Opera Updater gets flagged as ransomware by Windows 10 Security

karcyon

karcyon last edited by

Already tried de- and re-installing. Same thing.

burnout426

burnout426 Volunteer last edited by burnout426

If you got the Opera installer from opera.com, it's probably a false positive caused by Windows Defender's Realtime Protection heuristics or its ransomware protection.

You could turn off ransomware protection if you want. Or, you can look in the Windows Event Viewer to see what Opera process it's killing (like if it's installer.exe or opera_autoupdate.exe). Then, you can report the issue to Microsoft.

Or, in Windows Security under Virus and threat protections, there's an Exclusions section where you can add an exclusion for the file or its folder or the process.

If you didn't get Opera from opera.com, I'd uninstall again and make sure you download from Opera and reinstall. You might want to check your computer for malware too with Malwarebytes for example.

leocg

leocg Moderator Volunteer @karcyon last edited by

@karcyon You need to report it to Microsoft so they can fix it.

By the way, so far it didn't happen here.

andrew84

andrew84 @leocg last edited by

@leocg I had the similar with Kaspersky some time ago (~2 weeks ago).
Also, there was a report from user on Mac. https://forums.opera.com/topic/39275/opera-being-detected-as-c2-generic-a-virus
This is the 3rd case already with different AV software.

karcyon

karcyon @burnout426 last edited by

@burnout426

I could do all that but I would rather have Opera take a look at it and fix it since this can't be normal to have multiple Virus/Malware apps go off on a brwoser. I downloaded it directly from Opera.com btw.

operanana

operanana last edited by

Hello everyone, Same thing just happened to me today 2020-06-29 at 18:45 with Malwarebytes, putting opera autoupdate\installer.exe in quarantine. Been using Malwarebytes AV without issues since February 2020 and Opera for many years. Was with Norton for 12 years before. Looks like there is a recent 2020 problem with Opera that has yet to be addressed. Thanks.

leocg

leocg Moderator Volunteer @operanana last edited by

@operanana It's most probably another case of a false positive.

operanana

operanana @leocg last edited by

@leocg Thanks. How to be sure? Will leave it aside for now until official confirmation from Opera and from Malwarebytes.

leocg

leocg Moderator Volunteer @operanana last edited by

@operanana Take a comfortable seat.

operanana

operanana @leocg last edited by

@leocg Exploring this forum this evening. I would like to use Opera as my main browser, or at least use it as often as my other one.

andrew84

andrew84 @operanana last edited by

@operanana I had the same 3 moths ago in 67 Beta, it showed me troyans in installer.exe
Some time later it showed nothing. I use Opera many years + KIS and it happened for the first time. https://blogs.opera.com/desktop/2020/03/opera-67-0-3575-97-stable-update/#comment-203234

blackbird71

blackbird71 @operanana last edited by

@operanana If you downloaded your Opera version from a genuine Opera website, neither it nor its installer will contain a virus - Opera runs a tight ship with their servers. In that case, it's a 'false positive' detection on the part of the antivirus you're using (these are continually being updated and their detection schemes being altered by their makers). Since some recent update to the AV is causing the issue, the AV maker (in this case, Malwarebytes) is who you need to inform and apply pressure regarding their recent AV update.