ToBeSigned (TBS) SHA1 | cdc115e98d798b33904c820d63cc1e1afc19251d |
| ToBeSigned (TBS) SHA256 | 37560fb9d548ab62cc3ed4669a4ab74828b5a108e67e829937ffb2d10a5f78dd |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID CA,1 |
| ValidFrom | 2006-11-10 00:00:00 |
| ValidTo | 2021-11-10 00:00:00 |
| Signature | 46503ec9b72824a7381db65b29af52cf52e93147ab565c7bd50d0b41b3efec751f7438f2b25c61a29c95c350e482b923d1ba3a8672ad3878ac755d1717347247859456d1ebbb368477cc24a5f3041955a9e7e3e7ab62cdfb8b2d90c2c0d2b594bd5e4fb105d20e3d1aa9145ba6863162a8a833e49b39a7c4f5ce1d7876942573e42aabcf9c764bed5fc24b16e44b704c00891efcc579bc4c1257fe5fe11ebc025da8fefb07384f0dc65d91b90f6745cdd683ede7920d8db1698c4ffb59e0230fd2aaae007cee9c420ecf91d727b716ee0fc3bd7c0aa0ee2c08558522b8eb181a4dfc2a21ad49318347957771dcb11b4b4b1c109c7714c19d4f2f5a9508291026 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 06fdf9039603adea000aeb3f27bbba1b |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- KePulseEvent
- KeClearEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- IoGetCurrentProcess
- ObfReferenceObject
- DbgBreakPoint
- ZwRequestWaitReplyPort
- ExFreePoolWithTag
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- PsGetProcessExitTime
- MmSectionObjectType
- PsThreadType
- ObReleaseObjectSecurity
- SeReleaseSubjectContext
- SeAccessCheck
- SeCaptureSubjectContext
- ObGetObjectSecurity
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- ExAllocatePoolWithTag
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- PsGetCurrentThreadId
- RtlInitAnsiString
- ZwDeviceIoControlFile
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- _vsnprintf
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- RtlPrefixUnicodeString
- ExGetPreviousMode
- KeWaitForSingleObject
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeDelayExecutionThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- IoFileObjectType
- KeSetEvent
- ZwQuerySecurityObject
- ZwSetSecurityObject
- RtlLengthSecurityDescriptor
- MmHighestUserAddress
- IoFreeIrp
- _purecall
- MmUnlockPages
- IoBuildAsynchronousFsdRequest
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ObQueryNameString
- MmGetSystemRoutineAddress
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- RtlImageNtHeader
- RtlCompareMemory
- RtlUpcaseUnicodeString
- _snwprintf
- MmSystemRangeStart
- wcsncmp
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- _allmul
- KeReleaseSemaphore
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- KeInitializeSemaphore
- IoGetDeviceObjectPointer
- IofCompleteRequest
- ExEventObjectType
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- RtlUpperChar
- ObReferenceObjectByName
- IoDriverObjectType
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- NtQueryInformationProcess
- PsIsThreadTerminating
- KeAddSystemServiceTable
- ZwFsControlFile
- ObInsertObject
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- wcsstr
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- wcschr
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsrchr
- memcpy
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- _allrem
- ExAcquireFastMutexUnsafe
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- IoFreeMdl
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- KeAcquireQueuedSpinLock
- KeReleaseQueuedSpinLock
- ExAcquireFastMutex
- ExReleaseFastMutex
- KeGetCurrentIrql
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDebugLogEx@@QAE@ABV0@@Z
- ??0CDebugLogEx@@QAE@K@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z01@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0CWorkerThreadPoolEx@@QAE@ABV0@@Z
- ??0CWorkerThreadPoolEx@@QAE@KK@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDebugLogEx@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1CWorkerThreadPoolEx@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDebugLogEx@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MAEXXZ
- ?FinishIt@CWorkerThreadJob@@QAEJXZ
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetLogFlag@CDebugLogEx@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitProcMon@CDebugLogEx@@IAEXXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QAEJP6GXPAX@Z0E1@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReadWIRP@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetLogFlag@CDebugLogEx@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?Terminate@CWorkerThreadPoolEx@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QAEXXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CDebugLogEx@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteDataToFile@CDebugLogEx@@IAEXPADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IAEXPAD@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemInformation@CDebugLogEx@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IAEXPAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKm2UmCommunication@0
- _DeInitKmLPC@0
- _DuplicateFullFileName@4
- _FreeFullFileName@4
- _GetFileVersionOfNtoskrnl@16
- _GetKm2UmMode@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKm2UmCommunication@8
- _InitKmLPC@0
- _IsWindows8_1_update@4
- _KmCallUm@8
- _KmCallUmByLPC@8
- _KmCallUmEx@12
- _KmCleanupCommPortAPIs@0
- _KmGetUmInitProcess@0
- _KmSetCommPortAPIs@4
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName1@8
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName1@8
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilAddReparsePointMapping@8
- _UtilCleanFileReadOnly@4
- _UtilCloseExclusiveHandle@12
- _UtilCreateDosFileName@8
- _UtilDeleteFileForce@4
- _UtilGetDeviceObjectName@8
- _UtilGetFileNameFromFileObject@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilPostJobToWorkerThread@12
- _UtilQueryExclusiveHandle@12
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- _ValidateAddressWithSize@20
- __ResetProtectFromClose@4
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 478a8efb59e1d83f0ce142d2a28707be
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | f13ede9179075999ef7f856ec31e364b |
| ToBeSigned (TBS) SHA1 | 2f09867166e6107e17808317f5c8d4ee157f45bc |
| ToBeSigned (TBS) SHA256 | 089a2c4c6ac7432020acdb65c33bf39130da6f37c002ba79128bd4c94e4fa101 |
| Subject | C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Time Stamping Signer |
| ValidFrom | 2010-05-10 00:00:00 |
| ValidTo | 2015-05-10 23:59:59 |
| Signature | c8fb63f80b75752c3af1f213a72db6a31a9cad0107d3348e77e0c26eae025d484fa4d221b636fd2a35437c6bdf80870b15f0763200b4ceb567a42f2f201b9c549e833f1f5f149562820f2241221f70b3f3f742de6c51cd4bf821ac9b3b8cb1e5e6288fce2a8af9aa524d8c5b77ba4d5a58dbbb6a04cc521e9de228370ebbe70e91c7f8dbf18198ebcd37b30eab65d362ec3aa576eb13a83593c92e0a01ecc0e8cc3d7eb6ebe2c1ecd3149282668750dcfd5097acb34a767306c486113ab35f4304526feab3d074364ccaf11b7984377063ad74b9aa0ef398b08608ebdbe01f8c10f239649bae4f0a2c928a4f18b591e58d1a935f1faef1a6f02e97d0d2f62b3c |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 478a8efb59e1d83f0ce142d2a28707be |
| Version | 3 |
Certificate 4d6290e58c54f0f1eb17341a1310e6a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b7d8444a70054990435f35a5630df5e1 |
| ToBeSigned (TBS) SHA1 | 4678c6e4a8787a8e6ed2bce8792b122f6c08afd8 |
| ToBeSigned (TBS) SHA256 | 0a8b4b359ea7890b358e56e436e9cfc6f32b037b2599b597ca7f7a80d475ec98 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-09-30 00:00:00 |
| ValidTo | 2014-01-01 23:59:59 |
| Signature | aedd211d5f8f807ad25209eadb6ed25d8be8c21b6904be51a5010e59fa37d174a3eedced89742b62d5a6bf4fad361754f013e0a345d24c26cbe26da21fd01e7a070fb6b37b6f5068a2e931b3b7997d8070a0a7de0b1ea4fff34d811bdd20c91cc4afcff18ffad9da95f0ecdc5cbfe88c5a3e7ab0a3eb59437411e09b1a6af36f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4d6290e58c54f0f1eb17341a1310e6a4 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 1a9d178ad334acdf47c8a0d15bb50e6e
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 685d99029d38a9d263ea82cd02a49f6c |
| ToBeSigned (TBS) SHA1 | 93464d8f54b4ee7caf22ca1db15a4211e0d3c79e |
| ToBeSigned (TBS) SHA256 | 894991f1477dff88c7c0707531073bb59483750bcad672fc388179affca07aa9 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=Trend Micro, Inc. |
| ValidFrom | 2013-01-17 00:00:00 |
| ValidTo | 2014-03-18 23:59:59 |
| Signature | 65c7e1e0f4051179852b819153b528c88db47ef50e897cd8ce0d03a7cc2dc896c89790410182186fecaf9da5c317bf57b5038311c10c2ec5ddb5c18165a7e92f92a6f39c042262126c714337a7c528041a04679217c1475a30231c967ca63b4430ccea52fe4f16fabb5c454d2aa8cdde347b8beaa973d76b3f9ba99d2597939a33d67ec4abc3974ef3792b8bc90d092cce62309d205129bbcbd3554382f24b2911b4904b09e7f52f24f2cc5a52fa49f3a163c32fde076e917301f22dd45d643b95319bae922bc861e5a8f90d4dd72603c7b1ea0229eca869ab8d086ae5286baeba9b99a12856dc1d3cd9f6d9da4b8d5a85896ba4587d8eba506a4fbba4a7bb49 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 1a9d178ad334acdf47c8a0d15bb50e6e |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeInitializeSemaphore
- KeWaitForSingleObject
- KeReleaseSemaphore
- KeStackAttachProcess
- KeUnstackDetachProcess
- RtlSubAuthoritySid
- RtlInitializeSid
- ExAllocatePoolWithTag
- RtlLengthRequiredSid
- ExFreePoolWithTag
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwRequestWaitReplyPort
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- ObfReferenceObject
- IoGetCurrentProcess
- DbgBreakPoint
- PsGetProcessExitTime
- MmSectionObjectType
- PsThreadType
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- PsGetCurrentThreadId
- _vsnprintf
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- KeDelayExecutionThread
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ExGetPreviousMode
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- MmHighestUserAddress
- IoFreeIrp
- memcpy
- MmUnlockPages
- IoBuildAsynchronousFsdRequest
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- _purecall
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- RtlEqualUnicodeString
- IoFileObjectType
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- MmGetSystemRoutineAddress
- RtlCopyUnicodeString
- RtlCompareMemory
- _snwprintf
- RtlImageNtHeader
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlInitAnsiString
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- ObQueryNameString
- IoBuildDeviceIoControlRequest
- IofCompleteRequest
- ExEventObjectType
- _allmul
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- RtlUpperChar
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- IoDriverObjectType
- RtlAppendUnicodeStringToString
- strncmp
- NtQueryInformationProcess
- IoThreadToProcess
- PsIsThreadTerminating
- KeAddSystemServiceTable
- ZwQueryObject
- ZwQuerySecurityObject
- ObInsertObject
- _allrem
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- RtlUpcaseUnicodeString
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- MmSystemRangeStart
- wcsstr
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- RtlFreeAnsiString
- RtlUnicodeStringToAnsiString
- strncat
- wcschr
- wcsncat
- wcstombs
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- IoFreeMdl
- ExAcquireFastMutexUnsafe
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- mbstowcs
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- KeGetCurrentIrql
- ExAcquireFastMutex
- ExReleaseFastMutex
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z0@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKmLPC@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKmLPC@0
- _KmCallUm@8
- _KmCallUmEx@12
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilCleanFileReadOnly@4
- _UtilDeleteFileForce@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 7e93ebfb7cc64e59ea4b9a77d406fc3b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d0785ad36e427c92b19f6826ab1e8020 |
| ToBeSigned (TBS) SHA1 | 365b7a9c21bd9373e49052c3e7b3e4646ddd4d43 |
| ToBeSigned (TBS) SHA256 | c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2 |
| ValidFrom | 2012-12-21 00:00:00 |
| ValidTo | 2020-12-30 23:59:59 |
| Signature | 03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 7e93ebfb7cc64e59ea4b9a77d406fc3b |
| Version | 3 |
Certificate 0ecff438c8febf356e04d86a981b1a50
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e9d38360b914c8863f6cba3ee58764d3 |
| ToBeSigned (TBS) SHA1 | 4cba8eae47b6bf76f20b3504b98b8f062694a89b |
| ToBeSigned (TBS) SHA256 | 88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4 |
| ValidFrom | 2012-10-18 00:00:00 |
| ValidTo | 2020-12-29 23:59:59 |
| Signature | 783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0ecff438c8febf356e04d86a981b1a50 |
| Version | 3 |
Certificate 497c4fad471540e6e453d0cafb155740
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78eaa337666217b1c16a9a0ebd0b8434 |
| ToBeSigned (TBS) SHA1 | ff9cb835e78f6185eed4372096c3bae53b17d18d |
| ToBeSigned (TBS) SHA256 | 1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2017-04-27 00:00:00 |
| ValidTo | 2018-07-16 23:59:59 |
| Signature | f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 497c4fad471540e6e453d0cafb155740 |
| Version | 3 |
Certificate 611993e400000000001c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78a717e082dcc1cda3458d917e677d14 |
| ToBeSigned (TBS) SHA1 | 4a872e0e51f9b304469cd1dedb496ee9b8b983a4 |
| ToBeSigned (TBS) SHA256 | 317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2011-02-22 19:25:17 |
| ValidTo | 2021-02-22 19:35:17 |
| Signature | 812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 611993e400000000001c |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- RtlInitUnicodeString
- KeInitializeEvent
- KeClearEvent
- KeSetEvent
- KeEnterCriticalRegion
- KeLeaveCriticalRegion
- KeWaitForSingleObject
- ExFreePoolWithTag
- ExAcquireFastMutexUnsafe
- ExReleaseFastMutexUnsafe
- ProbeForRead
- ProbeForWrite
- ExAcquireResourceSharedLite
- ExAcquireResourceExclusiveLite
- ExReleaseResourceLite
- MmProbeAndLockPages
- MmUnlockPages
- MmMapLockedPagesSpecifyCache
- IoAllocateMdl
- IoFreeMdl
- IoGetCurrentProcess
- ObfReferenceObject
- ObfDereferenceObject
- ZwClose
- ZwCreateSection
- ZwOpenSection
- ZwMapViewOfSection
- ZwUnmapViewOfSection
- ZwOpenEvent
- KePulseEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObOpenObjectByPointer
- ZwAllocateVirtualMemory
- ZwFreeVirtualMemory
- ZwSetEvent
- __C_specific_handler
- PsProcessType
- wcslen
- wcsncpy
- wcsrchr
- RtlUnicodeStringToInteger
- ZwWaitForSingleObject
- ZwRequestWaitReplyPort
- ZwConnectPort
- _stricmp
- ExAllocatePoolWithTag
- MmIsAddressValid
- RtlImageNtHeader
- ZwQuerySystemInformation
- SeCaptureSubjectContext
- SeReleaseSubjectContext
- SeAccessCheck
- ObGetObjectSecurity
- ObReleaseObjectSecurity
- PsGetProcessExitTime
- PsThreadType
- MmSectionObjectType
- RtlCreateSecurityDescriptor
- RtlSetDaclSecurityDescriptor
- KeInitializeSemaphore
- KeReleaseSemaphore
- ExAcquireFastMutex
- ExReleaseFastMutex
- RtlCreateAcl
- RtlAddAccessAllowedAce
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- KeDelayExecutionThread
- ExGetPreviousMode
- DbgPrint
- swprintf
- RtlCopyUnicodeString
- IofCompleteRequest
- IoCreateSymbolicLink
- IoDeleteDevice
- IoDeleteSymbolicLink
- ObReferenceObjectByHandle
- PsGetCurrentProcessId
- ZwCreateEvent
- ExEventObjectType
- _wcsnicmp
- PsSetCreateProcessNotifyRoutine
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwCreateFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwReadFile
- ZwWriteFile
- towupper
- MmGetSystemRoutineAddress
- ObReferenceObjectByPointer
- PsGetCurrentThreadId
- ObQueryNameString
- PsGetVersion
- _snprintf
- _vsnprintf
- RtlInitAnsiString
- wcscat
- RtlFreeUnicodeString
- RtlTimeToTimeFields
- KeWaitForMultipleObjects
- ExSystemTimeToLocalTime
- ZwCreateKey
- ZwDeviceIoControlFile
- ZwNotifyChangeKey
- ZwOpenFile
- ZwQueryVolumeInformationFile
- mbstowcs
- IoGetDeviceObjectPointer
- IoBuildDeviceIoControlRequest
- IofCallDriver
- IoCreateFile
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlUpcaseUnicodeChar
- _snwprintf
- strlen
- _strnicmp
- strncpy
- NtOpenProcess
- NtQueryInformationProcess
- ObOpenObjectByName
- KeSetPriorityThread
- PsCreateSystemThread
- PsTerminateSystemThread
- KeNumberProcessors
- RtlLengthSecurityDescriptor
- ZwOpenKey
- ZwDeleteKey
- ZwDeleteValueKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryKey
- ZwQueryValueKey
- ZwSetValueKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwDuplicateObject
- ZwQuerySecurityObject
- ZwSetSecurityObject
- ZwQueryDirectoryObject
- ZwQueryDirectoryFile
- NtCreateFile
- NtQueryInformationFile
- NtSetInformationFile
- IoFileObjectType
- ObInsertObject
- wcschr
- wcsncmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- RtlCompareMemory
- MmBuildMdlForNonPagedPool
- IoAllocateIrp
- IoFreeIrp
- ZwOpenSymbolicLinkObject
- ZwQuerySymbolicLinkObject
- RtlUpcaseUnicodeString
- NtClose
- ZwSetInformationObject
- SeQueryAuthenticationIdToken
- MmSystemRangeStart
- IoGetFileObjectGenericMapping
- ObCreateObject
- SeCreateAccessState
- IoAcquireVpbSpinLock
- IoReleaseVpbSpinLock
- wcstombs
- strncat
- wcsncat
- RtlUnicodeStringToAnsiString
- RtlFreeAnsiString
- strcpy
- wcsstr
- RtlCompareUnicodeString
- DbgPrintEx
- KeAcquireSpinLockRaiseToDpc
- KeReleaseSpinLock
- ExAllocatePool
- ExpInterlockedPopEntrySList
- IoBuildSynchronousFsdRequest
- IoGetStackLimits
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- IoUnregisterPlugPlayNotification
- IoGetConfigurationInformation
- FsRtlIsNameInExpression
- IoDeviceObjectType
- IoCreateDevice
- RtlGetOwnerSecurityDescriptor
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- SeCaptureSecurityDescriptor
- RtlLengthSid
- SeExports
- IoIsWdmVersionAvailable
- RtlAbsoluteToSelfRelativeSD
- RtlAnsiStringToUnicodeString
- _purecall
- KeBugCheckEx
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QEAA@AEBV0@@Z
- ??0CAutoUpdateConfigThread@@QEAA@PEAU_UNICODE_STRING@@P6AX0PEAX@Z1@Z
- ??0CBlobConfig@@QEAA@AEBV0@@Z
- ??0CBlobConfig@@QEAA@K@Z
- ??0CContext@@QEAA@AEBV0@@Z
- ??0CContext@@QEAA@KP6AJPEAU_EVENT_REPORT@@PEAXPEAU_TMCE_REPORT@@PEAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QEAA@AEBV0@@Z
- ??0CContextList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QEAA@AEBV0@@Z
- ??0CDebugLog@@QEAA@PEBG@Z
- ??0CDebugLogEx@@QEAA@AEBV0@@Z
- ??0CDebugLogEx@@QEAA@K@Z
- ??0CDelayLoadThread@@QEAA@AEBV0@@Z
- ??0CDelayLoadThread@@QEAA@XZ
- ??0CExclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CExclusionExtConfig@@QEAA@KKE@Z
- ??0CExclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFileNameConfig@@QEAA@KK@Z
- ??0CExclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFilePathConfig@@QEAA@KK@Z
- ??0CExclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFolderConfig@@QEAA@KK@Z
- ??0CExclusionRegistryConfig@@QEAA@AEBV0@@Z
- ??0CExclusionRegistryConfig@@QEAA@KK@Z
- ??0CFile@@QEAA@AEBV0@@Z
- ??0CFile@@QEAA@E@Z
- ??0CFileExtension@@QEAA@AEBV0@@Z
- ??0CFileExtension@@QEAA@KEEPEAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CInclusionExtConfig@@QEAA@KKE@Z
- ??0CInclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFileNameConfig@@QEAA@KK@Z
- ??0CInclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFilePathConfig@@QEAA@KK@Z
- ??0CInclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFolderConfig@@QEAA@KK@Z
- ??0CKEvent@@QEAA@AEBV0@@Z
- ??0CKEvent@@QEAA@W4_EVENT_TYPE@@E@Z
- ??0CList@@QEAA@AEBV0@@Z
- ??0CList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QEAA@AEBV0@@Z
- ??0CLockEvent@@QEAA@XZ
- ??0CLockList@@QEAA@AEBV0@@Z
- ??0CLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IEAA@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QEAA@AEBV0@@Z
- ??0CMemoryPoolAllocator@@IEAA@W4_POOL_TYPE@@_K1K@Z
- ??0CMemoryPoolAllocator@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@XZ
- ??0CModuleConfigList@@QEAA@AEBV0@@Z
- ??0CModuleConfigList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QEAA@AEBV0@@Z
- ??0CModuleFileExtConfig@@QEAA@KKE@Z
- ??0CModuleFlagConfig@@QEAA@AEBV0@@Z
- ??0CModuleFlagConfig@@QEAA@K@Z
- ??0CModuleMultiStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleMultiStringConfig@@QEAA@KK@Z
- ??0CModuleStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleStringConfig@@QEAA@K@Z
- ??0CNoLockList@@QEAA@AEBV0@@Z
- ??0CNoLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QEAA@AEAVCLockEvent@@@Z
- ??0CSmartLock@@QEAA@XZ
- ??0CSmartReference@@QEAA@AEAJ@Z
- ??0CSmartReference@@QEAA@AEAK@Z
- ??0CSmartResource@@QEAA@AEAVCResource@@E@Z
- ??0CStrList@@QEAA@AEBV0@@Z
- ??0CStrList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QEAA@AEBV0@@Z
- ??0CSystemThread@@QEAA@K@Z
- ??0CUserFuncAdapterJob@@QEAA@AEBV0@@Z
- ??0CUserFuncAdapterJob@@QEAA@P6AXPEAX@Z01@Z
- ??0CWorkerThread@@IEAA@PEAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@E@Z
- ??0CWorkerThreadJobQueue@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJobQueue@@QEAA@K@Z
- ??0CWorkerThreadPool@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPool@@QEAA@K@Z
- ??0CWorkerThreadPoolEx@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPoolEx@@QEAA@KK@Z
- ??0IMemoryAllocator@@QEAA@AEBV0@@Z
- ??0IMemoryAllocator@@QEAA@XZ
- ??1CAutoUpdateConfigThread@@UEAA@XZ
- ??1CBlobConfig@@UEAA@XZ
- ??1CContext@@UEAA@XZ
- ??1CContextList@@UEAA@XZ
- ??1CDebugLog@@UEAA@XZ
- ??1CDebugLogEx@@UEAA@XZ
- ??1CDelayLoadThread@@UEAA@XZ
- ??1CExclusionExtConfig@@UEAA@XZ
- ??1CExclusionFileNameConfig@@UEAA@XZ
- ??1CExclusionFilePathConfig@@UEAA@XZ
- ??1CExclusionFolderConfig@@UEAA@XZ
- ??1CExclusionRegistryConfig@@UEAA@XZ
- ??1CFile@@UEAA@XZ
- ??1CFileExtension@@UEAA@XZ
- ??1CInclusionExtConfig@@UEAA@XZ
- ??1CInclusionFileNameConfig@@UEAA@XZ
- ??1CInclusionFilePathConfig@@UEAA@XZ
- ??1CInclusionFolderConfig@@UEAA@XZ
- ??1CKEvent@@UEAA@XZ
- ??1CList@@UEAA@XZ
- ??1CLockEvent@@UEAA@XZ
- ??1CLockList@@UEAA@XZ
- ??1CMemoryAllocator@@UEAA@XZ
- ??1CMemoryPoolAllocator@@UEAA@XZ
- ??1CModuleConfig@@UEAA@XZ
- ??1CModuleConfigList@@UEAA@XZ
- ??1CModuleFileExtConfig@@UEAA@XZ
- ??1CModuleFlagConfig@@UEAA@XZ
- ??1CModuleMultiStringConfig@@UEAA@XZ
- ??1CModuleStringConfig@@UEAA@XZ
- ??1CNoLockList@@UEAA@XZ
- ??1CSmartLock@@QEAA@XZ
- ??1CSmartReference@@QEAA@XZ
- ??1CSmartResource@@QEAA@XZ
- ??1CStrList@@UEAA@XZ
- ??1CSystemThread@@UEAA@XZ
- ??1CUserFuncAdapterJob@@UEAA@XZ
- ??1CWorkerThread@@UEAA@XZ
- ??1CWorkerThreadJob@@UEAA@XZ
- ??1CWorkerThreadJobQueue@@UEAA@XZ
- ??1CWorkerThreadPool@@UEAA@XZ
- ??1CWorkerThreadPoolEx@@UEAA@XZ
- ??1IMemoryAllocator@@UEAA@XZ
- ??2@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??2CMemoryAllocator@@SAPEAX_K@Z
- ??2CMemoryPoolAllocator@@SAPEAX_K@Z
- ??3@YAXPEAX@Z
- ??3@YAXPEAX_K@Z
- ??3IMemoryAllocator@@SAXPEAX@Z
- ??4CAutoUpdateConfigThread@@QEAAAEAV0@AEBV0@@Z
- ??4CBlobConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CContext@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLog@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLogEx@@QEAAAEAV0@AEBV0@@Z
- ??4CDelayLoadThread@@QEAAAEAV0@AEBV0@@Z
- ??4CFile@@QEAAAEAV0@AEBV0@@Z
- ??4CKEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CLockEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryPoolAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleFlagConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleStringConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEBV0@AEAVCLockEvent@@@Z
- ??4CSmartResource@@QEAAAEAV0@AEBV0@@Z
- ??4CSystemThread@@QEAAAEAV0@AEBV0@@Z
- ??4CUserFuncAdapterJob@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThread@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThreadJob@@QEAAAEAV0@AEBV0@@Z
- ??4IMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QEAAXXZ
- ??_FCFile@@QEAAXXZ
- ??_FCFileExtension@@QEAAXXZ
- ??_FCModuleConfigList@@QEAAXXZ
- ??_FCStrList@@QEAAXXZ
- ??_FCSystemThread@@QEAAXXZ
- ??_FCWorkerThread@@QEAAXXZ
- ??_FCWorkerThreadJob@@QEAAXXZ
- ??_FCWorkerThreadJobQueue@@QEAAXXZ
- ??_U@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??_V@YAXPEAX@Z
- ??_V@YAXPEAX_K@Z
- ?Acquire@CLockEvent@@QEAAXXZ
- ?Add@CContextList@@QEAAEPEAVCContext@@@Z
- ?Add@CFileExtension@@QEAAEPEBGK@Z
- ?Add@CModuleConfigList@@QEAAEPEAVCModuleConfig@@@Z
- ?Add@CStrList@@QEAAEPEBG@Z
- ?AddNode@CLockList@@UEAAEQEAXE@Z
- ?AddNode@CNoLockList@@UEAAEQEAXE@Z
- ?Alloc@CMemoryAllocator@@UEAAPEAX_KPEBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UEAAPEAX_KPEBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IEAAPEAX_K@Z
- ?AttachJobQueue@CWorkerThread@@QEAAXPEAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QEAAXXZ
- ?CheckNode@CLockList@@UEAAHQEAX@Z
- ?CheckNode@CNoLockList@@UEAAHQEAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QEAAXXZ
- ?Cleanup@CBlobConfig@@AEAAXXZ
- ?Cleanup@CModuleFileExtConfig@@IEAAXXZ
- ?Cleanup@CModuleMultiStringConfig@@IEAAXXZ
- ?Cleanup@CModuleStringConfig@@AEAAXXZ
- ?Close@CFile@@QEAAJXZ
- ?Count@CLockList@@QEAAKXZ
- ?Count@CNoLockList@@QEAAKXZ
- ?Create@CFile@@QEAAJPEBGKKKK@Z
- ?Create@CSystemThread@@QEAAEXZ
- ?CreateInstance@CMemoryAllocator@@SAPEAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SAPEAV1@W4_POOL_TYPE@@_K1K@Z
- ?CreatePool@CWorkerThreadPool@@QEAAEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QEAAEXZ
- ?CreateThreads@CWorkerThreadPool@@QEAAEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QEAAEK@Z
- ?CreateWIRP@CFile@@QEAAJPEBGKKKK@Z
- ?Delete@CFile@@QEAAJXZ
- ?Delete@CFileExtension@@QEAAEPEBGK@Z
- ?Delete@CStrList@@QEAAEPEBG@Z
- ?DeleteAll@CList@@UEAAXXZ
- ?DeleteAll@CLockList@@UEAAXXZ
- ?DeleteAll@CNoLockList@@UEAAXXZ
- ?DeleteNode@CContextList@@MEAAXPEAX@Z
- ?DeleteNode@CList@@UEAAXPEAX@Z
- ?DeleteNode@CModuleConfigList@@MEAAXPEAX@Z
- ?DeleteNode@CStrList@@EEAAXPEAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YAXPEAPEAX@Z
- ?DoIt@CWorkerThreadJob@@QEAAJXZ
- ?EntryPoint@CSystemThread@@KAXPEAX@Z
- ?Find@CContextList@@QEAAPEAVCContext@@K@Z
- ?Find@CContextList@@QEAAPEAVCContext@@PEAX@Z
- ?Find@CFileExtension@@QEAAPEAU_STR_LIST_NODE@CStrList@@PEBGK@Z
- ?Find@CModuleConfigList@@QEAAPEAVCModuleConfig@@K@Z
- ?Find@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FindNode@CContextList@@IEAAPEAXPEAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?FinishIt@CWorkerThreadJob@@QEAAJXZ
- ?First@CList@@UEAAPEAXXZ
- ?First@CLockList@@UEAAPEAXXZ
- ?First@CNoLockList@@UEAAPEAXXZ
- ?Free@CMemoryAllocator@@UEAAXPEAX@Z
- ?Free@CMemoryPoolAllocator@@UEAAXPEAX@Z
- ?GetAttributes@CFile@@QEAAKXZ
- ?GetBasicInfomration@CFile@@IEAAJXZ
- ?GetBlobCofig@CContext@@UEAAJKPEAXPEAK@Z
- ?GetCategory@CContext@@QEAAKXZ
- ?GetData@CBlobConfig@@QEAAHPEAXPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAPEAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QEAAKXZ
- ?GetData@CModuleMultiStringConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleMultiStringConfig@@QEAAPEAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QEAAPEAGXZ
- ?GetData@CStrList@@QEAAEPEAGPEAK@Z
- ?GetDataType@CModuleConfig@@QEAAKXZ
- ?GetEngineContext@CContext@@QEAAPEAXXZ
- ?GetFileExtensionConfig@CContext@@QEAAPEAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetFileSize@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UEAAJKPEAK@Z
- ?GetID@CModuleConfig@@QEAAKXZ
- ?GetJob@CWorkerThreadJobQueue@@QEAAPEAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QEAAKXZ
- ?GetLinkContext@CContext@@QEAAPEAXXZ
- ?GetLogFlag@CDebugLog@@QEAAKXZ
- ?GetLogFlag@CDebugLogEx@@QEAAKXZ
- ?GetModuleId@CModuleConfig@@QEAAKXZ
- ?GetMultiStringConfig@CContext@@QEAAPEAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QEAA_KXZ
- ?GetSize@CBlobConfig@@QEAAKXZ
- ?GetStringConfig@CContext@@QEAAPEAGK@Z
- ?GetStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QEAAKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QEAAKXZ
- ?GetThreadID@CSystemThread@@QEAA_KXZ
- ?GetType@CContext@@QEAAKXZ
- ?GetUserParameter@CContext@@QEAA_KXZ
- ?InitProcMon@CDebugLogEx@@IEAAXXZ
- ?InitializeBlobConfig@CContext@@QEAAHKPEAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeFlagConfig@CContext@@QEAAHKK@Z
- ?InitializeMultiStringConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeStringConfig@CContext@@QEAAHKPEBG@Z
- ?Insert@CList@@UEAAXQEAXE@Z
- ?Insert@CLockList@@UEAAXQEAXE@Z
- ?Insert@CNoLockList@@UEAAXQEAXE@Z
- ?InsertAfter@CList@@UEAAXPEAX0@Z
- ?InsertBefore@CList@@UEAAXPEAX0@Z
- ?Instance@CWorkerThreadPool@@SAPEAV1@XZ
- ?IsEmpty@CList@@UEAAEXZ
- ?IsEmpty@CLockList@@UEAAEXZ
- ?IsEmpty@CNoLockList@@UEAAEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IEAAEK@Z
- ?IsFull@CLockList@@QEBAEXZ
- ?IsFull@CNoLockList@@QEBAEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QEAAEPEBG@Z
- ?IsOpened@CFile@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPool@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QEAAEXZ
- ?IsValid@CMemoryAllocator@@UEAAEXZ
- ?IsValid@CMemoryPoolAllocator@@UEAAEXZ
- ?IsValid@IMemoryAllocator@@UEAAEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QEAAE_K@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QEAAE_K@Z
- ?JobFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?JobQueue@CWorkerThreadPool@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QEAAKXZ
- ?Limit@CNoLockList@@QEAAKXZ
- ?MatchAllExtensions@CFileExtension@@QEAAEXZ
- ?MatchNoExtensions@CFileExtension@@QEAAEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?NeedDelete@CWorkerThreadJob@@QEAAEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QEAAXE@Z
- ?NewNode@CList@@UEAAPEAXXZ
- ?NewNode@CStrList@@EEAAPEAXXZ
- ?NewNodeVariant@CList@@IEAAPEAXK@Z
- ?Next@CList@@UEBAPEAXQEAX@Z
- ?Next@CLockList@@UEBAPEAXQEAX@Z
- ?Next@CNoLockList@@UEBAPEAXQEAX@Z
- ?NextPool@CMemoryPoolAllocator@@QEAAPEAV1@XZ
- ?NotityTerminate@CWorkerThread@@QEAAXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QEAAJP6AXPEAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QEAAJP6AXPEAX@Z0E1@Z
- ?Pulse@CKEvent@@QEAAJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QEAAEPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SAPEAV1@XZ
- ?Read@CFile@@QEAAJPEADKPEAK@Z
- ?ReadWIRP@CFile@@QEAAJPEADKPEAK@Z
- ?ReferenceCount@CContext@@QEAAAEAKXZ
- ?Release@CLockEvent@@QEAAXXZ
- ?Remove@CContextList@@UEAAEQEAX@Z
- ?Remove@CList@@UEAAEQEAX@Z
- ?Remove@CLockList@@UEAAEQEAX@Z
- ?Remove@CNoLockList@@UEAAEQEAX@Z
- ?RemoveHead@CList@@UEAAPEAXXZ
- ?RemoveHead@CLockList@@UEAAPEAXXZ
- ?RemoveHead@CNoLockList@@UEAAPEAXXZ
- ?RemoveTail@CList@@UEAAPEAXXZ
- ?RemoveTail@CLockList@@UEAAPEAXXZ
- ?RemoveTail@CNoLockList@@UEAAPEAXXZ
- ?Reset@CKEvent@@QEAAXXZ
- ?ResetData@CInclusionExtConfig@@QEAAXXZ
- ?ResetData@CInclusionFileNameConfig@@QEAAXXZ
- ?ResetData@CInclusionFilePathConfig@@QEAAXXZ
- ?ResetData@CInclusionFolderConfig@@QEAAXXZ
- ?RestoreCR0@@YAXPEAX@Z
- ?Run@CAutoUpdateConfigThread@@UEAAXXZ
- ?Run@CDelayLoadThread@@UEAAXXZ
- ?Run@CWorkerThread@@UEAAXXZ
- ?SeekToEnd@CFile@@QEAAJXZ
- ?Set@CKEvent@@QEAAJJE@Z
- ?SetAttributes@CFile@@QEAAJK@Z
- ?SetBlobCofig@CContext@@UEAAJKPEAXK@Z
- ?SetData@CBlobConfig@@QEAAHPEAXK@Z
- ?SetData@CModuleFileExtConfig@@QEAAHPEBG@Z
- ?SetData@CModuleFlagConfig@@QEAAHK@Z
- ?SetData@CModuleMultiStringConfig@@QEAAHPEBGK@Z
- ?SetData@CModuleStringConfig@@QEAAHPEBG@Z
- ?SetEngineContext@CContext@@QEAAXPEAX@Z
- ?SetFileExtensionConfig@CContext@@UEAAJKPEBG@Z
- ?SetFlagConfig@CContext@@UEAAJKK@Z
- ?SetLinkContext@CContext@@QEAAXPEAX@Z
- ?SetLogFlag@CDebugLog@@QEAAEK@Z
- ?SetLogFlag@CDebugLogEx@@QEAAEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QEAAXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QEAAXE@Z
- ?SetMultiStringConfig@CContext@@UEAAJKPEBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QEAAXXZ
- ?SetPriority@CSystemThread@@QEAAXK@Z
- ?SetStopUse@CContext@@QEAAXXZ
- ?SetStringConfig@CContext@@UEAAJKPEBG@Z
- ?Setup@CSystemThread@@MEAAXXZ
- ?StopUse@CContext@@QEAAHXZ
- ?TearDown@CSystemThread@@MEAAXXZ
- ?Terminate@CSystemThread@@QEAAXE@Z
- ?Terminate@CWorkerThreadPool@@QEAAEXZ
- ?Terminate@CWorkerThreadPoolEx@@QEAAEXZ
- ?TmExceptionFilter@@YAJPEAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QEAAJPEAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QEAAXXZ
- ?WaitForInit@CDelayLoadThread@@QEAAEXZ
- ?WaitForLoad@CDelayLoadThread@@QEAAEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QEAAEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QEAAXXZ
- ?Write@CDebugLog@@QEAAXPEBDZZ
- ?Write@CDebugLogEx@@QEAAXPEBDZZ
- ?Write@CFile@@QEAAJPEADKPEAT_LARGE_INTEGER@@PEAK@Z
- ?WriteDataToFile@CDebugLogEx@@IEAAXPEADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IEAAXPEAD@Z
- ?WriteSystemInformation@CDebugLog@@QEAAXXZ
- ?WriteSystemInformation@CDebugLogEx@@QEAAXXZ
- ?WriteSystemStringInformation@CDebugLog@@IEAAXPEBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IEAAXPEBG@Z
- ?WriteToFile@CDebugLog@@IEAAXPEADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IEAAXPEAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?_pPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?m_lpInstance@CWorkerThreadPool@@1PEAV1@EA
- ?m_lpRCMInstance@CWorkerThreadPool@@1PEAV1@EA
- AllocFullFileName
- DeInitKm2UmCommunication
- DeInitKmLPC
- DuplicateFullFileName
- FreeFullFileName
- GetKm2UmMode
- GetModuleInfoByAddress
- GetModuleInfoByModuleName
- InitKm2UmCommunication
- InitKmLPC
- IsVerifierCodeCheckFlagOn
- IsWindows8_1_update
- KmCallUm
- KmCallUmByLPC
- KmCallUmEx
- KmCleanupCommPortAPIs
- KmGetUmInitProcess
- KmSetBackupCommPortAPIs
- KmSetCommPortAPIs
- ModGetExportProcAddress
- ModLoadDLLToBuffer
- ModLoadDLLToBufferWithImageSize
- ModLoadModule
- ModUnLoadModule
- NormalizeFileName
- NormalizeFullNtPathToDosName
- TmCommConfigRoutine
- UtilAddDeviceInDriveTable
- UtilAddReparsePointMapping
- UtilCleanFileReadOnly
- UtilCloseExclusiveHandle
- UtilCreateDosFileName
- UtilDeleteFileForce
- UtilGetDeviceObjectName
- UtilGetFileNameFromFileObject
- UtilGetFileObjectForProcessByEPROC
- UtilGetFileObjectFromFileName
- UtilGetProcessName
- UtilGetSystemDirectory
- UtilGetSystemDirectoryEx
- UtilGetSystemDirectoryLength
- UtilGetSystemTime
- UtilIoSetFileInfo
- UtilIopCreateFileIRP
- UtilKeGetLowFileDevice
- UtilModuleIATHook
- UtilModuleIATUnHook
- UtilPostJobToWorkerThread
- UtilQueryExclusiveHandle
- UtilQueryKeyValue
- UtilRemoveDeviceFromDriveTable
- UtilVolumeDeviceToDosName
- UtilWaitValueChangeToZero
- UtilWriteVersionToRegistry
- UtilbuildDynamicDiskMappingTable
- UtlWriteBinValueKeyToRegistry
- ValidateAddressWithSize
- _ResetProtectFromClose
- _UtilDosPathNameToNtPathName
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- .gfids
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 79a2a585f9d1154213d9b83ef6b68ded
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e6d820afb23af20a65cf0b03247ea05e |
| ToBeSigned (TBS) SHA1 | 7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7 |
| ToBeSigned (TBS) SHA256 | 7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3 |
| ValidFrom | 2012-05-01 00:00:00 |
| ValidTo | 2012-12-31 23:59:59 |
| Signature | 1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 79a2a585f9d1154213d9b83ef6b68ded |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 4d6290e58c54f0f1eb17341a1310e6a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b7d8444a70054990435f35a5630df5e1 |
| ToBeSigned (TBS) SHA1 | 4678c6e4a8787a8e6ed2bce8792b122f6c08afd8 |
| ToBeSigned (TBS) SHA256 | 0a8b4b359ea7890b358e56e436e9cfc6f32b037b2599b597ca7f7a80d475ec98 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-09-30 00:00:00 |
| ValidTo | 2014-01-01 23:59:59 |
| Signature | aedd211d5f8f807ad25209eadb6ed25d8be8c21b6904be51a5010e59fa37d174a3eedced89742b62d5a6bf4fad361754f013e0a345d24c26cbe26da21fd01e7a070fb6b37b6f5068a2e931b3b7997d8070a0a7de0b1ea4fff34d811bdd20c91cc4afcff18ffad9da95f0ecdc5cbfe88c5a3e7ab0a3eb59437411e09b1a6af36f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4d6290e58c54f0f1eb17341a1310e6a4 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 6326c00ead256b6837eeb29b5ee84720
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 11b208a45459069f827186fe81c6badd |
| ToBeSigned (TBS) SHA1 | 456356986e8ecbb7b05e4617d37cb8cd69ce4969 |
| ToBeSigned (TBS) SHA256 | 4a0336d7ffa5db42ece4b342e1244f5c2bd0681827f68f847d99195c83740145 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=RD, CN=Trend Micro, Inc. |
| ValidFrom | 2011-12-27 00:00:00 |
| ValidTo | 2013-02-15 23:59:59 |
| Signature | 840ba0fc35187fe2edc7b17c101fd2bf035bbad8f3de048e250741e96a3f4ecee86f1f065ea76f2f8f430a13a75ff3eab29a8b11a13006d27bf3173fa49aabf9cef98fc4554f1732317c4b821c740eb58a91977d85e86574dd712718b15d24f7eb88b6d4520aef788478e1ef8cebd7fff06fadbc87ca6ca2b77da85be3c30b4d590bcb8945a0acfa013f89073933494d9c465c0036280a5af39f6802e60bd175a2603366dd935cb3458b1791411a06b6e5f38e3171de4238051c79b33117cb94674d0625c402bdfb0f99b80625dc0f827911c6c11263884a4e41d1abf60070ad46b7296e19e1cfcda7304a650d7a814319cc11e5a947e82b2d00a169e798b871 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 6326c00ead256b6837eeb29b5ee84720 |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeInitializeSemaphore
- KeWaitForSingleObject
- KeReleaseSemaphore
- KeStackAttachProcess
- KeUnstackDetachProcess
- RtlSubAuthoritySid
- RtlInitializeSid
- ExAllocatePoolWithTag
- RtlLengthRequiredSid
- ExFreePoolWithTag
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwRequestWaitReplyPort
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- ObfReferenceObject
- IoGetCurrentProcess
- DbgBreakPoint
- PsGetProcessExitTime
- MmSectionObjectType
- PsThreadType
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- PsGetCurrentThreadId
- _vsnprintf
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- KeDelayExecutionThread
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ExGetPreviousMode
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- MmHighestUserAddress
- memcpy
- IoFreeMdl
- MmUnlockPages
- IoBuildAsynchronousFsdRequest
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- _purecall
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- RtlEqualUnicodeString
- IoFileObjectType
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- MmGetSystemRoutineAddress
- RtlCopyUnicodeString
- RtlCompareMemory
- _snwprintf
- RtlImageNtHeader
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlInitAnsiString
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- ObQueryNameString
- IoBuildDeviceIoControlRequest
- IofCompleteRequest
- ExEventObjectType
- _allmul
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- RtlUpperChar
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- IoDriverObjectType
- RtlAppendUnicodeStringToString
- strncmp
- NtQueryInformationProcess
- PsIsThreadTerminating
- KeAddSystemServiceTable
- ZwQueryObject
- ZwQuerySecurityObject
- ObInsertObject
- _allrem
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- RtlUpcaseUnicodeString
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- MmSystemRangeStart
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- wcsstr
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- RtlFreeAnsiString
- RtlUnicodeStringToAnsiString
- strncat
- wcschr
- wcsncat
- wcstombs
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- IoFreeIrp
- ExAcquireFastMutexUnsafe
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- mbstowcs
