GAMEBOOMERS provides you with all the latest PC adventure computer games information, forum, walkthroughs, reviews and news.

GB Reviews

Latest & Upcoming Adventure Games

GB Annual Game Lists

GB Interviews

BAAGS

GB @ acebook

About Us

Walkthroughs

free games galore

Game Publishers & Developers

World of Adventure

Patches

GB @ witter

GameBoomers Store

Print Thread
Page 1 of 2 1 2
Beware Opera.exe malware #950416
04/16/14 03:59 PM
04/16/14 03:59 PM
Joined: Nov 2000
Posts: 8,105
B.C. Canada
hagatha Offline OP
BAAG Specialist
hagatha  Offline OP
BAAG Specialist

Joined: Nov 2000
Posts: 8,105
B.C. Canada
Recently having had horrible problems with Chrome, I decided to give Opera another try yesterday.

Bad idea. It downloaded malware, win32:installer-AR[PUP]. I could see something was terribly wrong within a minute because my anti-virus was going nuts, so I uninstalled it and the two programs that it came bundled with (which may or may not have been legit).

I continued to have issues with unknown files wanting to download but fortunately Avast found and apparently removed the malware file.

Just wanted everyone to be aware that Opera is seriously compromised.


I think I'm quite ready for another adventure.
Re: Beware Opera.exe malware [Re: hagatha] #950421
04/16/14 04:19 PM
04/16/14 04:19 PM
Joined: Oct 2000
Posts: 40,644
southeast USA
Jenny100 Offline
GB Reviewer Glitches Moderator
Jenny100  Offline
GB Reviewer Glitches Moderator
Sonic Boomer

Joined: Oct 2000
Posts: 40,644
southeast USA
You have to be careful what site you download these things from.
The Opera installer should not be bundled with other programs.
Those other two programs that were bundled with it may have been what triggered your antivirus, rather than Opera itself (assuming what you downloaded was actually the Opera web browser).

Did you download it from the Opera.com website or from some place like CNET?
CNET is not trustworthy anymore.

"PUP" means Potentially Unwanted Program.
Not everything that is identified as a PUP is malware.
It is not necessarily bad -- it's just an unknown, and your antivirus is warning you that it can't give it the "all clear."
Adware that is bundled with other software is a PUP, and that may be what you got.

Of course it could be some other type of unidentified malware.
The last post on this Avast forum thread describes what a PUP is
http://forum.avast.com/index.php?topic=101419.0

Did you download Opera directly from Opera.com ?
If they actually bundle adware with their browser, they're no longer trustworthy.
However I don't see any WOT warning on the Opera.com website.

Re: Beware Opera.exe malware [Re: hagatha] #950428
04/16/14 04:24 PM
04/16/14 04:24 PM
Joined: Nov 2000
Posts: 8,105
B.C. Canada
hagatha Offline OP
BAAG Specialist
hagatha  Offline OP
BAAG Specialist

Joined: Nov 2000
Posts: 8,105
B.C. Canada
Hm. It seemed to me that I went to the official Opera site for the download. I know that Opera was badly compromised last year, as well.


I think I'm quite ready for another adventure.
Re: Beware Opera.exe malware [Re: hagatha] #950432
04/16/14 04:35 PM
04/16/14 04:35 PM
Joined: Mar 2004
Posts: 1,745
Rockland, Ontario, Canada
Starcom Offline
Addicted Boomer
Starcom  Offline
Addicted Boomer

Joined: Mar 2004
Posts: 1,745
Rockland, Ontario, Canada
The official Opera site seems to be a Clean site, if one is not sure there was a wonderful link released during the Bleeding Heart threat, it is a Combo of major Virus companies that Analyse the link in question:

https://www.virustotal.com/en/

Just copy and paste the link in question in the VirusTotal box and click on Analyse, if it gives you an older analyse date, then click on the "Reanalyse" button and you will get todays date.

