» optimizerpro.exe
Overview
Analysis
File Details
Downloads (1)

optimizerpro.exe

Optimizer Pro v3.2

PC Utilities Software Limited

Part of the Optimizer Pro / Driver 'PC optimizer' product lines marketed by Adsology and distributed through various bundled software (PPI and commission) channels. The application optimizerpro.exe, “Optimizer Pro – Clean up your PC” by PC Utilities Software Limited has been detected as a potentially unwanted program by 33 anti-malware scanners. This is a setup program which is used to install the application. The setup routine uses the RevenYou.Com Pay Per Install platform (OutBrowse) which bundles additional software offers inclduing toolbars, extensions, PC utilities as well as other PUPs.

File name:

optimizerpro.exe

Publisher:

PCUtilities Software Limited (signed by PC Utilities Software Limited)

Product:

Optimizer Pro v3.2

Description:

Optimizer Pro – Clean up your PC

Version:

3.3.1.7

MD5:

7b189334a44088439fe8a4bfa006b38f

SHA-1:

c4d626fe76ab0d3e586bbe322f6f6ee56b68f58f

SHA-256:

9a48fe2828607b8bb0405ff748ec0087fda417b5d93ce39ed98e4e9786dca9fd

Scanner detections:

33 / 68

Status:

Potentially unwanted

Explanation:

Installed with the Optimizer Pro software which is bundled by 3rd-party monetization programs.

Analysis date:

11/27/2024 3:31:10 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Generic.1275488

400

Agnitum Outpost

FraudTool.Agent

7.1.1

AhnLab V3 Security

PUP/Win32.OptimizerPro

2015.04.02

Avira AntiVirus

TR/Dropper.Gen

7.11.30.172

avast!

Win32:OptimizerPro-A [PUP]

2014.9-160101

AVG

Generic

2017.0.2878

Bitdefender

Trojan.GenericKD.2239329

1.0.20.5

Bkav FE

W32.HfsAdware

1.3.0.6379

Clam AntiVirus

Win.Trojan.Agent-861709

0.98/21511

Comodo Security

Application.Win32.OptimizerPro.FY

21526

Dr.Web

riskware program Program.Unwanted.295, Trojan.OutBrowse.138

9.0.1.01

Emsisoft Anti-Malware

Trojan.GenericKD.2239329

8.16.01.01.09

ESET NOD32

Win32/Adware.SpeedingUpMyPC.AF application

10.7.0.302.0

Fortinet FortiGate

W32/Agent.IRAS!tr

1/1/2016

F-Prot

W32/OptimizerPro.J.gen

v6.4.7.1.166

F-Secure

Trojan.GenericKD.2239329

11.2016-01-01_6

G Data

Trojan.GenericKD.2239329

16.1.25

IKARUS anti.virus

Trojan-FakeAV.Win32.Agent

t3scan.1.8.6.0

K7 AntiVirus

Adware

13.204.16076

Kaspersky

Trojan-FakeAV.Win32.Agent

14.0.0.883

Malwarebytes

PUP.Optional.OptimizerPR0

v2016.01.01.09

McAfee

Artemis!6BDD03C754FB

5600.6534

MicroWorld eScan

Application.Generic.1177921

17.0.0.3

NANO AntiVirus

Riskware.Win32.Unwanted.dnutaa

0.30.8.659

nProtect

Trojan.GenericKD.2239329

15.03.24.01

Panda Antivirus

PUP/OptimizerPro

16.01.01.09

Qihoo 360 Security

HEUR/QVM41.1.Malware.Gen

1.0.0.1015

Quick Heal

PUA.OptimizerPro.A8

1.16.14.00

Reason Heuristics

PUP.PC Utilities.PCUtilities (M)

16.1.1.9

Trend Micro House Call

Suspicious_GEN.F47V0320

7.2.1

Vba32 AntiVirus

TrojanFakeAV.Agent

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

38744

Zillya! Antivirus

Trojan.Agent.Win32.513866

2.0.0.2113

File size:

6 MB (6,293,456 bytes)

Product version:

3.3.1.7

PCUtilities Software Limited

Original file name:

OptimizerPRO

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\optimizerpro.exe

Digital Signature

Signed by:

PC Utilities Software Limited

Authority:

COMODO CA Limited

Valid from:

11/20/2014 7:00:00 PM

Valid to:

11/21/2015 6:59:59 PM

Subject:

CN=PC Utilities Software Limited, O=PC Utilities Software Limited, STREET=78 York Street, L=London, PostalCode=W1H 1DP, C=GB

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00F10854548D47F74C920D7091D9057D6E

File PE Metadata

Compilation timestamp:

3/17/2015 10:29:02 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

98304:015k6VNIbvpVd9FmQbOI+CoLJ8dwdDtkHomq9vCm3yUBQTDZQNVRADsoGwQr2ui:M5vOn9oQv8JvXYomi53z29QNjCkwQRi

Entry address:

0x68BC

Entry point:

E8, 0C, 62, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, 17, EA, FF, FF, 59, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 10, A1, 10, B7, 41, 00, 33, C5, 89, 45, FC, 8B, 55, 18, 53, 33, DB, 56, 57, 3B, D3, 7E, 1F, 8B, 45, 14, 8B, CA, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, C2, 2B, C1, 48, 3B, C2, 7D, 01, 40, 89, 45, 18, 89, 5D, F8, 39, 5D, 24, 75, 0B, 8B, 45, 08, 8B, 00, 8B, 40, 04, 89, 45, 24, 8B, 35, B8, 50, 41, 00... 
[+]

Entropy:

7.9819 (probably packed)

Code size:

79 KB (80,896 bytes)

The file optimizerpro.exe has been seen being distributed by the following URL.

http://da.supralinkfluence.com/.../OptimizerPro.exe

Remove optimizerpro.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.