Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

180ax.exe Adware

Posted on 2004-10-27
6
Medium Priority
?
159 Views
Last Modified: 2010-04-11
I have a computer that is infected with 180ax.exe that keeps popping up ads and slowing down the computer.
The files reside in C:\windows 180ax.exe, 180 log files and a 180 dll file.

Windows will not let me remove the files.

If I boot from a floppy I can probably manually remove them but will this take care of the problem or will it just resurface again.

Thanks
Les
0
Comment
Question by:lesfazekas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 12423226
Hello lesfazekas =)

>> Windows will not let me remove the files.
What the problem, have u tried deleting them in Safemode ??

do u get Access Denied Error. if yes then take their ownership,

HOW TO: Take Ownership of a File or Folder in Windows XP:
http://support.microsoft.com/?kbid=308421

How do I take ownership of objects in Windows 2000?
http://www.jsiinc.com/SUBG/TIP3400/rh3494.htm
0
 
LVL 49

Accepted Solution

by:
sunray_2003 earned 2000 total points
ID: 12423306
Hi lesfazekas,

To start with do this
Login to windows in normal mode
http://windowsxp.mvps.org/Startup.htm
Check the above link and navigate to all registry entries and disable that exe file if present.

Then according to what shehary has said log to safe mode and try to delete that file.
The above startup would prevent the exe file from running at the first place..

If you cannot remove it then use these tools

**********
PLEASE GET THE SPYWARE REMOVAL TOOLS FROM THE BELOW WEBSITE. THAT PAQ IS CREATED SO THAT ALL THE TOOLS ARE NOT GUMMED UP IN THIS THREAD.

Some of the experts here have helped in compiling all the important spyware tools and they are listed in this thread
http://www.experts-exchange.com/Web/Browser_Issues/Q_20975384.html

My recommendation would be to start with Spybot ,Ad-ware ,CWshredder.After installing them, First Update them and then run

Once running all the above tools and others given in that thread, download and run Hijackthis.
Download Hijacthis from here http://www.softpedia.com/public/cat/10/17/10-17-69.shtml.
Get the log from Hijackthis and save the log and paste it here http://hijackthis.de/index.php?langselect=english to analyze it. The analyser site is used so that you donot gum up the thread with the entire log.

Remove the bad ones that the site reports. If it says unknown process, then use a search engine to check if those are bad ones. If bad remove them , if you still cannot find then post those files alone here.


Remove temporary internet files, folders and cookies
Also remove windows Temp files going to

1) Start --> run --> typein:  %systemroot%/temp
2) Start  --> run --> typein: %temp%

***************************
SR..
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 12423348
>> but will this take care of the problem or will it just resurface again.

No guesses.... depends on How much strong is the infection,,, if u are using WinXP, rmemebr to disable system restore before cleaning the system !!
Run all ur spwyare removal tools in safemode and then manually remove the remainent files and registries !!
Now check back if same problem ??
0
WEBINAR - Latest Cyber Tips for Defense

Join the WatchGuard Threat Research Team on October 26th for an informative webinar featuring expert tips and tricks for defending your organization from today's latest cyber threats. Don't leave yourself vulnerable to attack. Register for the webinar today!

 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 12423398
BTW 180ax.exe comes in the catogary of 180Solutions malware..... may be u shud read this article to get some idea how to kick this nasty out of ur system :)

Uninstall 180 Search Assistant
http://www.sawtoothdistortion.com/Articles/Uninstall180Search.html
0
 
LVL 21

Expert Comment

by:jvuz
ID: 12432616
0
 
LVL 21

Expert Comment

by:jvuz
ID: 12432622
Also do a check with stinger:

http://vil.nai.com/vil/stinger/
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
A new hacking trick has emerged leveraging your own helpdesk or support ticketing tools as an easy way to distribute malware.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question