home

optimizerpro_ala6.exe

Optimizer Pro

Subeo Tech, Inc.

The application optimizerpro_ala6.exe, “Fix, clean, optimize your PC!” by Subeo Tech has been detected as a potentially unwanted program by 8 anti-malware scanners. This is a setup program which is used to install the application. It is also typically executed from an Internet Explorer cache folder. The file has been seen being downloaded from i1.reportbox3.info and multiple other hosts a web site host known to distribute potentially unwanted software operated by WEB PICK - INTERNET HOLDINGS LTD.
Publisher:
PC Utilities Pro  (signed by Subeo Tech, Inc.)

Product:
Optimizer Pro

Description:
Fix, clean, optimize your PC!

Version:
3.0.1.0

MD5:
3d7338bc0a20b724d2aea240f1f1dde5

SHA-1:
e0554cc942081a89352740e8dd064b9151d6064a

SHA-256:
f06837a5e0fe20496bee2b064b508c5aee1f0a23bcf97ab48f460602501f7471

Scanner detections:
8 / 68

Status:
Potentially unwanted

Analysis date:
2/25/2025 1:04:36 AM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
Heur.Suspicious
17511

ESET NOD32
Win32/Adware.SpeedingUpMyPC (variant)
8.9002

herdProtect (fuzzy)
variant of optimizerproinstaller.exe (PUP)
2014.1.5.17

Malwarebytes
PUP.Optional.OptimizePro.A
v2014.01.05.05

MicroWorld eScan
Win32/Adware.SpeedingUpMyPC.A
15.0.0.15

Reason Heuristics
PUP.Optional.SubeoTech.R
14.2.16.10

Rising Antivirus
PE:Trojan.Win32.Generic.14B0DDF2!347135474
23.00.65.14103

Trend Micro House Call
TROJ_GEN.F47V0501
7.2.5

File size:
4 MB (4,153,376 bytes)

Product version:
3.0.1.0

Copyright:
PC Utilities Pro

Trademarks:
PC Utilities Pro

Original file name:
OptimizerPro

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\optimizerpro_ala6.exe

Digital Signature
Signed by:
Subeo Tech, Inc.

Authority:
GoDaddy.com, Inc.

Valid from:
10/15/2012 10:52:11 PM

Valid to:
10/15/2015 10:41:53 PM

Subject:
CN="Subeo Tech, Inc.", O="Subeo Tech, Inc.", L=Reno, S=NV, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B71FFD6601803

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:Evhr+tBhmPiFe0rrNVuV2/Cn1W9ukmtKk2RUSi:uitgk/60QsdUSi

Entry address:
0x12928

Entry point:
55, 8B, EC, B9, 08, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, A0, 28, 41, 00, E8, E0, 2C, FF, FF, 33, C0, 55, 68, 5F, 2B, 41, 00, 64, FF, 30, 64, 89, 20, 8D, 55, E8, 33, C0, E8, 80, FF, FE, FF, 8B, 45, E8, 8D, 55, EC, E8, 09, 47, FF, FF, 8B, 55, EC, B8, 84, 48, 41, 00, E8, 24, 11, FF, FF, 8D, 55, E4, A1, 84, 48, 41, 00, E8, 1F, 82, FF, FF, 8B, 55, E4, B8, 84, 48, 41, 00, E8, 0A, 11, FF, FF, B8, 88, 48, 41, 00, BA, 78, 2B, 41, 00, E8, FB, 10, FF, FF, A1, 88, 48, 41, 00, E8, 21, 45, FF, FF, 84...
 
[+]

Entropy:
7.9884

Developed / compiled with:
Microsoft Visual C++

Code size:
71 KB (72,704 bytes)

The file optimizerpro_ala6.exe has been seen being distributed by the following 2 URLs.

http://i1.reportbox3.info/.../optimizerpro_ala6.exe

http://i1.installbox1.info/.../optimizerpro_ala6.exe

Remove optimizerpro_ala6.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.