Monday, December 1, 2008

2nd Thought Adware

Removing 2nd Thought
Categories: Adware,BHO,Popups
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The pop-ups generally will not be stopped by pop-up stoppers, and often are
not dependent on your having Internet Explorer open.


Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\STC\bundles.exe
[%PROGRAM_FILES%]\STC\bundles53.exe
[%PROGRAM_FILES%]\STC\STC.exe
[%SYSTEM%]\2ndsrch.dll
[%SYSTEM%]\stcloader.exe
[%SYSTEM%]\winupdt.001
[%SYSTEM%]\winupdt.bin
[%WINDOWS%]\bundles\2504040824.exe
[%WINDOWS%]\bundles\32wu54rd.exe
[%WINDOWS%]\bundles\bs5-cvuacy.exe
[%WINDOWS%]\bundles\bs5-vmk1.exe
[%WINDOWS%]\bundles\bs5-vwqouc.exe
[%WINDOWS%]\bundles\CSV5P070.exe
[%WINDOWS%]\bundles\ezStub.exe
[%WINDOWS%]\bundles\log.bak.txt
[%WINDOWS%]\bundles\optimize.exe
[%WINDOWS%]\bundles\setup_silent_14725.exe
[%WINDOWS%]\bundles\setup_silent_14765.exe
[%WINDOWS%]\bundles\setup_silent_17299.exe
[%WINDOWS%]\bundles\trafficvenue1.exe
[%WINDOWS%]\bundles\TVM_B5.EXE
[%WINDOWS%]\bundles\Tvm_b5_269.exe
[%PROGRAM_FILES%]\STC\bundles.exe
[%PROGRAM_FILES%]\STC\bundles53.exe
[%PROGRAM_FILES%]\STC\STC.exe
[%SYSTEM%]\2ndsrch.dll
[%SYSTEM%]\stcloader.exe
[%SYSTEM%]\winupdt.001
[%SYSTEM%]\winupdt.bin
[%WINDOWS%]\bundles\2504040824.exe
[%WINDOWS%]\bundles\32wu54rd.exe
[%WINDOWS%]\bundles\bs5-cvuacy.exe
[%WINDOWS%]\bundles\bs5-vmk1.exe
[%WINDOWS%]\bundles\bs5-vwqouc.exe
[%WINDOWS%]\bundles\CSV5P070.exe
[%WINDOWS%]\bundles\ezStub.exe
[%WINDOWS%]\bundles\log.bak.txt
[%WINDOWS%]\bundles\optimize.exe
[%WINDOWS%]\bundles\setup_silent_14725.exe
[%WINDOWS%]\bundles\setup_silent_14765.exe
[%WINDOWS%]\bundles\setup_silent_17299.exe
[%WINDOWS%]\bundles\trafficvenue1.exe
[%WINDOWS%]\bundles\TVM_B5.EXE
[%WINDOWS%]\bundles\Tvm_b5_269.exe

How to detect 2nd Thought:

Files:
[%PROGRAM_FILES%]\STC\bundles.exe
[%PROGRAM_FILES%]\STC\bundles53.exe
[%PROGRAM_FILES%]\STC\STC.exe
[%SYSTEM%]\2ndsrch.dll
[%SYSTEM%]\stcloader.exe
[%SYSTEM%]\winupdt.001
[%SYSTEM%]\winupdt.bin
[%WINDOWS%]\bundles\2504040824.exe
[%WINDOWS%]\bundles\32wu54rd.exe
[%WINDOWS%]\bundles\bs5-cvuacy.exe
[%WINDOWS%]\bundles\bs5-vmk1.exe
[%WINDOWS%]\bundles\bs5-vwqouc.exe
[%WINDOWS%]\bundles\CSV5P070.exe
[%WINDOWS%]\bundles\ezStub.exe
[%WINDOWS%]\bundles\log.bak.txt
[%WINDOWS%]\bundles\optimize.exe
[%WINDOWS%]\bundles\setup_silent_14725.exe
[%WINDOWS%]\bundles\setup_silent_14765.exe
[%WINDOWS%]\bundles\setup_silent_17299.exe
[%WINDOWS%]\bundles\trafficvenue1.exe
[%WINDOWS%]\bundles\TVM_B5.EXE
[%WINDOWS%]\bundles\Tvm_b5_269.exe
[%PROGRAM_FILES%]\STC\bundles.exe
[%PROGRAM_FILES%]\STC\bundles53.exe
[%PROGRAM_FILES%]\STC\STC.exe
[%SYSTEM%]\2ndsrch.dll
[%SYSTEM%]\stcloader.exe
[%SYSTEM%]\winupdt.001
[%SYSTEM%]\winupdt.bin
[%WINDOWS%]\bundles\2504040824.exe
[%WINDOWS%]\bundles\32wu54rd.exe
[%WINDOWS%]\bundles\bs5-cvuacy.exe
[%WINDOWS%]\bundles\bs5-vmk1.exe
[%WINDOWS%]\bundles\bs5-vwqouc.exe
[%WINDOWS%]\bundles\CSV5P070.exe
[%WINDOWS%]\bundles\ezStub.exe
[%WINDOWS%]\bundles\log.bak.txt
[%WINDOWS%]\bundles\optimize.exe
[%WINDOWS%]\bundles\setup_silent_14725.exe
[%WINDOWS%]\bundles\setup_silent_14765.exe
[%WINDOWS%]\bundles\setup_silent_17299.exe
[%WINDOWS%]\bundles\trafficvenue1.exe
[%WINDOWS%]\bundles\TVM_B5.EXE
[%WINDOWS%]\bundles\Tvm_b5_269.exe

Folders:
[%PROGRAM_FILES%]\STC
[%WINDOWS%]\bundles

Registry Keys:
HKEY_CURRENT_USER\Software\AUN
HKEY_CURRENT_USER\Software\Bundles
HKEY_CURRENT_USER\Software\STC

Removing 2nd Thought:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Pigeon.EZQ Trojan
Zlob.Fam.Browser Protection Volume Trojan Removal instruction
MDSA.Sentinel Spyware Information

No comments: