¿Para qué sirve la dll dbghelp.dll?
Windows Image HelperDependencias de la dll dbghelp.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\dbghelp.dll
File Type: DLL
Image has the following dependencies:
api-ms-win-crt-string-l1-1-0.dll
api-ms-win-crt-time-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
api-ms-win-crt-runtime-l1-1-0.dll
api-ms-win-crt-private-l1-1-0.dll
api-ms-win-core-file-l1-1-0.dll
api-ms-win-core-errorhandling-l1-1-0.dll
api-ms-win-core-synch-l1-1-0.dll
api-ms-win-core-misc-l1-1-0.dll
api-ms-win-core-handle-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-heap-l1-1-0.dll
api-ms-win-core-sysinfo-l1-1-0.dll
api-ms-win-core-libraryloader-l1-1-0.dll
api-ms-win-core-processenvironment-l1-1-0.dll
api-ms-win-security-base-l1-1-0.dll
api-ms-win-core-string-l1-1-0.dll
api-ms-win-core-memory-l1-1-0.dll
api-ms-win-core-debug-l1-1-0.dll
api-ms-win-core-localregistry-l1-1-0.dll
api-ms-win-core-rtlsupport-l1-1-0.dll
api-ms-win-core-profile-l1-1-0.dll
api-ms-win-core-util-l1-1-0.dll
api-ms-win-core-localization-l1-1-0.dll
api-ms-win-core-interlocked-l1-1-0.dll
api-ms-win-eventing-provider-l1-1-0.dll
ntdll.dll
api-ms-win-core-kernel32-legacy-l1-1-0.dll
api-ms-win-core-synch-l1-2-0.dll
api-ms-win-downlevel-kernel32-l2-1-0.dll
api-ms-win-core-io-l1-1-0.dll
api-ms-win-core-delayload-l1-1-0.dll
Image has the following delay load dependencies:
RPCRT4.dll
Summary
25000 .data
1000 .didat
3000 .mrdata
12000 .pdata
4C000 .rdata
5000 .reloc
1000 .rsrc
156000 .text
Funciones que tiene la dll dbghelp.dll
1126 0 0012EB70 DbgHelpCreateUserDump
1127 1 0012EC70 DbgHelpCreateUserDumpW
1128 2 00127D40 EnumDirTree
1129 3 00127E70 EnumDirTreeW
1130 4 00121500 EnumerateLoadedModules
1131 5 00121500 EnumerateLoadedModules64
1132 6 00121560 EnumerateLoadedModulesEx
1133 7 001215C0 EnumerateLoadedModulesExW
1134 8 00121620 EnumerateLoadedModulesW64
1135 9 00116480 ExtensionApiVersion
1136 A 00127EC0 FindDebugInfoFile
1137 B 00127EE0 FindDebugInfoFileEx
1138 C 00127FB0 FindDebugInfoFileExW
1139 D 00128000 FindExecutableImage
1140 E 00128020 FindExecutableImageEx
1141 F 00128120 FindExecutableImageExW
1142 10 00128170 FindFileInPath
1143 11 001281C0 FindFileInSearchPath
1144 12 00121680 GetSymLoadError
1145 13 00118740 GetTimestampForLoadedLibrary
1146 14 001183C0 ImageDirectoryEntryToData
1147 15 001183E0 ImageDirectoryEntryToDataEx
1148 16 00118510 ImageNtHeader
1149 17 00118550 ImageRvaToSection
1150 18 001185C0 ImageRvaToVa
1151 19 00128210 ImagehlpApiVersion
1152 1A 00128220 ImagehlpApiVersionEx
1153 1B 00128260 MakeSureDirectoryPathExists
1154 1C MiniDumpReadDumpStream (forwarded to dbgcore.MiniDumpReadDumpStream)
1155 1D MiniDumpWriteDump (forwarded to dbgcore.MiniDumpWriteDump)
1156 1E 00140530 RangeMapAddPeImageSections
