Multi-License Discount Quote

Change Region

English
Threat Database Potentially Unwanted Programs PUP.Optimizer Pro

PUP.Optimizer Pro

By CagedTech in Potentially Unwanted Programs

Threat Scorecard

Popularity Rank: 2,329
Threat Level: 10 % (Normal)
Infected Computers: 158,823
First Seen: February 27, 2012
Last Seen: January 24, 2026
OS(es) Affected: Windows

Aliases

6 security vendors flagged this file as malicious.

Antivirus Vendor Detection
AVG Generic.943
Fortinet Riskware/OptimizerPro
GData Win32.Application.OptimizerPro.D
Comodo Application.Win32.OptimizerPro.FY
K7AntiVirus Trojan ( 004b4eea1 )
AVG PCCleaner.B

SpyHunter Detects & Remove PUP.Optimizer Pro

File System Details

PUP.Optimizer Pro may create the following file(s):
Expand All | Collapse All
# File Name MD5 Detections
1. A0016645.exe 87217247d99dd350a595399fb11b349a 4,135
2. SystemOptimizerPro.exe 1b592c4c5c4163013c0fe3b318e53b58 2,658
3. optimizerpro_soft_partner.exe f99fe6705021d01c4b0cce88ec840900 167
4. updater.exe 745547148e14b08c21dcc94df3e5d907 97
5. ix_updater.exe 2b399e7f9491fb199f4398d113f7a5ca 76
6. OptProSmartScan.exe.vir 90a6db4b67c2be17b017cd62ffd2de9b 71
7. hqghumeaylnlf.exe 2c983fb9a489bd40b7d353db2cd459fa 70
8. OptProLauncher.exe 9196b950852fa2356920dff8ff71e558 10
9. OptimizerProInstaller.exe 16954b7e555944640479c0c15e7158cc 10
10. OPTISetup.exe 1080746182dd51c6f9c89f1ad6a15643 1
11. PCOptimizer.exe 1236e6ac9a8b3d50127885ee047d42a7 1
More files

Registry Details

PUP.Optimizer Pro may create the following registry entry or registry entries:
CLSID
{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
{EBFCF40E-A87B-463F-A782-55BDD4160B5E}
File name without path
LiveSupport.lnk
Optimizer Pro.lnk
www.pcutilitiespro[1].xml
Regexp file mask
%TEMP%\OptimizerPro.exe
%temp%\optprosetup.exe
%WinDir%\System32\Tasks\Optimizer Pro Schedule
%WINDIR%\System32\Tasks\Optscan
%WINDIR%\System32\Tasks\Periodic Synchronize Task
%WINDIR%\Tasks\Optscan.job
%WINDIR%\Tasks\Periodic Synchronize Task.job
HKEY..\..\..\..{RegistryKeys}
Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\_eb12ba5e
Software\LiveSupport
Software\Microsoft\Internet Explorer\DOMStorage\www.pcoptimizerpro.com
software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro
SOFTWARE\Microsoft\Tracing\Optimizer_Pro_RASAPI32
SOFTWARE\Microsoft\Tracing\Optimizer_Pro_RASMANCS
SOFTWARE\Microsoft\Tracing\OptimizerPro_RASAPI32
SOFTWARE\Microsoft\Tracing\OptimizerPro_RASMANCS
SOFTWARE\Microsoft\Tracing\OptProStart_RASAPI32
SOFTWARE\Microsoft\Tracing\OptProStart_RASMANCS
Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Program Files (x86)\Optimizer Pro\OptimizerPro.exe
Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Program Files\Optimizer Pro\OptimizerPro.exe
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimizer Pro Schedule
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OptimizerPro-S-480333868
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Periodic Synchronize Task
Software\Optimizer Pro
SOFTWARE\OptimizerPro
SOFTWARE\Wow6432Node\Microsoft\Tracing\Optimizer_Pro_RASAPI32
SOFTWARE\Wow6432Node\Microsoft\Tracing\Optimizer_Pro_RASMANCS
SOFTWARE\Wow6432Node\Microsoft\Tracing\OptimizerPro_RASAPI32
SOFTWARE\Wow6432Node\Microsoft\Tracing\OptimizerPro_RASMANCS
SOFTWARE\Wow6432Node\Microsoft\Tracing\OptProStart_RASAPI32
SOFTWARE\Wow6432Node\Microsoft\Tracing\OptProStart_RASMANCS
SOFTWARE\Wow6432Node\OptimizerPro
SOFTWARE\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}
SOFTWARE\Wow6432Node\{6791A2F3-FC80-475C-A002-C014AF797E9C}
SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
SYSTEM\ControlSet001\services\23cb3056
SYSTEM\ControlSet001\services\24a6f44f
SYSTEM\ControlSet001\services\c31ed948
SYSTEM\ControlSet002\services\23cb3056
SYSTEM\ControlSet002\services\24a6f44f
SYSTEM\ControlSet002\services\c31ed948
SYSTEM\CurrentControlSet\services\23cb3056
SYSTEM\CurrentControlSet\services\24a6f44f
SYSTEM\CurrentControlSet\services\c31ed948
HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}
LiveSupport_is1
Optimizer Pro v3.2_is1
Optimizer Pro_is1
OptimizerPro
SP_617c7ac4
SP_d1475c3a

Directories

PUP.Optimizer Pro may create the following directory or directories:

%ALLUSERSPROFILE%\Application Data\BetterSoft\OptimizerPro
%ALLUSERSPROFILE%\Application Data\House Of Soft
%ALLUSERSPROFILE%\Application Data\InstallMate\OptimizerPro
%ALLUSERSPROFILE%\Application Data\SetApp
%ALLUSERSPROFILE%\Application Data\SummerSoft
%ALLUSERSPROFILE%\BetterSoft\OptimizerPro
%ALLUSERSPROFILE%\Beware
%ALLUSERSPROFILE%\House Of Soft
%ALLUSERSPROFILE%\InstallMate\OptimizerPro
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\LiveSupport
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
%ALLUSERSPROFILE%\SummerSoft
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
%APPDATA%\Optimizer Pro
%AllUsersProfile%\Application Data\QuickSet
%AllUsersProfile%\Application Data\WinterSoft
%AllUsersProfile%\QuickSet
%AllUsersProfile%\SetApp
%AllUsersProfile%\WinterSoft
%PROGRAMFILES%\Optimizer Pro
%ProgramFiles%\LiveSupport
%ProgramFiles%\Optimizer Pro 3.13
%ProgramFiles%\Optimizer Pro 3.16
%ProgramFiles%\Optimizer Pro 3.31
%ProgramFiles(x86)%\LiveSupport
%ProgramFiles(x86)%\Optimizer Pro 3.13
%ProgramFiles(x86)%\Optimizer Pro 3.16
%ProgramFiles(x86)%\Optimizer Pro 3.31
%USERPROFILE%\Documents\Optimizer Pro
%UserProfile%\My Documents\Optimizer Pro

Analysis Report

General information

Family Name: PUP.Optimizer Pro
Signature status: Modified signature

Known Samples

MD5: 816985324629311183c661179cbf6991
SHA1: 4da6f541b07f2574c3fe32efe5ad86b77b2e6f2c
SHA256: 2030B1C95E9AFBD0F3C7638CAC2750E221BB5DC6A736E72689CAC981D5DDEE02
File Size: 5.81 MB, 5807696 bytes
MD5: 8990d4ddba5c3c44e5578799bbcd689a
SHA1: 56c1d9c428b45a270df28e65387301fa83e3a7f1
SHA256: A3DB3498102EE968D9B25F0F085B770A832DDBB22DF675405F659F886F042F27
File Size: 5.91 MB, 5906352 bytes
MD5: db3ba0bfc3be4473b9b7e1391943f842
SHA1: dd9f99e76ee2e28f35f0778739afeeaf0386643c
SHA256: EA5BC705F5866A8965E9251C7DAC0AEC601D9BC0F7E60AD6C53B1408BB2CEAC3
File Size: 6.67 MB, 6665808 bytes
MD5: 25cd3f335c0c67b0b84d7ce3d0e3ee9e
SHA1: 745abd52a9331c27f9913c76aa773580b87adb2d
SHA256: ED3ABD3419FA635DC2BD06135BA64FFF27A40ED2B8DBBB1909AC7704C0A28BA7
File Size: 2.29 MB, 2292264 bytes
MD5: 3a3aa67dacd184a4e9e7cb56726dfcac
SHA1: b7e02c2caf4f3b184d945b4f7706c73e3a2e7674
SHA256: 81A3B184B742565251E6BEFEB0E835AA507BBA3A82E060AC056EF72B3E2CB182
File Size: 4.53 MB, 4529768 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have resources
  • File has exports table
  • File has TLS information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
Show More
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Comments This installation was built with Inno Setup.
Company Name
  • PC Utilities Pro
  • PC Utilities Software Limited
File Description
  • Fix, clean, optimize your PC!
  • Fix PC problems and optimize performance
File Version
  • 3.2.0.1
  • 3.0.1.0
Internal Name OptimizerPro
Legal Copyright
  • PC Utilities Pro
  • PC Utilities Software Limited
Legal Trademarks PC Utilities Pro
Original Filename OptimizerPro
Product Name
  • Optimizer Pro
  • Optimizer Pro 3.2
Product Version
  • 3.2.0.1
  • 3.0.1.0

