PDB Symbols - adhapi.dll (0x59CE92290E4E49C0488616D58EB70258B8E760DAB7A7CEF5B8AD2DCFEEBCD2CF)

Generated by JEB on 2019/08/01

PE: C:\Windows\System32\adhapi.dll Base=0x180000000 SHA-256=59CE92290E4E49C0488616D58EB70258B8E760DAB7A7CEF5B8AD2DCFEEBCD2CF
PDB: AdhApi.pdb GUID={8FEBA688-ABEF-3CC0-888EF43A63849A40} Age=1

179 located named symbols:
0x180001B38: "unsigned long __cdecl Int_AdhInitSubscriptionRpcAsync(struct ADH_INTCLIENT_EVENTS_HANDLE_ * __ptr64)" ?Int_AdhInitSubscriptionRpcAsync@@YAKPEAUADH_INTCLIENT_EVENTS_HANDLE_@@@Z
0x18000353C: "__cdecl _raise_securityfailure" __raise_securityfailure
0x180004910: "__cdecl _imp_EtwUnregisterTraceGuids" __imp_EtwUnregisterTraceGuids
0x180003360: "__cdecl FindPESection" _FindPESection
0x180005460: "__cdecl _IMPORT_DESCRIPTOR_ntdll" __IMPORT_DESCRIPTOR_ntdll
0x180006020: "__cdecl _security_cookie_complement" __security_cookie_complement
0x180004D60: "ncalrpc" ??_C@_1BA@EONDGCCM@?$AAn?$AAc?$AAa?$AAl?$AAr?$AAp?$AAc?$AA?$AA@
0x180002E2C: "__cdecl CRT_INIT" _CRT_INIT
0x1800047D8: "__cdecl _imp_GetCurrentThreadId" __imp_GetCurrentThreadId
0x180004838: "__cdecl _imp_CloseThreadpoolWait" __imp_CloseThreadpoolWait
0x180004708: "__cdecl _imp_RpcAsyncCompleteCall" __imp_RpcAsyncCompleteCall
0x180001070: WppControlCallback
0x1800037B0: "__cdecl guard_dispatch_icall_nop" _guard_dispatch_icall_nop
0x180002940: MIDL_adh_free
0x180004848: "__cdecl _imp_CreateThreadpoolWait" __imp_CreateThreadpoolWait
0x1800046F8: "__cdecl _imp_RpcAsyncCancelCall" __imp_RpcAsyncCancelCall
0x180004840: "__cdecl _imp_SetThreadpoolWait" __imp_SetThreadpoolWait
0x180004850: "__cdecl _imp_WaitForThreadpoolWaitCallbacks" __imp_WaitForThreadpoolWaitCallbacks
0x180004900: "__cdecl _imp_EtwGetTraceLoggerHandle" __imp_EtwGetTraceLoggerHandle
0x1800065F0: "__cdecl _@@_PchSym_@00@KxulyqvxgPillgKxumvgUmvgrlUrksokhexUzwszievhgUfgrohUlyquivUznwGEUkivxlnkOlyq@AdhUtil" __@@_PchSym_@00@KxulyqvxgPillgKxumvgUmvgrlUrksokhexUzwszievhgUfgrohUlyquivUznwGEUkivxlnkOlyq@AdhUtil
0x180005500: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-eventing-classicprovider-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-eventing-classicprovider-l1-1-0
0x180004928: "__cdecl _guard_dispatch_icall_fptr" __guard_dispatch_icall_fptr
0x180003340: "__cdecl XcptFilter" _XcptFilter
0x180004930: "__cdecl _xc_a" __xc_a
0x1800047A8: api-ms-win-core-heap-l1-1-0_NULL_THUNK_DATA
0x180004DC0: WPP_b2b873397e5c37427b3b975b7e8211fa_Traceguids
0x180004DA0: "AdhAlloc" ??_C@_08NIIKOPJB@AdhAlloc?$AA@
0x1800048C0: "__cdecl _imp_memset" __imp_memset
0x1800047F8: "__cdecl _imp_CreateEventW" __imp_CreateEventW
0x18000351F: "__cdecl initterm" _initterm
0x180004860: "__cdecl _imp_TraceMessage" __imp_TraceMessage
0x18000553C: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-sysinfo-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-sysinfo-l1-1-0
0x180006618: "__cdecl _dyn_tls_init_callback" __dyn_tls_init_callback
0x180004810: "__cdecl _imp_Sleep" __imp_Sleep
0x180004950: "__cdecl _xi_z" __xi_z
0x180004760: "__cdecl _imp_UnhandledExceptionFilter" __imp_UnhandledExceptionFilter
0x1800048E8: "__cdecl _imp_EtwRegisterTraceGuidsW" __imp_EtwRegisterTraceGuidsW
