1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Nasty Malware on Acer Aspire one Netbook, please help.

Discussion in 'Networking & Security' started by Radical_Edward, Jun 29, 2010.

  1. Radical_Edward

    Radical_Edward

    Joined:
    Jan 24, 2010
    Messages:
    3,587 (2.14/day)
    Thanks Received:
    1,927
    Location:
    Oregon, USA
    So, I recently got a Acer Aspire one from a friend that needed some work. It seems that it has a particularly nasty Malware program calling itself "Personal Antivirus. Now I have dealt with something like it before, but this one is quite a bit nastier than the one I dealt with, if I boot straight into normal XP is blocks the internet completely. In Safe mode with networking it blocks any Google searches.

    I was able to get Malwarebyte's anti-malware installed, but when I run it, it doesn't load up on the screen, but it shows up in task manager under processes. I also installed Avast Anti-Virus, but that's supposedly "installed improperly" according to a window that pops up when I run it.

    I tried running Acer's eRecovery Management program, but that also crashes.

    I tried to get a system restore going, but when I choose a restore point and hit the next button nothing happens.

    Anyone have any suggestions?
    Crunching for Team TPU
  2. kenkickr

    kenkickr

    Joined:
    Dec 5, 2007
    Messages:
    4,819 (1.96/day)
    Thanks Received:
    1,442
    Have you tried just renaming the executable of Malwarebytes to "M"? I've had to do that with some nasties. Also I'd give Microsoft Security Essential a try. Just download it and the definition file on another PC if you can. Go here to get the definition file for Microsoft Security Essential.
    Radical_Edward says thanks.
    Crunching for Team TPU
  3. brandonwh64

    brandonwh64 Addicted to Bacon and StarCrunches!!!

    Joined:
    Sep 6, 2009
    Messages:
    18,550 (10.20/day)
    Thanks Received:
    6,062
    Location:
    Chatsworth, GA
    Use Hirens bootcd FOUND HERE and use it to go into windows Xp lite and run a full system scan
    Crunching for Team TPU
  4. DonInKansas

    DonInKansas

    Joined:
    Jun 2, 2007
    Messages:
    5,096 (1.93/day)
    Thanks Received:
    1,265
    Location:
    Kansas
    ARe you running the AV and MBAM in Safe Mode? That's another way to circumvent the virus....sometimes.
  5. Radical_Edward

    Radical_Edward

    Joined:
    Jan 24, 2010
    Messages:
    3,587 (2.14/day)
    Thanks Received:
    1,927
    Location:
    Oregon, USA
    kenkickr, renaming the exe didn't help sadly, I'll see if it'll let me download Microsoft Security Essential.

    brandonwh64, this thing has no DVD/CD drive, otherwise I would've put a new install of XP on.

    DonInKansas, yes, I did, no dice on that.
    Crunching for Team TPU
  6. kenkickr

    kenkickr

    Joined:
    Dec 5, 2007
    Messages:
    4,819 (1.96/day)
    Thanks Received:
    1,442
    If you can't download them then grab them on another system, put them on a flash drive, and install them to the netbook.
    Crunching for Team TPU
  7. DonInKansas

    DonInKansas

    Joined:
    Jun 2, 2007
    Messages:
    5,096 (1.93/day)
    Thanks Received:
    1,265
    Location:
    Kansas
    If all else fails, you could also pull the drive, slave it to another rig, and run a full scan killing it that way if a reformat is a last resort.
  8. Radical_Edward

    Radical_Edward

    Joined:
    Jan 24, 2010
    Messages:
    3,587 (2.14/day)
    Thanks Received:
    1,927
    Location:
    Oregon, USA
    Microsoft Security Essential is downloaded, installed, updated and scanning now, I'll let you guys know how it goes.
    Crunching for Team TPU
  9. driver66

    driver66 New Member

    Joined:
    Jun 4, 2007
    Messages:
    1,046 (0.40/day)
    Thanks Received:
    111
    Location:
    indiana
    ^^ THIS


    Just do it first.... save yourself the time LOL
  10. Radical_Edward

    Radical_Edward

    Joined:
    Jan 24, 2010
    Messages:
    3,587 (2.14/day)
    Thanks Received:
    1,927
    Location:
    Oregon, USA
    As far as pulling the hard drive, that would be a total pain in the arse, as I'd still have to end up buying a mini IDE hard drive adapter. Plus it's seems to be harder to take apart than the other 4 laptops I've taken down in the past. Guess it might be time to find a guide to take this thing apart...

    Also, MSE has already found and killed 4 viruses, and blocked one known Trojan site from communicating with them, as it seems it was connecting to their servers.
    Crunching for Team TPU
  11. driver66

    driver66 New Member

    Joined:
    Jun 4, 2007
    Messages:
    1,046 (0.40/day)
    Thanks Received:
    111
    Location:
    indiana
    If it is working ... keep on workin it :p MSE is REALLY good. :toast:
  12. Radical_Edward

    Radical_Edward

    Joined:
    Jan 24, 2010
    Messages:
    3,587 (2.14/day)
    Thanks Received:
    1,927
    Location:
    Oregon, USA
    Yeah, it seems to be doing the job well, just killed another 2 infections.

    I swear my brother is right about people only buying netbooks for porn. This thing is infected to hell and back from the looks of it, I'm only 1/3 of the way thru a quick scan and it's found a total of 6 infections... Hopefully after this I'll be able to run malwarebytes and avast, then I'll run a thorough scan with MSE.
    Crunching for Team TPU
  13. Radical_Edward

    Radical_Edward

    Joined:
    Jan 24, 2010
    Messages:
    3,587 (2.14/day)
    Thanks Received:
    1,927
    Location:
    Oregon, USA
    MSE ended up removing a total of 10 infections in the end, I'm about to start up malwarebyte's in a moment.
    Crunching for Team TPU
  14. brandonwh64

    brandonwh64 Addicted to Bacon and StarCrunches!!!

    Joined:
    Sep 6, 2009
    Messages:
    18,550 (10.20/day)
    Thanks Received:
    6,062
    Location:
    Chatsworth, GA
    NICE!! keep us posted! also i ordered one of THESE and its like pure gold!! i use it to help me fix people PCs
    Crunching for Team TPU
  15. Radical_Edward

    Radical_Edward

    Joined:
    Jan 24, 2010
    Messages:
    3,587 (2.14/day)
    Thanks Received:
    1,927
    Location:
    Oregon, USA
    So far I've removed 24 infections...
    Crunching for Team TPU
  16. TechPowerDown Guest

    MBAM Is The Stuff, Great Suggestions From Everyone, Good Luck Man
  17. Radical_Edward

    Radical_Edward

    Joined:
    Jan 24, 2010
    Messages:
    3,587 (2.14/day)
    Thanks Received:
    1,927
    Location:
    Oregon, USA
    Up to a total of 40 infections removed, had to restart after Mbam was done, going to run avast now. :D
    Crunching for Team TPU
  18. Radical_Edward

    Radical_Edward

    Joined:
    Jan 24, 2010
    Messages:
    3,587 (2.14/day)
    Thanks Received:
    1,927
    Location:
    Oregon, USA
    Okay the grand total was 46 infections. All removed now. Next to defragment the hard drive, as it seems the owner never did such... >.<

    Thanks for all your help guys!
    Crunching for Team TPU
  19. RejZoR

    RejZoR

    Joined:
    Oct 2, 2004
    Messages:
    4,555 (1.26/day)
    Thanks Received:
    908
    Location:
    Europe/Slovenia
    When the system is so severely infected i recommend doing the system restore. On ACER systems you have to press Alt+F10 or Shift+F10 or Ctrl+F10, can't remember for sure now. This will initiate system restore and will restore the netbook back to factory default.

    If you don't, i suggest you run every antivirus you can find on it, especially the big ones. Most of them provide online scanners where you don't need the actual program. Detection is the same.
    BitDefender and NOD32 have it and bunch of others like F-Secure etc. No AV is 100% and with so many infections you just have to be sure. I stillr ecommend using ACER restore like i said in the beginning. And don't forget to install some capable AV after you do that to prevent further infections.
  20. Radical_Edward

    Radical_Edward

    Joined:
    Jan 24, 2010
    Messages:
    3,587 (2.14/day)
    Thanks Received:
    1,927
    Location:
    Oregon, USA
    I was planning on doing that tomorrow. Just ran out of time today, that's all.
    Crunching for Team TPU
  21. DonInKansas

    DonInKansas

    Joined:
    Jun 2, 2007
    Messages:
    5,096 (1.93/day)
    Thanks Received:
    1,265
    Location:
    Kansas
    Serious infections also infect your System Restore files, making a System Restore pointless, if not worse for the system. Factory defaulting a netbook kills files, doesn't it? Might as well reformat.
  22. RejZoR

    RejZoR

    Joined:
    Oct 2, 2004
    Messages:
    4,555 (1.26/day)
    Thanks Received:
    908
    Location:
    Europe/Slovenia
    I was talking about ACER eRecovery (as system restore), not Windows System recovery.
    I don't see any point in formating as eRecovery does that anyway. You'll have to install the OS either way.
  23. AthlonX2

    AthlonX2 HyperVtX™

    Joined:
    Sep 27, 2006
    Messages:
    7,145 (2.47/day)
    Thanks Received:
    1,649
    whats the full model number of this aspire one? it wouldnt happen to be a A0A150 would it?
  24. Radical_Edward

    Radical_Edward

    Joined:
    Jan 24, 2010
    Messages:
    3,587 (2.14/day)
    Thanks Received:
    1,927
    Location:
    Oregon, USA
    Indeed it is the A0A150 I just got done doing the eRecovery so it's a nice fresh install. All the nasty malware and junk from before wouldn't let it run. That's how bad the infection was on this thing.
    Crunching for Team TPU
  25. AthlonX2

    AthlonX2 HyperVtX™

    Joined:
    Sep 27, 2006
    Messages:
    7,145 (2.47/day)
    Thanks Received:
    1,649
    i have the same netbook,i was going to give you links to the recovery disc,but you still have your recovery partition :)
    Radical_Edward says thanks.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page