Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

dfdd3 8.51%
29604 91.49%
(Note, the developer publishes each variation of this file with the same version, but the hashes are unique.)

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegQueryInfoKeyW, RegSetValueExW, RegEnumKeyExW, RegOpenKeyExW, RegCreateKeyExW, RegCloseKey, RegDeleteValueW, RegDeleteKeyW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, ReportEventW, CloseEventLog, OpenEventLogW, DuplicateTokenEx, GetTokenInformation, CreateProcessAsUserW, OpenSCManagerW, OpenServiceW, ChangeServiceConfigW, CloseServiceHandle, RegQueryValueExW
kernel32.dll
InterlockedIncrement, InterlockedDecrement, WritePrivateProfileStringW, GetPrivateProfileStringW, CreateEventW, OpenEventW, WaitForSingleObject, GetSystemTimeAsFileTime, GetModuleHandleExW, CreateDirectoryW, CreateThread, Sleep, FindResourceExW, MultiByteToWideChar, lstrlenW, SetUnhandledExceptionFilter, GetCommandLineW, DeleteCriticalSection, GetModuleHandleW, LoadLibraryExW, lstrcmpiW, InitializeCriticalSection, CreateFileA, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, LoadLibraryA, SetEvent, TerminateThread, ExitProcess, FreeLibrary, DeleteFileW, lstrcpynW, CreateFileW, WriteFile, FlushFileBuffers, MoveFileExW, SizeofResource, LockResource, FreeResource, FindResourceW, LoadResource, RaiseException, WTSGetActiveConsoleSessionId, LoadLibraryW, GetProcAddress, CloseHandle, GetModuleFileNameW, GetLocalTime, GetLastError, SetErrorMode, GetVersion, InitializeCriticalSectionAndSpinCount, GetLocaleInfoA, GetStringTypeW, GetStringTypeA, LCMapStringA, GetConsoleMode, GetConsoleCP, SetFilePointer, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, GetFileType, SetHandleCount, GetEnvironmentStringsW, WideCharToMultiByte, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, RtlUnwind, LCMapStringW, GetModuleFileNameA, GetStdHandle, VirtualAlloc, VirtualFree, HeapDestroy, HeapAlloc, HeapFree, HeapReAlloc, HeapSize, GetProcessHeap, EnterCriticalSection, LeaveCriticalSection, GetCommandLineA, GetStartupInfoA, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, IsDebuggerPresent, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, GetCurrentThreadId, HeapCreate
ole32.dll
CoCreateInstance, CreateBindCtx, CoInitializeEx, CoTaskMemFree, CoTaskMemAlloc, CoTaskMemRealloc
shell32.dll
CommandLineToArgvW
shlwapi.dll
PathIsDirectoryW, PathFileExistsW, PathRemoveFileSpecW, PathFindFileNameW, PathAddExtensionW, PathCombineW
urlmon.dll
CreateURLMoniker
user32.dll
CharNextW, wsprintfW, DispatchMessageA, MsgWaitForMultipleObjects, DispatchMessageW, TranslateMessage, GetMessageA, GetMessageW, IsWindowUnicode, PeekMessageW
version.dll
GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW

optimizerpro.exe

Remove optimizerpro.exe
MD5:   2960400094498dae47b36173286d76a0
SHA1:   ae347ea987803f01fd415262a2002e3beb69e041
SHA256:   2062d0daed84ca792fbfb4aff94d4b5a5136fcb7521a3e5808eb510cda0d9b5c
Warning 22 antivirus scanners has detected malware.

Overview

optimizerpro.exe is malware that executes as a process under the SYSTEM account with extensive privileges (the system and the administrator accounts have the same file privileges). It is an auto-starting process that used the Windows Task Scheduler service to load when the user logs into Windows (sometimes this is required to bypass the UAC protection). It is installed with a couple of know programs including OptimizerPro published by BetterSoft, ContinueToSave from BetterSoft and ContinueToSave by BetterSoft.

