home

optimizerpro.exe

PC Utilities Software Limited

Part of the Optimizer Pro / Driver 'PC optimizer' product lines marketed by Adsology and distributed through various bundled software (PPI and commission) channels. The application optimizerpro.exe by PC Utilities Software Limited has been detected as a potentially unwanted program by 25 anti-malware scanners. Also know as BrowserDefender, this bundled service will prevent various web browser toolbars and extensions from running as well as block changes to the search page and provider. It is also typically executed from the user's temporary directory.
Publisher:
PC Utilities Software Limited  (signed and verified)

MD5:
0ca38f5ee7beab11d297cf2a8f569abe

SHA-1:
2792e8865ba294fe188b9e1fada1d8f0c02853b0

SHA-256:
38902ec38adf358581c024a60ae400c723a0b969e603fa13ff4d23bc0b1a68b6

Scanner detections:
25 / 68

Status:
Potentially unwanted

Explanation:
Installed with the Optimizer Pro software which is bundled by 3rd-party monetization programs.

Analysis date:
4/16/2024 11:43:22 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Bprotector.B
1023

Agnitum Outpost
Trojan.PWS.Tibia
7.1.1

Avira AntiVirus
Adware/BProtector.B.1
7.11.146.2

avast!
Win32:BProtect-J [Trj]
2014.9-140808

AVG
MalSign.Generic
2015.0.3501

Bitdefender
Adware.Bprotector.B
1.0.20.540

Dr.Web
Trojan.PWS.Tibia.2591
9.0.1.0108

Emsisoft Anti-Malware
Adware.Bprotector
8.14.04.18.04

ESET NOD32
Win32/SpeedingUpMyPC
8.9736

Fortinet FortiGate
Riskware/SpeedingUpMyPC
7/7/2014

F-Secure
Adware.Bprotector.B
11.2014-18-04_6

G Data
Adware.Bprotector
14.4.24

herdProtect (fuzzy)
variant of setup.exe (PUP)
2014.7.7.2

IKARUS anti.virus
AdWare.Bprotector
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.180.12586

Kaspersky
Trojan-Ransom.Win32.ZedoPoo
14.0.0.3599

McAfee
Artemis!FF3ACDE6D0B8
5600.7157

MicroWorld eScan
Adware.Bprotector.B
15.0.0.324

NANO AntiVirus
Trojan.Win32.SpeedingUpMyPC.cxypoi
0.28.0.60577

nProtect
Adware.Bprotector.B
14.04.29.01

Panda Antivirus
Trj/Genetic.gen
14.08.08.03

Qihoo 360 Security
Win32/Virus.Adware.cf2
1.0.0.1015

Reason Heuristics
PUP.PCUtilities.M
14.8.8.3

Trend Micro House Call
TROJ_GEN.F47V0414
7.2.188

Vba32 AntiVirus
Hoax.ZedoPoo
3.12.26.3

File size:
6.8 MB (7,136,784 bytes)

File type:
Executable application (Win32 EXE)

Language:
Serbe (latin, Serbie)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\software\optimizerpro.exe

Digital Signature
Signed by:
PC Utilities Software Limited

Authority:
GoDaddy.com, Inc.

Valid from:
4/5/2013 8:29:35 PM

Valid to:
4/3/2015 4:23:14 PM

Subject:
CN=PC Utilities Software Limited, O=PC Utilities Software Limited, L=London, S=UK, C=GB

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B239BABC97410

File PE Metadata
Compilation timestamp:
4/11/2014 4:39:16 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
196608:x4PUxzcXZ6EJHx99Fs7zIGEEn5I6eis0GY363:x4OAdZshEE66dG

Entry address:
0x6869

Entry point:
E8, 67, 5F, 00, 00, E9, 89, FE, FF, FF, FF, 35, 84, E2, 41, 00, FF, 15, 58, 60, 41, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, D9, 53, 00, 00, 6A, 01, 6A, 00, E8, FC, 2E, 00, 00, 83, C4, 0C, E9, C1, 2E, 00, 00, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B...
 
[+]

Code size:
81.5 KB (83,456 bytes)

Remove optimizerpro.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.