Jump to content

Recommended Posts

What is PC Optimizer Pro?

The Malwarebytes research team has determined that PC Optimizer Pro is a "system optimizer". These so-called "system optimizers" use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems.
More information can be found on our Malwarebytes Labs blog.

How do I know if I am infected with PC Optimizer Pro?

This is how the main screen of the system optimizer looks:

main.png

You will find these icons in your taskbar, your startmenu, your right-click menu, and on your desktop:

icons.png

and see these warnings during install:

warning1.png

warning2.png

and this screen during "operations":

warning5.png

You may see this entry in your list of installed programs:

warning4.png

and these tasks in your list of Scheduled Tasks:

warning3.png

How did PC Optimizer Pro get on my computer?

These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their website:

website.png

How do I remove PC Optimizer Pro?

Our program Malwarebytes can detect and remove this potentially unwanted application.

  • Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.

Is there anything else I need to do to get rid of PC Optimizer Pro?

  • No, Malwarebytes removes PC Optimizer Pro completely.
  • This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks.

How would the full version of Malwarebytes help protect me?

We hope our application and this guide have helped you eradicate this system optimizer.

As you can see below the full version of Malwarebytes would have protected you against the PC Optimizer Pro installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late.

 

protection1.png


and we block access to their domain:
 

protection2.png


Technical details for experts

You may see these entries in FRST logs:

 

(Xportsoft Technologies) C:\Program Files\PC Optimizer Pro\PCOptimizerPro.exe
C:\Windows\System32\Tasks\PC Optimizer Pro Updates
C:\Windows\System32\Tasks\PC Optimizer Pro64 Scan
C:\Windows\System32\Tasks\PC Optimizer Pro Idle
C:\Windows\System32\Tasks\PC Optimizer Pro64 startups
C:\Users\Public\Desktop\PC Optimizer Pro.lnk
C:\Windows\Tasks\PC Optimizer Pro Updates.job
C:\Windows\Tasks\PC Optimizer Pro Idle.job
C:\Windows\Tasks\PC Optimizer Pro64 startups.job
C:\Windows\Tasks\PC Optimizer Pro64 Scan.job
C:\ProgramData\PC Optimizer Pro
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro
C:\Program Files\PC Optimizer Pro

PC Optimizer Pro (HKLM\...\PC Optimizer Pro) (Version: 8.1.1.3 - Xportsoft Technologies) <==== ATTENTION
Task: {40C0E937-E245-4E4D-AFA0-ADF8A091AB63} - System32\Tasks\PC Optimizer Pro64 Scan => C:\Program Files\PC Optimizer Pro\StartApps.exe [2018-05-14] (Xportsoft Technologies) <==== ATTENTION
Task: {B74B0B8F-207E-4606-A368-EB857B144DC9} - System32\Tasks\PC Optimizer Pro Idle => C:\Program Files\PC Optimizer Pro\StartApps.exe [2018-05-14] (Xportsoft Technologies) <==== ATTENTION
Task: {C5B23C4D-31C2-446E-B432-247FDD101532} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe [2018-05-14] (Xportsoft Technologies) <==== ATTENTION
Task: {D564F511-6242-41BA-975D-6AD0875B8DF0} - System32\Tasks\PC Optimizer Pro Updates => C:\Program Files\PC Optimizer Pro\StartApps.exe [2018-05-14] (Xportsoft Technologies) <==== ATTENTION
Task: C:\Windows\Tasks\PC Optimizer Pro Idle.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Optimizer Pro Updates.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Optimizer Pro64 Scan.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION

Alterations made by the installer:
 

