error message SBIE1408 (Unknown user name SID) every reload

Please post your problem description here

Moderator: Barb@Invincea

leopoldus
Posts: 1
Joined: Sat Dec 14, 2013 7:03 am

error message SBIE1408 (Unknown user name SID) every reload

Post by leopoldus » Tue Dec 17, 2013 2:36 pm

Hi to all!

About a week ago have installed Sandboxie version 4.06 64-bit under Windows 7 x64. Since that dasy I've rebooted more that 10 times and every time after the OS reboot I get the error message consisting of the 4 rows such as

SBIE1408: Unknown user name for SID S-1-5-18
SBIE1408: Unknown user name for SID S-1-5-20
SBIE1408: Unknown user name for SID S-1-5-18
SBIE1408: Unknown user name for SID S-1-5-20


(see the screenshot below).

After I press the button [Close], Sandboxie works (or at least SEEMS to work) for the current Windows session properly.

I've found the description of the error SBIE1408 at the Sandboxie official site here http://www.sandboxie.com/index.php?SBIE1408, but the information is not useful.
Sandboxie needs to translate security S-1-5-xyz to a user account name. This message indicates that an error has occurred and revented this translation.
If this message is not accompanied by message SBIE2209, then it may be an indication that the Sandboxie service is not running.
Well, I hav NO the accompanied message Errors SBIE2209. And so? What should I do more to resolve the problem?

Thanks in advance for any ideas!

Image


Image[/img]

jclarkw
Posts: 85
Joined: Sun Feb 26, 2012 9:47 pm

Re: error message SBIE1408 (Unknown user name SID) every rel

Post by jclarkw » Wed Mar 05, 2014 3:43 pm

I have a very similar problem with Sandboxie 4.08 64-bit running on Windows 7 Professional SP1 64-bit. All I get in the error messages is:

"SBIE1408 Unknown user name for SID: S-1-5-18
SBIE1408 Unknown user name for SID: S-1-5-18"

which seems a bit repetitious and incomplete (as far as the SID is concerned). This happens the first time Sandboxie starts after a Windows Restart (e.g., when I invoke my Sandboxed Web Browser shortcut from my Standard User account, in which Sandboxie does not start automatically, or when I first logon to my Administrator account, in which Sandboxie does start automatically). I reviewed several of the threads related to this topic and checked the following:

Sandboxie Service IS started and set to automatic.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SbieDrv value Start IS set to 3.
There are NO complaints from Sandboxie in the Windows System Log.

Where to next? -- jclarkw

Curt@invincea
Sandboxie Lead Developer
Sandboxie Lead Developer
Posts: 1666
Joined: Fri Jan 17, 2014 5:21 pm
Contact:

Re: error message SBIE1408 (Unknown user name SID) every rel

Post by Curt@invincea » Fri Mar 07, 2014 11:23 am

For some reason, the Sandboxie service is not running. Have you checked the Windows event log for any SbieSvc related msgs?

When you expect this problem to occur, before starting Sandboxie, from an admin command prompt, run "sc query sbiesvc". Does it say the service is running?

Also see this thread http://forums.sandboxie.com/phpBB3/view ... hp?t=14419

jclarkw
Posts: 85
Joined: Sun Feb 26, 2012 9:47 pm

Re: error message SBIE1408 (Unknown user name SID) every rel

Post by jclarkw » Mon Mar 10, 2014 9:17 pm

Curt@invincea wrote:For some reason, the Sandboxie service is not running. Have you checked the Windows event log for any SbieSvc related msgs?

When you expect this problem to occur, before starting Sandboxie, from an admin command prompt, run "sc query sbiesvc". Does it say the service is running?

Also see this thread http://forums.sandboxie.com/phpBB3/view ... hp?t=14419
Curt -- Thanks for getting back. As reported in my OP, this time (after your experiment, detailed below) I don't see anything in the logs related to Sandboxie (free version, I may not have mentioned previously).

This time I had to actually shut down Windows; just restarting wasn't enough to produce the error. (I've installed and uninstalled a few programs since my last post, but I haven't tinkered with Sandboxie directly in any way.) Here's the output from your service query:

After loggin on to my Standard User account but before starting Sandboxie:

C:\Windows\system32>sc query sbiesvc

SERVICE_NAME: sbiesvc
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

On starting Sandoboxie via the "Sandboxed Web Browser (I can't do the experiment from an Administrator account because Sandboxie starts up (and the error occurs) immediately:

"SBIE1408 Unknown user name for SID: S-1-5-18
SBIE1408 Unknown user name for SID: S-1-5-18"

After that:

C:\Windows\system32>sc query sbiesvc

SERVICE_NAME: sbiesvc
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

I had read that post you mentioned, and the best answers I have to Tzuk's questions are in my OP. Does this answer your question? Do you need anything else? -- jclarkw

Curt@invincea
Sandboxie Lead Developer
Sandboxie Lead Developer
Posts: 1666
Joined: Fri Jan 17, 2014 5:21 pm
Contact:

Re: error message SBIE1408 (Unknown user name SID) every rel

Post by Curt@invincea » Wed Mar 12, 2014 5:08 pm

Take a look at the suggestions in this post http://forums.sandboxie.com/phpBB3/view ... 668#p99668

Your problem is slightly different, but may be related.

jclarkw
Posts: 85
Joined: Sun Feb 26, 2012 9:47 pm

Re: error message SBIE1408 (Unknown user name SID) every rel

Post by jclarkw » Thu Mar 13, 2014 6:41 pm

Curt@invincea wrote:Take a look at the suggestions in this post http://forums.sandboxie.com/phpBB3/view ... 668#p99668
I have carried out the suggestions that I picked up from that thread:

1) >>Have you checked the Windows event log for any related msgs?<<

After shutting down, restarting, logging onto an administrator account, and immediately finding the Sandboxie error message quoted in my OP, I found the same worrisome error in my logs that you called out in the other thread. Here are all of the warnings and errors during the relevant time interval:

Code: Select all

Application Log -- 2 errors during boot withOUT Internet; nothing during admin logon:

Log Name:      Application
Source:        Application Error
Date:          3/14/2014 2:25:34 PM
Event ID:      1000
Task Category: (100)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      LENOVOW530
Description:
Faulting application name: ZeroConfigService.exe, version: 16.1.0.0, time stamp: 0x51fc15bf
Faulting module name: MurocApi.dll, version: 16.1.0.0, time stamp: 0x51fc14cb
Exception code: 0xc0000005
Fault offset: 0x0000000000026570
Faulting process id: 0xdbc
Faulting application start time: 0x01cf3fb2c2d1a031
Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Faulting module path: C:\Program Files\Intel\WiFi\bin\MurocApi.dll
Report Id: 079fea83-aba6-11e3-8cec-e09d310dabe0
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Application Error" />
    <EventID Qualifiers="0">1000</EventID>
    <Level>2</Level>
    <Task>100</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-03-14T18:25:34.000000000Z" />
    <EventRecordID>7013</EventRecordID>
    <Channel>Application</Channel>
    <Computer>LENOVOW530</Computer>
    <Security />
  </System>
  <EventData>
    <Data>ZeroConfigService.exe</Data>
    <Data>16.1.0.0</Data>
    <Data>51fc15bf</Data>
    <Data>MurocApi.dll</Data>
    <Data>16.1.0.0</Data>
    <Data>51fc14cb</Data>
    <Data>c0000005</Data>
    <Data>0000000000026570</Data>
    <Data>dbc</Data>
    <Data>01cf3fb2c2d1a031</Data>
    <Data>C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe</Data>
    <Data>C:\Program Files\Intel\WiFi\bin\MurocApi.dll</Data>
    <Data>079fea83-aba6-11e3-8cec-e09d310dabe0</Data>
  </EventData>
</Event>

Log Name:      Application
Source:        Microsoft-Windows-WMI
Date:          3/14/2014 2:25:51 PM
Event ID:      10
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      LENOVOW530
Description:
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" EventSourceName="WinMgmt" />
    <EventID Qualifiers="49152">10</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-03-14T18:25:51.000000000Z" />
    <EventRecordID>7015</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>LENOVOW530</Computer>
    <Security />
  </System>
  <EventData>
    <Data>//./root/CIMV2</Data>
    <Data>SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99</Data>
    <Data>0x80041003</Data>
  </EventData>
</Event>


System Log -- 4 warnings and 1 error during boot withOUT Internet; nothing during admin logon:

Log Name:      System
Source:        Microsoft-Windows-Kernel-PnP
Date:          3/14/2014 2:25:18 PM
Event ID:      219
Task Category: (212)
Level:         Warning
Keywords:      
User:          SYSTEM
Computer:      LENOVOW530
Description:
The driver \Driver\WUDFRd failed to load for the device USB\VID_147E&PID_2020\6&1663fd5d&0&3.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-Kernel-PnP" Guid="{9C205A39-1250-487D-ABD7-E831C6290539}" />
    <EventID>219</EventID>
    <Version>0</Version>
    <Level>3</Level>
    <Task>212</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8000000000000000</Keywords>
    <TimeCreated SystemTime="2014-03-14T18:25:18.796018000Z" />
    <EventRecordID>23484</EventRecordID>
    <Correlation />
    <Execution ProcessID="4" ThreadID="88" />
    <Channel>System</Channel>
    <Computer>LENOVOW530</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <EventData>
    <Data Name="DriverNameLength">36</Data>
    <Data Name="DriverName">USB\VID_147E&PID_2020\6&1663fd5d&0&3</Data>
    <Data Name="Status">3221226341</Data>
    <Data Name="FailureNameLength">14</Data>
    <Data Name="FailureName">\Driver\WUDFRd</Data>
    <Data Name="Version">0</Data>
  </EventData>
</Event>

Log Name:      System
Source:        e1cexpress
Date:          3/14/2014 2:25:21 PM
Event ID:      27
Task Category: None
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      LENOVOW530
Description:
Intel(R) 82579LM Gigabit Network Connection
 Network link is disconnected.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="e1cexpress" />
    <EventID Qualifiers="40964">27</EventID>
    <Level>3</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-03-14T18:25:21.884823500Z" />
    <EventRecordID>23555</EventRecordID>
    <Channel>System</Channel>
    <Computer>LENOVOW530</Computer>
    <Security />
  </System>
  <EventData>
    <Data>
    </Data>
    <Data>Intel(R) 82579LM Gigabit Network Connection</Data>
    <Binary>0000040002003000000000001B0004A00000000000000000000000000000000000000000000000001B0004A0</Binary>
  </EventData>
</Event>

Log Name:      System
Source:        Service Control Manager
Date:          3/14/2014 2:25:22 PM
Event ID:      7039
Task Category: None
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      LENOVOW530
Description:
A service process other than the one launched by the Service Control Manager connected when starting the StorageCraft ImageReady service.  The Service Control Manager launched process 3272 and process 3284 connected instead.

  Note that if this service is configured to start under a debugger, this behavior is expected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="32768">7039</EventID>
    <Version>0</Version>
    <Level>3</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2014-03-14T18:25:22.165624000Z" />
    <EventRecordID>23556</EventRecordID>
    <Correlation />
    <Execution ProcessID="656" ThreadID="672" />
    <Channel>System</Channel>
    <Computer>LENOVOW530</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">StorageCraft ImageReady</Data>
    <Data Name="param2">3272</Data>
    <Data Name="param3">3284</Data>
  </EventData>
</Event>

Log Name:      System
Source:        Microsoft-Windows-Wininit
Date:          3/14/2014 2:25:28 PM
Event ID:      11
Task Category: None
Level:         Warning
Keywords:      
User:          SYSTEM
Computer:      LENOVOW530
Description:
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-Wininit" Guid="{206F6DEA-D3C5-4D10-BC72-989F03C8B84B}" />
    <EventID>11</EventID>
    <Version>0</Version>
    <Level>3</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x4000000000000000</Keywords>
    <TimeCreated SystemTime="2014-03-14T18:25:28.826835700Z" />
    <EventRecordID>23580</EventRecordID>
    <Correlation />
    <Execution ProcessID="192" ThreadID="176" />
    <Channel>System</Channel>
    <Computer>LENOVOW530</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <EventData>
    <Data Name="StringCount">1</Data>
    <Data Name="String">C:\Windows\system32\nvinitx.dll</Data>
  </EventData>
</Event>

Log Name:      System
Source:        Service Control Manager
Date:          3/14/2014 2:25:34 PM
Event ID:      7034
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      LENOVOW530
Description:
The Intel(R) PROSet/Wireless Zero Configuration Service service terminated unexpectedly.  It has done this 1 time(s).
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="49152">7034</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2014-03-14T18:25:34.427245500Z" />
    <EventRecordID>23583</EventRecordID>
    <Correlation />
    <Execution ProcessID="656" ThreadID="3948" />
    <Channel>System</Channel>
    <Computer>LENOVOW530</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Intel(R) PROSet/Wireless Zero Configuration Service</Data>
    <Data Name="param2">1</Data>
  </EventData>
</Event>


2) >>Change SbieCtrl so it does not start when Windows starts.  Change SbieSvc so it is manual start.  Then restart your system. Wait several minutes before manually starting SbieSvc. Then wait a few more minutes before starting SbieCtrl. Does it start without errors this way?<<

I did this from my Standard User account (again with a full shutdown and restart), since SbieCtrl does not start up automatically there.  After rebooting, I first verified that neither SbieCtrl nor SbieSvc  was running.  Then I started the service and waited.  Then I started Sandboxie from Start>All Programs>Sandboxie>Sandboxie Control and waited -- NO error message from Sandboxie this time.  (I did not capture the logs again.)

3) >>You can also try running ListDlls from sysinternals http://www.sysinternals.com. From an admin console window, run "listdlls -v sbiesvc>list.txt" Look in file list.txt for any dlls that are not from Microsoft or Sandboxie. You can post those here.<<

This was a lot more work than I realized.  Shortly after test (2) above I executed "listdlls -v" from an administrator command prompt in order to show the publisher.  Even after removing all DLLs with "Publisher: Microsoft Corporation" (by hand, so I might have missed a few), the file is still 156K (originally it was 1644K!).  I'll try uploading it as an attachment instead of pasting it in line here.  The attached file name should be "Non-MS-Non-Sandboxie-DllVersions.txt".

