home

clickpotatoinstaller.exe

Blinkx

The application clickpotatoinstaller.exe by Blinkx has been detected as adware by 30 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software.
Publisher:
Blinkx  (signed and verified)

Description:
Installer

Version:
2.0.113.0

MD5:
a4ab63e03abddf2b8f177acd9356e3fb

SHA-1:
dda2547ef127574dd0ec066933ec02f48ac7b35d

SHA-256:
c6ada74e0d28e2d377ad9b0086f83af6018eebb3d58daa37a1e835a214c4f8f8

Scanner detections:
30 / 68

Status:
Adware

Analysis date:
4/19/2024 11:37:15 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Hotbar.1
922

Agnitum Outpost
Adware.Rugo.Gen.5
7.1.1

AhnLab V3 Security
Adware/Win32.Hotbar
2014.07.28

Avira AntiVirus
TR/Spy.Gen4
7.11.30.172

avast!
Zango-AG [PUP]
140617-1

AVG
Adware Skodna.Generic_r.AL
2014.0.3986

Bitdefender
Gen:Variant.Adware.Hotbar.1
1.0.20.1040

Bkav FE
W32.HotBarAI.Adware
1.3.0.4959

Clam AntiVirus
Adware.Zango-18
0.98/19185

Comodo Security
ApplicUnwnt.Win32.Hotbar.~E
18995

Dr.Web
Adware.Hotbar.401
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Adware.Hotbar
8.14.07.27.07

ESET NOD32
Win32/Adware.HotBar.G application
7.0.302.0

Fortinet FortiGate
Adware/Hotbar
7/27/2014

F-Prot
W32/HotBar.K.gen
4.6.5.141

F-Secure
Gen:Variant.Adware.Hotbar.2
11.2014-27-07_1

G Data
Gen:Variant.Adware.Hotbar
14.7.24

IKARUS anti.virus
AdWare.Hotbar
t3scan.1.6.1.0

Kaspersky
not-a-virus:WebToolbar.Win32.Zango
15.0.0.494

McAfee
Adware-HotBar.b
5600.7056

Microsoft Security Essentials
Threat.Undefined
1.179.1221.0

MicroWorld eScan
Gen:Variant.Adware.Hotbar.2
15.0.0.624

NANO AntiVirus
Trojan.Win32.Hotbar.ctkpat
0.28.2.60990

Qihoo 360 Security
Malware.QVM11.Gen
1.0.0.1015

Quick Heal
Win32.Adware.Hotbar.4
7.14.14.00

Reason Heuristics
PUP.Installer.Blinkx.U
14.12.11.23

Sophos
Hotbar-Installer
4.98

Total Defense
Win32/Zango.B!Adware
37.0.11084

Vba32 AntiVirus
AdWare.HotBar
3.12.26.3

VIPRE Antivirus
Threat.4740961
31208

File size:
159.6 KB (163,400 bytes)

Product version:
2.0.113.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\clickpotatoinstaller.exe

Digital Signature
Signed by:
Blinkx

Authority:
VeriSign, Inc.

Valid from:
5/13/2008 8:00:00 PM

Valid to:
5/14/2011 7:59:59 PM

Subject:
CN=Blinkx, OU=Blinkx, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Blinkx, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5A782BE720091AA3168A3D042724408F

File PE Metadata
Compilation timestamp:
2/17/2010 5:01:04 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:cuwPFjT83BfX9sq80r22jmouL/++CNwmCjMxpIWa+3z2cQjBq9xPN1R2m/CWQ1:cuujUZuIrtOc/C6j36NjBQFum/A

Entry address:
0x5EC30

Entry point:
60, BE, 00, A0, 43, 00, 8D, BE, 00, 70, FC, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Entropy:
7.8599

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
148 KB (151,552 bytes)

Remove clickpotatoinstaller.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.