# Nasty Malware on Acer Aspire one Netbook, please help.



## Radical_Edward (Jun 29, 2010)

So, I recently got a Acer Aspire one from a friend that needed some work. It seems that it has a particularly nasty Malware program calling itself "Personal Antivirus. Now I have dealt with something like it before, but this one is quite a bit nastier than the one I dealt with, if I boot straight into normal XP is blocks the internet completely. In Safe mode with networking it blocks any Google searches. 

I was able to get Malwarebyte's anti-malware installed, but when I run it, it doesn't load up on the screen, but it shows up in task manager under processes. I also installed Avast Anti-Virus, but that's supposedly "installed improperly" according to a window that pops up when I run it. 

I tried running Acer's eRecovery Management program, but that also crashes. 

I tried to get a system restore going, but when I choose a restore point and hit the next button nothing happens. 

Anyone have any suggestions?


----------



## kenkickr (Jun 29, 2010)

Have you tried just renaming the executable of Malwarebytes to "M"?  I've had to do that with some nasties.  Also I'd give Microsoft Security Essential a try.  Just download it and the definition file on another PC if you can. Go here to get the definition file for Microsoft Security Essential.


----------



## brandonwh64 (Jun 29, 2010)

Use Hirens bootcd FOUND HERE and use it to go into windows Xp lite and run a full system scan


----------



## DonInKansas (Jun 29, 2010)

ARe you running the AV and MBAM in Safe Mode?  That's another way to circumvent the virus....sometimes.


----------



## Radical_Edward (Jun 29, 2010)

kenkickr, renaming the exe didn't help sadly, I'll see if it'll let me download Microsoft Security Essential. 

brandonwh64, this thing has no DVD/CD drive, otherwise I would've put a new install of XP on. 

DonInKansas, yes, I did, no dice on that.


----------



## kenkickr (Jun 30, 2010)

If you can't download them then grab them on another system, put them on a flash drive, and install them to the netbook.


----------



## DonInKansas (Jun 30, 2010)

If all else fails, you could also pull the drive, slave it to another rig, and run a full scan killing it that way if a reformat is a last resort.


----------



## Radical_Edward (Jun 30, 2010)

Microsoft Security Essential is downloaded, installed, updated and scanning now, I'll let you guys know how it goes.


----------



## driver66 (Jun 30, 2010)

DonInKansas said:


> If all else fails, you could also pull the drive, slave it to another rig, and run a full scan killing it that way if a reformat is a last resort.



^^ THIS


Just do it first....   save yourself the time LOL


----------



## Radical_Edward (Jun 30, 2010)

As far as pulling the hard drive, that would be a total pain in the arse, as I'd still have to end up buying a mini IDE hard drive adapter. Plus it's seems to be harder to take apart than the other 4 laptops I've taken down in the past. Guess it might be time to find a guide to take this thing apart...

Also, MSE has already found and killed 4 viruses, and blocked one known Trojan site from communicating with them, as it seems it was connecting to their servers.


----------



## driver66 (Jun 30, 2010)

If it is working ... keep on workin it  MSE  is REALLY good.


----------



## Radical_Edward (Jun 30, 2010)

Yeah, it seems to be doing the job well, just killed another 2 infections. 

I swear my brother is right about people only buying netbooks for porn. This thing is infected to hell and back from the looks of it, I'm only 1/3 of the way thru a quick scan and it's found a total of 6 infections... Hopefully after this I'll be able to run malwarebytes and avast, then I'll run a thorough scan with MSE.


----------



## Radical_Edward (Jun 30, 2010)

MSE ended up removing a total of 10 infections in the end, I'm about to start up malwarebyte's in a moment.


----------



## brandonwh64 (Jun 30, 2010)

Radical_Edward said:


> MSE ended up removing a total of 10 infections in the end, I'm about to start up malwarebyte's in a moment.



NICE!! keep us posted! also i ordered one of THESE and its like pure gold!! i use it to help me fix people PCs


----------



## Radical_Edward (Jun 30, 2010)

So far I've removed 24 infections...


----------



## TechPowerDown (Jun 30, 2010)

MBAM Is The Stuff, Great Suggestions From Everyone, Good Luck Man


----------



## Radical_Edward (Jun 30, 2010)

Up to a total of 40 infections removed, had to restart after Mbam was done, going to run avast now.


----------



## Radical_Edward (Jun 30, 2010)

Okay the grand total was 46 infections. All removed now. Next to defragment the hard drive, as it seems the owner never did such... >.< 

Thanks for all your help guys!


----------



## RejZoR (Jun 30, 2010)

When the system is so severely infected i recommend doing the system restore. On ACER systems you have to press Alt+F10 or Shift+F10 or Ctrl+F10, can't remember for sure now. This will initiate system restore and will restore the netbook back to factory default.

If you don't, i suggest you run every antivirus you can find on it, especially the big ones. Most of them provide online scanners where you don't need the actual program. Detection is the same.
BitDefender and NOD32 have it and bunch of others like F-Secure etc. No AV is 100% and with so many infections you just have to be sure. I stillr ecommend using ACER restore like i said in the beginning. And don't forget to install some capable AV after you do that to prevent further infections.


----------



## Radical_Edward (Jun 30, 2010)

I was planning on doing that tomorrow. Just ran out of time today, that's all.


----------



## DonInKansas (Jun 30, 2010)

RejZoR said:


> When the system is so severely infected i recommend doing the system restore. On ACER systems you have to press Alt+F10 or Shift+F10 or Ctrl+F10, can't remember for sure now. This will initiate system restore and will restore the netbook back to factory default.



Serious infections also infect your System Restore files, making a System Restore pointless, if not worse for the system.  Factory defaulting a netbook kills files, doesn't it?  Might as well reformat.


----------



## RejZoR (Jun 30, 2010)

I was talking about ACER eRecovery (as system restore), not Windows System recovery.
I don't see any point in formating as eRecovery does that anyway. You'll have to install the OS either way.


----------



## Athlon2K15 (Jun 30, 2010)

whats the full model number of this aspire one? it wouldnt happen to be a A0A150 would it?


----------



## Radical_Edward (Jun 30, 2010)

Indeed it is the A0A150 I just got done doing the eRecovery so it's a nice fresh install. All the nasty malware and junk from before wouldn't let it run. That's how bad the infection was on this thing.


----------



## Athlon2K15 (Jun 30, 2010)

i have the same netbook,i was going to give you links to the recovery disc,but you still have your recovery partition


----------



## RejZoR (Jun 30, 2010)

Don't run it from WIndows, use the shortcut i mentioned. That one is done from bootable hidden partition. Though i had a case where a Virut virus managed to infect this hidden partition somehow and i failed to recover it becase the file infector was not curable. At that time i lost 50 EUR because ACER did not cover that with warranty even though their recovery system failed.
They were making excuses that i should make a recovery disc. Well sure, then prvide me a free USB burner...


----------



## Radical_Edward (Jun 30, 2010)

The Netbook is fine now. Nice and clean with some good AV programs.


----------

