SensorService.dll

Description: Sensor Service

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.5794

Architecture: 64-bit

Operating System: Windows NT

SHA256: 66f54b7cb7780711558a532f7f30827d

File Size: 456.5 KB

Uploaded At: Dec. 1, 2025, 7:38 a.m.

Views: 5

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • ServiceMain (Ordinal: 1, Address: 0x5da0)
  • SvchostPushServiceGlobalsEx (Ordinal: 2, Address: 0x59c0)
  • DllCanUnloadNow (Ordinal: 3, Address: 0x5d50)

Imported DLLs & Functions

api-ms-win-core-com-l1-1-0.dll
  • CLSIDFromString (Address: 0x18005dff8)
  • CoCreateGuid (Address: 0x18005dfe8)
  • CoTaskMemAlloc (Address: 0x18005dff0)
  • CoTaskMemFree (Address: 0x18005e000)
  • PropVariantClear (Address: 0x18005e008)
  • PropVariantCopy (Address: 0x18005dfe0)
  • StringFromGUID2 (Address: 0x18005dfd8)
api-ms-win-core-debug-l1-1-0.dll
  • DebugBreak (Address: 0x18005e018)
  • IsDebuggerPresent (Address: 0x18005e028)
  • OutputDebugStringW (Address: 0x18005e020)
api-ms-win-core-delayload-l1-1-0.dll
  • DelayLoadFailureHook (Address: 0x18005e038)
api-ms-win-core-delayload-l1-1-1.dll
  • ResolveDelayLoadedAPI (Address: 0x18005e048)
api-ms-win-core-errorhandling-l1-1-0.dll
  • GetLastError (Address: 0x18005e070)
  • RaiseException (Address: 0x18005e078)
  • SetLastError (Address: 0x18005e068)
  • SetUnhandledExceptionFilter (Address: 0x18005e058)
  • UnhandledExceptionFilter (Address: 0x18005e060)
api-ms-win-core-file-l1-1-0.dll
  • CompareFileTime (Address: 0x18005e088)
  • WriteFile (Address: 0x18005e090)
api-ms-win-core-handle-l1-1-0.dll
  • CloseHandle (Address: 0x18005e0a0)
api-ms-win-core-heap-l1-1-0.dll
  • GetProcessHeap (Address: 0x18005e0c0)
  • HeapAlloc (Address: 0x18005e0b8)
  • HeapFree (Address: 0x18005e0b0)
api-ms-win-core-heap-l2-1-0.dll
  • LocalAlloc (Address: 0x18005e0d0)
  • LocalFree (Address: 0x18005e0d8)
api-ms-win-core-interlocked-l1-1-0.dll
  • InitializeSListHead (Address: 0x18005e0e8)
api-ms-win-core-io-l1-1-0.dll
  • CancelIoEx (Address: 0x18005e100)
  • GetOverlappedResult (Address: 0x18005e0f8)
api-ms-win-core-kernel32-legacy-l1-1-1.dll
  • PowerClearRequest (Address: 0x18005e120)
  • PowerCreateRequest (Address: 0x18005e118)
  • PowerSetRequest (Address: 0x18005e110)
api-ms-win-core-libraryloader-l1-2-0.dll
  • DisableThreadLibraryCalls (Address: 0x18005e130)
  • GetModuleFileNameA (Address: 0x18005e150)
  • GetModuleHandleExW (Address: 0x18005e148)
  • GetModuleHandleW (Address: 0x18005e138)
  • GetProcAddress (Address: 0x18005e140)
api-ms-win-core-localization-l1-2-0.dll
  • FormatMessageW (Address: 0x18005e160)
api-ms-win-core-namedpipe-l1-1-0.dll
  • ConnectNamedPipe (Address: 0x18005e178)
  • CreateNamedPipeW (Address: 0x18005e180)
  • DisconnectNamedPipe (Address: 0x18005e170)
api-ms-win-core-processthreads-l1-1-0.dll
  • CreateThread (Address: 0x18005e1a8)
  • GetCurrentProcess (Address: 0x18005e190)
