PDB Symbols - perfproc.dll (0xE369F1689C0B3F54426D14747041425BE205685844A5AE12C5E32F5D73F0FD87)

Generated by JEB on 2019/08/01

PE: C:\Windows\System32\perfproc.dll Base=0x180000000 SHA-256=E369F1689C0B3F54426D14747041425BE205685844A5AE12C5E32F5D73F0FD87
PDB: perfproc.pdb GUID={4FC22BFA-4EC6-F1FE-EA8FC41A0D39A148} Age=1

239 located named symbols:
0x180007444: "-1" ??_C@_15LNJINHHA@?$AA?9?$AA1?$AA?$AA@
0x180005B60: "__cdecl _raise_securityfailure" __raise_securityfailure
0x180005E30: "__cdecl FindPESection" _FindPESection
0x180009D40: ThreadDetailsDataDefinition
0x180007200: "__cdecl _imp_CompareStringOrdinal" __imp_CompareStringOrdinal
0x180007E20: "__cdecl _IMPORT_DESCRIPTOR_ntdll" __IMPORT_DESCRIPTOR_ntdll
0x180007308: "__cdecl _imp_NtQueryDirectoryObject" __imp_NtQueryDirectoryObject
0x180001520: CollectImageObjectData
0x180007240: "__cdecl _imp_IsWow64Process" __imp_IsWow64Process
0x180009100: "__cdecl _security_cookie_complement" __security_cookie_complement
0x180007330: "__cdecl _imp_NtOpenProcess" __imp_NtOpenProcess
0x180007320: "__cdecl _imp_NtReadVirtualMemory" __imp_NtReadVirtualMemory
0x18000AA9C: PerfSprc_dwProcessNameFormat
0x18000564C: "__cdecl CRT_INIT" _CRT_INIT
0x180007198: "__cdecl _imp_GetCurrentThreadId" __imp_GetCurrentThreadId
0x180007270: api-ms-win-eventlog-legacy-l1-1-0_NULL_THUNK_DATA
0x180007358: "__cdecl _imp_RtlInitUnicodeString" __imp_RtlInitUnicodeString
0x180006160: "__cdecl guard_dispatch_icall_nop" _guard_dispatch_icall_nop
0x1800019E0: CollectThreadDetailsObjectData
0x1800076C0: "SOFTWARE\Microsoft\Windows NT\Cu" ??_C@_1GK@EDCNPJHK@?$AAS?$AAO?$AAF?$AAT?$AAW?$AAA?$AAR?$AAE?$AA?2?$AAM?$AAi?$AAc?$AAr?$AAo?$AAs?$AAo?$AAf?$AAt?$AA?2?$AAW?$AAi?$AAn?$AAd?$AAo?$AAw?$AAs?$AA?5?$AAN?$AAT?$AA?2?$AAC?$AAu@
0x180005440: IsNumberInUnicodeList
0x1800020B4: PerfProcGlobalSettings
0x180007630: "\Registry\Machine\SOFTWARE\Micro" ??_C@_1IO@CBBKAEAH@?$AA?2?$AAR?$AAe?$AAg?$AAi?$AAs?$AAt?$AAr?$AAy?$AA?2?$AAM?$AAa?$AAc?$AAh?$AAi?$AAn?$AAe?$AA?2?$AAS?$AAO?$AAF?$AAT?$AAW?$AAA?$AAR?$AAE?$AA?2?$AAM?$AAi?$AAc?$AAr?$AAo@
0x1800073B0: "__cdecl _guard_dispatch_icall_fptr" __guard_dispatch_icall_fptr
0x180007750: COSTLY_STRING
0x180001320: BuildImageObject
0x180009110: ExProcessDataDefinition
0x1800025D0: OpenSysProcessObject
0x18000B0A0: MESSAGE_LEVEL
0x180005E15: "__cdecl XcptFilter" _XcptFilter
0x1800073B8: "__cdecl _xc_a" __xc_a
0x180007490: szDisplayHeapPerfObject
0x180007770: GLOBAL_STRING
0x180007EAC: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-job-l2-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-job-l2-1-0
0x18000AA98: PerfSprc_dwThreadNameFormat
0x180007168: api-ms-win-core-heap-l1-1-0_NULL_THUNK_DATA
0x18000B088: bInitOk
0x180004E00: CollectHeapObjectData
0x1800072C0: "__cdecl _imp_wcsncmp" __imp_wcsncmp
0x180007310: "__cdecl _imp_NtOpenJobObject" __imp_NtOpenJobObject
0x18000612C: memcpy
0x180002290: GetProcessShortName
0x1800072D0: "__cdecl _imp_memset" __imp_memset
0x180005FEF: "__cdecl initterm" _initterm
0x180007E84: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-sysinfo-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-sysinfo-l1-1-0
0x18000B0C8: "__cdecl _dyn_tls_init_callback" __dyn_tls_init_callback
0x18000A620: JobDetailsDataDefinition
0x180007210: "__cdecl _imp_Sleep" __imp_Sleep
0x1800073D8: "__cdecl _xi_z" __xi_z