I also have a file of output from "listdlls -v" that shows all unsigned DLLs (a lot published by Microsoft) in case you want to see it.  Please let me know if you need this as well. -- jclarkw

jclarkw
Posts: 85
Joined: Sun Feb 26, 2012 9:47 pm

Re: error message SBIE1408 (Unknown user name SID) every rel

Post by jclarkw » Sat Mar 15, 2014 1:49 am

Curt@invincea wrote:You can also try running ListDlls from sysinternals http://www.sysinternals.com. From an admin console window, run "listdlls -v sbiesvc>list.txt" Look in file list.txt for any dlls that are not from Microsoft or Sandboxie. You can post those here.
Curt -- I think my attempt to attach "Non-MS-Non-Sandboxie-DllVersions.txt" to my previous post failed. Maybe this "upload attachment" feature is intended only for image files? In any case I'll breaking it in pieces and pasting it into the next few posts. -- jclarkw

Code: Select all

PART 1:


ListDLLs v3.1 - List loaded DLLs
Copyright (C) 1997-2011 Mark Russinovich
Sysinternals - http://www.sysinternals.com

------------------------------------------------------------------------------
wininit.exe pid: 176
Command line: wininit.exe

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
services.exe pid: 668
Command line: C:\Windows\system32\services.exe

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
lsass.exe pid: 680
Command line: C:\Windows\system32\lsass.exe

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x0000000031630000  0x25000   C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
	Verified:	AuthenTec, Inc.
	Publisher:	Authentec Inc.
	Description:	Logon stub
	Product:	ThinkVantage Fingerprint Software
	Version:	5.9.9.7281
	File version:	5.9.9.7281
	Create time:	Tue Mar 05 14:50:17 2013

0x0000000031270000  0x1dd000  C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll
	Verified:	AuthenTec, Inc.
	Publisher:	Authentec Inc.
	Description:	PS QL Logon Kernel
	Product:	ThinkVantage Fingerprint Software
	Version:	5.9.9.7281
	File version:	5.9.9.7281
	Create time:	Tue Mar 05 14:49:15 2013

0x0000000030000000  0xcc000   C:\Program Files\ThinkVantage Fingerprint Software\infql2.dll
	Verified:	AuthenTec, Inc.
	Publisher:	Authentec Inc.
	Description:	Infrastructure utility library
	Product:	ThinkVantage Fingerprint Software
	Version:	5.9.9.7281
	File version:	5.9.9.7281
	Create time:	Tue Mar 05 12:41:14 2013

0x00000000fc3d0000  0x2a000   C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	BtwProximityCP DLL
	Product:	Bluetooth Software
	Version:	6.4.0.640
	File version:	6.4.0.640
	Create time:	Tue May 14 15:13:27 2013

------------------------------------------------------------------------------
svchost.exe pid: 1044
Command line: C:\Windows\system32\svchost.exe -k DcomLaunch

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
ibmpmsvc.exe pid: 1132
Command line: C:\Windows\system32\ibmpmsvc.exe

Base                Size      Path
0x0000000000000000  0xd000    C:\Windows\system32\ibmpmsvc.exe
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Lenovo.
	Description:	ThinkPad Power Management Service
	Product:	ThinkPad Power Management Service
	Version:	1.65.5.20
	File version:	1.65.5.20
	Create time:	Wed Feb 29 01:01:49 2012

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
nvvsvc.exe pid: 1172
Command line: "C:\Windows\system32\nvvsvc.exe"

Base                Size      Path
0x000000003f2e0000  0xdf000   C:\Windows\system32\nvvsvc.exe
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA Driver Helper Service, Version 312.70
	Product:	NVIDIA Driver Helper Service, Version 312.70
	Version:	8.17.13.1270
	File version:	8.17.13.1270
	Create time:	Thu Oct 31 16:06:35 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x0000000073710000  0x134000  C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA User Experience Driver Component
	Product:	NVIDIA User Experience Driver Component
	Version:	8.17.13.1270
	File version:	8.17.13.1270
	Create time:	Thu Oct 31 14:35:25 2013

------------------------------------------------------------------------------
nvSCPAPISvr.exe pid: 1196
Command line: "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"

Base                Size      Path
0x0000000000400000  0x63000   C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	Stereo Vision Control Panel API Server
	Product:	Stereo Vision Control Panel API Server
	Version:	7.17.13.1270
	File version:	7.17.13.1270
	Create time:	Thu Oct 31 15:47:19 2013

0x0000000000400000  0x63000   C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	Stereo Vision Control Panel API Server
	Product:	Stereo Vision Control Panel API Server
	Version:	7.17.13.1270
	File version:	7.17.13.1270
	Create time:	Thu Oct 31 15:47:19 2013

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

------------------------------------------------------------------------------
svchost.exe pid: 1372
Command line: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

Base                Size      Path
00x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
svchost.exe pid: 1404
Command line: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013
------------------------------------------------------------------------------
svchost.exe pid: 1452
Command line: C:\Windows\system32\svchost.exe -k netsvcs

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
WUDFHost.exe pid: 1684
Command line: "C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-efa1e3ab-40b9-4c12-a8c6-b598dd85c6f4 -SystemEventPortName:HostProcess-6946046a-84cf-483d-a318-cf9aaedd4933 -IoCancelEventPortName:HostProcess-1980cc84-5fde-4ce7-9452-a30eef2c2ead -NonStateChangingEventPortName:HostProcess-533a5d81-3e77-40fc-9b82-5391a0b1907e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9969edb8-2025-45a5-a039-d0cd93fad177

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000fa750000  0xf8000   C:\Windows\System32\drivers\UMDF\tcwbf.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	AuthenTec
	Description:	TouchChip USB WBF Driver
	Product:	AuthenTec Fingerprint Driver
	Version:	1.5.0.328
	File version:	1.5.0.328
	Create time:	Fri Apr 13 04:15:29 2012

------------------------------------------------------------------------------
svchost.exe pid: 1756
Command line: C:\Windows\system32\svchost.exe -k NetworkService

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
winlogon.exe pid: 1968
Command line: winlogon.exe

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
wlanext.exe pid: 2024
Command line: C:\Windows\system32\WLANExt.exe 24245952

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000f9b60000  0x24e000  C:\Windows\System32\IWMSSvc.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) Wireless Management Service
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:24:19 2013

0x00000000f98a0000  0x174000  C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	The OpenSSL Project, http://www.openssl.org/
	Description:	OpenSSL Shared Library
	Product:	The OpenSSL Toolkit
	Version:	1.0.0.2
	File version:	1.0.0.2
	Create time:	Tue May 29 22:58:35 2012

0x00000000f97f0000  0x2e000   C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Registry API Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:15:31 2013

0x00000000f95b0000  0x4c000   C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Trace API Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:16:34 2013

0x00000000f9450000  0x12000   C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel PROSet/Wireless IWMS Provider
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:16:52 2013

0x00000000f93c0000  0x67000   C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless CCX Plugin Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:17:00 2013

0x00000000f8d10000  0x280000  C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\IHVWPSPlugin.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless WSC Plugin Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:18:36 2013

0x00000000f8bd0000  0x17000   C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\P2PSupplicantPlugin.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Supplicant Plugin
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:17:53 2013

0x00000000f8940000  0x253000  C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\PanAuthenticator.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) My WiFi PAN Authenticator
	Product:	Intel(R) My WiFi Technology
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:18:44 2013

0x00000000f8390000  0x37000   C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\wlansupplicantplugin.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Supplicant Plugin
	Product:	Intel(R) PROSet/Wireless
	Version:	15.5.5.0
	File version:	15.5.5.0
	Create time:	Fri Aug 02 16:18:10 2013

0x00000000f7d20000  0x1e000   C:\Program Files\Intel\WiFi\bin\IntStngs.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Application Settings Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:17:16 2013

0x00000000f6d80000  0x137000  C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel Corporation
	Description:	P2P Supplicant Dynamic Link Library
	Product:	 P2P Supplicant Dynamic Link Library
	Version:	15.0.0.0
	File version:	15.0.0.0
	Create time:	Wed Jun 05 13:02:35 2013

------------------------------------------------------------------------------
conhost.exe pid: 2040
Command line: \??\C:\Windows\system32\conhost.exe "-1467690818-161512446912079860642007352246-1020382298-2011372125-8250201491984620655

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
spoolsv.exe pid: 2084
Command line: C:\Windows\System32\spoolsv.exe

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000f7080000  0xf000    C:\Windows\System32\AdobePDF.dll
	Verified:	Adobe Systems, Incorporated
	Publisher:	Adobe Systems Inc
	Description:	Adobe PDF Port  Monitor DLL
	Product:	Adobe Acrobat
	Version:	11.0.0.305
	File version:	11.0.0.305
	Create time:	Tue Aug 14 07:01:02 2012

0x0000000075120000  0x1c000   C:\Windows\system32\spool\PRTPROCS\x64\hpzpplhn.dll
	Verified:	Unsigned
	Publisher:	Hewlett-Packard Corporation
	Description:	
	Product:	HP Print Processor
	Version:	61.53.25.9
	File version:	61.53.25.9
	Create time:	Thu Oct 19 21:10:32 2006

0x0000000071680000  0x256000  C:\Windows\system32\spool\DRIVERS\x64\3\hpzuilhn.dll
	Verified:	Unsigned
	Publisher:	Hewlett-Packard Corporation
	Description:	n/a
	Product:	HP UI
	Version:	61.53.25.9
	File version:	61.53.25.9
	Create time:	Thu Oct 19 21:11:29 2006

------------------------------------------------------------------------------
svchost.exe pid: 2120
Command line: C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
svchost.exe pid: 2204
Command line: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
Windows8FirewallService.exe pid: 2332
Command line: "C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe"

Base                Size      Path
0x0000000040000000  0x405000  C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe
	Verified:	Unsigned
	Publisher:	Sphinx Software
	Description:	Windows 8 Firewall Control
	Product:	Vista-Wall extended control for Windows 8, Windows 7 and Vista Firewall
	Version:	6.1.9.53
	File version:	6.1.9.53
	Create time:	Mon Sep 30 10:55:46 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
armsvc.exe pid: 2412
Command line: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

Base                Size      Path
0x0000000000880000  0x10000   C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
	Verified:	Adobe Systems, Incorporated
	Publisher:	Adobe Systems Incorporated
	Description:	Adobe Acrobat Update Service
	Product:	Adobe Acrobat Update Service
	Version:	1.701.3.3014
	File version:	1.701.3.3014
	Create time:	Thu Nov 21 11:55:51 2013

0x0000000000880000  0x10000   C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
	Verified:	Adobe Systems, Incorporated
	Publisher:	Adobe Systems Incorporated
	Description:	Adobe Acrobat Update Service
	Product:	Adobe Acrobat Update Service
	Version:	1.701.3.3014
	File version:	1.701.3.3014
	Create time:	Thu Nov 21 11:55:51 2013

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

------------------------------------------------------------------------------
btwdins.exe pid: 2440
Command line: "C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"

Base                Size      Path
0x000000003f2c0000  0x118000  C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	Bluetooth Support Server
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:12:12 2013

0x00000000f8250000  0x1d000   C:\Program Files\ThinkPad\Bluetooth Software\BtwLeAPI.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	BtwLeAPI
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 14:44:47 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
officeclicktorun.exe pid: 2472
Command line: "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service

Base                Size      Path
0x00000000f8160000  0x1d000   C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
	Verified:	Microsoft Corporation
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	n/a
	File version:	n/a
	Create time:	Thu Oct 31 05:56:04 2013

00x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000f7bd0000  0x9a000   C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
	Verified:	Microsoft Corporation
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	n/a
	File version:	n/a
	Create time:	Thu Jan 02 18:49:27 2014

0x00000000fd480000  0x14000   C:\Windows\system32\RpcRtRemote.dll
------------------------------------------------------------------------------
EvtEng.exe pid: 2580
Command line: "C:\Program Files\Intel\WiFi\bin\EvtEng.exe"

Base                Size      Path
0x000000003ff20000  0xa5000   C:\Program Files\Intel\WiFi\bin\EvtEng.exe
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Event Log Service
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:28:58 2013

0x00000000f8090000  0xad000   C:\Program Files\Intel\WiFi\bin\MurocApi.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Muroc API Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:21:31 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000f98a0000  0x174000  C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	The OpenSSL Project, http://www.openssl.org/
	Description:	OpenSSL Shared Library
	Product:	The OpenSSL Toolkit
	Version:	1.0.0.2
	File version:	1.0.0.2
	Create time:	Tue May 29 22:58:35 2012

0x00000000f97f0000  0x2e000   C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Registry API Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:15:31 2013

0x00000000f95b0000  0x4c000   C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Trace API Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:16:34 2013

0x00000000f7d20000  0x1e000   C:\Program Files\Intel\WiFi\bin\IntStngs.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Application Settings Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:17:16 2013

0x00000000f4c10000  0x327000  C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel PROSet/Wireless AmtWsMan
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:15:44 2013

0x00000000f6570000  0xa000    C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless S24EvMon Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:14:13 2013

------------------------------------------------------------------------------
ExpressCache.exe pid: 2628
Command line: "C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe"

Base                Size      Path
0x000000003fd10000  0x1e000   C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
	Verified:	CONDUSIV TECHNOLOGIES
	Publisher:	Condusiv Technologies
	Description:	ExpressCache Service
	Product:	ExpressCache™
	Version:	1.0.100.0
	File version:	1.0.100.0
	Create time:	Tue Jan 08 11:01:34 2013

0x0000000080000000  0x24000   C:\Program Files\Condusiv Technologies\ExpressCache\MJS.dll
	Verified:	Diskeeper Corporation
	Publisher:	Diskeeper Corporation
	Description:	MJS
	Product:	MJS
	Version:	4.0.106.0
	File version:	4.0.106.0
	Create time:	Mon Aug 30 14:05:45 2010

