thomas850 | 19.02.2015 07:43 | Gmer. Teil2 Code:
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3320] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077087e57 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3320] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000770d1380 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3320] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000770d1500 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3320] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000770d1530 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3320] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000770d1650 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3320] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000770d1700 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3320] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000770d1d30 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3320] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000770d1f80 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3320] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000770d27e0 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3320] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 0000000072b813cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3320] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 0000000072b8146b 8 bytes {JMP 0xffffffffffffffb0}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3320] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 0000000072b816d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3320] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 0000000072b819db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3320] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 0000000072b819fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3320] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000072b81a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077081398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007708143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077081594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007708191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077081bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077081d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077081edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077081fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000770827b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000770827d2 8 bytes {JMP 0x10}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007708282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077082898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077082d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077082d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007708323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000770833c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077083a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077083ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077083b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077084190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077084241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000770842b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 3
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000770843f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077084434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 408 00000000770845d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 657 00000000770846d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077084a9c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077084b63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077084c57 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077084d76 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077084ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077084ef3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 00000000770850f5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 00000000770852f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 00000000770853f7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 00000000770855e4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000770864d6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 000000007708668e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007708687c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000770868bd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000770868d4 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007708692c 8 bytes [60, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077087166 8 bytes [40, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077087dd1 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077087e57 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000770d1380 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000770d1500 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000770d1530 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000770d1650 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000770d1700 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000770d1d30 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000770d1f80 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000770d27e0 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 0000000072b813cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 0000000072b8146b 8 bytes {JMP 0xffffffffffffffb0}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 0000000072b816d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 0000000072b819db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 0000000072b819fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7952] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000072b81a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077081398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007708143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077081594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007708191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077081bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077081d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077081edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077081fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000770827b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000770827d2 8 bytes {JMP 0x10}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007708282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077082898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077082d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077082d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007708323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000770833c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077083a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077083ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077083b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077084190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077084241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000770842b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 3
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000770843f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077084434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 408 00000000770845d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 657 00000000770846d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077084a9c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077084b63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077084c57 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077084d76 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077084ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077084ef3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 00000000770850f5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 00000000770852f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 00000000770853f7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 00000000770855e4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000770864d6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 000000007708668e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007708687c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000770868bd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000770868d4 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007708692c 8 bytes [60, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077087166 8 bytes [40, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077087dd1 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077087e57 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000770d1380 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000770d1500 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000770d1530 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000770d1650 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000770d1700 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000770d1d30 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000770d1f80 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000770d27e0 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 0000000072b813cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 0000000072b8146b 8 bytes {JMP 0xffffffffffffffb0}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 0000000072b816d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 0000000072b819db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 0000000072b819fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7540] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000072b81a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077081398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007708143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077081594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007708191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077081bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077081d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077081edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077081fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000770827b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000770827d2 8 bytes {JMP 0x10}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007708282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077082898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077082d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077082d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007708323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000770833c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077083a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077083ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077083b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077084190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077084241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000770842b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 3
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000770843f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077084434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 408 00000000770845d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 657 00000000770846d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077084a9c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077084b63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077084c57 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077084d76 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077084ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077084ef3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 00000000770850f5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 00000000770852f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 00000000770853f7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 00000000770855e4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000770864d6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 000000007708668e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007708687c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000770868bd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000770868d4 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007708692c 8 bytes [60, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077087166 8 bytes [40, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077087dd1 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077087e57 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000770d1380 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000770d1500 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000770d1530 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000770d1650 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000770d1700 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000770d1d30 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000770d1f80 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000770d27e0 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 0000000072b813cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 0000000072b8146b 8 bytes {JMP 0xffffffffffffffb0}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 0000000072b816d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 0000000072b819db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 0000000072b819fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5632] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000072b81a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077081398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007708143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077081594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007708191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077081bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077081d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077081edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077081fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000770827b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000770827d2 8 bytes {JMP 0x10}
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007708282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077082898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077082d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077082d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007708323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000770833c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077083a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077083ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077083b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077084190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077084241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000770842b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 3
