1 of 7
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Block exe files from running
  • Installs itself without permissions
  • Connects to the internet without permission
  • Slow internet connection
  • System crashes
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:
WindowsProfileSystem

Windows Profile System

The Fake Microsoft Security Essentials scam contains a series of computer infections. Windows Profile System is the newest rogue antispyware on the list. It is exactly the same as the previous clones which include Windows Precautions Center, Windows Repairing System, Windows Safeguard Utility and so on. Since Windows Profile System comes from the same nest as the previously mentioned programs, it looks identical to the previously released threats.

Download Spyware Removal Tool to Remove* Windows Profile System
  • Quick & tested solution for Windows Profile System removal.
  • 100% Free Scan for Windows

It has a sleek interface which mimics the graphics of the operating system, in order to make it look like Windows Profile System is a legitimate program. The rogue is programmed to show the type of the infected computer's processor and the bottom of its scan window, which also contributes to persuading the user that the program is useful and reliable. However, that is far from truth. Windows Profile System only mimics the functions of an antivirus program, and it starts right after the installation.

When Windows Profile System gets into the system it shows the user a fake security alert message which screeches about an Unknown Win32/Trojan present in the system. The message that comes with this alert is as follows:

Microsoft Security Essentials Alert
Potential Threat Details
Microsoft Security Essentials detected potential threats that might compromise your private or damage your computer. Your access to these items may be suspended until you take an action. Click 'show details' to learn more.

Then Windows Profile System urges the user to perform a full system scan. Even though the scan is obviously fake, the rogue continues to assault the user with security messages about non-existent Trojan.Horse.Win32.PAV.64.a. parasite. "Luckily" the rogue will offer you a solution for the "problem" saying:

Threat prevention solution found
Security system analysis has revealed critical file system vulnerability caused by severe malware attacks.
Risk of system files infection:
The detected vulnerability may result in unauthorized access to private information and hard drive data with a serious possibility of irreversible data loss and unstable PC performance. To remove the malware please run a full system scan. Press 'OK' to install the software necessary to initiate system files check. To complete the installation process please reboot your computer.

If the user presses "OK" then the full download of Windows Profile System is initiated and after the install the rogue will reboot the computer. When the computer loads again The Windows Profile System screen shows up and prompts the user to scan the computer again, as a 'result' showing multiple infections. The user has to understand that these infections do not exist in this computer. Windows Profile System is a threat which has been created to rip the users off. So it sends endless streams of security alert messages in hopes of making the user purchase the license for the program.

The user should never do that, because purchasing the program requires the user to expose his personal and banking information to the third parties. That information later can be used by the creators of Windows Profile System to perform illegal operations. In the end the user is left without any money in his account. Since there is nothing good about this rogue, the user must remove Windows Profile System from his computer no matter what. It can be done manually or automatically. Manual removal requires advanced computing skills while during the automatic removal Windows Profile System is destroyed by a malware detector tool.

Make sure you get rid of Windows Profile System and safeguard your system against future malware attacks.

Download Spyware Removal Tool to Remove* Windows Profile System
  • Quick & tested solution for Windows Profile System removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Windows Profile System

Files associated with Windows Profile System infection:

%AppData%\Microsoft\[random].exe
psgsks.exe

Windows Profile System processes to kill:

psgsks.exe
%AppData%\Microsoft\[random].exe

Remove Windows Profile System registry entries:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\afwserv.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastsvc.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.