deviceaccess.dll

Description: Device Broker And Policy COM Server

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.5794

Architecture: 32-bit

Operating System: Windows NT

SHA256: 0a3430ed37df42393de1163be5401351

File Size: 185.7 KB

Uploaded At: Dec. 1, 2025, 7:54 a.m.

Views: 7

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • ServiceMain (Ordinal: 1, Address: 0xf5b0)
  • SvchostPushServiceGlobals (Ordinal: 2, Address: 0xf830)
  • BrokeredOpenCommPort (Ordinal: 3, Address: 0x15ef0)
  • CreateDeviceAccessInstance (Ordinal: 4, Address: 0x18260)
  • DllCanUnloadNow (Ordinal: 5, Address: 0xbd00)
  • DllGetActivationFactory (Ordinal: 6, Address: 0xbc70)
  • DllGetClassObject (Ordinal: 7, Address: 0xa250)
  • ProcessTrackerInsertOrWait (Ordinal: 8, Address: 0x202e0)
  • ProcessTrackerRemove (Ordinal: 9, Address: 0x20310)

Imported DLLs & Functions

api-ms-win-core-apiquery-l1-1-0.dll
  • ApiSetQueryApiSetPresence (Address: 0x1002505c)
api-ms-win-core-com-l1-1-0.dll
  • CLSIDFromString (Address: 0x10025064)
  • CoCreateFreeThreadedMarshaler (Address: 0x10025088)
  • CoCreateInstance (Address: 0x10025068)
  • CoDisconnectContext (Address: 0x10025070)
  • CoGetApartmentType (Address: 0x10025094)
  • CoGetCallerTID (Address: 0x1002509c)
  • CoInitializeEx (Address: 0x10025090)
  • CoMarshalInterface (Address: 0x10025074)
  • CoRegisterClassObject (Address: 0x100250a4)
  • CoReleaseMarshalData (Address: 0x10025078)
  • CoResumeClassObjects (Address: 0x100250a0)
  • CoRevokeClassObject (Address: 0x100250a8)
  • CoTaskMemAlloc (Address: 0x1002507c)
  • CoTaskMemFree (Address: 0x10025080)
  • CoUninitialize (Address: 0x1002508c)
  • CoWaitForMultipleHandles (Address: 0x10025098)
  • CreateStreamOnHGlobal (Address: 0x1002506c)
  • StringFromGUID2 (Address: 0x10025084)
api-ms-win-core-com-l1-1-1.dll
  • RoGetAgileReference (Address: 0x100250b0)
api-ms-win-core-com-midlproxystub-l1-1-0.dll
  • CStdStubBuffer2_Connect (Address: 0x100250c8)
  • CStdStubBuffer2_CountRefs (Address: 0x100250e4)
  • CStdStubBuffer2_Disconnect (Address: 0x100250bc)
  • CStdStubBuffer2_QueryInterface (Address: 0x100250b8)
  • NdrProxyForwardingFunction3 (Address: 0x100250cc)
  • NdrProxyForwardingFunction4 (Address: 0x100250f0)
  • NdrProxyForwardingFunction5 (Address: 0x100250e8)
  • ObjectStublessClient10 (Address: 0x100250d0)
  • ObjectStublessClient3 (Address: 0x100250c0)
  • ObjectStublessClient4 (Address: 0x100250d4)
  • ObjectStublessClient5 (Address: 0x100250c4)
  • ObjectStublessClient6 (Address: 0x100250e0)
  • ObjectStublessClient7 (Address: 0x100250ec)
  • ObjectStublessClient8 (Address: 0x100250dc)
  • ObjectStublessClient9 (Address: 0x100250d8)
api-ms-win-core-debug-l1-1-0.dll
  • DebugBreak (Address: 0x100250f8)
  • IsDebuggerPresent (Address: 0x10025100)
  • OutputDebugStringW (Address: 0x100250fc)
api-ms-win-core-delayload-l1-1-0.dll
  • DelayLoadFailureHook (Address: 0x10025108)
api-ms-win-core-delayload-l1-1-1.dll
  • ResolveDelayLoadedAPI (Address: 0x10025110)
api-ms-win-core-errorhandling-l1-1-0.dll
  • GetLastError (Address: 0x10025120)
  • RaiseException (Address: 0x10025128)
  • SetLastError (Address: 0x10025124)
  • SetUnhandledExceptionFilter (Address: 0x1002511c)
  • UnhandledExceptionFilter (Address: 0x10025118)
api-ms-win-core-file-l1-1-0.dll
  • CreateFileW (Address: 0x10025134)
