Damn Adwares, Need help, don't even know error!

damnadwares · Apr 11, 2006

I need help. My problem are random popup ads that appear in Firefox (scrpit based I think, cuz they happen randomly) (they happen even if not at the start of loading of the page, ex. been reading a long thread for 10mins now, then suddenly bam! redirected to a site, usually match.com). Reason: I opened a setup.exe from limewire, thought it was a "good" program (damn it! stupid! stupid!).

My Pc: P4 1.7 Ghz, 512mb ram, 40Gb Hardisk, Win Xp
Things I've tried: Ad-aware, avg anti-virus, hijackthis, startup inspector, bazooka, etc

Each time i tried something new came up from trojans to viruses. Each time I remove them, problem is still not solved. I beleive this is the work of only 1 trojan/virus/script and not multiple. They basically cause you to randomly enter a site (match.com) and you see down the loading page "connecting to ad.firstadsolution.com" and it goes to different websites like "http://www.browserbuy-out.com/tau.html" in the adress bar but all show match.com. I've noticed that they usually follow this pattern http://www.(site here).com/tau.html "tau" seems to appear often. Bazooka says its "Exploit Beehappyy.biz" tho ive researched on it and found no identical symptoms. I've also tried to delete the files that were said in Bazooka main site manual removal, but they dont exist.

Another weird thing is some folders are hidden and i don't know how to make them come out. I don't mean the "right click>properties>hide" hidden, which can be seen by "show hidden files". I mean the hide that sorts of you cant see unless you type it directly to the adress bar such as C:/windows/tn25 folder, which i dont see. I've only found out about them when ad-aware browsed and I saw these invisible folders. Others include C;/windows/found.001, found.002, found.003, etc. Even my system32 folder disappeared and can only be seen when typed directly to the adress bar.

I think that the problem is a script (tho i know nothing about viruses and errors) but it redirects you to page...so thats what i think.

Here's hijackthis log but i didn't see any errors tho

EDIT: Inline log removed

DavidGP · Apr 11, 2006

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

- Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

Make sure you check version numbers and get all updates.

- Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

Downloading, Installing, and Running HijackThis

When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)

Bitdefender

Panda Scan

HijackThis

Log in or Sign up

Damn Adwares, Need help, don't even know error!

damnadwares Private E-2

DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member