Windows Profound Security

Windows Profound Security Description

Type: Adware

ScreenshotWindows Profound Security is a rogue antispyware program that pretends to be a legitimate and trustworthy security program. Windows Profound Security is distributed via bogus online antimalware scanners and unsafe downloads from malicious sources. Windows Profound Security infiltrates into a targeted computer via Trojans, which exploit security holes in web browsers. Once installed on the affected PC, Windows Profound Security starts a fictitious system scan and generates numerous malware threats to intimidate victims into thinking their computers are infected. Windows Profound Security will also display fake security notifications that state your PC is compromised and in danger; however, all scan results and warning messages created by Windows Profound Security are false and inaccurate. As a solution for getting rid of the imaginary computer infections, Windows Profound Security will offer you to buy its full version to allegedly detect and eliminate malware threats. Do not believe or purchase Windows Profound Security. ESG's malware analysts highly recommend you to uninstall Windows Profound Security by using a reputable anti-malware tool.ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

Technical Information

Screenshots & Other Imagery

Windows Profound Security Video

Tip: Turn your sound ON and watch the video in Full Screen mode.

File System Details

Windows Profound Security creates the following file(s):
# File Name Detection Count
1 %AppData%\Protector-[RANDOM 4 CHARACTERS].exe N/A
2 %AppData%\Protector-[RANDOM 3 CHARACTERS].exe N/A
3 %AppData%\NPSWF32.dll N/A
4 %AppData%\1st$0l3th1s.cnf N/A
5 %AppData%\result.db N/A

Registry Details

Windows Profound Security creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "qvnpoksgjc"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Security Center.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zonealarm.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fameh32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorUser" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-7-9_7"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVWEBGRD.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsSvc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorAdmin" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableLUA" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbcons.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ants.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcupdate.exe

More Details on Windows Profound Security

The following messages associated with Windows Profound Security were found:
Attempt to modify registry key entries detected. Registry entry analysis is recommended.
Trojan activity detected. System data security is at risk.
It is recommended to activate protection and run a full system scan.
Firewall has blocked a program from accessing the Internet
C:\program files\internet explorer\iexplore.exe
is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.
Firewall has blocked a program from accessing the Internet
C:program filesinternet exploreriexplore.exe
is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.