File system details [View: All details] (Selection)
---------------------------------------------------
    Adds the folder C:\Program Files\PC Optimizer Pro
       Adds the file data.xml"="7/30/2012 9:57 AM, 3022 bytes, A
       Adds the file PCOptimizerPro.exe"="5/14/2018 11:56 AM, 15137008 bytes, A
       Adds the file PCOptProCtxMenu.dll"="5/14/2018 11:54 AM, 686080 bytes, A
       Adds the file PCOptProTrays.exe"="5/14/2018 11:56 AM, 3023600 bytes, A
       Adds the file StartApps.exe"="5/14/2018 11:56 AM, 433904 bytes, A
       Adds the file uninst.exe"="5/30/2018 10:26 AM, 87967 bytes, A
       Adds the file UpdatesDll.dll"="5/14/2018 11:57 AM, 1033448 bytes, A
    Adds the folder C:\Program Files\PC Optimizer Pro\Languages
       Adds the file DE.xml"="4/18/2018 9:53 AM, 48855 bytes, A
       Adds the file EN.xml"="4/18/2018 9:52 AM, 45684 bytes, A
       Adds the file ES.xml"="4/18/2018 9:53 AM, 50951 bytes, A
       Adds the file FR.xml"="4/18/2018 9:53 AM, 51828 bytes, A
       Adds the file IT.xml"="4/18/2018 9:53 AM, 49902 bytes, A
    Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro
       Adds the file Live Support.url"="5/30/2018 10:26 AM, 87 bytes, A
       Adds the file PC Optimizer Pro.lnk"="5/30/2018 10:26 AM, 916 bytes, A
       Adds the file Uninstallation Guide.url"="5/30/2018 10:26 AM, 90 bytes, A
       Adds the file Visit Website.url"="5/30/2018 10:26 AM, 56 bytes, A
    Adds the folder C:\ProgramData\PC Optimizer Pro\LOGS
       Adds the file REG_LOGS_05_30_2018_10_26_41_AM.log"="5/30/2018 10:27 AM, 85118 bytes, A
    In the existing folder C:\Users\{username}\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
       Adds the file PC Optimizer Pro.lnk"="5/30/2018 10:26 AM, 942 bytes, A
    In the existing folder C:\Users\Public\Desktop
       Adds the file PC Optimizer Pro.lnk"="5/30/2018 10:26 AM, 918 bytes, A
    In the existing folder C:\Windows\System32\Tasks
       Adds the file PC Optimizer Pro Idle"="5/30/2018 10:26 AM, 2876 bytes, A
       Adds the file PC Optimizer Pro Updates"="5/30/2018 10:26 AM, 3460 bytes, A
       Adds the file PC Optimizer Pro64 Scan"="5/30/2018 10:26 AM, 3390 bytes, A
       Adds the file PC Optimizer Pro64 startups"="5/30/2018 10:26 AM, 2854 bytes, A
    In the existing folder C:\Windows\Tasks
       Adds the file PC Optimizer Pro Idle.job"="5/30/2018 10:26 AM, 444 bytes, A
       Adds the file PC Optimizer Pro Updates.job"="5/30/2018 10:26 AM, 446 bytes, A
       Adds the file PC Optimizer Pro64 Scan.job"="5/30/2018 10:26 AM, 414 bytes, A
       Adds the file PC Optimizer Pro64 startups.job"="5/30/2018 10:26 AM, 422 bytes, A

