home

tuto4pc.exe

Tuto4PC.com

This is the Eorezo installer which may include software offers for unwanted programs including toolbars. The application tuto4pc.exe, “Tuto4PC Setup ” by Tuto4PC.com has been detected as adware by 19 anti-malware scanners. The program is a setup application that uses the Eorezo Downloader installer. This browser extension displays targeted advertising by monitoring the URLs viewed in the web browser. The file has been seen being downloaded from dlfr.tuto4pc.com.
Publisher:
Tuto4PC   (signed by Tuto4PC.com)

Product:
Tuto4PC

Description:
Tuto4PC Setup

MD5:
e3270720411fbafb65be30a6087eed26

SHA-1:
7949619dc648845db0c1d5d8c7c1aa68b3e4063d

SHA-256:
de78fe5563a815e85bb385308d08ee847077bbbc4de7132a350223b765b5da37

Scanner detections:
19 / 68

Status:
Adware

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/19/2024 5:51:18 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/PcTuto.A
7.11.84.204

avast!
Win32:Adware-ASG [PUP]
2014.9-131126

Bitdefender
Application.Generic.408133
1.0.20.1650

Boost by Reason
Optional.Tuto4PC.H
188838

Comodo Security
ApplicUnwnt
16432

Emsisoft Anti-Malware
Application.Generic.408133
8.13.11.26.06

ESET NOD32
Win32/Adware.EoRezo.AC (variant)
7.8450

Fortinet FortiGate
Riskware/EoRezo
11/26/2013

F-Secure
Application.Generic.408133
11.2013-26-11_3

G Data
Application.Generic.408133
13.11.22

IKARUS anti.virus
Win32.SuspectCrc
t3scan.2.0.3.0

Malwarebytes
Adware.Eorezo
v2013.11.26.06

Microsoft Security Essentials
Adware:Win32/EoRezo
1.163.1557.0

MicroWorld eScan
Application.Generic.408133
14.0.0.990

Panda Antivirus
Suspicious file
13.11.26.06

Reason Heuristics
PUP.Installer.Tuto4PC.H
14.8.8.3

SUPERAntiSpyware
Adware.Eorezo
10887

Trend Micro House Call
TROJ_GEN.F47V0613
7.2.330

VIPRE Antivirus
Trojan.Win32.Generic
18718

File size:
2.1 MB (2,233,752 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Eorezo Downloader (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\tuto4pc.exe

Digital Signature
Signed by:
Tuto4PC.com

Authority:
GlobalSign nv-sa

Valid from:
10/27/2011 8:26:43 AM

Valid to:
10/27/2013 8:26:43 AM

Subject:
CN=Tuto4PC.com, O=Tuto4PC.com, L=Paris, S=Ile-de-france, C=FR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11217A044D9875AB5200314888C39C5486EF

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:g9DtOrn3tjrgX6mS+gGrdhyXPU1yb9xNp1Ucpxg5C:qDtOxgXJSzyEPU1yzN7

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.9949

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file tuto4pc.exe has been seen being distributed by the following URL.

http://dlfr.tuto4pc.com/clib/tuto4pc/fr//.../tuto4pc.exe

Remove tuto4pc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.