General My Anti-virus detected a malicious file in Opera GX
-
leocg Moderator Volunteer last edited by 18 Jul 2022, 16:27
General My Anti-virus detected a malicious file in Opera GX
-
leocg Moderator Volunteer last edited by 18 Jul 2022, 16:29
@kar4tash For some reason, your antivírus thinks that something from a page you've visited is malicious.
-
RirichiyoZ last edited by 18 Jul 2022, 16:57
@kar4tash Same problem here. It only happens when I try to access Twitch
-
beeda2004 last edited by leocg 18 Jul 2022, 23:13 18 Jul 2022, 21:41
@ririchiyoz had similar problem only different named virus
same when i tried to open twitch
-
burnout426 Volunteer last edited by burnout426 19 Jul 2022, 00:45 19 Jul 2022, 00:44
It's most likely a false positive cause by Windows Defender's heuristics. Some users of other browsers are seeing it when visiting twitch.tv also.
However, if you have any Twitch extensions at the URL
opera://extensions
, especially Twitch adblocking extensions, remove them and see if the alerts go away. Read somewhere that someone recently bought a Twitch adblocking browser extension from something and the new developer started putting malicious code in it. Something to research. -
RirichiyoZ last edited by 19 Jul 2022, 00:51
@burnout426 thanks for the tip, but unfortunately the problem persists only in Opera GX. I removed all the extensions I had (none were Twitch related), cleared the cache, reinstalled.. and nothing worked. I tested it on Edge and Chrome and didn't face any problems.
-
burnout426 Volunteer last edited by 19 Jul 2022, 12:15
@ririchiyoz Using Opera's adblocker and tracking protection with any custom lists?
-
RirichiyoZ last edited by 19 Jul 2022, 17:09
@burnout426 Neither. I disabled everything possible in Opera GX to see if the problem persisted, and unfortunately it didn't help. I never had this problem. It started yesterday. I stopped using Opera in the meantime
-
stevewright 0 last edited by 5 Nov 2022, 23:29
@ririchiyoz Tested the installer on VirusTotal today and got this
Cylance Unsafe
Malwarebytes Malware.Heuristic.1003
Trapmine Malicious.high.ml.scoreHere's the link: https://www.virustotal.com/gui/file/4ca55ecbf81a932ba8947f526fc94c4ee2dbbb9e8e76215210a24d4d509a4ca3?nocache=1
-
sgunhouse Moderator Volunteer last edited by sgunhouse 6 Nov 2022, 00:27 6 Nov 2022, 00:26
@stevewright-0 High ml score? Anything that says Heuristic is automatically suspect - they are saying it looks similar to malware but it isn't any particular one.
-
Lexisuperman last edited by 24 Dec 2023, 09:24
I have same problem my anti virus has find malicious file operaconnect140.exe it says it has trojan in it i tried searching it on google but i cannot find any thing.
-
burnout426 Volunteer last edited by burnout426 25 Dec 2023, 05:59 25 Dec 2023, 05:55
@lexisuperman What's the exact path where it finds that file? I don't have that file and don't know what it is.
Would be good to goto the URL
opera://about
, take note of the "install" path, close Opera and uninstall Opera (but don't choose to delete your data when uninstalling, unless you don't mind starting over). (Before you do that though, it might be good to goto the URLsopera://mods
andopera://extensions
and remove all your mods and extensions.)Then, delete the install folder as it will be left behind with a few things in it.
Then, delete everything in "C:\Windows\temp" and "C:\Users\yourusername\AppData\Local\temp".
Then, download Opera GX from https://www.opera.com/download#opera-gx in another browser (Edge for example), launch the installer, click "options", uncheck "import data from default browser", adjust all the other options as you like and install.
Would be good to scan your system specifically with the free version of Malwarebytes too.
Would be good to upload the exe to https://www.virustotal.com/gui/home/upload too to see if it's just one or too silly heuristic detections that flag it as a trojan or if a whole bunch of engines do.
-