1157 1F 001405F0 RangeMapCreate
1158 20 00140650 RangeMapFree
1159 21 00140670 RangeMapRead
1160 22 001406D0 RangeMapRemove
1161 23 00140720 RangeMapWrite
1162 24 000184C0 RemoveInvalidModuleList
1163 25 00111970 ReportSymbolLoad
Información avanzada sobre funciones que tiene la dll dbghelp.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\dbghelp.dll
File Type: DLL
Section contains the following exports for dbghelp.dll
00000000 characteristics
92E0F435 time date stamp
0.00 version
1101 ordinal base
257 number of functions
242 number of names
ordinal hint RVA name
1126 0 0012EB70 DbgHelpCreateUserDump
1127 1 0012EC70 DbgHelpCreateUserDumpW
1128 2 00127D40 EnumDirTree
1129 3 00127E70 EnumDirTreeW
1130 4 00121500 EnumerateLoadedModules
1131 5 00121500 EnumerateLoadedModules64
1132 6 00121560 EnumerateLoadedModulesEx
1133 7 001215C0 EnumerateLoadedModulesExW
1134 8 00121620 EnumerateLoadedModulesW64
1135 9 00116480 ExtensionApiVersion
1136 A 00127EC0 FindDebugInfoFile
1137 B 00127EE0 FindDebugInfoFileEx
1138 C 00127FB0 FindDebugInfoFileExW
1139 D 00128000 FindExecutableImage
1140 E 00128020 FindExecutableImageEx
1141 F 00128120 FindExecutableImageExW
1142 10 00128170 FindFileInPath
1143 11 001281C0 FindFileInSearchPath
1144 12 00121680 GetSymLoadError
1145 13 00118740 GetTimestampForLoadedLibrary
1146 14 001183C0 ImageDirectoryEntryToData
1147 15 001183E0 ImageDirectoryEntryToDataEx
1148 16 00118510 ImageNtHeader
1149 17 00118550 ImageRvaToSection
1150 18 001185C0 ImageRvaToVa
1151 19 00128210 ImagehlpApiVersion
1152 1A 00128220 ImagehlpApiVersionEx
1153 1B 00128260 MakeSureDirectoryPathExists
1154 1C MiniDumpReadDumpStream (forwarded to dbgcore.MiniDumpReadDumpStream)
1155 1D MiniDumpWriteDump (forwarded to dbgcore.MiniDumpWriteDump)
1156 1E 00140530 RangeMapAddPeImageSections
1157 1F 001405F0 RangeMapCreate
1158 20 00140650 RangeMapFree
1159 21 00140670 RangeMapRead
1160 22 001406D0 RangeMapRemove
1161 23 00140720 RangeMapWrite
1162 24 000184C0 RemoveInvalidModuleList
1163 25 00111970 ReportSymbolLoadSummary
1164 26 001283F0 SearchTreeForFile
1165 27 00128420 SearchTreeForFileW
1166 28 000184C0 SetCheckUserInterruptShared
1167 29 00121690 SetSymLoadError
1168 2A 0000DBF0 StackWalk
1169 2B 0000DBF0 StackWalk64
1170 2C 0000DD70 StackWalkEx
1171 2D 001216A0 SymAddSourceStream
1172 2E 001216B0 SymAddSourceStreamA
1173 2F 00121720 SymAddSourceStreamW
1174 30 001218C0 SymAddSymbol
1175 31 00121940 SymAddSymbolW
1176 32 00121A50 SymAddrIncludeInlineTrace
1111 33 0011FAC0 SymAllocDiaString
1177 34 0000DBA0 SymCleanup
1178 35 00121BD0 SymCompareInlineTrace
1179 36 00122120 SymDeleteSymbol
1180 37 00122190 SymDeleteSymbolW
1181 38 00122280 SymEnumLines
1182 39 00122350 SymEnumLinesW
1183 3A 001223C0 SymEnumProcesses
1184 3B 00122460 SymEnumSourceFileTokens
