Download.com not so safe.

  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

Well I was always under the impression that http://www.download.com was 100% safe, and I thought that checked those files before adding them to the website.

I downloaded a SQL Injection scanner, To try and protect myself ( seeing if my site had any security issues)

After download AVG and my other AV picked up 3 trojans and 1 keylogger. Now I was shocked at this becuase I really did think the site was safe.

Do you think there is any point in emailing them if I have proof of the spyware and trojans? and also the file that is effected?

As anyone else had issues like this with download.com?
  • Don2007
  • Web Master
  • Web Master
  • Don2007
  • Posts: 4923
  • Loc: NY

Post 3+ Months Ago

I'm glad you mentioned that because I ran across a site that claims to scan other sites for safety and I entered download.com into it. It said it was safe.

http://www.explabs.com/

They are also selling their software.
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23458
  • Loc: Woodbridge VA

Post 3+ Months Ago

Maybe it's just me, but I would think that it would be logical to assume that a good virus scanner would see a SQL Injection scanner as a threat/risk. Having a bit of deja vu here. Could have sworn you posted something similar to this before.
  • joebert
  • Fart Bubbles
  • Genius
  • User avatar
  • Posts: 13504
  • Loc: Florida

Post 3+ Months Ago

That's a pretty good point ATNO.

I haven't used download.com in quite awhile now, but when I used to use it alot of the applications there were filled with crapware.
  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

ATNO/TW wrote:
Maybe it's just me, but I would think that it would be logical to assume that a good virus scanner would see a SQL Injection scanner as a threat/risk. Having a bit of deja vu here. Could have sworn you posted something similar to this before.


That was something slightly different. IP scanner from another source. But from download.com how could they justify a keylogger?
  • Don2007
  • Web Master
  • Web Master
  • Don2007
  • Posts: 4923
  • Loc: NY

Post 3+ Months Ago

Penguin: download.com is part of cnet. Why don't you contact them and tell them what you have found? If you don't want to do it, then I will. Let me know.

arin-tech@cnet.com
  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

My luck sucks on emailing people, Would you like me to give you the file name, And everything?
  • Don2007
  • Web Master
  • Web Master
  • Don2007
  • Posts: 4923
  • Loc: NY

Post 3+ Months Ago

I'm going to point them to this thread, so go ahead and post it.
  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

Link: http://www.download.com/3001-2181_4-103 ... d9b289f0fe
  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

That should be correct if not I will look again.
  • Don2007
  • Web Master
  • Web Master
  • Don2007
  • Posts: 4923
  • Loc: NY

Post 3+ Months Ago

Ok, I sent an email and I'll post the response when I get it.
  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

Ok Thank you Don2007 :P
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23458
  • Loc: Woodbridge VA

Post 3+ Months Ago

Just for kicks and giggles, I downloaded it, scanned it with Symantec Enterprise, installed it, and ran it, and at no point did it pick up any virus or threat.
  • kc0tma
  • o|||||||o
  • Web Master
  • User avatar
  • Posts: 3318
  • Loc: Trout Creek, MT

Post 3+ Months Ago

Since we're kind of (but not really) on the subject, what is the purpose of the hack safe label you see on so many sites?

Image

Because I have read that those are foney and they aren't really tested daily. To the average person surfing the web, they do give a false sense of security, but for me it is kind of annoying. Anyone feel the same?

And I once read an article about some company that you could submit your open source code to and they would test it and approve it and you could display their little picture on your site. So one guy decided to probe them and see how good they really test submitted software. He sent them a plain jane text file with a single line in it that served absolutely no purpose. And wouldn't you believe it, they approved his "program".

This concludes my random thought.
  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

ATNO/TW wrote:
Just for kicks and giggles, I downloaded it, scanned it with Symantec Enterprise, installed it, and ran it, and at no point did it pick up any virus or threat.


I am positive I have the right file, Why would my AV show a trojan / keylogger?
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23458
  • Loc: Woodbridge VA

Post 3+ Months Ago

Did this happen when you installed the evaluation software, or when you tried to use it on something? If it happened when you were trying to scan one or more of your files, then it may have been perceived as a threat. I installed it and ran the executable, but I did not install it on a computer with any web files or web server to test that aspect.
  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

I got this when I did a virus scan. It does this when I download anything. Thats when I got the errors.

But more than one picked it up.
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23458
  • Loc: Woodbridge VA

Post 3+ Months Ago

Just out of curiosity what are you using for a download manager?
  • Pauls
  • Newbie
  • Newbie
  • Pauls
  • Posts: 5

Post 3+ Months Ago

I am aswell getting alot of trojans of download.com in the last cople of weeks but i have used download.com for a while before and it has not done it before so i have no idea what is going on about it.
  • penguin
  • Flying penguins
  • Banned
  • User avatar
  • Posts: 1647
  • Loc: Behind you !

Post 3+ Months Ago

ATNO/TW wrote:
Just out of curiosity what are you using for a download manager?


Well my downloads are used Via Winrar is that what you mean :?:
  • neksus
  • Mastermind
  • Mastermind
  • User avatar
  • Posts: 2193
  • Loc: Canada

Post 3+ Months Ago

Download manager would be something like Getright, downThemAll! or the built in downloads protocols in IE/Firefox.

WinRar is an archival tool :)
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23458
  • Loc: Woodbridge VA

Post 3+ Months Ago

Well, bottom line is, I've been using download.com for nearly as long as I've been on the internet and never once downloaded anything that contained a security risk. So I'm thinking there has to be an outside factor.
  • Don2007
  • Web Master
  • Web Master
  • Don2007
  • Posts: 4923
  • Loc: NY

Post 3+ Months Ago

I wonder if that outside factor maybe a hijacked connection, DNS poisoning, for example.

I emailed the tech contact at cnet, the owners of download.com and have not received an answer yet.

Post Information

  • Total Posts in this topic: 23 posts
  • Users browsing this forum: No registered users and 53 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.