DiagSvc.dll
Description: Microsoft Windows operating system
Authors: © Microsoft Corporation. All rights reserved.
Version: 10.0.19041.4355
Architecture: 64-bit
Operating System: Windows NT
SHA256: 028c7154c0104c8b91a85dd104927028
File Size: 201.0 KB
Uploaded At: Dec. 1, 2025, 7:26 a.m.
Views: 11
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: OpenProcess
Exported Functions
- ServiceMain (Ordinal: 1, Address: 0x3550)
- SvchostPushServiceGlobals (Ordinal: 2, Address: 0x3500)
Imported DLLs & Functions
api-ms-win-core-com-l1-1-0.dll
- CoCreateFreeThreadedMarshaler (Address: 0x180025a08)
- CoCreateGuid (Address: 0x180025a00)
- CoCreateInstance (Address: 0x1800259f8)
- CoInitializeEx (Address: 0x1800259f0)
- CoMarshalInterface (Address: 0x1800259e8)
- CoReleaseMarshalData (Address: 0x1800259d8)
- CoTaskMemAlloc (Address: 0x1800259d0)
- CoUninitialize (Address: 0x180025a10)
- CoWaitForMultipleHandles (Address: 0x1800259c8)
- CreateStreamOnHGlobal (Address: 0x1800259e0)
- StringFromGUID2 (Address: 0x180025a18)
api-ms-win-core-com-l1-1-1.dll
- RoGetAgileReference (Address: 0x180025a28)
api-ms-win-core-debug-l1-1-0.dll
- DebugBreak (Address: 0x180025a38)
- IsDebuggerPresent (Address: 0x180025a48)
- OutputDebugStringW (Address: 0x180025a40)
api-ms-win-core-errorhandling-l1-1-0.dll
- GetLastError (Address: 0x180025a58)
- RaiseException (Address: 0x180025a70)
- SetLastError (Address: 0x180025a68)
- SetUnhandledExceptionFilter (Address: 0x180025a60)
- UnhandledExceptionFilter (Address: 0x180025a78)
api-ms-win-core-file-l1-1-0.dll
- CreateDirectoryW (Address: 0x180025a88)
- CreateFileW (Address: 0x180025aa8)
- DeleteFileW (Address: 0x180025ad0)
- GetFileAttributesW (Address: 0x180025ac8)
- GetFullPathNameW (Address: 0x180025ac0)
- LocalFileTimeToFileTime (Address: 0x180025ab8)
- SetEndOfFile (Address: 0x180025aa0)
- SetFileAttributesW (Address: 0x180025ab0)
- SetFileTime (Address: 0x180025a90)
- WriteFile (Address: 0x180025a98)
api-ms-win-core-file-l1-2-0.dll
- GetTempPathW (Address: 0x180025ae0)
api-ms-win-core-handle-l1-1-0.dll
- CloseHandle (Address: 0x180025af8)
- DuplicateHandle (Address: 0x180025af0)
api-ms-win-core-heap-l1-1-0.dll
- GetProcessHeap (Address: 0x180025b20)
- HeapAlloc (Address: 0x180025b10)
- HeapFree (Address: 0x180025b18)
- HeapSetInformation (Address: 0x180025b08)
api-ms-win-core-heap-l2-1-0.dll
- LocalFree (Address: 0x180025b30)
api-ms-win-core-interlocked-l1-1-0.dll
- InitializeSListHead (Address: 0x180025b40)
api-ms-win-core-libraryloader-l1-2-0.dll
- DisableThreadLibraryCalls (Address: 0x180025b70)
- GetModuleFileNameA (Address: 0x180025b68)
- GetModuleHandleExW (Address: 0x180025b60)
- GetModuleHandleW (Address: 0x180025b50)
- GetProcAddress (Address: 0x180025b58)
api-ms-win-core-localization-l1-2-0.dll
- FormatMessageW (Address: 0x180025b80)
api-ms-win-core-processenvironment-l1-1-0.dll
- ExpandEnvironmentStringsW (Address: 0x180025b90)
api-ms-win-core-processthreads-l1-1-0.dll
- GetCurrentProcess (Address: 0x180025bb0)
- GetCurrentProcessId (Address: 0x180025ba0)
- GetCurrentThreadId (Address: 0x180025bb8)
- OpenProcessToken (Address: 0x180025ba8)
- TerminateProcess (Address: 0x180025bc0)
api-ms-win-core-processthreads-l1-1-1.dll
