unins000.exe

Optimal Software s.r.o.

The application unins000.exe by Optimal Software s.r.o has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program PC Speed Up by Optimal Software s.r.o..
Publisher:
Optimal Software s.r.o.  (signed and verified)

Description:
Setup/Uninstall

Version:
51.1052.0.0

MD5:
eee134681f3ee0a91f273037cad7618e

SHA-1:
fec8e9bd13662f883415d980499e9b8c9bb8085c

SHA-256:
5ea8e5fcb191b24d3583d5f4044bc2953712db974d5ac638c7bbccef170d2964

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 7:33:22 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Speedchecker.OptimalS.Installer.Meta (L)
16.6.10.12

File size:
1.1 MB (1,160,424 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\pc speed up\unins000.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
5/11/2015 2:00:00 AM

Valid to:
5/11/2016 1:59:59 AM

Subject:
CN=Optimal Software s.r.o., OU=Optimal Software s.r.o., O=Optimal Software s.r.o., STREET=Jablunkovksá 2014/40a, L=Český Těšín, S=MS, PostalCode=73701, C=CZ

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00DE52000CC87F2CDEAE54899FBF253D03

File PE Metadata
Compilation timestamp:
12/20/2011 3:16:51 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:oh+EpSGP3ZEgRhuRKOODzjJBwjOGfcCUWgEf0ZsMCmGJHxyAk:qa+PjJaEWZAsTvM

Entry address:
0xFAF7C

Entry point:
55, 8B, EC, 83, C4, F0, 53, 56, 57, B8, A4, 94, 4F, 00, E8, AD, DF, F0, FF, 6A, EC, A1, 7C, ED, 4F, 00, 8B, 00, 8B, 98, 70, 01, 00, 00, 53, E8, 40, EE, F0, FF, 25, 7F, FF, FF, FF, 50, 6A, EC, A1, 7C, ED, 4F, 00, 53, E8, 95, F0, F0, FF, 33, C0, 55, 68, F7, AF, 4F, 00, 64, FF, 30, 64, 89, 20, 6A, 01, E8, E8, E7, F0, FF, E8, 17, E2, FF, FF, A1, DC, 90, 4F, 00, 50, 68, 40, 91, 4F, 00, A1, 7C, ED, 4F, 00, 8B, 00, E8, 50, 0E, F8, FF, E8, 6B, E2, FF, FF, 33, C0, 5A, 59, 59, 64, 89, 10, EB, 19, E9, E4, 96, F0, FF...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
999 KB (1,022,976 bytes)

Program Uninstaller
Program name:
PC Speed Up

Display publisher:
Optimal Software s.r.o.

Display version:
3.9.9.0

Uninstall string:
"C:\Program Files (x86)\PC Speed Up\unins000.exe"


The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to splunk.srv.wifiprotector.co  (92.242.140.21:80)

TCP (HTTP):

Remove unins000.exe - Powered by Reason Core Security