els.dll

Description: Event Viewer Snapin

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.1

Architecture: 32-bit

Operating System: Windows NT

SHA256: 6a408da7aaae823c1706c3a1b20e1865

File Size: 176.5 KB

Uploaded At: Dec. 1, 2025, 7:56 a.m.

Views: 5

Exported Functions

  • DllCanUnloadNow (Ordinal: 1, Address: 0x18360)
  • DllGetClassObject (Ordinal: 2, Address: 0x18390)
  • DllRegisterServer (Ordinal: 3, Address: 0x177c0)
  • DllUnregisterServer (Ordinal: 4, Address: 0x18190)

Imported DLLs & Functions

ACTIVEDS.dll
  • (Address: 0x5e7a7000)
  • (Address: 0x5e7a7004)
  • (Address: 0x5e7a7008)
ADVAPI32.dll
  • BackupEventLogW (Address: 0x5e7a7050)
  • ClearEventLogW (Address: 0x5e7a704c)
  • CloseEventLog (Address: 0x5e7a7048)
  • ConvertStringSidToSidW (Address: 0x5e7a7054)
  • EqualSid (Address: 0x5e7a7018)
  • GetLengthSid (Address: 0x5e7a7058)
  • GetNumberOfEventLogRecords (Address: 0x5e7a7044)
  • GetOldestEventLogRecord (Address: 0x5e7a7040)
  • IsValidSid (Address: 0x5e7a7030)
  • LookupAccountSidW (Address: 0x5e7a705c)
  • OpenBackupEventLogW (Address: 0x5e7a703c)
  • OpenEventLogW (Address: 0x5e7a7038)
  • ReadEventLogW (Address: 0x5e7a7034)
  • RegCloseKey (Address: 0x5e7a7060)
  • RegConnectRegistryW (Address: 0x5e7a7028)
  • RegCreateKeyExW (Address: 0x5e7a702c)
  • RegDeleteKeyW (Address: 0x5e7a7024)
  • RegDeleteValueW (Address: 0x5e7a7020)
  • RegEnumKeyExW (Address: 0x5e7a7010)
  • RegGetValueW (Address: 0x5e7a7068)
  • RegOpenKeyExW (Address: 0x5e7a7064)
  • RegQueryValueExW (Address: 0x5e7a701c)
  • RegSetValueExW (Address: 0x5e7a7014)
DSROLE.dll
  • DsRoleFreeMemory (Address: 0x5e7a7074)
  • DsRoleGetPrimaryDomainInformation (Address: 0x5e7a7070)
GDI32.dll
  • CreateFontIndirectW (Address: 0x5e7a7090)
  • DeleteObject (Address: 0x5e7a708c)
  • GetMapMode (Address: 0x5e7a7088)
  • GetObjectW (Address: 0x5e7a707c)
  • GetTextMetricsW (Address: 0x5e7a7080)
  • SetMapMode (Address: 0x5e7a7084)
KERNEL32.dll
  • AcquireSRWLockExclusive (Address: 0x5e7a70f0)
  • CloseHandle (Address: 0x5e7a70b0)
  • CreateFileW (Address: 0x5e7a70a8)
  • CreateThread (Address: 0x5e7a70b4)
  • DeleteCriticalSection (Address: 0x5e7a7198)
  • DeleteFileW (Address: 0x5e7a70a0)
  • DisableThreadLibraryCalls (Address: 0x5e7a71a0)
  • EnterCriticalSection (Address: 0x5e7a719c)
  • ExpandEnvironmentStringsW (Address: 0x5e7a7148)
  • FileTimeToLocalFileTime (Address: 0x5e7a7114)
  • FileTimeToSystemTime (Address: 0x5e7a7118)
  • FormatMessageW (Address: 0x5e7a714c)
  • FreeLibrary (Address: 0x5e7a7150)
  • GetCommandLineW (Address: 0x5e7a70a4)
  • GetComputerNameW (Address: 0x5e7a712c)
  • GetCurrentProcess (Address: 0x5e7a70e4)
  • GetCurrentProcessId (Address: 0x5e7a7100)
  • GetCurrentThreadId (Address: 0x5e7a70d4)
  • GetDateFormatW (Address: 0x5e7a7108)
  • GetDriveTypeW (Address: 0x5e7a7110)
  • GetFileAttributesExW (Address: 0x5e7a709c)
  • GetFileSize (Address: 0x5e7a70cc)
  • GetLastError (Address: 0x5e7a7134)