0x00000000f7f10000  0x32000   C:\Program Files\Condusiv Technologies\ExpressCache\ECBase.dll
	Verified:	CONDUSIV TECHNOLOGIES
	Publisher:	Condusiv Technologies
	Description:	ExpressCache Base
	Product:	ExpressCache™
	Version:	1.0.100.0
	File version:	1.0.100.0
	Create time:	Tue Jan 08 11:00:23 2013

0x00000000001f0000  0x6b000   C:\Program Files\Condusiv Technologies\ExpressCache\Tab.dll
	Verified:	CONDUSIV TECHNOLOGIES
	Publisher:	Diskeeper Corporation
	Description:	TAB
	Product:	UCC
	Version:	3.0.42.0
	File version:	3.0.42.0
	Create time:	Thu May 26 15:01:42 2011

0x00000000f7480000  0x42000   C:\Program Files\Condusiv Technologies\ExpressCache\ECCore.dll
	Verified:	CONDUSIV TECHNOLOGIES
	Publisher:	Condusiv Technologies
	Description:	ExpressCache Core
	Product:	ExpressCache™
	Version:	1.0.100.0
	File version:	1.0.100.0
	Create time:	Tue Jan 08 11:01:21 2013

0x00000000f7410000  0x62000   C:\Program Files\Condusiv Technologies\ExpressCache\HFSOptimizer.dll
	Verified:	CONDUSIV TECHNOLOGIES
	Publisher:	Condusiv Technologies
	Description:	HFSOptimizer
	Product:	ExpressCache™
	Version:	1.0.100.0
	File version:	1.0.100.0
	Create time:	Tue Jan 08 11:00:49 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000f4fa0000  0x38000   C:\PROGRA~1\COMMON~1\DISKEE~1\MJS\MJSCR.dll
	Verified:	Diskeeper Corporation
	Publisher:	Diskeeper Corporation
	Description:	MJS
	Product:	MJS
	Version:	4.0.106.0
	File version:	4.0.106.0
	Create time:	Mon Aug 30 14:06:11 2010

0x0000000000f60000  0x3e000   C:\Program Files\Condusiv Technologies\ExpressCache\NsNtfsAutoAnalyze.dll
	Verified:	Unsigned
	Publisher:	Condusiv Technologies
	Description:	NsNtfsAutoAnalyze.dll
	Product:	Diskeeper (TM) Disk Defragmenter
	Version:	16.0.1012.0
	File version:	16.0.1012.0
	Create time:	Mon Jun 18 17:16:21 2012

0x0000000000fb0000  0x19000   C:\Program Files\Condusiv Technologies\ExpressCache\PrFacade.dll
	Verified:	Unsigned
	Publisher:	Condusiv Technologies
	Description:	DKTABPROVIDER.EXE
	Product:	Diskeeper (TM) Disk Defragmenter
	Version:	16.0.1012.0
	File version:	16.0.1012.0
	Create time:	Mon Jun 18 17:15:00 2012

------------------------------------------------------------------------------
FBService.exe pid: 2864
Command line: "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe"

Base                Size      Path
0x0000000000400000  0x24000   C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
	Verified:	Lenovo
	Publisher:	Lenovo
	Description:	RapidBoot HDD Accelerator Service
	Product:	RapidBoot HDD Accelerator
	Version:	1.1.1.1
	File version:	1.1.1.1
	Create time:	Fri Apr 12 04:24:38 2013

0x0000000000400000  0x24000   C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
	Verified:	Lenovo
	Publisher:	Lenovo
	Description:	RapidBoot HDD Accelerator Service
	Product:	RapidBoot HDD Accelerator
	Version:	1.1.1.1
	File version:	1.1.1.1
	Create time:	Fri Apr 12 04:24:38 2013

0x0000000010000000  0x6000    C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
	Verified:	Lenovo
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	n/a
	File version:	n/a
	Create time:	Fri Apr 12 04:24:40 2013

------------------------------------------------------------------------------
HeciServer.exe pid: 2936
Command line: "C:\Program Files\Intel\iCLS Client\HeciServer.exe"

Base                Size      Path
0x000000003f290000  0x9f000   C:\Program Files\Intel\iCLS Client\HeciServer.exe
	Verified:	Intel® Upgrade Service
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) Capability Licensing Service Interface
	Product:	Intel(R) Capability Licensing Service Interface
	Version:	1.23.605.1
	File version:	1.23.605.1
	Create time:	Thu Feb 02 16:29:48 2012

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
Jhi_service.exe pid: 2964
Command line: "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"

Base                Size      Path
0x0000000000f20000  0x2a000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Intel(R) Dynamic Application Loader Host Interface
	Product:	Intel(R) Dynamic Application Loader Host Interface
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:19:23 2012
0x0000000000f20000  0x2a000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Intel(R) Dynamic Application Loader Host Interface
	Product:	Intel(R) Dynamic Application Loader Host Interface
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:19:23 2012

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

0x00000000744c0000  0x3c000   C:\Windows\SysWOW64\mswsock.dll
	Verified:	Microsoft Windows
	Publisher:	Microsoft Corporation
	Description:	Microsoft Windows Sockets 2.0 Service Provider
	Product:	Microsoft® Windows® Operating System
	Version:	6.1.7601.18254
	File version:	6.1.7601.18254
	Create time:	Sat Sep 07 22:04:46 2013

------------------------------------------------------------------------------
CamMute.exe pid: 2996
Command line: "C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"

Base                Size      Path
0x0000000000400000  0x11000   C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	Camera Mute Control Service for ThinkPad
	Product:	ThinkVantage Communications Utility
	Version:	3.1.7.0
	File version:	3.1.7.0
	Create time:	Fri Oct 25 00:56:55 2013

0x0000000000400000  0x11000   C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	Camera Mute Control Service for ThinkPad
	Product:	ThinkVantage Communications Utility
	Version:	3.1.7.0
	File version:	3.1.7.0
	Create time:	Fri Oct 25 00:56:55 2013

0x0000000074400000  0x1c000   C:\Program Files\Lenovo\Communications Utility\CommFunc.dll
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	Communications Utility Common Library
	Product:	ThinkVantage Communications Utility
	Version:	3.1.7.0
	File version:	3.1.7.0
	Create time:	Fri Oct 25 00:56:46 2013

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

------------------------------------------------------------------------------
TPKNRSVC.exe pid: 3032
Command line: "C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"

Base                Size      Path
0x0000000000400000  0x15000   C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	Microphone volume control service
	Product:	ThinkVantage Communications Utility
	Version:	3.1.7.0
	File version:	3.1.7.0
	Create time:	Fri Oct 25 00:56:47 2013

0x0000000000400000  0x15000   C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	Microphone volume control service
	Product:	ThinkVantage Communications Utility
	Version:	3.1.7.0
	File version:	3.1.7.0
	Create time:	Fri Oct 25 00:56:47 2013

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

------------------------------------------------------------------------------
vcamsvc.exe pid: 3060
Command line: "C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe"

Base                Size      Path
0x0000000000400000  0x35000   C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	ThinkVantage Virtual Camera Controller
	Product:	ThinkVantage Communications Utility
	Version:	3.1.7.0
	File version:	3.1.7.0
	Create time:	Fri Oct 25 00:57:14 2013

0x0000000000400000  0x35000   C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	ThinkVantage Virtual Camera Controller
	Product:	ThinkVantage Communications Utility
	Version:	3.1.7.0
	File version:	3.1.7.0
	Create time:	Fri Oct 25 00:57:14 2013

0x0000000073cf0000  0x21e000  C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
	Verified:	Unsigned
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	n/a
	File version:	n/a
	Create time:	Mon Apr 05 20:04:04 2010

0x00000000739d0000  0x288000  C:\Program Files\Lenovo\Communications Utility\cv210.dll
	Verified:	Unsigned
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	n/a
	File version:	n/a
	Create time:	Mon Apr 05 20:05:10 2010

0x0000000074400000  0x1c000   C:\Program Files\Lenovo\Communications Utility\CommFunc.dll
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	Communications Utility Common Library
	Product:	ThinkVantage Communications Utility
	Version:	3.1.7.0
	File version:	3.1.7.0
	Create time:	Fri Oct 25 00:56:46 2013

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

0x0000000010000000  0x28000   C:\Windows\SysWOW64\5U877.ax
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Ricoh co.,Ltd.
	Description:	Integrated Camera device property page
	Product:	Integrated Camera device property page
	Version:	1.2.1.16
	File version:	1.2.1.16
	Create time:	Tue Feb 07 00:46:27 2012

------------------------------------------------------------------------------
lvvsst.exe pid: 1428
Command line: "C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"

Base                Size      Path
0x000000003f8d0000  0x26000   C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	Auto Scroll Start Service
	Product:	Auto Scroll
	Version:	1.2.0.0
	File version:	1.2.0.0
	Create time:	Fri Aug 10 07:32:29 2012

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x0000000080000000  0x26000   C:\Program Files\LENOVO\VIRTSCRL\enlpu.dll
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	Lenovo Patch Utility Handler
	Product:	Auto Scroll
	Version:	1.0.0.0
	File version:	1.0.0.0
	Create time:	Mon Jun 27 22:58:50 2011

------------------------------------------------------------------------------
RegSrvc.exe pid: 3092
Command line: "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"

Base                Size      Path
0x000000003f9b0000  0x28000   C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Registry Service
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:14:44 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
ImageReady.exe pid: 3136
Command line: "C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe"

Base                Size      Path
0x0000000000400000  0x2e000   C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe
	Verified:	StorageCraft Technology Corporation
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	5.0.4.27363
	File version:	5.0.4.27363
	Create time:	Mon Jul 18 07:56:27 2011

0x0000000000400000  0x2e000   C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe
	Verified:	StorageCraft Technology Corporation
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	5.0.4.27363
	File version:	5.0.4.27363
	Create time:	Mon Jul 18 07:56:27 2011

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

------------------------------------------------------------------------------
ImageReady.exe pid: 3148
Command line: "C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe"

Base                Size      Path
0x0000000000400000  0x2e000   C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe
	Verified:	StorageCraft Technology Corporation
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	5.0.4.27363
	File version:	5.0.4.27363
	Create time:	Mon Jul 18 07:56:27 2011

0x0000000000400000  0x2e000   C:\Program Files (x86)\StorageCraft\ShadowProtect\ImageReady.exe
	Verified:	StorageCraft Technology Corporation
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	5.0.4.27363
	File version:	5.0.4.27363
	Create time:	Mon Jul 18 07:56:27 2011

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

0x000000001e000000  0x23f000  C:\Windows\TEMP\_MEI31362\python27.dll
	Verified:	Unsigned
	Publisher:	Python Software Foundation
	Description:	Python Core
	Product:	Python
	Version:	2.7.3150.1013
	File version:	2.7.3150.1013
	Create time:	Tue Apr 10 17:31:51 2012

0x000000001e8c0000  0x1c000   C:\Windows\TEMP\_MEI31362\win32api.pyd
	Verified:	Unsigned
	Publisher:	
	Description:	
	Product:	PyWin32
	Version:	2.7.217.0
	File version:	2.7.217.0
	Create time:	Tue Feb 07 00:37:22 2012

0x000000001e7a0000  0x1e000   C:\Windows\TEMP\_MEI31362\pywintypes27.dll
	Verified:	Unsigned
	Publisher:	
	Description:	
	Product:	PyWin32
	Version:	2.7.217.0
	File version:	2.7.217.0
	Create time:	Tue Feb 07 00:35:45 2012

0x0000000000430000  0x61000   C:\Windows\TEMP\_MEI31362\pythoncom27.dll
	Verified:	Unsigned
	Publisher:	
	Description:	
	Product:	PyWin32
	Version:	2.7.217.0
	File version:	2.7.217.0
	Create time:	Tue Feb 07 00:38:57 2012

0x000000001ecb0000  0xd000    C:\Windows\TEMP\_MEI31362\win32service.pyd
	Verified:	Unsigned
	Publisher:	
	Description:	
	Product:	PyWin32
	Version:	2.7.217.0
	File version:	2.7.217.0
	Create time:	Tue Feb 07 00:36:53 2012

0x000000001e7d0000  0xa000    C:\Windows\TEMP\_MEI31362\servicemanager.pyd
	Verified:	Unsigned
	Publisher:	
	Description:	
	Product:	PyWin32
	Version:	2.7.217.0
	File version:	2.7.217.0
	Create time:	Tue Feb 07 00:37:38 2012

0x000000001e9b0000  0x9000    C:\Windows\TEMP\_MEI31362\win32event.pyd
	Verified:	Unsigned
	Publisher:	
	Description:	
	Product:	PyWin32
	Version:	2.7.217.0
	File version:	2.7.217.0
	Create time:	Tue Feb 07 00:36:11 2012

0x0000000000280000  0xc000    C:\Windows\TEMP\_MEI31362\_socket.pyd
	Verified:	Unsigned
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	n/a
	File version:	n/a
	Create time:	Tue Apr 10 17:31:53 2012

0x0000000010000000  0xb6000   C:\Windows\TEMP\_MEI31362\_ssl.pyd
	Verified:	Unsigned
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	n/a
	File version:	n/a
	Create time:	Tue Apr 10 17:31:55 2012

0x000000001d110000  0x5000    C:\Windows\TEMP\_MEI31362\select.pyd
	Verified:	Unsigned
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	n/a
	File version:	n/a
	Create time:	Tue Apr 10 17:31:54 2012

0x000000001d1a0000  0x15000   C:\Windows\TEMP\_MEI31362\_ctypes.pyd
	Verified:	Unsigned
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	n/a
	File version:	n/a
	Create time:	Tue Apr 10 17:31:54 2012

0x0000000000aa0000  0x49000   C:\Windows\TEMP\_MEI31362\_hashlib.pyd
	Verified:	Unsigned
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	n/a
	File version:	n/a
	Create time:	Tue Apr 10 17:31:55 2012

