Here's a couple things you could try:
1 Add Opera to list of trusted publishers
2 look in log and find out the subfolder that Opera updates from, and exclude it from User space (using * to replace version number if necessary)
I am making the assumption that Opera does not update from User Space since you are not reporting a block event for "opera_updater.exe" in User Space. If it does use also use some updater in User Space, then @shmu26 is correct. You have to identify the Opera updater process if it is using one.
If it isn't updating from User Space, then
1 - You don't need to add Opera to TPL since it is installed to Programs folder and see 2
2 - Looks to me Opera is updating from c:\windows\temp\opera autoupdate - which is System Space
The block event is probably rundll32 or some inherited Guarded process attempting to write to a log or some other innocuous file in the update directory and that blocked write does not break anything associated with the Opera update process.
I've said it a million times that block events of known trusted programs should be ignored unless something is obviously is broken.
The objective is not to make the AppGuard configuration such that there are zero block events of trusted programs. If a user does that they should not use AppGuard.
Last edited by a moderator: