Home / malware

PDF

BrowserModifier:Win32/Cometsystems

First posted on 15 July 2019.
Source: Microsoft

Aliases :

BrowserModifier:Win32/Cometsystems is also known as not-a-virus:Adware.Win32.Comet.ac, Adware-Cometsys, W32/Comet.DG, Comet Cursor, Spyware.CometCursor, Adware_Cometsys.

Explanation :

CometSystems is a browser modifier, also known as Comet Cursor and a number of related products or add-ons published by Comet Systems, including Comet Cursor Plus, Comet Metabrowser, Comet Search, Comet Toolbar, Comet Travel, and CometZone. CometSystems may install multiple browser helper objects (BHOs), and may download updates without notifying you.  CometSystems may take the following actions when it runs: Drop the following files in the %WinDir% folder: cc_rem.inf infcc_43.inf infcc_43.pnf infdm.inf infdm.pnf
(Note: The Windows environment variable %windir% denotes the Windows folder, which by default is C:Windows on Windows 95/98/ME/XP/Server 2003, or C:Winnt on Windows NT/2000.) Drop the following files in the comet.dll
(Note: The variable denotes the Windows system folder, which is %windir%System32 on Windows NT/2000/XP/Server 2003, or %windir%System on Windows 95/98/ME.) Drop the following files in the %ProgramFiles% folder: comet systemsdmincssecure.dll comet systemsdmindmproxy.dll comet systemsdmindmserver.exe cometincomet.exe cometincomutil.dll cometincsadzap.dll cometincsapputil.dll cometincsband.dll cometincsbho.dll cometincsbrange.dll cometincscore.dll cometincsctx.dll cometincseng.dll cometincsietb.dll cometincsinst.dll cometincsinstall.exe cometincstray.exe cometincsutil.dll cometinfileutil.dll cometinskinui.dll cometinstall empinstcore.exe cometproductsfuncursorsfclnk.exe cometupdaterbho.dll
(Note: The Windows environment variable %ProgramFiles% denotes the folder "C:Program Files" by default.) Modify the registry as follows: Start CometSystems and its updater component (named Comet DMServer) to run automatically each time Windows starts:
Adds value: MyCometCursor
In subkey: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun
Add value name: DM_Server
In subkeys:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun Registers an uninstaller by adding the following subkeys:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionUninstallCC2K
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionUninstallCCAR
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionUninstallComet
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionUninstallMyComet Register its resources and browser helper objects (BHOs), as follows: Adds values:
CometCursor.CometCursor
CometCursor.CometCursor.1
In subkey: HKEY_CLASSES_ROOTCLSID{FE6BC4EF-5676-484B-88AE-883323913256} Adds values:
{1678F7E1-C422-11D0-AD7D-00400515CAAA}
{96DA5BEE-4ACC-476C-B3EC-54C6730C4293}
{D14D6793-9B65-11D3-80B6-00500487BDBA}
In subkey:
SOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects Adds value: {FE6BC4EF-5676-484B-88AE-883323913256}
In subkey:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar - ) Adds value: Comet Systems
