edited and placed in above post

Originally posted by ragefifty50:

was in the latest opera update....

file: C:\Users\computer\AppData\Local\Opera Software\Opera Stable\Cache\Cache_Data\f_0045d3

No need to create new comments. Edit the previous ones when you update information. Ok it's only you so far but some people may only read the OT and not every comment afterwards.

It got deleted so not an issue.

Well, Opera is owned by chinese company so it is possible to have a backdoor.

Originally posted by Supafly:

It got deleted so not an issue.

but i had to delete it...
it wasnt automatic... never had to worry about his sort of stuff before

and windows 11 needs to give you just a bit more info to tell you
that clicking YES will give you details and options... or which one is to delete..

Originally posted by A&A:

Well, Opera is owned by chinese company so it is possible to have a backdoor.

first time i got this... i been using Opera for years...

Originally posted by ragefifty50:

Originally posted by Supafly:

It got deleted so not an issue.

but i had to delete it...
it wasnt automatic... never had to worry about his sort of stuff before

and windows 11 needs to give you just a bit more info to tell you
that clicking YES will give you details and options... or which one is to delete..

Like every other potentially unwanted app/program out their. You get to decide if it's a app/program you installed and wanted. Only you know can answer that. These sorts of results and actions have been upto the user to decide on what to do. I've had PUPs, Potentially unwanted programs before that I installed on my systems and kept and others I didn't which I deleted.

Windows 95-11 and other adware scanners all do the same thing. Vague information that you may need to look up before you can make a decision.

Originally posted by ragefifty50:

Originally posted by A&A:

Well, Opera is owned by chinese company so it is possible to have a backdoor.

first time i got this... i been using Opera for years...

Could be part of Opera has changed an that changed got it flagged or it could be MS has updated their software to detect it.

this warning was sort of out of the blue... as i had not
been doing anything or requested anything.. and usually
opera tells you to shutdown to do a new upgrade..

i just updated Opera and did a new scan... nothing to report...

atleast i know the process now..

Originally posted by ragefifty50:

this warning was sort of out of the blue... as i had not
been doing anything or requested anything.. and usually
opera tells you to shutdown to do a new upgrade..

i just updated Opera and did a new scan... nothing to report...

atleast i know the process now..

Could have done the update before you shutdown last so you didn't notice. Or MS updated something that now detects it so it wasn't Opera that changed.

Can be a shock and scary the first time it happens. Either way you now know process.

It wasn't an opera update, it's in the cache folder, which is where all web browsers store website data.

So some website you visited left it there, generally so long as you keep your O/S and browser software up to date you shouldn't need to worry about anything dodgy that a website tries to do, but you may want to be careful about what sites you visit..

Crossrider is nasty, it's classfied as adware but can potentially usher in more malicious processes, esp if there's a network connection. Good you got rid of it. I would also scan with AdwCleaner and the free or trial version of HitmanPro. It was probably in your Opera browser cache so you do want to empty that on a regular basis. You can do this manually via the Opera Privacy and Security settings or use a cleaner like CrapCleaner or some other one. Just be careful to uncheck things like Passwords unless you want to sign into all your sites again.

https://www.malwarebytes.com/adwcleaner
https://www.hitmanpro.com/en-us

HitmanPro will remain usable after the free trial expires but you will have to find and remove anything it flags yourself.

thats really interesting...
and good to know its not opera...

thanks Lithurge

also good advise.. thanks plat

I forgot that you can check the suspicious file with virustotal.com which is a usefull tool using over 70 antivirus scaners.

Yes, I use Opera but I have no delusions about its provenance. If you use Windows firewall, you may see the inbound calls of the Opera .exe blocked by default provided you have it installed already By contrast, Mozilla is allowed.

There must be a reason Microsoft has applied this rule and I don't speculate or second-guess. I consider this an adequate stop-gap in addition to other security measures I have in place. I currently use it as my secondary browser. It's nice and fast and gets updated regularly.

https://i.imgur.com/WyjVpm7.png

Warning: An UEFI Secure Boot signed key from Microsoft had leaked. So being signed as "issued by Microsoft Window Production PCA 2011" is alarming and might be a fake trojan / rootkit trying to bypass your security, by posing as a trusted Microsoft digital signature. It can be used to try hide major infections into Windows.

Run a full scan / rootkit check with Spybot, MalwareBytes, Kaspersky or similar. Hopefully it was never allowed, but double check.

PUA:MacOS/Bundlore.B!MTB is also known as Crossrider and allows criminals to bundle together adware-type applications with regular apps and games hiding it under the installation or running of it. After infiltration, these programs deliver intrusive advertising and start to gather sensitive information. You might see unwanted pop-up ads or fake installers, which then redirect you to shady websites and additional downloads.

As for being in the latest Opera web-browser, it's under your cache, not it's actual installation. Delete all Temporary Internet Files.