home

CEInstaller.exe

CE Installer

Lake Ventures LLC

This adware bundler is distributed through Adknowledge's advertising supported software managers. The application CEInstaller.exe by Lake Ventures has been detected as adware by 10 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer.
Publisher:
Lake Ventures LLC  (signed and verified)

Product:
CE Installer

Version:
2.0

MD5:
272dfd924580d95e7e6c998a23fce53d

SHA-1:
5718ee59d671619083599ab6ca376a61bb08d498

SHA-256:
3bd7e426f5acdfa842a3ebdf1a3acfc39f9b446bef2ce148149650b9ae965fef

Scanner detections:
10 / 68

Status:
Adware

Explanation:
This installer bundles various adware prorgams that may include toolbars and web browser advertising injectors/extensions.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/26/2024 6:40:52 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.MSIL.iBryte
4.0.3.141030

ESET NOD32
MSIL/Adware.iBryte (variant)
8.10620

IKARUS anti.virus
PUA.Downloader
t3scan.1.7.8.0

Malwarebytes
PUP.Optional.ContentExplorer.A
v2014.10.30.08

McAfee
Artemis!657A381EA1C9
5600.6961

NANO AntiVirus
Trojan.Win32.CCM.cwxrgd
0.28.0.59608

Reason Heuristics
PUP.Installer.LakeVentures.L
14.10.30.20

Sophos
Generic PUA AJ
4.98

Trend Micro House Call
Suspicious_GEN.F47V0824
7.2.303

VIPRE Antivirus
Adware.ContentExplorer
34252

File size:
146.7 KB (150,256 bytes)

Product version:
2.0

Copyright:
Copyright © 2013

Original file name:
CEInstaller.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Adknowledge Fusion

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\content.ie5\p7sbmhch\ceinstaller.exe

Digital Signature
Signed by:
Lake Ventures LLC

Authority:
GoDaddy.com, Inc.

Valid from:
12/17/2013 2:22:44 PM

Valid to:
12/17/2014 2:22:44 PM

Subject:
CN=Lake Ventures LLC, O=Lake Ventures LLC, L=Aliso Viejo, S=California, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B14BBCA37F140

File PE Metadata
Compilation timestamp:
8/1/2014 11:01:07 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:HzezKk16ZjTwkZ4G7cDnvlvWj58nPbS8XQnLH47LhMRwxtAbQPUeKEjVUtVEqkgq:T/JT34BD08l0j47LhQkSbQ8FEBCEdgX6

Entry address:
0x2309A

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.2462

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
132.5 KB (135,680 bytes)

Remove CEInstaller.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.