Windows.System.Diagnostics.dll
Description: Windows System Diagnostics DLL
Authors: © Microsoft Corporation. All rights reserved.
Version: 10.0.19041.6456
Architecture: 32-bit
Operating System: Windows NT
SHA256: 22be29a180279f60063d5e5f1bc25ded
File Size: 290.0 KB
Uploaded At: Dec. 1, 2025, 8:07 a.m.
Views: 13
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: OpenProcess
Exported Functions
- DllCanUnloadNow (Ordinal: 1, Address: 0x106c0)
- DllGetActivationFactory (Ordinal: 2, Address: 0x10710)
Imported DLLs & Functions
api-ms-win-appmodel-runtime-l1-1-0.dll
- GetApplicationUserModelId (Address: 0x10043050)
- GetPackageFamilyName (Address: 0x10043044)
- GetPackageFullName (Address: 0x1004304c)
- PackageFamilyNameFromFullName (Address: 0x10043048)
api-ms-win-appmodel-runtime-l1-1-1.dll
- FormatApplicationUserModelId (Address: 0x1004305c)
- ParseApplicationUserModelId (Address: 0x10043058)
api-ms-win-core-biptcltapi-l1-1-7.dll
- BiPtEnumerateWorkItemsForPackageNameEx (Address: 0x10043068)
- BiPtFreeMemory (Address: 0x1004306c)
- BiPtQueryWorkItemEx (Address: 0x10043064)
api-ms-win-core-com-l1-1-0.dll
- CoCreateFreeThreadedMarshaler (Address: 0x100430a0)
- CoCreateInstance (Address: 0x10043080)
- CoGetApartmentType (Address: 0x10043088)
- CoGetCallContext (Address: 0x10043094)
- CoGetCallerTID (Address: 0x10043084)
- CoGetInterfaceAndReleaseStream (Address: 0x10043078)
- CoGetMalloc (Address: 0x10043098)
- CoIncrementMTAUsage (Address: 0x100430a8)
- CoInitializeEx (Address: 0x1004307c)
- CoMarshalInterface (Address: 0x10043074)
- CoReleaseMarshalData (Address: 0x10043090)
- CoTaskMemAlloc (Address: 0x100430a4)
- CoTaskMemFree (Address: 0x1004308c)
- CreateStreamOnHGlobal (Address: 0x1004309c)
api-ms-win-core-com-l1-1-1.dll
- RoGetAgileReference (Address: 0x100430b0)
api-ms-win-core-debug-l1-1-0.dll
- DebugBreak (Address: 0x100430b8)
- IsDebuggerPresent (Address: 0x100430c0)
- OutputDebugStringW (Address: 0x100430bc)
api-ms-win-core-delayload-l1-1-0.dll
- DelayLoadFailureHook (Address: 0x100430c8)
api-ms-win-core-delayload-l1-1-1.dll
- ResolveDelayLoadedAPI (Address: 0x100430d0)
api-ms-win-core-errorhandling-l1-1-0.dll
- GetLastError (Address: 0x100430e4)
- RaiseException (Address: 0x100430d8)
- SetLastError (Address: 0x100430e8)
- SetUnhandledExceptionFilter (Address: 0x100430dc)
- UnhandledExceptionFilter (Address: 0x100430e0)
api-ms-win-core-errorhandling-l1-1-2.dll
- RaiseFailFastException (Address: 0x100430f0)
api-ms-win-core-handle-l1-1-0.dll
- CloseHandle (Address: 0x100430f8)
- DuplicateHandle (Address: 0x100430fc)
api-ms-win-core-heap-l1-1-0.dll
- GetProcessHeap (Address: 0x1004310c)
- HeapAlloc (Address: 0x10043104)
- HeapFree (Address: 0x10043108)
api-ms-win-core-heap-l2-1-0.dll
- LocalAlloc (Address: 0x10043114)
- LocalFree (Address: 0x10043118)
api-ms-win-core-interlocked-l1-1-0.dll
- InitializeSListHead (Address: 0x10043124)
- InterlockedFlushSList (Address: 0x10043128)
- InterlockedPushEntrySList (Address: 0x10043120)