  • GetCurrentProcessId (Address: 0x18005e1c0)
  • GetCurrentThread (Address: 0x18005e1b8)
  • GetCurrentThreadId (Address: 0x18005e1a0)
  • OpenProcessToken (Address: 0x18005e1b0)
  • OpenThreadToken (Address: 0x18005e1c8)
  • TerminateProcess (Address: 0x18005e198)
api-ms-win-core-processthreads-l1-1-1.dll
  • IsProcessorFeaturePresent (Address: 0x18005e1d8)
  • OpenProcess (Address: 0x18005e1e0)
api-ms-win-core-profile-l1-1-0.dll
  • QueryPerformanceCounter (Address: 0x18005e1f0)
api-ms-win-core-registry-l1-1-0.dll
  • RegCloseKey (Address: 0x18005e200)
  • RegEnumKeyExW (Address: 0x18005e210)
  • RegOpenKeyExW (Address: 0x18005e218)
  • RegQueryInfoKeyW (Address: 0x18005e208)
  • RegQueryValueExW (Address: 0x18005e220)
api-ms-win-core-rtlsupport-l1-1-0.dll
  • RtlCaptureContext (Address: 0x18005e238)
  • RtlLookupFunctionEntry (Address: 0x18005e240)
  • RtlVirtualUnwind (Address: 0x18005e230)
api-ms-win-core-synch-l1-1-0.dll
  • AcquireSRWLockExclusive (Address: 0x18005e288)
  • AcquireSRWLockShared (Address: 0x18005e2b0)
  • CreateEventW (Address: 0x18005e298)
  • CreateMutexExW (Address: 0x18005e278)
  • CreateSemaphoreExW (Address: 0x18005e2e8)
  • DeleteCriticalSection (Address: 0x18005e2d8)
  • EnterCriticalSection (Address: 0x18005e2d0)
  • InitializeCriticalSectionAndSpinCount (Address: 0x18005e2b8)
  • InitializeCriticalSectionEx (Address: 0x18005e2e0)
  • LeaveCriticalSection (Address: 0x18005e2c8)
  • OpenSemaphoreW (Address: 0x18005e270)
  • ReleaseMutex (Address: 0x18005e260)
  • ReleaseSemaphore (Address: 0x18005e250)
  • ReleaseSRWLockExclusive (Address: 0x18005e280)
  • ReleaseSRWLockShared (Address: 0x18005e2c0)
  • ResetEvent (Address: 0x18005e2a8)
  • SetEvent (Address: 0x18005e290)
  • WaitForMultipleObjectsEx (Address: 0x18005e2a0)
  • WaitForSingleObject (Address: 0x18005e258)
  • WaitForSingleObjectEx (Address: 0x18005e268)
api-ms-win-core-synch-l1-2-0.dll
  • InitOnceExecuteOnce (Address: 0x18005e2f8)
api-ms-win-core-sysinfo-l1-1-0.dll
  • GetSystemTimeAsFileTime (Address: 0x18005e308)
  • GetTickCount64 (Address: 0x18005e310)
api-ms-win-core-sysinfo-l1-2-0.dll
  • GetSystemTimePreciseAsFileTime (Address: 0x18005e320)
api-ms-win-core-threadpool-l1-2-0.dll
  • CloseThreadpool (Address: 0x18005e390)
  • CloseThreadpoolTimer (Address: 0x18005e398)
  • CloseThreadpoolWait (Address: 0x18005e378)
  • CloseThreadpoolWork (Address: 0x18005e388)
  • CreateThreadpool (Address: 0x18005e3a0)
  • CreateThreadpoolTimer (Address: 0x18005e330)
  • CreateThreadpoolWait (Address: 0x18005e360)
  • CreateThreadpoolWork (Address: 0x18005e348)
  • SetThreadpoolThreadMaximum (Address: 0x18005e338)
  • SetThreadpoolThreadMinimum (Address: 0x18005e358)
  • SetThreadpoolTimer (Address: 0x18005e380)
  • SetThreadpoolWait (Address: 0x18005e368)
  • SubmitThreadpoolWork (Address: 0x18005e340)
  • WaitForThreadpoolTimerCallbacks (Address: 0x18005e350)