  • GetDriveTypeW (Address: 0x10025130)
api-ms-win-core-handle-l1-1-0.dll
  • CloseHandle (Address: 0x1002513c)
api-ms-win-core-heap-l1-1-0.dll
  • GetProcessHeap (Address: 0x1002514c)
  • HeapAlloc (Address: 0x10025144)
  • HeapFree (Address: 0x10025148)
api-ms-win-core-heap-l2-1-0.dll
  • LocalAlloc (Address: 0x10025158)
  • LocalFree (Address: 0x10025154)
api-ms-win-core-io-l1-1-0.dll
  • CancelIoEx (Address: 0x10025164)
  • DeviceIoControl (Address: 0x10025160)
api-ms-win-core-io-l1-1-1.dll
  • CancelSynchronousIo (Address: 0x1002516c)
  • GetOverlappedResultEx (Address: 0x10025170)
api-ms-win-core-kernel32-legacy-l1-1-0.dll
  • GetSystemPowerStatus (Address: 0x10025178)
  • UnregisterWait (Address: 0x1002517c)
api-ms-win-core-libraryloader-l1-2-0.dll
  • DisableThreadLibraryCalls (Address: 0x10025190)
  • FreeLibrary (Address: 0x10025184)
  • GetModuleFileNameA (Address: 0x1002518c)
  • GetModuleHandleExW (Address: 0x10025188)
  • GetModuleHandleW (Address: 0x10025198)
  • GetProcAddress (Address: 0x10025194)
api-ms-win-core-localization-l1-2-0.dll
  • FormatMessageW (Address: 0x100251a0)
api-ms-win-core-processthreads-l1-1-0.dll
  • GetCurrentProcess (Address: 0x100251b0)
  • GetCurrentProcessId (Address: 0x100251c4)
  • GetCurrentThread (Address: 0x100251bc)
  • GetCurrentThreadId (Address: 0x100251b4)
  • OpenProcessToken (Address: 0x100251a8)
  • OpenThread (Address: 0x100251ac)
  • OpenThreadToken (Address: 0x100251b8)
  • TerminateProcess (Address: 0x100251c0)
api-ms-win-core-processthreads-l1-1-1.dll
  • OpenProcess (Address: 0x100251cc)
api-ms-win-core-profile-l1-1-0.dll
  • QueryPerformanceCounter (Address: 0x100251d4)
api-ms-win-core-registry-l1-1-0.dll
  • RegCloseKey (Address: 0x100251e8)
  • RegEnumKeyExW (Address: 0x100251e4)
  • RegGetValueW (Address: 0x100251e0)
  • RegOpenCurrentUser (Address: 0x100251dc)
  • RegOpenKeyExW (Address: 0x100251ec)
  • RegQueryInfoKeyW (Address: 0x100251f0)
api-ms-win-core-string-l1-1-0.dll
  • CompareStringOrdinal (Address: 0x100251f8)
api-ms-win-core-string-obsolete-l1-1-0.dll
  • lstrcmpiW (Address: 0x10025200)
api-ms-win-core-synch-l1-1-0.dll
  • AcquireSRWLockExclusive (Address: 0x10025220)
  • AcquireSRWLockShared (Address: 0x1002524c)
  • CreateEventExW (Address: 0x10025208)
  • CreateEventW (Address: 0x1002520c)
  • CreateMutexExW (Address: 0x1002521c)
  • CreateSemaphoreExW (Address: 0x10025248)
  • DeleteCriticalSection (Address: 0x10025234)
  • EnterCriticalSection (Address: 0x1002522c)
  • InitializeCriticalSection (Address: 0x10025210)
  • InitializeCriticalSectionEx (Address: 0x10025244)
  • LeaveCriticalSection (Address: 0x10025254)
  • OpenSemaphoreW (Address: 0x10025224)
  • ReleaseMutex (Address: 0x10025238)
  • ReleaseSemaphore (Address: 0x10025250)
  • ReleaseSRWLockExclusive (Address: 0x10025240)
  • ReleaseSRWLockShared (Address: 0x10025218)
  • ResetEvent (Address: 0x10025214)
  • SetEvent (Address: 0x10025228)
  • WaitForSingleObject (Address: 0x10025230)
  • WaitForSingleObjectEx (Address: 0x1002523c)
api-ms-win-core-synch-l1-2-0.dll
  • InitOnceExecuteOnce (Address: 0x1002525c)
  • InitOnceInitialize (Address: 0x1002526c)
  • Sleep (Address: 0x10025264)
  • SleepConditionVariableSRW (Address: 0x10025268)
  • WakeAllConditionVariable (Address: 0x10025260)
api-ms-win-core-sysinfo-l1-1-0.dll
