edpauditapi



¿Para qué sirve la dll edpauditapi.dll?

EDP Audit API

Dependencias de la dll edpauditapi.dll

Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation.  All rights reserved.


Dump of file C:\Windows\System32\edpauditapi.dll

File Type: DLL

  Image has the following dependencies:

    msvcrt.dll
    api-ms-win-eventing-provider-l1-1-0.dll
    api-ms-win-core-libraryloader-l1-2-0.dll
    api-ms-win-core-synch-l1-1-0.dll
    api-ms-win-core-heap-l1-1-0.dll
    api-ms-win-core-errorhandling-l1-1-0.dll
    api-ms-win-eventing-consumer-l1-1-0.dll
    api-ms-win-eventing-controller-l1-1-0.dll
    api-ms-win-core-processthreads-l1-1-0.dll
    api-ms-win-core-localization-l1-2-0.dll
    api-ms-win-core-debug-l1-1-0.dll
    api-ms-win-core-handle-l1-1-0.dll
    api-ms-win-core-sysinfo-l1-1-0.dll
    api-ms-win-core-synch-l1-2-0.dll
    api-ms-win-core-rtlsupport-l1-1-0.dll
    api-ms-win-core-profile-l1-1-0.dll
    api-ms-win-eventing-tdh-l1-1-0.dll
    ntdll.dll
    api-ms-win-core-file-l1-1-0.dll
    api-ms-win-core-com-l1-1-0.dll
    api-ms-win-security-sddl-l1-1-0.dll
    api-ms-win-core-heap-l2-1-0.dll
    WS2_32.dll
    api-ms-win-core-timezone-l1-1-0.dll
    api-ms-win-core-delayload-l1-1-1.dll
    api-ms-win-core-delayload-l1-1-0.dll
    api-ms-win-core-string-l1-1-0.dll
    api-ms-win-core-util-l1-1-0.dll

  Image has the following delay load dependencies:

    FeClient.dll

  Summary

        2000 .data
        1000 .didat
        2000 .pdata
        9000 .rdata
        1000 .reloc
        3000 .rsrc
       16000 .text

Funciones que tiene la dll edpauditapi.dll

2    0 00003E10 EdpAuditHarden
3    1 00012890 EdpAuditLogApplicationGenerated
4    2 00012A90 EdpAuditLogApplicationLearning
5    3 000126B0 EdpAuditLogDataCopied
6    4 00012EA0 EdpAuditLogProtectionRemoved
7    5 00012D30 EdpAuditLogSiteLearning
8    6 00013050 EdpAuditLoggerRegister
9    7 00013070 EdpAuditLoggerUnregister
10    8 00003EB0 EdpAuditRead
1    9 00004560 EdpFlushTraces
11    A 00003F80 EdpGetLogFullPathFromRelativePath
12    B 000052E0 ReadAuditLogByCount
13    C 00005190 ReadAuditLogByTimeRange

Información avanzada sobre funciones que tiene la dll edpauditapi.dll

Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation.  All rights reserved.


Dump of file C:\Windows\System32\edpauditapi.dll

File Type: DLL

  Section contains the following exports for edpauditapi.dll

    00000000 characteristics
      5E7CEF time date stamp
        0.00 version
           1 ordinal base
          13 number of functions
          13 number of names

    ordinal hint RVA      name

          2    0 00003E10 EdpAuditHarden
          3    1 00012890 EdpAuditLogApplicationGenerated
          4    2 00012A90 EdpAuditLogApplicationLearning
          5    3 000126B0 EdpAuditLogDataCopied
          6    4 00012EA0 EdpAuditLogProtectionRemoved
          7    5 00012D30 EdpAuditLogSiteLearning
          8    6 00013050 EdpAuditLoggerRegister
          9    7 00013070 EdpAuditLoggerUnregister
         10    8 00003EB0 EdpAuditRead
          1    9 00004560 EdpFlushTraces
         11    A 00003F80 EdpGetLogFullPathFromRelativePath
         12    B 000052E0 ReadAuditLogByCount
         13    C 00005190 ReadAuditLogByTimeRange

  Summary

        2000 .data
        1000 .didat
        2000 .pdata
        9000 .rdata
        1000 .reloc
        3000 .rsrc
       16000 .text

Integridad de la dll edpauditapi.dll

Algorithm       Hash                                                                   Path                                         
---------       ----                                                                   ----                                         
SHA256          2A7A66AFD6D3853FA3B3C19DAF67D1064A2183F5040CB1A1A1D4150225D8920F       C:\Windows\System32\edpauditapi.dll          

Detalles sobre el fichero dll edpauditapi.dll

PSPath            : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32\edpauditapi.dll
PSParentPath      : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32
PSChildName       : edpauditapi.dll
PSDrive           : C
PSProvider        : Microsoft.PowerShell.Core\FileSystem
PSIsContainer     : False
Mode              : -a----
VersionInfo       : File:             C:\Windows\System32\edpauditapi.dll
                    InternalName:     edpauditapi.dll
                    OriginalFilename: edpauditapi.dll
                    FileVersion:      10.0.19041.1 (WinBuild.160101.0800)
                    FileDescription:  EDP Audit API
                    Product:          Microsoft® Windows® Operating System
                    ProductVersion:   10.0.19041.1
                    Debug:            False
                    Patched:          False
                    PreRelease:       False
                    PrivateBuild:     False
                    SpecialBuild:     False
                    Language:         Inglés (Estados Unidos)
                    
BaseName          : edpauditapi
Target            : {C:\Windows\WinSxS\amd64_microsoft-windows-edp-audit_31bf3856ad364e35_10.0.19041.1_none_1b13e3d6808d0e6a\edpaudi
                    tapi.dll}
LinkType          : HardLink
Name              : edpauditapi.dll
Length            : 140288
DirectoryName     : C:\Windows\System32
Directory         : C:\Windows\System32
IsReadOnly        : False
Exists            : True
FullName          : C:\Windows\System32\edpauditapi.dll
Extension         : .dll
CreationTime      : 07/12/2019 10:08:52
CreationTimeUtc   : 07/12/2019 9:08:52
LastAccessTime    : 03/12/2020 10:27:29
LastAccessTimeUtc : 03/12/2020 9:27:29
LastWriteTime     : 07/12/2019 10:08:52
LastWriteTimeUtc  : 07/12/2019 9:08:52
Attributes        : Archive

Procesos que utilizan la dll edpauditapi.dll