srmscan.dll
Description: Microsoft® File Server Storage Reports Scan Engine
Authors: © Microsoft Corporation. All rights reserved.
Version: 10.0.19041.3636
Architecture: 32-bit
Operating System: Windows NT
SHA256: f194dd2815d4654a4e7fe69de849d311
File Size: 456.5 KB
Uploaded At: Dec. 1, 2025, 8:04 a.m.
Views: 11
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: OpenProcess
Exported Functions
- SrmIsNameInExpression (Ordinal: 1, Address: 0x20070)
- SrmCalculateCrcHash (Ordinal: 2, Address: 0x1d2d0)
- SrmEnsureSystemVolumeInformationFolder (Ordinal: 3, Address: 0x1d2f0)
- SrmIsInCluster (Ordinal: 4, Address: 0x1d310)
- SrmValidateNamespaceRoots (Ordinal: 5, Address: 0x1d450)
- SrmCreateOrDeleteNotificationScheduledTask (Ordinal: 6, Address: 0x1d5c0)
- SrmUtcFileTimeToLocalFileTime (Ordinal: 7, Address: 0x1d860)
- SrmLocalFileTimeToUtcFileTime (Ordinal: 8, Address: 0x1d8a0)
- DllCanUnloadNow (Ordinal: 9, Address: 0x1d280)
- DllGetClassObject (Ordinal: 10, Address: 0x1d2a0)
Imported DLLs & Functions
ACTIVEDS.dll
- (Address: 0x1006b000)
- (Address: 0x1006b004)
api-ms-win-core-com-l1-1-0.dll
- CLSIDFromString (Address: 0x1006b0dc)
- CoCreateGuid (Address: 0x1006b0c8)
- CoCreateInstance (Address: 0x1006b0e4)
- CoGetInterfaceAndReleaseStream (Address: 0x1006b0e0)
- CoInitializeEx (Address: 0x1006b0b8)
- CoMarshalInterThreadInterfaceInStream (Address: 0x1006b0c0)
- CoRevertToSelf (Address: 0x1006b0d4)
- CoTaskMemAlloc (Address: 0x1006b0c4)
- CoTaskMemFree (Address: 0x1006b0d8)
- CoTaskMemRealloc (Address: 0x1006b0b4)
- CoUninitialize (Address: 0x1006b0d0)
- PropVariantClear (Address: 0x1006b0cc)
- StringFromGUID2 (Address: 0x1006b0bc)
api-ms-win-core-debug-l1-1-0.dll
- DebugBreak (Address: 0x1006b0ec)
- OutputDebugStringW (Address: 0x1006b0f0)
api-ms-win-core-debug-l1-1-1.dll
- CheckRemoteDebuggerPresent (Address: 0x1006b0f8)
api-ms-win-core-errorhandling-l1-1-0.dll
- GetLastError (Address: 0x1006b108)
- SetUnhandledExceptionFilter (Address: 0x1006b104)
- UnhandledExceptionFilter (Address: 0x1006b100)
api-ms-win-core-file-l1-1-0.dll
- CompareFileTime (Address: 0x1006b118)
- CreateDirectoryW (Address: 0x1006b124)
- CreateFileW (Address: 0x1006b15c)
- DeleteFileW (Address: 0x1006b12c)
- FileTimeToLocalFileTime (Address: 0x1006b150)
- FlushFileBuffers (Address: 0x1006b140)
- GetDriveTypeW (Address: 0x1006b134)
- GetFileAttributesW (Address: 0x1006b110)
- GetFileInformationByHandle (Address: 0x1006b114)
- GetFileSizeEx (Address: 0x1006b11c)
- GetFileTime (Address: 0x1006b130)
- GetVolumeInformationW (Address: 0x1006b158)
- GetVolumePathNameW (Address: 0x1006b154)
- LocalFileTimeToFileTime (Address: 0x1006b128)
- ReadFile (Address: 0x1006b138)
- SetFileAttributesW (Address: 0x1006b148)
- SetFileInformationByHandle (Address: 0x1006b144)
- SetFilePointer (Address: 0x1006b13c)
- SetFileTime (Address: 0x1006b120)
- WriteFile (Address: 0x1006b14c)
api-ms-win-core-file-l1-2-0.dll