api-ms-win-core-job-l2-1-0.dll
- QueryInformationJobObject (Address: 0x10043130)
api-ms-win-core-kernel32-legacy-l1-1-0.dll
- RegisterWaitForSingleObject (Address: 0x10043138)
api-ms-win-core-libraryloader-l1-2-0.dll
- GetModuleFileNameA (Address: 0x10043148)
- GetModuleHandleExW (Address: 0x10043140)
- GetModuleHandleW (Address: 0x1004314c)
- GetProcAddress (Address: 0x10043144)
api-ms-win-core-localization-l1-2-0.dll
- FormatMessageW (Address: 0x10043154)
api-ms-win-core-processenvironment-l1-1-0.dll
- ExpandEnvironmentStringsW (Address: 0x1004315c)
api-ms-win-core-processthreads-l1-1-0.dll
- GetCurrentProcess (Address: 0x1004317c)
- GetCurrentProcessId (Address: 0x10043190)
- GetCurrentThread (Address: 0x10043170)
- GetCurrentThreadId (Address: 0x10043184)
- GetProcessId (Address: 0x10043174)
- OpenProcessToken (Address: 0x10043164)
- OpenThreadToken (Address: 0x10043194)
- SuspendThread (Address: 0x10043168)
- TerminateProcess (Address: 0x10043180)
- TlsAlloc (Address: 0x1004318c)
- TlsFree (Address: 0x10043188)
- TlsGetValue (Address: 0x1004316c)
- TlsSetValue (Address: 0x10043178)
api-ms-win-core-processthreads-l1-1-1.dll
- IsProcessorFeaturePresent (Address: 0x1004319c)
- OpenProcess (Address: 0x100431a0)
api-ms-win-core-processthreads-l1-1-2.dll
- GetSystemTimes (Address: 0x100431a8)
api-ms-win-core-profile-l1-1-0.dll
- QueryPerformanceCounter (Address: 0x100431b0)
api-ms-win-core-psapi-l1-1-0.dll
- QueryFullProcessImageNameW (Address: 0x100431b8)
api-ms-win-core-psm-key-l1-1-0.dll
- PsmGetApplicationNameFromKey (Address: 0x100431c0)
- PsmGetPackageFullNameFromKey (Address: 0x100431c4)
api-ms-win-core-registry-l1-1-0.dll
- RegCloseKey (Address: 0x100431dc)
- RegEnumKeyExW (Address: 0x100431d4)
- RegGetValueW (Address: 0x100431cc)
- RegOpenKeyExW (Address: 0x100431d8)
- RegQueryInfoKeyW (Address: 0x100431d0)
api-ms-win-core-string-l1-1-0.dll
- CompareStringOrdinal (Address: 0x100431e4)
- MultiByteToWideChar (Address: 0x100431e8)
api-ms-win-core-synch-l1-1-0.dll
- AcquireSRWLockExclusive (Address: 0x10043234)
- AcquireSRWLockShared (Address: 0x10043218)
- CancelWaitableTimer (Address: 0x10043230)
- CreateEventExW (Address: 0x10043210)
- CreateMutexExW (Address: 0x10043220)
- CreateSemaphoreExW (Address: 0x10043224)
- CreateWaitableTimerExW (Address: 0x10043204)
- InitializeSRWLock (Address: 0x10043200)
- OpenSemaphoreW (Address: 0x10043214)
- ReleaseMutex (Address: 0x100431f8)
- ReleaseSemaphore (Address: 0x1004322c)
- ReleaseSRWLockExclusive (Address: 0x10043228)
- ReleaseSRWLockShared (Address: 0x1004321c)
- ResetEvent (Address: 0x1004320c)
- SetEvent (Address: 0x100431f0)
- SetWaitableTimer (Address: 0x10043208)
- WaitForSingleObject (Address: 0x100431f4)
- WaitForSingleObjectEx (Address: 0x100431fc)
api-ms-win-core-synch-l1-2-0.dll
- InitOnceBeginInitialize (Address: 0x1004323c)
- InitOnceComplete (Address: 0x1004324c)
- InitOnceExecuteOnce (Address: 0x10043240)
- Sleep (Address: 0x10043248)
