Gen:Variant.Adware.SwiftBrowse.4

[shelf life]

Ok thanks for the info. We can use FRST to clean up some of the leftovers. There harmless, the main threat (the running service) is gone.

Open notepad. You can type in notepad in the search window from start, or All Programs>Accessories>Notepad.

Please copy the contents of the code box below into notepad.
Save it on the Desktop as fixlist.txt

Run FRST64, right click and "run as admin"--press the Fix button just once and wait.
The tool will make a log on the desktop (Fixlog.txt) please post it to your reply

Code:

C:\Program Files (x86)\neurowise\bin\utilneurowise.exe
C:\Program Files (x86)\neurowise\bin\neurowise.expext.exe
C:\Program Files (x86)\neurowise\updateneurowise.exe
HKLM-x32\...\Run: [] => [X]
2014-11-29 20:38 - 2014-09-14 22:25 - 00000000 ____D () C:\Program Files (x86)\neurowise
2014-11-27 11:01 - 2014-11-29 11:07 - 00082208 _____ () C:\Program Files (x86)\neurowise\bin\neurowise.expextdll.dll
C:\Program Files (x86)\neurowise\neurowiseBHO.dll
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: neurowise 1.0.0.4 -> {d08ab008-0647-4784-8e2c-5769cd4a7c3a} -> C:\Program Files (x86)\neurowise\neurowiseBHO.dll (neurowise)
EmptyTemp:

[Hotdogneck]

Here is the log that was created after running the fix with FRST64.


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-12-2014
Ran by Chris at 2014-12-02 17:12:35 Run:1
Running from C:\Users\Chris\Desktop
Loaded Profile: Chris (Available profiles: Chris)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Program Files (x86)\neurowise\bin\utilneurowise.exe
C:\Program Files (x86)\neurowise\bin\neurowise.expext.exe
C:\Program Files (x86)\neurowise\updateneurowise.exe
HKLM-x32\...\Run: [] => [X]
2014-11-29 20:38 - 2014-09-14 22:25 - 00000000 ____D () C:\Program Files (x86)\neurowise
2014-11-27 11:01 - 2014-11-29 11:07 - 00082208 _____ () C:\Program Files (x86)\neurowise\bin\neurowise.expextdll.dll
C:\Program Files (x86)\neurowise\neurowiseBHO.dll
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: neurowise 1.0.0.4 -> {d08ab008-0647-4784-8e2c-5769cd4a7c3a} -> C:\Program Files (x86)\neurowise\neurowiseBHO.dll (neurowise)
EmptyTemp:
*****************

"C:\Program Files (x86)\neurowise\bin\utilneurowise.exe" => File/Directory not found.
"C:\Program Files (x86)\neurowise\bin\neurowise.expext.exe" => File/Directory not found.
"C:\Program Files (x86)\neurowise\updateneurowise.exe" => File/Directory not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"C:\Program Files (x86)\neurowise" => File/Directory not found.
"C:\Program Files (x86)\neurowise\bin\neurowise.expextdll.dll" => File/Directory not found.
"C:\Program Files (x86)\neurowise\neurowiseBHO.dll" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d08ab008-0647-4784-8e2c-5769cd4a7c3a}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{d08ab008-0647-4784-8e2c-5769cd4a7c3a}" => Key deleted successfully.
EmptyTemp: => Removed 708.4 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

[shelf life]

Looks good. If all is good on your end you can get one more download that will remove the tools we used then delete itself:

Please download Delfix.exe and save it to your desktop:
https://toolslib.net/downloads/viewdownload/2-delfix/

Right click and select "run as admin" check: "Remove disinfection tools" and click on the Run button.
The tool will delete itself once it finishes. You can delete the log it generates

Happy safe surfing out there.