TCPOptimizer.exe

SG TCP Optimizer Application

Speed Guide Inc.

Publisher:
Speed Guide Inc.

Product:
SG TCP Optimizer Application

Description:
SG TCP Optimizer

Version:
3, 0, 8, 0

MD5:
31d0de866c71cd80c7db1a87f5a1df93

SHA-1:
3630811557eb837e8093dfc2144a1bfdaf890405

SHA-256:
1b5ddcf08581cbb72e9df1647c4092868a3bf7418fcbea6123884182255db739

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
8/15/2018 5:23:00 PM UTC  (today)

Scan engine
Detection
Engine version

Antiy Labs AVL
Trojan[Backdoor]/Win32.Prorat
0.1.0.1

Zillya! Antivirus
Backdoor.Prorat.Win32.2
2.0.0.1772

File size:
644 KB (659,456 bytes)

Product version:
3, 0, 8, 0

Copyright:
Copyright (c) 2001-2011

Trademarks:
Speed Guide Inc

Original file name:
TCPOptimizer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\tcpoptimizer.exe

File PE Metadata
Compilation timestamp:
9/17/2011 10:03:30 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:kl94GIx1gkeGWcN7bXVnBhxTfjnaYCWIMzwGuKiiUP5qP:klUCGWE7bXVxTfjnanpr5e

Entry address:
0x2D3FC

Entry point:
55, 8B, EC, 6A, FF, 68, 50, 96, 45, 00, 68, 74, 24, 43, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 94, 22, 45, 00, 33, D2, 8A, D4, 89, 15, 80, E8, 49, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 7C, E8, 49, 00, C1, E1, 08, 03, CA, 89, 0D, 78, E8, 49, 00, C1, E8, 10, A3, 74, E8, 49, 00, 6A, 01, E8, 59, 60, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 10, 35, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
6.0700

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
324 KB (331,776 bytes)

The file TCPOptimizer.exe has been discovered within the following programs.

DoubleKiller  by Big Bang Enterprises
bigbangenterprises.de/en/doublekiller
About 7% of users remove it
FlashPeak SlimBrowser  by FlashPeak Inc.
FlashPeak SlimBrowser bundles a branded version of the Conduit Toolbar, which delivers search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar. Once accepted, the packaged executable, ConduitInstaller.
www.slimbrowser.net
About 5% of users remove it
SG TCP Optimizer Application  by Speed Guide Inc.
57% remove it
TCP Optimizer  by Speed Guide Inc.
Publisher's description - “TCP Optimizer is a free, easy to use Windows program that helps tune and optimize your Internet connection.”
www.speedguide.net/tcpoptimizer.php
21% remove it
www.Toolwiz.com
About 1% of users remove it
 
Powered by Should I Remove It?

The file TCPOptimizer.exe has been seen being distributed by the following 50 URLs.

http://dc496.4shared.com/download/.../tcpoptimizer.exe

http://gsf-cf.softonic.com/363/081/.../file?SD_used=0&channel=WEB&fdh=no&id_file=55508&instance=softonic_br&type=PROGRAM&Expires=1477215651&Signature=DyOpUFE84PRdYFSk-32EtMPz0n0VRM~A~KZyL53NElOELBPH7Fr-5UAfmZBDeb~YM43gNNibrr6ncjDjtfz-tKw2nng4EV59d9~xibcx~8WOaha7aJppOIutq35BWzaK1t-fzuodPvMOYM91pnR5DQWuxt92Yh7UVjFKkhfILt4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TCPOptimizer.exe

http://gsf-cf.softonic.com/363/081/.../file?SD_used=0&channel=WEB&fdh=no&id_file=55508&instance=softonic_es&type=PROGRAM&Expires=1477916706&Signature=AbLxPFsxMCVAsLJgRnY238mFnw0zivI-vwyf4vWW0sKSy6Vu8i6r48MadgYZB-QbEtrogN5aEbeorseMLFRyi1aj00QZSRFyu3Ii~G9HBRHT4OZ90hmnc~tU331~OBE7gTU3994UZdnATQrjRCpwcf9JZa-UKBxmPsvS9~Fu1So_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TCPOptimizer.exe

http://dc338.4shared.com/download/.../tcpoptimizer.exe

http://gsf-cf.softonic.com/363/081/.../file?SD_used=0&channel=WEB&fdh=no&id_file=55508&instance=softonic_es&type=PROGRAM&Expires=1476411579&Signature=IKRxqIv3KrEycoAGgN9GeziAGEWFD9Jecm3Ff43GDeyxfVqYoRu65P~XKo~ml8Gd~l6lSrlD1UH7bty~wh5nbO-vqYQdXez-slj9byScR9O0TUSzDjPwsg9J9jdZWr2S73s9rYVvvU7kIgTLVhZI~dl4MHyv33acc6iM8HqTcX8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TCPOptimizer.exe

http://gsf-cf.softonic.com/363/081/.../file?SD_used=0&channel=WEB&fdh=no&id_file=55508&instance=softonic_es&type=PROGRAM&Expires=1449117938&Signature=NnB-3A3vqABcEIlLsXtTXK7yDVwxU0zqGpeRtKukMyoogW7~8UMyk89Bi02m~HDhK4i38HPYiK~U5ZnuARPFaHIY8zYhuJcds-NpjUwBf1K~EliNb1Jujw8HUP1217RggOSYZBSIQgN-fKNKviV-s6Uy5ezc~oP3F5rV3Fv0-tQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TCPOptimizer.exe

http://gsf-cf.softonic.com/363/081/.../file?SD_used=0&channel=WEB&fdh=no&id_file=55508&instance=softonic_es&type=PROGRAM&Expires=1477993882&Signature=LwAlpt83EZr9URyVyo4FjUYepdsGP5Mr71BfHQb69OeUPWEbAdDaueGw70KRv87SMaC3poDuDUcCZ3CbuKTBieooufKjOmilm5dD2ZEL4oZOqUBaqMRYjHgoBKWUQ1nGi8pF2-tHeQEO2mSzwBk5wJimJl6zFY5qcrG4wEqrZX0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TCPOptimizer.exe

https://steamcommunity.com/linkfilter/?url=http://www.speedguide.net/.../TCPOptimizer.exe

http://gsf-cf.softonic.com/363/081/.../file?SD_used=0&channel=WEB&fdh=no&id_file=55508&instance=softonic_es&type=PROGRAM&Expires=1455423808&Signature=SwYP4Su0pcRKmjmkICqyy9T9b0uCFlCPTPAqJ~wiylygwsTU3wlwLinM4bdR2yq-uJUmVhgW2z1BlSecW47AHxzgjWQ1UV0eMMbmHjDc7OqDh~G6TjEgUMvyUw65QH43bqK5LqEPfJ91RdUfrFxz07zbOH60kpw~QmLlP8izh5Y_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TCPOptimizer.exe

http://gsf-cf.softonic.com/363/081/.../file?SD_used=0&channel=WEB&fdh=no&id_file=55508&instance=softonic_br&type=PROGRAM&Expires=1471352781&Signature=FWJg-F0ons7ngNdU5hpiwvCspxFV7D2met88LuVp2gUlG4MkVwSOeK0E3Gm5a-Gd-cAFpmTW0xQf7cUEBtqWb11JKLqx2J6E53AUY5qNSeh4ZeHdwZMH~VozXoKjQVU8D8oib537UEDtGwa4jrbz6AHDp7JN4oCH1nataUd-~TY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TCPOptimizer.exe

Latest 30 of 53 download URLs

Scan TCPOptimizer.exe - Powered by Reason Core Security