is there a way to be sure your computer doesn't have a virus?

  • Thread starter Thread starter John
  • Start date Start date
J

John

I'm asking this because of something that happened to me yesterday.

I downloaded a program called Youtube Downloader, from a website
called Bienne Soft - I thought it was perfectly safe to do so because
a computer magazine ('Computer Active') recommended it, and I was
careful to download it from the Web address the magazine quoted.

But as soon as I installed it, I got a message from Trend Micro, the
virus protection program that runs on this machine, that said my
computer was now infected with a virus called 'PAK_generic .001', and
that Trend Micro couldn't remove it or even quarantine it. I posted my
experience on the forum of Computer Active but interestingly, my
message hasn't appeared.

Trying to remove this virus, I first ran a complete scan with
Malwarebytes, but it found nothing. Then I ran a scan with Trend
Micro, and it also found nothing - and this was the program that had
reported the virus in the first place! Then I ran an Express Scan then
a Complete Scan with Dr Web Cure-It, which took nearly nine hours, and
it also found nothing.

Up to now, the only evidence I have that there's still something
strange going on in my computer is that I get a message at the bottom
of the screen saying a program is trying to alter my browser settings
without permission.

So now I'm in a position where I'm thinking that something in my
computer might be lurking there waiting to do something nasty, yet
even the program that alerted me to it says there's nothing there.

So, how can you be sure your computer is virus-free? Is it even
possible with today's viruses?

As a relative newbie to computing, I'd be very interested to read any
comments anyone has to make on this subject.

I'd also appreciate any help in removing this 'PAK_generic .001', as
nothing I've Googled so far has been helpful to me (and a lot of it I
just don't understand).

It's very important for me to remove viruses, as this computer is
shared, and I'd hate anything nasty to happen to someone else (bank
details stolen, email accounts hacked, etc) because of something I've
done.

Thanks in advance.
 
John said:
I'm asking this because of something that happened to me yesterday.

I downloaded a program called Youtube Downloader, from a website
called Bienne Soft - I thought it was perfectly safe to do so because
a computer magazine ('Computer Active') recommended it, and I was
careful to download it from the Web address the magazine quoted.

But as soon as I installed it, I got a message from Trend Micro, the
virus protection program that runs on this machine, that said my
computer was now infected with a virus called 'PAK_generic .001', and
that Trend Micro couldn't remove it or even quarantine it. I posted my
experience on the forum of Computer Active but interestingly, my
message hasn't appeared.

Trying to remove this virus, I first ran a complete scan with
Malwarebytes, but it found nothing. Then I ran a scan with Trend
Micro, and it also found nothing - and this was the program that had
reported the virus in the first place! Then I ran an Express Scan then
a Complete Scan with Dr Web Cure-It, which took nearly nine hours, and
it also found nothing.

Up to now, the only evidence I have that there's still something
strange going on in my computer is that I get a message at the bottom
of the screen saying a program is trying to alter my browser settings
without permission.

So now I'm in a position where I'm thinking that something in my
computer might be lurking there waiting to do something nasty, yet
even the program that alerted me to it says there's nothing there.

So, how can you be sure your computer is virus-free? Is it even
possible with today's viruses?

As a relative newbie to computing, I'd be very interested to read any
comments anyone has to make on this subject.

I'd also appreciate any help in removing this 'PAK_generic .001', as
nothing I've Googled so far has been helpful to me (and a lot of it I
just don't understand).

It's very important for me to remove viruses, as this computer is
shared, and I'd hate anything nasty to happen to someone else (bank
details stolen, email accounts hacked, etc) because of something I've
done.

Thanks in advance.
Click to expand...

John,

As a CA subscriber, I have just downloaded this file
"YouTubeDownloaderSetup274" from the site address that you gave and run it
through Norton Internet Security - which found it to be clear of viruses etc
(I have not installed it). 'Thousands" of Norton Insight users have also
downloaded and installed this program with no problems (Norton's words not
mine) - so perhaps Trend Micro may well be giving you a 'false positive' on
this program.

Contact Trend's support team and ask if that is the case, and if it is, how
do you get around the false positive.

By the way, if you are new to Computer Active's forums, your post may well
be delayed for a moderator to read it - and in my experience, they have
never refused to show a post unless it is abusive etc, and yours certainly
isn't.

What forum group did you post it to?

Cash
 
I'm asking this because of something that happened to me yesterday.

I downloaded a program called Youtube Downloader, from a website
called Bienne Soft - I thought it was perfectly safe to do so because
a computer magazine ('Computer Active') recommended it, and I was
careful to download it from the Web address the magazine quoted.

But as soon as I installed it, I got a message from Trend Micro, the
virus protection program that runs on this machine, that said my
computer was now infected with a virus called 'PAK_generic .001', and
that Trend Micro couldn't remove it or even quarantine it. I posted my
experience on the forum of Computer Active but interestingly, my
message hasn't appeared.
Click to expand...

