Hello Dream Team,

I am new, I have read a lot since months, did the recommended procedure before posting... here I am with my Kaspersky and HijackThis' logs, ready for analysis. As they did not fit in the post, I am sending them as attached docs.

Thank you so much in advance.

It all started with these ad pages opening at every Internet connection, even though I was clicking on "close" or "cancell".

Can it be that I have allowed the wrong people (bunebv.exe) in Spybot Resident's register modifications ; it could even be that some time ago I have let the wrong certificate be installed (Thawte) and the wrong file (F Secure)?

But how do you know which address to authorize or refuse, if they don't give you the same name or address which you can read when installing something? Should I definetely refuse or accept this strange "bunebv.exe" and how about "vcjoslovnv.exe", which I had previously refused, then accepted, because it seemed to be linked to Navilog1??

Friendly yours