home

ca_installer.exe

A.INOLOGIX LTD

The application ca_installer.exe by A.INOLOGIX has been detected as adware by 14 anti-malware scanners. This is the uninstaller utility registered in the Windows Control Panel for the program clickadvanced frameworks by clickadvanced frameworks. This file is typically installed with the program clickadvanced frameworks by A.INOLOGIX LTD which is a potentially unwanted software program.
Publisher:
A.INOLOGIX LTD  (signed and verified)

MD5:
e2b7b6a4212dd1db739a54dac3585a49

SHA-1:
c2b15a43b8ba91b0bc3eb3fc6b14b96ebb48db6b

SHA-256:
572fc87db4d557e3f645364df2d4bf92c2cf6a7d1a0380b6844060287de668dc

Scanner detections:
14 / 68

Status:
Adware

Analysis date:
4/23/2024 3:56:25 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.11834414
813

Bitdefender
Trojan.Generic.11834414
1.0.20.1585

Emsisoft Anti-Malware
Trojan.Generic.11834414
8.14.11.13.04

ESET NOD32
Win32/ClickAdvanced.B potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/ClickAdvanced
11/13/2014

F-Secure
Trojan.Generic.11834414
11.2014-13-11_5

G Data
Trojan.Generic.11834414
14.11.24

MicroWorld eScan
Trojan.Generic.11834414
15.0.0.951

NANO AntiVirus
Trojan.Win32.ClickAdvanced.dghvhb
0.28.2.62841

nProtect
Trojan.Generic.11834414
14.10.27.01

Reason Heuristics
PUP.AINOLOGIX.M
14.4.13.17

Trend Micro House Call
Suspicious_GEN.F47V1023
7.2.317

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.3

VIPRE Antivirus
Threat.4150696
34232

File size:
1.1 MB (1,196,640 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\clickadvanced frameworks\ca_installer.exe

Digital Signature
Signed by:
A.INOLOGIX LTD

Authority:
VeriSign, Inc.

Valid from:
5/26/2013 6:00:00 PM

Valid to:
5/27/2014 5:59:59 PM

Subject:
CN=A.INOLOGIX LTD, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=A.INOLOGIX LTD, L=TEL AVIV, S=TEL AVIV, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
18226E15269C07E837AB13520DDA83A1

File PE Metadata
Compilation timestamp:
9/30/2013 1:47:33 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:Nj6H6izhtag109I+wdqij8a21P5ZbGm+jm+htudZCp87bXFHIH+:pu6iz6s09I+wMfpPSpbkb7KH+

Entry address:
0x99223

Entry point:
E8, 26, EB, 00, 00, E9, 7F, FE, FF, FF, E8, C6, 7C, 00, 00, 8B, D0, 8B, 42, 6C, 3B, 05, 0C, FA, 4C, 00, 74, 10, 8B, 0D, D4, FA, 4C, 00, 85, 4A, 70, 75, 05, E8, AB, 7A, 00, 00, 8B, 40, 04, C3, E8, A0, 7C, 00, 00, 8B, D0, 8B, 42, 6C, 3B, 05, 0C, FA, 4C, 00, 74, 10, 8B, 0D, D4, FA, 4C, 00, 85, 4A, 70, 75, 05, E8, 85, 7A, 00, 00, 05, A0, 00, 00, 00, C3, E8, 78, 7C, 00, 00, 8B, D0, 8B, 42, 6C, 3B, 05, 0C, FA, 4C, 00, 74, 10, 8B, 0D, D4, FA, 4C, 00, 85, 4A, 70, 75, 05, E8, 5D, 7A, 00, 00, 8B, 40, 74, C3, 55, 8B...
 
[+]

Entropy:
6.9372

Code size:
722 KB (739,328 bytes)

Program Uninstaller
Program name:
clickadvanced frameworks

Display publisher:
clickadvanced frameworks

Uninstall string:
"C:\Program Files (x86)\clickadvanced frameworks\ca_installer.exe" /uninstall


The file ca_installer.exe has been discovered within the following program.

clickadvanced frameworks  by A.INOLOGIX LTD
ClickAdvanced is a potentially unwanted web browser extension that is ad-supported and will display various popup and banner ads as well as modify the user's web browser search and home page settings.
product_url.com
74% remove it
 
Powered by Should I Remove It?

Remove ca_installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.