GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-09-20 19:17:08 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JE3O 465,76GB Running: 4zy1lmjm.exe; Driver: C:\Users\Stefan\AppData\Local\Temp\uxdcrpob.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe[1032] C:\Windows\SysWOW64\ntdll.dll!NtQueryValueKey 000000007795fa98 5 bytes JMP 0000000172852e30 .text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe[1032] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077960028 5 bytes JMP 0000000172852df0 .text C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe[1032] C:\Windows\syswow64\USER32.dll!UserClientDllInitialize + 779 0000000076c7b9f8 4 bytes [80, 40, 85, 72] .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076001465 2 bytes [00, 76] .text C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000760014bb 2 bytes [00, 76] .text ... * 2 .text C:\Program Files (x86)\AdFender\AdFender.exe[3204] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076001465 2 bytes [00, 76] .text C:\Program Files (x86)\AdFender\AdFender.exe[3204] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000760014bb 2 bytes [00, 76] .text ... * 2 .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4196] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076001465 2 bytes [00, 76] .text C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[4196] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000760014bb 2 bytes [00, 76] .text ... * 2 .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077761398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007776143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077761594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007776191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077761bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077761d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077761edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077761fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000777627b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000777627d2 8 bytes {JMP 0x10} .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007776282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077762898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077762d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077762d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007776323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000777633c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077763a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077763ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077763b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077764190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077764241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000777642b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 3 .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000777643f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077764434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 689 00000000777646f1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077764abc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077764b83 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077764c77 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077764d96 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077764ec0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077764f13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077765115 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077765310 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077765417 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077765604 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000777664f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 00000000777666ae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007776689c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000777668dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000777668f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007776694c 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077767186 8 bytes [50, 6C, F8, 7E, 00, 00, 00, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077767df1 8 bytes [20, 6C, F8, 7E, 00, 00, 00, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077767e77 8 bytes [10, 6C, F8, 7E, 00, 00, 00, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 206 0000000077767ece 8 bytes [00, 6C, F8, 7E, 00, 00, 00, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000777b13e0 8 bytes {JMP QWORD [RIP-0x49baf]} .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000777b1560 8 bytes {JMP QWORD [RIP-0x49873]} .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000777b1590 8 bytes {JMP QWORD [RIP-0x4ac4a]} .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000777b16b0 8 bytes {JMP QWORD [RIP-0x4a530]} .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000777b1760 8 bytes {JMP QWORD [RIP-0x4a8ff]} .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000777b1d90 8 bytes {JMP QWORD [RIP-0x49ec8]} .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000777b1fe0 8 bytes {JMP QWORD [RIP-0x4a16f]} .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000777b2840 8 bytes {JMP QWORD [RIP-0x4aa55]} .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000753d13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 00000000753d146b 8 bytes {JMP 0xffffffffffffffb0} .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000753d16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000753d19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000753d19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe[5420] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000753d1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077761398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007776143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077761594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007776191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077761bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077761d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077761edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077761fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000777627b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000777627d2 8 bytes {JMP 0x10} .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007776282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077762898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077762d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077762d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007776323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000777633c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077763a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077763ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077763b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077764190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077764241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000777642b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 3 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000777643f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077764434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 689 00000000777646f1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077764abc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077764b83 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077764c77 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077764d96 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077764ec0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077764f13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077765115 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077765310 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077765417 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077765604 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000777664f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 00000000777666ae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007776689c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000777668dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000777668f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007776694c 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077767186 8 bytes [50, 6C, F8, 7E, 00, 00, 00, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077767df1 8 bytes [20, 6C, F8, 7E, 00, 00, 00, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077767e77 8 bytes [10, 6C, F8, 7E, 00, 00, 00, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 206 0000000077767ece 8 bytes [00, 6C, F8, 7E, 00, 00, 00, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000777b13e0 8 bytes {JMP QWORD [RIP-0x49baf]} .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000777b1560 8 bytes {JMP QWORD [RIP-0x49873]} .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000777b1590 8 bytes {JMP QWORD [RIP-0x4ac4a]} .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000777b16b0 8 bytes {JMP QWORD [RIP-0x4a530]} .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000777b1760 8 bytes {JMP QWORD [RIP-0x4a8ff]} .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000777b1d90 8 bytes {JMP QWORD [RIP-0x49ec8]} .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000777b1fe0 8 bytes {JMP QWORD [RIP-0x4a16f]} .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000777b2840 8 bytes {JMP QWORD [RIP-0x4aa55]} .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000753d13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 00000000753d146b 8 bytes {JMP 0xffffffffffffffb0} .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000753d16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000753d19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000753d19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3744] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000753d1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077761398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007776143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077761594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007776191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077761bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077761d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077761edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077761fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000777627b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000777627d2 8 bytes {JMP 0x10} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007776282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077762898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077762d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077762d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007776323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000777633c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077763a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077763ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077763b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077764190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077764241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000777642b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 3 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000777643f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077764434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 689 00000000777646f1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077764abc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077764b83 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077764c77 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077764d96 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077764ec0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077764f13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077765115 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077765310 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077765417 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077765604 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000777664f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 00000000777666ae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007776689c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000777668dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000777668f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007776694c 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077767186 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077767df1 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077767e77 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 206 0000000077767ece 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000777b13e0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000777b1560 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000777b1590 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000777b16b0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000777b1760 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000777b1d90 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000777b1fe0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000777b2840 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000753d13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 00000000753d146b 8 bytes {JMP 0xffffffffffffffb0} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000753d16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000753d19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000753d19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1260] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000753d1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077761398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007776143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077761594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007776191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077761bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077761d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077761edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077761fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000777627b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000777627d2 8 bytes {JMP 0x10} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007776282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077762898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077762d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077762d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007776323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000777633c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077763a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077763ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077763b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077764190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077764241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000777642b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 3 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000777643f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077764434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 689 00000000777646f1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077764abc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077764b83 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077764c77 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077764d96 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077764ec0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077764f13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077765115 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077765310 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077765417 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077765604 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000777664f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 00000000777666ae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007776689c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000777668dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000777668f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007776694c 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077767186 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077767df1 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077767e77 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 206 0000000077767ece 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000777b13e0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000777b1560 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000777b1590 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000777b16b0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000777b1760 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000777b1d90 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000777b1fe0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000777b2840 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000753d13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 00000000753d146b 8 bytes {JMP 0xffffffffffffffb0} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000753d16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000753d19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000753d19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12504] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000753d1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077761398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007776143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077761594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007776191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077761bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077761d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077761edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077761fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000777627b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000777627d2 8 bytes {JMP 0x10} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007776282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077762898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077762d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077762d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007776323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000777633c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077763a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077763ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077763b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077764190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077764241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000777642b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 3 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000777643f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077764434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 689 00000000777646f1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077764abc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077764b83 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077764c77 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077764d96 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077764ec0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077764f13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077765115 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077765310 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077765417 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077765604 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000777664f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 00000000777666ae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007776689c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000777668dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000777668f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007776694c 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077767186 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077767df1 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077767e77 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 206 0000000077767ece 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000777b13e0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000777b1560 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000777b1590 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000777b16b0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000777b1760 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000777b1d90 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000777b1fe0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000777b2840 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000753d13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 00000000753d146b 8 bytes {JMP 0xffffffffffffffb0} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000753d16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000753d19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000753d19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12592] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000753d1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077761398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007776143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077761594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007776191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077761bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077761d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077761edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077761fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000777627b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000777627d2 8 bytes {JMP 0x10} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007776282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077762898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077762d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077762d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007776323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000777633c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077763a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077763ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077763b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077764190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077764241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000777642b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 3 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000777643f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077764434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 689 00000000777646f1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077764abc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077764b83 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077764c77 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077764d96 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077764ec0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077764f13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077765115 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077765310 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077765417 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077765604 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000777664f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 00000000777666ae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007776689c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000777668dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000777668f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007776694c 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077767186 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077767df1 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077767e77 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 206 0000000077767ece 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000777b13e0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000777b1560 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000777b1590 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000777b16b0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000777b1760 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000777b1d90 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000777b1fe0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000777b2840 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000753d13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 00000000753d146b 8 bytes {JMP 0xffffffffffffffb0} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000753d16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000753d19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000753d19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12456] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000753d1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077761398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007776143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077761594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007776191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077761bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077761d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077761edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077761fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000777627b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000777627d2 8 bytes {JMP 0x10} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007776282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077762898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077762d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077762d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007776323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000777633c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077763a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077763ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077763b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077764190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077764241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000777642b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 3 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000777643f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077764434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 689 00000000777646f1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077764abc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077764b83 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077764c77 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077764d96 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077764ec0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077764f13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077765115 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077765310 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077765417 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077765604 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000777664f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 00000000777666ae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007776689c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000777668dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000777668f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007776694c 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077767186 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077767df1 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077767e77 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 206 0000000077767ece 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000777b13e0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000777b1560 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000777b1590 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000777b16b0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000777b1760 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000777b1d90 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000777b1fe0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000777b2840 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000753d13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 00000000753d146b 8 bytes {JMP 0xffffffffffffffb0} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000753d16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000753d19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000753d19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[12384] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000753d1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077761398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007776143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077761594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007776191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077761bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077761d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077761edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077761fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000777627b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000777627d2 8 bytes {JMP 0x10} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007776282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077762898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077762d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077762d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007776323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000777633c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077763a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077763ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077763b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077764190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077764241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000777642b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 3 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000777643f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077764434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 689 