Trojaner-Board - Verschlüsselungs-Trojaner kann keinen Schlüssel erzeugen mit Decrypthelper

Hier das ergebniss von Malwarebytes

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Database version: v2012.05.23.03

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Marnax :: MARNAX-PC [limited]

Protection: Enabled

24.05.2012 07:57:48
mbam-log-2012-05-24 (07-57-48).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 415694
Time elapsed: 1 hour(s), 52 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 31
HKCR\CrossriderApp0002258.BHO (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.BHO.1 (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.FBApi (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.FBApi.1 (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.Sandbox (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.Sandbox.1 (PUP.CrossFire.Gen) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (PUP.GamePlayLab) -> No action taken.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (PUP.GamePlayLab) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Delete on reboot.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLabs) -> Delete on reboot.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLabs) -> Delete on reboot.
HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLabs) -> Delete on reboot.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Delete on reboot.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Delete on reboot.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Delete on reboot.
HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> Delete on reboot.
HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> Delete on reboot.
HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> Delete on reboot.
HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> Delete on reboot.
HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> Delete on reboot.
HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> Delete on reboot.
HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> Delete on reboot.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This (Adware.GamePlayLabs) -> Delete on reboot.

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|081A4C6D (Trojan.Agent.RNSGen) -> Data: C:\Users\Marnax\AppData\Roaming\Udngxivm\B1CA0A56081A4C6D1E33.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This|Publisher (Adware.GamePlayLab) -> Data: 215 Apps -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 3
C:\Program Files\I Want This (Adware.GamePlayLab) -> Delete on reboot.
C:\Users\Admin.Marnax-PC\AppData\Local\I Want This (Adware.GamePlayLab) -> Delete on reboot.
C:\Users\Admin.Marnax-PC\AppData\Local\I Want This\Chrome (Adware.GamePlayLab) -> Delete on reboot.

Files Detected: 14
C:\Program Files\Uncompressor\Uninstall\Uninstall.exe (PUP.Adware.InstallCore) -> No action taken.
C:\Users\Admin.Marnax-PC\Desktop\ADLSoft_UnCompressor_v2.exe (PUP.Adware.InstallCore) -> No action taken.
C:\Program Files\I Want This\I Want This.dll (PUP.GamePlayLab) -> No action taken.
C:\Program Files\I Want This\I Want This.dll (Adware.GamePlayLabs) -> Delete on reboot.
C:\Program Files\I Want This\I Want This.exe (Adware.GamePlayLabs) -> Delete on reboot.
C:\Program Files\I Want This\I Want ThisGui.exe (Adware.GamePlayLabs) -> Delete on reboot.
C:\Program Files\I Want This\Uninstall.exe (Adware.GamePlayLabs) -> Delete on reboot.
C:\Users\Admin.Marnax-PC\AppData\Local\Temp\is1293846689\IWantThis_ADL_ROW.exe (Adware.GamePlayLabs) -> Delete on reboot.
C:\Users\Admin.Marnax-PC\Desktop\DecryptHelper-0.5.3.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Users\Marnax\Desktop\Neuer Ordner\DecryptHelper-0.5.3.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\I Want This\I Want This.ini (Adware.GamePlayLab) -> Delete on reboot.
C:\Program Files\I Want This\I Want This.ico (Adware.GamePlayLab) -> Delete on reboot.
C:\Program Files\I Want This\I Want ThisInstaller.log (Adware.GamePlayLab) -> Delete on reboot.
C:\Users\Admin.Marnax-PC\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Delete on reboot.

(end)

Quick Scan

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Database version: v2012.05.24.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Marnax :: MARNAX-PC [limited]

Protection: Enabled

24.05.2012 10:24:31
mbam-log-2012-05-24 (10-24-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 211993
Time elapsed: 2 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 29
HKCR\CrossriderApp0002258.BHO (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.BHO.1 (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.FBApi (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.FBApi.1 (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.Sandbox (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0002258.Sandbox.1 (PUP.CrossFire.Gen) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (PUP.GamePlayLab) -> No action taken.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (PUP.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Delete on reboot.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Delete on reboot.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLab) -> Delete on reboot.
HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLab) -> Delete on reboot.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Delete on reboot.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Delete on reboot.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Delete on reboot.
HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> Delete on reboot.
HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> Delete on reboot.
HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> Delete on reboot.
HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> Delete on reboot.
HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> Delete on reboot.
HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> Delete on reboot.
HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> Delete on reboot.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This (Adware.GamePlayLab) -> Delete on reboot.

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This|Publisher (Adware.GamePlayLab) -> Data: 215 Apps -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 3
C:\Program Files\I Want This (Adware.GamePlayLab) -> Delete on reboot.
C:\Users\Admin.Marnax-PC\AppData\Local\I Want This (Adware.GamePlayLab) -> Delete on reboot.
C:\Users\Admin.Marnax-PC\AppData\Local\I Want This\Chrome (Adware.GamePlayLab) -> Delete on reboot.

Files Detected: 9
C:\Program Files\I Want This\I Want This.dll (PUP.GamePlayLab) -> No action taken.
C:\Program Files\I Want This\I Want This.dll (Adware.GamePlayLab) -> Delete on reboot.
C:\Program Files\I Want This\I Want This.ini (Adware.GamePlayLab) -> Delete on reboot.
C:\Program Files\I Want This\I Want This.exe (Adware.GamePlayLab) -> Delete on reboot.
C:\Program Files\I Want This\I Want This.ico (Adware.GamePlayLab) -> Delete on reboot.
C:\Program Files\I Want This\I Want ThisGui.exe (Adware.GamePlayLab) -> Delete on reboot.
C:\Program Files\I Want This\I Want ThisInstaller.log (Adware.GamePlayLab) -> Delete on reboot.
C:\Program Files\I Want This\Uninstall.exe (Adware.GamePlayLab) -> Delete on reboot.
C:\Users\Admin.Marnax-PC\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Delete on reboot.

(end)

Die E-Mail mit dem Trojaner habe ich auch schon zu euch geschickt!