» PCOptimizerPro.exe
Overview
Analysis
File Details
Programs (1)
Network (1)

PCOptimizerPro.exe

PCOptimizerPro

Xportsoft Technologies

The application PCOptimizerPro.exe, “TWEAK REPAIR ENHANCE & PROTECT” by Xportsoft Technologies has been detected as a potentially unwanted program by 5 anti-malware scanners. This file is typically installed with the program PC Optimizer Pro by PC Optimizer Pro, Inc.. While running, it connects to the Internet address rs59.steeprockinc.com on port 80 using the HTTP protocol.

File name:

PCOptimizerPro.exe

Publisher:

Tweaking Tools Inc (signed by Xportsoft Technologies)

Product:

PCOptimizerPro

Description:

TWEAK REPAIR ENHANCE & PROTECT

Version:

6, 1, 6, 6

MD5:

c01bc95022da2790569dade1801c682e

SHA-1:

dcf948288e494dc062c0e312a33bd05a7060b3b3

SHA-256:

688a1878a3cb188e8f92816a281f2d43aaaf746246684d55674c4bece586eee0

Scanner detections:

5 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 2:32:49 PM UTC (today)

Scan engine

Detection

Engine version

Boost by Reason

Optional.XportsoftTechnologies

188838

Dr.Web

riskware program Program.Unwanted.791

9.0.1.024

ESET NOD32

Win32/XportOptimizer.A potentially unwanted application

10.7.0.302.0

IKARUS anti.virus

PUA.XportOptimizer

t3scan.1.8.9.0

Reason Heuristics

Win64.Generic

16.1.24.7

File size:

10.8 MB (11,276,688 bytes)

Product version:

6, 1, 6, 6

Original file name:

PCOptimizerPro.exe

File type:

Executable application (Win64 EXE)

Language:

English (United States)

Common path:

C:\Program Files\pc optimizer pro\pcoptimizerpro.exe

Digital Signature

Signed by:

Xportsoft Technologies

Authority:

The USERTRUST Network

Valid from:

10/21/2010 7:00:00 AM

Valid to:

10/22/2011 6:59:59 AM

Subject:

CN=Xportsoft Technologies, O=Xportsoft Technologies, STREET="Office NO 12-13, Chhabra Complex", STREET=Mahesh Nagar, L=Ambala Cantt, S=Haryana, PostalCode=133001, C=IN

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

56FBF8A7717FD9CBB90C753FF0F4E25F

File PE Metadata

Compilation timestamp:

8/5/2011 6:29:33 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

49152:VGspBRYoB7AuuViIpQ00e9O1LjGBU5VJQpwyHo3XOVQyys6/Ztl+AnPSQdYBowcJ:VVp4oBBSqOVQyyLlvnPSQdSpdy

Entry address:

0xEFF98

Entry point:

48, 83, EC, 28, E8, BF, 8D, 00, 00, 48, 83, C4, 28, E9, 16, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, F9, 52, 14, 00, 75, 11, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 02, F3, C3, 48, C1, C9, 10, E9, 35, 8E, 00, 00, CC, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 30, 49, 8B, D9, 49, 8B, F0, 48, 8B, FA, 4D, 85, C9, 75, 04, 33, C0, EB, 66, 48, 85, C9, 75, 25, E8, C9, 33, 00, 00, BB, 16, 00, 00, 00, 48, 83, 64, 24, 20, 00, 45, 33... 
[+]

Code size:

1.7 MB (1,760,256 bytes)

The file PCOptimizerPro.exe has been discovered within the following program.

PC Optimizer Pro by PC Optimizer Pro, Inc.

This is a PC optimization program that is supposed to increase the speed of computer by removing invalid entries the computer's registry.

www.twekingtools.com/PC Optimizer Pro

53% remove it

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to rs59.steeprockinc.com (69.20.11.235:80)

Remove PCOptimizerPro.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.