home

tuto4pc.exe

Tuto4PC.com

This is the Eorezo installer which may include software offers for unwanted programs including toolbars. The application tuto4pc.exe, “Tuto4PC Setup ” by Tuto4PC.com has been detected as adware by 19 anti-malware scanners. The program is a setup application that uses the Eorezo Downloader installer. This browser extension displays targeted advertising by monitoring the URLs viewed in the web browser. The file has been seen being downloaded from dlfr.tuto4pc.com.
Publisher:
Tuto4PC   (signed by Tuto4PC.com)

Product:
Tuto4PC

Description:
Tuto4PC Setup

MD5:
7ea77d4abc4d7a2d18789f7c6c97a205

SHA-1:
0509e6e8e4cddef9835b6feb117952bdfd8e3618

SHA-256:
a0eebc4e625f233a648537c027a7b0f7cc3acf9a5c12d99b29432af6641d2e11

Scanner detections:
19 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/19/2024 4:15:55 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/PcTuto.A
7.11.84.204

avast!
Win32:Adware-ASG [PUP]
2014.9-131117

Bitdefender
Application.Generic.408133
1.0.20.1605

Boost by Reason
Optional.Tuto4PC.H
188838

Comodo Security
ApplicUnwnt
16432

Emsisoft Anti-Malware
Application.Generic.408133
8.13.11.17.12

ESET NOD32
Win32/Adware.EoRezo.AC (variant)
7.8450

Fortinet FortiGate
Riskware/EoRezo
11/17/2013

F-Secure
Application.Generic.408133
11.2013-17-11_1

G Data
Application.Generic.408133
13.11.22

IKARUS anti.virus
Win32.SuspectCrc
t3scan.2.0.3.0

Malwarebytes
Adware.Eorezo
v2013.11.17.12

Microsoft Security Essentials
Adware:Win32/EoRezo
1.163.1557.0

MicroWorld eScan
Application.Generic.408133
14.0.0.963

Panda Antivirus
Suspicious file
13.11.17.12

Reason Heuristics
PUP.Installer.Tuto4PC.H
14.8.8.3

SUPERAntiSpyware
Adware.Eorezo
10868

Trend Micro House Call
TROJ_GEN.F47V0613
7.2.321

VIPRE Antivirus
Trojan.Win32.Generic
18718

File size:
2.1 MB (2,233,760 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Eorezo Downloader (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\tuto4pc.exe

Digital Signature
Signed by:
Tuto4PC.com

Authority:
GlobalSign nv-sa

Valid from:
10/27/2011 8:26:43 AM

Valid to:
10/27/2013 8:26:43 AM

Subject:
CN=Tuto4PC.com, O=Tuto4PC.com, L=Paris, S=Ile-de-france, C=FR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11217A044D9875AB5200314888C39C5486EF

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:Y9DtOrn3tjrgX6mS+gGrdhyXPU1yb9xNp1Ucpxg5K:SDtOxgXJSzyEPU1yzNL

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.9949

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file tuto4pc.exe has been seen being distributed by the following URL.

http://dlfr.tuto4pc.com/clib/tuto4pc/fr/.../tuto4pc.exe

Remove tuto4pc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.