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- KeGetCurrentIrql
- ExAcquireFastMutex
- ExReleaseFastMutex
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z0@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKmLPC@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKmLPC@0
- _KmCallUm@8
- _KmCallUmEx@12
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilCleanFileReadOnly@4
- _UtilDeleteFileForce@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 79a2a585f9d1154213d9b83ef6b68ded
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e6d820afb23af20a65cf0b03247ea05e |
| ToBeSigned (TBS) SHA1 | 7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7 |
| ToBeSigned (TBS) SHA256 | 7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3 |
| ValidFrom | 2012-05-01 00:00:00 |
| ValidTo | 2012-12-31 23:59:59 |
| Signature | 1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 79a2a585f9d1154213d9b83ef6b68ded |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 4d6290e58c54f0f1eb17341a1310e6a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b7d8444a70054990435f35a5630df5e1 |
| ToBeSigned (TBS) SHA1 | 4678c6e4a8787a8e6ed2bce8792b122f6c08afd8 |
| ToBeSigned (TBS) SHA256 | 0a8b4b359ea7890b358e56e436e9cfc6f32b037b2599b597ca7f7a80d475ec98 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-09-30 00:00:00 |
| ValidTo | 2014-01-01 23:59:59 |
| Signature | aedd211d5f8f807ad25209eadb6ed25d8be8c21b6904be51a5010e59fa37d174a3eedced89742b62d5a6bf4fad361754f013e0a345d24c26cbe26da21fd01e7a070fb6b37b6f5068a2e931b3b7997d8070a0a7de0b1ea4fff34d811bdd20c91cc4afcff18ffad9da95f0ecdc5cbfe88c5a3e7ab0a3eb59437411e09b1a6af36f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4d6290e58c54f0f1eb17341a1310e6a4 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 6326c00ead256b6837eeb29b5ee84720
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 11b208a45459069f827186fe81c6badd |
| ToBeSigned (TBS) SHA1 | 456356986e8ecbb7b05e4617d37cb8cd69ce4969 |
| ToBeSigned (TBS) SHA256 | 4a0336d7ffa5db42ece4b342e1244f5c2bd0681827f68f847d99195c83740145 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=RD, CN=Trend Micro, Inc. |
| ValidFrom | 2011-12-27 00:00:00 |
| ValidTo | 2013-02-15 23:59:59 |
| Signature | 840ba0fc35187fe2edc7b17c101fd2bf035bbad8f3de048e250741e96a3f4ecee86f1f065ea76f2f8f430a13a75ff3eab29a8b11a13006d27bf3173fa49aabf9cef98fc4554f1732317c4b821c740eb58a91977d85e86574dd712718b15d24f7eb88b6d4520aef788478e1ef8cebd7fff06fadbc87ca6ca2b77da85be3c30b4d590bcb8945a0acfa013f89073933494d9c465c0036280a5af39f6802e60bd175a2603366dd935cb3458b1791411a06b6e5f38e3171de4238051c79b33117cb94674d0625c402bdfb0f99b80625dc0f827911c6c11263884a4e41d1abf60070ad46b7296e19e1cfcda7304a650d7a814319cc11e5a947e82b2d00a169e798b871 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 6326c00ead256b6837eeb29b5ee84720 |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- KeLeaveCriticalRegion
- wcsncpy
- KeEnterCriticalRegion
- ExAcquireFastMutexUnsafe
- wcsrchr
- ExAcquireResourceSharedLite
- ExReleaseResourceLite
- _purecall
- ZwOpenEvent
- RtlSubAuthoritySid
- RtlLengthRequiredSid
- ZwConnectPort
- ExAllocatePoolWithTag
- KeClearEvent
- PsProcessType
- ExFreePoolWithTag
- ExReleaseFastMutex
- ExAcquireFastMutex
- RtlCreateAcl
- RtlSetDaclSecurityDescriptor
- RtlInitUnicodeString
- KeSetEvent
- ProbeForWrite
- KeUnstackDetachProcess
- RtlAddAccessAllowedAce
- ZwRequestWaitReplyPort
- ZwWaitForSingleObject
- DbgBreakPoint
- ZwSetEvent
- IoGetCurrentProcess
- ZwFreeVirtualMemory
- ZwClose
- KeInitializeSemaphore
- KeWaitForSingleObject
- KeReleaseSemaphore
- RtlInitializeSid
- ObfReferenceObject
- ObfDereferenceObject
- RtlUnicodeStringToInteger
- ZwCreateSection
- ObOpenObjectByPointer
- KeStackAttachProcess
- RtlCreateSecurityDescriptor
- KePulseEvent
- ZwAllocateVirtualMemory
- PsThreadType
- PsGetProcessExitTime
- MmSectionObjectType
- DbgPrint
- ExDeleteResourceLite
- ExInitializeResourceLite
- ZwReadFile
- swprintf
- ZwSetInformationFile
- ZwCreateFile
- ZwQueryInformationFile
- ZwWriteFile
- _wcsnicmp
- towupper
- KeInitializeEvent
- ZwCreateEvent
- ZwCreateKey
- ZwNotifyChangeKey
- _snprintf
- ExSystemTimeToLocalTime
- _vsnprintf
- ObReferenceObjectByHandle
- RtlTimeToTimeFields
- PsGetCurrentThreadId
- PsGetCurrentProcessId
- MmIsAddressValid
- KeWaitForMultipleObjects
- KeSetPriorityThread
- PsCreateSystemThread
- PsTerminateSystemThread
- KeNumberProcessors
- PsLookupProcessByProcessId
- PsSetCreateProcessNotifyRoutine
- ZwOpenDirectoryObject
- KeDelayExecutionThread
- ZwQueryInformationProcess
- ExGetPreviousMode
- ExReleaseFastMutexUnsafe
- ZwQuerySystemInformation
- ZwQueryValueKey
- ZwOpenKey
- _stricmp
- _strnicmp
- mbstowcs
- ProbeForRead
- _snwprintf
- ZwQuerySymbolicLinkObject
- ZwMapViewOfSection
- MmGetSystemRoutineAddress
- RtlAppendUnicodeToString
- IoCreateFile
- RtlQueryRegistryValues
- RtlEqualUnicodeString
- MmBuildMdlForNonPagedPool
- ZwOpenSymbolicLinkObject
- IoFreeMdl
- RtlFreeUnicodeString
- IoFileObjectType
- ZwUnmapViewOfSection
- NtClose
- IoFreeIrp
- PsGetVersion
- IoAllocateIrp
- RtlCopyUnicodeString
- ZwOpenFile
- RtlImageNtHeader
- IoAllocateMdl
- IofCallDriver
- ZwQueryVolumeInformationFile
- ObQueryNameString
- ObReferenceObjectByPointer
- IoDeleteSymbolicLink
- IoDeleteDevice
- ExEventObjectType
- IofCompleteRequest
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- ObInsertObject
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- IoReleaseVpbSpinLock
- KeBugCheckEx
- IoCreateDevice
- ZwSetSecurityObject
- IoDeviceObjectType
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- RtlAbsoluteToSelfRelativeSD
- IoIsWdmVersionAvailable
- SeExports
- wcschr
- RtlLengthSid
- RtlGetSaclSecurityDescriptor
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- ZwSetValueKey
- ExAcquireResourceExclusiveLite
- __C_specific_handler
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QEAA@AEBV0@@Z
- ??0CAutoUpdateConfigThread@@QEAA@PEAU_UNICODE_STRING@@P6AX0PEAX@Z1@Z
- ??0CBlobConfig@@QEAA@AEBV0@@Z
- ??0CBlobConfig@@QEAA@K@Z
- ??0CContext@@QEAA@AEBV0@@Z
- ??0CContext@@QEAA@KP6AJPEAU_EVENT_REPORT@@PEAXPEAU_TMCE_REPORT@@PEAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QEAA@AEBV0@@Z
- ??0CContextList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QEAA@AEBV0@@Z
- ??0CDebugLog@@QEAA@PEBG@Z
- ??0CDelayLoadThread@@QEAA@AEBV0@@Z
- ??0CDelayLoadThread@@QEAA@XZ
- ??0CExclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CExclusionExtConfig@@QEAA@KKE@Z
- ??0CExclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFileNameConfig@@QEAA@KK@Z
- ??0CExclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFilePathConfig@@QEAA@KK@Z
- ??0CExclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFolderConfig@@QEAA@KK@Z
- ??0CExclusionRegistryConfig@@QEAA@AEBV0@@Z
- ??0CExclusionRegistryConfig@@QEAA@KK@Z
- ??0CFile@@QEAA@AEBV0@@Z
- ??0CFile@@QEAA@E@Z
- ??0CFileExtension@@QEAA@AEBV0@@Z
- ??0CFileExtension@@QEAA@KEEPEAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CInclusionExtConfig@@QEAA@KKE@Z
- ??0CInclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFileNameConfig@@QEAA@KK@Z
- ??0CInclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFilePathConfig@@QEAA@KK@Z
- ??0CInclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFolderConfig@@QEAA@KK@Z
- ??0CKEvent@@QEAA@AEBV0@@Z
- ??0CKEvent@@QEAA@W4_EVENT_TYPE@@E@Z
- ??0CList@@QEAA@AEBV0@@Z
- ??0CList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QEAA@AEBV0@@Z
- ??0CLockEvent@@QEAA@XZ
- ??0CLockList@@QEAA@AEBV0@@Z
- ??0CLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IEAA@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QEAA@AEBV0@@Z
- ??0CMemoryPoolAllocator@@IEAA@W4_POOL_TYPE@@_K1K@Z
- ??0CMemoryPoolAllocator@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@XZ
- ??0CModuleConfigList@@QEAA@AEBV0@@Z
- ??0CModuleConfigList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QEAA@AEBV0@@Z
- ??0CModuleFileExtConfig@@QEAA@KKE@Z
- ??0CModuleFlagConfig@@QEAA@AEBV0@@Z
- ??0CModuleFlagConfig@@QEAA@K@Z
- ??0CModuleMultiStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleMultiStringConfig@@QEAA@KK@Z
- ??0CModuleStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleStringConfig@@QEAA@K@Z
- ??0CNoLockList@@QEAA@AEBV0@@Z
- ??0CNoLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QEAA@AEAVCLockEvent@@@Z
- ??0CSmartLock@@QEAA@XZ
- ??0CSmartReference@@QEAA@AEAJ@Z
- ??0CSmartReference@@QEAA@AEAK@Z
- ??0CSmartResource@@QEAA@AEAVCResource@@E@Z
- ??0CStrList@@QEAA@AEBV0@@Z
- ??0CStrList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QEAA@AEBV0@@Z
- ??0CSystemThread@@QEAA@K@Z
- ??0CUserFuncAdapterJob@@QEAA@AEBV0@@Z
- ??0CUserFuncAdapterJob@@QEAA@P6AXPEAX@Z0@Z
- ??0CWorkerThread@@IEAA@PEAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@E@Z
- ??0CWorkerThreadJobQueue@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJobQueue@@QEAA@K@Z
- ??0CWorkerThreadPool@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPool@@QEAA@K@Z
- ??0IMemoryAllocator@@QEAA@AEBV0@@Z
- ??0IMemoryAllocator@@QEAA@XZ
- ??1CAutoUpdateConfigThread@@UEAA@XZ
- ??1CBlobConfig@@UEAA@XZ
- ??1CContext@@UEAA@XZ
- ??1CContextList@@UEAA@XZ
- ??1CDebugLog@@UEAA@XZ
- ??1CDelayLoadThread@@UEAA@XZ
- ??1CExclusionExtConfig@@UEAA@XZ
- ??1CExclusionFileNameConfig@@UEAA@XZ
- ??1CExclusionFilePathConfig@@UEAA@XZ
- ??1CExclusionFolderConfig@@UEAA@XZ
- ??1CExclusionRegistryConfig@@UEAA@XZ
- ??1CFile@@UEAA@XZ
- ??1CFileExtension@@UEAA@XZ
- ??1CInclusionExtConfig@@UEAA@XZ
- ??1CInclusionFileNameConfig@@UEAA@XZ
- ??1CInclusionFilePathConfig@@UEAA@XZ
- ??1CInclusionFolderConfig@@UEAA@XZ
- ??1CKEvent@@UEAA@XZ
- ??1CList@@UEAA@XZ
- ??1CLockEvent@@UEAA@XZ
- ??1CLockList@@UEAA@XZ
- ??1CMemoryAllocator@@UEAA@XZ
- ??1CMemoryPoolAllocator@@UEAA@XZ
- ??1CModuleConfig@@UEAA@XZ
- ??1CModuleConfigList@@UEAA@XZ
- ??1CModuleFileExtConfig@@UEAA@XZ
- ??1CModuleFlagConfig@@UEAA@XZ
- ??1CModuleMultiStringConfig@@UEAA@XZ
- ??1CModuleStringConfig@@UEAA@XZ
- ??1CNoLockList@@UEAA@XZ
- ??1CSmartLock@@QEAA@XZ
- ??1CSmartReference@@QEAA@XZ
- ??1CSmartResource@@QEAA@XZ
- ??1CStrList@@UEAA@XZ
- ??1CSystemThread@@UEAA@XZ
- ??1CUserFuncAdapterJob@@UEAA@XZ
- ??1CWorkerThread@@UEAA@XZ
- ??1CWorkerThreadJob@@UEAA@XZ
- ??1CWorkerThreadJobQueue@@UEAA@XZ
- ??1CWorkerThreadPool@@UEAA@XZ
- ??1IMemoryAllocator@@UEAA@XZ
- ??2@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??2CMemoryAllocator@@SAPEAX_K@Z
- ??2CMemoryPoolAllocator@@SAPEAX_K@Z
- ??3@YAXPEAX@Z
- ??3IMemoryAllocator@@SAXPEAX@Z
- ??4CAutoUpdateConfigThread@@QEAAAEAV0@AEBV0@@Z
- ??4CBlobConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CContext@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLog@@QEAAAEAV0@AEBV0@@Z
- ??4CDelayLoadThread@@QEAAAEAV0@AEBV0@@Z
- ??4CFile@@QEAAAEAV0@AEBV0@@Z
- ??4CKEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CLockEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryPoolAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleFlagConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleStringConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEBV0@AEAVCLockEvent@@@Z
- ??4CSmartResource@@QEAAAEAV0@AEBV0@@Z
- ??4CSystemThread@@QEAAAEAV0@AEBV0@@Z
- ??4CUserFuncAdapterJob@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThread@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThreadJob@@QEAAAEAV0@AEBV0@@Z
- ??4IMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QEAAXXZ
- ??_FCFile@@QEAAXXZ
- ??_FCFileExtension@@QEAAXXZ
- ??_FCModuleConfigList@@QEAAXXZ
- ??_FCStrList@@QEAAXXZ
- ??_FCSystemThread@@QEAAXXZ
- ??_FCWorkerThread@@QEAAXXZ
- ??_FCWorkerThreadJob@@QEAAXXZ
- ??_FCWorkerThreadJobQueue@@QEAAXXZ
- ??_U@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??_V@YAXPEAX@Z
- ?Acquire@CLockEvent@@QEAAXXZ
- ?Add@CContextList@@QEAAEPEAVCContext@@@Z
- ?Add@CFileExtension@@QEAAEPEBGK@Z
- ?Add@CModuleConfigList@@QEAAEPEAVCModuleConfig@@@Z
- ?Add@CStrList@@QEAAEPEBG@Z
- ?AddNode@CLockList@@UEAAEQEAXE@Z
- ?AddNode@CNoLockList@@UEAAEQEAXE@Z
- ?Alloc@CMemoryAllocator@@UEAAPEAX_KPEBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UEAAPEAX_KPEBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IEAAPEAX_K@Z
- ?AttachJobQueue@CWorkerThread@@QEAAXPEAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QEAAXXZ
- ?CheckNode@CLockList@@UEAAHQEAX@Z
- ?CheckNode@CNoLockList@@UEAAHQEAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QEAAXXZ
- ?Cleanup@CBlobConfig@@AEAAXXZ
- ?Cleanup@CModuleFileExtConfig@@IEAAXXZ
- ?Cleanup@CModuleMultiStringConfig@@IEAAXXZ
- ?Cleanup@CModuleStringConfig@@AEAAXXZ
- ?Close@CFile@@QEAAJXZ
- ?Count@CLockList@@QEAAKXZ
- ?Count@CNoLockList@@QEAAKXZ
- ?Create@CFile@@QEAAJPEBGKKKK@Z
- ?Create@CSystemThread@@QEAAEXZ
- ?CreateInstance@CMemoryAllocator@@SAPEAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SAPEAV1@W4_POOL_TYPE@@_K1K@Z
- ?CreatePool@CWorkerThreadPool@@QEAAEXZ
- ?CreateThreads@CWorkerThreadPool@@QEAAEK@Z
- ?CreateWIRP@CFile@@QEAAJPEBGKKKK@Z
- ?Delete@CFile@@QEAAJXZ
- ?Delete@CFileExtension@@QEAAEPEBGK@Z
- ?Delete@CStrList@@QEAAEPEBG@Z
- ?DeleteAll@CList@@UEAAXXZ
- ?DeleteAll@CLockList@@UEAAXXZ
- ?DeleteAll@CNoLockList@@UEAAXXZ
- ?DeleteNode@CContextList@@MEAAXPEAX@Z
- ?DeleteNode@CList@@UEAAXPEAX@Z
- ?DeleteNode@CModuleConfigList@@MEAAXPEAX@Z
- ?DeleteNode@CStrList@@EEAAXPEAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YAXPEAPEAX@Z
- ?DoIt@CWorkerThreadJob@@QEAAJXZ
- ?EntryPoint@CSystemThread@@KAXPEAX@Z
- ?Find@CContextList@@QEAAPEAVCContext@@K@Z
- ?Find@CContextList@@QEAAPEAVCContext@@PEAX@Z
- ?Find@CFileExtension@@QEAAPEAU_STR_LIST_NODE@CStrList@@PEBGK@Z
- ?Find@CModuleConfigList@@QEAAPEAVCModuleConfig@@K@Z
- ?Find@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FindNode@CContextList@@IEAAPEAXPEAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?First@CList@@UEAAPEAXXZ
- ?First@CLockList@@UEAAPEAXXZ
- ?First@CNoLockList@@UEAAPEAXXZ
- ?Free@CMemoryAllocator@@UEAAXPEAX@Z
- ?Free@CMemoryPoolAllocator@@UEAAXPEAX@Z
- ?GetAttributes@CFile@@QEAAKXZ
- ?GetBasicInfomration@CFile@@IEAAJXZ
- ?GetBlobCofig@CContext@@UEAAJKPEAXPEAK@Z
- ?GetCategory@CContext@@QEAAKXZ
- ?GetData@CBlobConfig@@QEAAHPEAXPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAPEAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QEAAKXZ
- ?GetData@CModuleMultiStringConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleMultiStringConfig@@QEAAPEAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QEAAPEAGXZ
- ?GetData@CStrList@@QEAAEPEAGPEAK@Z
- ?GetDataType@CModuleConfig@@QEAAKXZ
- ?GetEngineContext@CContext@@QEAAPEAXXZ
- ?GetFileExtensionConfig@CContext@@QEAAPEAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetFileSize@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UEAAJKPEAK@Z
- ?GetID@CModuleConfig@@QEAAKXZ
- ?GetJob@CWorkerThreadJobQueue@@QEAAPEAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QEAAKXZ
- ?GetLinkContext@CContext@@QEAAPEAXXZ
- ?GetLogFlag@CDebugLog@@QEAAKXZ
- ?GetModuleId@CModuleConfig@@QEAAKXZ
- ?GetMultiStringConfig@CContext@@QEAAPEAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QEAA_KXZ
- ?GetSize@CBlobConfig@@QEAAKXZ
- ?GetStringConfig@CContext@@QEAAPEAGK@Z
- ?GetStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QEAAKXZ
- ?GetThreadID@CSystemThread@@QEAA_KXZ
- ?GetType@CContext@@QEAAKXZ
- ?GetUserParameter@CContext@@QEAA_KXZ
- ?InitializeBlobConfig@CContext@@QEAAHKPEAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeFlagConfig@CContext@@QEAAHKK@Z
- ?InitializeMultiStringConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeStringConfig@CContext@@QEAAHKPEBG@Z
- ?Insert@CList@@UEAAXQEAXE@Z
- ?Insert@CLockList@@UEAAXQEAXE@Z
- ?Insert@CNoLockList@@UEAAXQEAXE@Z
- ?InsertAfter@CList@@UEAAXPEAX0@Z
- ?InsertBefore@CList@@UEAAXPEAX0@Z
- ?Instance@CWorkerThreadPool@@SAPEAV1@XZ
- ?IsEmpty@CList@@UEAAEXZ
- ?IsEmpty@CLockList@@UEAAEXZ
- ?IsEmpty@CNoLockList@@UEAAEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IEAAEK@Z
- ?IsFull@CLockList@@QEBAEXZ
- ?IsFull@CNoLockList@@QEBAEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QEAAEPEBG@Z
- ?IsOpened@CFile@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPool@@QEAAEXZ
- ?IsValid@CMemoryAllocator@@UEAAEXZ
- ?IsValid@CMemoryPoolAllocator@@UEAAEXZ
- ?IsValid@IMemoryAllocator@@UEAAEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QEAAE_K@Z
- ?JobFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?JobQueue@CWorkerThreadPool@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QEAAKXZ
- ?Limit@CNoLockList@@QEAAKXZ
- ?MatchAllExtensions@CFileExtension@@QEAAEXZ
- ?MatchNoExtensions@CFileExtension@@QEAAEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?NeedDelete@CWorkerThreadJob@@QEAAEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QEAAXE@Z
- ?NewNode@CList@@UEAAPEAXXZ
- ?NewNode@CStrList@@EEAAPEAXXZ
- ?NewNodeVariant@CList@@IEAAPEAXK@Z
- ?Next@CList@@UEBAPEAXQEAX@Z
- ?Next@CLockList@@UEBAPEAXQEAX@Z
- ?Next@CNoLockList@@UEBAPEAXQEAX@Z
- ?NextPool@CMemoryPoolAllocator@@QEAAPEAV1@XZ
- ?NotityTerminate@CWorkerThread@@QEAAXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QEAAJP6AXPEAX@Z0E@Z
- ?Pulse@CKEvent@@QEAAJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QEAAEPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SAPEAV1@XZ
- ?Read@CFile@@QEAAJPEADKPEAK@Z
- ?ReferenceCount@CContext@@QEAAAEAKXZ
- ?Release@CLockEvent@@QEAAXXZ
- ?Remove@CContextList@@UEAAEQEAX@Z
- ?Remove@CList@@UEAAEQEAX@Z
- ?Remove@CLockList@@UEAAEQEAX@Z
- ?Remove@CNoLockList@@UEAAEQEAX@Z
- ?RemoveHead@CList@@UEAAPEAXXZ
- ?RemoveHead@CLockList@@UEAAPEAXXZ
- ?RemoveHead@CNoLockList@@UEAAPEAXXZ
- ?RemoveTail@CList@@UEAAPEAXXZ
- ?RemoveTail@CLockList@@UEAAPEAXXZ
- ?RemoveTail@CNoLockList@@UEAAPEAXXZ
- ?Reset@CKEvent@@QEAAXXZ
- ?ResetData@CInclusionExtConfig@@QEAAXXZ
- ?ResetData@CInclusionFileNameConfig@@QEAAXXZ
- ?ResetData@CInclusionFilePathConfig@@QEAAXXZ
- ?ResetData@CInclusionFolderConfig@@QEAAXXZ
- ?RestoreCR0@@YAXPEAX@Z
- ?Run@CAutoUpdateConfigThread@@UEAAXXZ
- ?Run@CDelayLoadThread@@UEAAXXZ
- ?Run@CWorkerThread@@UEAAXXZ
- ?SeekToEnd@CFile@@QEAAJXZ
- ?Set@CKEvent@@QEAAJJE@Z
- ?SetAttributes@CFile@@QEAAJK@Z
- ?SetBlobCofig@CContext@@UEAAJKPEAXK@Z
- ?SetData@CBlobConfig@@QEAAHPEAXK@Z
- ?SetData@CModuleFileExtConfig@@QEAAHPEBG@Z
- ?SetData@CModuleFlagConfig@@QEAAHK@Z
- ?SetData@CModuleMultiStringConfig@@QEAAHPEBGK@Z
- ?SetData@CModuleStringConfig@@QEAAHPEBG@Z
- ?SetEngineContext@CContext@@QEAAXPEAX@Z
- ?SetFileExtensionConfig@CContext@@UEAAJKPEBG@Z
- ?SetFlagConfig@CContext@@UEAAJKK@Z
- ?SetLinkContext@CContext@@QEAAXPEAX@Z
- ?SetLogFlag@CDebugLog@@QEAAEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QEAAXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QEAAXE@Z
- ?SetMultiStringConfig@CContext@@UEAAJKPEBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QEAAXXZ
- ?SetPriority@CSystemThread@@QEAAXK@Z
- ?SetStopUse@CContext@@QEAAXXZ
- ?SetStringConfig@CContext@@UEAAJKPEBG@Z
- ?Setup@CSystemThread@@MEAAXXZ
- ?StopUse@CContext@@QEAAHXZ
- ?TearDown@CSystemThread@@MEAAXXZ
- ?Terminate@CSystemThread@@QEAAXE@Z
- ?Terminate@CWorkerThreadPool@@QEAAEXZ
- ?TmExceptionFilter@@YAJPEAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QEAAJPEAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QEAAXXZ
- ?WaitForInit@CDelayLoadThread@@QEAAEXZ
- ?WaitForLoad@CDelayLoadThread@@QEAAEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QEAAEXZ
- ?Write@CDebugLog@@QEAAXPEBDZZ
- ?Write@CFile@@QEAAJPEADKPEAT_LARGE_INTEGER@@PEAK@Z
- ?WriteSystemInformation@CDebugLog@@QEAAXXZ
- ?WriteSystemStringInformation@CDebugLog@@IEAAXPEBG@Z
- ?WriteToFile@CDebugLog@@IEAAXPEADK@Z
- ?_pNonPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?_pPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?m_lpInstance@CWorkerThreadPool@@1PEAV1@EA
- ?m_lpRCMInstance@CWorkerThreadPool@@1PEAV1@EA
- DeInitKmLPC
- GetModuleInfoByAddress
- GetModuleInfoByModuleName
- InitKmLPC
- KmCallUm
- KmCallUmEx
- ModGetExportProcAddress
- ModLoadDLLToBuffer
- ModLoadDLLToBufferWithImageSize
- ModLoadModule
- ModUnLoadModule
- NormalizeFileName
- NormalizeFullNtPathToDosName
- TmCommConfigRoutine
- UtilAddDeviceInDriveTable
- UtilDeleteFileForce
- UtilGetFileObjectForProcessByEPROC
- UtilGetFileObjectFromFileName
- UtilGetProcessName
- UtilGetSystemDirectory
- UtilGetSystemDirectoryEx
- UtilGetSystemDirectoryLength
- UtilGetSystemTime
- UtilIoSetFileInfo
- UtilIopCreateFileIRP
- UtilKeGetLowFileDevice
- UtilModuleIATHook
- UtilModuleIATUnHook
- UtilQueryKeyValue
- UtilRemoveDeviceFromDriveTable
- UtilVolumeDeviceToDosName
- UtilWaitValueChangeToZero
- UtilWriteVersionToRegistry
- UtilbuildDynamicDiskMappingTable
- UtlWriteBinValueKeyToRegistry
- _UtilDosPathNameToNtPathName
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 4191a15a3978dfcf496566381d4c75c2
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 41011f8d0e7c7a6408334ca387914c61 |
| ToBeSigned (TBS) SHA1 | c7fc1727f5b75a6421a1f95c73bbdb23580c48e5 |
| ToBeSigned (TBS) SHA256 | 88dd3952638ee82738c03168e6fd863fe4eab1059ee5e2926ad8cb587c255dc0 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)04, CN=VeriSign Class 3 Code Signing 2004 CA |
| ValidFrom | 2004-07-16 00:00:00 |
| ValidTo | 2014-07-15 23:59:59 |
| Signature | ae3a17b84a7b55fa6455ec40a4ed494190999c89bcaf2e1dca7823f91c190f7feb68bc32d98838dedc3fd389b43fb18296f1a45abaed2e26d3de7c016e000a00a4069211480940f91c1879672324e0bbd5e150ae1bf50edde02e81cd80a36c524f9175558aba22f2d2ea4175882f63557d1e545a9559cad93481c05f5ef67ab5 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4191a15a3978dfcf496566381d4c75c2 |
| Version | 3 |
Certificate 645212f783f4d7aba3555729e99ce065
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e00f0a38c65f7c0b9f19b97448d6a0e3 |
| ToBeSigned (TBS) SHA1 | 91c033a2f289418c4101654dceacef1b25bb55d0 |
| ToBeSigned (TBS) SHA256 | 38b3fcbdb734b0e3439f3c9a3c4c1712091f577d2b616d41224137faf7ba7c86 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=RD, CN=Trend Micro, Inc. |
| ValidFrom | 2008-01-16 00:00:00 |
| ValidTo | 2011-02-16 23:59:59 |
| Signature | 5a693868cea6ba49064b801a0d9e12887a37cbb92cca2950cc5e99c2df9aec5697422e67cd042836daf09a09e739f625255841fed1ec9657cb8b3edc08c55c302574cbdb3f7de2798ed769d766402619b48041f9d90f8c904488788412b1c632055e1afc4a5bbac642cb626bd20fece0feaa6cf9b287887788cf64586309a14a644b5f0595c0ddcb7d789831faedb48451e40e342da4ccbc38a5e992e57e7ce5328d531a8c68e61f9dc9be65605c1bedf3358579000b91a19b3be388bac36b58ca76b72358bd8e74e0a7b08b0587bb7a29758c01af40b80e8e72c76abd3a2babfe7c1ed6e7b1cd9b0221a605062b6d9d0ceb57e0eb305fdc5eb5bf6ea442f4c9 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 645212f783f4d7aba3555729e99ce065 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- KeEnterCriticalRegion
- KeGetCurrentThread
- KeLeaveCriticalRegion
- ExReleaseFastMutexUnsafe
- wcsncpy
- memcpy
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeInitializeSemaphore
- KeWaitForSingleObject
- DbgPrint
- KeReleaseSemaphore
- RtlSubAuthoritySid
- RtlInitializeSid
- ExAllocatePoolWithTag
- RtlLengthRequiredSid
- ExFreePoolWithTag
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- KeUnstackDetachProcess
- ZwRequestWaitReplyPort
- memmove
- KeStackAttachProcess
- ZwConnectPort
- RtlInitUnicodeString
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- ObfReferenceObject
- IoGetCurrentProcess
- memset
- MmIsAddressValid
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- PsGetCurrentThreadId
- _vsnprintf
- MmMapLockedPagesSpecifyCache
- MmBuildMdlForNonPagedPool
- MmCreateMdl
- MmUnmapLockedPages
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeNumberProcessors
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwOpenDirectoryObject
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ExGetPreviousMode
- ExAcquireFastMutexUnsafe
- ObOpenObjectByPointer
- PsProcessType
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- IoFreeIrp
- IoBuildAsynchronousFsdRequest
- ProbeForWrite
- _stricmp
- RtlImageNtHeader
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- KeDelayExecutionThread
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- RtlEqualUnicodeString
- IoFileObjectType
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- IoFreeMdl
- IoAllocateMdl
- PsGetVersion
- MmGetSystemRoutineAddress
- RtlCompareMemory
- RtlCopyUnicodeString
- KeBugCheckEx
- RtlAppendUnicodeStringToString
- IofCompleteRequest
- ExEventObjectType
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- ProbeForRead
- IoGetDeviceObjectPointer
- ExAllocatePool
- RtlUpperChar
- RtlCompareUnicodeString
- PsLookupProcessByProcessId
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObReferenceObjectByPointer
- MmSectionObjectType
- ObQueryNameString
- ObOpenObjectByName
- NtQueryInformationProcess
- _snwprintf
- RtlAnsiStringToUnicodeString
- KeAddSystemServiceTable
- ZwQueryObject
- ZwQuerySecurityObject
- ObInsertObject
- _allrem
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- KeTickCount
- RtlUnwind
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- wcschr
- RtlAbsoluteToSelfRelativeSD
- RtlFreeUnicodeString
- ZwTerminateProcess
- _purecall
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z0@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?InsertEx@CLockList@@UAEEQAXE@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBG@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKmLPC@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKmLPC@0
- _KmCallUm@8
- _MapMem@12
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UnMapMem@8
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetProcessName@12
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilQueryKeyValue@24
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 0de92bf0d4d82988183205095e9a7688
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 45c204b8a20f6abb0188d2d38a3fb0c9 |
| ToBeSigned (TBS) SHA1 | cdf3a3c5c2eda4c29621f30fd3154f9f8c765739 |
| ToBeSigned (TBS) SHA256 | e32839dddc0f4ed2474efaf37f59d46db400c700fd19533cb0895a111124bc77 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2008-12-03 23:59:59 |
| Signature | 877870da4e5201205be079c98230c4fdb91996bd9100c3bdcdcdc6f40ed8fff94dc033623011c5f5741bd492de5f9c2013b17c45be50cd83e7801783a72793671346fbcab8984103cc9b515b058b7fa86ff31b501b242ef2698d6c22f7bbca1695ed0c74c06877d9eb996287c17390f889747a23aba3987b97b1f78f29714d2e751b4841daf0b50d2054d677a097826369fd09cf8af075bb099bd9f91155269a6132be7a02b07b86bea2c38b222c78d13576bc92735cf9b9e64c150a23cce4d2d4342e4940153c0f607a24c6a566ef96cf70eb3ee7f40d7edcd17ca3767169c19c4f47303521b1a2af1a623c2bd98eaa2a077bd818b35c7be29da56ffe3c89ad |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0de92bf0d4d82988183205095e9a7688 |
| Version | 3 |
Certificate 4191a15a3978dfcf496566381d4c75c2
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 41011f8d0e7c7a6408334ca387914c61 |
| ToBeSigned (TBS) SHA1 | c7fc1727f5b75a6421a1f95c73bbdb23580c48e5 |
| ToBeSigned (TBS) SHA256 | 88dd3952638ee82738c03168e6fd863fe4eab1059ee5e2926ad8cb587c255dc0 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)04, CN=VeriSign Class 3 Code Signing 2004 CA |
| ValidFrom | 2004-07-16 00:00:00 |
| ValidTo | 2014-07-15 23:59:59 |
| Signature | ae3a17b84a7b55fa6455ec40a4ed494190999c89bcaf2e1dca7823f91c190f7feb68bc32d98838dedc3fd389b43fb18296f1a45abaed2e26d3de7c016e000a00a4069211480940f91c1879672324e0bbd5e150ae1bf50edde02e81cd80a36c524f9175558aba22f2d2ea4175882f63557d1e545a9559cad93481c05f5ef67ab5 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4191a15a3978dfcf496566381d4c75c2 |
| Version | 3 |
Certificate 681ce312057f03f206153b679ec06cb9
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 190c4a172b309e1a6c672bef0dc442a3 |
| ToBeSigned (TBS) SHA1 | 0ef8720411ec5275234f4db0aedb0415bf63a45f |
| ToBeSigned (TBS) SHA256 | dc9eb159ce2b994bb915ae48f8c38d16a54e1db0cc158ec9b0ff71041a1c73eb |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=RD, CN=Trend Micro, Inc. |
| ValidFrom | 2006-01-20 00:00:00 |
| ValidTo | 2007-02-14 23:59:59 |
| Signature | 1cac25cad86c51f4576b3418ffcb10db11a2c24511d265ae343a6ea1cbd451223028151c63d1d75b95464083978c405a14fba8d2a2832c631a4c627cba1c9a2e957c381e24aa49cde6d45788e3ad48f0525db52080a83c55fb558cab104f1a3f9fd24fd3b2875132c02e709bd81cb750bc0f498267b1c28f9187eb63f7ac8217947b0275175dab5b8b6b57f8f785e38a38e851a0ec096eab530b219e9e9c5c2460ac97d5977cc90ab4cd9fcfd02b79b4099f099fb81910c680ff181f6c9baaf33fb128b18ee7939f45e537191e2f202fc358aed24b37a0d669a024cdb8630c99390e248e2907c25e5c9ca75008e0f915cfd5388cc889e6335e85de06a5e7fe97 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 681ce312057f03f206153b679ec06cb9 |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- KeInitializeEvent
- _purecall
- ExAcquireFastMutexUnsafe
- KeEnterCriticalRegion
- KeGetCurrentThread
- KeLeaveCriticalRegion
- ExReleaseFastMutexUnsafe
- wcsncpy
- KeSetEvent
- KePulseEvent
- KeClearEvent
- IofCompleteRequest
- ZwClose
- KeDelayExecutionThread
- ObfDereferenceObject
- ObReferenceObjectByHandle
- ExEventObjectType
- ZwCreateEvent
- RtlInitUnicodeString
- swprintf
- KeQuerySystemTime
- KeWaitForSingleObject
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- RtlCopyUnicodeString
- ProbeForWrite
- ProbeForRead
- ExGetPreviousMode
- DbgPrint
- memset
- MmIsAddressValid
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- towupper
- _wcsnicmp
- memcpy
- sprintf
- PsGetCurrentProcessId
- IoGetCurrentProcess
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- ZwCreateKey
- KeWaitForMultipleObjects
- ZwNotifyChangeKey
- PsGetCurrentThreadId
- vsprintf
- MmMapLockedPagesSpecifyCache
- MmBuildMdlForNonPagedPool
- MmCreateMdl
- ExFreePoolWithTag
- MmUnmapLockedPages
- ExAllocatePoolWithTag
- RtlImageNtHeader
- mbstowcs
- _stricmp
- ZwQuerySystemInformation
- IoGetDeviceObjectPointer
- KeServiceDescriptorTable
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeNumberProcessors
- ZwQueryDirectoryFile
- ZwOpenDirectoryObject
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ZwQueryKey
- ZwSetValueKey
- ZwQuerySecurityObject
- ObInsertObject
- IoFileObjectType
- _allrem
- PsLookupProcessByProcessId
- strncpy
- NtOpenProcess
- ObOpenObjectByPointer
- PsProcessType
- ObReferenceObjectByPointer
- KeUnstackDetachProcess
- MmSectionObjectType
- KeStackAttachProcess
- ObQueryNameString
- ObOpenObjectByName
- RtlAppendUnicodeStringToString
- NtQueryInformationProcess
- RtlAnsiStringToUnicodeString
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- RtlEqualUnicodeString
- IoCreateFile
- IoFreeIrp
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- IofCallDriver
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- IoAllocateIrp
- IoFreeMdl
- IoAllocateMdl
- PsGetVersion
- MmGetSystemRoutineAddress
- KeTickCount
- KeBugCheckEx
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- RtlUnwind
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- _snwprintf
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlAddAccessAllowedAce
- RtlLengthSid
- wcschr
- RtlAbsoluteToSelfRelativeSD
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlFreeUnicodeString
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GXPAU_TMCE_EVENT_REPORT@@PAX@Z1@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@K@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@K@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z0@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CModuleFileExtConfig@@AAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@AAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetCategory@CContext@@QAEKXZ
- ?GetCatetory@CModuleConfig@@QAEKXZ
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEHKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEHKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEHKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEHKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetType@CModuleConfig@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBG@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetFileExtensionConfig@CContext@@UAEHKPBG@Z
- ?SetFlagConfig@CContext@@UAEHKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEHKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEHKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _MapMem@12
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadModule@8
- _ModUnLoadModule@4
- _TmCommConfigRoutine@4
- _UnMapMem@8
- _UtilGetProcessName@8
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilQueryKeyValue@24
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 4191a15a3978dfcf496566381d4c75c2
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 41011f8d0e7c7a6408334ca387914c61 |
| ToBeSigned (TBS) SHA1 | c7fc1727f5b75a6421a1f95c73bbdb23580c48e5 |
| ToBeSigned (TBS) SHA256 | 88dd3952638ee82738c03168e6fd863fe4eab1059ee5e2926ad8cb587c255dc0 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)04, CN=VeriSign Class 3 Code Signing 2004 CA |
| ValidFrom | 2004-07-16 00:00:00 |
| ValidTo | 2014-07-15 23:59:59 |
| Signature | ae3a17b84a7b55fa6455ec40a4ed494190999c89bcaf2e1dca7823f91c190f7feb68bc32d98838dedc3fd389b43fb18296f1a45abaed2e26d3de7c016e000a00a4069211480940f91c1879672324e0bbd5e150ae1bf50edde02e81cd80a36c524f9175558aba22f2d2ea4175882f63557d1e545a9559cad93481c05f5ef67ab5 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4191a15a3978dfcf496566381d4c75c2 |
| Version | 3 |
Certificate 645212f783f4d7aba3555729e99ce065
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e00f0a38c65f7c0b9f19b97448d6a0e3 |
| ToBeSigned (TBS) SHA1 | 91c033a2f289418c4101654dceacef1b25bb55d0 |
| ToBeSigned (TBS) SHA256 | 38b3fcbdb734b0e3439f3c9a3c4c1712091f577d2b616d41224137faf7ba7c86 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=RD, CN=Trend Micro, Inc. |
| ValidFrom | 2008-01-16 00:00:00 |
| ValidTo | 2011-02-16 23:59:59 |
| Signature | 5a693868cea6ba49064b801a0d9e12887a37cbb92cca2950cc5e99c2df9aec5697422e67cd042836daf09a09e739f625255841fed1ec9657cb8b3edc08c55c302574cbdb3f7de2798ed769d766402619b48041f9d90f8c904488788412b1c632055e1afc4a5bbac642cb626bd20fece0feaa6cf9b287887788cf64586309a14a644b5f0595c0ddcb7d789831faedb48451e40e342da4ccbc38a5e992e57e7ce5328d531a8c68e61f9dc9be65605c1bedf3358579000b91a19b3be388bac36b58ca76b72358bd8e74e0a7b08b0587bb7a29758c01af40b80e8e72c76abd3a2babfe7c1ed6e7b1cd9b0221a605062b6d9d0ceb57e0eb305fdc5eb5bf6ea442f4c9 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 645212f783f4d7aba3555729e99ce065 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- KeEnterCriticalRegion
- KeGetCurrentThread
- KeLeaveCriticalRegion
- ExReleaseFastMutexUnsafe
- wcsncpy
- memcpy
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- IofCompleteRequest
- ZwClose
- KeDelayExecutionThread
- ObfDereferenceObject
- ObReferenceObjectByHandle
- ExEventObjectType
- ZwCreateEvent
- RtlInitUnicodeString
- swprintf
- KeQuerySystemTime
- KeWaitForSingleObject
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- DbgPrint
- RtlCopyUnicodeString
- ProbeForWrite
- ProbeForRead
- ExGetPreviousMode
- memset
- MmIsAddressValid
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- towupper
- _wcsnicmp
- _snprintf
- PsGetCurrentProcessId
- IoGetCurrentProcess
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- ZwCreateKey
- KeInitializeEvent
- KeWaitForMultipleObjects
- ZwNotifyChangeKey
- PsGetCurrentThreadId
- _vsnprintf
- MmMapLockedPagesSpecifyCache
- MmBuildMdlForNonPagedPool
- MmCreateMdl
- ExFreePoolWithTag
- MmUnmapLockedPages
- ExAllocatePoolWithTag
- RtlImageNtHeader
- mbstowcs
- _stricmp
- ZwQuerySystemInformation
- IoGetDeviceObjectPointer
- KeServiceDescriptorTable
- KeAddSystemServiceTable
- _strnicmp
- PsLookupProcessByProcessId
- KeUnstackDetachProcess
- KeStackAttachProcess
- ZwQueryObject
- ZwDuplicateObject
- ZwOpenProcess
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeNumberProcessors
- ZwQueryDirectoryFile
- ZwOpenDirectoryObject
- ZwQueryDirectoryObject
- IoFreeIrp
- IoFreeMdl
- IofCallDriver
- ExAcquireFastMutexUnsafe
- IoAllocateIrp
- IoFileObjectType
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ZwQueryKey
- ZwSetValueKey
- ZwQuerySecurityObject
- ObInsertObject
- _allrem
- strncpy
- NtOpenProcess
- ObOpenObjectByPointer
- PsProcessType
- ObReferenceObjectByPointer
- MmSectionObjectType
- ObQueryNameString
- ObOpenObjectByName
- RtlAppendUnicodeStringToString
- ObfReferenceObject
- NtQueryInformationProcess
- _snwprintf
- RtlAnsiStringToUnicodeString
- IoBuildAsynchronousFsdRequest
- KeBugCheckEx
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- RtlEqualUnicodeString
- IoCreateFile
- PsGetVersion
- MmGetSystemRoutineAddress
- RtlCompareMemory
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- KeInitializeSemaphore
- KeReleaseSemaphore
- RtlSubAuthoritySid
- RtlInitializeSid
- RtlLengthRequiredSid
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- ZwSetEvent
- ZwRequestWaitReplyPort
- memmove
- ZwConnectPort
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- ExAllocatePool
- RtlUpperChar
- RtlCompareUnicodeString
- KeTickCount
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- RtlUnwind
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- wcschr
- RtlAbsoluteToSelfRelativeSD
- RtlFreeUnicodeString
- IoAllocateMdl
- _purecall
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z0@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBG@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKmLPC@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKmLPC@0
- _KmCallUm@8
- _MapMem@12
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadModule@8
- _ModUnLoadModule@4
- _TmCommConfigRoutine@4
- _UnMapMem@8
- _UtilGetProcessName@12
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilQueryKeyValue@24
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 7e93ebfb7cc64e59ea4b9a77d406fc3b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d0785ad36e427c92b19f6826ab1e8020 |
| ToBeSigned (TBS) SHA1 | 365b7a9c21bd9373e49052c3e7b3e4646ddd4d43 |
| ToBeSigned (TBS) SHA256 | c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2 |
| ValidFrom | 2012-12-21 00:00:00 |
| ValidTo | 2020-12-30 23:59:59 |
| Signature | 03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 7e93ebfb7cc64e59ea4b9a77d406fc3b |
| Version | 3 |
Certificate 0ecff438c8febf356e04d86a981b1a50
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e9d38360b914c8863f6cba3ee58764d3 |
| ToBeSigned (TBS) SHA1 | 4cba8eae47b6bf76f20b3504b98b8f062694a89b |
| ToBeSigned (TBS) SHA256 | 88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4 |
| ValidFrom | 2012-10-18 00:00:00 |
| ValidTo | 2020-12-29 23:59:59 |
| Signature | 783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0ecff438c8febf356e04d86a981b1a50 |
| Version | 3 |
Certificate 497c4fad471540e6e453d0cafb155740
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78eaa337666217b1c16a9a0ebd0b8434 |
| ToBeSigned (TBS) SHA1 | ff9cb835e78f6185eed4372096c3bae53b17d18d |
| ToBeSigned (TBS) SHA256 | 1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2017-04-27 00:00:00 |
| ValidTo | 2018-07-16 23:59:59 |
| Signature | f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 497c4fad471540e6e453d0cafb155740 |
