els.dll
Description: Event Viewer Snapin
Authors: © Microsoft Corporation. All rights reserved.
Version: 10.0.19041.1
Architecture: 64-bit
Operating System: Windows NT
SHA256: a274f7ea59b7e448b0f9139256a0a9e3
File Size: 230.0 KB
Uploaded At: Dec. 1, 2025, 7:27 a.m.
Views: 5
Exported Functions
- DllCanUnloadNow (Ordinal: 1, Address: 0x2db0)
- DllGetClassObject (Ordinal: 2, Address: 0x1430)
- DllRegisterServer (Ordinal: 3, Address: 0x1ce10)
- DllUnregisterServer (Ordinal: 4, Address: 0x1d690)
Imported DLLs & Functions
ACTIVEDS.dll
- (Address: 0x180029a60)
- (Address: 0x180029a58)
- (Address: 0x180029a50)
ADVAPI32.dll
- BackupEventLogW (Address: 0x180029ad8)
- ClearEventLogW (Address: 0x180029ad0)
- CloseEventLog (Address: 0x180029ac8)
- ConvertStringSidToSidW (Address: 0x180029ae0)
- EqualSid (Address: 0x180029b20)
- GetLengthSid (Address: 0x180029ae8)
- GetNumberOfEventLogRecords (Address: 0x180029ac0)
- GetOldestEventLogRecord (Address: 0x180029b18)
- IsValidSid (Address: 0x180029a98)
- LookupAccountSidW (Address: 0x180029af0)
- OpenBackupEventLogW (Address: 0x180029ab0)
- OpenEventLogW (Address: 0x180029aa8)
- ReadEventLogW (Address: 0x180029aa0)
- RegCloseKey (Address: 0x180029af8)
- RegConnectRegistryW (Address: 0x180029a88)
- RegCreateKeyExW (Address: 0x180029a90)
- RegDeleteKeyW (Address: 0x180029a80)
- RegDeleteValueW (Address: 0x180029a70)
- RegEnumKeyExW (Address: 0x180029a78)
- RegGetValueW (Address: 0x180029b08)
- RegOpenKeyExW (Address: 0x180029b00)
- RegQueryValueExW (Address: 0x180029b10)
- RegSetValueExW (Address: 0x180029ab8)
DSROLE.dll
- DsRoleFreeMemory (Address: 0x180029b38)
- DsRoleGetPrimaryDomainInformation (Address: 0x180029b30)
GDI32.dll
- CreateFontIndirectW (Address: 0x180029b70)
- DeleteObject (Address: 0x180029b68)
- GetMapMode (Address: 0x180029b60)
- GetObjectW (Address: 0x180029b48)
- GetTextMetricsW (Address: 0x180029b50)
- SetMapMode (Address: 0x180029b58)
KERNEL32.dll
- AcquireSRWLockExclusive (Address: 0x180029c48)
- ActivateActCtx (Address: 0x180029d30)
- CloseHandle (Address: 0x180029b98)
- CreateActCtxW (Address: 0x180029d40)
- CreateFileW (Address: 0x180029cc0)
- CreateThread (Address: 0x180029ba0)
- DeactivateActCtx (Address: 0x180029d18)
- DeleteCriticalSection (Address: 0x180029bf8)
- DeleteFileW (Address: 0x180029bf0)
- DisableThreadLibraryCalls (Address: 0x180029be0)
- EnterCriticalSection (Address: 0x180029cb0)
- ExpandEnvironmentStringsW (Address: 0x180029cf8)
- FileTimeToLocalFileTime (Address: 0x180029c98)
- FileTimeToSystemTime (Address: 0x180029ca8)
- FindActCtxSectionStringW (Address: 0x180029d38)
- FormatMessageW (Address: 0x180029d00)
- FreeLibrary (Address: 0x180029d08)
- GetCommandLineW (Address: 0x180029b80)
- GetComputerNameW (Address: 0x180029c08)
- GetCurrentProcess (Address: 0x180029c30)
- GetCurrentProcessId (Address: 0x180029c60)
- GetCurrentThreadId (Address: 0x180029c00)
- GetDateFormatW (Address: 0x180029c88)
- GetDriveTypeW (Address: 0x180029ca0)
