Import table
advapi32.dll
GetSecurityDescriptorOwner, RegEnumKeyW, RegisterTraceGuidsA, TraceEvent, RegDeleteValueW, RegEnumKeyExW, RegQueryInfoKeyW, RegEnumValueW, RegGetValueW, RegCreateKeyExW, SetKernelObjectSecurity, SetSecurityDescriptorSacl, RegSetKeySecurity, RegGetKeySecurity, AddAccessAllowedAceEx, GetAce, OpenThreadToken, GetTokenInformation, ConvertSidToStringSidW, RegSetValueExW, GetKernelObjectSecurity, AllocateAndInitializeSid, AddAccessAllowedAce, FreeSid, ConvertStringSidToSidW, CheckTokenMembership, RegOpenKeyExW, RegQueryValueExW, RegCloseKey, GetSecurityDescriptorLength, GetSidLengthRequired, InitializeSid, GetSidSubAuthority, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, MakeAbsoluteSD, MakeSelfRelativeSD, GetAclInformation, InitializeAcl, AddAce, CopySid, IsValidSid, GetLengthSid, GetSecurityDescriptorGroup, GetSecurityDescriptorDacl, GetSecurityDescriptorSacl, GetSecurityDescriptorControl, ConvertStringSecurityDescriptorToSecurityDescriptorW, RegisterServiceCtrlHandlerExW, SetServiceStatus, RegisterEventSourceW, ReportEventW, DeregisterEventSource, UnregisterTraceGuids, RegisterTraceGuidsW, GetTraceLoggerHandle, GetTraceEnableLevel, GetTraceEnableFlags, TraceMessage
api-ms-win-core-apiquery-l1-1-0.dll
ApiSetQueryApiSetPresence
api-ms-win-core-debug-l1-1-1.dll
OutputDebugStringW, OutputDebugStringA
api-ms-win-core-delayload-l1-1-1.dll
DelayLoadFailureHook, ResolveDelayLoadedAPI
api-ms-win-core-errorhandling-l1-1-1.dll
RaiseException, GetLastError, UnhandledExceptionFilter, SetUnhandledExceptionFilter
api-ms-win-core-file-l1-2-0.dll
CreateFileW, FileTimeToLocalFileTime
api-ms-win-core-handle-l1-1-0.dll
CloseHandle, DuplicateHandle
api-ms-win-core-heap-l1-2-0.dll
HeapFree, HeapDestroy, HeapSize, HeapReAlloc, GetProcessHeap, HeapAlloc
api-ms-win-core-heap-obsolete-l1-1-0.dll
LocalFree, LocalAlloc
api-ms-win-core-interlocked-l1-2-0.dll
InterlockedCompareExchange, InterlockedIncrement, InterlockedDecrement, InterlockedExchange, InterlockedCompareExchange64
api-ms-win-core-io-l1-1-1.dll
PostQueuedCompletionStatus, GetQueuedCompletionStatus, CreateIoCompletionPort
api-ms-win-core-kernel32-legacy-l1-1-0.dll
GetSystemPowerStatus, WaitForMultipleObjects
api-ms-win-core-libraryloader-l1-1-1.dll
FindResourceExW, DisableThreadLibraryCalls, SizeofResource, LockResource, LoadResource
api-ms-win-core-localregistry-l1-1-0.dll
RegSetValueExW, RegQueryValueExW, RegGetValueW
api-ms-win-core-memory-l1-1-1.dll
CreateFileMappingW, MapViewOfFile, UnmapViewOfFile
api-ms-win-core-processthreads-l1-1-0.dll
CreateProcessW, GetCurrentProcess, ProcessIdToSessionId, TerminateProcess, GetExitCodeProcess, GetCurrentThreadId, GetCurrentProcessId, CreateThread, OpenThreadToken
api-ms-win-core-processthreads-l1-1-1.dll
OpenProcessToken, GetExitCodeProcess, GetCurrentProcessId, TerminateProcess, GetCurrentThreadId, OpenProcess, CreateProcessW, GetCurrentProcess, ProcessIdToSessionId, SetThreadPriority, CreateThread, GetCurrentThread, OpenThreadToken
api-ms-win-core-profile-l1-1-0.dll
QueryPerformanceCounter
api-ms-win-core-registry-l1-1-0.dll
RegOpenKeyExW, RegOpenCurrentUser, RegCloseKey, RegEnumKeyExW, RegEnumValueW, RegDeleteValueW, RegCreateKeyExW, RegSetKeySecurity, RegQueryInfoKeyW, RegGetValueW, RegSetValueExW, RegQueryValueExW, RegGetKeySecurity
api-ms-win-core-string-l1-1-0.dll
MultiByteToWideChar, CompareStringOrdinal, CompareStringW
api-ms-win-core-string-obsolete-l1-1-0.dll
lstrcmpiW, lstrcmpW, lstrlenW
