deviceaccess.dll
Description: Device Broker And Policy COM Server
Authors: © Microsoft Corporation. All rights reserved.
Version: 10.0.19041.5794
Architecture: 64-bit
Operating System: Windows NT
SHA256: 064041a99ceea9a079ef0807b403f78e
File Size: 237.7 KB
Uploaded At: Dec. 1, 2025, 7:25 a.m.
Views: 9
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: OpenProcess
Exported Functions
- ServiceMain (Ordinal: 1, Address: 0xae20)
- SvchostPushServiceGlobals (Ordinal: 2, Address: 0xb210)
- BrokeredOpenCommPort (Ordinal: 3, Address: 0x77b0)
- CreateDeviceAccessInstance (Ordinal: 4, Address: 0xd040)
- DllCanUnloadNow (Ordinal: 5, Address: 0x2790)
- DllGetActivationFactory (Ordinal: 6, Address: 0xb7c0)
- DllGetClassObject (Ordinal: 7, Address: 0x2020)
- ProcessTrackerInsertOrWait (Ordinal: 8, Address: 0x1a3a0)
- ProcessTrackerRemove (Ordinal: 9, Address: 0x1a3e0)
Imported DLLs & Functions
api-ms-win-core-apiquery-l1-1-0.dll
- ApiSetQueryApiSetPresence (Address: 0x180029fe0)
api-ms-win-core-com-l1-1-0.dll
- CLSIDFromString (Address: 0x18002a078)
- CoCreateFreeThreadedMarshaler (Address: 0x18002a030)
- CoCreateInstance (Address: 0x180029ff0)
- CoDisconnectContext (Address: 0x18002a010)
- CoGetApartmentType (Address: 0x18002a060)
- CoGetCallerTID (Address: 0x18002a070)
- CoInitializeEx (Address: 0x18002a040)
- CoMarshalInterface (Address: 0x18002a000)
- CoRegisterClassObject (Address: 0x18002a058)
- CoReleaseMarshalData (Address: 0x18002a008)
- CoResumeClassObjects (Address: 0x18002a050)
- CoRevokeClassObject (Address: 0x18002a068)
- CoTaskMemAlloc (Address: 0x18002a018)
- CoTaskMemFree (Address: 0x18002a020)
- CoUninitialize (Address: 0x18002a038)
- CoWaitForMultipleHandles (Address: 0x18002a048)
- CreateStreamOnHGlobal (Address: 0x180029ff8)
- StringFromGUID2 (Address: 0x18002a028)
api-ms-win-core-com-l1-1-1.dll
- RoGetAgileReference (Address: 0x18002a088)
api-ms-win-core-com-midlproxystub-l1-1-0.dll
- CStdStubBuffer2_Connect (Address: 0x18002a0b0)
- CStdStubBuffer2_CountRefs (Address: 0x18002a0f0)
- CStdStubBuffer2_Disconnect (Address: 0x18002a0a8)
- CStdStubBuffer2_QueryInterface (Address: 0x18002a0a0)
- NdrProxyForwardingFunction3 (Address: 0x18002a0b8)
- NdrProxyForwardingFunction4 (Address: 0x18002a108)
- NdrProxyForwardingFunction5 (Address: 0x18002a0f8)
- ObjectStublessClient10 (Address: 0x18002a0c0)
- ObjectStublessClient3 (Address: 0x18002a100)
- ObjectStublessClient4 (Address: 0x18002a0d0)
- ObjectStublessClient5 (Address: 0x18002a0c8)
- ObjectStublessClient6 (Address: 0x18002a0e8)
- ObjectStublessClient7 (Address: 0x18002a098)
- ObjectStublessClient8 (Address: 0x18002a0e0)
- ObjectStublessClient9 (Address: 0x18002a0d8)
api-ms-win-core-debug-l1-1-0.dll
- DebugBreak (Address: 0x18002a128)
- IsDebuggerPresent (Address: 0x18002a118)
- OutputDebugStringW (Address: 0x18002a120)
api-ms-win-core-delayload-l1-1-0.dll
- DelayLoadFailureHook (Address: 0x18002a138)
api-ms-win-core-delayload-l1-1-1.dll
- ResolveDelayLoadedAPI (Address: 0x18002a148)
api-ms-win-core-errorhandling-l1-1-0.dll
- GetLastError (Address: 0x18002a170)
- RaiseException (Address: 0x18002a178)
- SetLastError (Address: 0x18002a160)
- SetUnhandledExceptionFilter (Address: 0x18002a158)
- UnhandledExceptionFilter (Address: 0x18002a168)
api-ms-win-core-file-l1-1-0.dll
- CreateFileW (Address: 0x18002a190)