00000000777646f1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077764abc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077764b83 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077764c77 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077764d96 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077764ec0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077764f13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077765115 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077765310 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077765417 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077765604 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000777664f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 00000000777666ae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007776689c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000777668dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000777668f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007776694c 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077767186 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077767df1 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077767e77 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 206 0000000077767ece 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000777b13e0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000777b1560 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000777b1590 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000777b16b0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000777b1760 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000777b1d90 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000777b1fe0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000777b2840 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000753d13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 00000000753d146b 8 bytes {JMP 0xffffffffffffffb0} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000753d16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000753d19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000753d19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8596] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000753d1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077761398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007776143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077761594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007776191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077761bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077761d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077761edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077761fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000777627b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000777627d2 8 bytes {JMP 0x10} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007776282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077762898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077762d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077762d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007776323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000777633c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077763a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077763ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077763b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077764190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077764241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000777642b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 3 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000777643f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077764434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 689 00000000777646f1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077764abc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077764b83 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077764c77 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077764d96 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077764ec0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077764f13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077765115 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077765310 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077765417 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077765604 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000777664f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 00000000777666ae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007776689c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000777668dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000777668f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007776694c 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077767186 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077767df1 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077767e77 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 206 0000000077767ece 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000777b13e0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000777b1560 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000777b1590 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000777b16b0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000777b1760 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000777b1d90 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000777b1fe0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000777b2840 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000753d13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 00000000753d146b 8 bytes {JMP 0xffffffffffffffb0} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000753d16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000753d19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000753d19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7108] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000753d1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077761398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007776143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077761594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007776191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077761bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077761d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077761edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077761fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000777627b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000777627d2 8 bytes {JMP 0x10} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007776282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077762898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077762d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077762d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007776323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000777633c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077763a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077763ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077763b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077764190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077764241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000777642b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 3 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000777643f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077764434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 689 00000000777646f1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077764abc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077764b83 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077764c77 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077764d96 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077764ec0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077764f13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077765115 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077765310 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077765417 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077765604 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000777664f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 00000000777666ae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007776689c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000777668dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000777668f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007776694c 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077767186 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077767df1 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077767e77 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 206 0000000077767ece 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000777b13e0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000777b1560 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000777b1590 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000777b16b0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000777b1760 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000777b1d90 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000777b1fe0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000777b2840 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000753d13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 00000000753d146b 8 bytes {JMP 0xffffffffffffffb0} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000753d16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000753d19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000753d19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7320] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000753d1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077761398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007776143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077761594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007776191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077761bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077761d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077761edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077761fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000777627b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000777627d2 8 bytes {JMP 0x10} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007776282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077762898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077762d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077762d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007776323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000777633c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077763a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077763ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077763b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077764190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077764241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000777642b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 3 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000777643f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077764434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 689 00000000777646f1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077764abc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077764b83 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077764c77 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077764d96 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077764ec0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077764f13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077765115 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077765310 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077765417 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077765604 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000777664f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 00000000777666ae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007776689c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000777668dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000777668f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007776694c 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077767186 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077767df1 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077767e77 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 206 0000000077767ece 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000777b13e0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000777b1560 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000777b1590 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000777b16b0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000777b1760 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000777b1d90 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000777b1fe0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000777b2840 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000753d13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 00000000753d146b 8 bytes {JMP 0xffffffffffffffb0} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000753d16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000753d19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000753d19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7888] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000753d1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077761398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007776143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077761594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007776191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077761bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077761d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077761edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077761fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000777627b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000777627d2 8 bytes {JMP 0x10} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007776282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077762898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077762d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077762d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007776323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000777633c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077763a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077763ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077763b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077764190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077764241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000777642b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 3 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000777643f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077764434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 689 00000000777646f1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077764abc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077764b83 