dmenterprisediagnostics



¿Para qué sirve la dll dmenterprisediagnostics.dll?

ETW para MDM Enterprise Diagnostics

Dependencias de la dll dmenterprisediagnostics.dll

Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation.  All rights reserved.


Dump of file C:\Windows\System32\dmenterprisediagnostics.dll

File Type: DLL

  Image has the following dependencies:

    msvcrt.dll
    api-ms-win-core-libraryloader-l1-2-0.dll
    OLEAUT32.dll
    api-ms-win-core-registry-l1-1-0.dll
    api-ms-win-core-synch-l1-1-0.dll
    api-ms-win-core-heap-l1-1-0.dll
    api-ms-win-core-errorhandling-l1-1-0.dll
    api-ms-win-core-com-l1-1-0.dll
    api-ms-win-core-processthreads-l1-1-0.dll
    api-ms-win-core-localization-l1-2-0.dll
    api-ms-win-core-debug-l1-1-0.dll
    api-ms-win-core-handle-l1-1-0.dll
    api-ms-win-core-synch-l1-2-0.dll
    api-ms-win-core-rtlsupport-l1-1-0.dll
    api-ms-win-core-profile-l1-1-0.dll
    api-ms-win-core-sysinfo-l1-1-0.dll
    ntdll.dll
    api-ms-win-eventing-controller-l1-1-0.dll
    api-ms-win-core-file-l2-1-0.dll
    api-ms-win-eventing-consumer-l1-1-0.dll
    api-ms-win-eventing-classicprovider-l1-1-0.dll
    api-ms-win-core-timezone-l1-1-0.dll
    api-ms-win-core-libraryloader-l1-2-1.dll
    api-ms-win-core-file-l1-1-0.dll
    api-ms-win-core-file-l1-2-0.dll
    api-ms-win-core-memory-l1-1-0.dll
    api-ms-win-core-wow64-l1-1-0.dll
    api-ms-win-core-version-l1-1-0.dll
    api-ms-win-core-processenvironment-l1-1-0.dll
    api-ms-win-eventing-provider-l1-1-0.dll
    api-ms-win-core-file-l2-1-2.dll
    api-ms-win-core-string-l1-1-0.dll
    api-ms-win-core-delayload-l1-1-1.dll
    api-ms-win-core-delayload-l1-1-0.dll

  Image has the following delay load dependencies:

    bcrypt.dll
    ext-ms-win-devmgmt-dm-l1-1-1.dll

  Summary

        3000 .data
        1000 .didat
        3000 .pdata
        E000 .rdata
        1000 .reloc
       13000 .rsrc
       2C000 .text

Funciones que tiene la dll dmenterprisediagnostics.dll

1    0 00004DE0 CollectDiagnosticsAutoLog
2    1 00004D40 GatherAutoLogEventsFromMobile
3    2 00004DB0 RecordDiagnosticsError
4    3 00004700 SetupAutoLog
5    4 00004750 SetupAutoLogWithTraceLevel
6    5 00004960 StartAutoLog
7    6 00004990 StopAutoLog
8    7 000049A0 TearDownAutoLog

Información avanzada sobre funciones que tiene la dll dmenterprisediagnostics.dll

Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation.  All rights reserved.


Dump of file C:\Windows\System32\dmenterprisediagnostics.dll

File Type: DLL

  Section contains the following exports for dmenterprisediagnostics.dll

    00000000 characteristics
    A417DECC time date stamp
        0.00 version
           1 ordinal base
           8 number of functions
           8 number of names

    ordinal hint RVA      name

          1    0 00004DE0 CollectDiagnosticsAutoLog
          2    1 00004D40 GatherAutoLogEventsFromMobile
          3    2 00004DB0 RecordDiagnosticsError
          4    3 00004700 SetupAutoLog
          5    4 00004750 SetupAutoLogWithTraceLevel
          6    5 00004960 StartAutoLog
          7    6 00004990 StopAutoLog
          8    7 000049A0 TearDownAutoLog

  Summary

        3000 .data
        1000 .didat
        3000 .pdata
        E000 .rdata
        1000 .reloc
       13000 .rsrc
       2C000 .text

Integridad de la dll dmenterprisediagnostics.dll

Algorithm       Hash                                                                   Path                                         
---------       ----                                                                   ----                                         
SHA256          F870BC28A7D2453BDA4C2A63CE561C1CD33B733FD66048FE0C30A5C511083278       C:\Windows\System32\dmenterprisediagnostic...

Detalles sobre el fichero dll dmenterprisediagnostics.dll

PSPath            : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32\dmenterprisediagnostics.dll
PSParentPath      : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32
PSChildName       : dmenterprisediagnostics.dll
PSDrive           : C
PSProvider        : Microsoft.PowerShell.Core\FileSystem
PSIsContainer     : False
Mode              : -a----
VersionInfo       : File:             C:\Windows\System32\dmenterprisediagnostics.dll
                    InternalName:     ETW for MDM Enterprise Diagnostics
                    OriginalFilename: dmenterprisediagnostics.dll.mui
                    FileVersion:      10.0.19041.561 (WinBuild.160101.0800)
                    FileDescription:  ETW para MDM Enterprise Diagnostics
                    Product:          Sistema operativo Microsoft® Windows®
                    ProductVersion:   10.0.19041.561
                    Debug:            False
                    Patched:          False
                    PreRelease:       False
                    PrivateBuild:     False
                    SpecialBuild:     False
                    Language:         Español (España, internacional)
                    
BaseName          : dmenterprisediagnostics
Target            : {C:\Windows\WinSxS\amd64_microsoft-windows-d..terprisediagnostics_31bf3856ad364e35_10.0.19041.488_none_aeef3917e
                    2b2cceb\dmenterprisediagnostics.dll}
LinkType          : HardLink
Name              : dmenterprisediagnostics.dll
Length            : 328704
DirectoryName     : C:\Windows\System32
Directory         : C:\Windows\System32
IsReadOnly        : False
Exists            : True
FullName          : C:\Windows\System32\dmenterprisediagnostics.dll
Extension         : .dll
CreationTime      : 20/09/2020 15:03:20
CreationTimeUtc   : 20/09/2020 13:03:20
LastAccessTime    : 03/12/2020 10:02:08
LastAccessTimeUtc : 03/12/2020 9:02:08
LastWriteTime     : 20/09/2020 15:03:20
LastWriteTimeUtc  : 20/09/2020 13:03:20
Attributes        : Archive

Procesos que utilizan la dll dmenterprisediagnostics.dll