Registry details [View: All details] (Selection)
------------------------------------------------
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\PCProCtxMenu]
       "(Default)"="REG_SZ", "{203ABD21-41F1-4F1B-BAE3-D6A89A90D239}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{203ABD21-41F1-4F1B-BAE3-D6A89A90D239}]
       "(Default)"="REG_SZ", "PCProCtxMenu Class"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{203ABD21-41F1-4F1B-BAE3-D6A89A90D239}\InprocServer32]
       "(Default)"="REG_SZ", "C:\Program Files\PC Optimizer Pro\PCOptProCtxMenu.dll"
       "ThreadingModel"="REG_SZ", "Apartment"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{12AB121E-44C6-488B-8773-B0AE25E662E1}]
       "(Default)"="REG_SZ", "IPCProCtxMenu"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{12AB121E-44C6-488B-8773-B0AE25E662E1}\ProxyStubClsid32]
       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{12AB121E-44C6-488B-8773-B0AE25E662E1}\TypeLib]
       "(Default)"="REG_SZ", "{003B9C22-6FE0-4BCA-A73F-9AA99B9BBDAA}"
       "Version"="REG_SZ", "1.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\PCProCtxMenu]
       "(Default)"="REG_SZ", "{203ABD21-41F1-4F1B-BAE3-D6A89A90D239}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{003B9C22-6FE0-4BCA-A73F-9AA99B9BBDAA}\1.0]
       "(Default)"="REG_SZ", "PCOptProCtxMenu 1.0 Type Library"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{003B9C22-6FE0-4BCA-A73F-9AA99B9BBDAA}\1.0\0\win64]
       "(Default)"="REG_SZ", "C:\Program Files\PC Optimizer Pro\PCOptProCtxMenu.dll"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{003B9C22-6FE0-4BCA-A73F-9AA99B9BBDAA}\1.0\FLAGS]
       "(Default)"="REG_SZ", "0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{003B9C22-6FE0-4BCA-A73F-9AA99B9BBDAA}\1.0\HELPDIR]
       "(Default)"="REG_SZ", "C:\Program Files\PC Optimizer Pro"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{12AB121E-44C6-488B-8773-B0AE25E662E1}]
       "(Default)"="REG_SZ", "IPCProCtxMenu"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{12AB121E-44C6-488B-8773-B0AE25E662E1}\ProxyStubClsid32]
       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{12AB121E-44C6-488B-8773-B0AE25E662E1}\TypeLib]
       "(Default)"="REG_SZ", "{003B9C22-6FE0-4BCA-A73F-9AA99B9BBDAA}"
       "Version"="REG_SZ", "1.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PCOptimizerPro.exe]
       "(Default)"="REG_SZ", "C:\Program Files\PC Optimizer Pro\PCOptimizerPro.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Optimizer Pro]
       "DisplayIcon"="REG_SZ", "C:\Program Files\PC Optimizer Pro\PCOptimizerPro.exe"
       "DisplayName"="REG_SZ", "PC Optimizer Pro"
       "DisplayVersion"="REG_SZ", "8.1.1.3"
       "HelpLink"="REG_SZ", "http://www.pcoptimizerpro.com/help/index.htm"
       "InstallLocation"="REG_SZ", "C:\Program Files\PC Optimizer Pro"