It could be a false positive. Go to the following website and upload the
flagged file to its website (you might have to disable your antivirus to
upload it, or it may not even let you upload it). This website has a
couple of dozen AV programs it runs it through simultaneously. If the
majority (or a significant minority) report it as a virus, then it's a
virus, if they don't then it's not. Some AV programs share the same
virus database, so they'll often come to the same conclusion because
they check the same signatures. That's why you need to get a quorum
opinion.

http://virusscan.jotti.org/en

After this, if its only your own AV saying it, or just a few others,
then you should check the Trend Micro website and try to find its virus
reporting section. You should be able to have them check if its a false
positive. After that, they'll correct the detection algorithm during the
next definition update.

Yousuf Khan
 
By the way, if you are new to Computer Active's forums, your post may well
be delayed for a moderator to read it - and in my experience, they have
never refused to show a post unless it is abusive etc, and yours certainly
isn't.

What forum group did you post it to?
Click to expand...
I posted it to 'Internet'.

You're right - I could be being premature about my message not being
posted - as I sent it in on a Saturday, there might not have been a
moderator on duty to read it.

I might also be mistaken about Youtube Downloader, but one thing that
made me think it was the culprit, apart from the fact that the Trend
Micro warning came just after I'd installed it, was the fact that
Bienn Soft's toolbar installed itself without my permission.

Part of the problem for newbies like me is that rogue sites look just
the same as respectable ones - for all I know, Bienn Soft might be
totally respectable, but it's so difficult to be sure.
 
John said:
I posted it to 'Internet'.

You're right - I could be being premature about my message not being
posted - as I sent it in on a Saturday, there might not have been a
moderator on duty to read it.
Click to expand...

Had a check - and the post is still not showing,
I might also be mistaken about Youtube Downloader, but one thing that
made me think it was the culprit, apart from the fact that the Trend
Micro warning came just after I'd installed it, was the fact that
Bienn Soft's toolbar installed itself without my permission.
Click to expand...

I just did a partial install of the program and it was a condition of the
install that you accept the tool bar as part of the package, but the T&Cs
stated that the tool bar could be uninstalled later without causing problems
to the program - have you tried uninstalling the bar through the Add or
Remove in the control panel?
Part of the problem for newbies like me is that rogue sites look just
the same as respectable ones - for all I know, Bienn Soft might be
totally respectable, but it's so difficult to be sure.
Click to expand...

Having downloaded several of the Computer Active's suggested program, I have
never found one that contained any MALWARE - Ad-ware yes, (and I have
uninstalled several as u/s to me). but that's part and parcel of free
downloads.

As a suggestion, the next time you download a 'freebee' before installing
it, check it out with your anti-virus program by right-clicking on the
download and then choosing scan (with your AV program) from the menu that
appears - and if you set your AV to scan downloading files, that's even
better.


Cash
 
David said:
Adware is malware if the user agreement is not forthcoming in
information or lies about what the software purports to to be
performed.
Click to expand...

I'm fully aware of that, but in this case they are being open about it (as
in the case of the magazine's freebee downloads that I have been interested
in) - but as with all things, you get what you "pay" for in freeware, and
the phrase 'caveat emptor' comes to mind.

Along with taking great care in following the installation process *very*
carefully to ensure that you know what is being downloaded (notwithstanding
the fact that some programmers 'hide' the odd surprise and odd 'back door').

Cash
 
I caught a glimpse of John <[email protected]> on Mon, 30
May 2011 03:12:34 -0700 (PDT), writing in
microsoft.public.windowsxp.help_and_support:
I'm asking this because of something that happened to me yesterday.

I downloaded a program called Youtube Downloader, from a website
called Bienne Soft - I thought it was perfectly safe to do so because
a computer magazine ('Computer Active') recommended it, and I was
careful to download it from the Web address the magazine quoted.

But as soon as I installed it, I got a message from Trend Micro, the
virus protection program that runs on this machine, that said my
computer was now infected with a virus called 'PAK_generic .001', and
that Trend Micro couldn't remove it or even quarantine it. I posted my
experience on the forum of Computer Active but interestingly, my
message hasn't appeared.
Click to expand...

<snip>

I run SUPERAntiSpyware daily and a free version is available:
http://www.superantispyware.com/

Also Ad-Aware daily and a free version is available:
http://www.lavasoft.com/products/ad_aware_free.php

I run paid versions of the above but free versions are available at the
URL,s I provided.

Two or 3 times a week the above will pick up something here.

Another that is free and worthwhile using is Spybot-Search & Destroy.
http://www.safer-networking.org/en/index.html

You mentioned Malwarebytes. I've run Malwarebytes' Anti-Malware daily
for a few Years without ever picking up anything.
 
To help you we need help as more information is needed such as the URL of the download
(not just the name Bienne Soft) and the fully qualified name and path to the file that was
deemed to be malware.

You can also upload the installer and/or the supposedly malicious file to;http://www.uploadmalware.com/
and I can analyze it to determine if it is truly malicious.
Click to expand...
Thanks for that, Dave.

The magazine gave the address:

www.youtubedownloader.altervista.org

I clicked that, and it took me to a website which had a button for
Youtube Downloader. When I clicked that, it took me to another
website. The URL in the browser's address window then changed to:

http://download.cnet.com/YouTube-Downloader/3000-2071_4-10647340.html

I then downloaded the program.

Thanks

John
 
Back
Top