SecurityHome.eu Misleading:Win32/PerfectOptimizer

Home / malware PDF

Misleading:Win32/PerfectOptimizer

First posted on 04 September 2013.
Source: Microsoft
Aliases :
There are no other names known for Misleading:Win32/PerfectOptimizer.
Explanation :
Threat behaviorProgram:Win32/PerfectOptimizer is the detection name used by Microsoft security products for a series of programs that the author markets as system optimization tools. Product names include Perfect Optimizer, Optimizer Tool, Registry Corrector, and FixMum. Some versions of these programs may display deceptive or fraudulent claims about files, registry entries and/or other items on the system. These versions are detected by Microsoft security products.

Installation

The following system changes may occur when Program:Win32/PerfectOptimizer is installed, depending on which version is found on the computer:

Perfect Optimizer:

Creates the following registry subkey:
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A14A8608-CF1C-4010-A348-7EA220C70305}_is1

Creates the following folders:
%ProgramFiles%\Perfect Optimizer
%ProgramFiles%\Perfect Optimizer\config
%ProgramFiles%\Perfect Optimizer\Data
%ProgramFiles%\Perfect Optimizer\Data\Service
%ProgramFiles%\Perfect Optimizer\Update
%UserProfile%\Start Menu\Programs\Perfect Optimizer

Creates the following files:
%AppData%\Microsoft\Internet Explorer\Quick Launch\Perfect Optimizer.lnk
%ProgramFiles%\Perfect Optimizer\aamd532.dll
%ProgramFiles%\Perfect Optimizer\ActiveX.dat
%ProgramFiles%\Perfect Optimizer\Apps.dat
%ProgramFiles%\Perfect Optimizer\components.dat
%ProgramFiles%\Perfect Optimizer\is-3BTBN.tmp
%ProgramFiles%\Perfect Optimizer\is-D2UGJ.tmp
%ProgramFiles%\Perfect Optimizer\License.dll
%ProgramFiles%\Perfect Optimizer\miraclelib.dll
%ProgramFiles%\Perfect Optimizer\perfectoptimizer.exe
%ProgramFiles%\Perfect Optimizer\SERepair.DLL
%ProgramFiles%\Perfect Optimizer\SERes.DLL
%ProgramFiles%\Perfect Optimizer\sqlite3.dll
%ProgramFiles%\Perfect Optimizer\unins000.dat
%ProgramFiles%\Perfect Optimizer\unins000.exe
%ProgramFiles%\Perfect Optimizer\Update.exe
%ProgramFiles%\Perfect Optimizer\updatewindows.exe
%ProgramFiles%\Perfect Optimizer\website.url
%ProgramFiles%\Perfect Optimizer\Config.mdb
%ProgramFiles%\Perfect Optimizer\config\about.bmp
%ProgramFiles%\Perfect Optimizer\config\head.bmp
%ProgramFiles%\Perfect Optimizer\config\logo.ico
%ProgramFiles%\Perfect Optimizer\config\Menu.xml
%ProgramFiles%\Perfect Optimizer\config\perfectoptimzer.chm
%ProgramFiles%\Perfect Optimizer\config\register.jpg
%ProgramFiles%\Perfect Optimizer\config\smalllogo.bmp
%ProgramFiles%\Perfect Optimizer\config\splash.jpg
%ProgramFiles%\Perfect Optimizer\config\website.url
%ProgramFiles%\Perfect Optimizer\Data\Service\campus_model.bat
%ProgramFiles%\Perfect Optimizer\Data\Service\default_model.bat
%ProgramFiles%\Perfect Optimizer\Data\Service\home_model.bat
%ProgramFiles%\Perfect Optimizer\Data\Service\interner_model.bat
%ProgramFiles%\Perfect Optimizer\Data\Service\notebook_model.bat
%ProgramFiles%\Perfect Optimizer\Data\Service\office_model.bat
%UserProfile%\Desktop\Perfect Optimizer.lnk
%UserProfile%\Start Menu\Programs\Perfect Optimizer\uninstall.lnk
%UserProfile%\Start Menu\Programs\Perfect Optimizer\Perfect Optimizer.lnk
%UserProfile%\Start Menu\Programs\Perfect Optimizer\Website.lnk

