Cnet.download.com in the past did a good job to distribute freeware to acquire public and the reputation of a trusted side

then started to modify the installers of the program that distribute, to embed adware , spyware, and browser hijacker (against the will of the developers of the programs that denunced the pratice.... a quick google search will give more detail )

Anyway that malware was mainly a disturbance but was not very dangerous , BUT NOW it embed also really dangerous malware as the Claro toolbar that will redirect all search on dangerous phishing sites and even filter the search of the other search engine, again to redirect to phishing sites

Claro is not only dangerous but also very difficult to eliminate ...it took me 2 days of fighting to get rid of it and still there is some problem left that i could solve only with the help of the mozilla forum http://forums.mozillazine.org/viewtopic ... &t=2626967

And please note that claro infect not only the default browser but all the browser, i fixed firefox but Google Crome and IE are still sort of infected:
the virus is removed but its misfits are hard to fix


BTW in theory you have a option to use the download.com installers without installing also the malware , but in pratice a moment of distration is sufficent to get infected, and of infection very difficult to heal

And the escalation is impressive now download.com is not more only embedding "normal" adware and spyware as before crazy exacalation started to distribute very nasty virus and malware as claro

Note that claro virus is continuosly evolving so the instructions on how to remove need to be continuosly updated , most of the how to remove what you will found on the net is not more valid

As from antivirus most will not detect it or will only apparently eliminate the treath, but the virus will resurrect at each computer restart

There are much other safe download sites (i.e beta news, filehyppo,) so no reason to risk on download.com...

On a shared computer i will heartly suggest to put the Cnet.download.com URL in the firewall blacklist because it is spreding really dangerous malware

Take care !

PS actually cnet.download.com is also distributing GIMP

In the case of GIMP apparently they didn't embed the malware maybe only because they have a good lawyer:
if is forbidden include something as PSPI in gimp because PSPI is not respecting fully GPL license, it should be even more forbidden include closed source malware in its installer
BUT are legal trick to allow it, and antivirus and spywareprogram will not spot their malware till not installed, and then will be too late to remove without pain

so i will avoid the risk to use their gimp installer, even if in this case is apparently clean

Thanks!!!

Although I'm Linux user I just noticed this in Gimp.Org.Es. for Win users and general knowledge.

I... kinda thought this was old news? I remember hearing about this a year ago or so. If they're still doing it... why isn't anyone suing them?

Anyway, I can't see what possible motive CNet would have for embedding malware in installers, other than maybe large software companies are paying them to smear the reputation of free programs... (where's my tinfoil hat)

I'm using it though.

I've downloaded things on Cnet, and there always seems to be all kinds of derp packaged with my downloads. I've made it a point to very carefully click through the custom install process, lest I sign my soul over to headless zombie nuns for experimentation or worse.

Thanks for the warning, PhotoComix. Sheesh, and I thought CNET was a reliable and safe place to download from.

The fact that cnet.download.com modify the installers to include adware is not a new, but we are no more talking of barely legal even if disturbing adware and spyware

It was a impressive escalation, now they get to the point to include Babylon , and much worse Claro that are really nasty and dangerous internet browser hjacker.

I downloaded tons programs from everywhere without never get a virus,but on cnet.download. com , even if i know the risk and i was careful just a second of distration was sufficent to get infected and in the most dangerous way :

luckily i use also linux so when i had the doubt that not only the Claro search itself was a phishing attempt that but also all the other search engine installed (google, yahoo, bing...)
were modified to redirect on phishing sites i could check it

And yes the result for "remove Claro toolbar", done with google and yahoo in Windows (infected by the claro virus included in a cnet installer,) were very different from the result of the same search done from my linux partition just few minutes after (just the time to restart the computer)

only few pages were similar, similar but with the addition of links for commercial programs (but i doubt that the link were for the autentic commercial programs) to remove the Claro malware, links that were not in the (apparently same page) if opened from a not infected OS

PS here i am not talking of the links added by google ads on top of each search, but the result of the search

PS



Money ...just money..what else ?
it is not a secret they admit openly (on their own site, even if in almost hidden pages) to modify the installers

The problem now may be that the rensponsable of fishing sites could afford to offer much more money respect to the distributor of less dangerous adware

A successfull phishing attack may even get the result to empty somebody bank account, it seems hard earning the same dealing adware.

