Handle v3.2 Copyright (C) 1997-2006 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ speedfan.exe pid: 1688 FASTONE\Administrator 4: Section 8: Event C: Event 10: Event 14: Directory \KnownDlls 18: File (RW-) C:\Program Files\SpeedFan 1C: Directory \Windows 20: Event 24: Port 28: Section 2C: Event 30: WindowStation \Windows\WindowStations\WinSta0 34: Desktop \Default 38: WindowStation \Windows\WindowStations\WinSta0 3C: Key HKLM 40: File (---) \Device\KsecDD 44: Directory \BaseNamedObjects 48: Event 4C: Key HKCU 50: Semaphore 54: Event 58: Key HKLM\SYSTEM\ControlSet001\Control\NetworkProvider\HwOrder 5C: Semaphore 60: Semaphore 64: Event 68: Event 6C: Key HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\DRIVERS32 70: Event \BaseNamedObjects\in_hook_event 74: Event 78: Event 7C: Event 80: Event 84: Event 88: Thread speedfan.exe(1688): 1684 8C: Event 90: Key HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9 94: Event 98: Key HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5 9C: Event A0: Event \BaseNamedObjects\userenv: User Profile setup event A4: Event A8: Event AC: Event B0: IoCompletion B4: IoCompletion B8: Event BC: Thread speedfan.exe(1688): 1684 C0: Event \BaseNamedObjects\crypt32LogoffEvent C4: File (---) \Device\KsecDD C8: Event CC: Thread speedfan.exe(1688): 1908 D0: Mutant \BaseNamedObjects\Access_ISABUS.HTP.Method D4: Mutant \BaseNamedObjects\Access_SMBUS.HTP.Method D8: Event DC: Mutant \BaseNamedObjects\SMD.MSAA.UniqueVal.Henry E0: Event E4: Key HKCU E8: Semaphore \BaseNamedObjects\shell.{210A4BA0-3AEA-1069-A2D9-08002B30309D} EC: Event F0: Event F4: Event F8: Mutant FC: Key HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\PERFLIB 100: Event 104: File (RW-) C:\WINNT\system32\Perflib_Perfdata_698.dat 108: Section \BaseNamedObjects\Perflib_Perfdata_698 10C: Event 110: Port 114: Event 118: Event 11C: Key HKLM\SYSTEM\ControlSet001\Services\.NET CLR Data\Performance 120: Mutant \BaseNamedObjects\.NET CLR Data_Perf_Library_Lock_PID_698 124: Key HKLM\SYSTEM\ControlSet001\Services\.NET CLR Networking\Performance 128: Mutant \BaseNamedObjects\.NET CLR Networking_Perf_Library_Lock_PID_698 12C: Key HKLM\SYSTEM\ControlSet001\Services\.NET Data Provider for Oracle\Performance 130: Mutant \BaseNamedObjects\.NET Data Provider for Oracle_Perf_Library_Lock_PID_698 134: Key HKLM\SYSTEM\ControlSet001\Services\.NET Data Provider for SqlServer\Performance 138: Mutant \BaseNamedObjects\.NET Data Provider for SqlServer_Perf_Library_Lock_PID_698 13C: Key HKLM\SYSTEM\ControlSet001\Services\.NETFramework\Performance 140: Mutant \BaseNamedObjects\.NETFramework_Perf_Library_Lock_PID_698 144: Key HKLM\SYSTEM\ControlSet001\Services\ASP.NET\Performance 148: Mutant \BaseNamedObjects\ASP.NET_Perf_Library_Lock_PID_698 14C: Key HKLM\SYSTEM\ControlSet001\Services\ASP.NET_1.1.4322\Performance 150: Mutant \BaseNamedObjects\ASP.NET_1.1.4322_Perf_Library_Lock_PID_698 154: Key HKLM\SYSTEM\ControlSet001\Services\ASP.NET_2.0.50727\Performance 158: Mutant \BaseNamedObjects\ASP.NET_2.0.50727_Perf_Library_Lock_PID_698 