Optimizer Tool:

Creates the following registry subkey:
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CurrentVersion\Uninstall\{86F4A7EB-1DB9-44D4-B17B-1D90CD56F29E}_is1

Creates the following folders:
%ProgramFiles%\Optimizer Tool
%ProgramFiles%\Optimizer Tool\Backup %ProgramFiles%\Optimizer Tool\Backup\Application %ProgramFiles%\Optimizer Tool\Backup\Registry %ProgramFiles%\Optimizer Tool\Backup\Registry\FirstBackup %ProgramFiles%\Optimizer Tool\Backup\Registry\FullBackup %ProgramFiles%\Optimizer Tool\Backup\Service %ProgramFiles%\Optimizer Tool\config %ProgramFiles%\Optimizer Tool\Data %ProgramFiles%\Optimizer Tool\Data\Service %ProgramFiles%\Optimizer Tool\Temp %ProgramFiles%\Optimizer Tool\Update %UserProfile%\Start Menu\Programs\Optimizer Tool

Creates the following files:
%ProgramFiles%\Optimizer Tool\aamd532.dll
%ProgramFiles%\Optimizer Tool\ActiveX.dat%ProgramFiles%\Optimizer Tool\ActiveXSecurity.dll%ProgramFiles%\Optimizer Tool\Apps.dat%ProgramFiles%\Optimizer Tool\Components.dat%ProgramFiles%\Optimizer Tool\Config.db%ProgramFiles%\Optimizer Tool\config\about.bmp%ProgramFiles%\Optimizer Tool\config\head.bmp%ProgramFiles%\Optimizer Tool\config\Lng2Const.xml%ProgramFiles%\Optimizer Tool\config\logo.ico%ProgramFiles%\Optimizer Tool\config\Menu.xml%ProgramFiles%\Optimizer Tool\config\OptimizerTool.chm%ProgramFiles%\Optimizer Tool\config\register.jpg%ProgramFiles%\Optimizer Tool\config\SmallLogo.bmp%ProgramFiles%\Optimizer Tool\config\splash.jpg%ProgramFiles%\Optimizer Tool\config\website.url%ProgramFiles%\Optimizer Tool\Data\Service\campus_model.bat%ProgramFiles%\Optimizer Tool\Data\Service\default_model.bat%ProgramFiles%\Optimizer Tool\Data\Service\home_model.bat%ProgramFiles%\Optimizer Tool\Data\Service\interner_model.bat%ProgramFiles%\Optimizer Tool\Data\Service\notebook_model.bat%ProgramFiles%\Optimizer Tool\Data\Service\office_model.bat%ProgramFiles%\Optimizer Tool\DriverBackup.dll%ProgramFiles%\Optimizer Tool\FileShred.dll%ProgramFiles%\Optimizer Tool\FreeUse.dll%ProgramFiles%\Optimizer Tool\InstallDll.dll%ProgramFiles%\Optimizer Tool\JunkFileClean.dll%ProgramFiles%\Optimizer Tool\License.dll%ProgramFiles%\Optimizer Tool\MiracleLib.dll%ProgramFiles%\Optimizer Tool\OptimizerTool.exe%ProgramFiles%\Optimizer Tool\PerfectOptimizer.ini%ProgramFiles%\Optimizer Tool\SEClean.DLL%ProgramFiles%\Optimizer Tool\SERes.DLL%ProgramFiles%\Optimizer Tool\sqlite3.dll%ProgramFiles%\Optimizer Tool\SystemBackup.dll%ProgramFiles%\Optimizer Tool\unins000.dat%ProgramFiles%\Optimizer Tool\unins000.exe%ProgramFiles%\Optimizer Tool\Update.exe%ProgramFiles%\Optimizer Tool\website.url%ProgramFiles%\Optimizer Tool\WinUpdate.exe%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Optimizer Tool.lnk%UserProfile%\Desktop\Optimizer Tool.lnk%UserProfile%\Start Menu\Programs\Optimizer Tool\Optimizer Tool.lnk%UserProfile%\Start Menu\Programs\Optimizer Tool\Uninstall.lnk%UserProfile%\Start Menu\Programs\Optimizer Tool\Website.lnk%WinDir%\Tasks\OptimizerTool_Home.Job

Registry Corrector:

Creates the following registry subkeys:
HKLM\SOFTWARE\CLASSES\CLSID\{0C290501-32F6-4563-8976-953C2322FF59}
HKLM\SOFTWARE\CLASSES\CLSID\{16927A58-1148-4985-8666-B8B2B2417E1C} HKLM\SOFTWARE\CLASSES\CLSID\{4FDAA60D-9DCF-4B05-B22D-5B240762C7AC} HKLM\SOFTWARE\CLASSES\CLSID\{54D3822A-CE66-4338-834E-4F0868BE2CAA} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000266-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000400-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000500-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000501-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000503-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000504-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000505-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000506-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000508-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{0000050C-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{0000050D-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{0000050E-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000512-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000513-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000515-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000534-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{0000054C-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{0000054D-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{0000054E-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{0000054F-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000550-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000555-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000556-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000562-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000564-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000565-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{00000569-0000-0010-8000-00AA006D2EA4} HKLM\SOFTWARE\CLASSES\INTERFACE\{6D055842-2750-4EB9-9549-050ED4E6E122} HKLM\SOFTWARE\CLASSES\INTERFACE\{A47F99EB-38AE-45B4-B206-6E897B18CFC3} HKLM\SOFTWARE\CLASSES\INTERFACE\{AAC8EF57-370E-48F0-A3D9-7CF227F9742F} HKLM\SOFTWARE\CLASSES\INTERFACE\{B08400BD-F9D1-4D02-B856-71D5DBA123E9} HKLM\SOFTWARE\CLASSES\INTERFACE\{BB6E88A6-D821-441D-8FDE-B576B3AFCED5} HKLM\SOFTWARE\CLASSES\TYPELIB\{373D6A60-A03B-4B99-8BD0-5A7B6AFE3427} HKLM\SOFTWARE\CLASSES\TYPELIB\{373D6A60-A03B-4B99-8BD0-5A7B6AFE3427}\1.0 HKLM\SOFTWARE\CLASSES\TYPELIB\{EF53050B-882E-4776-B643-EDA472E8E3F2} HKLM\SOFTWARE\CLASSES\TYPELIB\{EF53050B-882E-4776-B643-EDA472E8E3F2}\2.7

Creates the following folders:
%ProgramFiles%\Registry Corrector
%ProgramFiles%\Registry Corrector\images %ProgramFiles%\Registry Corrector\panelHTML %ProgramFiles%\Registry Corrector\panelHTML\images %WinDir%\system32\RegistryCorrector %WinDir%\system32\RegistryCorrector\Backup %WinDir%\system32\RegistryCorrector\Backup\Favourite %WinDir%\system32\RegistryCorrector\Backup\Registry

