This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Safe Browsing detected browser Internet Explorer has been compromised

We have just installed the intercept x client on several machines under a trial license. We are getting the following from Intercept X when IE is opened;

"Safe Browsing detected browser Internet Explorer has been compromised"

The version of IE11 is 11.09600.18499

We cannot find any information to understand what this error message actually means. Has anyone else come across this?

Is there anywhere that such error messages are documented in order to fully understand?

cheers

This thread was automatically locked due to age.

Tom Pallone over 7 years ago

We just started with Intercept recently..

We are having the same issue on one computer every time the user open the browser under their profile.

Below is the log since can't attach it here:

2017-01-10T00:00:01.040Z [Protected] PID 11292, Features 000000300000010A, C:\Windows\System32\rundll32.exe
2017-01-10T00:00:01.281Z [Protected] PID 12764, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T00:00:01.365Z [Protected] PID 7532, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T00:00:28.582Z [Protected] PID 1496, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T00:00:28.718Z [Protected] PID 13004, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T00:02:33.481Z [Protected] PID 1460, Features 000000300000010A, C:\Windows\servicing\TrustedInstaller.exe
2017-01-10T00:03:14.961Z [Protected] PID 12936, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T00:03:15.006Z [Protected] PID 11548, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T00:03:36.975Z [Protected] PID 10264, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T00:16:35.107Z [Protected] PID 11428, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T00:16:36.825Z [Protected] PID 3036, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T00:16:36.912Z [Protected] PID 12488, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T00:16:36.999Z [Protected] PID 5552, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T00:20:00.099Z [Protected] PID 2760, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T00:20:46.453Z [Protected] PID 7016, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T00:23:02.100Z [Protected] PID 3288, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T00:23:02.197Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110062302
2017-01-10T00:24:56.227Z [Protected] PID 13304, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T00:24:56.247Z [Protected] PID 12776, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T00:24:56.411Z [Protected] PID 8032, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T00:31:00.059Z [Protected] PID 6788, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T00:33:15.770Z [Protected] PID 13012, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T00:33:15.824Z [Protected] PID 9952, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T00:33:15.924Z [Protected] PID 12308, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T00:33:16.025Z [Protected] PID 12068, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T00:33:16.166Z [Protected] PID 11856, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T00:33:16.202Z [Protected] PID 11356, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T00:33:16.353Z [Protected] PID 1172, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T00:40:22.210Z [Protected] PID 6932, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T00:40:22.230Z [Protected] PID 11684, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T00:40:25.065Z [Protected] PID 6828, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T00:40:41.053Z [Protected] PID 11388, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-10T00:42:21.704Z [Protected] PID 11772, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T00:42:21.727Z [Protected] PID 8328, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T00:42:21.804Z [Protected] PID 8668, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T00:42:21.827Z [Protected] PID 9268, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T00:45:54.585Z [Protected] PID 3136, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T00:48:03.037Z [Protected] PID 7316, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T00:48:03.137Z [Protected] PID 10756, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T00:52:35.906Z [Protected] PID 10300, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T00:52:35.929Z [Protected] PID 6832, Features 000000300000010A, C:\Windows\System32\compattelrunner.exe
2017-01-10T00:52:36.029Z [Protected] PID 12544, Features 0000003000000102, C:\Windows\System32\CompatTelRunner.exe
2017-01-10T00:53:02.310Z [Protected] PID 10456, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T00:53:02.346Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110065302
2017-01-10T00:56:00.734Z [Protected] PID 8212, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T01:03:15.115Z [Protected] PID 12752, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T01:03:15.160Z [Protected] PID 11048, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T01:06:21.061Z [Protected] PID 6016, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T01:12:57.897Z [Protected] PID 12156, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T01:12:58.075Z [Protected] PID 12852, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T01:16:35.264Z [Protected] PID 5176, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T01:16:36.979Z [Protected] PID 420, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T01:16:37.065Z [Protected] PID 12624, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T01:16:37.152Z [Protected] PID 13276, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T01:20:00.099Z [Protected] PID 10368, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T01:20:04.429Z [Protected] PID 9840, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T01:23:02.460Z [Protected] PID 12372, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T01:23:02.497Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110072302
2017-01-10T01:30:55.949Z [Protected] PID 6932, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T01:30:56.149Z [Protected] PID 6640, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
2017-01-10T01:31:00.058Z [Protected] PID 9544, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T01:41:34.974Z [Protected] PID 11404, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T01:42:22.053Z [Protected] PID 12308, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T01:42:22.077Z [Protected] PID 7788, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T01:42:22.154Z [Protected] PID 12844, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T01:42:22.177Z [Protected] PID 6176, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T01:44:53.425Z [Protected] PID 12004, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T01:44:53.479Z [Protected] PID 7924, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T01:44:53.581Z [Protected] PID 12708, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T01:44:53.682Z [Protected] PID 8920, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T01:44:53.823Z [Protected] PID 1376, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T01:44:53.859Z [Protected] PID 1008, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T01:44:54.013Z [Protected] PID 6852, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T01:45:54.712Z [Protected] PID 9992, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T01:46:24.645Z [Protected] PID 13044, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\savxp\crt\avremovew.exe
2017-01-10T01:46:46.694Z [Protected] PID 9360, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T01:46:46.943Z [Protected] PID 12780, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T01:48:03.503Z [Protected] PID 13080, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T01:48:03.733Z [Protected] PID 13168, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T01:53:02.612Z [Protected] PID 6852, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T01:53:02.647Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110075302
2017-01-10T01:55:58.896Z [Protected] PID 11004, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T01:55:58.917Z [Protected] PID 1596, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T01:55:59.138Z [Protected] PID 8636, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T01:56:00.909Z [Protected] PID 9652, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T01:59:41.283Z [Protected] PID 1800, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T02:10:24.230Z [Protected] PID 11852, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T02:11:25.917Z [Protected] PID 11280, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T02:11:25.938Z [Protected] PID 12156, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T02:11:29.286Z [Protected] PID 8544, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T02:11:45.293Z [Protected] PID 11792, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-10T02:16:36.678Z [Protected] PID 3988, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T02:16:38.623Z [Protected] PID 11216, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T02:16:38.747Z [Protected] PID 11008, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T02:16:38.879Z [Protected] PID 12676, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T02:18:09.316Z [Protected] PID 2440, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T02:18:09.382Z [Protected] PID 11712, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T02:20:00.102Z [Protected] PID 10704, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T02:20:29.350Z [Protected] PID 6056, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T02:23:02.763Z [Protected] PID 8472, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T02:23:02.799Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110082302
2017-01-10T02:30:00.829Z [Protected] PID 10708, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T02:30:00.853Z [Protected] PID 11996, Features 000000300000010A, C:\Windows\System32\aitagent.exe
2017-01-10T02:30:36.341Z [Protected] PID 11072, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T02:30:36.387Z [Protected] PID 8924, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T02:31:00.060Z [Protected] PID 10656, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T02:37:32.249Z [Protected] PID 11712, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T02:37:32.314Z [Protected] PID 2020, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T02:37:32.416Z [Protected] PID 11792, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T02:37:32.516Z [Protected] PID 5636, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T02:37:32.673Z [Protected] PID 9772, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T02:37:32.708Z [Protected] PID 8548, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T02:37:32.864Z [Protected] PID 10264, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T02:41:57.423Z [Protected] PID 12724, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T02:42:22.501Z [Protected] PID 10452, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T02:42:22.525Z [Protected] PID 9676, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T02:42:22.634Z [Protected] PID 12080, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T02:42:22.657Z [Protected] PID 11812, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T02:45:54.957Z [Protected] PID 8080, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T02:48:03.398Z [Protected] PID 12384, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T02:48:03.498Z [Protected] PID 6420, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T02:53:02.911Z [Protected] PID 10324, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T02:53:02.947Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110085302
2017-01-10T02:56:01.076Z [Protected] PID 7400, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T03:00:01.195Z [Protected] PID 9552, Features 000000300000010A, C:\Windows\System32\wsqmcons.exe
2017-01-10T03:00:01.472Z [Protected] PID 12684, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T03:00:01.498Z [Protected] PID 944, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-10T03:03:47.298Z [Protected] PID 11788, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T03:16:35.567Z [Protected] PID 12940, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T03:16:37.290Z [Protected] PID 6888, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T03:16:37.375Z [Protected] PID 11280, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T03:16:37.459Z [Protected] PID 8032, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T03:20:00.100Z [Protected] PID 10704, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T03:20:16.209Z [Protected] PID 1388, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T03:23:03.060Z [Protected] PID 10836, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T03:23:03.096Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110092303
2017-01-10T03:27:08.927Z [Protected] PID 10484, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T03:27:08.954Z [Protected] PID 1596, Features 000000300000010A, C:\Windows\System32\compattel\DiagTrackRunner.exe
2017-01-10T03:27:09.152Z [Protected] PID 12940, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T03:27:09.173Z [Protected] PID 9564, Features 000000300000010A, C:\Windows\System32\CompatTelRunner.exe
2017-01-10T03:27:09.215Z [Protected] PID 10680, Features 0000003000000102, C:\Windows\System32\CompatTelRunner.exe
2017-01-10T03:27:09.908Z [Protected] PID 7580, Features 0000003000000102, C:\Windows\System32\CompatTelRunner.exe
2017-01-10T03:27:09.981Z [Protected] PID 12024, Features 0000003000000102, C:\Windows\System32\CompatTelRunner.exe
2017-01-10T03:27:38.811Z [Protected] PID 11628, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T03:27:38.866Z [Protected] PID 12512, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T03:27:38.965Z [Protected] PID 13012, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T03:27:39.071Z [Protected] PID 11400, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T03:27:39.210Z [Protected] PID 8216, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T03:27:39.246Z [Protected] PID 12580, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T03:27:39.400Z [Protected] PID 11064, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T03:31:00.059Z [Protected] PID 13168, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T03:35:02.696Z [Protected] PID 3948, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T03:35:02.716Z [Protected] PID 11372, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T03:35:02.923Z [Protected] PID 6932, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T03:42:22.808Z [Protected] PID 12000, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T03:42:22.832Z [Protected] PID 10992, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T03:42:22.908Z [Protected] PID 13136, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T03:42:22.931Z [Protected] PID 12692, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T03:45:54.426Z [Protected] PID 6932, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T03:48:02.749Z [Protected] PID 6656, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T03:48:02.850Z [Protected] PID 12376, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T03:53:02.164Z [Protected] PID 5880, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T03:53:02.203Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110095302
2017-01-10T03:56:00.122Z [Protected] PID 944, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T03:59:28.721Z [Protected] PID 10840, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T03:59:28.741Z [Protected] PID 932, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T03:59:32.400Z [Protected] PID 5872, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T03:59:48.389Z [Protected] PID 9272, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-10T04:02:36.350Z [Protected] PID 9308, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T04:03:14.370Z [Protected] PID 11052, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T04:03:14.416Z [Protected] PID 12228, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T04:16:34.437Z [Protected] PID 7976, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T04:16:36.151Z [Protected] PID 6444, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T04:16:36.237Z [Protected] PID 10592, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T04:16:36.327Z [Protected] PID 9628, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T04:19:59.970Z [Protected] PID 10688, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T04:20:11.097Z [Protected] PID 11868, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T04:20:25.089Z [Protected] PID 12812, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T04:20:25.113Z [Protected] PID 12536, Features 000000300000010A, c:\program files\windows defender\MpCmdRun.exe
2017-01-10T04:20:25.324Z [Protected] PID 9368, Features 0000003000000102, c:\program files\windows defender\MpCmdRun.exe
2017-01-10T04:20:25.607Z [Protected] PID 7688, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T04:20:25.624Z [Protected] PID 8916, Features 0000003000000102, c:\program files\windows defender\MpCmdRun.exe
2017-01-10T04:20:25.938Z [Protected] PID 3460, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T04:23:02.078Z [Protected] PID 9472, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T04:23:02.115Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110102302
2017-01-10T04:23:40.343Z [Protected] PID 12024, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T04:23:40.391Z [Protected] PID 9076, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T04:24:41.747Z [Protected] PID 1944, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T04:24:48.367Z [Protected] PID 6220, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T04:24:56.341Z [Protected] PID 12784, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T04:25:49.510Z [Protected] PID 9772, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T04:31:00.058Z [Protected] PID 13104, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T04:39:33.873Z [Protected] PID 8916, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T04:39:33.928Z [Protected] PID 7688, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T04:39:34.028Z [Protected] PID 11544, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T04:39:34.129Z [Protected] PID 9088, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T04:39:34.269Z [Protected] PID 12612, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T04:39:34.305Z [Protected] PID 5632, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T04:39:34.457Z [Protected] PID 8468, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T04:41:45.386Z [Protected] PID 6176, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T04:41:45.430Z [Protected] PID 3304, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T04:42:21.965Z [Protected] PID 7884, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T04:42:21.987Z [Protected] PID 5092, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T04:42:22.065Z [Protected] PID 9708, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T04:42:22.088Z [Protected] PID 8596, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T04:42:58.150Z [Protected] PID 11876, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T04:42:58.360Z [Protected] PID 10900, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T04:45:53.887Z [Protected] PID 9640, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T04:48:02.451Z [Protected] PID 6828, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T04:48:02.550Z [Protected] PID 10784, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T04:53:02.227Z [Protected] PID 11900, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T04:53:02.263Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110105302
2017-01-10T04:56:00.126Z [Protected] PID 12956, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T04:56:41.342Z [Protected] PID 11440, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
2017-01-10T04:59:39.913Z [Protected] PID 9868, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T05:07:13.461Z [Protected] PID 6264, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T05:07:13.505Z [Protected] PID 7484, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T05:12:33.548Z [Protected] PID 11192, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T05:16:34.581Z [Protected] PID 2876, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T05:16:36.316Z [Protected] PID 10124, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T05:16:36.402Z [Protected] PID 12364, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T05:16:36.489Z [Protected] PID 13036, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T05:20:00.089Z [Protected] PID 11976, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T05:20:29.081Z [Protected] PID 11400, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T05:20:43.694Z [Protected] PID 10744, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T05:20:43.737Z [Protected] PID 8080, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T05:20:43.827Z [Protected] PID 10800, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T05:20:43.921Z [Protected] PID 12756, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T05:20:44.062Z [Protected] PID 12588, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T05:20:44.097Z [Protected] PID 12352, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T05:20:44.249Z [Protected] PID 6336, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T05:23:02.377Z [Protected] PID 11664, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T05:23:02.412Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110112302
2017-01-10T05:30:05.575Z [Protected] PID 10940, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T05:30:05.595Z [Protected] PID 12348, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T05:30:05.756Z [Protected] PID 12004, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T05:31:00.059Z [Protected] PID 1656, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T05:40:57.134Z [Protected] PID 11212, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T05:41:33.029Z [Protected] PID 9192, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T05:41:33.050Z [Protected] PID 13216, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T05:41:36.535Z [Protected] PID 5832, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T05:41:52.536Z [Protected] PID 9180, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-10T05:42:22.310Z [Protected] PID 11164, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T05:42:22.333Z [Protected] PID 8564, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T05:42:22.409Z [Protected] PID 10052, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T05:42:22.432Z [Protected] PID 10624, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T05:45:54.109Z [Protected] PID 1920, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T05:46:23.120Z [Protected] PID 11592, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\savxp\crt\avremovew.exe
2017-01-10T05:46:45.358Z [Protected] PID 12660, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T05:46:45.612Z [Protected] PID 12548, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T05:48:03.097Z [Protected] PID 8144, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T05:48:03.326Z [Protected] PID 12396, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T05:53:02.527Z [Protected] PID 12668, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T05:53:02.565Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110115302
2017-01-10T05:56:00.376Z [Protected] PID 7588, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T06:00:54.352Z [Protected] PID 7556, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T06:00:54.601Z [Protected] PID 8496, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
2017-01-10T06:02:24.660Z [Protected] PID 8916, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T06:16:36.070Z [Protected] PID 9196, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T06:16:38.170Z [Protected] PID 6840, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T06:16:38.289Z [Protected] PID 10788, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T06:16:38.431Z [Protected] PID 12192, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T06:20:00.101Z [Protected] PID 13204, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T06:20:23.624Z [Protected] PID 4856, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T06:23:02.774Z [Protected] PID 1560, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T06:23:02.810Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110122302
2017-01-10T06:31:00.061Z [Protected] PID 13144, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T06:42:06.056Z [Protected] PID 6056, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T06:42:06.120Z [Protected] PID 8636, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T06:42:06.224Z [Protected] PID 12932, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T06:42:06.325Z [Protected] PID 10532, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T06:42:06.482Z [Protected] PID 12476, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T06:42:06.518Z [Protected] PID 9604, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T06:42:06.671Z [Protected] PID 13080, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T06:42:22.751Z [Protected] PID 11876, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T06:42:22.774Z [Protected] PID 10468, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T06:42:22.913Z [Protected] PID 10480, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T06:42:22.936Z [Protected] PID 3792, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T06:45:54.326Z [Protected] PID 12300, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T06:48:03.010Z [Protected] PID 8064, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T06:48:03.109Z [Protected] PID 12972, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T06:52:02.069Z [Protected] PID 5880, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
2017-01-10T06:52:17.641Z [Protected] PID 6200, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T06:52:17.661Z [Protected] PID 11580, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-10T06:52:17.709Z [Protected] PID 13020, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T06:52:17.728Z [Protected] PID 9368, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-10T06:53:02.922Z [Protected] PID 9120, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T06:53:02.958Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110125302
2017-01-10T06:54:01.139Z [Protected] PID 8548, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
2017-01-10T06:54:08.105Z [Protected] PID 7316, Features 000000300000010E, C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2017-01-10T06:54:12.555Z [Protected] PID 11480, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T06:54:12.658Z [Protected] PID 8924, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T06:56:00.547Z [Protected] PID 10548, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T06:57:32.366Z [Protected] PID 10412, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T06:57:32.454Z [Protected] PID 160, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T06:57:39.387Z [Protected] PID 12228, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T06:57:53.838Z [Protected] PID 6336, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T06:58:11.711Z [Protected] PID 11244, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T06:58:11.965Z [Protected] PID 12964, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T06:58:20.637Z [Protected] PID 12300, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T06:58:22.801Z [Protected] PID 3320, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T06:58:23.096Z [Protected] PID 10252, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T06:58:23.141Z [Protected] PID 12936, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T06:58:23.496Z [Protected] PID 9724, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T06:58:29.747Z [Protected] PID 8696, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T06:58:29.773Z [Protected] PID 11172, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-10T06:58:35.489Z [Protected] PID 11836, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T06:58:42.217Z [Protected] PID 9792, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T06:58:59.731Z [Protected] PID 7556, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T06:59:27.087Z [Protected] PID 7928, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T06:59:27.378Z [Protected] PID 11544, Features 000000361FBF0106, C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
2017-01-10T06:59:27.981Z [Protected] PID 13080, Features 000000300000010E, C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2017-01-10T06:59:38.652Z [Protected] PID 7768, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:00:45.789Z [Protected] PID 7852, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T07:00:55.972Z [Protected] PID 12840, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-10T07:00:58.104Z [Protected] PID 12456, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:01:04.613Z [Protected] PID 8568, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T07:01:46.752Z [Protected] PID 13296, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:04:07.007Z [Protected] PID 9572, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:04:08.277Z [Protected] PID 12880, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T07:04:10.678Z [Protected] PID 12216, Features 0000003200000102, C:\Windows\splwow64.exe
2017-01-10T07:04:10.785Z [Protected] PID 11876, Features 0000003200000102, C:\Windows\splwow64.exe
2017-01-10T07:04:11.047Z [Protected] PID 5188, Features 0000003200000102, C:\Windows\splwow64.exe
2017-01-10T07:04:11.066Z [Protected] PID 9492, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T07:04:11.384Z [Protected] PID 6716, Features 0000003200000102, C:\Windows\splwow64.exe
2017-01-10T07:04:11.421Z [Protected] PID 9712, Features 0000003200000102, C:\Windows\splwow64.exe
2017-01-10T07:06:33.770Z [Protected] PID 11072, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:08:50.369Z [Protected] PID 10944, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:09:13.098Z [Protected] PID 12544, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T07:09:15.462Z [Protected] PID 3160, Features 0000003200000102, C:\Windows\splwow64.exe
2017-01-10T07:09:15.641Z [Protected] PID 10648, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T07:09:20.076Z [Protected] PID 6392, Features 0000003200000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:09:21.088Z [Protected] PID 2340, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:09:57.999Z [Protected] PID 12424, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:09:58.030Z [Protected] PID 11364, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:10:09.522Z [Protected] PID 12888, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T07:10:23.102Z [Protected] PID 932, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:10:23.151Z [Protected] PID 12628, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:10:25.696Z [Protected] PID 11156, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:10:52.171Z [Protected] PID 12716, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T07:10:54.791Z [Protected] PID 10452, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T07:10:58.195Z [Protected] PID 10424, Features 0000003200000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:10:59.313Z [Protected] PID 12964, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:11:00.291Z [Protected] PID 5932, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T07:11:07.287Z [Protected] PID 6848, Features 0000003200000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:11:17.836Z [Protected] PID 9488, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T07:11:18.487Z [Protected] PID 6760, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T07:11:41.323Z [Protected] PID 7212, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T07:11:41.416Z [Protected] PID 10448, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:12:33.668Z [Protected] PID 12152, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T07:12:37.984Z [Protected] PID 7356, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T07:12:41.633Z [Protected] PID 12748, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T07:12:42.794Z [Protected] PID 9900, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T07:12:42.834Z [Protected] PID 4704, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T07:12:42.857Z [Protected] PID 2584, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T07:12:42.936Z [Protected] PID 4084, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T07:12:49.430Z [Protected] PID 9400, Features 0000003200000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:12:50.340Z [Protected] PID 8444, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:12:53.477Z [Protected] PID 10900, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T07:13:00.743Z [Protected] PID 11788, Features 0000003200000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:13:14.329Z [Protected] PID 13064, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:13:18.032Z [Protected] PID 9600, Features 0000003000000106, C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
2017-01-10T07:13:26.946Z [Protected] PID 9632, Features 0000003000000106, C:\Users\sherrick\AppData\Local\Apps\2.0\CZLEKDP7.8QJ\XAWL8KY9.P6Z\unit..tion_c985434882f2074b_0010.0000_2d7b96ead185776d\obunity.exe
2017-01-10T07:13:59.781Z [Protected] PID 1380, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:14:10.402Z [Protected] PID 10388, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T07:14:44.755Z [Protected] PID 1656, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T07:14:54.481Z [Protected] PID 12608, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T07:14:55.639Z [Protected] PID 9956, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T07:14:55.672Z [Protected] PID 11568, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T07:14:55.695Z [Protected] PID 6352, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T07:14:55.780Z [Protected] PID 9088, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T07:15:02.261Z [Protected] PID 3924, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T07:15:02.287Z [Protected] PID 12216, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-10T07:15:05.391Z [Protected] PID 9484, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T07:15:09.491Z [Protected] PID 6848, Features 0000003200000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:15:10.425Z [Protected] PID 12108, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:15:18.388Z [Protected] PID 2476, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T07:15:38.066Z [Protected] PID 5624, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T07:15:38.087Z [Protected] PID 11376, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T07:15:40.791Z [Protected] PID 6812, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T07:15:56.789Z [Protected] PID 12420, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-10T07:16:15.039Z [Protected] PID 9256, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:16:19.794Z [Protected] PID 12388, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:16:19.887Z [Protected] PID 9972, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:16:22.060Z [Protected] PID 9900, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T07:16:30.799Z [Protected] PID 8452, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:16:33.135Z [Protected] PID 9572, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T07:16:33.479Z [Protected] PID 10860, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T07:16:34.439Z [Protected] PID 13144, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:16:36.674Z [Protected] PID 11528, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T07:16:36.769Z [Protected] PID 8036, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T07:16:36.872Z [Protected] PID 3392, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T07:17:01.719Z [Protected] PID 10424, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T07:17:09.952Z [Protected] PID 12668, Features 0000003200000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:17:10.875Z [Protected] PID 6784, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:17:54.922Z [Protected] PID 12212, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T07:18:08.233Z [Protected] PID 11016, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T07:18:08.253Z [Protected] PID 12864, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T07:18:11.365Z [Protected] PID 6848, Features 0000003200000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:18:12.314Z [Protected] PID 11932, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:18:18.700Z [Protected] PID 11856, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:18:26.816Z [Protected] PID 10932, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:19:36.417Z [Protected] PID 2228, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T07:19:38.923Z [Protected] PID 9792, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T07:19:42.513Z [Protected] PID 9120, Features 0000003200000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:19:43.426Z [Protected] PID 2500, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T07:20:00.102Z [Protected] PID 12388, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T07:20:26.707Z [Protected] PID 13064, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T07:20:44.799Z [Protected] PID 13148, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:21:46.803Z [Protected] PID 12800, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T07:22:21.436Z [Protected] PID 8648, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T07:23:03.070Z [Protected] PID 8040, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T07:23:03.108Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110132303
2017-01-10T07:23:23.948Z [Protected] PID 11284, Features 0000003000000106, C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
2017-01-10T07:24:16.078Z [Protected] PID 11556, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-10T07:24:17.394Z [Protected] PID 12328, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:24:17.631Z [Protected] PID 7188, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:24:19.975Z [Protected] PID 8816, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T07:24:42.816Z [Protected] PID 7604, Features 000000361FBF2106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T07:24:50.546Z [Protected] PID 6040, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T07:24:51.710Z [Protected] PID 11400, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T07:24:51.744Z [Protected] PID 7212, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T07:24:51.760Z [Protected] PID 8444, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:24:51.770Z [Protected] PID 8628, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T07:24:51.850Z [Protected] PID 8940, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T07:24:57.881Z [Protected] PID 7472, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T07:24:58.775Z [Protected] PID 9464, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T07:24:58.801Z [Protected] PID 12060, Features 0000003200002106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-10T07:25:14.477Z [Protected] PID 1460, Features 0000003200002106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T07:25:18.653Z [Protected] PID 11888, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:25:23.143Z [Protected] PID 9188, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:25:28.592Z [Protected] PID 9640, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-10T07:25:29.880Z [Protected] PID 9528, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:25:30.129Z [Protected] PID 8036, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:25:32.279Z [Protected] PID 11308, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T07:25:36.891Z [Protected] PID 10128, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:25:36.983Z [Protected] PID 564, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:25:45.704Z [Protected] PID 10472, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-10T07:25:46.992Z [Protected] PID 7920, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:25:47.219Z [Protected] PID 10356, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:25:49.455Z [Protected] PID 3988, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T07:25:58.972Z [Protected] PID 11160, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:25:59.076Z [Protected] PID 10524, Features 000000361FBF2106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T07:26:07.923Z [Protected] PID 13300, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T07:26:07.949Z [Protected] PID 12576, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T07:26:07.967Z [Protected] PID 4924, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:26:07.973Z [Protected] PID 9928, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T07:26:08.037Z [Protected] PID 1544, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T07:26:13.079Z [Protected] PID 10824, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T07:26:15.293Z [Protected] PID 12292, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T07:26:15.321Z [Protected] PID 10260, Features 0000003200002106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-10T07:26:30.733Z [Protected] PID 11888, Features 0000003200002106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T07:31:00.060Z [Protected] PID 4708, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T07:32:39.343Z [Protected] PID 1692, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:32:39.482Z [Protected] PID 6596, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:33:02.844Z [Protected] PID 13280, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-10T07:33:04.260Z [Protected] PID 12680, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:33:04.453Z [Protected] PID 7936, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:33:06.532Z [Protected] PID 7584, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T07:33:12.295Z [Protected] PID 2248, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:34:36.221Z [Protected] PID 12568, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T07:34:36.309Z [Protected] PID 10668, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:36:17.444Z [Protected] PID 5480, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T07:36:17.532Z [Protected] PID 916, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:36:36.384Z [Protected] PID 10708, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:37:21.413Z [Protected] PID 12324, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T07:37:22.220Z [Protected] PID 12816, Features 000000300000010A, C:\Windows\servicing\TrustedInstaller.exe
2017-01-10T07:38:27.016Z [Protected] PID 12364, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T07:38:27.134Z [Protected] PID 7780, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T07:38:27.239Z [Protected] PID 12832, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T07:38:27.344Z [Protected] PID 164, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T07:38:27.492Z [Protected] PID 6296, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T07:38:27.527Z [Protected] PID 10476, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T07:38:27.683Z [Protected] PID 10744, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T07:39:02.095Z [Protected] PID 9944, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:39:03.332Z [Protected] PID 10160, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:39:10.242Z [Protected] PID 6024, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-10T07:39:11.575Z [Protected] PID 2412, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:39:11.839Z [Protected] PID 812, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:39:14.019Z [Protected] PID 12476, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T07:41:36.734Z [Protected] PID 11260, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T07:42:00.179Z [Protected] PID 3136, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:42:23.276Z [Protected] PID 5664, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T07:42:23.301Z [Protected] PID 9956, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T07:42:23.489Z [Protected] PID 5388, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T07:42:23.513Z [Protected] PID 9784, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T07:43:44.598Z [Protected] PID 5092, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T07:43:44.684Z [Protected] PID 12312, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:44:39.993Z [Protected] PID 12452, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T07:45:55.341Z [Protected] PID 12028, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T07:46:29.681Z [Protected] PID 10952, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T07:47:51.374Z [Protected] PID 12572, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T07:47:51.552Z [Protected] PID 12548, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:47:58.204Z [Protected] PID 6408, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:48:03.498Z [Protected] PID 1456, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T07:48:03.606Z [Protected] PID 7348, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T07:48:08.390Z [Protected] PID 10344, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T07:48:26.119Z [Protected] PID 12008, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:51:03.377Z [Protected] PID 1464, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T07:51:03.513Z [Protected] PID 7056, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:53:03.367Z [Protected] PID 11676, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T07:53:03.404Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110135303
2017-01-10T07:53:24.927Z [Protected] PID 10884, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T07:53:25.024Z [Protected] PID 13260, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T07:53:57.459Z [Protected] PID 5644, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:54:24.694Z [Protected] PID 6164, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:54:24.916Z [Protected] PID 12040, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:54:27.265Z [Protected] PID 7884, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T07:54:32.907Z [Protected] PID 9120, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:54:33.081Z [Protected] PID 11508, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:54:36.227Z [Protected] PID 10368, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:54:54.783Z [Protected] PID 1692, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:56:01.239Z [Protected] PID 1460, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T07:56:58.915Z [Protected] PID 4632, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:57:13.101Z [Protected] PID 12864, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:57:13.194Z [Protected] PID 920, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:57:22.869Z [Protected] PID 13300, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T07:57:25.485Z [Protected] PID 9784, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:57:30.922Z [Protected] PID 3380, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:57:41.488Z [Protected] PID 12904, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T07:57:43.563Z [Protected] PID 12920, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:57:52.082Z [Protected] PID 12220, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T07:58:12.009Z [Protected] PID 10548, Features 0000003000000102, C:\Program Files (x86)\Moffsoft FreeCalc\MoffFreeCalc.exe
2017-01-10T07:58:46.870Z [Protected] PID 9872, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:00:43.127Z [Protected] PID 10420, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T08:01:31.949Z [Protected] PID 8920, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:01:40.045Z [Protected] PID 11016, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:01:49.315Z [Protected] PID 6736, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:02:25.974Z [Protected] PID 12156, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T08:07:38.331Z [Protected] PID 12364, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T08:07:38.873Z [ApplyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110140738
2017-01-10T08:07:40.593Z [Protected] PID 10936, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:07:41.705Z [Protected] PID 8648, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:07:45.063Z [Protected] PID 12192, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T08:07:45.275Z [Protected] PID 9460, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T08:07:59.794Z [Protected] PID 12852, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:07:59.880Z [Protected] PID 1460, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:08:28.203Z [Protected] PID 13152, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-10T08:08:29.567Z [Protected] PID 12036, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T08:08:29.857Z [Protected] PID 1124, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T08:08:32.034Z [Protected] PID 9584, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T08:08:39.096Z [Protected] PID 5832, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:08:39.191Z [Protected] PID 8940, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:08:46.130Z [Protected] PID 11512, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-10T08:08:47.443Z [Protected] PID 4328, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T08:08:47.727Z [Protected] PID 10748, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T08:08:49.888Z [Protected] PID 7356, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T08:10:24.925Z [Protected] PID 10664, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T08:10:24.972Z [Protected] PID 12460, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T08:10:50.965Z [Protected] PID 11700, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T08:11:46.710Z [Protected] PID 11024, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:12:58.767Z [Protected] PID 7852, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T08:12:59.015Z [Protected] PID 10640, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T08:13:14.972Z [Protected] PID 5872, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T08:13:15.066Z [Protected] PID 9220, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T08:13:29.318Z [Protected] PID 11856, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:14:49.303Z [Protected] PID 12792, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:15:00.319Z [Protected] PID 10104, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T08:15:19.255Z [Protected] PID 5132, Features 000000361FBF0106, C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
2017-01-10T08:15:20.076Z [Protected] PID 11180, Features 000000300000010E, C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2017-01-10T08:15:22.764Z [Protected] PID 2064, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T08:15:22.812Z [Protected] PID 2380, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T08:16:35.157Z [Protected] PID 12228, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T08:16:37.239Z [Protected] PID 13060, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T08:16:37.392Z [Protected] PID 9680, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T08:16:37.515Z [Protected] PID 5652, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T08:17:05.994Z [Protected] PID 11572, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T08:17:06.077Z [Protected] PID 11332, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T08:20:00.190Z [Protected] PID 10500, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T08:20:31.023Z [Protected] PID 3636, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T08:20:31.109Z [Protected] PID 5880, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T08:20:43.170Z [Protected] PID 9464, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T08:21:46.500Z [Protected] PID 13068, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T08:21:46.592Z [Protected] PID 12452, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:21:48.700Z [Protected] PID 8452, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T08:24:15.651Z [Protected] PID 10556, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:24:15.870Z [Protected] PID 4492, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:26:10.640Z [Protected] PID 1296, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:26:38.356Z [Protected] PID 12724, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T08:26:38.450Z [Protected] PID 12704, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T08:27:09.446Z [Protected] PID 4708, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T08:27:18.918Z [Protected] PID 6716, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T08:27:20.093Z [Protected] PID 12896, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T08:27:53.646Z [Protected] PID 10332, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T08:28:18.350Z [Protected] PID 13296, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T08:28:25.342Z [Protected] PID 10524, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T08:29:45.399Z [Protected] PID 7376, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:29:45.449Z [Protected] PID 11528, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T08:29:47.688Z [Protected] PID 10292, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T08:30:39.382Z [Protected] PID 8960, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T08:30:39.474Z [Protected] PID 11312, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T08:31:00.143Z [Protected] PID 9924, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T08:31:35.768Z [Protected] PID 11396, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T08:31:35.887Z [Protected] PID 12624, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T08:31:35.997Z [Protected] PID 11652, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T08:31:36.105Z [Protected] PID 11732, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T08:31:36.255Z [Protected] PID 5188, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T08:31:36.294Z [Protected] PID 9476, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T08:31:36.454Z [Protected] PID 5552, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T08:31:53.352Z [Protected] PID 11808, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:31:54.994Z [Protected] PID 1804, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T08:31:55.077Z [Protected] PID 11088, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T08:32:07.855Z [Protected] PID 2868, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:32:07.957Z [Protected] PID 11100, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:32:56.854Z [Protected] PID 6552, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:32:56.940Z [Protected] PID 12088, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:37:39.191Z [Protected] PID 13036, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T08:37:39.230Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110143738
2017-01-10T08:39:51.329Z [Protected] PID 12192, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:40:56.955Z [Protected] PID 4632, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:40:58.459Z [Protected] PID 11180, Features 000000361FBF0106, C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
2017-01-10T08:40:59.180Z [Protected] PID 8328, Features 000000300000010E, C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2017-01-10T08:41:01.897Z [Protected] PID 11836, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T08:41:10.015Z [Protected] PID 10972, Features 0000003200000102, C:\Windows\splwow64.exe
2017-01-10T08:42:19.797Z [Protected] PID 12612, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T08:42:19.886Z [Protected] PID 10808, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T08:42:23.878Z [Protected] PID 5652, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T08:42:23.905Z [Protected] PID 11928, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T08:42:24.030Z [Protected] PID 11088, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T08:42:24.054Z [Protected] PID 7572, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T08:43:48.978Z [Protected] PID 10128, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T08:43:49.185Z [Protected] PID 12324, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T08:45:00.004Z [Protected] PID 1248, Features 0000003000000102, C:\Windows\System32\SnippingTool.exe
