Support in other languages: 
Showing results for 
Search instead for 
Do you mean 
Welcome to the Lenovo Community

Welcome to the Forums!

Welcome to Lenovo's Peer-to-Peer Discussion Community!
Please note our guidelines. How to register and login and Community FAQs.
Shape the Future of PCs

Help Lenovo Shape the Future of PCs

Take the ownership survey. Share your ideas with our product team
Community Spotlight

Visit the Lenovo Blogs!

Check out the ThinkPad Time Machine
Visit the Community Spotlight Blog
Windows  10

Are you ready for Windows 10?

Get to know Windows 10
Visit the Windows 10 Support Center
Reply
Highlighted
Punch Card
Posts: 30
Registered: ‎06-28-2008
Location: Southeast United States
0 Kudos
Accepted Solution

Spyware in System Volume on new machine

My new machine is on line now and so far only been to sites known safe.

 

To my surprise when I installed my spyware program it found a file it considered spyware in one of my system volume (system restore) files.

 

This file was not found in any other location on the computer. That leads me to wonder how this may have happened.

 

Any ideas?

 

I sent a copy of the file to the company to be analyze to verity if this is a false positive.

 

Thanks

Posts: 2,918
Topics: 106
Kudos: 159
Blog Posts: 0
Solutions: 123
Registered: ‎02-22-2008
Location: US
0 Kudos

Re: Spyware in System Volume on new machine

hi ohno welcome to the forums

 

yes its ofcourse possible that spyware might have crept in to ur system un notice.you must notice that windows makes a snapshot of all files(system info) for every 60 days may be the malware got in as well the first thing you have to do is

 

DISABLE SYSTEM RESTORE IMMEDIATLY

 

other wise it will return once you have used system restore





Cheers and regards,
• » νιנαソѕαяα∂нι ѕαмανє∂αм ™ « •
●๋•کáŕádhí'ک díáŕý ツ


I am a volunteer here. I don't work for Lenovo
Punch Card
Posts: 30
Registered: ‎06-28-2008
Location: Southeast United States
0 Kudos

Re: Spyware in System Volume on new machine

I fully under how Windows XP works and how system resotre works. I maintain many of these systems for my job. What I don't understand is how I have a spyware item in a restore point that was created before this machine ever went on line.
Punch Card
Posts: 30
Registered: ‎06-28-2008
Location: Southeast United States
0 Kudos

Re: Spyware in System Volume on new machine

No longer an issue. I hated this machine for the approximatly 3 weeks I have owned it. Decided to reformat and not reinstall all the junk.

 

All is well.

Posts: 1,079
Registered: ‎05-01-2010
Location: USA

Re: Spyware in System Volume on new machine

[ Edited ]

Lenovo has recently opened this Security & Malware Forum so older topics are being relocated to here. I'd like to include a bit more regarding System Restore for members who come across this discussion today.

It is preferable to clean the system >disable System Restore > immediately reboot and enable it again. Why not before cleaning? That is because a dirty Restore Point is better than none at all. Malware that is in System Restore cannot get out. A user cannot be re-infected by a file that is in System Restore, unless, as mentioned above, he manually runs System Restore to revert to when he was infected.  We've also had people tell us that they disabled System Restore to run routine virus scans, and have forgotten that they have done so. Thus, they have been left with no System Restore Points for long periods. You can imagine what a problem that would be! Smiley Surprised


ThinkPad: T530 / X1 Gen 2 / Helix - Yoga: Tablet 2 Pro (Win) / Yoga 3 Pro

If you find a post helpful and it answers your question, please click the "Accept As Solution" button.

Lenovo Advocate ~ I am not employed by Lenovo or Microsoft. I am a volunteer.

Microsoft MVP - Consumer Security

SpywareHammer