home

optimizerproinstaller.exe

Optimizer Pro

Subeo Tech, Inc.

The application optimizerproinstaller.exe, “Fix, clean, optimize your PC!” by Subeo Tech has been detected as a potentially unwanted program by 5 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from www.nlstorage.info.
Publisher:
PC Utilities Pro  (signed by Subeo Tech, Inc.)

Product:
Optimizer Pro

Description:
Fix, clean, optimize your PC!

Version:
3.0.1.0

MD5:
6b79dd503b0ee03c70882d7710f828ca

SHA-1:
622ef6a599a5aac70281e04267b41dc3c99e24ae

SHA-256:
72af18a1cec71334dff75e9176815bf7ec6bca5c86f7f6e557cb4a4ec5618777

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
11/14/2024 3:11:16 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
PCCleaner.B
2014.0.3616

Boost by Reason
Optional.SubeoTech.V
188163

Comodo Security
Heur.Suspicious
16403

ESET NOD32
Win32/Adware.SpeedingUpMyPC (variant)
7.8429

Reason Heuristics
PUP.Optional.SubeoTech.V
14.2.21.0

File size:
2.6 MB (2,683,184 bytes)

Product version:
3.0.1.0

Copyright:
PC Utilities Pro

Trademarks:
PC Utilities Pro

Original file name:
OptimizerPro

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\addons\optimizerproinstaller.exe

Digital Signature
Signed by:
Subeo Tech, Inc.

Authority:
GoDaddy.com, Inc.

Valid from:
11/22/2011 1:49:01 PM

Valid to:
11/21/2012 5:14:37 PM

Subject:
CN="Subeo Tech, Inc.", O="Subeo Tech, Inc.", L=Reno, S=NV, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
27D4E25FB4CFE9

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:i28v2N7CfYc0UUONS3R27oWgfe+XPezhEWu0/FyqZ3BpPgWYC1G97V4tU:z8OFCAcLUOQ3REoWgfXPQ400W097Vb

Entry address:
0x12848

Entry point:
55, 8B, EC, B9, 08, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, D0, 27, 41, 00, E8, C0, 2D, FF, FF, 33, C0, 55, 68, 7F, 2A, 41, 00, 64, FF, 30, 64, 89, 20, 8D, 55, E8, 33, C0, E8, 60, 00, FF, FF, 8B, 45, E8, 8D, 55, EC, E8, E9, 47, FF, FF, 8B, 55, EC, B8, 7C, 48, 41, 00, E8, 04, 12, FF, FF, 8D, 55, E4, A1, 7C, 48, 41, 00, E8, FF, 82, FF, FF, 8B, 55, E4, B8, 7C, 48, 41, 00, E8, EA, 11, FF, FF, B8, 80, 48, 41, 00, BA, 98, 2A, 41, 00, E8, DB, 11, FF, FF, A1, 80, 48, 41, 00, E8, 01, 46, FF, FF, 84...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
71 KB (72,704 bytes)

The file optimizerproinstaller.exe has been seen being distributed by the following URL.

http://www.nlstorage.info/installmate/.../optimizerpro_ala2.exe

Remove optimizerproinstaller.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.