Import table
advapi32.dll
DuplicateTokenEx, ControlService, ConvertStringSecurityDescriptorToSecurityDescriptorW, SetServiceStatus, QueryServiceStatus, SetTokenInformation, RegisterServiceCtrlHandlerExW, OpenServiceW, StartServiceCtrlDispatcherW, OpenSCManagerW, DeleteService, OpenProcessToken, CloseServiceHandle, CreateServiceW, RegSetValueExW, RegEnumKeyExW, RegGetValueW, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegCreateKeyExW, RegCloseKey, RegOpenKeyExW, RegDeleteValueW, RegDeleteKeyW, CreateProcessAsUserW, RegQueryValueExW
kernel32.dll
CloseHandle, InterlockedIncrement, InterlockedDecrement, ConnectNamedPipe, CreateNamedPipeW, WriteFile, Sleep, ReadFile, CreateFileW, DisconnectNamedPipe, FlushFileBuffers, ResumeThread, CreateThread, SwitchToThread, GetCommandLineW, FreeLibrary, GetCurrentProcess, lstrcmpiW, SetEvent, InitializeCriticalSection, LoadLibraryW, LeaveCriticalSection, TerminateProcess, SetLastError, GetProcAddress, EnterCriticalSection, CreateEventW, WaitForMultipleObjects, OpenEventW, DeleteCriticalSection, LocalFree, InitializeCriticalSectionAndSpinCount, GetConsoleMode, GetConsoleCP, WTSGetActiveConsoleSessionId, GetLastError, GetSystemDirectoryW, RtlUnwind, InterlockedExchange, LoadLibraryA, GetStringTypeA, GetStringTypeW, GetUserDefaultLCID, GetLocaleInfoA, EnumSystemLocalesA, IsValidLocale, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, GetLocaleInfoW, InterlockedCompareExchange, CreateFileA, WaitForSingleObject, SetFilePointer, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, GetFileType, SetHandleCount, HeapFree, HeapAlloc, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetCommandLineA, GetStartupInfoA, HeapCreate, VirtualFree, VirtualAlloc, HeapReAlloc, GetModuleHandleW, ExitProcess, GetStdHandle, GetModuleFileNameA, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, GetCurrentThreadId, HeapSize, LCMapStringA, WideCharToMultiByte, MultiByteToWideChar, LCMapStringW, RaiseException, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW
ole32.dll
CoInitialize, CoInitializeSecurity
rpcrt4.dll
UuidToStringW, RpcStringFreeW
setupapi.dll
SetupDiGetDeviceInstanceIdW, CM_Get_DevNode_Status, SetupDiGetDeviceRegistryPropertyW, SetupDiDestroyDeviceInfoList, SetupDiEnumDeviceInfo, SetupDiOpenDevRegKey, SetupDiGetClassDevsW
shell32.dll
CommandLineToArgvW, SHGetFolderPathW, SHCreateDirectoryExW
shlwapi.dll
SHDeleteValueW, SHSetValueW, PathAddBackslashW, StrStrIW, PathFileExistsW, PathAppendW
user32.dll
RegisterDeviceNotificationW, UnregisterDeviceNotification
userenv.dll
DestroyEnvironmentBlock, CreateEnvironmentBlock
wtsapi32.dll
WTSQueryUserToken
