Solved

I have detected GenericPWS.y!cpu in files that appear to be recovery files.

Posted on 2011-03-19
3
330 Views
Last Modified: 2013-11-22
The files are cdlogic_ret.exe,apprecoverylink_ret.exe, restorelink_ret.exe,creatorlink_re.exe, runlink_ret.exe, rtcdlink_r.exe, sysrecoverylink_ret.exe, and wizardlink_ret.exe.  All of these files are showing infected with the GenericPWS.y!cpu virus.  I did some research on this virus and read that it steals information. I would simply delete it except I found some forums saying that it may be a false positive on these files, so  now I am worried about deleting them out of quarantine.  I guess I need to know if I can delete these safely without effecting the system.
0
Comment
Question by:CDS-JBC
3 Comments
 
LVL 62

Accepted Solution

by:
☠ MASQ ☠ earned 125 total points
ID: 35175371
If the files are already quarantined your anti-virus software is preventing Windows use them anyway, so if your system is still behaving normally you can safely remove them.
0
 
LVL 16

Expert Comment

by:legalsrl
ID: 35175474
Also turn system restore off and remove any snapshots, then turn it back on
0
 

Author Closing Comment

by:CDS-JBC
ID: 35201180
Thank you for your help with this.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Wordpress Security 29 75
Total AV worth it? 4 375
Configuring DNS Round Robin in Windows DNS server ? 8 74
RDP to Windows Server 2012 R2 after disabling TLS 1.0 7 41
In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question