Digital Signatures

Signer Root Status
PC Utilities Software Limited AddTrust External CA Root Root Not Trusted
PC Utilities Software Limited UTN-USERFirst-Object Root Not Trusted

Block Information

Total Blocks: 881
Potentially Malicious Blocks: 3
Whitelisted Blocks: 876
Unknown Blocks: 2

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x ? x ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Files Modified

File Attributes
c:\program files (x86)\optimizer pro\cookiesexception.txt Synchronize,Write Data
c:\program files (x86)\optimizer pro\english.ini Synchronize,Write Data
c:\program files (x86)\optimizer pro\file_id.diz Synchronize,Write Data
c:\program files (x86)\optimizer pro\homepage.url Synchronize,Write Data
c:\program files (x86)\optimizer pro\is-1asb3.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\is-3uh8l.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\is-6h697.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\is-6q4ho.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\is-75mev.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\is-a8j1m.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
Show More
c:\program files (x86)\optimizer pro\is-c182b.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\is-dc7nv.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\is-fg97i.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\is-ir2vg.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\is-kmdsg.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\is-lvuh5.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\is-qqjoe.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\is-u2sko.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\is-ufdsa.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\is-ul38b.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\is-vr5fu.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\optimizerpro.chm Synchronize,Write Data
c:\program files (x86)\optimizer pro\optimizerpro.exe Synchronize,Write Data
c:\program files (x86)\optimizer pro\optproguard.exe Synchronize,Write Data
c:\program files (x86)\optimizer pro\optprolauncher.exe Synchronize,Write Data
c:\program files (x86)\optimizer pro\optproreminder.exe Synchronize,Write Data
c:\program files (x86)\optimizer pro\optproschedule.exe Synchronize,Write Data
c:\program files (x86)\optimizer pro\optprosmartscan.exe Synchronize,Write Data
c:\program files (x86)\optimizer pro\optprostart.exe Synchronize,Write Data
c:\program files (x86)\optimizer pro\optprouninstaller.exe Synchronize,Write Data
c:\program files (x86)\optimizer pro\scan.gif Synchronize,Write Data
c:\program files (x86)\optimizer pro\sqlite3.dll Synchronize,Write Data
c:\program files (x86)\optimizer pro\startuplist.txt Synchronize,Write Data
c:\program files (x86)\optimizer pro\unins000.dat Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\program files (x86)\optimizer pro\unins000.exe Synchronize,Write Data
c:\program files (x86)\optimizer pro\unins000.msg Generic Write,Read Attributes
c:\programdata\microsoft\windows\start menu\programs\optimizer pro v3.2\check updates.lnk Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\microsoft\windows\start menu\programs\optimizer pro v3.2\help.lnk Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\microsoft\windows\start menu\programs\optimizer pro v3.2\optimizer pro on the web.lnk Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\microsoft\windows\start menu\programs\optimizer pro v3.2\optimizer pro.lnk Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\programdata\microsoft\windows\start menu\programs\optimizer pro v3.2\uninstall optimizer pro.lnk Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\is-29uka.tmp\_isetup\_setup64.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\is-29uka.tmp\_isetup\_shfoldr.dll Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\is-29uka.tmp\optprocrash.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\is-4rhmr.tmp\56c1d9c428b45a270df28e65387301fa83e3a7f1_0005906352.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\is-eko38.tmp\_isetup\_setup64.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\is-eko38.tmp\_isetup\_shfoldr.dll Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\is-eko38.tmp\itdownload.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\is-eko38.tmp\optprocrash.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\is-eko38.tmp\optprohelper.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\is-on8h1.tmp\optimizer_pro.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\is-p5h4e.tmp\setup.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\is-r7h9f.tmp\_isetup\_setup64.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\is-r7h9f.tmp\_isetup\_shfoldr.dll Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\is-r7h9f.tmp\optprocrash.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\{3246003b-7a9f-4690-86c8-88f7d40c43b2}\setup.exe Generic Write,Read Attributes
c:\users\user\desktop\optimizer pro.lnk Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\windows\temp\optimizer_pro.exe Generic Read,Write Data,Write Attributes,Write extended,Append data

Registry Modifications

Key::Value Data API Name
HKCU\software\optimizer pro::setupname c:\users\user\downloads\4da6f541b07f2574c3fe32efe5ad86b77b2e6f2c_0005807696 RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey
HKCU\software\optimizer pro::language  RegNtPreCreateKey
Show More
HKCU\software\microsoft\windows\currentversion\run::optimizer pro C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::inno setup: setup version 5.5.3 (u) RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::inno setup: app path C:\Program Files (x86)\Optimizer Pro RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::installlocation C:\Program Files (x86)\Optimizer Pro\ RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::inno setup: icon group Optimizer Pro v3.2 RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::inno setup: user Hmhcqhdy RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::inno setup: selected tasks desktopicon RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::inno setup: deselected tasks RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::inno setup: language en RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::displayname Optimizer Pro v3.2 RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::displayicon C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::uninstallstring "C:\Program Files (x86)\Optimizer Pro\unins000.exe" RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::quietuninstallstring "C:\Program Files (x86)\Optimizer Pro\unins000.exe" /SILENT RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::publisher PC Utilities Software Limited RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::urlinfoabout http://www.pcutilitiespro.com RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::helplink http://www.pcutilitiespro.com RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::urlupdateinfo http://www.pcutilitiespro.com RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::nomodify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::norepair  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::installdate % RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\uninstall\optimizer pro_is1::estimatedsize RegNtPreCreateKey
HKCU\software\optimizer pro::cufvalue CUF=0 RegNtPreCreateKey
HKCU\software\optimizer pro::culvalue RegNtPreCreateKey
HKCU\software\optimizer pro::cbm  RegNtPreCreateKey
HKCU\software\optimizer pro::setupname c:\users\user\downloads\b7e02c2caf4f3b184d945b4f7706c73e3a2e7674_0004529768 RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 RegNtPreCreateKey

Windows API Usage

Category API
Process Manipulation Evasion
  • NtUnmapViewOfSection
Process Shell Execute
  • CreateProcess
Anti Debug
  • IsDebuggerPresent
  • NtQuerySystemInformation
User Data Access
  • GetComputerName
  • GetUserName
  • GetUserObjectInformation
Keyboard Access
  • GetKeyState
Network Winsock2
  • WSAttemptAutodialName
Network Winhttp
  • WinHttpOpen
Syscall Use
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtClose
  • ntdll.dll!NtCreateFile
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtQueryAttributesFile
Show More
  • ntdll.dll!NtQueryDebugFilterState
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQuerySystemInformationEx
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtReadFile
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationFile
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWriteFile

Shell Command Execution

C:\Users\Hmhcqhdy\AppData\Local\Temp\{3246003B-7A9F-4690-86C8-88F7D40C43B2}\setup.exe /VERYSILENT
"C:\Users\Hmhcqhdy\AppData\Local\Temp\is-P5H4E.tmp\setup.tmp" /SL5="$2013E,5190660,85504,C:\Users\Hmhcqhdy\AppData\Local\Temp\{3246003B-7A9F-4690-86C8-88F7D40C43B2}\setup.exe" /VERYSILENT
"C:\Users\Joupwlrw\AppData\Local\Temp\is-4RHMR.tmp\56c1d9c428b45a270df28e65387301fa83e3a7f1_0005906352.tmp" /SL5="$10260,5394382,115200,c:\users\user\downloads\56c1d9c428b45a270df28e65387301fa83e3a7f1_0005906352"
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\745abd52a9331c27f9913c76aa773580b87adb2d_0002292264.,LiQMAxHB
C:\Windows\Temp\Optimizer_Pro.exe /VERYSILENT
Show More
"C:\Users\Doclpsxy\AppData\Local\Temp\is-ON8H1.tmp\Optimizer_Pro.tmp" /SL5="$7030A,3916235,118784,C:\Windows\Temp\Optimizer_Pro.exe" /VERYSILENT

Trending

Most Viewed

Loading...