- WaitOnAddress (Address: 0x10043250)
- WakeByAddressAll (Address: 0x10043244)
api-ms-win-core-sysinfo-l1-1-0.dll
- GetSystemTimeAsFileTime (Address: 0x10043258)
- GetTickCount (Address: 0x1004325c)
api-ms-win-core-util-l1-1-0.dll
- DecodePointer (Address: 0x10043268)
- EncodePointer (Address: 0x10043264)
api-ms-win-core-winrt-error-l1-1-0.dll
- GetRestrictedErrorInfo (Address: 0x10043278)
- RoOriginateError (Address: 0x10043270)
- RoOriginateErrorW (Address: 0x1004327c)
- RoTransformError (Address: 0x10043280)
- SetRestrictedErrorInfo (Address: 0x10043274)
api-ms-win-core-winrt-error-l1-1-1.dll
- IsErrorPropagationEnabled (Address: 0x10043290)
- RoGetMatchingRestrictedErrorInfo (Address: 0x1004328c)
- RoOriginateLanguageException (Address: 0x10043288)
- RoReportFailedDelegate (Address: 0x10043294)
api-ms-win-core-winrt-l1-1-0.dll
- RoGetActivationFactory (Address: 0x100432a4)
- RoInitialize (Address: 0x100432a0)
- RoUninitialize (Address: 0x1004329c)
api-ms-win-core-winrt-string-l1-1-0.dll
- WindowsCreateString (Address: 0x100432b4)
- WindowsCreateStringReference (Address: 0x100432b8)
- WindowsDeleteString (Address: 0x100432b0)
- WindowsDeleteStringBuffer (Address: 0x100432cc)
- WindowsDuplicateString (Address: 0x100432ac)
- WindowsGetStringRawBuffer (Address: 0x100432bc)
- WindowsIsStringEmpty (Address: 0x100432c4)
- WindowsPreallocateStringBuffer (Address: 0x100432d0)
- WindowsPromoteStringBuffer (Address: 0x100432c8)
- WindowsStringHasEmbeddedNull (Address: 0x100432c0)
api-ms-win-crt-private-l1-1-0.dll
- __CxxFrameHandler3 (Address: 0x10043354)
- __std_terminate (Address: 0x10043350)
- _CxxThrowException (Address: 0x10043318)
- _except_handler4_common (Address: 0x10043314)
- _o___std_exception_copy (Address: 0x10043338)
- _o___std_exception_destroy (Address: 0x10043334)
- _o___std_type_info_destroy_list (Address: 0x10043330)
- _o___stdio_common_vsnprintf_s (Address: 0x100432f4)
- _o___stdio_common_vsprintf (Address: 0x1004334c)
- _o___stdio_common_vswprintf (Address: 0x10043348)
- _o__callnewh (Address: 0x10043320)
- _o__cexit (Address: 0x1004331c)
- _o__configure_narrow_argv (Address: 0x10043340)
- _o__crt_atexit (Address: 0x1004333c)
- _o__errno (Address: 0x10043328)
- _o__execute_onexit_table (Address: 0x10043324)
- _o__initialize_narrow_environment (Address: 0x100432d8)
- _o__initialize_onexit_table (Address: 0x100432dc)
- _o__invalid_parameter_noinfo (Address: 0x100432e0)
- _o__invalid_parameter_noinfo_noreturn (Address: 0x100432e4)
- _o__purecall (Address: 0x100432e8)
- _o__register_onexit_function (Address: 0x100432ec)
- _o__seh_filter_dll (Address: 0x100432f0)
- _o__wcsicmp (Address: 0x10043344)
- _o_free (Address: 0x100432fc)
- _o_iswspace (Address: 0x10043300)
- _o_malloc (Address: 0x10043304)
- _o_realloc (Address: 0x10043308)
- _o_terminate (Address: 0x1004330c)
- _o_toupper (Address: 0x10043310)
- memcpy (Address: 0x10043358)
- memmove (Address: 0x100432f8)
- wcschr (Address: 0x1004332c)