- IsProcessorFeaturePresent (Address: 0x180025bd8)
- OpenProcess (Address: 0x180025bd0)
api-ms-win-core-profile-l1-1-0.dll
- QueryPerformanceCounter (Address: 0x180025be8)
- QueryPerformanceFrequency (Address: 0x180025bf0)
api-ms-win-core-registry-l1-1-0.dll
- RegCloseKey (Address: 0x180025c10)
- RegGetValueW (Address: 0x180025c00)
- RegOpenKeyExW (Address: 0x180025c18)
- RegQueryValueExW (Address: 0x180025c08)
api-ms-win-core-rtlsupport-l1-1-0.dll
- RtlCaptureContext (Address: 0x180025c28)
- RtlLookupFunctionEntry (Address: 0x180025c30)
- RtlVirtualUnwind (Address: 0x180025c38)
api-ms-win-core-shlwapi-legacy-l1-1-0.dll
- PathFileExistsW (Address: 0x180025c48)
api-ms-win-core-string-l1-1-0.dll
- MultiByteToWideChar (Address: 0x180025c58)
- WideCharToMultiByte (Address: 0x180025c60)
api-ms-win-core-synch-l1-1-0.dll
- CreateEventA (Address: 0x180025cb0)
- CreateEventExW (Address: 0x180025ca0)
- CreateEventW (Address: 0x180025cf0)
- CreateMutexExW (Address: 0x180025c70)
- CreateSemaphoreExW (Address: 0x180025cd8)
- DeleteCriticalSection (Address: 0x180025cc8)
- EnterCriticalSection (Address: 0x180025cb8)
- InitializeCriticalSectionAndSpinCount (Address: 0x180025ce0)
- InitializeCriticalSectionEx (Address: 0x180025cd0)
- LeaveCriticalSection (Address: 0x180025cc0)
- OpenSemaphoreW (Address: 0x180025c78)
- ReleaseMutex (Address: 0x180025c88)
- ReleaseSemaphore (Address: 0x180025c98)
- ResetEvent (Address: 0x180025ce8)
- SetEvent (Address: 0x180025ca8)
- WaitForSingleObject (Address: 0x180025c90)
- WaitForSingleObjectEx (Address: 0x180025c80)
api-ms-win-core-synch-l1-2-0.dll
- InitOnceExecuteOnce (Address: 0x180025d00)
api-ms-win-core-sysinfo-l1-1-0.dll
- GetSystemTimeAsFileTime (Address: 0x180025d10)
api-ms-win-core-threadpool-l1-2-0.dll
- CloseThreadpoolTimer (Address: 0x180025d38)
- CreateThreadpoolTimer (Address: 0x180025d30)
- SetThreadpoolTimer (Address: 0x180025d20)
- WaitForThreadpoolTimerCallbacks (Address: 0x180025d28)
api-ms-win-core-winrt-error-l1-1-0.dll
- GetRestrictedErrorInfo (Address: 0x180025d50)
- RoOriginateError (Address: 0x180025d58)
- RoOriginateErrorW (Address: 0x180025d68)
- RoTransformError (Address: 0x180025d48)
- SetRestrictedErrorInfo (Address: 0x180025d60)
api-ms-win-core-winrt-error-l1-1-1.dll
- IsErrorPropagationEnabled (Address: 0x180025d78)
- RoGetMatchingRestrictedErrorInfo (Address: 0x180025d88)
- RoReportFailedDelegate (Address: 0x180025d80)
api-ms-win-core-winrt-l1-1-0.dll
- RoActivateInstance (Address: 0x180025da0)
- RoGetActivationFactory (Address: 0x180025d98)
api-ms-win-core-winrt-string-l1-1-0.dll
- WindowsCreateString (Address: 0x180025dd0)
- WindowsCreateStringReference (Address: 0x180025dc8)
- WindowsDeleteString (Address: 0x180025db0)
- WindowsDuplicateString (Address: 0x180025dc0)
- WindowsGetStringRawBuffer (Address: 0x180025db8)
api-ms-win-crt-private-l1-1-0.dll
- __C_specific_handler (Address: 0x180025e78)
- __CxxFrameHandler3 (Address: 0x180025e80)
- __CxxFrameHandler4 (Address: 0x180025f10)
- __std_terminate (Address: 0x180025f08)
- _CxxThrowException (Address: 0x180025f18)
- _o___std_exception_copy (Address: 0x180025f00)
- _o___std_exception_destroy (Address: 0x180025ef8)
- _o___std_type_info_destroy_list (Address: 0x180025ef0)
