» OptProCrash.dll
Overview
Analysis
File Details

OptProCrash.dll

PC Utilities Software Limited

Part of the Optimizer Pro / Driver 'PC optimizer' product lines marketed by Adsology and distributed through various bundled software (PPI and commission) channels. The module OptProCrash.dll by PC Utilities Software Limited has been detected as a potentially unwanted program by 14 anti-malware scanners. Also know as BrowserDefender, this bundled service will prevent various web browser toolbars and extensions from running as well as block changes to the search page and provider.

File name:

OptProCrash.dll

Publisher:

PC Utilities Software Limited (signed and verified)

MD5:

fe5108b30422dc50621d79a062b26009

SHA-1:

e016b14de3cfcc24e1cb1f4b18387268876c4539

SHA-256:

4393482e4b96f87ecb3e5bad1c555a51cc5d5d8b65915a21509c7677c45fa67d

Scanner detections:

14 / 68

Status:

Potentially unwanted

Explanation:

Installed with the Optimizer Pro software which is bundled by 3rd-party monetization programs.

Analysis date:

4/24/2024 11:47:00 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Adware.BProtector.1

1023

Agnitum Outpost

Riskware.Agent

7.1.1

Avira AntiVirus

TR/BProtector.Gen2

7.11.142.186

AVG

MalSign.Generic

2015.0.3501

Bitdefender

Gen:Adware.BProtector.1

1.0.20.540

Emsisoft Anti-Malware

Gen:Adware.BProtector

8.14.04.18.06

ESET NOD32

Win32/SProtector (variant)

8.9666

F-Secure

Gen:Adware.BProtector.1

11.2014-18-04_6

G Data

Gen:Adware.BProtector

14.4.24

IKARUS anti.virus

AdWare.Bprotector

t3scan.1.6.1.0

MicroWorld eScan

Gen:Adware.BProtector.1

15.0.0.324

Panda Antivirus

Trj/BProtect.A

14.04.18.06

Reason Heuristics

PUP.PCUtilities.L

14.8.8.3

Sophos

BProtector

4.98

File size:

3.9 MB (4,110,808 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\optimizer pro\optprocrash.dll

Digital Signature

Signed by:

PC Utilities Software Limited

Authority:

GoDaddy.com, Inc.

Valid from:

4/5/2013 11:29:35 AM

Valid to:

4/3/2015 7:23:14 AM

Subject:

CN=PC Utilities Software Limited, O=PC Utilities Software Limited, L=London, S=UK, C=GB

Issuer:

SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

2B239BABC97410

File PE Metadata

Compilation timestamp:

3/27/2014 8:43:56 AM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

98304:kdnyFdCSCs2qa6hNO6xbRpMT/tQ/VJlypi+10rEtXw5:2yqPs2YhNrx9sFvpoEW

Entry address:

0x18AE19

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, D4, D5, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 00, 64, 26, 10, E8, C8, 50, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 74, 7D, 2A, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 20, 3C, 25, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Entropy:

7.1149

Developed / compiled with:

Microsoft Visual C++

Code size:

2.3 MB (2,425,856 bytes)

Remove OptProCrash.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.