- GetFileAttributesExW (Address: 0x180029c70)
- GetFileSize (Address: 0x180029c80)
- GetLastError (Address: 0x180029cd0)
- GetLocaleInfoW (Address: 0x180029d90)
- GetLocalTime (Address: 0x180029ba8)
- GetModuleFileNameW (Address: 0x180029d48)
- GetModuleHandleExW (Address: 0x180029d50)
- GetProcAddress (Address: 0x180029d28)
- GetProcessHeap (Address: 0x180029bc8)
- GetSystemDirectoryW (Address: 0x180029b90)
- GetSystemTimeAsFileTime (Address: 0x180029c68)
- GetSystemWindowsDirectoryW (Address: 0x180029d70)
- GetTickCount (Address: 0x180029da0)
- GetTimeFormatW (Address: 0x180029c90)
- GetTimeZoneInformation (Address: 0x180029bd8)
- GetWindowsDirectoryW (Address: 0x180029bb0)
- GlobalAlloc (Address: 0x180029d78)
- GlobalFree (Address: 0x180029d68)
- GlobalLock (Address: 0x180029d80)
- GlobalUnlock (Address: 0x180029d88)
- HeapAlloc (Address: 0x180029bd0)
- HeapFree (Address: 0x180029bc0)
- InitializeCriticalSection (Address: 0x180029da8)
- LeaveCriticalSection (Address: 0x180029be8)
- LoadLibraryExW (Address: 0x180029c10)
- LoadLibraryW (Address: 0x180029d20)
- LocalAlloc (Address: 0x180029d98)
- LocalFileTimeToFileTime (Address: 0x180029b88)
- LocalFree (Address: 0x180029ce8)
- lstrcmpiW (Address: 0x180029cd8)
- lstrcmpW (Address: 0x180029cf0)
- lstrlenW (Address: 0x180029ce0)
- OutputDebugStringA (Address: 0x180029d60)
- QueryActCtxW (Address: 0x180029d58)
- QueryPerformanceCounter (Address: 0x180029cc8)
- ReleaseSRWLockExclusive (Address: 0x180029c40)
- SetLastError (Address: 0x180029d10)
- SetUnhandledExceptionFilter (Address: 0x180029c28)
- Sleep (Address: 0x180029c18)
- SleepConditionVariableSRW (Address: 0x180029c58)
- SystemTimeToFileTime (Address: 0x180029cb8)
- TerminateProcess (Address: 0x180029c38)
- UnhandledExceptionFilter (Address: 0x180029c20)
- WakeAllConditionVariable (Address: 0x180029c50)
- WideCharToMultiByte (Address: 0x180029bb8)
- WriteFile (Address: 0x180029c78)
logoncli.dll
- DsGetDcNameW (Address: 0x18002a0e0)
MPR.dll
- WNetGetUniversalNameW (Address: 0x180029db8)
msvcrt.dll
- __C_specific_handler (Address: 0x18002a120)
- __CxxFrameHandler3 (Address: 0x18002a148)
- __dllonexit (Address: 0x18002a1f8)
- _amsg_exit (Address: 0x18002a1d8)
- _callnewh (Address: 0x18002a258)
- _CxxThrowException (Address: 0x18002a1b8)
- _initterm (Address: 0x18002a1e0)
- _itow (Address: 0x18002a238)
- _lock (Address: 0x18002a1e8)
- _onexit (Address: 0x18002a200)
- _purecall (Address: 0x18002a248)
- _snwprintf_s (Address: 0x18002a150)
- _ultow (Address: 0x18002a268)
- _unlock (Address: 0x18002a1f0)
- _vsnwprintf (Address: 0x18002a118)
- _vsnwprintf_s (Address: 0x18002a178)
- _wcsicmp (Address: 0x18002a110)
- _wcslwr (Address: 0x18002a168)
- _wcsnicmp (Address: 0x18002a130)
- _wcsupr (Address: 0x18002a100)
- _XcptFilter (Address: 0x18002a1d0)
- ??_V@YAXPEAX@Z (Address: 0x18002a240)
- ??0exception@@QEAA@AEBQEBD@Z (Address: 0x18002a190)
- ??0exception@@QEAA@AEBQEBDH@Z (Address: 0x18002a198)
- ??0exception@@QEAA@AEBV0@@Z (Address: 0x18002a1a0)