- _o___stdio_common_vsnprintf_s (Address: 0x180025ee8)
- _o___stdio_common_vsprintf (Address: 0x180025ee0)
- _o___stdio_common_vsprintf_s (Address: 0x180025ed8)
- _o___stdio_common_vswprintf (Address: 0x180025ed0)
- _o__callnewh (Address: 0x180025eb8)
- _o__cexit (Address: 0x180025eb0)
- _o__close (Address: 0x180025ea8)
- _o__configure_narrow_argv (Address: 0x180025ea0)
- _o__crt_atexit (Address: 0x180025e98)
- _o__errno (Address: 0x180025ec8)
- _o__execute_onexit_table (Address: 0x180025ec0)
- _o__get_osfhandle (Address: 0x180025de0)
- _o__initialize_narrow_environment (Address: 0x180025de8)
- _o__initialize_onexit_table (Address: 0x180025df0)
- _o__invalid_parameter_noinfo (Address: 0x180025df8)
- _o__invalid_parameter_noinfo_noreturn (Address: 0x180025e00)
- _o__lseek (Address: 0x180025e08)
- _o__purecall (Address: 0x180025e10)
- _o__read (Address: 0x180025e18)
- _o__register_onexit_function (Address: 0x180025e20)
- _o__seh_filter_dll (Address: 0x180025e28)
- _o__wcsicmp (Address: 0x180025e30)
- _o__wcslwr_s (Address: 0x180025f28)
- _o__write (Address: 0x180025e40)
- _o_calloc (Address: 0x180025e48)
- _o_free (Address: 0x180025e50)
- _o_iswxdigit (Address: 0x180025e58)
- _o_malloc (Address: 0x180025e60)
- _o_terminate (Address: 0x180025e68)
- _o_wcscpy_s (Address: 0x180025e70)
- memcpy (Address: 0x180025f20)
- memmove (Address: 0x180025e38)
- wcschr (Address: 0x180025e88)
- wcsstr (Address: 0x180025e90)
api-ms-win-crt-runtime-l1-1-0.dll
- _initterm (Address: 0x180025f38)
- _initterm_e (Address: 0x180025f40)
api-ms-win-crt-stdio-l1-1-0.dll
- _wopen (Address: 0x180025f50)
api-ms-win-crt-string-l1-1-0.dll
- memset (Address: 0x180025f68)
- wcsncmp (Address: 0x180025f60)
api-ms-win-eventing-provider-l1-1-0.dll
- EventRegister (Address: 0x180025f88)
- EventSetInformation (Address: 0x180025f90)
- EventUnregister (Address: 0x180025f80)
- EventWriteTransfer (Address: 0x180025f78)
api-ms-win-security-base-l1-1-0.dll
- GetTokenInformation (Address: 0x180025fa0)
api-ms-win-security-sddl-l1-1-0.dll
- ConvertStringSecurityDescriptorToSecurityDescriptorW (Address: 0x180025fb0)
api-ms-win-service-core-l1-1-0.dll
- RegisterServiceCtrlHandlerExW (Address: 0x180025fc8)
- SetServiceStatus (Address: 0x180025fc0)
api-ms-win-shcore-taskpool-l1-1-0.dll
- SHTaskPoolAllowThreadReuse (Address: 0x180025fe0)
- SHTaskPoolQueueTask (Address: 0x180025fd8)
Cabinet.dll
- (Address: 0x1800258d0)
- (Address: 0x1800258d8)
- (Address: 0x1800258e0)
CRYPT32.dll
- CertVerifyCertificateChainPolicy (Address: 0x1800258c0)
ext-ms-win-shell-shell32-l1-2-1.dll
- SHFileOperationW (Address: 0x180025ff0)
KERNEL32.dll
- DosDateTimeToFileTime (Address: 0x1800258f8)
- UnregisterWaitEx (Address: 0x1800258f0)
msvcp_win.dll
- _Cnd_broadcast (Address: 0x180026130)
- _Cnd_destroy_in_situ (Address: 0x180026140)
- _Cnd_init_in_situ (Address: 0x180026090)
- _Cnd_register_at_thread_exit (Address: 0x180026118)
- _Cnd_timedwait (Address: 0x1800260a0)
- _Cnd_unregister_at_thread_exit (Address: 0x180026148)
- _Cnd_wait (Address: 0x180026160)
- _Mtx_current_owns (Address: 0x1800260b0)
- _Mtx_destroy_in_situ (Address: 0x180026138)
- _Mtx_init_in_situ (Address: 0x180026098)
- _Mtx_lock (Address: 0x180026030)
- _Mtx_unlock (Address: 0x180026028)
