Need2FindBar,P2PNetworking,InstaFinderK,Peer Points Manager,RXToolBar,Download Manager

Kazaa , Need2FindBar , P2PNetworking , InstaFinderK , Peer Points Manager , RXToolBar , Download Manager

HijackTHis

O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483}- C:\Program Files\RXToolBar\sfcont.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL
O3 - Toolbar: RX Toolbar - {25D8BACF-3DE2-4B48-AE22-D659B8D835B0} - C:\Programme\RXToolBar\RXToolBar.dll
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [KAZAA] C:\Programme\Kazaa\kazaa.exe /SYSTRAY
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -
O8 - Extra context menu item: Search - http://kp.bar.need2find.com/KP/menusearch.html?p=KP
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll

Killbox

C:\WINDOWS\System32\P2P Networking
C:\Programme\Need2Find
C:\Programme\RXToolBar
C:\Kazaa
C:\Program Files\Altnet

Spyware.P2PNetworking

REGEDIT4 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\P2P Networking] [-HKEY_LOCAL_MACHINE\SOFTWARE\P2P Networking] [-HKEY_CLASSES_ROOT\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}] [-HKEY_CLASSES_ROOT\CLSID\{CC7A6223-3759-4075-8CEA-971F5CFC0ED2}] [-HKEY_CLASSES_ROOT\clsid\{c91e8926-d4be-4685-99f4-0d996b96bac0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}] [-HKEY_CLASSES_ROOT\WebP2PInstaller.Installer] [-HKEY_CLASSES_ROOT\JCDE_Stack] [-HKEY_CLASSES_ROOT\JCDE_Stack.1] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0}] [-HKEY_CLASSES_ROOT\typelib\{f720b40f-3a38-4b22-b30d-dcf095d42498}] [-HKEY_CLASSES_ROOT\WebP2PInstaller.Installer.1] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74}] [-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\p2p networking]

C:\Dokumente und Einstellungen\Username\Lokale Einstellungen\Temp\p2psetup.exe
C:\WINDOWS\Downloaded Program Files\WebP2PInstaller.dll ->> TrojanDownloader.WebP2PInstaller
C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL

C:\WINDOWS\system32\P2P Networking
c:\windows\system32\p2p networking\p2p networking.eng
c:\windows\system32\p2p networking\cache\database\file-1001-595.sig
c:\windows\system32\p2p networking\cache\database\index256.dbb
c:\windows\downloaded program files\webp2pinstaller.dll
c:\windows\system32\p2p networking v126.cpl
C:\WINDOWS\Downloaded Program Files\WebP2PInstaller.dll

Need2FindBar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D1C4E89-A32A-416b-BCDB-33B3EF3617D3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D1C4E8B-A32A-416b-BCDB-33B3EF3617D3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{630D6140-04C5-4db0-B27A-020D766FF09B} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4D1C4E8A-A32A-416B-BCDB-33B3EF3617D3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4D1C4E8C-A32A-416B-BCDB-33B3EF3617D3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Need2FindBar.SettingsPlugin\CLSID HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Need2FindBar.SettingsPlugin\CurVer HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Need2FindBar.ToolbarPlugin HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Need2FindBar Uninstall HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Need2FindBar HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner

C:\!Submit\1.bin\ND2FNBAR.DLL
C:\!Submit\1.bin\NPND2FN.DLL
C:\!Submit\bar\1.bin\N2PLUGIN.DLL
C:\!Submit\bar\1.bin\ND2FNBAR.DLL
C:\!Submit\bar\1.bin\NPND2FN.DLL
C:\Programme\Need2Find

Altnet\Download Manager

C:\Program Files\Altnet\Download Manager\adm25.dll
C:\Program Files\Altnet\Download Manager\adm4.dll
C:\Program Files\Altnet\Download Manager\admdloader.dll
C:\Program Files\Altnet\Download Manager\admfdi.dll
C:\Program Files\Altnet\Download Manager\admprog.dll
C:\Program Files\Altnet\Download Manager\altnetuninstall.exe
C:\Program Files\Altnet\Download Manager\asmend.exe
C:\Program Files\Altnet\Points Manager\setup.cab/PMuninstall.bde
C:\Program Files\Altnet\Points Manager\sysdetect.dll - Adware.BrilliantDigital
C:\Kazaa\TopSearch.dll - Spyware.Altnet

[-HKEY_LOCAL_MACHINE\software\altnet]
[-HKEY_CLASSES_ROOT\appid\{8b0fef15-54dc-49f5-8377-8172de975f75}]
[-HKEY_CLASSES_ROOT\clsid\{3646c2bd-3554-49ca-8125-44deefb881de}]
[-HKEY_CLASSES_ROOT\CLSID\{E813099D-5529-47F4-9B37-4AFAFCB00A43}]
[-HKEY_CLASSES_ROOT\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8}]
[-HKEY_CLASSES_ROOT\SigningModule.SigningModule]
[-HKEY_CLASSES_ROOT\SigningModule.SigningModule.1]

RxToolbar

c:\programme\rxtoolbar\rx.xml
c:\programme\rxtoolbar\rxwebsearches.xsl
c:\programme\rxtoolbar\sfcont.bin
c:\programme\rxtoolbar\graphics\additional.gif
c:\programme\rxtoolbar\graphics\additional_active.gif
c:\programme\rxtoolbar\graphics\background.jpg
c:\programme\rxtoolbar\graphics\blue_hr_horz.gif
c:\programme\rxtoolbar\graphics\gray_hr_horz.gif
c:\programme\rxtoolbar\graphics\thumbtack.gif
c:\programme\rxtoolbar\graphics\thumbtack_active.gif
c:\programme\rxtoolbar\graphics\thumbtack_click.gif
c:\programme\rxtoolbar\html\content.htm
c:\programme\rxtoolbar\html\main.htm
c:\programme\rxtoolbar\semantic insight\bkpack01.01.dat
c:\programme\rxtoolbar\semantic insight\bkpack01.01.sig
c:\programme\rxtoolbar\semantic insight\bkpack01.dat
c:\programme\rxtoolbar\semantic insight\bkpack01.sig
c:\programme\rxtoolbar\semantic insight\blabels01.dat
c:\programme\rxtoolbar\semantic insight\blabels01.sig
c:\programme\rxtoolbar\semantic insight\customersecret.key
c:\programme\rxtoolbar\semantic insight\customersecret.sig
c:\programme\rxtoolbar\semantic insight\nlabels01.dat
c:\programme\rxtoolbar\semantic insight\nlabels01.sig

HKEY_LOCAL_MACHINE\Software\RXResults
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RXToolBar

MyGlobalSearch.Toolbar

c:\programme\myglobalsearch\bar\history\search


[-HKEY_CLASSES_ROOT\MyGlobalSearchBar.ToolbarPlugin]
[-HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch]

HijackThis

O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O3 - Toolbar: RX Toolbar - {25D8BACF-3DE2-4B48-AE22-D659B8D835B0} - C:\Programme\RXToolBar\RXToolBar.dll
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [rdirector] C:\WINDOWS\System32\rdirector.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Programme\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [rdirector] C:\WINDOWS\System32\rdirector.exe

C:\WINDOWS\Downloaded Program Files\WebP2PInstaller.dll
C:\WINDOWS\SYSTEM32\AdCache -> Adware.Cydoor

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RXToolBar.TBInfo HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RXToolBar.TBInfo\CLSID HKEY_LOCAL_MACHINE\SOFTWARE\Gator.com HKEY_LOCAL_MACHINE\SOFTWARE\Gator.com\Gator HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ {1D6711C8-7154-40BB-8380-3DEA45B69CBF} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AltnetDM HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RXToolBar HKU\S-1-5-21-1823710139-2704508892-1694447197-1005\Software\Kazaa\Promotions\Cydoor

Counterspy/Vipre

---

---

Counter-Box.de