2017-01-10T08:45:00.302Z [Protected] PID 12700, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T08:45:00.723Z [Protected] PID 9672, Features 0000003000000102, C:\Windows\System32\wisptis.exe
2017-01-10T08:45:43.573Z [Protected] PID 2392, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T08:45:48.708Z [Protected] PID 6400, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:45:54.916Z [Protected] PID 12080, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T08:48:03.743Z [Protected] PID 11016, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T08:48:03.851Z [Protected] PID 9840, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T08:50:05.300Z [Protected] PID 12540, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T08:50:05.326Z [Protected] PID 10996, Features 0000003000000106, C:\Program Files\Intel\Telemetry 2.0\lrio.exe
2017-01-10T08:51:11.851Z [Protected] PID 1676, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T08:51:11.871Z [Protected] PID 9988, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T08:51:12.816Z [Protected] PID 10128, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T08:53:03.170Z [Protected] PID 1944, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:53:33.045Z [Protected] PID 6444, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:54:00.090Z [Protected] PID 3520, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:54:13.092Z [Protected] PID 7112, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:54:40.448Z [Protected] PID 10408, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:54:40.575Z [Protected] PID 10452, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:54:49.797Z [Protected] PID 9672, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-10T08:54:51.506Z [Protected] PID 10288, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T08:54:51.511Z [Protected] PID 10676, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T08:54:53.672Z [Protected] PID 9308, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T08:55:39.334Z [Protected] PID 12656, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:56:01.584Z [Protected] PID 11068, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T08:56:40.385Z [Protected] PID 4448, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T08:56:40.477Z [Protected] PID 812, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T08:59:17.550Z [Protected] PID 12444, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T08:59:17.552Z [Protected] PID 13076, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T08:59:20.165Z [Protected] PID 1920, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T09:00:02.717Z [Protected] PID 9840, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:00:02.804Z [Protected] PID 12952, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:00:13.221Z [Protected] PID 11156, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:00:13.305Z [Protected] PID 11872, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:00:32.210Z [Protected] PID 8248, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:02:45.633Z [Protected] PID 13128, Features 0000003000000102, C:\Program Files (x86)\Moffsoft FreeCalc\MoffFreeCalc.exe
2017-01-10T09:03:30.130Z [Protected] PID 11288, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:04:54.626Z [Protected] PID 3380, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T09:05:03.856Z [Protected] PID 11172, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T09:05:05.023Z [Protected] PID 6596, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T09:05:05.074Z [Protected] PID 8432, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T09:05:05.259Z [Protected] PID 12108, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T09:05:05.317Z [Protected] PID 9896, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T09:05:05.697Z [Protected] PID 9988, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T09:05:12.639Z [Protected] PID 12840, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T09:05:12.666Z [Protected] PID 6100, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-10T09:05:27.652Z [Protected] PID 12444, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T09:05:30.096Z [Protected] PID 10520, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:05:30.188Z [Protected] PID 12088, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:06:12.545Z [Protected] PID 2120, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:06:21.050Z [Protected] PID 7884, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:06:21.132Z [Protected] PID 10668, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:06:32.374Z [Protected] PID 9944, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:06:32.461Z [Protected] PID 5832, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:07:07.111Z [Protected] PID 10640, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:07:39.443Z [Protected] PID 10732, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T09:07:39.481Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110150739
2017-01-10T09:08:09.545Z [Protected] PID 7420, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:08:51.016Z [Protected] PID 12804, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:08:51.119Z [Protected] PID 12548, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:10:52.750Z [Protected] PID 2168, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:11:43.086Z [Protected] PID 8564, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T09:11:43.108Z [Protected] PID 5480, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T09:11:44.070Z [Protected] PID 11736, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T09:11:47.229Z [Protected] PID 13432, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T09:12:03.197Z [Protected] PID 13596, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-10T09:12:15.023Z [Protected] PID 13760, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T09:12:31.304Z [Protected] PID 13960, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T09:12:31.402Z [Protected] PID 14096, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T09:13:31.512Z [Protected] PID 11844, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe
2017-01-10T09:13:32.584Z [Protected] PID 13916, Features 000000300000010E, C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2017-01-10T09:14:02.103Z [Protected] PID 9564, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T09:14:02.187Z [Protected] PID 14308, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T09:16:35.350Z [Protected] PID 12604, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T09:16:37.353Z [Protected] PID 13524, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T09:16:37.483Z [Protected] PID 10052, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T09:16:37.608Z [Protected] PID 10648, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T09:19:59.184Z [Protected] PID 7208, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T09:19:59.276Z [Protected] PID 12848, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T09:20:00.083Z [Protected] PID 13612, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T09:20:23.014Z [Protected] PID 14012, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T09:30:56.952Z [Protected] PID 13972, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T09:30:57.442Z [Protected] PID 12980, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
2017-01-10T09:30:58.966Z [Protected] PID 13632, Features 0000003000000102, C:\Windows\System32\Ribbons.scr
2017-01-10T09:31:00.139Z [Protected] PID 11372, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T09:31:20.292Z [Protected] PID 6716, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T09:31:20.403Z [Protected] PID 11100, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T09:37:39.642Z [Protected] PID 10904, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T09:37:39.688Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110153739
2017-01-10T09:42:24.475Z [Protected] PID 6716, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T09:42:24.506Z [Protected] PID 14072, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T09:42:24.605Z [Protected] PID 3392, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T09:42:24.634Z [Protected] PID 9548, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T09:45:55.261Z [Protected] PID 13392, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T09:48:04.049Z [Protected] PID 2120, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T09:48:04.178Z [Protected] PID 10920, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T09:49:05.761Z [Protected] PID 9472, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\savxp\crt\avremovew.exe
2017-01-10T09:49:23.104Z [Protected] PID 9256, Features 000000300000010A, C:\Windows\System32\msiexec.exe
2017-01-10T09:49:33.178Z [Protected] PID 13760, Features 0000003000000102, C:\Windows\SysWOW64\msiexec.exe
2017-01-10T09:50:02.785Z [Protected] PID 12404, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
2017-01-10T09:50:03.097Z [Protected] PID 1360, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
2017-01-10T09:50:05.160Z [Protected] PID 8416, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T09:50:05.183Z [Protected] PID 7728, Features 0000003000000102, C:\Windows\SysWOW64\wevtutil.exe
2017-01-10T09:50:05.377Z [Protected] PID 14044, Features 0000003000000102, C:\Windows\System32\wevtutil.exe
2017-01-10T09:50:10.001Z [Protected] PID 6100, Features 000000300000010E, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
2017-01-10T09:50:37.544Z [Protected] PID 12692, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update_64.exe
2017-01-10T09:50:39.709Z [Protected] PID 14204, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Native.exe
2017-01-10T09:50:40.086Z [Protected] PID 13680, Features 0000003000000102, C:\Windows\System32\regsvr32.exe
2017-01-10T09:50:40.387Z [Protected] PID 14308, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Native.exe
2017-01-10T09:50:40.456Z [Protected] PID 14200, Features 0000003000000102, C:\Windows\System32\regsvr32.exe
2017-01-10T09:50:40.790Z [Protected] PID 13920, Features 0000003000000102, C:\Windows\System32\regsvr32.exe
2017-01-10T09:50:40.903Z [Protected] PID 12660, Features 0000003000000102, C:\Windows\SysWOW64\regsvr32.exe
2017-01-10T09:50:41.188Z [Protected] PID 3500, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Native.exe
2017-01-10T09:50:41.257Z [Protected] PID 3488, Features 0000003000000102, C:\Windows\System32\regsvr32.exe
2017-01-10T09:50:41.859Z [Protected] PID 13964, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sdcservice.exe
2017-01-10T09:50:42.468Z [Protected] PID 3428, Features 000000300000010E, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
2017-01-10T09:50:44.668Z [Protected] PID 14208, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-10T09:50:49.539Z [Protected] PID 3944, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:50:49.752Z [Protected] PID 14036, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T09:50:54.416Z [Protected] PID 13976, Features 000000300000010E, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
2017-01-10T09:50:54.632Z [Protected] PID 11784, Features 000000300000010E, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sdcservice.exe
2017-01-10T09:50:55.115Z [Protected] PID 9556, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
2017-01-10T09:50:55.575Z [Protected] PID 12700, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T09:50:56.957Z [Protected] PID 14028, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T09:50:57.840Z [Protected] PID 14176, Features 000000300000010E, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
2017-01-10T09:50:57.863Z [Protected] PID 7112, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T09:50:58.980Z [Protected] PID 3488, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T09:50:59.359Z [Protected] PID 13632, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update_64.exe
2017-01-10T09:51:00.053Z [Protected] PID 1300, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T09:51:00.082Z [Protected] PID 1344, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T09:51:00.345Z [Protected] PID 13336, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T09:51:00.379Z [Protected] PID 1412, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T09:51:00.588Z [Protected] PID 3384, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T09:51:00.611Z [Protected] PID 11228, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T09:51:00.684Z [Protected] PID 2292, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T09:51:00.707Z [Protected] PID 8748, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T09:51:08.192Z [Protected] PID 12088, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T09:51:08.319Z [Protected] PID 9108, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T09:51:09.743Z [Protected] PID 3832, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T09:51:09.895Z [Protected] PID 9412, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T09:52:36.092Z [Protected] PID 13060, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T09:52:40.324Z [Protected] PID 10600, Features 0000003200000102, C:\Windows\System32\rundll32.exe
2017-01-10T09:52:41.362Z [Protected] PID 13336, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T09:52:50.454Z [Protected] PID 6532, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T09:53:17.442Z [Protected] PID 1436, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T09:53:31.996Z [Protected] PID 14116, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T09:53:32.090Z [Protected] PID 4960, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T09:53:32.241Z [Protected] PID 8764, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T09:53:32.366Z [Protected] PID 12052, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T09:53:32.540Z [Protected] PID 5104, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T09:53:32.575Z [Protected] PID 9668, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T09:53:32.742Z [Protected] PID 14168, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T09:54:34.249Z [Protected] PID 5092, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T09:54:34.329Z [Protected] PID 3404, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T09:56:02.230Z [Protected] PID 6776, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T09:56:25.826Z [Protected] PID 9792, Features 000000341FBF9106, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2017-01-10T09:56:31.497Z [Protected] PID 1092, Features 000000341FBFB106, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2017-01-10T09:56:35.469Z [Protected] PID 13840, Features 000000341FBFB106, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2017-01-10T09:57:31.657Z [Protected] PID 12728, Features 000000341FBFB106, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2017-01-10T10:00:00.515Z [Protected] PID 1124, Features 000000300000010A, C:\Windows\System32\sdclt.exe
2017-01-10T10:01:44.853Z [Protected] PID 5880, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T10:01:44.948Z [Protected] PID 13468, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T10:03:10.215Z [Protected] PID 10904, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T10:03:10.299Z [Protected] PID 8676, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T10:04:03.448Z [Protected] PID 6180, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:04:04.670Z [Protected] PID 8128, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:04:53.229Z [Protected] PID 9928, Features 0000003000000106, C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
2017-01-10T10:05:50.522Z [Protected] PID 9992, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-10T10:05:52.306Z [Protected] PID 8644, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T10:05:52.629Z [Protected] PID 12156, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T10:05:56.422Z [Protected] PID 13620, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T10:06:54.155Z [Protected] PID 10268, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T10:07:40.042Z [Protected] PID 9760, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T10:07:40.081Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110160739
2017-01-10T10:08:10.145Z [Protected] PID 8352, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:08:10.233Z [Protected] PID 5288, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:08:13.110Z [Protected] PID 12388, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-10T10:08:14.533Z [Protected] PID 14244, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T10:08:14.746Z [Protected] PID 14056, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T10:08:16.938Z [Protected] PID 8696, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T10:08:23.286Z [Protected] PID 1124, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T10:08:23.387Z [Protected] PID 5652, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T10:10:46.285Z [Protected] PID 1112, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:11:13.548Z [Protected] PID 6008, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T10:11:13.640Z [Protected] PID 13900, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T10:12:29.754Z [Protected] PID 528, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:12:48.383Z [Protected] PID 2468, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:13:02.995Z [Protected] PID 4892, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:13:03.081Z [Protected] PID 10996, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:14:51.554Z [Protected] PID 11148, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:16:36.996Z [Protected] PID 1856, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T10:16:39.659Z [Protected] PID 13836, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T10:16:39.930Z [Protected] PID 7884, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T10:16:40.141Z [Protected] PID 5664, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T10:20:00.104Z [Protected] PID 13172, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T10:20:49.437Z [Protected] PID 12868, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T10:22:46.650Z [Protected] PID 9360, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T10:22:46.755Z [Protected] PID 13404, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T10:22:48.312Z [Protected] PID 10052, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:22:56.572Z [Protected] PID 6744, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T10:22:57.787Z [Protected] PID 1876, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T10:22:57.874Z [Protected] PID 14048, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T10:22:57.906Z [Protected] PID 10148, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T10:22:58.151Z [Protected] PID 12428, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T10:23:05.710Z [Protected] PID 4268, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T10:23:05.735Z [Protected] PID 11928, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-10T10:23:14.914Z [Protected] PID 14100, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:23:23.950Z [Protected] PID 9716, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T10:23:23.972Z [Protected] PID 9472, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T10:23:24.036Z [Protected] PID 9868, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T10:25:16.429Z [Protected] PID 4960, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T10:25:16.451Z [Protected] PID 12420, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T10:25:16.563Z [Protected] PID 9840, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T10:28:43.743Z [Protected] PID 14112, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:29:44.088Z [Protected] PID 6792, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:29:51.867Z [Protected] PID 4732, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T10:29:53.040Z [Protected] PID 4880, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T10:29:53.087Z [Protected] PID 9200, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T10:29:53.168Z [Protected] PID 5936, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T10:29:53.190Z [Protected] PID 5444, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T10:29:53.473Z [Protected] PID 11756, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T10:30:01.362Z [Protected] PID 12776, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:30:23.036Z [Protected] PID 13644, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T10:30:24.794Z [Protected] PID 3804, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T10:30:24.881Z [Protected] PID 11228, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T10:30:24.995Z [Protected] PID 11628, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T10:30:25.109Z [Protected] PID 11608, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T10:30:25.264Z [Protected] PID 3232, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T10:30:25.300Z [Protected] PID 5844, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T10:30:30.566Z [Protected] PID 6652, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:30:38.946Z [Protected] PID 8400, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T10:30:40.681Z [Protected] PID 13436, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:30:54.638Z [Protected] PID 13392, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T10:30:56.362Z [Protected] PID 14316, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:31:00.157Z [Protected] PID 9660, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:31:00.315Z [Protected] PID 7784, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T10:31:10.021Z [Protected] PID 13176, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:31:14.604Z [Protected] PID 8940, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:31:31.310Z [Protected] PID 4892, Features 000000361FBF0106, C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
2017-01-10T10:31:37.226Z [Protected] PID 12168, Features 000000300000010E, C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2017-01-10T10:31:47.843Z [Protected] PID 13348, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T10:31:52.952Z [Protected] PID 12308, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T10:32:04.085Z [Protected] PID 13392, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:32:04.251Z [Protected] PID 8512, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:32:13.300Z [Protected] PID 10944, Features 000000361FBF2106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:32:15.058Z [Protected] PID 11968, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:32:23.569Z [Protected] PID 14208, Features 000000361FBF2106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:32:29.694Z [Protected] PID 13668, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:32:44.227Z [Protected] PID 9652, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:33:03.732Z [Protected] PID 6416, Features 0000003000000102, C:\Windows\System32\wiaacmgr.exe
2017-01-10T10:33:12.523Z [Protected] PID 3136, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T10:33:12.615Z [Protected] PID 11024, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T10:33:15.295Z [Protected] PID 13896, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\plug_ins\Scan\AcroScanBroker.exe
2017-01-10T10:33:15.799Z [Protected] PID 564, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:33:22.140Z [Protected] PID 8448, Features 0000003000000102, C:\Windows\System32\wiawow64.exe
2017-01-10T10:33:59.822Z [Protected] PID 13668, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T10:34:49.966Z [Protected] PID 12660, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T10:34:50.070Z [Protected] PID 13784, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T10:34:50.486Z [Protected] PID 12260, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T10:34:56.408Z [Protected] PID 13644, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:35:18.236Z [Protected] PID 12196, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:35:47.941Z [Protected] PID 11016, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:37:40.197Z [Protected] PID 6376, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T10:37:40.236Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110163740
2017-01-10T10:38:39.659Z [Protected] PID 12860, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:38:47.531Z [Protected] PID 11156, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T10:38:48.703Z [Protected] PID 1140, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T10:38:48.751Z [Protected] PID 1800, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T10:38:48.873Z [Protected] PID 5092, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T10:38:48.896Z [Protected] PID 160, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T10:38:49.008Z [Protected] PID 11056, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T10:38:55.819Z [Protected] PID 13896, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T10:38:55.845Z [Protected] PID 13324, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-10T10:40:26.931Z [Protected] PID 8264, Features 0000003000000102, C:\Windows\System32\wiawow64.exe
2017-01-10T10:44:28.570Z [Protected] PID 13596, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T10:44:28.694Z [Protected] PID 2040, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T10:45:56.250Z [Protected] PID 13228, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T10:48:04.373Z [Protected] PID 12932, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T10:48:04.482Z [Protected] PID 4732, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T10:49:38.802Z [Protected] PID 9716, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:49:38.988Z [Protected] PID 11148, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:49:52.384Z [Protected] PID 13032, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:49:52.458Z [Protected] PID 924, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:50:01.725Z [Protected] PID 13660, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:51:01.102Z [Protected] PID 13368, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T10:51:01.126Z [Protected] PID 4380, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T10:51:01.551Z [Protected] PID 10420, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T10:51:01.575Z [Protected] PID 10784, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T10:51:44.402Z [Protected] PID 14036, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:51:50.944Z [Protected] PID 13504, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:52:00.117Z [Protected] PID 6200, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T10:52:01.289Z [Protected] PID 14076, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T10:52:01.571Z [Protected] PID 3488, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T10:52:01.578Z [Protected] PID 3136, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T10:52:01.594Z [Protected] PID 11024, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T10:52:01.825Z [Protected] PID 1400, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T10:53:01.562Z [Protected] PID 13232, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T10:53:23.914Z [Protected] PID 6420, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T10:54:11.158Z [Protected] PID 1944, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T10:54:11.253Z [Protected] PID 11792, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T10:55:46.407Z [Protected] PID 11308, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T10:55:46.493Z [Protected] PID 11280, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T10:56:02.750Z [Protected] PID 13644, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T10:57:47.932Z [Protected] PID 13732, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T10:57:47.952Z [Protected] PID 8764, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T10:57:48.554Z [Protected] PID 13892, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T10:57:51.612Z [Protected] PID 9632, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T10:58:07.433Z [Protected] PID 14048, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-10T11:01:44.698Z [Protected] PID 13748, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T11:02:09.267Z [Protected] PID 12296, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T11:02:12.027Z [Protected] PID 1344, Features 0000003000000102, C:\Windows\System32\SnippingTool.exe
2017-01-10T11:02:12.948Z [Protected] PID 12136, Features 0000003000000102, C:\Windows\System32\wisptis.exe
2017-01-10T11:04:25.814Z [Protected] PID 10660, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T11:04:25.972Z [Protected] PID 1856, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:04:55.149Z [Protected] PID 11856, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:04:55.297Z [Protected] PID 9308, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:05:49.343Z [Protected] PID 12852, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:05:52.429Z [Protected] PID 6544, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T11:05:52.546Z [Protected] PID 9352, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T11:05:52.659Z [Protected] PID 1844, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T11:05:52.767Z [Protected] PID 8440, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T11:05:52.982Z [Protected] PID 11308, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T11:05:53.019Z [Protected] PID 5284, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T11:05:53.182Z [Protected] PID 12776, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T11:06:00.896Z [Protected] PID 11260, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T11:06:00.980Z [Protected] PID 7584, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:07:40.350Z [Protected] PID 13472, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T11:07:40.389Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110170740
2017-01-10T11:08:32.933Z [Protected] PID 14292, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:08:58.477Z [Protected] PID 1460, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:10:28.423Z [Protected] PID 5664, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T11:10:28.473Z [Protected] PID 1124, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:16:35.922Z [Protected] PID 10564, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T11:16:38.128Z [Protected] PID 12888, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T11:16:38.299Z [Protected] PID 9232, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T11:16:38.460Z [Protected] PID 9956, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T11:18:00.051Z [Protected] PID 9196, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T11:18:00.140Z [Protected] PID 14216, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:18:28.651Z [Protected] PID 11432, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:19:37.431Z [Protected] PID 11152, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T11:19:37.522Z [Protected] PID 12600, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:20:00.170Z [Protected] PID 13732, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T11:20:25.490Z [Protected] PID 9256, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T11:20:42.214Z [Protected] PID 9240, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:21:31.682Z [Protected] PID 9240, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T11:21:31.830Z [Protected] PID 13332, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:21:35.977Z [Protected] PID 3232, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T11:21:46.417Z [Protected] PID 2392, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:22:39.528Z [Protected] PID 5664, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:23:01.670Z [Protected] PID 10916, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T11:23:15.012Z [Protected] PID 1584, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T11:23:15.058Z [Protected] PID 8464, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:24:59.935Z [Protected] PID 512, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:25:54.878Z [Protected] PID 10916, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:25:57.221Z [Protected] PID 9232, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T11:25:57.285Z [Protected] PID 13940, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:26:15.677Z [Protected] PID 13372, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:26:19.487Z [Protected] PID 7008, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T11:28:42.894Z [Protected] PID 12776, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:30:38.488Z [Protected] PID 1548, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T11:30:38.586Z [Protected] PID 9800, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:31:00.155Z [Protected] PID 5664, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T11:31:18.540Z [Protected] PID 10664, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe
2017-01-10T11:31:20.238Z [Protected] PID 7512, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe
2017-01-10T11:31:20.582Z [Protected] PID 9692, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ismagent.exe
2017-01-10T11:31:21.320Z [Protected] PID 11856, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\CrashReportSender.exe
2017-01-10T11:31:24.611Z [Protected] PID 7432, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T11:33:32.993Z [Protected] PID 3792, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T11:33:41.809Z [Protected] PID 13204, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T11:33:41.858Z [Protected] PID 2876, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:33:42.082Z [Protected] PID 14144, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T11:33:42.108Z [Protected] PID 12712, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T11:33:42.301Z [Protected] PID 10416, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T11:33:49.920Z [Protected] PID 14088, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T11:33:49.946Z [Protected] PID 12848, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-10T11:34:04.728Z [Protected] PID 14156, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T11:34:38.500Z [Protected] PID 10408, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T11:36:48.834Z [Protected] PID 13724, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:37:09.095Z [Protected] PID 12084, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T11:37:09.184Z [Protected] PID 3396, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:37:40.505Z [Protected] PID 8464, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T11:37:40.544Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110173740
2017-01-10T11:40:05.123Z [Protected] PID 12476, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T11:40:05.217Z [Protected] PID 12260, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:40:22.838Z [Protected] PID 6376, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:40:23.089Z [Protected] PID 9824, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:42:59.248Z [Protected] PID 1416, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T11:43:17.585Z [Protected] PID 12952, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T11:43:17.681Z [Protected] PID 1908, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:45:55.721Z [Protected] PID 11216, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T11:46:46.528Z [Protected] PID 13728, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T11:46:46.620Z [Protected] PID 12128, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:48:04.689Z [Protected] PID 7616, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T11:48:04.799Z [Protected] PID 4004, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T11:49:16.507Z [Protected] PID 9856, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T11:49:24.454Z [Protected] PID 9472, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T11:49:25.618Z [Protected] PID 8280, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T11:49:25.653Z [Protected] PID 12196, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T11:49:25.680Z [Protected] PID 3804, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T11:49:25.701Z [Protected] PID 12952, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:49:25.762Z [Protected] PID 10928, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T11:49:32.830Z [Protected] PID 6040, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T11:49:32.855Z [Protected] PID 13640, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-10T11:49:44.530Z [Protected] PID 5872, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T11:50:05.988Z [Protected] PID 11524, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:50:06.204Z [Protected] PID 13884, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:51:01.881Z [Protected] PID 11088, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T11:51:01.946Z [Protected] PID 13748, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T11:51:02.068Z [Protected] PID 5116, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T11:51:02.090Z [Protected] PID 11596, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T11:56:03.115Z [Protected] PID 7512, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T11:56:45.754Z [Protected] PID 1844, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-10T11:56:47.593Z [Protected] PID 14148, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T11:57:03.601Z [Protected] PID 10416, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T11:57:03.649Z [Protected] PID 10356, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:57:07.033Z [Protected] PID 12196, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:57:19.696Z [Protected] PID 13212, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T11:57:19.717Z [Protected] PID 13056, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T11:57:19.837Z [Protected] PID 11164, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T11:57:39.244Z [Protected] PID 7416, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T11:59:18.953Z [Protected] PID 14080, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T11:59:36.691Z [Protected] PID 1912, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T11:59:36.784Z [Protected] PID 6276, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T11:59:42.137Z [Protected] PID 13764, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T12:03:28.574Z [Protected] PID 12792, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T12:03:28.666Z [Protected] PID 11156, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T12:03:46.139Z [Protected] PID 14132, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T12:03:51.529Z [Protected] PID 9360, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T12:03:54.559Z [Protected] PID 6776, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T12:03:59.573Z [Protected] PID 12448, Features 0000003200000102, C:\Windows\System32\rundll32.exe
2017-01-10T12:04:00.805Z [Protected] PID 4732, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T12:04:00.899Z [Protected] PID 12000, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T12:04:01.983Z [Protected] PID 2380, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T12:04:44.897Z [Protected] PID 9556, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-10T12:06:49.317Z [Protected] PID 13548, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T12:06:49.372Z [Protected] PID 11372, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T12:06:49.479Z [Protected] PID 8576, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T12:06:49.582Z [Protected] PID 10804, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T12:06:49.729Z [Protected] PID 10952, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T12:06:49.766Z [Protected] PID 11868, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T12:06:49.923Z [Protected] PID 8916, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T12:07:40.656Z [Protected] PID 3924, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T12:07:40.695Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110180740
2017-01-10T12:07:58.722Z [Protected] PID 13500, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T12:08:00.529Z [Protected] PID 12792, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T12:16:20.612Z [Protected] PID 13176, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T12:16:20.702Z [Protected] PID 11804, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T12:16:35.673Z [Protected] PID 712, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T12:16:37.512Z [Protected] PID 11836, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T12:16:38.041Z [Protected] PID 1700, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T12:16:38.134Z [Protected] PID 12548, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T12:19:02.606Z [Protected] PID 11504, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T12:19:02.702Z [Protected] PID 8064, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T12:19:08.314Z [Protected] PID 12448, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T12:19:47.594Z [Protected] PID 7584, Features 0000003000000102, C:\Windows\System32\Ribbons.scr
2017-01-10T12:19:47.860Z [Protected] PID 13372, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T12:20:00.153Z [Protected] PID 3924, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T12:20:26.663Z [Protected] PID 9536, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T12:22:26.890Z [Protected] PID 164, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-10T12:22:29.506Z [Protected] PID 10396, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-10T12:22:33.458Z [Protected] PID 4740, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-10T12:28:07.583Z [Protected] PID 11340, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T12:28:07.609Z [Protected] PID 8352, Features 0000003000000106, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2017-01-10T12:28:23.878Z [Protected] PID 13724, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T12:29:04.956Z [Protected] PID 13040, Features 000000300000010A, C:\Windows\System32\wbem\WmiApSrv.exe
2017-01-10T12:29:12.791Z [Protected] PID 9760, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T12:31:00.153Z [Protected] PID 11060, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T12:31:16.169Z [Protected] PID 13784, Features 000000300000010A, C:\Windows\System32\wbem\WmiApSrv.exe
2017-01-10T12:34:34.115Z [Protected] PID 9412, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T12:34:34.226Z [Protected] PID 7464, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T12:36:13.927Z [Protected] PID 13440, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T12:36:14.027Z [Protected] PID 9540, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T12:37:40.817Z [Protected] PID 14208, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T12:37:40.856Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110183740
2017-01-10T12:37:52.429Z [Protected] PID 5412, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T12:37:52.452Z [Protected] PID 8820, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T12:37:52.946Z [Protected] PID 14040, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T12:37:55.912Z [Protected] PID 12532, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T12:38:11.832Z [Protected] PID 12428, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-10T12:41:34.683Z [Protected] PID 10388, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T12:41:34.792Z [Protected] PID 1600, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T12:45:55.516Z [Protected] PID 13260, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T12:48:04.998Z [Protected] PID 5356, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T12:48:05.156Z [Protected] PID 5844, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T12:50:44.291Z [Protected] PID 7872, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T12:50:44.382Z [Protected] PID 13940, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T12:51:01.871Z [Protected] PID 3492, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T12:51:01.937Z [Protected] PID 8916, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T12:51:02.028Z [Protected] PID 6420, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T12:51:02.054Z [Protected] PID 888, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T12:56:02.520Z [Protected] PID 13012, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T12:56:57.015Z [Protected] PID 8912, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T12:56:57.107Z [Protected] PID 8248, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T12:59:54.674Z [Protected] PID 13296, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T12:59:54.768Z [Protected] PID 11732, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T13:02:06.415Z [Protected] PID 13804, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T13:02:06.471Z [Protected] PID 13892, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T13:02:06.578Z [Protected] PID 10976, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T13:02:06.679Z [Protected] PID 4900, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T13:02:06.942Z [Protected] PID 3492, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T13:02:06.977Z [Protected] PID 7740, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T13:02:07.134Z [Protected] PID 232, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T13:03:35.598Z [Protected] PID 11036, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T13:03:35.691Z [Protected] PID 11928, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T13:06:01.828Z [Protected] PID 13252, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T13:06:01.873Z [Protected] PID 13332, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T13:07:39.805Z [Protected] PID 10912, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T13:07:39.844Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110190739
2017-01-10T13:13:34.583Z [Protected] PID 9716, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T13:19:59.586Z [Protected] PID 10784, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T13:20:49.269Z [Protected] PID 1700, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T13:22:27.436Z [Protected] PID 2044, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T13:22:29.397Z [Protected] PID 14100, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T13:22:29.488Z [Protected] PID 13720, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T13:22:29.598Z [Protected] PID 9824, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T13:30:59.994Z [Protected] PID 3356, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T13:32:28.723Z [Protected] PID 7292, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T13:32:28.816Z [Protected] PID 10500, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T13:37:39.775Z [Protected] PID 13652, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T13:37:39.813Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110193739
2017-01-10T13:40:58.224Z [Protected] PID 9448, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T13:41:38.218Z [Protected] PID 11340, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T13:42:18.796Z [Protected] PID 1876, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T13:43:21.204Z [Protected] PID 1920, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T13:43:21.225Z [Protected] PID 12920, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T13:43:21.419Z [Protected] PID 11096, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T13:45:53.849Z [Protected] PID 2120, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T13:48:03.769Z [Protected] PID 8748, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T13:48:03.874Z [Protected] PID 1648, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T13:51:01.315Z [Protected] PID 13960, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T13:51:01.338Z [Protected] PID 11936, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T13:51:01.421Z [Protected] PID 6224, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T13:51:01.443Z [Protected] PID 8820, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T13:51:38.413Z [Protected] PID 1580, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T13:51:38.459Z [Protected] PID 1028, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T13:56:02.291Z [Protected] PID 5876, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T14:00:50.636Z [Protected] PID 13752, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T14:02:29.536Z [Protected] PID 6416, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T14:02:29.632Z [Protected] PID 4276, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T14:02:36.868Z [Protected] PID 13804, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T14:03:24.829Z [Protected] PID 11836, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T14:03:54.324Z [Protected] PID 3356, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T14:04:04.086Z [Protected] PID 6272, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T14:04:04.267Z [Protected] PID 4008, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T14:04:04.291Z [Protected] PID 11968, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T14:04:04.372Z [Protected] PID 7780, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T14:04:11.222Z [Protected] PID 9448, Features 0000003200000102, C:\Windows\System32\rundll32.exe
2017-01-10T14:05:40.272Z [Protected] PID 12440, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T14:05:40.366Z [Protected] PID 11104, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T14:07:39.748Z [Protected] PID 13820, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T14:07:39.787Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110200739
2017-01-10T14:08:03.757Z [Protected] PID 10344, Features 0000003000000106, C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
2017-01-10T14:10:51.058Z [Protected] PID 8924, Features 0000003000000106, C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
2017-01-10T14:11:25.497Z [Protected] PID 9560, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-10T14:11:27.433Z [Protected] PID 11928, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T14:11:29.896Z [Protected] PID 9472, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T14:11:30.029Z [Protected] PID 4448, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\Silverlight.Configuration.exe
2017-01-10T14:11:37.510Z [Protected] PID 14148, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:12:55.445Z [Protected] PID 13520, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T14:12:55.466Z [Protected] PID 13864, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T14:12:55.879Z [Protected] PID 2860, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T14:12:58.308Z [Protected] PID 6544, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T14:13:14.288Z [Protected] PID 4892, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-10T14:14:51.517Z [Protected] PID 13708, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:19:59.940Z [Protected] PID 13920, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T14:20:25.618Z [Protected] PID 8696, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T14:22:27.112Z [Protected] PID 11240, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T14:22:29.073Z [Protected] PID 12964, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T14:22:29.162Z [Protected] PID 11120, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T14:22:29.248Z [Protected] PID 7460, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T14:25:38.358Z [Protected] PID 10500, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T14:25:38.405Z [Protected] PID 10600, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T14:28:32.808Z [Protected] PID 5908, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T14:28:32.855Z [Protected] PID 6828, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T14:28:57.576Z [Protected] PID 13472, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:30:59.995Z [Protected] PID 11968, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T14:34:44.861Z [Protected] PID 11036, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T14:34:44.912Z [Protected] PID 13672, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T14:36:08.242Z [Protected] PID 10408, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:36:09.170Z [Protected] PID 3120, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T14:36:13.617Z [Protected] PID 13860, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:36:14.088Z [Protected] PID 2380, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T14:36:15.251Z [Protected] PID 14188, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T14:37:39.721Z [Protected] PID 5936, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T14:37:39.760Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110203739
2017-01-10T14:39:08.076Z [Protected] PID 1676, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:39:28.257Z [Protected] PID 2380, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:39:39.326Z [Protected] PID 9988, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T14:39:39.968Z [Protected] PID 10480, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:39:41.751Z [Protected] PID 14120, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T14:39:42.376Z [Protected] PID 11808, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T14:39:43.560Z [Protected] PID 3832, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T14:39:44.071Z [Protected] PID 11980, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T14:39:44.119Z [Protected] PID 13832, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T14:41:13.395Z [Protected] PID 9924, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T14:41:13.484Z [Protected] PID 8060, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T14:41:43.096Z [Protected] PID 10784, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T14:41:51.230Z [Protected] PID 11524, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T14:41:52.413Z [Protected] PID 12808, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T14:41:52.567Z [Protected] PID 7464, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T14:41:52.593Z [Protected] PID 6040, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T14:41:52.682Z [Protected] PID 13172, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T14:41:59.560Z [Protected] PID 11228, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T14:41:59.590Z [Protected] PID 9700, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-10T14:42:15.030Z [Protected] PID 10992, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T14:42:26.297Z [Protected] PID 7924, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T14:42:35.338Z [Protected] PID 10436, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T14:42:35.360Z [Protected] PID 13728, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T14:42:35.423Z [Protected] PID 12488, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T14:42:42.210Z [Protected] PID 11900, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T14:42:42.429Z [Protected] PID 12300, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-10T14:42:56.429Z [Protected] PID 13012, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:42:58.192Z [Protected] PID 12948, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T14:44:35.907Z [Protected] PID 13616, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:44:50.162Z [Protected] PID 9508, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T14:44:50.719Z [Protected] PID 9412, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:44:52.787Z [Protected] PID 12000, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T14:44:53.423Z [Protected] PID 11824, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T14:44:54.470Z [Protected] PID 4296, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T14:45:03.649Z [Protected] PID 11196, Features 0000003200000102, C:\Windows\System32\rundll32.exe
2017-01-10T14:45:04.221Z [Protected] PID 1028, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:45:05.640Z [Protected] PID 11252, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T14:45:13.690Z [Protected] PID 1528, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T14:45:14.862Z [Protected] PID 9712, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T14:45:14.895Z [Protected] PID 4740, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T14:45:14.915Z [Protected] PID 12776, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T14:45:14.927Z [Protected] PID 4348, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T14:45:15.016Z [Protected] PID 13644, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T14:45:18.214Z [Protected] PID 13468, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:45:21.635Z [Protected] PID 10124, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T14:45:21.666Z [Protected] PID 13992, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-10T14:45:37.532Z [Protected] PID 13676, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T14:45:55.081Z [Protected] PID 1436, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T14:46:05.410Z [Protected] PID 10728, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:47:25.030Z [Protected] PID 14228, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T14:47:25.556Z [Protected] PID 11148, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:47:27.786Z [Protected] PID 14320, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T14:47:28.412Z [Protected] PID 13400, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T14:47:45.937Z [Protected] PID 12884, Features 0000003200000102, C:\Windows\System32\rundll32.exe