- _Query_perf_counter (Address: 0x180026128)
- _Query_perf_frequency (Address: 0x180026088)
- _Xtime_get_ticks (Address: 0x1800260f0)
- ?__ExceptionPtrAssign@@YAXPEAXPEBX@Z (Address: 0x180026060)
- ?__ExceptionPtrCopy@@YAXPEAXPEBX@Z (Address: 0x180026080)
- ?__ExceptionPtrCreate@@YAXPEAX@Z (Address: 0x180026048)
- ?__ExceptionPtrCurrentException@@YAXPEAX@Z (Address: 0x180026040)
- ?__ExceptionPtrDestroy@@YAXPEAX@Z (Address: 0x180026068)
- ?__ExceptionPtrRethrow@@YAXPEBX@Z (Address: 0x180026038)
- ?__ExceptionPtrToBool@@YA_NPEBX@Z (Address: 0x180026000)
- ?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z (Address: 0x1800260d0)
- ?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ (Address: 0x1800260d8)
- ?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z (Address: 0x180026018)
- ?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ (Address: 0x1800260e8)
- ?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z (Address: 0x1800260e0)
- ?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ (Address: 0x180026100)
- ?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ (Address: 0x1800260f8)
- ?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ (Address: 0x180026110)
- ?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ (Address: 0x180026108)
- ?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z (Address: 0x1800260c0)
- ?_ReportUnobservedException@details@Concurrency@@YAXXZ (Address: 0x180026050)
- ?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ (Address: 0x180026158)
- ?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z (Address: 0x180026008)
- ?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z (Address: 0x1800260c8)
- ?_Syserror_map@std@@YAPEBDH@Z (Address: 0x180026010)
- ?_Throw_C_error@std@@YAXH@Z (Address: 0x180026120)
- ?_Throw_Cpp_error@std@@YAXH@Z (Address: 0x1800260a8)
- ?_Throw_future_error@std@@YAXAEBVerror_code@1@@Z (Address: 0x180026020)
- ?_Xbad_function_call@std@@YAXXZ (Address: 0x180026058)
- ?_XGetLastError@std@@YAXXZ (Address: 0x180026078)
- ?_Xlength_error@std@@YAXPEBD@Z (Address: 0x180026150)
- ??0task_continuation_context@Concurrency@@AEAA@XZ (Address: 0x180026070)
- ?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ (Address: 0x1800260b8)
ntdll.dll
- DbgPrintEx (Address: 0x180026170)
OLEAUT32.dll
- SysAllocString (Address: 0x180025920)
- SysFreeString (Address: 0x180025910)
- VariantClear (Address: 0x180025908)
- VariantInit (Address: 0x180025918)
RPCRT4.dll
- NdrClientCall3 (Address: 0x180025950)
- NdrRpcSsDefaultAllocate (Address: 0x180025940)
- NdrRpcSsDefaultFree (Address: 0x180025938)
- NdrServerCall2 (Address: 0x180025948)
- NdrServerCallAll (Address: 0x180025930)
- RpcBindingVectorFree (Address: 0x180025970)
- RpcEpRegisterA (Address: 0x180025958)
- RpcEpUnregister (Address: 0x180025988)
- RpcServerInqBindings (Address: 0x180025990)
- RpcServerRegisterIf3 (Address: 0x180025980)
- RpcServerUnregisterIf (Address: 0x180025978)
- RpcServerUseProtseqW (Address: 0x180025968)
- UuidCreate (Address: 0x180025960)
WINTRUST.dll
- WinVerifyTrust (Address: 0x1800259a0)
- WTHelperGetProvCertFromChain (Address: 0x1800259a8)
- WTHelperGetProvSignerFromChain (Address: 0x1800259b8)
- WTHelperProvDataFromStateData (Address: 0x1800259b0)