¿Para qué sirve la dll wevtfwd.dll?
Complemento de reenvío de eventos de WS-ManagementDependencias de la dll wevtfwd.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\wevtfwd.dll
File Type: DLL
Image has the following dependencies:
msvcrt.dll
ntdll.dll
KERNEL32.dll
ADVAPI32.dll
WsmSvc.DLL
wevtapi.dll
RPCRT4.dll
USERENV.dll
Summary
2000 .data
1000 .pdata
7000 .rdata
1000 .reloc
2000 .rsrc
10000 .text
Funciones que tiene la dll wevtfwd.dll
1 0 00002040 WSManPluginShutdown
2 1 00001DF0 WSManPluginStartup
3 2 00002460 WSManProvPullEvents
4 3 000020D0 WSManProvSubscribe
5 4 000022B0 WSManProvUnsubscribe
Información avanzada sobre funciones que tiene la dll wevtfwd.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\wevtfwd.dll
File Type: DLL
Section contains the following exports for WEVTFWD.DLL
00000000 characteristics
AF727384 time date stamp
0.00 version
1 ordinal base
5 number of functions
5 number of names
ordinal hint RVA name
1 0 00002040 WSManPluginShutdown
2 1 00001DF0 WSManPluginStartup
3 2 00002460 WSManProvPullEvents
4 3 000020D0 WSManProvSubscribe
5 4 000022B0 WSManProvUnsubscribe
Summary
2000 .data
1000 .pdata
7000 .rdata
1000 .reloc
2000 .rsrc
10000 .text
Integridad de la dll wevtfwd.dll
Algorithm Hash Path
--------- ---- ----
SHA256 B1B05D4AEB895665DC71750CA4DE7B6D17E8A7265FC1EEDF491FA8E1C43661D4 C:\Windows\System32\wevtfwd.dll
Detalles sobre el fichero dll wevtfwd.dll
PSPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32\wevtfwd.dll
PSParentPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32
PSChildName : wevtfwd.dll
PSDrive : C
PSProvider : Microsoft.PowerShell.Core\FileSystem
PSIsContainer : False
Mode : -a----
VersionInfo : File: C:\Windows\System32\wevtfwd.dll
InternalName: wevtfwd.dll
OriginalFilename: wevtfwd.dll.mui
FileVersion: 10.0.19041.561 (WinBuild.160101.0800)
FileDescription: Complemento de reenvío de eventos de WS-Management
Product: Sistema operativo Microsoft® Windows®
ProductVersion: 10.0.19041.561
Debug: False
Patched: False
PreRelease: False
PrivateBuild: False
SpecialBuild: False
Language: Español (España, internacional)
BaseName : wevtfwd
Target : {C:\Windows\WinSxS\amd64_microsoft-windows-eventlog-forwardplugin_31bf3856ad364e35_10.0.19041.1_none_2b5b36de8d376f2c\wevtfwd.dll}
LinkType : HardLink
Name : wevtfwd.dll
Length : 102912
DirectoryName : C:\Windows\System32
Directory : C:\Windows\System32
IsReadOnly : False
Exists : True
FullName : C:\Windows\System32\wevtfwd.dll
Extension : .dll
CreationTime : 07/12/2019 10:09:39
CreationTimeUtc : 07/12/2019 9:09:39
LastAccessTime : 03/12/2020 16:45:00
LastAccessTimeUtc : 03/12/2020 15:45:00
LastWriteTime : 07/12/2019 10:09:39
LastWriteTimeUtc : 07/12/2019 9:09:39
Attributes : Archive
Procesos que utilizan la dll wevtfwd.dll