Home Malware Programs Browser Hijackers Yourprofitclub.com


Posted: October 4, 2011

Yourprofitclub.com is a malicious website that uses browser hijackers to force you to Yourprofitclub.com prior to sending you to unrelated sites to inflate traffic and drive revenue towards Yourprofitclub.com's web masters. Even though SpywareRemove.com malware researchers have found that Yourprofitclub.com browser hijackers prefer to attack Firefox, other browsers may also be vulnerable to Yourprofitclub.com redirects, and you should consider your PC infected if you've had any contact with Yourprofitclub.com or a Yourprofitclub.com-affiliated site. Although Yourprofitclub.com's redirects may trigger more frequently and less predictably than those of other browser hijackers (such as Seeearch.com, 5dayoftheweek.com, Morsearch.com or Zinkwink.com), any Yourprofitclub.com infection can be deleted by standard anti-malware procedures and software.

Yourprofitclub.com: A Club That You Don't Want Your PC to Join

Yourprofitclub.com is typical of other websites that peddle fake search result links in that Yourprofitclub.com uses browser hijackers to bully traffic towards itself. You may acquire a browser hijacker by visiting a malicious site that attacks your PC with drive-by-download scripts, although it's also possible to be infected by software that contains a Yourprofitclub.com browser hijacker as part of a bundled installation package. You can protect your browser from drive-by-download attacks by keeping it up-to-date and using stringent script-related security settings, and simply avoiding malicious sites and software will protect you from both means of Yourprofitclub.com infection.

Yourprofitclub.com browser hijackers prefer to infect Firefox in the form of a malicious browser add-on, but you should avoid deleting this add-on in the same way that you'd remove a normal Firefox add-on. Improper deletion of Yourprofitclub.com infections can harm Firefox or your OS, and the preferable method for removing Yourprofitclub.com software is to use an anti-malware scanner.

Unlike legitimate sites, Yourprofitclub.com doesn't have your best interests at heart – any links that Yourprofitclub.com displays will contain advertisements, phishing forms, fake alerts or other forms of misleading and useless data that aren't related to what you're trying to find on the Internet. If you want to avoid additional infection possibilities, SpywareRemove.com malware researchers caution that you should prevent any contact with Yourprofitclub.com's linked sites.

The Browser Hijacker – The Latest Member of Yourprofitclub.com

Yourprofitclub.com's use of browser hijackers is both limited in some ways and exceptionally broad in others – you'll find that Yourprofitclub.com redirects tend to occur in Firefox, but also that they can strike every two or three minutes, regardless of what you're trying to do. This behavior sets Yourprofitclub.com infections apart from standard browser hijackers that tend to trigger only when you try to use a search engine-related site.

Other Yourprofitclub.com-related issues can include:

  • Being unable to change certain browser settings.
  • Browser settings that are changed to undesirable values.
  • Having your homepage locked to Yourprofitclub.com.
  • Being exposed to advertisements and other forms of pop-ups.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Yourprofitclub.com may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%AppData%\Local\[RANDOM CHARACTERS] File name: %AppData%\Local\[RANDOM CHARACTERS]
%AllUsersProfile%\[RANDOM CHARACTERS] File name: %AllUsersProfile%\[RANDOM CHARACTERS]
%AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS] File name: %AppData%\Roaming\Microsoft\Windows\Templates\[RANDOM CHARACTERS]
%AppData%\Local\[RANDOM CHARACTERS].exe File name: %AppData%\Local\[RANDOM CHARACTERS].exe
File type: Executable File
Mime Type: unknown/exe

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%AppData%\Local\[RANDOM CHARACTERS].exe" -a "%Program Files%\Mozilla Firefox\firefox.exe" -safe-mode'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%AppData%\Local\[RANDOM CHARACTERS].exe" -a "%Program Files%\Internet Explorer\iexplore.exe"'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = '1'HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\BrowserEmulation "TLDUpdates" = '1'HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = '"%AppData%\Local\[RANDOM CHARACTERS].exe" -a "%1" %*'HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%AppData%\Local\[RANDOM CHARACTERS].exe" -a "%1" %*'HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%AppData%\Local\[RANDOM CHARACTERS].exe" -a "%1" %*'HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%%AppData%\Local\[RANDOM CHARACTERS].exe" -a "%Program Files%\Mozilla Firefox\firefox.exe"'