¿Para qué sirve la dll offreg.dll?
Offline registry DLLDependencias de la dll offreg.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\offreg.dll
File Type: DLL
Image has the following dependencies:
msvcrt.dll
api-ms-win-core-synch-l1-2-0.dll
api-ms-win-core-profile-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-sysinfo-l1-1-0.dll
api-ms-win-core-rtlsupport-l1-1-0.dll
api-ms-win-core-errorhandling-l1-1-0.dll
api-ms-win-core-synch-l1-1-0.dll
api-ms-win-security-base-l1-1-0.dll
api-ms-win-core-libraryloader-l1-2-0.dll
api-ms-win-core-file-l1-1-0.dll
api-ms-win-core-handle-l1-1-0.dll
ntdll.dll
Summary
1000 .data
1000 .pdata
3000 .rdata
1000 .reloc
1000 .rsrc
10000 .text
3000 PAGE
Funciones que tiene la dll offreg.dll
1 0 00001490 ORCloseHive
2 1 00002C20 ORCloseKey
3 2 00001060 ORCreateHive
4 3 00001C80 ORCreateKey
5 4 00002350 ORDeleteKey
6 5 00003D80 ORDeleteValue
7 6 00002810 OREnumKey
8 7 00003B50 OREnumValue
9 8 000042C0 ORGetKeySecurity
10 9 000032B0 ORGetValue
11 A 00004630 ORGetVersion
12 B 00002CB0 ORGetVirtualFlags
13 C 00005C50 ORMergeHives
14 D 00001390 OROpenHive
15 E 00001380 OROpenHiveByHandle
16 F 00001AD0 OROpenKey
17 10 00002550 ORQueryInfoKey
18 11 00002E20 ORRenameKey
19 12 00001670 ORSaveHive
20 13 00004470 ORSetKeySecurity
21 14 00003960 ORSetValue
22 15 00002D50 ORSetVirtualFlags
Información avanzada sobre funciones que tiene la dll offreg.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\offreg.dll
File Type: DLL
Section contains the following exports for OFFREG.dll
00000000 characteristics
A2A462F time date stamp
0.00 version
1 ordinal base
22 number of functions
22 number of names
ordinal hint RVA name
1 0 00001490 ORCloseHive
2 1 00002C20 ORCloseKey
3 2 00001060 ORCreateHive
4 3 00001C80 ORCreateKey
5 4 00002350 ORDeleteKey
6 5 00003D80 ORDeleteValue
7 6 00002810 OREnumKey
8 7 00003B50 OREnumValue
9 8 000042C0 ORGetKeySecurity
10 9 000032B0 ORGetValue
11 A 00004630 ORGetVersion
12 B 00002CB0 ORGetVirtualFlags
13 C 00005C50 ORMergeHives
14 D 00001390 OROpenHive
15 E 00001380 OROpenHiveByHandle
16 F 00001AD0 OROpenKey
17 10 00002550 ORQueryInfoKey
18 11 00002E20 ORRenameKey
19 12 00001670 ORSaveHive
20 13 00004470 ORSetKeySecurity
21 14 00003960 ORSetValue
22 15 00002D50 ORSetVirtualFlags
Summary
1000 .data
1000 .pdata
3000 .rdata
1000 .reloc
1000 .rsrc
10000 .text
3000 PAGE
Integridad de la dll offreg.dll
Algorithm Hash Path
--------- ---- ----
SHA256 A08DB8AE56C878B092DC1CA87588B7FA33AB3AD6D3EDC5A4CBC781727FF15972 C:\Windows\System32\offreg.dll
Detalles sobre el fichero dll offreg.dll
PSPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32\offreg.dll
PSParentPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32
PSChildName : offreg.dll
PSDrive : C
PSProvider : Microsoft.PowerShell.Core\FileSystem
PSIsContainer : False
Mode : -a----
VersionInfo : File: C:\Windows\System32\offreg.dll
InternalName: offreg.dll
OriginalFilename: offreg.dll
FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
FileDescription: Offline registry DLL
Product: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.1
Debug: False
Patched: False
PreRelease: False
PrivateBuild: False
SpecialBuild: False
Language: Inglés (Estados Unidos)
BaseName : offreg
Target : {C:\Windows\WinSxS\amd64_microsoft-windows-offlineregistry_31bf3856ad364e35_10.0.19041.1_none_3800412a3d3e67b1\o
ffreg.dll}
LinkType : HardLink
Name : offreg.dll
Length : 89088
DirectoryName : C:\Windows\System32
Directory : C:\Windows\System32
IsReadOnly : False
Exists : True
FullName : C:\Windows\System32\offreg.dll
Extension : .dll
CreationTime : 07/12/2019 10:09:45
CreationTimeUtc : 07/12/2019 9:09:45
LastAccessTime : 03/12/2020 13:54:49
LastAccessTimeUtc : 03/12/2020 12:54:49
LastWriteTime : 07/12/2019 10:09:45
LastWriteTimeUtc : 07/12/2019 9:09:45
Attributes : Archive
Procesos que utilizan la dll offreg.dll