» optimizerpro.exe
Overview
Analysis
File Details
Behaviors (1)
Downloads (1)

optimizerpro.exe

Optimizer Pro v3.2

PC Utilities Software Limited

Part of the Optimizer Pro / Driver 'PC optimizer' product lines marketed by Adsology and distributed through various bundled software (PPI and commission) channels. The application optimizerpro.exe, “Optimizer Pro – Clean up your PC” by PC Utilities Software Limited has been detected as a potentially unwanted program by 38 anti-malware scanners. This is a setup program which is used to install the application. Also know as BrowserDefender, this bundled service will prevent various web browser toolbars and extensions from running as well as block changes to the search page and provider.

File name:

optimizerpro.exe

Publisher:

PCUtilities Software Limited (signed by PC Utilities Software Limited)

Product:

Optimizer Pro v3.2

Description:

Optimizer Pro – Clean up your PC

Version:

3.3.1.7

MD5:

3dc145bd6dd826090e3e17c1d7098fb8

SHA-1:

b1d8d3ac340a143b202b67dc1775737401783699

SHA-256:

eff3606064614e9395e7261fc0b023e6b89bd9d80c56625aa52cc92ee3ffca06

Scanner detections:

38 / 68

Status:

Potentially unwanted

Explanation:

Installed with the Optimizer Pro software which is bundled by 3rd-party monetization programs.

Analysis date:

11/23/2024 12:06:22 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.12849989

364

Agnitum Outpost

Trojan.Inject

7.1.1

AhnLab V3 Security

PUP/Win32.OptimizerPro

2015.04.16

Avira AntiVirus

TR/Bprotector.1969704

7.11.217.14

avast!

PUP-gen [PUP]

2014.9-160206

AVG

Win32/DH{gRKBE4EOICIlABM1gQw}

2017.0.2842

Baidu Antivirus

PUA.Win32.Rezimitpo

4.0.3.1626

Bitdefender

Gen:Variant.Zusy.133230

1.0.20.185

Bkav FE

W32.HfsAdware

1.3.0.6379

Clam AntiVirus

Win.Trojan.Inject-10791

0.98/21511

Comodo Security

Application.Win32.OptimizerPro.FY

21267

Dr.Web

Threat.Undefined

9.0.1.037

Emsisoft Anti-Malware

Gen:Variant.Zusy.133230

8.16.02.06.12

ESET NOD32

Win32/Adware.SpeedingUpMyPC.AB application

10.7.0.302.0

Fortinet FortiGate

W32/Inject.UMUB!tr

2/6/2016

F-Prot

W32/OptimizerPro.H.gen

v6.4.7.1.166

F-Secure

Trojan.Generic.12850669

11.2016-06-02_7

G Data

Win32.Application.OptimizerPro

16.2.25

IKARUS anti.virus

PUA.SpeedingUpMyPC

t3scan.1.8.6.0

K7 AntiVirus

Riskware

13.1915124

Kaspersky

Trojan.Win32.Inject

14.0.0.705

Malwarebytes

PUP.Optional.OptimizerPR0

v2016.02.06.12

McAfee

Artemis!83104CC0EBA4

5600.6498

MicroWorld eScan

Trojan.Generic.12850669

17.0.0.111

NANO AntiVirus

Trojan.Win32.Inject.dprbqo

0.30.16.1110

nProtect

Trojan.GenericKD.2203974

15.03.27.01

Panda Antivirus

Trj/Genetic.gen

16.02.06.12

Qihoo 360 Security

Win32/Trojan.Multi.daf

1.0.0.1015

Quick Heal

PUA.OptimizerPro.A9

2.16.14.00

Reason Heuristics

PUP.PC Utilities.PCUtilities (M)

16.2.6.0

Rising Antivirus

PE:Trojan.Win32.SpeedingUpMyPC.a!1075357520

23.00.65.16204

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R08NC0OC615

7.2.37

Trend Micro

TROJ_GEN.F0C2C00D315

10.465.06

Vba32 AntiVirus

Trojan.Inject

3.12.26.3

VIPRE Antivirus

Threat.4150696

37788

ViRobot

Trojan.Win32.S.Agent.7346640.A[h]

2014.3.20.0

Zillya! Antivirus

Trojan.Inject.Win32.159090

2.0.0.2088

File size:

7 MB (7,339,984 bytes)

Product version:

3.3.1.7

PCUtilities Software Limited

Original file name:

OptimizerPR0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\ProgramData\{a35579fc-946f-6d7d-a355-579fc946e7f2}\optimizerpro.exe

Digital Signature

Signed by:

PC Utilities Software Limited

Authority:

COMODO CA Limited

Valid from:

11/21/2014 1:00:00 AM

Valid to:

11/22/2015 12:59:59 AM

Subject:

CN=PC Utilities Software Limited, O=PC Utilities Software Limited, STREET=78 York Street, L=London, PostalCode=W1H 1DP, C=GB

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00F10854548D47F74C920D7091D9057D6E

File PE Metadata

Compilation timestamp:

2/25/2015 2:07:30 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

196608:hx+PjfCEoXj1/2DneuyDr8jsQEzCNOJvlC0Fq:hxqYx/2LTyDAjsWOJXFq

Entry address:

0xEAC7

Entry point:

E8, 06, 7A, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 20, 95, 42, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 1C, 91, 42, 00, C9, C2, 08, 00, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00... 
[+]

Code size:

160 KB (163,840 bytes)

User Start Menu Item

Name:

OptimizerPro.exe

The file optimizerpro.exe has been seen being distributed by the following URL.

http://ni.daniarelay.com/.../OptimizerPro.exe

Remove optimizerpro.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.