Creates the following files:
%ProgramFiles%\Registry Corrector\ActiveXLists.DAT
%ProgramFiles%\Registry Corrector\applications.ldb %ProgramFiles%\Registry Corrector\applications.mdb %ProgramFiles%\Registry Corrector\FileAssociation.ini %ProgramFiles%\Registry Corrector\IEComponentRepair.ini %ProgramFiles%\Registry Corrector\IERestoreDefualt.ini %ProgramFiles%\Registry Corrector\images\1.ico %ProgramFiles%\Registry Corrector\images\2.ico %ProgramFiles%\Registry Corrector\images\3.ico %ProgramFiles%\Registry Corrector\images\4.ico %ProgramFiles%\Registry Corrector\images\5.ico %ProgramFiles%\Registry Corrector\images\Thumbs.db %ProgramFiles%\Registry Corrector\junks.txt %ProgramFiles%\Registry Corrector\MemWarp.dll %ProgramFiles%\Registry Corrector\msado27.tlb %ProgramFiles%\Registry Corrector\MSVBVM60.dll %ProgramFiles%\Registry Corrector\panelHTML\images\backup.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\backup_drivers.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\backup_drivers_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\backup_favourite.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\backup_favourite_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\backup_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\backup_registry.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\backup_registry_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\backupandrestore.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\backupandrestoreon.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\backupcompleteregistryoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\backupcompleteregistryon.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\backupfavouritesoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\backupfavouriteson.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\cleansweepoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\cleansweepon.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\complete_status.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\complete_status_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\completestatus.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\completestatuson.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\evidence_cleaner.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\evidence_cleaner_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\file_shredder.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\file_shredder_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\fileshredderoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\fileshredderon.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\fixandrepairoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\fixandrepairon.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\homeoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\homeon.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\internet_explorer_corrector.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\internet_explorer_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\junk_cleaner.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\junk_cleaner_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\junkscrubberoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\junkscrubberon.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\line.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\manage.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\manage_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\memory_optimizer.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\memory_optimizer_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\memoryoptimizeroff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\memoryoptimizeron.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\one_click_scan.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\one_click_scan_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\one_click_scan-hover.JPG %ProgramFiles%\Registry Corrector\panelHTML\images\one_click-scan.JPG %ProgramFiles%\Registry Corrector\panelHTML\images\optimize.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\optimize_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\optimizeroff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\optimizeron.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\pc_optimizer.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\pc_optimizer_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\pcdriverbackupsoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\pcdriverbackupson.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\pcoptimizeroff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\pcoptimizeron.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\privacyguardoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\privacyguardon.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\project_icon.ico %ProgramFiles%\Registry Corrector\panelHTML\images\registry_cleaner.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\registry_cleaner_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\registryscrubberoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\registryscrubberon.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\repairinternetexploreroff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\repairinternetexploreron.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\repairsystemoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\repairsystemon.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\repairwindowsoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\repairwindowson.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\repar_fix.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\repar_fix_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\scan.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\scan_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\settingsoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\settingson.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\singlepushoptimizeroff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\singlepushoptimizeron.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\startup_wizard.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\startup_wizard_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\startuprepairoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\startuprepairon.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\subtabbotimg.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\system_corretor.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\system_corretor_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\system_restore.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\system_restore_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\systemrestoreoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\systemrestoreon.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\Thumbs.db %ProgramFiles%\Registry Corrector\panelHTML\images\uninstall_wizard.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\uninstall_wizard_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\uninstallwizardoff.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\uninstallwizardon.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\windows_corrector.jpg %ProgramFiles%\Registry Corrector\panelHTML\images\windows_corrector_hover.jpg %ProgramFiles%\Registry Corrector\panelHTML\indexleft.html %ProgramFiles%\Registry Corrector\RegistryCorrector.exe %ProgramFiles%\Registry Corrector\RegistryCorrectorSupport.exe %ProgramFiles%\Registry Corrector\SQLite3VB.dll %ProgramFiles%\Registry Corrector\tskschd.dll %ProgramFiles%\Registry Corrector\uninstal.log %UserProfile%\Desktop\Registry Corrector.lnk

FixMum:

Creates the following registry subkey:
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F2FADB6E-10AE-44B9-BFD2-6AE7D072A631}_is1

