Hallo

Ich habe zwar einige Threads zu diesem Thema gefunden, aber die haben mir nicht wirklich geholfen
Bei mir verabschiedet sich ebenfalls die drwtsn32.exe samt explorer.exe...

Habe einen Onlinecheck (http://virusscan.jotti.org/) der drwtsn.exe gemacht, bei dem jedoch nichts gefunden wurde...:

Zitat:

File: drwtsn32.exe
Status:
OK
Packers detected:
-


Scanner results

AntiVir - Found nothing
Avast - Found nothing
AVG Antivirus - Found nothing
BitDefender - Found nothing
ClamAV - Found nothing
Dr.Web - Found nothing
F-Prot Antivirus - Found nothing
Fortinet - Found nothing
Kaspersky Anti-Virus - Found nothing
mks_vir - Found nothing
NOD32 - Found nothing
Norman Virus Control - Found nothing
VBA32 - Found nothing

Meine HijackThis Logfile sieht wie folgt aus:

Zitat:

Logfile of HijackThis v1.99.1
Scan saved at 16:05:07, on 03.04.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\BUHLDA~1\sfw.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programme\Microsoft IntelliType Pro\type32.exe
C:\Programme\Hide Folders XP\hfxp.exe
C:\Programme\WinKey\WinKey.exe
C:\Programme\Trillian 3.1 Beta\trillian.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Programme\GetRight\GetRight.exe
C:\Programme\GetRight\GetRight.exe
C:\Dokumente und Einstellungen\eiz\Desktop\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Acrobat Reader 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Programme\NetTransport\NTIEHelper.dll
O4 - HKLM\..\Run: [type32] "C:\Programme\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [PC Firewall Professional] C:\PROGRA~1\BUHLDA~1\sfw.exe /waitservice
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programme\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [hfxp] C:\Programme\Hide Folders XP\hfxp.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Programme\IncrediMail\bin\IncMail.exe /c
O4 - Startup: Trillian.lnk = C:\Programme\Trillian 3.1 Beta\trillian.exe
O4 - Global Startup: mIRC 6.16.lnk = C:\Programme\mIRC\mirc.exe
O4 - Global Startup: WinKey.lnk = C:\Programme\WinKey\WinKey.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Alles mit Net Transport herunterladen - C:\Programme\NetTransport\NTAddList.html
O8 - Extra context menu item: Herunterladen mit Net Transport - C:\Programme\NetTransport\NTAddLink.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\PROGRA~1\BUHLDA~1\TRASH.EXE (HKCU)
O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\PROGRA~1\BUHLDA~1\TRASH.EXE (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1110652386968
O17 - HKLM\System\CCS\Services\Tcpip\..\{BFE77675-520B-4CE8-906D-0DE182ACCF9E}: NameServer = 192.168.2.1
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Programme\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: SFirewall Service (SFirewall) - Unknown owner - C:\PROGRA~1\BUHLDA~1\sfw.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

Danke schonmal :/

Kann mir denn niemand helfen?

@eiz
im logfile sehe ich nichts besonderes

lade escan
download
anleitung
EscanErgebnis
Teile uns das Ergebnis des eScan mit: "öffne die mwav.log -> Bearbeiten -> Suchen -> infected oder tagged eingeben -> Weitersuchen -> Treffer markieren/kopieren und ins Forum übertragen."

chaosman

Zitat:

Wed Apr 13 23:35:39 2005 => Total Objects Scanned: 40710
Wed Apr 13 23:35:39 2005 => Total Virus(es) Found: 0
Wed Apr 13 23:35:39 2005 => Total Disinfected Files: 0
Wed Apr 13 23:35:39 2005 => Total Files Renamed: 0
Wed Apr 13 23:35:39 2005 => Total Deleted Objects: 0
Wed Apr 13 23:35:39 2005 => Total Errors: 2
Wed Apr 13 23:35:39 2005 => Time Elapsed: 00:48:26
Wed Apr 13 23:35:39 2005 => Virus Database Date: 2005/04/13
Wed Apr 13 23:35:39 2005 => Virus Database Count: 118205

Wed Apr 13 23:35:39 2005 => Scan Completed.

Woran kann das denn jez liegen :/