| Donate $25 for two DVDs of the Cryptome collection of files from June 1996 to the present |
|
15 November 2010. Previous in this series.
CSLID Shit List 8
A sends:
"In fact there is nothing universal here.
For information to be information, it has to flow always." http://cryptome.org/0002/clsid-beyond2.htm "Your Windows registry is the castle that holds all the commands for the hardware and software on your computer to communicate with each other. Without the Windows registry, the hardware and software programmed with the Windows Operating System would just sit there." - articlesbase.com Let me make one point here. The purpose of bleaching these CLSIDs IS NOT to stifle all information from flowing. ONLY prevent useless, unstable default and additional registry. __________________________________________ WARNING ; This content should ONLY be used by those who expect strong computer security. I suggest anyone who decides to use this data to research the information before-hand. This content works best with Windows XP, and bleaching should not be attempted while using new 'flashy' computer technologies, as some new technologies MAY require various CLSIDs listed below to properly function. Third-party video game geeking for example. Everything below has been tested on XP only. __________________________________________ Bleach ICRA internet content filtering software. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ policies\Ratings\.Default\http://www.icra.org/pics/vocabularyv03/ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies HKCU\Software\Microsoft\Windows\CurrentVersion\Policies "Upon the recent decision of FOSI's Board of Directors, the ICRA labeling engine has been discontinued. *While all current labels will continue to work with Internet content filters*, the ICRA label generator, ICRA tools and Webmaster support will no longer be available. If you are writing with questions about difficulties with Content Advisor, please refer to Microsoft support, as Content Advisor is part of their Internet Explorer software." IDA interface CLSIDs help prevent reverse engineering computer systems by analysis of IT hardware. IDA is an anti-tamper technology used to deter data corruption. REGARDLESS OF WHAT HAS BEEN PUBLISHED, IDA CAN AUTOMATICALLY RE-GENERATE CERTAIN MODIFIED DATA! IDA is built-in artificial intelligence manufactured in new computers. IDA behavior mirrors typical system behavior, replicating system data in case it needs to correspond to problems. IDA can re-generate certain data from original replication and has the capability to correct certain default data. Stan Franklin, who has lead and managed the IDA interface has claimed IDA is exhibiting functional consciousness. IDA was developed for the US Navy in 1998 to completely automate the role of many communications. "The IDA model incorporates several different learning mechanisms. The simplest is the associative learning that occurs as the contents of "consciousness" is stored in associative memory with every "conscious" broadcast. It's the associations between the various items comprising the "conscious" contents that's learned. Also, associations with other similar items are learned by means of the Sparse Distributed Memory mechanism." IDAViewerControl HKCR\Interface\{0E41257B-812D-11D0-9B4A-00C04FC2F51D} IDABvrHook HKCR\Interface\{3E2487C4-8709-11D0-B177-00C04FC2A0CA} IDAUntilNotifier HKCR\Interface\{3F3DA01A-4705-11D0-8710-00C04FC29D46} IDAImportationResult HKCR\Interface\{4A933702-E36F-11D0-9B99-00C04FC2F51D} IDAPickableResult HKCR\Interface\{4A933703-E36F-11D0-9B99-00C04FC2F51D} IDAEvent HKCR\Interface\{50B4791E-4731-11D0-8912-00C04FC2A0CA} IDAStatics HKCR\Interface\{542FB452-5003-11CF-92A2-00AA00B8A733} IDABoolean HKCR\Interface\{C46C1BC0-3C52-11D0-9200-848C1D000000} IDAString HKCR\Interface\{C46C1BC3-3C52-11D0-9200-848C1D000000} IDAColor HKCR\Interface\{C46C1BC5-3C52-11D0-9200-848C1D000000} IDAPoint2 HKCR\Interface\{C46C1BC7-3C52-11D0-9200-848C1D000000} IDAVector2 