       "MajorVersion"="REG_SZ", "8.1.1.3"
       "MinorVersion"="REG_SZ", "8.1.1.3"
       "Publisher"="REG_SZ", "Xportsoft Technologies"
       "UninstallString"="REG_SZ", "C:\Program Files\PC Optimizer Pro\uninst.exe"
       "URLInfoAbout"="REG_SZ", "http://www.pcoptimizerpro.com/livesupport.aspx?bit=64&tid=STD"
       "VersionMajor"="REG_SZ", "8.1.1.3"
       "VersionMinor"="REG_SZ", "8.1.1.3"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]
       "PC Optimizer Pro Idle.job"="REG_BINARY, ................................
       "PC Optimizer Pro Idle.job.fp"="REG_DWORD", -1207985913
       "PC Optimizer Pro Updates.job"="REG_BINARY, ................................
       "PC Optimizer Pro Updates.job.fp"="REG_DWORD", -138673695
       "PC Optimizer Pro64 Scan.job"="REG_BINARY, ................................
       "PC Optimizer Pro64 Scan.job.fp"="REG_DWORD", 259349527
       "PC Optimizer Pro64 startups.job"="REG_BINARY, ................................
       "PC Optimizer Pro64 startups.job.fp"="REG_DWORD", -1460999399
    [HKEY_LOCAL_MACHINE\SOFTWARE\PC Optimizer Pro]
       "???"="REG_SZ", "1"
       "Application Paths"="REG_SZ", "1"
       "bclck"="REG_SZ", "-1"
       "BrowCnt"="REG_SZ", "230"
       "C???"="REG_SZ", "0"
       "CApplication Paths"="REG_SZ", "0"
       "Cchcache"="REG_SZ", "0"
       "Cchcookies"="REG_SZ", "0"
       "CCOM/ActiveX"="REG_SZ", "0"
       "CCustom Controls"="REG_SZ", "0"
       "CDeep Scan"="REG_SZ", "0"
       "Cdochis"="REG_SZ", "0"
       "Cdskerrlgfls"="REG_SZ", "0"
       "Cdwntmpfldr"="REG_SZ", "0"
       "Cffcache"="REG_SZ", "0"
       "Cffcookies"="REG_SZ", "0"
       "CFile Associations"="REG_SZ", "0"
       "CFile Extensions"="REG_SZ", "0"
       "Cflesrchhis"="REG_SZ", "0"
       "chcache"="REG_SZ", "1"
       "chcookies"="REG_SZ", "1"
       "CHelp && Resources"="REG_SZ", "0"
       "Cieautocomple"="REG_SZ", "0"
       "Ciecache"="REG_SZ", "0"
       "Ciecookies"="REG_SZ", "0"
       "Clgfls"="REG_SZ", "0"
       "Cnscache"="REG_SZ", "0"
       "Cnscookies"="REG_SZ", "0"
       "COM/ActiveX"="REG_SZ", "1"
       "Copcache"="REG_SZ", "0"
       "Copcookies"="REG_SZ", "0"
       "Cpgfls"="REG_SZ", "0"
       "Cprgshcts"="REG_SZ", "0"
       "Creclbn"="REG_SZ", "0"
       "CRnCmdHis"="REG_SZ", "0"
       "CShared Dlls"="REG_SZ", "0"
       "Cstmnckhis"="REG_SZ", "0"
       "Cstmnorhis"="REG_SZ", "0"
       "Ctmpfldr"="REG_SZ", "0"
       "Ctmpwndupfldr"="REG_SZ", "0"
       "CUninstall Entries"="REG_SZ", "0"
       "Custom Controls"="REG_SZ", "1"
       "CWindows Fonts"="REG_SZ", "0"
       "CwndTmpfls"="REG_SZ", "0"
       "Deep Scan"="REG_SZ", "1"
       "dochis"="REG_SZ", "1"
       "dskerrlgfls"="REG_SZ", "1"
       "dwntmpfldr"="REG_SZ", "1"
       "F???"="REG_SZ", "0"
       "FApplication Paths"="REG_SZ", "0"
       "Fchcache"="REG_SZ", "0"
       "Fchcookies"="REG_SZ", "0"
