{"id":826,"date":"2012-03-26T13:18:53","date_gmt":"2012-03-26T13:18:53","guid":{"rendered":"http:\/\/www.hexacorn.com\/blog\/?p=826"},"modified":"2012-03-26T13:18:53","modified_gmt":"2012-03-26T13:18:53","slug":"zoom-enhance","status":"publish","type":"post","link":"https:\/\/www.hexacorn.com\/blog\/2012\/03\/26\/zoom-enhance\/","title":{"rendered":"Zoom. Enhance."},"content":{"rendered":"

This post won’t make you smarter. Move on. You have been warned \ud83d\ude09<\/p>\n

 <\/p>\n

This article<\/a> on Wired talks about Mikko Hypponen’s war on malware. I haven’t read it \ud83d\ude42<\/p>\n

What caught my attention was a screenshot of Hiew showing some err… malware.<\/p>\n

It triggered my interest so I investigated it by looking at it closer:<\/p>\n

\"\"<\/a><\/p>\n

Zoom. Enhance. Hiew 7.10 has been used. Current version is 8.22. This is an old screenshot.<\/p>\n

Zoom. Enhance. With the right equipment it can be enhanced<\/a><\/p>\n

\"\"<\/a><\/p>\n

Hiew: AgtX0408.exe<\/strong><\/p>\n

Googling around for\u00a0AgtX0408.exe<\/strong> brings us the following link:<\/p>\n

http:\/\/activex.microsoft.com\/activex\/controls\/agent2\/AgtX0408.exe<\/a><\/p>\n

Downloaded the file<\/p>\n

The visual comparison brings us the following result:<\/p>\n

 <\/p>\n

\"\"<\/a><\/p>\n

Bingo.<\/p>\n

Conclusion: image recycling at work & this is not a malware.<\/p>\n","protected":false},"excerpt":{"rendered":"

This post won’t make you smarter. Move on. You have been warned \ud83d\ude09   This article on Wired talks about Mikko Hypponen’s war on malware. I haven’t read it \ud83d\ude42 What caught my attention was a screenshot of Hiew showing … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[18],"tags":[],"_links":{"self":[{"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/posts\/826"}],"collection":[{"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/comments?post=826"}],"version-history":[{"count":8,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/posts\/826\/revisions"}],"predecessor-version":[{"id":838,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/posts\/826\/revisions\/838"}],"wp:attachment":[{"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/media?parent=826"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/categories?post=826"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/tags?post=826"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}