The CNET Installer has been introduced to make downloading from CNET's Download.com safer, but in the process the installer offers one 'optional' download and install, often just a toolbar.
It is this installer offer that some anti-virus scanners find and report, but the offer can be refused and then the installer downloads the actual software file you have selected.
What is strange though is this. Members should have the option to directly download the software installer file, bypassing CNET's installer. That option should be a link within the green Download Now button, or just below it. But I don't see that direct download link for this software.
Perhaps you can see it.
Also strange, when I click the Download Now button, I go straight to the tb_free.exe file which is the Easus ToDo Backup installer itself. i don't even get the CNET installer file. The tb_free_exe is virus free.
I will report this anyway.
A few moments ago, I was downloading Easeus Disk Copy from http://download.cnet.com/Easeus-Todo-Backup-Free/3000-2242_4-10964460.html
ESET Smart Security 4 reported file "cnet2_EASEUS_Disk_Copy_exe.exe" to be a variant of Win32/InstallCore.D
My search on Google for "cnet2_EASEUS_Disk_Copy_exe.exe" and "cnet2_EASEUS_Disk_Copy_exe.exe Win32/InstallCore.D"
found zero results.
In addition, I tried to cancel the download, but it continued on into my machine, and I then received warning from ESET:
a variant of Win32/InstallCore.D petentially unwanted application
Event occurred on a file modified by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
Please submit this object to ESET for analysis."
I tried downloading again for more information, and this time, although I pressed the cancel button repeatedly, AND DID NOT PRESS THE SAVE BUTTON, the download would not cancel! Instead, the file barged onto my computer.
To top it off, when I tried to submit my warning in the review boxes for the software, the Submit button would not work.
I guess CNET is hacked.