CometSystems

Posted: March 25, 2011

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Threat Level:	8/10
Infected PCs:	9

First Seen:	January 23, 2011
OS(es) Affected:	Windows

Comet Systems is a company behind questionable software such as the widely-considered invasive Comet Cursors, as well as a general label for adware and browser hijackers from the Comet Systems company. Most forms of Comet Systems malware will refuse to be removed through ordinary methods and will continue to return after a reboot even after being partially deleted. Since malware from the Comet Systems company can subject you to malicious advertisements, change aspects of your PC without your permission and may monitor your personal information, deleting Comet Systems programs through secure anti-malware methods is the suggested solution.

Signs of Comet Systems Malware

In most causes, Comet Systems will be easily seen by unwanted additions to your desktop or program folders. Deleting these items manually can result in an 'access denied' message that stops the action, so you'll have to resort to harsher methods if you want to make Comet Systems get out of your PC.

The primary semi-malicious product of Comet Systems, Comet Cursors, can easily be installed by accident through a single click for typical security settings or through no warnings whatsoever when using low browser security settings. Comet Systems malware may also be bundled with semi-legitimate programs like P2P file-sharing applications.

Besides the above attacks, Comet Systems malware has been reported to exhibit the following harmful behaviors:

Hijacking your web browser to force it to a Comet Systems website.Comet Systems may also monitor any information that passes through your web browser, change your homepage, block websites or alter search results.
Malware by Comet Systems may also update itself without permission, adding additional and potentially invasive features without notifying the user.
Icons may be placed on your desktop or added to your Windows Start menu to link to websites or products. These links may be malicious, but at a minimum, Comet Systems is using them to make money off of your system resources without your permission.
Comet Systems malware may register .dll files without your consent and add Registry entries that allow Comet Systems to run whenever Windows launches. Activity by Comet Systems adware, browser hijackers and other malware may not be readily visible and can be hidden as background memory processes viewable in your Task Manager.

This Comet Comes Around Again and Again

What really cements Comet Systems as malware is the simple fact that Comet Systems refuses to go away when you tell Comet Systems to get off your PC! Normal software removal methods will almost always fail when used against Comet Systems malware. Even deleting Comet Systems by using proven anti-malware products has been noted to fail with remarkable frequency, unless additional steps are taken to shut the malware down.

Due to Comet Systems' sheer persistence, removing Comet Systems malware must be accomplished in Safe Mode, a mode which prevents Comet Systems infections from activating during the Windows startup process. Unless you use this extra safety measure and scan your system with extreme thoroughness, you may end up seeing Comet Systems malware trying to reinstall itself again and again, no matter how many times you delete Comet Systems.

Aliases

Adware Generic.DT [AVG]ADSPY/Comet.V.3 [AntiVir]Adware.Comet.Systems.N [BitDefender]not-a-virus:AdWare.Win32.Comet.v [Kaspersky]Adware.Comet-9 [ClamAV]AdWare.Comet.v (Not a Virus) [CAT-QuickHeal]Adware/Comet [Panda]Adware/CometCursor [Fortinet]Comet Cursor [Sunbelt]Adware Generic.CLV [AVG]CometSystems (threat-c) [Microsoft]Malware [Prevx1]ADSPY/Comet.AK [AntiVir]Adware.Comet [eWido]Adware.Comet.9 [BitDefender]
More aliases (28)

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%PROGRAMFILES%\Comet\Bin\csbho.dll

File name: csbho.dll
Size: 32.85 KB (32850 bytes)
MD5: 6593131457424a5eff23ac8d4b15eba9
Detection count: 5
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\Comet\Bin
Group: Malware file
Last Updated: January 24, 2011

%PROGRAMFILES%\Comet\Bin\csband.dll

File name: csband.dll
Size: 64.6 KB (64601 bytes)
MD5: e4351e992c9b566b5a8e9ebaef568ce0
Detection count: 5
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\Comet\Bin
Group: Malware file
Last Updated: January 24, 2011