Teknosis: CLSID Shit Lists

« Freedom Watch | Main | Obama / Taliban CIA Columbia University Cover Up - Is this video a SCAM... a trick... or a joke? »

CLSID Shit Lists

20 February 2010

A sends:

CLSID Shit List (#1)
 
HKEY_CLASSES_ROOT\Neptune.JustWorks.AutoDiscovery
HKEY_CLASSES_ROOT\Neptune.JustWorks.AutoDiscovery.1
HKEY_CLASSES_ROOT\RDCHost.RemoteDesktopClientHost

HKEY_CLASSES_ROOT\RDCHost.RemoteDesktopClientHost.1
HKEY_CLASSES_ROOT\RDS.DataControl
HKEY_CLASSES_ROOT\RDS.DataSpace
HKEY_CLASSES_ROOT\RDSHost.SAFRemoteDesktopServerHost
HKEY_CLASSES_ROOT\RDSHost.SAFRemoteDesktopServerHost.1

HKEY_CLASSES_ROOT\RDSServer.DataFactory
HKEY_CLASSES_ROOT\RDSServer.DataFactory.2.81
 
 
Remote Desktop Connection (.RDP Format)
HKEY_CLASSES_ROOT\.RDP
HKEY_CLASSES_ROOT\RDP.File
 
 
S-1-5-21-1123561945-2111687655-839522115-1003 Hacked >>

 
HKEY_CLASSES_ROOT\MsRDP.MsRDP
HKEY_CLASSES_ROOT\MsRDP.MsRDP.2
HKEY_CLASSES_ROOT\MsRDP.MsRDP.3
HKEY_CLASSES_ROOT\MsRDP.MsRDP.4
HKEY_CLASSES_ROOT\MsRDP.MsRDP.5
HKEY_CLASSES_ROOT\MsRDP.MsRDP.6
AND

HKEY_CLASSES_ROOT\MsTscAx.MsTscAx
HKEY_CLASSES_ROOT\MsTscAx.MsTscAx.1
HKEY_CLASSES_ROOT\MsTscAx.MsTscAx.2
HKEY_CLASSES_ROOT\MsTscAx.MsTscAx.3
HKEY_CLASSES_ROOT\MsTscAx.MsTscAx.4
HKEY_CLASSES_ROOT\MsTscAx.MsTscAx.5

HKEY_CLASSES_ROOT\MsTscAx.MsTscAx.6
HKEY_CLASSES_ROOT\MsTscAx.MsTscAx.7
 
 
Factoid Malware
HKEY_CLASSES_ROOT\CLSID\{64AB6C69-B40E-40AF-9B7F-F5687B48E2B6}
HKEY_CLASSES_ROOT\MOFL.Factoid
HKEY_CLASSES_ROOT\MOFL.Factoid.2 INVEST

 
 
MMC Plugable Internet Protocol
HKEY_CLASSES_ROOT\CLSID\{3C5F432A-EF40-4669-9974-9671D4FC2E12}
HKEY_CLASSES_ROOT\NODEMGR.AppEventsDHTMLConnector
HKEY_CLASSES_ROOT\NODEMGR.ComCacheCleanup
HKEY_CLASSES_ROOT\NODEMGR.MMCDocConfig

HKEY_CLASSES_ROOT\NODEMGR.MMCProtocol
HKEY_CLASSES_ROOT\NODEMGR.MMCVersionInfo
HKEY_CLASSES_ROOT\NODEMGR.MMCViewExt
HKEY_CLASSES_ROOT\NODEMGR.NodeInitObject
HKEY_CLASSES_ROOT\NODEMGR.ScopeTreeObject
 
 

Hidden Microsoft Remote Assistance
HKEY_CLASSES_ROOT\RACplDlg.RAEventLog
HKEY_CLASSES_ROOT\RACplDlg.RARegSetting
HKEY_CLASSES_ROOT\RACplDlg.RASettingProperty
HKEY_CLASSES_ROOT\TypeLib\{5190C4AF-AB0F-4235-B12F-D5A8FA3F854B}\1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D317113-C6EC-406A-9C61-20E891BC37F7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4fadcfea-0971-4575-a368-a2de9d2ed07d}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70FF37C0-F39A-4B26-AE5E-638EF296D490}

HKEY_CLASSES_ROOT\RcBdyCtl.Connection
HKEY_CLASSES_ROOT\RcBdyCtl.Display
HKEY_CLASSES_ROOT\RcBdyCtl.IMSession
HKEY_CLASSES_ROOT\Rcbdyctl.Setting
HKEY_CLASSES_ROOT\Rcbdyctl.smapi
 
 
HKEY_CLASSES_ROOT\ReplAgent.90.Distribution

HKEY_CLASSES_ROOT\ReplAgent.90.Merge
HKEY_CLASSES_ROOT\ReplAgent.90.RemoteDistribution
HKEY_CLASSES_ROOT\ReplAgent.90.RemoteMerge
HKEY_CLASSES_ROOT\ReplAgent.RemoteDistribution.2
HKEY_CLASSES_ROOT\ReplAgent.RemoteMerge.2

 
 
Unknown Trojan
HKEY_CLASSES_ROOT\WECAPI2.FpFile
HKEY_CLASSES_ROOT\WECAPI2.FpFolder
HKEY_CLASSES_ROOT\WECAPI2.FpMetaInfo
HKEY_CLASSES_ROOT\WECAPI2.WebExtenderClient
HKEY_CLASSES_ROOT\WECAPI2.WebExtenderClient.1

HKEY_CLASSES_ROOT\WECAPI5.FpFile
HKEY_CLASSES_ROOT\WECAPI5.FpFolder
HKEY_CLASSES_ROOT\WECAPI5.FpMetaInfo
HKEY_CLASSES_ROOT\WECAPI5.FpwAccessSetup
HKEY_CLASSES_ROOT\WECAPI5.WebExtenderClient
HKEY_CLASSES_ROOT\WECAPI5.WebExtenderClient.3

  

Use regedit.exe to locate these on Microsoft systems.

___

20 February 2010

CLSID Shit List (#1) http://cryptome.org/0001/clsid-list-01.htm

A sends:

CLSID Shit List (#2)

 
Built-in Copyright Protection
HKEY_CLASSES_ROOT\DRM.GetLicense
HKEY_CLASSES_ROOT\DRM.GetLicense.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DRM.GetLicense
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DRM.GetLicense.1

 
Export .reg copy before erasing, in case WMP problem. If problem occurs you can recover it.
 
HKEY_CLASSES_ROOT\Software\Microsoft\Multimedia\Components\Installed\DRM_DRM
 
 
Junk
HKEY_CLASSES_ROOT\MsScp.MSSCP

HKEY_CLASSES_ROOT\MsScp.SCPTRANS
 
 
Trojan.Agent.KQ
HKEY_CLASSES_ROOT\MTxAddIn.RegRefresh
HKEY_CLASSES_ROOT\MTxAddIn2.RegRefresh
HKEY_CLASSES_ROOT\MTxAS.AppServer.1
HKEY_CLASSES_ROOT\MTxSpm.SharedPropertyGroupManager

HKEY_CLASSES_ROOT\CLSID\{1CB0A015-1676-11D0-825B-00A0C90395DF}
HKEY_CLASSES_ROOT\CLSID\{29729D01-CFE6-11D0-BE1D-0060977B4789}
HKEY_CLASSES_ROOT\Interface\{1CB0A011-1676-11D0-825B-00A0C90395DF}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MTxAddIn.RegRefresh

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MTxAddIn2.RegRefresh
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MTxAS.AppServer.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MTxSpm.SharedPropertyGroupManager
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1CB0A010-1676-11D0-825B-00A0C90395DF}

 
 
S-1-5-21-1123561945-2111687655-839522115-1003 Hacked >>
 
HKEY_CLASSES_ROOT\MMC.ExecutivePlatform
HKEY_CLASSES_ROOT\MMC.IconControl
HKEY_CLASSES_ROOT\MMC.SnapInFailureReporter
HKEY_CLASSES_ROOT\MMC.WaitDialog

HKEY_CLASSES_ROOT\MMC20.Application
HKEY_CLASSES_ROOT\MMCTask.MMCTask
 
MMC Console Format
HKEY_CLASSES_ROOT\.msc
 
 
 With the growth in home networking driven by the growth of broadband
delivery to home environments an opportunity exists for a network-based

service assurance and configuration platform for multiple PC households
In the future we would expect this to include smart appliances,
digital TV, Web tablets, etc. The configuration requirements become
increasingly complex as broadband home network users start to appreciate

the power of their connectivity and want to configure additional services
such as remote corporate network access (VPN), personal Web server hosting,
MP3-file sharing, and multi-player (on-line) gaming. In this paper we

describe the motivation for this work, the requirements for providing a
network-based home network management solution and then outline a potential
solution architecture. This small framework could access other wifi networks

around, like a remote computer, digital television, cell phones, Ipods, etc.
 
