Security → opera is not as secure

Wow is this true??? I don't frequent crack sites but every once in a while I come across some sites with Firefox that open windows asking to change your homepage and install plug-ins. Which I always close them with the X. Is there a link or place where I can find more information or these kind of atacks??? I always thought I was safe closing out those dialog boxes. I've been doing this for years and my PC is clean. I used to surf with McAfee as my AV, and I just recently started using NOD.
Thanks.

yes the last poster has a point there. What is nextime we receive a message prompt that does the same thing, by clicking on the X is that the best way to close out of the prompt?

the trojan names were Trojan.ByteVerify

»www.symantec.com/avcente ··· ify.html

Virtually ANY AV will kill that.
If Norton is too taxing on your system to run in Real Time, perhaps you should start shopping around for a new AV that can be run as Resident.

Many other AVs use less resources and some are even free.

Two things:

1. On popup windows, we used to be told click on the "X" in the upper right corner to close the windows. Except, on deceptive sites using exploits, the "X" is not really the close icon - they have fooled you with a deceptive graphic. If the arrow of your cursor turns into a hand it's a "live" link that will agree to a unknown download or send you to another website (or popup more windows). Use ALT-F4 to close pop-up windows.

2.Sometimes, found a trojan byte.verify are previously viewed webpages containing a malicious appelet in your Java cache (not the Java program itself). These are cached as webpages you view and if you are protected, just viewing them doesn't mean you are infected.

See further details here on what it's about and how to clear your Java cache when you see those:
Virus found in the Java™ Runtime Environment, Standard Edition (JRE) cache directory
»java.com/en/download/hel ··· irus.jsp

Here are the instructions on how to manually remove these malicious applets from the JRE cache directory:

1. From the Start button, click Settings > Control Panel
2. In the Control Panel, open the "Java Plug-in Control Panel"
3. Select the Cache Tab
4. Click the Clear button inside the Cache Tab, which will clear your JRE cache directory

For Later versions of Java:
In the Control Panel, select the Java icon.
Under the General tab at the bottom your will see a section: "Temporary Internet files"
choose *delete files* and then *ok*.
.................
Sometimes, these are found in the webpages viewed cache or Temporary Internet Files. To explain why your AV detects it see this example writeup at Computer Associates regarding generic detection of exploits in webpages:

»www3.ca.com/securityadvi ··· ID=38853

Look closely at the location of the files found. When you see that they are in your Temporary internet files folder (or, in the case of Firefox, your profile cache folder) this means that your antivirus program has generic detection of web pages which attempt to exploit a vulnerability in your browser.

quote:

---

This does not necessarily mean that a virus has been found. It merely means that HTML (or other) code was found which attempts to activate additional executable code without the user's express permission.

Note: this detection may be triggered by merely visiting a web page that contains malicious code. It does not necessarily mean your machine has been compromised, nor that your machine is vulnerable to this particular exploit.

If this exploit is being detected in the Temporary Internet Files directory, in order to remove unwanted files from your computer, you will have to remove all off-line content from your PC

The Temporary Internet Files (or cache) folder contains Web page content that is stored on your hard disk for quick viewing. This cache permits Internet Explorer or MSN Explorer to download only the content that has changed since you last viewed a Web page, instead of downloading all the content for a page every time it is displayed. To delete the files in the Temporary Internet Files folder, follow these steps:.

1. In Control Panel, open Internet Options.
2. Click the General tab, and then under Temporary Internet files, click Delete Files.
3. In the Delete Files dialog box, click to select the Delete all off-line content check box if you want to delete all Web page content that you have made available offline.
4. Click OK.

---

Similarly, in Firefox delete your cache to remove the offending files found.

So, exactly what locations (full path and file name) were detected as Trojan.byte.verify?

y2k1100

Let's summarize this up before it drags out.

