optimizerpro_ala5.exe

Optimizer Pro

Subeo Tech, Inc.

The application optimizerpro_ala5.exe, “Fix, clean, optimize your PC!” by Subeo Tech has been detected as a potentially unwanted program by 11 anti-malware scanners. This is a setup program which is used to install the application. It is also typically executed from an Internet Explorer cache folder. The file has been seen being downloaded from i1.installbox2.info and multiple other hosts.
Publisher:
PC Utilities Pro  (signed by Subeo Tech, Inc.)

Product:
Optimizer Pro

Description:
Fix, clean, optimize your PC!

Version:
3.0.1.0

MD5:
54bad85478fd8e2190cbff1136c81715

SHA-1:
b590e54345bec0f41882957533cce9cbfacf023f

SHA-256:
c48684273e797c0c73cbafac05f93f1afcb7486760e0b1c5687869bfc13b1cd2

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
11/14/2024 9:23:15 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/Subeo.P
7.11.119.208

Bkav FE
HW32.FilDoer
1.3.0.4246

Comodo Security
ApplicUnwnt
17440

ESET NOD32
Win32/Adware.SpeedingUpMyPC (variant)
7.9173

herdProtect (fuzzy)
2013.12.23.11

Malwarebytes
PUP.Optional.OptimizePro.A
v2013.12.21.12

McAfee
Artemis!1A6B07B7220F
5600.7275

MicroWorld eScan
Win32/Adware.SpeedingUpMyPC.A
14.0.0.1065

NANO AntiVirus
Riskware.Win32.Unwanted.bboiym
0.26.0.54818

Reason Heuristics
PUP.Optional.SubeoTech.R
14.3.1.13

Rising Antivirus
PE:PUF.SpeedingUpMyPC!1.9C66
23.00.65.131221

File size:
4 MB (4,173,344 bytes)

Product version:
3.0.1.0

Copyright:
PC Utilities Pro

Trademarks:
PC Utilities Pro

Original file name:
OptimizerPro

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\optimizerpro_ala5.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
10/15/2012 10:52:11 PM

Valid to:
10/15/2015 10:41:53 PM

Subject:
CN="Subeo Tech, Inc.", O="Subeo Tech, Inc.", L=Reno, S=NV, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B71FFD6601803

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:TIzytbmrByTcOvzsse0VI7GubPKk6rtwXVOX/:FmQnvzje0mSuTKF+VOX/

Entry address:
0x12848

Entry point:
55, 8B, EC, B9, 08, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, D0, 27, 41, 00, E8, C0, 2D, FF, FF, 33, C0, 55, 68, 7F, 2A, 41, 00, 64, FF, 30, 64, 89, 20, 8D, 55, E8, 33, C0, E8, 60, 00, FF, FF, 8B, 45, E8, 8D, 55, EC, E8, E9, 47, FF, FF, 8B, 55, EC, B8, 7C, 48, 41, 00, E8, 04, 12, FF, FF, 8D, 55, E4, A1, 7C, 48, 41, 00, E8, FF, 82, FF, FF, 8B, 55, E4, B8, 7C, 48, 41, 00, E8, EA, 11, FF, FF, B8, 80, 48, 41, 00, BA, 98, 2A, 41, 00, E8, DB, 11, FF, FF, A1, 80, 48, 41, 00, E8, 01, 46, FF, FF, 84...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
71 KB (72,704 bytes)

The file optimizerpro_ala5.exe has been seen being distributed by the following 4 URLs.

http://i1.installbox2.info/.../optimizerpro_ala5.exe

Remove optimizerpro_ala5.exe - Powered by Reason Core Security