  • GetLocaleInfoW (Address: 0x5e7a7188)
  • GetLocalTime (Address: 0x5e7a70b8)
  • GetModuleFileNameW (Address: 0x5e7a716c)
  • GetModuleHandleA (Address: 0x5e7a7158)
  • GetModuleHandleW (Address: 0x5e7a715c)
  • GetProcAddress (Address: 0x5e7a7160)
  • GetProcessHeap (Address: 0x5e7a70c8)
  • GetSystemDirectoryW (Address: 0x5e7a70ac)
  • GetSystemTimeAsFileTime (Address: 0x5e7a7104)
  • GetSystemWindowsDirectoryW (Address: 0x5e7a7178)
  • GetTickCount (Address: 0x5e7a7190)
  • GetTimeFormatW (Address: 0x5e7a710c)
  • GetTimeZoneInformation (Address: 0x5e7a70d0)
  • GetWindowsDirectoryW (Address: 0x5e7a70bc)
  • GlobalAlloc (Address: 0x5e7a717c)
  • GlobalFree (Address: 0x5e7a7174)
  • GlobalLock (Address: 0x5e7a7180)
  • GlobalUnlock (Address: 0x5e7a7184)
  • HeapAlloc (Address: 0x5e7a7128)
  • HeapFree (Address: 0x5e7a70c4)
  • InitializeCriticalSection (Address: 0x5e7a7194)
  • LeaveCriticalSection (Address: 0x5e7a7124)
  • LoadLibraryA (Address: 0x5e7a7164)
  • LoadLibraryExW (Address: 0x5e7a7098)
  • LoadLibraryW (Address: 0x5e7a7168)
  • LocalAlloc (Address: 0x5e7a718c)
  • LocalFileTimeToFileTime (Address: 0x5e7a711c)
  • LocalFree (Address: 0x5e7a7140)
  • lstrcmpiW (Address: 0x5e7a7138)
  • lstrcmpW (Address: 0x5e7a7144)
  • lstrlenW (Address: 0x5e7a713c)
  • OutputDebugStringA (Address: 0x5e7a7170)
  • QueryPerformanceCounter (Address: 0x5e7a70fc)
  • ReleaseSRWLockExclusive (Address: 0x5e7a70ec)
  • SetLastError (Address: 0x5e7a7154)
  • SetUnhandledExceptionFilter (Address: 0x5e7a70e0)
  • Sleep (Address: 0x5e7a70d8)
  • SleepConditionVariableSRW (Address: 0x5e7a70f8)
  • SystemTimeToFileTime (Address: 0x5e7a7120)
  • TerminateProcess (Address: 0x5e7a70e8)
  • UnhandledExceptionFilter (Address: 0x5e7a70dc)
  • WakeAllConditionVariable (Address: 0x5e7a70f4)
  • WideCharToMultiByte (Address: 0x5e7a70c0)
  • WriteFile (Address: 0x5e7a7130)
logoncli.dll
  • DsGetDcNameW (Address: 0x5e7a733c)
MPR.dll
  • WNetGetUniversalNameW (Address: 0x5e7a71a8)
msvcrt.dll
  • __CxxFrameHandler3 (Address: 0x5e7a7390)
  • __dllonexit (Address: 0x5e7a73c8)
  • _amsg_exit (Address: 0x5e7a73b8)
  • _callnewh (Address: 0x5e7a738c)
  • _CxxThrowException (Address: 0x5e7a73a8)
  • _except_handler4_common (Address: 0x5e7a73d4)
  • _initterm (Address: 0x5e7a73bc)
  • _itow (Address: 0x5e7a7400)
  • _lock (Address: 0x5e7a73c0)
  • _onexit (Address: 0x5e7a73cc)
  • _purecall (Address: 0x5e7a73e8)
  • _snwprintf_s (Address: 0x5e7a7350)
  • _ultow (Address: 0x5e7a73f8)
  • _unlock (Address: 0x5e7a73c4)
  • _vsnwprintf (Address: 0x5e7a735c)
  • _vsnwprintf_s (Address: 0x5e7a7384)
  • _wcsicmp (Address: 0x5e7a7358)
  • _wcslwr (Address: 0x5e7a737c)
  • _wcsnicmp (Address: 0x5e7a7398)
  • _wcsupr (Address: 0x5e7a734c)
  • _XcptFilter (Address: 0x5e7a73b4)
  • ??_V@YAXPAX@Z (Address: 0x5e7a73e4)
  • ??0exception@@QAE@ABQBD@Z (Address: 0x5e7a7394)
  • ??0exception@@QAE@ABQBDH@Z (Address: 0x5e7a73f0)
  • ??0exception@@QAE@ABV0@@Z (Address: 0x5e7a739c)