| Version | 3 |
Certificate 611993e400000000001c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78a717e082dcc1cda3458d917e677d14 |
| ToBeSigned (TBS) SHA1 | 4a872e0e51f9b304469cd1dedb496ee9b8b983a4 |
| ToBeSigned (TBS) SHA256 | 317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2011-02-22 19:25:17 |
| ValidTo | 2021-02-22 19:35:17 |
| Signature | 812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 611993e400000000001c |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- CLASSPNP.SYS
- HAL.dll
Imported Functions
Expand
- ExAcquireFastMutexUnsafe
- ExReleaseFastMutexUnsafe
- ProbeForRead
- ProbeForWrite
- ExAcquireResourceSharedLite
- ExAcquireResourceExclusiveLite
- ExReleaseResourceLite
- MmProbeAndLockPages
- MmUnlockPages
- MmMapLockedPagesSpecifyCache
- IoAllocateMdl
- IoFreeMdl
- IoGetCurrentProcess
- ObfReferenceObject
- ObfDereferenceObject
- ZwClose
- ZwCreateSection
- ZwOpenSection
- ZwMapViewOfSection
- ZwUnmapViewOfSection
- ZwOpenEvent
- KePulseEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObOpenObjectByPointer
- ZwAllocateVirtualMemory
- ZwFreeVirtualMemory
- ZwSetEvent
- _allmul
- memcpy
- memset
- PsProcessType
- wcsncpy
- wcsrchr
- RtlUnicodeStringToInteger
- ZwWaitForSingleObject
- ZwRequestWaitReplyPort
- ZwConnectPort
- _stricmp
- ExAllocatePoolWithTag
- MmIsAddressValid
- RtlImageNtHeader
- ZwQuerySystemInformation
- swprintf
- RtlCopyUnicodeString
- DbgPrint
- KeDelayExecutionThread
- KeQuerySystemTime
- IofCompleteRequest
- IoCreateSymbolicLink
- IoDeleteDevice
- IoDeleteSymbolicLink
- ObReferenceObjectByHandle
- PsGetCurrentProcessId
- ZwCreateEvent
- ExEventObjectType
- PsThreadType
- MmSectionObjectType
- SeCaptureSubjectContext
- SeReleaseSubjectContext
- SeAccessCheck
- ObGetObjectSecurity
- ObReleaseObjectSecurity
- PsGetProcessExitTime
- RtlCreateSecurityDescriptor
- RtlSetDaclSecurityDescriptor
- KeInitializeSemaphore
- KeReleaseSemaphore
- RtlCreateAcl
- RtlAddAccessAllowedAce
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- ExGetPreviousMode
- _wcsnicmp
- PsSetCreateProcessNotifyRoutine
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwCreateFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwReadFile
- ZwWriteFile
- towupper
- MmGetSystemRoutineAddress
- ObReferenceObjectByPointer
- ObQueryNameString
- MmHighestUserAddress
- PsGetVersion
- _snprintf
- _vsnprintf
- RtlInitAnsiString
- RtlAnsiStringToUnicodeString
- RtlFreeUnicodeString
- RtlTimeToTimeFields
- KeWaitForMultipleObjects
- ExSystemTimeToLocalTime
- ExFreePoolWithTag
- PsGetCurrentThreadId
- ZwDeviceIoControlFile
- ZwNotifyChangeKey
- ZwOpenFile
- ZwQueryVolumeInformationFile
- mbstowcs
- IoGetDeviceObjectPointer
- _strnicmp
- RtlCompareUnicodeString
- RtlCompareMemory
- MmBuildMdlForNonPagedPool
- IoAllocateIrp
- IofCallDriver
- IoFreeIrp
- RtlUpperChar
- ObReferenceObjectByName
- IoFileObjectType
- IoDriverObjectType
- IoBuildDeviceIoControlRequest
- IoCreateFile
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlUpcaseUnicodeChar
- _snwprintf
- strncpy
- NtOpenProcess
- NtQueryInformationProcess
- PsIsThreadTerminating
- ObOpenObjectByName
- KeServiceDescriptorTable
- KeAddSystemServiceTable
- KeSetPriorityThread
- PsCreateSystemThread
- PsTerminateSystemThread
- KeNumberProcessors
- RtlLengthSecurityDescriptor
- ZwOpenKey
- ZwDeleteKey
- ZwDeleteValueKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryKey
- ZwQueryValueKey
- ZwSetValueKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwQuerySecurityObject
- ZwSetSecurityObject
- ZwQueryDirectoryObject
- ZwQueryDirectoryFile
- _allrem
- RtlAppendUnicodeToString
- ZwFsControlFile
- ObInsertObject
- strrchr
- wcschr
- wcsncmp
- RtlQueryRegistryValues
- IoBuildAsynchronousFsdRequest
- ZwOpenSymbolicLinkObject
- ZwQuerySymbolicLinkObject
- RtlUpcaseUnicodeString
- NtClose
- ZwSetInformationObject
- SeQueryAuthenticationIdToken
- MmSystemRangeStart
- IoGetFileObjectGenericMapping
- ObCreateObject
- SeCreateAccessState
- IoAcquireVpbSpinLock
- IoReleaseVpbSpinLock
- wcstombs
- strncat
- wcsncat
- RtlUnicodeStringToAnsiString
- RtlFreeAnsiString
- wcsstr
- ExAllocatePool
- ExInterlockedPopEntrySList
- IoBuildSynchronousFsdRequest
- IoGetStackLimits
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- IoUnregisterPlugPlayNotification
- IoGetConfigurationInformation
- FsRtlIsNameInExpression
- RtlUnwind
- IoDeviceObjectType
- IoCreateDevice
- RtlGetOwnerSecurityDescriptor
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- SeCaptureSecurityDescriptor
- RtlLengthSid
- SeExports
- IoIsWdmVersionAvailable
- RtlAbsoluteToSelfRelativeSD
- KeWaitForSingleObject
- KeLeaveCriticalRegion
- KeBugCheckEx
- KeEnterCriticalRegion
- KeSetEvent
- KeClearEvent
- KeInitializeEvent
- RtlInitUnicodeString
- KeGetCurrentThread
- memmove
- ZwCreateKey
- _purecall
- ClassInitialize
- KeRaiseIrqlToDpcLevel
- KfAcquireSpinLock
- KeGetCurrentIrql
- ExReleaseFastMutex
- ExAcquireFastMutex
- KfLowerIrql
- KfRaiseIrql
- KfReleaseSpinLock
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDebugLogEx@@QAE@ABV0@@Z
- ??0CDebugLogEx@@QAE@K@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z01@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0CWorkerThreadPoolEx@@QAE@ABV0@@Z
- ??0CWorkerThreadPoolEx@@QAE@KK@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDebugLogEx@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1CWorkerThreadPoolEx@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3@YAXPAXI@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDebugLogEx@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MAEXXZ
- ?FinishIt@CWorkerThreadJob@@QAEJXZ
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetLogFlag@CDebugLogEx@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitProcMon@CDebugLogEx@@IAEXXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QAEJP6GXPAX@Z0E1@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReadWIRP@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetLogFlag@CDebugLogEx@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?Terminate@CWorkerThreadPoolEx@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QAEXXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CDebugLogEx@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteDataToFile@CDebugLogEx@@IAEXPADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IAEXPAD@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemInformation@CDebugLogEx@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IAEXPAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _AllocFullFileName@8
- _DeInitKm2UmCommunication@0
- _DeInitKmLPC@0
- _DuplicateFullFileName@4
- _FreeFullFileName@4
- _GetKm2UmMode@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKm2UmCommunication@8
- _InitKmLPC@0
- _IsVerifierCodeCheckFlagOn@0
- _IsWindows8_1_update@4
- _KmCallUm@8
- _KmCallUmByLPC@8
- _KmCallUmEx@12
- _KmCleanupCommPortAPIs@0
- _KmGetUmInitProcess@0
- _KmSetBackupCommPortAPIs@4
- _KmSetCommPortAPIs@4
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilAddReparsePointMapping@8
- _UtilCleanFileReadOnly@4
- _UtilCloseExclusiveHandle@12
- _UtilCreateDosFileName@8
- _UtilDeleteFileForce@4
- _UtilGetDeviceObjectName@8
- _UtilGetFileNameFromFileObject@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilPostJobToWorkerThread@12
- _UtilQueryExclusiveHandle@12
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- _ValidateAddressWithSize@20
- __ResetProtectFromClose@4
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 7e93ebfb7cc64e59ea4b9a77d406fc3b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d0785ad36e427c92b19f6826ab1e8020 |
| ToBeSigned (TBS) SHA1 | 365b7a9c21bd9373e49052c3e7b3e4646ddd4d43 |
| ToBeSigned (TBS) SHA256 | c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2 |
| ValidFrom | 2012-12-21 00:00:00 |
| ValidTo | 2020-12-30 23:59:59 |
| Signature | 03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 7e93ebfb7cc64e59ea4b9a77d406fc3b |
| Version | 3 |
Certificate 0ecff438c8febf356e04d86a981b1a50
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e9d38360b914c8863f6cba3ee58764d3 |
| ToBeSigned (TBS) SHA1 | 4cba8eae47b6bf76f20b3504b98b8f062694a89b |
| ToBeSigned (TBS) SHA256 | 88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4 |
| ValidFrom | 2012-10-18 00:00:00 |
| ValidTo | 2020-12-29 23:59:59 |
| Signature | 783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0ecff438c8febf356e04d86a981b1a50 |
| Version | 3 |
Certificate 497c4fad471540e6e453d0cafb155740
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78eaa337666217b1c16a9a0ebd0b8434 |
| ToBeSigned (TBS) SHA1 | ff9cb835e78f6185eed4372096c3bae53b17d18d |
| ToBeSigned (TBS) SHA256 | 1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2017-04-27 00:00:00 |
| ValidTo | 2018-07-16 23:59:59 |
| Signature | f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 497c4fad471540e6e453d0cafb155740 |
| Version | 3 |
Certificate 611993e400000000001c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78a717e082dcc1cda3458d917e677d14 |
| ToBeSigned (TBS) SHA1 | 4a872e0e51f9b304469cd1dedb496ee9b8b983a4 |
| ToBeSigned (TBS) SHA256 | 317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2011-02-22 19:25:17 |
| ValidTo | 2021-02-22 19:35:17 |
| Signature | 812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 611993e400000000001c |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- RtlInitUnicodeString
- KeInitializeEvent
- KeClearEvent
- KeSetEvent
- KeEnterCriticalRegion
- KeLeaveCriticalRegion
- KeWaitForSingleObject
- ExFreePoolWithTag
- ExAcquireFastMutexUnsafe
- ExReleaseFastMutexUnsafe
- ProbeForRead
- ProbeForWrite
- ExAcquireResourceSharedLite
- ExAcquireResourceExclusiveLite
- ExReleaseResourceLite
- MmProbeAndLockPages
- MmUnlockPages
- MmMapLockedPagesSpecifyCache
- IoAllocateMdl
- IoFreeMdl
- IoGetCurrentProcess
- ObfReferenceObject
- ObfDereferenceObject
- ZwClose
- ZwCreateSection
- ZwOpenSection
- ZwMapViewOfSection
- ZwUnmapViewOfSection
- ZwOpenEvent
- KePulseEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObOpenObjectByPointer
- ZwAllocateVirtualMemory
- ZwFreeVirtualMemory
- ZwSetEvent
- __C_specific_handler
- PsProcessType
- wcslen
- wcsncpy
- wcsrchr
- RtlUnicodeStringToInteger
- ZwWaitForSingleObject
- ZwRequestWaitReplyPort
- ZwConnectPort
- _stricmp
- ExAllocatePoolWithTag
- MmIsAddressValid
- RtlImageNtHeader
- ZwQuerySystemInformation
- SeCaptureSubjectContext
- SeReleaseSubjectContext
- SeAccessCheck
- ObGetObjectSecurity
- ObReleaseObjectSecurity
- PsGetProcessExitTime
- PsThreadType
- MmSectionObjectType
- RtlCreateSecurityDescriptor
- RtlSetDaclSecurityDescriptor
- KeInitializeSemaphore
- KeReleaseSemaphore
- ExAcquireFastMutex
- ExReleaseFastMutex
- RtlCreateAcl
- RtlAddAccessAllowedAce
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- KeDelayExecutionThread
- ExGetPreviousMode
- DbgPrint
- swprintf
- RtlCopyUnicodeString
- IofCompleteRequest
- IoCreateSymbolicLink
- IoDeleteDevice
- IoDeleteSymbolicLink
- ObReferenceObjectByHandle
- PsGetCurrentProcessId
- ZwCreateEvent
- ExEventObjectType
- _wcsnicmp
- PsSetCreateProcessNotifyRoutine
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwCreateFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwReadFile
- ZwWriteFile
- towupper
- MmGetSystemRoutineAddress
- ObReferenceObjectByPointer
- PsGetCurrentThreadId
- ObQueryNameString
- PsGetVersion
- _snprintf
- _vsnprintf
- RtlInitAnsiString
- wcscat
- RtlFreeUnicodeString
- RtlTimeToTimeFields
- KeWaitForMultipleObjects
- ExSystemTimeToLocalTime
- ZwCreateKey
- ZwDeviceIoControlFile
- ZwNotifyChangeKey
- ZwOpenFile
- ZwQueryVolumeInformationFile
- mbstowcs
- IoGetDeviceObjectPointer
- IoBuildDeviceIoControlRequest
- IofCallDriver
- IoCreateFile
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlUpcaseUnicodeChar
- _snwprintf
- strlen
- _strnicmp
- strncpy
- NtOpenProcess
- NtQueryInformationProcess
- ObOpenObjectByName
- KeSetPriorityThread
- PsCreateSystemThread
- PsTerminateSystemThread
- KeNumberProcessors
- RtlLengthSecurityDescriptor
- ZwOpenKey
- ZwDeleteKey
- ZwDeleteValueKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryKey
- ZwQueryValueKey
- ZwSetValueKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwDuplicateObject
- ZwQuerySecurityObject
- ZwSetSecurityObject
- ZwQueryDirectoryObject
- ZwQueryDirectoryFile
- NtCreateFile
- NtQueryInformationFile
- NtSetInformationFile
- IoFileObjectType
- ObInsertObject
- wcschr
- wcsncmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- RtlCompareMemory
- MmBuildMdlForNonPagedPool
- IoAllocateIrp
- IoFreeIrp
- ZwOpenSymbolicLinkObject
- ZwQuerySymbolicLinkObject
- RtlUpcaseUnicodeString
- NtClose
- ZwSetInformationObject
- SeQueryAuthenticationIdToken
- MmSystemRangeStart
- IoGetFileObjectGenericMapping
- ObCreateObject
- SeCreateAccessState
- IoAcquireVpbSpinLock
- IoReleaseVpbSpinLock
- wcstombs
- strncat
- wcsncat
- RtlUnicodeStringToAnsiString
- RtlFreeAnsiString
- strcpy
- wcsstr
- RtlCompareUnicodeString
- DbgPrintEx
- KeAcquireSpinLockRaiseToDpc
- KeReleaseSpinLock
- ExAllocatePool
- ExpInterlockedPopEntrySList
- IoBuildSynchronousFsdRequest
- IoGetStackLimits
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- IoUnregisterPlugPlayNotification
- IoGetConfigurationInformation
- FsRtlIsNameInExpression
- IoDeviceObjectType
- IoCreateDevice
- RtlGetOwnerSecurityDescriptor
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- SeCaptureSecurityDescriptor
- RtlLengthSid
- SeExports
- IoIsWdmVersionAvailable
- RtlAbsoluteToSelfRelativeSD
- RtlAnsiStringToUnicodeString
- _purecall
- KeBugCheckEx
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QEAA@AEBV0@@Z
- ??0CAutoUpdateConfigThread@@QEAA@PEAU_UNICODE_STRING@@P6AX0PEAX@Z1@Z
- ??0CBlobConfig@@QEAA@AEBV0@@Z
- ??0CBlobConfig@@QEAA@K@Z
- ??0CContext@@QEAA@AEBV0@@Z
- ??0CContext@@QEAA@KP6AJPEAU_EVENT_REPORT@@PEAXPEAU_TMCE_REPORT@@PEAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QEAA@AEBV0@@Z
- ??0CContextList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QEAA@AEBV0@@Z
- ??0CDebugLog@@QEAA@PEBG@Z
- ??0CDebugLogEx@@QEAA@AEBV0@@Z
- ??0CDebugLogEx@@QEAA@K@Z
- ??0CDelayLoadThread@@QEAA@AEBV0@@Z
- ??0CDelayLoadThread@@QEAA@XZ
- ??0CExclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CExclusionExtConfig@@QEAA@KKE@Z
- ??0CExclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFileNameConfig@@QEAA@KK@Z
- ??0CExclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFilePathConfig@@QEAA@KK@Z
- ??0CExclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFolderConfig@@QEAA@KK@Z
- ??0CExclusionRegistryConfig@@QEAA@AEBV0@@Z
- ??0CExclusionRegistryConfig@@QEAA@KK@Z
- ??0CFile@@QEAA@AEBV0@@Z
- ??0CFile@@QEAA@E@Z
- ??0CFileExtension@@QEAA@AEBV0@@Z
- ??0CFileExtension@@QEAA@KEEPEAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CInclusionExtConfig@@QEAA@KKE@Z
- ??0CInclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFileNameConfig@@QEAA@KK@Z
- ??0CInclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFilePathConfig@@QEAA@KK@Z
- ??0CInclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFolderConfig@@QEAA@KK@Z
- ??0CKEvent@@QEAA@AEBV0@@Z
- ??0CKEvent@@QEAA@W4_EVENT_TYPE@@E@Z
- ??0CList@@QEAA@AEBV0@@Z
- ??0CList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QEAA@AEBV0@@Z
- ??0CLockEvent@@QEAA@XZ
- ??0CLockList@@QEAA@AEBV0@@Z
- ??0CLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IEAA@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QEAA@AEBV0@@Z
- ??0CMemoryPoolAllocator@@IEAA@W4_POOL_TYPE@@_K1K@Z
- ??0CMemoryPoolAllocator@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@XZ
- ??0CModuleConfigList@@QEAA@AEBV0@@Z
- ??0CModuleConfigList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QEAA@AEBV0@@Z
- ??0CModuleFileExtConfig@@QEAA@KKE@Z
- ??0CModuleFlagConfig@@QEAA@AEBV0@@Z
- ??0CModuleFlagConfig@@QEAA@K@Z
- ??0CModuleMultiStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleMultiStringConfig@@QEAA@KK@Z
- ??0CModuleStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleStringConfig@@QEAA@K@Z
- ??0CNoLockList@@QEAA@AEBV0@@Z
- ??0CNoLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QEAA@AEAVCLockEvent@@@Z
- ??0CSmartLock@@QEAA@XZ
- ??0CSmartReference@@QEAA@AEAJ@Z
- ??0CSmartReference@@QEAA@AEAK@Z
- ??0CSmartResource@@QEAA@AEAVCResource@@E@Z
- ??0CStrList@@QEAA@AEBV0@@Z
- ??0CStrList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QEAA@AEBV0@@Z
- ??0CSystemThread@@QEAA@K@Z
- ??0CUserFuncAdapterJob@@QEAA@AEBV0@@Z
- ??0CUserFuncAdapterJob@@QEAA@P6AXPEAX@Z01@Z
- ??0CWorkerThread@@IEAA@PEAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@E@Z
- ??0CWorkerThreadJobQueue@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJobQueue@@QEAA@K@Z
- ??0CWorkerThreadPool@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPool@@QEAA@K@Z
- ??0CWorkerThreadPoolEx@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPoolEx@@QEAA@KK@Z
- ??0IMemoryAllocator@@QEAA@AEBV0@@Z
- ??0IMemoryAllocator@@QEAA@XZ
- ??1CAutoUpdateConfigThread@@UEAA@XZ
- ??1CBlobConfig@@UEAA@XZ
- ??1CContext@@UEAA@XZ
- ??1CContextList@@UEAA@XZ
- ??1CDebugLog@@UEAA@XZ
- ??1CDebugLogEx@@UEAA@XZ
- ??1CDelayLoadThread@@UEAA@XZ
- ??1CExclusionExtConfig@@UEAA@XZ
- ??1CExclusionFileNameConfig@@UEAA@XZ
- ??1CExclusionFilePathConfig@@UEAA@XZ
- ??1CExclusionFolderConfig@@UEAA@XZ
- ??1CExclusionRegistryConfig@@UEAA@XZ
- ??1CFile@@UEAA@XZ
- ??1CFileExtension@@UEAA@XZ
- ??1CInclusionExtConfig@@UEAA@XZ
- ??1CInclusionFileNameConfig@@UEAA@XZ
- ??1CInclusionFilePathConfig@@UEAA@XZ
- ??1CInclusionFolderConfig@@UEAA@XZ
- ??1CKEvent@@UEAA@XZ
- ??1CList@@UEAA@XZ
- ??1CLockEvent@@UEAA@XZ
- ??1CLockList@@UEAA@XZ
- ??1CMemoryAllocator@@UEAA@XZ
- ??1CMemoryPoolAllocator@@UEAA@XZ
- ??1CModuleConfig@@UEAA@XZ
- ??1CModuleConfigList@@UEAA@XZ
- ??1CModuleFileExtConfig@@UEAA@XZ
- ??1CModuleFlagConfig@@UEAA@XZ
- ??1CModuleMultiStringConfig@@UEAA@XZ
- ??1CModuleStringConfig@@UEAA@XZ
- ??1CNoLockList@@UEAA@XZ
- ??1CSmartLock@@QEAA@XZ
- ??1CSmartReference@@QEAA@XZ
- ??1CSmartResource@@QEAA@XZ
- ??1CStrList@@UEAA@XZ
- ??1CSystemThread@@UEAA@XZ
- ??1CUserFuncAdapterJob@@UEAA@XZ
- ??1CWorkerThread@@UEAA@XZ
- ??1CWorkerThreadJob@@UEAA@XZ
- ??1CWorkerThreadJobQueue@@UEAA@XZ
- ??1CWorkerThreadPool@@UEAA@XZ
- ??1CWorkerThreadPoolEx@@UEAA@XZ
- ??1IMemoryAllocator@@UEAA@XZ
- ??2@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??2CMemoryAllocator@@SAPEAX_K@Z
- ??2CMemoryPoolAllocator@@SAPEAX_K@Z
- ??3@YAXPEAX@Z
- ??3@YAXPEAX_K@Z
- ??3IMemoryAllocator@@SAXPEAX@Z
- ??4CAutoUpdateConfigThread@@QEAAAEAV0@AEBV0@@Z
- ??4CBlobConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CContext@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLog@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLogEx@@QEAAAEAV0@AEBV0@@Z
- ??4CDelayLoadThread@@QEAAAEAV0@AEBV0@@Z
- ??4CFile@@QEAAAEAV0@AEBV0@@Z
- ??4CKEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CLockEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryPoolAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleFlagConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleStringConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEBV0@AEAVCLockEvent@@@Z
- ??4CSmartResource@@QEAAAEAV0@AEBV0@@Z
- ??4CSystemThread@@QEAAAEAV0@AEBV0@@Z
- ??4CUserFuncAdapterJob@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThread@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThreadJob@@QEAAAEAV0@AEBV0@@Z
- ??4IMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QEAAXXZ
- ??_FCFile@@QEAAXXZ
- ??_FCFileExtension@@QEAAXXZ
- ??_FCModuleConfigList@@QEAAXXZ
- ??_FCStrList@@QEAAXXZ
- ??_FCSystemThread@@QEAAXXZ
- ??_FCWorkerThread@@QEAAXXZ
- ??_FCWorkerThreadJob@@QEAAXXZ
- ??_FCWorkerThreadJobQueue@@QEAAXXZ
- ??_U@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??_V@YAXPEAX@Z
- ??_V@YAXPEAX_K@Z
- ?Acquire@CLockEvent@@QEAAXXZ
- ?Add@CContextList@@QEAAEPEAVCContext@@@Z
- ?Add@CFileExtension@@QEAAEPEBGK@Z
- ?Add@CModuleConfigList@@QEAAEPEAVCModuleConfig@@@Z
- ?Add@CStrList@@QEAAEPEBG@Z
- ?AddNode@CLockList@@UEAAEQEAXE@Z
- ?AddNode@CNoLockList@@UEAAEQEAXE@Z
- ?Alloc@CMemoryAllocator@@UEAAPEAX_KPEBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UEAAPEAX_KPEBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IEAAPEAX_K@Z
- ?AttachJobQueue@CWorkerThread@@QEAAXPEAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QEAAXXZ
- ?CheckNode@CLockList@@UEAAHQEAX@Z
- ?CheckNode@CNoLockList@@UEAAHQEAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QEAAXXZ
- ?Cleanup@CBlobConfig@@AEAAXXZ
- ?Cleanup@CModuleFileExtConfig@@IEAAXXZ
- ?Cleanup@CModuleMultiStringConfig@@IEAAXXZ
- ?Cleanup@CModuleStringConfig@@AEAAXXZ
- ?Close@CFile@@QEAAJXZ
- ?Count@CLockList@@QEAAKXZ
- ?Count@CNoLockList@@QEAAKXZ
- ?Create@CFile@@QEAAJPEBGKKKK@Z
- ?Create@CSystemThread@@QEAAEXZ
- ?CreateInstance@CMemoryAllocator@@SAPEAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SAPEAV1@W4_POOL_TYPE@@_K1K@Z
- ?CreatePool@CWorkerThreadPool@@QEAAEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QEAAEXZ
- ?CreateThreads@CWorkerThreadPool@@QEAAEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QEAAEK@Z
- ?CreateWIRP@CFile@@QEAAJPEBGKKKK@Z
- ?Delete@CFile@@QEAAJXZ
- ?Delete@CFileExtension@@QEAAEPEBGK@Z
- ?Delete@CStrList@@QEAAEPEBG@Z
- ?DeleteAll@CList@@UEAAXXZ
- ?DeleteAll@CLockList@@UEAAXXZ
- ?DeleteAll@CNoLockList@@UEAAXXZ
- ?DeleteNode@CContextList@@MEAAXPEAX@Z
- ?DeleteNode@CList@@UEAAXPEAX@Z
- ?DeleteNode@CModuleConfigList@@MEAAXPEAX@Z
- ?DeleteNode@CStrList@@EEAAXPEAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YAXPEAPEAX@Z
- ?DoIt@CWorkerThreadJob@@QEAAJXZ
- ?EntryPoint@CSystemThread@@KAXPEAX@Z
- ?Find@CContextList@@QEAAPEAVCContext@@K@Z
- ?Find@CContextList@@QEAAPEAVCContext@@PEAX@Z
- ?Find@CFileExtension@@QEAAPEAU_STR_LIST_NODE@CStrList@@PEBGK@Z
- ?Find@CModuleConfigList@@QEAAPEAVCModuleConfig@@K@Z
- ?Find@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FindNode@CContextList@@IEAAPEAXPEAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?FinishIt@CWorkerThreadJob@@QEAAJXZ
- ?First@CList@@UEAAPEAXXZ
- ?First@CLockList@@UEAAPEAXXZ
- ?First@CNoLockList@@UEAAPEAXXZ
- ?Free@CMemoryAllocator@@UEAAXPEAX@Z
- ?Free@CMemoryPoolAllocator@@UEAAXPEAX@Z
- ?GetAttributes@CFile@@QEAAKXZ
- ?GetBasicInfomration@CFile@@IEAAJXZ
- ?GetBlobCofig@CContext@@UEAAJKPEAXPEAK@Z
- ?GetCategory@CContext@@QEAAKXZ
- ?GetData@CBlobConfig@@QEAAHPEAXPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAPEAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QEAAKXZ
- ?GetData@CModuleMultiStringConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleMultiStringConfig@@QEAAPEAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QEAAPEAGXZ
- ?GetData@CStrList@@QEAAEPEAGPEAK@Z
- ?GetDataType@CModuleConfig@@QEAAKXZ
- ?GetEngineContext@CContext@@QEAAPEAXXZ
- ?GetFileExtensionConfig@CContext@@QEAAPEAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetFileSize@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UEAAJKPEAK@Z
- ?GetID@CModuleConfig@@QEAAKXZ
- ?GetJob@CWorkerThreadJobQueue@@QEAAPEAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QEAAKXZ
- ?GetLinkContext@CContext@@QEAAPEAXXZ
- ?GetLogFlag@CDebugLog@@QEAAKXZ
- ?GetLogFlag@CDebugLogEx@@QEAAKXZ
- ?GetModuleId@CModuleConfig@@QEAAKXZ
- ?GetMultiStringConfig@CContext@@QEAAPEAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QEAA_KXZ
- ?GetSize@CBlobConfig@@QEAAKXZ
- ?GetStringConfig@CContext@@QEAAPEAGK@Z
- ?GetStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QEAAKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QEAAKXZ
- ?GetThreadID@CSystemThread@@QEAA_KXZ
- ?GetType@CContext@@QEAAKXZ
- ?GetUserParameter@CContext@@QEAA_KXZ
- ?InitProcMon@CDebugLogEx@@IEAAXXZ
- ?InitializeBlobConfig@CContext@@QEAAHKPEAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeFlagConfig@CContext@@QEAAHKK@Z
- ?InitializeMultiStringConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeStringConfig@CContext@@QEAAHKPEBG@Z
- ?Insert@CList@@UEAAXQEAXE@Z
- ?Insert@CLockList@@UEAAXQEAXE@Z
- ?Insert@CNoLockList@@UEAAXQEAXE@Z
- ?InsertAfter@CList@@UEAAXPEAX0@Z
- ?InsertBefore@CList@@UEAAXPEAX0@Z
- ?Instance@CWorkerThreadPool@@SAPEAV1@XZ
- ?IsEmpty@CList@@UEAAEXZ
- ?IsEmpty@CLockList@@UEAAEXZ
- ?IsEmpty@CNoLockList@@UEAAEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IEAAEK@Z
- ?IsFull@CLockList@@QEBAEXZ
- ?IsFull@CNoLockList@@QEBAEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QEAAEPEBG@Z
- ?IsOpened@CFile@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPool@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QEAAEXZ
- ?IsValid@CMemoryAllocator@@UEAAEXZ
- ?IsValid@CMemoryPoolAllocator@@UEAAEXZ
- ?IsValid@IMemoryAllocator@@UEAAEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QEAAE_K@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QEAAE_K@Z
- ?JobFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?JobQueue@CWorkerThreadPool@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QEAAKXZ
- ?Limit@CNoLockList@@QEAAKXZ
- ?MatchAllExtensions@CFileExtension@@QEAAEXZ
- ?MatchNoExtensions@CFileExtension@@QEAAEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?NeedDelete@CWorkerThreadJob@@QEAAEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QEAAXE@Z
- ?NewNode@CList@@UEAAPEAXXZ
- ?NewNode@CStrList@@EEAAPEAXXZ
- ?NewNodeVariant@CList@@IEAAPEAXK@Z
- ?Next@CList@@UEBAPEAXQEAX@Z
- ?Next@CLockList@@UEBAPEAXQEAX@Z
- ?Next@CNoLockList@@UEBAPEAXQEAX@Z
- ?NextPool@CMemoryPoolAllocator@@QEAAPEAV1@XZ
- ?NotityTerminate@CWorkerThread@@QEAAXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QEAAJP6AXPEAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QEAAJP6AXPEAX@Z0E1@Z
- ?Pulse@CKEvent@@QEAAJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QEAAEPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SAPEAV1@XZ
- ?Read@CFile@@QEAAJPEADKPEAK@Z
- ?ReadWIRP@CFile@@QEAAJPEADKPEAK@Z
- ?ReferenceCount@CContext@@QEAAAEAKXZ
- ?Release@CLockEvent@@QEAAXXZ
- ?Remove@CContextList@@UEAAEQEAX@Z
- ?Remove@CList@@UEAAEQEAX@Z
- ?Remove@CLockList@@UEAAEQEAX@Z
- ?Remove@CNoLockList@@UEAAEQEAX@Z
- ?RemoveHead@CList@@UEAAPEAXXZ
- ?RemoveHead@CLockList@@UEAAPEAXXZ
- ?RemoveHead@CNoLockList@@UEAAPEAXXZ
- ?RemoveTail@CList@@UEAAPEAXXZ
- ?RemoveTail@CLockList@@UEAAPEAXXZ
- ?RemoveTail@CNoLockList@@UEAAPEAXXZ
- ?Reset@CKEvent@@QEAAXXZ
- ?ResetData@CInclusionExtConfig@@QEAAXXZ
- ?ResetData@CInclusionFileNameConfig@@QEAAXXZ
- ?ResetData@CInclusionFilePathConfig@@QEAAXXZ
- ?ResetData@CInclusionFolderConfig@@QEAAXXZ
- ?RestoreCR0@@YAXPEAX@Z
- ?Run@CAutoUpdateConfigThread@@UEAAXXZ
- ?Run@CDelayLoadThread@@UEAAXXZ
- ?Run@CWorkerThread@@UEAAXXZ
- ?SeekToEnd@CFile@@QEAAJXZ
- ?Set@CKEvent@@QEAAJJE@Z
- ?SetAttributes@CFile@@QEAAJK@Z
- ?SetBlobCofig@CContext@@UEAAJKPEAXK@Z
- ?SetData@CBlobConfig@@QEAAHPEAXK@Z
- ?SetData@CModuleFileExtConfig@@QEAAHPEBG@Z
- ?SetData@CModuleFlagConfig@@QEAAHK@Z
- ?SetData@CModuleMultiStringConfig@@QEAAHPEBGK@Z
- ?SetData@CModuleStringConfig@@QEAAHPEBG@Z
- ?SetEngineContext@CContext@@QEAAXPEAX@Z
- ?SetFileExtensionConfig@CContext@@UEAAJKPEBG@Z
- ?SetFlagConfig@CContext@@UEAAJKK@Z
- ?SetLinkContext@CContext@@QEAAXPEAX@Z
- ?SetLogFlag@CDebugLog@@QEAAEK@Z
- ?SetLogFlag@CDebugLogEx@@QEAAEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QEAAXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QEAAXE@Z
- ?SetMultiStringConfig@CContext@@UEAAJKPEBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QEAAXXZ
- ?SetPriority@CSystemThread@@QEAAXK@Z
- ?SetStopUse@CContext@@QEAAXXZ
- ?SetStringConfig@CContext@@UEAAJKPEBG@Z
- ?Setup@CSystemThread@@MEAAXXZ
- ?StopUse@CContext@@QEAAHXZ
- ?TearDown@CSystemThread@@MEAAXXZ
- ?Terminate@CSystemThread@@QEAAXE@Z
- ?Terminate@CWorkerThreadPool@@QEAAEXZ
- ?Terminate@CWorkerThreadPoolEx@@QEAAEXZ
- ?TmExceptionFilter@@YAJPEAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QEAAJPEAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QEAAXXZ
- ?WaitForInit@CDelayLoadThread@@QEAAEXZ
- ?WaitForLoad@CDelayLoadThread@@QEAAEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QEAAEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QEAAXXZ
- ?Write@CDebugLog@@QEAAXPEBDZZ
- ?Write@CDebugLogEx@@QEAAXPEBDZZ
- ?Write@CFile@@QEAAJPEADKPEAT_LARGE_INTEGER@@PEAK@Z
- ?WriteDataToFile@CDebugLogEx@@IEAAXPEADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IEAAXPEAD@Z
- ?WriteSystemInformation@CDebugLog@@QEAAXXZ
- ?WriteSystemInformation@CDebugLogEx@@QEAAXXZ
- ?WriteSystemStringInformation@CDebugLog@@IEAAXPEBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IEAAXPEBG@Z
- ?WriteToFile@CDebugLog@@IEAAXPEADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IEAAXPEAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?_pPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?m_lpInstance@CWorkerThreadPool@@1PEAV1@EA
- ?m_lpRCMInstance@CWorkerThreadPool@@1PEAV1@EA
- AllocFullFileName
- DeInitKm2UmCommunication
- DeInitKmLPC
- DuplicateFullFileName
- FreeFullFileName
- GetKm2UmMode
- GetModuleInfoByAddress
- GetModuleInfoByModuleName
- InitKm2UmCommunication
- InitKmLPC
- IsVerifierCodeCheckFlagOn
- IsWindows8_1_update
- KmCallUm
- KmCallUmByLPC
- KmCallUmEx
- KmCleanupCommPortAPIs
- KmGetUmInitProcess
- KmSetBackupCommPortAPIs
- KmSetCommPortAPIs
- ModGetExportProcAddress
- ModLoadDLLToBuffer
- ModLoadDLLToBufferWithImageSize
- ModLoadModule
- ModUnLoadModule
- NormalizeFileName
- NormalizeFullNtPathToDosName
- TmCommConfigRoutine
- UtilAddDeviceInDriveTable
- UtilAddReparsePointMapping
- UtilCleanFileReadOnly
- UtilCloseExclusiveHandle
- UtilCreateDosFileName
- UtilDeleteFileForce
- UtilGetDeviceObjectName
- UtilGetFileNameFromFileObject
- UtilGetFileObjectForProcessByEPROC
- UtilGetFileObjectFromFileName
- UtilGetProcessName
- UtilGetSystemDirectory
- UtilGetSystemDirectoryEx
- UtilGetSystemDirectoryLength
- UtilGetSystemTime
- UtilIoSetFileInfo
- UtilIopCreateFileIRP
- UtilKeGetLowFileDevice
- UtilModuleIATHook
- UtilModuleIATUnHook
- UtilPostJobToWorkerThread
- UtilQueryExclusiveHandle
- UtilQueryKeyValue
- UtilRemoveDeviceFromDriveTable
- UtilVolumeDeviceToDosName
- UtilWaitValueChangeToZero
- UtilWriteVersionToRegistry
- UtilbuildDynamicDiskMappingTable
- UtlWriteBinValueKeyToRegistry
- ValidateAddressWithSize
- _ResetProtectFromClose
- _UtilDosPathNameToNtPathName
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- .gfids
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 0ea0fe4dfb74cc64bc32143103c27c8b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e93e004baa6013b41135ac0648e29d5b |
| ToBeSigned (TBS) SHA1 | dc91e26674d4b627319c700d3ebb1a6cf83d358e |
| ToBeSigned (TBS) SHA256 | 0d20335edb166a303411548471bee6f301c8b4f7f7e453d09c15303de2c888d7 |
| Subject | C=TW, L=Taipei, O=Trend Micro, Inc., OU=Taipei, TW, CN=Trend Micro, Inc. |
| ValidFrom | 2019-07-12 00:00:00 |
| ValidTo | 2020-07-10 12:00:00 |
| Signature | 5c08ae5d586a4751195382d6889dc2fc500e7c39c641e1a58def8d923e12b754e2cc35720cc8d3d29382980debf7d98fcc17d764187126dd07c134fdbb96dd44fe8a40195df6f6acd1881fa5ba2921dadceb3f64422344672834813916bbdf317533cf6aaf3317d78197d7d6c560ad681de135f39e2d4ad345b7fe491162660a5462c6075fd725382df1e6e6bc3a4c443be778f79b07f181082e38150ca28ab932f99e4bc4185dc5b3b6edf22c187fdfd84e23a21e7da1989837f43b89aa172e6b34dbcb297bffd511a1d1c100b25e0e921f622a0845e23317f9fec83659ca21c241800683e0dd66ce4d042a8aefc4142b5923a6fa93ee72c48e8dc04c13b4b0 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0ea0fe4dfb74cc64bc32143103c27c8b |
| Version | 3 |
Certificate 61204db4000000000027
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 8e3ffc222fbcebdbb8b23115ab259be7 |
| ToBeSigned (TBS) SHA1 | ee20bff28ffe13be731c294c90d6ded5aae0ec0e |
| ToBeSigned (TBS) SHA256 | 59826b69bc8c28118c96323b627da59aaca0b142cc5d8bad25a8fcfd399aa821 |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA |
| ValidFrom | 2011-04-15 19:45:33 |
| ValidTo | 2021-04-15 19:55:33 |
| Signature | 208cc159ed6f9c6b2dc14a3e751d454c41501cbd80ead9b0928b062a133f53169e56396a8a63b6782479f57db8b947a10a96c2f6cbbda2669f06e1acd279090efd3cdcac020c70af3f1bec787ed4eb4b056026d973619121edb06863e09712ab6fa012edd99fd2da273cb3e456f9d1d4810f71bd427ca689dccdd5bd95a2abf193117de8ac3129a85d6670419dfc75c9d5b31a392ad08505508bac91cac493cb71a59da4946f580cfa6e20c40831b5859d7e81f9d23dca5b18856c0a86ec22091ba574344f7f28bc954aab1db698b05d09a477767eefa78e5d84f61824cbd16da6c3a19cc2107580ff9d32fde6cf433a82f7ce8fe1722a9b62b75fed951a395c2f946d48b7015f332fbbdc2d73348904420a1c8b79f9a3fa17effaa11a10dfe0b2c195eb5c0c05973b353e18884ddb6cbf24898dc8bdd89f7b393a24a0d5dfd1f34a1a97f6a66f7a1fb090a9b3ac013991d361b764f13e573803afce7ad2b590f5aedc3999d5b63c97eda6cb16c77d6b2a4c9094e64c54fd1ecd20ecce689c8758e96160beeb0ec9d5197d9fe978bd0eac2175078fa96ee08c6a2a6b9ce3e765bcbc2d3c6ddc04dc67453632af0481bca8006e614c95c55cd48e8e9f2fc13274bdbd11650307cdefb75e0257da86d41a2834af8849b2cfa5dd82566f68aa14e25954feffeaeeefea9270226081e32523c09fcc0f49b235aa58c33ac3d9169410 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 61204db4000000000027 |
| Version | 3 |
Certificate 03019a023aff58b16bd6d5eae617f066
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | a752afee44f017e8d74e3f3eb7914ae3 |
| ToBeSigned (TBS) SHA1 | 8eca80a6b80e9c69dcef7745748524afb8019e2d |
| ToBeSigned (TBS) SHA256 | 82560fa7efec30b5ff82af643e6f3bf3d46868bbd5e7d76f93db185e9e3553a1 |
| Subject | C=US, O=DigiCert, CN=DigiCert Timestamp Responder |
| ValidFrom | 2014-10-22 00:00:00 |
| ValidTo | 2024-10-22 00:00:00 |
| Signature | 9d257e1b334db226815c9b86ce23200f8087e588ffffb1d46a2c31ed3a17197117cda91bbc5a1639009de36c84e45a40fbde06018c37fa9bb19d247efe20a457ad5bb79ab06026ea6957215d342f1f71b0839419056b359010a07b97c7f63fe7e21141a6bd62d9f0273d381d286f3a5209f0ec7062d3624bb0e073a692c0d38e31d82fe36d171306eee403b614abf38f43a7719d21dd14ca155d9241daf90f81d199740d26c40e7f1bb5f5a0f1c677062815e9d893e55516f0bb0aab1cdb5c482766c8a38b0a1ce595daaec42e59a061dddaf36da261e98a0b6dec1218bdf755544003922b6bc251c20a48afb0d46ee0f4140a3a1be38f3dcaaf6a8d7bdcd844 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 03019a023aff58b16bd6d5eae617f066 |
| Version | 3 |
Certificate 02c4d1e58a4a680c568da3047e7e4d5f
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 829995f702421dea833a24fb2c7f4442 |
| ToBeSigned (TBS) SHA1 | 1d7e838accd498c2e5ba9373af819ec097bb955c |
| ToBeSigned (TBS) SHA256 | 92914d016cc46e125e50c4bd0bd7f72db87eed4ba68f3c589b4e86aa563108db |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance Code Signing CA,1 |
| ValidFrom | 2011-02-11 12:00:00 |
| ValidTo | 2026-02-10 12:00:00 |
| Signature | 49eb7c60beaeefc97cb3c5ba4b64df1669e286fa29d9de98857d406626332f4455aaaa90e935700a34bed3ae542e8e6500d67a32203e6c26b898a939b1bc95c7aae9f5ee4666c6b3e812f8b3979dff74588234997550ac448fe892ce7d8b0f3196c7dcd31130987416c6e56b4576a39401cd33007a48f66f8631c9562b3322d5f801b644ce8cb4ca88d2e416e3e7f6e23ee109c09d7943437f555c05ad9310c62c0d6bc09eea78e5d277d6b8da9a987fba4c922b9dbda488b1ddafc34cd2979b03c6ae5f1b440f333715e3cbff2f56d316a45b55679da2cadb346c0c734ab57ba4b6b3e935027870ec007acbfc4b4f2236bb1484c98f91dd0f3c758cca0b88e7 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 02c4d1e58a4a680c568da3047e7e4d5f |
| Version | 3 |
Certificate 06fdf9039603adea000aeb3f27bbba1b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 4e5ad189638cf52ba9cd881d4d44668c |
| ToBeSigned (TBS) SHA1 | cdc115e98d798b33904c820d63cc1e1afc19251d |
| ToBeSigned (TBS) SHA256 | 37560fb9d548ab62cc3ed4669a4ab74828b5a108e67e829937ffb2d10a5f78dd |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID CA,1 |
| ValidFrom | 2006-11-10 00:00:00 |
| ValidTo | 2021-11-10 00:00:00 |
| Signature | 46503ec9b72824a7381db65b29af52cf52e93147ab565c7bd50d0b41b3efec751f7438f2b25c61a29c95c350e482b923d1ba3a8672ad3878ac755d1717347247859456d1ebbb368477cc24a5f3041955a9e7e3e7ab62cdfb8b2d90c2c0d2b594bd5e4fb105d20e3d1aa9145ba6863162a8a833e49b39a7c4f5ce1d7876942573e42aabcf9c764bed5fc24b16e44b704c00891efcc579bc4c1257fe5fe11ebc025da8fefb07384f0dc65d91b90f6745cdd683ede7920d8db1698c4ffb59e0230fd2aaae007cee9c420ecf91d727b716ee0fc3bd7c0aa0ee2c08558522b8eb181a4dfc2a21ad49318347957771dcb11b4b4b1c109c7714c19d4f2f5a9508291026 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 06fdf9039603adea000aeb3f27bbba1b |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- KePulseEvent
- KeClearEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- IoGetCurrentProcess
- ObfReferenceObject
- DbgBreakPoint
- ZwRequestWaitReplyPort
- ExFreePoolWithTag
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- PsGetProcessExitTime
- MmSectionObjectType
- PsThreadType
- MmGetSystemRoutineAddress
- ObReleaseObjectSecurity
- SeReleaseSubjectContext
- SeAccessCheck
- SeCaptureSubjectContext
- ObGetObjectSecurity
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- ExAllocatePoolWithTag
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- PsGetCurrentThreadId
- RtlInitAnsiString
- ZwDeviceIoControlFile
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- _vsnprintf
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- ExGetPreviousMode
- KeWaitForSingleObject
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeDelayExecutionThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- IoFileObjectType
- KeSetEvent
- ZwQuerySecurityObject
- ZwSetSecurityObject
- RtlLengthSecurityDescriptor
- MmHighestUserAddress
- IoFreeIrp
- _purecall
- MmUnlockPages
- IoBuildAsynchronousFsdRequest
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ObQueryNameString
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- RtlImageNtHeader
- RtlCompareMemory
- RtlUpcaseUnicodeString
- _snwprintf
- MmSystemRangeStart
- wcsncmp
- RtlCompareUnicodeString
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- _allmul
- KeReleaseSemaphore
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- KeInitializeSemaphore
- IoGetDeviceObjectPointer
- IofCompleteRequest
- ExEventObjectType
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- RtlUpperChar
- ObReferenceObjectByName
- IoDriverObjectType
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- NtQueryInformationProcess
- PsIsThreadTerminating
- KeAddSystemServiceTable
- ZwQueryObject
- ZwFsControlFile
- ObInsertObject
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- wcsstr
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- wcschr
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsrchr
- memcpy
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- _allrem
- ExAcquireFastMutexUnsafe
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- IoFreeMdl
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- KeAcquireQueuedSpinLock
- KeReleaseQueuedSpinLock
- ExAcquireFastMutex
- ExReleaseFastMutex
- KeGetCurrentIrql
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDebugLogEx@@QAE@ABV0@@Z
- ??0CDebugLogEx@@QAE@K@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z01@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0CWorkerThreadPoolEx@@QAE@ABV0@@Z
