SpyAxe, WinHound and now UnSpyPC. Which is next?

Vendors of corrupt anti-spyware software and their numerous affiliates took a fancy to the illegal distribution of their useless and sometimes even dangerous products. Regular users and security experts grew weary of all those SpyAxe, WinHound and similar less prevalent threats. However, malicious persons do not even think of stopping all this madness. Although users no longer believe in fake security alerts, ridiculous reports and other nonsense produced by rogue spyware removers, illegal distribution tactics really work. Another corrupt product distributed that way is UnSpyPC, which made to the 2-Spyware.com corrupt anti-spyware list because of false positives and poor performance.

The program is secretly installed to victim computers by some trojans and insecure web sites, which exploit certain web browser vulnerabilities. UnSpyPC creates unsolicited advertising toolbars on the desktop or/and within the web browser. It can change the desktop background to fake security warning messages, unusual links and images. Furthermore, the threat, similarly to SpyAxe, may redirect the user to harmful web sites and block access to popular legitimate resources. In some cases UnSpyPC and related malicious components may attempt to plant other parasites to compromised computers.

UnSpyPC is very similar to both SpyAxe and WinHound. However, it has one significant difference – most of its files, registry keys and processes have random names. Moreover, UnSpyPC files and registry entries on two infected absolutely identical computers may reside in different locations. This makes it very difficult to completely get rid of this malware without the help of a powerful legitimate spyware remover.

Unfortunately, there is not much information available about this corrupt application. Some of its functions still remain unclear. We have just started researching the parasite and sources it is coming from, so please be patient and wait for latest developments.

Users whose computers have been already compromised by UnSpyPC should follow the latest manual removal instructions.

  • Milt

    This thing attacked my computer this weekend; came in under Norton’s Firewall and Antivirus program’s noses. Exited Internet Explorer and it was on my desktop, then it launched itself. When it started to run I had to try several times to kill it. When it finally quit running after 30 seconds my computer had lost a significant portion of its funtionality. The result was 3 hours of trying to get my XP Pro SP2 computer stable enough to remove as much of it as I could. Took 5 Adaware scans and 2 Norton Antivirus scans to remove it – or so I hope. I can’t believe anything legitimate would make it so difficult to remove it.

Like us on Facebook