 - 2002 IEEE 4th International Workshop on Digital Object Identifier
 
Original Filename: HNETCFG.DLL
{AE1E00AA-3FD5-403C-8A27-2BBDC30CD0E1}

{FDD384CC-78C6-4E6D-8694-1DACBEE57F96}
{43E734CA-043D-4A70-9A2C-A8F254063D91}
{58FBCF7C-E7A9-467C-80B3-FC65E8FCCA08}
 
Shared Access Connection Manager Connection Enumerator Class
HKEY_CLASSES_ROOT\CLSID\{BA126AE1-2166-11D1-B1D0-00805FC1270E}

 
Shared Access Connection Class
HKEY_CLASSES_ROOT\CLSID\{BA126AE2-2166-11D1-B1D0-00805FC1270E}
 
Shared Access Connection Manager Class
HKEY_CLASSES_ROOT\CLSID\{BA126AE0-2166-11D1-B1D0-00805FC1270E}
 

Home Networking Connections Ultility Class
{BA126AE3-2166-11D1-B1D0-00805FC1270E}
 
Home Networking Configuration Manager
{46C166AA-3108-11D4-9348-00C04F8EEB71}
 
Home Networking Sharing Configuration Manager

{5C63C1AD-3956-4FF8-8486-40034758315B}
 
HNetCfg.FwOpenPort
{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}
 
HNetCfg.FwMgr
{304CE942-6E39-40D8-943A-B913C40C9CD4}
 
HNetCfg.FwAuthorizedApplication
{EC9846B3-2762-4A6B-A214-6ACB603462D2}

 
HNetCfg.FwAuthorizedApplication
{EC9846B3-2762-4A6B-A214-6ACB603462D2}
 
HNetCfg.HNetShare
{5C63C1AD-3956-4FF8-8486-40034758315B}
 
 
Microsoft Help Attribute Definition File
HKEY_CLASSES_ROOT\.hxa = MSHelp.hxa.2.5

HKEY_CLASSES_ROOT\.hxc = MSHelp.hxc.2.5
HKEY_CLASSES_ROOT\.hxd = MSHelp.hxd.2.5
HKEY_CLASSES_ROOT\.hxe = MSHelp.hxe.2.5
HKEY_CLASSES_ROOT\.hxf = MSHelp.hxf.2.5
HKEY_CLASSES_ROOT\.hxh = MSHelp.hxh.2.5
HKEY_CLASSES_ROOT\.hxi = MSHelp.hxi.2.5

HKEY_CLASSES_ROOT\.hxk = MSHelp.hxk.2.5
HKEY_CLASSES_ROOT\.hxq = MSHelp.hxq.2.5
HKEY_CLASSES_ROOT\.hxr = MSHelp.hxr.2.5
HKEY_CLASSES_ROOT\.hxs = MSHelp.hxs.2.5
HKEY_CLASSES_ROOT\.hxt = MSHelp.hxt.2.5
HKEY_CLASSES_ROOT\.hxv = MSHelp.hxv.2.5

HKEY_CLASSES_ROOT\.hxw = MSHelp.hxw.2.5
HKEY_CLASSES_ROOT\MSHelp.hxa.2.5
HKEY_CLASSES_ROOT\MSHelp.hxc.2.5
HKEY_CLASSES_ROOT\MSHelp.hxd.2.5
HKEY_CLASSES_ROOT\MSHelp.hxe.2.5
HKEY_CLASSES_ROOT\MSHelp.hxf.2.5

HKEY_CLASSES_ROOT\MSHelp.hxh.2.5
HKEY_CLASSES_ROOT\MSHelp.hxi.2.5
HKEY_CLASSES_ROOT\MSHelp.hxk.2.5
HKEY_CLASSES_ROOT\MSHelp.hxq.2.5
HKEY_CLASSES_ROOT\MSHelp.hxr.2.5
HKEY_CLASSES_ROOT\MSHelp.hxs.2.5
HKEY_CLASSES_ROOT\MSHelp.hxt.2.5

HKEY_CLASSES_ROOT\MSHelp.hxv.2.5
HKEY_CLASSES_ROOT\MSHelp.hxw.2.5
 
 
 Simple Mail Transfer Protocol (SMTP) is an Internet standard
for electronic mail (e-mail) transmission across Internet
Protocol (IP) networks. SMTP was first defined in RFC 821

(STD 15),[1] and last updated by RFC 5321 (2008)[2] which
includes the extended SMTP (ESMTP) additions, and is the
protocol in widespread use today. SMTP is specified for
outgoing mail transport and uses TCP port 25.

 
 While electronic mail servers and other mail transfer agents
use SMTP to send and receive mail messages, user-level client
mail applications typically only use SMTP for sending messages
to a mail server for relaying. For receiving messages, client

applications usually use either the Post Office Protocol
(POP) or the Internet Message Access Protocol (IMAP) to
access their mail box accounts on a mail server.
 
