¿Para qué sirve la dll wevtapi.dll?
API de configuración y consumo de eventosDependencias de la dll wevtapi.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\wevtapi.dll
File Type: DLL
Image has the following dependencies:
msvcp_win.dll
api-ms-win-crt-runtime-l1-1-0.dll
api-ms-win-crt-private-l1-1-0.dll
api-ms-win-crt-string-l1-1-0.dll
ntdll.dll
api-ms-win-core-heap-l1-1-0.dll
api-ms-win-core-synch-l1-1-0.dll
api-ms-win-core-localization-l1-2-0.dll
api-ms-win-eventing-provider-l1-1-0.dll
api-ms-win-core-errorhandling-l1-1-0.dll
api-ms-win-core-file-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-security-base-l1-1-0.dll
api-ms-win-core-synch-l1-2-0.dll
api-ms-win-core-handle-l1-1-0.dll
api-ms-win-core-threadpool-l1-2-0.dll
api-ms-win-core-debug-l1-1-0.dll
api-ms-win-core-string-l1-1-0.dll
api-ms-win-core-profile-l1-1-0.dll
api-ms-win-core-sysinfo-l1-1-0.dll
api-ms-win-core-interlocked-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-1.dll
api-ms-win-core-libraryloader-l1-2-0.dll
api-ms-win-eventing-classicprovider-l1-1-0.dll
api-ms-win-core-timezone-l1-1-0.dll
api-ms-win-core-heap-l2-1-0.dll
api-ms-win-core-processenvironment-l1-1-0.dll
api-ms-win-core-file-l2-1-0.dll
api-ms-win-core-delayload-l1-1-1.dll
api-ms-win-core-delayload-l1-1-0.dll
Image has the following delay load dependencies:
RPCRT4.dll
api-ms-win-security-sddl-l1-1-0.dll
bcrypt.dll
Summary
2000 .data
1000 .didat
4000 .pdata
11000 .rdata
1000 .reloc
2000 .rsrc
49000 .text
Funciones que tiene la dll wevtapi.dll
2 0 0002AE90 EvtArchiveExportedLog
3 1 0002B0F0 EvtCancel
4 2 0002B270 EvtClearLog
5 3 00006A40 EvtClose
6 4 0000C340 EvtCreateBookmark
7 5 00005B20 EvtCreateRenderContext
8 6 0002B4E0 EvtExportLog
9 7 0000F210 EvtFormatMessage
10 8 0000CA40 EvtGetChannelConfigProperty
11 9 0002B890 EvtGetEventInfo
12 A 0002B9A0 EvtGetEventMetadataProperty
13 B 0002BB50 EvtGetExtendedStatus
14 C 0000FA50 EvtGetLogInfo
15 D 00010C70 EvtGetObjectArrayProperty
16 E 00012640 EvtGetObjectArraySize
17 F 0000E6E0 EvtGetPublisherMetadataProperty
18 10 0002BB70 EvtGetQueryInfo
19 11 0000D950 EvtIntAssertConfig
20 12 0002D990 EvtIntCreateBinXMLFromCustomXML
21 13 0002D9E0 EvtIntCreateLocalLogfile
22 14 00012D10 EvtIntGetClassicLogDisplayName
23 15 0002DB90 EvtIntRenderResourceEventTemplate
24 16 EvtIntReportAuthzEventAndSourceAsync (forwarded to ntdll.EvtIntReportAuthzEventAndSourceAsync)
25 17 EvtIntReportEventAndSourceAsync (forwarded to ntdll.EvtIntReportEventAndSourceAsync)
26 18 00002140 EvtIntRetractConfig
1 19 0002CF80 EvtIntSysprepCleanup
27 1A 0002E140 EvtIntWriteXmlEventToLocalLogfile
28 1B 00004BE0 EvtNext
29 1C 00011FB0 EvtNextChannelPath
30 1D 0002C130 EvtNextEventMetadata
31 1E 00011EF0 EvtNextPublisherId
32 1F 00006750 EvtOpenChannelConfig
33 20 00011700 EvtOpenChannelEnum
34 21 0002C300 EvtOpenEventMetadataEnum
35 22 000107A0 EvtOpenLog
36 23 00011860 EvtOpenPublisherEnum
37 24 00005740 EvtOpenPublisherMetadata
38 25 00001890 EvtOpenSession
39 26 0000ABB0 EvtQuery
40 27 00002280 EvtRender
41 28 0002C4C0 EvtSaveChannelConfig
42 29 0000C200 EvtSeek
43 2A 0002C620 EvtSetChannelConfigProperty
44 2B 0000AFD0 EvtSubscribe
45 2C 00002850 EvtUpdateBookmark
Información avanzada sobre funciones que tiene la dll wevtapi.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\wevtapi.dll
File Type: DLL
Section contains the following exports for wevtapi.dll
00000000 characteristics
1421F1B3 time date stamp
0.00 version
1 ordinal base
45 number of functions
45 number of names
ordinal hint RVA name
2 0 0002AE90 EvtArchiveExportedLog
3 1 0002B0F0 EvtCancel
4 2 0002B270 EvtClearLog
5 3 00006A40 EvtClose
6 4 0000C340 EvtCreateBookmark
7 5 00005B20 EvtCreateRenderContext
8 6 0002B4E0 EvtExportLog
9 7 0000F210 EvtFormatMessage
10 8 0000CA40 EvtGetChannelConfigProperty
11 9 0002B890 EvtGetEventInfo
12 A 0002B9A0 EvtGetEventMetadataProperty
13 B 0002BB50 EvtGetExtendedStatus
14 C 0000FA50 EvtGetLogInfo
15 D 00010C70 EvtGetObjectArrayProperty
16 E 00012640 EvtGetObjectArraySize
17 F 0000E6E0 EvtGetPublisherMetadataProperty
18 10 0002BB70 EvtGetQueryInfo
19 11 0000D950 EvtIntAssertConfig
20 12 0002D990 EvtIntCreateBinXMLFromCustomXML
21 13 0002D9E0 EvtIntCreateLocalLogfile
22 14 00012D10 EvtIntGetClassicLogDisplayName
23 15 0002DB90 EvtIntRenderResourceEventTemplate
24 16 EvtIntReportAuthzEventAndSourceAsync (forwarded to ntdll.EvtIntReportAuthzEventAndSourceAsync)
25 17 EvtIntReportEventAndSourceAsync (forwarded to ntdll.EvtIntReportEventAndSourceAsync)
26 18 00002140 EvtIntRetractConfig
1 19 0002CF80 EvtIntSysprepCleanup
27 1A 0002E140 EvtIntWriteXmlEventToLocalLogfile
28 1B 00004BE0 EvtNext
29 1C 00011FB0 EvtNextChannelPath
30 1D 0002C130 EvtNextEventMetadata
31 1E 00011EF0 EvtNextPublisherId
32 1F 00006750 EvtOpenChannelConfig
33 20 00011700 EvtOpenChannelEnum
34 21 0002C300 EvtOpenEventMetadataEnum
35 22 000107A0 EvtOpenLog
36 23 00011860 EvtOpenPublisherEnum
37 24 00005740 EvtOpenPublisherMetadata
38 25 00001890 EvtOpenSession
39 26 0000ABB0 EvtQuery
40 27 00002280 EvtRender
41 28 0002C4C0 EvtSaveChannelConfig
42 29 0000C200 EvtSeek
43 2A 0002C620 EvtSetChannelConfigProperty
44 2B 0000AFD0 EvtSubscribe
45 2C 00002850 EvtUpdateBookmark
Summary
2000 .data
1000 .didat
4000 .pdata
11000 .rdata
1000 .reloc
2000 .rsrc
49000 .text
Integridad de la dll wevtapi.dll
Algorithm Hash Path
--------- ---- ----
SHA256 E35481A2D1567304EA5B7C46FCCB876A55B31A1E753AC5B66D0EE511AC614BA0 C:\Windows\System32\wevtapi.dll
Detalles sobre el fichero dll wevtapi.dll
PSPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32\wevtapi.dll
PSParentPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32
PSChildName : wevtapi.dll
PSDrive : C
PSProvider : Microsoft.PowerShell.Core\FileSystem
PSIsContainer : False
Mode : -a----
VersionInfo : File: C:\Windows\System32\wevtapi.dll
InternalName: wevtapi.dll
OriginalFilename: wevtapi.dll.mui
FileVersion: 10.0.19041.561 (WinBuild.160101.0800)
FileDescription: API de configuración y consumo de eventos
Product: Sistema operativo Microsoft® Windows®
ProductVersion: 10.0.19041.561
Debug: False
Patched: False
PreRelease: False
PrivateBuild: False
SpecialBuild: False
Language: Español (España, internacional)
BaseName : wevtapi
Target : {C:\Windows\WinSxS\amd64_microsoft-windows-eventlog-api_31bf3856ad364e35_10.0.19041.546_none_8a2a491cc4197cde\wevtapi.dll}
LinkType : HardLink
Name : wevtapi.dll
Length : 403384
DirectoryName : C:\Windows\System32
Directory : C:\Windows\System32
IsReadOnly : False
Exists : True
FullName : C:\Windows\System32\wevtapi.dll
Extension : .dll
CreationTime : 21/11/2020 8:43:21
CreationTimeUtc : 21/11/2020 7:43:21
LastAccessTime : 03/12/2020 16:44:50
LastAccessTimeUtc : 03/12/2020 15:44:50
LastWriteTime : 21/11/2020 8:43:21
LastWriteTimeUtc : 21/11/2020 7:43:21
Attributes : Archive
Procesos que utilizan la dll wevtapi.dll
explorer