0x00000000004c0000  0x1c000   C:\Windows\TEMP\_MEI31362\pyexpat.pyd
	Verified:	Unsigned
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	n/a
	File version:	n/a
	Create time:	Tue Apr 10 17:31:55 2012
------------------------------------------------------------------------------
Last edited by Curt@invincea on Mon Mar 17, 2014 10:50 pm, edited 2 times in total.
Reason: Added code formaters

jclarkw
Posts: 85
Joined: Sun Feb 26, 2012 9:47 pm

Re: error message SBIE1408 (Unknown user name SID) every rel

Post by jclarkw » Sat Mar 15, 2014 1:50 am

Code: Select all

PART 2:

conhost.exe pid: 3156
Command line: \??\C:\Windows\system32\conhost.exe "-1231961601-538189258750831010-600772324-27438704-2080423810-5740045671017512346

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
TPHKSVC.exe pid: 3216
Command line: "C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"

Base                Size      Path
0x0000000000130000  0x22000   C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	On screen display Fn+Fx handler
	Product:	On Screen Display
	Version:	2.3.1.0
	File version:	2.3.1.0
	Create time:	Mon Dec 03 23:50:29 2012

0x0000000000130000  0x22000   C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	On screen display Fn+Fx handler
	Product:	On Screen Display
	Version:	2.3.1.0
	File version:	2.3.1.0
	Create time:	Mon Dec 03 23:50:29 2012

0x0000000010000000  0x22000   C:\Program Files\LENOVO\HOTKEY\ENLPU32.DLL
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	Lenovo Patch Utility Handler
	Product:	On Screen Display
	Version:	1.0.0.0
	File version:	1.0.0.0
	Create time:	Mon Jun 27 22:58:25 2011
------------------------------------------------------------------------------
ULCDRSvr.exe pid: 3248
Command line: "C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"

Base                Size      Path
0x0000000000400000  0x11000   C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
	Verified:	Unsigned
	Publisher:	Ulead Systems, Inc.
	Description:	ULCDRSvr
	Product:	Ulead Systems ULCDRSvr
	Version:	1.0.0.5
	File version:	1.0.0.5
	Create time:	Tue Jun 13 23:57:59 2006

0x0000000000400000  0x11000   C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
	Verified:	Unsigned
	Publisher:	Ulead Systems, Inc.
	Description:	ULCDRSvr
	Product:	Ulead Systems ULCDRSvr
	Version:	1.0.0.5
	File version:	1.0.0.5
	Create time:	Tue Jun 13 23:57:59 2006

------------------------------------------------------------------------------
VSSVC.exe pid: 3280
Command line: C:\Windows\system32\vssvc.exe

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
ZeroConfigService.exe pid: 3392
Command line: "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"

Base                Size      Path
0x000000003f530000  0x348000  C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel® Corporation
	Description:	Intel® PROSet/Wireless Zero Configure Service
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:25:35 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000f98a0000  0x174000  C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	The OpenSSL Project, http://www.openssl.org/
	Description:	OpenSSL Shared Library
	Product:	The OpenSSL Toolkit
	Version:	1.0.0.2
	File version:	1.0.0.2
	Create time:	Tue May 29 22:58:35 2012

0x00000000f97f0000  0x2e000   C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Registry API Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:15:31 2013

0x00000000f95b0000  0x4c000   C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Trace API Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:16:34 2013

0x00000000f6580000  0x34000   C:\Program Files\Intel\WiFi\bin\Ps7ZCfgS.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Zero Config Service Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:23:22 2013

0x00000000f8090000  0xad000   C:\Program Files\Intel\WiFi\bin\MurocApi.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Muroc API Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:21:31 2013

0x00000000f6570000  0xa000    C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless S24EvMon Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:14:13 2013

0x00000000f7d20000  0x1e000   C:\Program Files\Intel\WiFi\bin\IntStngs.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Application Settings Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:17:16 2013

0x00000000f60b0000  0x10f000  C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Profile Manager API Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:19:53 2013

0x00000000f6090000  0x1e000   C:\Program Files\Intel\WiFi\bin\DbEngine.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Secure DB Engine
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:14:26 2013

0x00000000f58b0000  0x71000   C:\Program Files\Intel\WiFi\bin\panihvint.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Pan API Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:24:09 2013
------------------------------------------------------------------------------
micmute.exe pid: 3424
Command line: "C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"

Base                Size      Path
0x0000000000400000  0x23000   C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	Microphone Mute Controll Service for ThinkPad
	Product:	On Screen Display
	Version:	1.3.1.0
	File version:	1.3.1.0
	Create time:	Fri Aug 24 00:00:38 2012

0x0000000000400000  0x23000   C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	Microphone Mute Controll Service for ThinkPad
	Product:	On Screen Display
	Version:	1.3.1.0
	File version:	1.3.1.0
	Create time:	Fri Aug 24 00:00:38 2012

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

0x0000000010000000  0x22000   C:\Program Files\LENOVO\HOTKEY\ENLPU32.DLL
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	Lenovo Patch Utility Handler
	Product:	On Screen Display
	Version:	1.0.0.0
	File version:	1.0.0.0
	Create time:	Mon Jun 27 22:58:25 2011

0x0000000072020000  0x18e000  C:\Program Files\LENOVO\HOTKEY\micmute6.dll
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	On screen display microphone mute button helper dll for Vista
	Product:	On screen display
	Version:	1.0.7.0
	File version:	1.0.7.0
	Create time:	Thu Jan 10 04:12:08 2013

------------------------------------------------------------------------------
tphkload.exe pid: 3492
Command line: "C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"

Base                Size      Path
0x0000000040000000  0x27000   C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	ThinkPad Message Client Loader
	Product:	On Screen Display
	Version:	1.3.1.0
	File version:	1.3.1.0
	Create time:	Wed Sep 05 23:26:43 2012

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x0000000080000000  0x26000   C:\Program Files\LENOVO\HOTKEY\ENLPU.DLL
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	Lenovo Patch Utility Handler
	Product:	On Screen Display
	Version:	1.0.0.0
	File version:	1.0.0.0
	Create time:	Mon Jun 27 22:58:48 2011

0x0000000000330000  0x28000   C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.DLL
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	ThinkPad Message Transmitter for On Screen Display
	Product:	On screen display
	Version:	2.0.0.0
	File version:	2.0.0.0
	Create time:	Tue Jul 17 22:32:02 2012

0x0000000000360000  0x2f000   C:\Program Files\LENOVO\HOTKEY\spkvol.dll
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	Helper dll for audio volume indicator
	Product:	On screen display
	Version:	1.0.2.0
	File version:	1.0.2.0
	Create time:	Thu Jun 23 22:07:43 2011

0x0000000000dc0000  0x30000   C:\Program Files\LENOVO\HOTKEY\lcdbl.dll
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	Helper dll for LCD brightness indicator
	Product:	On screen display
	Version:	1.0.2.0
	File version:	1.0.2.0
	Create time:	Thu Jun 23 23:07:15 2011

0x00000000014e0000  0x1b000   C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.DLL
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	ThinkPad Message Transmitter for Shortcut Hot Keys
	Product:	On Screen Display
	Version:	1.0.1.0
	File version:	1.0.1.0
	Create time:	Wed Nov 14 19:49:00 2012

------------------------------------------------------------------------------
vsnapvss.exe pid: 3596
Command line: "C:\Program Files (x86)\StorageCraft\ShadowProtect\vsnapvss.exe"

Base                Size      Path
0x00000000ff0a0000  0x1a000   C:\Program Files (x86)\StorageCraft\ShadowProtect\vsnapvss.exe
	Verified:	StorageCraft Technology Corporation
	Publisher:	StorageCraft Technology Corporation
	Description:	StorageCraft Volume Snapshot VSS Provider
	Product:	StorageCraft Volume Snapshot
	Version:	1.0.0.119
	File version:	1.0.0.119
	Create time:	Tue Jan 21 13:01:57 2014

0x0000000073860000  0xa000    C:\Program Files (x86)\StorageCraft\ShadowProtect\STCSNA64.dll
	Verified:	StorageCraft Technology Corporation
	Publisher:	StorageCraft Technology Corporation
	Description:	StorageCraft Volume Snapshot Driver API
	Product:	StorageCraft Volume Snapshot
	Version:	2.0.0.116
	File version:	2.0.0.116
	Create time:	Tue Jan 21 13:01:46 2014

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
unsecapp.exe pid: 3612
Command line: C:\Windows\system32\wbem\unsecapp.exe -Embedding

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
WmiPrvSE.exe pid: 3688
Command line: C:\Windows\system32\wbem\wmiprvse.exe

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000f9450000  0x12000   C:\Program Files\Intel\WiFi\bin\iWMSProv.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel PROSet/Wireless IWMS Provider
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:16:52 2013

0x00000000f97f0000  0x2e000   C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Registry API Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:15:31 2013

0x00000000f95b0000  0x4c000   C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
	Verified:	Intel Corporation-Mobile Wireless Group
	Publisher:	Intel(R) Corporation
	Description:	Intel(R) PROSet/Wireless Trace API Module
	Product:	Intel(R) PROSet/Wireless
	Version:	16.1.0.0
	File version:	16.1.0.0
	Create time:	Fri Aug 02 16:16:34 2013

------------------------------------------------------------------------------
svchost.exe pid: 3312
Command line: C:\Windows\system32\svchost.exe -k bthsvcs

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
nvxdsync.exe pid: 4568
Command line: "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"

Base                Size      Path
0x000000003f220000  0x11a000  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA User Experience Driver Component
	Product:	NVIDIA User Experience Driver Component
	Version:	8.17.13.1270
	File version:	8.17.13.1270
	Create time:	Thu Oct 31 15:09:15 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x0000000073160000  0x5a3000  C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA User Experience Driver Component
	Product:	NVIDIA User Experience Driver Component
	Version:	8.17.13.1270
	File version:	8.17.13.1270
	Create time:	Thu Oct 31 14:54:49 2013

0x0000000072d50000  0x40c000  C:\Program Files\NVIDIA Corporation\Display\NvUI.dll
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA User Experience Driver Component
	Product:	NVIDIA User Experience Driver Component
	Version:	8.17.13.1270
	File version:	8.17.13.1270
	Create time:	Thu Oct 31 14:47:27 2013

0x00000000f52f0000  0x116000  C:\Windows\system32\nvumdshimx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA D3D Shim Driver, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:33 2013

0x00000000f5010000  0x2d7000  C:\Windows\system32\nvapi64.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA NVAPI Library, Version 312.70 
	Product:	NVIDIA Windows drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:09 2013

0x0000000073710000  0x134000  C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA User Experience Driver Component
	Product:	NVIDIA User Experience Driver Component
	Version:	8.17.13.1270
	File version:	8.17.13.1270
	Create time:	Thu Oct 31 14:35:25 2013

0x0000000080000000  0x19000   C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
	Verified:	NVIDIA Corporation
	Publisher:	n/a
	Description:	NVIDIA Smart Maximize Helper
	Product:	NVIDIA Smart Maximize Helper version 100.02
	Version:	6.14.10.10002
	File version:	6.14.10.10002
	Create time:	Thu Oct 31 14:29:11 2013

0x0000000070820000  0x19f000  C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA User Experience Driver Component
	Product:	NVIDIA User Experience Driver Component
	Version:	8.17.13.1270
	File version:	8.17.13.1270
	Create time:	Thu Oct 31 14:41:08 2013

------------------------------------------------------------------------------
nvvsvc.exe pid: 4576
Command line: C:\Windows\system32\nvvsvc.exe -session -first

Base                Size      Path
0x000000003f2e0000  0xdf000   C:\Windows\system32\nvvsvc.exe
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA Driver Helper Service, Version 312.70
	Product:	NVIDIA Driver Helper Service, Version 312.70
	Version:	8.17.13.1270
	File version:	8.17.13.1270
	Create time:	Thu Oct 31 16:06:35 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000f5540000  0x365000  C:\Windows\system32\NVSVC64.DLL
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA Driver Helper Service, Version 312.70
	Product:	NVIDIA Driver Helper Service, Version 312.70
	Version:	8.17.13.1270
	File version:	8.17.13.1270
	Create time:	Thu Oct 31 15:54:47 2013

0x00000000f5010000  0x2d7000  C:\Windows\system32\nvapi64.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA NVAPI Library, Version 312.70 
	Product:	NVIDIA Windows drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:09 2013

0x00000000f4690000  0x270000  C:\Windows\system32\NVSVCR.DLL
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA Driver Helper Service, Version 312.70
	Product:	NVIDIA Driver Helper Service, Version 312.70
	Version:	8.17.13.1270
	File version:	8.17.13.1270
	Create time:	Thu Oct 31 16:06:03 2013

0x0000000073710000  0x134000  C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA User Experience Driver Component
	Product:	NVIDIA User Experience Driver Component
	Version:	8.17.13.1270
	File version:	8.17.13.1270
	Create time:	Thu Oct 31 14:35:25 2013

0x0000000070820000  0x19f000  C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA User Experience Driver Component
	Product:	NVIDIA User Experience Driver Component
	Version:	8.17.13.1270
	File version:	8.17.13.1270
	Create time:	Thu Oct 31 14:41:08 2013

------------------------------------------------------------------------------
NisSrv.exe pid: 3904
Command line: "c:\Program Files\Microsoft Security Client\NisSrv.exe"

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
SearchIndexer.exe pid: 4536
Command line: C:\Windows\system32\SearchIndexer.exe /Embedding

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
PresentationFontCache.exe pid: 4492
Command line: C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
LMS.exe pid: 1220
Command line: "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"

Base                Size      Path
0x0000000001300000  0x48000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Local Manageability Service
	Product:	Intel(R) Active Management Technology Local Manageability Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:05:18 2012

0x0000000001300000  0x48000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Local Manageability Service
	Product:	Intel(R) Active Management Technology Local Manageability Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:05:18 2012

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

------------------------------------------------------------------------------
daemonu.exe pid: 3196
Command line: "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"

Base                Size      Path
0x00000000002c0000  0x139000  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA Settings Update Manager
	Product:	NVIDIA Update Components
	Version:	1.11.3.0
	File version:	1.11.3.0
	Create time:	Thu Oct 31 14:34:48 2013

0x00000000002c0000  0x139000  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA Settings Update Manager
	Product:	NVIDIA Update Components
	Version:	1.11.3.0
	File version:	1.11.3.0
	Create time:	Thu Oct 31 14:34:48 2013
0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

