Wie oben bneschrieben hat sich mein Rechner von selber Neu gestartet. Finde das höchst seltsam. Des weiteren sind komische Tasks zu sehen (xcomsrvr usw). Bitte mal das Logfile anschauen, Danke.

Logfile of HijackThis v1.99.1
Scan saved at 21:08:58, on 29.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\DAEMON Tools\daemon.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\QuickTime\qttask.exe
C:\PROGRA~1\softwin\BITDEF~2\bdmcon.exe
C:\Programme\Softwin\BitDefender9\bdoesrv.exe
C:\PROGRA~1\softwin\BITDEF~2\bdnagent.exe
C:\progra~1\softwin\bitdef~2\bdswitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\ATI Technologies\ATI.ACE\CLI.EXE
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe
C:\Programme\Softwin\BitDefender9\vsserv.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
F:\Programme\ICQLite\ICQLite.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\*****\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://w*w.necrofilius.de/
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - F:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~2\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] "C:\Programme\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\softwin\BITDEF~2\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\softwin\BITDEF~2\bdswitch.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] F:\Programme\ICQLite\ICQLite.exe -trayboot
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Programme\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - ht*p://go.microsoft.com/fwlink/?linkid=39204
O17 - HKLM\System\CCS\Services\Tcpip\..\{71CC6BB6-124B-4670-8183-94368E8DDB7E}: NameServer = 195.247.247.195 62.27.27.62
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Programme\Gemeinsame Dateien\BOONTY Shared\Service\Boonty.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Programme\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

mOIn auch

die von dir angesprochene Datei gehört zu deinem Antivirenprogramm C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe" /service

lasse bitte folgende Datei :
C:\WINDOWS\runservice.exe
hier
Virustotal
oder hier
Jotti
überprüfen (kann bisschen dauern),
poste die Ergebnisse mit der Angabe der größe der hochgeladenen Datei,
auch wenn nichts gefunden wurde.

MFG

Hallo

Danke für deine Hilfe, habe die Datei mal scannen lassen. Hier das Ergebniss:

Complete scanning result of "Runservice.exe", received in VirusTotal at 10.18.2006, 11:12:54 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.30 10.18.2006 no virus found
Authentium 4.93.8 10.18.2006 no virus found
Avast 4.7.892.0 10.17.2006 no virus found
AVG 386 10.17.2006 no virus found
BitDefender 7.2 10.18.2006 no virus found
CAT-QuickHeal 8.00 10.17.2006 no virus found
ClamAV devel-20060426 10.18.2006 no virus found
DrWeb 4.33 10.18.2006 no virus found
eTrust-InoculateIT 23.73.25 10.18.2006 no virus found
eTrust-Vet 30.3.3141 10.18.2006 no virus found
Ewido 4.0 10.18.2006 no virus found
Fortinet 2.82.0.0 10.18.2006 no virus found
F-Prot 3.16f 10.18.2006 no virus found
F-Prot4 4.2.1.29 10.17.2006 no virus found
Ikarus 0.2.65.0 10.18.2006 no virus found
Kaspersky 4.0.2.24 10.18.2006 no virus found
McAfee 4875 10.17.2006 no virus found
Microsoft 1.1603 10.18.2006 no virus found
NOD32v2 1.1808 10.17.2006 no virus found
Norman 5.90.23 10.17.2006 no virus found
Panda 9.0.0.4 10.17.2006 no virus found
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.100 10.18.2006 no virus found
UNA 1.83 10.17.2006 no virus found
VBA32 3.11.1 10.17.2006 no virus found
VirusBuster 4.3.7:9 10.17.2006 no virus found

Aditional Information
File size: 2560 bytes
MD5: 29fab5363138f6e322f4cd780ed9d337
SHA1: a8b494d736c665b463b71c44ca99f248fd938d6d

Wars das jetzt oder kommt noch was?