Import table
advapi32.dll
ConvertStringSecurityDescriptorToSecurityDescriptorW, GetTokenInformation, OpenThreadToken, OpenProcessToken, ControlService, StartServiceW, ChangeServiceConfig2W, OpenServiceW, OpenSCManagerW, DeleteService, CloseServiceHandle, CreateServiceW, ConvertSidToStringSidW
kernel32.dll
CreateMutexW, HeapAlloc, InterlockedIncrement, GetCurrentProcess, HeapFree, WaitForSingleObject, SetEvent, ConnectNamedPipe, CreateNamedPipeW, GetCurrentThread, GetProcessHeap, WriteFile, ReadFile, CreateFileW, GetOverlappedResult, DisconnectNamedPipe, GetLastError, LocalAlloc, CreateEventW, WaitForMultipleObjects, CloseHandle, LocalFree, ResumeThread, CreateThread, DisableThreadLibraryCalls, SetLastError, GetModuleFileNameW, Sleep, GetNativeSystemInfo, SetFilePointer, HeapSize, WriteConsoleW, SetStdHandle, GetVersionExW, GetCurrentThreadId, GetStringTypeW, MultiByteToWideChar, DecodePointer, GetCommandLineA, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, EncodePointer, EnterCriticalSection, LeaveCriticalSection, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, GetModuleHandleW, InterlockedDecrement, GetProcAddress, ExitProcess, SetHandleCount, GetStdHandle, InitializeCriticalSectionAndSpinCount, GetFileType, GetStartupInfoW, DeleteCriticalSection, GetModuleFileNameA, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, HeapCreate, HeapDestroy, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, HeapReAlloc, LoadLibraryW, IsProcessorFeaturePresent, GetConsoleCP, GetConsoleMode, FlushFileBuffers, LCMapStringW
ntdll.dll
RtlUnwind
Export table
CheckFileLayout
CheckFileLayoutW
InstallServices
RegisterCallback
RegisterOnExecCallback
StartIDS
StopIDS
UninstallServices
