Cyber Tech Help Support Forums - View Single Post

jonboy123 · #11 August 23rd, 2014, 10:21 AM

.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 00000000775617e0 5 bytes JMP 00000000776c03f0
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtAddBootEntry 0000000077561940 5 bytes JMP 00000000776c0230
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceiv ePort 0000000077561b00 5 bytes JMP 00000000776c0480
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtAssignProcessToJob Object 0000000077561b30 5 bytes JMP 00000000776c03a0
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEventPair 0000000077561c10 5 bytes JMP 00000000776c02f0
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtCreateIoCompletion 0000000077561c20 5 bytes JMP 00000000776c0350
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 0000000077561c80 5 bytes JMP 00000000776c0290
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 0000000077561d10 5 bytes JMP 00000000776c02b0
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077561d30 5 bytes JMP 00000000776c03d0
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtCreateTimer 0000000077561d40 5 bytes JMP 00000000776c0330
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtDebugActiveProcess 0000000077561db0 5 bytes JMP 00000000776c0410
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteBootEntry 0000000077561de0 5 bytes JMP 00000000776c0240
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 00000000775620a0 5 bytes JMP 00000000776c01e0
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtModifyBootEntry 0000000077562160 5 bytes JMP 00000000776c0250
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtNotifyChangeKey 0000000077562190 5 bytes JMP 00000000776c0490
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtNotifyChangeMultip leKeys 00000000775621a0 5 bytes JMP 00000000776c04a0
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtOpenEventPair 00000000775621d0 5 bytes JMP 00000000776c0300
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtOpenIoCompletion 00000000775621e0 5 bytes JMP 00000000776c0360
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtOpenMutant 0000000077562240 5 bytes JMP 00000000776c02a0
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSemaphore 0000000077562290 5 bytes JMP 00000000776c02c0
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread 00000000775622c0 5 bytes JMP 00000000776c0380
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtOpenTimer 00000000775622d0 5 bytes JMP 00000000776c0340
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThreadEx 00000000775625c0 5 bytes JMP 00000000776c0440
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtSetBootEntryOrder 00000000775627c0 5 bytes JMP 00000000776c0260
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtSetBootOptions 00000000775627d0 5 bytes JMP 00000000776c0270
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000775627e0 5 bytes JMP 00000000776c0400
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformati on 00000000775629a0 5 bytes JMP 00000000776c01f0
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemPowerStat e 00000000775629b0 5 bytes JMP 00000000776c0210
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077562a20 5 bytes JMP 00000000776c0200
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtSuspendProcess 0000000077562a80 5 bytes JMP 00000000776c0420
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtSuspendThread 0000000077562a90 5 bytes JMP 00000000776c0430
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077562aa0 5 bytes JMP 00000000776c0220
.text C:\Windows\system32\atieclxx.exe[2516] C:\Windows\SYSTEM32\ntdll.dll!NtVdmControl 0000000077562b80 5 bytes JMP 00000000776c0280
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtReplyWaitReceivePo rt 0000000077561360 5 bytes JMP 00000000776c0460
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtQueryObject 00000000775613b0 5 bytes JMP 00000000776c0450
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess 0000000077561510 5 bytes JMP 00000000776c0370
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtReplyWaitReceivePo rtEx 0000000077561560 5 bytes JMP 00000000776c0470
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077561570 5 bytes JMP 00000000776c03e0
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077561620 5 bytes JMP 00000000776c0320
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 0000000077561650 5 bytes JMP 00000000776c03b0
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtDuplicateObject 0000000077561670 5 bytes JMP 00000000776c0390
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtOpenEvent 00000000775616b0 5 bytes JMP 00000000776c02e0
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 0000000077561730 5 bytes JMP 00000000776c02d0
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 0000000077561750 5 bytes JMP 00000000776c0310
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 0000000077561790 5 bytes JMP 00000000776c03c0
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 00000000775617e0 5 bytes JMP 00000000776c03f0
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtAddBootEntry 0000000077561940 5 bytes JMP 00000000776c0230
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceiv ePort 0000000077561b00 5 bytes JMP 00000000776c0480
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtAssignProcessToJob Object 0000000077561b30 5 bytes JMP 00000000776c03a0
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEventPair 0000000077561c10 5 bytes JMP 00000000776c02f0
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtCreateIoCompletion 0000000077561c20 5 bytes JMP 00000000776c0350
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 0000000077561c80 5 bytes JMP 00000000776c0290
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 0000000077561d10 5 bytes JMP 00000000776c02b0
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077561d30 5 bytes JMP 00000000776c03d0
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtCreateTimer 0000000077561d40 5 bytes JMP 00000000776c0330
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtDebugActiveProcess 0000000077561db0 5 bytes JMP 00000000776c0410
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteBootEntry 0000000077561de0 5 bytes JMP 00000000776c0240
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 00000000775620a0 5 bytes JMP 00000000776c01e0
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtModifyBootEntry 0000000077562160 5 bytes JMP 00000000776c0250
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtNotifyChangeKey 0000000077562190 5 bytes JMP 00000000776c0490
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtNotifyChangeMultip leKeys 00000000775621a0 5 bytes JMP 00000000776c04a0
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtOpenEventPair 00000000775621d0 5 bytes JMP 00000000776c0300
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtOpenIoCompletion 00000000775621e0 5 bytes JMP 00000000776c0360
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtOpenMutant 0000000077562240 5 bytes JMP 00000000776c02a0
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSemaphore 0000000077562290 5 bytes JMP 00000000776c02c0
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread 00000000775622c0 5 bytes JMP 00000000776c0380
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtOpenTimer 00000000775622d0 5 bytes JMP 00000000776c0340
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThreadEx 00000000775625c0 5 bytes JMP 00000000776c0440
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtSetBootEntryOrder 00000000775627c0 5 bytes JMP 00000000776c0260
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtSetBootOptions 00000000775627d0 5 bytes JMP 00000000776c0270
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000775627e0 5 bytes JMP 00000000776c0400
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformati on 00000000775629a0 5 bytes JMP 00000000776c01f0
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemPowerStat e 00000000775629b0 5 bytes JMP 00000000776c0210
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077562a20 5 bytes JMP 00000000776c0200
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtSuspendProcess 0000000077562a80 5 bytes JMP 00000000776c0420
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtSuspendThread 0000000077562a90 5 bytes JMP 00000000776c0430
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077562aa0 5 bytes JMP 00000000776c0220
.text C:\Windows\system32\SearchIndexer.exe[3476] C:\Windows\SYSTEM32\ntdll.dll!NtVdmControl 0000000077562b80 5 bytes JMP 00000000776c0280
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtReplyWaitReceivePo rt 0000000077561360 5 bytes JMP 00000000776c0460
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtQueryObject 00000000775613b0 5 bytes JMP 00000000776c0450
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess 0000000077561510 5 bytes JMP 00000000776c0370
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtReplyWaitReceivePo rtEx 0000000077561560 5 bytes JMP 00000000776c0470
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077561570 5 bytes JMP 00000000776c03e0
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077561620 5 bytes JMP 00000000776c0320
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 0000000077561650 5 bytes JMP 00000000776c03b0
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtDuplicateObject 0000000077561670 5 bytes JMP 00000000776c0390
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtOpenEvent 00000000775616b0 5 bytes JMP 00000000776c02e0
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 0000000077561730 5 bytes JMP 00000000776c02d0
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 0000000077561750 5 bytes JMP 00000000776c0310
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 0000000077561790 5 bytes JMP 00000000776c03c0
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 00000000775617e0 5 bytes JMP 00000000776c03f0
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtAddBootEntry 0000000077561940 5 bytes JMP 00000000776c0230
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceiv ePort 0000000077561b00 5 bytes JMP 00000000776c0480
