Should I block it?

90%
90% of PCs block this file from running.
Possible reason:
Multiple malware detections

Relationships

Parent process
Related files

tuto4pc_pl_1.exe

By Tuto4PC.com (Signed)

Remove tuto4pc_pl_1.exe
MD5:   ad2b0948533b2057dcfdb9bddc949c88
SHA1:   d9c0757491e8d3ec418112d43c499d97eb583048
SHA256:   1534c67c67d7eb53dc25f5902b4749f15892f9aeba0d7f48c4fe197604dbd8a3
Warning 5 antivirus scanners has detected malware.

Overview

tuto4pc_pl_1.exe is malware that executes as a process with the local user's privileges typically within the context of its parent ucammonitor.exe (MgiSvr by ArcSoft). It is set to be start when the PC boots and any user logs into Windows (added to the Run registry key for the all users under the local machine). This is typically installed with the program Tuto4pc published by Tuto4pc and is most likely removed by most users once installed (82% removed). This particular version is usually found on Windows 7 Home Premium (6.1.7601.65536).

DetailsDetails

File name:tuto4pc_pl_1.exe
Typical file path:C:\Program Files\tuto4pc\tuto4pc_pl_1.exe
Size:3.68 MB (3,854,696 bytes)
Certificate
Issued to:Tuto4PC.com
Authority (CA):GlobalSign nv-sa
Effective date:Thursday, October 27, 2011
Expiration date:Sunday, October 27, 2013
Digital DNA
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
Tuto4pc
  82% remove
This is an adware web browser extension that will display various popup and banner ads as well as modify the user's web browser search and home page settings. In some cases, the program will monitor a user's behavior and will inject rival advertisements over existing one or just inject new ones all together.

BehaviorsBehaviors

Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'Tutorials' → "C:\Program Files\TUTO4PC\tuto4pc_pl_1.exe"

MalwareMalware detections

Based on 40+ industry antivirus scanners, 5 of them detected the following malware.
Antivirus engineEngine versionDetection
avast! 6.0.1289.0 Win32:Eorezo-BL [PUP]
Comodo Internet Security 16287 UnclassifiedMalware
Emsisoft Anti-Malware 3.0.0.575 Adware.Win32.EoRezo.AMN (A)
eSafe 7.0.17.0 Win32.Trojan
ESET NOD32 7.8352 a variant of Win32/Adware.EoRezo.AO

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00016747%
0.028634%
Kernel CPU:0.00007160%
0.013761%
User CPU:0.00009587%
0.014873%
Kernel CPU time:41,496,266 ms/min
100,923,805ms/min
Memory
Private memory:7.57 MB
21.59 MB
Private (maximum):9.02 MB
Private (minimum):424 KB
Non-paged memory:7.57 MB
21.59 MB
Virtual memory:104.51 MB
140.96 MB
Virtual memory (peak):120.84 MB
169.69 MB
Working set:2.97 MB
18.61 MB
Working set (peak):14.05 MB
37.95 MB
Page faults:595,785/min
2,039/min
Resource allocations
Threads:9
12
Handles:175
600
GUI GDI count:32
103
GUI GDI peak:34
142
GUI USER count:1
49
GUI USER peak:4
71

BehaviorsProcess properties

Integrety level:Undefined
Platform:64-bit
Command line:"C:\Program Files\tuto4pc\tuto4pc_pl_1.exe"
Owner:User
Parent process:ucammonitor.exe (MgiSvr by ArcSoft)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 100.00%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE