General My Anti-virus detected a malicious file in Opera GX
-
-
-
-
-
beeda2004 last edited by leocg
@ririchiyoz had similar problem only different named virus
same when i tried to open twitch
-
burnout426 Volunteer last edited by burnout426
It's most likely a false positive cause by Windows Defender's heuristics. Some users of other browsers are seeing it when visiting twitch.tv also.
However, if you have any Twitch extensions at the URL
opera://extensions, especially Twitch adblocking extensions, remove them and see if the alerts go away. Read somewhere that someone recently bought a Twitch adblocking browser extension from something and the new developer started putting malicious code in it. Something to research. -
RirichiyoZ last edited by
@burnout426 thanks for the tip, but unfortunately the problem persists only in Opera GX. I removed all the extensions I had (none were Twitch related), cleared the cache, reinstalled.. and nothing worked. I tested it on Edge and Chrome and didn't face any problems.
-
burnout426 Volunteer last edited by
@ririchiyoz Using Opera's adblocker and tracking protection with any custom lists?
-
RirichiyoZ last edited by
@burnout426 Neither. I disabled everything possible in Opera GX to see if the problem persisted, and unfortunately it didn't help. I never had this problem. It started yesterday. I stopped using Opera in the meantime
-
stevewright 0 last edited by
@ririchiyoz Tested the installer on VirusTotal today and got this
Cylance Unsafe
Malwarebytes Malware.Heuristic.1003
Trapmine Malicious.high.ml.scoreHere's the link: https://www.virustotal.com/gui/file/4ca55ecbf81a932ba8947f526fc94c4ee2dbbb9e8e76215210a24d4d509a4ca3?nocache=1
-
sgunhouse Moderator Volunteer last edited by sgunhouse
@stevewright-0 High ml score? Anything that says Heuristic is automatically suspect - they are saying it looks similar to malware but it isn't any particular one.
-
Lexisuperman last edited by
I have same problem my anti virus has find malicious file operaconnect140.exe it says it has trojan in it i tried searching it on google but i cannot find any thing.
-
burnout426 Volunteer last edited by burnout426
@lexisuperman What's the exact path where it finds that file? I don't have that file and don't know what it is.
Would be good to goto the URL
opera://about, take note of the "install" path, close Opera and uninstall Opera (but don't choose to delete your data when uninstalling, unless you don't mind starting over). (Before you do that though, it might be good to goto the URLsopera://modsandopera://extensionsand remove all your mods and extensions.)Then, delete the install folder as it will be left behind with a few things in it.
Then, delete everything in "C:\Windows\temp" and "C:\Users\yourusername\AppData\Local\temp".
Then, download Opera GX from https://www.opera.com/download#opera-gx in another browser (Edge for example), launch the installer, click "options", uncheck "import data from default browser", adjust all the other options as you like and install.
Would be good to scan your system specifically with the free version of Malwarebytes too.
Would be good to upload the exe to https://www.virustotal.com/gui/home/upload too to see if it's just one or too silly heuristic detections that flag it as a trojan or if a whole bunch of engines do.
