Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Privacy Components wants to Save the Hedgehogs


  • Please log in to reply
5 replies to this topic

#1 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,470 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:27 PM

Posted 18 February 2009 - 12:19 AM

On the lighter side of security reporting, it appears that a small spiny mammal called the Hedgehog is well liked by certain developers of rogue software. When analyzing a new rogue program called Privacy Components, I found a curious string embedded in two of the executables.

In two of Privacy Components files, named agent.exe and pc.exe, I found an interesting string embedded in the executable. This string read, SaveTheHedgehogs. Could the malicious and criminal developers of this rogue program have a sweet spot for these cute spiny little mammals? I guess so as shown in the executable below.




It's funny what you can find when you dig around executables; especially malware ones. It is not uncommon for malware writers to insert their own messages into their files as a way of making statements, trying to be funny, or saying goodbye. This can be seen in the farewell speech from the developers of Zlob. Regardless of the intent, it appears hedgehogs do need some rescuing and care as described at the site Epping Forest Hedgehog Rescue. So if you, like the developers, also want to help save the hedgehogs, please visit the link below.



BC AdBot (Login to Remove)

 


#2 iearldtg

iearldtg

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:27 PM

Posted 13 March 2009 - 07:59 PM

My Friend at school got this on his computer and explorer wouldnt turn on when you logged in it was one of the easier trojans to remove.However you must scan the registry after you delete it.

#3 Platypus

Platypus

  • Moderator
  • 13,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:01:27 PM

Posted 13 March 2009 - 08:12 PM

Heh, malware hedgehogs... :thumbsup:

Top 5 things that never get done:

1.


#4 Layback Bear

Layback Bear

  • Members
  • 1,880 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Northern Ohio
  • Local time:10:27 PM

Posted 29 March 2009 - 09:33 AM

Grinler how did you get that information from your computer, address and disassembly

#5 Grinler

Grinler

    Lawrence Abrams

  • Topic Starter

  • Admin
  • 43,470 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:27 PM

Posted 29 March 2009 - 09:39 AM

Ran it through a debugger/assembler.

#6 Layback Bear

Layback Bear

  • Members
  • 1,880 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Northern Ohio
  • Local time:10:27 PM

Posted 29 March 2009 - 09:51 AM

Is that a program I can down load or is it in XP command prompt.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users