Windows 10 DLL File Information - wevtapi.dll |
The following DLL report was generated by automatic DLL script that scanned and loaded all DLL files in the system32 directory of Windows 10, extracted the information from them, and then saved it into HTML reports. If you want to view a report of another DLL, go to the main page of this Web site.
General Information
File Description: | Eventing Consumption and Configuration API |
File Version: | 10.0.10130.0 (fbl_impressive.150522-2224) |
Company: | Microsoft Corporation |
Product Name: | Microsoft® Windows® Operating System |
DLL popularity | Medium - 28 other DLL files in system32 directory are statically linked to this file. |
File Size: | 301 KB |
Total Number of Exported Functions: | 46 |
Total Number of Exported Functions With Names: | 46 |
Section Headers
Name | Virtual Address | Raw Data Size | % of File | Characteristics | Section Contains... |
---|---|---|---|---|---|
.text | 0x00001000 | 268,800 Bytes | 87.1% | Read, Execute | Code |
.data | 0x00043000 | 512 Bytes | 0.2% | Write, Read | Initialized Data |
.idata | 0x00044000 | 5,632 Bytes | 1.8% | Read | Initialized Data |
.didat | 0x00046000 | 512 Bytes | 0.2% | Write, Read | Initialized Data |
.rsrc | 0x00047000 | 5,120 Bytes | 1.7% | Read | Initialized Data |
.reloc | 0x00049000 | 15,360 Bytes | 5.0% | Read, Discardable | Initialized Data |
Static Linking
wevtapi.dll is statically linked to the following files:msvcrt.dll
ntdll.dll
api-ms-win-core-synch-l1-2-0.dll
api-ms-win-core-heap-l1-2-0.dll
api-ms-win-core-localization-l1-2-1.dll
api-ms-win-core-processthreads-l1-1-2.dll
api-ms-win-core-processenvironment-l1-2-0.dll
api-ms-win-core-errorhandling-l1-1-1.dll
api-ms-win-core-file-l1-2-1.dll
api-ms-win-security-base-l1-2-0.dll
api-ms-win-core-heap-l2-1-0.dll
api-ms-win-core-threadpool-l1-2-0.dll
api-ms-win-core-handle-l1-1-0.dll
api-ms-win-core-debug-l1-1-1.dll
api-ms-win-core-profile-l1-1-0.dll
api-ms-win-core-sysinfo-l1-2-1.dll
api-ms-win-core-threadpool-legacy-l1-1-0.dll
api-ms-win-core-string-obsolete-l1-1-0.dll
api-ms-win-core-threadpool-private-l1-1-0.dll
api-ms-win-core-string-l1-1-0.dll
api-ms-win-core-libraryloader-l1-2-0.dll
api-ms-win-core-timezone-l1-1-0.dll
bcrypt.dll
api-ms-win-core-file-l2-1-1.dll
api-ms-win-core-delayload-l1-1-1.dll
This means that when wevtapi.dll is loaded, the above files are automatically loaded too. If one of these files is corrupted or missing, wevtapi.dll won't be loaded.
General Resources Information
Resource Type | Number of Items | Total Size | % of File |
---|---|---|---|
Icons | 0 | 0 Bytes | 0.0% |
Animated Icons | 0 | 0 Bytes | 0.0% |
Cursors | 0 | 0 Bytes | 0.0% |
Animated Cursors | 0 | 0 Bytes | 0.0% |
Bitmaps | 0 | 0 Bytes | 0.0% |
AVI Files | 0 | 0 Bytes | 0.0% |
Dialog-Boxes | 0 | 0 Bytes | 0.0% |
HTML Related Files | 0 | 0 Bytes | 0.0% |
Menus | 0 | 0 Bytes | 0.0% |
Strings | 0 | 0 Bytes | 0.0% |
Type Libraries | 0 | 0 Bytes | 0.0% |
Manifest | 0 | 0 Bytes | 0.0% |
All Others | 4 | 6,042 Bytes | 2.0% |
Total | 4 | 6,042 Bytes | 2.0% |
Icons in this file
No icons found in this file
Cursors in this file
No cursors found in this file
Dialog-boxes list (up to 1000 dialogs)
No dialog resources in this file.