HKCR\Interface\{C46C1BC9-3C52-11D0-9200-848C1D000000} IDATransform2 HKCR\Interface\{C46C1BCB-3C52-11D0-9200-848C1D000000} IDABbox2 HKCR\Interface\{C46C1BCD-3C52-11D0-9200-848C1D000000} IDAPath2 HKCR\Interface\{C46C1BCF-3C52-11D0-9200-848C1D000000} IDAMatte HKCR\Interface\{C46C1BD1-3C52-11D0-9200-848C1D000000} IDAImage HKCR\Interface\{C46C1BD3-3C52-11D0-9200-848C1D000000} IDAMontage HKCR\Interface\{C46C1BD5-3C52-11D0-9200-848C1D000000} IDAPoint3 HKCR\Interface\{C46C1BD7-3C52-11D0-9200-848C1D000000} IDAVector3 HKCR\Interface\{C46C1BD9-3C52-11D0-9200-848C1D000000} IDATransform3 HKCR\Interface\{C46C1BDB-3C52-11D0-9200-848C1D000000} IDABbox3 HKCR\Interface\{C46C1BDD-3C52-11D0-9200-848C1D000000} IDAGeometry HKCR\Interface\{C46C1BDF-3C52-11D0-9200-848C1D000000} IDACamera HKCR\Interface\{C46C1BE1-3C52-11D0-9200-848C1D000000} IDASound HKCR\Interface\{C46C1BE3-3C52-11D0-9200-848C1D000000} IDAMicrophone HKCR\Interface\{C46C1BE5-3C52-11D0-9200-848C1D000000} IDAEndStyle HKCR\Interface\{C46C1BEB-3C52-11D0-9200-848C1D000000} IDAJoinStyle HKCR\Interface\{C46C1BED-3C52-11D0-9200-848C1D000000} IDADashStyle HKCR\Interface\{C46C1BEF-3C52-11D0-9200-848C1D000000} IDALineStyle HKCR\Interface\{C46C1BF1-3C52-11D0-9200-848C1D000000} IDAPair HKCR\Interface\{C46C1BF3-3C52-11D0-9200-848C1D000000} IDAImport HKCR\Interface\{FC54BEAA-5B12-11D1-8E7B-00C04FC29D46} IDAModifiableBehavior HKCR\Interface\{FC54BEAB-5B12-11D1-8E7B-00C04FC29D46} IDA CLSIDs are also located in HKEY_LOCAL_MACHINE, regardless, as usual, once bleached in CLASSES_ROOT the same CLSIDs often become terminated in the HKLM. SID hacker used worthless EapHosts and Remote Desktop. HKEY_CLASSES_ROOT\AppID\{0A886F29-465A-4aea-8B8E-BE926BFAE83E} RDSHost.EXE HKEY_CLASSES_ROOT\AppID\{5123EB69-F99E-461C-B6C3-CE6E825813E8} HKEY_CLASSES_ROOT\AppID\{8B4B437E-4CAB-4e83-89F6-7F9F7DF414EA} Interactive User HKEY_CLASSES_ROOT\AppID\{B3F97836-A515-4ea6-BE06-4F1428C317C7} Interactive User HKEY_CLASSES_ROOT\AppID\{B8C54A54-355E-11D3-83EB-00A0C92A2F2D} HKEY_CLASSES_ROOT\AppID\{8C482DCE-2644-4419-AEFF-189219F916B9} HKEY_CLASSES_ROOT\AppID\RDSHost.EXE EAPQec Remote Messenger Client EapQecMessenger HKEY_CLASSES_ROOT\CLSID\{0A886F29-465A-4aea-8B8E-BE926BFAE83E} IEapQecCallbackForMessenger HKEY_CLASSES_ROOT\Interface\{1510FB87-5676-40B9-A227-5D0B66866F81} IEapQecMessenger HKEY_CLASSES_ROOT\Interface\{7ED70824-03AD-41C1-AB1A-950621776881} "iRemote Suite allows you to manipulate your desktop or notebook remotely via mobile device like iPhone. The application allows you to simulate keyboard and/or mouse input of any kind." Or should we declare iRemote CLSIDs allow remote control over our desktops and keyboards in typical overwhelming annoyance! Only to allow more rapture for those hackers. IRemoteQI HKCR\Interface\{00000142-0000-0000-C000-000000000046} IRemoteComputer HKCR\Interface\{000214FE-0000-0000-C000-000000000046} IRemoteDesktopHelpSession HKCR\Interface\{19E62A24-95D2-483A-AEB6-6FA92914DF96} IRemoteDebugManager HKCR\Interface\{275D9D60-5FF5-11CF-A5E1-00AA006BBF16} IRemoteDebugManagerCallback HKCR\Interface\{275D9D61-5FF5-11CF-A5E1-00AA006BBF16} IRemoteField HKCR\Interface\{275D9D80-5FF5-11CF-A5E1-00AA006BBF16} IRemoteDataField HKCR\Interface\{275D9D81-5FF5-11CF-A5E1-00AA006BBF16} IRemoteArrayField HKCR\Interface\{275D9D82-5FF5-11CF-A5E1-00AA006BBF16} IRemoteContainerField HKCR\Interface\{275D9D83-5FF5-11CF-A5E1-00AA006BBF16} IRemoteMethodField HKCR\Interface\{275D9D84-5FF5-11CF-A5E1-00AA006BBF16} IRemoteClassField HKCR\Interface\{275D9D85-5FF5-11CF-A5E1-00AA006BBF16} IRemoteStackFrame HKCR\Interface\{275D9D90-5FF5-11CF-A5E1-00AA006BBF16} IRemoteProcess HKCR\Interface\{275D9D93-5FF5-11CF-A5E1-00AA006BBF16} IRemoteProcessCallback HKCR\Interface\{275D9D94-5FF5-11CF-A5E1-00AA006BBF16} IRemoteObject HKCR\Interface\{275D9DB0-5FF5-11CF-A5E1-00AA006BBF16} IRemoteArrayObject HKCR\Interface\{275D9DB1-5FF5-11CF-A5E1-00AA006BBF16} IRemoteBooleanObject