       "FCOM/ActiveX"="REG_SZ", "0"
       "FCustom Controls"="REG_SZ", "0"
       "FDeep Scan"="REG_SZ", "0"
       "Fdochis"="REG_SZ", "0"
       "Fdskerrlgfls"="REG_SZ", "0"
       "Fdwntmpfldr"="REG_SZ", "0"
       "ffcache"="REG_SZ", "1"
       "ffcookies"="REG_SZ", "1"
       "Fffcache"="REG_SZ", "0"
       "Fffcookies"="REG_SZ", "0"
       "FFile Associations"="REG_SZ", "0"
       "FFile Extensions"="REG_SZ", "0"
       "Fflesrchhis"="REG_SZ", "0"
       "FHelp && Resources"="REG_SZ", "0"
       "Fieautocomple"="REG_SZ", "0"
       "Fiecache"="REG_SZ", "0"
       "Fiecookies"="REG_SZ", "0"
       "File Associations"="REG_SZ", "1"
       "File Extensions"="REG_SZ", "1"
       "FixBrowCnt"="REG_SZ", "0"
       "FixInvCnt"="REG_SZ", "0"
       "FixJnkCnt"="REG_SZ", "0"
       "flesrchhis"="REG_SZ", "1"
       "Flgfls"="REG_SZ", "0"
       "Fnscache"="REG_SZ", "0"
       "Fnscookies"="REG_SZ", "0"
       "Fopcache"="REG_SZ", "0"
       "Fopcookies"="REG_SZ", "0"
       "Fpgfls"="REG_SZ", "0"
       "Fprgshcts"="REG_SZ", "0"
       "Freclbn"="REG_SZ", "0"
       "FRnCmdHis"="REG_SZ", "0"
       "FShared Dlls"="REG_SZ", "0"
       "Fstmnckhis"="REG_SZ", "0"
       "Fstmnorhis"="REG_SZ", "0"
       "Ftmpfldr"="REG_SZ", "0"
       "Ftmpwndupfldr"="REG_SZ", "0"
       "FUninstall Entries"="REG_SZ", "0"
       "FWindows Fonts"="REG_SZ", "0"
       "FwndTmpfls"="REG_SZ", "0"
       "Help && Resources"="REG_SZ", "1"
       "ieautocomple"="REG_SZ", "1"
       "iecache"="REG_SZ", "1"
       "iecookies"="REG_SZ", "1"
       "InvCnt"="REG_SZ", "25"
       "isthere"="REG_SZ", "1"
       "JnkCnt"="REG_SZ", "493"
       "lastScan"="REG_SZ", "30-05-2018 10:26:46"
       "lgfls"="REG_SZ", "1"
       "mnrptint"="REG_SZ", "230"
       "mnrptjnk"="REG_SZ", "493"
       "mnrptreg"="REG_SZ", "25"
       "nscache"="REG_SZ", "1"
       "nscookies"="REG_SZ", "1"
       "opcache"="REG_SZ", "1"
       "opcookies"="REG_SZ", "1"
       "pgfls"="REG_SZ", "1"
       "prgshcts"="REG_SZ", "1"
       "reclbn"="REG_SZ", "1"
       "RnCmdHis"="REG_SZ", "1"
       "Scanned"="REG_SZ", "206124"
       "Shared Dlls"="REG_SZ", "1"
       "startonrun"="REG_SZ", "0"
       "stateBrowCnt"="REG_SZ", "11"
       "stateInvCnt"="REG_SZ", "11"
       "stateJnkCnt"="REG_SZ", "14"
       "status"="REG_SZ", "1"
       "stmnckhis"="REG_SZ", "0"
       "stmnorhis"="REG_SZ", "1"
       "TErrors"="REG_SZ", "748"
       "TFixed"="REG_SZ", "0"
       "TFSpace"="REG_SZ", "384.67 MB"
       "tmpfldr"="REG_SZ", "1"
       "tmpwndupfldr"="REG_SZ", "1"
       "TTFixed"="REG_SZ", "0"
       "Uninstall Entries"="REG_SZ", "1"
       "Windows Fonts"="REG_SZ", "1"
       "wndTmpfls"="REG_SZ", "1"
    [HKEY_CURRENT_USER\Software\PC Optimizer Pro]
       "isains"="REG_SZ", "1"
       "isent"="REG_SZ", "1"
       "Lang"="REG_SZ", "EN"
       "lcerr"="REG_SZ", ""
       "LNID"="REG_SZ", "0"

