» optimizerpro.exe
Overview
Analysis
File Details

optimizerpro.exe

PC Utilities Software Limited

Part of the Optimizer Pro / Driver 'PC optimizer' product lines marketed by Adsology and distributed through various bundled software (PPI and commission) channels. The application optimizerpro.exe by PC Utilities Software Limited has been detected as a potentially unwanted program by 30 anti-malware scanners. Also know as BrowserDefender, this bundled service will prevent various web browser toolbars and extensions from running as well as block changes to the search page and provider.

File name:

optimizerpro.exe

Publisher:

PC Utilities Software Limited (signed and verified)

MD5:

66a59b40ca08b400356f76fa26507335

SHA-1:

6004a8644a3783981ce87b8e9fc896a8937bc9f9

SHA-256:

22b922d8f673e89c49f6ba2ad9a9641f90f0c16e537671c0083f5579f9e013eb

Scanner detections:

30 / 68

Status:

Potentially unwanted

Explanation:

Installed with the Optimizer Pro software which is bundled by 3rd-party monetization programs.

Analysis date:

4/23/2024 6:26:51 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Bprotector.M

857

Agnitum Outpost

PUA.SpeedingUpMyPC

7.1.1

AhnLab V3 Security

PUP/Win32.Agent

2014.09.21

Avira AntiVirus

TR/BProtector.Gen2

7.11.151.96

avast!

Win32:Adware-gen [Adw]

2014.9-141001

AVG

OptimizerPro

2015.0.3335

Bitdefender

Adware.Agent.OBI

1.0.20.1370

Clam AntiVirus

Win.Trojan.Bprotector-2

0.98/19406

Comodo Security

UnclassifiedMalware

18339

Dr.Web

Trojan.NtRootKit.17528

9.0.1.0274

Emsisoft Anti-Malware

Adware.Agent.OBI

8.14.10.01.01

ESET NOD32

Win32/AdWare.SpeedingUpMyPC (variant)

8.9845

Fortinet FortiGate

Riskware/SpeedingUpMyPC

10/1/2014

F-Prot

W32/A-d7153df2

v6.4.7.1.166

F-Secure

Adware.Bprotector.M

11.2014-01-10_4

G Data

Win32.Application.OptimizerPro

14.10.24

IKARUS anti.virus

AdWare.Bprotector

t3scan.1.6.1.0

K7 AntiVirus

Unwanted-Program

13.178.12203

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.3170

McAfee

Artemis!66A59B40CA08

5600.6991

MicroWorld eScan

Adware.Bprotector.M

15.0.0.822

NANO AntiVirus

Riskware.Win32.Agent.czxyzw

0.28.0.60100

nProtect

Adware.Agent.OBI

14.05.19.01

Panda Antivirus

Trj/Chgt.A

14.10.01.01

Qihoo 360 Security

HEUR/Malware.QVM06.Gen

1.0.0.1015

Reason Heuristics

PUP.PCUtilities.M

14.10.1.1

Total Defense

Win32/Tnega.MHdEFO

37.0.11190

Trend Micro House Call

TROJ_GEN.F47V0524

7.2.274

VIPRE Antivirus

Trojan.Win32.Generic!SB.0

28350

Zillya! Antivirus

Trojan.Black.Win32.16768

2.0.0.1927

File size:

6.7 MB (7,023,104 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\opencandy\2caeefbaea0f44eba0b33b3832b295cb\optimizerpro.exe

Digital Signature

Signed by:

PC Utilities Software Limited

Authority:

GoDaddy.com, Inc.

Valid from:

4/18/2014 7:34:54 AM

Valid to:

4/18/2015 7:34:54 AM

Subject:

CN=PC Utilities Software Limited, O=PC Utilities Software Limited, L=London, C=GB

Issuer:

SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

4B6A44F88EC8CF

File PE Metadata

Compilation timestamp:

5/22/2014 7:00:04 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:ryeN3bvJ2++ItVC3GRp5qrAbG43K2FS7TfFTS5sr2hzuYAKLhuUX0Yzem:ekLvo++MGSFSCsQMghF03m

Entry address:

0x3D74C

Entry point:

55, 8B, EC, 83, C4, F0, B8, F8, A5, 43, 00, E8, 14, C4, FC, FF, E8, 03, 86, FC, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.9795

Developed / compiled with:

Microsoft Visual C++

Code size:

240.5 KB (246,272 bytes)

Remove optimizerpro.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.