- GetVolumeNameForVolumeMountPointW (Address: 0x1006b164)
- GetVolumePathNamesForVolumeNameW (Address: 0x1006b168)
api-ms-win-core-file-l2-1-0.dll
- GetFileInformationByHandleEx (Address: 0x1006b174)
- ReOpenFile (Address: 0x1006b170)
api-ms-win-core-handle-l1-1-0.dll
- CloseHandle (Address: 0x1006b180)
- DuplicateHandle (Address: 0x1006b17c)
api-ms-win-core-heap-l2-1-0.dll
- LocalAlloc (Address: 0x1006b18c)
- LocalFree (Address: 0x1006b188)
api-ms-win-core-io-l1-1-0.dll
- DeviceIoControl (Address: 0x1006b194)
- GetOverlappedResult (Address: 0x1006b198)
api-ms-win-core-kernel32-private-l1-1-1.dll
- PrivCopyFileExW (Address: 0x1006b1a0)
api-ms-win-core-libraryloader-l1-2-0.dll
- DisableThreadLibraryCalls (Address: 0x1006b1b4)
- FreeLibrary (Address: 0x1006b1b8)
- GetProcAddress (Address: 0x1006b1ac)
- LoadLibraryExW (Address: 0x1006b1b0)
- LoadStringW (Address: 0x1006b1a8)
api-ms-win-core-libraryloader-l1-2-1.dll
- LoadLibraryW (Address: 0x1006b1c0)
api-ms-win-core-localization-l1-2-0.dll
- FormatMessageW (Address: 0x1006b1cc)
- GetThreadLocale (Address: 0x1006b1c8)
api-ms-win-core-processenvironment-l1-1-0.dll
- ExpandEnvironmentStringsW (Address: 0x1006b1d8)
- GetCommandLineW (Address: 0x1006b1d4)
api-ms-win-core-processthreads-l1-1-0.dll
- ExitProcess (Address: 0x1006b204)
- GetCurrentProcess (Address: 0x1006b1f0)
- GetCurrentProcessId (Address: 0x1006b1e0)
- GetCurrentThread (Address: 0x1006b1e4)
- GetCurrentThreadId (Address: 0x1006b1e8)
- OpenProcessToken (Address: 0x1006b1fc)
- OpenThreadToken (Address: 0x1006b1f4)
- SetThreadPriority (Address: 0x1006b1f8)
- SetThreadToken (Address: 0x1006b200)
- TerminateProcess (Address: 0x1006b1ec)
api-ms-win-core-processthreads-l1-1-1.dll
- OpenProcess (Address: 0x1006b20c)
api-ms-win-core-profile-l1-1-0.dll
- QueryPerformanceCounter (Address: 0x1006b214)
api-ms-win-core-registry-l1-1-0.dll
- RegCloseKey (Address: 0x1006b21c)
- RegOpenKeyExW (Address: 0x1006b224)
- RegQueryValueExW (Address: 0x1006b220)
api-ms-win-core-rtlsupport-l1-2-0.dll
- RtlCompareMemory (Address: 0x1006b22c)
api-ms-win-core-shlwapi-legacy-l1-1-0.dll
- PathFindExtensionW (Address: 0x1006b234)
api-ms-win-core-synch-l1-1-0.dll
- CreateEventW (Address: 0x1006b244)
- CreateMutexW (Address: 0x1006b25c)
- DeleteCriticalSection (Address: 0x1006b23c)
- EnterCriticalSection (Address: 0x1006b250)
- InitializeCriticalSection (Address: 0x1006b248)
- InitializeCriticalSectionAndSpinCount (Address: 0x1006b240)
- LeaveCriticalSection (Address: 0x1006b258)
- ReleaseMutex (Address: 0x1006b24c)
- SetEvent (Address: 0x1006b254)
- WaitForSingleObject (Address: 0x1006b260)
api-ms-win-core-synch-l1-2-0.dll
- Sleep (Address: 0x1006b268)
api-ms-win-core-synch-l1-2-1.dll
- WaitForMultipleObjects (Address: 0x1006b270)
api-ms-win-core-sysinfo-l1-1-0.dll
- GetLocalTime (Address: 0x1006b27c)
- GetSystemTimeAsFileTime (Address: 0x1006b280)
- GetTickCount (Address: 0x1006b278)
api-ms-win-core-threadpool-l1-2-0.dll
