I don't know if this is the right forum but then again I'm talking about malware so it should be.
Just yesterday I downloaded some addons from ryanvm's site. The addons consisted of the following: Ad-aware95, Teamviewer, Firefox 6.02 & Firefox 7.0b6
I didn't think there were any problems because they got a good rating by Norton (no pop ups telling me that was a hidden virus etc or other concerns). So, of course I thought that everything was okay. Let me clarify I sometimes use a Sandboxed browser when I download and surf when I'm unsure about various websites or downloads. Some might say don't go to those bad websites and you don't have to worry about any viruses etc. right? Wrong. The problem is that some of the websites that you would never think have viruses do. Think back about those times you downloaded something from or visited a favorite and trusted website and the next thing you know and out of the blue your computer is acting up and you discover that you have a virus.
Well, as I said earlier I was very happy to find those addons on ryanvm's website and was looking forward to adding them to my new slipstreamed Windows XP Pro disc compilation. However, after dealing with a recent infection I tend to be cautious and so I decided to test my new addons via a Sandboxed environment. It's a good thing I did otherwise I could have had some problems down the road.
All of the above mentioned were flagged by Ad-aware as being infected with something called Trojan.win32.Generic.pak!cobra. I don't know what that is but I wasn't willing to take chances. Well, needless to say I was totally disgusted, I mean just imagine if I had integrated those addons into my slipstreamed Windows XP Pro disc. I would have been wondering why I kept getting infections although I was being super careful and then maybe reformating and have the same issue happen again and again. Thus, never realizing that the culprit was the slipstreamed OS disc itself.
I am in no way trying to defame ryanvm.com or any of the other persons that contribute to that site. As a matter of fact I think the culprit as far as the infected addons is due to the website were the addons were created which is http://www.isoft-online.com/ which is an SFX online creation site. That website has a very bad reputation from WOT and maybe from Norton too but unfortunately since upgrading to the new Firefox browser my Norton tools don't work within the browser.
I just want people to be VERY cautious and test their downloads in a controlled environment like Sandboxie etc. otherwise you could live to regret it over and over and over again. I for one will continue to test any and all addons that I haven't made myself. As for everyone else please use your own judgement.
P.S. The Firefox addon v716 maker had something called a Trojan dropper so now I'm back at the drawing board.(don't have pics as I was so digusted yet again that I deleted everything).
Just in case someone is interested in using SFXMaker 1.2 I found this
Edited by lapetite66, 24 September 2011 - 12:53 PM.