Import table
advapi32.dll
RegGetValueW, RegisterTraceGuidsW, ControlService, GetTraceEnableLevel, ConvertStringSecurityDescriptorToSecurityDescriptorW, UnregisterTraceGuids, SetServiceStatus, QueryServiceStatus, DuplicateTokenEx, GetTraceLoggerHandle, SetTokenInformation, GetTraceEnableFlags, RegisterServiceCtrlHandlerExW, OpenServiceW, StartServiceCtrlDispatcherW, OpenSCManagerW, DeleteService, OpenProcessToken, CloseServiceHandle, CreateServiceW, RegSetValueExW, RegEnumKeyExW, RegEnumValueW, RegQueryInfoKeyW, RegCreateKeyExW, TraceMessage, RegCloseKey, RegOpenKeyExW, RegDeleteValueW, RegDeleteKeyW, CreateProcessAsUserW, RegQueryValueExW
kernel32.dll
InterlockedCompareExchange, SetEvent, OutputDebugStringW, GetModuleHandleW, GetSystemTimeAsFileTime, WriteFile, GetProcessTimes, WideCharToMultiByte, InitializeCriticalSectionAndSpinCount, SizeofResource, CreateEventA, LeaveCriticalSection, CreateSemaphoreA, GetModuleFileNameW, CreateFileW, MultiByteToWideChar, lstrlenW, ReleaseSemaphore, RaiseException, InterlockedExchange, GetFileSizeEx, GetProcAddress, EnterCriticalSection, Process32FirstW, InterlockedExchangeAdd, WaitForMultipleObjects, Process32NextW, WaitForSingleObject, InterlockedIncrement, DeleteCriticalSection, GetCurrentThreadId, ReleaseMutex, ExpandEnvironmentStringsW, GetCommandLineW, InitializeCriticalSection, LoadLibraryW, Sleep, TerminateProcess, SetLastError, CreateEventW, OpenEventW, LocalFree, GetTickCount, DuplicateHandle, CreateThread, DeviceIoControl, GetLocaleInfoW, QueryPerformanceCounter, GetCurrentProcess, CreateToolhelp32Snapshot, InterlockedDecrement, LoadLibraryExW, LoadResource, FreeLibrary, FindResourceW, CreateMutexW, CloseHandle, lstrcmpiW, WTSGetActiveConsoleSessionId, GetLastError, GetSystemDirectoryW, RemoveDirectoryW, DeleteFileW, CreateDirectoryW, MoveFileW, ReadFile, FormatMessageA, QueryPerformanceFrequency, GetFileAttributesW, CreateWaitableTimerA, SetWaitableTimer, SystemTimeToFileTime, ResetEvent, OpenEventA, GetProcessHeap, SetEnvironmentVariableA, CompareStringW, FlushFileBuffers, WriteConsoleW, SetStdHandle, IsValidLocale, EnumSystemLocalesA, GetLocaleInfoA, GetUserDefaultLCID, GetConsoleMode, GetConsoleCP, SetFilePointer, RtlUnwind, LocalAlloc, LoadLibraryA, HeapFree, HeapAlloc, GetTimeFormatA, GetDateFormatA, EncodePointer, DecodePointer, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, VirtualProtect, VirtualAlloc, GetSystemInfo, VirtualQuery, GetCommandLineA, HeapSetInformation, GetStartupInfoW, HeapCreate, ExitProcess, GetStdHandle, IsProcessorFeaturePresent, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, GetTimeZoneInformation, HeapSize, LCMapStringW, HeapReAlloc, GetStringTypeW, GetModuleFileNameA, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, GetCurrentProcessId
ole32.dll
CoTaskMemFree, CoTaskMemAlloc, CoCreateInstance, StringFromGUID2, CoRevokeClassObject, StringFromCLSID, CoTaskMemRealloc, CoInitializeSecurity, CoInitializeEx, CoRegisterClassObject, CoResumeClassObjects, CoCreateInstanceEx, CoAddRefServerProcess
setupapi.dll
SetupDiEnumDeviceInfo, SetupDiGetClassDevsW, SetupDiOpenDevRegKey, SetupDiDestroyDeviceInfoList, SetupDiGetDeviceRegistryPropertyW, CM_Get_DevNode_Status, SetupDiGetDeviceInstanceIdW
shlwapi.dll
SHSetValueW, PathAddBackslashW, StrStrIW, PathFindFileNameW, SHDeleteValueW
userenv.dll
CreateEnvironmentBlock, DestroyEnvironmentBlock
wtsapi32.dll
WTSQueryUserToken