5/5 - (1 votes)

Proxy.REOptimizer, Trojan horse.

The software REOptimizer falls into the category of Trojans ou Trojan. This is a type of malware, often confused with viruses or other parasites.

The Trojan horse is software that appears legitimate, but contains malware.


Potentially unwanted software (LPI) or Potentialy Unwanted Programs (PUP) are the cause of many infections. The most common example is adware. InstallCore, Crossrider, Graftor ou Boxore which pollute the Registry and your data storage units. They are usually installed without your knowledge by downloading freeware. Indeed some sites use the repackaging method, an operation which consists of redoing the software installation module by adding download options. These options allow you to add other software such as browser toolbars, adware, potentially unwanted software, intrusive advertising software, or even browser hijackers.


The role of Trojan horse (Trojan) is to get this parasite onto the computer and install it there without the user's knowledge. The contained program is called the "payload". It can be any type of parasite: virus, keylogger, spyware. It is this parasite, and it alone, which will execute actions within the victim computer. The Trojan horse is nothing other than the vehicle, the one who does "bring the wolf into the fold". It is not harmful in itself because it does not perform any action other than allowing the installation of the real parasite.

 Features

– It installs as a process launched at system startup (RP),
– It is installed in the Registry Base in order to be launched each time the system is started (O4),
– It is installed as a program (O42),
– It creates multiple “Software” registry keys,
– It creates additional files (O43),
– It is installed in the Windows prefetcher folder (O45),

 Preview in reports

Recorded on 29/11/2016
O4 – HKCU\..\Run: [buuigl] . (…) — C:\Users\Coolman\AppData\Local\buuigl.dll
O4 – HKUS\S-1-5-21-50051860-661384414-3684766944-1000\..\Run: [buuigl] . (…) — C:\Users\Coolman\AppData\Local\buuigl.dll
O42 – Software: REOptimizer – (.AltoCloud.) [HKCU] — REOptimizer
O61 – LFC: 2016/11/28 19:39:07 A . (..) — C:\Users\Coolman\AppData\Local\buuigl.dll [10752]
O61 – LFC: 2016/11/28 19:39:07 A . (..) — C:\Users\Coolman\AppData\Local\uninstallro.exe [2560]

 Alias

AVG Proxy.BSSW 20161129
AegisLab Proxy.Bssw.Gen!c 20161129
AhnLab-V3 Malware/Win32.Generic.C1629393 20161128
Avast Win32: Malware-gen 20161129
Avira (no cloud) TR/Proxy.rhjzi 20161128
Baidu Win32.Trojan-Proxy.Agent.j 20161128
Bkav W32.eHeur.Malware09 20161128
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20161024
ESET-NOD32 a variant of Win32/TrojanProxy.Agent.OAL 20161129
Fortinet W32/Agent.OAL!tr 20161129
Ikarus Trojan-Proxy.Agent 20161128
Invincea trojandownloader.win32.potukorp.a 20161128
K7GW Proxy-Program (004fe2db1) 20161129
Malwarebytes Trojan.ProxyAgent 20161128
McAfee Artemis!55DA32BC5FA8 20161129
McAfee-GW-Edition BehavesLike.Win32.Downloader.lm 20161129
Qihoo-360 HEUR/QVM40.1.79A7.Malware.Gen 20161129
Rising Malware.Generic!kHY68xkVB9@2 (thunder) 20161129
Sophos Mal/Generic-S 20161128
Symantec Heur.AdvML.B 20161129

How to remove REOptimizer?

Delete with Windows

Delete with ZHPCleaner

   Delete with ZHPSuite

Responsibility :   The principle of absence of responsibility of the original site, with regard to the contents of the targeted target sites, is recalled by the judgment of September 19, 2001 of the Paris Court of Appeal. The comments I make here reflect my opinion and are suggestions - the visitor is not obliged to follow them.

About the Author

Leave comments

Back to top