- ??0CWorkerThreadPoolEx@@QAE@KK@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDebugLogEx@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1CWorkerThreadPoolEx@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDebugLogEx@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MAEXXZ
- ?FinishIt@CWorkerThreadJob@@QAEJXZ
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetLogFlag@CDebugLogEx@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitProcMon@CDebugLogEx@@IAEXXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QAEJP6GXPAX@Z0E1@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReadWIRP@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetLogFlag@CDebugLogEx@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?Terminate@CWorkerThreadPoolEx@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QAEXXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CDebugLogEx@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteDataToFile@CDebugLogEx@@IAEXPADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IAEXPAD@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemInformation@CDebugLogEx@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IAEXPAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKm2UmCommunication@0
- _DeInitKmLPC@0
- _DuplicateFullFileName@4
- _FreeFullFileName@4
- _GetFileVersionOfNtoskrnl@16
- _GetKm2UmMode@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKm2UmCommunication@8
- _InitKmLPC@0
- _IsWindows8_1_update@4
- _KmCallUm@8
- _KmCallUmByLPC@8
- _KmCallUmEx@12
- _KmCleanupCommPortAPIs@0
- _KmGetUmInitProcess@0
- _KmSetCommPortAPIs@4
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilAddReparsePointMapping@8
- _UtilCleanFileReadOnly@4
- _UtilCloseExclusiveHandle@12
- _UtilCreateDosFileName@8
- _UtilDeleteFileForce@4
- _UtilGetDeviceObjectName@8
- _UtilGetFileNameFromFileObject@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilPostJobToWorkerThread@12
- _UtilQueryExclusiveHandle@12
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- _ValidateAddressWithSize@20
- __ResetProtectFromClose@4
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 4191a15a3978dfcf496566381d4c75c2
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 41011f8d0e7c7a6408334ca387914c61 |
| ToBeSigned (TBS) SHA1 | c7fc1727f5b75a6421a1f95c73bbdb23580c48e5 |
| ToBeSigned (TBS) SHA256 | 88dd3952638ee82738c03168e6fd863fe4eab1059ee5e2926ad8cb587c255dc0 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)04, CN=VeriSign Class 3 Code Signing 2004 CA |
| ValidFrom | 2004-07-16 00:00:00 |
| ValidTo | 2014-07-15 23:59:59 |
| Signature | ae3a17b84a7b55fa6455ec40a4ed494190999c89bcaf2e1dca7823f91c190f7feb68bc32d98838dedc3fd389b43fb18296f1a45abaed2e26d3de7c016e000a00a4069211480940f91c1879672324e0bbd5e150ae1bf50edde02e81cd80a36c524f9175558aba22f2d2ea4175882f63557d1e545a9559cad93481c05f5ef67ab5 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4191a15a3978dfcf496566381d4c75c2 |
| Version | 3 |
Certificate 225c8b52640584163ec1835017ded781
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 1be2a89d67bb40c5a169d9e31c1a85af |
| ToBeSigned (TBS) SHA1 | 626dfc9caa0b9c229d6327683e87e36da2f30a3d |
| ToBeSigned (TBS) SHA256 | bb4688ce8067e75a34458bff65e0bf0fd213b3e9416108aabb410d305495dc77 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=RD, CN=Trend Micro, Inc. |
| ValidFrom | 2007-01-30 00:00:00 |
| ValidTo | 2008-02-15 23:59:59 |
| Signature | ad2b4e7b5257d4923230029228ae497edd7f8fb5694b021ef1e8a7dbc6c11f7302b8f8d07e7364296d45081c37e0a861df51e62a158847d4925dc5b78da837b24edcd18e671ff0ccbe56e7327437091db3a24e4f471c45cac3916132d2e9b721410b24e83b89779e73b6fef1f026cf155587e0610f872a87321afab6c53ec7a2cfe2048b5928b919e56223762d9c5ce4e2f09ee9a3a6933fb3453a4c808a41a47d245e1ddc951f57ee62ef636ff79e061ce084668d58f3a9f4e1b839af75204b203b7d827b037f3ebc19383e69c6540a780b75d6d22d5e05614665cfa12ca2fe65146d9d684c5a3377c79acc86723943bc522064ac4b545e1a13e88ee4b6fe76 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 225c8b52640584163ec1835017ded781 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- _purecall
- ExAcquireFastMutexUnsafe
- KeEnterCriticalRegion
- KeGetCurrentThread
- KeLeaveCriticalRegion
- ExReleaseFastMutexUnsafe
- wcsncpy
- memcpy
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- IofCompleteRequest
- ZwClose
- KeDelayExecutionThread
- ObfDereferenceObject
- ObReferenceObjectByHandle
- ExEventObjectType
- ZwCreateEvent
- RtlInitUnicodeString
- swprintf
- KeQuerySystemTime
- KeWaitForSingleObject
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- DbgPrint
- RtlCopyUnicodeString
- ProbeForWrite
- ProbeForRead
- ExGetPreviousMode
- memset
- MmIsAddressValid
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- towupper
- _wcsnicmp
- _snprintf
- PsGetCurrentProcessId
- IoGetCurrentProcess
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- ZwCreateKey
- KeInitializeEvent
- KeWaitForMultipleObjects
- ZwNotifyChangeKey
- PsGetCurrentThreadId
- _vsnprintf
- MmMapLockedPagesSpecifyCache
- MmBuildMdlForNonPagedPool
- MmCreateMdl
- ExFreePoolWithTag
- MmUnmapLockedPages
- ExAllocatePoolWithTag
- RtlImageNtHeader
- mbstowcs
- _stricmp
- ZwQuerySystemInformation
- IoGetDeviceObjectPointer
- KeServiceDescriptorTable
- KeAddSystemServiceTable
- _strnicmp
- PsLookupProcessByProcessId
- KeUnstackDetachProcess
- KeStackAttachProcess
- ZwQueryObject
- ZwDuplicateObject
- ZwOpenProcess
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeNumberProcessors
- ZwQueryDirectoryFile
- ZwOpenDirectoryObject
- ZwQueryDirectoryObject
- IoFreeIrp
- IoFreeMdl
- IofCallDriver
- IoAllocateMdl
- IoAllocateIrp
- IoFileObjectType
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ZwQueryKey
- ZwSetValueKey
- ZwQuerySecurityObject
- ObInsertObject
- _allrem
- strncpy
- NtOpenProcess
- ObOpenObjectByPointer
- PsProcessType
- ObReferenceObjectByPointer
- MmSectionObjectType
- ObQueryNameString
- ObOpenObjectByName
- RtlAppendUnicodeStringToString
- ObfReferenceObject
- NtQueryInformationProcess
- _snwprintf
- RtlAnsiStringToUnicodeString
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- RtlEqualUnicodeString
- IoCreateFile
- PsGetVersion
- MmGetSystemRoutineAddress
- RtlCompareMemory
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- KeInitializeSemaphore
- KeReleaseSemaphore
- RtlSubAuthoritySid
- RtlInitializeSid
- RtlLengthRequiredSid
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- ZwSetEvent
- ZwRequestWaitReplyPort
- memmove
- ZwConnectPort
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- ExAllocatePool
- KeBugCheckEx
- RtlUpperChar
- RtlCompareUnicodeString
- KeTickCount
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- RtlUnwind
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- wcschr
- RtlAbsoluteToSelfRelativeSD
- RtlFreeUnicodeString
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z0@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBG@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKmLPC@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKmLPC@0
- _KmCallUm@8
- _MapMem@12
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadModule@8
- _ModUnLoadModule@4
- _TmCommConfigRoutine@4
- _UnMapMem@8
- _UtilGetProcessName@12
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilQueryKeyValue@24
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 79a2a585f9d1154213d9b83ef6b68ded
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e6d820afb23af20a65cf0b03247ea05e |
| ToBeSigned (TBS) SHA1 | 7a8f7c37453f99390ee1e94bb5d3d1cba3a0eea7 |
| ToBeSigned (TBS) SHA256 | 7e722dc40e6b9abf8c20aa4d887e34b6d2c6b8cbe53a055d49bf9f5e946e0d27 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G3 |
| ValidFrom | 2012-05-01 00:00:00 |
| ValidTo | 2012-12-31 23:59:59 |
| Signature | 1e98aa27b778b508b5c9726db7dfc00e98a635c488c9d2f66df14b1afbd5f92d99009ed1e79b8be13fbd39800c66cd07bc5c9854a694ba10d14e8babf56f65cc6709a2807c52e80e03d66b7ac60518ecc8ac427c072ca73d0866dc00edfd941d73f2729893b111d68fef8eeaacf496510cd08ddf31524f5eaf7da74a75e64ece2b9f292be7cf5d9f037e6e277b23ad622966af92e82ccebd9c7fdccd173c43c2093f7545c79ee4d7607f97c6e4aac769f5fccd74ac2cb048c1504e70561eb535d38ebeb1edacbdfe0cec857dd5bb856644195d9f93eb82ba639ed37c61ffc81bd923587f30a366a139265e92c33ccb3732faf5a38ddcd5b0a3e9253655d781fa |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 79a2a585f9d1154213d9b83ef6b68ded |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 4d6290e58c54f0f1eb17341a1310e6a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b7d8444a70054990435f35a5630df5e1 |
| ToBeSigned (TBS) SHA1 | 4678c6e4a8787a8e6ed2bce8792b122f6c08afd8 |
| ToBeSigned (TBS) SHA256 | 0a8b4b359ea7890b358e56e436e9cfc6f32b037b2599b597ca7f7a80d475ec98 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-09-30 00:00:00 |
| ValidTo | 2014-01-01 23:59:59 |
| Signature | aedd211d5f8f807ad25209eadb6ed25d8be8c21b6904be51a5010e59fa37d174a3eedced89742b62d5a6bf4fad361754f013e0a345d24c26cbe26da21fd01e7a070fb6b37b6f5068a2e931b3b7997d8070a0a7de0b1ea4fff34d811bdd20c91cc4afcff18ffad9da95f0ecdc5cbfe88c5a3e7ab0a3eb59437411e09b1a6af36f |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4d6290e58c54f0f1eb17341a1310e6a4 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 6326c00ead256b6837eeb29b5ee84720
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 11b208a45459069f827186fe81c6badd |
| ToBeSigned (TBS) SHA1 | 456356986e8ecbb7b05e4617d37cb8cd69ce4969 |
| ToBeSigned (TBS) SHA256 | 4a0336d7ffa5db42ece4b342e1244f5c2bd0681827f68f847d99195c83740145 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=RD, CN=Trend Micro, Inc. |
| ValidFrom | 2011-12-27 00:00:00 |
| ValidTo | 2013-02-15 23:59:59 |
| Signature | 840ba0fc35187fe2edc7b17c101fd2bf035bbad8f3de048e250741e96a3f4ecee86f1f065ea76f2f8f430a13a75ff3eab29a8b11a13006d27bf3173fa49aabf9cef98fc4554f1732317c4b821c740eb58a91977d85e86574dd712718b15d24f7eb88b6d4520aef788478e1ef8cebd7fff06fadbc87ca6ca2b77da85be3c30b4d590bcb8945a0acfa013f89073933494d9c465c0036280a5af39f6802e60bd175a2603366dd935cb3458b1791411a06b6e5f38e3171de4238051c79b33117cb94674d0625c402bdfb0f99b80625dc0f827911c6c11263884a4e41d1abf60070ad46b7296e19e1cfcda7304a650d7a814319cc11e5a947e82b2d00a169e798b871 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 6326c00ead256b6837eeb29b5ee84720 |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeInitializeSemaphore
- KeWaitForSingleObject
- KeReleaseSemaphore
- KeStackAttachProcess
- KeUnstackDetachProcess
- RtlSubAuthoritySid
- RtlInitializeSid
- ExAllocatePoolWithTag
- RtlLengthRequiredSid
- ExFreePoolWithTag
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwRequestWaitReplyPort
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- ObfReferenceObject
- IoGetCurrentProcess
- DbgBreakPoint
- PsGetProcessExitTime
- MmSectionObjectType
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- PsGetCurrentThreadId
- _vsnprintf
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- KeDelayExecutionThread
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ExGetPreviousMode
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- MmHighestUserAddress
- IoFreeIrp
- memcpy
- MmUnlockPages
- IoBuildAsynchronousFsdRequest
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- mbstowcs
- _purecall
- ZwOpenSymbolicLinkObject
- NtClose
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- RtlEqualUnicodeString
- IoFileObjectType
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- MmGetSystemRoutineAddress
- RtlCopyUnicodeString
- RtlCompareMemory
- _snwprintf
- RtlImageNtHeader
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlInitAnsiString
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- ObQueryNameString
- IoBuildDeviceIoControlRequest
- IofCompleteRequest
- ExEventObjectType
- _allmul
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- RtlUpperChar
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- IoDriverObjectType
- RtlAppendUnicodeStringToString
- strncmp
- NtQueryInformationProcess
- PsIsThreadTerminating
- PsThreadType
- KeAddSystemServiceTable
- ZwQueryObject
- ZwQuerySecurityObject
- ObInsertObject
- _allrem
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- RtlUpcaseUnicodeString
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- MmSystemRangeStart
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- wcsstr
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- RtlFreeAnsiString
- RtlUnicodeStringToAnsiString
- strncat
- wcschr
- wcsncat
- KeCancelTimer
- KeSetTimerEx
- KeInitializeTimer
- wcstombs
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- IoFreeMdl
- ExAcquireFastMutexUnsafe
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- ZwQuerySymbolicLinkObject
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- KeGetCurrentIrql
- ExAcquireFastMutex
- ExReleaseFastMutex
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z0@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKmLPC@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKmLPC@0
- _KmCallUm@8
- _KmCallUmEx@12
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilCleanFileReadOnly@4
- _UtilDeleteFileForce@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 478a8efb59e1d83f0ce142d2a28707be
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | f13ede9179075999ef7f856ec31e364b |
| ToBeSigned (TBS) SHA1 | 2f09867166e6107e17808317f5c8d4ee157f45bc |
| ToBeSigned (TBS) SHA256 | 089a2c4c6ac7432020acdb65c33bf39130da6f37c002ba79128bd4c94e4fa101 |
| Subject | C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Time Stamping Signer |
| ValidFrom | 2010-05-10 00:00:00 |
| ValidTo | 2015-05-10 23:59:59 |
| Signature | c8fb63f80b75752c3af1f213a72db6a31a9cad0107d3348e77e0c26eae025d484fa4d221b636fd2a35437c6bdf80870b15f0763200b4ceb567a42f2f201b9c549e833f1f5f149562820f2241221f70b3f3f742de6c51cd4bf821ac9b3b8cb1e5e6288fce2a8af9aa524d8c5b77ba4d5a58dbbb6a04cc521e9de228370ebbe70e91c7f8dbf18198ebcd37b30eab65d362ec3aa576eb13a83593c92e0a01ecc0e8cc3d7eb6ebe2c1ecd3149282668750dcfd5097acb34a767306c486113ab35f4304526feab3d074364ccaf11b7984377063ad74b9aa0ef398b08608ebdbe01f8c10f239649bae4f0a2c928a4f18b591e58d1a935f1faef1a6f02e97d0d2f62b3c |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 478a8efb59e1d83f0ce142d2a28707be |
| Version | 3 |
Certificate 250ce8e030612e9f2b89f7054d7cf8fd
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 918d9eb6a6cd36c531eceb926170a7e1 |
| ToBeSigned (TBS) SHA1 | 0ae95700d65e6f59715aa47048993ca7858e676a |
| ToBeSigned (TBS) SHA256 | 47c46e6eaa3780eace3d0d891346cd373359d246b21a957219dbab4c8f37c166 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2006-11-08 00:00:00 |
| ValidTo | 2021-11-07 23:59:59 |
| Signature | 1302ddf8e88600f25af8f8200c59886207cecef74ef9bb59a198e5e138dd4ebc6618d3adeb18f20dc96d3e4a9420c33cbabd6554c6af44b310ad2c6b3eabd707b6b88163c5f95e2ee52a67cecd330c2ad7895603231fb3bee83a0859b4ec4535f78a5bff66cf50afc66d578d1978b7b9a2d157ea1f9a4bafbac98e127ec6bdff |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 250ce8e030612e9f2b89f7054d7cf8fd |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 5bb307b9e6fbf0c0fd40f5772d1ad8e3
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e8f93ae74cc54a00e4278f92c46c42e9 |
| ToBeSigned (TBS) SHA1 | 1e2d3a7e0be7d05f35ede330e922292e6ffa1a0c |
| ToBeSigned (TBS) SHA256 | 9d5606f127dc9d395d41a511d41831b7fff0954458d6c2d09297e25d2a44671f |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, CN=Trend Micro, Inc. |
| ValidFrom | 2014-02-07 00:00:00 |
| ValidTo | 2015-04-08 23:59:59 |
| Signature | 95676d657200d1a91b1629ed0bb118cc53bbacd5393d361300de6c1107b5007664bf846a75e03f5f4c9d6d9882cbb744621deee429f37c0695f829dace5b0f44309bdaa5a132dfbd8161e0a490752ecc340e7ae1c40c01c2029b7d8c0ecc9a717843e22a7a7232b64dfdec2f1312a6fd514a59d27eb2486dc5e9cbe7aa1ea6e21598f06bbd3faf3c37073e2f363b4133336ecb536a7735f53ddd666509cef465ae1c5e01a23b674a7bf4a8835c3ddd85168f84ff5c63a1685a15939bc0c7e5dd92bc95e41a0fd443d384e328be7374e95e28230365a7489d114009911ecee502afe8dbcdb44055df9b59feebc6d05eeffba205a4d62574936463bb05f79b5be4 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 5bb307b9e6fbf0c0fd40f5772d1ad8e3 |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- IoGetCurrentProcess
- ObfReferenceObject
- DbgBreakPoint
- ZwRequestWaitReplyPort
- ExFreePoolWithTag
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- PsGetProcessExitTime
- MmSectionObjectType
- PsThreadType
- ObReleaseObjectSecurity
- SeReleaseSubjectContext
- SeAccessCheck
- SeCaptureSubjectContext
- ObGetObjectSecurity
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- ExAllocatePoolWithTag
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- PsGetCurrentThreadId
- RtlInitAnsiString
- ZwDeviceIoControlFile
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- _vsnprintf
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- KeWaitForSingleObject
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeDelayExecutionThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ExGetPreviousMode
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- IoFileObjectType
- _allrem
- ZwQuerySecurityObject
- memcpy
- RtlLengthSecurityDescriptor
- MmHighestUserAddress
- IoFreeIrp
- IoFreeMdl
- MmUnlockPages
- _purecall
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ObQueryNameString
- MmGetSystemRoutineAddress
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- RtlImageNtHeader
- RtlCompareMemory
- _snwprintf
- MmSystemRangeStart
- wcsncmp
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- _allmul
- KeReleaseSemaphore
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- KeInitializeSemaphore
- IofCompleteRequest
- ExEventObjectType
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- RtlUpperChar
- ObReferenceObjectByName
- IoDriverObjectType
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- NtQueryInformationProcess
- PsIsThreadTerminating
- KeAddSystemServiceTable
- ZwQueryObject
- ZwFsControlFile
- ObInsertObject
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- wcsstr
- RtlUpcaseUnicodeString
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- RtlFreeAnsiString
- RtlUnicodeStringToAnsiString
- strncat
- wcschr
- wcsncat
- wcstombs
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- ZwSetSecurityObject
- ExAcquireFastMutexUnsafe
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- IoBuildAsynchronousFsdRequest
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- ExAcquireFastMutex
- ExReleaseFastMutex
- KeGetCurrentIrql
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDebugLogEx@@QAE@ABV0@@Z
- ??0CDebugLogEx@@QAE@K@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z01@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0CWorkerThreadPoolEx@@QAE@ABV0@@Z
- ??0CWorkerThreadPoolEx@@QAE@KK@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDebugLogEx@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1CWorkerThreadPoolEx@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDebugLogEx@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MAEXXZ
- ?FinishIt@CWorkerThreadJob@@QAEJXZ
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetLogFlag@CDebugLogEx@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitProcMon@CDebugLogEx@@IAEXXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QAEJP6GXPAX@Z0E1@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReadWIRP@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetLogFlag@CDebugLogEx@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?Terminate@CWorkerThreadPoolEx@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QAEXXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CDebugLogEx@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteDataToFile@CDebugLogEx@@IAEXPADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IAEXPAD@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemInformation@CDebugLogEx@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IAEXPAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKm2UmCommunication@0
- _DeInitKmLPC@0
- _DuplicateFullFileName@4
- _FreeFullFileName@4
- _GetKm2UmMode@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKm2UmCommunication@8
- _InitKmLPC@0
- _IsWindows8_1_update@4
- _KmCallUm@8
- _KmCallUmByLPC@8
- _KmCallUmEx@12
- _KmCleanupCommPortAPIs@0
- _KmGetUmInitProcess@0
- _KmSetCommPortAPIs@4
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilAddReparsePointMapping@8
- _UtilCleanFileReadOnly@4
- _UtilCreateDosFileName@8
- _UtilDeleteFileForce@4
- _UtilGetDeviceObjectName@8
- _UtilGetFileNameFromFileObject@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilPostJobToWorkerThread@12
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- _ValidateAddressWithSize@20
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 1688f039255e638e69143907e6330b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 0179e8ddeebaf8998fec419d65cdf13d |
| ToBeSigned (TBS) SHA1 | 34c724c3369f2da8c25b591808962f66f10bde28 |
| ToBeSigned (TBS) SHA256 | 35b0bac11602847aaab65fb35199d3c8976cde3ccf7e061b130177c712cbd92f |
| Subject | C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO SHA,1 Time Stamping Signer |
| ValidFrom | 2015-12-31 00:00:00 |
| ValidTo | 2019-07-09 18:40:36 |
| Signature | ba332440408c7cdb589fb36098b2f5c031feeb1f6e50f60ae0e4e681ad2687a2dffdb3daf473f300fb291b891b153edb6b52932bc4ac3981d73c67579a3936e028089ae3394f9b89097f7bc5617f598932250a6aae1a3ef0a227a8b6c3b887f7160448413d5cd8ec9f4d203104d965a1edcd690753163ddd36020a88eb40e506300bb8164bdcefbc5509ffc63e122e76b3dcce42eff97657e1b70a054098589a5d711693718c6581ea6ff389f7fb73adb4e7bfd98e6faa0b4f25f3b8e1d5dd75986881f8aac0d180c2c4c43989c1f6c99e6cd774f9d997f84fc29a0acd5e8ff819e9e0a59fc4f09221e62d7925c922f9c3f03a8457ad3a16f46394101d5dd0c6 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 1688f039255e638e69143907e6330b |
| Version | 3 |
Certificate 774d49c5649436de6bf3190a67eedcdf
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b3ca7d6b821d8e3432b29874980af55e |
| ToBeSigned (TBS) SHA1 | 618d7e55a24c1d8b65a0bcce79120c5e3b13fa4d |
| ToBeSigned (TBS) SHA256 | c645c6a7dc7243a4a3f78a6569c029401a7bda8bc4732ce7198d9f21f19b12fa |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2016-03-29 00:00:00 |
| ValidTo | 2017-06-28 23:59:59 |
| Signature | 27351697f046d1d43fe306dff30b83e7a404e3e6431c1e06829c558d99eb3f21776021e3e1bd4e485aba08b89bb0972f23daa471d7b432a44a591270f9a838f13dbda32ee936c0df792cff8c493e1f27b2282b3d896ae7b4155ca1a50bf7111f3f4bbbe11f17cfe5d49c0589c210966ef7e567153e802d2e783ff498c59585598d9d3e93273d1e81c07ce85c0cfb24834d448c3930120f1686bd472d916ac8f9475acfdb27be8528311f668d71dfc132a0ff62df7baa575a0cc732b3de003beca214954d4d97cf9511b9329eccbb7b716675b31e543a43570080dffce3fc8ca8fbb17d954b9678e2d0c1e1710a5cf03952a687fede59dcba3bf98900f9934f12 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 774d49c5649436de6bf3190a67eedcdf |
| Version | 3 |
Certificate 611993e400000000001c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78a717e082dcc1cda3458d917e677d14 |
| ToBeSigned (TBS) SHA1 | 4a872e0e51f9b304469cd1dedb496ee9b8b983a4 |
| ToBeSigned (TBS) SHA256 | 317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2011-02-22 19:25:17 |
| ValidTo | 2021-02-22 19:35:17 |
| Signature | 812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 611993e400000000001c |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- RtlInitUnicodeString
- KeInitializeEvent
- KeClearEvent
- KeSetEvent
- KeEnterCriticalRegion
- KeLeaveCriticalRegion
- KeWaitForSingleObject
- ExFreePoolWithTag
- ExAcquireFastMutexUnsafe
- ExReleaseFastMutexUnsafe
- ProbeForRead
- ProbeForWrite
- ExAcquireResourceSharedLite
- ExAcquireResourceExclusiveLite
- ExReleaseResourceLite
- MmProbeAndLockPages
- MmUnlockPages
- MmMapLockedPagesSpecifyCache
- IoAllocateMdl
- IoFreeMdl
- IoGetCurrentProcess
- ObfReferenceObject
- ObfDereferenceObject
- ZwClose
- ZwCreateSection
- ZwOpenSection
- ZwMapViewOfSection
- ZwUnmapViewOfSection
- ZwOpenEvent
- KePulseEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObOpenObjectByPointer
- ZwAllocateVirtualMemory
- ZwFreeVirtualMemory
- ZwSetEvent
- __C_specific_handler
- PsProcessType
- wcslen
- wcsncpy
- wcsrchr
- RtlUnicodeStringToInteger
- ZwWaitForSingleObject
- ZwRequestWaitReplyPort
- ZwConnectPort
- SeCaptureSubjectContext
- SeReleaseSubjectContext
- SeAccessCheck
- ObGetObjectSecurity
- ObReleaseObjectSecurity
- PsGetProcessExitTime
- PsThreadType
- MmSectionObjectType
- RtlCreateSecurityDescriptor
- RtlSetDaclSecurityDescriptor
- KeInitializeSemaphore
- KeReleaseSemaphore
- ExAllocatePoolWithTag
- ExAcquireFastMutex
- ExReleaseFastMutex
- RtlCreateAcl
- RtlAddAccessAllowedAce
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- KeDelayExecutionThread
- ExGetPreviousMode
- DbgPrint
- swprintf
- RtlCopyUnicodeString
- PsGetVersion
- IofCompleteRequest
- IoCreateSymbolicLink
- IoDeleteDevice
- IoDeleteSymbolicLink
- ObReferenceObjectByHandle
- PsGetCurrentProcessId
- ZwCreateEvent
- ExEventObjectType
- _wcsnicmp
- PsSetCreateProcessNotifyRoutine
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwCreateFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwReadFile
- ZwWriteFile
- towupper
- MmGetSystemRoutineAddress
- ObReferenceObjectByPointer
- MmIsAddressValid
- PsGetCurrentThreadId
- ObQueryNameString
- _snprintf
- _vsnprintf
- RtlInitAnsiString
- RtlAnsiStringToUnicodeString
- RtlFreeUnicodeString
- RtlTimeToTimeFields
- KeWaitForMultipleObjects
- ExSystemTimeToLocalTime
- wcscat
- ZwDeviceIoControlFile
- ZwNotifyChangeKey
- ZwOpenFile
- ZwQueryVolumeInformationFile
- mbstowcs
- _stricmp
- IoGetDeviceObjectPointer
- RtlImageNtHeader
- ZwQuerySystemInformation
- IoBuildDeviceIoControlRequest
- IofCallDriver
- IoCreateFile
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlUpcaseUnicodeChar
- _snwprintf
- strlen
- _strnicmp
- strncpy
- NtOpenProcess
- NtQueryInformationProcess
- ObOpenObjectByName
- KeSetPriorityThread
- PsCreateSystemThread
- PsTerminateSystemThread
- KeNumberProcessors
- RtlLengthSecurityDescriptor
- ZwOpenKey
- ZwDeleteKey
- ZwDeleteValueKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryKey
- ZwQueryValueKey
- ZwSetValueKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwDuplicateObject
- ZwQuerySecurityObject
- ZwSetSecurityObject
- ZwQueryDirectoryObject
- ZwQueryDirectoryFile
- NtCreateFile
- NtQueryInformationFile
- NtSetInformationFile
- IoFileObjectType
- ObInsertObject
- wcschr
- wcsncmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- RtlCompareMemory
- MmBuildMdlForNonPagedPool
- IoAllocateIrp
- IoFreeIrp
- ZwOpenSymbolicLinkObject
- ZwQuerySymbolicLinkObject
- RtlUpcaseUnicodeString
- NtClose
- ZwSetInformationObject
- SeQueryAuthenticationIdToken
- MmSystemRangeStart
- IoGetFileObjectGenericMapping
- ObCreateObject
- SeCreateAccessState
- IoAcquireVpbSpinLock
- IoReleaseVpbSpinLock
- wcstombs
- strncat
- wcsncat
- RtlUnicodeStringToAnsiString
- RtlFreeAnsiString
- strcpy
- wcsstr
- RtlCompareUnicodeString
- DbgPrintEx
- KeAcquireSpinLockRaiseToDpc
- KeReleaseSpinLock
- ExAllocatePool
- ExpInterlockedPopEntrySList
- IoBuildSynchronousFsdRequest
- IoGetStackLimits
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- IoUnregisterPlugPlayNotification
- IoGetConfigurationInformation
- FsRtlIsNameInExpression
- IoDeviceObjectType
- IoCreateDevice
- RtlGetOwnerSecurityDescriptor
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- SeCaptureSecurityDescriptor
- RtlLengthSid
- SeExports
- IoIsWdmVersionAvailable
- RtlAbsoluteToSelfRelativeSD
- ZwCreateKey
- _purecall
- KeBugCheckEx
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QEAA@AEBV0@@Z
- ??0CAutoUpdateConfigThread@@QEAA@PEAU_UNICODE_STRING@@P6AX0PEAX@Z1@Z
- ??0CBlobConfig@@QEAA@AEBV0@@Z
- ??0CBlobConfig@@QEAA@K@Z
- ??0CContext@@QEAA@AEBV0@@Z
- ??0CContext@@QEAA@KP6AJPEAU_EVENT_REPORT@@PEAXPEAU_TMCE_REPORT@@PEAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QEAA@AEBV0@@Z
- ??0CContextList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QEAA@AEBV0@@Z
- ??0CDebugLog@@QEAA@PEBG@Z
- ??0CDebugLogEx@@QEAA@AEBV0@@Z
- ??0CDebugLogEx@@QEAA@K@Z
- ??0CDelayLoadThread@@QEAA@AEBV0@@Z
- ??0CDelayLoadThread@@QEAA@XZ
- ??0CExclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CExclusionExtConfig@@QEAA@KKE@Z
- ??0CExclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFileNameConfig@@QEAA@KK@Z
- ??0CExclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFilePathConfig@@QEAA@KK@Z
- ??0CExclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFolderConfig@@QEAA@KK@Z
- ??0CExclusionRegistryConfig@@QEAA@AEBV0@@Z
- ??0CExclusionRegistryConfig@@QEAA@KK@Z
- ??0CFile@@QEAA@AEBV0@@Z
- ??0CFile@@QEAA@E@Z
- ??0CFileExtension@@QEAA@AEBV0@@Z
- ??0CFileExtension@@QEAA@KEEPEAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CInclusionExtConfig@@QEAA@KKE@Z
- ??0CInclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFileNameConfig@@QEAA@KK@Z
- ??0CInclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFilePathConfig@@QEAA@KK@Z
- ??0CInclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFolderConfig@@QEAA@KK@Z
- ??0CKEvent@@QEAA@AEBV0@@Z
- ??0CKEvent@@QEAA@W4_EVENT_TYPE@@E@Z
- ??0CList@@QEAA@AEBV0@@Z
- ??0CList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QEAA@AEBV0@@Z
- ??0CLockEvent@@QEAA@XZ
- ??0CLockList@@QEAA@AEBV0@@Z
- ??0CLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IEAA@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QEAA@AEBV0@@Z
- ??0CMemoryPoolAllocator@@IEAA@W4_POOL_TYPE@@_K1K@Z
- ??0CMemoryPoolAllocator@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@XZ
- ??0CModuleConfigList@@QEAA@AEBV0@@Z
- ??0CModuleConfigList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QEAA@AEBV0@@Z
- ??0CModuleFileExtConfig@@QEAA@KKE@Z
- ??0CModuleFlagConfig@@QEAA@AEBV0@@Z
- ??0CModuleFlagConfig@@QEAA@K@Z
- ??0CModuleMultiStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleMultiStringConfig@@QEAA@KK@Z
- ??0CModuleStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleStringConfig@@QEAA@K@Z
- ??0CNoLockList@@QEAA@AEBV0@@Z
- ??0CNoLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QEAA@AEAVCLockEvent@@@Z
- ??0CSmartLock@@QEAA@XZ
- ??0CSmartReference@@QEAA@AEAJ@Z
- ??0CSmartReference@@QEAA@AEAK@Z
- ??0CSmartResource@@QEAA@AEAVCResource@@E@Z
- ??0CStrList@@QEAA@AEBV0@@Z
- ??0CStrList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QEAA@AEBV0@@Z
- ??0CSystemThread@@QEAA@K@Z
- ??0CUserFuncAdapterJob@@QEAA@AEBV0@@Z
- ??0CUserFuncAdapterJob@@QEAA@P6AXPEAX@Z01@Z
- ??0CWorkerThread@@IEAA@PEAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@E@Z
- ??0CWorkerThreadJobQueue@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJobQueue@@QEAA@K@Z
- ??0CWorkerThreadPool@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPool@@QEAA@K@Z
- ??0CWorkerThreadPoolEx@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPoolEx@@QEAA@KK@Z
- ??0IMemoryAllocator@@QEAA@AEBV0@@Z
- ??0IMemoryAllocator@@QEAA@XZ
- ??1CAutoUpdateConfigThread@@UEAA@XZ
- ??1CBlobConfig@@UEAA@XZ
- ??1CContext@@UEAA@XZ
- ??1CContextList@@UEAA@XZ
- ??1CDebugLog@@UEAA@XZ
- ??1CDebugLogEx@@UEAA@XZ
- ??1CDelayLoadThread@@UEAA@XZ
- ??1CExclusionExtConfig@@UEAA@XZ
- ??1CExclusionFileNameConfig@@UEAA@XZ
- ??1CExclusionFilePathConfig@@UEAA@XZ
- ??1CExclusionFolderConfig@@UEAA@XZ
- ??1CExclusionRegistryConfig@@UEAA@XZ
- ??1CFile@@UEAA@XZ
- ??1CFileExtension@@UEAA@XZ
- ??1CInclusionExtConfig@@UEAA@XZ
- ??1CInclusionFileNameConfig@@UEAA@XZ
- ??1CInclusionFilePathConfig@@UEAA@XZ
- ??1CInclusionFolderConfig@@UEAA@XZ
- ??1CKEvent@@UEAA@XZ
- ??1CList@@UEAA@XZ
- ??1CLockEvent@@UEAA@XZ
- ??1CLockList@@UEAA@XZ
- ??1CMemoryAllocator@@UEAA@XZ
- ??1CMemoryPoolAllocator@@UEAA@XZ
- ??1CModuleConfig@@UEAA@XZ
- ??1CModuleConfigList@@UEAA@XZ
- ??1CModuleFileExtConfig@@UEAA@XZ
- ??1CModuleFlagConfig@@UEAA@XZ
- ??1CModuleMultiStringConfig@@UEAA@XZ
- ??1CModuleStringConfig@@UEAA@XZ
- ??1CNoLockList@@UEAA@XZ
- ??1CSmartLock@@QEAA@XZ
- ??1CSmartReference@@QEAA@XZ
- ??1CSmartResource@@QEAA@XZ
- ??1CStrList@@UEAA@XZ
- ??1CSystemThread@@UEAA@XZ
- ??1CUserFuncAdapterJob@@UEAA@XZ
- ??1CWorkerThread@@UEAA@XZ
- ??1CWorkerThreadJob@@UEAA@XZ
- ??1CWorkerThreadJobQueue@@UEAA@XZ
- ??1CWorkerThreadPool@@UEAA@XZ
- ??1CWorkerThreadPoolEx@@UEAA@XZ
- ??1IMemoryAllocator@@UEAA@XZ
- ??2@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??2CMemoryAllocator@@SAPEAX_K@Z
- ??2CMemoryPoolAllocator@@SAPEAX_K@Z
- ??3@YAXPEAX@Z
- ??3@YAXPEAX_K@Z
- ??3IMemoryAllocator@@SAXPEAX@Z
- ??4CAutoUpdateConfigThread@@QEAAAEAV0@AEBV0@@Z
- ??4CBlobConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CContext@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLog@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLogEx@@QEAAAEAV0@AEBV0@@Z
- ??4CDelayLoadThread@@QEAAAEAV0@AEBV0@@Z
- ??4CFile@@QEAAAEAV0@AEBV0@@Z
- ??4CKEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CLockEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryPoolAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleFlagConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleStringConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEBV0@AEAVCLockEvent@@@Z
- ??4CSmartResource@@QEAAAEAV0@AEBV0@@Z
- ??4CSystemThread@@QEAAAEAV0@AEBV0@@Z
- ??4CUserFuncAdapterJob@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThread@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThreadJob@@QEAAAEAV0@AEBV0@@Z
- ??4IMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QEAAXXZ
- ??_FCFile@@QEAAXXZ
- ??_FCFileExtension@@QEAAXXZ
- ??_FCModuleConfigList@@QEAAXXZ
- ??_FCStrList@@QEAAXXZ
- ??_FCSystemThread@@QEAAXXZ
- ??_FCWorkerThread@@QEAAXXZ
- ??_FCWorkerThreadJob@@QEAAXXZ
- ??_FCWorkerThreadJobQueue@@QEAAXXZ
- ??_U@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??_V@YAXPEAX@Z
- ??_V@YAXPEAX_K@Z
- ?Acquire@CLockEvent@@QEAAXXZ
- ?Add@CContextList@@QEAAEPEAVCContext@@@Z
- ?Add@CFileExtension@@QEAAEPEBGK@Z
- ?Add@CModuleConfigList@@QEAAEPEAVCModuleConfig@@@Z
- ?Add@CStrList@@QEAAEPEBG@Z
- ?AddNode@CLockList@@UEAAEQEAXE@Z
- ?AddNode@CNoLockList@@UEAAEQEAXE@Z
- ?Alloc@CMemoryAllocator@@UEAAPEAX_KPEBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UEAAPEAX_KPEBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IEAAPEAX_K@Z
- ?AttachJobQueue@CWorkerThread@@QEAAXPEAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QEAAXXZ
- ?CheckNode@CLockList@@UEAAHQEAX@Z
- ?CheckNode@CNoLockList@@UEAAHQEAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QEAAXXZ
- ?Cleanup@CBlobConfig@@AEAAXXZ
- ?Cleanup@CModuleFileExtConfig@@IEAAXXZ
- ?Cleanup@CModuleMultiStringConfig@@IEAAXXZ
- ?Cleanup@CModuleStringConfig@@AEAAXXZ
- ?Close@CFile@@QEAAJXZ
- ?Count@CLockList@@QEAAKXZ
- ?Count@CNoLockList@@QEAAKXZ
- ?Create@CFile@@QEAAJPEBGKKKK@Z
- ?Create@CSystemThread@@QEAAEXZ
- ?CreateInstance@CMemoryAllocator@@SAPEAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SAPEAV1@W4_POOL_TYPE@@_K1K@Z
- ?CreatePool@CWorkerThreadPool@@QEAAEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QEAAEXZ
- ?CreateThreads@CWorkerThreadPool@@QEAAEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QEAAEK@Z
- ?CreateWIRP@CFile@@QEAAJPEBGKKKK@Z
- ?Delete@CFile@@QEAAJXZ
- ?Delete@CFileExtension@@QEAAEPEBGK@Z
- ?Delete@CStrList@@QEAAEPEBG@Z
- ?DeleteAll@CList@@UEAAXXZ
- ?DeleteAll@CLockList@@UEAAXXZ
- ?DeleteAll@CNoLockList@@UEAAXXZ
- ?DeleteNode@CContextList@@MEAAXPEAX@Z
- ?DeleteNode@CList@@UEAAXPEAX@Z
- ?DeleteNode@CModuleConfigList@@MEAAXPEAX@Z
- ?DeleteNode@CStrList@@EEAAXPEAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YAXPEAPEAX@Z
- ?DoIt@CWorkerThreadJob@@QEAAJXZ
- ?EntryPoint@CSystemThread@@KAXPEAX@Z
- ?Find@CContextList@@QEAAPEAVCContext@@K@Z
- ?Find@CContextList@@QEAAPEAVCContext@@PEAX@Z
- ?Find@CFileExtension@@QEAAPEAU_STR_LIST_NODE@CStrList@@PEBGK@Z
- ?Find@CModuleConfigList@@QEAAPEAVCModuleConfig@@K@Z
- ?Find@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FindNode@CContextList@@IEAAPEAXPEAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?FinishIt@CWorkerThreadJob@@QEAAJXZ
- ?First@CList@@UEAAPEAXXZ
- ?First@CLockList@@UEAAPEAXXZ
- ?First@CNoLockList@@UEAAPEAXXZ
- ?Free@CMemoryAllocator@@UEAAXPEAX@Z
- ?Free@CMemoryPoolAllocator@@UEAAXPEAX@Z
- ?GetAttributes@CFile@@QEAAKXZ
- ?GetBasicInfomration@CFile@@IEAAJXZ
- ?GetBlobCofig@CContext@@UEAAJKPEAXPEAK@Z
- ?GetCategory@CContext@@QEAAKXZ
- ?GetData@CBlobConfig@@QEAAHPEAXPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAPEAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QEAAKXZ
- ?GetData@CModuleMultiStringConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleMultiStringConfig@@QEAAPEAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QEAAPEAGXZ
- ?GetData@CStrList@@QEAAEPEAGPEAK@Z
- ?GetDataType@CModuleConfig@@QEAAKXZ
- ?GetEngineContext@CContext@@QEAAPEAXXZ
- ?GetFileExtensionConfig@CContext@@QEAAPEAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetFileSize@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UEAAJKPEAK@Z
- ?GetID@CModuleConfig@@QEAAKXZ
- ?GetJob@CWorkerThreadJobQueue@@QEAAPEAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QEAAKXZ
- ?GetLinkContext@CContext@@QEAAPEAXXZ
- ?GetLogFlag@CDebugLog@@QEAAKXZ
- ?GetLogFlag@CDebugLogEx@@QEAAKXZ
- ?GetModuleId@CModuleConfig@@QEAAKXZ
- ?GetMultiStringConfig@CContext@@QEAAPEAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QEAA_KXZ
- ?GetSize@CBlobConfig@@QEAAKXZ
- ?GetStringConfig@CContext@@QEAAPEAGK@Z
- ?GetStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QEAAKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QEAAKXZ
- ?GetThreadID@CSystemThread@@QEAA_KXZ
- ?GetType@CContext@@QEAAKXZ
- ?GetUserParameter@CContext@@QEAA_KXZ
- ?InitProcMon@CDebugLogEx@@IEAAXXZ
- ?InitializeBlobConfig@CContext@@QEAAHKPEAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeFlagConfig@CContext@@QEAAHKK@Z
- ?InitializeMultiStringConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeStringConfig@CContext@@QEAAHKPEBG@Z
- ?Insert@CList@@UEAAXQEAXE@Z
- ?Insert@CLockList@@UEAAXQEAXE@Z
- ?Insert@CNoLockList@@UEAAXQEAXE@Z
- ?InsertAfter@CList@@UEAAXPEAX0@Z
- ?InsertBefore@CList@@UEAAXPEAX0@Z
- ?Instance@CWorkerThreadPool@@SAPEAV1@XZ
- ?IsEmpty@CList@@UEAAEXZ
- ?IsEmpty@CLockList@@UEAAEXZ
- ?IsEmpty@CNoLockList@@UEAAEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IEAAEK@Z
- ?IsFull@CLockList@@QEBAEXZ
- ?IsFull@CNoLockList@@QEBAEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QEAAEPEBG@Z
- ?IsOpened@CFile@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPool@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QEAAEXZ
- ?IsValid@CMemoryAllocator@@UEAAEXZ
- ?IsValid@CMemoryPoolAllocator@@UEAAEXZ
- ?IsValid@IMemoryAllocator@@UEAAEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QEAAE_K@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QEAAE_K@Z
- ?JobFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?JobQueue@CWorkerThreadPool@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QEAAKXZ
- ?Limit@CNoLockList@@QEAAKXZ
- ?MatchAllExtensions@CFileExtension@@QEAAEXZ
- ?MatchNoExtensions@CFileExtension@@QEAAEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?NeedDelete@CWorkerThreadJob@@QEAAEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QEAAXE@Z
- ?NewNode@CList@@UEAAPEAXXZ
- ?NewNode@CStrList@@EEAAPEAXXZ
- ?NewNodeVariant@CList@@IEAAPEAXK@Z
- ?Next@CList@@UEBAPEAXQEAX@Z
- ?Next@CLockList@@UEBAPEAXQEAX@Z
- ?Next@CNoLockList@@UEBAPEAXQEAX@Z
- ?NextPool@CMemoryPoolAllocator@@QEAAPEAV1@XZ
- ?NotityTerminate@CWorkerThread@@QEAAXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QEAAJP6AXPEAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QEAAJP6AXPEAX@Z0E1@Z
- ?Pulse@CKEvent@@QEAAJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QEAAEPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SAPEAV1@XZ
- ?Read@CFile@@QEAAJPEADKPEAK@Z
- ?ReadWIRP@CFile@@QEAAJPEADKPEAK@Z
- ?ReferenceCount@CContext@@QEAAAEAKXZ
- ?Release@CLockEvent@@QEAAXXZ
- ?Remove@CContextList@@UEAAEQEAX@Z
- ?Remove@CList@@UEAAEQEAX@Z
- ?Remove@CLockList@@UEAAEQEAX@Z
- ?Remove@CNoLockList@@UEAAEQEAX@Z
- ?RemoveHead@CList@@UEAAPEAXXZ
- ?RemoveHead@CLockList@@UEAAPEAXXZ
- ?RemoveHead@CNoLockList@@UEAAPEAXXZ
- ?RemoveTail@CList@@UEAAPEAXXZ
- ?RemoveTail@CLockList@@UEAAPEAXXZ
- ?RemoveTail@CNoLockList@@UEAAPEAXXZ
- ?Reset@CKEvent@@QEAAXXZ
- ?ResetData@CInclusionExtConfig@@QEAAXXZ
- ?ResetData@CInclusionFileNameConfig@@QEAAXXZ
- ?ResetData@CInclusionFilePathConfig@@QEAAXXZ
- ?ResetData@CInclusionFolderConfig@@QEAAXXZ
- ?RestoreCR0@@YAXPEAX@Z
- ?Run@CAutoUpdateConfigThread@@UEAAXXZ
- ?Run@CDelayLoadThread@@UEAAXXZ
- ?Run@CWorkerThread@@UEAAXXZ
- ?SeekToEnd@CFile@@QEAAJXZ
- ?Set@CKEvent@@QEAAJJE@Z
- ?SetAttributes@CFile@@QEAAJK@Z
- ?SetBlobCofig@CContext@@UEAAJKPEAXK@Z
- ?SetData@CBlobConfig@@QEAAHPEAXK@Z
- ?SetData@CModuleFileExtConfig@@QEAAHPEBG@Z
- ?SetData@CModuleFlagConfig@@QEAAHK@Z
- ?SetData@CModuleMultiStringConfig@@QEAAHPEBGK@Z
- ?SetData@CModuleStringConfig@@QEAAHPEBG@Z
- ?SetEngineContext@CContext@@QEAAXPEAX@Z
- ?SetFileExtensionConfig@CContext@@UEAAJKPEBG@Z
- ?SetFlagConfig@CContext@@UEAAJKK@Z
- ?SetLinkContext@CContext@@QEAAXPEAX@Z
- ?SetLogFlag@CDebugLog@@QEAAEK@Z
- ?SetLogFlag@CDebugLogEx@@QEAAEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QEAAXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QEAAXE@Z
- ?SetMultiStringConfig@CContext@@UEAAJKPEBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QEAAXXZ
- ?SetPriority@CSystemThread@@QEAAXK@Z
- ?SetStopUse@CContext@@QEAAXXZ
- ?SetStringConfig@CContext@@UEAAJKPEBG@Z
- ?Setup@CSystemThread@@MEAAXXZ
- ?StopUse@CContext@@QEAAHXZ
- ?TearDown@CSystemThread@@MEAAXXZ
- ?Terminate@CSystemThread@@QEAAXE@Z
- ?Terminate@CWorkerThreadPool@@QEAAEXZ
- ?Terminate@CWorkerThreadPoolEx@@QEAAEXZ
- ?TmExceptionFilter@@YAJPEAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QEAAJPEAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QEAAXXZ
- ?WaitForInit@CDelayLoadThread@@QEAAEXZ
- ?WaitForLoad@CDelayLoadThread@@QEAAEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QEAAEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QEAAXXZ
- ?Write@CDebugLog@@QEAAXPEBDZZ
- ?Write@CDebugLogEx@@QEAAXPEBDZZ
- ?Write@CFile@@QEAAJPEADKPEAT_LARGE_INTEGER@@PEAK@Z
- ?WriteDataToFile@CDebugLogEx@@IEAAXPEADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IEAAXPEAD@Z
- ?WriteSystemInformation@CDebugLog@@QEAAXXZ
- ?WriteSystemInformation@CDebugLogEx@@QEAAXXZ
- ?WriteSystemStringInformation@CDebugLog@@IEAAXPEBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IEAAXPEBG@Z
- ?WriteToFile@CDebugLog@@IEAAXPEADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IEAAXPEAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?_pPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?m_lpInstance@CWorkerThreadPool@@1PEAV1@EA
- ?m_lpRCMInstance@CWorkerThreadPool@@1PEAV1@EA
- AllocFullFileName
- DeInitKm2UmCommunication
- DeInitKmLPC
- DuplicateFullFileName
- FreeFullFileName
- GetKm2UmMode
- GetModuleInfoByAddress
- GetModuleInfoByModuleName
- InitKm2UmCommunication
- InitKmLPC
- IsVerifierCodeCheckFlagOn
- IsWindows8_1_update
- KmCallUm
- KmCallUmByLPC
- KmCallUmEx
- KmCleanupCommPortAPIs
- KmGetUmInitProcess
- KmSetBackupCommPortAPIs
- KmSetCommPortAPIs
- ModGetExportProcAddress
- ModLoadDLLToBuffer
- ModLoadDLLToBufferWithImageSize
- ModLoadModule
- ModUnLoadModule
- NormalizeFileName
- NormalizeFullNtPathToDosName
- TmCommConfigRoutine
- UtilAddDeviceInDriveTable
- UtilAddReparsePointMapping
- UtilCleanFileReadOnly
- UtilCloseExclusiveHandle
- UtilCreateDosFileName
- UtilDeleteFileForce
- UtilGetDeviceObjectName
- UtilGetFileNameFromFileObject
- UtilGetFileObjectForProcessByEPROC
- UtilGetFileObjectFromFileName
- UtilGetProcessName
- UtilGetSystemDirectory
- UtilGetSystemDirectoryEx
- UtilGetSystemDirectoryLength
- UtilGetSystemTime
- UtilIoSetFileInfo
- UtilIopCreateFileIRP
- UtilKeGetLowFileDevice
- UtilModuleIATHook
- UtilModuleIATUnHook
- UtilPostJobToWorkerThread
- UtilQueryExclusiveHandle
- UtilQueryKeyValue
- UtilRemoveDeviceFromDriveTable
- UtilVolumeDeviceToDosName
- UtilWaitValueChangeToZero
- UtilWriteVersionToRegistry
- UtilbuildDynamicDiskMappingTable
- UtlWriteBinValueKeyToRegistry
- ValidateAddressWithSize
- _ResetProtectFromClose
- _UtilDosPathNameToNtPathName
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 009feac811b0f16247a5fc20d80523ace6
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b6aa9cf28bcfc9f07ec1069fb425ab61 |
| ToBeSigned (TBS) SHA1 | ca7a166fcd53878ba5a38d4cac37c63513cfc1fa |
| ToBeSigned (TBS) SHA256 | 711394fc49f8948a831f687d42ced6b18514f57786ecc6cdbc3c3eb72e568a40 |
| Subject | C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Time Stamping Signer |
| ValidFrom | 2015-05-05 00:00:00 |
| ValidTo | 2015-12-31 23:59:59 |
| Signature | 0dbbad60111bb5f00dcce6483a7a3e0e33dc1cb9ead620fea34dd0cc764ee818d879dfd34f9a4264238a29728a3a6c66a63c3a17a8704565c673c3d0ce8954fbac690f58b019cb869f7eb97eeb5192bf9bddebd165f0257b887cdebda5c8b51451bcc081308a85387be679fe67559387fe4fe88d0eedf37292b5c289806dd159e31d0deab138ee039d0019a5ab219b79c3ccc23e687ebdc94d694db46451fbb22874e25389ce9dfaade2dbceab7b7e064474fd0aa3c9b7a730cd49d29264f122a6b828457479e9a7ce3b33f98350947d68c01d49c760787a3c6426d5befa0a6de41ee109538fa9c523acc79d614221f02c1671493b10af2c6f1ae631f114fd6c |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 009feac811b0f16247a5fc20d80523ace6 |
| Version | 3 |
Certificate 250ce8e030612e9f2b89f7054d7cf8fd
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 918d9eb6a6cd36c531eceb926170a7e1 |
| ToBeSigned (TBS) SHA1 | 0ae95700d65e6f59715aa47048993ca7858e676a |
| ToBeSigned (TBS) SHA256 | 47c46e6eaa3780eace3d0d891346cd373359d246b21a957219dbab4c8f37c166 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2006-11-08 00:00:00 |
| ValidTo | 2021-11-07 23:59:59 |
| Signature | 1302ddf8e88600f25af8f8200c59886207cecef74ef9bb59a198e5e138dd4ebc6618d3adeb18f20dc96d3e4a9420c33cbabd6554c6af44b310ad2c6b3eabd707b6b88163c5f95e2ee52a67cecd330c2ad7895603231fb3bee83a0859b4ec4535f78a5bff66cf50afc66d578d1978b7b9a2d157ea1f9a4bafbac98e127ec6bdff |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 250ce8e030612e9f2b89f7054d7cf8fd |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 1519396ee230f02cad1fcfdb077a35f0
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 7e2a6f93403382b4ec42463426d0a4b5 |
| ToBeSigned (TBS) SHA1 | 62acc697c0e2dc37f3d37ab79751637346e051e2 |
| ToBeSigned (TBS) SHA256 | 3e9a51973a839e5bc6e81c886e085b777d08ce2b24f816b7552cf2c44e322d59 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2015-02-20 00:00:00 |
| ValidTo | 2016-05-21 23:59:59 |
| Signature | e480eb7f78216a855e34dbcb712d3879d6b1744c823c8e78c3661e55182a5c1f3a03686169393ef8778c893a49604a79769f5ba7156426c5431ae729a8dc5f8e22b14d124e46eff3f4f660552a57250a15e15d07ad548a02cddf8a204b5010be387a05b1019f618cf15078d80a809a7272b1822a63862c7db194f12697a786001ef630ac9d8bf9f5475191f327b8ed4839dff1ef65e5eb8f91379a66366451f99cb633848c57d4392096e6080fa327b23fc3834ad4f6043904d6c5aeb35454a265b3fda38167cffa8394f092a74bad1ea386f63b7baeb95271a97fc3bff0a2bc96a834f280a254d7170e5cc2830f3bd0649178f8b04514ecd1103753b1762902 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 1519396ee230f02cad1fcfdb077a35f0 |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- ZwConnectPort
- RtlInitUnicodeString
- RtlUnicodeStringToInteger
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- IoGetCurrentProcess
- ObfReferenceObject
- DbgBreakPoint
- ZwRequestWaitReplyPort
- ExFreePoolWithTag
- ProbeForWrite
- ZwFreeVirtualMemory
- ZwAllocateVirtualMemory
- ObOpenObjectByPointer
- PsProcessType
- memmove
- PsGetProcessExitTime
- MmSectionObjectType
- PsThreadType
- MmGetSystemRoutineAddress
- ObReleaseObjectSecurity
- SeReleaseSubjectContext
- SeAccessCheck
- SeCaptureSubjectContext
- ObGetObjectSecurity
- DbgPrint
- memset
- MmIsAddressValid
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- ExAllocatePoolWithTag
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- PsGetCurrentThreadId
- RtlInitAnsiString
- ZwDeviceIoControlFile
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- _vsnprintf
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- ExGetPreviousMode
- KeWaitForSingleObject
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeDelayExecutionThread
- KeNumberProcessors
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- PsSetCreateProcessNotifyRoutine
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- IoFileObjectType
- _allrem
- memcpy
- ZwSetSecurityObject
- RtlLengthSecurityDescriptor
- MmHighestUserAddress
- IoFreeIrp
- IoFreeMdl
- _purecall
- IoBuildAsynchronousFsdRequest
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ObQueryNameString
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- ProbeForRead
- PsGetVersion
- RtlImageNtHeader
- RtlCompareMemory
- RtlUpcaseUnicodeString
- _snwprintf
- MmSystemRangeStart
- wcsncmp
- strrchr
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- _allmul
- KeReleaseSemaphore
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- KeInitializeSemaphore
- IofCompleteRequest
- ExEventObjectType
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- RtlUpperChar
- ObReferenceObjectByName
- IoDriverObjectType
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObOpenObjectByName
- NtQueryInformationProcess
- PsIsThreadTerminating
- KeAddSystemServiceTable
- ZwQueryObject
- ZwFsControlFile
- ObInsertObject
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- _allshr
- ExInterlockedPopEntrySList
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- wcsstr
- IoUnregisterPlugPlayNotification
- FsRtlIsNameInExpression
- IoGetConfigurationInformation
- MmProbeAndLockPages
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- ExAllocatePool
- RtlFreeAnsiString
- RtlUnicodeStringToAnsiString
- strncat
- wcschr
- wcsncat
- wcstombs
- KeTickCount
- KeBugCheckEx
- RtlUnwind
- wcsncpy
- ExReleaseResourceLite
- ExAcquireResourceExclusiveLite
- ExAcquireResourceSharedLite
- ExReleaseFastMutexUnsafe
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- ZwQuerySecurityObject
- ExAcquireFastMutexUnsafe
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- RtlAbsoluteToSelfRelativeSD
- MmUnlockPages
- KeGetCurrentThread
- KfAcquireSpinLock
- KfReleaseSpinLock
- KeRaiseIrqlToDpcLevel
- KfLowerIrql
- ExAcquireFastMutex
- ExReleaseFastMutex
- KeGetCurrentIrql
- KfRaiseIrql
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDebugLogEx@@QAE@ABV0@@Z
- ??0CDebugLogEx@@QAE@K@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z01@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0CWorkerThreadPoolEx@@QAE@ABV0@@Z
- ??0CWorkerThreadPoolEx@@QAE@KK@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDebugLogEx@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1CWorkerThreadPoolEx@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDebugLogEx@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MAEXXZ
- ?FinishIt@CWorkerThreadJob@@QAEJXZ
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetLogFlag@CDebugLogEx@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitProcMon@CDebugLogEx@@IAEXXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QAEJP6GXPAX@Z0E1@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReadWIRP@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetLogFlag@CDebugLogEx@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?Terminate@CWorkerThreadPoolEx@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QAEXXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CDebugLogEx@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteDataToFile@CDebugLogEx@@IAEXPADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IAEXPAD@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemInformation@CDebugLogEx@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IAEXPAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKm2UmCommunication@0
- _DeInitKmLPC@0
- _DuplicateFullFileName@4
- _FreeFullFileName@4
- _GetKm2UmMode@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKm2UmCommunication@8
- _InitKmLPC@0
- _IsWindows8_1_update@4
- _KmCallUm@8
- _KmCallUmByLPC@8
- _KmCallUmEx@12
- _KmCleanupCommPortAPIs@0
- _KmGetUmInitProcess@0
- _KmSetCommPortAPIs@4
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilAddReparsePointMapping@8
- _UtilCleanFileReadOnly@4
- _UtilCreateDosFileName@8
- _UtilDeleteFileForce@4
- _UtilGetDeviceObjectName@8
- _UtilGetFileNameFromFileObject@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilPostJobToWorkerThread@12
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- _ValidateAddressWithSize@20
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 009feac811b0f16247a5fc20d80523ace6
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b6aa9cf28bcfc9f07ec1069fb425ab61 |
| ToBeSigned (TBS) SHA1 | ca7a166fcd53878ba5a38d4cac37c63513cfc1fa |
| ToBeSigned (TBS) SHA256 | 711394fc49f8948a831f687d42ced6b18514f57786ecc6cdbc3c3eb72e568a40 |
| Subject | C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Time Stamping Signer |
| ValidFrom | 2015-05-05 00:00:00 |
| ValidTo | 2015-12-31 23:59:59 |
| Signature | 0dbbad60111bb5f00dcce6483a7a3e0e33dc1cb9ead620fea34dd0cc764ee818d879dfd34f9a4264238a29728a3a6c66a63c3a17a8704565c673c3d0ce8954fbac690f58b019cb869f7eb97eeb5192bf9bddebd165f0257b887cdebda5c8b51451bcc081308a85387be679fe67559387fe4fe88d0eedf37292b5c289806dd159e31d0deab138ee039d0019a5ab219b79c3ccc23e687ebdc94d694db46451fbb22874e25389ce9dfaade2dbceab7b7e064474fd0aa3c9b7a730cd49d29264f122a6b828457479e9a7ce3b33f98350947d68c01d49c760787a3c6426d5befa0a6de41ee109538fa9c523acc79d614221f02c1671493b10af2c6f1ae631f114fd6c |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 009feac811b0f16247a5fc20d80523ace6 |
| Version | 3 |
Certificate 250ce8e030612e9f2b89f7054d7cf8fd
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 918d9eb6a6cd36c531eceb926170a7e1 |
| ToBeSigned (TBS) SHA1 | 0ae95700d65e6f59715aa47048993ca7858e676a |
| ToBeSigned (TBS) SHA256 | 47c46e6eaa3780eace3d0d891346cd373359d246b21a957219dbab4c8f37c166 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2006-11-08 00:00:00 |
| ValidTo | 2021-11-07 23:59:59 |
| Signature | 1302ddf8e88600f25af8f8200c59886207cecef74ef9bb59a198e5e138dd4ebc6618d3adeb18f20dc96d3e4a9420c33cbabd6554c6af44b310ad2c6b3eabd707b6b88163c5f95e2ee52a67cecd330c2ad7895603231fb3bee83a0859b4ec4535f78a5bff66cf50afc66d578d1978b7b9a2d157ea1f9a4bafbac98e127ec6bdff |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 250ce8e030612e9f2b89f7054d7cf8fd |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Certificate 1519396ee230f02cad1fcfdb077a35f0
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 7e2a6f93403382b4ec42463426d0a4b5 |
| ToBeSigned (TBS) SHA1 | 62acc697c0e2dc37f3d37ab79751637346e051e2 |
| ToBeSigned (TBS) SHA256 | 3e9a51973a839e5bc6e81c886e085b777d08ce2b24f816b7552cf2c44e322d59 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2015-02-20 00:00:00 |
| ValidTo | 2016-05-21 23:59:59 |
| Signature | e480eb7f78216a855e34dbcb712d3879d6b1744c823c8e78c3661e55182a5c1f3a03686169393ef8778c893a49604a79769f5ba7156426c5431ae729a8dc5f8e22b14d124e46eff3f4f660552a57250a15e15d07ad548a02cddf8a204b5010be387a05b1019f618cf15078d80a809a7272b1822a63862c7db194f12697a786001ef630ac9d8bf9f5475191f327b8ed4839dff1ef65e5eb8f91379a66366451f99cb633848c57d4392096e6080fa327b23fc3834ad4f6043904d6c5aeb35454a265b3fda38167cffa8394f092a74bad1ea386f63b7baeb95271a97fc3bff0a2bc96a834f280a254d7170e5cc2830f3bd0649178f8b04514ecd1103753b1762902 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 1519396ee230f02cad1fcfdb077a35f0 |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- KeLeaveCriticalRegion
- wcsncpy
- KeEnterCriticalRegion
- ExAcquireFastMutexUnsafe
- wcsrchr
- ExAcquireResourceSharedLite
- ExReleaseResourceLite
- _purecall
- ZwOpenEvent
- ZwConnectPort
- KeClearEvent
- PsProcessType
- ExFreePoolWithTag
- RtlInitUnicodeString
- KeSetEvent
- ProbeForWrite
- KeUnstackDetachProcess
- ZwRequestWaitReplyPort
- ZwWaitForSingleObject
- DbgBreakPoint
- ZwSetEvent
- IoGetCurrentProcess
- ZwFreeVirtualMemory
- ZwClose
- ObfReferenceObject
- ObfDereferenceObject
- RtlUnicodeStringToInteger
- ZwCreateSection
- ObOpenObjectByPointer
- KeStackAttachProcess
- KePulseEvent
- ZwAllocateVirtualMemory
- ObGetObjectSecurity
- SeAccessCheck
- SeReleaseSubjectContext
- SeCaptureSubjectContext
- PsThreadType
- ObReleaseObjectSecurity
- PsGetProcessExitTime
- MmSectionObjectType
- DbgPrint
- ExDeleteResourceLite
- ExInitializeResourceLite
- ZwReadFile
- swprintf
- ZwSetInformationFile
- ZwCreateFile
- ZwQueryInformationFile
- ZwWriteFile
- _wcsnicmp
- towupper
- ExAllocatePoolWithTag
- KeInitializeEvent
- ZwCreateEvent
- ZwCreateKey
- RtlAnsiStringToUnicodeString
- ZwNotifyChangeKey
- RtlInitAnsiString
- _snprintf
- RtlFreeUnicodeString
- ExSystemTimeToLocalTime
- _vsnprintf
- ObReferenceObjectByHandle
- RtlTimeToTimeFields
- ZwDeviceIoControlFile
- PsGetCurrentThreadId
- PsGetCurrentProcessId
- KeWaitForMultipleObjects
- ExGetPreviousMode
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- KeWaitForSingleObject
- KeSetPriorityThread
- PsCreateSystemThread
- PsTerminateSystemThread
- MmIsAddressValid
- KeDelayExecutionThread
- KeNumberProcessors
- PsLookupProcessByProcessId
- PsSetCreateProcessNotifyRoutine
- ZwOpenDirectoryObject
- ZwQueryInformationProcess
- ZwQuerySecurityObject
- NtSetInformationFile
- ZwDeleteValueKey
- ZwSetValueKey
- ZwQuerySystemInformation
- NtQueryInformationFile
- IoFileObjectType
- ZwQueryValueKey
- ZwQueryDirectoryFile
- NtCreateFile
- ZwEnumerateValueKey
- RtlLengthSecurityDescriptor
- ZwQueryDirectoryObject
- ZwSetSecurityObject
- ZwDuplicateObject
- ZwOpenProcess
- ZwTerminateProcess
- ZwDeleteKey
- ExReleaseFastMutexUnsafe
- ZwQueryKey
- ZwOpenKey
- MmSystemRangeStart
- _stricmp
- _strnicmp
- mbstowcs
- ProbeForRead
- RtlUpcaseUnicodeString
- _snwprintf
- ZwQuerySymbolicLinkObject
- ZwMapViewOfSection
- MmGetSystemRoutineAddress
- RtlAppendUnicodeToString
- IoCreateFile
- RtlQueryRegistryValues
- MmBuildMdlForNonPagedPool
- ZwOpenSymbolicLinkObject
- IoFreeMdl
- ObQueryNameString
- ZwUnmapViewOfSection
- NtClose
- IoFreeIrp
- PsGetVersion
- IoAllocateIrp
- RtlCompareMemory
- MmUnlockPages
- ZwSetInformationObject
- ZwOpenFile
- wcsncmp
- RtlImageNtHeader
- IoAllocateMdl
- IofCallDriver
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- RtlSubAuthoritySid
- RtlLengthRequiredSid
- ExReleaseFastMutex
- ExAcquireFastMutex
- RtlCreateAcl
- RtlSetDaclSecurityDescriptor
- RtlAddAccessAllowedAce
- KeInitializeSemaphore
- KeReleaseSemaphore
- RtlInitializeSid
- RtlCreateSecurityDescriptor
- IoDeleteSymbolicLink
- IoDeleteDevice
- ExEventObjectType
- IofCompleteRequest
- IoCreateSymbolicLink
- IoGetDeviceObjectPointer
- ObOpenObjectByName
- NtQueryInformationProcess
- strncpy
- NtOpenProcess
- ObInsertObject
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- IoReleaseVpbSpinLock
- wcschr
- strncat
- RtlUnicodeStringToAnsiString
- wcsncat
- RtlFreeAnsiString
- wcstombs
- IoGetConfigurationInformation
- IoRegisterPlugPlayNotification
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- KeReleaseSpinLock
- ExpInterlockedPopEntrySList
- FsRtlIsNameInExpression
- wcsstr
- ExAllocatePool
- IoUnregisterPlugPlayNotification
- MmProbeAndLockPages
- RtlCompareUnicodeString
- IoGetDeviceInterfaces
- DbgPrintEx
- KeAcquireSpinLockRaiseToDpc
- KeBugCheckEx
- IoCreateDevice
- IoDeviceObjectType
- SeCaptureSecurityDescriptor
- RtlAbsoluteToSelfRelativeSD
- IoIsWdmVersionAvailable
- SeExports
- RtlLengthSid
- RtlGetSaclSecurityDescriptor
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- ZwEnumerateKey
- ExAcquireResourceExclusiveLite
- __C_specific_handler
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QEAA@AEBV0@@Z
- ??0CAutoUpdateConfigThread@@QEAA@PEAU_UNICODE_STRING@@P6AX0PEAX@Z1@Z
- ??0CBlobConfig@@QEAA@AEBV0@@Z
- ??0CBlobConfig@@QEAA@K@Z
- ??0CContext@@QEAA@AEBV0@@Z
- ??0CContext@@QEAA@KP6AJPEAU_EVENT_REPORT@@PEAXPEAU_TMCE_REPORT@@PEAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QEAA@AEBV0@@Z
- ??0CContextList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QEAA@AEBV0@@Z
- ??0CDebugLog@@QEAA@PEBG@Z
- ??0CDebugLogEx@@QEAA@AEBV0@@Z
- ??0CDebugLogEx@@QEAA@K@Z
- ??0CDelayLoadThread@@QEAA@AEBV0@@Z
- ??0CDelayLoadThread@@QEAA@XZ
- ??0CExclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CExclusionExtConfig@@QEAA@KKE@Z
- ??0CExclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFileNameConfig@@QEAA@KK@Z
- ??0CExclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFilePathConfig@@QEAA@KK@Z
- ??0CExclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFolderConfig@@QEAA@KK@Z
- ??0CExclusionRegistryConfig@@QEAA@AEBV0@@Z
- ??0CExclusionRegistryConfig@@QEAA@KK@Z
- ??0CFile@@QEAA@AEBV0@@Z
- ??0CFile@@QEAA@E@Z
- ??0CFileExtension@@QEAA@AEBV0@@Z
- ??0CFileExtension@@QEAA@KEEPEAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CInclusionExtConfig@@QEAA@KKE@Z
- ??0CInclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFileNameConfig@@QEAA@KK@Z
- ??0CInclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFilePathConfig@@QEAA@KK@Z
- ??0CInclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFolderConfig@@QEAA@KK@Z
- ??0CKEvent@@QEAA@AEBV0@@Z
- ??0CKEvent@@QEAA@W4_EVENT_TYPE@@E@Z
- ??0CList@@QEAA@AEBV0@@Z
- ??0CList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QEAA@AEBV0@@Z
- ??0CLockEvent@@QEAA@XZ
- ??0CLockList@@QEAA@AEBV0@@Z
- ??0CLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IEAA@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QEAA@AEBV0@@Z
- ??0CMemoryPoolAllocator@@IEAA@W4_POOL_TYPE@@_K1K@Z
- ??0CMemoryPoolAllocator@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@XZ
- ??0CModuleConfigList@@QEAA@AEBV0@@Z
- ??0CModuleConfigList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QEAA@AEBV0@@Z
- ??0CModuleFileExtConfig@@QEAA@KKE@Z
- ??0CModuleFlagConfig@@QEAA@AEBV0@@Z
- ??0CModuleFlagConfig@@QEAA@K@Z
- ??0CModuleMultiStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleMultiStringConfig@@QEAA@KK@Z
- ??0CModuleStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleStringConfig@@QEAA@K@Z
- ??0CNoLockList@@QEAA@AEBV0@@Z
- ??0CNoLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QEAA@AEAVCLockEvent@@@Z
- ??0CSmartLock@@QEAA@XZ
- ??0CSmartReference@@QEAA@AEAJ@Z
- ??0CSmartReference@@QEAA@AEAK@Z
- ??0CSmartResource@@QEAA@AEAVCResource@@E@Z
- ??0CStrList@@QEAA@AEBV0@@Z
- ??0CStrList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QEAA@AEBV0@@Z
- ??0CSystemThread@@QEAA@K@Z
- ??0CUserFuncAdapterJob@@QEAA@AEBV0@@Z
- ??0CUserFuncAdapterJob@@QEAA@P6AXPEAX@Z01@Z
- ??0CWorkerThread@@IEAA@PEAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@E@Z
- ??0CWorkerThreadJobQueue@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJobQueue@@QEAA@K@Z
- ??0CWorkerThreadPool@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPool@@QEAA@K@Z
- ??0CWorkerThreadPoolEx@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPoolEx@@QEAA@KK@Z
- ??0IMemoryAllocator@@QEAA@AEBV0@@Z
- ??0IMemoryAllocator@@QEAA@XZ
- ??1CAutoUpdateConfigThread@@UEAA@XZ
- ??1CBlobConfig@@UEAA@XZ
- ??1CContext@@UEAA@XZ
- ??1CContextList@@UEAA@XZ
- ??1CDebugLog@@UEAA@XZ
- ??1CDebugLogEx@@UEAA@XZ
- ??1CDelayLoadThread@@UEAA@XZ
- ??1CExclusionExtConfig@@UEAA@XZ
- ??1CExclusionFileNameConfig@@UEAA@XZ
- ??1CExclusionFilePathConfig@@UEAA@XZ
- ??1CExclusionFolderConfig@@UEAA@XZ
- ??1CExclusionRegistryConfig@@UEAA@XZ
- ??1CFile@@UEAA@XZ
- ??1CFileExtension@@UEAA@XZ
- ??1CInclusionExtConfig@@UEAA@XZ
- ??1CInclusionFileNameConfig@@UEAA@XZ
- ??1CInclusionFilePathConfig@@UEAA@XZ
- ??1CInclusionFolderConfig@@UEAA@XZ
- ??1CKEvent@@UEAA@XZ
- ??1CList@@UEAA@XZ
- ??1CLockEvent@@UEAA@XZ
- ??1CLockList@@UEAA@XZ
- ??1CMemoryAllocator@@UEAA@XZ
- ??1CMemoryPoolAllocator@@UEAA@XZ
- ??1CModuleConfig@@UEAA@XZ
- ??1CModuleConfigList@@UEAA@XZ
- ??1CModuleFileExtConfig@@UEAA@XZ
- ??1CModuleFlagConfig@@UEAA@XZ
- ??1CModuleMultiStringConfig@@UEAA@XZ
- ??1CModuleStringConfig@@UEAA@XZ
- ??1CNoLockList@@UEAA@XZ
- ??1CSmartLock@@QEAA@XZ
- ??1CSmartReference@@QEAA@XZ
- ??1CSmartResource@@QEAA@XZ
- ??1CStrList@@UEAA@XZ
- ??1CSystemThread@@UEAA@XZ
- ??1CUserFuncAdapterJob@@UEAA@XZ
- ??1CWorkerThread@@UEAA@XZ
- ??1CWorkerThreadJob@@UEAA@XZ
- ??1CWorkerThreadJobQueue@@UEAA@XZ
- ??1CWorkerThreadPool@@UEAA@XZ
- ??1CWorkerThreadPoolEx@@UEAA@XZ
- ??1IMemoryAllocator@@UEAA@XZ
- ??2@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??2CMemoryAllocator@@SAPEAX_K@Z
- ??2CMemoryPoolAllocator@@SAPEAX_K@Z
- ??3@YAXPEAX@Z
- ??3IMemoryAllocator@@SAXPEAX@Z
- ??4CAutoUpdateConfigThread@@QEAAAEAV0@AEBV0@@Z
- ??4CBlobConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CContext@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLog@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLogEx@@QEAAAEAV0@AEBV0@@Z
- ??4CDelayLoadThread@@QEAAAEAV0@AEBV0@@Z
- ??4CFile@@QEAAAEAV0@AEBV0@@Z
- ??4CKEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CLockEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryPoolAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleFlagConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleStringConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEBV0@AEAVCLockEvent@@@Z
- ??4CSmartResource@@QEAAAEAV0@AEBV0@@Z
- ??4CSystemThread@@QEAAAEAV0@AEBV0@@Z
- ??4CUserFuncAdapterJob@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThread@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThreadJob@@QEAAAEAV0@AEBV0@@Z
- ??4IMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QEAAXXZ
- ??_FCFile@@QEAAXXZ
- ??_FCFileExtension@@QEAAXXZ
- ??_FCModuleConfigList@@QEAAXXZ
- ??_FCStrList@@QEAAXXZ
- ??_FCSystemThread@@QEAAXXZ
- ??_FCWorkerThread@@QEAAXXZ
- ??_FCWorkerThreadJob@@QEAAXXZ
- ??_FCWorkerThreadJobQueue@@QEAAXXZ
- ??_U@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??_V@YAXPEAX@Z
- ?Acquire@CLockEvent@@QEAAXXZ
- ?Add@CContextList@@QEAAEPEAVCContext@@@Z
- ?Add@CFileExtension@@QEAAEPEBGK@Z
- ?Add@CModuleConfigList@@QEAAEPEAVCModuleConfig@@@Z
- ?Add@CStrList@@QEAAEPEBG@Z
- ?AddNode@CLockList@@UEAAEQEAXE@Z
- ?AddNode@CNoLockList@@UEAAEQEAXE@Z
- ?Alloc@CMemoryAllocator@@UEAAPEAX_KPEBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UEAAPEAX_KPEBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IEAAPEAX_K@Z
- ?AttachJobQueue@CWorkerThread@@QEAAXPEAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QEAAXXZ
- ?CheckNode@CLockList@@UEAAHQEAX@Z
- ?CheckNode@CNoLockList@@UEAAHQEAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QEAAXXZ
- ?Cleanup@CBlobConfig@@AEAAXXZ
- ?Cleanup@CModuleFileExtConfig@@IEAAXXZ
- ?Cleanup@CModuleMultiStringConfig@@IEAAXXZ
- ?Cleanup@CModuleStringConfig@@AEAAXXZ
- ?Close@CFile@@QEAAJXZ
- ?Count@CLockList@@QEAAKXZ
- ?Count@CNoLockList@@QEAAKXZ
- ?Create@CFile@@QEAAJPEBGKKKK@Z
- ?Create@CSystemThread@@QEAAEXZ
- ?CreateInstance@CMemoryAllocator@@SAPEAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SAPEAV1@W4_POOL_TYPE@@_K1K@Z
- ?CreatePool@CWorkerThreadPool@@QEAAEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QEAAEXZ
- ?CreateThreads@CWorkerThreadPool@@QEAAEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QEAAEK@Z
- ?CreateWIRP@CFile@@QEAAJPEBGKKKK@Z
- ?Delete@CFile@@QEAAJXZ
- ?Delete@CFileExtension@@QEAAEPEBGK@Z
- ?Delete@CStrList@@QEAAEPEBG@Z
- ?DeleteAll@CList@@UEAAXXZ
- ?DeleteAll@CLockList@@UEAAXXZ
- ?DeleteAll@CNoLockList@@UEAAXXZ
- ?DeleteNode@CContextList@@MEAAXPEAX@Z
- ?DeleteNode@CList@@UEAAXPEAX@Z
- ?DeleteNode@CModuleConfigList@@MEAAXPEAX@Z
- ?DeleteNode@CStrList@@EEAAXPEAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YAXPEAPEAX@Z
- ?DoIt@CWorkerThreadJob@@QEAAJXZ
- ?EntryPoint@CSystemThread@@KAXPEAX@Z
- ?Find@CContextList@@QEAAPEAVCContext@@K@Z
- ?Find@CContextList@@QEAAPEAVCContext@@PEAX@Z
- ?Find@CFileExtension@@QEAAPEAU_STR_LIST_NODE@CStrList@@PEBGK@Z
- ?Find@CModuleConfigList@@QEAAPEAVCModuleConfig@@K@Z
- ?Find@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FindNode@CContextList@@IEAAPEAXPEAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?FinishIt@CWorkerThreadJob@@QEAAJXZ
- ?First@CList@@UEAAPEAXXZ
- ?First@CLockList@@UEAAPEAXXZ
- ?First@CNoLockList@@UEAAPEAXXZ
- ?Free@CMemoryAllocator@@UEAAXPEAX@Z
- ?Free@CMemoryPoolAllocator@@UEAAXPEAX@Z
- ?GetAttributes@CFile@@QEAAKXZ
- ?GetBasicInfomration@CFile@@IEAAJXZ
- ?GetBlobCofig@CContext@@UEAAJKPEAXPEAK@Z
- ?GetCategory@CContext@@QEAAKXZ
- ?GetData@CBlobConfig@@QEAAHPEAXPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAPEAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QEAAKXZ
- ?GetData@CModuleMultiStringConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleMultiStringConfig@@QEAAPEAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QEAAPEAGXZ
- ?GetData@CStrList@@QEAAEPEAGPEAK@Z
- ?GetDataType@CModuleConfig@@QEAAKXZ
- ?GetEngineContext@CContext@@QEAAPEAXXZ
- ?GetFileExtensionConfig@CContext@@QEAAPEAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetFileSize@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UEAAJKPEAK@Z
- ?GetID@CModuleConfig@@QEAAKXZ
- ?GetJob@CWorkerThreadJobQueue@@QEAAPEAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QEAAKXZ
- ?GetLinkContext@CContext@@QEAAPEAXXZ
- ?GetLogFlag@CDebugLog@@QEAAKXZ
- ?GetLogFlag@CDebugLogEx@@QEAAKXZ
- ?GetModuleId@CModuleConfig@@QEAAKXZ
- ?GetMultiStringConfig@CContext@@QEAAPEAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QEAA_KXZ
- ?GetSize@CBlobConfig@@QEAAKXZ
- ?GetStringConfig@CContext@@QEAAPEAGK@Z
- ?GetStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QEAAKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QEAAKXZ
- ?GetThreadID@CSystemThread@@QEAA_KXZ
- ?GetType@CContext@@QEAAKXZ
- ?GetUserParameter@CContext@@QEAA_KXZ
- ?InitProcMon@CDebugLogEx@@IEAAXXZ
- ?InitializeBlobConfig@CContext@@QEAAHKPEAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeFlagConfig@CContext@@QEAAHKK@Z
- ?InitializeMultiStringConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeStringConfig@CContext@@QEAAHKPEBG@Z
- ?Insert@CList@@UEAAXQEAXE@Z
- ?Insert@CLockList@@UEAAXQEAXE@Z
- ?Insert@CNoLockList@@UEAAXQEAXE@Z
- ?InsertAfter@CList@@UEAAXPEAX0@Z
- ?InsertBefore@CList@@UEAAXPEAX0@Z
- ?Instance@CWorkerThreadPool@@SAPEAV1@XZ
- ?IsEmpty@CList@@UEAAEXZ
- ?IsEmpty@CLockList@@UEAAEXZ
- ?IsEmpty@CNoLockList@@UEAAEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IEAAEK@Z
- ?IsFull@CLockList@@QEBAEXZ
- ?IsFull@CNoLockList@@QEBAEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QEAAEPEBG@Z
- ?IsOpened@CFile@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPool@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QEAAEXZ
- ?IsValid@CMemoryAllocator@@UEAAEXZ
- ?IsValid@CMemoryPoolAllocator@@UEAAEXZ
- ?IsValid@IMemoryAllocator@@UEAAEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QEAAE_K@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QEAAE_K@Z
- ?JobFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?JobQueue@CWorkerThreadPool@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QEAAKXZ
- ?Limit@CNoLockList@@QEAAKXZ
- ?MatchAllExtensions@CFileExtension@@QEAAEXZ
- ?MatchNoExtensions@CFileExtension@@QEAAEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?NeedDelete@CWorkerThreadJob@@QEAAEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QEAAXE@Z
- ?NewNode@CList@@UEAAPEAXXZ
- ?NewNode@CStrList@@EEAAPEAXXZ
- ?NewNodeVariant@CList@@IEAAPEAXK@Z
- ?Next@CList@@UEBAPEAXQEAX@Z
- ?Next@CLockList@@UEBAPEAXQEAX@Z
- ?Next@CNoLockList@@UEBAPEAXQEAX@Z
- ?NextPool@CMemoryPoolAllocator@@QEAAPEAV1@XZ
- ?NotityTerminate@CWorkerThread@@QEAAXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QEAAJP6AXPEAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QEAAJP6AXPEAX@Z0E1@Z
- ?Pulse@CKEvent@@QEAAJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QEAAEPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SAPEAV1@XZ
- ?Read@CFile@@QEAAJPEADKPEAK@Z
- ?ReadWIRP@CFile@@QEAAJPEADKPEAK@Z
- ?ReferenceCount@CContext@@QEAAAEAKXZ
- ?Release@CLockEvent@@QEAAXXZ
- ?Remove@CContextList@@UEAAEQEAX@Z
- ?Remove@CList@@UEAAEQEAX@Z
- ?Remove@CLockList@@UEAAEQEAX@Z
- ?Remove@CNoLockList@@UEAAEQEAX@Z
- ?RemoveHead@CList@@UEAAPEAXXZ
- ?RemoveHead@CLockList@@UEAAPEAXXZ
- ?RemoveHead@CNoLockList@@UEAAPEAXXZ
- ?RemoveTail@CList@@UEAAPEAXXZ
- ?RemoveTail@CLockList@@UEAAPEAXXZ
- ?RemoveTail@CNoLockList@@UEAAPEAXXZ
- ?Reset@CKEvent@@QEAAXXZ
- ?ResetData@CInclusionExtConfig@@QEAAXXZ
- ?ResetData@CInclusionFileNameConfig@@QEAAXXZ
- ?ResetData@CInclusionFilePathConfig@@QEAAXXZ
- ?ResetData@CInclusionFolderConfig@@QEAAXXZ
- ?RestoreCR0@@YAXPEAX@Z
- ?Run@CAutoUpdateConfigThread@@UEAAXXZ
- ?Run@CDelayLoadThread@@UEAAXXZ
- ?Run@CWorkerThread@@UEAAXXZ
- ?SeekToEnd@CFile@@QEAAJXZ
- ?Set@CKEvent@@QEAAJJE@Z
- ?SetAttributes@CFile@@QEAAJK@Z
- ?SetBlobCofig@CContext@@UEAAJKPEAXK@Z
- ?SetData@CBlobConfig@@QEAAHPEAXK@Z
- ?SetData@CModuleFileExtConfig@@QEAAHPEBG@Z
- ?SetData@CModuleFlagConfig@@QEAAHK@Z
- ?SetData@CModuleMultiStringConfig@@QEAAHPEBGK@Z
- ?SetData@CModuleStringConfig@@QEAAHPEBG@Z
- ?SetEngineContext@CContext@@QEAAXPEAX@Z
- ?SetFileExtensionConfig@CContext@@UEAAJKPEBG@Z
- ?SetFlagConfig@CContext@@UEAAJKK@Z
- ?SetLinkContext@CContext@@QEAAXPEAX@Z
- ?SetLogFlag@CDebugLog@@QEAAEK@Z
- ?SetLogFlag@CDebugLogEx@@QEAAEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QEAAXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QEAAXE@Z
- ?SetMultiStringConfig@CContext@@UEAAJKPEBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QEAAXXZ
- ?SetPriority@CSystemThread@@QEAAXK@Z
- ?SetStopUse@CContext@@QEAAXXZ
- ?SetStringConfig@CContext@@UEAAJKPEBG@Z
- ?Setup@CSystemThread@@MEAAXXZ
- ?StopUse@CContext@@QEAAHXZ
- ?TearDown@CSystemThread@@MEAAXXZ
- ?Terminate@CSystemThread@@QEAAXE@Z
- ?Terminate@CWorkerThreadPool@@QEAAEXZ
- ?Terminate@CWorkerThreadPoolEx@@QEAAEXZ
- ?TmExceptionFilter@@YAJPEAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QEAAJPEAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QEAAXXZ
- ?WaitForInit@CDelayLoadThread@@QEAAEXZ
- ?WaitForLoad@CDelayLoadThread@@QEAAEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QEAAEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QEAAXXZ
- ?Write@CDebugLog@@QEAAXPEBDZZ
- ?Write@CDebugLogEx@@QEAAXPEBDZZ
- ?Write@CFile@@QEAAJPEADKPEAT_LARGE_INTEGER@@PEAK@Z
- ?WriteDataToFile@CDebugLogEx@@IEAAXPEADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IEAAXPEAD@Z
- ?WriteSystemInformation@CDebugLog@@QEAAXXZ
- ?WriteSystemInformation@CDebugLogEx@@QEAAXXZ
- ?WriteSystemStringInformation@CDebugLog@@IEAAXPEBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IEAAXPEBG@Z
- ?WriteToFile@CDebugLog@@IEAAXPEADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IEAAXPEAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?_pPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?m_lpInstance@CWorkerThreadPool@@1PEAV1@EA
- ?m_lpRCMInstance@CWorkerThreadPool@@1PEAV1@EA
- DeInitKm2UmCommunication
- DeInitKmLPC
- DuplicateFullFileName
- FreeFullFileName
- GetKm2UmMode
- GetModuleInfoByAddress
- GetModuleInfoByModuleName
- InitKm2UmCommunication
- InitKmLPC
- IsVerifierCodeCheckFlagOn
- IsWindows8_1_update
- KmCallUm
- KmCallUmByLPC
- KmCallUmEx
- KmCleanupCommPortAPIs
- KmGetUmInitProcess
- KmSetCommPortAPIs
- ModGetExportProcAddress
- ModLoadDLLToBuffer
- ModLoadDLLToBufferWithImageSize
- ModLoadModule
- ModUnLoadModule
- NormalizeFileName
- NormalizeFullNtPathToDosName
- TmCommConfigRoutine
- UtilAddDeviceInDriveTable
- UtilAddReparsePointMapping
- UtilCleanFileReadOnly
- UtilCloseExclusiveHandle
- UtilCreateDosFileName
- UtilDeleteFileForce
- UtilGetDeviceObjectName
- UtilGetFileNameFromFileObject
- UtilGetFileObjectForProcessByEPROC
- UtilGetFileObjectFromFileName
- UtilGetProcessName
- UtilGetSystemDirectory
- UtilGetSystemDirectoryEx
- UtilGetSystemDirectoryLength
- UtilGetSystemTime
- UtilIoSetFileInfo
- UtilIopCreateFileIRP
- UtilKeGetLowFileDevice
- UtilModuleIATHook
- UtilModuleIATUnHook
- UtilPostJobToWorkerThread
- UtilQueryExclusiveHandle
- UtilQueryKeyValue
- UtilRemoveDeviceFromDriveTable
- UtilVolumeDeviceToDosName
- UtilWaitValueChangeToZero
- UtilWriteVersionToRegistry
- UtilbuildDynamicDiskMappingTable
- UtlWriteBinValueKeyToRegistry
- ValidateAddressWithSize
- _ResetProtectFromClose
- _UtilDosPathNameToNtPathName
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 7e93ebfb7cc64e59ea4b9a77d406fc3b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d0785ad36e427c92b19f6826ab1e8020 |
| ToBeSigned (TBS) SHA1 | 365b7a9c21bd9373e49052c3e7b3e4646ddd4d43 |
| ToBeSigned (TBS) SHA256 | c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2 |
| ValidFrom | 2012-12-21 00:00:00 |
| ValidTo | 2020-12-30 23:59:59 |
| Signature | 03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 7e93ebfb7cc64e59ea4b9a77d406fc3b |
| Version | 3 |
Certificate 0ecff438c8febf356e04d86a981b1a50
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e9d38360b914c8863f6cba3ee58764d3 |
| ToBeSigned (TBS) SHA1 | 4cba8eae47b6bf76f20b3504b98b8f062694a89b |
| ToBeSigned (TBS) SHA256 | 88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4 |
| ValidFrom | 2012-10-18 00:00:00 |
| ValidTo | 2020-12-29 23:59:59 |
| Signature | 783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0ecff438c8febf356e04d86a981b1a50 |
| Version | 3 |
Certificate 0ea0fe4dfb74cc64bc32143103c27c8b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e93e004baa6013b41135ac0648e29d5b |
| ToBeSigned (TBS) SHA1 | dc91e26674d4b627319c700d3ebb1a6cf83d358e |
| ToBeSigned (TBS) SHA256 | 0d20335edb166a303411548471bee6f301c8b4f7f7e453d09c15303de2c888d7 |
| Subject | C=TW, L=Taipei, O=Trend Micro, Inc., OU=Taipei, TW, CN=Trend Micro, Inc. |
| ValidFrom | 2019-07-12 00:00:00 |
| ValidTo | 2020-07-10 12:00:00 |
| Signature | 5c08ae5d586a4751195382d6889dc2fc500e7c39c641e1a58def8d923e12b754e2cc35720cc8d3d29382980debf7d98fcc17d764187126dd07c134fdbb96dd44fe8a40195df6f6acd1881fa5ba2921dadceb3f64422344672834813916bbdf317533cf6aaf3317d78197d7d6c560ad681de135f39e2d4ad345b7fe491162660a5462c6075fd725382df1e6e6bc3a4c443be778f79b07f181082e38150ca28ab932f99e4bc4185dc5b3b6edf22c187fdfd84e23a21e7da1989837f43b89aa172e6b34dbcb297bffd511a1d1c100b25e0e921f622a0845e23317f9fec83659ca21c241800683e0dd66ce4d042a8aefc4142b5923a6fa93ee72c48e8dc04c13b4b0 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0ea0fe4dfb74cc64bc32143103c27c8b |
| Version | 3 |