Re: Beware Opera.exe malware [Re: hagatha] #950435
04/16/14 05:00 PM
04/16/14 05:00 PM
Joined: Jun 1999
Posts: 5,896
California
Pokey Offline
BAAG Specialist
Pokey  Offline
BAAG Specialist

Joined: Jun 1999
Posts: 5,896
California
I've been using Web of Trust for a while and have been saved several times from clicking on a site that looked legit. I recommend it.

Re: Beware Opera.exe malware [Re: hagatha] #950436
04/16/14 05:03 PM
04/16/14 05:03 PM
Joined: Jun 2005
Posts: 20,007
Near St. Louis, MO
Draclvr Online content
Reviews Editor - Hints/Glitches Mod - Site Support
Draclvr  Online Content
Reviews Editor - Hints/Glitches Mod - Site Support
True Blue Boomer

Joined: Jun 2005
Posts: 20,007
Near St. Louis, MO
I've been using virustotal for years and it is one of the best tools in my little virtual toolbox. You can also upload files and have it scan them. Web of Trust is also very helpful...

As Jenny says, you have to be very, very careful of where you download legitimate software from. The source is the only place I use any more. All my old trustworthy download sites like CNET, Tucows and others have gone to the darkside. CNET is one of the worst.

EDIT: I just Googled Opera and skipped the first option which was the Softpedia download site - which I've also had problems with - and went to the Opera website itself. I downloaded, right clicked the downloaded file and selected Scan with Malwarebytes which came up clean and then installed. No problems at all.


Gardens put to bed for the winter. Time for some gaming!
Re: Beware Opera.exe malware [Re: Draclvr] #950444
04/16/14 05:45 PM
04/16/14 05:45 PM
Joined: Jan 2010
Posts: 3,293
Rivellon
T
traveler Offline
Addicted Boomer
traveler  Offline
Addicted Boomer
T

Joined: Jan 2010
Posts: 3,293
Rivellon
Hehe.
Now that you've downloaded the best browser, you should use it, Draclvr.

grin

Gil.


"Best not to think about it. I don't want to fall to bits 'cos of excess existential thought."
Re: Beware Opera.exe malware [Re: hagatha] #950446
04/16/14 05:57 PM
04/16/14 05:57 PM
Joined: Jan 2006
Posts: 1,923
Texas
T
Terri824 Offline
Addicted Boomer
Terri824  Offline
Addicted Boomer
T

Joined: Jan 2006
Posts: 1,923
Texas
hagatha. What kind of problems were you having with Chrome? I ask because I've also been having some problems with it.


When you live in the past, it costs you the present.
Re: Beware Opera.exe malware [Re: hagatha] #950451
04/16/14 06:32 PM
04/16/14 06:32 PM
Joined: Jun 2005
Posts: 20,007
Near St. Louis, MO
Draclvr Online content
Reviews Editor - Hints/Glitches Mod - Site Support
Draclvr  Online Content
Reviews Editor - Hints/Glitches Mod - Site Support
True Blue Boomer

Joined: Jun 2005
Posts: 20,007
Near St. Louis, MO
Gil, I've REALLY tried it several time just because YOU like it, because for me that is a great recommendation! grin But I just can't get warm and fuzzy with it at all. I think I'm just too set in my ways...



Gardens put to bed for the winter. Time for some gaming!
Re: Beware Opera.exe malware [Re: hagatha] #950463
04/16/14 08:34 PM
04/16/14 08:34 PM
Joined: Nov 2000
Posts: 8,105
B.C. Canada
hagatha Offline OP
BAAG Specialist
hagatha  Offline OP
BAAG Specialist

Joined: Nov 2000
Posts: 8,105
B.C. Canada
Guys, I have something really wrong with my machine now. I've done boot scans with Avast and it comes up fine, but when I go onto Steam I get all sorts of pop-ups pushing their way to the fore demanding that I download this and suggesting that I have to do that, and even some loud video about how to make money on line.

It doesn't seem to be affecting this site, but Steam is now unusable for me.

I'm going to have to do a reinstall of my system.

SO much for having fun. All day today and yesterday it was non-stop computer stuff.

BTW, I've never done a system reinstall. Is it hard?


