the BetterSurf Firefox extension … is malware. How it get’s onto your machine is still a mystery.
If you do run it, this is what happens: It starts servers listening on 127.0.0.1:0 It steals private information from all local Internet browsers
But this is not the frightening part. There are several other things it does to your PC, including a TASK it schedules to run called AmiUpdXP, which you can find and delete from c:\windows\tasks\AmiUpdXp.job on windows 7.
Other things I have found: A folder is created in your appdata/local called SwvUpdater which is referenced by the Task to run Updater.exe – the frightening part, since it will be able to download and execute any future malware/virus/worm. Server data goes to: hamonetizer.com Update downloads from: hxxp://www.helpfuldownload.com/update.php (borked it so it doesn’t create clickable link)