  • WaitForThreadpoolWaitCallbacks (Address: 0x18005e370)
  • WaitForThreadpoolWorkCallbacks (Address: 0x18005e3a8)
api-ms-win-core-timezone-l1-1-0.dll
  • SystemTimeToFileTime (Address: 0x18005e3b8)
api-ms-win-core-util-l1-1-0.dll
  • DecodePointer (Address: 0x18005e3c8)
api-ms-win-core-winrt-error-l1-1-0.dll
  • RoOriginateError (Address: 0x18005e3d8)
api-ms-win-core-winrt-l1-1-0.dll
  • RoGetActivationFactory (Address: 0x18005e3e8)
api-ms-win-core-winrt-string-l1-1-0.dll
  • WindowsCreateStringReference (Address: 0x18005e3f8)
api-ms-win-crt-math-l1-1-0.dll
  • ceilf (Address: 0x18005e408)
api-ms-win-crt-private-l1-1-0.dll
  • __C_specific_handler (Address: 0x18005e480)
  • __CxxFrameHandler3 (Address: 0x18005e4c8)
  • __CxxFrameHandler4 (Address: 0x18005e500)
  • __RTDynamicCast (Address: 0x18005e508)
  • __std_terminate (Address: 0x18005e4f8)
  • _CxxThrowException (Address: 0x18005e488)
  • _o___std_exception_copy (Address: 0x18005e4f0)
  • _o___std_exception_destroy (Address: 0x18005e4e8)
  • _o___std_type_info_destroy_list (Address: 0x18005e4e0)
  • _o___stdio_common_vsnprintf_s (Address: 0x18005e4d8)
  • _o___stdio_common_vswprintf (Address: 0x18005e4d0)
  • _o__callnewh (Address: 0x18005e4c0)
  • _o__cexit (Address: 0x18005e4b8)
  • _o__configure_narrow_argv (Address: 0x18005e4b0)
  • _o__crt_atexit (Address: 0x18005e4a8)
  • _o__errno (Address: 0x18005e498)
  • _o__execute_onexit_table (Address: 0x18005e490)
  • _o__initialize_narrow_environment (Address: 0x18005e418)
  • _o__initialize_onexit_table (Address: 0x18005e420)
  • _o__invalid_parameter_noinfo (Address: 0x18005e428)
  • _o__invalid_parameter_noinfo_noreturn (Address: 0x18005e430)
  • _o__purecall (Address: 0x18005e438)
  • _o__register_onexit_function (Address: 0x18005e440)
  • _o__seh_filter_dll (Address: 0x18005e448)
  • _o__wcsicmp (Address: 0x18005e450)
  • _o_free (Address: 0x18005e460)
  • _o_malloc (Address: 0x18005e468)
  • _o_terminate (Address: 0x18005e470)
  • _o_wcscpy_s (Address: 0x18005e478)
  • memcmp (Address: 0x18005e510)
  • memcpy (Address: 0x18005e518)
  • memmove (Address: 0x18005e458)
  • wcsstr (Address: 0x18005e4a0)
api-ms-win-crt-runtime-l1-1-0.dll
  • _initterm (Address: 0x18005e530)
  • _initterm_e (Address: 0x18005e528)
api-ms-win-crt-string-l1-1-0.dll
  • memset (Address: 0x18005e540)
  • wcscmp (Address: 0x18005e548)
api-ms-win-devices-config-l1-1-1.dll
  • CM_Get_Device_Interface_List_SizeW (Address: 0x18005e590)
  • CM_Get_Device_Interface_ListW (Address: 0x18005e558)
  • CM_Get_Device_Interface_PropertyW (Address: 0x18005e570)
  • CM_Get_DevNode_PropertyW (Address: 0x18005e578)
  • CM_Locate_DevNodeW (Address: 0x18005e568)
  • CM_MapCrToWin32Err (Address: 0x18005e560)
  • CM_Register_Notification (Address: 0x18005e580)
  • CM_Unregister_Notification (Address: 0x18005e588)
api-ms-win-devices-swdevice-l1-1-0.dll