1185 3C 00122510 SymEnumSourceFiles
1186 3D 00122540 SymEnumSourceFilesW
1187 3E 00122570 SymEnumSourceLines
1188 3F 001225C0 SymEnumSourceLinesW
1189 40 00122610 SymEnumSym
1190 41 00122640 SymEnumSymbols
1191 42 00122670 SymEnumSymbolsEx
1192 43 00122710 SymEnumSymbolsExW
1193 44 00122780 SymEnumSymbolsForAddr
1194 45 001228B0 SymEnumSymbolsForAddrW
1195 46 001229F0 SymEnumSymbolsW
1196 47 00122A20 SymEnumTypes
1197 48 00122A70 SymEnumTypesByName
1198 49 00122B40 SymEnumTypesByNameW
1199 4A 00122BA0 SymEnumTypesW
1200 4B 00122BF0 SymEnumerateModules
1201 4C 00122BF0 SymEnumerateModules64
1202 4D 00122C30 SymEnumerateModulesW64
1203 4E 00122C70 SymEnumerateSymbols
1204 4F 00122C70 SymEnumerateSymbols64
1205 50 00122CC0 SymEnumerateSymbolsW
1206 51 00122CC0 SymEnumerateSymbolsW64
1207 52 00128450 SymFindDebugInfoFile
1208 53 00128540 SymFindDebugInfoFileW
1209 54 001285D0 SymFindExecutableImage
1210 55 001286D0 SymFindExecutableImageW
1211 56 00128760 SymFindFileInPath
1212 57 001288A0 SymFindFileInPathW
1112 58 0011FD80 SymFreeDiaString
1213 59 00122D10 SymFromAddr
1214 5A 00122D40 SymFromAddrW
1215 5B 00122D70 SymFromIndex
1216 5C 00122DE0 SymFromIndexW
1217 5D 00122EE0 SymFromInlineContext
1218 5E 00122F40 SymFromInlineContextW
1219 5F 00018900 SymFromName
1220 60 00122FA0 SymFromNameW
1221 61 00122FD0 SymFromToken
1222 62 00123080 SymFromTokenW
1223 63 0000E6E0 SymFunctionTableAccess
1224 64 0000E6E0 SymFunctionTableAccess64
1225 65 0000E700 SymFunctionTableAccess64AccessRoutines
1113 66 0011FD90 SymGetDiaSession
1226 67 00123190 SymGetExtendedOption
1227 68 0011AAA0 SymGetFileLineOffsets64
1228 69 001231B0 SymGetHomeDirectory
1229 6A 00123230 SymGetHomeDirectoryW
1230 6B 001232F0 SymGetLineFromAddr
1231 6C 001232F0 SymGetLineFromAddr64
1114 6D 0011FE40 SymGetLineFromAddrEx
1232 6E 00123320 SymGetLineFromAddrW64
1233 6F 00123350 SymGetLineFromInlineContext
1234 70 00123390 SymGetLineFromInlineContextW
1235 71 001233D0 SymGetLineFromName
1236 72 001233D0 SymGetLineFromName64
1120 73 00120130 SymGetLineFromNameEx
1237 74 00123400 SymGetLineFromNameW64
1238 75 00123430 SymGetLineNext
1239 76 00123430 SymGetLineNext64
1121 77 00120860 SymGetLineNextEx
1240 78 00123440 SymGetLineNextW64
1241 79 00123460 SymGetLinePrev
1242 7A 00123460 SymGetLinePrev64
1122 7B 00120900 SymGetLinePrevEx
1243 7C 00123470 SymGetLinePrevW64
1244 7D 0000F480 SymGetModuleBase
1245 7E 0000F480 SymGetModuleBase64
1246 7F 00123490 SymGetModuleInfo
1247 80 00123490 SymGetModuleInfo64
1248 81 000104E0 SymGetModuleInfoW
1249 82 000104E0 SymGetModuleInfoW64
1123 83 00120990 SymGetOmapBlockBase
1250 84 00123520 SymGetOmaps
1251 85 00018310 SymGetOptions
1252 86 00123610 SymGetScope
1253 87 00123690 SymGetScopeW
1254 88 001237C0 SymGetSearchPath
1255 89 00123850 SymGetSearchPathW