SMTP OnArrival Script Host Sink Class
HKEY_CLASSES_ROOT\CLSID\{CD000005-8B95-11D1-82DB-00C04FB1625D}

 
SMTPConnector Class
HKEY_CLASSES_ROOT\CLSID\{CD000008-8B95-11D1-82DB-00C04FB1625D}
HKEY_CLASSES_ROOT\CDO.SMTPConnector
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDO.SMTPConnector
 
SMTP OnArrival Sink
HKEY_CLASSES_ROOT\CDO.SS_SMTPOnArrivalSink

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDO.SS_SMTPOnArrivalSink
 
Microsoft WBEM SMTP Event Consumer Provider
HKEY_CLASSES_ROOT\CLSID\{C7A3A54B-0250-11D3-9CD1-00105A1F4801}
 
CLSID_ISMTPTransport
HKEY_CLASSES_ROOT\CLSID\{FD853CE6-7F86-11d0-8252-00C04FD85AB4}

 
ISMTPOnArrival
HKEY_CLASSES_ROOT\Interface\{CD000026-8B95-11D1-82DB-00C04FB1625D}
 
ISMTPScriptConnector
HKEY_CLASSES_ROOT\Interface\{CD000030-8B95-11D1-82DB-00C04FB1625D}
 
 
UGather Spy

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UGatherer
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UGTHRSVC
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\UGatherer
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\UGTHRSVC

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UGatherer
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UGTHRSVC
 
 
Remote Assistance [Remote Desktop Help Session Manager]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDSessMgr

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\RDSessMgr
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDSessMgr
 
 
ipsecFilter{72385235-70fa-11d1-864c-14a300000000}
Matches all ICMP packets between this computer and any other computer.

 
ipsecNFA{127fac49-e5c7-43d4-a909-8d29c00918b0}
ipsecNFA{36533ca7-f257-44d3-9b98-430ad6a6a651}
Permit unsecure ICMP packets to pass through.
 
ipsecNegotiationPolicy{72385233-70fa-11d1-864c-14a300000000}

 Accepts unsecured communication, but requests clients to establish trust
and security methods. Will communicate insecurely to untrusted clients if
they do not respond to request.
 
ipsecNegotiationPolicy{7238523b-70fa-11d1-864c-14a300000000}

Permit unsecured IP packets to pass through.
 

Use regedit.exe to locate these on Microsoft systems.

___

21 February 2010

clsid-list-02.htm   CLSID Shit List No. 2              February 20, 2010
clsid-list-01.htm   CLSID Shit List No. 1              February 20, 2010

A sends:

CLSID Shit List (#3)
  
Bluetooth Devices - "btw_ci.dll"
{95C7A0A0-3094-11D7-A202-00508B9D7D5A}
 
Bluetooth Radio - "dthci.dll"
{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}

 
Bluetooth Bus Enumerator
[same CLSID as btw_ci.dll]
 
Bluetooth Service - "btwdins"
{8ECC055D-047F-11D1-A537-0000F8753ED1}
 
Bluetooth Installation dll - btins.dll
MD5 SIGNATURE: 5890B075623E93D4195D3FFCE341DE49

 
WIDCOMM, Bluetooth - btneighborhood.dll
MD5 SIGNATURE: 76fc863b8231c8ee60648d23a224d6dd
MD5 SIGNATURE: 7f253fdae76ef21c8d8dedcbc046e9e1
MD5 SIGNATURE: 20c4a9e2ece8e90208167544f1e3f8a3
MD5 SIGNATURE: e50a7a4e6ff2b397e2246f8722e2c9d8

MD5 SIGNATURE: bba9df444e92740dea4ef0851e8e5abb
 
Bluetooth Software Location
HKEY_CURRENT_USER\Software\Widcomm
 
Bluetooth Software - btstackserver.exe
C:\Program Files\WIDCOMM\Bluetooth Software\

 
WIDCOMM, Bluetooth - btneighborhood.tlb
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
 
WIDCOMM, Bluetooth - btsendto_explorer.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls

 
 WIDCOMM controls the bluetooth services, so to bleach that alone
could disable bluetooth. However I recommend you wipe bluetooth out
completely by going after the install .dll(s). This is a full list
of bluetooth dll(s) :   btw_ci.dll

             bthci.dll
             btins.dll
             btwdins
             btkrnl.dll
             dthci.dll
 
 
Collection of all the available BDA tuning models and spaces

 
BDATuner.AnalogTVTuningSpace
{8A674B4D-1F63-11D3-B64C-00C04F79498E}
{2A6E293B-2595-11D3-B64C-00C04F79498E}
{39DD45DA-2DA8-46BA-8A8A-87E2B73D983A}
{8A674B4D-1F63-11D3-B64C-00C04F79498E}
 