  • SwDeviceClose (Address: 0x18005e5b0)
  • SwDeviceCreate (Address: 0x18005e5a8)
  • SwDeviceInterfaceRegister (Address: 0x18005e5c0)
  • SwDeviceInterfaceSetState (Address: 0x18005e5b8)
  • SwMemFree (Address: 0x18005e5a0)
api-ms-win-devices-swdevice-l1-1-1.dll
  • SwDeviceGetLifetime (Address: 0x18005e5d0)
  • SwDeviceSetLifetime (Address: 0x18005e5d8)
api-ms-win-eventing-classicprovider-l1-1-0.dll
  • GetTraceEnableFlags (Address: 0x18005e5f0)
  • GetTraceEnableLevel (Address: 0x18005e600)
  • GetTraceLoggerHandle (Address: 0x18005e5f8)
  • RegisterTraceGuidsW (Address: 0x18005e5e8)
  • TraceMessage (Address: 0x18005e610)
  • UnregisterTraceGuids (Address: 0x18005e608)
api-ms-win-eventing-provider-l1-1-0.dll
  • EventRegister (Address: 0x18005e630)
  • EventSetInformation (Address: 0x18005e620)
  • EventUnregister (Address: 0x18005e628)
  • EventWriteTransfer (Address: 0x18005e638)
api-ms-win-power-base-l1-1-0.dll
  • PowerRegisterSuspendResumeNotification (Address: 0x18005e650)
  • PowerUnregisterSuspendResumeNotification (Address: 0x18005e648)
api-ms-win-power-setting-l1-1-0.dll
  • PowerSettingRegisterNotification (Address: 0x18005e668)
  • PowerSettingUnregisterNotification (Address: 0x18005e660)
api-ms-win-security-base-l1-1-0.dll
  • AdjustTokenPrivileges (Address: 0x18005e690)
  • CopySid (Address: 0x18005e680)
  • GetLengthSid (Address: 0x18005e698)
  • GetTokenInformation (Address: 0x18005e678)
  • IsValidSid (Address: 0x18005e688)
api-ms-win-security-lsalookup-l2-1-0.dll
  • LookupPrivilegeValueW (Address: 0x18005e6a8)
api-ms-win-security-sddl-l1-1-0.dll
  • ConvertSidToStringSidW (Address: 0x18005e6c8)
  • ConvertStringSecurityDescriptorToSecurityDescriptorW (Address: 0x18005e6c0)
  • ConvertStringSidToSidW (Address: 0x18005e6b8)
api-ms-win-service-core-l1-1-0.dll
  • RegisterServiceCtrlHandlerExW (Address: 0x18005e6e0)
  • SetServiceStatus (Address: 0x18005e6d8)
BrokerLib.dll
  • BrCheckCallerIsAppContainer (Address: 0x18005ddd8)
  • BrCreateBrokerInstance2 (Address: 0x18005ddd0)
  • BrDeleteBrokerInstance (Address: 0x18005ddc0)
  • BrInitializeBrokerInstance2 (Address: 0x18005dde0)
  • BrSignalBrokerEvent2 (Address: 0x18005ddc8)
msvcp_win.dll
  • _Mtx_destroy_in_situ (Address: 0x18005e730)
  • _Mtx_init_in_situ (Address: 0x18005e720)
  • _Mtx_lock (Address: 0x18005e700)
  • _Mtx_trylock (Address: 0x18005e718)
  • _Mtx_unlock (Address: 0x18005e728)
  • ?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z (Address: 0x18005e6f8)
  • ?_Syserror_map@std@@YAPEBDH@Z (Address: 0x18005e710)
  • ?_Throw_C_error@std@@YAXH@Z (Address: 0x18005e6f0)
  • ?_Xbad_function_call@std@@YAXXZ (Address: 0x18005e738)
  • ?_Xlength_error@std@@YAXPEBD@Z (Address: 0x18005e708)
ntdll.dll
  • NtCancelTimer2 (Address: 0x18005e750)
  • NtCreateIRTimer (Address: 0x18005e760)
  • NtSetTimer2 (Address: 0x18005e758)
  • RtlInitUnicodeString (Address: 0x18005e748)