0x180003334: "__cdecl _C_specific_handler" __C_specific_handler
0x1800047A0: "__cdecl _imp_HeapFree" __imp_HeapFree
0x1800065E8: WPP_REGISTRATION_GUIDS
0x180002A88: WPP_SF_ssL
0x180004788: api-ms-win-core-handle-l1-1-0_NULL_THUNK_DATA
0x18000372C: "__cdecl _GSHandlerCheckCommon" __GSHandlerCheckCommon
0x180002910: MIDL_adh_allocate
0x1800065C0: WPP_MAIN_CB
0x18000549C: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-security-base-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-security-base-l1-1-0
0x18000334C: "__cdecl amsg_exit" _amsg_exit
0x180004778: api-ms-win-core-errorhandling-l1-1-0_NULL_THUNK_DATA
0x1800047C0: "__cdecl _imp_GetCurrentProcess" __imp_GetCurrentProcess
0x180001E00: "unsigned long __cdecl AdhStatusEventSubscribe(void * __ptr64,void (__cdecl*)(void * __ptr64,struct _tag_ADH_ADDRESSES const * __ptr64),void * __ptr64,void * __ptr64 * __ptr64)" ?AdhStatusEventSubscribe@@YAKPEAXP6AX0PEBU_tag_ADH_ADDRESSES@@@Z0PEAPEAX@Z
0x180005578: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-security-lsalookup-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-security-lsalookup-l1-1-0
0x180006608: "__cdecl _native_startup_lock" __native_startup_lock
0x180001100: DllMain
0x180001910: "unsigned long __cdecl AdhEngineClose(void * __ptr64)" ?AdhEngineClose@@YAKPEAX@Z
0x180004898: "__cdecl _imp___C_specific_handler" __imp___C_specific_handler
0x1800048D8: "__cdecl _imp_RtlCaptureContext" __imp_RtlCaptureContext
0x1800047B8: api-ms-win-core-libraryloader-l1-2-0_NULL_THUNK_DATA
0x180004770: "__cdecl _imp_GetLastError" __imp_GetLastError
0x180006010: "__cdecl _native_dllmain_reason" __native_dllmain_reason
0x180003708: "__cdecl _GSHandlerCheck" __GSHandlerCheck
0x180004908: "__cdecl _imp_EtwTraceMessage" __imp_EtwTraceMessage
0x180004D90: "NULL" ??_C@_19CIJIHAKK@?$AAN?$AAU?$AAL?$AAL?$AA?$AA@
0x1800047D0: "__cdecl _imp_GetCurrentProcessId" __imp_GetCurrentProcessId
0x180004800: "__cdecl _imp_WaitForSingleObject" __imp_WaitForSingleObject
0x180001BB0: "void __cdecl Int_AdhSubscribeCallback(struct _TP_CALLBACK_INSTANCE * __ptr64,void * __ptr64,struct _TP_WAIT * __ptr64,long)" ?Int_AdhSubscribeCallback@@YAXPEAU_TP_CALLBACK_INSTANCE@@PEAXPEAU_TP_WAIT@@J@Z
0x180003410: "__cdecl ValidateImageBase" _ValidateImageBase
0x180005488: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-libraryloader-l1-2-0" __IMPORT_DESCRIPTOR_api-ms-win-core-libraryloader-l1-2-0
0x1800049B0: "\" ??_C@_13FPGAJAPJ@?$AA?2?$AA?$AA@
0x180001008: WPP_SF_
0x180004798: "__cdecl _imp_HeapAlloc" __imp_HeapAlloc
0x180004730: "__cdecl _imp_RpcBindingFree" __imp_RpcBindingFree
0x180003070: "__cdecl DllMainCRTStartup" _DllMainCRTStartup
0x1800048B8: "__cdecl _imp__initterm" __imp__initterm
0x180004738: "__cdecl _imp_RpcStringBindingComposeW" __imp_RpcStringBindingComposeW
0x180004768: "__cdecl _imp_SetLastError" __imp_SetLastError
0x180002710: "unsigned long __cdecl AdhGetEvidenceCollectorResult(void * __ptr64,enum ADH_EVCOLLECTOR_,unsigned long,unsigned long,int * __ptr64)" ?AdhGetEvidenceCollectorResult@@YAKPEAXW4ADH_EVCOLLECTOR_@@KKPEAH@Z
0x1800065F8: "__cdecl _onexitend" __onexitend