------------------------------------------------------------------------------
PsiService_2.exe pid: 3552
Command line: "C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"

Base                Size      Path
0x0000000000400000  0x32000   C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
	Verified:	Protexis Inc.
	Publisher:	Protexis Inc.
	Description:	PsiService PsiService
	Product:	PsiService System Service
	Version:	2.0.1.185
	File version:	2.0.1.185
	Create time:	Thu Mar 11 17:06:03 2010

0x0000000000400000  0x32000   C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
	Verified:	Protexis Inc.
	Publisher:	Protexis Inc.
	Description:	PsiService PsiService
	Product:	PsiService System Service
	Version:	2.0.1.185
	File version:	2.0.1.185
	Create time:	Thu Mar 11 17:06:03 2010

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

------------------------------------------------------------------------------
NASvc.exe pid: 3080
Command line: "C:\Program Files (x86)\Nero\Update\NASvc.exe"

Base                Size      Path
0x0000000001180000  0xbf000   C:\Program Files (x86)\Nero\Update\NASvc.exe
	Verified:	Nero AG
	Publisher:	Nero AG
	Description:	NeroUpdate
	Product:	NeroUpdate
	Version:	11.0.42.0
	File version:	11.0.42.0
	Create time:	Thu Jul 18 10:08:27 2013

0x0000000001180000  0xbf000   C:\Program Files (x86)\Nero\Update\NASvc.exe
	Verified:	Nero AG
	Publisher:	Nero AG
	Description:	NeroUpdate
	Product:	NeroUpdate
	Version:	11.0.42.0
	File version:	11.0.42.0
	Create time:	Thu Jul 18 10:08:27 2013

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

0x0000000071930000  0xf000    C:\Program Files (x86)\Nero\Update\NASvcPS.dll
	Verified:	Nero AG
	Publisher:	Nero AG
	Description:	NeroUpdate PS
	Product:	NeroUpdate
	Version:	11.0.42.0
	File version:	11.0.42.0
	Create time:	Thu Jul 18 10:06:55 2013

------------------------------------------------------------------------------
UNS.exe pid: 3304
Command line: "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"

Base                Size      Path
0x0000000000840000  0x5b000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	User Notification Service
	Product:	Intel(R) Management and Security Application User Notification Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:08 2012

0x0000000000840000  0x5b000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	User Notification Service
	Product:	Intel(R) Management and Security Application User Notification Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:08 2012

0x00000000710f0000  0x127000  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
	Verified:	Intel Corporation
	Publisher:	n/a
	Description:	ACE
	Product:	ACE
	Version:	6.0.0.0
	File version:	6.0.0.0
	Create time:	Thu May 26 07:34:39 2011

0x0000000070c70000  0x130000  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\WsmanClient.dll
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Wsman Client
	Product:	Intel(R) Management and Security Application User Notification Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:06:23 2012

0x0000000071960000  0x11000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\Common.dll
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Common
	Product:	Intel(R) Management and Security Application User Notification Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:05:32 2012

0x0000000071940000  0x1f000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\GmsCommon.dll
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	GMS Common
	Product:	Intel(R) Management and Security Application User Notification Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:05:50 2012

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

0x00000000718f0000  0x1a000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\CONFIGURATOR.dll
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Configurator
	Product:	Intel(R) Management and Security Application User Notification Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:06:43 2012

0x00000000710b0000  0xa000    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\EVENTMANAGER.dll
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Event Manager
	Product:	Intel(R) Management and Security Application User Notification Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:05:57 2012

0x0000000071050000  0x53000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\SOAPSERVERSERVICE.dll
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Soap Server Service
	Product:	Intel(R) Management and Security Application User Notification Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:06:18 2012

0x0000000071030000  0x19000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\PARTIALFWUPDATESERVICE.dll
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Partial FirmWare Update Service
	Product:	Intel(R) Management and Security Application User Notification Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:06:30 2012

0x0000000071020000  0xd000    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\IPREFRESHSERVICE.dll
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	IP Refresh Service
	Product:	Intel(R) Management and Security Application User Notification Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:05:58 2012

0x0000000071010000  0x9000    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\COMEVENTHANDLER.dll
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Com event handler
	Product:	Intel(R) Management and Security Application User Notification Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:16 2012

0x0000000071000000  0xd000    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\HISTORYEVENTHANDLER.dll
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	History Event Handler
	Product:	Intel(R) Management and Security Application User Notification Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:06:02 2012

0x0000000070fe0000  0x20000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\STATUSEVENTHANDLER.dll
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Status Event Handler
	Product:	Intel(R) Management and Security Application User Notification Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:18 2012

0x0000000070b20000  0xd000    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\WMIEVENTHANDLER.dll
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	WMI Event Handler
	Product:	Intel(R) Management and Security Application User Notification Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:06:00 2012

0x0000000070b10000  0xb000    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\WINLOGEVENTHANDLER.dll
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Win Log Event Handler
	Product:	Intel(R) Management and Security Application User Notification Service
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:06:01 2012

------------------------------------------------------------------------------
upeksvr.exe pid: 1808
Command line: "C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe" 

Base                Size      Path
0x0000000040000000  0x18000   C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
	Verified:	AuthenTec, Inc.
	Publisher:	Authentec Inc.
	Description:	Fingerprint Server Process for Vista
	Product:	ThinkVantage Fingerprint Software
	Version:	5.9.9.7281
	File version:	5.9.9.7281
	Create time:	Tue Mar 05 14:53:43 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x0000000030000000  0xcc000   C:\Program Files\ThinkVantage Fingerprint Software\infql2.dll
	Verified:	AuthenTec, Inc.
	Publisher:	Authentec Inc.
	Description:	Infrastructure utility library
	Product:	ThinkVantage Fingerprint Software
	Version:	5.9.9.7281
	File version:	5.9.9.7281
	Create time:	Tue Mar 05 12:41:14 2013

0x0000000031bd0000  0xbe000   C:\Program Files\ThinkVantage Fingerprint Software\provider.dll
	Verified:	AuthenTec, Inc.
	Publisher:	Authentec Inc.
	Description:	Windows Vista and Windows 7 Credential Provider
	Product:	ThinkVantage Fingerprint Software
	Version:	5.9.9.7281
	File version:	5.9.9.7281
	Create time:	Tue Mar 05 14:52:32 2013

0x00000000321a0000  0x204000  C:\Program Files\ThinkVantage Fingerprint Software\qlbase.dll
	Verified:	AuthenTec, Inc.
	Publisher:	Authentec Inc.
	Description:	Common PSQL utility library
	Product:	ThinkVantage Fingerprint Software
	Version:	5.9.9.7281
	File version:	5.9.9.7281
	Create time:	Tue Mar 05 15:45:39 2013

0x0000000030280000  0x3ca000  C:\Program Files\ThinkVantage Fingerprint Software\homepass.dll
	Verified:	AuthenTec, Inc.
	Publisher:	Authentec Inc.
	Description:	LocalPassport
	Product:	ThinkVantage Fingerprint Software
	Version:	5.9.9.7281
	File version:	5.9.9.7281
	Create time:	Tue Mar 05 15:39:05 2013

0x0000000031270000  0x1dd000  C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll
	Verified:	AuthenTec, Inc.
	Publisher:	Authentec Inc.
	Description:	PS QL Logon Kernel
	Product:	ThinkVantage Fingerprint Software
	Version:	5.9.9.7281
	File version:	5.9.9.7281
	Create time:	Tue Mar 05 14:49:15 2013

0x0000000030680000  0x430000  C:\Program Files\ThinkVantage Fingerprint Software\bio.dll
	Verified:	AuthenTec, Inc.
	Publisher:	Authentec Inc.
	Description:	Biometrics support
	Product:	ThinkVantage Fingerprint Software
	Version:	5.9.9.7281
	File version:	5.9.9.7281
	Create time:	Tue Mar 05 13:44:23 2013

0x0000000032800000  0xc7000   C:\Program Files\ThinkVantage Fingerprint Software\bpwb.dll
	Verified:	AuthenTec, Inc.
	Publisher:	Authentec Inc.
	Description:	WinBio Bio Provider
	Product:	ThinkVantage Fingerprint Software
	Version:	5.9.9.7281
	File version:	5.9.9.7281
	Create time:	Tue Mar 05 15:31:35 2013

------------------------------------------------------------------------------
taskhost.exe pid: 2616
Command line: "taskhost.exe"

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
virtscrl.exe pid: 4600
Command line: C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe

Base                Size      Path
0x0000000040000000  0x1e000   C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	Lenovo Auto Scroll Utility
	Product:	Auto Scroll
	Version:	2.0.0.0
	File version:	2.0.0.0
	Create time:	Tue Dec 04 04:12:32 2012

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x0000000080000000  0x26000   C:\PROGRA~1\LENOVO\VIRTSCRL\enlpu.dll
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	Lenovo Patch Utility Handler
	Product:	Auto Scroll
	Version:	1.0.0.0
	File version:	1.0.0.0
	Create time:	Mon Jun 27 22:58:50 2011

------------------------------------------------------------------------------
dwm.exe pid: 3992
Command line: "C:\Windows\system32\Dwm.exe"

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x000000000f000000  0x6000    C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	n/a
	File version:	n/a
	Create time:	Fri Jan 19 15:35:56 2007

0x00000000ed970000  0x56000   C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA d3d9wrap dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	8.17.13.1270
	File version:	8.17.13.1270
	Create time:	Thu Oct 31 14:27:21 2013

0x00000000ee830000  0x3d000   C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA dxgiwrap dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	8.17.13.1270
	File version:	8.17.13.1270
	Create time:	Thu Oct 31 14:27:19 2013

0x00000000f52f0000  0x116000  C:\Windows\system32\nvumdshimx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA D3D Shim Driver, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:33 2013

------------------------------------------------------------------------------
rundll32.exe pid: 4752
Command line: C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook

Base                Size      Path
0x0000000080000000  0x1c000   C:\Program Files\LENOVO\HOTKEY\hotkey.dll
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	OSD library for hotkey detection
	Product:	On screen display
	Version:	1.0.1.0
	File version:	1.0.1.0
	Create time:	Wed Oct 19 04:03:56 2011

------------------------------------------------------------------------------
TPONSCR.exe pid: 4260
Command line: C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay

Base                Size      Path
0x0000000000400000  0x92000   C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	On screen display drawer
	Product:	On Screen Display
	Version:	6.7.3.0
	File version:	6.7.3.0
	Create time:	Thu Sep 13 02:07:57 2012

0x0000000000400000  0x92000   C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	On screen display drawer
	Product:	On Screen Display
	Version:	6.7.3.0
	File version:	6.7.3.0
	Create time:	Thu Sep 13 02:07:57 2012

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

0x0000000010000000  0x22000   C:\PROGRA~1\Lenovo\HOTKEY\enlpu32.dll
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	Lenovo Patch Utility Handler
	Product:	On Screen Display
	Version:	1.0.0.0
	File version:	1.0.0.0
	Create time:	Mon Jun 27 22:58:25 2011

------------------------------------------------------------------------------
shtctky.exe pid: 3540
Command line: C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey

Base                Size      Path
0x000000003f6d0000  0x1b000   C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	ThinkPad Message Receiver for Shortcut Hot Keys
	Product:	On Screen Display
	Version:	1.1.0.0
	File version:	1.1.0.0
	Create time:	Fri Feb 08 00:22:26 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x0000000080000000  0x26000   C:\PROGRA~1\Lenovo\HOTKEY\enlpu.dll
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	Lenovo Patch Utility Handler
	Product:	On Screen Display
	Version:	1.0.0.0
	File version:	1.0.0.0
	Create time:	Mon Jun 27 22:58:48 2011

------------------------------------------------------------------------------
tpnumlkd.exe pid: 3980
Command line: C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe

Base                Size      Path
0x000000003f9e0000  0x37000   C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	NumLock on screen display for ThinkPad
	Product:	On Screen Display
	Version:	1.4.0.0
	File version:	1.4.0.0
	Create time:	Wed Jan 09 04:53:41 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x0000000080000000  0x26000   C:\PROGRA~1\LENOVO\HOTKEY\enlpu.dll
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	Lenovo Patch Utility Handler
	Product:	On Screen Display
	Version:	1.0.0.0
	File version:	1.0.0.0
	Create time:	Mon Jun 27 22:58:48 2011

0x0000000000100000  0x11000   C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.dll
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	NumLock on screen display for ThinkPad
	Product:	On screen display
	Version:	1.0.1.0
	File version:	1.0.1.0
	Create time:	Fri Oct 29 05:48:53 2010

0x00000000eb060000  0x1d000   C:\PROGRA~1\LENOVO\HOTKEY\hlp8.dll
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	Helper dll for shortcut hot key on Windows 8
	Product:	On screen display
	Version:	1.0.1.0
	File version:	1.0.1.0
	Create time:	Fri Sep 14 03:57:02 2012

------------------------------------------------------------------------------
explorer.exe pid: 2832
Command line: C:\Windows\Explorer.EXE

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000ec490000  0x85000   C:\Program Files\Lenovo\SimpleTap DeskBand\DeskBand64.dll
	Verified:	Lenovo Information Products (Shenzhen) Co.,Ltd
	Publisher:	Lenovo
	Description:	DeskBand.dll
	Product:	Lenovo Solution Center Deskband
	Version:	1.1.28.0
	File version:	1.1.28.0
	Create time:	Wed May 15 17:49:10 2013

0x00000000ebe20000  0x665000  C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	ThinkPad Power Manager Background Monitor and Tray Battery Gauge
	Product:	ThinkPad Power Manager
	Version:	1.0.0.0
	File version:	1.0.0.0
	Create time:	Mon Dec 09 04:08:12 2013

0x00000000ebdd0000  0x1f000   C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
	Verified:	Unsigned
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	n/a
	File version:	n/a
	Create time:	Mon Dec 09 04:08:52 2013