0x180007130: "__cdecl _imp_UnhandledExceptionFilter" __imp_UnhandledExceptionFilter
0x180005B54: "__cdecl _C_specific_handler" __C_specific_handler
0x180002610: CollectSysProcessObjectData
0x180007F4C: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-eventlog-legacy-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-eventlog-legacy-l1-1-0
0x180006138: memmove
0x180009FD0: HeapDataDefinition
0x180007160: "__cdecl _imp_HeapFree" __imp_HeapFree
0x180007328: "__cdecl _imp_RtlCopyUnicodeString" __imp_RtlCopyUnicodeString
0x180005234: MonOpenEventLog
0x180007148: api-ms-win-core-handle-l1-1-0_NULL_THUNK_DATA
0x1800071F0: "__cdecl _imp_RegCloseKey" __imp_RegCloseKey
0x18000603C: "__cdecl _GSHandlerCheckCommon" __GSHandlerCheckCommon
0x18000B070: pusLocalProcessNameBuffer
0x180007578: szThreadNameFormat
0x180007208: api-ms-win-core-string-l1-1-0_NULL_THUNK_DATA
0x18000B050: pProcessVaInfo
0x180007EE8: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-security-base-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-security-base-l1-1-0
0x180005E21: "__cdecl amsg_exit" _amsg_exit
0x18000506C: GetPerflibKeyValue
0x180007340: "__cdecl _imp_NtQueryVirtualMemory" __imp_NtQueryVirtualMemory
0x1800074C0: SYSTEM_PROCESS
0x18000B060: pProcessBuffer
0x180007730: "EventLogLevel" ??_C@_1BM@EKOKKIAI@?$AAE?$AAv?$AAe?$AAn?$AAt?$AAL?$AAo?$AAg?$AAL?$AAe?$AAv?$AAe?$AAl?$AA?$AA@
0x1800071F8: api-ms-win-core-registry-l1-1-0_NULL_THUNK_DATA
0x180007138: api-ms-win-core-errorhandling-l1-1-0_NULL_THUNK_DATA
0x18000B098: bOpenJobErrorLogged
0x180007220: "__cdecl _imp_GetSystemInfo" __imp_GetSystemInfo
0x180007190: "__cdecl _imp_GetCurrentProcess" __imp_GetCurrentProcess
0x180009DB0: ThreadDataDefinition
0x18000B0B8: "__cdecl _native_startup_lock" __native_startup_lock
0x180002B24: DllMain
0x1800072F8: "__cdecl _imp_RtlInt64ToUnicodeString" __imp_RtlInt64ToUnicodeString
0x180007760: FOREIGN_STRING
0x18000AAA4: dwBufferSize
0x1800060A0: "__cdecl _GSHandlerCheck_SEH" __GSHandlerCheck_SEH
0x180007E5C: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-string-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-string-l1-1-0
0x1800075A0: IDLE_PROCESS
0x1800072C8: "__cdecl _imp___C_specific_handler" __imp___C_specific_handler
0x1800072E8: "__cdecl _imp_RtlCaptureContext" __imp_RtlCaptureContext
0x180007188: api-ms-win-core-libraryloader-l1-2-0_NULL_THUNK_DATA
0x180007120: "__cdecl _imp_GetLastError" __imp_GetLastError
0x1800090F0: "__cdecl _native_dllmain_reason" __native_dllmain_reason
0x180006018: "__cdecl _GSHandlerCheck" __GSHandlerCheck
0x180009000: posDataFuncInfo
0x180007170: "__cdecl _imp_QueryInformationJobObject" __imp_QueryInformationJobObject
0x1800071B0: "__cdecl _imp_GetCurrentProcessId" __imp_GetCurrentProcessId
0x180005EE0: "__cdecl ValidateImageBase" _ValidateImageBase
0x180002900: CloseSysProcessObject
0x1800075F8: szTotalValue
0x1800090D8: DirectoryName
0x180007E70: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-libraryloader-l1-2-0" __IMPORT_DESCRIPTOR_api-ms-win-core-libraryloader-l1-2-0
0x18000B100: wEvtStringCount
0x180003500: CollectJobObjectData
0x180007158: "__cdecl _imp_HeapAlloc" __imp_HeapAlloc
0x1800071C0: "__cdecl _imp_OpenProcess" __imp_OpenProcess
0x180005890: "__cdecl DllMainCRTStartup" _DllMainCRTStartup
0x1800072A8: "__cdecl _imp__initterm" __imp__initterm
0x180005538: MonBuildInstanceDefinition
