On 07/12/2011 10:09, ~BD~ wrote:
> Nemo wrote:
>> On 07/12/2011 05:38, G. Morgan wrote:
>>> Virus Guy wrote:
>>>
>>>> Meanwhile Graham Cluley, security expert and blogger for Sophos in the
>>>> UK, expressed his surprise on Twitter, saying, "What on earth is CNET
>>>> playing at wrapping downloads (VLC, Nmap, etc) with a cruddy toolbar?"
>>>
>>> I broke this story months ago and provided a homemade video on how to
>>> get around it. The AV companies and software distributors are just now
>>> acknowledging it?
>>>
>> I've just checked a few trial downloads and can't see any evidence of
>> the wrapper. I wonder if Cnet has pulled it from its site, or maybe it
>> is selective in some way - I'm using Win7/IE9 and based in the UK.
>>
>> Could others report on their experiences?
>> (obviously, don't let the installer run fully if the wrapper is evident)
>
>
> Have you read here, Nemo?
>
> http://krebsonsecurity.com/2011/12/d...lbars-trojans/
>
> HTH
Thanks. I have now read that report as well. Please be clear that I am
not questioning the veracity of such reports, but I still cannot account
for why I am not being affected by it. I've checked 2 cited examples
(nmap, winrar). In each case the download is from
software-files-a.cnet.com and is the unadulterated installer. The Nmap
downloaded file is nmap-5.51-setup.exe which executes normally for me,
not as reported by others.

I am not a "registered user" of CNET's site. So I still wonder why the
different behaviour?