home

7988476659.exe

Optimizer Pro v3.2

PC Utilities Software Limited

Part of the Optimizer Pro / Driver 'PC optimizer' product lines marketed by Adsology and distributed through various bundled software (PPI and commission) channels. The application 7988476659.exe, “OptimizerPro – Clean up your PC” by PC Utilities Software Limited has been detected as a potentially unwanted program by 16 anti-malware scanners.
Publisher:
PC Utilities Software Limited  (signed and verified)

Product:
Optimizer Pro v3.2

Description:
OptimizerPro – Clean up your PC

Version:
3.2.0.3

MD5:
6218b23984e57e9b977599c5415a3fd2

SHA-1:
60867f6f2ba6b24ded8c9a9e75004916112af124

SHA-256:
ba5c967e7ba0655bbe0a30fc4f093a2b974dfcce9e8ec75ac1d88526f885daae

Scanner detections:
16 / 68

Status:
Potentially unwanted

Explanation:
Installed with the Optimizer Pro software which is bundled by 3rd-party monetization programs.

Analysis date:
5/3/2024 1:40:28 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Generic.1134835
6383094

Agnitum Outpost
Riskware.OptimizerPro
7.1.1

Avira AntiVirus
APPL/OptimizPro.RE
7.11.210.134

AVG
Generic
2016.0.3197

Comodo Security
Application.Win32.OptimizerPro.FY
21100

Dr.Web
Trojan.DownLoader12.23956
9.0.1.05190

ESET NOD32
Win32/OptimizerEliteMax.C potentially unwanted application
7.0.302.0

F-Secure
Application.Generic.1134762
11.2015-16-02_2

G Data
Win32.Application.OptimizerPro
15.2.25

Malwarebytes
PUP.Optional.OptimizerPro
v2015.02.16.09

McAfee
Artemis!5332A07CD8B0
5600.6853

MicroWorld eScan
Application.Generic.1134762
16.0.0.141

NANO AntiVirus
Riskware.Win32.OptimizerPro.djigxw
0.30.0.65070

Reason Heuristics
PUP.PC Utilities
15.2.16.9

VIPRE Antivirus
Threat.5068139
37588

Zillya! Antivirus
Trojan.Agent.Win32.505789
2.0.0.2068

File size:
5.7 MB (5,944,312 bytes)

Product version:
3.2.0.3

Copyright:
PC Utilities Software Limited

Original file name:
Optimizer Pro

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\application data\{d4e3aa0c-41c1-4273-d4e3-3aa0c41ca831}\7988476659.exe

Digital Signature
Signed by:
PC Utilities Software Limited

Authority:
COMODO CA Limited

Valid from:
7/29/2014 7:00:00 PM

Valid to:
7/30/2015 6:59:59 PM

Subject:
CN=PC Utilities Software Limited, OU=IT Department, O=PC Utilities Software Limited, STREET=78 York Street, L=London, S=England, PostalCode=W1H 1DP, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CF20EDFB9E9D56F429A44E79C3465805

File PE Metadata
Compilation timestamp:
2/2/2015 3:36:18 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:pQgdANGmvD6FhgqY0jm9cqwm52ECjr0f5huGiZAsyR60PfOy/lDI4u2MLPbg74fB:O0ANdvDWhgql+c9c230fEAzPfOyFiPbR

Entry address:
0x130F7

Entry point:
E8, 86, 7A, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 20, 55, 42, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 1C, 51, 42, 00, C9, C2, 08, 00, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00...
 
[+]

Entropy:
7.9769  (probably packed)

Code size:
142.5 KB (145,920 bytes)

Remove 7988476659.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.