15C: Key HKLM\SYSTEM\ControlSet001\Services\aspnet_state\Performance 160: Mutant \BaseNamedObjects\aspnet_state_Perf_Library_Lock_PID_698 164: Key HKLM\SYSTEM\ControlSet001\Services\ContentFilter\Performance 168: Mutant \BaseNamedObjects\ContentFilter_Perf_Library_Lock_PID_698 16C: Key HKLM\SYSTEM\ControlSet001\Services\ContentIndex\Performance 170: Mutant \BaseNamedObjects\ContentIndex_Perf_Library_Lock_PID_698 174: Key HKLM\SYSTEM\ControlSet001\Services\Fax\Performance 178: Mutant \BaseNamedObjects\Fax_Perf_Library_Lock_PID_698 17C: Key HKLM\SYSTEM\ControlSet001\Services\IAS\Performance 180: Mutant \BaseNamedObjects\IAS_Perf_Library_Lock_PID_698 184: Key HKLM\SYSTEM\ControlSet001\Services\ISAPISearch\Performance 188: Mutant \BaseNamedObjects\ISAPISearch_Perf_Library_Lock_PID_698 18C: Key HKLM\SYSTEM\ControlSet001\Services\MSDTC\Performance 190: Mutant \BaseNamedObjects\MSDTC_Perf_Library_Lock_PID_698 194: Key HKLM\SYSTEM\ControlSet001\Services\PerfDisk\Performance 198: Mutant \BaseNamedObjects\PerfDisk_Perf_Library_Lock_PID_698 19C: Key HKLM\SYSTEM\ControlSet001\Services\PerfNet\Performance 1A0: Mutant \BaseNamedObjects\PerfNet_Perf_Library_Lock_PID_698 1A4: Key HKLM\SYSTEM\ControlSet001\Services\PerfOS\Performance 1A8: Mutant \BaseNamedObjects\PerfOS_Perf_Library_Lock_PID_698 1AC: Key HKLM\SYSTEM\ControlSet001\Services\PerfProc\Performance 1B0: Mutant \BaseNamedObjects\PerfProc_Perf_Library_Lock_PID_698 1B4: Key HKLM\SYSTEM\ControlSet001\Services\RemoteAccess\Performance 1B8: Mutant \BaseNamedObjects\RemoteAccess_Perf_Library_Lock_PID_698 1BC: Key HKLM\SYSTEM\ControlSet001\Services\RSVP\Performance 1C0: Mutant \BaseNamedObjects\RSVP_Perf_Library_Lock_PID_698 1C4: Key HKLM\SYSTEM\ControlSet001\Services\Serv-U-Counters\Performance 1C8: Mutant \BaseNamedObjects\Serv-U-Counters_Perf_Library_Lock_PID_698 1CC: Key HKLM\SYSTEM\ControlSet001\Services\Spooler\Performance 1D0: Mutant \BaseNamedObjects\Spooler_Perf_Library_Lock_PID_698 1D4: Key HKLM\SYSTEM\ControlSet001\Services\TapiSrv\Performance 1D8: Mutant \BaseNamedObjects\TapiSrv_Perf_Library_Lock_PID_698 1DC: Key HKLM\SYSTEM\ControlSet001\Services\Tcpip\Performance 1E0: Mutant \BaseNamedObjects\Tcpip_Perf_Library_Lock_PID_698 1E4: Event 1E8: Mutant 1EC: Thread speedfan.exe(1688): 2004 1F0: Event 1F4: Semaphore 1F8: Mutant 1FC: Section 200: Event 204: Event 208: Section \BaseNamedObjects\SFSharedMemory_ALM 20C: Key HKCU 210: File (---) \Device\speedfan 214: Key HKCR 218: Event 21C: Key HKLM\SOFTWARE\MICROSOFT\COM3 220: Event 224: Key HKU 228: Event 22C: Key HKCR 230: Event 234: Key HKLM\SOFTWARE\MICROSOFT\COM3 238: Event 23C: Key HKU 240: Event 244: Key HKLM\SOFTWARE\MICROSOFT\COM3 248: Event 24C: Key HKCR\CLSID 250: Event 254: Key HKCR 258: Event 25C: Key HKLM\SOFTWARE\MICROSOFT\COM3 260: Event 264: Key HKU 268: Event 26C: Key HKLM\SOFTWARE\MICROSOFT\COM3 270: Event 274: Key HKLM\SOFTWARE\MICROSOFT\COM3 278: Event 27C: Key HKCR\CLSID 280: Event 284: Section \BaseNamedObjects\__R_0000000000d9_SMem__ 288: Event 28C: Key HKCU 290: Port 294: Event 298: Port \RPC Control\OLEC07430997C81499EA335A1226F35 29C: Directory \?? 