1256 8A 001238C0 SymGetSourceFile
1257 8B 00123940 SymGetSourceFileChecksum
1258 8C 001239D0 SymGetSourceFileChecksumW
1259 8D 00123B00 SymGetSourceFileFromToken
1260 8E 00123BB0 SymGetSourceFileFromTokenW
1261 8F 00123C30 SymGetSourceFileToken
1262 90 00123CA0 SymGetSourceFileTokenW
1263 91 00123D70 SymGetSourceFileW
1264 92 00123DF0 SymGetSourceVarFromToken
1265 93 00123EC0 SymGetSourceVarFromTokenW
1266 94 00123F70 SymGetSymFromAddr
1267 95 00123F70 SymGetSymFromAddr64
1268 96 00123FB0 SymGetSymFromName
1269 97 00123FB0 SymGetSymFromName64
1270 98 00124020 SymGetSymNext
1271 99 00124020 SymGetSymNext64
1272 9A 00124040 SymGetSymPrev
1273 9B 00124040 SymGetSymPrev64
1274 9C 0012D4E0 SymGetSymbolFile
1275 9D 0012D610 SymGetSymbolFileW
1276 9E 00124050 SymGetTypeFromName
1277 9F 00124100 SymGetTypeFromNameW
1278 A0 00124270 SymGetTypeInfo
1279 A1 001242B0 SymGetTypeInfoEx
1280 A2 001242E0 SymGetUnwindInfo
1281 A3 000115E0 SymInitialize
1282 A4 00016D80 SymInitializeW
1283 A5 00019ED0 SymLoadModule
1284 A6 00019ED0 SymLoadModule64
1285 A7 00019F10 SymLoadModuleEx
1286 A8 00124470 SymLoadModuleExW
1287 A9 001244D0 SymMatchFileName
1288 AA 001245E0 SymMatchFileNameW
1289 AB 001246D0 SymMatchString
1290 AC 00124710 SymMatchStringA
1291 AD 00124720 SymMatchStringW
1292 AE 00124760 SymNext
1293 AF 00124800 SymNextW
1294 B0 00124820 SymPrev
1295 B1 001248C0 SymPrevW
1296 B2 001248D0 SymQueryInlineTrace
1297 B3 00124BE0 SymRefreshModuleList
1298 B4 00124C60 SymRegisterCallback
1299 B5 00124C60 SymRegisterCallback64
1300 B6 00124CE0 SymRegisterCallbackW64
1301 B7 00124D70 SymRegisterFunctionEntryCallback
1302 B8 00124D70 SymRegisterFunctionEntryCallback64
1303 B9 00124DF0 SymSearch
1304 BA 00124EB0 SymSearchW
1305 BB 00124F30 SymSetContext
1124 BC 00120A10 SymSetDiaSession
1306 BD 00124FF0 SymSetExtendedOption
1307 BE 00125020 SymSetHomeDirectory
1308 BF 001250C0 SymSetHomeDirectoryW
1309 C0 00017210 SymSetOptions
1310 C1 00125140 SymSetParentWindow
1311 C2 00125170 SymSetScopeFromAddr
1312 C3 00125180 SymSetScopeFromIndex
1313 C4 00125240 SymSetScopeFromInlineContext
1314 C5 00125300 SymSetSearchPath
1315 C6 00016A20 SymSetSearchPathW
1316 C7 0012DAC0 SymSrvDeltaName
1317 C8 0012DB90 SymSrvDeltaNameW
1318 C9 0012DD30 SymSrvGetFileIndexInfo
1319 CA 0012DE10 SymSrvGetFileIndexInfoW
1320 CB 0012DF50 SymSrvGetFileIndexString
1321 CC 0012E010 SymSrvGetFileIndexStringW
1322 CD 0012E0E0 SymSrvGetFileIndexes
1323 CE 0012E150 SymSrvGetFileIndexesW
1324 CF 0012E210 SymSrvGetSupplement
1325 D0 0012E2D0 SymSrvGetSupplementW
1326 D1 0012E3F0 SymSrvIsStore
1327 D2 0012E440 SymSrvIsStoreW
1328 D3 0012E580 SymSrvStoreFile
1329 D4 0012E620 SymSrvStoreFileW
1330 D5 0012E6E0 SymSrvStoreSupplement
1331 D6 0012E7B0 SymSrvStoreSupplementW
