Exterminate It! Antimalware

malpedia

Known threats:699,742 Last Update:November 20, 22:46

Testimonials

I have had major computer issues in the last week. I was infected with the Darksma and Vundo downloader trojans. After researching the net for possible solutions, i found they are extremely difficult to remove. I tried a variety of spyware removal tools to no avail. To do it manually is near on impossible.
The symptoms are, computer runs slow, constant ad pop ups, hijacking of emails, theft of information and locking of a variety of functions.
I then found buried deep in a google search a link to Exterminate It. After reading it, I downloaded to do a free scan and a lot of stuff no other spyware had found showed up. So i went searching the locations and sure enough the files where there on my system. I tried removing them with no luck. So i spent the $25 usa to activate.
http://www.exterminate-it.com/
It removed all but 4. I was disappointed that the Trojans once again reloaded and my problems continued. So, i used the SUBMIT STATE service. I supplied all the info i could gather, pop up addys and what they were for , what others programs had found and Exterminate had missed etc. Within 24 hours i received and email telling me they had updated there system and to download it. I rescanned the system and it deleted all the previous locked files.
Darksma and Vundo downloader trojans have not done their re appearing act since and my comp is running normal again.

It's worth remembering the addy or downloading it to see what it finds. I had no problems doing so in anyway with this program. They done what they said they would on there web site in under the time frame.

Source

Administrator of Horse Racing Forums

Win32.SecondThought.ag

Aliases of Win32.SecondThought.ag (AKA):

[Kaspersky]Trojan.Win32.SecondThought
[Other]Adware.SecondThought, Trojan.Win32.SecondThought.c, Win32/SecondThought.G

How to Remove Win32.SecondThought.ag from Your Computer^

To completely purge Win32.SecondThought.ag from your computer, you need to delete the files and folders associated with Win32.SecondThought.ag. These files and folders are respectively listed in the Files and Folders sections on this page.

For instructions on deleting the Win32.SecondThought.ag files and folders, see the following section How to Delete Win32.SecondThought.ag Files (.exe, .dll, etc.).

How to Delete Win32.SecondThought.ag Files (.exe, .dll, etc.)^

The files and folders associated with Win32.SecondThought.ag are listed in the Files and Folders sections on this page.

To delete the Win32.SecondThought.ag files and folders:

  1. Using your file explorer, browse to each file and folder listed in the Folders and Files sections.
  2. Note: The paths use certain special folders (conventions) such as [%PROGRAM_FILES%]. Please note that these conventions are depending on Windows Version / Language. These conventions are explained here.
  3. Select the file or folder and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. IMPORTANT: If a file is locked (in use by some application), its deletion will fail (the Windows will display a corresponding message).You can delete such locked files with the RemoveOnReboot utility. To delete a locked file, right-click on the file, select Send To->Remove on Next Reboot on the menu and restart your computer. You can install the RemoveOnReboot utility from here.

Trojan

A trojan is a program that is disguised as legitimate software but is designed to carry out some harmful actions on the infected computer.

Unlike viruses and worms, trojans don’t replicate but they can be just as destructive.

These days trojans are very common. Trojans are divided into a number different categories based on their function or type of damage.

Be Aware of the Following Trojan Threats:

Kedad, CB, Lineage.ACK, Horse.Construction.Kit, Small.AMA.

Adware

Software that is designed to launch advertisements, frequently pop-up ads, on a user’s computer and/or to redirect search results to promotional Web sites. Adware programs are often built into freeware or shareware programs, where the adware creates an indirect ‘charge’ for using the free program. Sometimes a trojan can silently download an adware program from a Web site and install it onto a user’s machine.

Hacker tools, or Browser Hijackers, can also download an adware program by exploiting a web browser’s vulnerability. Browser Hijackers may tamper with the browser settings, redirect incorrect or incomplete URLs to unwanted Web sites, or change the default home page. They can also re-direct a user’s searches to “pay-to-view” (often pornographic) Web sites.

