PrivacyHidden
Although most rogue anti-virus products have been documented to come from China or Russia, PrivacyHidden is an exception that originates from South Korea. PrivacyHidden may spread through email as an attachment with a randomized filename. Any computer that gets victimized by PrivacyHidden will suffer the usual rogue anti-virus program invader troubles: inaccurate scanning results, browser hijackings, fake errors that occur for no reason and broadly disabled security. Removing PrivacyHidden is simplest when done as soon as the infection is noticed. Novices should avoid trying to get rid of PrivacyHidden without the help of anti-virus scanner software, since PrivacyHidden uses registry entries to cling to its malicious existence.
No Matter What You've Heard About Kimchi (PrivacyHidden), This is the Worst Thing from Korea
Since it's from South Korea, PrivacyHidden is very noticeable on non-Korean systems due to the use of the Korean language throughout the interface. This includes the icons PrivacyHidden is likely to create on your desktop and taskbar. PrivacyHidden can propagate by the same means as any other rogue anti-virus program ? PrivacyHidden may bundle itself with fake codec downloads or other executables and can also be installed by dangerous websites.
Some reports have also indicated that PrivacyHidden may be able to spread through email as well, by way of a SMTP client engine. PrivacyHidden and similar malware spread this way will usually have completely random or misleading file names and will always be visible as attachments. This turns PrivacyHidden into a relatively easy to avoid problem as long as you don't download things without knowing what they are! Even trusted sources can have their computers compromised, so don't download any file sent from a friend without explanation.
Keep Your Eyes Wide to Dodge These Attacks
So far, PrivacyHidden has been reported to use the usual rogue anti-virus software grab-bag of hostile behavior. In addition to being simply irritating, PrivacyHidden is a real danger to your security. If you don't delete PrivacyHidden when you see it, you might as well ask other malware to come right in and give you extra infections! Here are some of the major PrivacyHidden-related problems to be aware of:
- Fake alerts and errors. These should be a snap for a non-Korean user to spot simply because all messages are in Korean! Even if you can read Korean, you should be aware that the contents of all these alerts are erroneous and predetermined by PrivacyHidden.
- Persistent scan prompts and accompanying frightful scanning results. Rogue anti-virus programs like PrivacyHidden often use this in conjunction with preventing access to your desktop at startup, just to force you to go through their little show. PrivacyHidden and other rogue anti-virus products can't detect or remove infections, so you don't need to worry about the so-called results they offer.
- Browser hijacks. In most cases, these serve two purposes. The first purpose is to redirect the user away from security websites that would allow for the removal of PrivacyHidden. The second purpose is to get the user to PrivacyHidden's website where credit card information can be stolen. Any strange alerts or links you see in your browser while PrivacyHidden is active should be considered hostile by default.
- Crashing software, especially your system diagnostic, maintenance and anti-virus programs. PrivacyHidden may crash these with error messages to prevent its own deletion, in which case you'll have to stop PrivacyHidden from running to access these programs.
File System Modifications
- The following files were created in the system:
# File Name 1 C:\Program Files\PrivacyHidden\PrivacyHidden.exe 2 C:\Program Files\PrivacyHidden\PrivacyHidden.exe" /run1 3 C:\Program Files\PrivacyHidden\PrivacyHiddenMon.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\PrivacyHidden][HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PrivacyHidden.exe][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\intmedialab][HKEY_LOCAL_MACHINE\SOFTWARE\PrivacyHiddenPartner]HKEY..\..\..\..{RegistryKeys}"(Default)"="'C:\Program Files\PrivacyHidden\PrivacyHidden.exe'""DisplayIcon"="'C:\Program Files\PrivacyHidden\PrivacyHidden.exe'""DisplayName"="'?????????????'""DisplayVersion"="'1.000'""Environment"="'11111111111111'""InstallDate"="'20110212'""PrivacyHidden"="'"C:\Program Files\PrivacyHidden\PrivacyHidden.exe" /run1'""PrivacyHidden"="'2011021214'""UninstallString"="'C:\Program Files\PrivacyHidden\uninst.exe'""UpdateVersion"="'1.000'""Version"="'1.000'""W2KLpk"="1""install"="'install_check'""name"="'PrivacyHidden,'""pid"="'home'"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}PrivacyHidden]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.