Legacy Analog TV Tuner Device Segment

{1C15D484-911D-11D2-B632-00C04F79498E}
{2A6E293C-2595-11D3-B64C-00C04F79498E}
 
BDATuner.ATSCChannelTuneRequest
{0369B4E6-45B6-11D3-B650-00C04F79498E}
 
BDATuner.ATSCLocator
{8872FF1B-98FA-4D7A-8D93-C9F1055F85BB}

 
BDATuner.ATSCTuningSpace
{A2E30750-6C3D-11D3-B653-00C04F79498E}
 
BDATuner.AnalogRadioTuningSpace
{8A674B4C-1F63-11D3-B64C-00C04F79498E}
 
BDATuner.Auxilary.InTuningSpace
{F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}

 
BDA Data Services Feature Segment
{334125C0-77E5-11D3-B653-00C04F79498E}
 
MSVidCtl Analog TV Control
{28953661-0231-41DB-8986-21FF4388EE9B}
{3540D440-5B1D-49CB-821A-E84B8CF065A7}
{847B4DF5-4B61-11D2-9BDB-204C4F4F5020}

{8E718888-423F-11D2-876E-00A0C9082467}
{8A674B4C-1F63-11D3-B64C-00C04F79498E}
{8A674B4D-1F63-11D3-B64C-00C04F79498E}
{9F50E8B1-9530-4DDC-825E-1AF81D47AED6}
 
Radio / Analog Data Server Control
{334125C0-77E5-11D3-B653-00C04F79498E}

{8E71888A-423F-11D2-876E-00A0C9082467}
{8E718889-423F-11D2-876E-00A0C9082467}
{9C2263A0-3E3C-11D2-9BD3-204C4F4F5020}
{ABE40035-27C3-4A2F-8153-6624471608AF}
{C5702CD6-9B79-11D3-B654-00C04F79498E}
{E18AF75A-08AF-11D3-B64A-00C04F79498E}

 
BDA Tuning Tuning Spaces
HKEY_CLASSES_ROOT\CLSID\{0B3FFB92-0919-4934-9D5B-619C719D0202}
HKEY_CLASSES_ROOT\CLSID\{D02AAC50-027E-11D3-9D8E-00C04F72D980}
 
BLEACH Local Analog Antennas >>
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tuning Spaces

 
 
IAS.Accounting
{6BC096B8-0CE6-11D1-BAAE-00C04FC2E20D}
 
IAS.AccountValidation
{6BC0989E-0CE6-11D1-BAAE-00C04FC2E20D}
 
IAS.ADsDataStore
{6BC096C6-0CE6-11D1-BAAE-00C04FC2E20D}
 
IAS.AuditChannel

{6BC0969D-0CE6-11D1-BAAE-00C04FC2E20D}
 
IAS.AuthorizationHost
{6BC09899-0CE6-11D1-BAAE-00C04FC2E20D}
 
IAS.BaseCampHost
{6BC09898-0CE6-11D1-BAAE-00C04FC2E20D}
 
IAS.CClient
{6BC096DA-0CE6-11D1-BAAE-00C04FC2E20D}

 
IAS.InfoBase
{6BC096A0-0CE6-11D1-BAAE-00C04FC2E20D}
 
IAS.NTEventLog
{6BC0969F-0CE6-11D1-BAAE-00C04FC2E20D}
 
IAS.PolicyEnforcer
{6BC098A7-0CE6-11D1-BAAE-00C04FC2E20D}
 
IAS.ProxyPolicyEnforcer

{6BC098A8-0CE6-11D1-BAAE-00C04FC2E20D}
 
IAS.RadiusProtocol
{6BC09894-0CE6-11D1-BAAE-00C04FC2E20D}
 
HKEY_CLASSES_ROOT\IAS.NetDataStore
 
HKEY_CLASSES_ROOT\IAS.NTGroups
 
HKEY_CLASSES_ROOT\IAS.NTSamAuthentication

 
HKEY_CLASSES_ROOT\IAS.NTSamNames
 
HKEY_CLASSES_ROOT\IAS.Request
 
HKEY_CLASSES_ROOT\IAS.TimeOfDay
 
HKEY_CLASSES_ROOT\IAS.URHandler
 
 
Third Party Dispatchers
 
ThirdPartyEapDispatcherAuthenticatorRuntime

HKEY_CLASSES_ROOT\AppID\{B0E28D63-52F6-4E30-992B-78ECF97268E9}
 
ThirdPartyEapDispatcherPeerConfig
HKEY_CLASSES_ROOT\AppID\{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}
 
