I can’t find any info on the exe’s contained within this folder (program files/windows optimizer).
With the avasts.exe name I thought this just might be a good place to ask. I don’t know whether
its junk, part of avast or a genuine optimizing tool I have installed previous. It is not listed as
installed within the control panel. Running the exe’s within this folder does nothing, avast and
malwarebytes do not detect anything suspicious, but the ‘avasts’.exe does constantly call out
for internet access?

update: one file seems to be linked to an ‘apps.topvideosoft’ website. according to a virustotal scan
for avasts.exe (click on further info) someone may have installed a video conversion tool, which may
have come with a potentially unwanted app. If anyone could give any info, on removal if necessary,
that would be helpful-thanks

virus total result for avasts.exe
virus total result for optimizer.exe
virus total result for system_shell.exe
virus total result for vmnet.exe

http://s13.postimg.org/830b2fgcn/screen.png

Does MicroTools sound familiar?

See: http://www.herdprotect.com/avasts.exe-75904648f1dd014012b29c4f36de019bd7de8dbe.aspx

No, avasts.exe is not a part of avast!.

Avast.exe First submission 2014-08-01 15:22:43 UTC ( 1 week ago )

Publisher Nanjing Aodimu Tech Co. File version 1.5.1.0 Description Avasts protects your system Signature verification Signed file, verified signature Signing date 3:31 AM 7/25/2014 Signers [+] Nanjing Aodimu Tech Co. [+] GlobalSign CodeSigning CA - G2 [+] GlobalSign Counter signers [+] Symantec Time Stamping Services Signer - G4 [+] Symantec Time Stamping Services CA - G2 [+] Thawte Timestamping CA

Optimizer.exe First submission 2014-07-26 08:24:35 UTC ( 2 weeks ago )

Publisher Nanjing Aodimu Tech Co. File version 1.4.9.0 Description Optimizer your windows system. Signature verification Signed file, verified signature Signing date 3:31 AM 7/25/2014 Signers [+] Nanjing Aodimu Tech Co. [+] GlobalSign CodeSigning CA - G2 [+] GlobalSign Counter signers [+] Symantec Time Stamping Services Signer - G4 [+] Symantec Time Stamping Services CA - G2 [+] Thawte Timestamping CA

System_shell.exe First submission 2014-08-01 15:18:21 UTC ( 1 week ago )

Publisher Nanjing Aodimu Tech Co. File version 1.3.5.0 Description Windows shell program Signature verification Signed file, verified signature Signing date 3:31 AM 7/25/2014 Signers [+] Nanjing Aodimu Tech Co. [+] GlobalSign CodeSigning CA - G2 [+] GlobalSign Counter signers [+] Symantec Time Stamping Services Signer - G4 [+] Symantec Time Stamping Services CA - G2 [+] Thawte Timestamping CA

Vmnet.exe First submission 2014-08-01 15:23:33 UTC ( 1 week ago )

Publisher Nanjing Aodimu Tech Co. File version 1.3.0.0 Description Optimize Internet browser. Signature verification Signed file, verified signature Signing date 3:31 AM 7/25/2014 Signers [+] Nanjing Aodimu Tech Co. [+] GlobalSign CodeSigning CA - G2 [+] GlobalSign Counter signers [+] Symantec Time Stamping Services Signer - G4 [+] Symantec Time Stamping Services CA - G2 [+] Thawte Timestamping CA

http://www.threatexpert.com/files/avasts.exe.html

Is that scan done on the exact file/MD5 ? … or just a name search?

At threatexpert, for each of the exe’s, I receive the simple message ‘The submitted file is not detected.’
No other info is given.

‘Microtools’ does sound familiar, but only because so many programs are often labelled as such. I
usually don’t download windows optimisation tools. I have noticed however that the signature is linked to
a ‘windows free movie maker’ tool, the website windows-movie-maker.org. I believe the link was given by
a trusted website in order to download an earlier version of ms movie maker, or an equivalent.
The suspect optimisation tool must have installed at the same time as the movie maker.

I uninstalled this program a while back, and had no issues at the time. I only use trusted websites and
make sure I tick all the right boxes during an install. This website comes up as safe using most online
safety checks,although states ‘the products on this site utilize InstallMonetizer.com’s software
recommendation platform.’

No movie creation tool is currently installed, and no optimizer is listed in my installed programs list either.
No malware or cleaning programs detect or remove anything (avast,malwarebytes,hijackthis,tdsskiller,ccleaner, roguekiller,junkwareremovaltool,TFC temp file cleaner etc) and it still calls out for internet access. I can
simply delete the service and ‘program files/windows optimizer’, but that would not help verify whether the tool
was legit safe and required… or if spyware, if anything else might be left behind.

Update - impatience got the better of me, and I stopped and deleted the service. Thanks for the replies and to
Simion for the herdprotect link, for the info click on Nanjing Aodimu Tech Co.,Ltd within it… or below
If I have further related issues I will edit this, but it would seem that it is just a case of ad or spyware included
with video creation software from this random chinese website.

herdprotect avasts.exe