¿Para qué sirve la dll ttdrecordcpu.dll?
Time Travel Debugging CPU Recorder RuntimeDependencias de la dll ttdrecordcpu.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\ttdrecordcpu.dll
File Type: DLL
Image has the following dependencies:
api-ms-win-core-libraryloader-l1-1-0.dll
api-ms-win-core-profile-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-sysinfo-l1-1-0.dll
ntdll.dll
Summary
94000 .data
5000 .pdata
86000 .rdata
A000 .reloc
1000 .rsrc
AF000 .text
Funciones que tiene la dll ttdrecordcpu.dll
1 0 000417D0 ClearClientTlsValueForThreadId
2 1 00041D40 FlushCodeCaches
3 2 00041800 GetClientTlsValueForCurrentThread
4 3 00041A90 GetInstructionCounts
5 4 00041D60 GetRegisterOffsets
6 5 00041DA0 InitializeEmulateOnlyClient
7 6 00041630 InitializeGlobalState
8 7 0008F430 InitializeNirvanaClient
9 8 00092990 InitializeRecorder
10 9 000415D0 InitializeSmartCpuClient
11 A 000A17D0 InjectThread
12 B 00041A40 IsEmulatingCurrentThread
13 C 000A0E85 IsSimulating
14 D 000927D0 OpenWriter
15 E 00174E38 ParametersBlock
16 F 00042000 RegisterInstrumentationCallbacks
17 10 00042130 RegisterRecordCallbacks
18 11 00042560 RequestUnhookedFunctions
19 12 00041B10 ResetMaxInstructionsToEmulate
20 13 00041B80 ResumeSimulation
21 14 00041760 RunCallbackWithSmartContextForCurrentThread
22 15 00041CE0 SetRuntimeOptions
23 16 00041680 SetThreadNative
24 17 000419C0 StartEmulatingCurrentThread
25 18 00041A00 StopEmulatingCurrentThread
26 19 000A1820 StubDllEntry
27 1A 000A0E80 TryPauseSimulation
28 1B 00092B30 TtdWriterAddCustomEvent
29 1C 00092B20 TtdWriterDumpHeaps
30 1D 00092B10 TtdWriterDumpModuleData
31 1E 00092B00 TtdWriterDumpSnapshot
32 1F 00092AF0 TtdWriterGetFileName
33 20 00092B80 TtdWriterGetState
34 21 00092B50 TtdWriterGetThrottleState
35 22 00092AE0 TtdWriterRelease
36 23 00092750 TtdWriterResetThrottle
37 24 00092770 TtdWriterResumeRecording
38 25 00092B40 TtdWriterStartRecordingCurrentThread
39 26 000926F0 TtdWriterStopRecordingCurrentThread
40 27 00092760 TtdWriterTryPauseRecording
41 28 00154720 g_ttdConstants
42 29 00174E30 ntdllLdrInitializeThunk
Información avanzada sobre funciones que tiene la dll ttdrecordcpu.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\ttdrecordcpu.dll
File Type: DLL
Section contains the following exports for TTDRecordCPU.dll
00000000 characteristics
2E2C9591 time date stamp
0.00 version
1 ordinal base
42 number of functions
42 number of names
ordinal hint RVA name
1 0 000417D0 ClearClientTlsValueForThreadId
2 1 00041D40 FlushCodeCaches
3 2 00041800 GetClientTlsValueForCurrentThread
4 3 00041A90 GetInstructionCounts
5 4 00041D60 GetRegisterOffsets
6 5 00041DA0 InitializeEmulateOnlyClient
7 6 00041630 InitializeGlobalState
8 7 0008F430 InitializeNirvanaClient
9 8 00092990 InitializeRecorder
10 9 000415D0 InitializeSmartCpuClient
11 A 000A17D0 InjectThread
12 B 00041A40 IsEmulatingCurrentThread
13 C 000A0E85 IsSimulating
14 D 000927D0 OpenWriter
15 E 00174E38 ParametersBlock
16 F 00042000 RegisterInstrumentationCallbacks
17 10 00042130 RegisterRecordCallbacks
18 11 00042560 RequestUnhookedFunctions
19 12 00041B10 ResetMaxInstructionsToEmulate
20 13 00041B80 ResumeSimulation
21 14 00041760 RunCallbackWithSmartContextForCurrentThread
22 15 00041CE0 SetRuntimeOptions
23 16 00041680 SetThreadNative
24 17 000419C0 StartEmulatingCurrentThread
25 18 00041A00 StopEmulatingCurrentThread
26 19 000A1820 StubDllEntry
27 1A 000A0E80 TryPauseSimulation
28 1B 00092B30 TtdWriterAddCustomEvent
29 1C 00092B20 TtdWriterDumpHeaps
30 1D 00092B10 TtdWriterDumpModuleData
31 1E 00092B00 TtdWriterDumpSnapshot
32 1F 00092AF0 TtdWriterGetFileName
33 20 00092B80 TtdWriterGetState
34 21 00092B50 TtdWriterGetThrottleState
35 22 00092AE0 TtdWriterRelease
36 23 00092750 TtdWriterResetThrottle
37 24 00092770 TtdWriterResumeRecording
38 25 00092B40 TtdWriterStartRecordingCurrentThread
39 26 000926F0 TtdWriterStopRecordingCurrentThread
40 27 00092760 TtdWriterTryPauseRecording
41 28 00154720 g_ttdConstants
42 29 00174E30 ntdllLdrInitializeThunk
Summary
94000 .data
5000 .pdata
86000 .rdata
A000 .reloc
1000 .rsrc
AF000 .text
Integridad de la dll ttdrecordcpu.dll
Algorithm Hash Path
--------- ---- ----
SHA256 05A337953DCC15069D1F3B0879E15A350AC763FA98458217347A49D7DFB79B32 C:\Windows\System32\ttdrecordcpu.dll
Detalles sobre el fichero dll ttdrecordcpu.dll
PSPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32\ttdrecordcpu.dll
PSParentPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32
PSChildName : ttdrecordcpu.dll
PSDrive : C
PSProvider : Microsoft.PowerShell.Core\FileSystem
PSIsContainer : False
Mode : -a----
VersionInfo : File: C:\Windows\System32\ttdrecordcpu.dll
InternalName: TTDRecordCPU.DLL
OriginalFilename: TTDRecordCPU.DLL
FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
FileDescription: Time Travel Debugging CPU Recorder Runtime
Product: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.1
Debug: False
Patched: False
PreRelease: False
PrivateBuild: False
SpecialBuild: False
Language: Inglés (Estados Unidos)
BaseName : ttdrecordcpu
Target : {C:\Windows\WinSxS\amd64_microsoft-windows-t..eldebugger-recorder_31bf3856ad364e35_10.0.19041.1_none_1a55178fad503598\ttdrecordcpu
.dll}
LinkType : HardLink
Name : ttdrecordcpu.dll
Length : 1597008
DirectoryName : C:\Windows\System32
Directory : C:\Windows\System32
IsReadOnly : False
Exists : True
FullName : C:\Windows\System32\ttdrecordcpu.dll
Extension : .dll
CreationTime : 07/12/2019 10:08:33
CreationTimeUtc : 07/12/2019 9:08:33
LastAccessTime : 03/12/2020 15:56:54
LastAccessTimeUtc : 03/12/2020 14:56:54
LastWriteTime : 07/12/2019 10:08:33
LastWriteTimeUtc : 07/12/2019 9:08:33
Attributes : Archive
Procesos que utilizan la dll ttdrecordcpu.dll