Process	PID	CPU	Description	Company Name
System Idle Process	0			
 Interrupts	n/a		Hardware Interrupts	
 DPCs	n/a		Deferred Procedure Calls	
 System	4			
  SMSS.EXE	724		Windows NT Session Manager	Microsoft Corporation
   CSRSS.EXE	800		Client Server Runtime Process	Microsoft Corporation
   WINLOGON.EXE	824		Windows NT Logon Application	Microsoft Corporation
    SERVICES.EXE	868	0.94	Services and Controller app	Microsoft Corporation
     ATI2EVXX.EXE	1024			
     SVCHOST.EXE	1040		Generic Host Process for Win32 Services	Microsoft Corporation
     SVCHOST.EXE	1112		Generic Host Process for Win32 Services	Microsoft Corporation
     SVCHOST.EXE	1152		Generic Host Process for Win32 Services	Microsoft Corporation
     SVCHOST.EXE	1224		Generic Host Process for Win32 Services	Microsoft Corporation
     SVCHOST.EXE	1320		Generic Host Process for Win32 Services	Microsoft Corporation
     SPOOLSV.EXE	1728		Spooler SubSystem App	Microsoft Corporation
     ccEvtMgr.exe	1876		Event Manager Service	Symantec Corporation
     Ctsvccda.exe	1896		Creative Service for CDROM Access	Creative Technology Ltd
     Navapsvc.exe	1936		Norton AntiVirus Auto-Protect Service	Symantec Corporation
     SVCHOST.EXE	352		Generic Host Process for Win32 Services	Microsoft Corporation
     WDFMGR.EXE	484		Windows User Mode Driver Manager	Microsoft Corporation
     SymWSC.exe	644		Norton Security Center Service	Symantec Corporation
     ALG.EXE	2084		Application Layer Gateway Service	Microsoft Corporation
    LSASS.EXE	880		LSA Shell (Export Version)	Microsoft Corporation
    ATI2EVXX.EXE	1644			
EXPLORER.EXE	1776		Windows Explorer	Microsoft Corporation
 ATIPTAXX.EXE	240		ATI Desktop Control Panel	ATI Technologies, Inc.
 ccApp.exe	308	0.94	Common Client CC App	Symantec Corporation
 MSMSGS.EXE	664	0.94	Windows Messenger	Microsoft Corporation
 procexp.exe	1300	4.72	Sysinternals Process Explorer	Sysinternals
 WMPLAYER.EXE	3972	92.45	Windows Media Player	Microsoft Corporation

Process: procexp.exe Pid: 1300

Type	Name
Desktop	\Default
Directory	\Windows
Directory	\BaseNamedObjects
Directory	\KnownDlls
Event	\BaseNamedObjects\CLR_PerfMon_DoneEnumEvent
Event	\BaseNamedObjects\CLR_PerfMon_StartEnumEvent
Event	\BaseNamedObjects\CorDBIPCSetupSyncEvent_1300
Event	\BaseNamedObjects\CorDBDebuggerAttachedEvent_1300
Event	\KernelObjects\LowMemoryCondition
Event	\BaseNamedObjects\crypt32LogoffEvent
Event	\BaseNamedObjects\userenv:  User Profile setup event
File	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9
File	\Device\PROCEXP90
File	\Device\Tcp
File	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9
File	\Device\Tcp
File	\Device\Ip
File	\Device\Ip
File	\Device\Ip
File	C:\Documents and Settings\Charley\Local Settings\Application Data\ApplicationHistory\procexp.exe.dd20b6f6.ini.inuse
File	C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\CONFIG\security.config.cch
File	C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\CONFIG\enterprisesec.config.cch
File	C:\Documents and Settings\Charley\Application Data\Microsoft\CLR Security Config\v1.0.3705\security.config.cch
File	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9
File	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9
File	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9
File	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9
File	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9
File	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9
File	\Dfs
File	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82
File	\Device\NamedPipe\lsarpc
File	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9
File	\Device\NamedPipe\samr
File	\Device\KsecDD
File	C:\Documents and Settings\Charley\Desktop\
File	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9
File	C:\Documents and Settings\Charley\Local Settings\Temp\Perflib_Perfdata_514.dat
Key	HKLM\SYSTEM\ControlSet001\Services\TapiSrv\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\Tcpip\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\TermService\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\WmiApRpl\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\Tcpip\Linkage
Key	HKLM\SYSTEM\ControlSet001\Services\Tcpip\Parameters
Key	HKLM\SYSTEM\ControlSet001\Services\NetBT\Parameters\Interfaces
Key	HKLM\SYSTEM\ControlSet001\Services\NetBT\Parameters
Key	HKLM
Key	HKLM\SYSTEM\ControlSet001\Services\.NET CLR Data\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\.NET CLR Networking\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\.NETFramework\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\ContentFilter\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\ContentIndex\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\ISAPISearch\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\PerfDisk\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\PerfNet\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\PerfOS\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\PerfProc\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\PSched\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\RemoteAccess\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\RSVP\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\Spooler\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\TapiSrv\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\Tcpip\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\TermService\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\WmiApRpl\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9
Key	HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5
Key	HKCU\Software\Classes
