Asus EE PC and "Rapid AntiVirus"

Tacitus · Jan 10, 2009, 11:34:22

The niece of a friend was given an Asus Eee PC 1000H. It has on it something called Rapid AntiVirus (?). This reports a series of viruses and is suggesting you cough up payment to actually remove them. Loading AVG does appear to remove some of the viruses, but each time you switch the machine on Rapid AV tells you they are still there and even includes AVG as a virus.

No idea how it got there. It looks like a scam to me if it classes AVG as a virus, but I haven't a clue how to get rid of it. Possibly remove it from startup items and then uninstall, leaving AVG as the installed AV software? I would reinstall Windows but there isn't a CD drive and, AFAICT no means of doing a reinstall.

Any ideas?

Rik · Jan 10, 2009, 11:43:03

Is there a hidden restore partition on the machine, Tac?

Steve · Jan 10, 2009, 11:49:41

As Rik says. They usually have a hidden EISA partition so you can reinstall as a boot up option, it probably also has the option to backup this partition onto a USB stick. I have an Advent 4211(MSI Wind) which I can restore from a backup on a USB stick.

Ray · Jan 10, 2009, 11:53:39

Information on removing this here

You will need to download and run Malwarebytes Anti Malware to remove it, there is a download link on the site in the link above.

Tacitus · Jan 10, 2009, 12:16:00

Quote from: Rik on Jan 10, 2009, 11:43:03
Is there a hidden restore partition on the machine, Tac?

Don't know Rik as I'm doing all this at arms length :-(

Quote from: Sheltieuk on Jan 10, 2009, 11:53:39
Information on removing this here

Thanks for the link we'll have a go at that and see what happens.

Whilst on this could someone suggest a basic AV/Anti spyware setup? We've put AVG on it and it will have malwarebytes. Is there anything else needed bearing in mind it's owned by a teenager....

Rik · Jan 10, 2009, 12:17:47

A ban on connecting to the 'net?

Something like the Comodo firewall wouldn't do any harm.

Simon · Jan 10, 2009, 12:22:35

You could also have Super Anti Spyware onboard, as an on demand spyware scanner, Tac.

Baz · Jan 10, 2009, 12:46:27

how much is that in proper money Simon

Simon · Jan 10, 2009, 12:53:06

There's Free and Pro versions, Baz. I have no idea how much the Pro version is.

Rik · Jan 10, 2009, 12:57:25

$29.95...

Simon · Jan 10, 2009, 12:58:44

So, that's about forty quid then.

Baz · Jan 10, 2009, 12:59:01

i have the free but its limited isnt it, no real time protection if i remember right.

Thanks Rik...........PROPER proper money though, you know english stuff

Rik · Jan 10, 2009, 13:00:10

About £22 at a guess.

Baz · Jan 10, 2009, 13:01:17

so you have the free one Simon?

Simon · Jan 10, 2009, 13:04:40

Yes, the Free one doesn't offer real time protection. I have it just to use as an occasional scanner, Baz, as I have F-Secure Internet Security, and Windows Defender in real time.

Baz · Jan 10, 2009, 13:08:23

yeah same here for the free one.

windows defender on the two lappies we now have......

dont know yet still looking at it

DarkStar · Jan 10, 2009, 13:17:36

A few links to downloads and info:

http://www.bleepingcomputer.com/startups/Rapid_Antivirus-24043.html

http://www.2-spyware.com/remove-rapid-antivirus.html

http://www.superantispyware.com/

If you download the free SuperAntiSpyware and use it and then uninstall it you will often get a special offer for the Pro version, I got mine for $9.95, just over a fiver for a lifetime license

MalwareBytes seems to be the most recommended removal for this particular rouge though.

Ian

Rik · Jan 10, 2009, 13:18:58

Thanks, Ian.

Tacitus · Jan 10, 2009, 15:48:47

Thanks to all for the help and advice.

MalwareBytes seems to have done the trick.

At present the machine has the free AVG installed and we've left MalwareBytes installed. I don't have the machine to hand and I'm not sure whether free AVG does realtime scanning. The machine is in the hands of a teenager, so realtime scanning would be a good idea given the difficulty of removing some of this c..p. I'll take a look at SuperAntiSpyware as well.

Whilst posting, what about stuff like Norton or McAfee?

Rik · Jan 10, 2009, 15:50:33

Avoid like the plague, Tac. Although better of late, they are bloatware, imo.

vitriol · Jan 10, 2009, 16:00:41

Personally I always liked Avast! antivirus. The free version that I used to use was pretty decent.

JB · Jan 10, 2009, 16:08:19

Quote from: vitriol on Jan 10, 2009, 16:00:41
Personally I always liked Avast! antivirus. The free version that I used to use was pretty decent.

I was just typing much the same message when the one above appeared.

I have always had lots of success with the free Avast Home edition. You do need to register it to get a free code to allow it to run for more than one month. I have never had any spam to the email address I used to register. The virus database receives online updates at least once a day.

If required it will do real time monitoring and comes 'fitted' with several clients you can chose to monitor or not.

It's never let me down, if anything it's a little too enthusiastic with a couple of false positives, which I'd rather have than a virus.

HTH.

Rik · Jan 10, 2009, 16:17:32

Better than positive falsies, JB.

Tacitus · Jan 10, 2009, 17:27:27

OK. MalwareBytes has removed RapidAV with no probs, to say nothing of a load of other stuff and, a further scan has given it a clean bill of health.

Thanks to all for the advice

So, either AVG or Avast (paid or free) together with MalwareBytes (probably worth paying for) should cover most eventualities. Does this sound a reasonable summary?

Rik · Jan 10, 2009, 17:28:30

It does, Tac, but I'd add the free Comodo firewall to that to be on the safe side.

http://www.comodo.com/