Mint Chip
September 6th, 2003, 04:39 PM
http://zeldaclassic.armageddongames.net/thirdparty.shtml zc190.zip
installs two program a data tracker showbehind.exe and a hyjack browser to change your search engine page.
I usually do a scan with AdWare after downloading software. I downloaded Zelda Classic at 4:52 Sept and did the scan a few minutes later. It found a program called showbehind.exe. I believe AdAware disabled it function but I also went in and deleted the folder for the program.
This is the results.
Ad-aware 6 Scanning Result, 9-2-2003 4:59:03 PM
Created with Ad-aware Personal, free for private use.
Vendor Type Category Object Comment
ShowBehind RegValue Data Miner HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ "ShowBehind"
Possible Browser Hijack attempt RegData Data Miner HKEY_CURRENT_USER:Software\Microsoft\Internet Explorer\Main"Search Page" ("http://www.searchgateway.net/search/") Possible browser hijack attempt
Possible Browser Hijack attempt RegData Data Miner HKEY_CURRENT_USER:Software\Microsoft\Internet Explorer\Main"Search Bar" ("http://www.searchgateway.net/search/") Possible browser hijack attempt
Possible Browser Hijack attempt RegData Data Miner HKEY_CURRENT_USER:Software\Microsoft\Internet Explorer\SearchURL"" ("http://www.searchgateway.net/search/%s") Possible browser hijack attempt
Possible Browser Hijack attempt RegData Data Miner HKEY_LOCAL_MACHINE:Software\Microsoft\Internet Explorer\Search"SearchAssistant" ("http://www.searchgateway.net/search/") Possible browser hijack attempt
ShowBehind Folder Data Miner c:\windows\sbnet\
ShowBehind File Data Miner c:\windows\sbnet\removead.bat
ShowBehind File Data Miner c:\windows\sbnet\showbehind.exe
:o
installs two program a data tracker showbehind.exe and a hyjack browser to change your search engine page.
I usually do a scan with AdWare after downloading software. I downloaded Zelda Classic at 4:52 Sept and did the scan a few minutes later. It found a program called showbehind.exe. I believe AdAware disabled it function but I also went in and deleted the folder for the program.
This is the results.
Ad-aware 6 Scanning Result, 9-2-2003 4:59:03 PM
Created with Ad-aware Personal, free for private use.
Vendor Type Category Object Comment
ShowBehind RegValue Data Miner HKEY_LOCAL_MACHINE:SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ "ShowBehind"
Possible Browser Hijack attempt RegData Data Miner HKEY_CURRENT_USER:Software\Microsoft\Internet Explorer\Main"Search Page" ("http://www.searchgateway.net/search/") Possible browser hijack attempt
Possible Browser Hijack attempt RegData Data Miner HKEY_CURRENT_USER:Software\Microsoft\Internet Explorer\Main"Search Bar" ("http://www.searchgateway.net/search/") Possible browser hijack attempt
Possible Browser Hijack attempt RegData Data Miner HKEY_CURRENT_USER:Software\Microsoft\Internet Explorer\SearchURL"" ("http://www.searchgateway.net/search/%s") Possible browser hijack attempt
Possible Browser Hijack attempt RegData Data Miner HKEY_LOCAL_MACHINE:Software\Microsoft\Internet Explorer\Search"SearchAssistant" ("http://www.searchgateway.net/search/") Possible browser hijack attempt
ShowBehind Folder Data Miner c:\windows\sbnet\
ShowBehind File Data Miner c:\windows\sbnet\removead.bat
ShowBehind File Data Miner c:\windows\sbnet\showbehind.exe
:o