In subkey: HKEY_LOCAL_MACHINESoftware Under HKEY_CURRENT_USER, add the following subkeys:
SoftwareClassesAppID{BAC984C9-78C8-4105-9E97-1675A4052686}
SoftwareClassesAppIDDMServer.EXE
SoftwareClassesBHO.CSBHO
SoftwareClassesBHO.CSBHO.1
SoftwareClassesBRBHO.ByteRangeBHO
SoftwareClassesBRBHO.CSBrBho
SoftwareClassesBRBHO.CSBrBho.1
SoftwareClassesCLSID{04FC63F8-EE34-4283-8941-4A11BF17C447}
SoftwareClassesCLSID{062EFA85-8BBB-11D3-80D0-00500487B1C5}
SoftwareClassesCLSID{0922EC1A-9EC7-11D3-80B9-00500487BDBA}
SoftwareClassesCLSID{0E42926E-96D8-11D3-80D5-00500487B1C5}
SoftwareClassesCLSID{0E429272-96D8-11D3-80D5-00500487B1C5}
SoftwareClassesCLSID{15940F5D-D8BD-49BC-851D-29DCFB166950}
SoftwareClassesCLSID{1678F7E1-C422-11D0-AD7D-00400515CAAA}
SoftwareClassesCLSID{197AB1D7-A7DD-4C86-A938-1FCC0DB21B85}
SoftwareClassesCLSID{212B99A1-9CF6-11D3-80B7-00500487BDBA}
SoftwareClassesCLSID{37D026C3-84D7-4AC5-A026-C08B7907CACF}
SoftwareClassesCLSID{39E01E09-2B45-11D4-810D-00500487B1C5}
SoftwareClassesCLSID{4320AEEB-2F2A-4F97-B573-232C6576AA3A}
SoftwareClassesCLSID{4AA5D526-44D5-4AF6-AC53-5CE1534CC40B}
SoftwareClassesCLSID{64726B8A-0CBE-4F80-90B7-1CA1BC69FCFB}
SoftwareClassesCLSID{6F2D6A5E-E3E7-4F18-887C-C777650DEF57}
SoftwareClassesCLSID{7BE4E188-DD04-47E4-8C1B-4AA330B18D9F}
SoftwareClassesCLSID{7F0F5DA7-84CB-11D4-8137-00500487B1C5}
SoftwareClassesCLSID{827A2ECE-D76F-4BCC-82ED-D6A287C11211}
SoftwareClassesCLSID{8AE68B04-D492-4474-A6E2-FD5FE884F4B1}
SoftwareClassesCLSID{90C61707-C8F8-43DB-A25C-C1F4B18EE41E}
SoftwareClassesCLSID{941228B3-3AD1-4633-A9F5-59154CB362D4}
SoftwareClassesCLSID{A335D52F-D489-472D-9EAA-D72A40AAF7CA}
SoftwareClassesCLSID{A5EA242A-442E-4ecb-9CAC-97037CCD6EC6}
SoftwareClassesCLSID{C38FC998-3B1B-4F59-A710-5A6C9CF8BD92}
SoftwareClassesCLSID{CBE7D5E7-90A2-11D3-80D1-00500487B1C5}
SoftwareClassesCLSID{CD74B159-A1D3-11D3-80BC-00500487BDBA}
SoftwareClassesCLSID{D14D6793-9B65-11D3-80B6-00500487BDBA}
SoftwareClassesCLSID{DA0882FB-49A3-4A9E-BB09-5E15347B5647}
SoftwareClassesCLSID{DFA771A5-2138-48EE-A58E-F782C879AF8E}
SoftwareClassesCLSID{E28FCB54-8C8E-11D3-80D1-00500487B1C5}
SoftwareClassesCLSID{E3A6E4B2-16B4-4F56-A98A-5F4DE04CA2BE}
SoftwareClassesCLSID{E5C39DB9-9DCC-11D3-80D6-00500487B1C5}
SoftwareClassesCLSID{EA5BB125-A227-40A7-BCAA-652D497C2F65}
SoftwareClassesCLSID{EB07A6D4-8E36-11D4-8138-00500487B1C5}
SoftwareClassesCLSID{EDC4193F-34AD-4D07-AA87-E3FDB89E3E76}
SoftwareClassesCLSID{EDEE4CCB-0913-4CC9-8EA9-3DDD87AB8BDE}
SoftwareClassesCLSID{F147AE85-1855-4182-BE3A-174160995A40}
SoftwareClassesCLSID{F59C663D-E891-492C-86E3-0758C71885C2}
SoftwareClassesCLSID{FE6BC4EF-5676-484B-88AE-883323913256}
SoftwareClassesCometAppUtil.CometUIEvents
SoftwareClassesCometAppUtil.CometUIEvents.1
SoftwareClassesCometIEToolbar.CometToolbar
SoftwareClassesCometIEToolbar.CometToolbar.1
SoftwareClassesComUtil.FCParam
SoftwareClassesComUtil.FCParam.1
SoftwareClassesComUtil.FctCall
SoftwareClassesComUtil.FctCall.1
SoftwareClassesContextParser.ContextProxy
SoftwareClassesContextParser.ContextProxy.1
