[628]wininit.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[628]wininit.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[628]wininit.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[628]wininit.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[628]wininit.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[628]wininit.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[628]wininit.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[628]wininit.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->kernel32.dll-->OpenProcess, Type: Inline - RelativeJump 0x77417267-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[628]wininit.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[628]wininit.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[628]wininit.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[628]wininit.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[628]wininit.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[628]wininit.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[628]wininit.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[672]services.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[672]services.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[672]services.exe-->kernel32.dll-->OpenProcess, Type: Inline - RelativeJump 0x77417267-->00000000 [ISWSHEX.dll]
[672]services.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[672]services.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[672]services.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[672]services.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[672]services.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[672]services.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[672]services.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[672]services.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[672]services.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[672]services.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[672]services.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[672]services.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[672]services.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[672]services.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[688]lsass.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[688]lsass.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[688]lsass.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[688]lsass.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[688]lsass.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[688]lsass.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[688]lsass.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[688]lsass.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[696]lsm.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->kernel32.dll-->OpenProcess, Type: Inline - RelativeJump 0x77417267-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[696]lsm.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[696]lsm.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[696]lsm.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[744]winlogon.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[744]winlogon.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[744]winlogon.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[744]winlogon.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[744]winlogon.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[744]winlogon.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[744]winlogon.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[744]winlogon.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[744]winlogon.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[744]winlogon.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[744]winlogon.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[744]winlogon.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[744]winlogon.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[744]winlogon.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[744]winlogon.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[864]MSASCui.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->kernel32.dll-->OpenProcess, Type: Inline - RelativeJump 0x77417267-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[864]MSASCui.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[864]MSASCui.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[864]MSASCui.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[864]MSASCui.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[864]MSASCui.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[864]MSASCui.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[864]MSASCui.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[880]svchost.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->kernel32.dll-->OpenProcess, Type: Inline - RelativeJump 0x77417267-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[880]svchost.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[880]svchost.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[880]svchost.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[880]svchost.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[880]svchost.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[880]svchost.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[880]svchost.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->kernel32.dll-->OpenProcess, Type: Inline - RelativeJump 0x77417267-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[932]nvvsvc.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[932]nvvsvc.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x767C7099-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x767C71E1-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x767C6DD9-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x767C6F81-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x767C72A1-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x76789EB4-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x7678A07E-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->ImpersonateNamedPipeClient, Type: Inline - RelativeJump 0x76753A48-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x767C6CD9-->00000000 [snxhk.dll]
[960]svchost.exe-->advapi32.dll-->SetThreadToken, Type: Inline - RelativeJump 0x76768E21-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->kernel32.dll-->OpenProcess, Type: Inline - RelativeJump 0x77417267-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x77A99390-->00000000 [snxhk.dll]
[960]svchost.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x77AABA50-->00000000 [snxhk.dll]
[960]svchost.exe-->ntdll.dll-->NtAccessCheckByType, Type: Inline - RelativeJump 0x77AD4044-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->ntdll.dll-->NtAlpcImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD4214-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->ntdll.dll-->NtImpersonateClientOfPort, Type: Inline - RelativeJump 0x77AD49E4-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->ntdll.dll-->NtSetInformationProcess, Type: Inline - RelativeJump 0x77AD5324-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->user32.dll-->FindWindowA, Type: Inline - RelativeJump 0x778E9D76-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->user32.dll-->FindWindowW, Type: Inline - RelativeJump 0x778FA441-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [ISWSHEX.dll]
[960]svchost.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x778E6322-->00000000 [snxhk.dll]
[960]svchost.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x778E87AD-->00000000 [snxhk.dll]
[960]svchost.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x778E9F3A-->00000000 [snxhk.dll]
[960]svchost.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x778E98DB-->00000000 [snxhk.dll]
[960]svchost.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x778EC06F-->00000000 [snxhk.dll]