DetailsDetails

File name:optimizerpro.exe
Typical file path:C:\ProgramData\cloudsoft\optimizerpro\optimizerpro.exe
Size:340 KB (348,160 bytes)
Digital DNA
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
OptimizerPro
 BetterSoft
  86% remove
OptimizerPro from BetterSoft is an adware program in the form of a process and a web browser plugin. The Plugin is designed to monitor the user's search and browsing habits and deliver advertising by overwriting the content HTML within the user's web browser. The background service which is executed as a Windows scheduled task is designed to make sure the web browser plugin remains active as well as automatically keeps the software upda...
ContinueToSave
 BetterSoft
  82% remove
ContinueToSave from BetterSoft is an adware program in the form of a process and a web browser plugin. The Plugin is designed to monitor the user's search and browsing habits and deliver advertising by overwriting the content HTML within the user's web browser. The background service which is executed as a Windows scheduled task is designed to make sure the web browser plugin remains active as well as automatically keeps the software up...
BrowseToSave
 BetterSoft
  85% remove
BrowseToSave from BetterSoft is an adware program in the form of a process and a web browser plugin. The Plugin is designed to monitor the user's search and browsing habits and deliver advertising by overwriting the content HTML within the user's web browser. The background service which is executed as a Windows scheduled task is designed to make sure the web browser plugin remains active as well as automatically keeps the software upda...
GadgetBox Updater
 BetterSoft
  83% remove
GadgetBox Updater from BetterSoft is an adware program in the form of a process and a web browser plugin. The Plugin is designed to monitor the user's search and browsing habits and deliver advertising by overwriting the content HTML within the user's web browser. The background service which is executed as a Windows scheduled task is designed to make sure the web browser plugin remains active as well as automatically keeps the software...
VaudiX
 BetterSoft
  85% remove
Vaudix (DropInSaving variant) is a web browser extension for Internet Explorer, Chrome and Firefox that collects and stores information about a user's web browsing habits in order to provide advertising as well as inter-browser coupons. The installed plugin will attempt to find merchant deals based on the user's web context and/or inject advertising. It will also attempt to find competing web extensions installed on the user's PC and di...
EasyLife Updater
 BetterSoft
  81% remove
EasyLife Updater is installed with various BetterSoft products/adware including SaveAs, BrowseToSave and ContinueToSave.
SaveAs
 BetterSoft
  80% remove
SaveAs from BetterSoft is an adware program in the form of a process and a web browser plugin. The Plugin is designed to monitor the user's search and browsing habits and deliver advertising by overwriting the content HTML within the user's web browser. The background service which is executed as a Windows scheduled task is designed to make sure the web browser plugin remains active as well as automatically keeps the software updated. T...
OptimizerPro Upd
 BetterSoft
  82% remove
OptimizerPro from BetterSoft is an adware program in the form of a process and a web browser plugin. The Plugin is designed to monitor the user's search and browsing habits and deliver advertising by overwriting the content HTML within the user's web browser. The background service which is executed as a Windows scheduled task is designed to make sure the web browser plugin remains active as well as automatically keeps the software upda...
EasylifeGadget Updater
 BetterSoft
  83% remove
EasylifeGadget Updater is an adware application that runs in the web browser as a toolbar and web extension. The web extension is primarily designed to take control of the user's browser in order to modify the search provider and redirect web searches to what ever search engine partner the publisher has a revenue relationship with. In doing so, the toolbar performs a number of behaviors in order to maximize the potential of a user to c...
OptimizerPro Updater
 BetterSoft
  83% remove
OptimizerPro is the update program which runs on the PC and checks for updates and automatically downloads and installs them if found. The program is primarily designed to keep the software up to date or provide product upgrades. In addition to releasing new versions of the software at regular intervals, the update program can provide additional information to the user or to the remote server. If it finds an item to download, it will do...

BehaviorsBehaviors

Scheduled tasks
  • The task 'schedule!2325565030' runs on logon in the path 'C:\WINDOWS\Tasks\schedule!2325565030.job'
  • The task 'schedule!3036567561' runs on logon in the path '\schedule!3036567561'
  • The job 'schedule!3168119997' runs on logon in the path 'C:\WINDOWS\Tasks\schedule!3168119997.job'
  • The task 'schedule!1084726308' runs on logon in the path 'C:\WINDOWS\Tasks\schedule!1084726308.job'
  • Entry path 'C:\WINXP\Tasks\schedule!3965101766.job'
  • Entry path '\schedule!1818212897'
  • Entry path '\schedule!1143840799'
  • Entry path 'C:\WINDOWS\Tasks\schedule!3168119997.job'
  • Entry path 'C:\WINDOWS\Tasks\schedule!1452997541.job'
  • Entry path '\{05C64F87-62B4-4AC7-84C2-FA2C41A45F58}'
  • Entry path '\schedule!3036567561'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
  • Login entry path 'C:\WINDOWS\Tasks\schedule!2325565030.job'
  • Login entry path 'C:\WINDOWS\Tasks\schedule!1084726308.job'
  • Login entry path 'C:\WINXP\Tasks\schedule!3965101766.job'
  • Login entry path '\schedule!1818212897'
  • Login entry path '\schedule!1143840799'
  • Login entry path 'C:\WINDOWS\Tasks\schedule!3168119997.job'
  • Login entry path 'C:\WINDOWS\Tasks\schedule!1452997541.job'
  • Login entry path '\schedule!3036567561'
  • Login entry path '\{05C64F87-62B4-4AC7-84C2-FA2C41A45F58}'