  • GetSystemTimeAsFileTime (Address: 0x10025278)
  • GetTickCount (Address: 0x1002527c)
  • GetTickCount64 (Address: 0x10025274)
api-ms-win-core-threadpool-l1-2-0.dll
  • CancelThreadpoolIo (Address: 0x100252b4)
  • CloseThreadpoolIo (Address: 0x100252b0)
  • CloseThreadpoolTimer (Address: 0x10025288)
  • CloseThreadpoolWork (Address: 0x100252a4)
  • CreateThreadpoolIo (Address: 0x10025284)
  • CreateThreadpoolTimer (Address: 0x10025294)
  • CreateThreadpoolWork (Address: 0x10025298)
  • FreeLibraryWhenCallbackReturns (Address: 0x100252a8)
  • SetThreadpoolTimer (Address: 0x1002528c)
  • StartThreadpoolIo (Address: 0x10025290)
  • SubmitThreadpoolWork (Address: 0x100252b8)
  • TrySubmitThreadpoolCallback (Address: 0x100252bc)
  • WaitForThreadpoolIoCallbacks (Address: 0x100252ac)
  • WaitForThreadpoolTimerCallbacks (Address: 0x1002529c)
  • WaitForThreadpoolWorkCallbacks (Address: 0x100252a0)
api-ms-win-core-util-l1-1-0.dll
  • DecodePointer (Address: 0x100252c8)
  • EncodePointer (Address: 0x100252c4)
api-ms-win-core-winrt-error-l1-1-0.dll
  • GetRestrictedErrorInfo (Address: 0x100252dc)
  • RoOriginateError (Address: 0x100252d8)
  • RoOriginateErrorW (Address: 0x100252d0)
  • RoTransformError (Address: 0x100252e0)
  • SetRestrictedErrorInfo (Address: 0x100252d4)
api-ms-win-core-winrt-error-l1-1-1.dll
  • IsErrorPropagationEnabled (Address: 0x100252ec)
  • RoGetMatchingRestrictedErrorInfo (Address: 0x100252e8)
  • RoReportFailedDelegate (Address: 0x100252f0)
api-ms-win-core-winrt-l1-1-0.dll
  • RoActivateInstance (Address: 0x10025308)
  • RoGetActivationFactory (Address: 0x10025304)
  • RoInitialize (Address: 0x100252f8)
  • RoRegisterActivationFactories (Address: 0x10025300)
  • RoRevokeActivationFactories (Address: 0x100252fc)
  • RoUninitialize (Address: 0x1002530c)
api-ms-win-core-winrt-string-l1-1-0.dll
  • WindowsCreateString (Address: 0x10025318)
  • WindowsCreateStringReference (Address: 0x10025314)
  • WindowsDeleteString (Address: 0x10025320)
  • WindowsGetStringRawBuffer (Address: 0x10025328)
  • WindowsIsStringEmpty (Address: 0x1002531c)
  • WindowsStringHasEmbeddedNull (Address: 0x10025324)
api-ms-win-core-wow64-l1-1-0.dll
  • IsWow64Process (Address: 0x10025330)
api-ms-win-eventing-classicprovider-l1-1-0.dll
  • GetTraceEnableFlags (Address: 0x1002533c)
  • GetTraceEnableLevel (Address: 0x10025338)
  • GetTraceLoggerHandle (Address: 0x10025340)
  • RegisterTraceGuidsW (Address: 0x10025344)
  • TraceMessage (Address: 0x1002534c)
  • UnregisterTraceGuids (Address: 0x10025348)
api-ms-win-eventing-provider-l1-1-0.dll
  • EventRegister (Address: 0x10025354)
  • EventSetInformation (Address: 0x10025358)
  • EventUnregister (Address: 0x10025360)
  • EventWriteTransfer (Address: 0x1002535c)
api-ms-win-security-base-l1-1-0.dll
  • CopySid (Address: 0x10025370)
  • CreateWellKnownSid (Address: 0x1002536c)
  • DuplicateToken (Address: 0x1002537c)
  • DuplicateTokenEx (Address: 0x10025368)
  • GetLengthSid (Address: 0x10025374)
  • GetTokenInformation (Address: 0x10025378)
api-ms-win-security-capability-l1-1-0.dll
  • CapabilityCheck (Address: 0x10025384)
api-ms-win-security-lsalookup-l1-1-0.dll
  • LsaLookupClose (Address: 0x1002538c)
  • LsaLookupFreeMemory (Address: 0x10025390)
  • LsaLookupGetDomainInfo (Address: 0x10025398)
  • LsaLookupOpenLocalPolicy (Address: 0x10025394)