ThirdPartyEapDispatcherPeerConfig
HKEY_CLASSES_ROOT\CLSID\{1F7D1BE9-7A50-40b6-A605-C4F3696F49C0}

 
ThirdPartyEapDispatcherPeerRuntime
HKEY_CLASSES_ROOT\CLSID\{87BB326B-E4A0-4de1-94F0-B9F41D0C6059}
 
ThirdPartyEapDispatcherAuthenticatorRuntime
HKEY_CLASSES_ROOT\CLSID\{B0E28D63-52F6-4e30-992B-78ECF97268E9}

 
IThirdPartyEapDispatcherPeerConfig
HKEY_CLASSES_ROOT\Interface\{32C5A81F-27C0-4E66-A894-786F646F1236}
 
IThirdPartyEapDispatcherAuthenticatorConfig
HKEY_CLASSES_ROOT\Interface\{7A3F55BF-EF47-40A6-A0AD-8023CC9ED4C7}

 
IThirdPartyEapDispatcherAuthenticatorRuntime
HKEY_CLASSES_ROOT\Interface\{9DAA7B9D-CE5B-42CE-B942-32BBC284AC44}
 
IThirdPartyEapDispatcherPeerRuntime
HKEY_CLASSES_ROOT\Interface\{C48CA462-67FB-4C12-A21A-6415460FA8AE}

 
ThirdPartyEapDispatcherAuthenticatorConfig
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1FF84C3B-1140-4EB6-BE38-4BE618D2E7D6}
 
ThirdPartyEapDispatcherAuthenticatorConfig
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1FF84C3B-1140-4eb6-BE38-4BE618D2E7D6}

 
 
iPhone binary
 
HKEY_CLASSES_ROOT\.iii
HKEY_CLASSES_ROOT\iiifile
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-iphone
 
 
Yahoo / Google binary
 
C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}
 
C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
HKEY_CLASSES_ROOT\TypeLib\{0548C79F-7B8C-455D-B228-97D35371BB62}
 
C:\Program Files\Yahoo!\Companion\Installs\cpn\YTMsgr.dll

HKEY_CLASSES_ROOT\TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}
 
C:\Program Files\Yahoo!\Companion\Installs\cpn\YMERemote.dll
HKEY_CLASSES_ROOT\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
 
HKEY_CLASSES_ROOT\Yahoo.AntiSpyPlugin

HKEY_CLASSES_ROOT\Yahoo.MessengerCompanionControl
HKEY_CLASSES_ROOT\YBrowserToolbar.YBrowserToolbar
HKEY_CLASSES_ROOT\yt.CacheLoader
HKEY_CLASSES_ROOT\yt.Clickstream
HKEY_CLASSES_ROOT\yt.YTHelper
HKEY_CLASSES_ROOT\yt.YToolbarBand

HKEY_CLASSES_ROOT\ytbbroker.YTBCustomizerAssistant
HKEY_CLASSES_ROOT\ytbbroker.YTBMessengerAssistant
HKEY_CLASSES_ROOT\YTBM.YTBMButton
HKEY_CLASSES_ROOT\YTNavAssist.NameSpaceCF
HKEY_CLASSES_ROOT\YTNavAssist.NameSpacePP

HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin
HKEY_CLASSES_ROOT\YTSingleInstance.SingleInstance
HKEY_CURRENT_USER\Software\Yahoo
HKEY_CURRENT_USER\Software\YahooPartnerToolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Yahoo.AntiSpyPlugin

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Yahoo.MessengerCompanionControl
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\yt.CacheLoader
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\yt.Clickstream

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\yt.YTHelper
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\yt.YToolbarBand
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ytbbroker.YTBCustomizerAssistant
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ytbbroker.YTBMessengerAssistant

HKEY_LOCAL_MACHINE\SOFTWARE\Yahoo
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google
 
 
HKEY_CLASSES_ROOT\CDO.Configuration
 
HKEY_CLASSES_ROOT\CDO.DropDirectory
 
HKEY_CLASSES_ROOT\CDO.Message
 

HKEY_CLASSES_ROOT\CDO.NNTPEarlyConnector
 
HKEY_CLASSES_ROOT\CDO.NNTPFinalConnector
 
HKEY_CLASSES_ROOT\CDO.NNTPPostConnector
 
HKEY_CLASSES_ROOT\CDO.SMTPConnector
 
HKEY_CLASSES_ROOT\CDO.SS_NNTPOnPostEarlySink

 
HKEY_CLASSES_ROOT\CDO.SS_NNTPOnPostFinalSink
 
HKEY_CLASSES_ROOT\CDO.SS_NNTPOnPostSink
 
 
!!!!!!!!!!!!!!!!!!!
 