0x180004920: "__cdecl _guard_check_icall_fptr" __guard_check_icall_fptr
0x1800047C8: "__cdecl _imp_TerminateProcess" __imp_TerminateProcess
0x180004830: api-ms-win-core-sysinfo-l1-1-0_NULL_THUNK_DATA
0x180004940: "__cdecl _xi_a" __xi_a
0x180004828: "__cdecl _imp_GetTickCount" __imp_GetTickCount
0x180004DB0: "AdhStringBuild" ??_C@_0P@GDGPLOAP@AdhStringBuild?$AA@
0x180004878: api-ms-win-security-base-l1-1-0_NULL_THUNK_DATA
0x180002D90: AdhReportErrorAsWinError
0x180006000: WPP_GLOBAL_Control
0x180001208: "unsigned long __cdecl Int_AdhLocalRpcBindingCreate(void * __ptr64 * __ptr64)" ?Int_AdhLocalRpcBindingCreate@@YAKPEAPEAX@Z
0x180005528: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-processthreads-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-processthreads-l1-1-0
0x1800015D8: "unsigned long __cdecl Int_AdhCreateConnectionHandle(unsigned long,struct ADH_INTCLIENT_ENGINE_HANDLE_ * __ptr64)" ?Int_AdhCreateConnectionHandle@@YAKKPEAUADH_INTCLIENT_ENGINE_HANDLE_@@@Z
0x18000102C: WPP_SF_D
0x18000102C: WPP_SF_d
0x180006620: "__cdecl pRawDllMain" _pRawDllMain
0x1800054EC: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-heap-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-heap-l1-1-0
0x180003310: "__cdecl _security_check_cookie" __security_check_cookie
0x180004938: "__cdecl _xc_z" __xc_z
0x1800047E0: api-ms-win-core-processthreads-l1-1-0_NULL_THUNK_DATA
0x180002D24: AdhReportReturnError
0x180004820: "__cdecl _imp_GetSystemTimeAsFileTime" __imp_GetSystemTimeAsFileTime
0x1800048F8: "__cdecl _imp_EtwGetTraceEnableLevel" __imp_EtwGetTraceEnableLevel
0x180004888: api-ms-win-security-lsalookup-l1-1-0_NULL_THUNK_DATA
0x180004790: "__cdecl _imp_GetProcessHeap" __imp_GetProcessHeap
0x180004880: "__cdecl _imp_LookupAccountSidLocalW" __imp_LookupAccountSidLocalW
0x180002978: AdhFree
0x180004858: api-ms-win-core-threadpool-l1-2-0_NULL_THUNK_DATA
0x180004740: "__cdecl _imp_RpcBindingSetOption" __imp_RpcBindingSetOption
0x1800047F0: api-ms-win-core-profile-l1-1-0_NULL_THUNK_DATA
0x180004958: "__cdecl _guard_fids_table" __guard_fids_table
0x180004870: "__cdecl _imp_CreateWellKnownSid" __imp_CreateWellKnownSid
0x1800048C8: msvcrt_NULL_THUNK_DATA
0x1800045F0: "__cdecl load_config_used" _load_config_used
0x180002B0C: AdhStringBuild
0x1800065B0: "__cdecl _@@_PchSym_@00@KxulyqvxgPillgKxumvgUmvgrlUrksokhexUzwszievhgUzkrUxorvmgUlyquivUznwGEUkivxlnkOlyq@AdhApi" __@@_PchSym_@00@KxulyqvxgPillgKxumvgUmvgrlUrksokhexUzwszievhgUzkrUxorvmgUlyquivUznwGEUkivxlnkOlyq@AdhApi
0x180004728: "__cdecl _imp_Ndr64AsyncClientCall" __imp_Ndr64AsyncClientCall
0x180004748: "__cdecl _imp_RpcBindingFromStringBindingW" __imp_RpcBindingFromStringBindingW
0x1800048A0: "__cdecl _imp__amsg_exit" __imp__amsg_exit
0x1800047B0: "__cdecl _imp_DisableThreadLibraryCalls" __imp_DisableThreadLibraryCalls
0x1800048D0: "__cdecl _imp_RtlLookupFunctionEntry" __imp_RtlLookupFunctionEntry
0x1800047E8: "__cdecl _imp_QueryPerformanceCounter" __imp_QueryPerformanceCounter
0x1800048F0: "__cdecl _imp_EtwGetTraceEnableFlags" __imp_EtwGetTraceEnableFlags
0x180004720: "__cdecl _imp_RpcStringFreeW" __imp_RpcStringFreeW
0x1800048E0: "__cdecl _imp_RtlVirtualUnwind" __imp_RtlVirtualUnwind
0x180003530: "__cdecl guard_check_icall_nop" _guard_check_icall_nop
0x180005514: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-handle-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-handle-l1-1-0
0x180004868: api-ms-win-eventing-classicprovider-l1-1-0_NULL_THUNK_DATA
0x1800048B0: "__cdecl _imp__XcptFilter" __imp__XcptFilter
0x180004918: ntdll_NULL_THUNK_DATA
0x180001700: "unsigned long __cdecl AdhEngineOpen(void * __ptr64 * __ptr64)" ?AdhEngineOpen@@YAKPEAPEAX@Z
0x1800054D8: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-synch-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-synch-l1-1-0
0x180006018: "__cdecl _security_cookie" __security_cookie
0x180004780: "__cdecl _imp_CloseHandle" __imp_CloseHandle
0x180002480: "unsigned long __cdecl AdhGetConfig(void * __ptr64,enum ADH_CONFIG_,void * __ptr64,unsigned long * __ptr64)" ?AdhGetConfig@@YAKPEAXW4ADH_CONFIG_@@0PEAK@Z
0x1800054B0: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-errorhandling-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-errorhandling-l1-1-0
0x180006600: "__cdecl _onexitbegin" __onexitbegin
0x180004758: "__cdecl _imp_SetUnhandledExceptionFilter" __imp_SetUnhandledExceptionFilter
0x180003444: "__cdecl _security_init_cookie" __security_init_cookie
0x18000544C: "__cdecl _IMPORT_DESCRIPTOR_msvcrt" __IMPORT_DESCRIPTOR_msvcrt
0x180004D80: WPP_ThisDir_CTLGUID_AdhApi
0x180004890: "__cdecl _imp_malloc" __imp_malloc
0x180005474: "__cdecl _IMPORT_DESCRIPTOR_RPCRT4" __IMPORT_DESCRIPTOR_RPCRT4
0x180004750: RPCRT4_NULL_THUNK_DATA
0x180003580: "__cdecl _report_gsfailure" __report_gsfailure
0x180004718: "__cdecl _imp_RpcAsyncInitializeHandle" __imp_RpcAsyncInitializeHandle
0x180006610: "__cdecl _native_startup_state" __native_startup_state
0x18000294C: AdhAlloc
0x1800016A0: "void __cdecl Int_AdhCleanupClientConnectionHandle(struct ADH_INTCLIENT_ENGINE_HANDLE_ * __ptr64)" ?Int_AdhCleanupClientConnectionHandle@@YAXPEAUADH_INTCLIENT_ENGINE_HANDLE_@@@Z
0x180002220: "unsigned long __cdecl AdhStatusEventUnsubscribe(void * __ptr64,void * __ptr64)" ?AdhStatusEventUnsubscribe@@YAKPEAX0@Z
0x180004D70: WPP_a781acc870c1312aebf805578b8b8566_Traceguids
0x180004710: "__cdecl _imp_NdrClientCall3" __imp_NdrClientCall3
0x180005564: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-profile-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-profile-l1-1-0
0x180002A1C: WPP_SF_sD
0x1800048A8: "__cdecl _imp_free" __imp_free
0x1800033B0: "__cdecl IsNonwritableInCurrentImage" _IsNonwritableInCurrentImage
0x180004818: api-ms-win-core-synch-l1-2-0_NULL_THUNK_DATA
0x180004700: "__cdecl _imp_RpcBindingSetAuthInfoExW" __imp_RpcBindingSetAuthInfoExW
0x1800054C4: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-threadpool-l1-2-0" __IMPORT_DESCRIPTOR_api-ms-win-core-threadpool-l1-2-0
0x180004808: api-ms-win-core-synch-l1-1-0_NULL_THUNK_DATA
0x180005550: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-synch-l1-2-0" __IMPORT_DESCRIPTOR_api-ms-win-core-synch-l1-2-0
0x1800029A8: WPP_SF_S
0x18000378D: memset
0x18000558C: "__cdecl _NULL_IMPORT_DESCRIPTOR" __NULL_IMPORT_DESCRIPTOR

[JEB Decompiler by PNF Software]