Knowing what service name is what is quite useful. The attached list lists many, primarily native OS, and security product-related services that I have aggregated by looking at native services from various Windows versions and collecting service-related string islands from many malware samples. Note: it’s been a few years since I last updated it.

There was a time when knowing GUIDs of adware/spyware you could instantly attribute a sample to a known rogue company or group. Of course, these days are long gone, but what’s left behind is knowledge which GUIDs map to what…

GUIDs are all over the place – there are CLSIDs, UUIDs, they can refer to classes, interfaces, object properties, known folder IDs, even old ActiveX controls and IE toolbars, and new ones keep coming in ! So how do we know which ones are important?

My recipe was to always collect as many of these as possible!

This is a small excerpt from some quick regex-fu over HijackThis Logs. And here is a list of GUIDs I have built over the years.