Home Malware Programs Rogue Anti-Spyware Programs PrivacyHidden


Posted: February 28, 2011

Although most rogue anti-virus products have been documented to come from China or Russia, PrivacyHidden is an exception that originates from South Korea. PrivacyHidden may spread through email as an attachment with a randomized filename. Any computer that gets victimized by PrivacyHidden will suffer the usual rogue anti-virus program invader troubles: inaccurate scanning results, browser hijackings, fake errors that occur for no reason and broadly disabled security. Removing PrivacyHidden is simplest when done as soon as the infection is noticed. Novices should avoid trying to get rid of PrivacyHidden without the help of anti-virus scanner software, since PrivacyHidden uses registry entries to cling to its malicious existence.

No Matter What You've Heard About Kimchi (PrivacyHidden), This is the Worst Thing from Korea

Since it's from South Korea, PrivacyHidden is very noticeable on non-Korean systems due to the use of the Korean language throughout the interface. This includes the icons PrivacyHidden is likely to create on your desktop and taskbar. PrivacyHidden can propagate by the same means as any other rogue anti-virus program ? PrivacyHidden may bundle itself with fake codec downloads or other executables and can also be installed by dangerous websites.

Some reports have also indicated that PrivacyHidden may be able to spread through email as well, by way of a SMTP client engine. PrivacyHidden and similar malware spread this way will usually have completely random or misleading file names and will always be visible as attachments. This turns PrivacyHidden into a relatively easy to avoid problem as long as you don't download things without knowing what they are! Even trusted sources can have their computers compromised, so don't download any file sent from a friend without explanation.

Keep Your Eyes Wide to Dodge These Attacks

So far, PrivacyHidden has been reported to use the usual rogue anti-virus software grab-bag of hostile behavior. In addition to being simply irritating, PrivacyHidden is a real danger to your security. If you don't delete PrivacyHidden when you see it, you might as well ask other malware to come right in and give you extra infections! Here are some of the major PrivacyHidden-related problems to be aware of:

  • Fake alerts and errors. These should be a snap for a non-Korean user to spot simply because all messages are in Korean! Even if you can read Korean, you should be aware that the contents of all these alerts are erroneous and predetermined by PrivacyHidden.
  • Persistent scan prompts and accompanying frightful scanning results. Rogue anti-virus programs like PrivacyHidden often use this in conjunction with preventing access to your desktop at startup, just to force you to go through their little show. PrivacyHidden and other rogue anti-virus products can't detect or remove infections, so you don't need to worry about the so-called results they offer.
  • Browser hijacks. In most cases, these serve two purposes. The first purpose is to redirect the user away from security websites that would allow for the removal of PrivacyHidden. The second purpose is to get the user to PrivacyHidden's website where credit card information can be stolen. Any strange alerts or links you see in your browser while PrivacyHidden is active should be considered hostile by default.
  • Crashing software, especially your system diagnostic, maintenance and anti-virus programs. PrivacyHidden may crash these with error messages to prevent its own deletion, in which case you'll have to stop PrivacyHidden from running to access these programs.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 C:\Program Files\PrivacyHidden\PrivacyHidden.exe
    2 C:\Program Files\PrivacyHidden\PrivacyHidden.exe" /run1
    3 C:\Program Files\PrivacyHidden\PrivacyHiddenMon.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\PrivacyHidden][HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PrivacyHidden.exe][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\intmedialab][HKEY_LOCAL_MACHINE\SOFTWARE\PrivacyHiddenPartner]HKEY..\..\..\..{RegistryKeys}"(Default)"="'C:\Program Files\PrivacyHidden\PrivacyHidden.exe'""DisplayIcon"="'C:\Program Files\PrivacyHidden\PrivacyHidden.exe'""DisplayName"="'?????????????'""DisplayVersion"="'1.000'""Environment"="'11111111111111'""InstallDate"="'20110212'""PrivacyHidden"="'"C:\Program Files\PrivacyHidden\PrivacyHidden.exe" /run1'""PrivacyHidden"="'2011021214'""UninstallString"="'C:\Program Files\PrivacyHidden\uninst.exe'""UpdateVersion"="'1.000'""Version"="'1.000'""W2KLpk"="1""install"="'install_check'""name"="'PrivacyHidden,'""pid"="'home'"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}PrivacyHidden]

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to PrivacyHidden may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.