2017-01-10T14:47:46.863Z [Protected] PID 12956, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T14:47:50.622Z [Protected] PID 12828, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:47:57.352Z [Protected] PID 13744, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T14:48:03.840Z [Protected] PID 13848, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T14:48:03.948Z [Protected] PID 13176, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T14:49:32.399Z [Protected] PID 13136, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-10T14:51:01.315Z [Protected] PID 11096, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T14:51:01.339Z [Protected] PID 14080, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T14:51:01.426Z [Protected] PID 14116, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T14:51:01.449Z [Protected] PID 8516, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T14:53:56.201Z [Protected] PID 13848, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T14:53:56.294Z [Protected] PID 13724, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T14:56:02.574Z [Protected] PID 14268, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T15:03:10.687Z [Protected] PID 6776, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T15:04:34.851Z [Protected] PID 14112, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T15:04:35.030Z [Protected] PID 12020, Features 0000003000000102, C:\Windows\System32\Ribbons.scr
2017-01-10T15:07:20.832Z [Protected] PID 9988, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T15:07:20.953Z [Protected] PID 10936, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T15:07:21.098Z [Protected] PID 1600, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T15:07:21.246Z [Protected] PID 7564, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T15:07:21.443Z [Protected] PID 5236, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T15:07:21.496Z [Protected] PID 12896, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T15:07:21.688Z [Protected] PID 5176, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T15:07:39.709Z [Protected] PID 11708, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T15:07:39.761Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110210739
2017-01-10T15:12:59.985Z [Protected] PID 2468, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T15:13:00.530Z [Protected] PID 14172, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T15:20:00.016Z [Protected] PID 4300, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T15:20:18.917Z [Protected] PID 7432, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T15:22:26.948Z [Protected] PID 9712, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T15:22:29.063Z [Protected] PID 2044, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T15:22:29.235Z [Protected] PID 14208, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T15:22:29.426Z [Protected] PID 11484, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T15:26:23.294Z [Protected] PID 3944, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T15:26:23.324Z [Protected] PID 14172, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T15:26:23.529Z [Protected] PID 5552, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T15:31:00.227Z [Protected] PID 11152, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T15:32:19.232Z [Protected] PID 4296, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T15:32:19.401Z [Protected] PID 10372, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T15:37:39.699Z [Protected] PID 10748, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T15:37:39.737Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110213739
2017-01-10T15:40:02.241Z [Protected] PID 8068, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T15:40:02.381Z [Protected] PID 14196, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T15:40:02.602Z [Protected] PID 11060, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T15:40:07.796Z [Protected] PID 14316, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T15:40:07.849Z [Protected] PID 10384, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T15:40:13.303Z [Protected] PID 9692, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T15:40:39.177Z [Protected] PID 3404, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T15:40:56.999Z [Protected] PID 10516, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T15:41:19.797Z [Protected] PID 3492, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T15:43:41.269Z [Protected] PID 8516, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T15:43:41.360Z [Protected] PID 7856, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T15:44:51.987Z [Protected] PID 1560, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T15:44:52.078Z [Protected] PID 3120, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T15:45:53.588Z [Protected] PID 14080, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T15:47:20.208Z [Protected] PID 9864, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T15:47:20.302Z [Protected] PID 6788, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T15:48:03.817Z [Protected] PID 11836, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T15:48:03.926Z [Protected] PID 11968, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T15:49:19.066Z [Protected] PID 11664, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T15:49:19.151Z [Protected] PID 12728, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T15:51:01.373Z [Protected] PID 5236, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T15:51:01.398Z [Protected] PID 13532, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T15:51:01.482Z [Protected] PID 10980, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T15:51:01.505Z [Protected] PID 9864, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T15:51:50.992Z [Protected] PID 13764, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T15:51:51.085Z [Protected] PID 5116, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T15:52:32.608Z [Protected] PID 8008, Features 0000003000000106, C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
2017-01-10T15:53:14.239Z [Protected] PID 13848, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T15:53:14.335Z [Protected] PID 10524, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T15:53:26.385Z [Protected] PID 3152, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T15:53:33.717Z [Protected] PID 13972, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-10T15:53:35.325Z [Protected] PID 13728, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T15:53:35.443Z [Protected] PID 11788, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T15:53:37.590Z [Protected] PID 10416, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T15:54:22.926Z [Protected] PID 9956, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T15:55:17.024Z [Protected] PID 10524, Features 0000003000000102, C:\Windows\System32\wiaacmgr.exe
2017-01-10T15:55:25.628Z [Protected] PID 14116, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\plug_ins\Scan\AcroScanBroker.exe
2017-01-10T15:55:25.984Z [Protected] PID 10936, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T15:55:35.059Z [Protected] PID 14096, Features 0000003000000102, C:\Windows\System32\wiawow64.exe
2017-01-10T15:56:02.773Z [Protected] PID 10940, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T15:56:14.084Z [Protected] PID 12920, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T15:57:07.079Z [Protected] PID 7556, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T15:57:07.160Z [Protected] PID 10252, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T15:57:07.887Z [Protected] PID 13304, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T15:57:11.571Z [Protected] PID 12380, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T15:57:11.686Z [Protected] PID 13476, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T15:57:11.802Z [Protected] PID 12940, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T15:57:11.911Z [Protected] PID 3232, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T15:57:12.076Z [Protected] PID 13256, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T15:57:12.114Z [Protected] PID 14000, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T15:57:12.409Z [Protected] PID 7112, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T15:58:28.252Z [Protected] PID 2248, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T15:58:28.491Z [Protected] PID 13800, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T15:58:50.988Z [Protected] PID 10424, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T15:59:20.991Z [Protected] PID 13304, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:00:22.884Z [Protected] PID 7056, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T16:00:22.981Z [Protected] PID 7884, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T16:01:59.594Z [Protected] PID 13960, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T16:01:59.614Z [Protected] PID 13964, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T16:02:00.051Z [Protected] PID 11572, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-10T16:02:01.967Z [Protected] PID 7416, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T16:02:17.914Z [Protected] PID 6224, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-10T16:03:02.734Z [Protected] PID 9808, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T16:03:14.915Z [Protected] PID 14028, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T16:03:14.962Z [Protected] PID 11836, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T16:07:39.671Z [Protected] PID 12760, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T16:07:39.711Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110220739
2017-01-10T16:09:41.099Z [Protected] PID 2528, Features 000000300000010A, C:\Windows\System32\msfeedssync.exe
2017-01-10T16:09:55.544Z [Protected] PID 8748, Features 0000003000000102, C:\Program Files\Internet Explorer\IELowutil.exe
2017-01-10T16:18:04.669Z [Protected] PID 14320, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T16:18:04.754Z [Protected] PID 5480, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T16:19:59.941Z [Protected] PID 11696, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T16:20:26.524Z [Protected] PID 1444, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T16:21:16.587Z [Protected] PID 13208, Features 0000003000000102, C:\Windows\System32\Ribbons.scr
2017-01-10T16:22:26.758Z [Protected] PID 13012, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T16:22:28.796Z [Protected] PID 9760, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T16:22:28.921Z [Protected] PID 12768, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T16:22:29.080Z [Protected] PID 10660, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T16:24:59.035Z [Protected] PID 10252, Features 000000300000010A, C:\Windows\System32\msfeedssync.exe
2017-01-10T16:25:16.578Z [Protected] PID 11212, Features 0000003000000102, C:\Program Files\Internet Explorer\IELowutil.exe
2017-01-10T16:26:04.185Z [Protected] PID 10728, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T16:26:04.332Z [Protected] PID 13832, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T16:28:08.025Z [Protected] PID 3408, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T16:28:08.139Z [Protected] PID 13136, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T16:31:00.088Z [Protected] PID 11016, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T16:37:39.654Z [Protected] PID 712, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T16:37:39.700Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110223739
2017-01-10T16:42:24.531Z [Protected] PID 12168, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-10T16:42:29.682Z [Protected] PID 14168, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:42:29.857Z [Protected] PID 10668, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:42:34.833Z [Protected] PID 9632, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T16:42:34.927Z [Protected] PID 12784, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T16:42:35.208Z [Protected] PID 10152, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:42:50.367Z [Protected] PID 7376, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:42:50.455Z [Protected] PID 1872, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:45:28.818Z [Protected] PID 9480, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T16:45:28.907Z [Protected] PID 11708, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T16:45:32.279Z [Protected] PID 14160, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:45:53.806Z [Protected] PID 1512, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T16:47:01.046Z [Protected] PID 5356, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T16:47:01.131Z [Protected] PID 13492, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T16:47:11.577Z [Protected] PID 13420, Features 000000361FBF2106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T16:47:14.149Z [Protected] PID 11988, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:47:43.475Z [Protected] PID 6716, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T16:48:03.654Z [Protected] PID 11980, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T16:48:03.983Z [Protected] PID 2248, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T16:48:04.092Z [Protected] PID 10124, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T16:48:17.864Z [Protected] PID 13136, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T16:48:35.426Z [Protected] PID 8060, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T16:48:35.722Z [Protected] PID 2036, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T16:48:44.060Z [Protected] PID 14372, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T16:49:15.215Z [Protected] PID 14380, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T16:49:31.546Z [Protected] PID 15128, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:49:47.555Z [Protected] PID 14588, Features 000000361FBF2106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-10T16:49:55.417Z [Protected] PID 15064, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T16:49:56.585Z [Protected] PID 15156, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T16:49:56.666Z [Protected] PID 15320, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T16:49:56.683Z [Protected] PID 15260, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T16:49:56.707Z [Protected] PID 14636, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-10T16:49:57.003Z [Protected] PID 15248, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-10T16:50:03.091Z [Protected] PID 15132, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T16:50:03.118Z [Protected] PID 14808, Features 0000003200002106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-10T16:50:19.291Z [Protected] PID 14096, Features 0000003200002106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-10T16:51:01.438Z [Protected] PID 1464, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T16:51:01.499Z [Protected] PID 14560, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T16:51:01.582Z [Protected] PID 1780, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T16:51:01.605Z [Protected] PID 13648, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T16:51:03.178Z [Protected] PID 14464, Features 0000003000000102, C:\Windows\System32\wiaacmgr.exe
2017-01-10T16:51:11.753Z [Protected] PID 14440, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\plug_ins\Scan\AcroScanBroker.exe
2017-01-10T16:51:21.150Z [Protected] PID 13808, Features 0000003000000102, C:\Windows\System32\wiawow64.exe
2017-01-10T16:52:04.067Z [Protected] PID 14448, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T16:52:04.203Z [Protected] PID 13040, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T16:52:04.863Z [Protected] PID 7060, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T16:52:07.940Z [Protected] PID 10776, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T16:52:08.057Z [Protected] PID 15260, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T16:52:08.227Z [Protected] PID 14644, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T16:52:08.344Z [Protected] PID 1920, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T16:52:08.609Z [Protected] PID 14856, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-10T16:52:08.703Z [Protected] PID 14876, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T16:52:08.918Z [Protected] PID 4092, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T16:53:54.131Z [Protected] PID 11120, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T16:53:54.221Z [Protected] PID 14884, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T16:53:57.083Z [Protected] PID 9932, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T16:53:57.175Z [Protected] PID 14868, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:54:13.227Z [Protected] PID 13360, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:54:13.318Z [Protected] PID 15248, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:54:55.159Z [Protected] PID 14420, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:54:55.248Z [Protected] PID 4084, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:55:01.841Z [Protected] PID 14500, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:55:03.926Z [Protected] PID 9692, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T16:55:27.645Z [Protected] PID 9956, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T16:55:27.735Z [Protected] PID 12952, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T16:56:02.767Z [Protected] PID 10052, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T16:56:38.594Z [Protected] PID 13488, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-10T16:56:40.273Z [Protected] PID 14380, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T16:56:40.290Z [Protected] PID 1112, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-10T16:56:42.439Z [Protected] PID 8184, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-10T16:58:39.864Z [Protected] PID 10388, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T16:58:39.954Z [Protected] PID 3152, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T17:02:35.363Z [Protected] PID 5864, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T17:03:23.362Z [Protected] PID 13016, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T17:03:23.515Z [Protected] PID 13212, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T17:03:34.785Z [Protected] PID 14096, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-10T17:03:34.892Z [Protected] PID 13724, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T17:03:43.060Z [Protected] PID 14800, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T17:03:55.693Z [Protected] PID 12088, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-10T17:03:56.337Z [Protected] PID 13516, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T17:03:56.476Z [Protected] PID 13860, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-10T17:04:12.182Z [Protected] PID 14228, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-10T17:04:13.571Z [Service] System shutdown
2017-01-10T17:04:13.571Z [Service] Stopping...
2017-01-10T17:04:14.819Z [Service] Stopped
2017-01-10T17:05:11.067Z [Service] Startup (build 574)
2017-01-10T17:05:11.426Z [Service] Running
2017-01-10T17:05:12.486Z [Protected] PID 652, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:05:13.422Z [Protected] PID 784, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-10T17:05:13.953Z [Protected] PID 812, Features 000000300000010E, C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
2017-01-10T17:05:14.842Z [Protected] PID 1028, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:05:15.996Z [Protected] PID 1060, Features 000000300000010E, C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe
2017-01-10T17:05:16.605Z [Protected] PID 1136, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:05:16.636Z [Protected] PID 1160, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:05:16.698Z [Protected] PID 1200, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:05:17.057Z [Protected] PID 1288, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:05:17.322Z [Protected] PID 1388, Features 000000300000010A, C:\Windows\System32\igfxCUIService.exe
2017-01-10T17:05:17.541Z [Protected] PID 1460, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-10T17:05:17.541Z [Protected] PID 1452, Features 000000300000010E, C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
2017-01-10T17:05:17.619Z [Protected] PID 1480, Features 000000300000010E, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
2017-01-10T17:05:17.790Z [Protected] PID 1492, Features 0000003000000106, C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2017-01-10T17:05:17.806Z [Protected] PID 1516, Features 0000003000000106, C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2017-01-10T17:05:22.252Z [Protected] PID 1696, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-10T17:05:24.405Z [Protected] PID 1764, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-10T17:05:40.126Z [Protected] PID 2052, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:05:41.546Z [Protected] PID 2184, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T17:05:41.624Z [Protected] PID 2172, Features 0000003000000102, C:\Windows\System32\wlanext.exe
2017-01-10T17:05:42.341Z [Protected] PID 2248, Features 000000300000010A, C:\Windows\System32\spoolsv.exe
2017-01-10T17:05:42.404Z [Protected] PID 2296, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:05:43.699Z [Protected] PID 2432, Features 000000300000010E, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2017-01-10T17:05:43.870Z [Protected] PID 2516, Features 000000300000010E, C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
2017-01-10T17:05:44.073Z [Protected] PID 2552, Features 000000300000010E, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
2017-01-10T17:05:44.432Z [Protected] PID 2588, Features 000000300000010E, C:\Program Files\Bonjour\mDNSResponder.exe
2017-01-10T17:05:44.947Z [Protected] PID 2652, Features 000000300000010E, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
2017-01-10T17:05:46.148Z [Protected] PID 2744, Features 000000300000010A, C:\Windows\System32\DbxSvc.exe
2017-01-10T17:05:46.397Z [Protected] PID 2868, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:05:46.522Z [Protected] PID 2896, Features 000000300000010E, C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
2017-01-10T17:05:47.287Z [Protected] PID 1920, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-10T17:05:49.205Z [Protected] PID 2388, Features 000000300000010E, C:\Program Files\Intel\WiFi\bin\EvtEng.exe
2017-01-10T17:05:49.299Z [Protected] PID 2568, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:05:49.673Z [Protected] PID 3080, Features 000000300000010A, C:\Windows\twain_32\fjscan32\FJTWMKSV.exe
2017-01-10T17:05:49.736Z [Protected] PID 3064, Features 0000003000000106, C:\Program Files\Intel\WiFi\bin\iWrap.exe
2017-01-10T17:05:49.767Z [Protected] PID 3112, Features 000000300000010E, C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
2017-01-10T17:05:50.079Z [Protected] PID 3156, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T17:05:50.173Z [Protected] PID 3148, Features 0000003000000102, C:\Windows\System32\cacls.exe
2017-01-10T17:05:50.219Z [Protected] PID 3232, Features 000000300000010A, c:\Program Files\Intel\iCLS Client\HeciServer.exe
2017-01-10T17:05:50.531Z [Protected] PID 3316, Features 000000300000010A, C:\Windows\System32\IProsetMonitor.exe
2017-01-10T17:05:51.202Z [Protected] PID 3372, Features 000000300000010E, C:\Windows\IntelliAdminRC5\Agent64.exe
2017-01-10T17:05:51.374Z [Protected] PID 3400, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:05:51.639Z [Protected] PID 3448, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:05:51.826Z [Protected] PID 3512, Features 000000300000010E, C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
2017-01-10T17:05:51.873Z [Protected] PID 3548, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:05:51.951Z [Protected] PID 3572, Features 000000300000010E, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
2017-01-10T17:05:52.169Z [Protected] PID 3624, Features 000000300000010E, C:\Program Files\Sophos\Sophos Network Threat Protection\bin\SntpService.exe
2017-01-10T17:05:52.622Z [Protected] PID 3684, Features 000000300000010E, C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
2017-01-10T17:05:52.887Z [Protected] PID 3692, Features 0000003000000106, C:\Windows\IntelliAdminRC5\Agent32.exe
2017-01-10T17:05:53.495Z [Protected] PID 3772, Features 0000003000000106, C:\Program Files\Intel\WiFi\bin\iWrap.exe
2017-01-10T17:06:01.249Z [Protected] PID 3640, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T17:06:01.327Z [Protected] PID 3836, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T17:06:03.526Z [Protected] PID 3872, Features 000000300000010E, C:\Program Files\Sophos\Clean\SophosClean.exe
2017-01-10T17:06:03.698Z [Protected] PID 3924, Features 000000300000010E, C:\Program Files (x86)\Sophos\Health\Health.exe
2017-01-10T17:06:03.932Z [Protected] PID 3964, Features 000000300000010E, C:\Program Files (x86)\Sophos\Heartbeat\Heartbeat.exe
2017-01-10T17:06:04.587Z [Protected] PID 4028, Features 000000300000010E, C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
2017-01-10T17:06:05.882Z [Protected] PID 4092, Features 000000300000010E, C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
2017-01-10T17:06:06.069Z [Protected] PID 3152, Features 000000300000010E, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
2017-01-10T17:06:06.350Z [Protected] PID 3832, Features 000000300000010E, C:\Program Files\Sophos\Sophos Data Recorder\SDRService.exe
2017-01-10T17:06:07.598Z [Protected] PID 3848, Features 000000300000010E, C:\Program Files\Sophos\Sophos System Protection\ssp.exe
2017-01-10T17:06:07.754Z [Protected] PID 4176, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T17:06:07.847Z [Protected] PID 4208, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:06:08.159Z [Protected] PID 4232, Features 000000300000010E, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
2017-01-10T17:06:08.409Z [Protected] PID 4340, Features 000000300000010E, C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2017-01-10T17:06:11.435Z [Protected] PID 4688, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T17:06:11.482Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110230611
2017-01-10T17:06:12.013Z [Protected] PID 4748, Features 000000300000010E, C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
2017-01-10T17:06:16.755Z [Protected] PID 4856, Features 000000300000010E, C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
2017-01-10T17:06:17.270Z [Protected] PID 4908, Features 000000300000010E, C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
2017-01-10T17:06:17.582Z [Protected] PID 4744, Features 0000003000000102, C:\Windows\System32\wbem\unsecapp.exe
2017-01-10T17:06:18.019Z [Protected] PID 5128, Features 000000300000010E, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sdcservice.exe
2017-01-10T17:06:18.034Z [Protected] PID 1120, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T17:06:18.112Z [Protected] PID 1064, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T17:06:18.393Z [Protected] PID 5296, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T17:06:19.220Z [Protected] PID 5552, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:06:19.360Z [Protected] PID 5532, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T17:06:24.992Z [Protected] PID 6100, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T17:06:25.023Z [Protected] PID 6076, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T17:06:27.737Z [Protected] PID 5788, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:06:29.734Z [Protected] PID 5868, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T17:06:46.034Z [Protected] PID 3364, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-10T17:06:58.782Z [Protected] PID 6112, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update_64.exe
2017-01-10T17:06:59.219Z [Protected] PID 5572, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T17:06:59.235Z [Protected] PID 6120, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T17:07:01.734Z [Protected] PID 2488, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T17:07:01.750Z [Protected] PID 5836, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T17:08:17.955Z [Protected] PID 1132, Features 000000300000010E, C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
2017-01-10T17:08:18.455Z [Protected] PID 3028, Features 000000300000010E, C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
2017-01-10T17:08:18.892Z [Protected] PID 3560, Features 000000300000010E, C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
2017-01-10T17:08:19.189Z [Protected] PID 5596, Features 000000300000010E, C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
2017-01-10T17:08:19.439Z [Protected] PID 276, Features 000000300000010E, C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
2017-01-10T17:08:19.673Z [Protected] PID 5164, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T17:08:20.017Z [Protected] PID 3996, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T17:08:20.173Z [Protected] PID 4192, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T17:08:20.189Z [Protected] PID 2488, Features 000000300000010E, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2017-01-10T17:08:20.204Z [Protected] PID 1580, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxCrashHandler.exe
2017-01-10T17:08:20.251Z [Protected] PID 1016, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T17:08:20.329Z [Protected] PID 1120, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T17:08:32.234Z [Protected] PID 3124, Features 000000300000010E, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T17:08:32.405Z [Protected] PID 1380, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T17:08:32.515Z [Protected] PID 5692, Features 000000300000010E, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
2017-01-10T17:08:32.733Z [Protected] PID 5276, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T17:08:32.780Z [Protected] PID 1216, Features 0000003000000106, C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
2017-01-10T17:08:32.937Z [Protected] PID 3240, Features 0000003000000106, C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
2017-01-10T17:08:32.952Z [Protected] PID 3244, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T17:08:33.452Z [Protected] PID 5504, Features 000000300000010E, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
2017-01-10T17:08:34.296Z [Protected] PID 1096, Features 000000300000010A, C:\Windows\System32\sppsvc.exe
2017-01-10T17:08:34.655Z [Protected] PID 4964, Features 000000300000010A, C:\Windows\System32\SearchIndexer.exe
2017-01-10T17:08:38.576Z [Protected] PID 6108, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T17:08:38.717Z [Protected] PID 3368, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T17:08:42.372Z [Protected] PID 4228, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T17:08:42.903Z [Protected] PID 3796, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-10T17:08:43.185Z [Protected] PID 188, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-10T17:08:46.309Z [Protected] PID 3756, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T17:08:46.465Z [Protected] PID 5772, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T17:09:31.535Z [Protected] PID 5276, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T17:09:34.769Z [Protected] PID 2576, Features 000000300000010A, C:\Windows\servicing\TrustedInstaller.exe
2017-01-10T17:10:17.230Z [Protected] PID 4976, Features 0000003000000102, \\?\C:\Windows\System32\wbem\WMIADAP.exe
2017-01-10T17:10:54.146Z [Protected] PID 4136, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T17:10:54.161Z [Protected] PID 4112, Features 0000003000000106, C:\Program Files (x86)\Sophos\AutoUpdate\Telemetry\GatherTelem.exe
2017-01-10T17:10:54.333Z [Protected] PID 4148, Features 0000003000000106, C:\Program Files (x86)\Sophos\AutoUpdate\Telemetry\AUTelem.exe
2017-01-10T17:10:55.864Z [Protected] PID 1384, Features 0000003000000106, C:\Program Files (x86)\Sophos\Health\HealthClient.exe
2017-01-10T17:10:56.130Z [Protected] PID 4884, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVTelem.exe
2017-01-10T17:10:56.286Z [Protected] PID 2084, Features 0000003000000106, C:\Program Files\Sophos\Endpoint Defense\Telemetry.exe
2017-01-10T17:10:56.442Z [Protected] PID 1016, Features 0000003000000106, C:\Program Files\Sophos\Sophos System Protection\TelemetryPlugin.exe
2017-01-10T17:10:56.598Z [Protected] PID 6108, Features 0000003000000106, C:\Program Files\Sophos\Sophos UI\Telemetry.exe
2017-01-10T17:10:56.801Z [Protected] PID 1880, Features 0000003000000106, C:\Program Files (x86)\Sophos\AutoUpdate\Telemetry\SubmitTelem.exe
2017-01-10T17:11:00.035Z [Protected] PID 5948, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T17:11:46.862Z [Protected] PID 4196, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\savxp\crt\avremovew.exe
2017-01-10T17:12:11.272Z [Protected] PID 2016, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T17:12:11.522Z [Protected] PID 5236, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-10T17:14:56.435Z [Protected] PID 5588, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T17:15:26.949Z [Protected] PID 4416, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T17:15:27.152Z [Protected] PID 4448, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T17:15:27.292Z [Protected] PID 1240, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T17:20:00.709Z [Protected] PID 5104, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T17:20:01.317Z [Protected] PID 2428, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T17:20:48.687Z [Protected] PID 5480, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T17:20:56.723Z [Protected] PID 4612, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T17:21:07.192Z [Protected] PID 5736, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T17:21:07.270Z [Protected] PID 5136, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T17:31:00.068Z [Protected] PID 1880, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T17:31:00.224Z [Protected] PID 1384, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T17:36:08.280Z [Protected] PID 1184, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T17:36:08.311Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170110233608
2017-01-10T17:42:15.071Z [Protected] PID 1328, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T17:42:15.087Z [Protected] PID 3344, Features 000000300000010A, C:\Windows\System32\lpremove.exe
2017-01-10T17:42:15.196Z [Protected] PID 1228, Features 000000300000010A, C:\Windows\System32\rundll32.exe
2017-01-10T17:42:15.368Z [Protected] PID 3220, Features 000000300000010A, C:\Windows\System32\rundll32.exe
2017-01-10T17:42:15.633Z [Protected] PID 720, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T17:42:15.711Z [Protected] PID 4308, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T18:06:08.377Z [Protected] PID 4112, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T18:06:08.408Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111000608
2017-01-10T18:06:51.824Z [Protected] PID 276, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T18:07:02.541Z [Protected] PID 5468, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T18:07:02.572Z [Protected] PID 2112, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T18:07:02.822Z [Protected] PID 5668, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T18:07:02.853Z [Protected] PID 4220, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T18:10:58.914Z [Protected] PID 1908, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T18:15:28.467Z [Protected] PID 2040, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T18:15:30.074Z [Protected] PID 4152, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T18:15:30.136Z [Protected] PID 2316, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T18:15:30.214Z [Protected] PID 3748, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T18:20:00.032Z [Protected] PID 1064, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T18:20:00.188Z [Protected] PID 6108, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T18:20:47.986Z [Protected] PID 2924, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T18:20:56.785Z [Protected] PID 5272, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T18:21:07.268Z [Protected] PID 808, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T18:21:07.346Z [Protected] PID 5644, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T18:31:00.021Z [Protected] PID 3504, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T18:31:00.177Z [Protected] PID 5668, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T18:36:08.455Z [Protected] PID 1940, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T18:36:08.486Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111003608
2017-01-10T18:36:31.591Z [Protected] PID 4928, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T18:36:31.606Z [Protected] PID 3388, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T18:36:34.414Z [Protected] PID 5436, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T18:36:50.420Z [Protected] PID 3476, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-10T19:06:08.533Z [Protected] PID 3596, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T19:06:08.564Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111010608
2017-01-10T19:07:02.978Z [Protected] PID 388, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T19:07:02.994Z [Protected] PID 268, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T19:07:03.072Z [Protected] PID 5256, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T19:07:03.088Z [Protected] PID 1816, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T19:07:30.857Z [Protected] PID 4864, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T19:10:58.811Z [Protected] PID 3228, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T19:15:28.492Z [Protected] PID 1128, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T19:15:30.099Z [Protected] PID 4208, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T19:15:30.161Z [Protected] PID 1064, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T19:15:30.239Z [Protected] PID 5996, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T19:20:00.042Z [Protected] PID 1960, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T19:20:00.198Z [Protected] PID 5260, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T19:20:00.432Z [Protected] PID 4920, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T19:20:56.810Z [Protected] PID 4220, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T19:21:07.309Z [Protected] PID 2016, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T19:21:07.387Z [Protected] PID 4360, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T19:31:00.015Z [Protected] PID 1804, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T19:31:00.171Z [Protected] PID 3040, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T19:36:08.614Z [Protected] PID 5652, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T19:36:08.646Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111013608
2017-01-10T20:06:08.699Z [Protected] PID 4220, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T20:06:08.731Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111020608
2017-01-10T20:07:03.175Z [Protected] PID 708, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T20:07:03.191Z [Protected] PID 2720, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T20:07:03.269Z [Protected] PID 1956, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T20:07:03.285Z [Protected] PID 6040, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T20:07:25.920Z [Protected] PID 2704, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T20:10:28.003Z [Protected] PID 4220, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T20:10:58.907Z [Protected] PID 4988, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T20:12:36.142Z [Protected] PID 5484, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T20:12:36.157Z [Protected] PID 5092, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T20:12:38.451Z [Protected] PID 272, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T20:12:54.441Z [Protected] PID 5160, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-10T20:15:28.506Z [Protected] PID 1260, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T20:15:30.129Z [Protected] PID 4920, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T20:15:30.191Z [Protected] PID 4776, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T20:15:30.269Z [Protected] PID 1580, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T20:20:00.040Z [Protected] PID 4868, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T20:20:00.211Z [Protected] PID 5488, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T20:20:52.752Z [Protected] PID 4920, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T20:20:56.824Z [Protected] PID 708, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T20:21:07.323Z [Protected] PID 3220, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T20:21:07.401Z [Protected] PID 3888, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T20:31:00.029Z [Protected] PID 708, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T20:31:00.185Z [Protected] PID 6104, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T20:36:08.776Z [Protected] PID 5632, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T20:36:08.807Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111023608
2017-01-10T21:06:08.851Z [Protected] PID 4448, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T21:06:08.882Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111030608
2017-01-10T21:07:03.376Z [Protected] PID 5580, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T21:07:03.391Z [Protected] PID 1268, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T21:07:03.469Z [Protected] PID 5164, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T21:07:03.485Z [Protected] PID 2456, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T21:08:34.984Z [Protected] PID 2392, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T21:10:58.884Z [Protected] PID 1240, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T21:15:28.535Z [Protected] PID 272, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T21:15:30.142Z [Protected] PID 3468, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T21:15:30.205Z [Protected] PID 6044, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T21:15:30.283Z [Protected] PID 2608, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T21:20:00.039Z [Protected] PID 5440, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T21:20:00.195Z [Protected] PID 4616, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T21:20:08.027Z [Protected] PID 212, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T21:20:56.855Z [Protected] PID 272, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T21:21:07.369Z [Protected] PID 6056, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T21:21:07.447Z [Protected] PID 5140, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T21:31:00.031Z [Protected] PID 1216, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T21:31:00.187Z [Protected] PID 5484, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T21:36:08.942Z [Protected] PID 1252, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T21:36:08.973Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111033608
2017-01-10T21:48:39.950Z [Protected] PID 3240, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T21:48:39.966Z [Protected] PID 5328, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T21:48:42.478Z [Protected] PID 1064, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T21:48:58.468Z [Protected] PID 3632, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-10T22:00:01.562Z [Protected] PID 2992, Features 000000300000010A, C:\Windows\System32\wsqmcons.exe
2017-01-10T22:00:01.718Z [Protected] PID 808, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T22:00:01.812Z [Protected] PID 3852, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-10T22:02:47.031Z [Protected] PID 5124, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T22:06:09.020Z [Protected] PID 4776, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T22:06:09.051Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111040609
2017-01-10T22:07:03.573Z [Protected] PID 5824, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T22:07:03.589Z [Protected] PID 5052, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T22:07:03.667Z [Protected] PID 5648, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T22:07:03.682Z [Protected] PID 5676, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T22:10:58.884Z [Protected] PID 2680, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T22:15:28.549Z [Protected] PID 5992, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T22:15:30.156Z [Protected] PID 5576, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T22:15:30.219Z [Protected] PID 3308, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T22:15:30.297Z [Protected] PID 3468, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T22:20:00.029Z [Protected] PID 5136, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T22:20:00.185Z [Protected] PID 5436, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T22:20:31.541Z [Protected] PID 3040, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T22:20:56.876Z [Protected] PID 4384, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T22:21:07.391Z [Protected] PID 4112, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T22:21:07.469Z [Protected] PID 1328, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T22:29:47.405Z [Protected] PID 5440, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T22:29:47.420Z [Protected] PID 5676, Features 0000003000000102, C:\Windows\System32\Defrag.exe
2017-01-10T22:29:47.561Z [Protected] PID 3792, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T22:31:00.023Z [Protected] PID 5236, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T22:31:00.179Z [Protected] PID 3488, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T22:36:09.106Z [Protected] PID 1440, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T22:36:09.137Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111043609
2017-01-10T23:06:09.174Z [Protected] PID 1016, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T23:06:09.205Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111050609
2017-01-10T23:06:21.701Z [Protected] PID 6108, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T23:07:03.758Z [Protected] PID 5092, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T23:07:03.774Z [Protected] PID 3492, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-10T23:07:03.852Z [Protected] PID 5796, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T23:07:03.868Z [Protected] PID 6056, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-10T23:10:58.866Z [Protected] PID 4404, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-10T23:11:27.664Z [Protected] PID 1952, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T23:14:52.102Z [Protected] PID 5236, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T23:15:28.543Z [Protected] PID 1620, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-10T23:15:30.166Z [Protected] PID 5460, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-10T23:15:30.228Z [Protected] PID 3036, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-10T23:15:30.306Z [Protected] PID 5848, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-10T23:20:00.014Z [Protected] PID 1820, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T23:20:00.186Z [Protected] PID 1400, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T23:20:16.067Z [Protected] PID 1060, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T23:20:56.876Z [Protected] PID 3368, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T23:21:07.391Z [Protected] PID 5852, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T23:21:07.469Z [Protected] PID 5648, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-10T23:31:00.041Z [Protected] PID 5424, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-10T23:31:00.197Z [Protected] PID 5376, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-10T23:31:44.409Z [Protected] PID 1440, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-10T23:31:44.424Z [Protected] PID 1820, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-10T23:31:48.511Z [Protected] PID 4704, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-10T23:32:04.502Z [Protected] PID 1368, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-10T23:36:09.267Z [Protected] PID 5948, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-10T23:36:09.298Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111053609
2017-01-11T00:00:00.193Z [Protected] PID 6040, Features 000000300000010A, C:\Windows\System32\rundll32.exe
2017-01-11T00:00:00.287Z [Protected] PID 2576, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T00:00:00.365Z [Protected] PID 4152, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T00:00:28.460Z [Protected] PID 6048, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T00:00:28.866Z [Protected] PID 5276, Features 000000300000010A, C:\Windows\servicing\TrustedInstaller.exe
2017-01-11T00:05:21.132Z [Protected] PID 1440, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T00:06:09.336Z [Protected] PID 1500, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T00:06:09.367Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111060609
2017-01-11T00:07:03.951Z [Protected] PID 5140, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T00:07:03.967Z [Protected] PID 5580, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-11T00:07:04.045Z [Protected] PID 1376, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T00:07:04.061Z [Protected] PID 1120, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-11T00:10:59.043Z [Protected] PID 5464, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-11T00:11:29.136Z [Protected] PID 3852, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T00:15:28.565Z [Protected] PID 4712, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T00:15:30.171Z [Protected] PID 5996, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T00:15:30.234Z [Protected] PID 212, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T00:15:30.312Z [Protected] PID 5464, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T00:20:00.020Z [Protected] PID 1364, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T00:20:00.176Z [Protected] PID 5380, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T00:20:07.352Z [Protected] PID 5060, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T00:20:56.898Z [Protected] PID 2212, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T00:21:07.412Z [Protected] PID 5964, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T00:21:07.490Z [Protected] PID 2720, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T00:31:00.028Z [Protected] PID 3368, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T00:31:00.184Z [Protected] PID 4916, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T00:36:09.433Z [Protected] PID 3036, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T00:36:09.464Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111063609
2017-01-11T01:05:54.163Z [Protected] PID 3536, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T01:06:09.513Z [Protected] PID 5548, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T01:06:09.544Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111070609
2017-01-11T01:06:11.588Z [Protected] PID 5676, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T01:06:11.603Z [Protected] PID 5044, Features 000000300000010A, C:\Windows\System32\compattelrunner.exe
2017-01-11T01:06:11.666Z [Protected] PID 3240, Features 0000003000000102, C:\Windows\System32\CompatTelRunner.exe
2017-01-11T01:06:47.171Z [Protected] PID 2420, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T01:07:04.144Z [Protected] PID 4220, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T01:07:04.175Z [Protected] PID 4148, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-11T01:07:04.253Z [Protected] PID 2012, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T01:07:04.269Z [Protected] PID 5440, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-11T01:10:58.940Z [Protected] PID 5736, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-11T01:14:47.729Z [Protected] PID 2316, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T01:14:47.745Z [Protected] PID 5696, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-11T01:14:50.537Z [Protected] PID 2564, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T01:15:06.527Z [Protected] PID 5492, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-11T01:15:28.601Z [Protected] PID 3228, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T01:15:30.208Z [Protected] PID 5900, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T01:15:30.271Z [Protected] PID 1964, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T01:15:30.349Z [Protected] PID 1804, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T01:20:00.026Z [Protected] PID 720, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T01:20:00.182Z [Protected] PID 3536, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T01:20:47.465Z [Protected] PID 3808, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T01:20:56.935Z [Protected] PID 5072, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T01:21:07.449Z [Protected] PID 5580, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T01:21:07.527Z [Protected] PID 5436, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T01:30:00.735Z [Protected] PID 4308, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T01:31:00.015Z [Protected] PID 5136, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T01:31:00.171Z [Protected] PID 4332, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T01:36:09.581Z [Protected] PID 2452, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T01:36:09.613Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111073609
2017-01-11T01:54:18.826Z [Protected] PID 5924, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T01:54:18.842Z [Protected] PID 4120, Features 000000300000010A, C:\Windows\System32\Defrag.exe
2017-01-11T01:54:18.904Z [Protected] PID 5124, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T02:06:09.673Z [Protected] PID 4864, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T02:06:09.704Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111080609
2017-01-11T02:07:04.351Z [Protected] PID 6044, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T02:07:04.366Z [Protected] PID 5092, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-11T02:07:04.444Z [Protected] PID 1820, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T02:07:04.460Z [Protected] PID 3036, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-11T02:09:14.205Z [Protected] PID 4268, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T02:10:58.959Z [Protected] PID 1016, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-11T02:12:27.583Z [Protected] PID 4732, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T02:15:28.621Z [Protected] PID 5264, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T02:15:30.243Z [Protected] PID 3860, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T02:15:30.337Z [Protected] PID 5288, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T02:15:30.415Z [Protected] PID 2076, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T02:20:00.014Z [Protected] PID 5948, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T02:20:00.186Z [Protected] PID 5488, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T02:20:35.176Z [Protected] PID 5048, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T02:20:56.954Z [Protected] PID 5104, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T02:21:07.484Z [Protected] PID 4380, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T02:21:07.562Z [Protected] PID 5100, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T02:30:00.520Z [Protected] PID 1440, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T02:30:00.552Z [Protected] PID 5924, Features 000000300000010A, C:\Windows\System32\aitagent.exe
