Support in other languages: 
Showing results for 
Search instead for 
Do you mean 
Reply
Paper Tape
TheevoloneMan
Posts: 2
Registered: ‎03-04-2011
Location: California
0

Windows 7 X201 - suspect plagued with viruses - what to do?

[ Edited ]

Apologies if I'm in the wrong place...

 

I have an X201 and suspect I'm plagued with viruses, but still have a functional computer.

 

I don't know if I should do the virus scans -- from my experience the viruses protect themselves and prevent scans from finding and deactivating them.-- or pursue an entire system reinstall?

 

And if I were to do that, how would I prevent viruses from coming along?

 

I would really appreciate some help before I get frozen up and totally disfunctional and have to start working off my Mac Powerbook -- which is not like the tank of x201 or even close.

 

Robespierre

 

Moderator edit: Matched subject to question.

Paper Tape
TheevoloneMan
Posts: 2
Registered: ‎03-04-2011
Location: California
0

Re: Tips for Keeping Your Lenovo Safe Online

So what do I do if I suspect there is a trojan or other malware on my computer.

 

I've had experiences that this virual stuff will fool the security settings and not appear.

 

For example, when my x201 was new, MS secruity essentials was always flagging files that it blocked.

 

Lately scans show zero problems, and i'd swear I wasn't hallucinating when recently a quick on screen flash came by which said I had 362 trojans -- that could have been an intrusion itself or it could be real.

 

How do I know for sure.  My computer acts a bit wacky at times..

Bugbatter
Posts: 781
Registered: ‎05-01-2010
Location: USA

Windows 7 X201 - suspect plagued with viruses - what to do?

[ Edited ]

Welcome to Lenovo Community :smileyhappy:

From your brief description, I have a feeling that you may be infected by one of the rogues that is giving you a fake alert. Is it claiming to be Microsoft Security Essentials that is giving you this alert?

Let's see if we can get you started...

 Please download Rkill by Grinler from here Rkill and save it to your Desktop (or to a CD or USB Stick and transfer it to the Desktop) of the infected computer.  If that does not work try this alternate Link

  • Double-click on the Rkill desktop icon to run the tool in order to automatically attempt to stop any processes associated with Rogue programs.
  • Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. If you get a message that rkill is an infection, please ignore it, and run rkill.com again. This message is just a fake warning given by the malware when it terminates programs that may potentially remove it.
    Therefore, please run rkill quite a few times until the malware is no longer running. You will then be able to proceed with the rest of the instructions below.

    *NOTE: A log pops up at the end of the run. This log file is located at C:\rkill.log. You can close this log when you wish.
    Do not reboot your computer after running rkill as the malware programs will start again.

Please download Malwarebytes Anti-Malware and save it to your desktop.

 MBAM will automatically start and you will be asked to update the program before performing a scan.

On the Scanner tab:

Back at the main Scanner screen:

  • If using Vista or Windows 7, right-click on it and Run As Administrator.
    • Make sure you are connected to the Internet.
    • Double-click on mbam-setup.exe to install the application.
    • When the installation begins, follow the prompts and do not make any changes to default settings.
    • When installation has finished, make sure you leave both of these checked:
      • Update Malwarebytes' Anti-Malware
      • Launch Malwarebytes' Anti-Malware
    • Then click Finish.
    • If an update is found, the program will automatically update itself.
    • Press the OK button to close that box and continue.
    • If you encounter any problems while downloading the updates,
    • manually download them from here
      and just double-click on mbam-rules.exe to install.
      Alternatively, you can update through MBAM's interface from a clean computer,
      copy the definitions (rules.ref) located in
      C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes'
      Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
    • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
    • The scan will begin and "Scan in progress" will show at the top.
    • It may take some time to complete so please be patient.
    • When the scan is finished, a message box will say "The scan completed successfully.
    • Click 'Show Results' to display all objects found".
    • Click OK to close the message box and continue with the removal process.
    • Click on the Show Results button to see a list of any malware that was found.
    • Make sure that everything is checked, and click Remove Selected.
    • When removal is completed, a log report will open in Notepad.
    • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
    • Copy and paste the contents of that report into your next reply and exit MBAM.


  • Note:-- If MBAM encounters a file that is difficult to remove,
    you may be asked to reboot your computer so it can proceed with the disinfection process.
    Regardless if prompted to restart the computer or not, please do so immediately.
    Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

    -- MBAM may make changes to your registry as part of its disinfection routine.
    If you're using other security programs that detect registry changes (like Spybot's Teatimer),
    they may interfere with the fix or alert you after scanning with MBAM.
    Please disable such programs until disinfection is complete or permit them to allow the changes.

     

    **If you need to re-install MBAM but encounter issue in re-installing, try using the MBAM Cleanup Utility by downloading it from HERE

    ==================================

If you find a post helpful and it answers your question, please click the "Accept As Solution" button.

Lenovo Advocate ~ I am not employed by Lenovo or Microsoft. I am a volunteer.

Microsoft MVP - Consumer Security

SpywareHammer

Bugbatter
Posts: 781
Registered: ‎05-01-2010
Location: USA
0

Re: Windows 7 X201 - suspect plagued with viruses - what to do?

[ Edited ]

Do you still need help?  Or shall I remove this topic from my subscriptions?


If you find a post helpful and it answers your question, please click the "Accept As Solution" button.

Lenovo Advocate ~ I am not employed by Lenovo or Microsoft. I am a volunteer.

Microsoft MVP - Consumer Security

SpywareHammer