[I know I'm probably not the first one to notice this, but I'd not seen mention of it anywhere else.]
I recently got a link from a coworker for TrueCrypt. For those who don't know what it is, it's a free whole-disk encryption program, and it looks pretty nifty. Anyway, the link I got was through CNET and offered a "secure download". This turns out to be a 3MB file.
When I tried to install the downloaded file, it kicked off a multi-step dialog sequence that assured me my download was/would be(?) secure, and recommended I add a sequence of toolbars and other media crap with pre-checked opts-in. After I passed this (i.e., unchecked these options), it "started the download", where it informed me that I needed to turn off my firewall/adjust my proxy-server before it could resume the download (i.e., for TrueCrypt).
So I cancelled the install and then went out and found the authentic download link (from truecrypt.org). It was roughly same size file, with none of the above crap-- it was just a regular install dialog with NO TOOLBARS.
I now understand why CNET was flagged for possible malware content by our upstream provider on several occasions, and am passing on the warning. CNET's download area gives the look and feel of sourceforge (here's your file, here's some info on why you should load it), but they're effectively putting their wrapper around a freeware product executable to promote their own services.
If this isn't illegal, it really should be (and sadly, I bet it isn't). Putting your ads on the webpage where one could download the program is one thing, but wrapping a freeware program in an executable that adds toolbars and media crap designed to put money in someone's pocket is the same thing as trying to collect money for it (i.e., sell it). Not to mention it can make the program inaccessible for its intended purposes, and that all this obscures the actual authors' polite request for donations for their hard work, plainly visible on their website.
Shame on you CNET.