WARNING | SOME CLSIDs LISTED BELOW ARE NEEDED TO ACCESS EMAIL ACCOUNTS AND 

FOR PURCHASING PRODUCTS ONLINE!
 
THESE SHOULD ONLY BE ERASED BY USERS WHO CARE TO MUCH ABOUT PRIVACY / SECURITY.
 
 
ControlSet001 NetBIOS Interface >>
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\

Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\
{4CB914FE-BA82-482D-A8D2-76DBD283A86A}
 
ControlSet001 NetBIOS SMB Message-oriented ICP/IP >>
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\
Network\{4D36E975-E325-11CE-BFC1-08002BE10318}\

{65450A4E-B19B-4FDC-9AE1-B4D6441C929C}
 
ControlSet002 NetBIOS Interface >>
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\
Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\
{4CB914FE-BA82-482D-A8D2-76DBD283A86A}

 
ControlSet002 NetBIOS SMB Message-oriented ICP/IP >>
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\
Network\{4D36E975-E325-11CE-BFC1-08002BE10318}\
{65450A4E-B19B-4FDC-9AE1-B4D6441C929C}
 
CCSet NetBIOS Interface >>

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\
Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\
{4CB914FE-BA82-482D-A8D2-76DBD283A86A}
 
CCSet NetBIOS SMB Message-oriented ICP/IP >>
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\

Network\{4D36E975-E325-11CE-BFC1-08002BE10318}\
{65450A4E-B19B-4FDC-9AE1-B4D6441C929C}
 
 How to check if your computer leaks Netbios info?
Go to http://member.dnsstuff.com/pages/tools.php

 
 Scroll down until you see â€œDoes your computer leak Netbios
infoâ€ , click â€œFind out!â€ This should be the result >>
 
.......WaitNbtQueryResponse( ) timeout.
 
 The timeout normally indicates that Netbios is not

available on your computer, or you are using a Scope-ID,
or your Internet provider blocks Netbios packets.
All of these are good.
 
 
INTERNET EXPLORER THE INFO LEAKING WHORE
 
GO TO HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs

 
AdvancedOptions\CRYPTO
 
CACHE_FLUSH
CACHE_PAGES
CERTREV
CHECK_SIG
SITECERT
SSL2.0
SSL3.0
SSLREV
SUBMIT
TLS1.0
 
AdvancedOptions\INTERNATIONAL
 
IDN
IDN_INFOBAR

IDN_INTRANET
IDN_SHOWPUNY
UTF8_MAILTO
UTF8_URL
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AutoComplete
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Document Caching
 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Image Caching

 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\InformationCard Token Provider
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\P3
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins

 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\PrintAppletsOnFEWin95
 
Microsoft Url History Service
{3C374A40-BAE4-11CF-BF7D-00AA006946EE}
 
IE AutoComplete
{3028902F-6374-48b2-8DC6-9725E775B926}

 
IE Microsoft History AutoComplete List
{6038EF75-ABFC-4e59-AB6F-12D397F6568D}
 
IE Microsoft Multiple AutoComplete List Container
{B31C5FAE-961F-415b-BAF0-E697A5178B94}
 
Windows Mail AutoDiscovery

HKEY_CLASSES_ROOT\CLSID\{008FD5DD-6DBB-48e3-991B-2D3ED658516A}
 
IMailAutoDiscovery
HKEY_CLASSES_ROOT\Interface\{80402DEE-B114-4D32-B44E-82FD8234C92A}
 
Microsoft Url History Service
HKEY_CLASSES_ROOT\CLSID\{3C374A40-BAE4-11CF-BF7D-00AA006946EE}

 
IE Windows Messenger Extension
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
 
IE P3 Microsoft Registration
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\P3

 
IE URL Search Hooks
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks
 
Intelli-Forms
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms
 
Client UrlCache MMF Ver 5.2

 
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
 
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Url History
 
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache

 
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
 
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\SSL2.0
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\SSL3.0

 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.0
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\CERTREV
Check for publisher's certificate revocation*

 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\SSLREV
Checks for server certificate revocation*
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\CHECK_SIG

Check for signatures on downloaded programs*
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\SITECERT
Warn about certificate address mismatch*
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\SUBMIT

Warn if POST submittal is redirected to a zone that does not permit posts
 
 
 WebCheck 4.0 runs on a secure web server using industry standard,
SSL technology. Data communication between the workstations

and the server listed below.
 