Certificate 61204db4000000000027
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 8e3ffc222fbcebdbb8b23115ab259be7 |
| ToBeSigned (TBS) SHA1 | ee20bff28ffe13be731c294c90d6ded5aae0ec0e |
| ToBeSigned (TBS) SHA256 | 59826b69bc8c28118c96323b627da59aaca0b142cc5d8bad25a8fcfd399aa821 |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA |
| ValidFrom | 2011-04-15 19:45:33 |
| ValidTo | 2021-04-15 19:55:33 |
| Signature | 208cc159ed6f9c6b2dc14a3e751d454c41501cbd80ead9b0928b062a133f53169e56396a8a63b6782479f57db8b947a10a96c2f6cbbda2669f06e1acd279090efd3cdcac020c70af3f1bec787ed4eb4b056026d973619121edb06863e09712ab6fa012edd99fd2da273cb3e456f9d1d4810f71bd427ca689dccdd5bd95a2abf193117de8ac3129a85d6670419dfc75c9d5b31a392ad08505508bac91cac493cb71a59da4946f580cfa6e20c40831b5859d7e81f9d23dca5b18856c0a86ec22091ba574344f7f28bc954aab1db698b05d09a477767eefa78e5d84f61824cbd16da6c3a19cc2107580ff9d32fde6cf433a82f7ce8fe1722a9b62b75fed951a395c2f946d48b7015f332fbbdc2d73348904420a1c8b79f9a3fa17effaa11a10dfe0b2c195eb5c0c05973b353e18884ddb6cbf24898dc8bdd89f7b393a24a0d5dfd1f34a1a97f6a66f7a1fb090a9b3ac013991d361b764f13e573803afce7ad2b590f5aedc3999d5b63c97eda6cb16c77d6b2a4c9094e64c54fd1ecd20ecce689c8758e96160beeb0ec9d5197d9fe978bd0eac2175078fa96ee08c6a2a6b9ce3e765bcbc2d3c6ddc04dc67453632af0481bca8006e614c95c55cd48e8e9f2fc13274bdbd11650307cdefb75e0257da86d41a2834af8849b2cfa5dd82566f68aa14e25954feffeaeeefea9270226081e32523c09fcc0f49b235aa58c33ac3d9169410 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 61204db4000000000027 |
| Version | 3 |
Certificate 02c4d1e58a4a680c568da3047e7e4d5f
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 829995f702421dea833a24fb2c7f4442 |
| ToBeSigned (TBS) SHA1 | 1d7e838accd498c2e5ba9373af819ec097bb955c |
| ToBeSigned (TBS) SHA256 | 92914d016cc46e125e50c4bd0bd7f72db87eed4ba68f3c589b4e86aa563108db |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance Code Signing CA,1 |
| ValidFrom | 2011-02-11 12:00:00 |
| ValidTo | 2026-02-10 12:00:00 |
| Signature | 49eb7c60beaeefc97cb3c5ba4b64df1669e286fa29d9de98857d406626332f4455aaaa90e935700a34bed3ae542e8e6500d67a32203e6c26b898a939b1bc95c7aae9f5ee4666c6b3e812f8b3979dff74588234997550ac448fe892ce7d8b0f3196c7dcd31130987416c6e56b4576a39401cd33007a48f66f8631c9562b3322d5f801b644ce8cb4ca88d2e416e3e7f6e23ee109c09d7943437f555c05ad9310c62c0d6bc09eea78e5d277d6b8da9a987fba4c922b9dbda488b1ddafc34cd2979b03c6ae5f1b440f333715e3cbff2f56d316a45b55679da2cadb346c0c734ab57ba4b6b3e935027870ec007acbfc4b4f2236bb1484c98f91dd0f3c758cca0b88e7 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 02c4d1e58a4a680c568da3047e7e4d5f |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- CLASSPNP.SYS
- HAL.dll
Imported Functions
Expand
- ProbeForRead
- ProbeForWrite
- ExAcquireResourceSharedLite
- ExAcquireResourceExclusiveLite
- ExReleaseResourceLite
- MmProbeAndLockPages
- MmUnlockPages
- MmMapLockedPagesSpecifyCache
- IoAllocateMdl
- IoFreeMdl
- IoGetCurrentProcess
- ObfReferenceObject
- ObfDereferenceObject
- ZwClose
- ZwCreateSection
- ZwOpenSection
- ZwMapViewOfSection
- ZwUnmapViewOfSection
- ZwOpenEvent
- KePulseEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObOpenObjectByPointer
- ZwAllocateVirtualMemory
- ZwFreeVirtualMemory
- ZwSetEvent
- _allmul
- memcpy
- memset
- PsProcessType
- wcsncpy
- wcsrchr
- RtlUnicodeStringToInteger
- ZwWaitForSingleObject
- ZwRequestWaitReplyPort
- ZwConnectPort
- swprintf
- RtlCopyUnicodeString
- DbgPrint
- KeDelayExecutionThread
- KeQuerySystemTime
- ExAllocatePoolWithTag
- ExInitializeResourceLite
- ExDeleteResourceLite
- PsGetVersion
- IofCompleteRequest
- IoCreateSymbolicLink
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoGetDeviceObjectPointer
- ObReferenceObjectByHandle
- PsGetCurrentProcessId
- ZwCreateEvent
- ExEventObjectType
- MmSectionObjectType
- PsThreadType
- SeCaptureSubjectContext
- SeReleaseSubjectContext
- SeAccessCheck
- ObGetObjectSecurity
- ObReleaseObjectSecurity
- PsGetProcessExitTime
- RtlCreateSecurityDescriptor
- RtlSetDaclSecurityDescriptor
- KeInitializeSemaphore
- KeReleaseSemaphore
- RtlCreateAcl
- RtlAddAccessAllowedAce
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- ExGetPreviousMode
- _wcsnicmp
- PsSetCreateProcessNotifyRoutine
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- MmIsAddressValid
- ZwCreateFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwReadFile
- ZwWriteFile
- towupper
- MmGetSystemRoutineAddress
- ObReferenceObjectByPointer
- ObQueryNameString
- MmHighestUserAddress
- _snprintf
- _vsnprintf
- RtlInitAnsiString
- RtlAnsiStringToUnicodeString
- RtlFreeUnicodeString
- RtlTimeToTimeFields
- KeWaitForMultipleObjects
- ExSystemTimeToLocalTime
- ZwCreateKey
- PsGetCurrentThreadId
- ZwDeviceIoControlFile
- ZwNotifyChangeKey
- ExReleaseFastMutexUnsafe
- ZwQueryVolumeInformationFile
- mbstowcs
- _stricmp
- RtlImageNtHeader
- ZwQuerySystemInformation
- _strnicmp
- RtlCompareUnicodeString
- RtlCompareMemory
- MmBuildMdlForNonPagedPool
- IoAllocateIrp
- IofCallDriver
- IoFreeIrp
- RtlUpperChar
- ObReferenceObjectByName
- IoFileObjectType
- IoDriverObjectType
- IoBuildDeviceIoControlRequest
- IoCreateFile
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlUpcaseUnicodeChar
- RtlPrefixUnicodeString
- _snwprintf
- strncpy
- NtOpenProcess
- NtQueryInformationProcess
- PsIsThreadTerminating
- ObOpenObjectByName
- KeServiceDescriptorTable
- KeAddSystemServiceTable
- KeSetPriorityThread
- PsCreateSystemThread
- PsTerminateSystemThread
- KeNumberProcessors
- RtlLengthSecurityDescriptor
- ZwOpenKey
- ZwDeleteKey
- ZwDeleteValueKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryKey
- ZwQueryValueKey
- ZwSetValueKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwQuerySecurityObject
- ZwSetSecurityObject
- ZwQueryDirectoryObject
- ZwQueryDirectoryFile
- _allrem
- RtlAppendUnicodeToString
- ZwFsControlFile
- ObInsertObject
- strrchr
- wcschr
- wcsncmp
- RtlQueryRegistryValues
- IoBuildAsynchronousFsdRequest
- ZwOpenSymbolicLinkObject
- ZwQuerySymbolicLinkObject
- RtlUpcaseUnicodeString
- NtClose
- ZwSetInformationObject
- SeQueryAuthenticationIdToken
- MmSystemRangeStart
- IoGetFileObjectGenericMapping
- ObCreateObject
- SeCreateAccessState
- IoAcquireVpbSpinLock
- IoReleaseVpbSpinLock
- wcstombs
- strncat
- wcsncat
- RtlUnicodeStringToAnsiString
- RtlFreeAnsiString
- wcsstr
- ExAllocatePool
- ExInterlockedPopEntrySList
- IoBuildSynchronousFsdRequest
- IoGetStackLimits
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- IoUnregisterPlugPlayNotification
- IoGetConfigurationInformation
- FsRtlIsNameInExpression
- RtlUnwind
- IoDeviceObjectType
- IoCreateDevice
- RtlGetOwnerSecurityDescriptor
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- SeCaptureSecurityDescriptor
- RtlLengthSid
- SeExports
- IoIsWdmVersionAvailable
- RtlAbsoluteToSelfRelativeSD
- ExAcquireFastMutexUnsafe
- ExFreePoolWithTag
- KeBugCheckEx
- KeWaitForSingleObject
- KeLeaveCriticalRegion
- KeEnterCriticalRegion
- KeSetEvent
- KeClearEvent
- KeInitializeEvent
- RtlInitUnicodeString
- KeGetCurrentThread
- memmove
- ZwOpenFile
- _purecall
- ClassInitialize
- KfRaiseIrql
- KeReleaseQueuedSpinLock
- KeAcquireQueuedSpinLock
- KfAcquireSpinLock
- KfLowerIrql
- KeGetCurrentIrql
- ExReleaseFastMutex
- ExAcquireFastMutex
- KeRaiseIrqlToDpcLevel
- KfReleaseSpinLock
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CDebugLogEx@@QAE@ABV0@@Z
- ??0CDebugLogEx@@QAE@K@Z
- ??0CDelayLoadThread@@QAE@ABV0@@Z
- ??0CDelayLoadThread@@QAE@XZ
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QAE@ABV0@@Z
- ??0CInclusionExtConfig@@QAE@KKE@Z
- ??0CInclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CInclusionFileNameConfig@@QAE@KK@Z
- ??0CInclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CInclusionFilePathConfig@@QAE@KK@Z
- ??0CInclusionFolderConfig@@QAE@ABV0@@Z
- ??0CInclusionFolderConfig@@QAE@KK@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CNoLockList@@QAE@ABV0@@Z
- ??0CNoLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CSmartResource@@QAE@AAVCResource@@E@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z01@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0CWorkerThreadPoolEx@@QAE@ABV0@@Z
- ??0CWorkerThreadPoolEx@@QAE@KK@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CDebugLogEx@@UAE@XZ
- ??1CDelayLoadThread@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CInclusionExtConfig@@UAE@XZ
- ??1CInclusionFileNameConfig@@UAE@XZ
- ??1CInclusionFilePathConfig@@UAE@XZ
- ??1CInclusionFolderConfig@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CNoLockList@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CSmartResource@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1CWorkerThreadPoolEx@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3@YAXPAXI@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CDebugLogEx@@QAEAAV0@ABV0@@Z
- ??4CDelayLoadThread@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSmartResource@@QAEAAV0@ABV0@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?AddNode@CNoLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CheckNode@CNoLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Count@CNoLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteAll@CNoLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MAEXXZ
- ?FinishIt@CWorkerThreadJob@@QAEJXZ
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?First@CNoLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetLogFlag@CDebugLogEx@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QAEPAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitProcMon@CDebugLogEx@@IAEXXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?Insert@CNoLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsEmpty@CNoLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsFull@CNoLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QAEEPBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?Limit@CNoLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?Next@CNoLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QAEJP6GXPAX@Z0E1@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReadWIRP@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?Remove@CNoLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveHead@CNoLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?RemoveTail@CNoLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?ResetData@CInclusionExtConfig@@QAEXXZ
- ?ResetData@CInclusionFileNameConfig@@QAEXXZ
- ?ResetData@CInclusionFilePathConfig@@QAEXXZ
- ?ResetData@CInclusionFolderConfig@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CDelayLoadThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBGK@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetLogFlag@CDebugLogEx@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?Terminate@CWorkerThreadPoolEx@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitForInit@CDelayLoadThread@@QAEEXZ
- ?WaitForLoad@CDelayLoadThread@@QAEEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QAEXXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CDebugLogEx@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteDataToFile@CDebugLogEx@@IAEXPADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IAEXPAD@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemInformation@CDebugLogEx@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IAEXPAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _AllocFullFileName@8
- _DeInitKm2UmCommunication@0
- _DeInitKmLPC@0
- _DuplicateFullFileName@4
- _FreeFullFileName@4
- _GetKm2UmMode@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKm2UmCommunication@8
- _InitKmLPC@0
- _IsVerifierCodeCheckFlagOn@0
- _IsWindows8_1_update@4
- _KmCallUm@8
- _KmCallUmByLPC@8
- _KmCallUmEx@12
- _KmCleanupCommPortAPIs@0
- _KmGetUmInitProcess@0
- _KmSetBackupCommPortAPIs@4
- _KmSetCommPortAPIs@4
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadDLLToBufferWithImageSize@8
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilAddDeviceInDriveTable@4
- _UtilAddReparsePointMapping@8
- _UtilCleanFileReadOnly@4
- _UtilCloseExclusiveHandle@12
- _UtilCreateDosFileName@8
- _UtilDeleteFileForce@4
- _UtilGetDeviceObjectName@8
- _UtilGetFileNameFromFileObject@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemDirectory@4
- _UtilGetSystemDirectoryEx@0
- _UtilGetSystemDirectoryLength@0
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilPostJobToWorkerThread@12
- _UtilQueryExclusiveHandle@12
- _UtilQueryKeyValue@24
- _UtilRemoveDeviceFromDriveTable@4
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- _UtlWriteBinValueKeyToRegistry@16
- _ValidateAddressWithSize@20
- __ResetProtectFromClose@4
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 3825d7faf861af9ef490e726b5d65ad5
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d6c7684e9aaa508cf268335f83afe040 |
| ToBeSigned (TBS) SHA1 | 18066d20ad92409c567cdfde745279ff71c75226 |
| ToBeSigned (TBS) SHA256 | a612fb22ce8be6dab75e47c98508f98496583e79c9c97b936a8caee9ea9f3fff |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer , G2 |
| ValidFrom | 2007-06-15 00:00:00 |
| ValidTo | 2012-06-14 23:59:59 |
| Signature | 50c54bc82480dfe40d24c2de1ab1a102a1a6822d0c831581370a820e2cb05a1761b5d805fe88dbf19191b3561a40a6eb92be3839b07536743a984fe437ba9989ca95421db0b9c7a08d57e0fad5640442354e01d133a217c84daa27c7f2e1864c02384d8378c6fc53e0ebe00687dda4969e5e0c98e2a5bebf8285c360e1dfad28d8c7a54b64dac71b5bbdac3908d53822a1338b2f8a9aebbc07213f44410907b5651c24bc48d34480eba1cfc902b414cf54c716a3805cf9793e5d727d88179e2c43a2ca53ce7d3df62a3ab84f9400a56d0a835df95e53f418b3570f70c3fbf5ad95a00e17dec4168060c90f2b6e8604f1ebf47827d105c5ee345b5eb94932f233 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 3825d7faf861af9ef490e726b5d65ad5 |
| Version | 3 |
Certificate 47bf1995df8d524643f7db6d480d31a4
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 518d2ea8a21e879c942d504824ac211c |
| ToBeSigned (TBS) SHA1 | 21ce87d827077e61abddf2beba69fde5432ea031 |
| ToBeSigned (TBS) SHA256 | 1ec3b4f02e03930a470020e0e48d24b84678bb558f46182888d870541f5e25c7 |
| Subject | C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA |
| ValidFrom | 2003-12-04 00:00:00 |
| ValidTo | 2013-12-03 23:59:59 |
| Signature | 4a6bf9ea58c2441c318979992b96bf82ac01d61c4ccdb08a586edf0829a35ec8ca9313e704520def47272f0038b0e4c9934e9ad4226215f73f37214f703180f18b3887b3e8e89700fecf55964e24d2a9274e7aaeb76141f32acee7c9d95eddbb2b853eb59db5d9e157ffbeb4c57ef5cf0c9ef097fe2bd33b521b1b3827f73f4a |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 47bf1995df8d524643f7db6d480d31a4 |
| Version | 3 |
Certificate 4191a15a3978dfcf496566381d4c75c2
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 41011f8d0e7c7a6408334ca387914c61 |
| ToBeSigned (TBS) SHA1 | c7fc1727f5b75a6421a1f95c73bbdb23580c48e5 |
| ToBeSigned (TBS) SHA256 | 88dd3952638ee82738c03168e6fd863fe4eab1059ee5e2926ad8cb587c255dc0 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)04, CN=VeriSign Class 3 Code Signing 2004 CA |
| ValidFrom | 2004-07-16 00:00:00 |
| ValidTo | 2014-07-15 23:59:59 |
| Signature | ae3a17b84a7b55fa6455ec40a4ed494190999c89bcaf2e1dca7823f91c190f7feb68bc32d98838dedc3fd389b43fb18296f1a45abaed2e26d3de7c016e000a00a4069211480940f91c1879672324e0bbd5e150ae1bf50edde02e81cd80a36c524f9175558aba22f2d2ea4175882f63557d1e545a9559cad93481c05f5ef67ab5 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 4191a15a3978dfcf496566381d4c75c2 |
| Version | 3 |
Certificate 645212f783f4d7aba3555729e99ce065
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e00f0a38c65f7c0b9f19b97448d6a0e3 |
| ToBeSigned (TBS) SHA1 | 91c033a2f289418c4101654dceacef1b25bb55d0 |
| ToBeSigned (TBS) SHA256 | 38b3fcbdb734b0e3439f3c9a3c4c1712091f577d2b616d41224137faf7ba7c86 |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., OU=Digital ID Class 3 , Microsoft Software Validation v2, OU=RD, CN=Trend Micro, Inc. |
| ValidFrom | 2008-01-16 00:00:00 |
| ValidTo | 2011-02-16 23:59:59 |
| Signature | 5a693868cea6ba49064b801a0d9e12887a37cbb92cca2950cc5e99c2df9aec5697422e67cd042836daf09a09e739f625255841fed1ec9657cb8b3edc08c55c302574cbdb3f7de2798ed769d766402619b48041f9d90f8c904488788412b1c632055e1afc4a5bbac642cb626bd20fece0feaa6cf9b287887788cf64586309a14a644b5f0595c0ddcb7d789831faedb48451e40e342da4ccbc38a5e992e57e7ce5328d531a8c68e61f9dc9be65605c1bedf3358579000b91a19b3be388bac36b58ca76b72358bd8e74e0a7b08b0587bb7a29758c01af40b80e8e72c76abd3a2babfe7c1ed6e7b1cd9b0221a605062b6d9d0ceb57e0eb305fdc5eb5bf6ea442f4c9 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 645212f783f4d7aba3555729e99ce065 |
| Version | 3 |
Certificate 610c120600000000001b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 53c41bc1164e09e0cd1617a5bf913efd |
| ToBeSigned (TBS) SHA1 | 93c03aac8951d494ecd5696b1c08658541b18727 |
| ToBeSigned (TBS) SHA256 | 40bddadac24dc61ca4fb5cab2a2bc5d876bc36808311039a7a3e1a4066f7489b |
| Subject | C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority |
| ValidFrom | 2006-05-23 17:01:29 |
| ValidTo | 2016-05-23 17:11:29 |
| Signature | 01e446b33b457f7513877e5f43de468ecb8abdb64741bccccc7491d8ce395195a4a6b547c0efd2da7b8f5711f4328c7ccd3fee42da04214af7c843884a6f5cca14fc4bd19f4cbdd4556ecc02be0da6888f8609baa425bde8b0f0fa8b714e67b0cb82a8d78e55f737ebf03e88efe4e08afd1c6e2e61414875b4b02c1d28d8490fd715f02473253ccc880cde284c6554fe5eae8cea19ad2c51b29b3a47f53c80350117e24987d6544afb4bab07bcbf7d79cfbf35005cbb9ecffc82891b39a05197b6dec0b307ff449644c0342a195cabeef03bec294eb513c537857e75d5b4d60d066eb5d26c237167eaf1718eaf4e74aa0cf9ecbf4c58fa5e909b6d39cb86883f8b1ca81632d5fe6db9f1f8b3ead791f6364778c0272a15c768d6f4c5fc4f4ec8673f102d409ff11ec96148e7a703fc31730cf04688fe56da492995ef09daa3e5beef60ecd954a0599c28bd54ef66157f874c84dba60e95672e517b3439b641c28c846826dc240209e7818e0a972defeea7b998a60f818dc710b5e1ed982f486f53854964789bec5dac970b5526c3efba8dc8d1a52f5a7f936b611a339b18b8a26210de24ea76e12f43ebecdd7c12342489da2855aee5754e312b6763b6a8d7ab730a03cec5ea593fc7eb2a45aea8625b2f009939abb45f73c308ec80118f470e8f2a1343e191066255bbffba3da9a93d260faeca7d628b155589d694344dd665 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 610c120600000000001b |
| Version | 3 |
Imports
Expand
- ntoskrnl.exe
- HAL.dll
- CLASSPNP.SYS
Imported Functions
Expand
- ExReleaseFastMutexUnsafe
- wcsncpy
- memcpy
- wcsrchr
- KeSetEvent
- KePulseEvent
- KeClearEvent
- KeInitializeSemaphore
- KeWaitForSingleObject
- DbgPrint
- KeReleaseSemaphore
- RtlSubAuthoritySid
- RtlInitializeSid
- ExAllocatePoolWithTag
- RtlLengthRequiredSid
- ExFreePoolWithTag
- RtlSetDaclSecurityDescriptor
- RtlCreateSecurityDescriptor
- RtlAddAccessAllowedAce
- RtlCreateAcl
- ObfDereferenceObject
- ZwSetEvent
- ZwClose
- KeUnstackDetachProcess
- ZwRequestWaitReplyPort
- memmove
- KeStackAttachProcess
- ZwConnectPort
- RtlInitUnicodeString
- ZwCreateSection
- ZwWaitForSingleObject
- ZwOpenEvent
- ObfReferenceObject
- IoGetCurrentProcess
- memset
- MmIsAddressValid
- ZwWriteFile
- ZwReadFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwCreateFile
- swprintf
- towupper
- _wcsnicmp
- KeInitializeEvent
- _snprintf
- PsGetCurrentProcessId
- RtlTimeToTimeFields
- ExSystemTimeToLocalTime
- KeQuerySystemTime
- ZwCreateKey
- ZwCreateEvent
- KeWaitForMultipleObjects
- ObReferenceObjectByHandle
- ZwNotifyChangeKey
- PsGetCurrentThreadId
- _vsnprintf
- KeSetPriorityThread
- PsTerminateSystemThread
- PsCreateSystemThread
- KeNumberProcessors
- ZwQuerySystemInformation
- ZwQueryDirectoryFile
- ZwOpenDirectoryObject
- ZwQueryDirectoryObject
- ZwDuplicateObject
- ZwOpenKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryValueKey
- ZwDeleteValueKey
- ZwDeleteKey
- ExGetPreviousMode
- ZwTerminateProcess
- KeLeaveCriticalRegion
- PsProcessType
- ZwOpenProcess
- ZwQueryKey
- ZwSetValueKey
- IoFreeIrp
- _purecall
- MmUnlockPages
- IoBuildAsynchronousFsdRequest
- ProbeForWrite
- _strnicmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- KeDelayExecutionThread
- mbstowcs
- ZwQuerySymbolicLinkObject
- ZwOpenSymbolicLinkObject
- NtClose
- ZwSetInformationObject
- _stricmp
- ZwUnmapViewOfSection
- ZwMapViewOfSection
- ZwOpenFile
- RtlEqualUnicodeString
- IoFileObjectType
- IoCreateFile
- IofCallDriver
- IoAllocateIrp
- MmBuildMdlForNonPagedPool
- IoAllocateMdl
- PsGetVersion
- MmGetSystemRoutineAddress
- RtlCompareMemory
- RtlCopyUnicodeString
- RtlImageNtHeader
- PsLookupProcessByProcessId
- RtlFreeUnicodeString
- RtlAnsiStringToUnicodeString
- RtlInitAnsiString
- strrchr
- KeBugCheckEx
- RtlAppendUnicodeStringToString
- IofCompleteRequest
- ExEventObjectType
- IoDeleteDevice
- IoDeleteSymbolicLink
- IoCreateSymbolicLink
- ProbeForRead
- IoGetDeviceObjectPointer
- RtlUpperChar
- RtlCompareUnicodeString
- strncpy
- KeServiceDescriptorTable
- NtOpenProcess
- ObReferenceObjectByPointer
- MmSectionObjectType
- ObQueryNameString
- ObOpenObjectByName
- IoDriverObjectType
- NtQueryInformationProcess
- _snwprintf
- KeAddSystemServiceTable
- ZwQueryObject
- ZwQuerySecurityObject
- ObInsertObject
- _allrem
- IoReleaseVpbSpinLock
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- KeTickCount
- RtlUnwind
- KeEnterCriticalRegion
- ObOpenObjectByPointer
- ExAcquireFastMutexUnsafe
- ZwSetSecurityObject
- IoDeviceObjectType
- IoCreateDevice
- RtlGetDaclSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- RtlLengthSecurityDescriptor
- SeCaptureSecurityDescriptor
- SeExports
- IoIsWdmVersionAvailable
- RtlLengthSid
- wcschr
- RtlAbsoluteToSelfRelativeSD
- IoFreeMdl
- KeGetCurrentThread
- KfLowerIrql
- KeRaiseIrqlToDpcLevel
- ClassInitialize
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QAE@ABV0@@Z
- ??0CAutoUpdateConfigThread@@QAE@PAU_UNICODE_STRING@@P6GX0PAX@Z1@Z
- ??0CBlobConfig@@QAE@ABV0@@Z
- ??0CBlobConfig@@QAE@K@Z
- ??0CContext@@QAE@ABV0@@Z
- ??0CContext@@QAE@KP6GJPAU_EVENT_REPORT@@PAXPAU_TMCE_REPORT@@PAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QAE@ABV0@@Z
- ??0CContextList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QAE@ABV0@@Z
- ??0CDebugLog@@QAE@PBG@Z
- ??0CExclusionExtConfig@@QAE@ABV0@@Z
- ??0CExclusionExtConfig@@QAE@KKE@Z
- ??0CExclusionFileNameConfig@@QAE@ABV0@@Z
- ??0CExclusionFileNameConfig@@QAE@KK@Z
- ??0CExclusionFilePathConfig@@QAE@ABV0@@Z
- ??0CExclusionFilePathConfig@@QAE@KK@Z
- ??0CExclusionFolderConfig@@QAE@ABV0@@Z
- ??0CExclusionFolderConfig@@QAE@KK@Z
- ??0CExclusionRegistryConfig@@QAE@ABV0@@Z
- ??0CExclusionRegistryConfig@@QAE@KK@Z
- ??0CFile@@QAE@ABV0@@Z
- ??0CFile@@QAE@E@Z
- ??0CFileExtension@@QAE@ABV0@@Z
- ??0CFileExtension@@QAE@KEEPAVIMemoryAllocator@@@Z
- ??0CKEvent@@QAE@ABV0@@Z
- ??0CKEvent@@QAE@W4_EVENT_TYPE@@E@Z
- ??0CList@@QAE@ABV0@@Z
- ??0CList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QAE@ABV0@@Z
- ??0CLockEvent@@QAE@XZ
- ??0CLockList@@QAE@ABV0@@Z
- ??0CLockList@@QAE@KKPAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IAE@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QAE@ABV0@@Z
- ??0CMemoryPoolAllocator@@IAE@W4_POOL_TYPE@@KKK@Z
- ??0CMemoryPoolAllocator@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@ABV0@@Z
- ??0CModuleConfig@@QAE@XZ
- ??0CModuleConfigList@@QAE@ABV0@@Z
- ??0CModuleConfigList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QAE@ABV0@@Z
- ??0CModuleFileExtConfig@@QAE@KKE@Z
- ??0CModuleFlagConfig@@QAE@ABV0@@Z
- ??0CModuleFlagConfig@@QAE@K@Z
- ??0CModuleMultiStringConfig@@QAE@ABV0@@Z
- ??0CModuleMultiStringConfig@@QAE@KK@Z
- ??0CModuleStringConfig@@QAE@ABV0@@Z
- ??0CModuleStringConfig@@QAE@K@Z
- ??0CSmartLock@@QAE@AAVCLockEvent@@@Z
- ??0CSmartLock@@QAE@XZ
- ??0CSmartReference@@QAE@AAJ@Z
- ??0CSmartReference@@QAE@AAK@Z
- ??0CStrList@@QAE@ABV0@@Z
- ??0CStrList@@QAE@KPAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QAE@ABV0@@Z
- ??0CSystemThread@@QAE@K@Z
- ??0CUserFuncAdapterJob@@QAE@ABV0@@Z
- ??0CUserFuncAdapterJob@@QAE@P6GXPAX@Z0@Z
- ??0CWorkerThread@@IAE@PAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@ABV0@@Z
- ??0CWorkerThreadJob@@QAE@E@Z
- ??0CWorkerThreadJobQueue@@QAE@ABV0@@Z
- ??0CWorkerThreadJobQueue@@QAE@K@Z
- ??0CWorkerThreadPool@@QAE@ABV0@@Z
- ??0CWorkerThreadPool@@QAE@K@Z
- ??0IMemoryAllocator@@QAE@ABV0@@Z
- ??0IMemoryAllocator@@QAE@XZ
- ??1CAutoUpdateConfigThread@@UAE@XZ
- ??1CBlobConfig@@UAE@XZ
- ??1CContext@@UAE@XZ
- ??1CContextList@@UAE@XZ
- ??1CDebugLog@@UAE@XZ
- ??1CExclusionExtConfig@@UAE@XZ
- ??1CExclusionFileNameConfig@@UAE@XZ
- ??1CExclusionFilePathConfig@@UAE@XZ
- ??1CExclusionFolderConfig@@UAE@XZ
- ??1CExclusionRegistryConfig@@UAE@XZ
- ??1CFile@@UAE@XZ
- ??1CFileExtension@@UAE@XZ
- ??1CKEvent@@UAE@XZ
- ??1CList@@UAE@XZ
- ??1CLockEvent@@UAE@XZ
- ??1CLockList@@UAE@XZ
- ??1CMemoryAllocator@@UAE@XZ
- ??1CMemoryPoolAllocator@@UAE@XZ
- ??1CModuleConfig@@UAE@XZ
- ??1CModuleConfigList@@UAE@XZ
- ??1CModuleFileExtConfig@@UAE@XZ
- ??1CModuleFlagConfig@@UAE@XZ
- ??1CModuleMultiStringConfig@@UAE@XZ
- ??1CModuleStringConfig@@UAE@XZ
- ??1CSmartLock@@QAE@XZ
- ??1CSmartReference@@QAE@XZ
- ??1CStrList@@UAE@XZ
- ??1CSystemThread@@UAE@XZ
- ??1CUserFuncAdapterJob@@UAE@XZ
- ??1CWorkerThread@@UAE@XZ
- ??1CWorkerThreadJob@@UAE@XZ
- ??1CWorkerThreadJobQueue@@UAE@XZ
- ??1CWorkerThreadPool@@UAE@XZ
- ??1IMemoryAllocator@@UAE@XZ
- ??2@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??2CMemoryAllocator@@SGPAXI@Z
- ??2CMemoryPoolAllocator@@SGPAXI@Z
- ??3@YAXPAX@Z
- ??3IMemoryAllocator@@SGXPAX@Z
- ??4CAutoUpdateConfigThread@@QAEAAV0@ABV0@@Z
- ??4CBlobConfig@@QAEAAV0@ABV0@@Z
- ??4CContext@@QAEAAV0@ABV0@@Z
- ??4CDebugLog@@QAEAAV0@ABV0@@Z
- ??4CFile@@QAEAAV0@ABV0@@Z
- ??4CKEvent@@QAEAAV0@ABV0@@Z
- ??4CLockEvent@@QAEAAV0@ABV0@@Z
- ??4CMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??4CMemoryPoolAllocator@@QAEAAV0@ABV0@@Z
- ??4CModuleConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleFlagConfig@@QAEAAV0@ABV0@@Z
- ??4CModuleStringConfig@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEAAV0@ABV0@@Z
- ??4CSmartLock@@QAEABV0@AAVCLockEvent@@@Z
- ??4CSystemThread@@QAEAAV0@ABV0@@Z
- ??4CUserFuncAdapterJob@@QAEAAV0@ABV0@@Z
- ??4CWorkerThread@@QAEAAV0@ABV0@@Z
- ??4CWorkerThreadJob@@QAEAAV0@ABV0@@Z
- ??4IMemoryAllocator@@QAEAAV0@ABV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QAEXXZ
- ??_FCFile@@QAEXXZ
- ??_FCFileExtension@@QAEXXZ
- ??_FCModuleConfigList@@QAEXXZ
- ??_FCStrList@@QAEXXZ
- ??_FCSystemThread@@QAEXXZ
- ??_FCWorkerThread@@QAEXXZ
- ??_FCWorkerThreadJob@@QAEXXZ
- ??_FCWorkerThreadJobQueue@@QAEXXZ
- ??_U@YAPAXIPAVIMemoryAllocator@@PBDK@Z
- ??_V@YAXPAX@Z
- ?Acquire@CLockEvent@@QAEXXZ
- ?Add@CContextList@@QAEEPAVCContext@@@Z
- ?Add@CFileExtension@@QAEEPBGK@Z
- ?Add@CModuleConfigList@@QAEEPAVCModuleConfig@@@Z
- ?Add@CStrList@@QAEEPBG@Z
- ?AddNode@CLockList@@UAEEQAXE@Z
- ?Alloc@CMemoryAllocator@@UAEPAXKPBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UAEPAXKPBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IAEPAXK@Z
- ?AttachJobQueue@CWorkerThread@@QAEXPAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QAEXXZ
- ?CheckNode@CLockList@@UAEHQAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QAEXXZ
- ?Cleanup@CBlobConfig@@AAEXXZ
- ?Cleanup@CModuleFileExtConfig@@IAEXXZ
- ?Cleanup@CModuleMultiStringConfig@@IAEXXZ
- ?Cleanup@CModuleStringConfig@@AAEXXZ
- ?Close@CFile@@QAEJXZ
- ?Count@CLockList@@QAEKXZ
- ?Create@CFile@@QAEJPBGKKKK@Z
- ?Create@CSystemThread@@QAEEXZ
- ?CreateInstance@CMemoryAllocator@@SGPAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SGPAV1@W4_POOL_TYPE@@KKK@Z
- ?CreatePool@CWorkerThreadPool@@QAEEXZ
- ?CreateThreads@CWorkerThreadPool@@QAEEK@Z
- ?CreateWIRP@CFile@@QAEJPBGKKKK@Z
- ?Delete@CFile@@QAEJXZ
- ?Delete@CFileExtension@@QAEEPBGK@Z
- ?Delete@CStrList@@QAEEPBG@Z
- ?DeleteAll@CList@@UAEXXZ
- ?DeleteAll@CLockList@@UAEXXZ
- ?DeleteNode@CContextList@@MAEXPAX@Z
- ?DeleteNode@CList@@UAEXPAX@Z
- ?DeleteNode@CModuleConfigList@@MAEXPAX@Z
- ?DeleteNode@CStrList@@EAEXPAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YGXPAPAX@Z
- ?DoIt@CWorkerThreadJob@@QAEJXZ
- ?EntryPoint@CSystemThread@@KGXPAX@Z
- ?Find@CContextList@@QAEPAVCContext@@K@Z
- ?Find@CContextList@@QAEPAVCContext@@PAX@Z
- ?Find@CFileExtension@@QAEPAU_STR_LIST_NODE@CStrList@@PBGK@Z
- ?Find@CModuleConfigList@@QAEPAVCModuleConfig@@K@Z
- ?Find@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?FindNode@CContextList@@IAEPAXPAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QAEPAU_STR_LIST_NODE@1@PBG@Z
- ?First@CList@@UAEPAXXZ
- ?First@CLockList@@UAEPAXXZ
- ?Free@CMemoryAllocator@@UAEXPAX@Z
- ?Free@CMemoryPoolAllocator@@UAEXPAX@Z
- ?GetAttributes@CFile@@QAEKXZ
- ?GetBasicInfomration@CFile@@IAEJXZ
- ?GetBlobCofig@CContext@@UAEJKPAXPAK@Z
- ?GetCategory@CContext@@QAEKXZ
- ?GetData@CBlobConfig@@QAEHPAXPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleFileExtConfig@@QAEPAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QAEKXZ
- ?GetData@CModuleMultiStringConfig@@QAEHPAGPAK@Z
- ?GetData@CModuleMultiStringConfig@@QAEPAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QAEPAGXZ
- ?GetData@CStrList@@QAEEPAGPAK@Z
- ?GetDataType@CModuleConfig@@QAEKXZ
- ?GetEngineContext@CContext@@QAEPAXXZ
- ?GetFBCallBackRoutine@CContext@@QAEKXZ
- ?GetFileExtensionConfig@CContext@@QAEPAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UAEJKPAGPAK@Z
- ?GetFileSize@CFile@@QAEJPAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UAEJKPAK@Z
- ?GetID@CModuleConfig@@QAEKXZ
- ?GetJob@CWorkerThreadJobQueue@@QAEPAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QAEKXZ
- ?GetLinkContext@CContext@@QAEPAXXZ
- ?GetLogFlag@CDebugLog@@QAEKXZ
- ?GetModuleId@CModuleConfig@@QAEKXZ
- ?GetMultiStringConfig@CContext@@QAEPAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QAEPAU_ETHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QAEKXZ
- ?GetSize@CBlobConfig@@QAEKXZ
- ?GetStringConfig@CContext@@QAEPAGK@Z
- ?GetStringConfig@CContext@@UAEJKPAGPAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QAEKXZ
- ?GetThreadID@CSystemThread@@QAEKXZ
- ?GetType@CContext@@QAEKXZ
- ?GetUserParameter@CContext@@QAEKXZ
- ?InitializeBlobConfig@CContext@@QAEHKPAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QAEHKPBG@Z
- ?InitializeFlagConfig@CContext@@QAEHKK@Z
- ?InitializeMultiStringConfig@CContext@@QAEHKPBG@Z
- ?InitializeStringConfig@CContext@@QAEHKPBG@Z
- ?Insert@CList@@UAEXQAXE@Z
- ?Insert@CLockList@@UAEXQAXE@Z
- ?InsertAfter@CList@@UAEXPAX0@Z
- ?InsertBefore@CList@@UAEXPAX0@Z
- ?Instance@CWorkerThreadPool@@SGPAV1@XZ
- ?IsEmpty@CList@@UAEEXZ
- ?IsEmpty@CLockList@@UAEEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IAEEK@Z
- ?IsFull@CLockList@@QBEEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QAEEPBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QAEEPBG@Z
- ?IsOpened@CFile@@QAEEXZ
- ?IsTerminated@CWorkerThreadPool@@QAEEXZ
- ?IsValid@CMemoryAllocator@@UAEEXZ
- ?IsValid@CMemoryPoolAllocator@@UAEEXZ
- ?IsValid@IMemoryAllocator@@UAEEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QAEEK@Z
- ?JobFunction@CUserFuncAdapterJob@@MAEXXZ
- ?JobQueue@CWorkerThreadPool@@QAEAAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QAEKXZ
- ?MatchAllExtensions@CFileExtension@@QAEEXZ
- ?MatchNoExtensions@CFileExtension@@QAEEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IAEPAXPAX@Z
- ?NeedDelete@CWorkerThreadJob@@QAEEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QAEXE@Z
- ?NewNode@CList@@UAEPAXXZ
- ?NewNode@CStrList@@EAEPAXXZ
- ?NewNodeVariant@CList@@IAEPAXK@Z
- ?Next@CList@@UBEPAXQAX@Z
- ?Next@CLockList@@UBEPAXQAX@Z
- ?NextPool@CMemoryPoolAllocator@@QAEPAV1@XZ
- ?NotityTerminate@CWorkerThread@@QAEXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QAEJP6GXPAX@Z0E@Z
- ?Pulse@CKEvent@@QAEJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QAEEPAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QAEJPAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SGPAV1@XZ
- ?Read@CFile@@QAEJPADKPAK@Z
- ?ReferenceCount@CContext@@QAEAAKXZ
- ?Release@CLockEvent@@QAEXXZ
- ?Remove@CContextList@@UAEEQAX@Z
- ?Remove@CList@@UAEEQAX@Z
- ?Remove@CLockList@@UAEEQAX@Z
- ?RemoveHead@CList@@UAEPAXXZ
- ?RemoveHead@CLockList@@UAEPAXXZ
- ?RemoveTail@CList@@UAEPAXXZ
- ?RemoveTail@CLockList@@UAEPAXXZ
- ?Reset@CKEvent@@QAEXXZ
- ?RestoreCR0@@YGXPAX@Z
- ?Run@CAutoUpdateConfigThread@@UAEXXZ
- ?Run@CWorkerThread@@UAEXXZ
- ?SeekToEnd@CFile@@QAEJXZ
- ?Set@CKEvent@@QAEJJE@Z
- ?SetAttributes@CFile@@QAEJK@Z
- ?SetBlobCofig@CContext@@UAEJKPAXK@Z
- ?SetData@CBlobConfig@@QAEHPAXK@Z
- ?SetData@CModuleFileExtConfig@@QAEHPBG@Z
- ?SetData@CModuleFlagConfig@@QAEHK@Z
- ?SetData@CModuleMultiStringConfig@@QAEHPBG@Z
- ?SetData@CModuleStringConfig@@QAEHPBG@Z
- ?SetEngineContext@CContext@@QAEXPAX@Z
- ?SetFileExtensionConfig@CContext@@UAEJKPBG@Z
- ?SetFlagConfig@CContext@@UAEJKK@Z
- ?SetLinkContext@CContext@@QAEXPAX@Z
- ?SetLogFlag@CDebugLog@@QAEEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QAEXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QAEXE@Z
- ?SetMultiStringConfig@CContext@@UAEJKPBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QAEXXZ
- ?SetPriority@CSystemThread@@QAEXK@Z
- ?SetStopUse@CContext@@QAEXXZ
- ?SetStringConfig@CContext@@UAEJKPBG@Z
- ?Setup@CSystemThread@@MAEXXZ
- ?StopUse@CContext@@QAEHXZ
- ?TearDown@CSystemThread@@MAEXXZ
- ?Terminate@CSystemThread@@QAEXE@Z
- ?Terminate@CWorkerThreadPool@@QAEEXZ
- ?TmExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QAEJPAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QAEXXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QAEEXZ
- ?Write@CDebugLog@@QAAXPBDZZ
- ?Write@CFile@@QAEJPADKPAT_LARGE_INTEGER@@PAK@Z
- ?WriteSystemInformation@CDebugLog@@QAEXXZ
- ?WriteSystemStringInformation@CDebugLog@@IAEXPBG@Z
- ?WriteToFile@CDebugLog@@IAEXPADK@Z
- ?_pNonPagedAllocator@@3PAVCMemoryAllocator@@A
- ?_pPagedAllocator@@3PAVCMemoryAllocator@@A
- ?m_lpInstance@CWorkerThreadPool@@1PAV1@A
- ?m_lpRCMInstance@CWorkerThreadPool@@1PAV1@A
- _DeInitKmLPC@0
- _GetModuleInfoByAddress@8
- _GetModuleInfoByModuleName@8
- _InitKmLPC@0
- _KmCallUm@8
- _ModGetExportProcAddress@8
- _ModLoadDLLToBuffer@4
- _ModLoadModule@8
- _ModUnLoadModule@4
- _NormalizeFileName@4
- _NormalizeFullNtPathToDosName@4
- _TmCommConfigRoutine@4
- _UtilCleanFileReadOnly@4
- _UtilDeleteFileForce@4
- _UtilGetFileObjectForProcessByEPROC@8
- _UtilGetFileObjectFromFileName@12
- _UtilGetProcessName@12
- _UtilGetSystemTime@4
- _UtilIoSetFileInfo@24
- _UtilIopCreateFileIRP@40
- _UtilKeGetLowFileDevice@16
- _UtilModuleIATHook@24
- _UtilModuleIATUnHook@8
- _UtilQueryKeyValue@24
- _UtilVolumeDeviceToDosName@8
- _UtilWaitValueChangeToZero@8
- _UtilWriteVersionToRegistry@8
- _UtilbuildDynamicDiskMappingTable@0
- __UtilDosPathNameToNtPathName@12
Sections
Expand
- .text
- .rdata
- .data
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 1688f039255e638e69143907e6330b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 0179e8ddeebaf8998fec419d65cdf13d |
| ToBeSigned (TBS) SHA1 | 34c724c3369f2da8c25b591808962f66f10bde28 |
| ToBeSigned (TBS) SHA256 | 35b0bac11602847aaab65fb35199d3c8976cde3ccf7e061b130177c712cbd92f |
| Subject | C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO SHA,1 Time Stamping Signer |
| ValidFrom | 2015-12-31 00:00:00 |
| ValidTo | 2019-07-09 18:40:36 |
| Signature | ba332440408c7cdb589fb36098b2f5c031feeb1f6e50f60ae0e4e681ad2687a2dffdb3daf473f300fb291b891b153edb6b52932bc4ac3981d73c67579a3936e028089ae3394f9b89097f7bc5617f598932250a6aae1a3ef0a227a8b6c3b887f7160448413d5cd8ec9f4d203104d965a1edcd690753163ddd36020a88eb40e506300bb8164bdcefbc5509ffc63e122e76b3dcce42eff97657e1b70a054098589a5d711693718c6581ea6ff389f7fb73adb4e7bfd98e6faa0b4f25f3b8e1d5dd75986881f8aac0d180c2c4c43989c1f6c99e6cd774f9d997f84fc29a0acd5e8ff819e9e0a59fc4f09221e62d7925c922f9c3f03a8457ad3a16f46394101d5dd0c6 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 1688f039255e638e69143907e6330b |
| Version | 3 |
Certificate 774d49c5649436de6bf3190a67eedcdf
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b3ca7d6b821d8e3432b29874980af55e |
| ToBeSigned (TBS) SHA1 | 618d7e55a24c1d8b65a0bcce79120c5e3b13fa4d |
| ToBeSigned (TBS) SHA256 | c645c6a7dc7243a4a3f78a6569c029401a7bda8bc4732ce7198d9f21f19b12fa |
| Subject | C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2016-03-29 00:00:00 |
| ValidTo | 2017-06-28 23:59:59 |
| Signature | 27351697f046d1d43fe306dff30b83e7a404e3e6431c1e06829c558d99eb3f21776021e3e1bd4e485aba08b89bb0972f23daa471d7b432a44a591270f9a838f13dbda32ee936c0df792cff8c493e1f27b2282b3d896ae7b4155ca1a50bf7111f3f4bbbe11f17cfe5d49c0589c210966ef7e567153e802d2e783ff498c59585598d9d3e93273d1e81c07ce85c0cfb24834d448c3930120f1686bd472d916ac8f9475acfdb27be8528311f668d71dfc132a0ff62df7baa575a0cc732b3de003beca214954d4d97cf9511b9329eccbb7b716675b31e543a43570080dffce3fc8ca8fbb17d954b9678e2d0c1e1710a5cf03952a687fede59dcba3bf98900f9934f12 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 774d49c5649436de6bf3190a67eedcdf |
| Version | 3 |
Certificate 611993e400000000001c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78a717e082dcc1cda3458d917e677d14 |
| ToBeSigned (TBS) SHA1 | 4a872e0e51f9b304469cd1dedb496ee9b8b983a4 |
| ToBeSigned (TBS) SHA256 | 317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2011-02-22 19:25:17 |
| ValidTo | 2021-02-22 19:35:17 |
| Signature | 812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 611993e400000000001c |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- RtlInitUnicodeString
- KeInitializeEvent
- KeClearEvent
- KeSetEvent
- KeEnterCriticalRegion
- KeLeaveCriticalRegion
- KeWaitForSingleObject
- ExFreePoolWithTag
- ExAcquireFastMutexUnsafe
- ExReleaseFastMutexUnsafe
- ProbeForRead
- ProbeForWrite
- ExAcquireResourceSharedLite
- ExAcquireResourceExclusiveLite
- ExReleaseResourceLite
- MmProbeAndLockPages
- MmUnlockPages
- MmMapLockedPagesSpecifyCache
- IoAllocateMdl
- IoFreeMdl
- IoGetCurrentProcess
- ObfReferenceObject
- ObfDereferenceObject
- ZwClose
- ZwCreateSection
- ZwOpenSection
- ZwMapViewOfSection
- ZwUnmapViewOfSection
- ZwOpenEvent
- KePulseEvent
- KeStackAttachProcess
- KeUnstackDetachProcess
- ObOpenObjectByPointer
- ZwAllocateVirtualMemory
- ZwFreeVirtualMemory
- ZwSetEvent
- __C_specific_handler
- PsProcessType
- wcslen
- wcsncpy
- wcsrchr
- RtlUnicodeStringToInteger
- ZwWaitForSingleObject
- ZwRequestWaitReplyPort
- ZwConnectPort
- SeCaptureSubjectContext
- SeReleaseSubjectContext
- SeAccessCheck
- ObGetObjectSecurity
- ObReleaseObjectSecurity
- PsGetProcessExitTime
- PsThreadType
- MmSectionObjectType
- RtlCreateSecurityDescriptor
- RtlSetDaclSecurityDescriptor
- KeInitializeSemaphore
- KeReleaseSemaphore
- ExAllocatePoolWithTag
- ExAcquireFastMutex
- ExReleaseFastMutex
- RtlCreateAcl
- RtlAddAccessAllowedAce
- RtlLengthRequiredSid
- RtlInitializeSid
- RtlSubAuthoritySid
- KeDelayExecutionThread
- ExGetPreviousMode
- DbgPrint
- swprintf
- RtlCopyUnicodeString
- PsGetVersion
- IofCompleteRequest
- IoCreateSymbolicLink
- IoDeleteDevice
- IoDeleteSymbolicLink
- ObReferenceObjectByHandle
- PsGetCurrentProcessId
- ZwCreateEvent
- ExEventObjectType
- _wcsnicmp
- PsSetCreateProcessNotifyRoutine
- ZwQueryInformationProcess
- PsLookupProcessByProcessId
- ZwOpenDirectoryObject
- ExInitializeResourceLite
- ExDeleteResourceLite
- ZwCreateFile
- ZwQueryInformationFile
- ZwSetInformationFile
- ZwReadFile
- ZwWriteFile
- towupper
- MmGetSystemRoutineAddress