I think I'm quite ready for another adventure.
Re: Beware Opera.exe malware [Re: hagatha] #950466
04/16/14 08:39 PM
04/16/14 08:39 PM
Joined: Jun 2005
Posts: 20,007
Near St. Louis, MO
Draclvr Online content
Reviews Editor - Hints/Glitches Mod - Site Support
Draclvr  Online Content
Reviews Editor - Hints/Glitches Mod - Site Support
True Blue Boomer

Joined: Jun 2005
Posts: 20,007
Near St. Louis, MO
Have you done a complete scan with Malwarebytes yet? That would be the first thing to do after Avast.

What browser are you using to go to Steam? Check in the add-ons to see if there is anything nefarious there. Try a different browser and see what happens.


Gardens put to bed for the winter. Time for some gaming!
Re: Beware Opera.exe malware [Re: hagatha] #950467
04/16/14 08:48 PM
04/16/14 08:48 PM
Joined: Nov 2000
Posts: 8,105
B.C. Canada
hagatha Offline OP
BAAG Specialist
hagatha  Offline OP
BAAG Specialist

Joined: Nov 2000
Posts: 8,105
B.C. Canada
Sorry, Malwarebytes? Where do I get this?

I'm using IE to access Steam. I don't know what you mean about checking add-ons.

I'm just really stressed. I hope to god my system restore disk is okay. Otherwise I'm in trouble. The reason I say this is because my Acer recovery disks that I made when I bought my computer turned out not to work and it cost me a huge amount of money to fix it all. I'm utterly exhausted as we are trying to sell our house and this was my one chance to have a day off. SOme day off.

Okat, one of the pop-ups that keeps coming to the fore is an alleged game. I'm just going to see the name.

Also, one site that kept popping up in Steam was called Appimat. It was trying to get me to download something.


Last edited by hagatha; 04/16/14 08:55 PM.

I think I'm quite ready for another adventure.
Re: Beware Opera.exe malware [Re: hagatha] #950470
04/16/14 09:04 PM
04/16/14 09:04 PM
Joined: Jun 2005
Posts: 20,007
Near St. Louis, MO
Draclvr Online content
Reviews Editor - Hints/Glitches Mod - Site Support
Draclvr  Online Content
Reviews Editor - Hints/Glitches Mod - Site Support
True Blue Boomer

Joined: Jun 2005
Posts: 20,007
Near St. Louis, MO
Download the free version of Malwarebytes here... Malwarebytes

Decline if they ask if you want a free trial of the Pro version. Run a full scan. Do this first. Get rid of anything it finds.

Then in IE, go to Tools and then Manage Add-ons. See what is listed there.

Try downloading Firefox and see if you get the same behavior. Firefox


Gardens put to bed for the winter. Time for some gaming!
Re: Beware Opera.exe malware [Re: hagatha] #950476
04/16/14 09:36 PM
04/16/14 09:36 PM
Joined: Nov 2000
Posts: 8,105
B.C. Canada
hagatha Offline OP
BAAG Specialist
hagatha  Offline OP
BAAG Specialist

Joined: Nov 2000
Posts: 8,105
B.C. Canada
Okay I ran the scan. It found stuff.

Now I cannot access the Internet. When I try I get error: The remote device won't accept the connection.

I disabled virus and firewall before malwarebytes install as directed. But they are now back on.

In add ons there is Avast, Microsoft live id sign in helper and a weird thing, Blog this in Live writer (listed ss not available).

Also now I see an error: proxy server is not responding.


I'm stumped.


Last edited by hagatha; 04/16/14 09:42 PM.

I think I'm quite ready for another adventure.
Re: Beware Opera.exe malware [Re: hagatha] #950484
04/16/14 09:49 PM
04/16/14 09:49 PM
Joined: Oct 2000
Posts: 40,644
southeast USA
Jenny100 Offline
GB Reviewer Glitches Moderator
Jenny100  Offline
GB Reviewer Glitches Moderator
Sonic Boomer

Joined: Oct 2000
Posts: 40,644
southeast USA
Check Condobloke's 4th post on this thread
http://www.bleepingcomputer.com/forums/t/518464/ran-adwcleaner-now-cant-access-internet/


You don't have a restore point from before this mess, do you?
If that worked, it would be the easiest way.

