Process PID CPU Description Company Name System Idle Process 0 96.97 Interrupts n/a Hardware Interrupts DPCs n/a Deferred Procedure Calls System 4 smss.exe 412 Windows NT Session Manager Microsoft Corporation csrss.exe 468 Client Server Runtime Process Microsoft Corporation winlogon.exe 492 Windows NT Logon Application Microsoft Corporation services.exe 536 Services and Controller app Microsoft Corporation svchost.exe 716 Generic Host Process for Win32 Services Microsoft Corporation gcasDtServ.exe 2716 Microsoft AntiSpyware Data Service Microsoft Corporation svchost.exe 764 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 816 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 888 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 952 Generic Host Process for Win32 Services Microsoft Corporation spoolsv.exe 1104 Spooler SubSystem App Microsoft Corporation CrypServ.exe 1320 kavsvc.exe 1392 MDM.EXE 1432 Machine Debug Manager Microsoft Corporation nvsvc32.exe 1456 NVIDIA Driver Helper Service, Version 66.93 NVIDIA Corporation SMAgent.exe 1504 SoundMAX service agent component Analog Devices, Inc. wdfmgr.exe 1528 Windows User Mode Driver Manager Microsoft Corporation alg.exe 1904 Application Layer Gateway Service Microsoft Corporation lsass.exe 548 LSA Shell (Export Version) Microsoft Corporation explorer.exe 1388 Windows Explorer Microsoft Corporation SMTray.exe 352 SoundMAX System Tray Analog Devices, Inc. sm56hlpr.exe 456 SM56 Win32 Utility Motorola Inc. hpztsb04.exe 464 HP jusched.exe 452 Java(TM) 2 Platform Standard Edition binary Sun Microsystems, Inc. PDVDServ.exe 552 PowerDVD RC Service Cyberlink Corp. DAP.exe 704 Download Accelerator Plus SpeedBit Ltd. kav.exe 724 fppdis2a.exe 896 FinePrint pdfFactory FinePrint Software, LLC OESpamTest.exe 916 OE SpamTest DLL loader Ashmanov & Partners TaskSwitch.exe 988 gcasServ.exe 1020 Microsoft AntiSpyware Service Microsoft Corporation rundll32.exe 1096 Run a DLL as an App Microsoft Corporation ctfmon.exe 1172 CTF Loader Microsoft Corporation MailSkinner.exe 1264 MailSkinPlugin WinCinemaMgr.exe 2564 WinCinema Manager KAVPF.exe 2588 Kaspersky Anti-Hacker Kaspersky Labs PowerMenu.exe 2676 PowerMenu Thong Nguyen WATCH.exe 2824 Watch Dog Common Group procexp.exe 3604 3.03 Sysinternals Process Explorer Sysinternals wcmdmgr.exe 1024 wcmdmgr WildTangent, Inc. Process: wcmdmgr.exe Pid: 1024 Type Name Directory \BaseNamedObjects Mutant \BaseNamedObjects\_!MSFTHISTORY!_ Mutant \BaseNamedObjects\c:!documents and settings!jovan!cookies! Mutant \BaseNamedObjects\c:!documents and settings!jovan!local settings!history!history.ie5! Mutant \BaseNamedObjects\c:!documents and settings!jovan!local settings!temporary internet files!content.ie5! Section \BaseNamedObjects\C:_Documents and Settings_jovan_Cookies_index.dat_16384 Section \BaseNamedObjects\C:_Documents and Settings_jovan_Local Settings_History_History.IE5_index.dat_32768 Section \BaseNamedObjects\C:_Documents and Settings_jovan_Local Settings_Temporary Internet Files_Content.IE5_index.dat_32768 Section \BaseNamedObjects\CiceroSharedMemDefaultS-1-5-21-861567501-764733703-725345543-1003 Event \BaseNamedObjects\crypt32LogoffEvent Mutant \BaseNamedObjects\CTF.Asm.MutexDefaultS-1-5-21-861567501-764733703-725345543-1003 Mutant \BaseNamedObjects\CTF.Compart.MutexDefaultS-1-5-21-861567501-764733703-725345543-1003 Mutant \BaseNamedObjects\CTF.Layouts.MutexDefaultS-1-5-21-861567501-764733703-725345543-1003 Mutant \BaseNamedObjects\CTF.LBES.MutexDefaultS-1-5-21-861567501-764733703-725345543-1003 Mutant \BaseNamedObjects\CTF.TMD.MutexDefaultS-1-5-21-861567501-764733703-725345543-1003 Section \BaseNamedObjects\dorasmonitor Section \BaseNamedObjects\dorasmonitor Section \BaseNamedObjects\noautodial Section \BaseNamedObjects\noautodial Section \BaseNamedObjects\rasmonattempt Section \BaseNamedObjects\rasmonattempt Section \BaseNamedObjects\rasmondb Section \BaseNamedObjects\rasmondb Mutant \BaseNamedObjects\RasPbFile Section \BaseNamedObjects\SENS Information Cache Semaphore \BaseNamedObjects\shell.{210A4BA0-3AEA-1069-A2D9-08002B30309D} Semaphore \BaseNamedObjects\shell.{A48F1A32-A340-11D1-BC6B-00A0C90312E1} Section \BaseNamedObjects\UrlZonesSM_jovan Section \BaseNamedObjects\WildTangentMemoryUpdater1.5 Mutant \BaseNamedObjects\WininetConnectionMutex Mutant \BaseNamedObjects\WininetProxyRegistryMutex Mutant \BaseNamedObjects\WininetStartupMutex Desktop \Default File \Device\Ip File \Device\Ip File \Device\Ip File \Device\KsecDD File \Device\NamedPipe\ROUTER File \Device\NamedPipe\ROUTER File \Device\Tcp File \Device\Tcp File \Device\Tcp KeyedEvent \KernelObjects\CritSecOutOfMemoryEvent Directory \KnownDlls Directory \Windows WindowStation \Windows\WindowStations\WinSta0 WindowStation \Windows\WindowStations\WinSta0 File C:\Documents and Settings\jovan File C:\Documents and Settings\jovan\Cookies\index.dat File C:\Documents and Settings\jovan\Local Settings\History\History.IE5\index.dat File C:\Documents and Settings\jovan\Local Settings\Temporary Internet Files\Content.IE5\index.dat File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b Key HKCU Key HKCU\Software\Classes Key HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings Key HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap Key HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap Key HKLM Key HKLM\SOFTWARE\Microsoft\Tracing\RASAPI32 Key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 Key HKLM\SYSTEM\ControlSet001\Services\NetBT\Parameters Key HKLM\SYSTEM\ControlSet001\Services\NetBT\Parameters\Interfaces Key HKLM\SYSTEM\ControlSet001\Services\Tcpip\Linkage Key HKLM\SYSTEM\ControlSet001\Services\Tcpip\Parameters Key HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5 Key HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9 Thread wcmdmgr.exe(1024): 1132 Thread wcmdmgr.exe(1024): 1316 Thread wcmdmgr.exe(1024): 1328 Thread wcmdmgr.exe(1024): 1328 Thread wcmdmgr.exe(1024): 1328 Thread wcmdmgr.exe(1024): 2140 Thread wcmdmgr.exe(1024): 2684