C:\krview>Kernrate_i386_XP -a -z ntoskrnl ---> Profiling both Kernel and User Modes /==============================\ < KERNRATE LOG > \==============================/ Date: 2025/02/12 Time: 21:34:20 Machine Name: NOT AVAILABLE Number of Processors: 1 PROCESSOR_ARCHITECTURE: x86 PROCESSOR_LEVEL: 6 PROCESSOR_REVISION: 0702 Physical Memory: 384 MB Pagefile Total: 922 MB Virtual Total: 2047 MB PageFile1: \??\C:\pagefile.sys, 576MB OS Version: 5.1 Build 2600 Service-Pack: 3.0 WinDir: C:\WINDOWS Kernrate User-Specified Command Line: Kernrate_i386_XP -a -z ntoskrnl Kernel Profile (PID = 0): Source=, Time, Tried Using Kernrate Default Rate of 25000 events/hit, Actual Rate= 19531 events /hit CallBack: Finished Attempt to Load symbols for 804d7000 \WINDOWS\system32\ntoskr nl.exe Starting to collect profile data ***> Press ctrl-c to finish collecting profile data ===> Finished Collecting Data, Starting to Process Results ------------Overall Summary:-------------- P0 K 0:00:15.602 (86.9%) U 0:00:02.343 (13.1%) I 0:00:00.000 ( 0.0%) DPC 0:00:00.060 ( 0.3%) Interrupt 0:00:00.170 ( 0.9%) Interrupts= 12140, Interrupt Rate= 676/sec. Total Profile Time = 17945 msec BytesStart BytesStop Byt esDiff. Available Physical Memory , 270934016, 268906496, -2027 520 Available Pagefile(s) , 863567872, 862175232, -1392 640 Available Virtual , 2132779008, 2130571264, -2207 744 Available Extended Virtual , 0, 0, 0 Total Avg. Rate Context Switches , 2669, 149/sec. System Calls , 70861, 3949/sec. Page Faults , 65, 4/sec. I/O Read Operations , 2, 0/sec. I/O Write Operations , 0, 0/sec. I/O Other Operations , 5, 0/sec. I/O Read Bytes , 24, 12/ I/O I/O Write Bytes , 0, 0/ I/O I/O Other Bytes , 32, 6/ I/O ----------------------------- Results for Kernel Mode: ----------------------------- OutputResults: KernelModuleCount = 95 Percentage in the following table is based on the Total Hits for the Kernel Time 7989 hits, 19531 events per hit -------- Module Hits msec %Total Events/Sec nv4_disp 7272 17935 91 % 7919120 ntoskrnl 391 17945 4 % 425557 win32k 200 17935 2 % 217797 hal 59 17945 0 % 64214 nv4_mini 44 17945 0 % 47888 watchdog 15 17935 0 % 16334 VIDEOPRT 3 17945 0 % 3265 rdbss 2 17935 0 % 2177 tcpip 2 17935 0 % 2177 pci 1 17945 0 % 1088 ===> Processing Zoomed Module ntoskrnl.exe... ----- Zoomed module ntoskrnl.exe (Bucket size = 16 bytes, Rounding Down) ------- - Percentage in the following table is based on the Total Hits for this Zoom Modul e Time 391 hits, 19531 events per hit -------- Module Hits msec %Total Events/Sec RtlInsertElementGenericTableAvl 59 17945 12 % 64214 ZwYieldExecution 47 17945 9 % 51153 SeQuerySecurityDescriptorInfo 40 17945 8 % 43535 ExReleaseResourceLite 36 17945 7 % 39181 KeSaveFloatingPointState 24 17945 4 % 26121 ExFreePoolWithTag 22 17945 4 % 23944 KiDispatchInterrupt 22 17945 4 % 23944 ExAllocatePoolWithTag 17 17945 3 % 18502 KeRestoreFloatingPointState 15 17945 3 % 16325 MmSecureVirtualMemory 14 17945 2 % 15237 ExAcquireResourceExclusiveLite 13 17945 2 % 14148 ObOpenObjectByName 11 17945 2 % 11972 PsGetProcessWin32Process 11 17945 2 % 11972 MmUnsecureVirtualMemory 10 17945 2 % 10883 KeLeaveCriticalRegion 9 17945 1 % 9795 InterlockedPopEntrySList 9 17945 1 % 9795 KeQueryInterruptTime 8 17945 1 % 8707 KeEnterCriticalRegion 8 17945 1 % 8707 ExInterlockedPushEntrySList 8 17945 1 % 8707 NtQueryInformationToken 6 17945 1 % 6530 InterlockedDecrement 6 17945 1 % 6530 FsRtlGetNextLargeMcbEntry 5 17945 1 % 5441 PsIsThreadTerminating 5 17945 1 % 5441 PsGetCurrentProcessId 5 17945 1 % 5441 CIsqrt 5 17945 1 % 5441 InterlockedIncrement 4 17945 0 % 4353 KeGetCurrentThread 4 17945 0 % 4353 Kii386SpinOnSpinLock 4 17945 0 % 4353 KeReleaseInStackQueuedSpinLockFromDpcLevel 4 17945 0 % 4353 READ_REGISTER_ULONG 4 17945 0 % 4353 READ_REGISTER_USHORT 4 17945 0 % 4353 KeCancelTimer 3 17945 0 % 3265 PsGetCurrentThread 3 17945 0 % 3265 KeQueryTimeIncrement 3 17945 0 % 3265 KeInsertByKeyDeviceQueue 3 17945 0 % 3265 ExfInterlockedCompareExchange64 3 17945 0 % 3265 ExAcquireFastMutexUnsafe 3 17945 0 % 3265 RtlConvertUlongToLargeInteger 3 17945 0 % 3265 wcstombs 2 17945 0 % 2176 IoCsqRemoveNextIrp 2 17945 0 % 2176 DbgBreakPointWithStatus 2 17945 0 % 2176 InterlockedCompareExchange 2 17945 0 % 2176 MmUnmapViewInSystemSpace 1 17945 0 % 1088 RtlGetFirstRange 1 17945 0 % 1088 RtlUnicodeStringToInteger 1 17945 0 % 1088 RtlCompareUnicodeString 1 17945 0 % 1088 NtSetInformationProcess 1 17945 0 % 1088 NtFreeVirtualMemory 1 17945 0 % 1088 ObCreateObject 1 17945 0 % 1088 NtCreateSection 1 17945 0 % 1088 ObReferenceObjectByHandle 1 17945 0 % 1088 SeLockSubjectContext 1 17945 0 % 1088 SeDeleteAccessState 1 17945 0 % 1088 RtlEqualUnicodeString 1 17945 0 % 1088 ExWindowStationObjectType 1 17945 0 % 1088 InbvCheckDisplayOwnership 1 17945 0 % 1088 IoBuildDeviceIoControlRequest 1 17945 0 % 1088 strnicmp 1 17945 0 % 1088 KeSetKernelStackSwapEnable 1 17945 0 % 1088 IoSetThreadHardErrorMode 1 17945 0 % 1088 KeInsertQueueDpc 1 17945 0 % 1088 ExInterlockedFlushSList 1 17945 0 % 1088 aulldiv 1 17945 0 % 1088 allshr 1 17945 0 % 1088 ExAcquireResourceSharedLite 1 17945 0 % 1088 ================================= END OF RUN ================================== ============================== NORMAL END OF RUN ============================== C:\krview>