api-ms-win-security-sddl-l1-1-0.dll
  • ConvertSidToStringSidW (Address: 0x100253a4)
  • ConvertStringSidToSidW (Address: 0x100253a0)
api-ms-win-service-core-l1-1-0.dll
  • RegisterServiceCtrlHandlerExW (Address: 0x100253ac)
  • SetServiceStatus (Address: 0x100253b0)
combase.dll
  • (Address: 0x100253b8)
  • (Address: 0x100253bc)
  • (Address: 0x100253c0)
  • (Address: 0x100253c4)
  • (Address: 0x100253c8)
  • (Address: 0x100253cc)
msvcrt.dll
  • __CxxFrameHandler3 (Address: 0x100253f0)
  • __dllonexit (Address: 0x10025400)
  • _amsg_exit (Address: 0x100253e0)
  • _except_handler4_common (Address: 0x100253f4)
  • _initterm (Address: 0x10025418)
  • _lock (Address: 0x100253d4)
  • _onexit (Address: 0x100253ec)
  • _purecall (Address: 0x100253e4)
  • _unlock (Address: 0x100253dc)
  • _vsnwprintf (Address: 0x100253d8)
  • _wcsicmp (Address: 0x10025414)
  • _XcptFilter (Address: 0x100253e8)
  • free (Address: 0x10025420)
  • malloc (Address: 0x1002541c)
  • memcmp (Address: 0x100253f8)
  • memcpy (Address: 0x100253fc)
  • memcpy_s (Address: 0x10025404)
  • memmove_s (Address: 0x10025408)
  • memset (Address: 0x10025424)
  • wcschr (Address: 0x1002540c)
  • wcsrchr (Address: 0x10025410)
ntdll.dll
  • NtCreateFile (Address: 0x1002547c)
  • NtQueryInformationToken (Address: 0x10025434)
  • NtQuerySecurityAttributesToken (Address: 0x1002543c)
  • RtlAllocateHeap (Address: 0x10025464)
  • RtlCapabilityCheck (Address: 0x10025444)
  • RtlCompareMemory (Address: 0x10025468)
  • RtlCompareUnicodeString (Address: 0x1002542c)
  • RtlDeleteCriticalSection (Address: 0x10025458)
  • RtlDosPathNameToNtPathName_U (Address: 0x10025474)
  • RtlEqualSid (Address: 0x10025440)
  • RtlFreeHeap (Address: 0x1002545c)
  • RtlFreeSid (Address: 0x10025448)
  • RtlFreeUnicodeString (Address: 0x10025470)
  • RtlGetAppContainerParent (Address: 0x10025438)
  • RtlGetAppContainerSidType (Address: 0x10025450)
  • RtlInitUnicodeString (Address: 0x1002546c)
  • RtlNtStatusToDosError (Address: 0x10025478)
  • RtlNtStatusToDosErrorNoTeb (Address: 0x10025430)
  • RtlReAllocateHeap (Address: 0x10025460)
  • WinSqmAddToStream (Address: 0x10025454)
  • WinSqmIsOptedInEx (Address: 0x1002544c)
RPCRT4.dll
  • CStdStubBuffer_AddRef (Address: 0x10025010)
  • CStdStubBuffer_Connect (Address: 0x10025040)
  • CStdStubBuffer_CountRefs (Address: 0x10025020)
  • CStdStubBuffer_DebugServerQueryInterface (Address: 0x10025050)
  • CStdStubBuffer_DebugServerRelease (Address: 0x1002502c)
  • CStdStubBuffer_Disconnect (Address: 0x10025034)
  • CStdStubBuffer_Invoke (Address: 0x1002500c)
  • CStdStubBuffer_IsIIDSupported (Address: 0x1002503c)
  • CStdStubBuffer_QueryInterface (Address: 0x10025024)
  • I_RpcOpenClientProcess (Address: 0x10025044)
  • IUnknown_AddRef_Proxy (Address: 0x10025004)
  • IUnknown_QueryInterface_Proxy (Address: 0x10025038)
  • IUnknown_Release_Proxy (Address: 0x10025018)
  • NdrCStdStubBuffer_Release (Address: 0x10025014)
  • NdrCStdStubBuffer2_Release (Address: 0x1002504c)
  • NdrDllCanUnloadNow (Address: 0x1002501c)
  • NdrDllGetClassObject (Address: 0x10025030)
  • NdrOleAllocate (Address: 0x10025028)
  • NdrOleFree (Address: 0x10025008)
  • NdrStubCall2 (Address: 0x10025048)
  • NdrStubForwardingFunction (Address: 0x10025000)
  • RpcServerInqCallAttributesW (Address: 0x10025054)