HKCR\Interface\{275D9DB2-5FF5-11CF-A5E1-00AA006BBF16} IRemoteContainerObject HKCR\Interface\{275D9DB5-5FF5-11CF-A5E1-00AA006BBF16} IRemoteDispatch HKCR\Interface\{6619A740-8154-43BE-A186-0319578E02DB} IRemoteProxyFactory HKCR\Interface\{8628F27D-64A2-4ED6-906B-E6155314C16A} IRemoteWebConfigurationHostServer HKCR\Interface\{A99B591A-23C6-4238-8452-C7B0E895063D} IRemoteHelper HKCR\Interface\{CB46E850-FC2F-11D2-B126-00805FC73204} IMsRdp (Remote Desktop) Updates IMsRdpClient4 HKEY_CLASSES_ROOT\Interface\{095E0738-D97D-488B-B9F6-DD0E8D66C0DE} IMsRdpClientAdvancedSettings3 HKEY_CLASSES_ROOT\Interface\{19CD856B-C542-4C53-ACEE-F127E3BE1A59} IMsRdpClient6 HKEY_CLASSES_ROOT\Interface\{1F7EFE96-F96F-4002-9632-159766631767} IMsRdpClientAdvancedSettings6 HKEY_CLASSES_ROOT\Interface\{222c4b5d-45d9-4df0-a7c6-60cf9089d285} IMsRdpClientAdvancedSettings HKEY_CLASSES_ROOT\Interface\{3C65B4AB-12B3-465B-ACD4-B8DAD3BFF9E2} IMsRdpClient5 HKEY_CLASSES_ROOT\Interface\{4eb5335b-6429-477d-b922-e06a28ecd8bf} IMsRdpClientSecuredSettings HKEY_CLASSES_ROOT\Interface\{605BEFCF-39C1-45CC-A811-068FB7BE346D} IMsRdpClientTransportSettings2 HKEY_CLASSES_ROOT\Interface\{67341688-D606-4c73-A5D2-2E0489009319} IMsRdpClient3 HKEY_CLASSES_ROOT\Interface\{91B7CBC5-A72E-4FA0-9300-D647D7E897FF} IMsRdpClient HKEY_CLASSES_ROOT\Interface\{92B4A539-7115-4B7C-A5A9-E5D9EFC2780A} IMsRdpClientAdvancedSettings2 HKEY_CLASSES_ROOT\Interface\{9AC42117-2B76-4320-AA44-0E616AB8437B} IMsRdpClientShell HKEY_CLASSES_ROOT\Interface\{d012ae6d-c19a-4bfe-b367-201f8911f134} IMsRdpClient2 HKEY_CLASSES_ROOT\Interface\{E7E17DC4-3B71-4BA7-A8E6-281FFADCA28F} IMsRdpClientAdvancedSettings5 HKEY_CLASSES_ROOT\Interface\{FBA7F64E-6783-4405-DA45-FA4A763DABD0} IMsRdpClientAdvancedSettings4 HKEY_CLASSES_ROOT\Interface\{FBA7F64E-7345-4405-AE50-FA4A763DC0DE} More listed in CLSID shit list 7. Help and Support Services: Service HKCR\CLSID\{833E4010-AFF7-4AC3-AAC2-9F24C1457BCE} Help and Support Services: Package Updater HKCR\CLSID\{833E4012-AFF7-4AC3-AAC2-9F24C1457BCE} Unknown entry. HKEY_CURRENT_USER\Software\Microsoft\Scrunch HKEY_CLASSES_ROOT\OInfo.OInfoCtrl.1 {1D03B2CA-3B9F-40DD-BBE4-277A91768A5B} OInfo12 Property Page HKCR\CLSID\{89A09E83-3F79-48DE-995A-2D12F7154B73} _______________ [DO NOT BLEACH] ... HKCR\Installer\Components\613B99D5CFD7FCB4793B500086BB4113 Look for {24AAE126-0911-478F-A019-07B875EB9996},OInfo12.ocx Delete {24AAE126-0911-478F-A019-07B875EB9996},OInfo12.ocx _______________ Gator Spyware HKEY_LOCAL_MACHINE\SOFTWARE\Gator.com MyWebSearch Spyware (Updated) Spyware designed to launch advertisements, frequent pop-ups and will redirect search results to bullshit virus filled web sites. HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl.1 HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton.1 HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager.1 HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager.1 HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.2 HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.1 HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar.1 HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler.1 HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler HKEY_CLASSES_ROOT\FunWebProducts.DataControl.1 HKEY_CLASSES_ROOT\FunWebProducts.DataControl HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1 HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1 HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin.1 HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin.1 HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel.1 HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin.1 HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ Uninstall\MyWebSearch bar Uninstall HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\ MyWebSearch.OutlookAddin HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\ MyWebSearch.OutlookAddin HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ Explorer\Browser Helper Objects\ {07b18ea1-a523-4961-b6bb-170de4475cca} HKEY_CURRENT_USER\SOFTWARE\Fun Web Products HKEY_CURRENT_USER\SOFTWARE\MyWebSearch WBEM Ping Provider HKEY_CLASSES_ROOT\CLSID\{734AC5AE-68E1-4FB5-B8DA-1D92F7FC6661} WBEM TROJANS HKLM\SOFTWARE\Microsoft\WBEM\CIMOM\SecuredHostProviders HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\BuildW HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mso HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\udso HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Ulrn HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Update DO NOT BLEACH ALL WBEM CLSIDS, ONLY THOSE LISTED! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\afisicx HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\afisicx HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nobicyt HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nobicyt HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\noxtcyr HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\noxtcyr HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\noytcyr HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\noytcyr HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mabidwe HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mabidwe HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\roxtctm HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\roxtctm HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\roytctm HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\roytctm HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sobicyt HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sobicyt HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tdydowkc HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tdydowkc HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wsldoekd More Trojan Viruses Transaction Manager Contact Identifier (CID) keys contain information for the Transaction Manager endpoints corresponding to the four supported protocols. These keys contain settings concerning the frequency and filtering of transaction monitoring information. The transaction monitoring is used by Windows Remote Registry Protocol, which is unstable due to vulnerability and capability of hosting infections. Trojans have been known to target the CID keys to hide infection. HKEY_CLASSES_ROOT\CID HKEY_CLASSES_ROOT\CID\0c0b9fdd-65c9-49be-8e8e-4efa1f31b004 HKEY_CLASSES_ROOT\CID\37242894-ab8d-4d4e-9f95-f872167e6843 HKEY_CLASSES_ROOT\CID\fb96f993-c4de-45b8-97b9-9a888fce752d HKEY_CLASSES_ROOT\CID\fd04850b-2fba-4f00-80ac-27943e65f54b These CLSIDs contained the SVCID trojan. HKEY_CLASSES_ROOT\SVCID HKEY_CLASSES_ROOT\SVCID\01366d42-c04e-11d1-b1c0-00c04fc2f3ef HKEY_CLASSES_ROOT\SVCID\488091f0-bff6-11ce-9de8-00aa00a3f464 HKEY_CLASSES_ROOT\SVCID\6407e780-7e5d-11d0-8ce6-00c04fdc877e HKEY_CLASSES_ROOT\SVCID\ced2de40-bff6-11ce-9de8-00aa00a3f464 HKLM\SOFTWARE\Classes\CLSID\{346436FA-5138-50DA-D412-0870CE39768B} HKLM\SOFTWARE\Classes\CLSID\{7b3e8324-592f-477d-b05e-c3a05ce8aa90} HKLM\SOFTWARE\Classes\CLSID\{ADA8C222-95D2-47B5-950B-AEBC0A508839} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\e405.e405mgr {E28F671C-3D83-4149-BA2F-546A67702B49} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\ {21EEB010-57F3-11DD-B116-DAD055D89593} HKEY_LOCAL_MACHINE\SOFTWARE\tdss HKLM\SOFTWARE\Classes\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB} HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata HKLM\SYSTEM\CurrentControlSet\Services\tcpip66 HKEY_CURRENT_USER\Software\avsoft HKEY_CURRENT_USER\Software\pragma HKEY_CURRENT_USER\SOFTWARE\HolLol HKEY_CURRENT_USER\SOFTWARE\Inet Delivery HKEY_CURRENT_USER\Software\{F18143AE-4987-6D9A-4F35-CB2C6DCA9D17} Keylogging spyware HKLM\SOFTWARE\Classes\CLSID\{C9F64886-18D8-4580-0F86-87DD9ADE410D} HKLM\SOFTWARE\Classes\TypeLib\{ACF84E6E-06EA-CFF5-7678-1AB22EE732CA} HKEY_CURRENT_USER\Software\ASProtect 2search spyware These two implemented categories are