optimizerproinstaller.exe

Optimizer Pro

Subeo Tech, Inc.

The application optimizerproinstaller.exe, “Fix, clean, optimize your PC!” by Subeo Tech has been detected as a potentially unwanted program by 14 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from i1.installbox1.info.
Publisher:
PC Utilities Pro  (signed by Subeo Tech, Inc.)

Product:
Optimizer Pro

Description:
Fix, clean, optimize your PC!

Version:
3.0.1.0

MD5:
6bcfa1538c4e6db37d83bba72a544c59

SHA-1:
951e77ffb7bb10c33fea91e0b6faf7d7f2ceb801

SHA-256:
79eb172dda0a470194f7884d45b41c4362831988178b2d61ef0470f87240c2b8

Scanner detections:
14 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 12:52:44 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/Subeo.P
7.11.119.208

Bkav FE
HW32.FilDoer
1.3.0.4246

Boost by Reason
Optional.SubeoTech.V
188163

Comodo Security
ApplicUnwnt
16082

Emsisoft Anti-Malware
Adware.Win32.SpeedingUpMyPC.AMN
8.14.01.25.05

ESET NOD32
Win32/Adware.SpeedingUpMyPC (variant)
8.8274

herdProtect (fuzzy)
2014.3.15.8

Malwarebytes
PUP.Optional.OptimizePro.A
v2014.01.25.05

McAfee
Artemis!1A6B07B7220F
5600.7240

MicroWorld eScan
Win32/Adware.SpeedingUpMyPC.A
15.0.0.75

NANO AntiVirus
Riskware.Win32.Unwanted.bboiym
0.26.0.54818

Reason Heuristics
PUP.Optional.SubeoTech.V
14.2.28.19

Rising Antivirus
Trojan.Win32.Generic.137661CA
23.00.65.14123

Trend Micro House Call
TROJ_GEN.F47V1127
7.2.25

File size:
4 MB (4,171,296 bytes)

Product version:
3.0.1.0

Copyright:
PC Utilities Pro

Trademarks:
PC Utilities Pro

Original file name:
OptimizerPro

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\addons\optimizerproinstaller.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
10/15/2012 10:52:11 PM

Valid to:
10/15/2015 10:41:53 PM

Subject:
CN="Subeo Tech, Inc.", O="Subeo Tech, Inc.", L=Reno, S=NV, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B71FFD6601803

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:U1zytbQjlRePmeeekWG3MBW4pOF+Fo58jWaCj:FQR+DPjW4nI8jWZj

Entry address:
0x12848

Entry point:
55, 8B, EC, B9, 08, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, D0, 27, 41, 00, E8, C0, 2D, FF, FF, 33, C0, 55, 68, 7F, 2A, 41, 00, 64, FF, 30, 64, 89, 20, 8D, 55, E8, 33, C0, E8, 60, 00, FF, FF, 8B, 45, E8, 8D, 55, EC, E8, E9, 47, FF, FF, 8B, 55, EC, B8, 7C, 48, 41, 00, E8, 04, 12, FF, FF, 8D, 55, E4, A1, 7C, 48, 41, 00, E8, FF, 82, FF, FF, 8B, 55, E4, B8, 7C, 48, 41, 00, E8, EA, 11, FF, FF, B8, 80, 48, 41, 00, BA, 98, 2A, 41, 00, E8, DB, 11, FF, FF, A1, 80, 48, 41, 00, E8, 01, 46, FF, FF, 84...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
71 KB (72,704 bytes)

The file optimizerproinstaller.exe has been seen being distributed by the following URL.

Remove optimizerproinstaller.exe - Powered by Reason Core Security