1. You went to a site and clicked on a pop-up, doesn't matter which browser you do it with, if it's not locked down.
2. Norton's let you down, funnily enough it did in a friend's case, in the link i provided. Nothing is 100%.
------------------------------
You quoted this "but opera is said to be secure according to secunia. so why would a virus be installed on a PC even running as a limited user or using opera? now, i have javascript disabled. AV is installed but i do not have the realtime scan enabled. because norton will take up resources and ram. its a resource hog when real time or resident scanning is enabled. so i scan my pc twice a month. but never had any infections at all until now.
-------------------------------
Going to a crack site with an AV dis-abled is ??(insert whatever word you choose)

3. As ghost16825 mentioned, just for the record what version of Opera are you using ?

4. How do the latest and best exploits get out into the wild ? Crack sites are a good start. You may be updated with the latest and greatest, but NO browser can stop that.

5.Use these links, they might help you more secure yourself, because no matter what you say, you were NOT secure -

»Security »How to Secure (and Keep Secure) My (New) Computer(s): A Layered Approach:

»www.kellys-korner-xp.com ··· aks2.htm (There is a section on security there)

5. Use another AV if Nortons isn't to your liking, Nod32,BitDefender,Kaspersky are a few. It's your computer.

6. Use something like ProcessGuard - »www.diamondcs.com.au/pro ··· ssguard/

Or maybe a resident trojan detection software -

BOclean - »www.nsclean.com/

Ewido - »www.ewido.net/en/

7. Do you have a OEM version of your OS ? There are known holes/gaps/doors in the bundled OS's supplied with computers, that don't exist in a stand-alone version of the OS you buy off the shelf, There hasn't been any mention on it recently, so I doubt it has been fixed.

But don't blame Opera because you let yourself down.
I doubt very much Firefox would have saved you, it functions similarly to Opera, they both work differently to IE. This is why most suggest using these 2. There is no real gain other than Firefox has more plug-ins, and Opera needs to have it's add-ons scripted in. Neither is a security issue !

Good luck on the internet, sounds like you need it.

Ok, wait. I have to wonder what the heck you are talking about here?

CJ, here is one link that PSloss was on about this issue. Maybe i worded it incorrectly ?

»Who else is having fun with OEM security defaults?

Well said Nor, a very good run down !

Spanner

I think that is worded incorrectly, that thread has to do with default security settings out of the box (not additional holes/gaps/doors) in OEM.

I hope i did not imply otherwise. However, I would point out that totally silent installs are in theory impossible just with javascript on without any other mechanism, unless there is a exploit. Particularly so for Firefox and Opera.

It is a concern though CJ, if a non-admin acct can place shortcut's into the admin acct, ready for the next reboot. Maybe i shouldn't have brought that up in this topic. My applogies for the mis-information.

Interesting, I thought Mysec's example was for IE not firefox or opera?

The deceptive popup is a possibility, but I never heard it happen for Firefox/Opera before.

You sure this is what happened? You have examples of that for firefox or opera? Or is this theory based on what happens in IE?

EDIT: Okay I just noticed that it was possibly a problem with Java. Nothing new here.

Still, i am not exactly convinced that opera or maybe Firefox god knows what is anymore securer than IE. Can we all now use Lynx as our browser now? Anyone? Anyone? So this trojan byteverifyer thing that i got was located in the documents and settings under opera opera profiles cache-4 folder. How can one protect the myusername folder even when running as a limited user? i am telling you i am indeed running as a limited user. i must of misphrased the original post or something but i am running as a limited user. this is my first infection that i had in many years. but even though i did learn a lesson on not to visit such sites anymore no matter how secure a browser or even an os is i am still not going that route never again. i just lost my license code and i was in a hurry to study for my exam.

is it ok to just clear out the cache4 folder periodically?

said by y2k1100 :

---

is it ok to just clear out the cache4 folder periodically?

---

Yep... I clear all cache's no matter the browser, In fact in FF I have the cache set to 0...

If that was the ONLY location it was found and you didn't have any other symptoms ...I think maybe you weren't actually infected. Go back and read my post about AVs detecting virus in cache.

Are you up to date with Windows Security Updates? What Sun Java versions do you have installed (look in Add/Remove programs in the conrol panel). Did you clear the cache's I mentioned?

