home

unins000.exe

PC Utilities Software Limited

Part of the Optimizer Pro / Driver 'PC optimizer' product lines marketed by Adsology and distributed through various bundled software (PPI and commission) channels. The application unins000.exe by PC Utilities Software Limited has been detected as a potentially unwanted program by 10 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program Optimizer Pro v3.2 by PCUtilities Software Limited.
Publisher:
PC Utilities Software Limited  (signed and verified)

Description:
Setup/Uninstall

Version:
51.1052.0.0

MD5:
cbb47e65d30c1e2168d93c6342228ec6

SHA-1:
71256207e7a47fdc117521c151c018fd2c02f4e5

SHA-256:
a6879f2ba1f5f99e13d9d8948aca3c84461716b6b497560f8517690bce66948a

Scanner detections:
10 / 68

Status:
Potentially unwanted

Explanation:
Installed with the Optimizer Pro software which is bundled by 3rd-party monetization programs.

Analysis date:
4/25/2024 4:16:15 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
Generic
2016.0.3057

Bkav FE
W32.HfsAdware
1.3.0.6979

Comodo Security
TrojWare.Win32.Injector.FVA
22660

Dr.Web
riskware program Program.Unwanted.344
9.0.1.05190

K7 AntiVirus
Riskware
13.207.16606

McAfee
Artemis!CBB47E65D30C
5600.6693

Panda Antivirus
PUP/OptimizerPro
15.07.05.08

Quick Heal
PUA.Pcutilitie.Gen
7.15.14.00

Reason Heuristics
PUP.PC Utilities.PCUtilities.Installer (M)
15.7.5.20

VIPRE Antivirus
OptimizerPro
41692

File size:
1.1 MB (1,176,040 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\optimizer pro 3.99\unins000.exe

Digital Signature
Signed by:
PC Utilities Software Limited

Authority:
COMODO CA Limited

Valid from:
8/26/2014 8:00:00 PM

Valid to:
8/27/2015 7:59:59 PM

Subject:
CN=PC Utilities Software Limited, OU=PC Utlities Software Limited, O=PC Utilities Software Limited, STREET=78 York Street, STREET=England W1H 1DP, STREET=London, L=London, S=England W1H 1DP, PostalCode=W1H 1DP, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0093DD8B6FAE943D113CA18A5DAC967D96

File PE Metadata
Compilation timestamp:
2/4/2013 1:24:58 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:48ZD0cX6W3hXFg1waKc6vkRxI3tKr6wZRZEIRaZQ1L5xMx9WP:RBcSwg4IaRruc

Entry address:
0x100004

Entry point:
55, 8B, EC, 83, C4, F0, 53, 56, 57, B8, C4, E1, 4F, 00, E8, 25, 8F, F0, FF, 6A, EC, A1, 20, 3D, 50, 00, 8B, 00, 8B, 98, 70, 01, 00, 00, 53, E8, C8, 9D, F0, FF, 25, 7F, FF, FF, FF, 50, 6A, EC, A1, 20, 3D, 50, 00, 53, E8, 1D, A0, F0, FF, 33, C0, 55, 68, 7F, 00, 50, 00, 64, FF, 30, 64, 89, 20, 6A, 01, E8, 60, 97, F0, FF, E8, AF, DE, FF, FF, A1, FC, DD, 4F, 00, 50, 68, 60, DE, 4F, 00, A1, 20, 3D, 50, 00, 8B, 00, E8, B4, BC, F7, FF, E8, 03, DF, FF, FF, 33, C0, 5A, 59, 59, 64, 89, 10, EB, 19, E9, 5C, 46, F0, FF...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1019 KB (1,043,456 bytes)

Program Uninstaller
Program name:
Optimizer Pro v3.2

Display publisher:
PCUtilities Software Limited

Display version:
3.3.1.7

Uninstall string:
"C:\Program Files\Optimizer Pro 3.99\unins000.exe" /VERYSILENT


The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ec2-54-213-23-40.us-west-2.compute.amazonaws.com  (54.213.23.40:80)

TCP (HTTP):
Connects to bbc-vip146.telhc.bbc.co.uk  (212.58.244.27:80)

Remove unins000.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.