- GetDriveTypeW (Address: 0x18002a188)
api-ms-win-core-handle-l1-1-0.dll
- CloseHandle (Address: 0x18002a1a0)
api-ms-win-core-heap-l1-1-0.dll
- GetProcessHeap (Address: 0x18002a1b8)
- HeapAlloc (Address: 0x18002a1b0)
- HeapFree (Address: 0x18002a1c0)
api-ms-win-core-heap-l2-1-0.dll
- LocalAlloc (Address: 0x18002a1d8)
- LocalFree (Address: 0x18002a1d0)
api-ms-win-core-io-l1-1-0.dll
- CancelIoEx (Address: 0x18002a1f0)
- DeviceIoControl (Address: 0x18002a1e8)
api-ms-win-core-io-l1-1-1.dll
- CancelSynchronousIo (Address: 0x18002a208)
- GetOverlappedResultEx (Address: 0x18002a200)
api-ms-win-core-kernel32-legacy-l1-1-0.dll
- GetSystemPowerStatus (Address: 0x18002a220)
- UnregisterWait (Address: 0x18002a218)
api-ms-win-core-libraryloader-l1-2-0.dll
- DisableThreadLibraryCalls (Address: 0x18002a238)
- FreeLibrary (Address: 0x18002a240)
- GetModuleFileNameA (Address: 0x18002a250)
- GetModuleHandleExW (Address: 0x18002a248)
- GetModuleHandleW (Address: 0x18002a230)
- GetProcAddress (Address: 0x18002a258)
api-ms-win-core-localization-l1-2-0.dll
- FormatMessageW (Address: 0x18002a268)
api-ms-win-core-processthreads-l1-1-0.dll
- GetCurrentProcess (Address: 0x18002a2b0)
- GetCurrentProcessId (Address: 0x18002a288)
- GetCurrentThread (Address: 0x18002a280)
- GetCurrentThreadId (Address: 0x18002a278)
- OpenProcessToken (Address: 0x18002a298)
- OpenThread (Address: 0x18002a290)
- OpenThreadToken (Address: 0x18002a2a8)
- TerminateProcess (Address: 0x18002a2a0)
api-ms-win-core-processthreads-l1-1-1.dll
- OpenProcess (Address: 0x18002a2c0)
api-ms-win-core-profile-l1-1-0.dll
- QueryPerformanceCounter (Address: 0x18002a2d0)
api-ms-win-core-registry-l1-1-0.dll
- RegCloseKey (Address: 0x18002a2e8)
- RegEnumKeyExW (Address: 0x18002a2f8)
- RegGetValueW (Address: 0x18002a308)
- RegOpenCurrentUser (Address: 0x18002a300)
- RegOpenKeyExW (Address: 0x18002a2f0)
- RegQueryInfoKeyW (Address: 0x18002a2e0)
api-ms-win-core-string-l1-1-0.dll
- CompareStringOrdinal (Address: 0x18002a318)
api-ms-win-core-string-obsolete-l1-1-0.dll
- lstrcmpiW (Address: 0x18002a328)
api-ms-win-core-synch-l1-1-0.dll
- AcquireSRWLockExclusive (Address: 0x18002a360)
- AcquireSRWLockShared (Address: 0x18002a3a8)
- CreateEventExW (Address: 0x18002a358)
- CreateEventW (Address: 0x18002a380)
- CreateMutexExW (Address: 0x18002a338)
- CreateSemaphoreExW (Address: 0x18002a3c0)
- DeleteCriticalSection (Address: 0x18002a3b8)
- EnterCriticalSection (Address: 0x18002a390)
- InitializeCriticalSection (Address: 0x18002a3d0)
- InitializeCriticalSectionEx (Address: 0x18002a348)
- LeaveCriticalSection (Address: 0x18002a378)
- OpenSemaphoreW (Address: 0x18002a370)
- ReleaseMutex (Address: 0x18002a398)
- ReleaseSemaphore (Address: 0x18002a3a0)
- ReleaseSRWLockExclusive (Address: 0x18002a3b0)
- ReleaseSRWLockShared (Address: 0x18002a388)
- ResetEvent (Address: 0x18002a368)
- SetEvent (Address: 0x18002a340)
- WaitForSingleObject (Address: 0x18002a3c8)
- WaitForSingleObjectEx (Address: 0x18002a350)
api-ms-win-core-synch-l1-2-0.dll
- InitOnceExecuteOnce (Address: 0x18002a3f8)
- InitOnceInitialize (Address: 0x18002a3e0)
- Sleep (Address: 0x18002a3f0)
- SleepConditionVariableSRW (Address: 0x18002a400)
- WakeAllConditionVariable (Address: 0x18002a3e8)
api-ms-win-core-sysinfo-l1-1-0.dll
- GetSystemTimeAsFileTime (Address: 0x18002a410)