0x00000000eb9e0000  0x3ed000  C:\Program Files (x86)\ThinkPad\Utilities\PWMIF64V.Dll
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	ThinkPad Power Manager Low Level Function DLL
	Product:	ThinkPad Power Manager
	Version:	1.0.0.0
	File version:	1.0.0.0
	Create time:	Thu Oct 10 00:08:36 2013

0x0000000080000000  0xd000    C:\Windows\system32\IGFXEXPS.DLL
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Intel Corporation
	Description:	igfxext Module
	Product:	Intel(R) Common User Interface
	Version:	8.15.10.2725
	File version:	8.15.10.2725
	Create time:	Mon Apr 09 12:00:06 2012

0x00000000eb930000  0x9000    C:\Windows\system32\Sensor64.dll
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo.
	Description:	ThinkVantage Active Protection System - Shock Sensor Module
	Product:	ThinkVantage Active Protection System
	Version:	1.78.0.9
	File version:	1.78.0.9
	Create time:	Fri Nov 29 01:32:28 2013

0x00000000f84d0000  0x6d000   C:\Program Files\ThinkPad\Bluetooth Software\btncopy.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	BTNCopy Module
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:13:08 2013

0x00000000df7b0000  0x3f000   C:\Program Files\ThinkPad\Bluetooth Software\btmmhook.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	Multimedia Keys Hook DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:15:24 2013

0x00000000df7f0000  0x24000   C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	KeyBoard Hook DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:11:01 2013

0x00000000f5010000  0x2d7000  C:\Windows\system32\nvapi64.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA NVAPI Library, Version 312.70 
	Product:	NVIDIA Windows drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:09 2013

0x0000000010000000  0x6a000   C:\Program Files (x86)\Beyond Compare 3\BCShellEx64.dll
	Verified:	Scooter Software Inc
	Publisher:	Scooter Software
	Description:	Beyond Compare
	Product:	Beyond Compare Shell Extension
	Version:	3.0.0.0
	File version:	3.0.0.14
0x00000000dc3c0000  0x23d000  C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll
	Verified:	Adobe Systems, Incorporated
	Publisher:	Adobe Systems Inc.
	Description:	Adobe Acrobat Context Menu
	Product:	Adobe Acrobat Elements
	Version:	11.0.0.379
	File version:	11.0.0.379
	Create time:	Sun Sep 23 22:25:28 2012

0x000000006fdb0000  0x13000   C:\Windows\system32\nvshext.dll
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA Display Shell Extension
	Product:	NVIDIA Shell Extensions
	Version:	1.2.0.1
	File version:	1.2.0.1
	Create time:	Thu Oct 31 16:06:37 2013

0x0000000007210000  0x64000   C:\Windows\system32\igfxpph.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Intel Corporation
	Description:	igfxpph Module
	Product:	Intel(R) Common User Interface
	Version:	8.15.10.2725
	File version:	8.15.10.2725
	Create time:	Mon Apr 09 12:00:15 2012

0x00000000070f0000  0x1f000   C:\Windows\system32\hccutils.DLL
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Intel Corporation
	Description:	hccutils Module
	Product:	Intel(R) Common User Interface
	Version:	8.15.10.2725
	File version:	8.15.10.2725
	Create time:	Mon Apr 09 11:59:25 2012

0x00000000072e0000  0x4b000   C:\Windows\system32\igfxrENU.lrc
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Intel Corporation
	Description:	igfxres Module
	Product:	Intel(R) Common User Interface
	Version:	8.15.10.2725
	File version:	8.15.10.2725
	Create time:	Mon Apr 09 11:58:36 2012

0x0000000007400000  0x15000   C:\Windows\system32\igfxsrvc.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Intel Corporation
	Description:	igfxsrvc Module
	Product:	Intel(R) Common User Interface
	Version:	8.15.10.2725
	File version:	8.15.10.2725
	Create time:	Mon Apr 09 11:59:53 2012

0x000000006fd80000  0x28000   C:\Program Files (x86)\StorageCraft\ShadowProtect\sbimgmnt.dll
	Verified:	StorageCraft Technology Corporation
	Publisher:	StorageCraft Technology Corporation
	Description:	StorageCraft ShadowProtect Backup Image Dismount Shell Extension DLL
	Product:	StorageCraft ShadowProtect
	Version:	5.1.5.33811
	File version:	5.0.0.55
	Create time:	Tue Jan 21 13:15:38 2014

0x00000000ee120000  0x108000  C:\Windows\system32\nv3dappshext.dll
	Verified:	NVIDIA Corporation
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA Shell Extensions
	Product:	NVIDIA Shell Extensions
	Version:	8.17.13.1270
	File version:	8.17.13.1270
	Create time:	Thu Oct 31 16:07:02 2013

0x000000000b5c0000  0x107000  C:\Program Files\Windows8FirewallControl\ExplMenu.dll
	Verified:	Unsigned
	Publisher:	Sphinx Software
	Description:	Windows 8 Firewall Control
	Product:	Vista-Wall extended control for Windows 8, Windows 7 and Vista Firewall
	Version:	6.1.9.53
	File version:	6.1.9.53
	Create time:	Mon Sep 30 11:05:42 2013
------------------------------------------------------------------------------
Last edited by Curt@invincea on Mon Mar 17, 2014 10:51 pm, edited 1 time in total.
Reason: Added code formaters

jclarkw
Posts: 85
Joined: Sun Feb 26, 2012 9:47 pm

Re: error message SBIE1408 (Unknown user name SID) every rel

Post by jclarkw » Sat Mar 15, 2014 1:51 am

Code: Select all

PART 3:

RAVCpl64.exe pid: 2228
Command line: "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

Base                Size      Path
0x0000000040000000  0xcf4000  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Realtek Semiconductor
	Description:	Realtek HD Audio Manager
	Product:	Realtek HD Audio Manager
	Version:	1.0.0.865
	File version:	1.0.0.865
	Create time:	Tue May 21 04:17:03 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
RAVBg64.exe pid: 4964
Command line: "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4

Base                Size      Path
0x0000000040000000  0x147000  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Realtek Semiconductor
	Description:	HD Audio Background Process
	Product:	HD Audio Background Process
	Version:	1.0.0.150
	File version:	1.0.0.150
	Create time:	Mon May 20 03:34:30 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x0000000080000000  0x28000   C:\Windows\system32\RtkCfg64.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Realtek Semiconductor Corp.
	Description:	RtkCfg.dll
	Product:	RtkCfg.dll
	Version:	1.0.0.2
	File version:	1.0.0.2
	Create time:	Thu Nov 05 03:02:42 2009

0x000000006f200000  0x3df000  C:\Windows\system32\RtkAPO64.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Realtek Semiconductor Corp.
	Description:	Realtek(r) LFX/GFX DSP component
	Product:	Realtek(r) LFX/GFX DSP component
	Version:	11.0.6000.280
	File version:	11.0.6000.280
	Create time:	Mon Mar 19 22:42:09 2012

------------------------------------------------------------------------------
SynTPEnh.exe pid: 896
Command line: "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" 

Base                Size      Path
0x0000000000400000  0x2cd000  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Synaptics Incorporated
	Description:	Synaptics TouchPad Enhancements
	Product:	Synaptics Pointing Device Driver
	Version:	16.1.1.0
	File version:	16.1.1.0
	Create time:	Fri Apr 06 16:49:19 2012

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x0000000010000000  0xcc000   C:\Windows\system32\SynCOM.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Synaptics Incorporated
	Description:	SynCOM
	Product:	COM SDK
	Version:	16.1.1.0
	File version:	16.1.1.0
	Create time:	Thu Apr 05 22:54:39 2012

0x0000000063010000  0x3c000   C:\Windows\system32\SynTPAPI.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Synaptics Incorporated
	Description:	SynTPAPI
	Product:	Synaptics Pointing Device Driver
	Version:	16.1.1.0
	File version:	16.1.1.0
	Create time:	Fri Apr 06 16:42:44 2012

------------------------------------------------------------------------------
SynTPLpr.exe pid: 5440
Command line: "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"

Base                Size      Path
0x0000000000400000  0x2a000   C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Synaptics Incorporated
	Description:	TouchPad Driver Helper Application
	Product:	Synaptics Pointing Device Driver
	Version:	16.1.1.0
	File version:	16.1.1.0
	Create time:	Fri Apr 06 17:02:22 2012

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x0000000010000000  0xcc000   C:\Windows\system32\SynCOM.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Synaptics Incorporated
	Description:	SynCOM
	Product:	COM SDK
	Version:	16.1.1.0
	File version:	16.1.1.0
	Create time:	Thu Apr 05 22:54:39 2012

0x0000000000330000  0x13000   C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Synaptics Incorporated
	Description:	Synaptics Proxy Server
	Product:	Synaptics Pointing Device Driver
	Version:	16.1.1.0
	File version:	16.1.1.0
	Create time:	Fri Apr 06 16:49:24 2012

------------------------------------------------------------------------------
TpShocks.exe pid: 5564
Command line: "C:\Windows\System32\TpShocks.exe" 

Base                Size      Path
0x0000000040000000  0x64000   C:\Windows\System32\TpShocks.exe
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo.
	Description:	ThinkVantage Active Protection System
	Product:	ThinkVantage Active Protection System
	Version:	1.78.0.11
	File version:	1.78.0.11
	Create time:	Fri Nov 29 04:27:28 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000ee3f0000  0x116000  C:\Windows\system32\NV\igd10umd64.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA D3D Shim Driver, Version 311.00 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1100
	File version:	9.18.13.1100
	Create time:	Thu Jan 10 14:54:46 2013

0x0000000080000000  0x3f000   C:\Program Files\ThinkPad\TpShocks\MUI\0409\TpShocks.dll
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo.
	Description:	ThinkVantage Active Protection System
	Product:	ThinkVantage Active Protection System
	Version:	1.78.0.11
	File version:	1.78.0.11
	Create time:	Fri Nov 29 04:27:49 2013

0x00000000eb930000  0x9000    C:\Windows\System32\Sensor64.dll
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo.
	Description:	ThinkVantage Active Protection System - Shock Sensor Module
	Product:	ThinkVantage Active Protection System
	Version:	1.78.0.9
	File version:	1.78.0.9
	Create time:	Fri Nov 29 01:32:28 2013

------------------------------------------------------------------------------
TpKnrres.exe pid: 5572
Command line: "C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe" 

Base                Size      Path
0x0000000000400000  0x4b000   C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	Communications Utility launcher
	Product:	ThinkVantage Communications Utility
	Version:	3.1.7.0
	File version:	3.1.7.0
	Create time:	Fri Oct 25 00:57:03 2013

0x0000000000400000  0x4b000   C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	Communications Utility launcher
	Product:	ThinkVantage Communications Utility
	Version:	3.1.7.0
	File version:	3.1.7.0
	Create time:	Fri Oct 25 00:57:03 2013

0x0000000074400000  0x1c000   C:\Program Files\Lenovo\Communications Utility\CommFunc.dll
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	Communications Utility Common Library
	Product:	ThinkVantage Communications Utility
	Version:	3.1.7.0
	File version:	3.1.7.0
	Create time:	Fri Oct 25 00:56:46 2013

0x0000000010000000  0xf000    C:\Program Files\Lenovo\Communications Utility\CamDll.dll
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	Camera Control Library
	Product:	ThinkVantage Communications Utility
	Version:	3.1.7.0
	File version:	3.1.7.0
	Create time:	Fri Oct 25 00:56:47 2013

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

0x0000000000250000  0x6000    C:\Program Files\Lenovo\Communications Utility\tpknrdll.dll
	Verified:	LENOVO(JAPAN)LTD.
	Publisher:	Lenovo Group Limited
	Description:	Keyboard detection library
	Product:	ThinkVantage Communications Utility
	Version:	3.1.7.0
	File version:	3.1.7.0
	Create time:	Fri Oct 25 00:56:44 2013

0x00000000003c0000  0x28000   C:\Windows\SysWOW64\5U877.ax
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Ricoh co.,Ltd.
	Description:	Integrated Camera device property page
	Product:	Integrated Camera device property page
	Version:	1.2.1.16
	File version:	1.2.1.16
	Create time:	Tue Feb 07 00:46:27 2012

------------------------------------------------------------------------------
Windows8FirewallControl.exe pid: 5660
Command line: "C:\Program Files\Windows8FirewallControl\Windows8FirewallControl.exe" 

Base                Size      Path
0x0000000040000000  0x1c5000  C:\Program Files\Windows8FirewallControl\Windows8FirewallControl.exe
	Verified:	Unsigned
	Publisher:	Sphinx Software
	Description:	Windows 8 Firewall Control
	Product:	Vista-Wall extended control for Windows 8, Windows 7 and Vista Firewall
	Version:	6.1.9.53
	File version:	6.1.9.53
	Create time:	Mon Sep 30 11:04:07 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
msseces.exe pid: 5676
Command line: "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
hkcmd.exe pid: 5708
Command line: "C:\Windows\System32\hkcmd.exe" 

Base                Size      Path
0x0000000040000000  0x65000   C:\Windows\System32\hkcmd.exe
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Intel Corporation
	Description:	hkcmd Module
	Product:	Intel(R) Common User Interface
	Version:	8.15.10.2725
	File version:	8.15.10.2725
	Create time:	Mon Apr 09 12:00:11 2012

0x0000000080000000  0x1f000   C:\Windows\System32\hccutils.DLL
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Intel Corporation
	Description:	hccutils Module
	Product:	Intel(R) Common User Interface
	Version:	8.15.10.2725
	File version:	8.15.10.2725
	Create time:	Mon Apr 09 11:59:25 2012

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x0000000000320000  0x15000   C:\Windows\system32\igfxsrvc.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Intel Corporation
	Description:	igfxsrvc Module
	Product:	Intel(R) Common User Interface
	Version:	8.15.10.2725
	File version:	8.15.10.2725
	Create time:	Mon Apr 09 11:59:53 2012

0x0000000002b00000  0x4b000   C:\Windows\system32\igfxrENU.lrc
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Intel Corporation
	Description:	igfxres Module
	Product:	Intel(R) Common User Interface
	Version:	8.15.10.2725
	File version:	8.15.10.2725
	Create time:	Mon Apr 09 11:58:36 2012