2A0: Port 2A4: Key HKCU 2A8: Event 2AC: Key HKLM\SYSTEM\ControlSet001\Control\Nls\Locale 2B0: Event 2B4: Key HKLM\SYSTEM\ControlSet001\Control\Nls\Locale\Alternate Sorts 2B8: Key HKLM\SYSTEM\ControlSet001\Control\Nls\Language Groups 2BC: Event 2C0: Key HKCU 2C4: Event 2C8: Key HKCU 2CC: Event 2D0: Port 2D4: Directory \?? 2D8: Directory \?? 2DC: Event 2E0: Key HKCU 2E4: Token NT AUTHORITY\SYSTEM:3e7 2E8: Port 2EC: Event 2F0: Mutant 2F4: Key HKCU 2F8: Event 2FC: Mutant 300: Event 304: Mutant 308: Mutant \BaseNamedObjects\RasPbFile 30C: Event 310: Event 314: Event 318: Semaphore 31C: Semaphore 320: Event 324: File (---) \Device\Tcp 328: File (---) \Device\Tcp 32C: File (---) \Device\Ip 330: File (---) \Device\Ip 334: File (---) \Device\Ip 338: Key HKLM\SYSTEM\ControlSet001\Services\Tcpip\Linkage 33C: Key HKLM\SYSTEM\ControlSet001\Services\Tcpip\Parameters 340: Key HKLM\SYSTEM\ControlSet001\Services\NetBT\Parameters\Interfaces 344: Key HKLM\SYSTEM\ControlSet001\Services\NetBT\Parameters 348: File (---) \Device\Tcp 34C: Semaphore 350: Semaphore 354: Event 358: Event 35C: Semaphore 360: Semaphore 364: Key HKLM\SOFTWARE\MICROSOFT\Tracing\RASADHLP 368: Event 36C: Thread speedfan.exe(1688): 2564 370: Event 374: Thread speedfan.exe(1688): 644 378: Directory \?? 37C: Directory \?? 380: Directory \?? 384: Directory \?? 388: Directory \?? 38C: Directory \?? 390: Directory \?? 394: Directory \?? 398: Directory \?? 39C: Directory \?? 3A0: Directory \?? 3A4: Directory \?? 3A8: Directory \?? 3AC: Directory \?? 3B0: Directory \?? 3B4: Directory \?? 3B8: Directory \?? 3BC: Directory \?? 3C0: Directory \?? 3C4: Directory \?? 3C8: Directory \?? 3CC: Directory \?? 3D0: Directory \?? 3D4: Directory \?? 3D8: Directory \?? 3DC: Directory \?? 3E0: Directory \?? 3E4: Directory \?? 3E8: Directory \?? 3EC: Directory \?? 3F0: Directory \?? 3F4: Directory \?? 3F8: Directory \?? 3FC: Directory \?? 400: Directory \?? 404: Directory \?? 408: Directory \?? 40C: Directory \?? 410: Directory \?? 414: Directory \?? 418: Directory \?? 41C: Directory \?? 420: Directory \?? 424: Directory \?? 428: Directory \?? 42C: Directory \?? 430: Directory \?? 434: Directory \?? 438: Directory \?? 43C: Directory \?? 440: Directory \?? 444: Directory \?? 448: Directory \?? 44C: Directory \?? 450: Directory \?? 454: Directory \?? 458: Directory \?? 45C: Directory \?? 460: Directory \?? 464: Directory \?? 468: Directory \?? 46C: Directory \?? 470: Directory \?? 474: Directory \?? 478: Directory \?? 47C: Directory \?? 480: Directory \?? 484: Directory \?? 488: Directory \?? 48C: Directory \?? 490: Directory \?? 494: Directory \?? 498: Directory \?? 49C: Directory \?? 4A0: Directory \?? 4A4: Directory \?? 4A8: Directory \?? 4AC: Directory \?? 4B0: Directory \?? 4B4: Directory \?? 4B8: Directory \?? 4BC: Directory \?? 4C0: Directory \?? 4C4: Directory \?? 4C8: Directory \?? 4CC: Directory \?? 4D0: Directory \?? 4D4: Directory \?? 4D8: Directory \?? 4DC: Directory \?? 4E0: Directory \?? 4E4: Directory \?? 4E8: Directory \??