  • RtlQueryPackageIdentity (Address: 0x18005e770)
  • RtlSubscribeWnfStateChangeNotification (Address: 0x18005e778)
  • RtlUnsubscribeWnfNotificationWaitForCompletion (Address: 0x18005e768)
OLEAUT32.dll
  • VariantClear (Address: 0x18005ddf8)
  • VariantTimeToSystemTime (Address: 0x18005ddf0)
PROPSYS.dll
  • InitPropVariantFromCLSID (Address: 0x18005de20)
  • InitPropVariantFromFileTime (Address: 0x18005de28)
  • PropVariantToVariant (Address: 0x18005de08)
  • PSStringFromPropertyKey (Address: 0x18005de10)
  • VariantToPropVariant (Address: 0x18005de18)
RPCRT4.dll
  • NdrServerCall2 (Address: 0x18005de50)
  • NdrServerCallAll (Address: 0x18005de58)
  • RpcBindingVectorFree (Address: 0x18005de48)
  • RpcEpRegisterW (Address: 0x18005de68)
  • RpcEpUnregister (Address: 0x18005de60)
  • RpcImpersonateClient (Address: 0x18005de80)
  • RpcRevertToSelf (Address: 0x18005de88)
  • RpcServerInqBindings (Address: 0x18005de70)
  • RpcServerRegisterIf3 (Address: 0x18005de38)
  • RpcServerUnregisterIf (Address: 0x18005de78)
  • RpcServerUnregisterIfEx (Address: 0x18005de98)
  • RpcServerUseProtseqW (Address: 0x18005de40)
  • UuidCreate (Address: 0x18005de90)
SensorsNativeApi.dll
  • SensorCancelHistoryRetrieval (Address: 0x18005df20)
  • SensorClearHistory (Address: 0x18005df18)
  • SensorClose (Address: 0x18005ded0)
  • SensorEnableIdleOperation (Address: 0x18005deb8)
  • SensorGetAccData (Address: 0x18005ded8)
  • SensorGetCapabilitiesCollection (Address: 0x18005df40)
  • SensorGetDataCollection (Address: 0x18005df00)
  • SensorGetDeviceId (Address: 0x18005def8)
  • SensorGetHistory (Address: 0x18005dec8)
  • SensorGetProperties (Address: 0x18005def0)
  • SensorGetPrxData (Address: 0x18005df28)
  • SensorGetThresholds (Address: 0x18005dee0)
  • SensorGetTypeFromInterfacePath (Address: 0x18005df30)
  • SensorOpenByInterface (Address: 0x18005dea8)
  • SensorOpenByType (Address: 0x18005dec0)
  • SensorSelectBestDevice (Address: 0x18005deb0)
  • SensorStartCollection (Address: 0x18005df08)
  • SensorStartHistory (Address: 0x18005df10)
  • SensorStop (Address: 0x18005df38)
  • SensorStopHistory (Address: 0x18005dee8)
SensorsUtilsV2.dll
  • CollectionsListAllocateBufferAndSerialize (Address: 0x18005df68)
  • PropKeyFindKeyGetFileTime (Address: 0x18005df70)
  • PropKeyFindKeyGetFloat (Address: 0x18005df58)
  • PropKeyFindKeyGetNthInt64 (Address: 0x18005df88)
  • PropKeyFindKeyGetNthUlong (Address: 0x18005df50)
  • PropKeyFindKeyGetUlong (Address: 0x18005df78)
  • PropKeyFindKeySetPropVariant (Address: 0x18005df60)
  • SerializationBufferFree (Address: 0x18005df80)
UMPDC.dll
  • PdcSignalClientRegister (Address: 0x18005df98)
  • PdcSignalClientSetActive (Address: 0x18005dfa0)
  • PdcSignalClientUnregister (Address: 0x18005dfa8)
WppRecorderUM.dll
  • WppAutoLogStart (Address: 0x18005dfb8)
  • WppAutoLogStop (Address: 0x18005dfc8)
  • WppAutoLogTrace (Address: 0x18005dfc0)