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077764c77 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077764d96 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077764ec0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077764f13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077765115 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077765310 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077765417 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077765604 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000777664f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 00000000777666ae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007776689c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000777668dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000777668f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007776694c 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077767186 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077767df1 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077767e77 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 206 0000000077767ece 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000777b13e0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000777b1560 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000777b1590 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000777b16b0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000777b1760 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000777b1d90 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000777b1fe0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000777b2840 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000753d13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 00000000753d146b 8 bytes {JMP 0xffffffffffffffb0} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000753d16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000753d19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000753d19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7516] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000753d1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077761398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007776143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077761594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007776191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077761bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077761d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077761edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077761fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000777627b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000777627d2 8 bytes {JMP 0x10} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007776282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077762898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077762d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077762d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007776323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000777633c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077763a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077763ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077763b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077764190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077764241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000777642b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 3 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000777643f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077764434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 689 00000000777646f1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077764abc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077764b83 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077764c77 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077764d96 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077764ec0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077764f13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077765115 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077765310 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077765417 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077765604 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000777664f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 00000000777666ae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007776689c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000777668dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000777668f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007776694c 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077767186 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077767df1 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077767e77 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 206 0000000077767ece 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000777b13e0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000777b1560 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000777b1590 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000777b16b0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000777b1760 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000777b1d90 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000777b1fe0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000777b2840 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000753d13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 00000000753d146b 8 bytes {JMP 0xffffffffffffffb0} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000753d16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000753d19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000753d19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[9552] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000753d1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077761398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007776143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077761594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007776191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077761bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077761d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077761edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077761fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000777627b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000777627d2 8 bytes {JMP 0x10} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007776282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077762898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077762d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077762d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007776323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000777633c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077763a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077763ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077763b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077764190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077764241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000777642b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 3 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000777643f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077764434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 689 00000000777646f1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077764abc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077764b83 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077764c77 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077764d96 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077764ec0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077764f13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077765115 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077765310 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077765417 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077765604 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000777664f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 00000000777666ae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007776689c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000777668dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000777668f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007776694c 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077767186 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077767df1 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077767e77 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 206 0000000077767ece 8 bytes [00, 6C, F8, FF, 00, 00, 00, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000777b13e0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000777b1560 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000777b1590 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000777b16b0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000777b1760 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000777b1d90 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000777b1fe0 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000777b2840 8 bytes JMP 3f3f3f3f .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000753d13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 00000000753d146b 8 bytes {JMP 0xffffffffffffffb0} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000753d16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000753d19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000753d19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[8108] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000753d1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 424 0000000077761398 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007776143f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500 0000000077761594 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007776191e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212 0000000077761bf8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077761d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077761edf 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89 0000000077761fc5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000777627b0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000777627d2 8 bytes {JMP 0x10} .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007776282f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184 0000000077762898 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077762d1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375 0000000077762d67 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007776323b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920 00000000777633c8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077763a5e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077763ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077763b85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077764190 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161 0000000077764241 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277 00000000777642b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 3 .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214 00000000777643f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276 0000000077764434 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 689 00000000777646f1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284 0000000077764abc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483 0000000077764b83 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231 0000000077764c77 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518 0000000077764d96 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text ... * 2 .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256 0000000077764ec0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67 0000000077764f13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501 0000000077765115 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256 0000000077765310 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247 0000000077765417 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 484 0000000077765604 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438 00000000777664f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!atol + 194 00000000777666ae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76 000000007776689c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45 00000000777668dd 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4 00000000777668f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92 000000007776694c 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790 0000000077767186 8 bytes [50, 6C, F8, 7E, 00, 00, 00, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroupMembers + 241 0000000077767df1 8 bytes [20, 6C, F8, 7E, 00, 00, 00, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 119 0000000077767e77 8 bytes [10, 6C, F8, 7E, 00, 00, 00, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseCleanupGroup + 206 0000000077767ece 8 bytes [00, 6C, F8, 7E, 00, 00, 00, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000777b13e0 8 bytes {JMP QWORD [RIP-0x49baf]} .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 00000000777b1560 8 bytes {JMP QWORD [RIP-0x49873]} .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000777b1590 8 bytes {JMP QWORD [RIP-0x4ac4a]} .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00000000777b16b0 8 bytes {JMP QWORD [RIP-0x4a530]} .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 00000000777b1760 8 bytes {JMP QWORD [RIP-0x4a8ff]} .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 00000000777b1d90 8 bytes {JMP QWORD [RIP-0x49ec8]} .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 00000000777b1fe0 8 bytes {JMP QWORD [RIP-0x4a16f]} .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000777b2840 8 bytes {JMP QWORD [RIP-0x4aa55]} .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 00000000753d13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 00000000753d146b 8 bytes {JMP 0xffffffffffffffb0} .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 00000000753d16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 00000000753d19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 00000000753d19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] .text C:\Users\Stefan\Desktop\4zy1lmjm.exe[5012] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000753d1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...] ---- Kernel IAT/EAT - GMER 2.1 ---- IAT C:\Windows\System32\win32k.sys[ntoskrnl.exe!KeUserModeCallback] [fffff88005102f58] \SystemRoot\system32\DRIVERS\klif.sys [PAGE] ---- Threads - GMER 2.1 ---- Thread C:\Windows\System32\svchost.exe [3068:2388] 000007fef56a9688 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ac7289ddf2fb Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ac7289ddf2fb@cc07ab35d687 0x41 0xDF 0xBD 0x21 ... Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch 8734 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ac7289ddf2fb (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ac7289ddf2fb@cc07ab35d687 0x41 0xDF 0xBD 0x21 ... ---- EOF - GMER 2.1 ----