Trojaner-Board - Habe ein Problem und kann es leider nich lösen

Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D881-17FA

Verzeichnis von c:\

21.05.2008 22:31 0 dirdat.txt
21.05.2008 22:25 10.794 ComboFix.txt
21.05.2008 22:12 1.207.959.552 pagefile.sys
21.05.2008 22:11 268 sqmdata00.sqm
21.05.2008 22:11 244 sqmnoopt00.sqm
11.05.2008 23:40 0 proxy.txt
11.05.2008 23:40 341 Craagle.ini
06.05.2008 12:15 0 FileOut.Cns
06.05.2008 12:15 0 FileIn.Cns

Verzeichnis von C:\WINDOWS\system32

21.05.2008 22:14 403.968 perfh009.dat
21.05.2008 22:14 63.188 perfc009.dat
21.05.2008 22:14 418.970 perfh007.dat
21.05.2008 22:14 76.014 perfc007.dat
21.05.2008 22:14 974.848 PerfStringBackup.INI
21.05.2008 22:12 88.566 nvapps.xml
19.05.2008 07:44 2.184 wpa.dbl
06.05.2008 11:21 313.968 FNTCACHE.DAT
05.05.2008 19:13 9.216 Thumbs.db
22.04.2008 13:48 6.641 jupdate-1.6.0_05-b13.log
05.04.2008 15:32 532.480 J„germeister.scr
08.03.2008 09:57 16.832 amcompat.tlb
08.03.2008 09:57 23.392 nscompat.tlb
22.02.2008 02:33 139.264 javaws.exe
22.02.2008 02:33 69.632 javacpl.cpl
22.02.2008 01:23 135.168 javaw.exe
22.02.2008 01:23 135.168 java.exe

Verzeichnis von C:\WINDOWS

21.05.2008 22:24 227 system.ini
21.05.2008 22:13 0 0.log
21.05.2008 22:12 2.048 bootstat.dat
21.05.2008 22:11 32.612 SchedLgU.Txt
20.05.2008 15:27 50 wiaservc.log
20.05.2008 15:27 412 wiadebug.log
20.05.2008 08:17 71 pex.INI
17.05.2008 10:36 54.156 QTFont.qfn
17.05.2008 01:58 159.744 emxa.exe
16.05.2008 12:27 116 NeroDigital.ini
16.05.2008 12:26 167.856 wmsetup.log
15.05.2008 08:14 30 Iedit.INI
11.05.2008 14:09 1.041 Ulead32.ini
08.05.2008 20:03 1.409 QTFont.for
07.05.2008 09:06 62 ACROREAD.INI
06.05.2008 11:07 656.411 setupapi.log
30.04.2008 08:11 316.640 WMSysPr9.prx
19.04.2008 14:17 6.756 ModemLog_Motorola USB Modem.txt
13.04.2008 12:04 1.392 mozver.dat

"Silent Runners.vbs", revision 58, http://www.silentrunners.org/
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\System32\ctfmon.exe" [MS]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = ""C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe"" ["Nero AG"]
"MsnMsgr" = ""C:\Programme\MSN Messenger\MsnMsgr.Exe" /background" [MS]
"Yahoo! Pager" = ""C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet" ["Yahoo! Inc."]
"ICQ" = ""C:\Programme\ICQ6\ICQ.exe" silent" ["ICQ, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"Cmaudio" = "RunDll32 cmicnfg.cpl,CMICtrlWnd" [MS]
"NWEReboot" = "(empty string)" [file not found]
"NeroFilterCheck" = "C:\WINDOWS\System32\NeroCheck.exe" ["Nero AG"]
"ISUSPM Startup" = ""C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe" -startup" ["Macrovision Corporation"]
"ISUSScheduler" = ""C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start" ["Macrovision Corporation"]
"Easy-PrintToolBox" = "C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon" ["CANON INC."]
"avgnt" = ""C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min" ["Avira GmbH"]
"SunJavaUpdateSched" = ""C:\Programme\Java\jre1.6.0_05\bin\jusched.exe"" ["Sun Microsystems, Inc."]
"QuickTime Task" = ""C:\Programme\QuickTime\qttask.exe" -atboottime" ["Apple Inc."]
"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup" [MS]
"nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"]
"NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit" [MS]
"Adobe Reader Speed Launcher" = ""C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"" ["Adobe Systems Incorporated"]
"Ulead Memory Card Detector" = "C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0\Monitor.exe" ["Ulead Systems, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{02478D38-C3F9-4efb-9B51-7695ECA05670}\(Default) = (no title provided)
-> {HKLM...CLSID} = "&Yahoo! Toolbar Helper"
\InProcServer32\(Default) = "C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll" ["Yahoo! Inc."]
{055FD26D-3A88-4e15-963D-DC8493744B1D}\(Default) = "XTTBPos00"
-> {HKLM...CLSID} = "XTTBPos00 Class"
\InProcServer32\(Default) = "C:\PROGRA~1\ICQTOO~1\toolbaru.dll" ["IE Toolbar"]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF Reader"
\InProcServer32\(Default) = "C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{132F969E-2442-47BE-8CC8-955483AF951B}\(Default) = (no title provided)
-> {HKLM...CLSID} = "QXK Rhythm"
\InProcServer32\(Default) = "C:\WINDOWS\fvowketqfgq.dll" [file not found]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Programme\Java\jre1.6.0_05\bin\ssv.dll" ["Sun Microsystems, Inc."]
{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Windows Live Sign-in Helper"
\InProcServer32\(Default) = "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Windows Live Toolbar Helper"
\InProcServer32\(Default) = "C:\Programme\Windows Live Toolbar\msntb.dll" [MS]