api-ms-win-core-synch-l1-2-0.dll
InitializeCriticalSectionAndSpinCount, WaitForMultipleObjectsEx, ResetEvent, CreateEventW, WaitForSingleObjectEx, SetEvent, CreateEventExW, DeleteCriticalSection, InitializeCriticalSection, WaitForSingleObject, LeaveCriticalSection, EnterCriticalSection, Sleep, TryEnterCriticalSection
api-ms-win-core-sysinfo-l1-2-0.dll
GetSystemTime, GetVersionExW, GetSystemDirectoryW, GetTickCount, GetComputerNameExW, GetSystemTimeAsFileTime
api-ms-win-core-threadpool-l1-2-0.dll
SetEventWhenCallbackReturns, CloseThreadpoolCleanupGroup, CreateThreadpoolWork, CreateThreadpoolWait, SetThreadpoolWait, CreateThreadpoolCleanupGroup, CloseThreadpoolWait, WaitForThreadpoolWaitCallbacks, CloseThreadpoolWork, CloseThreadpoolTimer, WaitForThreadpoolTimerCallbacks, CreateThreadpoolTimer, SetThreadpoolTimer, CloseThreadpoolCleanupGroupMembers, WaitForThreadpoolWorkCallbacks, SubmitThreadpoolWork
api-ms-win-core-threadpool-legacy-l1-1-0.dll
UnregisterWaitEx
api-ms-win-core-timezone-l1-1-0.dll
FileTimeToSystemTime
api-ms-win-core-windowserrorreporting-l1-1-0.dll
WerRegisterMemoryBlock
api-ms-win-eventing-classicprovider-l1-1-0.dll
TraceMessage
api-ms-win-eventing-provider-l1-1-0.dll
EventWrite
api-ms-win-security-base-l1-1-0.dll
GetTokenInformation, GetAce, AddAccessAllowedAceEx, SetSecurityDescriptorSacl, CheckTokenMembership, SetKernelObjectSecurity, GetSidLengthRequired, InitializeSid, GetSidSubAuthority, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, MakeAbsoluteSD, MakeSelfRelativeSD, GetAclInformation, InitializeAcl, AddAce, CopySid, IsValidSid, GetLengthSid, GetSecurityDescriptorGroup, GetSecurityDescriptorDacl, GetSecurityDescriptorSacl, GetSecurityDescriptorControl, FreeSid, AddAccessAllowedAce, AllocateAndInitializeSid, GetKernelObjectSecurity, GetSecurityDescriptorLength, GetSecurityDescriptorOwner
api-ms-win-security-base-l1-2-0.dll
GetSidLengthRequired, InitializeSid, GetSidSubAuthority, CopySid, IsValidSid, InitializeAcl, SetSecurityDescriptorSacl, AddAce, GetKernelObjectSecurity, GetAce, GetTokenInformation, AddAccessAllowedAce, AllocateAndInitializeSid, CheckTokenMembership, AddAccessAllowedAceEx, SetKernelObjectSecurity, InitializeSecurityDescriptor, GetAclInformation, MakeAbsoluteSD, GetSecurityDescriptorControl, GetSecurityDescriptorLength, GetLengthSid, GetSecurityDescriptorOwner, FreeSid, GetSecurityDescriptorGroup, MakeSelfRelativeSD, GetSecurityDescriptorSacl, SetSecurityDescriptorDacl, GetSecurityDescriptorDacl
api-ms-win-service-core-l1-1-0.dll
RegisterServiceCtrlHandlerExW, SetServiceStatus
api-ms-win-service-core-l1-1-1.dll
RegisterServiceCtrlHandlerExW, SetServiceStatus
avrt.dll
AvSetMmThreadPriority, AvQuerySystemResponsiveness, AvSetMmThreadCharacteristicsA, AvRevertMmThreadCharacteristics
cfgmgr32.dll
CMP_RegisterNotification, CM_MapCrToWin32Err, CMP_UnregisterNotification
hid.dll
HidD_GetHidGuid, HidP_GetCaps, HidD_GetPreparsedData, HidD_GetAttributes, HidD_FreePreparsedData
kernel32.dll
