Smokey's Security Weblog

veritas odium parit

CNET’s download.com offer rogue Anti-Spyware for download

Surprising to me, and probably with me most blog readers, is the fact that CNET’s download.com, property of CBS Interactive, offer rogue/malicious programs for download.

Regular blog visitors will remember the two articles I wrote past week about Intelinet Internet Security of well-known scammer Cashier Myricks, a malicious program advertised as  “Award Winning Spyware Remover” and “acknowledgements of the software by security experts”.

In the meanwhile it should be clear to everyone that Intelinet Internet Security is a rogue Anti-Spyware Program and therefore have to be rated as Malware. It is very surprising that CNET “apparently” isn’t informed about that piece of malware and stick determined to the download offer. I write “apparently” because I am informed that CNET is warned by several readers that the program is malicious, besides I informed today CNET’s Editor in Chief Scott Ard via an email. An so called “return to sender email”…

Well, I have now some curious questions to CNET:

1. Are all available downloads approved before download release?
2. If the answer is no, how will be guaranteed that all downloads are trustable?
3. Is there a CNET QA Department, and, if yes, what are the efforts of that department to keep the download archive clean?

The fact that CNET still offer Intelinet Internet Security for download let raise another question: how many other malicious programs are offered by CNET? Till we have a satisfying elucidation from CNET I can only advise: to protect your PC and all data on it, don’t download anything from their download archive. The software can be contaminated.

In case CNET need a review of my recent Intelinet Internet Security articles, here you go:

https://smokeys.wordpress.com/2008/12/27/intelinet-internet-security-rated-by-the-dslr-base-as-being-crapware/
https://smokeys.wordpress.com/2008/12/29/intelinet-internet-security-now-provided-with-the-malware-label/

Advertisements

December 31, 2008 - Posted by | Advisories, Alerts, Bundleware, Downloads, Friends, Malware, News, Recommended External Security Related Links | , , , , , , , , , ,

5 Comments »

  1. Seems the installer is being picked up by the following vendors……
    AntiVir: DR/Fraud.Agent.DX.1
    Comodo: ApplicUnwnt.Win32.FraudTool.Agent.dx
    F-Secure: FraudTool.Win32.Agent.dx
    Fortinet: Misc/Agent
    K7AntiVirus: not-a-virus:FraudTool.Win32.Agent.dx
    Kaspersky: not-a-virus:FraudTool.Win32.Agent.dx
    Norman: Fakealert.AZS
    SecureWeb-Gateway: Trojan.Dropper.Fraud.Agent.DX.1
    Sophos: Troj/FakeVir-IQ
    ViRobot: Adware.Agent.R.2515312

    Surely this is a good enough reason not to host such software!!

    Comment by Starbuck | January 1, 2009 | Reply

  2. CNET clean up your act, offering malware is not done!!!

    Comment by Rixos | January 1, 2009 | Reply

  3. […] * 2008-12-31: File Intelinet reopened for reason of the CNET/download.com refusal to remove this as … […]

    Pingback by Intelinet Internet Security now provided with the Malware label « Smokey’s Security Weblog | January 2, 2009 | Reply

  4. That’s crazy man. I’ve heard a few friends complaining about CNET and rogue software but never thought it was this serious until I read your post. Good on ya for the eye opening facts!

    Comment by Kendrick | March 1, 2009 | Reply

  5. Thanks so much for the heads-up on CNet. It’s a shame though, a real shame – thought CNet was THE safe place to go for free-ware. Oh well – money’s the game as usual – just to turn a blind-eye. Is there another provider of free software that anyone can recommend?

    Comment by Dennis | September 6, 2011 | Reply


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: