home

cnet_techtracker_2_setup.exe

CNET TechTracker

CBS Interactive

The application cnet_techtracker_2_setup.exe, “CNET TechTracker Installer” by CBS Interactive has been detected as a potentially unwanted program by 9 anti-malware scanners. The program is a setup application that uses the DownloadCom Spot Install installer. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. The file has been seen being downloaded from download2100.mediafire.com.
Publisher:
CBS Interactive  (signed and verified)

Product:
CNET TechTracker

Description:
CNET TechTracker Installer

Version:
2.0.0.46

MD5:
aca40d7744a6af35a4e18443f3986c83

SHA-1:
9e350f248775283baa8fb08d02402d624c4d0a73

SHA-256:
da1ae5e05fa78e0eed369df42432dd89414dd867646d29ec88dcac568df2f5cb

Scanner detections:
9 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/25/2024 5:01:46 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.Win32.OpenCandy
4.0.3.14519

ESET NOD32
Win32/OpenCandy
8.9669

Fortinet FortiGate
Adware/OpenCandy
5/19/2014

Malwarebytes
PUP.Optional.OpenCandy
v2014.05.19.06

Quick Heal
Adware.OpenCandy (Not a Virus)
5.14.12.00

Reason Heuristics
Bundler.PPI.CBSInteractive.Y
14.8.1.0

Sophos
OpenCandy
4.98

VIPRE Antivirus
Opencandy
28196

ViRobot
Backdoor.Win32.A.Ceckno.3991192
2011.4.7.4223

File size:
3.8 MB (3,991,192 bytes)

Product version:
2.0.0 Build (46)

Copyright:
Copyright (C) 2010

File type:
Executable application (Win32 EXE)

Bundler/Installer:
DownloadCom Spot Install (using Nullsoft Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\cnet_techtracker_2_setup.exe

Digital Signature
Signed by:
CBS Interactive

Authority:
VeriSign, Inc.

Valid from:
7/24/2009 2:00:00 AM

Valid to:
7/25/2011 1:59:59 AM

Subject:
CN=CBS Interactive, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=CBS Interactive, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5BD0BBF0908ABA158E3FF8AACEA4CD92

File PE Metadata
Compilation timestamp:
6/6/2009 11:41:54 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:UyvK7RAw/UXYY80MC179xqhoiXvMKRqcMqzVeBk/we:fK7RAGO80N1rqqi/MK0cDAe/we

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file cnet_techtracker_2_setup.exe has been seen being distributed by the following URL.

http://download2100.mediafire.com/wzxj4e7uye2g/.../CNET_TechTracker_2_Setup.exe

Remove cnet_techtracker_2_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.