RegEnumKeyExW, InitializeCriticalSectionAndSpinCount, RegDeleteValueW, OpenProcess, FileTimeToSystemTime, FileTimeToLocalFileTime, WerRegisterMemoryBlock, GetSystemPowerStatus, SetEventWhenCallbackReturns, RegQueryInfoKeyW, RegDeleteTreeW, RegEnumValueW, RegOpenKeyExW, RegCreateKeyExW, GetCurrentThread, OutputDebugStringA, SetUnhandledExceptionFilter, RegCloseKey, RegSetKeySecurity, RegGetKeySecurity, SetThreadPriority, UnhandledExceptionFilter, GetSystemTimeAsFileTime, QueryPerformanceCounter, MultiByteToWideChar, InterlockedExchange, GetVersionExA, HeapSize, HeapDestroy, LoadLibraryExA, InterlockedCompareExchange, FreeLibrary, GetProcAddress, DelayLoadFailureHook, CreateFileMappingW, MapViewOfFile, UnmapViewOfFile, CompareStringOrdinal, EnterCriticalSection, HeapAlloc, GetProcessHeap, HeapFree, SetEvent, WaitForSingleObject, CloseHandle, UnregisterWait, CreateEventW, GetLastError, DeleteCriticalSection, RaiseException, InitializeCriticalSection, PostQueuedCompletionStatus, GetQueuedCompletionStatus, DisableThreadLibraryCalls, InterlockedIncrement, InterlockedDecrement, LocalFree, CreateEventExW, CreateIoCompletionPort, CompareStringW, GetComputerNameW, GetSystemTime, GetVersionExW, LeaveCriticalSection, WaitForMultipleObjects, ResetEvent, Sleep, GetTickCount, GetSystemDirectoryW, OutputDebugStringW, SizeofResource, LockResource, LoadResource, FindResourceW, FindResourceExW, SetThreadpoolTimer, CloseThreadpoolTimer, WaitForThreadpoolTimerCallbacks, CreateThreadpoolTimer, CreateThreadpoolCleanupGroup, CloseThreadpoolCleanupGroup, CloseThreadpoolCleanupGroupMembers, CreateThreadpoolWork, CloseThreadpoolWork, WaitForThreadpoolWorkCallbacks, WaitForThreadpoolWaitCallbacks, SubmitThreadpoolWork, CreateThreadpoolWait, SetThreadpoolWait, CloseThreadpoolWait, HeapReAlloc, lstrlenW, GetExitCodeProcess, CreateProcessW, GetCurrentProcess, ProcessIdToSessionId, TerminateProcess, QueueUserWorkItem, CreateTimerQueueTimer, DeleteTimerQueueEx, CreateTimerQueue, DeleteTimerQueueTimer, GetCurrentThreadId, GetCurrentProcessId, CreateThread
mmdevapi.dll
GetClassFromEndpointId, GenerateMediaEvent, GetSessionIdFromEndpointId, CleanupDeviceAPI, AE_FREE, AE_NEW
msvcrt.dll
DllMain
ntdll.dll
EtwLogTraceEvent, NtQueryInformationProcess, RtlSetLastWin32ErrorAndNtStatusFromNtStatus, EtwTraceMessage, EtwGetTraceEnableFlags, EtwGetTraceEnableLevel, EtwGetTraceLoggerHandle, EtwRegisterTraceGuidsW, EtwUnregisterTraceGuids, EtwEventRegister, EtwEventUnregister, EtwEventWrite, ShipAssert, WinSqmAddToStreamEx, RtlDeleteResource, RtlReleaseResource, RtlAcquireResourceExclusive, RtlAcquireResourceShared, RtlInitializeResource, ShipAssertMsgW, RtlCompareUnicodeString, RtlNtStatusToDosErrorNoTeb, RtlAllocateHeap, RtlFreeHeap, NtPowerInformation, RtlInitUnicodeString, NtQueryInformationToken
ole32.dll
CoCreateInstance, PropVariantClear, CoInitializeEx, CoUninitialize, CLSIDFromString, PropVariantCopy, StringFromCLSID, StringFromGUID2, CoTaskMemFree, CoSetProxyBlanket, CoTaskMemAlloc
powrprof.dll
PowerSettingUnregisterNotification, PowerSettingRegisterNotification
rpcrt4.dll
RpcRevertToSelf, I_RpcExceptionFilter, RpcBindingFree, RpcStringBindingComposeW, RpcImpersonateClient, UuidEqual, RpcServerUseProtseqEpW, I_RpcBindingInqLocalClientPID, NdrServerCall2, UuidCreate, RpcBindingFromStringBindingW, NdrClientCall2, I_RpcBindingInqTransportType, RpcBindingVectorFree, RpcStringBindingParseW, RpcServerRegisterIfEx, RpcBindingToStringBindingW, RpcServerUnregisterIfEx, RpcServerInqBindings, RpcStringFreeW, RpcServerInqCallAttributesW, RpcServerRegisterIf3
user32.dll
UnregisterDeviceNotification, RegisterPowerSettingNotification, RegisterDeviceNotificationW, BroadcastSystemMessageW, RegisterWindowMessageW, UnregisterClassA, LoadStringW, UnregisterPowerSettingNotification
winsta.dll
WinStationQueryInformationW, WinStationQueryEnforcementCore
wtsapi32.dll
WTSQuerySessionInformationW, WTSFreeMemory
Export table
ServiceMain
SvchostPushServiceGlobals