USING PROCESS EXPLORER
by Carver Smith

You have an option of replacing Task Manager with Process Explorer by clicking the Options button and checking Replace Task Manager.
To get more information about "things."

(To turn it off, it will say, Restore Task Manager)

Click View
Click on Select Columns (At the bottom)
Check boxes that should be checked
Process name
Description
Company name
Command line

Check the DLL TAB
Check the Path box so it has a check mark

Check the Process memory tab
Check the Working set size box
Click OK

Click View again
Check Show lower pane so it has a check mark

Click Lower Pane View
Select dll so it has a check mark

Things That Are Suspicious
Running from temp or windows\temp or dll in temp folder
Nonsensical name