Hallo,
habe nun navilog au meinem Vista 64Bit SP1 zum laufen gebracht.
Habe dazu Startprog geändert indem ich navilog unter c:\ plaziert habe und den ordner "%Program files%"\navilog1..... geändert habe

Nun aber zum Problem.
Ich habe das gleiche Problem wie viele hier.
wenn ich ab und an eine Seite aufmache (egal welche) erscheint en neues IE fesnetr und zusätzlich eine neu Regsiterkarte in meinem IE7 die auf eine AntiSpyware seite verlinkt....

Nun habe ich navilog als admin ausgeführt und in desem log stand folgendes

Search Navipromo version 3.6.6 began on 21.10.2008 at 12:52:31,34

!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!
Fix running from \navilog1
Actual User Account : "Kubinek"

Updated on 29.09.2008 at 17h30 by IL-MAFIOSO

Microsoft Windows Vista 6.0.6001
Version Internet Explorer : 7.0.6001.18000
Filesystem type : NTFS

Search done in normal mode

*** Searching for installed Software ***


*** Search folders in "C:\Windows" ***


*** Search folders in "C:\Program Files" ***


*** Search folders in "c:\progra~3\micros~1\windows\startm~1\programs" ***


*** Search folders in "c:\progra~3\micros~1\windows\startm~1" ***


*** Search folders in "C:\ProgramData" ***


*** Search folders in "c:\users\achima~1\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Search folders in "C:\Users\kubinek\AppData\Roaming" ***


*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net



*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!

* Scan in "C:\Windows\system32" *

* Scan in "C:\Users\kubinek\AppData\Local\Microsoft" *

* Scan in "C:\Users\kubinek\AppData\Local" *



*** Search files ***



*** Search specific Registry keys ***


*** Complementary Search ***
(Search specific files)

1)Search new Instant Access files :


2)Heuristic Search :

* In "C:\Windows\system32" :


* In "C:\Users\kubinek\AppData\Local\Microsoft" :


* In "C:\Users\kubinek\AppData\Local" :

bcxsnicw.dat found !
bcxsnicw.exe found !
bcxsnicw.bat found !
bcxsnicw_nav.dat found !
bcxsnicw_navps.dat found !

3)Certificates Search :

Egroup certificate found !
Electronic-Group certificate found !
Montorgueil certificate not found !
OOO-Favorit certificate found !
Sunny-Day-Design-Ltd certificate not found !

4)Search known files :



*** Search completed on 21.10.2008 at 12:58:23,79 ***

anschliessend habe ich navilog nochmals mit der Option 2 ausführen lassen...

dann wurde wohl versuht diese bcxsnicw.exe zu löschen was wohl nicht gelungen ist... die bat und anderen files konnten gelöscht werden die sich anscheined immer wieder neu erstellen da das Problem immer noch da ist


hier das cleannavi ===>


Navipromo Removal version 3.6.6 started on 21.10.2008 at 13:09:37,81

Fix running from \navilog1
Actual User Account : "kubinek"

Updated on 29.09.2008 at 17h30 by IL-MAFIOSO

Microsoft Windows Vista 6.0.6001
Internet Explorer : 7.0.6001.18000
Filesystem type : NTFS

Cleanning Stage done in normal mode without reboot
!! Results will not be optimised !!

*** Searching, making backups and deleting files ***

No Files entered !!


*** Deleting folders in "C:\Windows" ***


*** Deleting folders in "C:\Program Files" ***


*** Deleting folders in "c:\progra~3\micros~1\windows\startm~1\programs" ***


*** Deleting folders in "c:\progra~3\micros~1\windows\startm~1" ***


*** Deleting folders in "C:\ProgramData" ***


*** Deleting folders in c:\users\achima~1\appdata\roaming\micros~1\windows\startm~1\programs ***


*** Deleting folders in "C:\Users\kubinek\AppData\Roaming" ***



*** Deleting files ***


*** Deleting temporary files ***

Cleaning of C:\Windows\Temp done !
Cleaning of C:\Users\ACHIMA~1\AppData\Local\Temp done !

*** Complementary Search ***
(Search specific files)

1)Deletion with backups new Instant Access files:

2)Heuristic search and deletion with backups :


* In "C:\Windows\system32" *


* In "C:\Users\kubinek\AppData\Local\Microsoft" *


* In "C:\Users\kubinek\AppData\Local" *


bcxsnicw.exe found !
Copy bcxsnicw.exe done !
bcxsnicw.exe !!DELETING FAILED!!

bcxsnicw.dat found !
Copy bcxsnicw.dat done !
bcxsnicw.dat deleted !

bcxsnicw.bat found !
Copy bcxsnicw.bat done !
bcxsnicw.bat deleted !

bcxsnicw_nav.dat found !
Copy bcxsnicw_nav.dat done !
bcxsnicw_nav.dat deleted !

bcxsnicw_navps.dat found !
Copy bcxsnicw_navps.dat done !
bcxsnicw_navps.dat deleted !


*** Copy Registry to Safebackup folder ***

Backing up Registry done !

*** Cleaning Registry ***

Registry cleaned


*** Certificates ***

Egroup Certificate deleted !
Electronic-Group Certificate deleted !
Montorgueil Certificate not found !
OOO-Favorit Certificate deleted !
Sunny-Day-Design-Ltd Certificate not found !


*** Cleaning stage complete on 21.10.2008 at 13:11:44,44 ***


kann mir jemand bitte sagen wo hier das problem liegt und was ich noch machen könnte?

Gruß und danke schonmal
Achim

Hallöle.

Poste bitte ein HijackThis log.