1332 D7 00125350 SymUnDName
1333 D8 00125350 SymUnDName64
1334 D9 001253B0 SymUnloadModule
1335 DA 001253B0 SymUnloadModule64
1336 DB 00008380 UnDecorateSymbolName
1337 DC 001254A0 UnDecorateSymbolNameW
1338 DD 00116570 WinDbgExtensionDllInit
1125 DE 001120D0 _EFN_DumpImage
1339 DF 001165C0 block
1340 E0 00116790 chksym
1341 E1 001255E0 dbghelp
1342 E2 00116980 dh
1343 E3 00116990 fptr
1344 E4 00116A20 homedir
1345 E5 00116B50 inlinedbg
1346 E6 00116BC0 itoldyouso
1347 E7 00116DB0 lmi
1348 E8 001170D0 lminfo
1349 E9 001172F0 omap
1350 EA 00117510 optdbgdump
1351 EB 00117660 optdbgdumpaddr
1352 EC 001177B0 srcfiles
1353 ED 001178E0 stack_force_ebp
1354 EE 00117A50 stackdbg
1355 EF 00117C20 sym
1356 F0 00117D70 symsrv
1357 F1 00117DC0 vc7fpo
1101 0011FC00 [NONAME]
1102 0011FCF0 [NONAME]
1103 0011FE80 [NONAME]
1104 00120200 [NONAME]
1105 001208E0 [NONAME]
1106 00120970 [NONAME]
1107 0011FE40 [NONAME]
1108 00120130 [NONAME]
1109 00120860 [NONAME]
1110 00120900 [NONAME]
1115 0011FEC0 [NONAME]
1116 0011FF90 [NONAME]
1117 0011FAE0 [NONAME]
1118 0011FB90 [NONAME]
1119 000F7880 [NONAME]
Summary
25000 .data
1000 .didat
3000 .mrdata
12000 .pdata
4C000 .rdata
5000 .reloc
1000 .rsrc
156000 .text
Integridad de la dll dbghelp.dll
Algorithm Hash Path
--------- ---- ----
SHA256 735D07693CFBC08330E322675815ED1DE7B53F4E8FD970DBAAA9FD842E7E68C3 C:\Windows\System32\dbghelp.dll
Detalles sobre el fichero dll dbghelp.dll
PSPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32\dbghelp.dll
PSParentPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32
PSChildName : dbghelp.dll
PSDrive : C
PSProvider : Microsoft.PowerShell.Core\FileSystem
PSIsContainer : False
Mode : -a----
VersionInfo : File: C:\Windows\System32\dbghelp.dll
InternalName: DBGHELP.DLL
OriginalFilename: DBGHELP.DLL
FileVersion: 10.0.19041.488 (WinBuild.160101.0800)
FileDescription: Windows Image Helper
Product: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.488
Debug: False
Patched: False
PreRelease: False
PrivateBuild: False
SpecialBuild: False
Language: Inglés (Estados Unidos)
BaseName : dbghelp
Target : {C:\Windows\WinSxS\amd64_microsoft-windows-debughelp_31bf3856ad364e35_10.0.19041.488_none_d61c9e14acf975da\dbghe
lp.dll}
LinkType : HardLink
Name : dbghelp.dll
Length : 1866240
DirectoryName : C:\Windows\System32
Directory : C:\Windows\System32
IsReadOnly : False
Exists : True
FullName : C:\Windows\System32\dbghelp.dll
Extension : .dll
CreationTime : 20/09/2020 15:03:07
CreationTimeUtc : 20/09/2020 13:03:07
LastAccessTime : 03/12/2020 9:41:15
LastAccessTimeUtc : 03/12/2020 8:41:15
LastWriteTime : 20/09/2020 15:03:07
LastWriteTimeUtc : 20/09/2020 13:03:07
Attributes : Archive
Procesos que utilizan la dll dbghelp.dll
chrome
chrome
chrome
chrome
chrome
chrome
chrome
explorer
svchost
UserOOBEBroker