Wednesday, December 3, 2008

Comet.Systems BHO

How To Remove Comet.Systems?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Comet.Systems is dangerous virus:
The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.


Comet.Systems Symptoms:

Files:
[%WINDOWS%]\inf\cc_43.inf
[%DESKTOP%]\comet cursor.lnk
[%PROGRAMS%]\comet cursor.lnk
[%WINDOWS%]\inf\cc_43.inf
[%DESKTOP%]\comet cursor.lnk
[%PROGRAMS%]\comet cursor.lnk

Folders:
[%PROGRAM_FILES%]\comet
[%PROGRAM_FILES%]\comet systems

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{16bc6464-196a-4bab-a14b-f69f8a0a60f7}
HKEY_CLASSES_ROOT\clsid\{197ab1d7-a7dd-4c86-a938-1fcc0db21b85}
HKEY_CLASSES_ROOT\clsid\{e28fcb54-8c8e-11d3-80d1-00500487b1c5}
HKEY_CLASSES_ROOT\clsid\{f59c663d-e891-492c-86e3-0758c71885c2}
HKEY_CLASSES_ROOT\cssecurity.htmlsecurity
HKEY_CLASSES_ROOT\cssecurity.htmlsecurity.1
HKEY_CLASSES_ROOT\dmproxy.dmproxyctl
HKEY_CLASSES_ROOT\dmproxy.dmproxyctl.1
HKEY_CLASSES_ROOT\dmserver.dmnotify
HKEY_CLASSES_ROOT\dmserver.dmnotify.1
HKEY_CLASSES_ROOT\interface\{1e587528-41aa-4f19-97e8-bb75acc3035c}
HKEY_CLASSES_ROOT\interface\{2fcfb3fd-7184-4c42-aed3-30fff0119964}
HKEY_CLASSES_ROOT\interface\{34fdd882-5530-4a90-89cd-416612c8855e}
HKEY_CLASSES_ROOT\interface\{58c59f56-ca66-4b5d-9132-ecea5193be5a}
HKEY_CLASSES_ROOT\interface\{665abe65-2c16-4341-b4b8-01ff799e8f4c}
HKEY_CLASSES_ROOT\interface\{788e0d0e-caf7-473b-9183-76be6d30dc9a}
HKEY_CLASSES_ROOT\interface\{7aa7d1c3-f0f8-460c-936d-b5886d0928eb}
HKEY_CLASSES_ROOT\interface\{832786ec-9632-4919-8972-59f79d621c87}
HKEY_CLASSES_ROOT\interface\{97284959-a553-4576-859c-b3b3ff283de0}
HKEY_CLASSES_ROOT\interface\{a0ca55a1-a112-11d3-80d6-00500487b1c5}
HKEY_CLASSES_ROOT\interface\{a4b977f5-1efc-4da0-b9c2-67c53cba140f}
HKEY_CLASSES_ROOT\interface\{a9e67cbe-7a42-47be-962a-c07e73c34fba}
HKEY_CLASSES_ROOT\interface\{aeb17fc4-2a52-4945-9866-81cc343a59e3}
HKEY_CLASSES_ROOT\interface\{b0e9399e-fe6f-43b0-98d3-2f47080dde4a}
HKEY_CLASSES_ROOT\interface\{bfcbf73b-6eb2-49c1-adca-cf0cd589b140}
HKEY_CLASSES_ROOT\interface\{c4d86dc8-b73b-4470-9914-3dac14ee6f95}
HKEY_CLASSES_ROOT\interface\{dc86768f-5adf-4d84-9de8-fd047b1fe8f5}
HKEY_CLASSES_ROOT\interface\{ddd1e8ca-678d-4c9a-a472-ce9578b14dc5}
HKEY_CLASSES_ROOT\typelib\{32ba13af-001c-456e-8825-8d53077460ac}
HKEY_CLASSES_ROOT\typelib\{5d2d50f6-6be2-41a0-b827-1accd3e2e2f7}
HKEY_CLASSES_ROOT\typelib\{844c39ec-7ea4-4f11-bce6-28404fd768e3}
HKEY_CLASSES_ROOT\typelib\{878ace1b-8db0-4d75-9034-504756ad4215}
HKEY_CLASSES_ROOT\typelib\{8fcd3b3f-6f3e-4bb2-9c37-b03b27f71857}
HKEY_LOCAL_MACHINE\software\comet systems
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D14D6793-9B65-11D3-80B6-00500487BDBA}
HKEY_CLASSES_ROOT\clsid\{212b99a1-9cf6-11d3-80b7-0500487bdba}
HKEY_CLASSES_ROOT\clsid\{39e01e09-2b45-11d4-810d-00500487d1c5}
HKEY_CLASSES_ROOT\clsid\{90c61707-c8f8-43db-a25c-c1f4b18ee41e}
HKEY_CLASSES_ROOT\clsid\{c38fc998-3b1b-4f59-a710-5a6c9cf8bd92}
HKEY_CLASSES_ROOT\clsid\{cd74b159-a1d3-11d3-80bc-0500487bdba}
HKEY_CLASSES_ROOT\clsid\{d14d6793-9b65-11d3-80b6-00500487bdba}
HKEY_CLASSES_ROOT\clsid\{da0882fb-49a3-4a9e-bb09-5e15347b5647}
HKEY_CLASSES_ROOT\clsid\{e5c39db-9dcc-11d3-80d6-00500487d1c5}
HKEY_CLASSES_ROOT\clsid\{edc4193f-34ad-4d07-aa87-e3fdb89e3e76}
HKEY_CLASSES_ROOT\clsid\{fe6bc4ef-5676-484b-88ae-883323913256}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d14d6793-9b65-11d3-80b6-00500487bdba}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ccar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ccar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\puk
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\puk


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Crusc Trojan Cleaner
QaBar.Adult.Links.Toolband BHO Symptoms

No comments: