Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

generic pws


  • Please log in to reply
7 replies to this topic

#1 bitdefender advocate

bitdefender advocate

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 22 October 2008 - 03:10 PM

Hello Everyone!

I have an HP computer (AMD) with Bitdefender. For the past few days that I have run Bitdefender, it keeps finding Generic.PWS on my d: drive (recovery drive) and that my main drive c: is fine (single drive is partitioned). Bitdefender says that it cannot do anything to remove Generic.pws because it is in the archives of the d: drive and that my computer is not virus free. I turned off restore points. Then I ran counterspy, spysweeper, superantispyware and spybot -sd in both normal mode and safe mode and found nothing. Bitdefender freezes in safe mode and continues to find Generic.pws on the d: drive.

I cannot open up the files on my d: drive and there is a big warning to change or erase any files. Can someone tell me what, if any program, that can remove generic.pws from the archives on my d: drive (recovery drive)?

Thanks

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:07 PM

Posted 22 October 2008 - 04:52 PM

When ever an anti-virus finds something called Generic you should not assume that it is a virus. This usually means that it found something that looks like a virus, but warrants further investigation.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:03:07 AM

Posted 22 October 2008 - 06:00 PM

Are you running a program by Pro Works. That's what the file extension seems to be for
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#4 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:03:07 AM

Posted 24 October 2008 - 01:29 PM

From a PM:

I am not running proworks at least I don't believe so. Bitdefender is reporting that I have a virus: Generic.pws.games.4.ECF6104A in D:\I386\apps\app12833\src\install\Worldwide-MediaCenter\games\{128014E-E9D5-4253-95E7-40169E2A4848}.exe=>(NSIS o)=>lzma_solid_nsis0001 and that no response can be take because this file is located in the archives.

Do I need to be concerned about this file even though it is located on the d: drive (recovery partition of my HP drive) and not on the c: drive (main)? The d: drive files are locked. Is there a program that you know of that can disinfect these locked files? If this is an infection, I'm not sure how it got on the d: drive because I don't use that drive.


I agree with Budapest, when you see the word generic, Bitdefender is seeing something it doesn't recognize and it's giving you a false positive. I am not familiar with Bitdefender as I don't use it.
Seeing how it is in the archive files of the recovery partition leads me to suspect it is being used there

I would recommend some extra online scans:

(Be advised that some of these scanners will pickup things in "quarantine" from other anti-virus programs - so review the results carefully)

http://housecall.trendmicro.com
http://www.pandasecurity.com/homeusers/solutions/activescan/
http://www.kaspersky.com/virusscanner Scan Only - no removal
http://www.bitdefender.com/scan8/ie.html
http://support.f-secure.com/enu/home/ols.shtml
http://us.mcafee.com/root/mfs/default.asp
http://onlinescan.avast.com/
http://ca.com/us/securityadvisor/virusinfo/scan.aspx
http://www.eset.com/onlinescan/

<links compiled on 02/14/2008>

You can also submit a file to jotti for a scan:
http://virusscan.jotti.org/?www.deltaasesores.com
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#5 bitdefender advocate

bitdefender advocate
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 24 October 2008 - 04:53 PM

Hi Garmanma,

I will try all the scans you recommended and let you know the results.

Right now I am trying ad-aware 2008 while in the safe mode.

Thanks

#6 bitdefender advocate

bitdefender advocate
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 28 October 2008 - 01:15 AM

Hi Garmanma,

Keep finding things that Bitdefender kept missing especially f-secure and avast. Doesn't look like the infected file in the d: drive was cleaned or removed. All programs keep missing it even though I have scan archives checked. I'm running bitdefender to see if the infected file was indeed cleaned/removed.

I am tempted to use the recovery system (d: drive) to reload the whole operating system. I am concerned though that because one of the files in the d: drive are said to be infected, reloading wouldn't do any good. Any suggestions?

Thanks

#7 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:07 PM

Posted 28 October 2008 - 02:00 AM

I doubt that the file on the D: drive is infected. I think Bitdefender is mistaken.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#8 xXAlphaXx

xXAlphaXx

  • Members
  • 867 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carlona
  • Local time:03:07 AM

Posted 28 October 2008 - 06:55 AM

Yeah I wouldn't push it that far to reload the OS.

I used to use AVG 7.0 (free) And it would detect A LOT of things and say they were viruses when I knew that they were not. this is what bit defender is doing. All its saying is: "I don't recognize this. You should probably investigate this." Known as what Garmanma stated earlier as a False Positive.

As soon as I upgraded to Kapersky, it picked up a few other things and it said that it DID recognize the file that was a proclaimed False Positive.

If these other scanners that garmanma has given you links too don't pick up any thing, you're clean. (At least with the file you are regarding.)


Hope I helped.

~Alpha
If I am helping you and I do not respond within 24 hours, please send me a PM. :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users