Re: Beware Opera.exe malware [Re: hagatha] #950488
04/16/14 10:03 PM
04/16/14 10:03 PM
Joined: Nov 2000
Posts: 8,105
B.C. Canada
hagatha Offline OP
BAAG Specialist
hagatha  Offline OP
BAAG Specialist

Joined: Nov 2000
Posts: 8,105
B.C. Canada
I have no restores. I thought I made one but it's not there. All I have is a system restore disk.

The malware was removed I think. But I disabled my firewall and now the settings are wrong and I cant xhange them. Cannot set windows firewall to connect my home or private netwok. This function seema to be unavailable. I think this is the problem. If I could get it to connwct my home network it wouls be okay but I dont know how.

Sorry for the typos. Using my android device now.


I think I'm quite ready for another adventure.
Re: Beware Opera.exe malware [Re: hagatha] #950490
04/16/14 10:12 PM
04/16/14 10:12 PM
Joined: Oct 2000
Posts: 40,644
southeast USA
Jenny100 Offline
GB Reviewer Glitches Moderator
Jenny100  Offline
GB Reviewer Glitches Moderator
Sonic Boomer

Joined: Oct 2000
Posts: 40,644
southeast USA
Did you try either of Condobloke's solutions at
http://www.bleepingcomputer.com/forums/t/518464/ran-adwcleaner-now-cant-access-internet/

Quote:
Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.
Now check if the internet is working again.

OR

Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window:

netsh winsock reset

Click on the enter key.
Reboot your system to complete the process.

If needed : type these one line at a time, press enter after each line. See if it works after each.


netsh interface ipv4 reset
netsh interface ipv6 reset
ipconfig /flushdns

Re: Beware Opera.exe malware [Re: Jenny100] #950491
04/16/14 10:13 PM
04/16/14 10:13 PM
Joined: Nov 2000
Posts: 8,105
B.C. Canada
hagatha Offline OP
BAAG Specialist
hagatha  Offline OP
BAAG Specialist

Joined: Nov 2000
Posts: 8,105
B.C. Canada
Yes I tried them. None of them worked.

And now I dont even get the error messages

Last edited by hagatha; 04/16/14 10:14 PM.

I think I'm quite ready for another adventure.
Re: Beware Opera.exe malware [Re: hagatha] #950493
04/16/14 10:23 PM
04/16/14 10:23 PM
Joined: Nov 2000
Posts: 8,105
B.C. Canada
hagatha Offline OP
BAAG Specialist
hagatha  Offline OP
BAAG Specialist

Joined: Nov 2000
Posts: 8,105
B.C. Canada
This is odd. I connect to Steam no problem. But no IE connection. What does that mean?

Also my email works. This is getting strange. Explorer is on the firewall exceptions list so it isnt that.

I can also log into Uplay, which is how this all started.

Last edited by hagatha; 04/16/14 10:31 PM.

I think I'm quite ready for another adventure.
Re: Beware Opera.exe malware [Re: hagatha] #950498
04/16/14 10:47 PM
04/16/14 10:47 PM
Joined: Oct 2000
Posts: 40,644
southeast USA
Jenny100 Offline
GB Reviewer Glitches Moderator
Jenny100  Offline
GB Reviewer Glitches Moderator
Sonic Boomer

Joined: Oct 2000
Posts: 40,644
southeast USA
It sounds like everything may be fixed except IE.
IE may be set to use a proxy.

These instructions are for IE9, but they show you how to check if your IE is set to use a proxy
http://www.wikihow.com/Enter-Proxy-Settings-in-Internet-Explorer

What you want is NOT to use a proxy, so if you see the proxy server box checked, then uncheck it and OK the change.

