Yesterday I tried one of the downloads listed at CNET’s Download.com site and found that they are bundling a new adware called NeuroWise:
Neurowise appears to be a variant of the Atuzi adware that they previously bundled. According to Download.com’s disclosure,
Neurowise content includes advertisements and is not affiliated with any underlying websites. Browser settings will be adjusted at install.
Typically, this type of adware shows banner ads labeled “Ads by Neurowise” or “Neurowise Ads“, but for some reason I did not see any ads while browsing around with neurowise installed. Did you spot any Neurowise ads? How did they look like and where did they appear?
Neurowise is installed as a browser add-on in Firefox and Internet Explorer. In case you haven’t already spotted it in Firefox, here’s how it appears in the add-on menu:
The majority of the anti-virus programs over at VirusTotal are detecting Neurowise, as shown in the screeshot below. BrowseFox and AltBrowse are some of the detection names.
Removing the Neurowise adware is a piece of cake with FreeFixer. Just start the scan, select the Neurowise files, click Fix, reboot you machine and the problem will be gone. Here’s a few screenshots showing FreeFixer in action removing the Neurowise files:
Hope that helped you figure out what Neurowise is and how to remove it. Did you also get Neurowise from Download.com?
Could you provide a link to the VT results? Curious to know if Microsoft Security programs detect this. Thanks.
Sure,
http://www.freefixer.com/library/file/neurowisebho.dll-138680/
or
https://www.virustotal.com/en/analisis//file/10d80d07bcd0bd3cc0b60ca60d7f87461e51f6dc32357b4a439f3449e61d1d5b/analysis/
Seems as Microsoft did not detect NeuroWise when the scan was done (2014-08-22).
Hello again Gerry, I got curious to see what the scan results where today, so I uploaded the NeuroWise file to VirusTotal again. Microsoft did still not detect Neurowise:
AVG BrowseFox.F 20140828
AVware Yontoo (fs) 20140828
Ad-Aware Gen:Variant.Adware.BHO.Agent.4 20140827
Agnitum PUA.Agent! 20140827
AntiVir APPL/BrowseFox.Gen2 20140828
Antiy-AVL GrayWare[AdWare:not-a-virus]/Win32.Agent 20140828
Avast Win32:BrowseFox-AW [PUP] 20140828
Baidu-International Adware.Win32.Agent.ald 20140828
BitDefender Gen:Variant.Adware.BHO.Agent.4 20140828
CAT-QuickHeal AdWare.Agent.r5 (Not a Virus) 20140828
Comodo Application.Win32.Altbrowse.AK 20140828
DrWeb Trojan.BPlug.17 20140828
ESET-NOD32 a variant of Win32/BrowseFox.F 20140828
Emsisoft Gen:Variant.Adware.BHO.Agent.4 (B) 20140828
F-Prot W32/BadBHO.AW.gen!Eldorado 20140828
F-Secure Gen:Variant.Adware.BHO.Agent.4 20140828
Fortinet Adware/Agent 20140828
GData Gen:Variant.Adware.BHO.Agent.4 20140828
Ikarus not-a-virus:AdWare.Win32.Agent 20140828
K7AntiVirus Trojan ( 0049f9c61 ) 20140826
K7GW Trojan ( 050000001 ) 20140826
Kaspersky not-a-virus:AdWare.Win32.Agent.ahbx 20140828
Kingsoft Win32.Troj.Agent.ah.(kcloud) 20140828
Malwarebytes PUP.Optional.Neurowise.A 20140828
McAfee Artemis!C70479920B92 20140828
McAfee-GW-Edition Artemis!C70479920B92 20140828
MicroWorld-eScan Gen:Variant.Adware.BHO.Agent.4 20140828
NANO-Antivirus Riskware.Win32.Agent.crkvek 20140828
Panda Trj/CI.A 20140828
Qihoo-360 Malware.Radar03.Gen 20140828
SUPERAntiSpyware Adware.BrowseFox/Variant 20140828
Sophos Generic PUA BF 20140828
Symantec Adware.Adpopup 20140828
Tencent Win32.Adware.Agent.Swam 20140828
TrendMicro-HouseCall Suspicious_GEN.F47V0810 20140828
VIPRE Yontoo (fs) 20140828
Zillya Adware.Agent.Win32.9068 20140828
nProtect Trojan-Clicker/W32.Agent.249632.B 20140828
source: https://www.virustotal.com/en/file/10d80d07bcd0bd3cc0b60ca60d7f87461e51f6dc32357b4a439f3449e61d1d5b/analysis/1409220691/
Thanks Roger.