Over the past few days a new browser helper object malware/adware/spyware, "BetterSurf," has been installing in computers. It can be disabled by users, but the danger remains that it can be re-installed or re-enabled in the future. It is not currently detected by Symantec software. There is a lot of chatter on the net about it, though much of that is of questionable reliability. One troubling claim is that it installs an updater task on PCs. Any chance that Symantec malware detection will ever be able to take care of this? Anyone with experience with this?
Over the past few days a new browser helper object malware/adware/spyware, "BetterSurf," has been installing in computers. It can be disabled by users, but the danger remains that it can be re-installed or re-enabled in the future. It is not currently detected by Symantec software. There is a lot of chatter on the net about it, though much of that is of questionable reliability. One troubling claim is that it installs an updater task on PCs. Any chance that Symantec malware detection will ever be able to take care of this? Anyone with experience with this?
Welcome,
Anything is possible. One way to improve your chances of detection and removal is to also scan with an on-demand free scanner like
Keeping all of your software up to date is mandatory. Threats are being released by the thousands daily and security software is being updated almost continuously to try and keep up.
This seems to be more nuisanceware, than out and out malicious software. Here's some advice on how to get rid of it, which may work for you. As Dick suggested, running these malware scanners afterwards would be a good idea.
Last night I ran Trend Micro Housecall, and it found one file in BetterSurf's program files directory. This morning I downloaded new definitions for Norton, scanned the program directory, and it found a few files, but not all. I then deleted the entire program directory, rebooted and ran Norton's Registry Cleanup. It found some keys, but not all; it even failed to find the keys that referred to files that are now gone. I'm not certain about acting on the web rumors about the scheduled task or the updater program. I'm also in no mood for a key-by-key manual cleanup of the registry. At any rate, BetterSurf now no longer shows up in any browser in the extension lists, and if not all its parts are gone, it's at least gutted now, probably beyond any functionality. By the way, Firefox now automatically blocks this extension; perhaps other browsers are following suit.
I forgot to mention that when the downloads started, they killed norton NIS. I had to restart my PC to make it run again.
I just checked my registry, and bettersurf had injected itself into several keys and values, one place referred to IE, FF, and Outlook. I also found chrome.crx in three places. I am going to reboot now, and run NIS scan again.
I could not remove bettersurf from FF add-ons, there was no "remove" button for it. So I removed FF completely. I will reload it later.
If you get the latest version of FF, it will automatically block BetterSurf, so be sure to update it after install. Look in your Program Files folder(s); there should be a BetterSurf folder which can safely be deleted. That should take care of it.
I can't get rid of LinkBucks. It redirects any URL that has been shortened. I've read suggestions on Google but none of them work. What do I need to do to get rid of this pesky malware?
I'm using Norton 360 version 21.1.0.18 and Windows Vista.
BetterSurf is back, as BetterSurf Plus v.1.1. Once again it is not recognized and blocked by Norton, and to date is not blocked by browsers.
This new version, however, does come with an uninstall program, and can be uninstalled through Windows Control Panel. That worked for me, but I still had to edit the user.js file for Firefox, changing the sessionrestore line from "true" to "false."