- ObReferenceObjectByPointer
- MmIsAddressValid
- PsGetCurrentThreadId
- ObQueryNameString
- _snprintf
- _vsnprintf
- RtlInitAnsiString
- RtlAnsiStringToUnicodeString
- RtlFreeUnicodeString
- RtlTimeToTimeFields
- KeWaitForMultipleObjects
- ExSystemTimeToLocalTime
- wcscat
- ZwDeviceIoControlFile
- ZwNotifyChangeKey
- ZwOpenFile
- ZwQueryVolumeInformationFile
- mbstowcs
- _stricmp
- IoGetDeviceObjectPointer
- RtlImageNtHeader
- ZwQuerySystemInformation
- IoBuildDeviceIoControlRequest
- IofCallDriver
- IoCreateFile
- RtlEqualUnicodeString
- RtlAppendUnicodeStringToString
- RtlUpcaseUnicodeChar
- _snwprintf
- strlen
- _strnicmp
- strncpy
- NtOpenProcess
- NtQueryInformationProcess
- ObOpenObjectByName
- KeSetPriorityThread
- PsCreateSystemThread
- PsTerminateSystemThread
- KeNumberProcessors
- RtlLengthSecurityDescriptor
- ZwOpenKey
- ZwDeleteKey
- ZwDeleteValueKey
- ZwEnumerateKey
- ZwEnumerateValueKey
- ZwQueryKey
- ZwQueryValueKey
- ZwSetValueKey
- ZwTerminateProcess
- ZwOpenProcess
- ZwDuplicateObject
- ZwQuerySecurityObject
- ZwSetSecurityObject
- ZwQueryDirectoryObject
- ZwQueryDirectoryFile
- NtCreateFile
- NtQueryInformationFile
- NtSetInformationFile
- IoFileObjectType
- ObInsertObject
- wcschr
- wcsncmp
- RtlQueryRegistryValues
- RtlAppendUnicodeToString
- RtlCompareMemory
- MmBuildMdlForNonPagedPool
- IoAllocateIrp
- IoFreeIrp
- ZwOpenSymbolicLinkObject
- ZwQuerySymbolicLinkObject
- RtlUpcaseUnicodeString
- NtClose
- ZwSetInformationObject
- SeQueryAuthenticationIdToken
- MmSystemRangeStart
- IoGetFileObjectGenericMapping
- ObCreateObject
- SeCreateAccessState
- IoAcquireVpbSpinLock
- IoReleaseVpbSpinLock
- wcstombs
- strncat
- wcsncat
- RtlUnicodeStringToAnsiString
- RtlFreeAnsiString
- strcpy
- wcsstr
- RtlCompareUnicodeString
- DbgPrintEx
- KeAcquireSpinLockRaiseToDpc
- KeReleaseSpinLock
- ExAllocatePool
- ExpInterlockedPopEntrySList
- IoBuildSynchronousFsdRequest
- IoGetStackLimits
- IoGetDeviceInterfaces
- IoRegisterPlugPlayNotification
- IoUnregisterPlugPlayNotification
- IoGetConfigurationInformation
- FsRtlIsNameInExpression
- IoDeviceObjectType
- IoCreateDevice
- RtlGetOwnerSecurityDescriptor
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetSaclSecurityDescriptor
- SeCaptureSecurityDescriptor
- RtlLengthSid
- SeExports
- IoIsWdmVersionAvailable
- RtlAbsoluteToSelfRelativeSD
- ZwCreateKey
- _purecall
- KeBugCheckEx
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QEAA@AEBV0@@Z
- ??0CAutoUpdateConfigThread@@QEAA@PEAU_UNICODE_STRING@@P6AX0PEAX@Z1@Z
- ??0CBlobConfig@@QEAA@AEBV0@@Z
- ??0CBlobConfig@@QEAA@K@Z
- ??0CContext@@QEAA@AEBV0@@Z
- ??0CContext@@QEAA@KP6AJPEAU_EVENT_REPORT@@PEAXPEAU_TMCE_REPORT@@PEAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QEAA@AEBV0@@Z
- ??0CContextList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QEAA@AEBV0@@Z
- ??0CDebugLog@@QEAA@PEBG@Z
- ??0CDebugLogEx@@QEAA@AEBV0@@Z
- ??0CDebugLogEx@@QEAA@K@Z
- ??0CDelayLoadThread@@QEAA@AEBV0@@Z
- ??0CDelayLoadThread@@QEAA@XZ
- ??0CExclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CExclusionExtConfig@@QEAA@KKE@Z
- ??0CExclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFileNameConfig@@QEAA@KK@Z
- ??0CExclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFilePathConfig@@QEAA@KK@Z
- ??0CExclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFolderConfig@@QEAA@KK@Z
- ??0CExclusionRegistryConfig@@QEAA@AEBV0@@Z
- ??0CExclusionRegistryConfig@@QEAA@KK@Z
- ??0CFile@@QEAA@AEBV0@@Z
- ??0CFile@@QEAA@E@Z
- ??0CFileExtension@@QEAA@AEBV0@@Z
- ??0CFileExtension@@QEAA@KEEPEAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CInclusionExtConfig@@QEAA@KKE@Z
- ??0CInclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFileNameConfig@@QEAA@KK@Z
- ??0CInclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFilePathConfig@@QEAA@KK@Z
- ??0CInclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFolderConfig@@QEAA@KK@Z
- ??0CKEvent@@QEAA@AEBV0@@Z
- ??0CKEvent@@QEAA@W4_EVENT_TYPE@@E@Z
- ??0CList@@QEAA@AEBV0@@Z
- ??0CList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QEAA@AEBV0@@Z
- ??0CLockEvent@@QEAA@XZ
- ??0CLockList@@QEAA@AEBV0@@Z
- ??0CLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IEAA@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QEAA@AEBV0@@Z
- ??0CMemoryPoolAllocator@@IEAA@W4_POOL_TYPE@@_K1K@Z
- ??0CMemoryPoolAllocator@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@XZ
- ??0CModuleConfigList@@QEAA@AEBV0@@Z
- ??0CModuleConfigList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QEAA@AEBV0@@Z
- ??0CModuleFileExtConfig@@QEAA@KKE@Z
- ??0CModuleFlagConfig@@QEAA@AEBV0@@Z
- ??0CModuleFlagConfig@@QEAA@K@Z
- ??0CModuleMultiStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleMultiStringConfig@@QEAA@KK@Z
- ??0CModuleStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleStringConfig@@QEAA@K@Z
- ??0CNoLockList@@QEAA@AEBV0@@Z
- ??0CNoLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QEAA@AEAVCLockEvent@@@Z
- ??0CSmartLock@@QEAA@XZ
- ??0CSmartReference@@QEAA@AEAJ@Z
- ??0CSmartReference@@QEAA@AEAK@Z
- ??0CSmartResource@@QEAA@AEAVCResource@@E@Z
- ??0CStrList@@QEAA@AEBV0@@Z
- ??0CStrList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QEAA@AEBV0@@Z
- ??0CSystemThread@@QEAA@K@Z
- ??0CUserFuncAdapterJob@@QEAA@AEBV0@@Z
- ??0CUserFuncAdapterJob@@QEAA@P6AXPEAX@Z01@Z
- ??0CWorkerThread@@IEAA@PEAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@E@Z
- ??0CWorkerThreadJobQueue@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJobQueue@@QEAA@K@Z
- ??0CWorkerThreadPool@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPool@@QEAA@K@Z
- ??0CWorkerThreadPoolEx@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPoolEx@@QEAA@KK@Z
- ??0IMemoryAllocator@@QEAA@AEBV0@@Z
- ??0IMemoryAllocator@@QEAA@XZ
- ??1CAutoUpdateConfigThread@@UEAA@XZ
- ??1CBlobConfig@@UEAA@XZ
- ??1CContext@@UEAA@XZ
- ??1CContextList@@UEAA@XZ
- ??1CDebugLog@@UEAA@XZ
- ??1CDebugLogEx@@UEAA@XZ
- ??1CDelayLoadThread@@UEAA@XZ
- ??1CExclusionExtConfig@@UEAA@XZ
- ??1CExclusionFileNameConfig@@UEAA@XZ
- ??1CExclusionFilePathConfig@@UEAA@XZ
- ??1CExclusionFolderConfig@@UEAA@XZ
- ??1CExclusionRegistryConfig@@UEAA@XZ
- ??1CFile@@UEAA@XZ
- ??1CFileExtension@@UEAA@XZ
- ??1CInclusionExtConfig@@UEAA@XZ
- ??1CInclusionFileNameConfig@@UEAA@XZ
- ??1CInclusionFilePathConfig@@UEAA@XZ
- ??1CInclusionFolderConfig@@UEAA@XZ
- ??1CKEvent@@UEAA@XZ
- ??1CList@@UEAA@XZ
- ??1CLockEvent@@UEAA@XZ
- ??1CLockList@@UEAA@XZ
- ??1CMemoryAllocator@@UEAA@XZ
- ??1CMemoryPoolAllocator@@UEAA@XZ
- ??1CModuleConfig@@UEAA@XZ
- ??1CModuleConfigList@@UEAA@XZ
- ??1CModuleFileExtConfig@@UEAA@XZ
- ??1CModuleFlagConfig@@UEAA@XZ
- ??1CModuleMultiStringConfig@@UEAA@XZ
- ??1CModuleStringConfig@@UEAA@XZ
- ??1CNoLockList@@UEAA@XZ
- ??1CSmartLock@@QEAA@XZ
- ??1CSmartReference@@QEAA@XZ
- ??1CSmartResource@@QEAA@XZ
- ??1CStrList@@UEAA@XZ
- ??1CSystemThread@@UEAA@XZ
- ??1CUserFuncAdapterJob@@UEAA@XZ
- ??1CWorkerThread@@UEAA@XZ
- ??1CWorkerThreadJob@@UEAA@XZ
- ??1CWorkerThreadJobQueue@@UEAA@XZ
- ??1CWorkerThreadPool@@UEAA@XZ
- ??1CWorkerThreadPoolEx@@UEAA@XZ
- ??1IMemoryAllocator@@UEAA@XZ
- ??2@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??2CMemoryAllocator@@SAPEAX_K@Z
- ??2CMemoryPoolAllocator@@SAPEAX_K@Z
- ??3@YAXPEAX@Z
- ??3@YAXPEAX_K@Z
- ??3IMemoryAllocator@@SAXPEAX@Z
- ??4CAutoUpdateConfigThread@@QEAAAEAV0@AEBV0@@Z
- ??4CBlobConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CContext@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLog@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLogEx@@QEAAAEAV0@AEBV0@@Z
- ??4CDelayLoadThread@@QEAAAEAV0@AEBV0@@Z
- ??4CFile@@QEAAAEAV0@AEBV0@@Z
- ??4CKEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CLockEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryPoolAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleFlagConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleStringConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEBV0@AEAVCLockEvent@@@Z
- ??4CSmartResource@@QEAAAEAV0@AEBV0@@Z
- ??4CSystemThread@@QEAAAEAV0@AEBV0@@Z
- ??4CUserFuncAdapterJob@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThread@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThreadJob@@QEAAAEAV0@AEBV0@@Z
- ??4IMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QEAAXXZ
- ??_FCFile@@QEAAXXZ
- ??_FCFileExtension@@QEAAXXZ
- ??_FCModuleConfigList@@QEAAXXZ
- ??_FCStrList@@QEAAXXZ
- ??_FCSystemThread@@QEAAXXZ
- ??_FCWorkerThread@@QEAAXXZ
- ??_FCWorkerThreadJob@@QEAAXXZ
- ??_FCWorkerThreadJobQueue@@QEAAXXZ
- ??_U@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??_V@YAXPEAX@Z
- ??_V@YAXPEAX_K@Z
- ?Acquire@CLockEvent@@QEAAXXZ
- ?Add@CContextList@@QEAAEPEAVCContext@@@Z
- ?Add@CFileExtension@@QEAAEPEBGK@Z
- ?Add@CModuleConfigList@@QEAAEPEAVCModuleConfig@@@Z
- ?Add@CStrList@@QEAAEPEBG@Z
- ?AddNode@CLockList@@UEAAEQEAXE@Z
- ?AddNode@CNoLockList@@UEAAEQEAXE@Z
- ?Alloc@CMemoryAllocator@@UEAAPEAX_KPEBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UEAAPEAX_KPEBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IEAAPEAX_K@Z
- ?AttachJobQueue@CWorkerThread@@QEAAXPEAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QEAAXXZ
- ?CheckNode@CLockList@@UEAAHQEAX@Z
- ?CheckNode@CNoLockList@@UEAAHQEAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QEAAXXZ
- ?Cleanup@CBlobConfig@@AEAAXXZ
- ?Cleanup@CModuleFileExtConfig@@IEAAXXZ
- ?Cleanup@CModuleMultiStringConfig@@IEAAXXZ
- ?Cleanup@CModuleStringConfig@@AEAAXXZ
- ?Close@CFile@@QEAAJXZ
- ?Count@CLockList@@QEAAKXZ
- ?Count@CNoLockList@@QEAAKXZ
- ?Create@CFile@@QEAAJPEBGKKKK@Z
- ?Create@CSystemThread@@QEAAEXZ
- ?CreateInstance@CMemoryAllocator@@SAPEAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SAPEAV1@W4_POOL_TYPE@@_K1K@Z
- ?CreatePool@CWorkerThreadPool@@QEAAEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QEAAEXZ
- ?CreateThreads@CWorkerThreadPool@@QEAAEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QEAAEK@Z
- ?CreateWIRP@CFile@@QEAAJPEBGKKKK@Z
- ?Delete@CFile@@QEAAJXZ
- ?Delete@CFileExtension@@QEAAEPEBGK@Z
- ?Delete@CStrList@@QEAAEPEBG@Z
- ?DeleteAll@CList@@UEAAXXZ
- ?DeleteAll@CLockList@@UEAAXXZ
- ?DeleteAll@CNoLockList@@UEAAXXZ
- ?DeleteNode@CContextList@@MEAAXPEAX@Z
- ?DeleteNode@CList@@UEAAXPEAX@Z
- ?DeleteNode@CModuleConfigList@@MEAAXPEAX@Z
- ?DeleteNode@CStrList@@EEAAXPEAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YAXPEAPEAX@Z
- ?DoIt@CWorkerThreadJob@@QEAAJXZ
- ?EntryPoint@CSystemThread@@KAXPEAX@Z
- ?Find@CContextList@@QEAAPEAVCContext@@K@Z
- ?Find@CContextList@@QEAAPEAVCContext@@PEAX@Z
- ?Find@CFileExtension@@QEAAPEAU_STR_LIST_NODE@CStrList@@PEBGK@Z
- ?Find@CModuleConfigList@@QEAAPEAVCModuleConfig@@K@Z
- ?Find@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FindNode@CContextList@@IEAAPEAXPEAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?FinishIt@CWorkerThreadJob@@QEAAJXZ
- ?First@CList@@UEAAPEAXXZ
- ?First@CLockList@@UEAAPEAXXZ
- ?First@CNoLockList@@UEAAPEAXXZ
- ?Free@CMemoryAllocator@@UEAAXPEAX@Z
- ?Free@CMemoryPoolAllocator@@UEAAXPEAX@Z
- ?GetAttributes@CFile@@QEAAKXZ
- ?GetBasicInfomration@CFile@@IEAAJXZ
- ?GetBlobCofig@CContext@@UEAAJKPEAXPEAK@Z
- ?GetCategory@CContext@@QEAAKXZ
- ?GetData@CBlobConfig@@QEAAHPEAXPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAPEAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QEAAKXZ
- ?GetData@CModuleMultiStringConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleMultiStringConfig@@QEAAPEAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QEAAPEAGXZ
- ?GetData@CStrList@@QEAAEPEAGPEAK@Z
- ?GetDataType@CModuleConfig@@QEAAKXZ
- ?GetEngineContext@CContext@@QEAAPEAXXZ
- ?GetFileExtensionConfig@CContext@@QEAAPEAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetFileSize@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UEAAJKPEAK@Z
- ?GetID@CModuleConfig@@QEAAKXZ
- ?GetJob@CWorkerThreadJobQueue@@QEAAPEAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QEAAKXZ
- ?GetLinkContext@CContext@@QEAAPEAXXZ
- ?GetLogFlag@CDebugLog@@QEAAKXZ
- ?GetLogFlag@CDebugLogEx@@QEAAKXZ
- ?GetModuleId@CModuleConfig@@QEAAKXZ
- ?GetMultiStringConfig@CContext@@QEAAPEAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QEAA_KXZ
- ?GetSize@CBlobConfig@@QEAAKXZ
- ?GetStringConfig@CContext@@QEAAPEAGK@Z
- ?GetStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QEAAKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QEAAKXZ
- ?GetThreadID@CSystemThread@@QEAA_KXZ
- ?GetType@CContext@@QEAAKXZ
- ?GetUserParameter@CContext@@QEAA_KXZ
- ?InitProcMon@CDebugLogEx@@IEAAXXZ
- ?InitializeBlobConfig@CContext@@QEAAHKPEAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeFlagConfig@CContext@@QEAAHKK@Z
- ?InitializeMultiStringConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeStringConfig@CContext@@QEAAHKPEBG@Z
- ?Insert@CList@@UEAAXQEAXE@Z
- ?Insert@CLockList@@UEAAXQEAXE@Z
- ?Insert@CNoLockList@@UEAAXQEAXE@Z
- ?InsertAfter@CList@@UEAAXPEAX0@Z
- ?InsertBefore@CList@@UEAAXPEAX0@Z
- ?Instance@CWorkerThreadPool@@SAPEAV1@XZ
- ?IsEmpty@CList@@UEAAEXZ
- ?IsEmpty@CLockList@@UEAAEXZ
- ?IsEmpty@CNoLockList@@UEAAEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IEAAEK@Z
- ?IsFull@CLockList@@QEBAEXZ
- ?IsFull@CNoLockList@@QEBAEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QEAAEPEBG@Z
- ?IsOpened@CFile@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPool@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QEAAEXZ
- ?IsValid@CMemoryAllocator@@UEAAEXZ
- ?IsValid@CMemoryPoolAllocator@@UEAAEXZ
- ?IsValid@IMemoryAllocator@@UEAAEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QEAAE_K@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QEAAE_K@Z
- ?JobFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?JobQueue@CWorkerThreadPool@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QEAAKXZ
- ?Limit@CNoLockList@@QEAAKXZ
- ?MatchAllExtensions@CFileExtension@@QEAAEXZ
- ?MatchNoExtensions@CFileExtension@@QEAAEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?NeedDelete@CWorkerThreadJob@@QEAAEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QEAAXE@Z
- ?NewNode@CList@@UEAAPEAXXZ
- ?NewNode@CStrList@@EEAAPEAXXZ
- ?NewNodeVariant@CList@@IEAAPEAXK@Z
- ?Next@CList@@UEBAPEAXQEAX@Z
- ?Next@CLockList@@UEBAPEAXQEAX@Z
- ?Next@CNoLockList@@UEBAPEAXQEAX@Z
- ?NextPool@CMemoryPoolAllocator@@QEAAPEAV1@XZ
- ?NotityTerminate@CWorkerThread@@QEAAXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QEAAJP6AXPEAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QEAAJP6AXPEAX@Z0E1@Z
- ?Pulse@CKEvent@@QEAAJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QEAAEPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SAPEAV1@XZ
- ?Read@CFile@@QEAAJPEADKPEAK@Z
- ?ReadWIRP@CFile@@QEAAJPEADKPEAK@Z
- ?ReferenceCount@CContext@@QEAAAEAKXZ
- ?Release@CLockEvent@@QEAAXXZ
- ?Remove@CContextList@@UEAAEQEAX@Z
- ?Remove@CList@@UEAAEQEAX@Z
- ?Remove@CLockList@@UEAAEQEAX@Z
- ?Remove@CNoLockList@@UEAAEQEAX@Z
- ?RemoveHead@CList@@UEAAPEAXXZ
- ?RemoveHead@CLockList@@UEAAPEAXXZ
- ?RemoveHead@CNoLockList@@UEAAPEAXXZ
- ?RemoveTail@CList@@UEAAPEAXXZ
- ?RemoveTail@CLockList@@UEAAPEAXXZ
- ?RemoveTail@CNoLockList@@UEAAPEAXXZ
- ?Reset@CKEvent@@QEAAXXZ
- ?ResetData@CInclusionExtConfig@@QEAAXXZ
- ?ResetData@CInclusionFileNameConfig@@QEAAXXZ
- ?ResetData@CInclusionFilePathConfig@@QEAAXXZ
- ?ResetData@CInclusionFolderConfig@@QEAAXXZ
- ?RestoreCR0@@YAXPEAX@Z
- ?Run@CAutoUpdateConfigThread@@UEAAXXZ
- ?Run@CDelayLoadThread@@UEAAXXZ
- ?Run@CWorkerThread@@UEAAXXZ
- ?SeekToEnd@CFile@@QEAAJXZ
- ?Set@CKEvent@@QEAAJJE@Z
- ?SetAttributes@CFile@@QEAAJK@Z
- ?SetBlobCofig@CContext@@UEAAJKPEAXK@Z
- ?SetData@CBlobConfig@@QEAAHPEAXK@Z
- ?SetData@CModuleFileExtConfig@@QEAAHPEBG@Z
- ?SetData@CModuleFlagConfig@@QEAAHK@Z
- ?SetData@CModuleMultiStringConfig@@QEAAHPEBGK@Z
- ?SetData@CModuleStringConfig@@QEAAHPEBG@Z
- ?SetEngineContext@CContext@@QEAAXPEAX@Z
- ?SetFileExtensionConfig@CContext@@UEAAJKPEBG@Z
- ?SetFlagConfig@CContext@@UEAAJKK@Z
- ?SetLinkContext@CContext@@QEAAXPEAX@Z
- ?SetLogFlag@CDebugLog@@QEAAEK@Z
- ?SetLogFlag@CDebugLogEx@@QEAAEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QEAAXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QEAAXE@Z
- ?SetMultiStringConfig@CContext@@UEAAJKPEBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QEAAXXZ
- ?SetPriority@CSystemThread@@QEAAXK@Z
- ?SetStopUse@CContext@@QEAAXXZ
- ?SetStringConfig@CContext@@UEAAJKPEBG@Z
- ?Setup@CSystemThread@@MEAAXXZ
- ?StopUse@CContext@@QEAAHXZ
- ?TearDown@CSystemThread@@MEAAXXZ
- ?Terminate@CSystemThread@@QEAAXE@Z
- ?Terminate@CWorkerThreadPool@@QEAAEXZ
- ?Terminate@CWorkerThreadPoolEx@@QEAAEXZ
- ?TmExceptionFilter@@YAJPEAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QEAAJPEAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QEAAXXZ
- ?WaitForInit@CDelayLoadThread@@QEAAEXZ
- ?WaitForLoad@CDelayLoadThread@@QEAAEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QEAAEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QEAAXXZ
- ?Write@CDebugLog@@QEAAXPEBDZZ
- ?Write@CDebugLogEx@@QEAAXPEBDZZ
- ?Write@CFile@@QEAAJPEADKPEAT_LARGE_INTEGER@@PEAK@Z
- ?WriteDataToFile@CDebugLogEx@@IEAAXPEADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IEAAXPEAD@Z
- ?WriteSystemInformation@CDebugLog@@QEAAXXZ
- ?WriteSystemInformation@CDebugLogEx@@QEAAXXZ
- ?WriteSystemStringInformation@CDebugLog@@IEAAXPEBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IEAAXPEBG@Z
- ?WriteToFile@CDebugLog@@IEAAXPEADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IEAAXPEAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?_pPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?m_lpInstance@CWorkerThreadPool@@1PEAV1@EA
- ?m_lpRCMInstance@CWorkerThreadPool@@1PEAV1@EA
- AllocFullFileName
- DeInitKm2UmCommunication
- DeInitKmLPC
- DuplicateFullFileName
- FreeFullFileName
- GetKm2UmMode
- GetModuleInfoByAddress
- GetModuleInfoByModuleName
- InitKm2UmCommunication
- InitKmLPC
- IsVerifierCodeCheckFlagOn
- IsWindows8_1_update
- KmCallUm
- KmCallUmByLPC
- KmCallUmEx
- KmCleanupCommPortAPIs
- KmGetUmInitProcess
- KmSetBackupCommPortAPIs
- KmSetCommPortAPIs
- ModGetExportProcAddress
- ModLoadDLLToBuffer
- ModLoadDLLToBufferWithImageSize
- ModLoadModule
- ModUnLoadModule
- NormalizeFileName
- NormalizeFullNtPathToDosName
- TmCommConfigRoutine
- UtilAddDeviceInDriveTable
- UtilAddReparsePointMapping
- UtilCleanFileReadOnly
- UtilCloseExclusiveHandle
- UtilCreateDosFileName
- UtilDeleteFileForce
- UtilGetDeviceObjectName
- UtilGetFileNameFromFileObject
- UtilGetFileObjectForProcessByEPROC
- UtilGetFileObjectFromFileName
- UtilGetProcessName
- UtilGetSystemDirectory
- UtilGetSystemDirectoryEx
- UtilGetSystemDirectoryLength
- UtilGetSystemTime
- UtilIoSetFileInfo
- UtilIopCreateFileIRP
- UtilKeGetLowFileDevice
- UtilModuleIATHook
- UtilModuleIATUnHook
- UtilPostJobToWorkerThread
- UtilQueryExclusiveHandle
- UtilQueryKeyValue
- UtilRemoveDeviceFromDriveTable
- UtilVolumeDeviceToDosName
- UtilWaitValueChangeToZero
- UtilWriteVersionToRegistry
- UtilbuildDynamicDiskMappingTable
- UtlWriteBinValueKeyToRegistry
- ValidateAddressWithSize
- _ResetProtectFromClose
- _UtilDosPathNameToNtPathName
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 61204db4000000000027
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 8e3ffc222fbcebdbb8b23115ab259be7 |
| ToBeSigned (TBS) SHA1 | ee20bff28ffe13be731c294c90d6ded5aae0ec0e |
| ToBeSigned (TBS) SHA256 | 59826b69bc8c28118c96323b627da59aaca0b142cc5d8bad25a8fcfd399aa821 |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA |
| ValidFrom | 2011-04-15 19:45:33 |
| ValidTo | 2021-04-15 19:55:33 |
| Signature | 208cc159ed6f9c6b2dc14a3e751d454c41501cbd80ead9b0928b062a133f53169e56396a8a63b6782479f57db8b947a10a96c2f6cbbda2669f06e1acd279090efd3cdcac020c70af3f1bec787ed4eb4b056026d973619121edb06863e09712ab6fa012edd99fd2da273cb3e456f9d1d4810f71bd427ca689dccdd5bd95a2abf193117de8ac3129a85d6670419dfc75c9d5b31a392ad08505508bac91cac493cb71a59da4946f580cfa6e20c40831b5859d7e81f9d23dca5b18856c0a86ec22091ba574344f7f28bc954aab1db698b05d09a477767eefa78e5d84f61824cbd16da6c3a19cc2107580ff9d32fde6cf433a82f7ce8fe1722a9b62b75fed951a395c2f946d48b7015f332fbbdc2d73348904420a1c8b79f9a3fa17effaa11a10dfe0b2c195eb5c0c05973b353e18884ddb6cbf24898dc8bdd89f7b393a24a0d5dfd1f34a1a97f6a66f7a1fb090a9b3ac013991d361b764f13e573803afce7ad2b590f5aedc3999d5b63c97eda6cb16c77d6b2a4c9094e64c54fd1ecd20ecce689c8758e96160beeb0ec9d5197d9fe978bd0eac2175078fa96ee08c6a2a6b9ce3e765bcbc2d3c6ddc04dc67453632af0481bca8006e614c95c55cd48e8e9f2fc13274bdbd11650307cdefb75e0257da86d41a2834af8849b2cfa5dd82566f68aa14e25954feffeaeeefea9270226081e32523c09fcc0f49b235aa58c33ac3d9169410 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 61204db4000000000027 |
| Version | 3 |
Certificate 0f6146af9397c7fa04b13c2d0279a1ba
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | df4ab4b67a0e9b1f9ec4a1ad9ea6052a |
| ToBeSigned (TBS) SHA1 | dc1d0c4be3072afed8b0739a21b87b14292815e0 |
| ToBeSigned (TBS) SHA256 | 9c8450b3fa641a421a545e7e4fa7e1bcb657db4796bef147312c44b7a1b5ffe0 |
| Subject | ??=TW, ??=Private Organization, serialNumber=23310837, C=TW, ST=Taipei City, L=Daan District, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2020-08-07 00:00:00 |
| ValidTo | 2021-04-15 12:00:00 |
| Signature | 578aa329d98f23e576b6937a3146ca65f1ec8da04b5ec5f4c499436cfe710be5660f7c864950d9276a6dfdd2341048e6fe4f51044e7fce164f3b9203035bc3d311991685fbce0d90a4c7b2b511d0d3ba37b3558eae76db3ab30f4a2ef102faad1820e26b5fcbc216b368980655de80fe7177f9f1a80c75e4a0a21451a59c86986e5348318da4d295e8d02520fa674ce89756903b25521b5ad358f8328c5591a9702494cc24e340418dbcf08ef06214a8e90c4836dc6f8465fd59385bd56407d83bfc8a633e8125c523ff23dd8c669169848668d5aefe059ee5091e1776ec4686efd0d6ccee0e0bea5922ee41fb36e63d5704633f85115f9584926bdb708a9edb |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0f6146af9397c7fa04b13c2d0279a1ba |
| Version | 3 |
Certificate 03019a023aff58b16bd6d5eae617f066
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | a752afee44f017e8d74e3f3eb7914ae3 |
| ToBeSigned (TBS) SHA1 | 8eca80a6b80e9c69dcef7745748524afb8019e2d |
| ToBeSigned (TBS) SHA256 | 82560fa7efec30b5ff82af643e6f3bf3d46868bbd5e7d76f93db185e9e3553a1 |
| Subject | C=US, O=DigiCert, CN=DigiCert Timestamp Responder |
| ValidFrom | 2014-10-22 00:00:00 |
| ValidTo | 2024-10-22 00:00:00 |
| Signature | 9d257e1b334db226815c9b86ce23200f8087e588ffffb1d46a2c31ed3a17197117cda91bbc5a1639009de36c84e45a40fbde06018c37fa9bb19d247efe20a457ad5bb79ab06026ea6957215d342f1f71b0839419056b359010a07b97c7f63fe7e21141a6bd62d9f0273d381d286f3a5209f0ec7062d3624bb0e073a692c0d38e31d82fe36d171306eee403b614abf38f43a7719d21dd14ca155d9241daf90f81d199740d26c40e7f1bb5f5a0f1c677062815e9d893e55516f0bb0aab1cdb5c482766c8a38b0a1ce595daaec42e59a061dddaf36da261e98a0b6dec1218bdf755544003922b6bc251c20a48afb0d46ee0f4140a3a1be38f3dcaaf6a8d7bdcd844 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 03019a023aff58b16bd6d5eae617f066 |
| Version | 3 |
Certificate 0dd0e3374ac95bdbfa6b434b2a48ec06
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | f92649915476229b093c211c2b18e6c4 |
| ToBeSigned (TBS) SHA1 | 2d54c16a8f8b69ccdea48d0603c132f547a5cf75 |
| ToBeSigned (TBS) SHA256 | 2cd702a7dec30aa441345672e8992ef9770ce4946f276d767b45b0ed627658fb |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert EV Code Signing CA |
| ValidFrom | 2012-04-18 12:00:00 |
| ValidTo | 2027-04-18 12:00:00 |
| Signature | 9e5b963a2e1288acab016da49f75e40187a3a532d7bcbaa97ea3d61417f7c2136b7c738f2b6ae50f265968b08e259b6ceffa6c939208c14dcf459e9c46d61e74a19b14a3fa012f4ab101e1724048111368b9369d914bd7c2391210c1c4dcbb6214142a615d4f387c661fc61bffadbe4f7f945b7343000f4d73b751cf0ef677c05bcd348cd96313aa0e6111d6f28e27fcb47bb8b91120918678ea0ed428ff2ad52438e837b2ec96bb9fbc4a1650e15ebf517d23a032c7c1949e7ac9c026a2cc2587a0127e749f2d8db1c8e784beb9d1e9debb6a4e887371e12238cb2487e9737e51b2ff98eb4e7e2fe0ca0efab35ed1ba0542a8489f83f63fc4caa8df68a05061 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 0dd0e3374ac95bdbfa6b434b2a48ec06 |
| Version | 3 |
Certificate 06fdf9039603adea000aeb3f27bbba1b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 4e5ad189638cf52ba9cd881d4d44668c |
| ToBeSigned (TBS) SHA1 | cdc115e98d798b33904c820d63cc1e1afc19251d |
| ToBeSigned (TBS) SHA256 | 37560fb9d548ab62cc3ed4669a4ab74828b5a108e67e829937ffb2d10a5f78dd |
| Subject | C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID CA,1 |
| ValidFrom | 2006-11-10 00:00:00 |
| ValidTo | 2021-11-10 00:00:00 |
| Signature | 46503ec9b72824a7381db65b29af52cf52e93147ab565c7bd50d0b41b3efec751f7438f2b25c61a29c95c350e482b923d1ba3a8672ad3878ac755d1717347247859456d1ebbb368477cc24a5f3041955a9e7e3e7ab62cdfb8b2d90c2c0d2b594bd5e4fb105d20e3d1aa9145ba6863162a8a833e49b39a7c4f5ce1d7876942573e42aabcf9c764bed5fc24b16e44b704c00891efcc579bc4c1257fe5fe11ebc025da8fefb07384f0dc65d91b90f6745cdd683ede7920d8db1698c4ffb59e0230fd2aaae007cee9c420ecf91d727b716ee0fc3bd7c0aa0ee2c08558522b8eb181a4dfc2a21ad49318347957771dcb11b4b4b1c109c7714c19d4f2f5a9508291026 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 06fdf9039603adea000aeb3f27bbba1b |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- KeLeaveCriticalRegion
- wcsncpy
- KeEnterCriticalRegion
- ExAcquireFastMutexUnsafe
- wcsrchr
- ExAcquireResourceSharedLite
- ExReleaseResourceLite
- _purecall
- ZwOpenEvent
- ZwConnectPort
- KeClearEvent
- PsProcessType
- ExFreePoolWithTag
- RtlInitUnicodeString
- KeSetEvent
- ProbeForWrite
- KeUnstackDetachProcess
- ZwRequestWaitReplyPort
- ZwWaitForSingleObject
- DbgBreakPoint
- ZwSetEvent
- IoGetCurrentProcess
- ZwFreeVirtualMemory
- ZwClose
- ObfReferenceObject
- ObfDereferenceObject
- RtlUnicodeStringToInteger
- ZwCreateSection
- ObOpenObjectByPointer
- KeStackAttachProcess
- KePulseEvent
- ZwAllocateVirtualMemory
- ObGetObjectSecurity
- SeAccessCheck
- SeReleaseSubjectContext
- SeCaptureSubjectContext
- PsThreadType
- ObReleaseObjectSecurity
- PsGetProcessExitTime
- MmSectionObjectType
- DbgPrint
- ExDeleteResourceLite
- ExInitializeResourceLite
- ZwReadFile
- swprintf
- ZwSetInformationFile
- ZwCreateFile
- ZwQueryInformationFile
- ZwWriteFile
- _wcsnicmp
- towupper
- ExAllocatePoolWithTag
- KeInitializeEvent
- ZwCreateEvent
- ZwCreateKey
- RtlAnsiStringToUnicodeString
- ZwNotifyChangeKey
- RtlInitAnsiString
- _snprintf
- RtlFreeUnicodeString
- ExSystemTimeToLocalTime
- _vsnprintf
- ObReferenceObjectByHandle
- RtlTimeToTimeFields
- ZwDeviceIoControlFile
- PsGetCurrentThreadId
- PsGetCurrentProcessId
- KeWaitForMultipleObjects
- ExGetPreviousMode
- RtlEqualUnicodeString
- RtlPrefixUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- KeWaitForSingleObject
- KeSetPriorityThread
- PsCreateSystemThread
- PsTerminateSystemThread
- MmIsAddressValid
- KeDelayExecutionThread
- KeNumberProcessors
- PsLookupProcessByProcessId
- PsSetCreateProcessNotifyRoutine
- ZwOpenDirectoryObject
- ZwQueryInformationProcess
- ZwQuerySecurityObject
- NtSetInformationFile
- ZwDeleteValueKey
- ZwSetValueKey
- ZwQuerySystemInformation
- NtQueryInformationFile
- IoFileObjectType
- ZwQueryValueKey
- ZwQueryDirectoryFile
- NtCreateFile
- ZwEnumerateValueKey
- RtlLengthSecurityDescriptor
- ZwQueryDirectoryObject
- ZwSetSecurityObject
- ZwDuplicateObject
- ZwOpenProcess
- ExReleaseFastMutexUnsafe
- ZwDeleteKey
- ZwEnumerateKey
- ZwQueryKey
- ZwOpenKey
- MmSystemRangeStart
- _stricmp
- _strnicmp
- mbstowcs
- ProbeForRead
- RtlUpcaseUnicodeString
- _snwprintf
- ZwQuerySymbolicLinkObject
- ZwMapViewOfSection
- MmGetSystemRoutineAddress
- RtlAppendUnicodeToString
- IoCreateFile
- RtlQueryRegistryValues
- MmBuildMdlForNonPagedPool
- ZwOpenSymbolicLinkObject
- IoFreeMdl
- ObQueryNameString
- ZwUnmapViewOfSection
- NtClose
- IoFreeIrp
- PsGetVersion
- IoAllocateIrp
- RtlCompareMemory
- MmUnlockPages
- ZwSetInformationObject
- ZwOpenFile
- wcsncmp
- RtlImageNtHeader
- IoAllocateMdl
- IofCallDriver
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- RtlSubAuthoritySid
- RtlLengthRequiredSid
- ExReleaseFastMutex
- ExAcquireFastMutex
- RtlCreateAcl
- RtlSetDaclSecurityDescriptor
- RtlAddAccessAllowedAce
- KeInitializeSemaphore
- KeReleaseSemaphore
- RtlInitializeSid
- RtlCreateSecurityDescriptor
- IoDeleteSymbolicLink
- IoDeleteDevice
- IoGetDeviceObjectPointer
- ExEventObjectType
- IofCompleteRequest
- IoCreateSymbolicLink
- ObOpenObjectByName
- NtQueryInformationProcess
- strncpy
- NtOpenProcess
- ObInsertObject
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- KeAcquireQueuedSpinLock
- KeReleaseQueuedSpinLock
- IoReleaseVpbSpinLock
- wcschr
- IoGetConfigurationInformation
- IoRegisterPlugPlayNotification
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- KeReleaseSpinLock
- ExpInterlockedPopEntrySList
- FsRtlIsNameInExpression
- wcsstr
- ExAllocatePool
- IoUnregisterPlugPlayNotification
- MmProbeAndLockPages
- RtlCompareUnicodeString
- IoGetDeviceInterfaces
- KeAcquireSpinLockRaiseToDpc
- KeBugCheckEx
- IoCreateDevice
- IoDeviceObjectType
- SeCaptureSecurityDescriptor
- RtlAbsoluteToSelfRelativeSD
- IoIsWdmVersionAvailable
- SeExports
- RtlLengthSid
- RtlGetSaclSecurityDescriptor
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- ZwTerminateProcess
- ExAcquireResourceExclusiveLite
- __C_specific_handler
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QEAA@AEBV0@@Z
- ??0CAutoUpdateConfigThread@@QEAA@PEAU_UNICODE_STRING@@P6AX0PEAX@Z1@Z
- ??0CBlobConfig@@QEAA@AEBV0@@Z
- ??0CBlobConfig@@QEAA@K@Z
- ??0CContext@@QEAA@AEBV0@@Z
- ??0CContext@@QEAA@KP6AJPEAU_EVENT_REPORT@@PEAXPEAU_TMCE_REPORT@@PEAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QEAA@AEBV0@@Z
- ??0CContextList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QEAA@AEBV0@@Z
- ??0CDebugLog@@QEAA@PEBG@Z
- ??0CDebugLogEx@@QEAA@AEBV0@@Z
- ??0CDebugLogEx@@QEAA@K@Z
- ??0CDelayLoadThread@@QEAA@AEBV0@@Z
- ??0CDelayLoadThread@@QEAA@XZ
- ??0CExclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CExclusionExtConfig@@QEAA@KKE@Z
- ??0CExclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFileNameConfig@@QEAA@KK@Z
- ??0CExclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFilePathConfig@@QEAA@KK@Z
- ??0CExclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFolderConfig@@QEAA@KK@Z
- ??0CExclusionRegistryConfig@@QEAA@AEBV0@@Z
- ??0CExclusionRegistryConfig@@QEAA@KK@Z
- ??0CFile@@QEAA@AEBV0@@Z
- ??0CFile@@QEAA@E@Z
- ??0CFileExtension@@QEAA@AEBV0@@Z
- ??0CFileExtension@@QEAA@KEEPEAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CInclusionExtConfig@@QEAA@KKE@Z
- ??0CInclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFileNameConfig@@QEAA@KK@Z
- ??0CInclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFilePathConfig@@QEAA@KK@Z
- ??0CInclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFolderConfig@@QEAA@KK@Z
- ??0CKEvent@@QEAA@AEBV0@@Z
- ??0CKEvent@@QEAA@W4_EVENT_TYPE@@E@Z
- ??0CList@@QEAA@AEBV0@@Z
- ??0CList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QEAA@AEBV0@@Z
- ??0CLockEvent@@QEAA@XZ
- ??0CLockList@@QEAA@AEBV0@@Z
- ??0CLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IEAA@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QEAA@AEBV0@@Z
- ??0CMemoryPoolAllocator@@IEAA@W4_POOL_TYPE@@_K1K@Z
- ??0CMemoryPoolAllocator@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@XZ
- ??0CModuleConfigList@@QEAA@AEBV0@@Z
- ??0CModuleConfigList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QEAA@AEBV0@@Z
- ??0CModuleFileExtConfig@@QEAA@KKE@Z
- ??0CModuleFlagConfig@@QEAA@AEBV0@@Z
- ??0CModuleFlagConfig@@QEAA@K@Z
- ??0CModuleMultiStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleMultiStringConfig@@QEAA@KK@Z
- ??0CModuleStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleStringConfig@@QEAA@K@Z
- ??0CNoLockList@@QEAA@AEBV0@@Z
- ??0CNoLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QEAA@AEAVCLockEvent@@@Z
- ??0CSmartLock@@QEAA@XZ
- ??0CSmartReference@@QEAA@AEAJ@Z
- ??0CSmartReference@@QEAA@AEAK@Z
- ??0CSmartResource@@QEAA@AEAVCResource@@E@Z
- ??0CStrList@@QEAA@AEBV0@@Z
- ??0CStrList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QEAA@AEBV0@@Z
- ??0CSystemThread@@QEAA@K@Z
- ??0CUserFuncAdapterJob@@QEAA@AEBV0@@Z
- ??0CUserFuncAdapterJob@@QEAA@P6AXPEAX@Z01@Z
- ??0CWorkerThread@@IEAA@PEAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@E@Z
- ??0CWorkerThreadJobQueue@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJobQueue@@QEAA@K@Z
- ??0CWorkerThreadPool@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPool@@QEAA@K@Z
- ??0CWorkerThreadPoolEx@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPoolEx@@QEAA@KK@Z
- ??0IMemoryAllocator@@QEAA@AEBV0@@Z
- ??0IMemoryAllocator@@QEAA@XZ
- ??1CAutoUpdateConfigThread@@UEAA@XZ
- ??1CBlobConfig@@UEAA@XZ
- ??1CContext@@UEAA@XZ
- ??1CContextList@@UEAA@XZ
- ??1CDebugLog@@UEAA@XZ
- ??1CDebugLogEx@@UEAA@XZ
- ??1CDelayLoadThread@@UEAA@XZ
- ??1CExclusionExtConfig@@UEAA@XZ
- ??1CExclusionFileNameConfig@@UEAA@XZ
- ??1CExclusionFilePathConfig@@UEAA@XZ
- ??1CExclusionFolderConfig@@UEAA@XZ
- ??1CExclusionRegistryConfig@@UEAA@XZ
- ??1CFile@@UEAA@XZ
- ??1CFileExtension@@UEAA@XZ
- ??1CInclusionExtConfig@@UEAA@XZ
- ??1CInclusionFileNameConfig@@UEAA@XZ
- ??1CInclusionFilePathConfig@@UEAA@XZ
- ??1CInclusionFolderConfig@@UEAA@XZ
- ??1CKEvent@@UEAA@XZ
- ??1CList@@UEAA@XZ
- ??1CLockEvent@@UEAA@XZ
- ??1CLockList@@UEAA@XZ
- ??1CMemoryAllocator@@UEAA@XZ
- ??1CMemoryPoolAllocator@@UEAA@XZ
- ??1CModuleConfig@@UEAA@XZ
- ??1CModuleConfigList@@UEAA@XZ
- ??1CModuleFileExtConfig@@UEAA@XZ
- ??1CModuleFlagConfig@@UEAA@XZ
- ??1CModuleMultiStringConfig@@UEAA@XZ
- ??1CModuleStringConfig@@UEAA@XZ
- ??1CNoLockList@@UEAA@XZ
- ??1CSmartLock@@QEAA@XZ
- ??1CSmartReference@@QEAA@XZ
- ??1CSmartResource@@QEAA@XZ
- ??1CStrList@@UEAA@XZ
- ??1CSystemThread@@UEAA@XZ
- ??1CUserFuncAdapterJob@@UEAA@XZ
- ??1CWorkerThread@@UEAA@XZ
- ??1CWorkerThreadJob@@UEAA@XZ
- ??1CWorkerThreadJobQueue@@UEAA@XZ
- ??1CWorkerThreadPool@@UEAA@XZ
- ??1CWorkerThreadPoolEx@@UEAA@XZ
- ??1IMemoryAllocator@@UEAA@XZ
- ??2@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??2CMemoryAllocator@@SAPEAX_K@Z
- ??2CMemoryPoolAllocator@@SAPEAX_K@Z
- ??3@YAXPEAX@Z
- ??3IMemoryAllocator@@SAXPEAX@Z
- ??4CAutoUpdateConfigThread@@QEAAAEAV0@AEBV0@@Z
- ??4CBlobConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CContext@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLog@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLogEx@@QEAAAEAV0@AEBV0@@Z
- ??4CDelayLoadThread@@QEAAAEAV0@AEBV0@@Z
- ??4CFile@@QEAAAEAV0@AEBV0@@Z
- ??4CKEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CLockEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryPoolAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleFlagConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleStringConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEBV0@AEAVCLockEvent@@@Z
- ??4CSmartResource@@QEAAAEAV0@AEBV0@@Z
- ??4CSystemThread@@QEAAAEAV0@AEBV0@@Z
- ??4CUserFuncAdapterJob@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThread@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThreadJob@@QEAAAEAV0@AEBV0@@Z
- ??4IMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QEAAXXZ
- ??_FCFile@@QEAAXXZ
- ??_FCFileExtension@@QEAAXXZ
- ??_FCModuleConfigList@@QEAAXXZ
- ??_FCStrList@@QEAAXXZ
- ??_FCSystemThread@@QEAAXXZ
- ??_FCWorkerThread@@QEAAXXZ
- ??_FCWorkerThreadJob@@QEAAXXZ
- ??_FCWorkerThreadJobQueue@@QEAAXXZ
- ??_U@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??_V@YAXPEAX@Z
- ?Acquire@CLockEvent@@QEAAXXZ
- ?Add@CContextList@@QEAAEPEAVCContext@@@Z
- ?Add@CFileExtension@@QEAAEPEBGK@Z
- ?Add@CModuleConfigList@@QEAAEPEAVCModuleConfig@@@Z
- ?Add@CStrList@@QEAAEPEBG@Z
- ?AddNode@CLockList@@UEAAEQEAXE@Z
- ?AddNode@CNoLockList@@UEAAEQEAXE@Z
- ?Alloc@CMemoryAllocator@@UEAAPEAX_KPEBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UEAAPEAX_KPEBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IEAAPEAX_K@Z
- ?AttachJobQueue@CWorkerThread@@QEAAXPEAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QEAAXXZ
- ?CheckNode@CLockList@@UEAAHQEAX@Z
- ?CheckNode@CNoLockList@@UEAAHQEAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QEAAXXZ
- ?Cleanup@CBlobConfig@@AEAAXXZ
- ?Cleanup@CModuleFileExtConfig@@IEAAXXZ
- ?Cleanup@CModuleMultiStringConfig@@IEAAXXZ
- ?Cleanup@CModuleStringConfig@@AEAAXXZ
- ?Close@CFile@@QEAAJXZ
- ?Count@CLockList@@QEAAKXZ
- ?Count@CNoLockList@@QEAAKXZ
- ?Create@CFile@@QEAAJPEBGKKKK@Z
- ?Create@CSystemThread@@QEAAEXZ
- ?CreateInstance@CMemoryAllocator@@SAPEAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SAPEAV1@W4_POOL_TYPE@@_K1K@Z
- ?CreatePool@CWorkerThreadPool@@QEAAEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QEAAEXZ
- ?CreateThreads@CWorkerThreadPool@@QEAAEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QEAAEK@Z
- ?CreateWIRP@CFile@@QEAAJPEBGKKKK@Z
- ?Delete@CFile@@QEAAJXZ
- ?Delete@CFileExtension@@QEAAEPEBGK@Z
- ?Delete@CStrList@@QEAAEPEBG@Z
- ?DeleteAll@CList@@UEAAXXZ
- ?DeleteAll@CLockList@@UEAAXXZ
- ?DeleteAll@CNoLockList@@UEAAXXZ
- ?DeleteNode@CContextList@@MEAAXPEAX@Z
- ?DeleteNode@CList@@UEAAXPEAX@Z
- ?DeleteNode@CModuleConfigList@@MEAAXPEAX@Z
- ?DeleteNode@CStrList@@EEAAXPEAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YAXPEAPEAX@Z
- ?DoIt@CWorkerThreadJob@@QEAAJXZ
- ?EntryPoint@CSystemThread@@KAXPEAX@Z
- ?Find@CContextList@@QEAAPEAVCContext@@K@Z
- ?Find@CContextList@@QEAAPEAVCContext@@PEAX@Z
- ?Find@CFileExtension@@QEAAPEAU_STR_LIST_NODE@CStrList@@PEBGK@Z
- ?Find@CModuleConfigList@@QEAAPEAVCModuleConfig@@K@Z
- ?Find@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FindNode@CContextList@@IEAAPEAXPEAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?FinishIt@CWorkerThreadJob@@QEAAJXZ
- ?First@CList@@UEAAPEAXXZ
- ?First@CLockList@@UEAAPEAXXZ
- ?First@CNoLockList@@UEAAPEAXXZ
- ?Free@CMemoryAllocator@@UEAAXPEAX@Z
- ?Free@CMemoryPoolAllocator@@UEAAXPEAX@Z
- ?GetAttributes@CFile@@QEAAKXZ
- ?GetBasicInfomration@CFile@@IEAAJXZ
- ?GetBlobCofig@CContext@@UEAAJKPEAXPEAK@Z
- ?GetCategory@CContext@@QEAAKXZ
- ?GetData@CBlobConfig@@QEAAHPEAXPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAPEAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QEAAKXZ
- ?GetData@CModuleMultiStringConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleMultiStringConfig@@QEAAPEAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QEAAPEAGXZ
- ?GetData@CStrList@@QEAAEPEAGPEAK@Z
- ?GetDataType@CModuleConfig@@QEAAKXZ
- ?GetEngineContext@CContext@@QEAAPEAXXZ
- ?GetFileExtensionConfig@CContext@@QEAAPEAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetFileSize@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UEAAJKPEAK@Z
- ?GetID@CModuleConfig@@QEAAKXZ
- ?GetJob@CWorkerThreadJobQueue@@QEAAPEAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QEAAKXZ
- ?GetLinkContext@CContext@@QEAAPEAXXZ
- ?GetLogFlag@CDebugLog@@QEAAKXZ
- ?GetLogFlag@CDebugLogEx@@QEAAKXZ
- ?GetModuleId@CModuleConfig@@QEAAKXZ
- ?GetMultiStringConfig@CContext@@QEAAPEAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QEAA_KXZ
- ?GetSize@CBlobConfig@@QEAAKXZ
- ?GetStringConfig@CContext@@QEAAPEAGK@Z
- ?GetStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QEAAKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QEAAKXZ
- ?GetThreadID@CSystemThread@@QEAA_KXZ
- ?GetType@CContext@@QEAAKXZ
- ?GetUserParameter@CContext@@QEAA_KXZ
