Import table
api-ms-win-core-localregistry-l1-1-0.dll
RegSetValueExW, RegQueryValueExW, RegGetValueW
api-ms-win-core-processthreads-l1-1-0.dll
CreateProcessW, GetCurrentProcess, ProcessIdToSessionId, TerminateProcess, GetExitCodeProcess, GetCurrentThreadId, GetCurrentProcessId, CreateThread, OpenThreadToken
api-ms-win-security-base-l1-1-0.dll
GetTokenInformation, GetAce, AddAccessAllowedAceEx, SetSecurityDescriptorSacl, CheckTokenMembership, SetKernelObjectSecurity, GetSidLengthRequired, InitializeSid, GetSidSubAuthority, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, MakeAbsoluteSD, MakeSelfRelativeSD, GetAclInformation, InitializeAcl, AddAce, CopySid, IsValidSid, GetLengthSid, GetSecurityDescriptorGroup, GetSecurityDescriptorDacl, GetSecurityDescriptorSacl, GetSecurityDescriptorControl, FreeSid, AddAccessAllowedAce, AllocateAndInitializeSid, GetKernelObjectSecurity, GetSecurityDescriptorLength, GetSecurityDescriptorOwner
api-ms-win-service-core-l1-1-0.dll
RegisterServiceCtrlHandlerExW, SetServiceStatus
avrt.dll
AvSetMmThreadPriority, AvQuerySystemResponsiveness, AvSetMmThreadCharacteristicsA, AvRevertMmThreadCharacteristics
cfgmgr32.dll
CMP_RegisterNotification, CM_MapCrToWin32Err, CMP_UnregisterNotification
kernel32.dll
RegEnumKeyExW, InitializeCriticalSectionAndSpinCount, RegDeleteValueW, OpenProcess, FileTimeToSystemTime, FileTimeToLocalFileTime, WerRegisterMemoryBlock, GetSystemPowerStatus, SetEventWhenCallbackReturns, RegQueryInfoKeyW, RegDeleteTreeW, RegEnumValueW, RegOpenKeyExW, RegCreateKeyExW, GetCurrentThread, OutputDebugStringA, SetUnhandledExceptionFilter, RegCloseKey, RegSetKeySecurity, RegGetKeySecurity, SetThreadPriority, UnhandledExceptionFilter, GetSystemTimeAsFileTime, QueryPerformanceCounter, MultiByteToWideChar, InterlockedExchange, GetVersionExA, HeapSize, HeapDestroy, LoadLibraryExA, InterlockedCompareExchange, FreeLibrary, GetProcAddress, DelayLoadFailureHook, CreateFileMappingW, MapViewOfFile, UnmapViewOfFile, CompareStringOrdinal, EnterCriticalSection, HeapAlloc, GetProcessHeap, HeapFree, SetEvent, WaitForSingleObject, CloseHandle, UnregisterWait, CreateEventW, GetLastError, DeleteCriticalSection, RaiseException, InitializeCriticalSection, PostQueuedCompletionStatus, GetQueuedCompletionStatus, DisableThreadLibraryCalls, InterlockedIncrement, InterlockedDecrement, LocalFree, CreateEventExW, CreateIoCompletionPort, CompareStringW, GetComputerNameW, GetSystemTime, GetVersionExW, LeaveCriticalSection, WaitForMultipleObjects, ResetEvent, Sleep, GetTickCount, GetSystemDirectoryW, OutputDebugStringW, SizeofResource, LockResource, LoadResource, FindResourceW, FindResourceExW, SetThreadpoolTimer, CloseThreadpoolTimer, WaitForThreadpoolTimerCallbacks, CreateThreadpoolTimer, CreateThreadpoolCleanupGroup, CloseThreadpoolCleanupGroup, CloseThreadpoolCleanupGroupMembers, CreateThreadpoolWork, CloseThreadpoolWork, WaitForThreadpoolWorkCallbacks, WaitForThreadpoolWaitCallbacks, SubmitThreadpoolWork, CreateThreadpoolWait, SetThreadpoolWait, CloseThreadpoolWait, HeapReAlloc, lstrlenW
msvcrt.dll
DllMain
ntdll.dll
EtwLogTraceEvent, NtQueryInformationProcess, RtlSetLastWin32ErrorAndNtStatusFromNtStatus, EtwTraceMessage, EtwGetTraceEnableFlags, EtwGetTraceEnableLevel, EtwGetTraceLoggerHandle, EtwRegisterTraceGuidsW, EtwUnregisterTraceGuids, EtwEventRegister, EtwEventUnregister, EtwEventWrite, ShipAssert, WinSqmAddToStreamEx, RtlDeleteResource, RtlReleaseResource, RtlAcquireResourceExclusive, RtlAcquireResourceShared, RtlInitializeResource, ShipAssertMsgW
powrprof.dll
PowerSettingUnregisterNotification, PowerSettingRegisterNotification
rpcrt4.dll
RpcRevertToSelf, I_RpcExceptionFilter, RpcBindingFree, RpcStringBindingComposeW, RpcImpersonateClient, UuidEqual, RpcServerUseProtseqEpW, I_RpcBindingInqLocalClientPID, NdrServerCall2, UuidCreate, RpcBindingFromStringBindingW, NdrClientCall2, I_RpcBindingInqTransportType, RpcBindingVectorFree, RpcStringBindingParseW, RpcServerRegisterIfEx, RpcBindingToStringBindingW, RpcServerUnregisterIfEx, RpcServerInqBindings, RpcStringFreeW
Export table
ServiceMain
SvchostPushServiceGlobals