- ??1exception@@UEAA@XZ (Address: 0x18002a1a8)
- ??1type_info@@UEAA@XZ (Address: 0x18002a210)
- ??3@YAXPEAX@Z (Address: 0x18002a250)
- ?terminate@@YAXXZ (Address: 0x18002a208)
- ?what@exception@@UEBAPEBDXZ (Address: 0x18002a1b0)
- free (Address: 0x18002a138)
- malloc (Address: 0x18002a140)
- memcmp (Address: 0x18002a218)
- memcpy (Address: 0x18002a1c0)
- memmove (Address: 0x18002a1c8)
- memset (Address: 0x18002a270)
- qsort (Address: 0x18002a160)
- swprintf_s (Address: 0x18002a0f0)
- towlower (Address: 0x18002a180)
- wcscat_s (Address: 0x18002a158)
- wcschr (Address: 0x18002a0f8)
- wcscpy_s (Address: 0x18002a128)
- wcsncmp (Address: 0x18002a188)
- wcsncpy_s (Address: 0x18002a108)
- wcspbrk (Address: 0x18002a228)
- wcsrchr (Address: 0x18002a260)
- wcsspn (Address: 0x18002a170)
- wcsstr (Address: 0x18002a230)
- wcstoul (Address: 0x18002a220)
netutils.dll
- NetApiBufferFree (Address: 0x18002a290)
- NetpwNameCanonicalize (Address: 0x18002a288)
- NetpwNameValidate (Address: 0x18002a280)
ntdll.dll
- RtlCaptureContext (Address: 0x18002a2c8)
- RtlLengthSid (Address: 0x18002a2a8)
- RtlLookupFunctionEntry (Address: 0x18002a2b8)
- RtlSecondsSince1970ToTime (Address: 0x18002a2a0)
- RtlTimeToSecondsSince1970 (Address: 0x18002a2b0)
- RtlVirtualUnwind (Address: 0x18002a2c0)
NTDSAPI.dll
- DsBindW (Address: 0x180029de8)
- DsCrackNamesW (Address: 0x180029de0)
- DsFreeNameResultW (Address: 0x180029dd8)
- DsFreeSchemaGuidMapW (Address: 0x180029dc8)
- DsMapSchemaGuidsW (Address: 0x180029dd0)
- DsUnBindW (Address: 0x180029df0)
ole32.dll
- CoCreateInstance (Address: 0x18002a2e0)
- CoGetInterfaceAndReleaseStream (Address: 0x18002a308)
- CoInitialize (Address: 0x18002a2f8)
- CoMarshalInterThreadInterfaceInStream (Address: 0x18002a320)
- CoTaskMemAlloc (Address: 0x18002a318)
- CoUninitialize (Address: 0x18002a2f0)
- CreateStreamOnHGlobal (Address: 0x18002a310)
- IIDFromString (Address: 0x18002a300)
- ObjectStublessClient3 (Address: 0x18002a340)
- ObjectStublessClient4 (Address: 0x18002a338)
- ObjectStublessClient5 (Address: 0x18002a2d8)
- ObjectStublessClient6 (Address: 0x18002a330)
- ObjectStublessClient7 (Address: 0x18002a328)
- ReleaseStgMedium (Address: 0x18002a2e8)
RPCRT4.dll
- CStdStubBuffer_AddRef (Address: 0x180029e28)
- CStdStubBuffer_Connect (Address: 0x180029e68)
- CStdStubBuffer_CountRefs (Address: 0x180029e18)
- CStdStubBuffer_DebugServerQueryInterface (Address: 0x180029e40)
- CStdStubBuffer_DebugServerRelease (Address: 0x180029e00)
- CStdStubBuffer_Disconnect (Address: 0x180029e70)
- CStdStubBuffer_Invoke (Address: 0x180029e48)
- CStdStubBuffer_IsIIDSupported (Address: 0x180029e38)
- CStdStubBuffer_QueryInterface (Address: 0x180029e10)
- IUnknown_AddRef_Proxy (Address: 0x180029e80)
- IUnknown_QueryInterface_Proxy (Address: 0x180029e20)
- IUnknown_Release_Proxy (Address: 0x180029e78)
- NdrCStdStubBuffer_Release (Address: 0x180029e50)
- NdrDllCanUnloadNow (Address: 0x180029e58)
- NdrDllGetClassObject (Address: 0x180029e60)