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtAssignProcessToJob Object 0000000077561b30 5 bytes JMP 00000000776c03a0
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEventPair 0000000077561c10 5 bytes JMP 00000000776c02f0
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtCreateIoCompletion 0000000077561c20 5 bytes JMP 00000000776c0350
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 0000000077561c80 5 bytes JMP 00000000776c0290
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 0000000077561d10 5 bytes JMP 00000000776c02b0
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077561d30 5 bytes JMP 00000000776c03d0
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtCreateTimer 0000000077561d40 5 bytes JMP 00000000776c0330
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtDebugActiveProcess 0000000077561db0 5 bytes JMP 00000000776c0410
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteBootEntry 0000000077561de0 5 bytes JMP 00000000776c0240
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 00000000775620a0 5 bytes JMP 00000000776c01e0
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtModifyBootEntry 0000000077562160 5 bytes JMP 00000000776c0250
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtNotifyChangeKey 0000000077562190 5 bytes JMP 00000000776c0490
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtNotifyChangeMultip leKeys 00000000775621a0 5 bytes JMP 00000000776c04a0
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtOpenEventPair 00000000775621d0 5 bytes JMP 00000000776c0300
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtOpenIoCompletion 00000000775621e0 5 bytes JMP 00000000776c0360
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtOpenMutant 0000000077562240 5 bytes JMP 00000000776c02a0
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSemaphore 0000000077562290 5 bytes JMP 00000000776c02c0
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread 00000000775622c0 5 bytes JMP 00000000776c0380
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtOpenTimer 00000000775622d0 5 bytes JMP 00000000776c0340
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThreadEx 00000000775625c0 5 bytes JMP 00000000776c0440
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtSetBootEntryOrder 00000000775627c0 5 bytes JMP 00000000776c0260
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtSetBootOptions 00000000775627d0 5 bytes JMP 00000000776c0270
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000775627e0 5 bytes JMP 00000000776c0400
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformati on 00000000775629a0 5 bytes JMP 00000000776c01f0
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemPowerStat e 00000000775629b0 5 bytes JMP 00000000776c0210
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077562a20 5 bytes JMP 00000000776c0200
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtSuspendProcess 0000000077562a80 5 bytes JMP 00000000776c0420
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtSuspendThread 0000000077562a90 5 bytes JMP 00000000776c0430
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077562aa0 5 bytes JMP 00000000776c0220
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\SYSTEM32\ntdll.dll!NtVdmControl 0000000077562b80 5 bytes JMP 00000000776c0280
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3968] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007744ef8d 1 byte [62]
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtReplyWaitReceivePo rt 0000000077561360 5 bytes JMP 00000000776c0460
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtQueryObject 00000000775613b0 5 bytes JMP 00000000776c0450
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess 0000000077561510 5 bytes JMP 00000000776c0370
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtReplyWaitReceivePo rtEx 0000000077561560 5 bytes JMP 00000000776c0470
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077561570 5 bytes JMP 00000000776c03e0
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077561620 5 bytes JMP 00000000776c0320
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 0000000077561650 5 bytes JMP 00000000776c03b0
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtDuplicateObject 0000000077561670 5 bytes JMP 00000000776c0390
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtOpenEvent 00000000775616b0 5 bytes JMP 00000000776c02e0
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 0000000077561730 5 bytes JMP 00000000776c02d0
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 0000000077561750 5 bytes JMP 00000000776c0310
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 0000000077561790 5 bytes JMP 00000000776c03c0
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 00000000775617e0 5 bytes JMP 00000000776c03f0
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtAddBootEntry 0000000077561940 5 bytes JMP 00000000776c0230
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceiv ePort 0000000077561b00 5 bytes JMP 00000000776c0480
.text C:\Windows\system32\taskhost.exe[2808] C:\Windows\SYSTEM32\ntdll.dll!NtAssignProcessToJob Object 0000000077561b30 5 bytes JMP 00000000776c03a0