Key	HKCR
Key	HKCU\Software\Classes
Key	HKLM\SOFTWARE\Microsoft\COM3
Key	HKU
Key	HKCR
Key	HKU
Key	HKLM\SOFTWARE\Microsoft\COM3
Key	HKLM\SOFTWARE\Microsoft\COM3
Key	HKCR\CLSID
Key	HKCR
Key	HKLM\SOFTWARE\Microsoft\COM3
Key	HKU
Key	HKLM\SOFTWARE\Microsoft\COM3
Key	HKLM\SOFTWARE\Microsoft\COM3
Key	HKCR\CLSID
Key	HKCR\CLSID\{047A9A40-657E-11D3-8D5B-00104B35E7EF}\InprocServer32
Key	HKCU\Software\Classes
Key	HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer
Key	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
Key	HKCU\Software\Classes
Key	HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Key	HKLM\SYSTEM\ControlSet001\Control\NetworkProvider\HwOrder
Key	HKCU\Software\Classes
Key	HKCU\Software\Microsoft\Windows\ShellNoRoam
Key	HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache
Key	HKCU\Software\Classes
Key	HKCU\Software\Classes
Key	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\World Full Access Shared Parameters
Key	HKCU\Software\Classes
Key	HKCU\Software\Classes
Key	HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Key	HKCU\Software\Classes
Key	HKCU\Software\Classes
Key	HKCU\Software\Classes
Key	HKCU\Software\Classes
Key	HKCU\Software\Classes
Key	HKCU\Software\Classes
Key	HKCU\Software\Classes
Key	HKCU\Software\Classes
Key	HKCU\Software\Classes
Key	HKCU\Software\Classes
Key	HKCU\Software\Classes
Key	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
Key	HKCU
Key	HKCU\Software\Sysinternals\Process Explorer
Key	HKLM\SYSTEM\ControlSet001\Services\.NET CLR Data\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\.NET CLR Networking\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\.NETFramework\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\ContentFilter\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\ContentIndex\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\ISAPISearch\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\PerfDisk\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\PerfNet\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\PerfOS\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\PerfProc\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\PSched\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\RemoteAccess\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\RSVP\Performance
Key	HKLM\SYSTEM\ControlSet001\Services\Spooler\Performance
KeyedEvent	\KernelObjects\CritSecOutOfMemoryEvent
Mutant	\BaseNamedObjects\TapiSrv_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\Tcpip_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\TermService_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\WmiApRpl_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\ShimCacheMutex
Mutant	\BaseNamedObjects\.NET CLR Data_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\.NET CLR Networking_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\.NETFramework_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\ContentFilter_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\ContentIndex_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\ISAPISearch_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\PerfDisk_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\PerfNet_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\PerfOS_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\PerfProc_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\PSched_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\RemoteAccess_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\RSVP_Perf_Library_Lock_PID_514
Mutant	\BaseNamedObjects\Spooler_Perf_Library_Lock_PID_514
Port	\RPC Control\OLEFEB3CE112DA346DE82003B68ECBF
Process	procexp.exe(1300)
Process	procexp.exe(1300)
Process	procexp.exe(1300)
Process	procexp.exe(1300)
Process	procexp.exe(1300)
Process	procexp.exe(1300)
Process	procexp.exe(1300)
Process	procexp.exe(1300)
Process	procexp.exe(1300)
Process	procexp.exe(1300)
Process	procexp.exe(1300)
Process	procexp.exe(1300)
Section	\BaseNamedObjects\ShimSharedMemory
Section	\BaseNamedObjects\Cor_Private_IPCBlock_1300
Section	\BaseNamedObjects\SharedPerfIPCBlock
Section	\BaseNamedObjects\SharedPerfIPCBlock
Section	\BaseNamedObjects\Cor_Private_IPCBlock_1300
Section	\BaseNamedObjects\netfxcustomperfcounters.1.0
Section	\BaseNamedObjects\_nlsplus_culture_1_0_3127_nlp
Section	\BaseNamedObjects\_nlsplus_sorttbls_1_0_3310_nlp
Section	\BaseNamedObjects\_nlsplus_sortkey_1_0_3310_nlp
Section	\BaseNamedObjects\_nlsplus_charinfo_nlp
Section	\BaseNamedObjects\_nlsplus_l_intl_nlp
Section	\BaseNamedObjects\_nlsplus_l_except_nlp
Section	\BaseNamedObjects\Perflib_Perfdata_514
Semaphore	\BaseNamedObjects\shell.{210A4BA0-3AEA-1069-A2D9-08002B30309D}
Semaphore	\BaseNamedObjects\PowerProfileRegistrySemaphore
Semaphore	\BaseNamedObjects\shell.{A48F1A32-A340-11D1-BC6B-00A0C90312E1}
Semaphore	\BaseNamedObjects\shell.{090851A5-EB96-11D2-8BE4-00C04FA31A66}
Semaphore	\BaseNamedObjects\shell.{7CB834F0-527B-11D2-9D1F-0000F805CA57}
Semaphore	\BaseNamedObjects\shell.{A48F1A32-A340-11D1-BC6B-00A0C90312E1}
Thread	procexp.exe(1300): 1092
Thread	procexp.exe(1300): 2160
Thread	procexp.exe(1300): 2188
Thread	procexp.exe(1300): 256
Thread	procexp.exe(1300): 1636
Thread	procexp.exe(1300): 256
Thread	procexp.exe(1300): 708
Thread	procexp.exe(1300): 708
Thread	procexp.exe(1300): 708
Thread	procexp.exe(1300): 1808
Thread	procexp.exe(1300): 3524
Thread	procexp.exe(1300): 2380
Thread	procexp.exe(1300): 4004
Thread	procexp.exe(1300): 3580
Thread	procexp.exe(1300): 256
Token	PREFERRE-8CAC50\Charley
WindowStation	\Windows\WindowStations\WinSta0
WindowStation	\Windows\WindowStations\WinSta0