  • ??1exception@@UAE@XZ (Address: 0x5e7a73a0)
  • ??1type_info@@UAE@XZ (Address: 0x5e7a73d8)
  • ??3@YAXPAX@Z (Address: 0x5e7a73ec)
  • ?terminate@@YAXXZ (Address: 0x5e7a73d0)
  • ?what@exception@@UBEPBDXZ (Address: 0x5e7a73a4)
  • free (Address: 0x5e7a7370)
  • malloc (Address: 0x5e7a7368)
  • memcmp (Address: 0x5e7a73dc)
  • memcpy (Address: 0x5e7a73ac)
  • memmove (Address: 0x5e7a73b0)
  • memset (Address: 0x5e7a7404)
  • qsort (Address: 0x5e7a7378)
  • swprintf_s (Address: 0x5e7a7344)
  • towlower (Address: 0x5e7a7388)
  • wcscat_s (Address: 0x5e7a7374)
  • wcschr (Address: 0x5e7a7348)
  • wcscpy_s (Address: 0x5e7a7360)
  • wcsncmp (Address: 0x5e7a7364)
  • wcsncpy_s (Address: 0x5e7a7354)
  • wcspbrk (Address: 0x5e7a73e0)
  • wcsrchr (Address: 0x5e7a73fc)
  • wcsspn (Address: 0x5e7a7380)
  • wcsstr (Address: 0x5e7a73f4)
  • wcstoul (Address: 0x5e7a736c)
netutils.dll
  • NetApiBufferFree (Address: 0x5e7a7414)
  • NetpwNameCanonicalize (Address: 0x5e7a7410)
  • NetpwNameValidate (Address: 0x5e7a740c)
ntdll.dll
  • RtlLengthSid (Address: 0x5e7a741c)
  • RtlSecondsSince1970ToTime (Address: 0x5e7a7424)
  • RtlTimeToSecondsSince1970 (Address: 0x5e7a7420)
NTDSAPI.dll
  • DsBindW (Address: 0x5e7a71b0)
  • DsCrackNamesW (Address: 0x5e7a71b4)
  • DsFreeNameResultW (Address: 0x5e7a71c4)
  • DsFreeSchemaGuidMapW (Address: 0x5e7a71b8)
  • DsMapSchemaGuidsW (Address: 0x5e7a71bc)
  • DsUnBindW (Address: 0x5e7a71c0)
ole32.dll
  • CoCreateInstance (Address: 0x5e7a743c)
  • CoGetInterfaceAndReleaseStream (Address: 0x5e7a7450)
  • CoInitialize (Address: 0x5e7a7448)
  • CoMarshalInterThreadInterfaceInStream (Address: 0x5e7a745c)
  • CoTaskMemAlloc (Address: 0x5e7a7458)
  • CoUninitialize (Address: 0x5e7a7444)
  • CreateStreamOnHGlobal (Address: 0x5e7a7454)
  • IIDFromString (Address: 0x5e7a744c)
  • ObjectStublessClient3 (Address: 0x5e7a7438)
  • ObjectStublessClient4 (Address: 0x5e7a7434)
  • ObjectStublessClient5 (Address: 0x5e7a7430)
  • ObjectStublessClient6 (Address: 0x5e7a742c)
  • ObjectStublessClient7 (Address: 0x5e7a7460)
  • ReleaseStgMedium (Address: 0x5e7a7440)
RPCRT4.dll
  • CStdStubBuffer_AddRef (Address: 0x5e7a720c)
  • CStdStubBuffer_Connect (Address: 0x5e7a71cc)
  • CStdStubBuffer_CountRefs (Address: 0x5e7a71e4)
  • CStdStubBuffer_DebugServerQueryInterface (Address: 0x5e7a71f4)
  • CStdStubBuffer_DebugServerRelease (Address: 0x5e7a71d8)
  • CStdStubBuffer_Disconnect (Address: 0x5e7a71d4)
  • CStdStubBuffer_Invoke (Address: 0x5e7a71fc)
  • CStdStubBuffer_IsIIDSupported (Address: 0x5e7a71e8)
  • CStdStubBuffer_QueryInterface (Address: 0x5e7a71e0)
  • IUnknown_AddRef_Proxy (Address: 0x5e7a71f8)
  • IUnknown_QueryInterface_Proxy (Address: 0x5e7a71d0)
  • IUnknown_Release_Proxy (Address: 0x5e7a71ec)
  • NdrCStdStubBuffer_Release (Address: 0x5e7a7200)
  • NdrDllCanUnloadNow (Address: 0x5e7a7204)
  • NdrDllGetClassObject (Address: 0x5e7a7208)
  • NdrOleAllocate (Address: 0x5e7a71dc)
  • NdrOleFree (Address: 0x5e7a71f0)