WebCheckWebCrawler
HKEY_CLASSES_ROOT\CLSID\{08165EA0-E946-11CF-9C87-00AA005127ED}
 
WebCheck SyncMgr Handler
HKEY_CLASSES_ROOT\CLSID\{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}

 
WebCheck
HKEY_CLASSES_ROOT\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}
 
WebCheck
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Webcheck
 
C:\WINDOWS\system32\webcheck.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}

 
 
SCHANNEL SSL 2.0
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\
SCHANNEL\Protocols\SSL 2.0
 
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SecurityProviders\
SCHANNEL\Protocols\SSL 2.0

 
SCHANNEL SSL 3.0
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\
SCHANNEL\Protocols\SSL 3.0
 
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SecurityProviders\
SCHANNEL\Protocols\SSL 3.0

 
SCHANNEL TLS 1.0
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\
SCHANNEL\Protocols\TLS 1.0
 
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SecurityProviders\
SCHANNEL\Protocols\TLS 1.0

 
SCHANNEL PKCS
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\
SCHANNEL\KeyExchangeAlgorithms\PKCS
 
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SecurityProviders\
SCHANNEL\KeyExchangeAlgorithms\PKCS

 
 
SSL Certificate Formats
 
HKEY_CLASSES_ROOT\.crt
 
HKEY_CLASSES_ROOT\.der
 
HKEY_CLASSES_ROOT\.p10
 
HKEY_CLASSES_ROOT\.p12
 
HKEY_CLASSES_ROOT\.p7b
 
HKEY_CLASSES_ROOT\.p7c

 
HKEY_CLASSES_ROOT\.p7m
 
HKEY_CLASSES_ROOT\.p7r
 
HKEY_CLASSES_ROOT\.p7s
 
HKEY_CLASSES_ROOT\.pfx
 
HKEY_CLASSES_ROOT\.spc
 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CertificateAuthority.Config

 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CertificateAuthority.Config.1
 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CertificateAuthority.Request
 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CertificateAuthority.Request.1

 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-pkcs12
 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-pkcs7-certificates
 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-pkcs7-certreqresp

 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-x509-ca-cert
 
NEVER MISTAKE SYSTEM CERTIFICATES FOR SSL CERTIFICATES!
 
 
!!!!!!!!!!!!!!!!!!!
 
WARNING, DO NOT ERASE CLSIDs BELOW UNLESS YOU RATHER NOT HAVE FTP

 
FTP Installer to handle FTP Associations
{1ABCFC13-2340-11d2-B601-006097DF5BD4}
 
FTP Folder Web View Automation
{210DA8A2-7445-11d1-91F7-006097DF5BD4}
 
FTP IDataObject impl
{299D0193-6DAA-11d2-B679-006097DF5BD4}

 
Microsoft FTP Folder
{63da6ec0-2e98-11cf-8d82-444553540000}
 
ftp: Asychronous Pluggable Protocol Handler
{79eac9e3-baf9-11ce-8c82-00aa004ba90b}
 
FTP Folder Web View Automation
{210DA8A2-7445-11d1-91F7-006097DF5BD4}

 
FTP Folders Webview
{63da6ec0-2e98-11cf-8d82-444553540000}
 
FTP IDataObject impl
{299D0193-6DAA-11d2-B679-006097DF5BD4}
 
Microsoft FTP Folder
{63da6ec0-2e98-11cf-8d82-444553540000}
 

IFtpWebView
{21DCE770-ABD0-11D2-A32B-006097DF5BD4}
 
Add Network Place
Connects to shared folders, Web folders, and FTP sites.
{D4480A50-BA28-11d1-8E75-00C04FA31A86}
 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp

 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ftp
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Router\CurrentVersion\
RouterManagers\Ip\FTP
 
 
TIPS FOR FOOLS
 
Be careful editing the registry, it is a sensitive complex.

 
!DO NOT BLEACH TELEPHONY! {this will cut the internet connection}
!DO NOT BLEACH SYSTEM CERTIFICATE! {this will destroy the system}
!DO NOT BLEACH CRYPTOGRAPHIC PROVIDERS! {this will destroy the system}
!DO NOT BLEACH CERFile {this is a hardware cryptographic certificate}

!DO NOT BLEACH ITCARD! {this will cut the internet connection}
!DO NOT BLEACH MUICache {this will destroy system restore capability}
!DO NOT BLEACH INK FILE BINARY {this will destroy start menu and desktop shortcuts}

!DO NOT BLEACH RASMAN Certificate! {this would cause browser problems}
!DO NOT BLEACH ANY RPC {this will destroy the system}
!DO NOT BLEACH WHAT YOU DO NOT KNOW! {take this as experienced forewarning}