Browser security can be achieved with whatever is your favorite and each has it's vulnerabilities - be familiar with the one that you have, but don't expect that to be the silver bullet. One being more secure than the other is really way over debated. Browser secruity is just one thing we need to consider. You need to keep your OS updated, have up to date security products (AV and firewall), and practice safe surfing habits.

You really need to go back and read some of the replies that have been posted to you in this thread!

To delete you cache in Opera:

Tools> Delete private data...> Advanced> Tick Delete entire cache> Delete

You can set Opera to empty the cache on exit.

There is no such thing as a secure browser.

»lcamtuf.coredump.cx/

quote:

---

This started off as a really silly idea: code a trivial program to generate tiny, razor-sharp shards of broken HTML, and repeatedly feed it to various web browsers. I expected them to exhibit some security problems handling it - but I did not expect such a disaster - no browser survived unscratched.

---

To come to think of it, a hacker is a good person to ask about computer security. Because there the ones (hackers) know about security then we do. So when it comes to all about network security and stuff, just ask a hacker. that's it. because i am sure they know all about it. If they can hack into a network, they can have alot security tips for me or us out here. So is there a website devoted only for hackers like a forum or something to ask a more advanced network security?

Ain't gonna happen here sweetheart. You wanna play games? We're not into it.

So, y2k1100, In the 3 weeks you have been a member here, you are certainly using a wide variety of OS, browsers and security software. Or is this whole thread just made up to say you think Opera is not secure? Which is it?Was this whole topic made up to "prove" your preference of Firefox?

»Re: Secure your PC at 1/2 the price

quote:

---

the problem is that people are either too lazy to secure it or they just use the computer just to "use the computer" and to use it for entertainemt and downloading software that they do not know. i myself runs a firewall and I scan my pc monthly without running an antivirus in between the scanning gaps. it may not seem as much but never had any issues with spyware or viruses. and i am not running as administrator. that also cuts down on the damage potential even when you get these maliciuos threats.

i run a firewall router and AVG free edition and thats it.

---

AVG? I thought you said you had Norton

»[Mozilla] Mozilla 1.7 does not clear history

---

[Mozilla] Mozilla 1.7 does not clear history

I am running Mozilla 1.7 on Solaris,

---

Really! Interesting!

»Re: stealthing my computer as possible?

quote:

---

Re: stealthing my computer as possible?

Common sense yes indeed. And I wil ltell you what, I dont run any kind of AV or spyware software and I do run Monthly scans however...but, I never had any any problems at all with spyware, or viruses. Because I use common sense. Thats all. And I dont use my computer as a toy like most novice home users will do.

However, my question is regarding anonyminity by hiding a IP adress through a header. But most of the time will not work. Can I use the vpn on my router to browse security?
Is this a bug in Mozilla or something?

---

»[Windows] Backing up Active Directory?
[Windows] Backing up Active Directory?

If workstations were on a domain PDC with AD, how can I backup the Active Directory with all the user accounts? Incase something goes terribly wrong like a server crash, then how can I backup all the user accounts and how to restore them?

I am running Windows 2003 Server.

Also, how can I backup all the username accounts and there information on a standalone Windows 2000 Professional? (this is separate from the first question above)...

---

What's the real deal here??

... good work, CJ ... I wasn't interested enough in this person to look into his/her/its posting history, but then that's why they pay you the big bucks - ... I wonder, do people think their posts just evaporate after a few days ? ... or maybe they don't expect their words to come back and bite them ... not very bright in either case - then again, we already saw that much, didn't we ...

... so, either he/she/it's looking for someone to do their homework for them, or they just enjoy spreading fertilizer ... well, after all, it IS planting season ...

The original poster raised the question as to how malware could bypass browser security and download wihtout him realizing it.

I've given some examples of Drive-by downloads here.

Given his post history, I would ask "where's the -1 Troll" option, but Steve recently reminded me.

Then again if he really does believe all this, then there's little hope for him until he figures out security's not a product..

Looks like it's done by using CSS: »www.spywareguide.com/pro ··· p?id=599