» registryoptimizer.exe
Overview
Analysis
File Details

registryoptimizer.exe

Optimizer Pro

Subeo Tech, Inc.

The application registryoptimizer.exe, “Fix PC problems and optimize performance ” by Subeo Tech has been detected as a potentially unwanted program by 17 anti-malware scanners. The program is a setup application that uses the Inno Setup installer.

File name:

Publisher:

PC Utilities Pro (signed by Subeo Tech, Inc.)

Product:

Optimizer Pro

Description:

Fix PC problems and optimize performance

Version:

3.0

MD5:

7debbeecffb85dba6a7f059e0417db3d

SHA-1:

cc82dc31d40d9b5321cbadb637fbd8d24c8680ca

SHA-256:

8ffe9b0898a22736180a5a8efde69648b5cc1c8507b8f62be3ae5c6cf4a3129d

Scanner detections:

17 / 68

Status:

Potentially unwanted

Analysis date:

4/23/2024 11:33:04 AM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

PUP/Win32.OptimizerPro

2013.10.03

Avira AntiVirus

Adware/SpeedingUpMyPC.C

7.11.107.246

avast!

Win32:Dropper-gen [Drp]

2014.9-140418

AVG

PCCleaner.B.dropper

2015.0.3500

Baidu Antivirus

Adware.Win32.SpeedingUpMyPC

4.0.3.14418

Bkav FE

HW32.FilDoer

1.3.0.4246

Comodo Security

UnclassifiedMalware

17038

Emsisoft Anti-Malware

Trojan.Win32.SpeedingUpMyPC.AMN

8.14.04.18.11

ESET NOD32

Win32/Adware.SpeedingUpMyPC (variant)

8.8869

herdProtect (fuzzy)

variant of optimizerpro.exe (PUP)

2014.7.7.12

IKARUS anti.virus

Virus.Win32.Dropper

t3scan.2.0.127

Malwarebytes

PUP.Optional.OptimizePro.A

v2014.04.18.11

McAfee

Artemis!7609CC04F189

5600.7156

MicroWorld eScan

Trojan.Win32.Agent

15.0.0.324

Reason Heuristics

PUP.Optional.SubeoTech.R

14.4.18.23

Rising Antivirus

Trojan.Win32.Generic.1443545C

23.00.65.14416

Trend Micro House Call

TROJ_FAKEALERT.BMH

7.2.188

File size:

2.3 MB (2,430,288 bytes)

Product version:

3.0

PC Utilities Pro

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\windows\temp\registryoptimizer.exe

Digital Signature

Signed by:

Subeo Tech, Inc.

Authority:

GoDaddy.com, Inc.

Valid from:

11/22/2011 7:49:01 AM

Valid to:

11/21/2012 11:14:37 AM

Subject:

CN="Subeo Tech, Inc.", O="Subeo Tech, Inc.", L=Reno, S=NV, C=US

Issuer:

SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

27D4E25FB4CFE9

File PE Metadata

Compilation timestamp:

6/19/1992 6:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:/2Rv2N7CfYc0UUONS3R27oWgfe+XPezhEWu0xcdJXySxQnVAjrfZQytZ:eROFCAcLUOQ3REoWgfXPQ4WNSGUfCw

Entry address:

0x9B24

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, A2, 95, FF, FF, E8, A9, A7, FF, FF, E8, D4, C9, FF, FF, E8, 1B, CA, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, DB, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, A4, A1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 04, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, 53, 96, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8... 
[+]

Entropy:

7.9956

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

Remove registryoptimizer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.