home

6206131975

Optimizer Pro v3.2

PC Utilities Software Limited

Part of the Optimizer Pro / Driver 'PC optimizer' product lines marketed by Adsology and distributed through various bundled software (PPI and commission) channels. The file 6206131975, “Fix PC problems and optimize performance” by PC Utilities Software Limited has been detected as a potentially unwanted program by 19 anti-malware scanners. It is also typically executed from the user's temporary directory.
Publisher:
PC Utilities Software Limited  (signed and verified)

Product:
Optimizer Pro v3.2

Description:
Fix PC problems and optimize performance

Version:
3.2.0.2

MD5:
b1561316b321fa771eb80f55f02cd766

SHA-1:
a805c800cc0f5f9b7cf68ed170ff3afe9860311f

SHA-256:
137671783af090c22a37f9dd1d00301c0aff40d651d3a1d38016547e97a02c40

Scanner detections:
19 / 68

Status:
Potentially unwanted

Explanation:
Installed with the Optimizer Pro software which is bundled by 3rd-party monetization programs.

Analysis date:
4/26/2024 11:01:20 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Agent.GN
800

Agnitum Outpost
Riskware.OptimizerPro
7.1.1

Avira AntiVirus
APPL/OptimizPro.RE
7.11.188.58

AVG
Generic
2015.0.3278

Baidu Antivirus
Hacktool.Win32.OptimizerPro
4.0.3.141126

Bitdefender
Application.Agent.GN
1.0.20.1650

Dr.Web
Trojan.PWS.Tibia.2625
9.0.1.0330

ESET NOD32
Win32/AdWare.SpeedingUpMyPC (variant)
8.10766

F-Secure
Application.Agent.GN
11.2014-26-11_4

G Data
Application.Agent.GN
14.11.24

K7 AntiVirus
Adware
13.185.14098

Kaspersky
not-a-virus:RiskTool.Win32.OptimizerPro
14.0.0.2887

McAfee
Artemis!B1561316B321
5600.6934

MicroWorld eScan
Application.Agent.GN
15.0.0.990

NANO AntiVirus
Riskware.Win32.OptimizerPro.dioyqs
0.28.6.63474

Reason Heuristics
PUP.PCUtilities.K
14.11.26.13

Total Defense
Win32/Tnega.SZHEWKB
37.0.11293

VIPRE Antivirus
Trojan.Win32.Generic
35040

Zillya! Antivirus
Trojan.Black.Win32.18731
2.0.0.1991

File size:
5.9 MB (6,162,424 bytes)

Product version:
3.2.0.2

Copyright:
PC Utilities Software Limited

Original file name:
Optimizer Pro

Common path:
C:\users\{user}\appdata\local\temp\6206131975

Digital Signature
Signed by:
PC Utilities Software Limited

Authority:
COMODO CA Limited

Valid from:
7/29/2014 5:00:00 PM

Valid to:
7/30/2015 4:59:59 PM

Subject:
CN=PC Utilities Software Limited, OU=IT Department, O=PC Utilities Software Limited, STREET=78 York Street, L=London, S=England, PostalCode=W1H 1DP, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CF20EDFB9E9D56F429A44E79C3465805

File PE Metadata
Compilation timestamp:
11/20/2014 7:47:34 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:03aro2L84/xkN1LOEUBst7rNAzwPhb+NwQ5H+gOJ58qTQb3lA1cjtNyxBwxboCXu:maL846N1LZSst7uzwFDZOqTQ+c/y8xbi

Entry address:
0x6869

Entry point:
E8, 67, 5F, 00, 00, E9, 89, FE, FF, FF, FF, 35, 84, E2, 41, 00, FF, 15, 58, 60, 41, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, D9, 53, 00, 00, 6A, 01, 6A, 00, E8, FC, 2E, 00, 00, 83, C4, 0C, E9, C1, 2E, 00, 00, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B...
 
[+]

Entropy:
7.9837  (probably packed)

Code size:
81.5 KB (83,456 bytes)

Remove 6206131975 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.