2017-01-11T02:31:00.019Z [Protected] PID 5500, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T02:31:00.175Z [Protected] PID 5948, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T02:36:09.741Z [Protected] PID 5996, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T02:36:09.772Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111083609
2017-01-11T03:00:51.773Z [Protected] PID 1564, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T03:00:51.789Z [Protected] PID 4776, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-11T03:00:54.581Z [Protected] PID 1820, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T03:01:10.572Z [Protected] PID 1344, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-11T03:04:36.242Z [Protected] PID 4112, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T03:06:09.842Z [Protected] PID 1372, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T03:06:09.874Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111090609
2017-01-11T03:07:04.552Z [Protected] PID 5808, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T03:07:04.567Z [Protected] PID 6124, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-11T03:07:04.645Z [Protected] PID 4108, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T03:07:04.661Z [Protected] PID 2228, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-11T03:10:59.098Z [Protected] PID 2392, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-11T03:15:28.650Z [Protected] PID 5840, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T03:15:30.257Z [Protected] PID 6108, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T03:15:30.319Z [Protected] PID 388, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T03:15:30.397Z [Protected] PID 1960, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T03:20:00.028Z [Protected] PID 3388, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T03:20:00.184Z [Protected] PID 1336, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T03:20:23.818Z [Protected] PID 1236, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T03:20:56.983Z [Protected] PID 2316, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T03:21:07.513Z [Protected] PID 4156, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T03:21:07.607Z [Protected] PID 168, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T03:31:00.017Z [Protected] PID 5688, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T03:31:00.173Z [Protected] PID 5328, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T03:36:09.911Z [Protected] PID 6100, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T03:36:09.942Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111093609
2017-01-11T03:48:35.638Z [Protected] PID 4844, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T03:48:37.541Z [Protected] PID 5460, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T04:06:10.006Z [Protected] PID 5276, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T04:06:10.038Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111100609
2017-01-11T04:06:51.300Z [Protected] PID 5036, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T04:07:04.747Z [Protected] PID 4776, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T04:07:04.763Z [Protected] PID 1308, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-11T04:07:04.841Z [Protected] PID 1128, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T04:07:04.856Z [Protected] PID 1500, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-11T04:10:59.014Z [Protected] PID 1120, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-11T04:20:00.053Z [Protected] PID 4988, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T04:20:00.209Z [Protected] PID 1952, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T04:20:04.093Z [Protected] PID 5056, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T04:20:57.008Z [Protected] PID 3116, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T04:21:07.538Z [Protected] PID 4852, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T04:21:07.616Z [Protected] PID 1940, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T04:31:00.026Z [Protected] PID 4712, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T04:31:00.182Z [Protected] PID 4644, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T04:36:10.076Z [Protected] PID 3388, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T04:36:10.108Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111103610
2017-01-11T04:38:46.576Z [Protected] PID 4988, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T04:38:46.591Z [Protected] PID 168, Features 000000300000010A, C:\Windows\System32\compattel\DiagTrackRunner.exe
2017-01-11T04:38:46.872Z [Protected] PID 5696, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T04:38:46.903Z [Protected] PID 5500, Features 000000300000010A, C:\Windows\System32\CompatTelRunner.exe
2017-01-11T04:38:46.934Z [Protected] PID 1964, Features 0000003000000102, C:\Windows\System32\CompatTelRunner.exe
2017-01-11T04:38:47.465Z [Protected] PID 2604, Features 0000003000000102, C:\Windows\System32\CompatTelRunner.exe
2017-01-11T04:38:47.527Z [Protected] PID 1644, Features 0000003000000102, C:\Windows\System32\CompatTelRunner.exe
2017-01-11T04:39:55.247Z [Protected] PID 3344, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T04:39:55.262Z [Protected] PID 4644, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-11T04:39:58.601Z [Protected] PID 1264, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T04:40:14.591Z [Protected] PID 2420, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-11T04:48:37.020Z [Protected] PID 5584, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T04:48:38.627Z [Protected] PID 5124, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T04:48:38.689Z [Protected] PID 5160, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T04:48:38.767Z [Protected] PID 3748, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T05:06:10.154Z [Protected] PID 5060, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T05:06:10.185Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111110610
2017-01-11T05:06:24.866Z [Protected] PID 1432, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T05:07:04.928Z [Protected] PID 2076, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T05:07:04.944Z [Protected] PID 4988, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-11T05:07:05.022Z [Protected] PID 5276, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T05:07:05.038Z [Protected] PID 4120, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-11T05:10:59.029Z [Protected] PID 1128, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-11T05:11:33.349Z [Protected] PID 1308, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T05:12:40.353Z [Protected] PID 1076, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T05:13:06.577Z [Protected] PID 1960, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T05:13:06.608Z [Protected] PID 2704, Features 000000300000010A, c:\program files\windows defender\MpCmdRun.exe
2017-01-11T05:13:06.733Z [Protected] PID 5848, Features 0000003000000102, c:\program files\windows defender\MpCmdRun.exe
2017-01-11T05:13:06.842Z [Protected] PID 4720, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T05:13:06.857Z [Protected] PID 1268, Features 0000003000000102, c:\program files\windows defender\MpCmdRun.exe
2017-01-11T05:17:09.470Z [Protected] PID 4720, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T05:19:12.243Z [Protected] PID 4852, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T05:19:12.711Z [Protected] PID 1560, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T05:20:00.041Z [Protected] PID 5356, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T05:20:00.213Z [Protected] PID 6080, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T05:20:34.470Z [Protected] PID 3808, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T05:20:57.044Z [Protected] PID 5796, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T05:21:07.558Z [Protected] PID 1256, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T05:21:07.652Z [Protected] PID 4732, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T05:31:00.015Z [Protected] PID 2000, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T05:31:00.171Z [Protected] PID 3244, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T05:36:10.236Z [Protected] PID 5520, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T05:36:10.268Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111113610
2017-01-11T05:48:37.040Z [Protected] PID 5488, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T05:48:38.646Z [Protected] PID 2000, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T05:48:38.724Z [Protected] PID 1096, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T05:48:38.802Z [Protected] PID 5356, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T06:06:10.305Z [Protected] PID 2616, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T06:06:10.336Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111120610
2017-01-11T06:07:05.123Z [Protected] PID 276, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T06:07:05.139Z [Protected] PID 1368, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-11T06:07:05.217Z [Protected] PID 2460, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T06:07:05.232Z [Protected] PID 1560, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-11T06:08:54.386Z [Protected] PID 5104, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T06:10:59.092Z [Protected] PID 4720, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-11T06:20:00.022Z [Protected] PID 1216, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T06:20:00.178Z [Protected] PID 3756, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T06:20:52.391Z [Protected] PID 1232, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T06:20:57.040Z [Protected] PID 4884, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T06:20:58.834Z [Protected] PID 3336, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T06:20:58.850Z [Protected] PID 4152, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-11T06:21:02.625Z [Protected] PID 2204, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T06:21:07.554Z [Protected] PID 3488, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T06:21:07.632Z [Protected] PID 1908, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T06:21:18.615Z [Protected] PID 720, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-11T06:31:00.027Z [Protected] PID 1632, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T06:31:00.183Z [Protected] PID 3040, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T06:36:10.373Z [Protected] PID 1060, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T06:36:10.404Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111123610
2017-01-11T06:48:37.036Z [Protected] PID 5648, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T06:48:38.643Z [Protected] PID 5344, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T06:48:38.721Z [Protected] PID 5424, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T06:48:38.799Z [Protected] PID 5376, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T07:06:10.442Z [Protected] PID 5056, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T07:06:10.473Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111130610
2017-01-11T07:07:05.291Z [Protected] PID 5676, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T07:07:05.307Z [Protected] PID 5440, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-11T07:07:05.385Z [Protected] PID 1368, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T07:07:05.400Z [Protected] PID 5052, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-11T07:10:59.026Z [Protected] PID 4644, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-11T07:11:24.532Z [Protected] PID 5276, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\savxp\crt\avremovew.exe
2017-01-11T07:11:45.686Z [Protected] PID 5044, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-11T07:11:45.920Z [Protected] PID 2456, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe
2017-01-11T07:14:57.441Z [Protected] PID 5628, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T07:19:53.031Z [Protected] PID 5460, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T07:19:53.514Z [Protected] PID 1748, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
2017-01-11T07:20:00.364Z [Protected] PID 4644, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T07:20:12.081Z [Protected] PID 1428, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T07:20:57.077Z [Protected] PID 2564, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T07:21:07.578Z [Protected] PID 5292, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T07:21:07.656Z [Protected] PID 1376, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T07:31:00.078Z [Protected] PID 2244, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T07:31:00.234Z [Protected] PID 1748, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T07:36:10.679Z [Protected] PID 452, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T07:36:10.757Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111133610
2017-01-11T07:42:14.223Z [Protected] PID 1400, Features 0000003000000102, C:\Windows\System32\winlogon.exe
2017-01-11T07:42:14.613Z [Protected] PID 5052, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T07:42:24.613Z [Protected] PID 2112, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T07:42:42.085Z [Protected] PID 212, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T07:42:42.116Z [Protected] PID 5188, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-11T07:42:44.206Z [Protected] PID 3336, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-11T07:42:44.830Z [Protected] PID 6152, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T07:42:44.861Z [Protected] PID 6172, Features 0000003000000106, C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2017-01-11T07:42:44.893Z [Protected] PID 6184, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T07:42:44.908Z [Protected] PID 6164, Features 0000003000000102, C:\Windows\System32\TSTheme.exe
2017-01-11T07:42:45.080Z [Protected] PID 6320, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T07:42:45.127Z [Protected] PID 6336, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T07:42:45.158Z [Protected] PID 6356, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T07:42:45.220Z [Protected] PID 6392, Features 0000003000000102, C:\Windows\System32\rdpclip.exe
2017-01-11T07:42:45.251Z [Protected] PID 6444, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T07:42:45.454Z [Protected] PID 6548, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
2017-01-11T07:42:45.485Z [Protected] PID 6540, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
2017-01-11T07:42:45.719Z [Protected] PID 6564, Features 0000003000000102, C:\Windows\System32\userinit.exe
2017-01-11T07:42:45.797Z [Protected] PID 6576, Features 000000300000010E, C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
2017-01-11T07:42:45.829Z [Protected] PID 6584, Features 0000003000000102, C:\Windows\System32\dwm.exe
2017-01-11T07:42:46.187Z [Protected] PID 6616, Features 0000003000800102, C:\Windows\explorer.exe
2017-01-11T07:42:46.671Z [Protected] PID 6684, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T07:42:46.702Z [Protected] PID 6672, Features 0000003000000102, C:\Windows\System32\cmd.exe
2017-01-11T07:42:46.780Z [Protected] PID 6708, Features 0000003000000102, C:\Windows\System32\igfxEM.exe
2017-01-11T07:42:46.843Z [Protected] PID 6716, Features 0000003000000102, C:\Windows\System32\igfxHK.exe
2017-01-11T07:42:46.874Z [Protected] PID 6724, Features 0000003000000102, C:\Windows\System32\igfxTray.exe
2017-01-11T07:42:47.498Z [Protected] PID 6888, Features 0000003000000102, C:\Windows\System32\igfxTray.exe
2017-01-11T07:42:47.888Z [Protected] PID 6908, Features 0000003000000106, C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
2017-01-11T07:42:48.059Z [Protected] PID 6920, Features 0000003000000106, C:\Program Files\Logitech\SetPointP\SetPoint.exe
2017-01-11T07:42:48.106Z [Protected] PID 6928, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T07:42:48.371Z [Protected] PID 6988, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T07:42:48.652Z [Protected] PID 7020, Features 0000003000000106, C:\Program Files\Sophos\Sophos UI\Sophos UI.exe
2017-01-11T07:42:48.761Z [Protected] PID 7048, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
2017-01-11T07:42:48.793Z [Protected] PID 7056, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
2017-01-11T07:42:48.949Z [Protected] PID 7116, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
2017-01-11T07:42:49.105Z [Protected] PID 7160, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T07:42:50.025Z [Protected] PID 4616, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\CDDRV3\LDConfig.exe
2017-01-11T07:42:50.243Z [Protected] PID 6328, Features 000000361FBF0106, C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe
2017-01-11T07:42:50.446Z [Protected] PID 7236, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\CDDRV3\LDConfig.exe
2017-01-11T07:42:50.555Z [Protected] PID 7204, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T07:42:50.649Z [Protected] PID 7248, Features 0000003000000102, C:\Windows\SysWOW64\runonce.exe
2017-01-11T07:42:50.867Z [Protected] PID 7284, Features 0000003000000102, C:\Windows\twain_32\fjscan32\ERG\FTErGuid.exe
2017-01-11T07:42:51.632Z [Protected] PID 7308, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\Snagit32.exe
2017-01-11T07:42:52.053Z [Protected] PID 7404, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
2017-01-11T07:42:52.084Z [Protected] PID 7420, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T07:42:52.162Z [Protected] PID 7436, Features 0000003000000106, C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
2017-01-11T07:42:52.193Z [Protected] PID 7448, Features 0000003000000106, C:\Program Files (x86)\Hewlett-Packard\HP Touchpoint Manager\Discover HP Touchpoint Manager\LHBeacon.exe
2017-01-11T07:42:52.209Z [Protected] PID 7428, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
2017-01-11T07:42:52.474Z [Protected] PID 7464, Features 0000003000000102, C:\Windows\twain_32\fjscan32\SOP\FtLnSOP.exe
2017-01-11T07:42:52.599Z [Protected] PID 7528, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FjtwMkup.exe
2017-01-11T07:42:52.677Z [Protected] PID 7556, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FTPWREVT\FTPWREVT.exe
2017-01-11T07:42:52.880Z [Protected] PID 7588, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FiWiaChecker.exe
2017-01-11T07:42:53.051Z [Protected] PID 7668, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T07:42:53.176Z [Protected] PID 7712, Features 0000003000000102, C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
2017-01-11T07:42:53.239Z [Protected] PID 7676, Features 0000003000000106, C:\Program Files (x86)\Common Files\LogiShrd\LogiFEPluginforSkypeforBusiness\LogiFEC2013.exe
2017-01-11T07:42:53.363Z [Protected] PID 7616, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T07:42:53.769Z [Protected] PID 7740, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
2017-01-11T07:42:53.925Z [Protected] PID 7724, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T07:42:54.580Z [Protected] PID 7888, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat_sl.exe
2017-01-11T07:42:54.845Z [Protected] PID 7820, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
2017-01-11T07:42:55.017Z [Protected] PID 7948, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T07:42:56.811Z [Protected] PID 8124, Features 000000300000010E, C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2017-01-11T07:42:57.544Z [Protected] PID 6320, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T07:42:57.700Z [Protected] PID 6244, Features 0000003000000102, C:\Windows\System32\mobsync.exe
2017-01-11T07:42:59.572Z [Protected] PID 7604, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T07:43:01.991Z [Protected] PID 5188, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T07:43:02.303Z [Protected] PID 8044, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T07:43:02.522Z [Protected] PID 7372, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T07:43:02.615Z [Protected] PID 8080, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T07:43:05.767Z [Protected] PID 6236, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T07:43:07.405Z [Protected] PID 7148, Features 000000361FBF0106, C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe
2017-01-11T07:43:09.511Z [Protected] PID 8340, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\mavinject32.exe
2017-01-11T07:43:09.886Z [Protected] PID 8324, Features 0000003200000106, C:\Program Files (x86)\Microsoft Office\root\Office16\lynchtmlconv.exe
2017-01-11T07:43:11.773Z [Protected] PID 8404, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T07:43:11.883Z [Protected] PID 8428, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T07:43:13.037Z [Protected] PID 8460, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T07:43:13.177Z [Protected] PID 8480, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T07:43:16.126Z [Protected] PID 8640, Features 0000003000000102, C:\Windows\System32\wscript.exe
2017-01-11T07:43:27.888Z [Protected] PID 8956, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T07:43:27.904Z [Protected] PID 8944, Features 0000003000000102, C:\Windows\System32\cmd.exe
2017-01-11T07:43:28.403Z [Protected] PID 8972, Features 0000003000000102, C:\Windows\System32\sc.exe
2017-01-11T07:43:28.434Z [Protected] PID 8980, Features 000000300000010E, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2017-01-11T07:43:40.883Z [Protected] PID 9124, Features 0000003000000102, C:\Windows\System32\consent.exe
2017-01-11T07:43:41.023Z [Protected] PID 9156, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T07:43:41.070Z [Protected] PID 9192, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\SnagPriv.exe
2017-01-11T07:43:51.666Z [Protected] PID 5376, Features 0000003000000106, C:\Users\sherrick\AppData\Local\Apps\2.0\CZLEKDP7.8QJ\XAWL8KY9.P6Z\unit..tion_c985434882f2074b_0010.0000_2d7b96ead185776d\obunity.exe
2017-01-11T07:43:56.548Z [Protected] PID 8568, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\snagiteditor.exe
2017-01-11T07:44:04.785Z [Protected] PID 8784, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T07:44:19.411Z [Protected] PID 8244, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T07:44:26.514Z [Protected] PID 1232, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
2017-01-11T07:44:28.094Z [Protected] PID 1048, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-11T07:44:28.144Z [Protected] PID 6172, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T07:44:28.367Z [Protected] PID 9016, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T07:44:28.457Z [Protected] PID 7944, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T07:44:28.613Z [Protected] PID 8172, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-11T07:44:28.651Z [Protected] PID 7840, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T07:44:28.760Z [Protected] PID 7384, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T07:44:29.631Z [Protected] PID 8784, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T07:44:44.615Z [Protected] PID 7488, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T07:45:06.548Z [Protected] PID 8976, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-11T07:45:15.679Z [Protected] PID 2112, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T07:45:15.733Z [Protected] PID 8076, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T07:45:15.755Z [Protected] PID 8956, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-11T07:45:16.867Z [Protected] PID 4800, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-11T07:45:22.427Z [Protected] PID 8616, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T07:45:38.867Z [Protected] PID 8816, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
2017-01-11T07:45:43.350Z [Protected] PID 5344, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-11T07:45:53.650Z [Protected] PID 4712, Features 0000003000000106, C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe
2017-01-11T07:45:55.216Z [Protected] PID 5852, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
2017-01-11T07:46:19.112Z [Protected] PID 2420, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T07:46:21.156Z [Protected] PID 6212, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:46:21.178Z [Protected] PID 8596, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T07:46:21.422Z [Protected] PID 7184, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T07:46:22.408Z [Protected] PID 5092, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:46:22.640Z [Protected] PID 8880, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:46:23.772Z [Protected] PID 6424, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T07:46:26.442Z [Alert] Intruder, familyId=1de73e2e-0f28-4ad2-81c8-d0f89070724d, PID 6212, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:46:26.447Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111134626443-1.xml
2017-01-11T07:46:26.477Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\3adcdeff-7839-4778-b861-887567204c7f.json
2017-01-11T07:46:26.835Z [Alert] Intruder, familyId=d03826d4-d492-4926-92d0-8ca8731082f0, PID 5092, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:46:26.843Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111134626841-2.xml
2017-01-11T07:46:27.080Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\09734a83-7b9e-4c10-a61b-360de40085aa.json
2017-01-11T07:46:27.143Z [Alert] Intruder, familyId=dea48d16-4ca1-4397-8fc1-c7a46d753275, PID 8880, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:46:27.151Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111134627145-3.xml
2017-01-11T07:46:27.202Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\6acdf6b1-91f3-4b47-8618-81285eae3ffd.json
2017-01-11T07:46:36.456Z [Protected] PID 9588, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T07:46:36.493Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111134636
2017-01-11T07:46:49.850Z [Protected] PID 3308, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T07:47:34.852Z [Protected] PID 10092, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T07:47:45.960Z [Protected] PID 1532, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe
2017-01-11T07:47:47.129Z [Protected] PID 7644, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe
2017-01-11T07:47:47.417Z [Protected] PID 3632, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ismagent.exe
2017-01-11T07:47:47.906Z [Protected] PID 6864, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\CrashReportSender.exe
2017-01-11T07:47:51.980Z [Protected] PID 8776, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T07:48:38.564Z [Protected] PID 9512, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T07:48:39.092Z [Protected] PID 4732, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T07:48:39.237Z [Protected] PID 4192, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T07:49:54.312Z [Protected] PID 4448, Features 000000361FBF0106, C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
2017-01-11T07:51:02.237Z [Protected] PID 1420, Features 0000003000000102, C:\Windows\System32\TSTheme.exe
2017-01-11T07:51:08.321Z [Protected] PID 8360, Features 0000003000000102, C:\Windows\System32\winlogon.exe
2017-01-11T07:51:08.500Z [Protected] PID 9652, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T07:51:18.560Z [Protected] PID 1936, Features 0000003000000102, C:\Windows\System32\TSTheme.exe
2017-01-11T07:51:19.037Z [Protected] PID 9236, Features 0000003000000102, C:\Windows\System32\rdpclip.exe
2017-01-11T07:51:19.339Z [Protected] PID 10044, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-11T07:52:02.894Z [Protected] PID 5588, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
2017-01-11T07:52:05.930Z [Protected] PID 1432, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-11T07:52:06.016Z [Protected] PID 3364, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T07:52:54.510Z [Protected] PID 8392, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrodist.exe
2017-01-11T07:54:45.842Z [Protected] PID 7684, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T07:55:17.358Z [Protected] PID 2228, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T07:55:18.620Z [Protected] PID 10148, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:55:21.102Z [Protected] PID 10228, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:55:22.697Z [Alert] Intruder, familyId=b03b49aa-b3af-4f4b-9954-c952c61d29cf, PID 10148, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:55:22.701Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111135522698-4.xml
2017-01-11T07:55:22.709Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\161de349-cbfb-44cd-bd8b-96a38d61f56e.json
2017-01-11T07:55:25.318Z [Alert] Intruder, familyId=add8d9e4-08da-40d8-8ffa-5ca4015c34cc, PID 10228, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:55:25.321Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111135525319-5.xml
2017-01-11T07:55:25.328Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\9987b6e1-411c-4477-ab82-fc3f756741b2.json
2017-01-11T07:55:32.719Z [Protected] PID 4124, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T07:55:32.755Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111135532
2017-01-11T07:55:46.041Z [Protected] PID 7992, Features 000000300000010A, C:\Windows\System32\wermgr.exe
2017-01-11T07:55:46.166Z [Protected] PID 9112, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T07:55:51.523Z [Protected] PID 8200, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T07:55:52.658Z [Protected] PID 6224, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:55:53.354Z [Protected] PID 6504, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T07:55:53.909Z [Protected] PID 1152, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T07:55:54.475Z [Protected] PID 7408, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:55:55.050Z [Protected] PID 4192, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:55:56.884Z [Alert] Intruder, familyId=13681c54-622e-4dd2-b0c6-c89e889d4168, PID 6224, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:55:56.889Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111135556887-6.xml
2017-01-11T07:55:56.919Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\515cdd92-f50b-4b57-9359-e22840e348f7.json
2017-01-11T07:55:57.279Z [Protected] PID 9152, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T07:55:58.622Z [Protected] PID 4128, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T07:55:58.879Z [Alert] Intruder, familyId=3e64c9ae-95ed-4f90-a4a5-c662e247c850, PID 7408, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:55:58.885Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111135558882-7.xml
2017-01-11T07:55:58.896Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\3c1bc2de-68b9-49c6-8541-5af876c4b13f.json
2017-01-11T07:55:59.351Z [Alert] Intruder, familyId=0b7640fb-3670-4a2a-885b-198202adeb83, PID 4192, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T07:55:59.355Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111135559353-8.xml
2017-01-11T07:55:59.404Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\703f3127-9a4d-4189-a5d7-8b8d40f2f9d1.json
2017-01-11T07:56:06.898Z [Protected] PID 1260, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T07:56:06.933Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111135606
2017-01-11T07:57:45.814Z [Protected] PID 6704, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T07:57:45.968Z [Protected] PID 6424, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
2017-01-11T07:58:01.130Z [Protected] PID 7788, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T07:58:01.148Z [Protected] PID 10184, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T07:58:01.201Z [Protected] PID 9592, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T07:58:01.218Z [Protected] PID 10036, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T07:58:09.957Z [Protected] PID 9676, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T07:58:11.634Z [Protected] PID 1048, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-11T07:58:11.717Z [Protected] PID 7840, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T08:00:35.927Z [Protected] PID 2956, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-11T08:00:36.013Z [Protected] PID 10160, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T08:02:51.509Z [Protected] PID 9872, Features 0000003000000106, C:\Users\sherrick\Dropbox (OkaloosaClerk)\Desktop\EXCEL.EXE
2017-01-11T08:02:52.203Z [Protected] PID 10040, Features 000000300000010E, C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2017-01-11T08:03:01.698Z [Protected] PID 8932, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-11T08:03:01.700Z [Protected] PID 8328, Features 0000003000000102, C:\Windows\splwow64.exe
2017-01-11T08:04:32.961Z [Protected] PID 9748, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T08:04:34.795Z [Protected] PID 2268, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T08:04:36.859Z [Protected] PID 9972, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T08:07:05.508Z [Protected] PID 10124, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T08:07:05.531Z [Protected] PID 6284, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-11T08:07:05.617Z [Protected] PID 7380, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T08:07:05.638Z [Protected] PID 8688, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-11T08:08:30.499Z [Protected] PID 9968, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T08:10:59.084Z [Protected] PID 5772, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-11T08:11:20.602Z [Protected] PID 9276, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-11T08:11:20.690Z [Protected] PID 1948, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T08:12:45.768Z [Protected] PID 1268, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
2017-01-11T08:13:39.065Z [Protected] PID 8136, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T08:16:18.205Z [Protected] PID 7164, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T08:16:18.252Z [Protected] PID 9856, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T08:16:18.490Z [Protected] PID 8244, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-11T08:16:22.241Z [Protected] PID 5772, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-11T08:16:22.291Z [Protected] PID 9540, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T08:16:22.387Z [Protected] PID 5460, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T08:16:22.486Z [Protected] PID 5276, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T08:16:22.620Z [Protected] PID 6720, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-11T08:16:22.655Z [Protected] PID 232, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T08:16:22.801Z [Protected] PID 8724, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T08:16:50.577Z [Protected] PID 4156, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-11T08:17:28.546Z [Protected] PID 10112, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-11T08:17:36.215Z [Protected] PID 10192, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T08:17:37.364Z [Protected] PID 9244, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T08:17:37.412Z [Protected] PID 5492, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T08:17:37.433Z [Protected] PID 9100, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-11T08:17:37.506Z [Protected] PID 8080, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-11T08:17:45.136Z [Protected] PID 9780, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T08:17:45.160Z [Protected] PID 3748, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-11T08:18:00.159Z [Protected] PID 9612, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T08:18:02.352Z [Protected] PID 8476, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T08:18:02.370Z [Protected] PID 9372, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-11T08:18:06.538Z [Protected] PID 8740, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T08:18:23.044Z [Protected] PID 5648, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-11T08:19:38.299Z [Protected] PID 1228, Features 0000003000000106, C:\Users\sherrick\Dropbox (OkaloosaClerk)\Desktop\EXCEL.EXE
2017-01-11T08:19:38.795Z [Protected] PID 9484, Features 000000300000010E, C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2017-01-11T08:19:42.985Z [Protected] PID 9596, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-11T08:19:42.993Z [Protected] PID 8456, Features 0000003000000102, C:\Windows\splwow64.exe
2017-01-11T08:19:59.940Z [Protected] PID 2956, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T08:20:00.103Z [Protected] PID 7848, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T08:20:05.582Z [Protected] PID 9516, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T08:20:56.987Z [Protected] PID 8848, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T08:21:07.478Z [Protected] PID 10072, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T08:21:07.563Z [Protected] PID 8324, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T08:23:50.784Z [Protected] PID 10140, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-11T08:23:50.868Z [Protected] PID 10016, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T08:26:06.865Z [Protected] PID 7256, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T08:26:06.901Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111142606
2017-01-11T08:26:41.529Z [Protected] PID 9228, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-11T08:26:41.609Z [Protected] PID 6164, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T08:27:14.000Z [Protected] PID 5688, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T08:27:14.218Z [Protected] PID 5012, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-11T08:27:30.495Z [Protected] PID 9276, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-11T08:27:38.190Z [Protected] PID 7340, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T08:27:39.375Z [Protected] PID 10064, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T08:27:39.396Z [Protected] PID 5840, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-11T08:27:39.467Z [Protected] PID 1432, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-11T08:27:46.563Z [Protected] PID 10036, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T08:27:46.586Z [Protected] PID 7984, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-11T08:27:46.714Z [Protected] PID 2268, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T08:27:46.869Z [Protected] PID 9316, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
2017-01-11T08:28:02.022Z [Protected] PID 1048, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T08:28:02.040Z [Protected] PID 9236, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T08:28:02.093Z [Protected] PID 9676, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T08:28:02.111Z [Protected] PID 7456, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T08:28:02.133Z [Protected] PID 3120, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T08:29:01.520Z [Protected] PID 6436, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-11T08:29:01.602Z [Protected] PID 4732, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T08:30:28.991Z [Protected] PID 5424, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-11T08:30:29.072Z [Protected] PID 10172, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T08:30:59.993Z [Protected] PID 5492, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T08:45:46.305Z [Protected] PID 7892, Features 0000003000000102, C:\Windows\System32\scrnsave.scr
2017-01-11T08:45:51.227Z [Protected] PID 6276, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T08:56:06.833Z [Protected] PID 9028, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T08:56:06.868Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111145606
2017-01-11T08:57:47.613Z [Protected] PID 5588, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T08:57:47.762Z [Protected] PID 5948, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
2017-01-11T08:58:02.917Z [Protected] PID 1372, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T08:58:02.935Z [Protected] PID 9848, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T08:58:02.988Z [Protected] PID 9712, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T08:58:03.007Z [Protected] PID 10076, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T08:59:51.001Z [Protected] PID 1904, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T08:59:51.109Z [Protected] PID 9984, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T09:00:11.330Z [Protected] PID 9652, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T09:00:11.447Z [Protected] PID 8144, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T09:00:11.563Z [Protected] PID 9644, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T09:00:11.677Z [Protected] PID 2460, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T09:00:11.790Z [Protected] PID 8616, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T09:00:11.908Z [Protected] PID 7928, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T09:02:39.618Z [Protected] PID 9844, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T09:03:02.071Z [Protected] PID 8500, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-11T09:04:35.692Z [Protected] PID 1344, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T09:04:38.371Z [Protected] PID 4140, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T09:04:38.557Z [Protected] PID 8596, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T09:04:38.710Z [Protected] PID 9900, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T09:05:55.232Z [Protected] PID 7624, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T09:07:06.214Z [Protected] PID 6424, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T09:07:06.267Z [Protected] PID 6460, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-11T09:07:06.495Z [Protected] PID 8368, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T09:07:06.517Z [Protected] PID 4208, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-11T09:08:53.904Z [Protected] PID 9776, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T09:10:58.956Z [Protected] PID 1952, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-11T09:13:31.213Z [Protected] PID 6932, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T09:13:31.548Z [Protected] PID 8692, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe
2017-01-11T09:13:35.627Z [Protected] PID 8304, Features 000000300000010E, C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2017-01-11T09:20:00.142Z [Protected] PID 6820, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T09:20:00.319Z [Protected] PID 8536, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T09:20:48.764Z [Protected] PID 6120, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T09:21:05.235Z [Protected] PID 6476, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T09:21:07.290Z [Protected] PID 3792, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T09:21:07.377Z [Protected] PID 2000, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T09:26:06.110Z [Protected] PID 10216, Features 0000003000000102, C:\Windows\System32\TSTheme.exe
2017-01-11T09:26:07.250Z [Protected] PID 8144, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T09:26:07.299Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111152607
2017-01-11T09:26:15.114Z [Protected] PID 10120, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:26:15.257Z [Protected] PID 9692, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T09:26:55.764Z [Protected] PID 3864, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T09:26:56.165Z [Protected] PID 9144, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T09:26:56.182Z [Protected] PID 5280, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T09:26:56.378Z [Protected] PID 6820, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T09:26:56.417Z [Protected] PID 5536, Features 0000003000000106, C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2017-01-11T09:26:56.431Z [Protected] PID 10264, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-11T09:26:56.968Z [Protected] PID 10380, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T09:26:58.607Z [Protected] PID 10460, Features 0000003000000102, C:\Windows\System32\dwm.exe
2017-01-11T09:26:58.706Z [Protected] PID 10484, Features 0000003000800102, C:\Windows\explorer.exe
2017-01-11T09:26:58.899Z [Protected] PID 10492, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T09:26:58.910Z [Protected] PID 10540, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T09:26:58.990Z [Protected] PID 10400, Features 0000003000000102, C:\Windows\System32\cmd.exe
2017-01-11T09:26:59.220Z [Protected] PID 10592, Features 0000003000000102, C:\Windows\System32\igfxEM.exe
2017-01-11T09:26:59.250Z [Protected] PID 10608, Features 0000003000000102, C:\Windows\System32\igfxHK.exe
2017-01-11T09:26:59.645Z [Protected] PID 10628, Features 0000003000000102, C:\Windows\System32\igfxTray.exe
2017-01-11T09:27:00.821Z [Protected] PID 10648, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\TeamViewer.exe
2017-01-11T09:27:01.614Z [Protected] PID 10792, Features 0000003000000102, C:\Windows\System32\igfxEM.exe
2017-01-11T09:27:01.783Z [Protected] PID 10812, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:27:03.163Z [Protected] PID 10616, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
2017-01-11T09:27:03.744Z [Protected] PID 11020, Features 0000003000000102, C:\Windows\System32\igfxTray.exe
2017-01-11T09:27:03.861Z [Protected] PID 11032, Features 0000003000000106, C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
2017-01-11T09:27:04.009Z [Protected] PID 11044, Features 0000003000000106, C:\Program Files\Logitech\SetPointP\SetPoint.exe
2017-01-11T09:27:04.042Z [Protected] PID 11060, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\tv_w32.exe
2017-01-11T09:27:04.102Z [Protected] PID 11096, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\tv_x64.exe
2017-01-11T09:27:04.193Z [Protected] PID 11076, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T09:27:04.868Z [Protected] PID 11132, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
2017-01-11T09:27:05.972Z [Protected] PID 11124, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T09:27:06.538Z [Protected] PID 11208, Features 0000003000000106, C:\Program Files\Sophos\Sophos UI\Sophos UI.exe
2017-01-11T09:27:06.751Z [Protected] PID 11220, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
2017-01-11T09:27:07.436Z [Protected] PID 10272, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T09:27:07.474Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111152707
2017-01-11T09:27:11.034Z [Protected] PID 7372, Features 0000003000000106, C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
2017-01-11T09:27:11.085Z [Protected] PID 9460, Features 0000003000000102, C:\Windows\SysWOW64\runonce.exe
2017-01-11T09:27:11.264Z [Protected] PID 5160, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
2017-01-11T09:27:11.704Z [Protected] PID 1564, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T09:27:11.753Z [Protected] PID 10392, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
2017-01-11T09:27:12.113Z [Protected] PID 10720, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
2017-01-11T09:27:12.223Z [Protected] PID 11320, Features 0000003000000106, C:\Program Files (x86)\Hewlett-Packard\HP Touchpoint Manager\Discover HP Touchpoint Manager\LHBeacon.exe
2017-01-11T09:27:12.294Z [Protected] PID 11312, Features 0000003000000102, C:\Windows\twain_32\fjscan32\ERG\FTErGuid.exe
2017-01-11T09:27:12.316Z [Protected] PID 11364, Features 0000003000000102, C:\Windows\twain_32\fjscan32\SOP\FtLnSOP.exe
2017-01-11T09:27:12.550Z [Protected] PID 11400, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FjtwMkup.exe
2017-01-11T09:27:12.667Z [Protected] PID 11484, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FTPWREVT\FTPWREVT.exe
2017-01-11T09:27:12.854Z [Protected] PID 11524, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FiWiaChecker.exe
2017-01-11T09:27:13.033Z [Protected] PID 11576, Features 0000003000000106, C:\Program Files (x86)\Common Files\LogiShrd\LogiFEPluginforSkypeforBusiness\LogiFEC2013.exe
2017-01-11T09:27:13.150Z [Protected] PID 11604, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
2017-01-11T09:27:13.150Z [Protected] PID 11380, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\Snagit32.exe
2017-01-11T09:27:13.188Z [Protected] PID 11644, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\CDDRV3\LDConfig.exe
2017-01-11T09:27:13.224Z [Protected] PID 11624, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
2017-01-11T09:27:13.252Z [Protected] PID 11564, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T09:27:14.489Z [Protected] PID 11680, Features 0000003000000102, C:\Windows\System32\mobsync.exe
2017-01-11T09:27:18.479Z [Protected] PID 11856, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:27:18.934Z [Protected] PID 11904, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T09:27:20.999Z [Protected] PID 11992, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T09:27:23.725Z [Protected] PID 12044, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T09:27:26.889Z [Protected] PID 12140, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T09:27:27.086Z [Protected] PID 12228, Features 0000003000000102, C:\Windows\System32\wscript.exe
2017-01-11T09:27:28.823Z [Protected] PID 4228, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T09:27:28.986Z [Protected] PID 1276, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T09:27:31.274Z [Protected] PID 8360, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T09:27:33.806Z [Protected] PID 11300, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat_sl.exe
2017-01-11T09:27:33.952Z [Protected] PID 10492, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T09:27:34.689Z [Protected] PID 11668, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T09:27:34.689Z [Protected] PID 10736, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T09:27:35.183Z [Protected] PID 9224, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T09:27:45.206Z [Protected] PID 6568, Features 0000003000000102, C:\Windows\System32\consent.exe
2017-01-11T09:27:46.492Z [Protected] PID 9428, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T09:27:47.823Z [Protected] PID 12092, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T09:27:51.383Z [Protected] PID 10504, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T09:27:55.451Z [Protected] PID 4228, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T09:27:55.504Z [Protected] PID 10696, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T09:28:06.297Z [Protected] PID 11240, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T09:28:06.511Z [Protected] PID 11928, Features 0000003000000102, C:\Windows\System32\cmd.exe
2017-01-11T09:28:06.727Z [Protected] PID 6448, Features 0000003000000102, C:\Windows\System32\sc.exe
2017-01-11T09:28:07.499Z [Protected] PID 10736, Features 000000300000010E, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2017-01-11T09:28:08.018Z [Protected] PID 8344, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T09:28:08.081Z [Protected] PID 1816, Features 0000003000000106, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2017-01-11T09:28:09.871Z [Protected] PID 8948, Features 0000003000000102, C:\Windows\System32\consent.exe
2017-01-11T09:28:10.623Z [Protected] PID 6488, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T09:28:10.940Z [Protected] PID 10576, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\SnagPriv.exe
2017-01-11T09:28:16.094Z [Protected] PID 6460, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T09:28:23.256Z [Protected] PID 9228, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T09:28:26.640Z [Protected] PID 1672, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T09:28:26.685Z [Protected] PID 9288, Features 0000003000000106, C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
2017-01-11T09:28:37.430Z [Protected] PID 5432, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe
2017-01-11T09:28:37.928Z [Protected] PID 12252, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T09:28:44.993Z [Protected] PID 11924, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T09:28:45.338Z [Protected] PID 2000, Features 000000341FBFB106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T09:28:46.702Z [Protected] PID 10580, Features 0000003000000106, C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
2017-01-11T09:28:47.192Z [Protected] PID 2664, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T09:28:47.230Z [Protected] PID 10736, Features 0000003000000102, C:\Windows\System32\cmd.exe
2017-01-11T09:28:48.686Z [Protected] PID 8712, Features 000000341FBFB106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T09:28:52.230Z [Protected] PID 11716, Features 000000300000010A, C:\Windows\System32\msiexec.exe
2017-01-11T09:28:54.189Z [Protected] PID 10264, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T09:28:58.741Z [Protected] PID 9320, Features 0000003000002102, C:\Windows\System32\rundll32.exe
2017-01-11T09:28:58.799Z [Protected] PID 8136, Features 0000003000002102, C:\Windows\System32\rundll32.exe
2017-01-11T09:29:06.644Z [Protected] PID 5588, Features 0000003000000102, C:\Windows\SysWOW64\msiexec.exe
2017-01-11T09:29:47.724Z [Protected] PID 10912, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-11T09:29:49.756Z [Protected] PID 8760, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\snagiteditor.exe
2017-01-11T09:29:53.813Z [Protected] PID 12352, Features 0000003000000102, C:\Windows\System32\ipconfig.exe
2017-01-11T09:30:16.560Z [Protected] PID 12716, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
2017-01-11T09:30:18.738Z [Protected] PID 12820, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T09:30:20.032Z [Protected] PID 12892, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T09:30:20.372Z [Protected] PID 12944, Features 0000003000000102, C:\Windows\System32\sc.exe
