Hallo Leute , mein Sohn hat sich auf seinem PC etliche Trojaner eingefangen.
Ich habe bei euch auf dem Board mir einige Beiträge zu Zlob durchgelesen und folgendes gemacht.
Zu erst mit Smitfraudfix probiert , damit konnte ich vorerst die größten Probleme beheben , aber es erschienen immer noch vom Trojaner verursachte Meldungen. Dann habe ich Anti - Malware benutzt und es sieht im Moment ganz gut aus. Da ich bei euch gelesen habe man soll den Report trotzdem posten , mach ich das jetzt - auf das mir jemand sagen kann ob alles gut ist ?
Danke für eure Mühe - Kiwuzi

Malwarebytes' Anti-Malware 1.15
Datenbank Version: 838

21:09:06 07.06.2008
mbam-log-6-7-2008 (21-09-06).txt

Scan Art: Komplett Scan (C:\|)
Objekte gescannt: 111297
Scan Dauer: 20 minute(s), 18 second(s)

Infizierte Speicher Prozesse: 0
Infizierte Speicher Module: 0
Infizierte Registrierungsschlüssel: 13
Infizierte Registrierungswerte: 8
Infizierte Datei Objekte der Registrierung: 0
Infizierte Verzeichnisse: 5
Infizierte Dateien: 17

Infizierte Speicher Prozesse:
(Keine Malware Objekte gefunden)

Infizierte Speicher Module:
(Keine Malware Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\e405.e405mgr (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\e405.e405mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6b5cfd66-1f55-4fc2-b5af-36b66e7cfe6a} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6b5cfd66-1f55-4fc2-b5af-36b66e7cfe6a} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{99ba268b-4021-4739-9945-3c774217fe75} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99ba268b-4021-4739-9945-3c774217fe75} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e89fa8e9-5c0b-45f6-a70e-f7b177bcd193} (Trojan.Zlob) -> Quarantined and deleted successfully.
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\internetgamebox (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\e405.e405mgr (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\e405.e405mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\AntiVirProtect (Rogue.AntiVirProtect) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\e405.e405mgr (Trojan.Zlob) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{51d81dd5-55b7-497f-95db-d356429bb54e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{e89fa8e9-5c0b-45f6-a70e-f7b177bcd193} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> Quarantined and deleted successfully.

Infizierte Datei Objekte der Registrierung:
(Keine Malware Objekte gefunden)

Infizierte Verzeichnisse:
C:\Programme\InternetGameBox (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources\favoris (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\247880 (Trojan.BHO) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\System Volume Information\_restore{0D24E212-DA42-4273-9407-6AE2E4916E91}\RP159\A0153798.exe (Rogue.VirusHeat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D24E212-DA42-4273-9407-6AE2E4916E91}\RP159\A0153853.exe (Rogue.AntiVirProtect) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D24E212-DA42-4273-9407-6AE2E4916E91}\RP159\A0153855.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D24E212-DA42-4273-9407-6AE2E4916E91}\RP159\A0153856.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D24E212-DA42-4273-9407-6AE2E4916E91}\RP159\A0153857.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\InternetGameBox.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\language (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\uninst.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources\AttenteOff.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources\AttenteOn.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources\configv2_en.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources\configv2_es.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources\configv2_fr.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources\favoris\defaultv2.swf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\skins\skinv2.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\****\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\VirusHeat 4.4.lnk (Rogue.VirusHeat) -> Quarantined and deleted successfully.

Ich kann Dir sagen, das viel gefunden wurde.

Poste bitte noch ein HijackThis Logfile, dann können wir weiter sehen.