Solved

180ax.exe Adware

Posted on 2004-10-27
153 Views
Last Modified: 2010-04-11
I have a computer that is infected with 180ax.exe that keeps popping up ads and slowing down the computer.
The files reside in C:\windows 180ax.exe, 180 log files and a 180 dll file.

Windows will not let me remove the files.

If I boot from a floppy I can probably manually remove them but will this take care of the problem or will it just resurface again.

Thanks
Les
0
Question by:lesfazekas
    6 Comments
     
    LVL 65

    Expert Comment

    by:SheharyaarSaahil
    Hello lesfazekas =)

    >> Windows will not let me remove the files.
    What the problem, have u tried deleting them in Safemode ??

    do u get Access Denied Error. if yes then take their ownership,

    HOW TO: Take Ownership of a File or Folder in Windows XP:
    http://support.microsoft.com/?kbid=308421

    How do I take ownership of objects in Windows 2000?
    http://www.jsiinc.com/SUBG/TIP3400/rh3494.htm
    0
     
    LVL 49

    Accepted Solution

    by:
    Hi lesfazekas,

    To start with do this
    Login to windows in normal mode
    http://windowsxp.mvps.org/Startup.htm
    Check the above link and navigate to all registry entries and disable that exe file if present.

    Then according to what shehary has said log to safe mode and try to delete that file.
    The above startup would prevent the exe file from running at the first place..

    If you cannot remove it then use these tools

    **********
    PLEASE GET THE SPYWARE REMOVAL TOOLS FROM THE BELOW WEBSITE. THAT PAQ IS CREATED SO THAT ALL THE TOOLS ARE NOT GUMMED UP IN THIS THREAD.

    Some of the experts here have helped in compiling all the important spyware tools and they are listed in this thread
    http://www.experts-exchange.com/Web/Browser_Issues/Q_20975384.html

    My recommendation would be to start with Spybot ,Ad-ware ,CWshredder.After installing them, First Update them and then run

    Once running all the above tools and others given in that thread, download and run Hijackthis.
    Download Hijacthis from here http://www.softpedia.com/public/cat/10/17/10-17-69.shtml.
    Get the log from Hijackthis and save the log and paste it here http://hijackthis.de/index.php?langselect=english to analyze it. The analyser site is used so that you donot gum up the thread with the entire log.

    Remove the bad ones that the site reports. If it says unknown process, then use a search engine to check if those are bad ones. If bad remove them , if you still cannot find then post those files alone here.


    Remove temporary internet files, folders and cookies
    Also remove windows Temp files going to

    1) Start --> run --> typein:  %systemroot%/temp
    2) Start  --> run --> typein: %temp%

    ***************************
    SR..
    0
     
    LVL 65

    Expert Comment

    by:SheharyaarSaahil
    >> but will this take care of the problem or will it just resurface again.

    No guesses.... depends on How much strong is the infection,,, if u are using WinXP, rmemebr to disable system restore before cleaning the system !!
    Run all ur spwyare removal tools in safemode and then manually remove the remainent files and registries !!
    Now check back if same problem ??
    0
     
    LVL 65

    Expert Comment

    by:SheharyaarSaahil
    BTW 180ax.exe comes in the catogary of 180Solutions malware..... may be u shud read this article to get some idea how to kick this nasty out of ur system :)

    Uninstall 180 Search Assistant
    http://www.sawtoothdistortion.com/Articles/Uninstall180Search.html
    0
     
    LVL 22

    Expert Comment

    by:jvuz
    0
     
    LVL 22

    Expert Comment

    by:jvuz
    Also do a check with stinger:

    http://vil.nai.com/vil/stinger/
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Course: From Zero to Hero with Nodejs & MongoDB

    Interested in Node.js, but don't know where to start or how to learn it properly? Confused about how the MEAN stack pieces of MongoDB, Expressjs, Angularjs, and Nodejs fit together? Or how it's even possible to run JavaScript outside of the browser?

    By default, Carbonite Server Backup manages your encryption key for you using Advanced Encryption Standard (AES) 128-bit encryption. If you choose to manage your private encryption key, your backups will be encrypted using AES 256-bit encryption.
    Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
    With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
    Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

    933 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now