Malwarebytes log:
 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 5/30/18
Scan Time: 10:34 AM
Log File: 54d13cad-63e4-11e8-bf52-080027235d76.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.5302
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {computername}\{username}

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 240721
Threats Detected: 61
Threats Quarantined: 61
Time Elapsed: 2 min, 42 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 1
PUP.Optional.PCOptimizerPro, C:\PROGRAM FILES\PC OPTIMIZER PRO\PCOPTIMIZERPRO.EXE, Quarantined, [1261], [392397],1.0.5302

Module: 2
PUP.Optional.PCOptimizerPro, C:\PROGRAM FILES\PC OPTIMIZER PRO\PCOPTPROCTXMENU.DLL, Quarantined, [1261], [333184],1.0.5302
PUP.Optional.PCOptimizerPro, C:\PROGRAM FILES\PC OPTIMIZER PRO\PCOPTIMIZERPRO.EXE, Quarantined, [1261], [392397],1.0.5302

Registry Key: 23
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PC Optimizer Pro64 Scan, Quarantined, [1261], [325246],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{40C0E937-E245-4E4D-AFA0-ADF8A091AB63}, Quarantined, [1261], [325246],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{40C0E937-E245-4E4D-AFA0-ADF8A091AB63}, Quarantined, [1261], [325246],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PC Optimizer Pro64 startups, Quarantined, [1261], [325246],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C5B23C4D-31C2-446E-B432-247FDD101532}, Quarantined, [1261], [325246],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{C5B23C4D-31C2-446E-B432-247FDD101532}, Quarantined, [1261], [325246],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PC Optimizer Pro Idle, Quarantined, [1261], [260291],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B74B0B8F-207E-4606-A368-EB857B144DC9}, Quarantined, [1261], [260291],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{B74B0B8F-207E-4606-A368-EB857B144DC9}, Quarantined, [1261], [260291],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PC Optimizer Pro Updates, Quarantined, [1261], [260291],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D564F511-6242-41BA-975D-6AD0875B8DF0}, Quarantined, [1261], [260291],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{D564F511-6242-41BA-975D-6AD0875B8DF0}, Quarantined, [1261], [260291],1.0.5302
PUP.Optional.PCOptimizerPro, HKCU\SOFTWARE\PC OPTIMIZER PRO, Quarantined, [1261], [260294],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PC OPTIMIZER PRO, Quarantined, [1261], [260298],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\PC Optimizer Pro, Quarantined, [1261], [333185],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\CLASSES\INTERFACE\{12AB121E-44C6-488B-8773-B0AE25E662E1}, Quarantined, [1261], [333184],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{12AB121E-44C6-488B-8773-B0AE25E662E1}, Quarantined, [1261], [333184],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{12AB121E-44C6-488B-8773-B0AE25E662E1}, Quarantined, [1261], [333184],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\CLASSES\TYPELIB\{003B9C22-6FE0-4BCA-A73F-9AA99B9BBDAA}, Quarantined, [1261], [333184],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{003B9C22-6FE0-4BCA-A73F-9AA99B9BBDAA}, Quarantined, [1261], [333184],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\CLASSES\CLSID\{203ABD21-41F1-4F1B-BAE3-D6A89A90D239}, Quarantined, [1261], [333184],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\CLASSES\CLSID\{203ABD21-41F1-4F1B-BAE3-D6A89A90D239}\InprocServer32, Quarantined, [1261], [333184],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{003B9C22-6FE0-4BCA-A73F-9AA99B9BBDAA}, Quarantined, [1261], [333184],1.0.5302

Registry Value: 12
PUP.Optional.PCOptimizerPro, HKCU\SOFTWARE\PC OPTIMIZER PRO|ISAINS, Quarantined, [1261], [260294],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO64 STARTUPS.JOB, Quarantined, [1261], [411376],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO64 STARTUPS.JOB.FP, Quarantined, [1261], [411376],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO UPDATES.JOB, Quarantined, [1261], [411376],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO UPDATES.JOB.FP, Quarantined, [1261], [411376],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO IDLE.JOB, Quarantined, [1261], [411376],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO IDLE.JOB.FP, Quarantined, [1261], [411376],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO64 SCAN.JOB, Quarantined, [1261], [411376],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO64 SCAN.JOB.FP, Quarantined, [1261], [411376],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PC OPTIMIZER PRO|PUBLISHER, Quarantined, [1261], [260298],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{40C0E937-E245-4E4D-AFA0-ADF8A091AB63}|PATH, Quarantined, [1261], [325241],1.0.5302
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C5B23C4D-31C2-446E-B432-247FDD101532}|PATH, Quarantined, [1261], [325241],1.0.5302

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 3
PUP.Optional.PCOptimizerPro, C:\ProgramData\PC Optimizer Pro\LOGS, Quarantined, [1261], [182300],1.0.5302
PUP.Optional.PCOptimizerPro, C:\PROGRAMDATA\PC OPTIMIZER PRO, Quarantined, [1261], [182300],1.0.5302
PUP.Optional.PCOptimizerPro, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PC OPTIMIZER PRO, Quarantined, [1261], [182301],1.0.5302

