Import table
advapi32.dll
RegEnumValueW, ControlService, ConvertStringSecurityDescriptorToSecurityDescriptorW, SetServiceStatus, QueryServiceStatus, DuplicateTokenEx, SetTokenInformation, RegQueryInfoKeyW, RegisterServiceCtrlHandlerExW, OpenServiceW, StartServiceCtrlDispatcherW, OpenSCManagerW, DeleteService, OpenProcessToken, CloseServiceHandle, CreateServiceW, RegSetValueExW, RegEnumKeyExW, RegGetValueW, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegCreateKeyExW, RegCloseKey, RegOpenKeyExW, RegDeleteValueW, RegDeleteKeyW, CreateProcessAsUserW, RegQueryValueExW
kernel32.dll
InterlockedDecrement, ConnectNamedPipe, CreateNamedPipeW, WriteFile, ReadFile, CreateFileW, DisconnectNamedPipe, FlushFileBuffers, ResumeThread, CreateThread, GetCommandLineW, CreateMutexW, FindResourceW, FreeLibrary, LoadResource, LoadLibraryExW, GetCurrentProcess, QueryPerformanceCounter, WaitForSingleObject, InterlockedCompareExchange, SetEvent, OutputDebugStringW, GetModuleHandleW, GetSystemTimeAsFileTime, InitializeCriticalSection, GetProcessTimes, WideCharToMultiByte, LoadLibraryW, InitializeCriticalSectionAndSpinCount, Sleep, SizeofResource, CreateEventA, LeaveCriticalSection, InterlockedIncrement, GetLastError, MultiByteToWideChar, lstrlenW, RaiseException, InterlockedExchange, GetFileSizeEx, SetLastError, GetProcAddress, EnterCriticalSection, InterlockedExchangeAdd, CreateEventW, WaitForMultipleObjects, OpenEventW, QueryPerformanceFrequency, DeleteCriticalSection, GetCurrentThreadId, ReleaseMutex, LocalFree, ExpandEnvironmentStringsW, GetTickCount, CreateSemaphoreA, ReleaseSemaphore, DuplicateHandle, DeviceIoControl, GetLocaleInfoW, CloseHandle, lstrcmpiW, TerminateProcess, WTSGetActiveConsoleSessionId, GetSystemDirectoryW, GetFileAttributesW, RemoveDirectoryW, DeleteFileW, CreateDirectoryW, MoveFileW, FormatMessageA, GetModuleFileNameW, CreateWaitableTimerA, SetWaitableTimer, SystemTimeToFileTime, ResetEvent, OpenEventA, GetProcessHeap, SetEnvironmentVariableA, CompareStringW, WriteConsoleW, SetStdHandle, IsValidLocale, EnumSystemLocalesA, GetLocaleInfoA, GetUserDefaultLCID, GetConsoleMode, GetConsoleCP, SetFilePointer, RtlUnwind, GetCurrentProcessId, GetFileType, SetHandleCount, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetModuleFileNameA, GetStringTypeW, HeapReAlloc, GetTimeZoneInformation, LCMapStringW, HeapSize, TlsFree, TlsSetValue, LocalAlloc, LoadLibraryA, HeapFree, HeapAlloc, EncodePointer, DecodePointer, GetTimeFormatA, GetDateFormatA, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, VirtualProtect, VirtualAlloc, GetSystemInfo, VirtualQuery, GetCommandLineA, HeapSetInformation, GetStartupInfoW, HeapCreate, ExitProcess, GetStdHandle, IsProcessorFeaturePresent, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, TlsAlloc, TlsGetValue
ole32.dll
StringFromCLSID, CoAddRefServerProcess, CoRevokeClassObject, CoTaskMemAlloc, StringFromGUID2, CoInitializeSecurity, CoInitializeEx, CoRegisterClassObject, CoResumeClassObjects, CoCreateInstanceEx, CoTaskMemRealloc, CoCreateInstance, CoTaskMemFree
rpcrt4.dll
UuidToStringW, RpcStringFreeW
setupapi.dll
SetupDiDestroyDeviceInfoList, SetupDiGetClassDevsW, SetupDiOpenDevRegKey, SetupDiEnumDeviceInfo, SetupDiGetDeviceRegistryPropertyW, CM_Get_DevNode_Status, SetupDiGetDeviceInstanceIdW
shlwapi.dll
SHDeleteValueW, StrStrIW, SHSetValueW, PathAddBackslashW, PathAppendW, PathFileExistsW, PathFindFileNameW
userenv.dll
CreateEnvironmentBlock, DestroyEnvironmentBlock
wtsapi32.dll
WTSQueryUserToken