optimizerpro3.exe

Optimizer Pro v3.2

PC Utilities Software Limited

Part of the Optimizer Pro / Driver 'PC optimizer' product lines marketed by Adsology and distributed through various bundled software (PPI and commission) channels. The application optimizerpro3.exe, “Optimizer Pro – Clean up your PC” by PC Utilities Software Limited has been detected as a potentially unwanted program by 18 anti-malware scanners. This is a setup program which is used to install the application. The setup routine uses the RevenYou.Com Pay Per Install platform (OutBrowse) which bundles additional software offers inclduing toolbars, extensions, PC utilities as well as other PUPs.
Publisher:
PCUtilities Software Limited  (signed by PC Utilities Software Limited)

Product:
Optimizer Pro v3.2

Description:
Optimizer Pro – Clean up your PC

Version:
3.3.1.7

MD5:
19c996592ade09b55e727c4adbce2dd7

SHA-1:
ceb9dcbea38a6f78b9c6738ffbc2e78ebb1a9712

SHA-256:
34532fd1d494ae86603fae8d07b429558420ae4b01336730d038c23e583aa1c5

Scanner detections:
18 / 68

Status:
Potentially unwanted

Explanation:
Installed with the Optimizer Pro software which is bundled by 3rd-party monetization programs.

Analysis date:
11/5/2024 8:22:34 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Generic.1177371
680

Avira AntiVirus
PUA/OptimizerPro.Gen
7.11.218.214

avast!
Win32:OptimizerPro-A [PUP]
2014.9-150327

AVG
Generic
2016.0.3158

Bkav FE
W32.HfsAdware
1.3.0.6379

Comodo Security
Application.Win32.OptimizerPro.FY
21488

Dr.Web
Trojan.OutBrowse.138
9.0.1.086

F-Secure
Application.Generic.1177921
11.2015-27-03_6

G Data
Win32.Application.OptimizerPro
15.3.25

Kaspersky
Trojan-FakeAV.Win32.Agent
14.0.0.2285

McAfee
Artemis!19C996592ADE
5600.6814

MicroWorld eScan
Trojan.GenericKD.2239329
16.0.0.258

NANO AntiVirus
Riskware.Win32.Unwanted.dnutaa
0.30.8.659

Qihoo 360 Security
Win32/Trojan.f78
1.0.0.1015

Quick Heal
PUA.OptimizerPro.A8
3.15.14.00

Reason Heuristics
PUP.PC Utilities
15.3.27.0

VIPRE Antivirus
Threat.5068139
38552

File size:
6 MB (6,293,456 bytes)

Product version:
3.3.1.7

Copyright:
PCUtilities Software Limited

Original file name:
OptimizerPRO

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\content.ie5\kaaqw1et\optimizerpro3.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
11/20/2014 4:00:00 PM

Valid to:
11/21/2015 3:59:59 PM

Subject:
CN=PC Utilities Software Limited, O=PC Utilities Software Limited, STREET=78 York Street, L=London, PostalCode=W1H 1DP, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F10854548D47F74C920D7091D9057D6E

File PE Metadata
Compilation timestamp:
3/17/2015 7:29:02 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:a15k6VNIbvpVd9FmQbOI+CoLJ8dwdDtkHomq9vCm3yUBQTDZQNVRADsoGwQr2uf:C5vOn9oQv8JvXYomi53z29QNjCkwQRf

Entry address:
0x68BC

Entry point:
E8, 0C, 62, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, 17, EA, FF, FF, 59, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 10, A1, 10, B7, 41, 00, 33, C5, 89, 45, FC, 8B, 55, 18, 53, 33, DB, 56, 57, 3B, D3, 7E, 1F, 8B, 45, 14, 8B, CA, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, C2, 2B, C1, 48, 3B, C2, 7D, 01, 40, 89, 45, 18, 89, 5D, F8, 39, 5D, 24, 75, 0B, 8B, 45, 08, 8B, 00, 8B, 40, 04, 89, 45, 24, 8B, 35, B8, 50, 41, 00...
 
[+]

Entropy:
7.9819  (probably packed)

Code size:
79 KB (80,896 bytes)

The file optimizerpro3.exe has been seen being distributed by the following 2 URLs.

http://cdn.chironexfleckerisilver.com/downloads/offers/.../OptimizerPro3.exe

Remove optimizerpro3.exe - Powered by Reason Core Security