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000770843f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077084434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 408 00000000770845d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 657 00000000770846d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077084a9c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077084b63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077084c57 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077084d76 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077084ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077084ef3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 00000000770850f5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 00000000770852f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 00000000770853f7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 00000000770855e4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000770864d6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 000000007708668e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007708687c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000770868bd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000770868d4 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007708692c 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077087166 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077087dd1 8 bytes [10, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077087e57 8 bytes [00, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000770d1380 8 bytes {JMP QWORD [RIP-0x4a220]}
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000770d1500 8 bytes {JMP QWORD [RIP-0x49cef]}
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000770d1530 8 bytes {JMP QWORD [RIP-0x4ac62]}
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000770d1650 8 bytes {JMP QWORD [RIP-0x4a80f]}
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000770d1700 8 bytes {JMP QWORD [RIP-0x4adda]}
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000770d1d30 8 bytes {JMP QWORD [RIP-0x49edf]}
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000770d1f80 8 bytes {JMP QWORD [RIP-0x4a1b5]}
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000770d27e0 8 bytes {JMP QWORD [RIP-0x4ab13]}
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 0000000072b813cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 0000000072b8146b 8 bytes {JMP 0xffffffffffffffb0}
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 0000000072b816d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 0000000072b819db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 0000000072b819fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000072b81a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000756c1401 2 bytes JMP 76c3b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000756c1419 2 bytes JMP 76c3b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000756c1431 2 bytes JMP 76cb8ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000756c144a 2 bytes CALL 76c148ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000756c14dd 2 bytes JMP 76cb87a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000756c14f5 2 bytes JMP 76cb8978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000756c150d 2 bytes JMP 76cb8698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000756c1525 2 bytes JMP 76cb8a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000756c153d 2 bytes JMP 76c2fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000756c1555 2 bytes JMP 76c368ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000756c156d 2 bytes JMP 76cb8f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000756c1585 2 bytes JMP 76cb8ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000756c159d 2 bytes JMP 76cb865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000756c15b5 2 bytes JMP 76c2fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000756c15cd 2 bytes JMP 76c3b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000756c16b2 2 bytes JMP 76cb8e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Hp\HP Software Update\HPWUCli.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000756c16bd 2 bytes JMP 76cb85f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077081398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007708143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077081594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007708191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077081bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077081d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077081edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077081fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000770827b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000770827d2 8 bytes {JMP 0x10}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007708282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077082898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077082d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077082d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007708323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000770833c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077083a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077083ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077083b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077084190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077084241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000770842b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 3
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000770843f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077084434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 408 00000000770845d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 657 00000000770846d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077084a9c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077084b63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077084c57 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077084d76 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077084ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077084ef3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 00000000770850f5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 00000000770852f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 00000000770853f7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 00000000770855e4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000770864d6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 000000007708668e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007708687c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000770868bd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000770868d4 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007708692c 8 bytes [60, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077087166 8 bytes [40, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077087dd1 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077087e57 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000770d1380 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000770d1500 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000770d1530 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000770d1650 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000770d1700 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000770d1d30 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000770d1f80 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000770d27e0 8 bytes JMP 3f3f3f3f
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 0000000072b813cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 0000000072b8146b 8 bytes {JMP 0xffffffffffffffb0}
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 0000000072b816d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 0000000072b819db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 0000000072b819fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4236] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000072b81a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077081398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007708143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077081594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007708191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077081bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077081d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077081edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077081fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000770827b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000770827d2 8 bytes {JMP 0x10}
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007708282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077082898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077082d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077082d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007708323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000770833c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077083a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077083ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077083b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077084190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077084241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000770842b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 3
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000770843f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077084434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 408 00000000770845d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 657 00000000770846d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077084a9c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077084b63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077084c57 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077084d76 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text ... * 2
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077084ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077084ef3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 00000000770850f5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 00000000770852f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 00000000770853f7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 00000000770855e4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000770864d6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 000000007708668e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007708687c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000770868bd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000770868d4 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007708692c 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077087166 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077087dd1 8 bytes [10, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077087e57 8 bytes [00, 6C, F8, 7E, 00, 00, 00, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000770d1380 8 bytes {JMP QWORD [RIP-0x4a220]}
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000770d1500 8 bytes {JMP QWORD [RIP-0x49cef]}
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000770d1530 8 bytes {JMP QWORD [RIP-0x4ac62]}
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000770d1650 8 bytes {JMP QWORD [RIP-0x4a80f]}
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000770d1700 8 bytes {JMP QWORD [RIP-0x4adda]}
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000770d1d30 8 bytes {JMP QWORD [RIP-0x49edf]}
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000770d1f80 8 bytes {JMP QWORD [RIP-0x4a1b5]}
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000770d27e0 8 bytes {JMP QWORD [RIP-0x4ab13]}
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 0000000072b813cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 0000000072b8146b 8 bytes {JMP 0xffffffffffffffb0}
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 0000000072b816d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 0000000072b819db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 0000000072b819fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000072b81a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000756c1401 2 bytes JMP 76c3b21b C:\Windows\syswow64\kernel32.dll
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000756c1419 2 bytes JMP 76c3b346 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000756c1431 2 bytes JMP 76cb8ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000756c144a 2 bytes CALL 76c148ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000756c14dd 2 bytes JMP 76cb87a2 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000756c14f5 2 bytes JMP 76cb8978 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000756c150d 2 bytes JMP 76cb8698 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000756c1525 2 bytes JMP 76cb8a62 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000756c153d 2 bytes JMP 76c2fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000756c1555 2 bytes JMP 76c368ef C:\Windows\syswow64\kernel32.dll
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000756c156d 2 bytes JMP 76cb8f61 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000756c1585 2 bytes JMP 76cb8ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000756c159d 2 bytes JMP 76cb865c C:\Windows\syswow64\kernel32.dll
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000756c15b5 2 bytes JMP 76c2fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000756c15cd 2 bytes JMP 76c3b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000756c16b2 2 bytes JMP 76cb8e24 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Dell Latitude E6430\Downloads\Gmer-19357.exe[7336] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000756c16bd 2 bytes JMP 76cb85f1 C:\Windows\syswow64\kernel32.dll
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations ???k????????????????????System32\Drivers\wwussf64.sys???????????????t????????????0??4????????????????????????????6??.7???????=???=??? ???????o?????o?????o?????????????? ??????????????????????????????o????? ???????o???????????o???????????????????????????????????????????o?????o????? ???????o?????o????????????????????????????? ???????o???????????o????????0????????M???????????????????????????????????????????????????? ??????????????????? ??????????????????????????????????????s????? ??????????????????SCSI miniport???? ???????????????????????????????????????o?o?o?o?o?o?o?o?o??????????????????????? ???????n???????????o??????????V????????a???o????:??o????????h?????system32\drivers\amdxata.sys??????V??o???????????d??amdsata.inf_amd64_neutral_fa9a4835d180b5fc???????o?o?o?o?o?o?????????????????????????o???o???????????????????????????????l??????p???? ???????n?????o?????o??????????R???????D?????R??o?????????e????@%systemroot%\system32\appidsvc.dll,-102??????N??o??????????????\SystemRoot\system32\drivers\appid.sys????????R
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\a4db30b9c77d
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\a4db30b9c77d (not active ControlSet)
---- EOF - GMER 2.1 ---- |