http://www.cso.com.au/article/409633/cnet_de-trojans_nmap_outrage_continues/

Once upon a time when unicorns ran free Download.com offered a service at face value - but it changed. Note that if your app is not open-source then it will still continue to be bundled with malware for the unwary or ignorant.

http://download.cnet.com/8301-2007_4-57338809-12/a-note-from-sean-regarding-the-download.com-installer/

More:

http://nakedsecurity.sophos.com/2011/12/06/popular-security-tool-nmap-at-the-middle-of-a-security-brouhaha/

I recently downloaded an app from CNet and later found another/better source that wasn't fucked with.

It was named something like:

CNet_appname_exe.exe and had a funny icon. It was the same file size as the other program I eventually found & downloaded from another source.

Fudging the filesize was mentioned elsewhere. Who would care apart form the guy who supplied the original?

...oh, wait....

At least they have re-enabled the direct download link for non-registered users so that those people who understand the difference can avoid the wrapper.

I still think it's distasteful to pray on the ignorance of users, as all these wrappers and toolbars do, but that is how they get paid.

Someone should write an unwrapper and/or build it into AV.

I wonder how hard that would be.

AV software should just warn you that download.com distributes malware.