home

1agrj51.exe

Optimizer Pro v3.2

PC Utilities Software Limited

Part of the Optimizer Pro / Driver 'PC optimizer' product lines marketed by Adsology and distributed through various bundled software (PPI and commission) channels. The application 1agrj51.exe, “OptimizerPro – Clean up your PC” by PC Utilities Software Limited has been detected as a potentially unwanted program by 13 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from d2vubraihqcany.cloudfront.net.
Publisher:
PC Utilities Software Limited  (signed and verified)

Product:
Optimizer Pro v3.2

Description:
OptimizerPro – Clean up your PC

Version:
3.2.0.3

MD5:
67763d862601410fdc81be03a1618539

SHA-1:
e5311e71a453ad50b70cdd4062c1226ab761a51b

SHA-256:
98053e76a8ac73fef7503f4c957e8566e9bba743dca6308bee9a0046b02b8af4

Scanner detections:
13 / 68

Status:
Potentially unwanted

Explanation:
Installed with the Optimizer Pro software which is bundled by 3rd-party monetization programs.

Analysis date:
5/19/2024 12:03:21 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.OptimizerPro
7.1.1

Avira AntiVirus
APPL/OptimizPro.RE
7.11.209.130

AVG
Generic
2016.0.3201

Comodo Security
Application.Win32.OptimizerPro.FY
21040

Dr.Web
Program.Unwanted.168
9.0.1.042

ESET NOD32
Win32/OptimizerEliteMax.C potentially unwanted (variant)
9.11159

G Data
Win32.Application.OptimizerPro
15.2.25

Kaspersky
Trojan-FakeAV.Win32.Agent
14.0.0.2500

McAfee
Artemis!87CDCBDBBDCA
5600.6857

NANO AntiVirus
Riskware.Win32.OptimizerPro.djigxw
0.30.0.65070

Reason Heuristics
PUP.PC Utilities
15.2.11.23

VIPRE Antivirus
OptimizerPro
37444

Zillya! Antivirus
Trojan.Agent.Win32.505789
2.0.0.2062

File size:
5.7 MB (5,949,432 bytes)

Product version:
3.2.0.3

Copyright:
PC Utilities Software Limited

Original file name:
Optimizer Pro

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\{aa4cb6d7-0589-9be2-aa4c-cb6d7058db5c}\1agrj51.exe

Digital Signature
Signed by:
PC Utilities Software Limited

Authority:
COMODO CA Limited

Valid from:
7/29/2014 8:00:00 PM

Valid to:
7/30/2015 7:59:59 PM

Subject:
CN=PC Utilities Software Limited, OU=IT Department, O=PC Utilities Software Limited, STREET=78 York Street, L=London, S=England, PostalCode=W1H 1DP, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CF20EDFB9E9D56F429A44E79C3465805

File PE Metadata
Compilation timestamp:
2/9/2015 3:43:34 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:AQgdCh/88N+81VeLJWp+d9x2eKQMOAeyvr1+XSYoWFxO1JIkTT2vDUlSpyAk:f0G3NV1VUgC9x2eKQOvroX1oWm6kSDnG

Entry address:
0x130F7

Entry point:
E8, 86, 7A, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 20, 55, 42, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 1C, 51, 42, 00, C9, C2, 08, 00, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00...
 
[+]

Entropy:
7.9770  (probably packed)

Code size:
142.5 KB (145,920 bytes)

The file 1agrj51.exe has been seen being distributed by the following URL.

http://d2vubraihqcany.cloudfront.net/Installer/.../OptimizerPro_1102.exe

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to ec2-54-72-9-115.eu-west-1.compute.amazonaws.com  (54.72.9.115:80)

Remove 1agrj51.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.