Content

Adware-abetterintrnt

Type
Program
SubType
Adware
Discovery Date
03/18/2005
Length
Varies
Minimum DAT
4422 (01/26/2005)
Updated DAT
5715 (08/20/2009)
Minimum Engine
5.1.00
Description Added
01/26/2005
Description Modified
01/26/2005 9:26 AM (PT)
Risk Assessment
Corporate User
N/A
Home User
N/A

Tab Navigation

Characteristics

McAfee(R) AVERT recognizes that this program may have legitimate uses in contexts where an authorized administrator has knowingly installed this application. If you agreed to a license agreement for this, or another bundled application, you may have legal obligations with regard to removing this software, or using the host application without this software. Please contact the software vendor for further information.

See http://vil.nai.com/vil/DATReadme.asp for a list of Program detections added to the DATs.

See http://vil.nai.com/vil/pups/configuration.htm for information about how to enable, disable, and exclude detection of legitimately installed programs.

This kind of application generally comes bundled with another program, which usually discloses the fact that it is ad-supported. Users agree to have the Adware installed in the license agreement, although they may not realize at first that this file was packaged with the product they installed.

The adware gathers system and browsing information and sends this to domains within abetterinternet.com,  such as:

  • c.abetterinternet.com
  • s.abetterinternet.com
  • download2.abetterinternet.com

Installation

This program exists as a Browser Helper Object, which integrates into Internet Explorer.

Upon installation, the application registers itself in the system registry.  Many registry entries are created (note, adware is notorious for varying CLSIDs and different versions of this application may use completely different registry settings):

  • HKEY_CLASSES_ROOT\BiDll.BiDllObj.1
  • HKEY_CLASSES_ROOT\CLSID\
    {000006B1-19B5-414A-849F-2A3C64AE6939}
  • HKEY_CLASSES_ROOT\Interface\
    {4534CD6B-59D6-43FD-864B-06A0D843444A}
  • HKEY_CLASSES_ROOT\TypeLib\
    {690BCCB4-6B83-4203-AE77-038C116594EC}
  • HKEY_CLASSES_ROOT\VX2.VX2Obj
  • HKEY_LOCAL_MACHINE\SOFTWARE\DBi

Symptoms

N/A This is not a virus or trojan.

Method of Infection

N/A This is not a virus or trojan.

Variants

Variants

    N/A

All Information

Overview -

This is a Potentially Unwanted Program (PUP) detection. It is not a virus or trojan. PUPs are any piece of software which a reasonably security-or privacy-minded computer user may want to be informed of.

Characteristics

Characteristics -

McAfee(R) AVERT recognizes that this program may have legitimate uses in contexts where an authorized administrator has knowingly installed this application. If you agreed to a license agreement for this, or another bundled application, you may have legal obligations with regard to removing this software, or using the host application without this software. Please contact the software vendor for further information.

See http://vil.nai.com/vil/DATReadme.asp for a list of Program detections added to the DATs.

See http://vil.nai.com/vil/pups/configuration.htm for information about how to enable, disable, and exclude detection of legitimately installed programs.

This kind of application generally comes bundled with another program, which usually discloses the fact that it is ad-supported. Users agree to have the Adware installed in the license agreement, although they may not realize at first that this file was packaged with the product they installed.

The adware gathers system and browsing information and sends this to domains within abetterinternet.com,  such as:

  • c.abetterinternet.com
  • s.abetterinternet.com
  • download2.abetterinternet.com

Installation

This program exists as a Browser Helper Object, which integrates into Internet Explorer.

Upon installation, the application registers itself in the system registry.  Many registry entries are created (note, adware is notorious for varying CLSIDs and different versions of this application may use completely different registry settings):

  • HKEY_CLASSES_ROOT\BiDll.BiDllObj.1
  • HKEY_CLASSES_ROOT\CLSID\
    {000006B1-19B5-414A-849F-2A3C64AE6939}
  • HKEY_CLASSES_ROOT\Interface\
    {4534CD6B-59D6-43FD-864B-06A0D843444A}
  • HKEY_CLASSES_ROOT\TypeLib\
    {690BCCB4-6B83-4203-AE77-038C116594EC}
  • HKEY_CLASSES_ROOT\VX2.VX2Obj
  • HKEY_LOCAL_MACHINE\SOFTWARE\DBi

Symptoms

Symptoms -

N/A This is not a virus or trojan.

Method of Infection

Method of Infection -

N/A This is not a virus or trojan.

Removal -

Removal -

Instructions on Enabling/Disabling Detection and Removal of Potentially Unwanted Programs

Variants

Variants -

    N/A