VCatch

· Overview ·
· Origins ·
· Distribution ·
· Operation ·
· Risks ·
· Detection and Removal ·
· Research ·

Overview

Summary:

 Installs CommonSearch, UCMore, Bargain Buddy, and who knows what else. Claims to be an anti-virus product. from the doc: 'We record and analyze the use of the service and software in order to get general, aggregate compilations of users' characteristics and uses of the Internet to potential users and commercial partners. We may use the information that we gather for statistical purposes in aggregate, anonymous form and for advertising, marketing, and other commercial activities.'

Alias:

 Trojan Horse [Panda]

See Also:

 UCMore

Category:

Spyware: Any product that employs a user's Internet connection in the background without their knowledge, and gathers/transmits info on the user or their behavior. Many spyware products will collect referrer info (information from your web browser which reveals what URL you linked from), your IP address (a number that is used by computers on the network to identify your computer), system information (such as time of visit, type of browser used, the operating system and platform, and CPU speed.) Spyware products sometimes wrap other commercial products, and are introduced to machines when those commercial products are installed. See also Adware.

Trojan: Any program with a hidden intent. Trojans are one of the leading causes of breaking into machines. If you pull down a program from a chat room, new group, or even from unsolicited e-mail, then the program is likely trojaned with some subversive purpose. The word Trojan can be used as a verb: To trojan a program is to add subversive functionality to an existing program. For example, a trojaned login program might be programmed to accept a certain password for any user's account that the hacker can use to log back into the system at any time. Rootkits often contain a suite of such trojaned programs.

Variants:
  • VCatch 3.0
    		•

    Similar Pests:

    		 Spyware · Trojan

    Origins

    Group:

    		 CommonSearch Inc

    By This Group:

    		 VCatch 3.0 ·

    Mailing Address:

    		 MinuteGroup Ltd., LeventsteinTower, 20th Floor, Menachem Begin Rd., Tel-Aviv, Israel 66184

    Phone:

    		 +972-3-560 4751 Fax: +972-3-560 4737

    EMail:

    		 info@minutegroup.com

    URL:

    		 http://www.minutegroup.com/

    Date of Origin:

    		 Variants from November, 2001 to March, 2005

    Place of Origin:

    		 Israel

    Distribution

    Prevalence:
  • VCatch: 0.3%
  • VCatch 3.0: 0.0%
    • More Info

    Clot Factor:
  • VCatch: 50

    • The "Clot Factor" is a measure of how much a pest "gums up" a machine by adding registry entries, files, and directories. As more objects are placed in a machine, manual removal becomes more difficult and more error-prone.

    Growth:
  • VCatch: Insufficient data to report growth
  • VCatch 3.0: Insufficient data to report growth
    		•

    Operation

    Storage Required:
  • VCatch: at least 3385 KB
  • VCatch 3.0: at least 697 KB
    		•

    Risks

    Privacy Issues:

    		 Yes. 'When you register for our vCatch service (the "Service"), we ask you to tell us and you consent to our use information about your e-mail. Your e-mail address is personally identifiable information. ... We record and analyze the use of the service and software in order to get general, aggregate compilations of users' characteristics and uses of the Internet to potential users and commercial partners. We may use the information that we gather for statistical purposes in aggregate, anonymous form and for advertising, marketing, and other commercial activities.' -- from the License Agreement.

    Privacy Policy:

    		 http://www.mailcleaner.com/private.htm

    Detection and Removal

    Automatic Removal:

    PestPatrol detects this.

    PestPatrol removes this.

    Manual Removal:

    		 Follow these steps to remove VCatch from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake.
    Stop Running Processes:

    Kill these running processes with Task Manager:

    Remove AutoRun Reference:

    Go To the key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run.
    If you find the value HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\vcatch, delete it and reboot the machine immediately.



    Unregister DLLs:

    Unregister these DLLs with Regsvr32, then reboot:

    Clean Registry:

    Remove these registry items (if present) with RegEdit:

    Remove Files:

    Remove these files (if present) with Windows Explorer:

    Remove Directories:

    Remove these directories (if present) with Windows Explorer:

    Research

    File Analyses:

    More Info:
  • AllTheWeb, AltaVista, AOL Search, Ask Jeeves, Google, HotBot, Lycos, LookSmart, MSN, Yahoo!
    		•

    Research By:
  • PestPatrol's Pest Research Center
    		•

    Last Revised:

    		 April 07, 2005