------------------------------------------------------------------------------
igfxpers.exe pid: 5744
Command line: "C:\Windows\System32\igfxpers.exe" 

Base                Size      Path
0x0000000040000000  0x6f000   C:\Windows\System32\igfxpers.exe
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Intel Corporation
	Description:	persistence Module
	Product:	Intel(R) Common User Interface
	Version:	8.15.10.2725
	File version:	8.15.10.2725
	Create time:	Mon Apr 09 12:00:15 2012

0x0000000080000000  0x1f000   C:\Windows\System32\hccutils.DLL
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Intel Corporation
	Description:	hccutils Module
	Product:	Intel(R) Common User Interface
	Version:	8.15.10.2725
	File version:	8.15.10.2725
	Create time:	Mon Apr 09 11:59:25 2012

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000ee510000  0x116000  C:\Windows\system32\NV\igdumd64.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA D3D Shim Driver, Version 311.00 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1100
	File version:	9.18.13.1100
	Create time:	Thu Jan 10 14:54:46 2013

0x00000000ee3f0000  0x116000  C:\Windows\system32\NV\igd10umd64.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA D3D Shim Driver, Version 311.00 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1100
	File version:	9.18.13.1100
	Create time:	Thu Jan 10 14:54:46 2013

0x0000000000250000  0x15000   C:\Windows\system32\igfxsrvc.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Intel Corporation
	Description:	igfxsrvc Module
	Product:	Intel(R) Common User Interface
	Version:	8.15.10.2725
	File version:	8.15.10.2725
	Create time:	Mon Apr 09 11:59:53 2012

0x0000000000270000  0x1d000   C:\Windows\System32\IccLibDll_x64.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	n/a
	File version:	n/a
	Create time:	Mon Sep 20 06:50:26 2010

0x0000000001d10000  0x4b000   C:\Windows\system32\igfxrENU.lrc
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Intel Corporation
	Description:	igfxres Module
	Product:	Intel(R) Common User Interface
	Version:	8.15.10.2725
	File version:	8.15.10.2725
	Create time:	Mon Apr 09 11:58:36 2012

------------------------------------------------------------------------------
BTTray.exe pid: 5780
Command line: "C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe" 

Base                Size      Path
0x000000003fc20000  0x1e9000  C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	Bluetooth Tray Application
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:05:28 2013

0x00000000f8250000  0x1d000   C:\Program Files\ThinkPad\Bluetooth Software\BtwLeAPI.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	BtwLeAPI
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 14:44:47 2013

0x00000000e9ca0000  0xd6000   C:\Program Files\ThinkPad\Bluetooth Software\btwapi.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	WBTApi DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 14:41:52 2013

0x00000000e9c10000  0x53000   C:\Program Files\ThinkPad\Bluetooth Software\btosif.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	BTOSIF DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 14:40:34 2013

0x00000000e9b70000  0x99000   C:\Program Files\ThinkPad\Bluetooth Software\btwhidcs.DLL
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	Bluetooth HID Power Control Suite dll
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 14:55:03 2013

0x00000000e9ae0000  0x14000   C:\Program Files\ThinkPad\Bluetooth Software\BtBalloon.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	Balloon Tooltip Routine DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 14:55:41 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000e82e0000  0x1778000  C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	btrez DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:26:33 2013

0x00000000df7f0000  0x24000   C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	KeyBoard Hook DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:11:01 2013

0x00000000df7b0000  0x3f000   C:\Program Files\ThinkPad\Bluetooth Software\btmmhook.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	Multimedia Keys Hook DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:15:24 2013

0x00000000df350000  0x245000  C:\Program Files\ThinkPad\Bluetooth Software\BtwCP.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	BtwCP DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:01:01 2013

------------------------------------------------------------------------------
RCIMGDIR.exe pid: 5880
Command line: "C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe" 

Base                Size      Path
0x0000000000400000  0x13000   C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
	Verified:	Unsigned
	Publisher:	Ricoh co.,Ltd.
	Description:	RCIMGDIR
	Product:	RCIMGDIR
	Version:	1.1.0.0
	File version:	1.1.0.0
	Create time:	Thu Oct 30 02:24:25 2008

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
SynTPHelper.exe pid: 5916
Command line: "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" 

Base                Size      Path
0x0000000000400000  0x20000   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Synaptics Incorporated
	Description:	Synaptics Pointing Device Helper
	Product:	Synaptics Pointing Device Driver
	Version:	16.1.1.0
	File version:	16.1.1.0
	Create time:	Thu Apr 05 22:49:31 2012

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
rundll32.exe pid: 5940
Command line: "C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor

Base                Size      Path
0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

------------------------------------------------------------------------------
iusb3mon.exe pid: 5988
Command line: "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" 

Base                Size      Path
0x00000000013e0000  0x4b000   C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Intel(R) USB 3.0 Monitor
	Product:	Intel(R) USB 3.0 Monitor
	Version:	1.0.9.254
	File version:	1.0.9.254
	Create time:	Thu Jul 18 04:42:42 2013

0x00000000013e0000  0x4b000   C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Intel(R) USB 3.0 Monitor
	Product:	Intel(R) USB 3.0 Monitor
	Version:	1.0.9.254
	File version:	1.0.9.254
	Create time:	Thu Jul 18 04:42:42 2013

0x000000006edf0000  0x17000   C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) USB 3.0 Monitor
	Product:	Intel(R) USB 3.0 Monitor
	Version:	1.0.9.254
	File version:	1.0.9.254
	Create time:	Thu Jul 18 04:42:39 2013

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

------------------------------------------------------------------------------
rundll32.exe pid: 6004
Command line: "C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000ebe20000  0x665000  C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	ThinkPad Power Manager Background Monitor and Tray Battery Gauge
	Product:	ThinkPad Power Manager
	Version:	1.0.0.0
	File version:	1.0.0.0
	Create time:	Mon Dec 09 04:08:12 2013

0x00000000ebdd0000  0x1f000   C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
	Verified:	Unsigned
	Publisher:	n/a
	Description:	n/a
	Product:	n/a
	Version:	n/a
	File version:	n/a
	Create time:	Mon Dec 09 04:08:52 2013

0x00000000eb9e0000  0x3ed000  C:\Program Files (x86)\ThinkPad\Utilities\PWMIF64V.Dll
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	ThinkPad Power Manager Low Level Function DLL
	Product:	ThinkPad Power Manager
	Version:	1.0.0.0
	File version:	1.0.0.0
	Create time:	Thu Oct 10 00:08:36 2013

0x0000000080000000  0xd000    C:\Windows\system32\IGFXEXPS.DLL
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Intel Corporation
	Description:	igfxext Module
	Product:	Intel(R) Common User Interface
	Version:	8.15.10.2725
	File version:	8.15.10.2725
	Create time:	Mon Apr 09 12:00:06 2012

0x00000000eb930000  0x9000    C:\Windows\system32\Sensor64.dll
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo.
	Description:	ThinkVantage Active Protection System - Shock Sensor Module
	Product:	ThinkVantage Active Protection System
	Version:	1.78.0.9
	File version:	1.78.0.9
	Create time:	Fri Nov 29 01:32:28 2013

0x0000000002c70000  0x29000   C:\Program Files (x86)\ThinkPad\Utilities\ATM64.DLL
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Japan
	Description:	ATM
	Product:	Lenovo Japan ATM
	Version:	1.3.4.0
	File version:	1.3.4.0
	Create time:	Thu Sep 18 08:20:26 2008

------------------------------------------------------------------------------
acrotray.exe pid: 6132
Command line: "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe" 

Base                Size      Path
0x00000000003a0000  0x35a000  C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
	Verified:	Adobe Systems, Incorporated
	Publisher:	Adobe Systems Inc.
	Description:	AcroTray
	Product:	AcroTray - Adobe Acrobat Distiller helper application.
	Version:	11.0.6.70
	File version:	11.0.6.70
	Create time:	Fri Dec 20 23:33:37 2013

0x00000000003a0000  0x35a000  C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
	Verified:	Adobe Systems, Incorporated
	Publisher:	Adobe Systems Inc.
	Description:	AcroTray
	Product:	AcroTray - Adobe Acrobat Distiller helper application.
	Version:	11.0.6.70
	File version:	11.0.6.70
	Create time:	Fri Dec 20 23:33:37 2013

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

------------------------------------------------------------------------------
pcee4.exe pid: 5280
Command line: "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart

Base                Size      Path
0x0000000000b70000  0x80000   C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
	Verified:	Dolby Laboratories, Inc.
	Publisher:	Dolby Laboratories Inc.
	Description:	Dolby Profile Selector
	Product:	Dolby Profile Selector
	Version:	7.2.8000.17
	File version:	7.2.8000.17
	Create time:	Fri Aug 31 22:19:33 2012

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x000000006c040000  0x10c000  C:\Program Files (x86)\Dolby Home Theater v4\pcee4c.dll
	Verified:	Dolby Laboratories, Inc.
	Publisher:	Dolby Laboratories Inc.
	Description:	Dolby.Pcee.Common
	Product:	Dolby.Pcee.Common
	Version:	7.2.8000.17
	File version:	7.2.8000.17
	Create time:	Fri Aug 31 22:19:25 2012

0x00000000709c0000  0xe000    C:\Program Files (x86)\Dolby Home Theater v4\Dolby.Interop.dll
	Verified:	Dolby Laboratories, Inc.
	Publisher:	Dolby Laboratories Inc.
	Description:	Dolby.Interop
	Product:	Dolby.Interop
	Version:	7.2.8000.17
	File version:	7.2.8000.17
	Create time:	Fri Aug 31 22:20:46 2012

0x00000000f8910000  0x22000   C:\Windows\system32\R4EEA64A.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	Dolby Laboratories
	Description:	Dolby PCEE4 ASL Analog x64
	Product:	Dolby PCEE4 ASL
	Version:	7.2.8000.17
	File version:	7.2.8000.17
	Create time:	Fri Aug 31 21:34:36 2012

0x0000000070af0000  0xa000    C:\Program Files (x86)\Dolby Home Theater v4\en-US\pcee4c.resources.dll
	Verified:	Dolby Laboratories, Inc.
	Publisher:	Dolby Laboratories Inc.
	Description:	Dolby.Pcee.Common
	Product:	Dolby.Pcee.Common
	Version:	7.2.8000.17
	File version:	7.2.8000.17
	Create time:	Fri Aug 31 22:19:26 2012

------------------------------------------------------------------------------
SCHTASK.EXE pid: 5328
Command line: "C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe"

Base                Size      Path
0x0000000001110000  0x22000   C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	Power Manager Power Agenda
	Product:	ScheduledTask
	Version:	1.0.0.1
	File version:	1.0.0.1
	Create time:	Mon Dec 09 04:01:09 2013

0x0000000001110000  0x22000   C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo Group Limited
	Description:	Power Manager Power Agenda
	Product:	ScheduledTask
	Version:	1.0.0.1
	File version:	1.0.0.1
	Create time:	Mon Dec 09 04:01:09 2013

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

------------------------------------------------------------------------------
wmpnetwk.exe pid: 5340
Command line: "C:\Program Files\Windows Media Player\wmpnetwk.exe"

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
rundll32.exe pid: 6112
Command line: "C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook

Base                Size      Path
0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

0x0000000072d10000  0x36000   C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	Multimedia Keys Hook DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 14:23:17 2013

------------------------------------------------------------------------------
BTStackServer.exe pid: 5264
Command line: "C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe" -Embedding

Base                Size      Path
0x000000003f860000  0x686000  C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	Bluetooth Stack COM Server
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 14:53:31 2013

0x00000000e9c10000  0x53000   C:\Program Files\ThinkPad\Bluetooth Software\btosif.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	BTOSIF DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 14:40:34 2013

0x00000000dfea0000  0x32000   C:\Program Files\ThinkPad\Bluetooth Software\BtAudioHelper.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	BtAudioHelper
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 14:44:33 2013

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000df710000  0x91000   C:\Program Files\ThinkPad\Bluetooth Software\btosif_ol.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	BTOSIF Outlook DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 14:54:16 2013

0x00000000dfe40000  0x5d000   C:\Program Files\ThinkPad\Bluetooth Software\btosif_olx.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	BTOSIF Outlook Express DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:10:12 2013

0x00000000df670000  0x78000   C:\Program Files\ThinkPad\Bluetooth Software\btosif_notes.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	BTOSIF Notes DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:11:16 2013

0x00000000e82e0000  0x1778000  C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	btrez DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:26:33 2013

0x00000000df650000  0x12000   C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityLib.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	BtwProximityLib DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:12:49 2013

------------------------------------------------------------------------------
taskeng.exe pid: 5772
Command line: taskeng.exe {E2D950FA-CF96-4EEA-A0D8-665044F8EED2}

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000ee510000  0x116000  C:\Windows\system32\NV\igdumd64.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA D3D Shim Driver, Version 311.00 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1100
	File version:	9.18.13.1100
	Create time:	Thu Jan 10 14:54:46 2013

0x00000000ee3f0000  0x116000  C:\Windows\system32\NV\igd10umd64.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA D3D Shim Driver, Version 311.00 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1100
	File version:	9.18.13.1100
	Create time:	Thu Jan 10 14:54:46 2013

------------------------------------------------------------------------------
MCPLaunch.exe pid: 2880
Command line: "C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe" /start

Base                Size      Path
0x0000000000150000  0x12000   C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
	Verified:	Lenovo Information Products (Shenzhen) Co.,Ltd
	Publisher:	Lenovo
	Description:	Message Center Plus Scheduler
	Product:	Message Center Plus
	Version:	3.1.1.0
	File version:	3.1.1.0
	Create time:	Tue May 15 16:45:07 2012

0x0000000000150000  0x12000   C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
	Verified:	Lenovo Information Products (Shenzhen) Co.,Ltd
	Publisher:	Lenovo
	Description:	Message Center Plus Scheduler
	Product:	Message Center Plus
	Version:	3.1.1.0
	File version:	3.1.1.0
	Create time:	Tue May 15 16:45:07 2012