- ?InitProcMon@CDebugLogEx@@IEAAXXZ
- ?InitializeBlobConfig@CContext@@QEAAHKPEAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeFlagConfig@CContext@@QEAAHKK@Z
- ?InitializeMultiStringConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeStringConfig@CContext@@QEAAHKPEBG@Z
- ?Insert@CList@@UEAAXQEAXE@Z
- ?Insert@CLockList@@UEAAXQEAXE@Z
- ?Insert@CNoLockList@@UEAAXQEAXE@Z
- ?InsertAfter@CList@@UEAAXPEAX0@Z
- ?InsertBefore@CList@@UEAAXPEAX0@Z
- ?Instance@CWorkerThreadPool@@SAPEAV1@XZ
- ?IsEmpty@CList@@UEAAEXZ
- ?IsEmpty@CLockList@@UEAAEXZ
- ?IsEmpty@CNoLockList@@UEAAEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IEAAEK@Z
- ?IsFull@CLockList@@QEBAEXZ
- ?IsFull@CNoLockList@@QEBAEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QEAAEPEBG@Z
- ?IsOpened@CFile@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPool@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QEAAEXZ
- ?IsValid@CMemoryAllocator@@UEAAEXZ
- ?IsValid@CMemoryPoolAllocator@@UEAAEXZ
- ?IsValid@IMemoryAllocator@@UEAAEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QEAAE_K@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QEAAE_K@Z
- ?JobFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?JobQueue@CWorkerThreadPool@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QEAAKXZ
- ?Limit@CNoLockList@@QEAAKXZ
- ?MatchAllExtensions@CFileExtension@@QEAAEXZ
- ?MatchNoExtensions@CFileExtension@@QEAAEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?NeedDelete@CWorkerThreadJob@@QEAAEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QEAAXE@Z
- ?NewNode@CList@@UEAAPEAXXZ
- ?NewNode@CStrList@@EEAAPEAXXZ
- ?NewNodeVariant@CList@@IEAAPEAXK@Z
- ?Next@CList@@UEBAPEAXQEAX@Z
- ?Next@CLockList@@UEBAPEAXQEAX@Z
- ?Next@CNoLockList@@UEBAPEAXQEAX@Z
- ?NextPool@CMemoryPoolAllocator@@QEAAPEAV1@XZ
- ?NotityTerminate@CWorkerThread@@QEAAXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QEAAJP6AXPEAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QEAAJP6AXPEAX@Z0E1@Z
- ?Pulse@CKEvent@@QEAAJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QEAAEPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SAPEAV1@XZ
- ?Read@CFile@@QEAAJPEADKPEAK@Z
- ?ReadWIRP@CFile@@QEAAJPEADKPEAK@Z
- ?ReferenceCount@CContext@@QEAAAEAKXZ
- ?Release@CLockEvent@@QEAAXXZ
- ?Remove@CContextList@@UEAAEQEAX@Z
- ?Remove@CList@@UEAAEQEAX@Z
- ?Remove@CLockList@@UEAAEQEAX@Z
- ?Remove@CNoLockList@@UEAAEQEAX@Z
- ?RemoveHead@CList@@UEAAPEAXXZ
- ?RemoveHead@CLockList@@UEAAPEAXXZ
- ?RemoveHead@CNoLockList@@UEAAPEAXXZ
- ?RemoveTail@CList@@UEAAPEAXXZ
- ?RemoveTail@CLockList@@UEAAPEAXXZ
- ?RemoveTail@CNoLockList@@UEAAPEAXXZ
- ?Reset@CKEvent@@QEAAXXZ
- ?ResetData@CInclusionExtConfig@@QEAAXXZ
- ?ResetData@CInclusionFileNameConfig@@QEAAXXZ
- ?ResetData@CInclusionFilePathConfig@@QEAAXXZ
- ?ResetData@CInclusionFolderConfig@@QEAAXXZ
- ?RestoreCR0@@YAXPEAX@Z
- ?Run@CAutoUpdateConfigThread@@UEAAXXZ
- ?Run@CDelayLoadThread@@UEAAXXZ
- ?Run@CWorkerThread@@UEAAXXZ
- ?SeekToEnd@CFile@@QEAAJXZ
- ?Set@CKEvent@@QEAAJJE@Z
- ?SetAttributes@CFile@@QEAAJK@Z
- ?SetBlobCofig@CContext@@UEAAJKPEAXK@Z
- ?SetData@CBlobConfig@@QEAAHPEAXK@Z
- ?SetData@CModuleFileExtConfig@@QEAAHPEBG@Z
- ?SetData@CModuleFlagConfig@@QEAAHK@Z
- ?SetData@CModuleMultiStringConfig@@QEAAHPEBGK@Z
- ?SetData@CModuleStringConfig@@QEAAHPEBG@Z
- ?SetEngineContext@CContext@@QEAAXPEAX@Z
- ?SetFileExtensionConfig@CContext@@UEAAJKPEBG@Z
- ?SetFlagConfig@CContext@@UEAAJKK@Z
- ?SetLinkContext@CContext@@QEAAXPEAX@Z
- ?SetLogFlag@CDebugLog@@QEAAEK@Z
- ?SetLogFlag@CDebugLogEx@@QEAAEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QEAAXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QEAAXE@Z
- ?SetMultiStringConfig@CContext@@UEAAJKPEBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QEAAXXZ
- ?SetPriority@CSystemThread@@QEAAXK@Z
- ?SetStopUse@CContext@@QEAAXXZ
- ?SetStringConfig@CContext@@UEAAJKPEBG@Z
- ?Setup@CSystemThread@@MEAAXXZ
- ?StopUse@CContext@@QEAAHXZ
- ?TearDown@CSystemThread@@MEAAXXZ
- ?Terminate@CSystemThread@@QEAAXE@Z
- ?Terminate@CWorkerThreadPool@@QEAAEXZ
- ?Terminate@CWorkerThreadPoolEx@@QEAAEXZ
- ?TmExceptionFilter@@YAJPEAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QEAAJPEAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QEAAXXZ
- ?WaitForInit@CDelayLoadThread@@QEAAEXZ
- ?WaitForLoad@CDelayLoadThread@@QEAAEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QEAAEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QEAAXXZ
- ?Write@CDebugLog@@QEAAXPEBDZZ
- ?Write@CDebugLogEx@@QEAAXPEBDZZ
- ?Write@CFile@@QEAAJPEADKPEAT_LARGE_INTEGER@@PEAK@Z
- ?WriteDataToFile@CDebugLogEx@@IEAAXPEADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IEAAXPEAD@Z
- ?WriteSystemInformation@CDebugLog@@QEAAXXZ
- ?WriteSystemInformation@CDebugLogEx@@QEAAXXZ
- ?WriteSystemStringInformation@CDebugLog@@IEAAXPEBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IEAAXPEBG@Z
- ?WriteToFile@CDebugLog@@IEAAXPEADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IEAAXPEAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?_pPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?m_lpInstance@CWorkerThreadPool@@1PEAV1@EA
- ?m_lpRCMInstance@CWorkerThreadPool@@1PEAV1@EA
- DeInitKm2UmCommunication
- DeInitKmLPC
- DuplicateFullFileName
- FreeFullFileName
- GetFileVersionOfNtoskrnl
- GetKm2UmMode
- GetModuleInfoByAddress
- GetModuleInfoByModuleName
- InitKm2UmCommunication
- InitKmLPC
- IsWindows8_1_update
- KmCallUm
- KmCallUmByLPC
- KmCallUmEx
- KmCleanupCommPortAPIs
- KmGetUmInitProcess
- KmSetCommPortAPIs
- ModGetExportProcAddress
- ModLoadDLLToBuffer
- ModLoadDLLToBufferWithImageSize
- ModLoadModule
- ModUnLoadModule
- NormalizeFileName
- NormalizeFileName1
- NormalizeFullNtPathToDosName
- NormalizeFullNtPathToDosName1
- TmCommConfigRoutine
- UtilAddDeviceInDriveTable
- UtilAddReparsePointMapping
- UtilCleanFileReadOnly
- UtilCloseExclusiveHandle
- UtilCreateDosFileName
- UtilDeleteFileForce
- UtilGetDeviceObjectName
- UtilGetFileNameFromFileObject
- UtilGetFileObjectForProcessByEPROC
- UtilGetFileObjectFromFileName
- UtilGetProcessName
- UtilGetSystemDirectory
- UtilGetSystemDirectoryEx
- UtilGetSystemDirectoryLength
- UtilGetSystemTime
- UtilIoSetFileInfo
- UtilIopCreateFileIRP
- UtilKeGetLowFileDevice
- UtilModuleIATHook
- UtilModuleIATUnHook
- UtilPostJobToWorkerThread
- UtilQueryExclusiveHandle
- UtilQueryKeyValue
- UtilRemoveDeviceFromDriveTable
- UtilVolumeDeviceToDosName
- UtilWaitValueChangeToZero
- UtilWriteVersionToRegistry
- UtilbuildDynamicDiskMappingTable
- UtlWriteBinValueKeyToRegistry
- ValidateAddressWithSize
- _ResetProtectFromClose
- _UtilDosPathNameToNtPathName
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
Download
Certificates
Expand
Certificate 7e93ebfb7cc64e59ea4b9a77d406fc3b
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | d0785ad36e427c92b19f6826ab1e8020 |
| ToBeSigned (TBS) SHA1 | 365b7a9c21bd9373e49052c3e7b3e4646ddd4d43 |
| ToBeSigned (TBS) SHA256 | c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2 |
| ValidFrom | 2012-12-21 00:00:00 |
| ValidTo | 2020-12-30 23:59:59 |
| Signature | 03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 7e93ebfb7cc64e59ea4b9a77d406fc3b |
| Version | 3 |
Certificate 0ecff438c8febf356e04d86a981b1a50
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | e9d38360b914c8863f6cba3ee58764d3 |
| ToBeSigned (TBS) SHA1 | 4cba8eae47b6bf76f20b3504b98b8f062694a89b |
| ToBeSigned (TBS) SHA256 | 88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976 |
| Subject | C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4 |
| ValidFrom | 2012-10-18 00:00:00 |
| ValidTo | 2020-12-29 23:59:59 |
| Signature | 783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 0ecff438c8febf356e04d86a981b1a50 |
| Version | 3 |
Certificate 60d927b542b7d1147fb2f0c4b9c1bbb2
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 869d63236005004b14196f1446676514 |
| ToBeSigned (TBS) SHA1 | 5ab0ae52f86a1af51af5a3421d581cc4899f1ccf |
| ToBeSigned (TBS) SHA256 | 55c2a996787daba322e26cfeb97216d96f9b0d12fd89b075c3a544f31c9930bd |
| Subject | C=TW, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc. |
| ValidFrom | 2018-05-22 00:00:00 |
| ValidTo | 2019-07-16 23:59:59 |
| Signature | f51f3f5ad8cfb51aee3156e1761cf440c448eda8ccacbc48cda1a43f3478a66508bf41a9080e901c134a5d067db2b1175f7352e2b1212a89b0860a46d610412556c2edc049b661d682b418501a89b1e8334ef89be22cc41286eb88be9d529466c5f7455be0a55046c78a77c839524125351d8468b822584925a1466f81e631794b8bfb9f3844b8249cfa8b4fc5ab102cfe61dc182a24fcd1eb15043d98615a5fe574a64af3c9f83621fd4f74be0cce77fa3a7fc5d17b07bbbb034163dbc573be495ebc59b7ea9f4bfde65cb16125195ac4cf2d9d4a50c8c3bcf120cd3b26a5194c0672dd1349fe432df6c6afcc4f82700df8f899dbf035a70c8b294466bf3ae6 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | False |
| SerialNumber | 60d927b542b7d1147fb2f0c4b9c1bbb2 |
| Version | 3 |
Certificate 611993e400000000001c
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | 78a717e082dcc1cda3458d917e677d14 |
| ToBeSigned (TBS) SHA1 | 4a872e0e51f9b304469cd1dedb496ee9b8b983a4 |
| ToBeSigned (TBS) SHA256 | 317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5 |
| ValidFrom | 2011-02-22 19:25:17 |
| ValidTo | 2021-02-22 19:35:17 |
| Signature | 812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 611993e400000000001c |
| Version | 3 |
Certificate 5200e5aa2556fc1a86ed96c9d44b33c7
| Field | Value |
|---|
| ToBeSigned (TBS) MD5 | b30c31a572b0409383ed3fbe17e56e81 |
| ToBeSigned (TBS) SHA1 | 4843a82ed3b1f2bfbee9671960e1940c942f688d |
| ToBeSigned (TBS) SHA256 | 03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9 |
| Subject | C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA |
| ValidFrom | 2010-02-08 00:00:00 |
| ValidTo | 2020-02-07 23:59:59 |
| Signature | 5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3 |
| SignatureAlgorithmOID | 1.2.840.113549.1.1.5 |
| IsCertificateAuthority | True |
| SerialNumber | 5200e5aa2556fc1a86ed96c9d44b33c7 |
| Version | 3 |
Imports
Expand
Imported Functions
Expand
- KeLeaveCriticalRegion
- wcsncpy
- KeEnterCriticalRegion
- ExAcquireFastMutexUnsafe
- wcsrchr
- ExAcquireResourceSharedLite
- ExReleaseResourceLite
- _purecall
- ZwOpenEvent
- ZwConnectPort
- KeClearEvent
- PsProcessType
- ExFreePoolWithTag
- RtlInitUnicodeString
- KeSetEvent
- ProbeForWrite
- KeUnstackDetachProcess
- ZwRequestWaitReplyPort
- ZwWaitForSingleObject
- DbgBreakPoint
- ZwSetEvent
- IoGetCurrentProcess
- ZwFreeVirtualMemory
- ZwClose
- ObfReferenceObject
- ObfDereferenceObject
- RtlUnicodeStringToInteger
- ZwCreateSection
- ObOpenObjectByPointer
- KeStackAttachProcess
- KePulseEvent
- ZwAllocateVirtualMemory
- ObGetObjectSecurity
- SeAccessCheck
- SeReleaseSubjectContext
- SeCaptureSubjectContext
- PsThreadType
- ObReleaseObjectSecurity
- PsGetProcessExitTime
- MmSectionObjectType
- DbgPrint
- ExDeleteResourceLite
- ExInitializeResourceLite
- ZwReadFile
- swprintf
- ZwSetInformationFile
- ZwCreateFile
- ZwQueryInformationFile
- ZwWriteFile
- _wcsnicmp
- towupper
- ExAllocatePoolWithTag
- KeInitializeEvent
- ZwCreateEvent
- ZwCreateKey
- RtlAnsiStringToUnicodeString
- ZwNotifyChangeKey
- RtlInitAnsiString
- _snprintf
- RtlFreeUnicodeString
- ExSystemTimeToLocalTime
- _vsnprintf
- ObReferenceObjectByHandle
- RtlTimeToTimeFields
- ZwDeviceIoControlFile
- PsGetCurrentThreadId
- PsGetCurrentProcessId
- KeWaitForMultipleObjects
- ExGetPreviousMode
- RtlEqualUnicodeString
- RtlPrefixUnicodeString
- RtlAppendUnicodeStringToString
- RtlCopyUnicodeString
- RtlUpcaseUnicodeChar
- KeWaitForSingleObject
- KeSetPriorityThread
- PsCreateSystemThread
- PsTerminateSystemThread
- MmIsAddressValid
- KeDelayExecutionThread
- KeNumberProcessors
- PsLookupProcessByProcessId
- PsSetCreateProcessNotifyRoutine
- ZwOpenDirectoryObject
- ZwQueryInformationProcess
- ZwQuerySecurityObject
- NtSetInformationFile
- ZwDeleteValueKey
- ZwSetValueKey
- ZwQuerySystemInformation
- NtQueryInformationFile
- IoFileObjectType
- ZwQueryValueKey
- ZwQueryDirectoryFile
- NtCreateFile
- ZwEnumerateValueKey
- RtlLengthSecurityDescriptor
- ZwQueryDirectoryObject
- ZwSetSecurityObject
- ZwDuplicateObject
- ZwOpenProcess
- ZwTerminateProcess
- ExReleaseFastMutexUnsafe
- ZwEnumerateKey
- ZwQueryKey
- ZwOpenKey
- MmSystemRangeStart
- _stricmp
- _strnicmp
- mbstowcs
- ProbeForRead
- RtlUpcaseUnicodeString
- _snwprintf
- ZwQuerySymbolicLinkObject
- ZwMapViewOfSection
- MmGetSystemRoutineAddress
- RtlAppendUnicodeToString
- IoCreateFile
- RtlQueryRegistryValues
- MmBuildMdlForNonPagedPool
- ZwOpenSymbolicLinkObject
- IoFreeMdl
- ObQueryNameString
- ZwUnmapViewOfSection
- NtClose
- IoFreeIrp
- PsGetVersion
- IoAllocateIrp
- RtlCompareMemory
- MmUnlockPages
- ZwSetInformationObject
- ZwOpenFile
- wcsncmp
- RtlImageNtHeader
- IoAllocateMdl
- IofCallDriver
- ZwQueryVolumeInformationFile
- ObReferenceObjectByPointer
- IoBuildDeviceIoControlRequest
- ZwOpenSection
- RtlSubAuthoritySid
- RtlLengthRequiredSid
- ExReleaseFastMutex
- ExAcquireFastMutex
- RtlCreateAcl
- RtlSetDaclSecurityDescriptor
- RtlAddAccessAllowedAce
- KeInitializeSemaphore
- KeReleaseSemaphore
- RtlInitializeSid
- RtlCreateSecurityDescriptor
- IoDeleteSymbolicLink
- IoDeleteDevice
- IoGetDeviceObjectPointer
- ExEventObjectType
- IofCompleteRequest
- IoCreateSymbolicLink
- ObOpenObjectByName
- NtQueryInformationProcess
- strncpy
- NtOpenProcess
- ObInsertObject
- IoAcquireVpbSpinLock
- SeCreateAccessState
- IoGetFileObjectGenericMapping
- ObCreateObject
- KeAcquireQueuedSpinLock
- KeReleaseQueuedSpinLock
- IoReleaseVpbSpinLock
- wcschr
- strncat
- RtlUnicodeStringToAnsiString
- wcsncat
- RtlFreeAnsiString
- wcstombs
- IoGetConfigurationInformation
- IoRegisterPlugPlayNotification
- IoGetStackLimits
- IoBuildSynchronousFsdRequest
- KeReleaseSpinLock
- ExpInterlockedPopEntrySList
- FsRtlIsNameInExpression
- wcsstr
- ExAllocatePool
- IoUnregisterPlugPlayNotification
- MmProbeAndLockPages
- RtlCompareUnicodeString
- IoGetDeviceInterfaces
- KeAcquireSpinLockRaiseToDpc
- KeBugCheckEx
- IoCreateDevice
- IoDeviceObjectType
- SeCaptureSecurityDescriptor
- RtlAbsoluteToSelfRelativeSD
- IoIsWdmVersionAvailable
- SeExports
- RtlLengthSid
- RtlGetSaclSecurityDescriptor
- RtlGetDaclSecurityDescriptor
- RtlGetGroupSecurityDescriptor
- RtlGetOwnerSecurityDescriptor
- ZwDeleteKey
- ExAcquireResourceExclusiveLite
- __C_specific_handler
Exported Functions
Expand
- ??0CAutoUpdateConfigThread@@QEAA@AEBV0@@Z
- ??0CAutoUpdateConfigThread@@QEAA@PEAU_UNICODE_STRING@@P6AX0PEAX@Z1@Z
- ??0CBlobConfig@@QEAA@AEBV0@@Z
- ??0CBlobConfig@@QEAA@K@Z
- ??0CContext@@QEAA@AEBV0@@Z
- ??0CContext@@QEAA@KP6AJPEAU_EVENT_REPORT@@PEAXPEAU_TMCE_REPORT@@PEAU_TMCE_FEEDBACK@@@Z1K@Z
- ??0CContextList@@QEAA@AEBV0@@Z
- ??0CContextList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CDebugLog@@QEAA@AEBV0@@Z
- ??0CDebugLog@@QEAA@PEBG@Z
- ??0CDebugLogEx@@QEAA@AEBV0@@Z
- ??0CDebugLogEx@@QEAA@K@Z
- ??0CDelayLoadThread@@QEAA@AEBV0@@Z
- ??0CDelayLoadThread@@QEAA@XZ
- ??0CExclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CExclusionExtConfig@@QEAA@KKE@Z
- ??0CExclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFileNameConfig@@QEAA@KK@Z
- ??0CExclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFilePathConfig@@QEAA@KK@Z
- ??0CExclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CExclusionFolderConfig@@QEAA@KK@Z
- ??0CExclusionRegistryConfig@@QEAA@AEBV0@@Z
- ??0CExclusionRegistryConfig@@QEAA@KK@Z
- ??0CFile@@QEAA@AEBV0@@Z
- ??0CFile@@QEAA@E@Z
- ??0CFileExtension@@QEAA@AEBV0@@Z
- ??0CFileExtension@@QEAA@KEEPEAVIMemoryAllocator@@@Z
- ??0CInclusionExtConfig@@QEAA@AEBV0@@Z
- ??0CInclusionExtConfig@@QEAA@KKE@Z
- ??0CInclusionFileNameConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFileNameConfig@@QEAA@KK@Z
- ??0CInclusionFilePathConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFilePathConfig@@QEAA@KK@Z
- ??0CInclusionFolderConfig@@QEAA@AEBV0@@Z
- ??0CInclusionFolderConfig@@QEAA@KK@Z
- ??0CKEvent@@QEAA@AEBV0@@Z
- ??0CKEvent@@QEAA@W4_EVENT_TYPE@@E@Z
- ??0CList@@QEAA@AEBV0@@Z
- ??0CList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CLockEvent@@QEAA@AEBV0@@Z
- ??0CLockEvent@@QEAA@XZ
- ??0CLockList@@QEAA@AEBV0@@Z
- ??0CLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CMemoryAllocator@@IEAA@W4_POOL_TYPE@@K@Z
- ??0CMemoryAllocator@@QEAA@AEBV0@@Z
- ??0CMemoryPoolAllocator@@IEAA@W4_POOL_TYPE@@_K1K@Z
- ??0CMemoryPoolAllocator@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@AEBV0@@Z
- ??0CModuleConfig@@QEAA@XZ
- ??0CModuleConfigList@@QEAA@AEBV0@@Z
- ??0CModuleConfigList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CModuleFileExtConfig@@QEAA@AEBV0@@Z
- ??0CModuleFileExtConfig@@QEAA@KKE@Z
- ??0CModuleFlagConfig@@QEAA@AEBV0@@Z
- ??0CModuleFlagConfig@@QEAA@K@Z
- ??0CModuleMultiStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleMultiStringConfig@@QEAA@KK@Z
- ??0CModuleStringConfig@@QEAA@AEBV0@@Z
- ??0CModuleStringConfig@@QEAA@K@Z
- ??0CNoLockList@@QEAA@AEBV0@@Z
- ??0CNoLockList@@QEAA@KKPEAVIMemoryAllocator@@@Z
- ??0CSmartLock@@QEAA@AEAVCLockEvent@@@Z
- ??0CSmartLock@@QEAA@XZ
- ??0CSmartReference@@QEAA@AEAJ@Z
- ??0CSmartReference@@QEAA@AEAK@Z
- ??0CSmartResource@@QEAA@AEAVCResource@@E@Z
- ??0CStrList@@QEAA@AEBV0@@Z
- ??0CStrList@@QEAA@KPEAVIMemoryAllocator@@@Z
- ??0CSystemThread@@QEAA@AEBV0@@Z
- ??0CSystemThread@@QEAA@K@Z
- ??0CUserFuncAdapterJob@@QEAA@AEBV0@@Z
- ??0CUserFuncAdapterJob@@QEAA@P6AXPEAX@Z01@Z
- ??0CWorkerThread@@IEAA@PEAVCWorkerThreadJobQueue@@@Z
- ??0CWorkerThread@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJob@@QEAA@E@Z
- ??0CWorkerThreadJobQueue@@QEAA@AEBV0@@Z
- ??0CWorkerThreadJobQueue@@QEAA@K@Z
- ??0CWorkerThreadPool@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPool@@QEAA@K@Z
- ??0CWorkerThreadPoolEx@@QEAA@AEBV0@@Z
- ??0CWorkerThreadPoolEx@@QEAA@KK@Z
- ??0IMemoryAllocator@@QEAA@AEBV0@@Z
- ??0IMemoryAllocator@@QEAA@XZ
- ??1CAutoUpdateConfigThread@@UEAA@XZ
- ??1CBlobConfig@@UEAA@XZ
- ??1CContext@@UEAA@XZ
- ??1CContextList@@UEAA@XZ
- ??1CDebugLog@@UEAA@XZ
- ??1CDebugLogEx@@UEAA@XZ
- ??1CDelayLoadThread@@UEAA@XZ
- ??1CExclusionExtConfig@@UEAA@XZ
- ??1CExclusionFileNameConfig@@UEAA@XZ
- ??1CExclusionFilePathConfig@@UEAA@XZ
- ??1CExclusionFolderConfig@@UEAA@XZ
- ??1CExclusionRegistryConfig@@UEAA@XZ
- ??1CFile@@UEAA@XZ
- ??1CFileExtension@@UEAA@XZ
- ??1CInclusionExtConfig@@UEAA@XZ
- ??1CInclusionFileNameConfig@@UEAA@XZ
- ??1CInclusionFilePathConfig@@UEAA@XZ
- ??1CInclusionFolderConfig@@UEAA@XZ
- ??1CKEvent@@UEAA@XZ
- ??1CList@@UEAA@XZ
- ??1CLockEvent@@UEAA@XZ
- ??1CLockList@@UEAA@XZ
- ??1CMemoryAllocator@@UEAA@XZ
- ??1CMemoryPoolAllocator@@UEAA@XZ
- ??1CModuleConfig@@UEAA@XZ
- ??1CModuleConfigList@@UEAA@XZ
- ??1CModuleFileExtConfig@@UEAA@XZ
- ??1CModuleFlagConfig@@UEAA@XZ
- ??1CModuleMultiStringConfig@@UEAA@XZ
- ??1CModuleStringConfig@@UEAA@XZ
- ??1CNoLockList@@UEAA@XZ
- ??1CSmartLock@@QEAA@XZ
- ??1CSmartReference@@QEAA@XZ
- ??1CSmartResource@@QEAA@XZ
- ??1CStrList@@UEAA@XZ
- ??1CSystemThread@@UEAA@XZ
- ??1CUserFuncAdapterJob@@UEAA@XZ
- ??1CWorkerThread@@UEAA@XZ
- ??1CWorkerThreadJob@@UEAA@XZ
- ??1CWorkerThreadJobQueue@@UEAA@XZ
- ??1CWorkerThreadPool@@UEAA@XZ
- ??1CWorkerThreadPoolEx@@UEAA@XZ
- ??1IMemoryAllocator@@UEAA@XZ
- ??2@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??2CMemoryAllocator@@SAPEAX_K@Z
- ??2CMemoryPoolAllocator@@SAPEAX_K@Z
- ??3@YAXPEAX@Z
- ??3IMemoryAllocator@@SAXPEAX@Z
- ??4CAutoUpdateConfigThread@@QEAAAEAV0@AEBV0@@Z
- ??4CBlobConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CContext@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLog@@QEAAAEAV0@AEBV0@@Z
- ??4CDebugLogEx@@QEAAAEAV0@AEBV0@@Z
- ??4CDelayLoadThread@@QEAAAEAV0@AEBV0@@Z
- ??4CFile@@QEAAAEAV0@AEBV0@@Z
- ??4CKEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CLockEvent@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CMemoryPoolAllocator@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleFlagConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CModuleStringConfig@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEAV0@AEBV0@@Z
- ??4CSmartLock@@QEAAAEBV0@AEAVCLockEvent@@@Z
- ??4CSmartResource@@QEAAAEAV0@AEBV0@@Z
- ??4CSystemThread@@QEAAAEAV0@AEBV0@@Z
- ??4CUserFuncAdapterJob@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThread@@QEAAAEAV0@AEBV0@@Z
- ??4CWorkerThreadJob@@QEAAAEAV0@AEBV0@@Z
- ??4IMemoryAllocator@@QEAAAEAV0@AEBV0@@Z
- ??_7CAutoUpdateConfigThread@@6B@
- ??_7CBlobConfig@@6B@
- ??_7CContext@@6B@
- ??_7CContextList@@6B@
- ??_7CDebugLog@@6B@
- ??_7CDebugLogEx@@6B@
- ??_7CDelayLoadThread@@6B@
- ??_7CExclusionExtConfig@@6B@
- ??_7CExclusionFileNameConfig@@6B@
- ??_7CExclusionFilePathConfig@@6B@
- ??_7CExclusionFolderConfig@@6B@
- ??_7CExclusionRegistryConfig@@6B@
- ??_7CFile@@6B@
- ??_7CFileExtension@@6B@
- ??_7CInclusionExtConfig@@6B@
- ??_7CInclusionFileNameConfig@@6B@
- ??_7CInclusionFilePathConfig@@6B@
- ??_7CInclusionFolderConfig@@6B@
- ??_7CKEvent@@6B@
- ??_7CList@@6B@
- ??_7CLockEvent@@6B@
- ??_7CLockList@@6B@
- ??_7CMemoryAllocator@@6B@
- ??_7CMemoryPoolAllocator@@6B@
- ??_7CModuleConfig@@6B@
- ??_7CModuleConfigList@@6B@
- ??_7CModuleFileExtConfig@@6B@
- ??_7CModuleFlagConfig@@6B@
- ??_7CModuleMultiStringConfig@@6B@
- ??_7CModuleStringConfig@@6B@
- ??_7CNoLockList@@6B@
- ??_7CStrList@@6B@
- ??_7CSystemThread@@6B@
- ??_7CUserFuncAdapterJob@@6B@
- ??_7CWorkerThread@@6B@
- ??_7CWorkerThreadJob@@6B@
- ??_7CWorkerThreadJobQueue@@6B@
- ??_7CWorkerThreadPool@@6B@
- ??_7CWorkerThreadPoolEx@@6B@
- ??_7IMemoryAllocator@@6B@
- ??_FCContextList@@QEAAXXZ
- ??_FCFile@@QEAAXXZ
- ??_FCFileExtension@@QEAAXXZ
- ??_FCModuleConfigList@@QEAAXXZ
- ??_FCStrList@@QEAAXXZ
- ??_FCSystemThread@@QEAAXXZ
- ??_FCWorkerThread@@QEAAXXZ
- ??_FCWorkerThreadJob@@QEAAXXZ
- ??_FCWorkerThreadJobQueue@@QEAAXXZ
- ??_U@YAPEAX_KPEAVIMemoryAllocator@@PEBDK@Z
- ??_V@YAXPEAX@Z
- ?Acquire@CLockEvent@@QEAAXXZ
- ?Add@CContextList@@QEAAEPEAVCContext@@@Z
- ?Add@CFileExtension@@QEAAEPEBGK@Z
- ?Add@CModuleConfigList@@QEAAEPEAVCModuleConfig@@@Z
- ?Add@CStrList@@QEAAEPEBG@Z
- ?AddNode@CLockList@@UEAAEQEAXE@Z
- ?AddNode@CNoLockList@@UEAAEQEAXE@Z
- ?Alloc@CMemoryAllocator@@UEAAPEAX_KPEBDK@Z
- ?Alloc@CMemoryPoolAllocator@@UEAAPEAX_KPEBDK@Z
- ?AllocBlock@CMemoryPoolAllocator@@IEAAPEAX_K@Z
- ?AttachJobQueue@CWorkerThread@@QEAAXPEAVCWorkerThreadJobQueue@@@Z
- ?Cancel@CWorkerThreadJob@@QEAAXXZ
- ?CheckNode@CLockList@@UEAAHQEAX@Z
- ?CheckNode@CNoLockList@@UEAAHQEAX@Z
- ?CleanQueue@CWorkerThreadJobQueue@@QEAAXXZ
- ?Cleanup@CBlobConfig@@AEAAXXZ
- ?Cleanup@CModuleFileExtConfig@@IEAAXXZ
- ?Cleanup@CModuleMultiStringConfig@@IEAAXXZ
- ?Cleanup@CModuleStringConfig@@AEAAXXZ
- ?Close@CFile@@QEAAJXZ
- ?Count@CLockList@@QEAAKXZ
- ?Count@CNoLockList@@QEAAKXZ
- ?Create@CFile@@QEAAJPEBGKKKK@Z
- ?Create@CSystemThread@@QEAAEXZ
- ?CreateInstance@CMemoryAllocator@@SAPEAV1@W4_POOL_TYPE@@K@Z
- ?CreateInstance@CMemoryPoolAllocator@@SAPEAV1@W4_POOL_TYPE@@_K1K@Z
- ?CreatePool@CWorkerThreadPool@@QEAAEXZ
- ?CreatePool@CWorkerThreadPoolEx@@QEAAEXZ
- ?CreateThreads@CWorkerThreadPool@@QEAAEK@Z
- ?CreateThreads@CWorkerThreadPoolEx@@QEAAEK@Z
- ?CreateWIRP@CFile@@QEAAJPEBGKKKK@Z
- ?Delete@CFile@@QEAAJXZ
- ?Delete@CFileExtension@@QEAAEPEBGK@Z
- ?Delete@CStrList@@QEAAEPEBG@Z
- ?DeleteAll@CList@@UEAAXXZ
- ?DeleteAll@CLockList@@UEAAXXZ
- ?DeleteAll@CNoLockList@@UEAAXXZ
- ?DeleteNode@CContextList@@MEAAXPEAX@Z
- ?DeleteNode@CList@@UEAAXPEAX@Z
- ?DeleteNode@CModuleConfigList@@MEAAXPEAX@Z
- ?DeleteNode@CStrList@@EEAAXPEAU_STR_LIST_NODE@1@@Z
- ?DisableWriteProtectFromCR0@@YAXPEAPEAX@Z
- ?DoIt@CWorkerThreadJob@@QEAAJXZ
- ?EntryPoint@CSystemThread@@KAXPEAX@Z
- ?Find@CContextList@@QEAAPEAVCContext@@K@Z
- ?Find@CContextList@@QEAAPEAVCContext@@PEAX@Z
- ?Find@CFileExtension@@QEAAPEAU_STR_LIST_NODE@CStrList@@PEBGK@Z
- ?Find@CModuleConfigList@@QEAAPEAVCModuleConfig@@K@Z
- ?Find@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FindNode@CContextList@@IEAAPEAXPEAX@Z
- ?FindPartiallyAndAllMatch@CStrList@@QEAAPEAU_STR_LIST_NODE@1@PEBG@Z
- ?FinishFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?FinishIt@CWorkerThreadJob@@QEAAJXZ
- ?First@CList@@UEAAPEAXXZ
- ?First@CLockList@@UEAAPEAXXZ
- ?First@CNoLockList@@UEAAPEAXXZ
- ?Free@CMemoryAllocator@@UEAAXPEAX@Z
- ?Free@CMemoryPoolAllocator@@UEAAXPEAX@Z
- ?GetAttributes@CFile@@QEAAKXZ
- ?GetBasicInfomration@CFile@@IEAAJXZ
- ?GetBlobCofig@CContext@@UEAAJKPEAXPEAK@Z
- ?GetCategory@CContext@@QEAAKXZ
- ?GetData@CBlobConfig@@QEAAHPEAXPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleFileExtConfig@@QEAAPEAVCFileExtension@@XZ
- ?GetData@CModuleFlagConfig@@QEAAKXZ
- ?GetData@CModuleMultiStringConfig@@QEAAHPEAGPEAK@Z
- ?GetData@CModuleMultiStringConfig@@QEAAPEAVCStrList@@XZ
- ?GetData@CModuleStringConfig@@QEAAPEAGXZ
- ?GetData@CStrList@@QEAAEPEAGPEAK@Z
- ?GetDataType@CModuleConfig@@QEAAKXZ
- ?GetEngineContext@CContext@@QEAAPEAXXZ
- ?GetFileExtensionConfig@CContext@@QEAAPEAVCFileExtension@@K@Z
- ?GetFileExtensionConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetFileSize@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFileSizeWIRP@CFile@@QEAAJPEAT_LARGE_INTEGER@@@Z
- ?GetFlagConfig@CContext@@UEAAJKPEAK@Z
- ?GetID@CModuleConfig@@QEAAKXZ
- ?GetJob@CWorkerThreadJobQueue@@QEAAPEAVCWorkerThreadJob@@XZ
- ?GetLength@CModuleStringConfig@@QEAAKXZ
- ?GetLinkContext@CContext@@QEAAPEAXXZ
- ?GetLogFlag@CDebugLog@@QEAAKXZ
- ?GetLogFlag@CDebugLogEx@@QEAAKXZ
- ?GetModuleId@CModuleConfig@@QEAAKXZ
- ?GetMultiStringConfig@CContext@@QEAAPEAVCStrList@@K@Z
- ?GetMultiStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPool@@QEAAPEAU_KTHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_ETHREAD@@XZ
- ?GetOneThreadTEB@CWorkerThreadPoolEx@@QEAAPEAU_KTHREAD@@XZ
- ?GetReportCallBackRoutine@CContext@@QEAA_KXZ
- ?GetSize@CBlobConfig@@QEAAKXZ
- ?GetStringConfig@CContext@@QEAAPEAGK@Z
- ?GetStringConfig@CContext@@UEAAJKPEAGPEAK@Z
- ?GetThreadCount@CWorkerThreadPool@@QEAAKXZ
- ?GetThreadCount@CWorkerThreadPoolEx@@QEAAKXZ
- ?GetThreadID@CSystemThread@@QEAA_KXZ
- ?GetType@CContext@@QEAAKXZ
- ?GetUserParameter@CContext@@QEAA_KXZ
- ?InitProcMon@CDebugLogEx@@IEAAXXZ
- ?InitializeBlobConfig@CContext@@QEAAHKPEAXK@Z
- ?InitializeFileExtensionConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeFlagConfig@CContext@@QEAAHKK@Z
- ?InitializeMultiStringConfig@CContext@@QEAAHKPEBG@Z
- ?InitializeStringConfig@CContext@@QEAAHKPEBG@Z
- ?Insert@CList@@UEAAXQEAXE@Z
- ?Insert@CLockList@@UEAAXQEAXE@Z
- ?Insert@CNoLockList@@UEAAXQEAXE@Z
- ?InsertAfter@CList@@UEAAXPEAX0@Z
- ?InsertBefore@CList@@UEAAXPEAX0@Z
- ?Instance@CWorkerThreadPool@@SAPEAV1@XZ
- ?IsEmpty@CList@@UEAAEXZ
- ?IsEmpty@CLockList@@UEAAEXZ
- ?IsEmpty@CNoLockList@@UEAAEXZ
- ?IsExceedLimitation@CMemoryPoolAllocator@@IEAAEK@Z
- ?IsFull@CLockList@@QEBAEXZ
- ?IsFull@CNoLockList@@QEBAEXZ
- ?IsInExclusionList@CExclusionExtConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionFolderConfig@@QEAAEPEBG@Z
- ?IsInExclusionList@CExclusionRegistryConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionExtConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFileNameConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFilePathConfig@@QEAAEPEBG@Z
- ?IsInInclusionList@CInclusionFolderConfig@@QEAAEPEBG@Z
- ?IsOpened@CFile@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPool@@QEAAEXZ
- ?IsTerminated@CWorkerThreadPoolEx@@QEAAEXZ
- ?IsValid@CMemoryAllocator@@UEAAEXZ
- ?IsValid@CMemoryPoolAllocator@@UEAAEXZ
- ?IsValid@IMemoryAllocator@@UEAAEXZ
- ?IsWorkerThread@CWorkerThreadPool@@QEAAE_K@Z
- ?IsWorkerThread@CWorkerThreadPoolEx@@QEAAE_K@Z
- ?JobFunction@CUserFuncAdapterJob@@MEAAXXZ
- ?JobQueue@CWorkerThreadPool@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?JobQueue@CWorkerThreadPoolEx@@QEAAAEAVCWorkerThreadJobQueue@@XZ
- ?Limit@CLockList@@QEAAKXZ
- ?Limit@CNoLockList@@QEAAKXZ
- ?MatchAllExtensions@CFileExtension@@QEAAEXZ
- ?MatchNoExtensions@CFileExtension@@QEAAEXZ
- ?MergeLeft@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?MergeRight@CMemoryPoolAllocator@@IEAAPEAXPEAX@Z
- ?NeedDelete@CWorkerThreadJob@@QEAAEXZ
- ?NeedDeleteWhenFinish@CWorkerThreadJob@@QEAAXE@Z
- ?NewNode@CList@@UEAAPEAXXZ
- ?NewNode@CStrList@@EEAAPEAXXZ
- ?NewNodeVariant@CList@@IEAAPEAXK@Z
- ?Next@CList@@UEBAPEAXQEAX@Z
- ?Next@CLockList@@UEBAPEAXQEAX@Z
- ?Next@CNoLockList@@UEBAPEAXQEAX@Z
- ?NextPool@CMemoryPoolAllocator@@QEAAPEAV1@XZ
- ?NotityTerminate@CWorkerThread@@QEAAXXZ
- ?PostJobToWorkerThread@CWorkerThreadPool@@QEAAJP6AXPEAX@Z0E@Z
- ?PostJobToWorkerThread@CWorkerThreadPoolEx@@QEAAJP6AXPEAX@Z0E1@Z
- ?Pulse@CKEvent@@QEAAJJE@Z
- ?QueueJob@CWorkerThreadJobQueue@@QEAAEPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPool@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?QueueJobItem@CWorkerThreadPoolEx@@QEAAJPEAVCWorkerThreadJob@@@Z
- ?RCMInstance@CWorkerThreadPool@@SAPEAV1@XZ
- ?Read@CFile@@QEAAJPEADKPEAK@Z
- ?ReadWIRP@CFile@@QEAAJPEADKPEAK@Z
- ?ReferenceCount@CContext@@QEAAAEAKXZ
- ?Release@CLockEvent@@QEAAXXZ
- ?Remove@CContextList@@UEAAEQEAX@Z
- ?Remove@CList@@UEAAEQEAX@Z
- ?Remove@CLockList@@UEAAEQEAX@Z
- ?Remove@CNoLockList@@UEAAEQEAX@Z
- ?RemoveHead@CList@@UEAAPEAXXZ
- ?RemoveHead@CLockList@@UEAAPEAXXZ
- ?RemoveHead@CNoLockList@@UEAAPEAXXZ
- ?RemoveTail@CList@@UEAAPEAXXZ
- ?RemoveTail@CLockList@@UEAAPEAXXZ
- ?RemoveTail@CNoLockList@@UEAAPEAXXZ
- ?Reset@CKEvent@@QEAAXXZ
- ?ResetData@CInclusionExtConfig@@QEAAXXZ
- ?ResetData@CInclusionFileNameConfig@@QEAAXXZ
- ?ResetData@CInclusionFilePathConfig@@QEAAXXZ
- ?ResetData@CInclusionFolderConfig@@QEAAXXZ
- ?RestoreCR0@@YAXPEAX@Z
- ?Run@CAutoUpdateConfigThread@@UEAAXXZ
- ?Run@CDelayLoadThread@@UEAAXXZ
- ?Run@CWorkerThread@@UEAAXXZ
- ?SeekToEnd@CFile@@QEAAJXZ
- ?Set@CKEvent@@QEAAJJE@Z
- ?SetAttributes@CFile@@QEAAJK@Z
- ?SetBlobCofig@CContext@@UEAAJKPEAXK@Z
- ?SetData@CBlobConfig@@QEAAHPEAXK@Z
- ?SetData@CModuleFileExtConfig@@QEAAHPEBG@Z
- ?SetData@CModuleFlagConfig@@QEAAHK@Z
- ?SetData@CModuleMultiStringConfig@@QEAAHPEBGK@Z
- ?SetData@CModuleStringConfig@@QEAAHPEBG@Z
- ?SetEngineContext@CContext@@QEAAXPEAX@Z
- ?SetFileExtensionConfig@CContext@@UEAAJKPEBG@Z
- ?SetFlagConfig@CContext@@UEAAJKK@Z
- ?SetLinkContext@CContext@@QEAAXPEAX@Z
- ?SetLogFlag@CDebugLog@@QEAAEK@Z
- ?SetLogFlag@CDebugLogEx@@QEAAEK@Z
- ?SetMatchAllExtensions@CFileExtension@@QEAAXE@Z
- ?SetMatchNoExtensions@CFileExtension@@QEAAXE@Z
- ?SetMultiStringConfig@CContext@@UEAAJKPEBG@Z
- ?SetNewJobItemEvent@CWorkerThreadJobQueue@@QEAAXXZ
- ?SetPriority@CSystemThread@@QEAAXK@Z
- ?SetStopUse@CContext@@QEAAXXZ
- ?SetStringConfig@CContext@@UEAAJKPEBG@Z
- ?Setup@CSystemThread@@MEAAXXZ
- ?StopUse@CContext@@QEAAHXZ
- ?TearDown@CSystemThread@@MEAAXXZ
- ?Terminate@CSystemThread@@QEAAXE@Z
- ?Terminate@CWorkerThreadPool@@QEAAEXZ
- ?Terminate@CWorkerThreadPoolEx@@QEAAEXZ
- ?TmExceptionFilter@@YAJPEAU_EXCEPTION_POINTERS@@@Z
- ?Wait@CKEvent@@QEAAJPEAT_LARGE_INTEGER@@E@Z
- ?WaitFinish@CWorkerThreadJob@@QEAAXXZ
- ?WaitForInit@CDelayLoadThread@@QEAAEXZ
- ?WaitForLoad@CDelayLoadThread@@QEAAEXZ
- ?WaitNewJobAvailable@CWorkerThreadJobQueue@@QEAAEXZ
- ?WaitQueueEmpty@CWorkerThreadJobQueue@@QEAAXXZ
- ?Write@CDebugLog@@QEAAXPEBDZZ
- ?Write@CDebugLogEx@@QEAAXPEBDZZ
- ?Write@CFile@@QEAAJPEADKPEAT_LARGE_INTEGER@@PEAK@Z
- ?WriteDataToFile@CDebugLogEx@@IEAAXPEADK@Z
- ?WriteDataToProcMonW@CDebugLogEx@@IEAAXPEAD@Z
- ?WriteSystemInformation@CDebugLog@@QEAAXXZ
- ?WriteSystemInformation@CDebugLogEx@@QEAAXXZ
- ?WriteSystemStringInformation@CDebugLog@@IEAAXPEBG@Z
- ?WriteSystemStringInformation@CDebugLogEx@@IEAAXPEBG@Z
- ?WriteToFile@CDebugLog@@IEAAXPEADK@Z
- ?WriteToProcMonW@CDebugLogEx@@IEAAXPEAU_UNICODE_STRING@@@Z
- ?_pNonPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?_pPagedAllocator@@3PEAVCMemoryAllocator@@EA
- ?m_lpInstance@CWorkerThreadPool@@1PEAV1@EA
- ?m_lpRCMInstance@CWorkerThreadPool@@1PEAV1@EA
- DeInitKm2UmCommunication
- DeInitKmLPC
- DuplicateFullFileName
- FreeFullFileName
- GetKm2UmMode
- GetModuleInfoByAddress
- GetModuleInfoByModuleName
- InitKm2UmCommunication
- InitKmLPC
- IsVerifierCodeCheckFlagOn
- IsWindows8_1_update
- KmCallUm
- KmCallUmByLPC
- KmCallUmEx
- KmCleanupCommPortAPIs
- KmGetUmInitProcess
- KmSetCommPortAPIs
- ModGetExportProcAddress
- ModLoadDLLToBuffer
- ModLoadDLLToBufferWithImageSize
- ModLoadModule
- ModUnLoadModule
- NormalizeFileName
- NormalizeFullNtPathToDosName
- TmCommConfigRoutine
- UtilAddDeviceInDriveTable
- UtilAddReparsePointMapping
- UtilCleanFileReadOnly
- UtilCloseExclusiveHandle
- UtilCreateDosFileName
- UtilDeleteFileForce
- UtilGetDeviceObjectName
- UtilGetFileNameFromFileObject
- UtilGetFileObjectForProcessByEPROC
- UtilGetFileObjectFromFileName
- UtilGetProcessName
- UtilGetSystemDirectory
- UtilGetSystemDirectoryEx
- UtilGetSystemDirectoryLength
- UtilGetSystemTime
- UtilIoSetFileInfo
- UtilIopCreateFileIRP
- UtilKeGetLowFileDevice
- UtilModuleIATHook
- UtilModuleIATUnHook
- UtilPostJobToWorkerThread
- UtilQueryExclusiveHandle
- UtilQueryKeyValue
- UtilRemoveDeviceFromDriveTable
- UtilVolumeDeviceToDosName
- UtilWaitValueChangeToZero
- UtilWriteVersionToRegistry
- UtilbuildDynamicDiskMappingTable
- UtlWriteBinValueKeyToRegistry
- ValidateAddressWithSize
- _ResetProtectFromClose
- _UtilDosPathNameToNtPathName
Sections
Expand
- .text
- .rdata
- .data
- .pdata
- PAGE
- .edata
- INIT
- .rsrc
- .reloc
Signature
Expand
{
"Certificates": [
{
"IsCertificateAuthority": true,
"SerialNumber": "7e93ebfb7cc64e59ea4b9a77d406fc3b",
"Signature": "03099b8f79ef7f5930aaef68b5fae3091dbb4f82065d375fa6529f168dea1c9209446ef56deb587c30e8f9698d23730b126f47a9ae3911f82ab19bb01ac38eeb599600adce0c4db2d031a6085c2a7afce27a1d574ca86518e979406225966ec7c7376a8321088e41eaddd9573f1d7749872a16065ea6386a2212a35119837eb6",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA , G2",
"TBS": {
"MD5": "d0785ad36e427c92b19f6826ab1e8020",
"SHA1": "365b7a9c21bd9373e49052c3e7b3e4646ddd4d43",
"SHA256": "c2abb7484da91a658548de089d52436175fdb760a1387d225611dc0613a1e2ff",
"SHA384": "eab4fe5ef90e0de4a6aa3a27769a5e879f588df5e4785aa4104debd1f81e19ea56d33e3a16e5facf99f68b5d8e3d287b"
},
"ValidFrom": "2012-12-21 00:00:00",
"ValidTo": "2020-12-30 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "0ecff438c8febf356e04d86a981b1a50",
"Signature": "783bb4912a004cf08f62303778a38427076f18b2de25dca0d49403aa864e259f9a40031cddcee379cb216806dab632b46dbff42c266333e449646d0de6c3670ef705a4356c7c8916c6e9b2dfb2e9dd20c6710fcd9574dcb65cdebd371f4378e678b5cd280420a3aaf14bc48829910e80d111fcdd5c766e4f5e0e4546416e0db0ea389ab13ada097110fc1c79b4807bac69f4fd9cb60c162bf17f5b093d9b5be216ca13816d002e380da8298f2ce1b2f45aa901af159c2c2f491bdb22bbc3fe789451c386b182885df03db451a179332b2e7bb9dc20091371eb6a195bcfe8a530572c89493fb9cf7fc9bf3e226863539abd6974acc51d3c7f92e0c3bc1cd80475",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer , G4",
"TBS": {
"MD5": "e9d38360b914c8863f6cba3ee58764d3",
"SHA1": "4cba8eae47b6bf76f20b3504b98b8f062694a89b",
"SHA256": "88901d86a4cc1f1bb193d08e1fb63d27452e63f83e228c657ab1a92e4ade3976",
"SHA384": "e9f2a75334a9e336c5a4712eadee88d0374b0fdc273262f4e65c9040ad2793067cc076696db5279a478773485e285652"
},
"ValidFrom": "2012-10-18 00:00:00",
"ValidTo": "2020-12-29 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": false,
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Signature": "f3b20c020c826fd9e2629408ffc97c9e245959d1050c9ce7708069d366d26af191812e16fce674eaca0d8f05b2a796280831737299800d2bfe0071efecf655117b7952a4d7c0701b97de034a1d42e928fd1a2082b081f9d22e9d39af3233cf05c1e61ae1f8fbfec872e78d9a0b29b4f147f1a053d1757a824601df2bb07c75c591fe7efbaf0021764b90cd446f85f80d14bc2cd42c83edfa7d2510f8f94c82d1b3ea999b1cff9093291977c7e996dc32904d3934f167077684ff76aa5327654a0bd7223d9d67657b47c5b46012dca6723d89e7fa051b3380d0c4977b9df537e75da3186ab149b27c089715a01bd695f408f7ded66bfbe920d27a6f6a7d4cc8b3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=TW, ST=Taiwan, L=Taipei, O=Trend Micro, Inc., CN=Trend Micro, Inc.",
"TBS": {
"MD5": "78eaa337666217b1c16a9a0ebd0b8434",
"SHA1": "ff9cb835e78f6185eed4372096c3bae53b17d18d",
"SHA256": "1c0d9746725e176b4a7c2852878f14d7587f58e65d346bc1247f1c8ee6374250",
"SHA384": "ffe3c75b860679a5de399c7d2c2844dbfac51d5d8581e24648d208daba1e4bed5c867808e02dc8d7cb3df1d4b2b53d10"
},
"ValidFrom": "2017-04-27 00:00:00",
"ValidTo": "2018-07-16 23:59:59",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "611993e400000000001c",
"Signature": "812a82168c34672be503eb347b8ca2a3508af45586f11e8c8eae7dee0319ce72951848ad6211fd20fd3f4706015ae2e06f8c152c4e3c6a506c0b36a3cf7a0d9c42bc5cf819d560e369e6e22341678c6883762b8f93a32ab57fbe59fba9c9b2268fcaa2f3821b983e919527978661ee5b5d076bcd86a8e26580a8e215e2b2be23056aba0cf347934daca48c077939c061123a050d89a3ec9f578984fbecca7c47661491d8b60f195de6b84aacbc47c8714396e63220a5dc7786fd3ce38b71db7b9b03fcb71d3264eb1652a043a3fa2ead59924e7cc7f233424838513a7c38c71b242228401e1a461f17db18f7f027356cb863d9cdb9645d2ba55eefc629b4f2c7f821cc04ba57fd01b6abc667f9e7d3997ff4f522fa72f5fdff3a1c423aa1f98018a5ee8d1cd4669e4501feaaeefffb178f30f7f1cd29c59decb5d549003d85b8cbbb933a276a49c030ae66c9f723283276f9a48356c848ce5a96aaa0cc0cc47fb48e97af6de35427c39f86c0d6e473089705dbd054625e0348c2d59f7fa7668cd09db04fd4d3985f4b7ac97fb22952d01280c70f54b61e67cdc6a06c110384d34875e72afeb03b6e0a3aa66b769905a3f177686133144706fc537f52bd92145c4a246a678caf8d90aad0f679211b93267cc3ce1ebd883892ae45c6196a4950b305f8ae59378a6a250394b1598150e8ba8380b72335f476b9671d5918ad208d94",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. , For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority , G5",
"TBS": {
"MD5": "78a717e082dcc1cda3458d917e677d14",
"SHA1": "4a872e0e51f9b304469cd1dedb496ee9b8b983a4",
"SHA256": "317fa1d234ebc49040ebc5e8746f8997471496051b185a91bdd9dfbb23fab5f8",
"SHA384": "b71052da4eb9157c8c1a5d7f55df19d69b9128598b72fcca608e5b7cc7d64c43c5504b9c86355a6dc22ee40c88cc385c"
},
"ValidFrom": "2011-02-22 19:25:17",
"ValidTo": "2021-02-22 19:35:17",
"Version": 3
},
{
"IsCertificateAuthority": true,
"SerialNumber": "5200e5aa2556fc1a86ed96c9d44b33c7",
"Signature": "5622e634a4c461cb48b901ad56a8640fd98c91c4bbcc0ce5ad7aa0227fdf47384a2d6cd17f711a7cec70a9b1f04fe40f0c53fa155efe749849248581261c911447b04c638cbba134d4c645e80d85267303d0a98c646ddc7192e645056015595139fc58146bfed4a4ed796b080c4172e737220609be23e93f449a1ee9619dccb1905cfc3dd28dac423d6536d4b43d40288f9b10cf2326cc4b20cb901f5d8c4c34ca3cd8e537d66fa520bd34eb26d9ae0de7c59af7a1b42191336f86e858bb257c740e58fe751b633fce317c9b8f1b969ec55376845b9cad91faaced93ba5dc82153c2825363af120d5087111b3d5452968a2c9c3d921a089a052ec793a54891d3",
"SignatureAlgorithmOID": "1.2.840.113549.1.1.5",
"Subject": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"TBS": {
"MD5": "b30c31a572b0409383ed3fbe17e56e81",
"SHA1": "4843a82ed3b1f2bfbee9671960e1940c942f688d",
"SHA256": "03cda47a6e654ed85d932714fc09ce4874600eda29ec6628cfbaeb155cab78c9",
"SHA384": "bbda8407c4f9fc4e54d772f1c7fb9d30bc97e1f97ecd51c443063d1fa0644e266328781776cd5c44896c457c75f4d7da"
},
"ValidFrom": "2010-02-08 00:00:00",
"ValidTo": "2020-02-07 23:59:59",
"Version": 3
}
],
"CertificatesInfo": "",
"Signer": [
{
"Issuer": "C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA",
"SerialNumber": "497c4fad471540e6e453d0cafb155740",
"Version": 1
}
],
"SignerInfo": ""
}
source
last_updated: 2024-04-09
