[Solved]https://sitecheck.opera.com/api/v2/check Threat name: Trojan.Agent.ETKZ

avtdvt

avtdvt last edited by leocg

My Bitdefender security is constantly reporting the following critical alert on any website I visit:

Infected web page detected 1 minutes ago
Feature: Online Threat Prevention
We blocked this dangerous page for your protection:
https://sitecheck.opera.com/api/v2/check
Threat name: Trojan.Agent.ETKZ

The Opera browser seems to work OK. I get the same on three different PCs.
When using Firefox or Chrome vis I do not get these alerts.
"sitecheck.opera.com/api/v2/check" looks to me like a feature of Opera.
Or is it a false positive in Bitdefender.
Any ideas?

leocg

leocg Moderator Volunteer @avtdvt last edited by

@avtdvt Did you already contacted BitDefender? What is their answer?

avtdvt

avtdvt @leocg last edited by

@leocg I reported it to Bitdefender yesterday. No reply so far.
I also reported it to the Opera security team: They were very quick in responding. This is what they say:

Sitecheck is our web service that warns users about malicious websites and there is no way it could infect your computer. It simply tells the browser to display a warning on chosen pages.
We believe it's a "false positive" alert and will contact Bitdefender about it.

Problem not yet solved...

danteafg

danteafg @avtdvt last edited by danteafg

@avtdvt I got the same message. I was saving a spreadsheet as PDF in a folder synced with OneDrive, when Excel finished, the Opera browser automatically opened showing the OneDrive login page, at that time Bitdefender showed the warning

danteafg

danteafg last edited by

Here is the Bitdefender's answer (original text in spanish)

**Thank you for trusting in Bitdefender security solutions.

We regret the situation. Upon receiving your case, we inform you that this application is not malicious, it is only an intrusive application which shows you advertising, and it has been installed with your consent at the time of installing (without customizing the installation) an application downloaded from the Internet.

Please uninstall the application from the control panel as explained below:

1. Press the Windows key (located between the CTRL and ALT keys) and the R key at the same time.

2. Type in the box that will appear on the screen, then press Enter;

3. In the list that appears, search for and remove any suspicious / unused applications and this will clean up suspicious applications.**

I did a scan with Malwarebytes that threw a few potentially unwanted files in the Google Chrome folder, nothing to do with Opera

avtdvt

avtdvt last edited by

danteafg: Thanks for following this up. However, the (translated) reply from Bitdefender does not make sense. Uninstall what? An integrated part of the Opera browser? I am hoping that the Opera security team will convince Bitdefender that it is a false positive (alert)..

danteafg

danteafg @avtdvt last edited by

@avtdvt I thought the same about Bitdefender's answer, I replied saying what I had done, here is the new message:

**Thank you for trusting in Bitdefender security solutions.

Thank you for your response, please indicate if the situation experienced has been resolved once you have followed the instructions in the previous email.**

What if it's not a false positive?

Now, I repeated the process with another spreadsheet, saving it in PDF format within a OneDrive subfolder. Guess what? Bitdefender warned me again

Switching to Microsoft Edge in the meantime

danteafg

danteafg last edited by

@avtdvt Both Opera and Bitdefender have just been updated, apparently the problem disappeared

avtdvt

avtdvt last edited by

Confirmed! I have not had any messages from Bitdefender for > 16 hours.
Problem solved.

danteafg

danteafg @avtdvt last edited by

@avtdvt Thanks for watching. Stay tuned for the next episode