I feel bitter about BetterSurf

http://webapps.stackexchange.com/questions/51966/bettersurf-extension-is-malware

the BetterSurf Firefox extension … is malware. How it get’s onto your machine is still a mystery.

If you do run it, this is what happens: It starts servers listening on 127.0.0.1:0 It steals private information from all local Internet browsers

But this is not the frightening part. There are several other things it does to your PC, including a TASK it schedules to run called AmiUpdXP, which you can find and delete from c:\windows\tasks\AmiUpdXp.job on windows 7.

Other things I have found: A folder is created in your appdata/local called SwvUpdater which is referenced by the Task to run Updater.exe – the frightening part, since it will be able to download and execute any future malware/virus/worm. Server data goes to: hamonetizer.com Update downloads from: hxxp://www.helpfuldownload.com/update.php (borked it so it doesn’t create clickable link)

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s