api-ms-win-crt-runtime-l1-1-0.dll
- _initterm (Address: 0x10043364)
- _initterm_e (Address: 0x10043360)
api-ms-win-crt-string-l1-1-0.dll
- memset (Address: 0x1004336c)
api-ms-win-eventing-provider-l1-1-0.dll
- EventActivityIdControl (Address: 0x1004337c)
- EventProviderEnabled (Address: 0x10043374)
- EventRegister (Address: 0x10043380)
- EventSetInformation (Address: 0x10043384)
- EventUnregister (Address: 0x10043378)
- EventWriteTransfer (Address: 0x10043388)
api-ms-win-security-accesshlpr-l1-1-0.dll
- FreeTransientObjectSecurityDescriptor (Address: 0x10043390)
- QueryTransientObjectSecurityDescriptor (Address: 0x10043394)
api-ms-win-security-base-l1-1-0.dll
- CopySid (Address: 0x1004339c)
- CreateWellKnownSid (Address: 0x100433a8)
- DuplicateTokenEx (Address: 0x100433b0)
- GetLengthSid (Address: 0x100433a4)
- GetSidSubAuthority (Address: 0x100433b4)
- GetTokenInformation (Address: 0x100433ac)
- IsValidSid (Address: 0x100433a0)
api-ms-win-security-capability-l1-1-0.dll
- CapabilityCheck (Address: 0x100433bc)
api-ms-win-shcore-taskpool-l1-1-0.dll
- SHTaskPoolAllowThreadReuse (Address: 0x100433c4)
- SHTaskPoolQueueTask (Address: 0x100433c8)
CoreMessaging.dll
- CoreUIConfigureTestHost (Address: 0x10043000)
- CoreUICreate (Address: 0x10043004)
- MsgRelease (Address: 0x10043008)
CoreUIComponents.dll
- CoreUIFactoryCreate (Address: 0x10043010)
msvcp_win.dll
- ?_Xbad_function_call@std@@YAXXZ (Address: 0x100433d4)
- ?_Xlength_error@std@@YAXPBD@Z (Address: 0x100433d0)
ntdll.dll
- NtQueryInformationJobObject (Address: 0x10043428)
- NtQueryInformationToken (Address: 0x100433e0)
- NtQuerySecurityAttributesToken (Address: 0x10043418)
- NtQuerySystemInformation (Address: 0x1004342c)
- NtQueryWnfStateData (Address: 0x10043404)
- RtlAcquireSRWLockExclusive (Address: 0x10043430)
- RtlAllocateHeap (Address: 0x100433fc)
- RtlCompareUnicodeString (Address: 0x10043414)
- RtlCopySid (Address: 0x10043420)
- RtlFreeHeap (Address: 0x100433dc)
- RtlInitializeSRWLock (Address: 0x10043438)
- RtlInitUnicodeString (Address: 0x100433e8)
- RtlLengthSid (Address: 0x10043424)
- RtlNtStatusToDosErrorNoTeb (Address: 0x100433e4)
- RtlRbInsertNodeEx (Address: 0x1004340c)
- RtlRbRemoveNode (Address: 0x10043400)
- RtlReleaseSRWLockExclusive (Address: 0x10043434)
- RtlSubscribeWnfStateChangeNotification (Address: 0x10043410)
- RtlUnsubscribeWnfNotificationWaitForCompletion (Address: 0x100433ec)
- RtlValidSid (Address: 0x1004341c)
- TpAllocWork (Address: 0x10043408)
- TpPostWork (Address: 0x100433f8)
- TpReleaseWork (Address: 0x100433f0)
- TpWaitForWork (Address: 0x100433f4)
OLEAUT32.dll
- SysFreeString (Address: 0x10043018)
- SysStringLen (Address: 0x1004301c)
RPCRT4.dll
- I_RpcExceptionFilter (Address: 0x1004303c)
- I_RpcMapWin32Status (Address: 0x10043038)
- NdrClientCall4 (Address: 0x1004302c)
- RpcBindingBind (Address: 0x10043028)
- RpcBindingCreateW (Address: 0x10043024)
- RpcBindingFree (Address: 0x10043034)
- RpcExceptionFilter (Address: 0x10043030)