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

------------------------------------------------------------------------------
PWMDBSVC.exe pid: 3208
Command line: "C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"

Base                Size      Path
0x0000000000e40000  0x1a1000  C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo
	Description:	Power Manager Dynamic Brightness Control Service
	Product:	Power Manager
	Version:	1.0.0.1
	File version:	1.0.0.1
	Create time:	Mon Dec 09 04:17:25 2013

0x0000000000e40000  0x1a1000  C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
	Verified:	Lenovo(Japan)Ltd.
	Publisher:	Lenovo
	Description:	Power Manager Dynamic Brightness Control Service
	Product:	Power Manager
	Version:	1.0.0.1
	File version:	1.0.0.1
	Create time:	Mon Dec 09 04:17:25 2013

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

------------------------------------------------------------------------------
PrivacyIconClient.exe pid: 6692
Command line: "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup

Base                Size      Path
0x0000000000eb0000  0x1c4000  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:33 2012

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000709e0000  0xa000    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\AMT_COM_InterfaceLib.dll
	Verified:	Intel Corporation
	Publisher:	 
	Description:	 
	Product:	Assembly imported from type library 'AMT_COM_InterfaceLib'.
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:09 2012

0x0000000070690000  0x4c000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\zh-TW\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:41 2012

0x0000000070640000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\fr-FR\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:48 2012

0x00000000705f0000  0x50000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\ja-JP\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:53 2012

0x00000000705a0000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\de-DE\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:48 2012

0x0000000070540000  0x52000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\ru-RU\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:59 2012

0x00000000704f0000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\it-IT\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:52 2012

0x00000000704a0000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\es-ES\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:08:00 2012

0x0000000070450000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\pt-BR\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:57 2012

0x0000000070400000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\ko-KR\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:54 2012

0x00000000703b0000  0x4c000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\zh-CN\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:39 2012

0x0000000070360000  0x50000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\ar-SA\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:39 2012

0x0000000070310000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\cs-CZ\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:44 2012

0x00000000702c0000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\da-DK\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:45 2012

0x0000000070260000  0x54000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\el-GR\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:49 2012

0x0000000070210000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\fi-FI\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:47 2012

0x00000000701c0000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\he-IL\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:50 2012

0x0000000070170000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\hu-HU\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:51 2012

0x0000000070120000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\nl-NL\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:46 2012

0x00000000700d0000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\nb-NO\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:55 2012

0x0000000070080000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\pl-PL\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:56 2012

0x0000000070030000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\pt-PT\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:07:58 2012

0x000000006ffe0000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\sk-SK\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:08:01 2012

0x000000006ff90000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\sl-SI\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:08:01 2012

0x000000006ff40000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\sv-SE\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:08:02 2012

0x000000006fee0000  0x54000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\th-TH\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:08:03 2012

0x000000006fe90000  0x4e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\tr-TR\PrivacyIconClient.resources.dll
	Verified:	Unsigned
	Publisher:	Intel Corporation
	Description:	Intel(R) Management and Security Status
	Product:	Intel(R) Management and Security Status
	Version:	8.0.3.1427
	File version:	8.0.3.1427
	Create time:	Tue Feb 21 15:08:04 2012

0x000000006fe10000  0x7e000   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\AMT_SW_GUI.dll
	Verified:	Intel Corporation
	Publisher:	Intel Corporation
	Description:	Library containing UI controls
	Product:	Library containing UI controls
	Version:	1.0.0.60
	File version:	1.0.0.60
	Create time:	Tue Jul 05 11:19:13 2011

------------------------------------------------------------------------------
SbieSvc.exe pid: 7132
Command line: "C:\Program Files\Sandboxie\SbieSvc.exe"

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
SbieCtrl.exe pid: 7160
Command line: "C:\Program Files\Sandboxie\SbieCtrl.exe" /open

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000df7b0000  0x3f000   C:\Program Files\ThinkPad\Bluetooth Software\btmmhook.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	Multimedia Keys Hook DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:15:24 2013

taskeng.exe pid: 6960
Command line: taskeng.exe {8D7F8533-1D37-4B1A-BA89-3A15E4BC7C0D}

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
rundll32.exe pid: 6892
Command line: C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "0x7e4_0x146c_0x8cab58ec"

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
notepad.exe pid: 4648
Command line: "C:\Windows\system32\NOTEPAD.EXE" E:\Willett Movable Folders\My Documents\Computer\Software\ZoneAlarm Extreme Security\Alternatives\Sandboxie\Logs for Sandboxie Error With Internet.txt

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

0x00000000ee510000  0x116000  C:\Windows\system32\NV\igdumd64.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA D3D Shim Driver, Version 311.00 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1100
	File version:	9.18.13.1100
	Create time:	Thu Jan 10 14:54:46 2013

0x00000000ee3f0000  0x116000  C:\Windows\system32\NV\igd10umd64.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA D3D Shim Driver, Version 311.00 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1100
	File version:	9.18.13.1100
	Create time:	Thu Jan 10 14:54:46 2013

0x00000000df7b0000  0x3f000   C:\Program Files\ThinkPad\Bluetooth Software\btmmhook.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	Multimedia Keys Hook DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:15:24 2013

0x00000000df7f0000  0x24000   C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
	Verified:	Broadcom Corporation
	Publisher:	Broadcom Corporation.
	Description:	KeyBoard Hook DLL
	Product:	Bluetooth Software
	Version:	6.5.1.4500
	File version:	6.5.1.4500
	Create time:	Tue May 14 15:11:01 2013

------------------------------------------------------------------------------
cmd.exe pid: 1996
Command line: "C:\Windows\system32\cmd.exe" 

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
conhost.exe pid: 6868
Command line: \??\C:\Windows\system32\conhost.exe "723693107-4405054231957430527-531117122062707270-117072702415920162732058781323

Base                Size      Path
0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013

------------------------------------------------------------------------------
Listdlls.exe pid: 1628
Command line: listdlls  -v 

Base                Size      Path
0x0000000000400000  0x82000   C:\Program Files\Install\Listdlls.exe
	Verified:	Microsoft Corporation
	Publisher:	Sysinternals
	Description:	Listdlls
	Product:	Sysinternals Listdlls
	Version:	3.10.0.0
	File version:	3.10.0.0
	Create time:	Thu Jun 23 16:53:26 2011

0x0000000074f50000  0x35000   C:\Windows\SysWOW64\nvinit.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:29:06 2013

------------------------------------------------------------------------------
Listdlls64.exe pid: 6644
Command line: listdlls  -v 

Base                Size      Path
0x0000000040000000  0x4a000   C:\Program Files\Install\Listdlls64.exe
	Verified:	Unsigned
	Publisher:	Sysinternals
	Description:	Listdlls
	Product:	Sysinternals Listdlls
	Version:	3.10.0.0
	File version:	3.10.0.0
	Create time:	Thu Jun 23 16:53:25 2011

0x00000000fd4a0000  0x40000   C:\Windows\system32\nvinitx.dll
	Verified:	Microsoft Windows Hardware Compatibility Publisher
	Publisher:	NVIDIA Corporation
	Description:	NVIDIA shim initialization dll, Version 312.70 
	Product:	NVIDIA D3D shim drivers
	Version:	9.18.13.1270
	File version:	9.18.13.1270
	Create time:	Thu Oct 31 14:28:59 2013
Last edited by Curt@invincea on Mon Mar 17, 2014 10:52 pm, edited 1 time in total.
Reason: Added code formaters

jclarkw
Posts: 85
Joined: Sun Feb 26, 2012 9:47 pm

Re: error message SBIE1408 (Unknown user name SID) every rel

Post by jclarkw » Mon Mar 17, 2014 3:12 pm

Curt@invincea wrote:Take a look at the suggestions in this post http://forums.sandboxie.com/phpBB3/view ... 668#p99668
>>Change SbieCtrl so it does not start when Windows starts. Change SbieSvc so it is manual start. Then restart your system. Wait several minutes before manually starting SbieSvc. Then wait a few more minutes before starting SbieCtrl. Does it start without errors this way?<<

The result from this test (assuming I did it correctly) -- see my message posted Thu Mar 13, 2014 5:41 pm -- is puzzling to me. The problem cannot be only during boot-up because, as I said, it also occurs in my Standard User account when I manually start Sandboxie well after Windows has booted. I don't know the normal start-up sequence for Sandboxie, but do we just need to delay the start-up of SbieCtrl, or advance the start-up of SbieSvc, so that the latter has time to get fully running before the former starts? -- jclarkw

Curt@invincea
Sandboxie Lead Developer
Sandboxie Lead Developer
Posts: 1666
Joined: Fri Jan 17, 2014 5:21 pm
Contact:

Re: error message SBIE1408 (Unknown user name SID) every rel

Post by Curt@invincea » Mon Mar 17, 2014 10:40 pm

Actually, I just wanted ListDlls run on SbieSvc ( "listdlls -v sbiesvc>list.txt"). ListDlls with no process name lists all dlls loaded into all processes. :shock:

But, that is OK :) . I can get a good idea of what else is on your system and I can see that nothing (no 3rd party app) is injected into SbieSvc. Your listing also shows that SbieSvc is running. But for some reason, SbieSvc is stuck somewhere during its startup.

For this test, you want to delay the start of SbieSvc, and the start of SbieCtrl to see if there is some kind of race condition. SbieSvc has to start before SbieCtrl. We want to give Windows a few minutes to complete all of its startup after booting. Then start SbieSvc and give it plenty of time (a few minutes) to start, then start SbieCtrl to see if these errors go away.

jclarkw
Posts: 85
Joined: Sun Feb 26, 2012 9:47 pm

Re: error message SBIE1408 (Unknown user name SID) every rel

Post by jclarkw » Tue Mar 18, 2014 10:53 am

Curt@invincea wrote:For this test, you want to delay the start of SbieSvc, and the start of SbieCtrl to see if there is some kind of race condition. SbieSvc has to start before SbieCtrl. We want to give Windows a few minutes to complete all of its startup after booting. Then start SbieSvc and give it plenty of time (a few minutes) to start, then start SbieCtrl to see if these errors go away.
Curt -- Sorry about the wasted effort with ListDlls (on both our parts!). Anyhow I think I already did the test that you're requesting, but it got folded into your collapsed listings attached to my earlier posts. (That's why I asked the question in yesterday's post.) Here's a quote from my earlier post:


"2) >>Change SbieCtrl so it does not start when Windows starts. Change SbieSvc so it is manual start. Then restart your system. Wait several minutes before manually starting SbieSvc. Then wait a few more minutes before starting SbieCtrl. Does it start without errors this way?<<

"I did this from my Standard User account (again with a full shutdown and restart), since SbieCtrl does not start up automatically there. After rebooting [and waiting as you instructed], I first verified that neither SbieCtrl nor SbieSvc was running. Then I started the service and waited. Then I started Sandboxie from Start>All Programs>Sandboxie>Sandboxie Control and waited -- NO error message from Sandboxie this time. (I did not capture the logs again.)"


Does this accomplish your test? -- jclarkw
Last edited by jclarkw on Tue Mar 18, 2014 3:51 pm, edited 1 time in total.

Guest10
Posts: 5136
Joined: Sun Apr 27, 2008 5:24 pm
Location: Ohio, USA

Re: error message SBIE1408 (Unknown user name SID) every rel

Post by Guest10 » Tue Mar 18, 2014 2:47 pm

Sorry if this doesn't relate to the current discussion, but talk about starting the service sooner rather than later reminds me of a Registry sub-key addition that tzuk made, so that the service starts sooner.
http://forums.sandboxie.com/phpBB3/view ... oup#p51205
I haven't read about any problems since he added that Registry sub-key.

In HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbieSvc, tzuk added the "Group" sub-key, and gave it the value of "UIGroup", for the sole purpose of starting the Sandboxie service a little bit sooner at boot up.
I know that he had to make a change in Sandboxie when he added this additional key, because adding that sub-key initially caused me to receive some error messages - as mentioned in my post in the above thread.
Paul
Win 10 Home 64-bit (w/admin rights) - Zone Alarm Pro Firewall, MalwareBytes Premium A/V, Firefox, Thunderbird
Sandboxie user since March 2007

jclarkw
Posts: 85
Joined: Sun Feb 26, 2012 9:47 pm

Re: error message SBIE1408 (Unknown user name SID) every rel

Post by jclarkw » Tue Mar 18, 2014 3:49 pm

Guest10 wrote:Sorry if this doesn't relate to the current discussion, but talk about starting the service sooner rather than later reminds me of a Registry sub-key addition that tzuk made, so that the service starts sooner.
http://forums.sandboxie.com/phpBB3/view ... oup#p51205...
Does sound relevant, although this thread apparently began back in the XP era. As I read Tzuk's comments, the registry key is aimed at slowing down logon (and consequent start-up of the control) rather than speeding up service start. In any case Tzuk's last statement in that thread suggests that the registry key has already been placed by the current installer (Sandboxie 4.08 64-bit).

Reading this other thread reminds me of something else I don't understand, however: Since the control does **not** start automatically at login to my Standard User account (we're talking 64-bit Win7 Pro SP1 here), the service (which **does** start automatically, presumably during boot) is already running. So why do I get the error message when I start Sandboxie manually after logon to this account? (Note that Curt's test above shows that starting **both** the service **and then** the control manually does not produce the error. This makes it seem that start-up of the service before logon somehow causes the problem...)

I hope Curt can diagnose and cure this problem (assuming it's actually a problem -- Sandboxie **seems** to be running normally after the error, though I'm not sure how I would prove this). -- jclarkw

Curt@invincea
Sandboxie Lead Developer
Sandboxie Lead Developer
Posts: 1666
Joined: Fri Jan 17, 2014 5:21 pm
Contact:

Re: error message SBIE1408 (Unknown user name SID) every rel

Post by Curt@invincea » Tue Mar 18, 2014 6:43 pm

Without being able to reproduce this problem, it is going to be difficult to fix. There is some kind of race condition between Windows, SbieSvc, and SbieCtrl.

jclarkw, are you completely logging off one account and into another or are you using fast-user switching?

Post Reply

Who is online

Users browsing this forum: No registered users and 10 guests