Illegally distributed rogue spyware removers are becoming more and more like actual spyware parasites that they should, but usually do not fight against. Furthermore, such products not only leave dangerous threats undetected and intact, but also install an excessive amount of malware themselves. The infamous one-month-old SpyAxe trojan is still on a spreading spree promoting the same-named corrupt anti-spyware. However, it should face a really strong competitor shortly, more advanced and deadly in every aspect. This competitor is the WinHound trojan designed to promote, download and install the WinHound spyware remover and drop a bunch of dangerous spyware and adware pests, browser hijackers, rootkits and other security and privacy risks to the compromised system.
Similarly to SpyAxe the trojan strives to install a corrupt spyware remover, which does not produce false positives, provides updates and indeed detects widely spread spyware and adware parasites. However, this program uses components of PSGuard, another infamous corrupt anti-spyware. Reputable tools detect WinHound files and registry entries as PSGuard objects. This time not only the trojan, but also a program it drops is a dangerous parasite itself.
As for the WinHound trojan, it does much more harm than its predecessor SpyAxe. This threat not only changes the desktop wallpaper to an illegal advertisement, but also hijacks the web browser by changing its default home and page, redirects the user to insecure advertising web sites and silently installs numerous other parasites including various web browser plug-ins, toolbars and search hijackers. Furthermore, WinHound is able to hide its running processes and files by using a certain rootkit. The trojan’s distribution does not differ from SpyAxe’s – it also is stealthily installed without user knowledge and consent by exploiting certain system or web browser vulnerabilities.
The 2-Spyware.com research team has already examined thenew trojan and the spyware remover it attempts to setup (follow provided links for more details). WinHound manual removal instructions are also available. Please use them in order to completely get rid of any WinHound-related malware.
An example of an advertisement that WinHound changes the desktop wallpaper with: