Solved

I have detected GenericPWS.y!cpu in files that appear to be recovery files.

Posted on 2011-03-19
3
332 Views
Last Modified: 2013-11-22
The files are cdlogic_ret.exe,apprecoverylink_ret.exe, restorelink_ret.exe,creatorlink_re.exe, runlink_ret.exe, rtcdlink_r.exe, sysrecoverylink_ret.exe, and wizardlink_ret.exe.  All of these files are showing infected with the GenericPWS.y!cpu virus.  I did some research on this virus and read that it steals information. I would simply delete it except I found some forums saying that it may be a false positive on these files, so  now I am worried about deleting them out of quarantine.  I guess I need to know if I can delete these safely without effecting the system.
0
Comment
Question by:CDS-JBC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 62

Accepted Solution

by:
☠ MASQ ☠ earned 125 total points
ID: 35175371
If the files are already quarantined your anti-virus software is preventing Windows use them anyway, so if your system is still behaving normally you can safely remove them.
0
 
LVL 16

Expert Comment

by:legalsrl
ID: 35175474
Also turn system restore off and remove any snapshots, then turn it back on
0
 

Author Closing Comment

by:CDS-JBC
ID: 35201180
Thank you for your help with this.
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Email attacks are the most common methods for initiating ransomware and phishing scams. Attackers want you to open an infected attachment or click a malicious link, and unwittingly download malware to your machine. Here are 7 ways you can stay safe.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question