TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
ADW_FLASHGET.A
Overview
Solution

QUICK LINKS  

Download the latest scan engine

In the wild: No

Reported detections:

 Low
 
Description:

This adware acts as a Browser Helper Object (BHO), which may occasionally cause the Internet Explorer to crash.

BHOs are programs installed unknowingly on affected systems. They are designed to run automatically every system startup to monitor user activity.

It runs on Windows 95, 98, ME, NT, 2000, XP.

Solution: 

Minimum scan engine version needed: 6.810


(Note: You must close all instances of Internet Explorer before running the succeeding sets of instructions.)

Identifying the Adware

Download the latest spyware pattern file and scan your system. Note all files detected as ADW_FLASHGET.A.

Removing Autostart Entries from the Registry

Removing autostart entries from the registry prevents the adware from executing at startup.

  1. Open Registry Editor. Click Start>Run, type REGEDIT, then press Enter.
  2. In the left panel, locate and delete the following registry keys:
    • HKEY_CLASSES_ROOT\Jccatch.IeCatch2
    • HKEY_CLASSES_ROOT\JetCar.IeCatch
    • HKEY_CLASSES_ROOT\JetCar.IeCatch.1
    • HKEY_CLASSES_ROOT\JetCar.Netscape
    • HKEY_CLASSES_ROOT\JetCar.Netscape.1
    • HKEY_CLASSES_ROOT\CLSID
      {A5366673-E8CA-11D3-9CD9-0090271D075B}
    • HKEY_CLASSES_ROOT\CLSID
      {FB5DA722-162B-11D3-8B9B-AA70B4B0B524}
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
      CurrentVersion\Explorer\Browser Helper Objects
      {A5366673-E8CA-11D3-9CD9-0090271D075B}
  3. Close Registry Editor.
NOTE: If you were not able to terminate the adware process as described in the previous procedure, restart your system.

Running Trend Micro Antivirus

Download the latest spyware pattern file and scan your system. Then, delete all files detected as ADW_FLASHGET.A.

Details: 

This adware acts as a Browser Helper Object (BHO), which may occasionally cause the Internet Explorer to crash.

BHOs are programs installed unknowingly on affected systems. They are designed to run automatically at every system startup to monitor user activity.

It creates the following registry keys:

HKEY_CLASSES_ROOT\Jccatch.IeCatch2

HKEY_CLASSES_ROOT\JetCar.IeCatch

HKEY_CLASSES_ROOT\JetCar.IeCatch.1

HKEY_CLASSES_ROOT\JetCar.Netscape

HKEY_CLASSES_ROOT\JetCar.Netscape.1

HKEY_CLASSES_ROOT\CLSID\{A5366673-E8CA-11D3-9CD9-0090271D075B}

HKEY_CLASSES_ROOT\CLSID\{FB5DA722-162B-11D3-8B9B-AA70B4B0B524}

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows

CurrentVersion\Explorer\Browser Helper Objects\{A5366673-E8CA-11D3-9CD9-0090271D075B}
Analysis by: Joseph Cepe

For additional information about this threat, see:
Solution

Description created: Aug 19, 2004




Tell us how we did. Take our quick survey.