July 24, 2008

‘Antivirus 2008′ is No Such Thing

By Caleb Chapman, Kerrville Daily Times, Texas

Jul. 24--As one local resident learned, software claiming to be a legitimate antivirus program can be just the opposite.

Antivirus 2008 makes deceptive claims of system vulnerabilities to entice users to purchase the full version of the software by interfering with normal computer use.

"It invades your computer and stops you from doing anything," said Rosemary McMurphy, a victim of the false software. "It keeps telling you that you have all of these viruses. A pop-up window says you can fix the problem by ordering the full version of Antivirus 2008 for $40."

Desperate to return their computer to normal, McMurphy said her husband agreed to purchase the software. Because of several hidden fees, however, the cost totaled more than $100. McMurphy said her husband quickly canceled the credit card transaction.

"The big problem is that you can't get rid of it," she said.

According to Mevlut "Turk" Otcu, certified computer technician and founder and president of Gazelle Computers in Kerrville, she's right.

"You can't remove it," he said. "You have to run your computer in safe mode and install another antivirus software or uninstaller that may be able to delete the infected files."

What differentiates this virus from many others is the fact that it is completely legal.

"It (Antivirus 2008) installs itself through a third party company and then acts like a legitimate software," Otcu said. "This type of virus is legal because it is user activated. When you click on it, you are accepting the terms.

"It is an infection, and it's terrible that people can get away with doing things like that," he said. +++ Removing Antivirus 2008 Although Antivirus 2008 software can't simply be removed from your computer's program list, there are ways to get rid of it. From simple to more complicated, Mevlut "Turk" Otcu, owner of Gazelle Computers in Kerrville, offers three methods that may help.

-- Method 1: System restore This method simply takes your computer back to the way things were before the infection. Documents or data files won't be affected. Only your system files will be replaced with their earlier versions. To do this: 1. Click "Start." 2. Point to "All Programs." 3. Point to "Accessories." 4. Point to "System Tools." 5. Click "System Restore" and follow the instructions. If that doesn't work go to the second method.

-- Method 2: Malware remover Go to www.malwaresupport.com/mbam/program/mbam-setup.exe and the file will install itself to your computer, update itself, scan your computer and remove findings.

-- Method 3: Safe mode First got to http://download.bleepingcomputer.com/sUBs/ComboFix.exe and save this file on your desktop. Do not run the program, however, until the computer is in safe mode. To do this, the computer should be restarted in safe networking mode. For Windows XP, follow these instruction to reboot computer in safe mode. --If the computer is running, shut down Windows, and then turn off the power --Wait 30 seconds, and then turn the computer on. --Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again. --Ensure that the Safe mode with network option is selected. --Press Enter. The computer then begins to start in Safe mode with network. Windows Vista users can follow the same instructions, but can skip shutting down windows and simply restart the computer before continuing. Once in safe network mode, run combofix from the location that you saved.


To see more of the Kerrville Daily Times or to subscribe to the newspaper, go to http://www.dailytimes.com/.

Copyright (c) 2008, Kerrville Daily Times, Texas

Distributed by McClatchy-Tribune Information Services.

For reprints, email [email protected], call 800-374-7985 or 847-635-6550, send a fax to 847-635-6968, or write to The Permissions Group Inc., 1247 Milwaukee Ave., Suite 303, Glenview, IL 60025, USA.