Import table
advapi32.dll
RevertToSelf, RegCreateKeyExW, CreateProcessAsUserW, RegCloseKey, OpenProcessToken, ImpersonateLoggedOnUser, RegQueryValueExW, SetSecurityDescriptorDacl, RegOpenKeyExW, InitializeSecurityDescriptor
kernel32.dll
WriteConsoleA, SetStdHandle, LoadLibraryA, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, GetCurrentProcess, DeleteFileW, CreateFileW, CreateEventW, DeleteCriticalSection, GetProcessHeap, WriteFile, CloseHandle, GetLastError, GetTempPathW, GetConsoleOutputCP, lstrlenW, EnterCriticalSection, GetVersionExW, HeapAlloc, MultiByteToWideChar, ResetEvent, GetSystemDirectoryW, LeaveCriticalSection, CreateProcessW, OpenProcess, Sleep, WaitForSingleObject, IsBadCodePtr, InterlockedDecrement, GetProcAddress, InitializeCriticalSection, GetModuleHandleA, HeapFree, HeapSize, HeapValidate, HeapReAlloc, GetConsoleMode, GetConsoleCP, WriteConsoleW, CreateFileA, FlushFileBuffers, CompareStringA, CompareStringW, QueryPerformanceCounter, SetEnvironmentVariableA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GlobalFree, SetFilePointer, GetCurrentProcessId, GetTickCount, FreeEnvironmentStringsA, GetStartupInfoA, GetFileType, SetHandleCount, ExitProcess, GetModuleFileNameA, GetStdHandle, VirtualAlloc, VirtualFree, HeapCreate, HeapDestroy, SetLastError, TlsFree, InterlockedExchange, GetACP, GetLocaleInfoA, GetThreadLocale, GetVersionExA, WideCharToMultiByte, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetTimeZoneInformation, GetSystemTimeAsFileTime, GetCurrentThreadId, GetCommandLineA, RaiseException, RtlUnwind, GetCPInfo, InterlockedIncrement, GetOEMCP, IsValidCodePage, TlsGetValue, TlsAlloc, TlsSetValue, LoadLibraryW, InitializeCriticalSectionAndSpinCount, GetModuleFileNameW, IsProcessorFeaturePresent, GetStartupInfoW, GetModuleHandleW, LocalFree, DecodePointer, EncodePointer
ole32.dll
CoCreateInstance, CLSIDFromString, CoUninitialize, CoInitializeEx
sensapi.dll
IsNetworkAlive
user32.dll
CharLowerBuffW
userenv.dll
DestroyEnvironmentBlock, CreateEnvironmentBlock
winhttp.dll
WinHttpQueryDataAvailable, WinHttpQueryHeaders, WinHttpReceiveResponse, WinHttpGetIEProxyConfigForCurrentUser, WinHttpGetProxyForUrl, WinHttpCloseHandle, WinHttpSetTimeouts, WinHttpWriteData, WinHttpCrackUrl, WinHttpReadData, WinHttpOpen, WinHttpSendRequest, WinHttpOpenRequest, WinHttpConnect
wtsapi32.dll
WTSEnumerateProcessesW, WTSFreeMemory, WTSEnumerateSessionsW
Export table
DeleteServiceObject
GetServiceObject