String resources in this dll (up to 1000 strings)
No string resources in this file.
COM Classes/Interfaces
There is no type library in this file with COM classes/interfaces information
Exported Functions List
The following functions are exported by this dll:EvtArchiveExportedLog | EvtCancel | EvtClearLog |
EvtClose | EvtCreateBookmark | EvtCreateRenderContext |
EvtExportLog | EvtFormatMessage | EvtGetChannelConfigProperty |
EvtGetEventInfo | EvtGetEventMetadataProperty | EvtGetExtendedStatus |
EvtGetLogInfo | EvtGetObjectArrayProperty | EvtGetObjectArraySize |
EvtGetPublisherMetadataProperty | EvtGetQueryInfo | EvtIntAssertConfig |
EvtIntCreateBinXMLFromCustomXML | EvtIntCreateLocalLogfile | EvtIntGetClassicLogDisplayName |
EvtIntRenderResourceEventTemplate | EvtIntReportAuthzEventAndSourceAsync | EvtIntReportEventAndSourceAsync |
EvtIntRetractConfig | EvtIntSysprepCleanup | EvtIntWriteXmlEventToLocalLogfile |
EvtNext | EvtNextChannelPath | EvtNextEventMetadata |
EvtNextPublisherId | EvtOpenChannelConfig | EvtOpenChannelEnum |
EvtOpenEventMetadataEnum | EvtOpenLog | EvtOpenPublisherEnum |
EvtOpenPublisherMetadata | EvtOpenSession | EvtQuery |
EvtRender | EvtSaveChannelConfig | EvtSeek |
EvtSetChannelConfigProperty | EvtSetObjectArrayProperty | EvtSubscribe |
EvtUpdateBookmark |
Imported Functions List
The following functions are imported by this dll:- msvcrt.dll:
_CxxThrowException _XcptFilter __CxxFrameHandler __dllonexit _amsg_exit _except_handler4_common _i64tow _i64tow_s _initterm _itow_s _lock _onexit _purecall _ui64tow_s _ultow_s _unlock _vsnwprintf _wcsicmp _wcsnicmp _wcstoi64 _wcstoui64 _wsplitpath_s _wtof _wtoi _wtoi64 _wtol free iswalnum iswalpha iswdigit iswspace malloc memcmp memcpy memcpy_s memmove_s memset public: __thiscall exception::exception(char const * const &) public: __thiscall exception::exception(class exception const &) public: __thiscall exception::exception(void) public: virtual __thiscall exception::~exception(void) public: virtual __thiscall type_info::~type_info(void) public: virtual char const * __thiscall exception::what(void)const swprintf_s swscanf_s void __cdecl terminate(void) wcschr wcsncpy_s wcsrchr - ntdll.dll:
EtwGetTraceEnableFlags EtwGetTraceEnableLevel EtwGetTraceLoggerHandle EtwRegisterTraceGuidsW EtwTraceMessage EtwUnregisterTraceGuids NtReadFile NtWriteFile RtlNtStatusToDosError RtlRestoreLastWin32Error RtlSetLastWin32ErrorAndNtStatusFromNtStatus - api-ms-win-core-synch-l1-2-0.dll:
KernelBase!CreateEventW KernelBase!InitializeCriticalSectionAndSpinCount KernelBase!ResetEvent KernelBase!SetEvent KernelBase!Sleep KernelBase!SleepConditionVariableCS KernelBase!WaitForSingleObject ntdll!RtlDeleteCriticalSection ntdll!RtlEnterCriticalSection ntdll!RtlInitializeConditionVariable ntdll!RtlLeaveCriticalSection ntdll!RtlWakeAllConditionVariable - api-ms-win-core-heap-l1-2-0.dll:
