home

Eorezo

Publisher Information

Eorezo is a software publisher located in Paris, Ile De France in France*. The company is a primary distributor of unwanted software. EoRezo is an adware company that distributes various web borwser extensions and plugin for the purpose of context advertsing. The software is designed to deliver pop-ups and change the home page and search engine used by Internet Explorer, Chrome and Firefox. Thre are 2 additional code signing certificates issued to this publisher.
Authority:
VeriSign, Inc.

Valid from:
10/14/2008 2:00:00 AM

Valid to:
10/15/2009 1:59:59 AM

Subject:
CN=Eorezo, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Eorezo, L=Paris, S=Ile de France, C=FR

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5158654305438a3e707630d3bfde7c69

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.BHO.Eorezo.J, PUP.Eorezo.I, PUP.Eorezo.P, PUP.Eorezo.K, PUP.Eorezo.M, PUP.Eorezo.F, PUP.Eorezo (M), PUP.Eorezo.Installer (M)
100.00%

VIPRE Antivirus
Adware.Eorezo.a
58.97%

avast!
Win32:Eorezo-N [PUP], Win32:Eorezo-M [PUP], Win32:Eorezo-AI [PUP], Win32:PUP-gen [PUP], Win32:Eorezo-F [PUP]
58.97%

Trend Micro House Call
TROJ_GEN.F47V0405, ADW_EOREZO, TROJ_GEN.F47V1103
38.46%

Trend Micro
ADW_EOREZO
33.33%

Microsoft Security Essentials
Adware:Win32/EoRezo
30.77%

AVG
Generic4, Generic5
28.21%

IKARUS anti.virus
AdWare.Win32.EoRezo
28.21%

AhnLab V3 Security
Adware/Win32.Eorezo
23.08%

Malwarebytes
Rogue.Eorezo, Trojan.Eorezo
10.26%

1 / 68      (Adware)
setup_eoweather_eo.exe (by EoRezo)  (3d9e6518c0b3edab4aa43942eb13bd35)

1 / 68      (Adware)
eometro.dll (Bibliothèque de liaison dynamique EoRATP)  (dcdb4c24051aeae8ef952010c10006fa)

1 / 68      (Adware)
EoRezoComm.DLL (Bibliothèque de liaison dynamique EoRezoComm)  (39be2a487753369606600c2f90f82604)

1 / 68      (Adware)
setup_eosudoku_eo.exe (by EoRezo)  (58b0e7b8aa3ef280943a6ae939cc12ea)

1 / 68      (Adware)
EoSudoku.DLL (Bibliothèque de liaison dynamique EoSudoku)  (909c04f72a7d95e0bab61d3196091fac)

1 / 68      (Adware)
setup_eotraduction_eo.exe (by EoRezo)  (325b62339e469ac9cafd715d52615905)

1 / 68      (Adware)
setup_itstv_eo_update.exe (by EoRezo)  (2d0d5d4ae6aa8112bc53e57076807e63)

1 / 68      (Adware)
EoClock.DLL (Bibliothèque de liaison dynamique EoClock)  (f09ca067340921ab72e176cca49775c1)

1 / 68      (Adware)
EoAdv.DLL (Bibliothèque de liaison dynamique EoAdv)  (52c7d891be048ea8d04d52174e5f5ec5)

1 / 68      (Adware)
EoRezoComm.DLL (Bibliothèque de liaison dynamique EoRezoComm)  (ca2506f6d666db7742b83c6305cb1878)

1 / 68      (Adware)
EoRezoBHO.dll (EoRezoBHO by EoRezo)  (44439a8f6cebb97cb61aac19a692ff79)

1 / 68      (Adware)
MngInstaller.DLL (Bibliothèque de liaison dynamique MngInstaller)  (1ca462d1982e76c9b5768444ee54900b)

1 / 68      (Adware)
EoEngine.EXE (Application EoEngine)  (13dc2e2c77d1d4f4f2385d6c7e3a6298)

1 / 68      (Adware)
setup_eowiki_eo.exe (by EoRezo)  (2330ded58327dd3638029fb5e847850b)

1 / 68      (Adware)
EoEngine.EXE (Application EoEngine)  (d80e045580bd65069879d96be328c88c)

1 / 68      (Adware)
EoWeather.DLL (Bibliothèque de liaison dynamique EoWeather)  (7e0493744e1439396d19dcc6b4dc734f)

9 / 68      (Adware)
eorezotools_30.dll  (4e2b381f1e169d331d2bbb3bbddb2720)

8 / 68      (Adware)
eorezotools_29.dll  (00dfabf8054bebcf8d808e21dbf76bfc)

8 / 68      (Adware)
eorezotools_28.dll  (dc344b35310578aeb15a2b728e876f5e)

9 / 68      (Adware)
eorezotools_27.dll (Bibliothèque de liaison dynamique EoRezoTools)  (eaee276c7e96df16b46684199ed70b43)

10 / 68    (Adware)
eorezotools_26.dll (Bibliothèque de liaison dynamique EoRezoTools)  (7d1b81055c752fd1d7c77d983d898e35)

9 / 68      (Adware)
eorezotools_21.dll (Bibliothèque de liaison dynamique EoRezoTools)  (d103ed67733988ade9f7d6dcb9411ddb)

9 / 68      (Adware)
eorezotools_20.dll (Bibliothèque de liaison dynamique EoRezoTools)  (a89bb4410e4627cb2a4c0f9b480ab57e)

8 / 68      (Adware)
eorezotools_18.dll (Bibliothèque de liaison dynamique EoRezoTools)  (aebc927c4ba29e129f5d67e9ff310d81)

9 / 68      (Adware)
eorezotools_17.dll (Bibliothèque de liaison dynamique EoRezoTools)  (1f2c25f72ae57d1f4bc881d8aafbb49a)

10 / 68    (Adware)
eorezotools_16.dll (Bibliothèque de liaison dynamique EoRezoTools)  (57baa3dad2a4383672b068bf452f38a4)

20 / 68    (Adware)
SoftwareUpdateHP.exe (SoftwareHelper by EoRezo)  (5ecd3c3b70b6b50f284dbaf6016b2ddf)

13 / 68    (Adware)
SoftwareUpdate.exe (SoftwareUpdate by EoRezo)  (a5de97601c97d5d337ccf4455ef63163)

4 / 68      (Adware)
EoAdv.DLL (Bibliothèque de liaison dynamique EoAdv)  (d59d74211a4197b1e8d03a25fd54df27)

5 / 68      (Adware)
eorezoimg_23.dll (Bibliothèque de liaison dynamique EoRezoImg)  (1612a49578719f3e80352bbf9305b981)

 
Latest 30 of 39 files

The certificates below are also signed by Eorezo.

1C6BCF65EA37004BFC9D8ABAF7BE4E73  (Oct 12, 2010 to Oct 14, 2012)

5EDC28477A0DFD565E10C4389B873701  (Dec 03, 2009 to Oct 15, 2010)

* Note, the details and description above are based on the code signing digital signature issued to Eorezo by VeriSign, Inc. on October 14, 2008 with the serial number '5158654305438a3e707630d3bfde7c69'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.