Creates the following folders:
%ProgramFiles%\FixMum %ProgramFiles%\FixMum\Backup %ProgramFiles%\FixMum\Backup\Application %ProgramFiles%\FixMum\Backup\Registry %ProgramFiles%\FixMum\Backup\Registry\FirstBackup %ProgramFiles%\FixMum\Backup\Registry\FullBackup %ProgramFiles%\FixMum\Backup\Service %ProgramFiles%\FixMum\config %ProgramFiles%\FixMum\Data %ProgramFiles%\FixMum\Data\Service %ProgramFiles%\FixMum\Temp %ProgramFiles%\FixMum\Update %UserProfile%\Start Menu\programs\FixMum

Creates the following files:
%ProgramFiles%\FixMum\aamd532.dll %ProgramFiles%\FixMum\ActiveX.dat %ProgramFiles%\FixMum\Apps.dat %ProgramFiles%\FixMum\Components.dat %ProgramFiles%\FixMum\Config.db %ProgramFiles%\FixMum\config\about.bmp %ProgramFiles%\FixMum\config\head.bmp %ProgramFiles%\FixMum\config\Left.jpg %ProgramFiles%\FixMum\config\Lng2Const.xml %ProgramFiles%\FixMum\config\logo.ico %ProgramFiles%\FixMum\config\Logo64.ico %ProgramFiles%\FixMum\config\Menu.xml %ProgramFiles%\FixMum\config\PerfectOptimzer.chm %ProgramFiles%\FixMum\config\register.jpg %ProgramFiles%\FixMum\config\SmallLogo.bmp %ProgramFiles%\FixMum\config\splash.jpg %ProgramFiles%\FixMum\config\website.url %ProgramFiles%\FixMum\Data\Service\campus_model.bat %ProgramFiles%\FixMum\Data\Service\default_model.bat %ProgramFiles%\FixMum\Data\Service\home_model.bat %ProgramFiles%\FixMum\Data\Service\interner_model.bat %ProgramFiles%\FixMum\Data\Service\notebook_model.bat %ProgramFiles%\FixMum\Data\Service\office_model.bat %ProgramFiles%\FixMum\FixMum.exe %ProgramFiles%\FixMum\FreeUse.dll %ProgramFiles%\FixMum\InstallDll.dll %ProgramFiles%\FixMum\License.dll %ProgramFiles%\FixMum\MiracleLib.dll %ProgramFiles%\FixMum\PerfectOptimizer.ini %ProgramFiles%\FixMum\SEClean.DLL %ProgramFiles%\FixMum\SERes.DLL %ProgramFiles%\FixMum\sqlite3.dll %ProgramFiles%\FixMum\unins000.dat %ProgramFiles%\FixMum\unins000.exe %ProgramFiles%\FixMum\Update.exe %ProgramFiles%\FixMum\website.url %ProgramFiles%\FixMum\WinUpdate.exe %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\FixMum.lnk %UserProfile%\Desktop\FixMum.lnk %UserProfile%\Start Menu\programs\FixMum\FixMum.lnk %UserProfile%\Start Menu\programs\FixMum\Uninstall.lnk %UserProfile%\Start Menu\programs\FixMum\Website.lnk %WinDir%\Tasks\FixMum_Home.Job
The shortcut link may look like one of the following:

Additional information

Program:Win32/PerfectOptimizer may display alert messages, such as the following:

Analysis by Francis Allan Tan Seng and Aaron HulettSymptoms

System Changes

The following system changes may indicate the presence of Program:Win32/PerfectOptimizer:

An entry in the Programs area of the user's Start Menu with one of the following names:

"Perfect Optimizer"
"Optimizer Tool"
"Registry Corrector"
"FixMum"

An entry in the Add/Remove Programs list or one of the following, or similar:

"Perfect Optimizer"
"Optimizer Tool"
"Registry Corrector"
"FixMum"

The presence one of the following shortcuts:

The appearance of an alert message, such as shown in the following graphic:

Last update 04 September 2013

TOP

Malware :

Last 20