spyware. {7DD95801-9882-11CF-9FA9-00AA006C42C4} {7DD95802-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{00022602-0000-0000-C000-000000000046}\ Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{00022602-0000-0000-C000-000000000046}\ Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{0149EEDF-D08F-4142-8D73-D23903D21E90}\ Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{0149EEDF-D08F-4142-8D73-D23903D21E90}\ Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{0DAD5531-BF31-43AC-A513-1F8926BBF5EC}\ Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{0DAD5531-BF31-43AC-A513-1F8926BBF5EC}\ Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{10072CEC-8CC1-11D1-986E-00A0C955B42E}\ Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{10072CEC-8CC1-11D1-986E-00A0C955B42E}\ Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{1a4da620-6217-11cf-be62-0080c72edd2d}\ Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{1a4da620-6217-11cf-be62-0080c72edd2d}\ Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\ Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\ Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{76FF3452-E474-4032-BED5-BBE4E96B6D2F}\ Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{76FF3452-E474-4032-BED5-BBE4E96B6D2F}\ Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{8BD21D10-EC42-11CE-9E0D-00AA006002F3}\ Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{8BD21D10-EC42-11CE-9E0D-00AA006002F3}\ Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{8BD21D20-EC42-11CE-9E0D-00AA006002F3}\ Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{8BD21D20-EC42-11CE-9E0D-00AA006002F3}\ Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{8BD21D30-EC42-11CE-9E0D-00AA006002F3}\ Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{8BD21D30-EC42-11CE-9E0D-00AA006002F3}\ Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{8BD21D40-EC42-11CE-9E0D-00AA006002F3}\ Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKEY_CLASSES_ROOT\CLSID\{8BD21D40-EC42-11CE-9E0D-00AA006002F3}\ Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} ONLY BLEACH THE IMPLEMENTED CATEGORIES! Microsoft Office SOAP Dime Message Composer HKEY_CLASSES_ROOT\CLSID\{86EB31DF-A46F-11D6-9500-00065B874123} Microsoft Office SOAP Dime Message Parser HKEY_CLASSES_ROOT\CLSID\{86EB31E2-A46F-11D6-9500-00065B874123} Microsoft Office SOAP Data Encoder Factory HKEY_CLASSES_ROOT\CLSID\{86EB31E8-A46F-11D6-9500-00065B874123} Microsoft Office SOAP Simple Message Composer HKEY_CLASSES_ROOT\CLSID\{86EB31EB-A46F-11D6-9500-00065B874123} Microsoft Office SOAP Simple Message Parser HKEY_CLASSES_ROOT\CLSID\{86EB31EC-A46F-11D6-9500-00065B874123} HKEY_CLASSES_ROOT\AceCnfViewer.sortie {351C19A9-79EE-4274-BE26-F734A2372439} HKEY_CLASSES_ROOT\AceCnfViewer.Wizard {C33B33E1-E069-44EB-A9A5-BBF72268AC5E} HKEY_CLASSES_ROOT\Open.Financial.Exchange.File C:\WINDOWS\Installer\{270940EA-C235-40D9-B2AE-2D450356DF8E}\ _A819E278_1E30_4FAC_97EB_5FAE3F581551,0 IT related trojan? HKEY_CLASSES_ROOT\.opc HKEY_CLASSES_ROOT\.oqy HKEY_CLASSES_ROOT\OPCFile HKEY_CLASSES_ROOT\oqyfile HKEY_CLASSES_ROOT\OpcPcmImporter.OmgPcPcmImporter {26EB1712-F516-4DDF-AC63-1F6B1B422C84} HKEY_CLASSES_ROOT\OpcPcmMem.OpcPcmImporterConvert {76BC2A8B-80D2-4665-8C6C-C3A2C2B432F3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OlePrn.AddPrint\ {B57467A6-50B5-11D1-BF97-0000F8773501} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OlePrn.AspHelp\ {3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OlePrn.DSPrintQueue\ {435899C9-44AB-11D1-AF00-080036234103} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OlePrn.OleCvt\ {65303443-AD66-11D1-9D65-00C04FC30DF6} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OlePrn.OleInstall\ {C3701884-B39B-11D1-9D68-00C04FC30DF6} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OlePrn.OleSNMP\ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\OlePrn.PrinterURL\ {92337A8C-E11D-11D0-BE48-00C04FC30DF6} FBI Surveillance with Dximaging: http://cryptome.org/0002/fbi-dximaging.htm C:\WINDOWS\system32\Dxtmsft.dll