2017-01-11T09:30:20.514Z [Protected] PID 12964, Features 000000300000010E, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2017-01-11T09:30:22.277Z [Protected] PID 13064, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.363Z [Protected] PID 13072, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.394Z [Protected] PID 13080, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.421Z [Protected] PID 13104, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.448Z [Protected] PID 13112, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.480Z [Protected] PID 13128, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.509Z [Protected] PID 13136, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.545Z [Protected] PID 13148, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.572Z [Protected] PID 13156, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.598Z [Protected] PID 13164, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.624Z [Protected] PID 13172, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.650Z [Protected] PID 13180, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.677Z [Protected] PID 13188, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.704Z [Protected] PID 13200, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.730Z [Protected] PID 13208, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.757Z [Protected] PID 13216, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.784Z [Protected] PID 13224, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.813Z [Protected] PID 13232, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.840Z [Protected] PID 13240, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.867Z [Protected] PID 13248, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.895Z [Protected] PID 13256, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.922Z [Protected] PID 13264, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.949Z [Protected] PID 13272, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:22.993Z [Protected] PID 13284, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.023Z [Protected] PID 13296, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.051Z [Protected] PID 13308, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.077Z [Protected] PID 6484, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.103Z [Protected] PID 12308, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.129Z [Protected] PID 7944, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.155Z [Protected] PID 12372, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.181Z [Protected] PID 12388, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.207Z [Protected] PID 12364, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.233Z [Protected] PID 12352, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.260Z [Protected] PID 6120, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.285Z [Protected] PID 5460, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.313Z [Protected] PID 5424, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.341Z [Protected] PID 10216, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.368Z [Protected] PID 1156, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.395Z [Protected] PID 10100, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.422Z [Protected] PID 8816, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.450Z [Protected] PID 2268, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.477Z [Protected] PID 7436, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.505Z [Protected] PID 1756, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.532Z [Protected] PID 9904, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.558Z [Protected] PID 4448, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.585Z [Protected] PID 10236, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.611Z [Protected] PID 10160, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.637Z [Protected] PID 9152, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.664Z [Protected] PID 6424, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.691Z [Protected] PID 3364, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.718Z [Protected] PID 6564, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.744Z [Protected] PID 808, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.772Z [Protected] PID 9720, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.798Z [Protected] PID 9700, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.825Z [Protected] PID 10008, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.851Z [Protected] PID 9844, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.878Z [Protected] PID 9452, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.905Z [Protected] PID 9304, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.933Z [Protected] PID 7940, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.960Z [Protected] PID 5220, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:23.987Z [Protected] PID 272, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.013Z [Protected] PID 9820, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.040Z [Protected] PID 8380, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.068Z [Protected] PID 9472, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.098Z [Protected] PID 8396, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.130Z [Protected] PID 9744, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.156Z [Protected] PID 6844, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.183Z [Protected] PID 8844, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.209Z [Protected] PID 5584, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.242Z [Protected] PID 5260, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.277Z [Protected] PID 8824, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.305Z [Protected] PID 9328, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.331Z [Protected] PID 9640, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.357Z [Protected] PID 9808, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.383Z [Protected] PID 11992, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.409Z [Protected] PID 12452, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.435Z [Protected] PID 12460, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.462Z [Protected] PID 12472, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.489Z [Protected] PID 12480, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.517Z [Protected] PID 12492, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.545Z [Protected] PID 12484, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.571Z [Protected] PID 12504, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.597Z [Protected] PID 12508, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.623Z [Protected] PID 12424, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.648Z [Protected] PID 12436, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.674Z [Protected] PID 12516, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.700Z [Protected] PID 12412, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.728Z [Protected] PID 8620, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.757Z [Protected] PID 10044, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.785Z [Protected] PID 11784, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.812Z [Protected] PID 5100, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.839Z [Protected] PID 8148, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.866Z [Protected] PID 12520, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.893Z [Protected] PID 12540, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.920Z [Protected] PID 12544, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.947Z [Protected] PID 12320, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:24.975Z [Protected] PID 10808, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.002Z [Protected] PID 11536, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.029Z [Protected] PID 1320, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.057Z [Protected] PID 11708, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.084Z [Protected] PID 12600, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.112Z [Protected] PID 11452, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.138Z [Protected] PID 8948, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.169Z [Protected] PID 2664, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.196Z [Protected] PID 7788, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.223Z [Protected] PID 12616, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.251Z [Protected] PID 11800, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.359Z [Protected] PID 6476, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.387Z [Protected] PID 7360, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.415Z [Protected] PID 9800, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.443Z [Protected] PID 10872, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.471Z [Protected] PID 12380, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.499Z [Protected] PID 12264, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.527Z [Protected] PID 6128, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.554Z [Protected] PID 6788, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.580Z [Protected] PID 8308, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.607Z [Protected] PID 10896, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.634Z [Protected] PID 7152, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.660Z [Protected] PID 10436, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.688Z [Protected] PID 9908, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.717Z [Protected] PID 10192, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.745Z [Protected] PID 9664, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.772Z [Protected] PID 10052, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.800Z [Protected] PID 9020, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.828Z [Protected] PID 6324, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.856Z [Protected] PID 10012, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.883Z [Protected] PID 3348, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.911Z [Protected] PID 5592, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.939Z [Protected] PID 10508, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.967Z [Protected] PID 10072, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:25.995Z [Protected] PID 2040, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.023Z [Protected] PID 10728, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.052Z [Protected] PID 8140, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.081Z [Protected] PID 11240, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.109Z [Protected] PID 9952, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.137Z [Protected] PID 8340, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.166Z [Protected] PID 8412, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.193Z [Protected] PID 11348, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.220Z [Protected] PID 11720, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.247Z [Protected] PID 12268, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.275Z [Protected] PID 11304, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.302Z [Protected] PID 6488, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.332Z [Protected] PID 9880, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.361Z [Protected] PID 8200, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.389Z [Protected] PID 12652, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.466Z [Protected] PID 6160, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.495Z [Protected] PID 12636, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.524Z [Protected] PID 12672, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:26.552Z [Protected] PID 8748, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.057Z [Protected] PID 8252, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.085Z [Protected] PID 10724, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.165Z [Protected] PID 11244, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.193Z [Protected] PID 12708, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.222Z [Protected] PID 12524, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.250Z [Protected] PID 12076, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.279Z [Protected] PID 8928, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.307Z [Protected] PID 9560, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.334Z [Protected] PID 8932, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.364Z [Protected] PID 12744, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.393Z [Protected] PID 12748, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.419Z [Protected] PID 12816, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.446Z [Protected] PID 3268, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.474Z [Protected] PID 9112, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.501Z [Protected] PID 9624, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.530Z [Protected] PID 11908, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.558Z [Protected] PID 12880, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.585Z [Protected] PID 12828, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.613Z [Protected] PID 12960, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.641Z [Protected] PID 6516, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.669Z [Protected] PID 9588, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.697Z [Protected] PID 3536, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.724Z [Protected] PID 12216, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.752Z [Protected] PID 12144, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.780Z [Protected] PID 9336, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.807Z [Protected] PID 12140, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.834Z [Protected] PID 12952, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.861Z [Protected] PID 12852, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.890Z [Protected] PID 12868, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.918Z [Protected] PID 12948, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.945Z [Protected] PID 12792, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.971Z [Protected] PID 6212, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:27.997Z [Protected] PID 12860, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.024Z [Protected] PID 12876, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.051Z [Protected] PID 8344, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.077Z [Protected] PID 13004, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.104Z [Protected] PID 12992, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.131Z [Protected] PID 12260, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.158Z [Protected] PID 12904, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.186Z [Protected] PID 12588, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.214Z [Protected] PID 1928, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.242Z [Protected] PID 12628, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.270Z [Protected] PID 10564, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.298Z [Protected] PID 12104, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.324Z [Protected] PID 9324, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.351Z [Protected] PID 12228, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.380Z [Protected] PID 5772, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.407Z [Protected] PID 7040, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.434Z [Protected] PID 12292, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.461Z [Protected] PID 12296, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.487Z [Protected] PID 12340, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.515Z [Protected] PID 12432, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.541Z [Protected] PID 12444, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.568Z [Protected] PID 12552, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.595Z [Protected] PID 12556, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.622Z [Protected] PID 12328, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.649Z [Protected] PID 12688, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.677Z [Protected] PID 12760, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.704Z [Protected] PID 10048, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.730Z [Protected] PID 13028, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.791Z [Protected] PID 12256, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.820Z [Protected] PID 7340, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.848Z [Protected] PID 12248, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.876Z [Protected] PID 13036, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.904Z [Protected] PID 7004, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.932Z [Protected] PID 10528, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.959Z [Protected] PID 12568, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:28.986Z [Protected] PID 12640, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.013Z [Protected] PID 12232, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.041Z [Protected] PID 9868, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.068Z [Protected] PID 9500, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.096Z [Protected] PID 9424, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.124Z [Protected] PID 6284, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.152Z [Protected] PID 2000, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.180Z [Protected] PID 12272, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.208Z [Protected] PID 7916, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.234Z [Protected] PID 2016, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.262Z [Protected] PID 10692, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.291Z [Protected] PID 10196, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.319Z [Protected] PID 10148, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.349Z [Protected] PID 11668, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.378Z [Protected] PID 9780, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.409Z [Protected] PID 12168, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.446Z [Protected] PID 9540, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.479Z [Protected] PID 12116, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.511Z [Protected] PID 9616, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.537Z [Protected] PID 196, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.563Z [Protected] PID 11876, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.590Z [Protected] PID 11884, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.617Z [Protected] PID 11880, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.731Z [Protected] PID 13056, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.758Z [Protected] PID 11732, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.788Z [Protected] PID 11840, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.815Z [Protected] PID 11680, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.842Z [Protected] PID 8560, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.869Z [Protected] PID 1564, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.896Z [Protected] PID 10284, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.922Z [Protected] PID 5896, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.950Z [Protected] PID 12032, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:29.976Z [Protected] PID 11632, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.025Z [Protected] PID 8032, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.052Z [Protected] PID 10168, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.080Z [Protected] PID 10848, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.107Z [Protected] PID 9884, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.134Z [Protected] PID 7624, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.160Z [Protected] PID 1120, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.189Z [Protected] PID 10820, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.220Z [Protected] PID 12080, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.249Z [Protected] PID 5208, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.275Z [Protected] PID 1188, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.305Z [Protected] PID 6800, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.351Z [Protected] PID 7888, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.385Z [Protected] PID 13092, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.422Z [Protected] PID 9288, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.449Z [Protected] PID 11564, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.475Z [Protected] PID 11636, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.502Z [Protected] PID 1060, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.530Z [Protected] PID 11524, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.558Z [Protected] PID 11484, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.585Z [Protected] PID 1668, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.614Z [Protected] PID 11904, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.641Z [Protected] PID 9604, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.668Z [Protected] PID 10572, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.696Z [Protected] PID 13280, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.724Z [Protected] PID 9740, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.751Z [Protected] PID 9100, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.777Z [Protected] PID 11848, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.804Z [Protected] PID 9548, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.832Z [Protected] PID 12392, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.860Z [Protected] PID 10372, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.890Z [Protected] PID 12780, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.918Z [Protected] PID 4612, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.945Z [Protected] PID 10576, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:30.974Z [Protected] PID 9580, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.001Z [Protected] PID 10676, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.028Z [Protected] PID 11936, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.056Z [Protected] PID 11832, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.083Z [Protected] PID 11368, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.111Z [Protected] PID 13292, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.139Z [Protected] PID 11500, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.167Z [Protected] PID 10748, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.194Z [Protected] PID 11396, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.222Z [Protected] PID 13304, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.250Z [Protected] PID 12348, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.279Z [Protected] PID 5796, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.308Z [Protected] PID 11532, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.335Z [Protected] PID 9660, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.363Z [Protected] PID 7928, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.391Z [Protected] PID 8604, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.464Z [Protected] PID 11340, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.491Z [Protected] PID 11424, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.519Z [Protected] PID 11432, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.552Z [Protected] PID 11440, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.586Z [Protected] PID 11480, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.612Z [Protected] PID 11408, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.637Z [Protected] PID 11416, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.662Z [Protected] PID 11392, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.690Z [Protected] PID 11460, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.717Z [Protected] PID 11920, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.744Z [Protected] PID 9240, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.771Z [Protected] PID 9940, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.797Z [Protected] PID 12808, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.824Z [Protected] PID 11612, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.850Z [Protected] PID 11976, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.879Z [Protected] PID 11952, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.907Z [Protected] PID 11252, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.932Z [Protected] PID 11260, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.958Z [Protected] PID 1808, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:31.984Z [Protected] PID 10344, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.009Z [Protected] PID 10568, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.035Z [Protected] PID 3860, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.062Z [Protected] PID 7476, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.090Z [Protected] PID 8424, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.116Z [Protected] PID 5412, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.142Z [Protected] PID 10532, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.169Z [Protected] PID 10980, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.250Z [Protected] PID 11100, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.334Z [Protected] PID 11124, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.484Z [Protected] PID 11156, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.514Z [Protected] PID 12124, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.542Z [Protected] PID 11748, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.569Z [Protected] PID 12716, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.596Z [Protected] PID 12968, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.623Z [Protected] PID 12188, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.651Z [Protected] PID 12184, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.679Z [Protected] PID 11744, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.778Z [Protected] PID 13068, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.845Z [Protected] PID 13076, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.937Z [Protected] PID 13084, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.963Z [Protected] PID 13108, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:32.991Z [Protected] PID 13116, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:33.019Z [Protected] PID 13132, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:33.050Z [Protected] PID 13136, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:33.147Z [Protected] PID 13168, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T09:30:34.001Z [Protected] PID 13236, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:34.037Z [Protected] PID 13252, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:36.062Z [Protected] PID 8164, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T09:30:43.013Z [Protected] PID 13216, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T09:30:43.192Z [Protected] PID 6720, Features 0000003000000102, C:\Windows\System32\winlogon.exe
2017-01-11T09:30:43.997Z [Protected] PID 9472, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T09:30:45.778Z [Protected] PID 9980, Features 0000003000000106, C:\Windows\IntelliAdminRC5\Agent32.exe
2017-01-11T09:31:00.545Z [Protected] PID 11560, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T09:31:33.682Z [Protected] PID 10760, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-11T09:31:33.782Z [Protected] PID 12480, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T09:31:33.890Z [Protected] PID 10836, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T09:31:33.990Z [Protected] PID 12488, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T09:31:34.139Z [Protected] PID 1860, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-11T09:31:34.173Z [Protected] PID 1884, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T09:31:34.412Z [Protected] PID 12516, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T09:31:46.340Z [Protected] PID 4356, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T09:31:46.378Z [Protected] PID 8740, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-11T09:31:46.379Z [Protected] PID 1320, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-11T09:32:01.875Z [Protected] PID 11036, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe
2017-01-11T09:41:56.728Z [Protected] PID 1012, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T09:41:57.428Z [Protected] PID 12928, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
2017-01-11T09:42:32.117Z [Protected] PID 9576, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T09:42:32.137Z [Protected] PID 3692, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T09:42:32.269Z [Protected] PID 9636, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T09:42:32.288Z [Protected] PID 9692, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T09:57:08.045Z [Protected] PID 7340, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T09:57:08.085Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111155707
2017-01-11T10:00:00.951Z [Protected] PID 1740, Features 000000300000010A, C:\Windows\System32\sdclt.exe
2017-01-11T10:00:07.270Z [Protected] PID 9308, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T10:00:07.291Z [Protected] PID 8188, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-11T10:00:09.831Z [Protected] PID 10856, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T10:00:25.791Z [Protected] PID 11744, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-11T10:04:13.677Z [Protected] PID 9780, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T10:04:34.618Z [Protected] PID 12412, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T10:04:36.729Z [Protected] PID 12540, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T10:04:37.413Z [Protected] PID 9696, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T10:04:37.610Z [Protected] PID 8032, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T10:07:07.307Z [Protected] PID 9052, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T10:07:07.332Z [Protected] PID 5260, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-11T10:07:07.572Z [Protected] PID 10352, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T10:07:07.593Z [Protected] PID 11076, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-11T10:10:59.509Z [Protected] PID 9220, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-11T10:11:56.861Z [Protected] PID 12748, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T10:11:57.207Z [Protected] PID 12972, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
2017-01-11T10:12:12.869Z [Protected] PID 11280, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T10:12:12.887Z [Protected] PID 5328, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T10:12:12.941Z [Protected] PID 12904, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T10:12:12.958Z [Protected] PID 8324, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T10:15:54.213Z [Protected] PID 2608, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T10:15:54.234Z [Protected] PID 12852, Features 0000003000000106, C:\Program Files\Intel\Telemetry 2.0\lrio.exe
2017-01-11T10:20:00.097Z [Protected] PID 11648, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T10:20:39.885Z [Protected] PID 11412, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T10:21:05.771Z [Protected] PID 11468, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T10:21:07.826Z [Protected] PID 10740, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T10:21:07.914Z [Protected] PID 10344, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T10:27:08.323Z [Protected] PID 10652, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T10:27:08.365Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111162708
2017-01-11T10:30:17.356Z [Protected] PID 12704, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-11T10:30:17.406Z [Protected] PID 12020, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T10:30:17.503Z [Protected] PID 9812, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T10:30:17.602Z [Protected] PID 9684, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T10:30:17.865Z [Protected] PID 1672, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-11T10:30:17.899Z [Protected] PID 8672, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T10:30:18.051Z [Protected] PID 11576, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T10:31:00.054Z [Protected] PID 12500, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T10:31:00.266Z [Protected] PID 12876, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T10:41:56.790Z [Protected] PID 9128, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T10:41:56.938Z [Protected] PID 9576, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
2017-01-11T10:42:12.089Z [Protected] PID 12664, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T10:42:12.106Z [Protected] PID 9460, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T10:42:12.154Z [Protected] PID 11428, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T10:42:12.171Z [Protected] PID 12136, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T10:57:08.477Z [Protected] PID 8200, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T10:57:08.551Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111165708
2017-01-11T10:57:11.792Z [Protected] PID 10308, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T10:57:11.834Z [Protected] PID 10860, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T10:59:14.196Z [Protected] PID 10112, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T10:59:14.240Z [Protected] PID 11792, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T11:00:44.804Z [Protected] PID 11344, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T11:01:48.426Z [Protected] PID 10180, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-11T11:01:48.476Z [Protected] PID 10560, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T11:01:48.572Z [Protected] PID 2420, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T11:01:48.665Z [Protected] PID 10336, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T11:01:48.801Z [Protected] PID 11948, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-11T11:01:48.835Z [Protected] PID 11956, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T11:01:48.982Z [Protected] PID 13292, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T11:01:50.324Z [Protected] PID 12516, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T11:01:50.368Z [Protected] PID 11724, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T11:04:34.630Z [Protected] PID 976, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T11:04:36.289Z [Protected] PID 10868, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T11:04:36.371Z [Protected] PID 13084, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T11:04:36.465Z [Protected] PID 10680, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T11:07:07.818Z [Protected] PID 5256, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T11:07:07.841Z [Protected] PID 12916, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-11T11:07:07.918Z [Protected] PID 10288, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T11:07:07.941Z [Protected] PID 11128, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-11T11:10:59.593Z [Protected] PID 12736, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-11T11:14:39.134Z [Protected] PID 9952, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T11:20:00.104Z [Protected] PID 10180, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T11:20:00.268Z [Protected] PID 11956, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T11:20:46.894Z [Protected] PID 1264, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T11:21:05.996Z [Protected] PID 11440, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T11:21:07.997Z [Protected] PID 5588, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T11:21:08.086Z [Protected] PID 7716, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T11:24:45.903Z [Protected] PID 12208, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T11:24:46.158Z [Protected] PID 8296, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T11:27:08.663Z [Protected] PID 6968, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T11:27:08.697Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111172708
2017-01-11T11:28:49.248Z [Protected] PID 12128, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T11:28:49.267Z [Protected] PID 9128, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-11T11:28:49.493Z [Protected] PID 8256, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-11T11:31:00.053Z [Protected] PID 8148, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T11:31:00.214Z [Protected] PID 5524, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T11:31:18.308Z [Protected] PID 11804, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe
2017-01-11T11:40:59.974Z [Protected] PID 11140, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-11T11:41:00.024Z [Protected] PID 10984, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T11:41:00.142Z [Protected] PID 10096, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T11:41:00.241Z [Protected] PID 6176, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T11:41:00.373Z [Protected] PID 9244, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\1.3.57.1\DropboxUpdateBroker.exe
2017-01-11T11:41:00.407Z [Protected] PID 11424, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T11:41:00.560Z [Protected] PID 12888, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T11:45:10.425Z [Protected] PID 7216, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T11:45:10.444Z [Protected] PID 12216, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-11T11:45:11.980Z [Protected] PID 9664, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T11:45:27.966Z [Protected] PID 12028, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-11T11:48:57.142Z [Protected] PID 11300, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T11:48:57.612Z [ApplyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111174857
2017-01-11T12:04:34.435Z [Protected] PID 4792, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T12:04:36.110Z [Protected] PID 12344, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T12:04:36.194Z [Protected] PID 7188, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T12:04:36.285Z [Protected] PID 8708, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T12:06:09.851Z [Protected] PID 11952, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T12:07:07.813Z [Protected] PID 10828, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T12:07:07.835Z [Protected] PID 10328, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-11T12:07:07.913Z [Protected] PID 11848, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T12:07:07.934Z [Protected] PID 11916, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-11T12:10:59.263Z [Protected] PID 9476, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-11T12:18:57.536Z [Protected] PID 10544, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T12:18:57.572Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111181857
2017-01-11T12:19:59.972Z [Protected] PID 4328, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T12:20:00.133Z [Protected] PID 13120, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T12:20:00.143Z [Protected] PID 1256, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T12:20:00.272Z [Protected] PID 168, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T12:20:32.991Z [Protected] PID 10384, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T12:21:05.866Z [Protected] PID 9380, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T12:21:07.778Z [Protected] PID 1828, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T12:21:07.867Z [Protected] PID 9588, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T12:30:18.376Z [Protected] PID 7456, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T12:30:18.393Z [Protected] PID 1740, Features 0000003000000106, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2017-01-11T12:30:34.869Z [Protected] PID 11856, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T12:31:00.053Z [Protected] PID 12032, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T12:31:00.216Z [Protected] PID 13028, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T12:31:08.987Z [Protected] PID 9116, Features 000000300000010A, C:\Windows\System32\wbem\WmiApSrv.exe
2017-01-11T12:31:12.940Z [Protected] PID 11788, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T12:33:14.977Z [Protected] PID 13224, Features 000000300000010A, C:\Windows\System32\wbem\WmiApSrv.exe
2017-01-11T12:33:15.064Z [Protected] PID 12104, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T12:47:35.296Z [Protected] PID 9624, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T12:47:35.843Z [Protected] PID 8148, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\TeamViewer.exe
2017-01-11T12:47:35.847Z [Protected] PID 12868, Features 0000003000000106, C:\Windows\IntelliAdminRC5\Agent32.exe
2017-01-11T12:47:36.233Z [Protected] PID 4716, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T12:47:36.291Z [Protected] PID 9144, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T12:47:36.800Z [Protected] PID 12356, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\tv_w32.exe
2017-01-11T12:47:36.807Z [Protected] PID 10832, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\tv_x64.exe
2017-01-11T12:47:55.379Z [Protected] PID 11608, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
2017-01-11T12:47:56.849Z [Protected] PID 10716, Features 000000300000010E, C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2017-01-11T12:48:02.061Z [Protected] PID 12088, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-11T12:48:02.186Z [Protected] PID 5448, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T12:48:57.686Z [Protected] PID 9564, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T12:48:57.721Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111184857
2017-01-11T12:50:02.832Z [Protected] PID 12012, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\mavinject32.exe
2017-01-11T12:50:02.932Z [Protected] PID 1048, Features 000000361FBF0106, C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
2017-01-11T12:50:04.848Z [Protected] PID 1500, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\mavinject32.exe
2017-01-11T12:50:04.910Z [Protected] PID 12384, Features 000000361FBF0106, C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
2017-01-11T12:51:20.752Z [Protected] PID 10032, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-11T12:51:20.838Z [Protected] PID 13212, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T12:51:21.058Z [Protected] PID 12748, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-11T12:51:29.109Z [Protected] PID 11924, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T12:51:30.263Z [Protected] PID 9520, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T12:52:43.085Z [Protected] PID 10156, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-11T12:52:43.166Z [Protected] PID 12408, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T12:52:54.362Z [Protected] PID 10448, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-11T12:53:04.878Z [Protected] PID 6520, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T12:53:13.878Z [Protected] PID 272, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-11T12:53:22.722Z [Protected] PID 6880, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T12:53:22.783Z [Protected] PID 9868, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T12:53:22.804Z [Protected] PID 12528, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\Adobe Genuine Launcher.exe
2017-01-11T12:53:23.095Z [Protected] PID 7632, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-11T12:53:29.219Z [Protected] PID 11280, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T12:53:29.243Z [Protected] PID 11092, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_licutil.exe
2017-01-11T12:53:45.605Z [Protected] PID 9416, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T12:53:52.171Z [Protected] PID 8532, Features 0000003000000106, C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
2017-01-11T12:54:03.551Z [Protected] PID 10996, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\lynchtmlconv.exe
2017-01-11T12:54:44.674Z [Protected] PID 9028, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T12:55:46.872Z [Protected] PID 11720, Features 0000003000000102, C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-01-11T12:55:46.963Z [Protected] PID 10140, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T13:01:51.395Z [Protected] PID 2456, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:01:51.413Z [Protected] PID 11280, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-11T13:01:51.630Z [Protected] PID 7200, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-11T13:02:42.087Z [Protected] PID 10320, Features 0000003000000106, C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
2017-01-11T13:03:05.863Z [Protected] PID 10292, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T13:03:07.571Z [Protected] PID 9576, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:03:07.582Z [Protected] PID 9888, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:03:10.347Z [Protected] PID 11992, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-11T13:04:34.579Z [Protected] PID 1564, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T13:04:36.285Z [Protected] PID 5572, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:04:36.375Z [Protected] PID 5328, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T13:04:36.463Z [Protected] PID 9232, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T13:05:29.178Z [Protected] PID 6160, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:05:29.522Z [Protected] PID 10492, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:05:51.850Z [Protected] PID 11936, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T13:05:53.171Z [Protected] PID 8320, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:05:58.238Z [Alert] Intruder, familyId=49983857-7469-413d-81e6-32a5bab94da0, PID 8320, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:05:58.241Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111190558239-9.xml
2017-01-11T13:05:58.264Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\97501077-7c05-4ca4-80ef-5cdb182a3579.json
2017-01-11T13:06:08.267Z [Protected] PID 12700, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:06:08.313Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111190608
2017-01-11T13:06:21.579Z [Protected] PID 10508, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:06:55.825Z [Protected] PID 1496, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:07:08.126Z [Protected] PID 8856, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:07:08.150Z [Protected] PID 9500, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag.exe
2017-01-11T13:07:08.234Z [Protected] PID 12536, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:07:08.255Z [Protected] PID 12968, Features 0000003000000106, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_lspdiag_64.exe
2017-01-11T13:07:09.118Z [Protected] PID 8468, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\TeamViewer.exe
2017-01-11T13:07:27.954Z [Protected] PID 8372, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T13:07:28.564Z [Protected] PID 5572, Features 0000003000000106, c:\program files (x86)\teamviewer\TeamViewer_Desktop.exe
2017-01-11T13:07:43.938Z [Protected] PID 1328, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:08:07.637Z [Protected] PID 10004, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:08:15.484Z [Protected] PID 11224, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T13:08:16.801Z [Protected] PID 13268, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:08:21.121Z [Alert] Intruder, familyId=d8dbc7cc-b0f4-483b-ae3f-15e32abb0261, PID 13268, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:08:21.124Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111190821122-10.xml
2017-01-11T13:08:21.130Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\036af33e-4f9f-44ce-8f10-108d92bea648.json
2017-01-11T13:08:31.146Z [Protected] PID 11388, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:08:31.183Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111190831
2017-01-11T13:08:34.531Z [Protected] PID 12708, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:08:40.837Z [Protected] PID 11052, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:08:43.340Z [Protected] PID 11156, Features 0000003000002102, C:\Windows\System32\rundll32.exe
2017-01-11T13:08:43.442Z [Protected] PID 1952, Features 0000003000002102, C:\Windows\System32\rundll32.exe
2017-01-11T13:08:45.615Z [Protected] PID 9488, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:08:45.984Z [Protected] PID 3792, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:08:46.058Z [Protected] PID 8596, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T13:08:46.665Z [Protected] PID 9380, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:08:46.906Z [Protected] PID 5576, Features 0000003000002102, C:\Windows\System32\ieUnatt.exe
2017-01-11T13:08:47.029Z [Protected] PID 11800, Features 0000003000002102, C:\Windows\System32\rundll32.exe
2017-01-11T13:08:47.078Z [Protected] PID 7436, Features 0000003000002102, C:\Windows\System32\rundll32.exe
2017-01-11T13:08:58.507Z [Protected] PID 5292, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T13:09:03.357Z [Protected] PID 9016, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:09:06.892Z [Protected] PID 12968, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:09:07.585Z [Alert] Intruder, familyId=06368867-c633-4f11-83c2-008e8f92b5e7, PID 9016, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:09:07.648Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111190907645-11.xml
2017-01-11T13:09:07.953Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\85737e40-97e6-4bab-a6cf-415b07354e12.json
2017-01-11T13:09:17.269Z [Protected] PID 12392, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:09:17.375Z [Protected] PID 8344, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:09:17.601Z [Protected] PID 9816, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:09:17.642Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111190917
2017-01-11T13:09:23.711Z [Protected] PID 9604, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:10:04.181Z [Protected] PID 6972, Features 000000341FBFB106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T13:10:08.629Z [Protected] PID 12332, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:10:14.897Z [Protected] PID 12884, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:10:20.215Z [Protected] PID 5380, Features 0000003000000102, C:\Windows\System32\consent.exe
2017-01-11T13:10:37.437Z [Protected] PID 11328, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:10:37.495Z [Protected] PID 9672, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:10:42.575Z [Protected] PID 8328, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T13:10:43.836Z [Protected] PID 10480, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:10:45.927Z [Protected] PID 11072, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:10:48.334Z [Alert] Intruder, familyId=4e263d65-210c-4496-b2c9-b5f775c2b4af, PID 10480, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:10:48.338Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111191048335-12.xml
2017-01-11T13:10:48.628Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\9ac93dbd-9c72-44c9-8f30-12fb757655d2.json
2017-01-11T13:10:58.357Z [Protected] PID 10916, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:10:58.396Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111191058
2017-01-11T13:10:59.411Z [Protected] PID 12320, Features 0000003000000106, C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\SophosUpdate.exe
2017-01-11T13:11:08.589Z [Protected] PID 9620, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T13:11:16.607Z [Protected] PID 10776, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T13:11:36.150Z [Protected] PID 644, Features 0000003000000102, C:\Windows\System32\winlogon.exe
2017-01-11T13:11:38.568Z [Protected] PID 6396, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T13:11:39.005Z [Protected] PID 9080, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
2017-01-11T13:11:39.036Z [Protected] PID 880, Features 0000003000000106, C:\Windows\IntelliAdminRC5\Agent32.exe
2017-01-11T13:11:39.457Z [Protected] PID 7040, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\tv_x64.exe
2017-01-11T13:11:39.457Z [Protected] PID 6536, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\tv_w32.exe
2017-01-11T13:11:57.116Z [Protected] PID 12444, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:12:00.954Z [Protected] PID 11044, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T13:12:00.970Z [Protected] PID 10456, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:12:01.188Z [Protected] PID 11100, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T13:12:01.204Z [Protected] PID 1952, Features 0000003000000106, C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2017-01-11T13:12:01.219Z [Protected] PID 7248, Features 0000003000000106, c:\program files (x86)\teamviewer\TeamViewer.exe
2017-01-11T13:12:01.344Z [Protected] PID 7200, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:12:01.375Z [Protected] PID 2616, Features 0000003000000102, C:\Windows\System32\cmd.exe
2017-01-11T13:12:01.406Z [Protected] PID 11708, Features 0000003000000102, C:\Windows\System32\dwm.exe
2017-01-11T13:12:01.625Z [Protected] PID 10800, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T13:12:02.327Z [Protected] PID 9932, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
2017-01-11T13:12:02.374Z [Protected] PID 10656, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T13:12:02.405Z [Protected] PID 11364, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
2017-01-11T13:12:04.885Z [Protected] PID 11944, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
2017-01-11T13:12:04.916Z [Protected] PID 10044, Features 0000003000000102, C:\Windows\System32\igfxTray.exe
2017-01-11T13:12:05.026Z [Protected] PID 9900, Features 0000003000000106, C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
2017-01-11T13:12:05.057Z [Protected] PID 12760, Features 0000003000000106, C:\Program Files\Logitech\SetPointP\SetPoint.exe
2017-01-11T13:12:05.618Z [Protected] PID 6436, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T13:12:05.681Z [Protected] PID 11480, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T13:12:05.852Z [Protected] PID 10832, Features 0000003000000106, C:\Program Files\Sophos\Sophos UI\Sophos UI.exe
2017-01-11T13:12:05.852Z [Protected] PID 11276, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
2017-01-11T13:12:05.962Z [Protected] PID 11796, Features 0000003000000102, C:\Windows\twain_32\fjscan32\ERG\FTErGuid.exe
2017-01-11T13:12:06.149Z [Protected] PID 4976, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\Snagit32.exe
2017-01-11T13:12:06.242Z [Protected] PID 7352, Features 0000003000000106, C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
2017-01-11T13:12:06.383Z [Protected] PID 8632, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
2017-01-11T13:12:06.414Z [Protected] PID 10344, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
2017-01-11T13:12:06.461Z [Protected] PID 7480, Features 0000003000000102, C:\Windows\twain_32\fjscan32\SOP\FtLnSOP.exe
2017-01-11T13:12:06.492Z [Protected] PID 1888, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FjtwMkup.exe
2017-01-11T13:12:06.523Z [Protected] PID 1272, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FTPWREVT\FTPWREVT.exe
2017-01-11T13:12:06.570Z [Protected] PID 12936, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FiWiaChecker.exe
2017-01-11T13:12:06.601Z [Protected] PID 1232, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T13:12:06.617Z [Protected] PID 11040, Features 0000003000000106, C:\Program Files (x86)\Hewlett-Packard\HP Touchpoint Manager\Discover HP Touchpoint Manager\LHBeacon.exe
2017-01-11T13:12:06.773Z [Protected] PID 9700, Features 0000003000000106, C:\Program Files (x86)\Common Files\LogiShrd\LogiFEPluginforSkypeforBusiness\LogiFEC2013.exe
2017-01-11T13:12:06.851Z [Protected] PID 2664, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
2017-01-11T13:12:06.929Z [Protected] PID 8608, Features 0000003000000102, C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
2017-01-11T13:12:07.323Z [Protected] PID 8544, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat_sl.exe
2017-01-11T13:12:07.343Z [Protected] PID 9068, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\CDDRV3\LDConfig.exe
2017-01-11T13:12:07.353Z [Protected] PID 8316, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
2017-01-11T13:12:07.403Z [Protected] PID 6236, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
2017-01-11T13:12:07.453Z [Protected] PID 8628, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\CDDRV3\LDConfig.exe
2017-01-11T13:12:09.534Z [Protected] PID 8356, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:12:11.251Z [Protected] PID 7464, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:12:11.297Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111191211
2017-01-11T13:12:11.329Z [Protected] PID 7432, Features 0000003000000102, C:\Windows\System32\consent.exe
2017-01-11T13:12:11.500Z [Protected] PID 1300, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:12:11.516Z [Protected] PID 9060, Features 0000003000000102, C:\Windows\System32\mobsync.exe
2017-01-11T13:12:11.578Z [Protected] PID 5720, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\SnagPriv.exe
2017-01-11T13:12:11.875Z [Protected] PID 6248, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:12:12.015Z [Protected] PID 6372, Features 0000003000000106, C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
2017-01-11T13:12:12.873Z [Protected] PID 8056, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:12:12.889Z [Protected] PID 7420, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:12:14.059Z [Protected] PID 7832, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T13:12:14.698Z [Protected] PID 7400, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T13:12:16.118Z [Protected] PID 8560, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:12:17.163Z [Protected] PID 10624, Features 0000003000000106, C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
2017-01-11T13:12:18.585Z [Protected] PID 7108, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:12:19.755Z [Protected] PID 6728, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:12:20.597Z [Protected] PID 6760, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T13:12:22.984Z [Protected] PID 4448, Features 0000003000000102, C:\Windows\System32\consent.exe
2017-01-11T13:12:23.467Z [Protected] PID 6992, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:12:23.514Z [Protected] PID 7564, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:12:26.556Z [Protected] PID 10052, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:12:26.697Z [Protected] PID 6952, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T13:12:26.775Z [Protected] PID 10112, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T13:12:27.617Z [Protected] PID 11368, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:12:28.257Z [Protected] PID 13036, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T13:12:28.381Z [Protected] PID 10484, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T13:12:28.381Z [Protected] PID 12820, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T13:12:28.506Z [Protected] PID 9240, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T13:12:29.801Z [Protected] PID 11584, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\snagiteditor.exe