File: 20
PUP.Optional.PCOptimizerPro, C:\USERS\PUBLIC\DESKTOP\PC OPTIMIZER PRO.LNK, Quarantined, [1261], [260289],1.0.5302
PUP.Optional.PCOptimizerPro, C:\USERS\{username}\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\PC OPTIMIZER PRO.LNK, Quarantined, [1261], [260312],1.0.5302
PUP.Optional.PCOptimizerPro, C:\WINDOWS\SYSTEM32\TASKS\PC Optimizer Pro64 Scan, Quarantined, [1261], [325246],1.0.5302
PUP.Optional.PCOptimizerPro, C:\WINDOWS\SYSTEM32\TASKS\PC Optimizer Pro64 startups, Quarantined, [1261], [325246],1.0.5302
PUP.Optional.PCOptimizerPro, C:\WINDOWS\SYSTEM32\TASKS\PC Optimizer Pro Idle, Quarantined, [1261], [260291],1.0.5302
PUP.Optional.PCOptimizerPro, C:\WINDOWS\SYSTEM32\TASKS\PC Optimizer Pro Updates, Quarantined, [1261], [260291],1.0.5302
PUP.Optional.PCOptimizerPro, C:\WINDOWS\TASKS\PC Optimizer Pro64 Scan.job, Quarantined, [1261], [325247],1.0.5302
PUP.Optional.PCOptimizerPro, C:\WINDOWS\TASKS\PC Optimizer Pro64 startups.job, Quarantined, [1261], [325247],1.0.5302
PUP.Optional.PCOptimizerPro, C:\WINDOWS\TASKS\PC Optimizer Pro Idle.job, Quarantined, [1261], [260292],1.0.5302
PUP.Optional.PCOptimizerPro, C:\WINDOWS\TASKS\PC Optimizer Pro Updates.job, Quarantined, [1261], [260292],1.0.5302
PUP.Optional.PCOptimizerPro, C:\ProgramData\PC Optimizer Pro\LOGS\REG_LOGS_05_30_2018_10_26_41_AM.log, Quarantined, [1261], [182300],1.0.5302
PUP.Optional.PCOptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro\Live Support.url, Quarantined, [1261], [182301],1.0.5302
PUP.Optional.PCOptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro\PC Optimizer Pro.lnk, Quarantined, [1261], [182301],1.0.5302
PUP.Optional.PCOptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro\Uninstallation Guide.url, Quarantined, [1261], [182301],1.0.5302
PUP.Optional.PCOptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro\Visit Website.url, Quarantined, [1261], [182301],1.0.5302
PUP.Optional.PCOptimizerPro, C:\PROGRAM FILES\PC OPTIMIZER PRO\PCOPTPROCTXMENU.DLL, Quarantined, [1261], [333184],1.0.5302
PUP.Optional.PCOptimizerPro, C:\PROGRAM FILES\PC OPTIMIZER PRO\PCOPTIMIZERPRO.EXE, Quarantined, [1261], [392397],1.0.5302
PUP.Optional.PCOptimizerPro, C:\USERS\{username}\DESKTOP\PCOPTIMIZERPROINSTALLER.EXE, Quarantined, [1261], [392397],1.0.5302
PUP.Optional.PCOptimizerPro, C:\PROGRAM FILES\PC OPTIMIZER PRO\PCOPTPROTRAYS.EXE, Quarantined, [1261], [115333],1.0.5302
PUP.Optional.PCOptimizerPro, C:\PROGRAM FILES\PC OPTIMIZER PRO\UNINST.EXE, Quarantined, [1261], [392397],1.0.5302

Physical Sector: 0
(No malicious items detected)


(end)

As mentioned before the full version of Malwarebytes could have protected your computer against this threat.
We use different ways of protecting your computer(s):

  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention

Save yourself the hassle and get protected.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.