- GetTickCount (Address: 0x18002a418)
- GetTickCount64 (Address: 0x18002a420)
api-ms-win-core-threadpool-l1-2-0.dll
- CancelThreadpoolIo (Address: 0x18002a4a0)
- CloseThreadpoolIo (Address: 0x18002a490)
- CloseThreadpoolTimer (Address: 0x18002a440)
- CloseThreadpoolWork (Address: 0x18002a478)
- CreateThreadpoolIo (Address: 0x18002a438)
- CreateThreadpoolTimer (Address: 0x18002a468)
- CreateThreadpoolWork (Address: 0x18002a448)
- FreeLibraryWhenCallbackReturns (Address: 0x18002a460)
- SetThreadpoolTimer (Address: 0x18002a458)
- StartThreadpoolIo (Address: 0x18002a430)
- SubmitThreadpoolWork (Address: 0x18002a450)
- TrySubmitThreadpoolCallback (Address: 0x18002a498)
- WaitForThreadpoolIoCallbacks (Address: 0x18002a488)
- WaitForThreadpoolTimerCallbacks (Address: 0x18002a480)
- WaitForThreadpoolWorkCallbacks (Address: 0x18002a470)
api-ms-win-core-util-l1-1-0.dll
- DecodePointer (Address: 0x18002a4b8)
- EncodePointer (Address: 0x18002a4b0)
api-ms-win-core-winrt-error-l1-1-0.dll
- GetRestrictedErrorInfo (Address: 0x18002a4d8)
- RoOriginateError (Address: 0x18002a4e0)
- RoOriginateErrorW (Address: 0x18002a4e8)
- RoTransformError (Address: 0x18002a4d0)
- SetRestrictedErrorInfo (Address: 0x18002a4c8)
api-ms-win-core-winrt-error-l1-1-1.dll
- IsErrorPropagationEnabled (Address: 0x18002a4f8)
- RoGetMatchingRestrictedErrorInfo (Address: 0x18002a500)
- RoReportFailedDelegate (Address: 0x18002a508)
api-ms-win-core-winrt-l1-1-0.dll
- RoActivateInstance (Address: 0x18002a538)
- RoGetActivationFactory (Address: 0x18002a540)
- RoInitialize (Address: 0x18002a520)
- RoRegisterActivationFactories (Address: 0x18002a518)
- RoRevokeActivationFactories (Address: 0x18002a530)
- RoUninitialize (Address: 0x18002a528)
api-ms-win-core-winrt-string-l1-1-0.dll
- WindowsCreateString (Address: 0x18002a568)
- WindowsCreateStringReference (Address: 0x18002a558)
- WindowsDeleteString (Address: 0x18002a560)
- WindowsGetStringRawBuffer (Address: 0x18002a570)
- WindowsIsStringEmpty (Address: 0x18002a578)
- WindowsStringHasEmbeddedNull (Address: 0x18002a550)
api-ms-win-core-wow64-l1-1-0.dll
- IsWow64Process (Address: 0x18002a588)
api-ms-win-eventing-classicprovider-l1-1-0.dll
- GetTraceEnableFlags (Address: 0x18002a5b8)
- GetTraceEnableLevel (Address: 0x18002a5b0)
- GetTraceLoggerHandle (Address: 0x18002a5a8)
- RegisterTraceGuidsW (Address: 0x18002a5a0)
- TraceMessage (Address: 0x18002a598)
- UnregisterTraceGuids (Address: 0x18002a5c0)
api-ms-win-eventing-provider-l1-1-0.dll
- EventRegister (Address: 0x18002a5d8)
- EventSetInformation (Address: 0x18002a5e0)
- EventUnregister (Address: 0x18002a5e8)
- EventWriteTransfer (Address: 0x18002a5d0)
api-ms-win-security-base-l1-1-0.dll
- CopySid (Address: 0x18002a608)
- CreateWellKnownSid (Address: 0x18002a5f8)
- DuplicateToken (Address: 0x18002a610)
- DuplicateTokenEx (Address: 0x18002a618)
- GetLengthSid (Address: 0x18002a620)
- GetTokenInformation (Address: 0x18002a600)
api-ms-win-security-capability-l1-1-0.dll
- CapabilityCheck (Address: 0x18002a630)
api-ms-win-security-lsalookup-l1-1-0.dll
- LsaLookupClose (Address: 0x18002a658)
- LsaLookupFreeMemory (Address: 0x18002a648)
- LsaLookupGetDomainInfo (Address: 0x18002a650)
- LsaLookupOpenLocalPolicy (Address: 0x18002a640)
api-ms-win-security-sddl-l1-1-0.dll
- ConvertSidToStringSidW (Address: 0x18002a668)