DXImageTransform.Microsoft.CrBlinds HKEY_CLASSES_ROOT\CLSID\{00C429C0-0BA9-11d2-A484-00C04F8EFB69} DXImageTransform.Microsoft.Iris HKEY_CLASSES_ROOT\CLSID\{049F2CE6-D996-4721-897A-DB15CE9EB73D} DXImageTransform.Microsoft.AlphaImageLoader HKEY_CLASSES_ROOT\CLSID\{0C7EFBDE-0303-4c6f-A4F7-31FA2BE5E397} DXImageTransform.Microsoft.RadialWipe HKEY_CLASSES_ROOT\CLSID\{164484A9-35D9-4FB7-9FAB-48273B96AA1D} DXImageTransform.Microsoft.Fade HKEY_CLASSES_ROOT\CLSID\{16B280C5-EE70-11D1-9066-00C04FD9189D} DXImageTransform.Microsoft.BasicImage HKEY_CLASSES_ROOT\CLSID\{16B280C8-EE70-11D1-9066-00C04FD9189D} DXImageTransform.Microsoft.ZigZag HKEY_CLASSES_ROOT\CLSID\{23E26328-3928-40F2-95E5-93CAD69016EB} DXImageTransform.Microsoft.Convolution HKEY_CLASSES_ROOT\CLSID\{2BC0EF29-E6BA-11d1-81DD-0000F87557DB} DXImageTransform.Microsoft.RandomBars HKEY_CLASSES_ROOT\CLSID\{2E7700B7-27C4-437F-9FBF-1E8BE2817566} DXImageTransform.Microsoft.MMSpecialEffectInplace1Input HKEY_CLASSES_ROOT\CLSID\{353359C1-39E1-491b-9951-464FD8AB071C} DXImageTransform.Microsoft.MaskFilter HKEY_CLASSES_ROOT\CLSID\{3A04D93B-1EDD-4f3f-A375-A03EC19572C4} DXImageTransform.Microsoft.CrIris HKEY_CLASSES_ROOT\CLSID\{3F69F351-0379-11D2-A484-00C04F8EFB69} DXImageTransform.Microsoft.Chroma HKEY_CLASSES_ROOT\CLSID\{421516C1-3CF8-11D2-952A-00C04FA34F05} DXImageTransform.Microsoft.CrRadialWipe HKEY_CLASSES_ROOT\CLSID\{424B71AF-0695-11D2-A484-00C04F8EFB69} DXImageTransform.Microsoft.Redirect HKEY_CLASSES_ROOT\CLSID\{42B07B28-2280-4937-B035-0293FB812781} DXImageTransform.Microsoft.Spiral HKEY_CLASSES_ROOT\CLSID\{4A03DCB9-6E17-4A39-8845-4EE7DC5331A5} DXImageTransform.Microsoft.Matrix HKEY_CLASSES_ROOT\CLSID\{4ABF5A06-5568-4834-BEE3-327A6D95A685} DXImageTransform.Microsoft.Pixelate HKEY_CLASSES_ROOT\CLSID\{4CCEA634-FBE0-11d1-906A-00C04FD9189D} DXImageTransform.Microsoft.MovieMaker.VidAdjust HKEY_CLASSES_ROOT\CLSID\{5A20FD6F-F8FE-4a22-9EE7-307D72D09E6E} DXImageTransform.Microsoft.Wheel HKEY_CLASSES_ROOT\CLSID\{5AE1DAE0-1461-11d2-A484-00C04F8EFB69} DXImageTransform.Microsoft.Gradient HKEY_CLASSES_ROOT\CLSID\{623E2882-FC0E-11d1-9A77-0000F8756A10} DXImageTransform.Microsoft.Strips HKEY_CLASSES_ROOT\CLSID\{63A4B1FC-259A-4A5B-8129-A83B8C9E6F4F} DXImageTransform.Microsoft.Blur HKEY_CLASSES_ROOT\CLSID\{7312498D-E87A-11d1-81E0-0000F87557DB} DXImageTransform.Microsoft.CrStretch HKEY_CLASSES_ROOT\CLSID\{7658F2A2-0A83-11d2-A484-00C04F8EFB69} DXImageTransform.Microsoft.Inset HKEY_CLASSES_ROOT\CLSID\{76F363F2-7E9F-4ED7-A6A7-EE30351B6628} DXImageTransform.Microsoft.CrSlide HKEY_CLASSES_ROOT\CLSID\{810E402F-056B-11D2-A484-00C04F8EFB69} DXImageTransform.Microsoft.CrInset HKEY_CLASSES_ROOT\CLSID\{93073C40-0BA5-11d2-A484-00C04F8EFB69} DXImageTransform.Microsoft.Compositor HKEY_CLASSES_ROOT\CLSID\{9A43A844-0831-11D1-817F-0000F87557DB} DXImageTransform.Microsoft.Blinds HKEY_CLASSES_ROOT\CLSID\{9A4A4A51-FB3A-4F4B-9B57-A2912A289769} DXImageTransform.Microsoft.Glow HKEY_CLASSES_ROOT\CLSID\{9F8E6421-3D9B-11D2-952A-00C04FA34F05} DXImageTransform.Microsoft.ICMFilter HKEY_CLASSES_ROOT\CLSID\{A1BFB370-5A9F-4429-BB72-B13E2FEAEDEF} DXImageTransform.Microsoft.CrSpiral HKEY_CLASSES_ROOT\CLSID\{ACA97E00-0C7D-11d2-A484-00C04F8EFB69} DXImageTransform.Microsoft.Alpha HKEY_CLASSES_ROOT\CLSID\{ADC6CB82-424C-11D2-952A-00C04FA34F05} DXImageTransform.Microsoft.DropShadow HKEY_CLASSES_ROOT\CLSID\{ADC6CB86-424C-11D2-952A-00C04FA34F05} DXImageTransform.Microsoft.Wave HKEY_CLASSES_ROOT\CLSID\{ADC6CB88-424C-11D2-952A-00C04FA34F05} DXImageTransform.Microsoft.MovieMaker.Age HKEY_CLASSES_ROOT\CLSID\{ADEADEB8-E54B-11d1-9A72-0000F875EADE} DXImageTransform.Microsoft.Wipe HKEY_CLASSES_ROOT\CLSID\{AF279B30-86EB-11D1-81BF-0000F87557DB} DXImageTransform.Microsoft.CheckerBoard HKEY_CLASSES_ROOT\CLSID\{B3EE7802-8224-4787-A1EA-F0DE16DEABD3} DXImageTransform.Microsoft.GradientWipe HKEY_CLASSES_ROOT\CLSID\{B96F67A2-30C2-47E8-BD85-70A2C948B50F} DXImageTransform.Microsoft.CrBarn HKEY_CLASSES_ROOT\CLSID\{C3BDF740-0B58-11d2-A484-00C04F8EFB69} DXImageTransform.Microsoft.Slide