Re: Beware Opera.exe malware [Re: hagatha] #950501
04/16/14 11:09 PM
04/16/14 11:09 PM
Joined: Nov 2000
Posts: 8,105
B.C. Canada
hagatha Offline OP
BAAG Specialist
hagatha  Offline OP
BAAG Specialist

Joined: Nov 2000
Posts: 8,105
B.C. Canada
I did try that, too.

In the end its easier to restore my system.

Thanks for all the help. I now have Malwarebytes installed and know to stay away from CNET so I'm ahead of the game.

Edit: Everything seems to be working now, including Uplay. Thank heaven for System Restore. Having to download a few things is nothing compared to the alternative. I missed having restore points all those years of using Vista.

Last edited by hagatha; 04/17/14 01:46 AM.

I think I'm quite ready for another adventure.
Re: Beware Opera.exe malware [Re: hagatha] #950592
04/17/14 10:30 AM
04/17/14 10:30 AM
Joined: Jun 2005
Posts: 20,007
Near St. Louis, MO
Draclvr Online content
Reviews Editor - Hints/Glitches Mod - Site Support
Draclvr  Online Content
Reviews Editor - Hints/Glitches Mod - Site Support
True Blue Boomer

Joined: Jun 2005
Posts: 20,007
Near St. Louis, MO
Oh, good news! I thought you said earlier that you said you didn't have any restore points.

It isn't just CNET. Somewhere here in Glitches I posted a link a couple of months ago to an article on the dangers of downloading from anywhere but the developer website.

Software Download Sites: Beware

And another...

Watch Out for These Download Danger Signs



Gardens put to bed for the winter. Time for some gaming!
Re: Beware Opera.exe malware [Re: hagatha] #950639
04/17/14 04:35 PM
04/17/14 04:35 PM
Joined: Nov 2000
Posts: 8,105
B.C. Canada
hagatha Offline OP
BAAG Specialist
hagatha  Offline OP
BAAG Specialist

Joined: Nov 2000
Posts: 8,105
B.C. Canada
Apparently my computer made a restore point right after I turned it on for the first time. I did make a restore disk, too, but having those restore points is much easier.


I think I'm quite ready for another adventure.
Re: Beware Opera.exe malware [Re: hagatha] #950643
04/17/14 04:47 PM
04/17/14 04:47 PM
Joined: Jun 2005
Posts: 20,007
Near St. Louis, MO
Draclvr Online content
Reviews Editor - Hints/Glitches Mod - Site Support
Draclvr  Online Content
Reviews Editor - Hints/Glitches Mod - Site Support
True Blue Boomer

Joined: Jun 2005
Posts: 20,007
Near St. Louis, MO
I definitely agree! It makes life much easier. Hope it's all smooth sailing for you now!


Gardens put to bed for the winter. Time for some gaming!
Re: Beware Opera.exe malware [Re: hagatha] #950685
04/17/14 09:22 PM
04/17/14 09:22 PM
Joined: Nov 2000
Posts: 8,105
B.C. Canada
hagatha Offline OP
BAAG Specialist
hagatha  Offline OP
BAAG Specialist

Joined: Nov 2000
Posts: 8,105
B.C. Canada
Oh yeah. This is a sweet computer, all in all.


I think I'm quite ready for another adventure.
Re: Beware Opera.exe malware [Re: hagatha] #950737
04/18/14 05:58 AM
04/18/14 05:58 AM
Joined: Nov 2000
Posts: 34,312
United Kingdom
Mad Offline
Sonic Boomer
Mad  Offline
Sonic Boomer

Joined: Nov 2000
Posts: 34,312
United Kingdom
Glad you are back to enjoying your lovely new computer, hagatha dance


Time : The Most Precious Commodity
Page 1 of 2 1 2
Previous Thread
Index
Next Thread

Moderated by  Draclvr 

Who's Online Now
2 registered members (curly, judith), 227 guests, and 0 spiders.
Key: Admin, Global Mod, Staff, Mod
Newest Members
PierreLombardo, Dux, WillPowerGoat, Ebalon, J7769mon
9388 Registered Users
Powered by UBB.threads™