Typically, many adware programs do not leave any marks of their presence in the system: they are not listed on Start | Programs; they add no icons to the system tray; and they don’t show up on the task list. In addition, adware programs seldom provide an uninstallation procedure, and attempts at manually removing them frequently result in failure of the original carrier program.

Be Aware of the Following Adware Threats:

RedV.Protector.Suite, OrbitExplorer, DoDoor, ZToolbar, Hardcore.

BHO

Browser Helper Object, or BHO, is a dynamic link library (DLL) that runs whenever Internet Explorer is started. Generally, BHOs are included in installation of third-party programs where they are offered as enhancements of the browser functionality. For example, many Internet Explorer plug-ins are in essence BHOs.

BHOs can be installed silently or “legitimately” when a user fails to read the fine print included in the freeware program’s EULA (End User License Agreement).

Because BHOs are small programs, they can do anything that other programs can do. It’s not easy to detect the BHOs installed on the computer. This enables hackers and other malevolent users to employ the BHO functionality in their interests, for example, secretly install adware programs or gather various statistics on the user’s browsing trends.

Be Aware of the Following BHO Threats:

AdBars, WS.FTP, Comodo.Trust, URLBlaze, Internet Speed Monitor.

Hijacker

Software that seizes control of a computer’s resources to proliferate itself or use them for other malicious purposes.

There are several types of hijackers. The most common are:

  • Browser hijackers – Alters the existing Internet browser settings so that a user is redirected to unwanted or malicious Web sites. These include programs that change the browser Home page or replace a popular search service’s home page with its own fake copy, whose search results point to particular malicious or irrelevant sites.
  • Autorun hijackers – Automatically run certain programs on start-up of a user’s computer.

Be Aware of the Following Hijacker Threats:

eebuy, StartPage.bx, WurldMedia.bpboh, Msinfosys.AutoSearch, Xupiter.

How Did My PC Get Infected with Win32.SecondThought.ag?^

The following are the most likely reasons why your computer got infected with Win32.SecondThought.ag:

  • Your operating system and Web browser's security settings are too lax.
  • You are not following safe Internet surfing and PC practices.

Downloading and Installing Freeware or Shareware

Small-charge or free software applications may come bundled with spyware, adware, or programs like Win32.SecondThought.ag. Sometimes adware is attached to free software to enable the developers to cover the overhead involved in created the software. Spyware frequently piggybacks on free software into your computer to damage it and steal valuable private information.

Using Peer-to-Peer Software

The use of peer-to-peer (P2P) programs or other applications using a shared network exposes your system to the risk of unwittingly downloading infected files, including malicious programs like Win32.SecondThought.ag.

Visiting Questionable Web Sites

When you visit sites with dubious or objectionable content, trojans-including Win32.SecondThought.ag, spyware and adware, may well be automatically downloaded and installed onto your computer.

Detecting Win32.SecondThought.ag^

The following symptoms signal that your computer is very likely to be infected with Win32.SecondThought.ag:

PC is working very slowly

Win32.SecondThought.ag can seriously slow down your computer. If your PC takes a lot longer than normal to restart or your Internet connection is extremely slow, your computer may well be infected with Win32.SecondThought.ag.

New desktop shortcuts have appeared or the home page has changed

Win32.SecondThought.ag can tamper with your Internet settings or redirect your default home page to unwanted web sites. Win32.SecondThought.ag may even add new shortcuts to your PC desktop.

Annoying popups keep appearing on your PC

Win32.SecondThought.ag may swamp your computer with pestering popup ads, even when you're not connected to the Internet, while secretly tracking your browsing habits and gathering your personal information.

E-mails that you didn't write are being sent from your mailbox

Win32.SecondThought.ag may gain complete control of your mailbox to generate and send e-mail with virus attachments, e-mail hoaxes, spam and other types of unsolicited e-mail to other people.