¿Para qué sirve la dll AppVEntSubsystems64.dll?
Client Virtualization SubsystemsDependencias de la dll AppVEntSubsystems64.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\AppVEntSubsystems64.dll
File Type: DLL
Image has the following dependencies:
ntdll.dll
KERNEL32.dll
ADVAPI32.dll
api-ms-win-core-memory-l1-1-0.dll
api-ms-win-core-libraryloader-l1-2-0.dll
api-ms-win-core-errorhandling-l1-1-2.dll
api-ms-win-security-base-l1-1-0.dll
api-ms-win-core-file-l1-1-0.dll
api-ms-win-core-processenvironment-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
USERENV.dll
api-ms-win-security-sddl-l1-1-0.dll
api-ms-win-core-com-l1-1-0.dll
api-ms-win-core-file-l1-2-0.dll
api-ms-win-core-sysinfo-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-1.dll
api-ms-win-core-heap-l2-1-0.dll
api-ms-win-core-psapi-l1-1-0.dll
api-ms-win-core-sysinfo-l1-2-0.dll
api-ms-win-core-file-l1-2-2.dll
api-ms-win-core-url-l1-1-0.dll
api-ms-win-core-libraryloader-l1-2-1.dll
api-ms-win-core-registry-l1-1-0.dll
api-ms-win-core-registry-l2-1-0.dll
api-ms-win-core-synch-l1-1-0.dll
api-ms-win-core-threadpool-l1-2-0.dll
api-ms-win-core-memory-l1-1-4.dll
api-ms-win-core-synch-l1-2-0.dll
RPCRT4.dll
api-ms-win-core-io-l1-1-0.dll
api-ms-win-core-namedpipe-l1-1-0.dll
api-ms-win-core-threadpool-legacy-l1-1-0.dll
api-ms-win-core-console-l3-2-0.dll
api-ms-win-shcore-sysinfo-l1-1-0.dll
api-ms-win-core-handle-l1-1-0.dll
api-ms-win-core-wow64-l1-1-0.dll
api-ms-win-security-lsalookup-l2-1-0.dll
USER32.dll
GDI32.dll
ole32.dll
SHELL32.dll
api-ms-win-core-version-l1-1-1.dll
api-ms-win-core-localization-l1-2-0.dll
api-ms-win-core-version-l1-1-0.dll
api-ms-win-core-synch-l1-2-1.dll
Summary
14000 .data
3000 .detourc
1000 .detourd
1000 .mrdata
E000 .pdata
80000 .rdata
5000 .reloc
1000 .rsrc
148000 .text
Funciones que tiene la dll AppVEntSubsystems64.dll
1 0 00007F80 APIExportForDetours
4 1 00009630 CurrentThreadIsVirtualized
6 2 00009620 IsProcessHooked
2 3 00006BA0 RequestUnhookedFunctionList
5 4 00009760 VirtualizeCurrentProcess
3 5 000096F0 VirtualizeCurrentThread
Información avanzada sobre funciones que tiene la dll AppVEntSubsystems64.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\AppVEntSubsystems64.dll
File Type: DLL
Section contains the following exports for AppVSubsystems.dll
00000000 characteristics
EAD111D6 time date stamp
0.00 version
1 ordinal base
6 number of functions
6 number of names
ordinal hint RVA name
1 0 00007F80 APIExportForDetours
4 1 00009630 CurrentThreadIsVirtualized
6 2 00009620 IsProcessHooked
2 3 00006BA0 RequestUnhookedFunctionList
5 4 00009760 VirtualizeCurrentProcess
3 5 000096F0 VirtualizeCurrentThread
Summary
14000 .data
3000 .detourc
1000 .detourd
1000 .mrdata
E000 .pdata
80000 .rdata
5000 .reloc
1000 .rsrc
148000 .text
Integridad de la dll AppVEntSubsystems64.dll
Algorithm Hash Path
--------- ---- ----
SHA256 06C21DFA4C361D049CD46066ADB61D194D2410EA4C69983474D969874381E7A2 C:\Windows\System32\AppVEntSubsystems64.dll
Detalles sobre el fichero dll AppVEntSubsystems64.dll
PSPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32\AppVEntSubsystems64.dll
PSParentPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32
PSChildName : AppVEntSubsystems64.dll
PSDrive : C
PSProvider : Microsoft.PowerShell.Core\FileSystem
PSIsContainer : False
Mode : -a----
VersionInfo : File: C:\Windows\System32\AppVEntSubsystems64.dll
InternalName: AppVEntSubsystems.dll
OriginalFilename: AppVEntSubsystems.dll
FileVersion: 10.0.19041.572 (WinBuild.160101.0800)
FileDescription: Client Virtualization Subsystems
Product: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.572
Debug: False
Patched: False
PreRelease: False
PrivateBuild: False
SpecialBuild: False
Language: Inglés (Estados Unidos)
BaseName : AppVEntSubsystems64
Target : {C:\Windows\WinSxS\amd64_microsoft-windows-appmanagement-appvwow_31bf3856ad364e35_10.0.19041.572_none_910ea25c51
51fe11\AppVEntSubsystems64.dll}
LinkType : HardLink
Name : AppVEntSubsystems64.dll
Length : 2022200
DirectoryName : C:\Windows\System32
Directory : C:\Windows\System32
IsReadOnly : False
Exists : True
FullName : C:\Windows\System32\AppVEntSubsystems64.dll
Extension : .dll
CreationTime : 21/11/2020 8:48:20
CreationTimeUtc : 21/11/2020 7:48:20
LastAccessTime : 03/12/2020 8:32:35
LastAccessTimeUtc : 03/12/2020 7:32:35
LastWriteTime : 21/11/2020 8:48:21
LastWriteTimeUtc : 21/11/2020 7:48:21
Attributes : Archive
Procesos que utilizan la dll AppVEntSubsystems64.dll