optimizerproinstaller.exe

Optimizer Pro

Subeo Tech, Inc.

The application optimizerproinstaller.exe, “Fix, clean, optimize your PC!” by Subeo Tech has been detected as a potentially unwanted program by 14 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from i1.storagepl1.info and multiple other hosts.
Publisher:
PC Utilities Pro  (signed by Subeo Tech, Inc.)

Product:
Optimizer Pro

Description:
Fix, clean, optimize your PC!

Version:
3.0.1.0

MD5:
463eb53726135956a289c5a0ff47d39f

SHA-1:
38ab7bdf7ecacb2dc483e471befa344b7d3b8786

SHA-256:
e39dbcb7c2a9973add49f730009d687f5f0f24e8833c5cc9a368b0bd01e61cf4

Scanner detections:
14 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 1:20:40 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/Subeo.P
7.11.119.208

Bkav FE
HW32.FilDoer
1.3.0.4246

Boost by Reason
Optional.SubeoTech.V
188163

Comodo Security
ApplicUnwnt
17440

Emsisoft Anti-Malware
Adware.Win32.SpeedingUpMyPC.AMN
8.14.02.15.10

ESET NOD32
Win32/Adware.SpeedingUpMyPC (variant)
7.9173

herdProtect (fuzzy)
2013.12.28.14

Malwarebytes
PUP.Optional.OptimizePro.A
v2013.12.23.10

McAfee
Artemis!1A6B07B7220F
5600.7267

MicroWorld eScan
Win32/Adware.SpeedingUpMyPC.A
14.0.0.1071

NANO AntiVirus
Riskware.Win32.Unwanted.bboiym
0.26.0.54818

Reason Heuristics
PUP.Optional.SubeoTech.V
14.3.3.12

Rising Antivirus
PE:PUF.SpeedingUpMyPC!1.9C66
23.00.65.131221

Trend Micro House Call
TROJ_GEN.F47V0501
7.2.357

File size:
4 MB (4,173,344 bytes)

Product version:
3.0.1.0

Copyright:
PC Utilities Pro

Trademarks:
PC Utilities Pro

Original file name:
OptimizerPro

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\addons\optimizerproinstaller.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
10/15/2012 9:52:11 PM

Valid to:
10/15/2015 9:41:53 PM

Subject:
CN="Subeo Tech, Inc.", O="Subeo Tech, Inc.", L=Reno, S=NV, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B71FFD6601803

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:OgzytbmrByTcOvzsse0VI7GubPKk6rtwXVOX/:KmQnvzje0mSuTKF+VOX/

Entry address:
0x12848

Entry point:
55, 8B, EC, B9, 08, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, D0, 27, 41, 00, E8, C0, 2D, FF, FF, 33, C0, 55, 68, 7F, 2A, 41, 00, 64, FF, 30, 64, 89, 20, 8D, 55, E8, 33, C0, E8, 60, 00, FF, FF, 8B, 45, E8, 8D, 55, EC, E8, E9, 47, FF, FF, 8B, 55, EC, B8, 7C, 48, 41, 00, E8, 04, 12, FF, FF, 8D, 55, E4, A1, 7C, 48, 41, 00, E8, FF, 82, FF, FF, 8B, 55, E4, B8, 7C, 48, 41, 00, E8, EA, 11, FF, FF, B8, 80, 48, 41, 00, BA, 98, 2A, 41, 00, E8, DB, 11, FF, FF, A1, 80, 48, 41, 00, E8, 01, 46, FF, FF, 84...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
71 KB (72,704 bytes)

The file optimizerproinstaller.exe has been seen being distributed by the following 3 URLs.

http://i1.storagepl1.info/.../optimizerpro_ala9.exe

Remove optimizerproinstaller.exe - Powered by Reason Core Security