SoftwareClassesContextParser.ContextProxyMgr
SoftwareClassesContextParser.ContextProxyMgr.1
SoftwareClassesContextParser.CSRegExp
SoftwareClassesContextParser.CSRegExp.1
SoftwareClassesContextParser.URLContextParser
SoftwareClassesContextParser.URLContextParser.1
SoftwareClassesCore.BHO1
SoftwareClassesCore.BHO1.1
SoftwareClassesCore.BrowserAppProxy
SoftwareClassesCore.BrowserAppProxy.1
SoftwareClassesCore.CometCursor
SoftwareClassesCore.CometCursor.1
SoftwareClassesCore.CometFrame
SoftwareClassesCore.CometFrame.1
SoftwareClassesCore.CometWindow
SoftwareClassesCore.CometWindow.1
SoftwareClassesCore.CS15Cursor
SoftwareClassesCore.CS15Cursor.1
SoftwareClassesCore.FileInfo
SoftwareClassesCore.FileInfo.1
SoftwareClassesCore.HttpComm
SoftwareClassesCore.HttpComm.1
SoftwareClassesCore.MyBrowser1
SoftwareClassesCore.MyBrowser1.1
SoftwareClassesCore.SelfUpdater
SoftwareClassesCore.SelfUpdater.1
SoftwareClassesCore.System
SoftwareClassesCore.System.1
SoftwareClassesCore.WindowProxy
SoftwareClassesCore.WindowProxy.1
SoftwareClassesCSBand.HorizontalIEBand
SoftwareClassesCSBand.HorizontalIEBand.1
SoftwareClassesCSBand.VerticalIEBand
SoftwareClassesCSBand.VerticalIEBand.1
SoftwareClassesCSBRange.ByteRange
SoftwareClassesCSBRange.ByteRange.1
SoftwareClassesCSEng.CSEngine
SoftwareClassesCSEng.CSEngine.1
SoftwareClassesCSEng.CSHost
SoftwareClassesCSEng.CSHost.1
SoftwareClassesCSEng.EvHandler
SoftwareClassesCSEng.EvHandler.1
SoftwareClassesCSIP.CSCollection
SoftwareClassesCSIP.CSCollection.1
SoftwareClassesCSIP.CSIPDispatch
SoftwareClassesCSIP.CSIPDispatch.1
SoftwareClassesCSIP.CSIPPacket
SoftwareClassesCSIP.CSIPPacket.1
SoftwareClassesCSSecurity.HTMLSecurity
SoftwareClassesCSSecurity.HTMLSecurity.1
SoftwareClassesDMProxy.DMProxyCtl
SoftwareClassesDMProxy.DMProxyCtl.1
SoftwareClassesDMServer.DMNotify
SoftwareClassesDMServer.DMNotify.1
SoftwareClassesSkinUI.CSkinUI
SoftwareClassesSkinUI.CSkinUI.1
SoftwareComet SystemsApplicationsAR
SoftwareComet SystemsApplicationsCCAR
SoftwareComet SystemsApplicationsEXPLORERBHOs
SoftwareComet SystemsApplicationsFC
SoftwareComet SystemsApplicationsPKUNINS
SoftwareComet SystemsConfigManager
SoftwareComet SystemsIEBandsHorizontal
SoftwareComet SystemsIEBandsVertical
SoftwareComet SystemsIEToolbar
SoftwareComet SystemsUpChk
SoftwareMicrosoftCode Store DatabaseDistribution Units{ABABABAB-ABAB-ABAB-ABAB-ABABABABABAB}
SoftwareMicrosoftCode Store DatabaseDistribution Units{ABABABAB-ABAB-ABAB-ABAB-ABABABABABAB}DownloadInformation
SoftwareMicrosoftCode Store DatabaseDistribution Units{ABABABAB-ABAB-ABAB-ABAB-ABABABABABAB}InstalledVersion
SoftwareMicrosoftInternet ExplorerToolbar - {FE6BC4EF-5676-484B-88AE-883323913256}
SoftwareMicrosoftInternet ExplorerToolbarWebBrowser - {FE6BC4EF-5676-484B-88AE-883323913256}
SoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{96DA5BEE-4ACC-476C-B3EC-54C6730C4293}
SoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D14D6793-9B65-11D3-80B6-00500487BDBA}
SoftwareMicrosoftWindowsCurrentVersionModuleUsageC:/WINDOWS/System32/comet.dll

Last update 15 July 2019

 

TOP