- NdrOleAllocate (Address: 0x180029e08)
- NdrOleFree (Address: 0x180029e30)
SHELL32.dll
- CommandLineToArgvW (Address: 0x180029e90)
- ShellExecuteW (Address: 0x180029e98)
SHLWAPI.dll
- PathCombineW (Address: 0x180029eb0)
- PathRemoveBlanksW (Address: 0x180029eb8)
- wnsprintfW (Address: 0x180029ea8)
srvcli.dll
- NetShareGetInfo (Address: 0x18002a350)
USER32.dll
- CharLowerBuffW (Address: 0x18002a048)
- CheckDlgButton (Address: 0x18002a078)
- CheckRadioButton (Address: 0x180029f90)
- CloseClipboard (Address: 0x180029fe8)
- CreateDialogParamW (Address: 0x18002a020)
- CreateWindowExW (Address: 0x180029ef8)
- DefWindowProcW (Address: 0x180029ef0)
- DestroyIcon (Address: 0x180029f80)
- DestroyWindow (Address: 0x18002a030)
- DialogBoxParamW (Address: 0x18002a018)
- DispatchMessageW (Address: 0x18002a070)
- EmptyClipboard (Address: 0x180029fd0)
- EnableWindow (Address: 0x180029fb8)
- EndDialog (Address: 0x18002a040)
- EnumThreadWindows (Address: 0x180029ed0)
- FindWindowExW (Address: 0x180029f48)
- GetClassNameW (Address: 0x180029ed8)
- GetClientRect (Address: 0x18002a038)
- GetDC (Address: 0x180029fa0)
- GetDlgItem (Address: 0x180029f30)
- GetDlgItemInt (Address: 0x180029ec8)
- GetDlgItemTextW (Address: 0x180029f68)
- GetFocus (Address: 0x18002a000)
- GetMessageW (Address: 0x18002a058)
- GetParent (Address: 0x180029f40)
- GetSysColor (Address: 0x180029f88)
- GetSystemMetrics (Address: 0x180029fb0)
- GetWindow (Address: 0x18002a050)
- GetWindowLongPtrW (Address: 0x18002a028)
- GetWindowRect (Address: 0x180029f98)
- GetWindowTextLengthW (Address: 0x18002a088)
- GetWindowTextW (Address: 0x180029f58)
- IsDialogMessageW (Address: 0x18002a060)
- IsDlgButtonChecked (Address: 0x180029fd8)
- IsWindowEnabled (Address: 0x180029ee0)
- LoadBitmapW (Address: 0x180029f08)
- LoadCursorW (Address: 0x180029f70)
- LoadIconW (Address: 0x180029f00)
- LoadImageW (Address: 0x180029f10)
- LoadStringW (Address: 0x18002a0a0)
- MessageBoxW (Address: 0x18002a098)
- OpenClipboard (Address: 0x180029fc8)
- PostMessageW (Address: 0x180029fc0)
- PostQuitMessage (Address: 0x18002a080)
- RegisterClassW (Address: 0x18002a010)
- RegisterClipboardFormatW (Address: 0x180029f20)
- ReleaseDC (Address: 0x180029fa8)
- SendMessageW (Address: 0x180029f28)
- SetClipboardData (Address: 0x180029fe0)
- SetCursor (Address: 0x180029f78)
- SetDlgItemInt (Address: 0x18002a090)
- SetDlgItemTextW (Address: 0x180029ff8)
- SetFocus (Address: 0x18002a008)
- SetForegroundWindow (Address: 0x180029f18)
- SetWindowLongPtrW (Address: 0x180029f50)
- SetWindowPos (Address: 0x180029f38)
- SetWindowTextW (Address: 0x180029f60)
- ShowWindow (Address: 0x180029ff0)
- TranslateMessage (Address: 0x18002a068)
- WinHelpW (Address: 0x180029ee8)
VERSION.dll
- GetFileVersionInfoSizeW (Address: 0x18002a0c0)
- GetFileVersionInfoW (Address: 0x18002a0b8)
- VerQueryValueW (Address: 0x18002a0b0)
WINTRUST.dll
- WTGetSignatureInfo (Address: 0x18002a0d0)
wkscli.dll
- NetWkstaGetInfo (Address: 0x18002a360)