optimizerpro.exe

Optimizer Pro

PC Utilities Software Limited

Part of the Optimizer Pro / Driver 'PC optimizer' product lines marketed by Adsology and distributed through various bundled software (PPI and commission) channels. The application optimizerpro.exe, “Fix, clean, optimize your PC!” by PC Utilities Software Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. It is also typically executed from an Internet Explorer cache folder. The file has been seen being downloaded from dl.softservers.net.
Publisher:
PC Utilities Pro  (signed by PC Utilities Software Limited)

Product:
Optimizer Pro

Description:
Fix, clean, optimize your PC!

Version:
3.0.1.0

MD5:
1b9b6302fcfec534ff4bdf6836a1fe43

SHA-1:
09720808cd9dfba7928dd26cc1dac2bb3181dd04

SHA-256:
368c17b72fbc47a986223d5db2ec038b11dfa1bf412d776bd6852f70b9ec3b8d

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Installed with the Optimizer Pro software which is bundled by 3rd-party monetization programs.

Analysis date:
11/15/2024 4:30:52 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.PC Utilities.PCUtilit (M)
16.7.12.22

File size:
3.5 MB (3,670,648 bytes)

Product version:
3.0.1.0

Copyright:
PC Utilities Pro

Trademarks:
PC Utilities Pro

Original file name:
OptimizerPro

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\optimizerpro.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
4/5/2013 10:29:35 PM

Valid to:
4/3/2015 6:23:14 PM

Subject:
CN=PC Utilities Software Limited, O=PC Utilities Software Limited, L=London, S=UK, C=GB

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B239BABC97410

File PE Metadata
Compilation timestamp:
6/20/1992 2:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:b/SLoW8pfoXUH1dHeh9KvE/rE1YY9m5dF7sL:+nAVdFSg9mH8

Entry address:
0x13474

Entry point:
55, 8B, EC, B9, 27, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, EC, 33, 41, 00, E8, F8, 26, FF, FF, 33, C0, 55, 68, 44, 39, 41, 00, 64, FF, 30, 64, 89, 20, B2, 01, A1, 38, 2F, 41, 00, E8, 3A, FB, FF, FF, 8B, D8, BA, 01, 00, 00, 80, 8B, C3, E8, CC, FB, FF, FF, B1, 01, BA, 5C, 39, 41, 00, 8B, C3, E8, 22, FC, FF, FF, 84, C0, 74, 20, 8D, 55, EC, 33, C0, E8, FC, F7, FE, FF, 8B, 4D, EC, BA, 7C, 39, 41, 00, 8B, C3, E8, 29, FD, FF, FF, 8B, C3, E8, 6A, FB, FF, FF, B2, 01, 8B, C3, 8B, 08, FF, 51, FC, 8D...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
75 KB (76,800 bytes)

The file optimizerpro.exe has been seen being distributed by the following URL.

Remove optimizerpro.exe - Powered by Reason Core Security