SHELL32.dll
  • CommandLineToArgvW (Address: 0x5e7a7214)
  • ShellExecuteW (Address: 0x5e7a7218)
SHLWAPI.dll
  • PathCombineW (Address: 0x5e7a7224)
  • PathRemoveBlanksW (Address: 0x5e7a7220)
  • wnsprintfW (Address: 0x5e7a7228)
srvcli.dll
  • NetShareGetInfo (Address: 0x5e7a7468)
USER32.dll
  • CharLowerBuffW (Address: 0x5e7a72e4)
  • CheckDlgButton (Address: 0x5e7a72fc)
  • CheckRadioButton (Address: 0x5e7a7288)
  • CloseClipboard (Address: 0x5e7a72b4)
  • CreateDialogParamW (Address: 0x5e7a72d0)
  • CreateWindowExW (Address: 0x5e7a7230)
  • DefWindowProcW (Address: 0x5e7a731c)
  • DestroyIcon (Address: 0x5e7a7280)
  • DestroyWindow (Address: 0x5e7a72d8)
  • DialogBoxParamW (Address: 0x5e7a72cc)
  • DispatchMessageW (Address: 0x5e7a72f8)
  • EmptyClipboard (Address: 0x5e7a72a8)
  • EnableWindow (Address: 0x5e7a729c)
  • EndDialog (Address: 0x5e7a72e0)
  • EnumThreadWindows (Address: 0x5e7a7234)
  • FindWindowExW (Address: 0x5e7a7264)
  • GetClassNameW (Address: 0x5e7a7238)
  • GetClientRect (Address: 0x5e7a72dc)
  • GetDC (Address: 0x5e7a7290)
  • GetDlgItem (Address: 0x5e7a7258)
  • GetDlgItemInt (Address: 0x5e7a730c)
  • GetDlgItemTextW (Address: 0x5e7a7274)
  • GetFocus (Address: 0x5e7a72c0)
  • GetMessageW (Address: 0x5e7a72ec)
  • GetParent (Address: 0x5e7a7260)
  • GetSysColor (Address: 0x5e7a7284)
  • GetSystemMetrics (Address: 0x5e7a7298)
  • GetWindow (Address: 0x5e7a72e8)
  • GetWindowLongW (Address: 0x5e7a7318)
  • GetWindowRect (Address: 0x5e7a728c)
  • GetWindowTextLengthW (Address: 0x5e7a7304)
  • GetWindowTextW (Address: 0x5e7a726c)
  • IsDialogMessageW (Address: 0x5e7a72f0)
  • IsDlgButtonChecked (Address: 0x5e7a72ac)
  • IsWindowEnabled (Address: 0x5e7a723c)
  • LoadBitmapW (Address: 0x5e7a7244)
  • LoadCursorW (Address: 0x5e7a7278)
  • LoadIconW (Address: 0x5e7a7240)
  • LoadImageW (Address: 0x5e7a7248)
  • LoadStringW (Address: 0x5e7a7310)
  • MessageBoxW (Address: 0x5e7a72c8)
  • OpenClipboard (Address: 0x5e7a72a4)
  • PostMessageW (Address: 0x5e7a72a0)
  • PostQuitMessage (Address: 0x5e7a7300)
  • RegisterClassW (Address: 0x5e7a7314)
  • RegisterClipboardFormatW (Address: 0x5e7a7250)
  • ReleaseDC (Address: 0x5e7a7294)
  • SendMessageW (Address: 0x5e7a7254)
  • SetClipboardData (Address: 0x5e7a72b0)
  • SetCursor (Address: 0x5e7a727c)
  • SetDlgItemInt (Address: 0x5e7a7308)
  • SetDlgItemTextW (Address: 0x5e7a72bc)
  • SetFocus (Address: 0x5e7a72c4)
  • SetForegroundWindow (Address: 0x5e7a724c)
  • SetWindowLongW (Address: 0x5e7a7268)
  • SetWindowPos (Address: 0x5e7a725c)
  • SetWindowTextW (Address: 0x5e7a7270)
  • ShowWindow (Address: 0x5e7a72b8)
  • TranslateMessage (Address: 0x5e7a72f4)
  • WinHelpW (Address: 0x5e7a72d4)
VERSION.dll
  • GetFileVersionInfoSizeW (Address: 0x5e7a7324)
  • GetFileVersionInfoW (Address: 0x5e7a7328)
  • VerQueryValueW (Address: 0x5e7a732c)
WINTRUST.dll
  • WTGetSignatureInfo (Address: 0x5e7a7334)
wkscli.dll
  • NetWkstaGetInfo (Address: 0x5e7a7470)