Import table
advapi32.dll
TraceMessage, GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, RegisterTraceGuidsW, UnregisterTraceGuids, RegCloseKey, RegGetValueW, CopySid, GetLengthSid, GetTokenInformation, OpenProcessToken, OpenThreadToken, ConvertSidToStringSidW, RegNotifyChangeKeyValue, RegOpenKeyExW, RegQueryValueExW, EqualSid, ConvertStringSidToSidW, LookupAccountSidW, CreateWellKnownSid, LogonUserW
kernel32.dll
RegisterApplicationRestart, HeapSetInformation, InterlockedDecrement, CloseHandle, UnregisterWait, FreeResource, LockResource, LoadResource, GetLastError, FormatMessageW, LocalFree, LocalAlloc, GetCurrentProcess, GetCurrentThread, LeaveCriticalSection, EnterCriticalSection, RegisterWaitForSingleObject, CreateEventW, CreateThread, InterlockedIncrement, IsWow64Process, FileTimeToSystemTime, GetLocalTime, FileTimeToLocalFileTime, SystemTimeToFileTime, SystemTimeToTzSpecificLocalTime, DeleteCriticalSection, UnhandledExceptionFilter, TerminateProcess, GetSystemTimeAsFileTime, GetCurrentProcessId, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, GetModuleHandleA, SetUnhandledExceptionFilter, GetStartupInfoW, InterlockedCompareExchange, Sleep, InterlockedExchange, InitializeCriticalSection, FindResourceExW
msvcrt.dll
DllMain
netapi32.dll
NetQueryDisplayInformation, NetUserGetLocalGroups, NetApiBufferFree
ntdll.dll
WinSqmEventWrite, WinSqmEventEnabled
ole32.dll
CoSetProxyBlanket, CoTaskMemFree, CLSIDFromString, StringFromGUID2, CoQueryProxyBlanket, CoCreateInstance, CoInitialize, CoUninitialize, CoGetObject
secur32.dll
LsaGetLogonSessionData, LsaEnumerateLogonSessions, LsaFreeReturnBuffer
shell32.dll
Shell_NotifyIconW
shlwapi.dll
SHRegGetValueW, PathFindFileNameW
user32.dll
LoadStringW, KillTimer, DefWindowProcW, CharLowerBuffW, GetMessageW, GetWindowLongW, RegisterWindowMessageW, SetWindowLongW, CreateWindowExW, RegisterClassExW, LoadCursorW, FindWindowW, DestroyMenu, TrackPopupMenuEx, SetForegroundWindow, GetCursorPos, GetSubMenu, LoadMenuW, TranslateMessage, DispatchMessageW, DestroyWindow, UnregisterClassW, DestroyIcon, CopyImage, LoadImageW, SetTimer, PostMessageW
wevtapi.dll
EvtRender, EvtSubscribe, EvtClose
wtsapi32.dll
WTSFreeMemory, WTSQuerySessionInformationW