KernelBase!GetProcessHeap ntdll!RtlAllocateHeap ntdll!RtlFreeHeap - api-ms-win-core-localization-l1-2-1.dll:
KernelBase!FormatMessageW KernelBase!GetLocaleInfoW KernelBase!GetThreadLocale KernelBase!GetThreadUILanguage - api-ms-win-core-processthreads-l1-1-2.dll:
kernel32!GetCurrentProcess kernel32!GetCurrentProcessId kernel32!GetCurrentThreadId kernel32!TerminateProcess kernel32!TlsAlloc kernel32!TlsFree kernel32!TlsGetValue kernel32!TlsSetValue - api-ms-win-core-processenvironment-l1-2-0.dll:
KernelBase!ExpandEnvironmentStringsW - api-ms-win-core-errorhandling-l1-1-1.dll:
KernelBase!GetLastError KernelBase!SetUnhandledExceptionFilter KernelBase!UnhandledExceptionFilter ntdll!RtlRestoreLastWin32Error - api-ms-win-core-file-l1-2-1.dll:
KernelBase!CreateFileW KernelBase!DeleteFileW KernelBase!FlushFileBuffers KernelBase!GetDiskFreeSpaceExW KernelBase!GetFileAttributesW KernelBase!GetFileInformationByHandle KernelBase!GetFileSizeEx KernelBase!GetFullPathNameW KernelBase!GetTempFileNameW KernelBase!ReadFile KernelBase!SetEndOfFile KernelBase!SetFilePointerEx - api-ms-win-security-base-l1-2-0.dll:
KernelBase!GetLengthSid KernelBase!IsValidSid - api-ms-win-core-heap-l2-1-0.dll:
KernelBase!LocalAlloc KernelBase!LocalFree - api-ms-win-core-threadpool-l1-2-0.dll:
KernelBase!CreateThreadpoolCleanupGroup KernelBase!CreateThreadpoolTimer KernelBase!CreateThreadpoolWork ntdll!TpCallbackUnloadDllOnCompletion ntdll!TpPostWork ntdll!TpReleaseCleanupGroup ntdll!TpReleaseTimer ntdll!TpReleaseWork ntdll!TpSetTimer ntdll!TpWaitForTimer - api-ms-win-core-handle-l1-1-0.dll:
KernelBase!CloseHandle KernelBase!DuplicateHandle - api-ms-win-core-debug-l1-1-1.dll:
KernelBase!DebugBreak KernelBase!OutputDebugStringA - api-ms-win-core-profile-l1-1-0.dll:
ntdll!RtlQueryPerformanceCounter - api-ms-win-core-sysinfo-l1-2-1.dll:
KernelBase!GetSystemTimeAsFileTime KernelBase!GetTickCount KernelBase!GetTickCount64 - api-ms-win-core-threadpool-legacy-l1-1-0.dll:
KernelBase!UnregisterWaitEx - api-ms-win-core-string-obsolete-l1-1-0.dll:
kernel32!lstrcmpiW - api-ms-win-core-threadpool-private-l1-1-0.dll:
KernelBase!RegisterWaitForSingleObjectEx - api-ms-win-core-string-l1-1-0.dll:
KernelBase!MultiByteToWideChar KernelBase!WideCharToMultiByte - api-ms-win-core-libraryloader-l1-2-0.dll:
KernelBase!FreeLibrary KernelBase!GetModuleHandleExW - api-ms-win-core-timezone-l1-1-0.dll:
KernelBase!FileTimeToSystemTime KernelBase!SystemTimeToFileTime - bcrypt.dll:
BCryptCloseAlgorithmProvider BCryptCreateHash BCryptDestroyHash BCryptFinishHash BCryptGetProperty BCryptHashData BCryptOpenAlgorithmProvider - api-ms-win-core-file-l2-1-1.dll:
KernelBase!MoveFileExW - api-ms-win-core-delayload-l1-1-1.dll:
KernelBase!DelayLoadFailureHook KernelBase!ResolveDelayLoadedAPI