2017-01-11T13:12:31.065Z [Protected] PID 12720, Features 0000003000000102, C:\Windows\System32\wscript.exe
2017-01-11T13:12:41.075Z [Protected] PID 7508, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:12:41.096Z [Protected] PID 7288, Features 0000003000000102, C:\Windows\System32\cmd.exe
2017-01-11T13:12:41.292Z [Protected] PID 7452, Features 0000003000000102, C:\Windows\System32\sc.exe
2017-01-11T13:12:41.324Z [Protected] PID 6924, Features 000000300000010E, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2017-01-11T13:12:41.390Z [Protected] PID 7804, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:12:41.432Z [Protected] PID 11280, Features 0000003000000106, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2017-01-11T13:12:43.584Z [Protected] PID 6432, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe
2017-01-11T13:12:43.671Z [Protected] PID 6180, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T13:12:46.581Z [Protected] PID 3392, Features 000000300000010A, C:\Windows\System32\msiexec.exe
2017-01-11T13:12:48.456Z [Protected] PID 6212, Features 0000003000000102, C:\Windows\SysWOW64\msiexec.exe
2017-01-11T13:12:53.596Z [Protected] PID 12640, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:13:02.735Z [Protected] PID 9032, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:13:08.281Z [Protected] PID 6384, Features 0000003000000102, \\192.168.1.25\installs\support\Tools\CleanUp!\Cleanup.exe
2017-01-11T13:13:09.397Z [Protected] PID 6428, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T13:13:48.833Z [Protected] PID 7000, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe
2017-01-11T13:13:49.221Z [Protected] PID 12812, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T13:13:50.241Z [Protected] PID 8144, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T13:13:50.480Z [Protected] PID 10836, Features 0000003000000102, C:\Windows\System32\sc.exe
2017-01-11T13:13:50.525Z [Protected] PID 10756, Features 000000300000010E, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2017-01-11T13:13:53.850Z [Protected] PID 6336, Features 0000003000000102, C:\Windows\SysWOW64\msiexec.exe
2017-01-11T13:14:25.914Z [Protected] PID 10400, Features 0000003000000106, C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe
2017-01-11T13:14:28.815Z [Protected] PID 2628, Features 0000003000000102, C:\Windows\SysWOW64\msiexec.exe
2017-01-11T13:14:29.179Z [Protected] PID 8240, Features 0000003000000106, C:\Windows\Installer\MSI6480.tmp
2017-01-11T13:14:31.247Z [Protected] PID 2244, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T13:14:36.200Z [Protected] PID 8920, Features 0000003000000102, C:\Windows\System32\taskmgr.exe
2017-01-11T13:14:36.773Z [Protected] PID 8376, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T13:15:09.680Z [Protected] PID 8044, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
2017-01-11T13:15:13.808Z [Protected] PID 7052, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T13:15:15.967Z [Protected] PID 1412, Features 0000003000000102, C:\Windows\System32\taskmgr.exe
2017-01-11T13:15:29.901Z [Protected] PID 7800, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T13:15:30.694Z [Protected] PID 12488, Features 0000003000000102, C:\Windows\SysWOW64\WerFault.exe
2017-01-11T13:15:38.636Z [Protected] PID 8436, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-11T13:15:39.855Z [Protected] PID 11324, Features 0000003000000102, C:\Windows\SysWOW64\WerFault.exe
2017-01-11T13:15:45.188Z [Protected] PID 980, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-11T13:15:49.770Z [Protected] PID 11848, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T13:16:03.887Z [Protected] PID 6092, Features 0000003000000102, C:\Windows\System32\consent.exe
2017-01-11T13:16:05.755Z [Protected] PID 8724, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:16:05.912Z [Protected] PID 2108, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:16:05.994Z [Protected] PID 2632, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe
2017-01-11T13:16:06.520Z [Protected] PID 11296, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T13:16:08.525Z [Protected] PID 11492, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\AAMCustomHook.exe
2017-01-11T13:16:12.393Z [Protected] PID 3200, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T13:16:40.701Z [Protected] PID 9980, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T13:16:42.741Z [Protected] PID 10228, Features 0000003000000102, C:\Windows\System32\taskmgr.exe
2017-01-11T13:16:47.726Z [Protected] PID 10012, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-11T13:16:50.942Z [Protected] PID 10404, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T13:17:02.128Z [Protected] PID 9564, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe
2017-01-11T13:17:02.234Z [Protected] PID 8056, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe
2017-01-11T13:17:07.336Z [Protected] PID 1000, Features 000000341FBF9106, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2017-01-11T13:17:07.619Z [Protected] PID 9192, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ismagent.exe
2017-01-11T13:17:12.372Z [Protected] PID 7024, Features 000000341FBFB106, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2017-01-11T13:17:13.517Z [Protected] PID 3748, Features 000000300000010A, C:\Windows\System32\SearchIndexer.exe
2017-01-11T13:17:15.515Z [Protected] PID 5644, Features 000000341FBFB106, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2017-01-11T13:17:15.877Z [Protected] PID 10592, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\AdobeCreativeCloudClient.exe
2017-01-11T13:17:16.991Z [Protected] PID 7420, Features 000000341FBFB106, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2017-01-11T13:17:17.130Z [Protected] PID 12456, Features 000000341FBFB106, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2017-01-11T13:17:17.983Z [Protected] PID 9488, Features 0000003000000102, C:\Windows\SysWOW64\regsvr32.exe
2017-01-11T13:17:18.393Z [Protected] PID 5480, Features 000000341FBFB106, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2017-01-11T13:17:18.718Z [Protected] PID 10868, Features 0000003000000102, C:\Windows\SysWOW64\regsvr32.exe
2017-01-11T13:17:19.895Z [Protected] PID 2604, Features 0000003000000102, C:\Windows\System32\regsvr32.exe
2017-01-11T13:17:20.878Z [Protected] PID 13300, Features 000000341FBFB106, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2017-01-11T13:17:22.463Z [Protected] PID 12256, Features 000000341FBFB106, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2017-01-11T13:17:29.213Z [Protected] PID 3796, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\AdobeApplicationManager(URIHandler).exe
2017-01-11T13:17:29.338Z [Protected] PID 3496, Features 0000003000000102, C:\Windows\SysWOW64\regsvr32.exe
2017-01-11T13:17:29.819Z [Protected] PID 6324, Features 0000003000000102, C:\Windows\SysWOW64\regsvr32.exe
2017-01-11T13:17:30.923Z [Protected] PID 8972, Features 0000003000000102, C:\Windows\System32\regsvr32.exe
2017-01-11T13:17:31.407Z [Protected] PID 12816, Features 0000003000000102, C:\Windows\System32\consent.exe
2017-01-11T13:17:32.959Z [Protected] PID 7164, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:17:33.006Z [Protected] PID 12488, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T13:17:33.354Z [Protected] PID 8360, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:17:33.479Z [Protected] PID 6212, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:17:33.562Z [Protected] PID 11940, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe
2017-01-11T13:17:33.842Z [Protected] PID 5592, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T13:17:35.780Z [Protected] PID 7456, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:17:35.813Z [Protected] PID 6200, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\customhook\AdobeIPCBrokerCustomHook.exe
2017-01-11T13:17:37.767Z [Protected] PID 7304, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\CrashReportSender.exe
2017-01-11T13:17:38.020Z [Protected] PID 6304, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T13:17:42.811Z [Protected] PID 7152, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:17:45.872Z [Protected] PID 9828, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\AdobeGCClient\customhook\gccustomhook.exe
2017-01-11T13:17:56.795Z [Protected] PID 7672, Features 0000003000000102, C:\Windows\SysWOW64\msiexec.exe
2017-01-11T13:17:58.354Z [Protected] PID 9872, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:18:00.091Z [Protected] PID 1096, Features 0000003000000102, C:\Windows\SysWOW64\msiexec.exe
2017-01-11T13:18:02.303Z [Protected] PID 8704, Features 000000300000010A, C:\Windows\System32\spoolsv.exe
2017-01-11T13:18:03.838Z [Protected] PID 8136, Features 000000300000010E, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2017-01-11T13:18:06.335Z [Protected] PID 7528, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
2017-01-11T13:18:16.873Z [Protected] PID 3980, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrodist.exe
2017-01-11T13:18:31.174Z [Protected] PID 12184, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T13:18:31.452Z [Protected] PID 1492, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.478Z [Protected] PID 8260, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.506Z [Protected] PID 10340, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.537Z [Protected] PID 8632, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.565Z [Protected] PID 10332, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.593Z [Protected] PID 8948, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.620Z [Protected] PID 11804, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.648Z [Protected] PID 1964, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.676Z [Protected] PID 12400, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.703Z [Protected] PID 10000, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.731Z [Protected] PID 9124, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.758Z [Protected] PID 11340, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.787Z [Protected] PID 3756, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.814Z [Protected] PID 7620, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.842Z [Protected] PID 3536, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.873Z [Protected] PID 2156, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.903Z [Protected] PID 12928, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.930Z [Protected] PID 7052, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.957Z [Protected] PID 11300, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:31.985Z [Protected] PID 11112, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.011Z [Protected] PID 1428, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.040Z [Protected] PID 8332, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.067Z [Protected] PID 7092, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.097Z [Protected] PID 12900, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.126Z [Protected] PID 7612, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.218Z [Protected] PID 7036, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.248Z [Protected] PID 7028, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.277Z [Protected] PID 2192, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.305Z [Protected] PID 5256, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.333Z [Protected] PID 8604, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.359Z [Protected] PID 3636, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.388Z [Protected] PID 7216, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.414Z [Protected] PID 4196, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.444Z [Protected] PID 8348, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.471Z [Protected] PID 6612, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.500Z [Protected] PID 9488, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.529Z [Protected] PID 8748, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.556Z [Protected] PID 8756, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.584Z [Protected] PID 2008, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.611Z [Protected] PID 12636, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.641Z [Protected] PID 8716, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.668Z [Protected] PID 3388, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.697Z [Protected] PID 7556, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.726Z [Protected] PID 6992, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.754Z [Protected] PID 6956, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.783Z [Protected] PID 7108, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.883Z [Protected] PID 5644, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.916Z [Protected] PID 9212, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.946Z [Protected] PID 7208, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:32.974Z [Protected] PID 12348, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.002Z [Protected] PID 8544, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.032Z [Protected] PID 9448, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.059Z [Protected] PID 11064, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.150Z [Protected] PID 8148, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.179Z [Protected] PID 12652, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.206Z [Protected] PID 4112, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.236Z [Protected] PID 7308, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.264Z [Protected] PID 7780, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.294Z [Protected] PID 1928, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.323Z [Protected] PID 9084, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.433Z [Protected] PID 12344, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.461Z [Protected] PID 6868, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.491Z [Protected] PID 6932, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.519Z [Protected] PID 12776, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.548Z [Protected] PID 3128, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.576Z [Protected] PID 11084, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.602Z [Protected] PID 7332, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.631Z [Protected] PID 7868, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.658Z [Protected] PID 6812, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.793Z [Protected] PID 6500, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.821Z [Protected] PID 1632, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.850Z [Protected] PID 9860, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.882Z [Protected] PID 6948, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.909Z [Protected] PID 5440, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.937Z [Protected] PID 1944, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.967Z [Protected] PID 10276, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:33.996Z [Protected] PID 7896, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.025Z [Protected] PID 10100, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.053Z [Protected] PID 8860, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.237Z [Protected] PID 9232, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.265Z [Protected] PID 12188, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.296Z [Protected] PID 6300, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.325Z [Protected] PID 11160, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.396Z [Protected] PID 11692, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.426Z [Protected] PID 2480, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.455Z [Protected] PID 8920, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.482Z [Protected] PID 8680, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.509Z [Protected] PID 9396, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.539Z [Protected] PID 7024, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.566Z [Protected] PID 6976, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.595Z [Protected] PID 7312, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.624Z [Protected] PID 11600, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.652Z [Protected] PID 11512, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.702Z [Protected] PID 11976, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.732Z [Protected] PID 6316, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.759Z [Protected] PID 12256, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.789Z [Protected] PID 6952, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.815Z [Protected] PID 12320, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.846Z [Protected] PID 6468, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.876Z [Protected] PID 6964, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:34.904Z [Protected] PID 7832, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.013Z [Protected] PID 1756, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.042Z [Protected] PID 5588, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.068Z [Protected] PID 6620, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.098Z [Protected] PID 7452, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.128Z [Protected] PID 13008, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.155Z [Protected] PID 12884, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.184Z [Protected] PID 9884, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.211Z [Protected] PID 9608, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.240Z [Protected] PID 11060, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.267Z [Protected] PID 8128, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.296Z [Protected] PID 7876, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.325Z [Protected] PID 2084, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.354Z [Protected] PID 7976, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.446Z [Protected] PID 5288, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.569Z [Protected] PID 12624, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.599Z [Protected] PID 11180, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.630Z [Protected] PID 6480, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.658Z [Protected] PID 7500, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.688Z [Protected] PID 6452, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.717Z [Protected] PID 4156, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.746Z [Protected] PID 12628, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.774Z [Protected] PID 12944, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.803Z [Protected] PID 12664, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.832Z [Protected] PID 7432, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.860Z [Protected] PID 7568, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.890Z [Protected] PID 7256, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.917Z [Protected] PID 992, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.946Z [Protected] PID 8388, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:35.973Z [Protected] PID 10220, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.118Z [Protected] PID 11252, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.149Z [Protected] PID 12412, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.178Z [Protected] PID 5052, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.273Z [Protected] PID 10212, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.302Z [Protected] PID 9440, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.331Z [Protected] PID 4992, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.360Z [Protected] PID 7564, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.389Z [Protected] PID 4308, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.416Z [Protected] PID 12464, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.449Z [Protected] PID 8792, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.477Z [Protected] PID 7860, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.509Z [Protected] PID 10880, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.590Z [Protected] PID 10404, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.618Z [Protected] PID 10920, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.650Z [Protected] PID 6908, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.681Z [Protected] PID 10080, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.708Z [Protected] PID 5460, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.738Z [Protected] PID 10288, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.866Z [Protected] PID 11048, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.902Z [Protected] PID 5484, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.933Z [Protected] PID 7776, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.965Z [Protected] PID 8360, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:36.997Z [Protected] PID 13184, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.050Z [Protected] PID 12548, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.093Z [Protected] PID 7856, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.135Z [Protected] PID 12940, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.170Z [Protected] PID 12572, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.215Z [Protected] PID 11528, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.253Z [Protected] PID 13036, Features 0000003000000102, C:\Windows\SysWOW64\msiexec.exe
2017-01-11T13:18:37.254Z [Protected] PID 12952, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.289Z [Protected] PID 7344, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.323Z [Protected] PID 2724, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.352Z [Protected] PID 7644, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.381Z [Protected] PID 5104, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.414Z [Protected] PID 12676, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.443Z [Protected] PID 12180, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.472Z [Protected] PID 8108, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.500Z [Protected] PID 10012, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.530Z [Protected] PID 7456, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.560Z [Protected] PID 11268, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.588Z [Protected] PID 10048, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.617Z [Protected] PID 10676, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.644Z [Protected] PID 1420, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.671Z [Protected] PID 408, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.699Z [Protected] PID 13012, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.726Z [Protected] PID 12496, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.753Z [Protected] PID 7576, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.873Z [Protected] PID 7508, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.903Z [Protected] PID 6920, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.931Z [Protected] PID 12568, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.959Z [Protected] PID 8884, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:37.989Z [Protected] PID 2076, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.017Z [Protected] PID 9432, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.046Z [Protected] PID 9720, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.075Z [Protected] PID 6808, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.108Z [Protected] PID 8312, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.137Z [Protected] PID 8668, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.164Z [Protected] PID 12132, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.194Z [Protected] PID 12968, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.222Z [Protected] PID 1448, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.256Z [Protected] PID 2508, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.286Z [Protected] PID 8956, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.316Z [Protected] PID 8036, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.343Z [Protected] PID 8944, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.371Z [Protected] PID 10960, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.399Z [Protected] PID 10568, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.429Z [Protected] PID 12168, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.458Z [Protected] PID 8344, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.487Z [Protected] PID 9332, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.516Z [Protected] PID 780, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.545Z [Protected] PID 10716, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.573Z [Protected] PID 8672, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.602Z [Protected] PID 4884, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.634Z [Protected] PID 9908, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.665Z [Protected] PID 8240, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.703Z [Protected] PID 6960, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.755Z [Protected] PID 7668, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.802Z [Protected] PID 10508, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.848Z [Protected] PID 13128, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.880Z [Protected] PID 8144, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.911Z [Protected] PID 8676, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.942Z [Protected] PID 6988, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:38.973Z [Protected] PID 11956, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.004Z [Protected] PID 9912, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.036Z [Protected] PID 9736, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.067Z [Protected] PID 11464, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.082Z [Protected] PID 11728, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.129Z [Protected] PID 4148, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.160Z [Protected] PID 7952, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.192Z [Protected] PID 6092, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.207Z [Protected] PID 6252, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.238Z [Protected] PID 12432, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.270Z [Protected] PID 12908, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.301Z [Protected] PID 12828, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.332Z [Protected] PID 13228, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.363Z [Protected] PID 9880, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.379Z [Protected] PID 12056, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.410Z [Protected] PID 6428, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.441Z [Protected] PID 3116, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.472Z [Protected] PID 11364, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.504Z [Protected] PID 8000, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.535Z [Protected] PID 13208, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.550Z [Protected] PID 10208, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.582Z [Protected] PID 8468, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.613Z [Protected] PID 6056, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.644Z [Protected] PID 12020, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.675Z [Protected] PID 6464, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.691Z [Protected] PID 11636, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.706Z [Protected] PID 5032, Features 0000003000000102, C:\Windows\SysWOW64\msiexec.exe
2017-01-11T13:18:39.722Z [Protected] PID 5808, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.753Z [Protected] PID 5860, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.784Z [Protected] PID 11168, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.816Z [Protected] PID 10008, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.831Z [Protected] PID 7448, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.862Z [Protected] PID 7068, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.894Z [Protected] PID 5340, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.925Z [Protected] PID 6156, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.956Z [Protected] PID 12948, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:39.987Z [Protected] PID 3864, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.018Z [Protected] PID 5544, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.050Z [Protected] PID 8852, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.065Z [Protected] PID 6188, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.096Z [Protected] PID 9748, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.128Z [Protected] PID 3244, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.159Z [Protected] PID 5160, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.190Z [Protected] PID 12244, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.221Z [Protected] PID 12800, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.237Z [Protected] PID 5676, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.268Z [Protected] PID 6204, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.299Z [Protected] PID 8764, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.330Z [Protected] PID 8316, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.362Z [Protected] PID 6892, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.377Z [Protected] PID 9844, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.408Z [Protected] PID 8340, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.440Z [Protected] PID 3468, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.642Z [Protected] PID 12312, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.674Z [Protected] PID 12716, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.705Z [Protected] PID 12440, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.736Z [Protected] PID 7700, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.767Z [Protected] PID 5488, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.783Z [Protected] PID 5264, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.814Z [Protected] PID 6284, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.845Z [Protected] PID 6172, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.876Z [Protected] PID 7836, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.908Z [Protected] PID 8624, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.923Z [Protected] PID 11332, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.954Z [Protected] PID 9424, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:40.986Z [Protected] PID 10772, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.017Z [Protected] PID 5432, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.048Z [Protected] PID 13092, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.064Z [Protected] PID 12680, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.095Z [Protected] PID 10400, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.126Z [Protected] PID 6436, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.157Z [Protected] PID 10644, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.188Z [Protected] PID 2204, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.204Z [Protected] PID 12028, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.235Z [Protected] PID 8908, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.266Z [Protected] PID 11852, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.298Z [Protected] PID 9328, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.329Z [Protected] PID 12912, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.376Z [Protected] PID 10112, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.423Z [Protected] PID 3040, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.454Z [Protected] PID 776, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.485Z [Protected] PID 11736, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.516Z [Protected] PID 1500, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.532Z [Protected] PID 13196, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.563Z [Protected] PID 1512, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.594Z [Protected] PID 12808, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.625Z [Protected] PID 12200, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.641Z [Protected] PID 8644, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.672Z [Protected] PID 1004, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.703Z [Protected] PID 10028, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.735Z [Protected] PID 12116, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.766Z [Protected] PID 7492, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.797Z [Protected] PID 7708, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.828Z [Protected] PID 10396, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.844Z [Protected] PID 6180, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.875Z [Protected] PID 1252, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.906Z [Protected] PID 11156, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.937Z [Protected] PID 7792, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.953Z [Protected] PID 10744, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:41.984Z [Protected] PID 10580, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.015Z [Protected] PID 11208, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.047Z [Protected] PID 8164, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.078Z [Protected] PID 5520, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.093Z [Protected] PID 3980, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.125Z [Protected] PID 6244, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.156Z [Protected] PID 10136, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.187Z [Protected] PID 11712, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.203Z [Protected] PID 6528, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.234Z [Protected] PID 6104, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.265Z [Protected] PID 7948, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.296Z [Protected] PID 8092, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.327Z [Protected] PID 10812, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.359Z [Protected] PID 9668, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.374Z [Protected] PID 10176, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.405Z [Protected] PID 8356, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.437Z [Protected] PID 1020, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.468Z [Protected] PID 12468, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.483Z [Protected] PID 7916, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.515Z [Protected] PID 9792, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.546Z [Protected] PID 8796, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.577Z [Protected] PID 5072, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.608Z [Protected] PID 7904, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.624Z [Protected] PID 2156, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.655Z [Protected] PID 12928, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.686Z [Protected] PID 7052, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.717Z [Protected] PID 11300, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.749Z [Protected] PID 11112, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.764Z [Protected] PID 7264, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.795Z [Protected] PID 7712, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.827Z [Protected] PID 8548, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.858Z [Protected] PID 7784, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.873Z [Protected] PID 13276, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.905Z [Protected] PID 3276, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.936Z [Protected] PID 12972, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.967Z [Protected] PID 7336, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:42.998Z [Protected] PID 6432, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.014Z [Protected] PID 11320, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.045Z [Protected] PID 1268, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.076Z [Protected] PID 9628, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.107Z [Protected] PID 3796, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.123Z [Protected] PID 11812, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.154Z [Protected] PID 12720, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.185Z [Protected] PID 7000, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.217Z [Protected] PID 7692, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.232Z [Protected] PID 10592, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.263Z [Protected] PID 11492, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.295Z [Protected] PID 1104, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.326Z [Protected] PID 12740, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.357Z [Protected] PID 9204, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.404Z [Protected] PID 1812, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.435Z [Protected] PID 7596, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.466Z [Protected] PID 9752, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.497Z [Protected] PID 3652, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.529Z [Protected] PID 7032, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.544Z [Protected] PID 9976, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.575Z [Protected] PID 12376, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.653Z [Protected] PID 8016, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.685Z [Protected] PID 2604, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.887Z [Protected] PID 9384, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.919Z [Protected] PID 2644, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.950Z [Protected] PID 7216, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:43.981Z [Protected] PID 8348, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.028Z [Protected] PID 12756, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.137Z [Protected] PID 8756, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.168Z [Protected] PID 2008, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.199Z [Protected] PID 12636, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.215Z [Protected] PID 8716, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.246Z [Protected] PID 3388, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.277Z [Protected] PID 6996, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.293Z [Protected] PID 7840, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.324Z [Protected] PID 7772, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.355Z [Protected] PID 11948, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.387Z [Protected] PID 13168, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.418Z [Protected] PID 9104, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.433Z [Protected] PID 10684, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.465Z [Protected] PID 7108, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.496Z [Protected] PID 5644, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.527Z [Protected] PID 7768, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.558Z [Protected] PID 7208, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.589Z [Protected] PID 4732, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.621Z [Protected] PID 8544, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.636Z [Protected] PID 9448, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.667Z [Protected] PID 11064, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.699Z [Protected] PID 8148, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.745Z [Protected] PID 4112, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.777Z [Protected] PID 9084, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.808Z [Protected] PID 12732, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.823Z [Protected] PID 5124, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.870Z [Protected] PID 7332, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.901Z [Protected] PID 7412, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.933Z [Protected] PID 12888, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:44.964Z [Protected] PID 12688, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:45.151Z [Protected] PID 9928, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:45.291Z [Protected] PID 8712, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:45.447Z [Protected] PID 12924, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:45.572Z [Protected] PID 12600, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:45.603Z [Protected] PID 10308, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:45.697Z [Protected] PID 196, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:45.728Z [Protected] PID 6420, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:45.775Z [Protected] PID 6752, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:45.833Z [Protected] PID 5348, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:45.873Z [Protected] PID 7464, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:45.913Z [Protected] PID 2640, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:45.943Z [Protected] PID 7244, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:45.963Z [Protected] PID 10984, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:45.993Z [Protected] PID 7192, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.013Z [Protected] PID 2504, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.043Z [Protected] PID 10792, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.073Z [Protected] PID 13112, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.093Z [Protected] PID 6492, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.123Z [Protected] PID 7104, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.143Z [Protected] PID 11224, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.173Z [Protected] PID 12220, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.203Z [Protected] PID 4384, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.223Z [Protected] PID 5412, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.253Z [Protected] PID 8872, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.283Z [Protected] PID 8384, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.303Z [Protected] PID 2684, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.333Z [Protected] PID 6764, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.363Z [Protected] PID 10168, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.383Z [Protected] PID 2436, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.413Z [Protected] PID 7496, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.433Z [Protected] PID 10848, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.463Z [Protected] PID 12104, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.493Z [Protected] PID 9192, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.513Z [Protected] PID 6412, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.543Z [Protected] PID 12188, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.563Z [Protected] PID 7628, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.593Z [Protected] PID 11680, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.623Z [Protected] PID 9312, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.653Z [Protected] PID 1572, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.673Z [Protected] PID 9316, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.703Z [Protected] PID 10188, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.733Z [Protected] PID 10552, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.753Z [Protected] PID 6340, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.783Z [Protected] PID 10996, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.813Z [Protected] PID 2000, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.833Z [Protected] PID 6248, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.863Z [Protected] PID 7284, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.883Z [Protected] PID 11280, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.913Z [Protected] PID 6520, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.944Z [Protected] PID 6384, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:46.975Z [Protected] PID 9236, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.022Z [Protected] PID 12320, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.069Z [Protected] PID 6468, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.100Z [Protected] PID 6964, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.131Z [Protected] PID 7832, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.178Z [Protected] PID 1756, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.209Z [Protected] PID 5588, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.240Z [Protected] PID 6620, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.271Z [Protected] PID 7452, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.287Z [Protected] PID 12884, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.318Z [Protected] PID 9884, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.349Z [Protected] PID 9608, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.365Z [Protected] PID 11060, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.396Z [Protected] PID 8128, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.427Z [Protected] PID 7876, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.505Z [Protected] PID 2084, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.568Z [Protected] PID 7976, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.599Z [Protected] PID 5288, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.630Z [Protected] PID 9140, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.693Z [Protected] PID 12624, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.755Z [Protected] PID 7500, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:47.817Z [Protected] PID 1940, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T13:18:48.941Z [Protected] PID 7568, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:49.019Z [Protected] PID 10704, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:49.050Z [Protected] PID 992, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:49.767Z [Protected] PID 4992, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T13:18:50.142Z [Protected] PID 12816, Features 0000003000000102, C:\Windows\System32\winlogon.exe
2017-01-11T13:18:53.121Z [Protected] PID 4840, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:18:53.293Z [Protected] PID 12660, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T13:18:53.745Z [Protected] PID 10072, Features 0000003000000106, C:\Windows\IntelliAdminRC5\Agent32.exe
2017-01-11T13:18:53.761Z [Protected] PID 5104, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
2017-01-11T13:18:54.042Z [Protected] PID 1120, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\tv_x64.exe
2017-01-11T13:18:54.073Z [Protected] PID 5592, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\tv_w32.exe
2017-01-11T13:19:15.523Z [Protected] PID 7288, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:19:15.601Z [Protected] PID 8876, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T13:19:15.617Z [Protected] PID 4192, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:19:15.679Z [Protected] PID 12540, Features 0000003000000106, C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2017-01-11T13:19:15.710Z [Protected] PID 4884, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T13:19:15.804Z [Protected] PID 6136, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T13:19:15.898Z [Protected] PID 708, Features 0000003000000102, C:\Windows\System32\dwm.exe
2017-01-11T13:19:15.960Z [Protected] PID 13260, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:19:16.678Z [Protected] PID 9420, Features 0000003000000102, C:\Windows\System32\igfxTray.exe
2017-01-11T13:19:17.568Z [Protected] PID 2680, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T13:19:17.774Z [Protected] PID 10800, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
2017-01-11T13:19:17.836Z [Protected] PID 4120, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T13:19:17.956Z [Protected] PID 8468, Features 0000003000000106, C:\Program Files\Sophos\Sophos UI\Sophos UI.exe
2017-01-11T13:19:18.197Z [Protected] PID 8248, Features 0000003000000106, C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
2017-01-11T13:19:18.200Z [Protected] PID 13288, Features 0000003000000102, C:\Windows\System32\igfxEM.exe
2017-01-11T13:19:18.215Z [Protected] PID 5400, Features 0000003000000102, C:\Windows\SysWOW64\runonce.exe
2017-01-11T13:19:18.246Z [Protected] PID 9540, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
2017-01-11T13:19:18.371Z [Protected] PID 9600, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\Snagit32.exe
2017-01-11T13:19:18.387Z [Protected] PID 6264, Features 0000003000000102, C:\Windows\twain_32\fjscan32\ERG\FTErGuid.exe
2017-01-11T13:19:18.637Z [Protected] PID 8120, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\CDDRV3\LDConfig.exe
2017-01-11T13:19:18.684Z [Protected] PID 9692, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
2017-01-11T13:19:18.949Z [Protected] PID 11784, Features 0000003000000106, C:\Program Files (x86)\Hewlett-Packard\HP Touchpoint Manager\Discover HP Touchpoint Manager\LHBeacon.exe
2017-01-11T13:19:19.011Z [Protected] PID 10384, Features 0000003000000102, C:\Windows\twain_32\fjscan32\SOP\FtLnSOP.exe
2017-01-11T13:19:19.058Z [Protected] PID 11084, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
2017-01-11T13:19:19.089Z [Protected] PID 8684, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FjtwMkup.exe
2017-01-11T13:19:19.152Z [Protected] PID 3692, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\CDDRV3\LDConfig.exe
2017-01-11T13:19:19.261Z [Protected] PID 7128, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:19.308Z [Protected] PID 8804, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FTPWREVT\FTPWREVT.exe
2017-01-11T13:19:19.464Z [Protected] PID 13144, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:19:19.588Z [Protected] PID 7080, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FiWiaChecker.exe
2017-01-11T13:19:19.588Z [Protected] PID 5340, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T13:19:19.651Z [Protected] PID 10576, Features 0000003000000106, C:\Program Files (x86)\Common Files\LogiShrd\LogiFEPluginforSkypeforBusiness\LogiFEC2013.exe
2017-01-11T13:19:19.744Z [Protected] PID 12128, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
2017-01-11T13:19:19.869Z [Protected] PID 10924, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
2017-01-11T13:19:20.119Z [Protected] PID 9920, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
2017-01-11T13:19:20.181Z [Protected] PID 8852, Features 0000003000000102, C:\Windows\System32\consent.exe
2017-01-11T13:19:20.353Z [Protected] PID 2284, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat_sl.exe
2017-01-11T13:19:20.368Z [Protected] PID 6536, Features 0000003000000106, C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
2017-01-11T13:19:20.758Z [Protected] PID 12840, Features 0000003000000106, C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
2017-01-11T13:19:21.008Z [Protected] PID 9504, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\SnagPriv.exe
2017-01-11T13:19:21.055Z [Protected] PID 6400, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-11T13:19:21.726Z [Protected] PID 7604, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T13:19:22.178Z [Protected] PID 5912, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T13:19:22.974Z [Protected] PID 10028, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:19:23.956Z [Protected] PID 2004, Features 0000003000000102, C:\Windows\System32\mobsync.exe
2017-01-11T13:19:25.735Z [Protected] PID 10884, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:19:27.622Z [Protected] PID 4360, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:19:28.792Z [Protected] PID 10340, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:19:29.760Z [Protected] PID 12468, Features 000000361FBF0106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
2017-01-11T13:19:32.380Z [Protected] PID 6844, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\snagiteditor.exe
2017-01-11T13:19:33.956Z [Protected] PID 7744, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:19:34.065Z [Protected] PID 11320, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T13:19:34.159Z [Protected] PID 3500, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T13:19:37.658Z [Protected] PID 7712, Features 0000003200000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T13:19:40.627Z [Protected] PID 1672, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T13:19:40.666Z [Protected] PID 12756, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T13:19:40.761Z [Protected] PID 9460, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T13:19:40.884Z [Protected] PID 3120, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T13:19:46.662Z [Protected] PID 4976, Features 0000003000000102, C:\Windows\System32\wscript.exe
2017-01-11T13:19:46.799Z [Protected] PID 12732, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:19:46.820Z [Protected] PID 7412, Features 0000003000000102, C:\Windows\System32\cmd.exe
2017-01-11T13:19:46.875Z [Protected] PID 12688, Features 0000003000000102, C:\Windows\System32\sc.exe
2017-01-11T13:19:47.143Z [Protected] PID 9928, Features 000000300000010E, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2017-01-11T13:19:47.801Z [Protected] PID 6752, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:19:47.841Z [Protected] PID 10308, Features 0000003000000106, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2017-01-11T13:19:56.637Z [Protected] PID 6356, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T13:19:57.018Z [Protected] PID 7440, Features 0000003000000102, C:\Windows\System32\sc.exe
