This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects Adware.BetterInternet communicating and request information for its controlling server.
Adware.BetterInternet is a Browser Helper Object that displays advertisements and downloads and installs files.
Programs that facilitate delivery of advertising content to the user through their own window, or by utilizing another program's interface. In some cases, these programs may gather information from the user's computer, including information related to Internet browser usage or other computing habits, and relay this information back to a remote computer or other location in cyber-space.
Adware can be downloaded from Web sites (typically in shareware or freeware), email messages, and instant messengers. Additionally, a user may unknowingly receive and/or trigger adware by accepting an End User License Agreement from a software program linked to the adware or from visiting a website that downloads the adware with or without an End User License Agreement
- Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
Symantec Security Response has developed a removal tool for Adware.BetterInternet. Use this removal tool first, as it is the easiest way to remove this threat.
The tool can be found here: http://securityresponse.symantec.com/avcenter/FixBinet.exe
The current version of the tool is 1.1.3 and will have a digital signature timestamp equivalent to 06/09/2005 03:06 PM PST
Note: The date and time displayed will be adjusted to your time zone, if your computer is not set to the Pacific time zone.
It has been reported that a computer with Adware.BetterInternet on it may also have other security risks installed. Symantec recommends that the following steps be carried out:
1. Apply the Adware.BetterInternet Removal Tool.
2. Update the definitions by starting the Symantec program and running LiveUpdate.
3. Run a full system scan to detect any other security risks on the computer.
4. If the scan detects any further security risks, check for removal tools at http://securityresponse.symantec.com/avcenter/security.risks.tools.list.html.
5. If there are no removal tools for the security risks that are detected, follow the manual removal instructions listed in the threat report.