- CloseThreadpoolTimer (Address: 0x1006b2a4)
- CloseThreadpoolWait (Address: 0x1006b2a0)
- CreateThreadpoolTimer (Address: 0x1006b294)
- CreateThreadpoolWait (Address: 0x1006b288)
- SetThreadpoolTimer (Address: 0x1006b298)
- SetThreadpoolWait (Address: 0x1006b290)
- WaitForThreadpoolTimerCallbacks (Address: 0x1006b28c)
- WaitForThreadpoolWaitCallbacks (Address: 0x1006b29c)
api-ms-win-eventlog-legacy-l1-1-0.dll
- DeregisterEventSource (Address: 0x1006b2b4)
- RegisterEventSourceW (Address: 0x1006b2ac)
- ReportEventW (Address: 0x1006b2b0)
api-ms-win-security-base-l1-1-0.dll
- AddAccessAllowedAceEx (Address: 0x1006b2cc)
- AddAce (Address: 0x1006b2d8)
- CopySid (Address: 0x1006b2e0)
- CreateWellKnownSid (Address: 0x1006b2e4)
- GetAce (Address: 0x1006b2e8)
- GetAclInformation (Address: 0x1006b2dc)
- GetLengthSid (Address: 0x1006b2c8)
- GetTokenInformation (Address: 0x1006b2c4)
- InitializeAcl (Address: 0x1006b2bc)
- InitializeSecurityDescriptor (Address: 0x1006b2d4)
- MapGenericMask (Address: 0x1006b2c0)
- SetSecurityDescriptorDacl (Address: 0x1006b2d0)
api-ms-win-security-base-l1-2-0.dll
- AddResourceAttributeAce (Address: 0x1006b2f0)
api-ms-win-security-lsalookup-l2-1-0.dll
- LookupAccountSidW (Address: 0x1006b2f8)
api-ms-win-security-provider-l1-1-0.dll
- GetSecurityInfo (Address: 0x1006b304)
- SetSecurityInfo (Address: 0x1006b300)
api-ms-win-security-sddl-l1-1-0.dll
- ConvertSidToStringSidW (Address: 0x1006b30c)
ATL.DLL
- (Address: 0x1006b00c)
- (Address: 0x1006b010)
- (Address: 0x1006b014)
- (Address: 0x1006b018)
- (Address: 0x1006b01c)
- (Address: 0x1006b020)
CLUSAPI.dll
- GetNodeClusterState (Address: 0x1006b028)
logoncli.dll
- DsGetDcNameW (Address: 0x1006b314)
msdrm.dll
- DRMAcquireIssuanceLicenseTemplate (Address: 0x1006b37c)
- DRMAcquireLicense (Address: 0x1006b35c)
- DRMActivate (Address: 0x1006b354)
- DRMAddRightWithUser (Address: 0x1006b348)
- DRMCloseEnvironmentHandle (Address: 0x1006b338)
- DRMCloseHandle (Address: 0x1006b374)
- DRMClosePubHandle (Address: 0x1006b328)
- DRMCloseSession (Address: 0x1006b320)
- DRMCreateClientSession (Address: 0x1006b334)
- DRMCreateIssuanceLicense (Address: 0x1006b32c)
- DRMCreateRight (Address: 0x1006b344)
- DRMCreateUser (Address: 0x1006b31c)
- DRMEnumerateLicense (Address: 0x1006b34c)
- DRMGetIssuanceLicenseTemplate (Address: 0x1006b370)
- DRMGetNameAndDescription (Address: 0x1006b324)
- DRMGetSecurityProvider (Address: 0x1006b380)
- DRMGetServiceLocation (Address: 0x1006b36c)
- DRMInitEnvironment (Address: 0x1006b364)
- DRMIsActivated (Address: 0x1006b340)
- DRMpCloseFile (Address: 0x1006b33c)
- DRMpFileInitialize (Address: 0x1006b368)
- DRMpFileIsProtected (Address: 0x1006b358)
- DRMpFileProtect (Address: 0x1006b378)
- DRMRepair (Address: 0x1006b330)
- DRMSetGlobalOptions (Address: 0x1006b350)
- DRMSetMetaData (Address: 0x1006b360)
msvcrt.dll
- __CxxFrameHandler3 (Address: 0x1006b388)
- __dllonexit (Address: 0x1006b3a4)
- _amsg_exit (Address: 0x1006b3e0)
