ROMEO SOUTH SL

Publisher Information

ROMEO SOUTH SL is a software publisher located in Madrid, Spain*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs. Thre are 3 additional code signing certificates issued to this publisher.
Remove ROMEO SOUTH SL Malware - Powered by Reason Core Security
Authority:
GoDaddy.com, Inc.

Valid from:
5/29/2013 12:00:31 PM

Valid to:
6/19/2014 7:09:57 PM

Subject:
CN=ROMEO SOUTH SL, O=ROMEO SOUTH SL, L=Madrid, S=Madrid, C=ES

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
277a328668e577

Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Vitallia.ROMEOSOUTH.Installer (M), PUP.ROMEOSOUTH.Reputation
72.97%

Rising Antivirus
PE:Trojan.Win32.Generic.137A42C9!326779593, PE:Malware.XPACK/RDM!5.1, NS:Malware.Install!1.9F21
59.46%

AVG
MalSign.Generic, MultiBundle
43.24%

McAfee Web Gateway
Artemis!EAB808EB7A34, Artemis!C8C813F7F4A0, Artemis!DACF8BB4590A, BehavesLike.Win32.Adware.fc, Artemis!D08AE17069E2, BehavesLike.Win32.Suspicious.dc, BehavesLike.Win32.Worm.dc
29.73%

Malwarebytes
PUP.Optional.Romeo, PUP.Optional.Bundle, PUP.Optional.Bundler
24.32%

Dr.Web
infected with Trojan.Vittalia.365, Adware.Downware.1561
18.92%

Trend Micro House Call
TROJ_GEN.F47V0219, TROJ_GEN.F47V1227, TROJ_GEN.F47V0111, TROJ_GEN.F47V0724, TROJ_GEN.F47V1115, TROJ_GEN.F47V1028
16.22%

NANO AntiVirus
Riskware.Nsis.Downware.dciozl, Trojan.Text.Vittalia.dywvfo, Trojan.Script.Vittalia.dywvfn
16.22%

Antiy Labs AVL
Trojan/Win32.Genome.gen, GrayWare[:not-a-virus]/Win32.Downloader.gen
16.22%

McAfee
Artemis!EAB808EB7A34, Artemis!C8C813F7F4A0, Artemis!DACF8BB4590A, Artemis!D08AE17069E2, Artemis!94F28309E99C
13.51%

1 / 68      (PUP)
emule050a.exe  (8df5ac6e4207c8b60df74dc5ba4fe280)

1 / 68      (PUP)
emule050a.exe  (9fe649544ec23bec197a9d84db64c341)

1 / 68      (PUP)
aresplus_2.7.0_setup.exe  (6194108457b05a9b616293cf8255a2c3)

2 / 68      (PUP)
emule050a.exe  (a30357cff2192ed577fb6c5015841548)

9 / 68      (PUP)
awh862c.tmp  (6e4c2d040604fa4210ca5ef905e94b8e)

4 / 68      (PUP)
emuleplus12e.exe  (242bf1d36536248290d66dd6dfe089b9)

8 / 68      (PUP)
emuleplus12e.exe  (94f28309e99c8a9d3ac3ebd6a4446914)

4 / 68      (PUP)
emule050a.exe  (3c347b0323ec2ea052247a2a7cabe96b)

4 / 68      (inconclusive)
emule050a.exe  (787d5ddb70036d2ea919b0113eb7c35d)

4 / 68      (PUP)
emule050a.exe  (9e222ed5b12da3bc49d8d04e132acd24)

2 / 68      (PUP)
emule050a-install.exe  (20d3ad3d9cb1e5421b247fd496c20818)

3 / 68      (PUP)
aresplus_2.7.0_setup.exe  (7af40783421232219d292cb7ee53708f)

2 / 68      (PUP)
emule050a.exe  (bc3e2e9bcf0af7d2ec9481302b4ec317)

7 / 68      (PUP)
emuleplus12e.exe  (22a90f51871b0df6fe953007bbb5abd9)

2 / 68      (PUP)
emuleplus12e.exe  (8ac4b57a2f3ca815210ee9838412badc)

4 / 68      (PUP)
emule050a.exe  (af7354c3d38447b341b679421266158c)

2 / 68      (PUP)
emuleplus12e.exe  (73258d7dc01e2e03df56e76b4757c208)

3 / 68      (PUP)
emule050a-install.exe  (919d6f067d19aa714c5f2b8ca409a0ad)

2 / 68      (PUP)
emule050a-install.exe  (96bd17c5e3e5a08482f05873b5af8f54)

3 / 68      (inconclusive)
emule050a.exe  (960432587d4f877d19e8d70a25d5a32f)

2 / 68      (PUP)
emuleplus12e.exe  (a55361d67fe6dbd5d11df7a5a020fe8b)

3 / 68      (PUP)
emule050a-install.exe  (8afd5d5bb9b91ef30e96c9dfab3f6c0e)

2 / 68      (PUP)
utorrent-3.2-27850.exe  (b60bf6718185dfac4b759e95378fc1cf)

5 / 68      (PUP)
emule050a.exe  (d08ae17069e25a5a927b9f95923567f7)

5 / 68      (PUP)
emuleplus12e.exe  (61d50d3201069b18cb19962402e123b2)

5 / 68      (PUP)
emule050a.exe  (ca1ab92bba4ea44c28f326ba7dac5942)

5 / 68      (PUP)
emule050a-install.exe  (dacf8bb4590ae07a8a9ccf58933fc16c)

1 / 68      (PUP)
emule050a-install.exe  (16ff4f8151113231a2340205a8d1e629)

3 / 68      (PUP)
utorrent-3.2-27850.exe  (532d7c4f8c01b842db14c0e5a767783b)

3 / 68      (PUP)
emule050a.exe  (543a8825d652a5e48f00ee227fb39c81)

 
Latest 30 of 37 files

The certificates below are also signed by ROMEO SOUTH SL.

4B7E997895C66952  (Feb 02, 2016 to Jun 19, 2016)

00E9FE7942126D0E38  (Jun 16, 2015 to Jun 19, 2016)

07BD0BED172350  (May 29, 2014 to Jun 19, 2015)

Remove ROMEO SOUTH SL Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to ROMEO SOUTH SL by GoDaddy.com, Inc. on May 29, 2013 with the serial number '277a328668e577'.