|
My bad . this may not be an exact answer but i hope these docs will help you
http://www.nirsoft.net/dll_information/windows8/profsvc_dll.html
http://www.bleepingcomputer.com/tutorials/how-malware-hides-as-a-service/
Since you said ProfSvc.dll is initiating the connection , all that comes to my mind is a compromised dll or hooked one . I dont see any reason for windows dlls to connect to 3rd party software and aid them in updating .
More details or exact behavior will help in determining the problem. i will suggest you to use an api logger to check the program behavior .
|