optimizerproinstaller.exe

Optimizer Pro

Subeo Tech, Inc.

The application optimizerproinstaller.exe, “Fix, clean, optimize your PC!” by Subeo Tech has been detected as a potentially unwanted program by 13 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from i1.installbox1.info.
Publisher:
PC Utilities Pro  (signed by Subeo Tech, Inc.)

Product:
Optimizer Pro

Description:
Fix, clean, optimize your PC!

Version:
3.0.1.0

MD5:
9461f7feb6cf75c02644c305f98499e5

SHA-1:
2fcd0c1f6b70176fb5749bbde76fc55c566ad1be

SHA-256:
a6511d58de8ba6362c37b101f29aa86b786f2a39bb6676019660e8d16e62b75d

Scanner detections:
13 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 1:17:38 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/Subeo.P
7.11.119.208

Bkav FE
HW32.FilDoer
1.3.0.4246

Boost by Reason
Optional.SubeoTech.V
188163

Comodo Security
Heur.Suspicious
17211

Emsisoft Anti-Malware
Adware.Win32.SpeedingUpMyPC.AMN
8.14.02.15.11

ESET NOD32
Win32/Adware.SpeedingUpMyPC (variant)
7.9002

Malwarebytes
PUP.Optional.OptimizePro.A
v2013.12.23.11

McAfee
Artemis!1A6B07B7220F
5600.7218

MicroWorld eScan
Win32/Adware.SpeedingUpMyPC.A
14.0.0.1071

NANO AntiVirus
Riskware.Win32.Unwanted.bboiym
0.26.0.54818

Reason Heuristics
PUP.Optional.SubeoTech.V
14.3.3.12

Rising Antivirus
Trojan.Win32.Generic.137661CA
23.00.65.131221

Trend Micro House Call
TROJ_GEN.F47V0501
7.2.357

File size:
4 MB (4,153,376 bytes)

Product version:
3.0.1.0

Copyright:
PC Utilities Pro

Trademarks:
PC Utilities Pro

Original file name:
OptimizerPro

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\addons\optimizerproinstaller.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
10/15/2012 9:52:11 PM

Valid to:
10/15/2015 9:41:53 PM

Subject:
CN="Subeo Tech, Inc.", O="Subeo Tech, Inc.", L=Reno, S=NV, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B71FFD6601803

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:kPhr+tBhmPiFe0rrNVuV2/Cn1W9ukmtKk2RUSi:+itgk/60QsdUSi

Entry address:
0x12928

Entry point:
55, 8B, EC, B9, 08, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, A0, 28, 41, 00, E8, E0, 2C, FF, FF, 33, C0, 55, 68, 5F, 2B, 41, 00, 64, FF, 30, 64, 89, 20, 8D, 55, E8, 33, C0, E8, 80, FF, FE, FF, 8B, 45, E8, 8D, 55, EC, E8, 09, 47, FF, FF, 8B, 55, EC, B8, 84, 48, 41, 00, E8, 24, 11, FF, FF, 8D, 55, E4, A1, 84, 48, 41, 00, E8, 1F, 82, FF, FF, 8B, 55, E4, B8, 84, 48, 41, 00, E8, 0A, 11, FF, FF, B8, 88, 48, 41, 00, BA, 78, 2B, 41, 00, E8, FB, 10, FF, FF, A1, 88, 48, 41, 00, E8, 21, 45, FF, FF, 84...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
71 KB (72,704 bytes)

The file optimizerproinstaller.exe has been seen being distributed by the following URL.

Remove optimizerproinstaller.exe - Powered by Reason Core Security