2017-01-11T13:19:58.229Z [Protected] PID 2084, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.260Z [Protected] PID 7976, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.292Z [Protected] PID 5288, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.323Z [Protected] PID 9140, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.338Z [Protected] PID 12624, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.370Z [Protected] PID 12628, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.401Z [Protected] PID 1908, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.432Z [Protected] PID 6584, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.448Z [Protected] PID 10252, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.479Z [Protected] PID 7824, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.510Z [Protected] PID 1636, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.541Z [Protected] PID 11428, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.557Z [Protected] PID 6212, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.588Z [Protected] PID 5824, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.619Z [Protected] PID 8900, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.650Z [Protected] PID 7860, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.666Z [Protected] PID 12940, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.697Z [Protected] PID 6176, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.728Z [Protected] PID 4784, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.760Z [Protected] PID 1000, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.775Z [Protected] PID 12536, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.806Z [Protected] PID 9248, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.838Z [Protected] PID 1264, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.869Z [Protected] PID 9796, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.884Z [Protected] PID 12204, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.916Z [Protected] PID 6288, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.947Z [Protected] PID 7804, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.978Z [Protected] PID 1616, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:58.994Z [Protected] PID 880, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.025Z [Protected] PID 3712, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.103Z [Protected] PID 7568, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.134Z [Protected] PID 10704, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.165Z [Protected] PID 992, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.181Z [Protected] PID 12464, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.228Z [Protected] PID 10124, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.259Z [Protected] PID 6872, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.290Z [Protected] PID 10228, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.321Z [Protected] PID 11872, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.337Z [Protected] PID 11640, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.368Z [Protected] PID 4728, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.399Z [Protected] PID 4240, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.446Z [Protected] PID 2912, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.524Z [Protected] PID 276, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.540Z [Protected] PID 9300, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.571Z [Protected] PID 6152, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.602Z [Protected] PID 9732, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.633Z [Protected] PID 5068, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.649Z [Protected] PID 6612, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.711Z [Protected] PID 9172, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.742Z [Protected] PID 12296, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.774Z [Protected] PID 5900, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.805Z [Protected] PID 8280, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.820Z [Protected] PID 9908, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.852Z [Protected] PID 8004, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.883Z [Protected] PID 7344, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.914Z [Protected] PID 1016, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.930Z [Protected] PID 12952, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.961Z [Protected] PID 11696, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:19:59.992Z [Protected] PID 13184, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:20:00.023Z [Protected] PID 11996, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:20:00.039Z [Protected] PID 3632, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:20:00.070Z [Protected] PID 9576, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:20:00.101Z [Protected] PID 12056, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:20:00.117Z [Protected] PID 7952, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T13:20:00.132Z [Protected] PID 6096, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:20:00.148Z [Protected] PID 10344, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:20:00.179Z [Protected] PID 11728, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:20:00.210Z [Protected] PID 11932, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:20:00.242Z [Protected] PID 11168, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:20:12.964Z [Protected] PID 6892, Features 0000003000000102, C:\Windows\System32\winlogon.exe
2017-01-11T13:20:16.022Z [Protected] PID 5400, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T13:20:16.552Z [Protected] PID 13144, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
2017-01-11T13:20:16.646Z [Protected] PID 7584, Features 0000003000000106, C:\Windows\IntelliAdminRC5\Agent32.exe
2017-01-11T13:20:16.880Z [Protected] PID 7880, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\tv_x64.exe
2017-01-11T13:20:18.003Z [Protected] PID 6404, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T13:20:18.190Z [Protected] PID 10580, Features 0000003000000102, C:\Windows\System32\WerFault.exe
2017-01-11T13:20:31.622Z [Protected] PID 10136, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:20:36.053Z [Protected] PID 11368, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:20:36.084Z [Protected] PID 10712, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-11T13:20:37.925Z [Protected] PID 6452, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-11T13:20:38.564Z [Protected] PID 7420, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:20:38.564Z [Protected] PID 7208, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T13:20:38.627Z [Protected] PID 7524, Features 0000003000000106, C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2017-01-11T13:20:38.642Z [Protected] PID 9084, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:20:38.689Z [Protected] PID 11064, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T13:20:38.689Z [Protected] PID 6992, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T13:20:38.720Z [Protected] PID 6304, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T13:20:38.783Z [Protected] PID 1428, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T13:20:38.892Z [Protected] PID 11480, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T13:20:38.923Z [Protected] PID 9944, Features 0000003000000106, c:\program files (x86)\teamviewer\TeamViewer.exe
2017-01-11T13:20:38.923Z [Protected] PID 7628, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
2017-01-11T13:20:39.157Z [Protected] PID 10964, Features 0000003000000102, C:\Windows\System32\gpscript.exe
2017-01-11T13:20:39.297Z [Protected] PID 9492, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:20:39.329Z [Protected] PID 12468, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
2017-01-11T13:20:41.762Z [Protected] PID 10660, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
2017-01-11T13:20:44.336Z [Protected] PID 8892, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:20:46.739Z [Protected] PID 7740, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:20:47.768Z [Protected] PID 10260, Features 0000003000000102, C:\Windows\System32\userinit.exe
2017-01-11T13:20:47.799Z [Protected] PID 6844, Features 0000003000000102, C:\Windows\System32\dwm.exe
2017-01-11T13:20:47.924Z [Protected] PID 10128, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:20:47.940Z [Protected] PID 6172, Features 0000003000800102, C:\Windows\explorer.exe
2017-01-11T13:20:47.955Z [Protected] PID 11584, Features 0000003000000102, C:\Windows\System32\cmd.exe
2017-01-11T13:20:48.049Z [Protected] PID 10612, Features 0000003000000102, C:\Windows\System32\igfxEM.exe
2017-01-11T13:20:48.049Z [Protected] PID 9764, Features 0000003000000102, C:\Windows\System32\igfxHK.exe
2017-01-11T13:20:48.065Z [Protected] PID 6340, Features 0000003000000102, C:\Windows\System32\igfxTray.exe
2017-01-11T13:20:49.047Z [Protected] PID 12128, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:20:50.810Z [Protected] PID 3244, Features 0000003000000102, C:\Windows\System32\igfxTray.exe
2017-01-11T13:20:50.873Z [Protected] PID 1368, Features 0000003000000106, C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
2017-01-11T13:20:50.935Z [Protected] PID 10848, Features 0000003000000106, C:\Program Files\Logitech\SetPointP\SetPoint.exe
2017-01-11T13:20:51.029Z [Protected] PID 5924, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T13:20:51.091Z [Protected] PID 7868, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T13:20:51.138Z [Protected] PID 12444, Features 0000003000000106, C:\Program Files\Sophos\Sophos UI\Sophos UI.exe
2017-01-11T13:20:51.185Z [Protected] PID 3476, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
2017-01-11T13:20:51.216Z [Protected] PID 9932, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
2017-01-11T13:20:51.341Z [Protected] PID 3240, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\CDDRV3\LDConfig.exe
2017-01-11T13:20:51.387Z [Protected] PID 6676, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\CDDRV3\LDConfig.exe
2017-01-11T13:20:52.361Z [Protected] PID 5488, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:20:52.971Z [Protected] PID 12300, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-11T13:20:53.380Z [Protected] PID 9956, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:20:54.394Z [Protected] PID 13220, Features 000000300000010E, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T13:20:54.784Z [Protected] PID 6080, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T13:20:54.878Z [Protected] PID 12480, Features 000000361FBF0106, C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe
2017-01-11T13:20:55.034Z [Protected] PID 10996, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\Snagit32.exe
2017-01-11T13:20:55.112Z [Protected] PID 780, Features 0000003000000106, C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
2017-01-11T13:20:55.221Z [Protected] PID 10184, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
2017-01-11T13:20:55.268Z [Protected] PID 9644, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
2017-01-11T13:20:55.315Z [Protected] PID 8340, Features 0000003000000106, C:\Program Files (x86)\Hewlett-Packard\HP Touchpoint Manager\Discover HP Touchpoint Manager\LHBeacon.exe
2017-01-11T13:20:55.393Z [Protected] PID 13008, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FjtwMkup.exe
2017-01-11T13:20:55.471Z [Protected] PID 6244, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FiWiaChecker.exe
2017-01-11T13:20:55.518Z [Protected] PID 10656, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T13:20:55.564Z [Protected] PID 11428, Features 0000003000000106, C:\Program Files (x86)\Common Files\LogiShrd\LogiFEPluginforSkypeforBusiness\LogiFEC2013.exe
2017-01-11T13:20:55.611Z [Protected] PID 6212, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
2017-01-11T13:20:55.674Z [Protected] PID 1940, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
2017-01-11T13:20:55.970Z [Protected] PID 4368, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat_sl.exe
2017-01-11T13:20:56.235Z [Protected] PID 11616, Features 0000003000000102, C:\Windows\System32\consent.exe
2017-01-11T13:20:56.890Z [Protected] PID 8228, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:20:57.327Z [Protected] PID 8900, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\SnagPriv.exe
2017-01-11T13:20:58.497Z [Protected] PID 5068, Features 0000003000000102, C:\Windows\System32\mobsync.exe
2017-01-11T13:21:01.118Z [Protected] PID 13184, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:21:01.212Z [Protected] PID 6308, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T13:21:08.067Z [Protected] PID 9092, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T13:21:08.598Z [Protected] PID 10512, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T13:21:08.629Z [Protected] PID 8852, Features 0000003000000102, C:\Windows\System32\wscript.exe
2017-01-11T13:21:08.910Z [Protected] PID 11424, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:21:08.941Z [Protected] PID 13048, Features 0000003000000102, C:\Windows\System32\cmd.exe
2017-01-11T13:21:09.019Z [Protected] PID 8208, Features 0000003000000102, C:\Windows\System32\sc.exe
2017-01-11T13:21:09.097Z [Protected] PID 8112, Features 000000300000010E, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2017-01-11T13:21:09.393Z [Protected] PID 7364, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:21:09.503Z [Protected] PID 6488, Features 0000003000000106, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2017-01-11T13:21:09.737Z [Protected] PID 9520, Features 000000300000010E, C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2017-01-11T13:21:10.267Z [Protected] PID 7768, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\snagiteditor.exe
2017-01-11T13:21:11.047Z [Protected] PID 9084, Features 000000361FBF0106, C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe
2017-01-11T13:21:11.281Z [Protected] PID 2008, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:21:11.562Z [Protected] PID 9124, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T13:21:11.562Z [Protected] PID 7024, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T13:21:11.749Z [Protected] PID 9116, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T13:21:11.780Z [Protected] PID 8864, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T13:21:14.760Z [Protected] PID 12220, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:21:19.117Z [Alert] Intruder, familyId=0637c125-7c27-4325-b2af-514f685dff4a, PID 2008, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:21:19.124Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111192119120-13.xml
2017-01-11T13:21:19.888Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\4fa33236-a852-4f1e-ae4b-5df86151c3ad.json
2017-01-11T13:21:21.740Z [Protected] PID 12860, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T13:21:29.139Z [Protected] PID 11984, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:21:29.180Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111192129
2017-01-11T13:21:44.506Z [Protected] PID 11364, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\mavinject32.exe
2017-01-11T13:21:45.739Z [Protected] PID 8552, Features 0000003200000106, C:\Program Files (x86)\Microsoft Office\root\Office16\lynchtmlconv.exe
2017-01-11T13:21:46.628Z [Protected] PID 10580, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:22:18.483Z [Protected] PID 11608, Features 000000300000010E, C:\Program Files\Sophos\Sophos Data Recorder\SDRService.exe
2017-01-11T13:22:30.916Z [Protected] PID 11936, Features 0000003000000106, C:\Users\sherrick\AppData\Local\Apps\2.0\CZLEKDP7.8QJ\XAWL8KY9.P6Z\unit..tion_c985434882f2074b_0010.0000_2d7b96ead185776d\obunity.exe
2017-01-11T13:22:45.037Z [Protected] PID 8816, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:22:46.488Z [Protected] PID 8112, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
2017-01-11T13:23:02.403Z [Protected] PID 6600, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:23:02.450Z [Protected] PID 8792, Features 0000003000000102, C:\Windows\System32\cmd.exe
2017-01-11T13:23:07.395Z [Protected] PID 11064, Features 0000003000000106, C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe
2017-01-11T13:23:58.735Z [Protected] PID 6920, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
2017-01-11T13:24:13.976Z [Protected] PID 9632, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:24:14.085Z [Protected] PID 9912, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:24:14.194Z [Protected] PID 6676, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:24:14.397Z [Protected] PID 5104, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:24:14.506Z [Protected] PID 8740, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:24:17.190Z [Protected] PID 4740, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe
2017-01-11T13:24:18.516Z [Protected] PID 11216, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe
2017-01-11T13:24:18.765Z [Protected] PID 9900, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ismagent.exe
2017-01-11T13:24:19.514Z [Protected] PID 8468, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\CrashReportSender.exe
2017-01-11T13:24:23.960Z [Protected] PID 6292, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T13:24:25.286Z [Protected] PID 9448, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:24:30.033Z [Alert] Intruder, familyId=9f5ed702-8835-4160-a13b-5ea9d0ad70aa, PID 9448, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:24:30.033Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111192430033-14.xml
2017-01-11T13:24:30.048Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\7f99afa7-ca11-4455-9daf-2ed4d71e3868.json
2017-01-11T13:24:39.393Z [Protected] PID 872, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T13:24:40.063Z [Protected] PID 9136, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:24:40.095Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111192440
2017-01-11T13:24:54.415Z [Protected] PID 6092, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T13:24:54.649Z [Protected] PID 10568, Features 0000003000000102, C:\Windows\System32\sc.exe
2017-01-11T13:24:54.681Z [Protected] PID 9196, Features 000000300000010E, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2017-01-11T13:25:14.179Z [Protected] PID 8388, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:25:14.226Z [Protected] PID 8492, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T13:25:15.068Z [Protected] PID 11736, Features 0000003000000102, C:\Windows\System32\winlogon.exe
2017-01-11T13:25:18.110Z [Protected] PID 11432, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T13:25:18.562Z [Protected] PID 7056, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
2017-01-11T13:25:18.750Z [Protected] PID 7724, Features 0000003000000106, C:\Windows\IntelliAdminRC5\Agent32.exe
2017-01-11T13:25:18.828Z [Protected] PID 7760, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\tv_w32.exe
2017-01-11T13:25:19.030Z [Protected] PID 11252, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\tv_x64.exe
2017-01-11T13:25:38.702Z [Protected] PID 10160, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe
2017-01-11T13:26:13.038Z [Protected] PID 8112, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:26:15.924Z [Protected] PID 12668, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:26:15.940Z [Protected] PID 992, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-11T13:26:18.139Z [Protected] PID 12956, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T13:26:33.927Z [Protected] PID 4360, Features 000000300000010A, C:\Windows\System32\raserver.exe
2017-01-11T13:26:52.038Z [Protected] PID 2644, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:26:55.299Z [Protected] PID 8572, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T13:26:55.314Z [Protected] PID 12676, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:26:55.361Z [Protected] PID 12720, Features 0000003000000106, C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2017-01-11T13:26:55.517Z [Protected] PID 12364, Features 0000003000000102, C:\Windows\System32\dwm.exe
2017-01-11T13:26:55.595Z [Protected] PID 5596, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T13:26:55.657Z [Protected] PID 11312, Features 0000003000800102, C:\Windows\explorer.exe
2017-01-11T13:26:55.689Z [Protected] PID 10436, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:26:55.735Z [Protected] PID 9776, Features 0000003000000102, C:\Windows\System32\cmd.exe
2017-01-11T13:26:55.767Z [Protected] PID 7756, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
2017-01-11T13:26:55.876Z [Protected] PID 13264, Features 0000003000000102, C:\Windows\System32\igfxHK.exe
2017-01-11T13:26:55.891Z [Protected] PID 12836, Features 0000003000000102, C:\Windows\System32\igfxTray.exe
2017-01-11T13:26:55.969Z [Protected] PID 776, Features 0000003000000106, c:\program files (x86)\teamviewer\TeamViewer.exe
2017-01-11T13:26:55.985Z [Protected] PID 6104, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T13:26:55.985Z [Protected] PID 11404, Features 0000003000000102, C:\Windows\System32\igfxEM.exe
2017-01-11T13:26:56.359Z [Protected] PID 6264, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
2017-01-11T13:26:56.484Z [Protected] PID 11972, Features 0000003000000106, C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
2017-01-11T13:26:56.656Z [Protected] PID 10112, Features 0000003000000106, C:\Program Files\Logitech\SetPointP\SetPoint.exe
2017-01-11T13:26:56.687Z [Protected] PID 9408, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:26:56.765Z [Protected] PID 9072, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T13:26:56.765Z [Protected] PID 11028, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T13:26:56.968Z [Protected] PID 7960, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T13:26:57.067Z [Protected] PID 9124, Features 0000003000000106, C:\Program Files\Sophos\Sophos UI\Sophos UI.exe
2017-01-11T13:26:57.141Z [Protected] PID 12728, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
2017-01-11T13:26:57.267Z [Protected] PID 6476, Features 0000003000000102, C:\Windows\SysWOW64\runonce.exe
2017-01-11T13:26:57.378Z [Protected] PID 7068, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
2017-01-11T13:26:57.599Z [Protected] PID 7096, Features 0000003000000106, C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
2017-01-11T13:26:57.769Z [Protected] PID 13168, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\Snagit32.exe
2017-01-11T13:26:58.039Z [Protected] PID 6472, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
2017-01-11T13:26:58.215Z [Protected] PID 924, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
2017-01-11T13:26:58.293Z [Protected] PID 6764, Features 0000003000000106, C:\Program Files (x86)\Hewlett-Packard\HP Touchpoint Manager\Discover HP Touchpoint Manager\LHBeacon.exe
2017-01-11T13:26:58.340Z [Protected] PID 6520, Features 0000003000000102, C:\Windows\twain_32\fjscan32\SOP\FtLnSOP.exe
2017-01-11T13:26:58.403Z [Protected] PID 12760, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FjtwMkup.exe
2017-01-11T13:26:58.434Z [Protected] PID 1936, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FTPWREVT\FTPWREVT.exe
2017-01-11T13:26:58.481Z [Protected] PID 5124, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FiWiaChecker.exe
2017-01-11T13:26:58.512Z [Protected] PID 8840, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\CDDRV3\LDConfig.exe
2017-01-11T13:26:58.527Z [Protected] PID 1420, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:26:58.621Z [Protected] PID 6724, Features 0000003000000106, C:\Program Files (x86)\Common Files\LogiShrd\LogiFEPluginforSkypeforBusiness\LogiFEC2013.exe
2017-01-11T13:26:58.668Z [Protected] PID 928, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\CDDRV3\LDConfig.exe
2017-01-11T13:26:58.715Z [Protected] PID 10704, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
2017-01-11T13:26:58.777Z [Protected] PID 7464, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
2017-01-11T13:26:58.808Z [Protected] PID 11900, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T13:26:59.089Z [Protected] PID 12964, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
2017-01-11T13:26:59.198Z [Protected] PID 9232, Features 0000003000000106, C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
2017-01-11T13:26:59.542Z [Protected] PID 12360, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat_sl.exe
2017-01-11T13:26:59.807Z [Protected] PID 8992, Features 0000003000000102, C:\Windows\System32\consent.exe
2017-01-11T13:27:00.322Z [Protected] PID 6984, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\SnagPriv.exe
2017-01-11T13:27:00.758Z [Protected] PID 12136, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-11T13:27:02.116Z [Protected] PID 8660, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:27:02.599Z [Protected] PID 12976, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T13:27:02.802Z [Protected] PID 9484, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T13:27:03.317Z [Protected] PID 7072, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
2017-01-11T13:27:03.707Z [Protected] PID 12200, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:27:03.863Z [Protected] PID 8204, Features 0000003000000102, C:\Windows\System32\mobsync.exe
2017-01-11T13:27:04.471Z [Protected] PID 12312, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T13:27:05.813Z [Protected] PID 7136, Features 000000341FBFB106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T13:27:05.984Z [Protected] PID 10160, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:27:06.718Z [Protected] PID 1908, Features 000000341FBFB106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T13:27:08.200Z [Protected] PID 1260, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:27:09.557Z [Protected] PID 12076, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:27:10.165Z [Protected] PID 10736, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\snagiteditor.exe
2017-01-11T13:27:15.172Z [Protected] PID 9636, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:27:15.273Z [Protected] PID 276, Features 000000300000010A, C:\Windows\System32\VSSVC.exe
2017-01-11T13:27:15.359Z [Protected] PID 6060, Features 000000300000010A, C:\Windows\System32\svchost.exe
2017-01-11T13:27:19.048Z [Protected] PID 3124, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T13:27:19.124Z [Protected] PID 9768, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T13:27:19.355Z [Protected] PID 12376, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T13:27:19.441Z [Protected] PID 1252, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T13:27:25.744Z [Protected] PID 8564, Features 0000003000000102, C:\Windows\System32\wscript.exe
2017-01-11T13:27:26.677Z [Protected] PID 12712, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:27:26.702Z [Protected] PID 7992, Features 0000003000000102, C:\Windows\System32\cmd.exe
2017-01-11T13:27:26.761Z [Protected] PID 7768, Features 0000003000000102, C:\Windows\System32\sc.exe
2017-01-11T13:27:26.836Z [Protected] PID 6700, Features 000000300000010E, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2017-01-11T13:27:26.935Z [Protected] PID 11372, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:27:26.973Z [Protected] PID 8920, Features 0000003000000106, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2017-01-11T13:28:14.756Z [Protected] PID 12172, Features 000000341FBFB106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T13:28:49.393Z [Protected] PID 1368, Features 0000003000000102, C:\Windows\System32\control.exe
2017-01-11T13:28:49.463Z [Protected] PID 1440, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:28:50.523Z [Protected] PID 3268, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:28:50.542Z [Protected] PID 12768, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T13:28:50.597Z [Protected] PID 8404, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:28:50.618Z [Protected] PID 6712, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T13:29:02.563Z [Protected] PID 12764, Features 000000300000010A, C:\Windows\servicing\TrustedInstaller.exe
2017-01-11T13:29:07.415Z [Protected] PID 6220, Features 0000003000000106, C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe
2017-01-11T13:29:19.086Z [Protected] PID 9476, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:29:58.563Z [Protected] PID 13060, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:29:58.971Z [Protected] PID 13288, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
2017-01-11T13:30:00.880Z [Protected] PID 12768, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:30:11.716Z [Protected] PID 6208, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T13:30:11.942Z [Protected] PID 7492, Features 0000003000000102, C:\Windows\System32\sc.exe
2017-01-11T13:30:11.988Z [Protected] PID 6332, Features 000000300000010E, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2017-01-11T13:30:12.984Z [Protected] PID 5592, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.016Z [Protected] PID 9580, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.047Z [Protected] PID 7732, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.078Z [Protected] PID 11332, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.109Z [Protected] PID 11256, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.140Z [Protected] PID 5080, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.172Z [Protected] PID 7368, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.187Z [Protected] PID 12856, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.218Z [Protected] PID 4964, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.250Z [Protected] PID 1868, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.281Z [Protected] PID 6128, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.296Z [Protected] PID 7344, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.328Z [Protected] PID 12476, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.359Z [Protected] PID 8260, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.374Z [Protected] PID 7924, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.406Z [Protected] PID 5100, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.437Z [Protected] PID 7676, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.468Z [Protected] PID 6712, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.515Z [Protected] PID 5808, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.530Z [Protected] PID 11116, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.562Z [Protected] PID 4844, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.593Z [Protected] PID 10004, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.624Z [Protected] PID 13208, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.655Z [Protected] PID 10832, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.671Z [Protected] PID 13180, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.702Z [Protected] PID 2724, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.733Z [Protected] PID 7336, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.764Z [Protected] PID 8404, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.780Z [Protected] PID 6972, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.811Z [Protected] PID 1440, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.842Z [Protected] PID 7920, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.874Z [Protected] PID 5020, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.889Z [Protected] PID 7052, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.920Z [Protected] PID 6708, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.952Z [Protected] PID 13068, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.967Z [Protected] PID 11764, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:13.998Z [Protected] PID 9384, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.030Z [Protected] PID 12368, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.045Z [Protected] PID 9412, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.076Z [Protected] PID 5944, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.108Z [Protected] PID 8116, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.123Z [Protected] PID 9232, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.154Z [Protected] PID 8992, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.186Z [Protected] PID 6340, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.217Z [Protected] PID 11776, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.232Z [Protected] PID 10228, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.264Z [Protected] PID 1420, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.295Z [Protected] PID 10808, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.310Z [Protected] PID 3124, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.342Z [Protected] PID 7992, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.357Z [Protected] PID 6344, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.388Z [Protected] PID 12420, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.420Z [Protected] PID 1236, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.435Z [Protected] PID 12652, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.466Z [Protected] PID 5072, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.498Z [Protected] PID 12040, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.529Z [Protected] PID 5924, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.560Z [Protected] PID 11984, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.576Z [Protected] PID 6944, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.607Z [Protected] PID 11940, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.638Z [Protected] PID 8492, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.654Z [Protected] PID 5012, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.685Z [Protected] PID 1384, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.716Z [Protected] PID 8672, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.747Z [Protected] PID 1752, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.778Z [Protected] PID 9796, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.810Z [Protected] PID 12728, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.856Z [Protected] PID 7884, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.888Z [Protected] PID 10772, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.919Z [Protected] PID 12884, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:14.950Z [Protected] PID 11180, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:15.153Z [Protected] PID 4004, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:15.293Z [Protected] PID 8736, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:15.449Z [Protected] PID 10964, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:15.574Z [Protected] PID 11484, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:15.605Z [Protected] PID 7764, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:15.699Z [Protected] PID 7956, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:15.761Z [Protected] PID 10744, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:15.896Z [Protected] PID 9080, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:15.926Z [Protected] PID 5220, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:15.956Z [Protected] PID 12808, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:15.986Z [Protected] PID 12840, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:16.016Z [Protected] PID 8856, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:16.036Z [Protected] PID 7260, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:16.066Z [Protected] PID 9672, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:16.096Z [Protected] PID 10580, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:16.116Z [Protected] PID 13064, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:16.146Z [Protected] PID 4308, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:16.176Z [Protected] PID 11544, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:16.196Z [Protected] PID 6220, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:16.226Z [Protected] PID 8660, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:16.256Z [Protected] PID 8920, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:16.276Z [Protected] PID 6448, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:16.606Z [Protected] PID 9968, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.394Z [Protected] PID 8336, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.518Z [Protected] PID 8916, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.550Z [Protected] PID 11372, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.581Z [Protected] PID 12872, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.612Z [Protected] PID 1104, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.628Z [Protected] PID 11240, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.659Z [Protected] PID 10752, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.737Z [Protected] PID 12440, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.768Z [Protected] PID 10376, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.799Z [Protected] PID 12668, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.830Z [Protected] PID 6488, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.846Z [Protected] PID 10208, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.877Z [Protected] PID 644, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.908Z [Protected] PID 8792, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.940Z [Protected] PID 10888, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.955Z [Protected] PID 11004, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:17.986Z [Protected] PID 9444, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.018Z [Protected] PID 4360, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.049Z [Protected] PID 13088, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.064Z [Protected] PID 7836, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.096Z [Protected] PID 11932, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.127Z [Protected] PID 12916, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.158Z [Protected] PID 7712, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.174Z [Protected] PID 6056, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.205Z [Protected] PID 2440, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.236Z [Protected] PID 2304, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.252Z [Protected] PID 10736, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.283Z [Protected] PID 5524, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.314Z [Protected] PID 2000, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.330Z [Protected] PID 8268, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.361Z [Protected] PID 4840, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.392Z [Protected] PID 10232, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.408Z [Protected] PID 7172, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.439Z [Protected] PID 12512, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.470Z [Protected] PID 11216, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.501Z [Protected] PID 7840, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.517Z [Protected] PID 9828, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.548Z [Protected] PID 3596, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.579Z [Protected] PID 12824, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.782Z [Protected] PID 8468, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.891Z [Protected] PID 8232, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.922Z [Protected] PID 10528, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.954Z [Protected] PID 12468, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:18.985Z [Protected] PID 12504, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.016Z [Protected] PID 2040, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.032Z [Protected] PID 2004, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.063Z [Protected] PID 6440, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.094Z [Protected] PID 1300, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.125Z [Protected] PID 6924, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.141Z [Protected] PID 1252, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.172Z [Protected] PID 6516, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.203Z [Protected] PID 10656, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.281Z [Protected] PID 11988, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.312Z [Protected] PID 13124, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.344Z [Protected] PID 6908, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.390Z [Protected] PID 7228, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.422Z [Protected] PID 12312, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.453Z [Protected] PID 10444, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.468Z [Protected] PID 6892, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.500Z [Protected] PID 5908, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.531Z [Protected] PID 3364, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.562Z [Protected] PID 8204, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.593Z [Protected] PID 7708, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.609Z [Protected] PID 8460, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.640Z [Protected] PID 1240, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.671Z [Protected] PID 9256, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.702Z [Protected] PID 10848, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.718Z [Protected] PID 12020, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.749Z [Protected] PID 4868, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:19.812Z [Protected] PID 8440, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T13:30:21.902Z [Protected] PID 7964, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:22.198Z [Protected] PID 10140, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:30:25.537Z [Protected] PID 7412, Features 0000003000000102, C:\Windows\System32\winlogon.exe
2017-01-11T13:30:28.626Z [Protected] PID 10132, Features 0000003000000102, C:\Windows\System32\LogonUI.exe
2017-01-11T13:30:29.172Z [Protected] PID 10788, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
2017-01-11T13:30:29.437Z [Protected] PID 10368, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\tv_x64.exe
2017-01-11T13:30:29.468Z [Protected] PID 1960, Features 0000003000000106, C:\Program Files (x86)\TeamViewer\tv_w32.exe
2017-01-11T13:30:29.624Z [Protected] PID 6088, Features 0000003000000106, C:\Windows\IntelliAdminRC5\Agent32.exe
2017-01-11T13:30:44.444Z [Protected] PID 6400, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:30:44.522Z [Protected] PID 12924, Features 000000300000010A, C:\Windows\System32\taskhost.exe
2017-01-11T13:30:44.553Z [Protected] PID 7692, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:30:44.647Z [Protected] PID 1000, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T13:30:44.663Z [Protected] PID 10664, Features 0000003000000106, C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2017-01-11T13:30:44.709Z [Protected] PID 9492, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T13:30:44.850Z [Protected] PID 3500, Features 0000003000000102, C:\Windows\System32\taskeng.exe
2017-01-11T13:30:44.865Z [Protected] PID 8772, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-11T13:30:44.897Z [Protected] PID 1616, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
2017-01-11T13:30:45.209Z [Protected] PID 6512, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T13:30:45.209Z [Protected] PID 6104, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
2017-01-11T13:30:45.365Z [Protected] PID 1636, Features 0000003000000106, c:\program files (x86)\teamviewer\TeamViewer.exe
2017-01-11T13:30:45.489Z [Protected] PID 8344, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
2017-01-11T13:30:45.942Z [Protected] PID 8220, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:30:46.098Z [Protected] PID 8388, Features 0000003000000102, C:\Windows\System32\SpecopsDeploy\sogpproc.exe
2017-01-11T13:30:47.923Z [Protected] PID 6124, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
2017-01-11T13:30:50.653Z [Protected] PID 6524, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:30:54.147Z [Protected] PID 10280, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:30:56.035Z [Protected] PID 11972, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:30:57.423Z [Protected] PID 8632, Features 0000003000000106, C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
2017-01-11T13:31:00.029Z [Protected] PID 9004, Features 0000003000000106, C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2017-01-11T13:31:05.769Z [Protected] PID 6244, Features 0000003000000102, C:\Windows\System32\userinit.exe
2017-01-11T13:31:05.801Z [Protected] PID 12716, Features 0000003000000102, C:\Windows\System32\dwm.exe
2017-01-11T13:31:05.863Z [Protected] PID 12052, Features 0000003000800102, C:\Windows\explorer.exe
2017-01-11T13:31:06.269Z [Protected] PID 12376, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:31:06.300Z [Protected] PID 9824, Features 0000003000000102, C:\Windows\System32\cmd.exe
2017-01-11T13:31:06.378Z [Protected] PID 8684, Features 0000003000000102, C:\Windows\System32\igfxTray.exe
2017-01-11T13:31:06.549Z [Protected] PID 6540, Features 0000003000000102, C:\Windows\System32\igfxHK.exe
2017-01-11T13:31:06.643Z [Protected] PID 8544, Features 0000003000000102, C:\Windows\System32\igfxEM.exe
2017-01-11T13:31:08.312Z [Protected] PID 5808, Features 0000003000000102, C:\Windows\System32\igfxTray.exe
2017-01-11T13:31:08.406Z [Protected] PID 2144, Features 0000003000000106, C:\Program Files\Logitech\SetPointP\SetPoint.exe
2017-01-11T13:31:08.468Z [Protected] PID 9652, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T13:31:08.499Z [Protected] PID 4844, Features 0000003000000106, C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
2017-01-11T13:31:08.577Z [Protected] PID 13180, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T13:31:08.718Z [Protected] PID 7872, Features 0000003000000106, C:\Program Files\Sophos\Sophos UI\Sophos UI.exe
2017-01-11T13:31:08.765Z [Protected] PID 10008, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
2017-01-11T13:31:08.879Z [Protected] PID 5020, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
2017-01-11T13:31:09.000Z [Protected] PID 10876, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\CDDRV3\LDConfig.exe
2017-01-11T13:31:09.122Z [Protected] PID 6704, Features 0000003000000102, C:\Windows\System32\rundll32.exe
2017-01-11T13:31:09.283Z [Protected] PID 11484, Features 0000003000000102, C:\Windows\SysWOW64\runonce.exe
2017-01-11T13:31:09.291Z [Protected] PID 8900, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\CDDRV3\LDConfig.exe
2017-01-11T13:31:09.464Z [Protected] PID 4404, Features 0000003000000102, C:\Windows\twain_32\fjscan32\ERG\FTErGuid.exe
2017-01-11T13:31:09.684Z [Protected] PID 5868, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\Snagit32.exe
2017-01-11T13:31:09.888Z [Protected] PID 1760, Features 0000003000000106, C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
2017-01-11T13:31:09.997Z [Protected] PID 7024, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
2017-01-11T13:31:10.091Z [Protected] PID 3308, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
2017-01-11T13:31:10.231Z [Protected] PID 2604, Features 000000361FBF0106, C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe
2017-01-11T13:31:10.278Z [Protected] PID 4308, Features 0000003000000106, C:\Program Files (x86)\Hewlett-Packard\HP Touchpoint Manager\Discover HP Touchpoint Manager\LHBeacon.exe
2017-01-11T13:31:10.325Z [Protected] PID 13280, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FjtwMkup.exe
2017-01-11T13:31:10.356Z [Protected] PID 11240, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:31:10.418Z [Protected] PID 6404, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FTPWREVT\FTPWREVT.exe
2017-01-11T13:31:10.465Z [Protected] PID 992, Features 0000003000000102, C:\Windows\twain_32\fjscan32\FiWiaChecker.exe
2017-01-11T13:31:10.590Z [Protected] PID 11804, Features 0000003000000106, C:\Program Files (x86)\Common Files\LogiShrd\LogiFEPluginforSkypeforBusiness\LogiFEC2013.exe
2017-01-11T13:31:10.699Z [Protected] PID 4360, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
2017-01-11T13:31:10.902Z [Protected] PID 408, Features 0000003000000106, C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
2017-01-11T13:31:10.933Z [Protected] PID 10952, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T13:31:11.526Z [Protected] PID 6892, Features 0000003000000102, C:\Windows\System32\consent.exe
2017-01-11T13:31:11.791Z [Protected] PID 11268, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:31:11.807Z [Protected] PID 12020, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
2017-01-11T13:31:11.947Z [Protected] PID 9776, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\SnagPriv.exe
2017-01-11T13:31:12.337Z [Protected] PID 11736, Features 000000300000010E, C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2017-01-11T13:31:13.757Z [Protected] PID 4976, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T13:31:14.318Z [Protected] PID 10436, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T13:31:15.162Z [Protected] PID 9908, Features 0000003000000102, C:\Windows\System32\wscript.exe
2017-01-11T13:31:16.428Z [Protected] PID 9004, Features 000000361FBF0106, C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe
2017-01-11T13:31:17.163Z [Protected] PID 8468, Features 0000003000000102, C:\Windows\System32\mobsync.exe
2017-01-11T13:31:17.459Z [Protected] PID 9824, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\mavinject32.exe
2017-01-11T13:31:17.568Z [Protected] PID 7492, Features 0000003200000106, C:\Program Files (x86)\Microsoft Office\root\Office16\lynchtmlconv.exe
2017-01-11T13:31:17.677Z [Protected] PID 7836, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:31:18.473Z [Protected] PID 5220, Features 0000003000000106, C:\Users\sherrick\AppData\Local\Apps\2.0\CZLEKDP7.8QJ\XAWL8KY9.P6Z\unit..tion_c985434882f2074b_0010.0000_2d7b96ead185776d\obunity.exe
2017-01-11T13:31:23.808Z [Protected] PID 10656, Features 0000003000000106, C:\Program Files (x86)\TechSmith\Snagit 13\snagiteditor.exe
2017-01-11T13:31:25.212Z [Protected] PID 10860, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T13:31:27.537Z [Protected] PID 4148, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:31:30.145Z [Protected] PID 8164, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
2017-01-11T13:31:30.306Z [Protected] PID 8900, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T13:31:30.355Z [Protected] PID 9244, Features 0000003000000106, C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
2017-01-11T13:31:32.321Z [Alert] Intruder, familyId=a7ff5069-8758-4a81-94eb-e5640e74a909, PID 4148, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:31:32.330Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111193132325-15.xml
2017-01-11T13:31:32.636Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\fd8273b5-0a5b-4657-bc52-8f25bbce298b.json
2017-01-11T13:31:42.272Z [Protected] PID 13880, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:31:42.311Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111193142
2017-01-11T13:31:54.794Z [Protected] PID 11840, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:31:55.693Z [Protected] PID 7052, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe
2017-01-11T13:32:08.749Z [Protected] PID 6136, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:32:15.174Z [Protected] PID 11480, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:32:15.196Z [Protected] PID 1672, Features 0000003000000102, C:\Windows\System32\cmd.exe
2017-01-11T13:32:15.252Z [Protected] PID 2204, Features 0000003000000102, C:\Windows\System32\sc.exe
2017-01-11T13:32:15.281Z [Protected] PID 8744, Features 000000300000010E, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2017-01-11T13:32:16.094Z [Protected] PID 6624, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:32:16.159Z [Protected] PID 12236, Features 0000003000000106, C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2017-01-11T13:32:19.396Z [Protected] PID 9952, Features 0000003000000106, C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
2017-01-11T13:32:42.561Z [Protected] PID 7524, Features 0000003000000102, C:\Windows\System32\SearchProtocolHost.exe
2017-01-11T13:32:44.845Z [Protected] PID 9492, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T13:33:20.609Z [Protected] PID 10332, Features 0000003000000106, C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe
2017-01-11T13:33:48.154Z [Protected] PID 2956, Features 0000003000000106, C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
2017-01-11T13:34:10.741Z [Protected] PID 13856, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
2017-01-11T13:34:14.909Z [Protected] PID 6272, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:34:15.117Z [Protected] PID 7836, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:34:17.360Z [Protected] PID 13820, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-11T13:34:19.395Z [Alert] Intruder, familyId=4e850a5b-94b7-47bb-97de-d8c92487dc53, PID 7836, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:34:19.404Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111193419401-16.xml
2017-01-11T13:34:19.443Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\1cb7afef-c25b-4355-b0b1-abf7a0560baa.json
2017-01-11T13:34:19.554Z [Protected] PID 5136, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
2017-01-11T13:34:25.235Z [Protected] PID 10944, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:34:25.426Z [Protected] PID 7344, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:34:29.407Z [Protected] PID 11668, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:34:29.446Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111193429
2017-01-11T13:34:32.812Z [Protected] PID 7768, Features 000000341FBF9106, C:\Program Files\Internet Explorer\iexplore.exe
2017-01-11T13:34:33.892Z [Protected] PID 10024, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:34:34.956Z [Protected] PID 14272, Features 0000003000000102, C:\Windows\System32\wbem\WmiPrvSE.exe
2017-01-11T13:34:38.216Z [Alert] Intruder, familyId=cab3e831-62a6-4d2a-9a74-e60ecf59d6e2, PID 10024, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:34:38.224Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111193438221-17.xml
2017-01-11T13:34:38.233Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\c18bbeaf-2486-4c97-b959-02c24ac13271.json
2017-01-11T13:34:38.969Z [Protected] PID 13148, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:34:48.229Z [Protected] PID 14632, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:34:48.264Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111193448
2017-01-11T13:35:17.237Z [Protected] PID 14428, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:35:17.796Z [Protected] PID 11668, Features 0000003000000102, C:\Windows\System32\SearchFilterHost.exe
2017-01-11T13:35:57.129Z [Protected] PID 15184, Features 0000003000002102, C:\Windows\splwow64.exe
2017-01-11T13:35:58.038Z [Protected] PID 7084, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:35:58.931Z [Protected] PID 14468, Features 0000003000000102, C:\Windows\System32\PrintIsolationHost.exe
2017-01-11T13:36:02.339Z [Protected] PID 14428, Features 0000003000000102, C:\Windows\System32\dllhost.exe
2017-01-11T13:36:04.868Z [Protected] PID 14632, Features 0000003000002102, C:\Windows\System32\rundll32.exe
2017-01-11T13:36:26.743Z [Protected] PID 2684, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:36:26.941Z [Protected] PID 9104, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:36:49.148Z [Protected] PID 14920, Features 000000341FBFB106, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:36:49.220Z [Protected] PID 7056, Features 0000003000000102, C:\Windows\SysWOW64\dllhost.exe
2017-01-11T13:36:53.178Z [Protected] PID 7976, Features 0000003000002106, c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\agcp.exe
2017-01-11T13:36:54.404Z [Alert] Intruder, familyId=9f61b108-c61d-4e05-a11e-8cf9a8d2e783, PID 14920, C:\Program Files (x86)\Internet Explorer\iexplore.exe
2017-01-11T13:36:54.408Z [Sophos] dropped C:\ProgramData\HitmanPro.Alert\MCS\Alert-20170111193654405-18.xml
2017-01-11T13:36:54.452Z [Sophos] dropped C:\ProgramData\Sophos\Health\Event Store\Incoming\ad99e407-0f9c-4127-9687-2582c6948b7a.json
2017-01-11T13:37:01.185Z [Protected] PID 13256, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe
2017-01-11T13:37:04.601Z [Protected] PID 5340, Features 0000003000000106, C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2017-01-11T13:37:04.640Z [VerifyPolicy] success, C:\ProgramData\HitmanPro.Alert\policy_20170111193704
2017-01-11T13:37:11.077Z [Protected] PID 7356, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:37:11.095Z [Protected] PID 15348, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T13:37:11.146Z [Protected] PID 10524, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:37:11.164Z [Protected] PID 3124, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T13:37:11.807Z [Protected] PID 15100, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ismagent.exe
2017-01-11T13:37:14.037Z [Protected] PID 11048, Features 0000003000000106, C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\CrashReportSender.exe
2017-01-11T13:41:11.231Z [Protected] PID 16284, Features 0000003000000106, C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrodist.exe
2017-01-11T13:41:55.787Z [Protected] PID 15540, Features 0000003000000106, C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
2017-01-11T13:42:11.855Z [Protected] PID 14936, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:42:11.873Z [Protected] PID 15584, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T13:42:11.922Z [Protected] PID 15688, Features 0000003000000102, C:\Windows\System32\conhost.exe
2017-01-11T13:42:11.940Z [Protected] PID 15656, Features 0000003000000102, C:\Windows\System32\schtasks.exe
2017-01-11T13:42:45.322Z [Protected] PID 15680, Features 0000003000000106, C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2017-01-11T13:43:45.608Z [Protected] PID 12376, Features 000000300000010A, C:\Windows\System32\wermgr.exe
2017-01-11T13:43:45.867Z [Protected] PID 15488, Features 0000003000000102, C:\Windows\System32\rundll32.exe

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
Gordon McLellan over 7 years ago

We are seeing this error (false positive?) as well. My "high" count is rocketing up today.

How do I access the log files via the Central website, and if it's not possible, why not, isn't that the point of a Central website? Some of these machines are in remote offices, costly to travel to.
Cancel
Vote Up 0 Vote Down

Cancel
WomboCombo over 7 years ago

Can anyone with the issue open up the application event log and filter by the ID "911".

You should see a HitmanPro.Alert event. Please copy and paste this full alert and I will take a deeper look for you.
Cancel
Vote Up 0 Vote Down

Cancel
Gordon McLellan1 over 7 years ago in reply to WomboCombo

Here's one from a Windows 7 machine, IE 11

http://pastebin.com/ZbDRf5pd

Intruder

PID          4344
Application C:\Program Files (x86)\Internet Explorer\iexplore.exe
Description Internet Explorer 11

Detour Report
# Address     Owner                    Disassembly
-- ---------- ------------------------ ------------------------
GdipCreateBitmapFromFile
1 0x74515EA6 gdiplus.dll              JMP 0x74ee7ea1
2 0x74EE7EA1 SOPHOS~1.DLL

GetFileVersionInfoSizeW
1 0x74EC19D9 VERSION.dll              JMP 0x74ee457c
2 0x74EE457C SOPHOS~1.DLL

GetFileVersionInfoW
1 0x74EC19F4 VERSION.dll              JMP 0x74ee455e
2 0x74EE455E SOPHOS~1.DLL

CreateActCtxW
1 0x752391E7 kernel32.dll             JMP 0x74ee8f40
2 0x74EE8F40 SOPHOS~1.DLL

FreeLibrary
1 0x75233468 kernel32.dll             JMP 0x74ee953d
2 0x74EE953D SOPHOS~1.DLL

LoadLibraryExW
1 0x752348FD kernel32.dll             JMP 0x74ee9608
2 0x74EE9608 SOPHOS~1.DLL

QueueUserWorkItem
1 0x7524CA70 kernel32.dll             PUSH DWORD 0x70ec0022
                                        RET
2 0x70EC0022 (anonymous; rooksdol.dll)

ReplaceFile
1 0x75250DFC kernel32.dll             JMP 0x74ee8fbe
2 0x74EE8FBE SOPHOS~1.DLL

SetUnhandledExceptionFilter
1 0x75238769 kernel32.dll             PUSH DWORD 0x71ae0022
                                        RET
2 0x71AE0022 (anonymous; SOPHOS~1.DLL)

SHExtractIconsW
1 0x756D57F3 SHELL32.dll              JMP 0x74ee490d
2 0x74EE490D SOPHOS~1.DLL

connect
1 0x761868F5 WS2_32.dll               JMP 0x719f0022
2 0x719F0022 (anonymous; RapportGH.dll)

getaddrinfo
1 0x76184296 WS2_32.dll               JMP 0x70f90022
2 0x70F90022 (anonymous; rooksdol.dll)

GetAddrInfoExW
1 0x7618A6DB WS2_32.dll               JMP 0x71010022
2 0x71010022 (anonymous; rooksdol.dll)

sendto
1 0x761834B5 WS2_32.dll               JMP 0x718d0022
2 0x718D0022 (anonymous; RapportGH.dll)

WSAConnect
1 0x7618BCD5 WS2_32.dll               JMP 0x71990022
2 0x71990022 (anonymous; RapportGH.dll)

WSAConnectByList
1 0x7619C07D WS2_32.dll               JMP 0x71950022
2 0x71950022 (anonymous; RapportGH.dll)

WSAConnectByNameW
1 0x7619C5CF WS2_32.dll               JMP 0x71910022
2 0x71910022 (anonymous; RapportGH.dll)

WSAIoctl
1 0x76182FE7 WS2_32.dll               PUSH DWORD 0x71850022
                                        RET
2 0x71850022 (anonymous; rooksdol.dll)

DdeInitializeW
1 0x7638ABD1 USER32.dll               PUSH DWORD 0x71580022
                                        RET
2 0x71580022 (anonymous; rooksdol.dll)

GetClipboardData
1 0x763A9FA4 USER32.dll               PUSH DWORD 0x71540022
                                        RET
2 0x71540022 (anonymous; rooksdol.dll)

GetMessageA
1 0x76367BD3 USER32.dll               PUSH DWORD 0x70f40022
                                        RET
2 0x70F40022 (anonymous; rooksdol.dll)

GetMessageW
1 0x763678E2 USER32.dll               PUSH DWORD 0x70f00022
                                        RET
2 0x70F00022 (anonymous; rooksdol.dll)

PeekMessageW
1 0x763705D2 USER32.dll               PUSH DWORD 0x71810022
                                        RET
2 0x71810022 (anonymous; rooksbas.dll)

RegisterClassA
1 0x7637541E USER32.dll               PUSH DWORD 0x716e0022
                                        RET
2 0x716E0022 (anonymous; rooksdol.dll)

RegisterClassExW
1 0x7636B185 USER32.dll               PUSH DWORD 0x71a50022
                                        RET
2 0x71A50022 (anonymous; rooksdol.dll)

RegisterClassW
1 0x76368A65 USER32.dll               PUSH DWORD 0x71a20022
                                        RET
2 0x71A20022 (anonymous; rooksdol.dll)

TranslateMessage
1 0x76367809 USER32.dll               PUSH DWORD 0x714e0022
                                        RET
2 0x714E0022 (anonymous; rooksdol.dll)

HttpAddRequestHeadersA
1 0x767A64D0 WININET.dll              PUSH DWORD 0x714a0022
                                        RET
2 0x714A0022 winhttp.dll

HttpOpenRequestA *
1 0x76831470 WININET.dll              PUSH DWORD 0x71460022
                                        RET
2 0x71460022 webio.dll

HttpOpenRequestW *
1 0x767A5D10 WININET.dll              PUSH DWORD 0x71420022
                                        RET
2 0x71420022 webio.dll

HttpSendRequestA
1 0x7682AF60 WININET.dll              PUSH DWORD 0x713e0022
                                        RET
2 0x713E0022 (anonymous; rooksdol.dll)

HttpSendRequestExA
1 0x768AA8D0 WININET.dll              PUSH DWORD 0x713a0022
                                        RET
2 0x713A0022 (anonymous; rooksdol.dll)

HttpSendRequestExW
1 0x76822B30 WININET.dll              PUSH DWORD 0x71360022
                                        RET
2 0x71360022 (anonymous; rooksdol.dll)

HttpSendRequestW
1 0x767A8A40 WININET.dll              PUSH DWORD 0x71320022
                                        RET
2 0x71320022 (anonymous; rooksdol.dll)

InternetCloseHandle
1 0x767A1E70 WININET.dll              PUSH DWORD 0x712e0022
                                        RET
2 0x712E0022 (anonymous; rooksdol.dll)

InternetConnectA
1 0x768313E0 WININET.dll              PUSH DWORD 0x712a0022
                                        RET
2 0x712A0022 (anonymous; rooksdol.dll)

InternetConnectW
1 0x767A99A0 WININET.dll              PUSH DWORD 0x71260022
                                        RET
2 0x71260022 (anonymous; rooksdol.dll)

InternetGetCookieExA
1 0x768AE800 WININET.dll              PUSH DWORD 0x71220022
                                        RET
2 0x71220022 (anonymous; rooksdol.dll)

InternetGetCookieExW
1 0x76812010 WININET.dll              PUSH DWORD 0x711e0022
                                        RET
2 0x711E0022 (anonymous; rooksdol.dll)

InternetOpenA
1 0x767BE1D0 WININET.dll              PUSH DWORD 0x711a0022
                                        RET
2 0x711A0022 (anonymous; rooksdol.dll)

InternetOpenW
1 0x767BE760 WININET.dll              PUSH DWORD 0x71160022
                                        RET
2 0x71160022 (anonymous; rooksdol.dll)

InternetQueryDataAvailable
1 0x767B7E30 WININET.dll              PUSH DWORD 0x71120022
                                        RET
2 0x71120022 (anonymous; rooksdol.dll)

InternetSetStatusCallback
1 0x767BFD50 WININET.dll              PUSH DWORD 0x710e0022
                                        RET
2 0x710E0022 (anonymous; rooksdol.dll)

InternetWriteFile
1 0x76822CB0 WININET.dll              PUSH DWORD 0x710a0022
                                        RET
2 0x710A0022 (anonymous; rooksdol.dll)

BitBlt
1 0x76BA5EA5 GDI32.dll                PUSH DWORD 0x71660022
                                        RET
2 0x71660022 (anonymous; rooksdol.dll)

CoCreateInstanceEx
1 0x77019CFE ole32.dll                JMP 0x71620022
2 0x71620022 (anonymous; rooksdol.dll)

StgOpenStorageEx
1 0x77046CDA ole32.dll                JMP 0x74ed546b
2 0x74ED546B SOPHOS~1.DLL

CoInternetCombineUrlEx
1 0x7719C9C0 urlmon.dll               PUSH DWORD 0x715e0022
                                        RET
2 0x715E0022 (anonymous; rooksdol.dll)

WinVerifyTrust
1 0x773F273A WINTRUST.dll             PUSH DWORD 0x71060022
                                        RET
2 0x71060022 (anonymous; rooksdol.dll)

NtMapViewOfSection
1 0x7787FC60 ntdll.dll                JMP 0x71890022
2 0x71890022 (anonymous; rooksdol.dll)

Thumbprint
5766f23574c441cd17770a583ce91d97c0c49e7e3b2588eb3d4c57d2b959c6d8
Cancel
Vote Up 0 Vote Down

Cancel
WomboCombo over 7 years ago in reply to Gordon McLellan1

This looks to be a false positive with rapport, could you raise a case with Sophos Support so we can process this as a false positive? You should get a case reference; if you could let me know the number I can progress this further for you.
Cancel
Vote Up 0 Vote Down

Cancel
plochner over 7 years ago in reply to WomboCombo

We are also seeing this error and we use Trusteer Rapport to access our online banking. What was the resolution for the problem? It's aggravating to see the alerts and I am not sure if the product is actually being blocked, meaning our Accountants won't be able to access our corporate banking websites.
Cancel
Vote Up 0 Vote Down

Cancel
Tom Pallone over 6 years ago in reply to plochner

We are still having issues with some systems - UAC is getting changed to the highest level -trusteer rapport installed
Cancel
Vote Up 0 Vote Down

Cancel
Wing Truong over 6 years ago in reply to WomboCombo

I had submitted a case to Sophos Support and even asked to have it escalated. But since then they closed it and referred me this KB article which told me what I already know. Felt more like a brush-off "not our problem" sort of way. Our company also requires Trusteer Rapport to access banking websites. Users can't login without it because the website does a check if Trusteer Rapport is installed and running or not.
Cancel
Vote Up 0 Vote Down

Cancel
plochner over 6 years ago in reply to Wing Truong

Unfortunately I just have been ignoring the errors when they appear on the console. I know the accountants who use Trusteer and I know their computer names, so when the alert pops up about IE, I take no action. I don't like seeing the big red alerts in my console though.

Sophos tech support has been really poor since I signed up for the product about 8 months ago. They routinely ignore my 24 hour SLA whenever I have an issue with them. When I have a problem that needs attention, I make a case with the problem, wait a couple of days, and then make a Priority 1 case that reminds them about my 24 hour SLA and it's content points them to the previous case. You have to treat them like children and just harass them until they look at your problem. I used to feel bad about wasting their Priority 1 support staff's time but now I'm like screw it, it's the only way to get anything done with them.

Also, out of the 8 cases I've had with them, they only actually solved 2 of them. The rest of the cases either went away on their own or I came up with a workaround.
Cancel
Vote Up 0 Vote Down

Cancel