Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware.comet


  • This topic is locked This topic is locked
4 replies to this topic

#1 LuckyHat

LuckyHat

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:23 AM

Posted 13 August 2007 - 10:43 PM

AVG Anti-Spyware dectected a Adware.Comet in C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP32\A0012102.exe Should I delete it?

BC AdBot (Login to Remove)

 


#2 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:06:23 AM

Posted 14 August 2007 - 12:38 AM

Hi LuckyHat,

Yes, you should allow AVG-AS to clean (delete) Adware.Comet.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:23 AM

Posted 14 August 2007 - 04:51 AM

The malware was found in the System Volume Information Folder which is a part of System Restore. Since System Restore is a protected directory, AVG may not be able to access it to delete that file.

If that is the case, then you should Set a New Restore Point and purge the old ones in order to remove the file.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recent Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "OK".
  • Click the "More Options" Tab.
  • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.
If AVG is able to remove the file you still should set a new restore point when done, to enable your computer to "roll-back" to a clean working state.

Edited by quietman7, 14 August 2007 - 04:53 AM.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 buddy215

buddy215

  • Moderator
  • 13,314 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:23 AM

Posted 14 August 2007 - 06:49 AM

Check in your Add/Remove program for Comet.
Block the third party cookies in IE by following the directions in link below.
http://www.howtogeek.com/howto/windows-vis...cookies-in-ie7/

Block third party cookies in Firefox 2
http://www.howtogeek.com/howto/windows-vis...cookies-in-ie7/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 rigel

rigel

    FD-BC


  • Members
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:09:23 AM

Posted 14 August 2007 - 06:55 AM

LuckyHat,

You have on open HJT log. Animal has closed both of your XP topics and I am closing this one. Following multiple helper's advice will extend your downtime and confuse your fix. Please be patient and follow ONLY the HJT team member's advice that takes your log.

If you have any questions, please feel free to PM me.

rigel
BleepingComputer Forums Moderator

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users