SecurityHome.eu Program:Win32/PCOptimizerPro

Home / malware PDF

Program:Win32/PCOptimizerPro

First posted on 26 April 2010.
Source: SecurityHome
Aliases :
Program:Win32/PCOptimizerPro is also known as PC Optimizer Pro (other).
Explanation :
Program:Win32/PCOptimizerPro is a program that is promoted as a system optimization tool. Some versions of this program may display deceptive or fraudulent claims about files, registry entries and/or other items on the system. These versions are detected by Microsoft security products.
Top

Program:Win32/PCOptimizerPro is a program that is promoted as a system optimization tool. Some versions of this program may display deceptive or fraudulent claims about files, registry entries and/or other items on the system. These versions are detected by Microsoft security products. InstallationWin32/PCOptimizerPro may be installed manually by a Windows computer user. When Program:Win32/PCOptimizerPro is installed, it performs the following changes: Creates the following folders:
%USERPROFILE%\Start Menu\Programs\pc optimizer pro\

%ProgramFiles%\pc optimizer pro\
Creates the following files:
%AppData%\Microsoft\Internet Explorer\Quick Launch\PC Optimizer Pro.lnk

%USERPROFILE%\Desktop\PC Optimizer Pro.lnk

%USERPROFILE%\Desktop\PCOptimizerProSetup.exe->(nsis-6-PCOptimizerPro.exe)

%USERPROFILE%\Start Menu\Programs\pc optimizer pro\PC Optimizer Pro.lnk

%USERPROFILE%\Start Menu\Programs\pc optimizer pro\Uninstall.lnk

%ProgramFiles%\pc optimizer pro\pcophelpfile.chm

%ProgramFiles%\PC Optimizer Pro\PCOptimizerPro.exe

%ProgramFiles%\pc optimizer pro\PCOptimizerPro.exe.manifest

%ProgramFiles%\pc optimizer pro\PCOptProCtxMenu.dll

%ProgramFiles%\pc optimizer pro\PCOptProTrays.exe

%ProgramFiles%\pc optimizer pro\uninst.exe

%ProgramFiles%\pc optimizer pro\UpdatesDll.dll

%windir%\Tasks\PC Optimizer Pro.job
Modifies the registry to run Win32/PCOptimizerPro at each Windows start. Adds value: "PCOptimizerProTray"With data: "%ProgramFiles%\pc optimizer pro\PCOptProTrays.exe"To subkey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Adds other registry subkeys:
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\PCOptmizerProContextMenu

HKLM\Software\Classes\clsid\{EB5A3A22-ECA7-4198-BEBF-2A3DE20513B7}

HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PC Optimizer Pro
Creates a desktop application shortcut resembling the following graphic:

Analysis by Aaron Hulett
Last update 26 April 2010

TOP

Malware :

Last 20