Download.com not so safe.

Well I was always under the impression that http://www.download.com was 100% safe, and I thought that checked those files before adding them to the website.

I downloaded a SQL Injection scanner, To try and protect myself ( seeing if my site had any security issues)

After download AVG and my other AV picked up 3 trojans and 1 keylogger. Now I was shocked at this becuase I really did think the site was safe.

Do you think there is any point in emailing them if I have proof of the spyware and trojans? and also the file that is effected?

As anyone else had issues like this with download.com?

I'm glad you mentioned that because I ran across a site that claims to scan other sites for safety and I entered download.com into it. It said it was safe.

http://www.explabs.com/

They are also selling their software.

Maybe it's just me, but I would think that it would be logical to assume that a good virus scanner would see a SQL Injection scanner as a threat/risk. Having a bit of deja vu here. Could have sworn you posted something similar to this before.

That's a pretty good point ATNO.

I haven't used download.com in quite awhile now, but when I used to use it alot of the applications there were filled with crapware.

That was something slightly different. IP scanner from another source. But from download.com how could they justify a keylogger?

Penguin: download.com is part of cnet. Why don't you contact them and tell them what you have found? If you don't want to do it, then I will. Let me know.

arin-tech@cnet.com

My luck sucks on emailing people, Would you like me to give you the file name, And everything?

I'm going to point them to this thread, so go ahead and post it.

Link: http://www.download.com/3001-2181_4-103 ... d9b289f0fe

That should be correct if not I will look again.

Ok, I sent an email and I'll post the response when I get it.

Ok Thank you Don2007

Just for kicks and giggles, I downloaded it, scanned it with Symantec Enterprise, installed it, and ran it, and at no point did it pick up any virus or threat.

Since we're kind of (but not really) on the subject, what is the purpose of the hack safe label you see on so many sites?



Because I have read that those are foney and they aren't really tested daily. To the average person surfing the web, they do give a false sense of security, but for me it is kind of annoying. Anyone feel the same?

And I once read an article about some company that you could submit your open source code to and they would test it and approve it and you could display their little picture on your site. So one guy decided to probe them and see how good they really test submitted software. He sent them a plain jane text file with a single line in it that served absolutely no purpose. And wouldn't you believe it, they approved his "program".

This concludes my random thought.

I am positive I have the right file, Why would my AV show a trojan / keylogger?