- _callnewh (Address: 0x1006b3fc)
- _CxxThrowException (Address: 0x1006b3e8)
- _errno (Address: 0x1006b3bc)
- _except_handler4_common (Address: 0x1006b38c)
- _i64tow_s (Address: 0x1006b3c0)
- _initterm (Address: 0x1006b3b4)
- _lock (Address: 0x1006b3ac)
- _onexit (Address: 0x1006b3a0)
- _purecall (Address: 0x1006b424)
- _snwscanf_s (Address: 0x1006b3dc)
- _unlock (Address: 0x1006b3a8)
- _vsnprintf (Address: 0x1006b3d8)
- _vsnwprintf (Address: 0x1006b40c)
- _wcsicmp (Address: 0x1006b408)
- _wcsnicmp (Address: 0x1006b3f4)
- _wcstoui64 (Address: 0x1006b3c4)
- _wtoi64 (Address: 0x1006b428)
- _XcptFilter (Address: 0x1006b3e4)
- ??0exception@@QAE@ABQBD@Z (Address: 0x1006b418)
- ??0exception@@QAE@ABV0@@Z (Address: 0x1006b414)
- ??0exception@@QAE@XZ (Address: 0x1006b3ec)
- ??1exception@@UAE@XZ (Address: 0x1006b41c)
- ??1type_info@@UAE@XZ (Address: 0x1006b390)
- ?terminate@@YAXXZ (Address: 0x1006b3b0)
- ?what@exception@@UBEPBDXZ (Address: 0x1006b420)
- free (Address: 0x1006b3f8)
- iswalpha (Address: 0x1006b3d0)
- iswdigit (Address: 0x1006b3d4)
- malloc (Address: 0x1006b3f0)
- memcmp (Address: 0x1006b394)
- memcpy (Address: 0x1006b398)
- memmove (Address: 0x1006b39c)
- memset (Address: 0x1006b42c)
- towlower (Address: 0x1006b410)
- wcschr (Address: 0x1006b404)
- wcsncmp (Address: 0x1006b3cc)
- wcsrchr (Address: 0x1006b400)
- wcstol (Address: 0x1006b3c8)
- wcstoul (Address: 0x1006b3b8)
netutils.dll
- NetApiBufferFree (Address: 0x1006b434)
ntdll.dll
- NtCreateFile (Address: 0x1006b44c)
- RtlCreateSystemVolumeInformationFolder (Address: 0x1006b444)
- RtlDosPathNameToRelativeNtPathName_U (Address: 0x1006b448)
- RtlFreeHeap (Address: 0x1006b43c)
- RtlInitializeSid (Address: 0x1006b458)
- RtlInitUnicodeString (Address: 0x1006b454)
- RtlNtStatusToDosError (Address: 0x1006b450)
- RtlSetLastWin32ErrorAndNtStatusFromNtStatus (Address: 0x1006b440)
OLEAUT32.dll
- GetErrorInfo (Address: 0x1006b03c)
- LoadRegTypeLib (Address: 0x1006b05c)
- SafeArrayCopy (Address: 0x1006b048)
- SafeArrayCreateVector (Address: 0x1006b06c)
- SafeArrayDestroy (Address: 0x1006b064)
- SafeArrayGetElement (Address: 0x1006b050)
- SafeArrayGetLBound (Address: 0x1006b04c)
- SafeArrayGetUBound (Address: 0x1006b058)
- SafeArrayGetVartype (Address: 0x1006b040)
- SafeArrayPutElement (Address: 0x1006b068)
- SysAllocString (Address: 0x1006b038)
- SysAllocStringLen (Address: 0x1006b070)
- SysFreeString (Address: 0x1006b044)
- SysStringLen (Address: 0x1006b030)
- VariantClear (Address: 0x1006b034)
- VariantCopy (Address: 0x1006b060)
- VariantInit (Address: 0x1006b054)
PROPSYS.dll
- PropVariantToStringAlloc (Address: 0x1006b078)
SrmTrace.DLL
- (Address: 0x1006b080)
- (Address: 0x1006b084)
- (Address: 0x1006b088)
- (Address: 0x1006b08c)
- (Address: 0x1006b090)
- (Address: 0x1006b094)
- (Address: 0x1006b098)
- (Address: 0x1006b09c)
- (Address: 0x1006b0a0)
XmlLite.dll
- CreateXmlReader (Address: 0x1006b0ac)
- CreateXmlWriter (Address: 0x1006b0a8)