HKEY_CLASSES_ROOT\CLSID\{D1C5A1E7-CC47-4E32-BDD2-4B3C5FC50AF5} DXImageTransform.Microsoft.MotionBlur HKEY_CLASSES_ROOT\CLSID\{DD13DE77-D3BA-42D4-B5C6-7745FA4E2D4B} DXImageTransform.Microsoft.RevealTrans HKEY_CLASSES_ROOT\CLSID\{E31E87C4-86EA-4940-9B8A-5BD5D179A737} DXImageTransform.Microsoft.NDFXArtEffects HKEY_CLASSES_ROOT\CLSID\{E673DCF2-C316-4c6f-AA96-4E4DC6DC291E} DXImageTransform.Microsoft.CrZigzag HKEY_CLASSES_ROOT\CLSID\{E6E73D20-0C8A-11d2-A484-00C04F8EFB69} DXImageTransform.Microsoft.Shadow HKEY_CLASSES_ROOT\CLSID\{E71B4063-3E59-11D2-952A-00C04FA34F05} DXImageTransform.Microsoft.MovieMaker.Fade HKEY_CLASSES_ROOT\CLSID\{EC85D8F1-1C4E-46e4-A748-7AA04E7C0496} DXImageTransform.Microsoft.Barn HKEY_CLASSES_ROOT\CLSID\{EC9BA17D-60B5-462B-A6D8-14B89057E22A} DXImageTransform.Microsoft.Stretch HKEY_CLASSES_ROOT\CLSID\{F088DE73-BDD0-4E3C-81F8-6D32F4FE9D28} DXImageTransform.Microsoft.Emboss HKEY_CLASSES_ROOT\CLSID\{F515306D-0156-11d2-81EA-0000F87557DB} DXImageTransform.Microsoft.Engrave HKEY_CLASSES_ROOT\CLSID\{F515306E-0156-11d2-81EA-0000F87557DB} DXImageTransform.Microsoft.RandomDissolve HKEY_CLASSES_ROOT\CLSID\{F7F4A1B6-8E87-452f-A2D7-3077F508DBC0} DXImageTransform.Microsoft.Light HKEY_CLASSES_ROOT\CLSID\{F9EFBEC2-4302-11D2-952A-00C04FA34F05} HKEY_CLASSES_ROOT\DxDiag.DxDiagProvider HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Alpha HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.AlphaImageLoader HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Barn HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.BasicImage HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Blinds HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Blur HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.CheckerBoard HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Chroma HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Compositor HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Convolution HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.CrBarn HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.CrBlinds HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.CrBlur HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.CrEmboss HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.CrEngrave HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.CrInset HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.CrIris HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.CrRadialWipe HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.CrSlide HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.CrSpiral HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.CrStretch HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.CrWheel HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.CrZigzag HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.DropShadow HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Emboss HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Engrave HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Fade HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Glow HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Gradient HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.GradientWipe HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.ICMFilter HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Inset HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Iris HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Light HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.MaskFilter HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Matrix HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.MMSpecialEffect1Input HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.MMSpecialEffect2Inputs HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.MMSpecialEffectInplace1Input HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.MotionBlur HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.MovieMaker.Age HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.MovieMaker.Fade HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.MovieMaker.VidAdjust HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.NDFXArtEffects HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Pixelate HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.RadialWipe HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.RandomBars HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.RandomDissolve HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Redirect HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.RevealTrans HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Shadow HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Slide HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Spiral HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Stretch HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Strips HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Wave HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Wheel HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.Wipe HKEY_CLASSES_ROOT\DXImageTransform.Microsoft.ZigZag This is a third-party plug-in for Microsoft Office. HKEY_CLASSES_ROOT\OWC11.AccSync.AccSubNotHandler HKEY_CLASSES_ROOT\OWC11.AccSync.SyncMgrHandler HKEY_CLASSES_ROOT\OWC11.ChartSpace HKEY_CLASSES_ROOT\OWC11.DataSourceControl HKEY_CLASSES_ROOT\OWC11.FieldList HKEY_CLASSES_ROOT\OWC11.NumberFormat HKEY_CLASSES_ROOT\OWC11.PivotTable HKEY_CLASSES_ROOT\OWC11.RecordNavigationControl HKEY_CLASSES_ROOT\OWC11.Spreadsheet INetInboundConnection HKEY_CLASSES_ROOT\Interface\{FAEDCF53-31FE-11D1-AAD2-00805FC1270E} INetSharedAccessConnection HKEY_CLASSES_ROOT\Interface\{FAEDCF55-31FE-11D1-AAD2-00805FC1270E} ISharedAccessBeaconFinder HKEY_CLASSES_ROOT\Interface\{FAEDCF67-31FE-11D1-AAD2-00805FC1270E} ISharedAccessBeacon HKEY_CLASSES_ROOT\Interface\{FAEDCF6B-31FE-11D1-AAD2-00805FC1270E} ISmartTagRecognizerSite2 HKEY_CLASSES_ROOT\Interface\{347958C0-E86F-4865-97C8-BED31E4C28E0} ISmartTagAction HKEY_CLASSES_ROOT\Interface\{3B744D8F-B8A5-11D3-B2CF-00500489D6A3} ISmartTagRecognizer HKEY_CLASSES_ROOT\Interface\{3C6C0440-A27D-11D3-BD33-D80C46980A07} ISmartTagAction2 HKEY_CLASSES_ROOT\Interface\{5073BDEB-E480-4024-887E-22923C004444} ISmartTagProperties HKEY_CLASSES_ROOT\Interface\{54F37842-CDD7-11D3-B2D4-00500489D6A3} ISmartTagRecognizer2 HKEY_CLASSES_ROOT\Interface\{D4C62D17-6162-41DE-BE24-5B1D3F529CC3} IAutomaticUpdates HKEY_CLASSES_ROOT\Interface\{673425BF-C082-4C7C-BDFD-569464B8E0CE} AutomaticUpdates Class HKEY_CLASSES_ROOT\CLSID\{BFE18E9C-6D87-4450-B37C-E02F0B373803} ISharedProperty HKEY_CLASSES_ROOT\Interface\{2A005C01-A5DE-11CF-9E66-00AA00A3F464} HKEY_CLASSES_ROOT\Interface\{2A005C07-A5DE-11CF-9E66-00AA00A3F464} HKEY_CLASSES_ROOT\Interface\{2A005C0D-A5DE-11CF-9E66-00AA00A3F464} Activates content over restricted protocols to access the computer. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ Internet Settings\SOIEAK\MISC\RESTRICTED_PROTOCOLS A small guide for those unfamiliar with registry editing. This does not teach anyone how to edit registry. It displays simple techniques people can use to make their computers more secure and run faster too. http://webcache.googleusercontent.com/search?q=cache:Fl4DV1IWg3wJ:
haktech.blogspot.com/2009/01/here-we-are-again-at-haktech-this-guide.html Great site for investigating malware / spyware. http://www.threatexpert.com/azlisting.aspx __________________________________________ Previous CLSID shit lists. http://cryptome.org/0001/clsid-list-01.htm http://cryptome.org/0001/clsid-list-02.htm http://cryptome.org/0001/clsid-list-03.htm http://cryptome.org/0001/clsid-list-04.htm http://cryptome.org/0002/clsid-list-05.htm http://cryptome.org/0002/clsid-list-06.htm http://cryptome.org/0002/clsid-list-07.htm http://cryptome.org/0001/vista-clsids.htm http://cryptome.org/isp-spy/ms-analysis.htm Responses http://cryptome.org/0002/clsid-beyond.htm http://cryptome.org/0002/clsid-beyond2.htm