- ConvertStringSidToSidW (Address: 0x18002a670)
api-ms-win-service-core-l1-1-0.dll
- RegisterServiceCtrlHandlerExW (Address: 0x18002a680)
- SetServiceStatus (Address: 0x18002a688)
combase.dll
- (Address: 0x18002a698)
- (Address: 0x18002a6a0)
- (Address: 0x18002a6a8)
- (Address: 0x18002a6b0)
- (Address: 0x18002a6b8)
- (Address: 0x18002a6c0)
msvcrt.dll
- __C_specific_handler (Address: 0x18002a728)
- __CxxFrameHandler3 (Address: 0x18002a6e0)
- __dllonexit (Address: 0x18002a768)
- _amsg_exit (Address: 0x18002a6d0)
- _initterm (Address: 0x18002a6f8)
- _lock (Address: 0x18002a700)
- _onexit (Address: 0x18002a770)
- _purecall (Address: 0x18002a710)
- _unlock (Address: 0x18002a708)
- _vsnwprintf (Address: 0x18002a738)
- _wcsicmp (Address: 0x18002a760)
- _XcptFilter (Address: 0x18002a720)
- free (Address: 0x18002a6e8)
- malloc (Address: 0x18002a6f0)
- memcmp (Address: 0x18002a718)
- memcpy (Address: 0x18002a6d8)
- memcpy_s (Address: 0x18002a740)
- memmove_s (Address: 0x18002a748)
- memset (Address: 0x18002a730)
- wcschr (Address: 0x18002a750)
- wcscmp (Address: 0x18002a778)
- wcsrchr (Address: 0x18002a758)
ntdll.dll
- NtCreateFile (Address: 0x18002a838)
- NtQueryInformationToken (Address: 0x18002a840)
- NtQuerySecurityAttributesToken (Address: 0x18002a7a0)
- RtlAllocateHeap (Address: 0x18002a808)
- RtlCapabilityCheck (Address: 0x18002a7b0)
- RtlCaptureContext (Address: 0x18002a7e8)
- RtlCompareMemory (Address: 0x18002a810)
- RtlCompareUnicodeString (Address: 0x18002a788)
- RtlDeleteCriticalSection (Address: 0x18002a7f0)
- RtlDosPathNameToNtPathName_U (Address: 0x18002a828)
- RtlEqualSid (Address: 0x18002a7a8)
- RtlFreeHeap (Address: 0x18002a7f8)
- RtlFreeSid (Address: 0x18002a7b8)
- RtlFreeUnicodeString (Address: 0x18002a820)
- RtlGetAppContainerParent (Address: 0x18002a798)
- RtlGetAppContainerSidType (Address: 0x18002a7c8)
- RtlInitUnicodeString (Address: 0x18002a818)
- RtlLookupFunctionEntry (Address: 0x18002a7e0)
- RtlNtStatusToDosError (Address: 0x18002a830)
- RtlNtStatusToDosErrorNoTeb (Address: 0x18002a790)
- RtlReAllocateHeap (Address: 0x18002a800)
- RtlVirtualUnwind (Address: 0x18002a7d8)
- WinSqmAddToStream (Address: 0x18002a7d0)
- WinSqmIsOptedInEx (Address: 0x18002a7c0)
RPCRT4.dll
- CStdStubBuffer_AddRef (Address: 0x180029f28)
- CStdStubBuffer_Connect (Address: 0x180029fa8)
- CStdStubBuffer_CountRefs (Address: 0x180029f68)
- CStdStubBuffer_DebugServerQueryInterface (Address: 0x180029f30)
- CStdStubBuffer_DebugServerRelease (Address: 0x180029f88)
- CStdStubBuffer_Disconnect (Address: 0x180029f90)
- CStdStubBuffer_Invoke (Address: 0x180029f38)
- CStdStubBuffer_IsIIDSupported (Address: 0x180029fa0)
- CStdStubBuffer_QueryInterface (Address: 0x180029f70)
- I_RpcOpenClientProcess (Address: 0x180029fb0)
- IUnknown_AddRef_Proxy (Address: 0x180029fd0)
- IUnknown_QueryInterface_Proxy (Address: 0x180029f98)
- IUnknown_Release_Proxy (Address: 0x180029f58)
- NdrCStdStubBuffer_Release (Address: 0x180029f40)
- NdrCStdStubBuffer2_Release (Address: 0x180029fc0)
- NdrDllCanUnloadNow (Address: 0x180029f48)
- NdrDllGetClassObject (Address: 0x180029f80)
- NdrOleAllocate (Address: 0x180029f78)
- NdrOleFree (Address: 0x180029f50)
- NdrStubCall3 (Address: 0x180029f60)
- NdrStubForwardingFunction (Address: 0x180029fb8)
- RpcServerInqCallAttributesW (Address: 0x180029fc8)