I never use cnet anymore because they insult my intelligence by including that junk, this new malware thing is new though and I'll pass it along. Thanks.

Most irritating i did know well that they embed adware and similar junk in their installers, but all the other link were dead so i ended up there also because they don't force to install that junk, be really careful and reading well it is possible refuse the installation of the extra junk...

And then a parent jumped in my room to start some argument and for a moment i go distracted i already had successfully avoided a couple of toolbars and messagers and so overthinking i clicked automatically to proced ...i noticed immediatly what i have done but was no more oossible stop the installer...damn !

Neverthless i was not too worried, i was thinking to have just to unistall a new Ask or Vuze ,or whatever toolbar, or to clean up tracking cookies from some adware not to have to fight for 2 days with such nasty malware

I use to like CNET in the old yellow, red and then green days (1990's early 2000's), things started really going downhill when CBS interactive got involved. Here's an interesting article on the download issue,
Popular network tool Nmap in CNET security brouhaha

The CNET forum use to be good as well, but now it's full of partisan know-it-all's.

Thanks for this reminder, a while ago, I stumbled upon a gizmo article dealing with cnet policy: https://www.techsupportalert.com/conten ... taller.htm

Now that you made me remember they earned my WOT red flag, and they deserve more because overall site is still green.

Thank you Photocomix for this critical information.
Unfortunately more and more specialized websites behaves like that.
The French equivalent of Cnet.com, long regarded as a reference, 01Net.com is regularly singled out since 2 years because it allows to install viruses, adware among users without their knowledge.
What is terrible is that most users are trapped because they are accustomed to using these websites that were considered reliable and trustworthy, so when users experience a problem with their PC (Virus, toolbar, etc.. ..) they accuses the software and not the download website which has caused the problem.
Many publishers require that installers be deleted and that links sends users directly to publishers' sites, which is made only to calm the angry comments of users with viruses.

But there is now a new trick for snare users, it's to provide tutorials on the softwares with an installer, the user believe get help on new software will be downloaded at the same time that the software, but after installing of this couple, the user will discover one or more unwanted programs and they will necessarily blamed the software and not the tutorial.
I found this practice yesterday because my colleague have infected her profesionnal PC and reproached me for having recommended to use GIMP, I also saw comments Gimp users on the site who accuse him 01.Net install virus while downloading be on Sourceforge.

Yes, there are still many good sites FileHippo, http://www.nonags.com/ , and many others

A simple way to spot the best:
the best offer a service to the delopers (hosting and promoting the programs ) and to the users (filtering out the junk ) and so have no reason to hide the link for the product developer site,the link will be will be very visible in the presentation

The others can't omit to give that link without violating the law but they will try to make the link the most hard to find and would take care to make it totally invisible at a first glance.,may be needed 3 or 4 passagges to get it

I like browse those sites and others as , but i use mostly to find the link for the author page of the most intersting
i like check there before download , just in case of newer version , patch ,or user guide
and most of time i downlad from the mirror suggested by the author in his page

The activity of now malicious sites as Cnet and 01Net damage others that not only would never add malware, but on the contrary carefully filter out anything containing adware, spyware,
nagware, malware and so on...

EDIT

oppss it was not majorjeek but another site offering only freeware (no trialware ,no shareware
no "lite" or limited version of commercial SW...only real freeware ) but now i can't remember the name

PS
instead i like much how http://www.nonags.com/ present the freeware

as example ( from http://www.nonags.com/nonags/desktop.ht ... sktop.html )
SCROLL to the bottom of the quote



the bold is mine but that is a correct information, and is not about junk added by the freeware site but already present, and a good site take care to include a warning..

NoNags is an old favorite, I don't use it too often anymore though. My current favorites that I trust are, FileHippo, MajorGeeks and Softpedia.

yes but majorjeek at first glance mix freeware trialware, shareware and so on,

Sure should be possible put a filter for "only freware " ...

I agree on Filehippo and Softpedia....well if i remember well Softpedia require 1 extra click to get the url for the Developer or project page , but only 1 is venial, it is not hidden even if would be better accessible at first glance.

I really don't like Cnet and other such sites. I've never trusted them.