0x180007128: "__cdecl _imp_SetLastError" __imp_SetLastError
0x1800075D0: szObjDirName
0x1800024E0: GetSystemProcessData
0x180007F10: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-registry-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-registry-l1-1-0
0x18000AAA0: ProcessBufSize
0x18000B108: dwModuleCount
0x180007378: "__cdecl _imp_RtlIntegerToUnicodeString" __imp_RtlIntegerToUnicodeString
0x18000B0A8: "__cdecl _onexitend" __onexitend
0x180007278: "__cdecl _imp_AdjustTokenPrivileges" __imp_AdjustTokenPrivileges
0x1800073A8: "__cdecl _guard_check_icall_fptr" __guard_check_icall_fptr
0x1800071A0: "__cdecl _imp_TerminateProcess" __imp_TerminateProcess
0x18000B104: dwProcessCount
0x180007368: "__cdecl _imp_RtlAppendUnicodeToString" __imp_RtlAppendUnicodeToString
0x1800075C0: szJob
0x180007258: "__cdecl _imp_RegisterEventSourceW" __imp_RegisterEventSourceW
0x180007350: "__cdecl _imp_RtlNtStatusToDosError" __imp_RtlNtStatusToDosError
0x180007390: "__cdecl _imp_NtOpenThread" __imp_NtOpenThread
0x180007238: api-ms-win-core-sysinfo-l1-1-0_NULL_THUNK_DATA
0x1800073C8: "__cdecl _xi_a" __xi_a
0x1800071C8: api-ms-win-core-processthreads-l1-1-1_NULL_THUNK_DATA
0x180007228: "__cdecl _imp_GetTickCount" __imp_GetTickCount
0x18000B058: wszTotal
0x180007620: szDefaultTotalString
0x180009720: ImageDataDefinition
0x180007280: api-ms-win-security-base-l1-1-0_NULL_THUNK_DATA
0x1800072F0: "__cdecl _imp_RtlQueryHeapInformation" __imp_RtlQueryHeapInformation
0x180007440: "" ??_C@_11LOCGONAA@?$AA?$AA@
0x180007EC0: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-processthreads-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-processthreads-l1-1-0
0x180007ED4: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-processthreads-l1-1-1" __IMPORT_DESCRIPTOR_api-ms-win-core-processthreads-l1-1-1
0x180005D18: "__cdecl _report_rangecheckfailure" __report_rangecheckfailure
0x18000B0D0: "__cdecl pRawDllMain" _pRawDllMain
0x18000B068: PerfTime
0x180002970: PerfIntegerToWString
0x180007E34: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-heap-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-heap-l1-1-0
0x180007348: "__cdecl _imp_NtQueryValueKey" __imp_NtQueryValueKey
0x180005B30: "__cdecl _security_check_cookie" __security_check_cookie
0x1800073C0: "__cdecl _xc_z" __xc_z
0x1800071B8: api-ms-win-core-processthreads-l1-1-0_NULL_THUNK_DATA
0x180007468: szProcessNameFormat
0x18000B078: PerfSprc_DisplayHeapPerfObject
0x180004D48: SetPrivilege
0x180007230: "__cdecl _imp_GetSystemTimeAsFileTime" __imp_GetSystemTimeAsFileTime
0x180001010: CollectExProcessObjectData
0x180007260: "__cdecl _imp_ReportEventW" __imp_ReportEventW
0x1800074E0: szPerfProcSubKey
0x180007150: "__cdecl _imp_GetProcessHeap" __imp_GetProcessHeap
0x1800031B4: GetModuleVaData
0x180002BCC: GetSystemVaData
0x1800071D8: api-ms-win-core-profile-l1-1-0_NULL_THUNK_DATA
0x180001530: CollectLongImageObjectData
0x1800073E0: "__cdecl _guard_fids_table" __guard_fids_table
0x1800072D8: msvcrt_NULL_THUNK_DATA
0x180007010: "__cdecl load_config_used" _load_config_used
0x180005394: GetQueryType
0x1800098A0: ProcessDataDefinition
0x1800072B0: "__cdecl _imp__amsg_exit" __imp__amsg_exit
0x180007178: api-ms-win-core-job-l2-1-0_NULL_THUNK_DATA
0x180007398: "__cdecl _imp_NtQueryInformationProcess" __imp_NtQueryInformationProcess
0x180007180: "__cdecl _imp_DisableThreadLibraryCalls" __imp_DisableThreadLibraryCalls
0x180007380: "__cdecl _imp_NtClose" __imp_NtClose
0x180007450: "PerfProc" ??_C@_1BC@EOMAHJM@?$AAP?$AAe?$AAr?$AAf?$AAP?$AAr?$AAo?$AAc?$AA?$AA@
0x1800072E0: "__cdecl _imp_RtlLookupFunctionEntry" __imp_RtlLookupFunctionEntry
0x1800071D0: "__cdecl _imp_QueryPerformanceCounter" __imp_QueryPerformanceCounter
0x180007250: "__cdecl _imp_DeregisterEventSource" __imp_DeregisterEventSource
0x180002C78: GetProcessVaData
0x180007338: "__cdecl _imp_RtlVirtualUnwind" __imp_RtlVirtualUnwind
0x180006000: "__cdecl guard_check_icall_nop" _guard_check_icall_nop
0x18000B080: hEventLog
0x180007300: "__cdecl _imp_NtQueryObject" __imp_NtQueryObject
0x18000A3D0: JobDataDefinition
0x180007E98: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-handle-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-handle-l1-1-0
0x180003DA0: CollectJobDetailData
0x180007248: api-ms-win-core-wow64-l1-1-0_NULL_THUNK_DATA
0x180001CD0: CollectThreadObjectData
0x1800074D0: PerfpIntegerWChars
0x1800072B8: "__cdecl _imp__XcptFilter" __imp__XcptFilter
0x1800073A0: ntdll_NULL_THUNK_DATA
0x1800072A0: "__cdecl _imp_memcpy" __imp_memcpy
0x18000B0A4: dwLogUsers
0x180007EFC: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-wow64-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-wow64-l1-1-0
0x180007318: "__cdecl _imp_NtOpenDirectoryObject" __imp_NtOpenDirectoryObject
0x1800090F8: "__cdecl _security_cookie" __security_cookie
0x1800071E0: "__cdecl _imp_RegQueryValueExW" __imp_RegQueryValueExW
0x180007140: "__cdecl _imp_CloseHandle" __imp_CloseHandle
0x180007E48: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-errorhandling-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-errorhandling-l1-1-0
0x18000B0B0: "__cdecl _onexitbegin" __onexitbegin
0x18000B08C: dwOpenCount
0x180007118: "__cdecl _imp_SetUnhandledExceptionFilter" __imp_SetUnhandledExceptionFilter
0x180002A3C: DllProcessAttach
0x1800071E8: "__cdecl _imp_RegOpenKeyExW" __imp_RegOpenKeyExW
0x180005F14: "__cdecl _security_init_cookie" __security_init_cookie
0x180007370: "__cdecl _imp_NtQuerySystemInformation" __imp_NtQuerySystemInformation
0x18000B090: hLibHeap
0x180007E0C: "__cdecl _IMPORT_DESCRIPTOR_msvcrt" __IMPORT_DESCRIPTOR_msvcrt
0x180007288: "__cdecl _imp_memmove" __imp_memmove
0x180007360: "__cdecl _imp_NtOpenKey" __imp_NtOpenKey
0x180007290: "__cdecl _imp_malloc" __imp_malloc
0x180001550: CollectProcessObjectData
0x180005BA0: "__cdecl _report_gsfailure" __report_gsfailure
0x180004B20: WalkCallbackRoutine
0x18000B0C0: "__cdecl _native_startup_state" __native_startup_state
0x1800075B0: szExe
0x180007388: "__cdecl _imp_NtGetContextThread" __imp_NtGetContextThread
0x180007F38: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-profile-l1-1-0" __IMPORT_DESCRIPTOR_api-ms-win-core-profile-l1-1-0
0x180007298: "__cdecl _imp_free" __imp_free
0x180005E80: "__cdecl IsNonwritableInCurrentImage" _IsNonwritableInCurrentImage
0x180007218: api-ms-win-core-synch-l1-2-0_NULL_THUNK_DATA
0x1800071A8: "__cdecl _imp_OpenProcessToken" __imp_OpenProcessToken
0x180007268: "__cdecl _imp_ReportEventA" __imp_ReportEventA
0x180007F24: "__cdecl _IMPORT_DESCRIPTOR_api-ms-win-core-synch-l1-2-0" __IMPORT_DESCRIPTOR_api-ms-win-core-synch-l1-2-0
0x18000B0E0: szEvtStringArray
0x180006144: memset
0x180007F60: "__cdecl _NULL_IMPORT_DESCRIPTOR" __NULL_IMPORT_DESCRIPTOR

[JEB Decompiler by PNF Software]