MalwareMalware detections

Based on 40+ industry antivirus scanners, 22 of them detected the following malware.
Antivirus engineEngine versionDetection
AhnLab V3 Internet Security 2013.07.09 PUP/Win32.BetterSoft
avast! 8.0.1489.320 Win32:PUP-gen [PUP]
BitDefender 7.2 Adware.BHO.Agent.E
Comodo Internet Security 16570 ApplicUnwnt
Emsisoft Anti-Malware 3.0.0.583 Adware.BHO.Agent.E (B)
eSafe 7.0.17.0 Win32.Trojan
ESET NOD32 7.8545 Win32/GenUpdater
Fortinet 5.1.146.0 Riskware/BetterSoftAgent
F-Secure 11.0.19100.45 Adware.BHO.Agent
G Data 13.6.22 Adware.BHO.Agent.E
Ikarus T3.1.4.3.0 AdWare.BHO.Agent
K7 AntiVirus 9.170.8978 Riskware
K7GW 12.7.0.12 Riskware
Kingsoft 2013.4.9.267 Win32.Troj.FakeIcon.cw.(kcloud)
McAfee 5.400.1158 Artemis!296040009449
McAfee Gateway Anti-Malware v2013-dat Artemis!296040009449
nProtect 2013-06-14.03 Adware.BHO.Agent.E
Sophos 4.90.0 Generic PUA DO
Trend Micro 9.740.0.1012 ADW_DLOAD
Trend Micro HouseCall 9.700.0.1001 ADW_DLOAD
VIPRE Antivirus 19424 Trojan.Win32.Generic!BT
ViRobot 2011.4.7.4223 Adware.BetterSoft.348160

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00097707%
0.028634%
Kernel CPU:0.00052169%
0.013761%
User CPU:0.00045538%
0.014873%
Kernel CPU time:97,612 ms/min
100,923,805ms/min
CPU cycles:69,640/sec
17,470,203/sec
Memory
Private memory:1.87 MB
21.59 MB
Private (maximum):3.05 MB
Private (minimum):759.33 KB
Non-paged memory:1.87 MB
21.59 MB
Virtual memory:43.56 MB
140.96 MB
Virtual memory (peak):46.77 MB
169.69 MB
Working set:929.33 KB
18.61 MB
Working set (peak):4.49 MB
37.95 MB
Page faults:3,729/min
2,039/min
I/O
I/O read transfer:308 Bytes/sec
1.02 MB/min
I/O read operations:1/sec
343/min
I/O write transfer:0 Bytes/sec
274.99 KB/min
I/O write operations:1/sec
227/min
I/O other transfer:104 Bytes/sec
448.09 KB/min
I/O other operations:9/sec
1,671/min
Resource allocations
Threads:1
12
Handles:86
600
GUI GDI count:4
103
GUI USER count:2
49

BehaviorsProcess properties

Integrety level:System
Platform:32-bit
Command lines:
  • C:\ProgramData\bettersoft\optimizerpro\optimizerpro.exe /schedule /profile "C:\ProgramData\bettersoft\optimizerpro\3036567561.ini"
  • "C:\documents and settings\all users\user\documents and settings\all users\datos de programa\bettersoft\optimizerpro\2325565030.ini"
  • "C:\ProgramData\bettersoft\easylife updater\easylife updater.exe" /schedule /profile "C:\ProgramData\bettersoft\easylife updater\1818212897.ini"
  • C:\ProgramData\bettersoft\continuetosave\continuetosave.exe /schedule /profile "C:\ProgramData\bettersoft\continuetosave\1143840799.ini"
  • "C:\Documents and Settings\user\Application data\bettersoft\continuetosave\3168119997.ini"
  • "C:\Documents and Settings\user\Application data\bettersoft\saveas\1452997541.ini"
Owner:SYSTEM
Parent processes:

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Microsoft Windows XP 31.91%
Windows 7 Ultimate 29.79%
Windows 7 Professional 12.77%
Windows Developer Preview 6.38%
Windows 8 Enterprise 6.38%
Windows 8 Pro 6.38%
Windows 7 Home Basic 4.26%
Windows 7 Home Premium 2.13%

Distribution by countryDistribution by country

Ireland installs about 12.77% of optimizerpro.exe.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
ASUS 26.67%
Dell 26.67%
GIGABYTE 20.00%
Hewlett-Packard 13.33%
Acer 6.67%
American Megatrends 6.67%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE