Skip to main content

nodejs.exe is flagged as ransomware! Is this genuine?

Thread needs solution
Posts: 3
Comments: 1

I'm trying to update nodejs on a Windows 10 pro system. I'm running Acronis True Image 2020 with Active Protection turned on.

It is flagging the execution of what I believe to be a standard (but older) version of "C:\Program Files\nodejs\node.exe", with "reason" containing:

"Several folders were modified with a similar suspicious pattern"

I've temporarily blocked the process.

Can somebody who knows the Active Protection algorithms tell me whether this is a true hit or -- I suspect more likely -- a false positive?

I'm fairly disciplined about malware, and I'll be very surprised if this is legit. Is there somebody here who can help?

0 Users found this helpful
Forum Moderator
Posts: 147
Comments: 5427


You can check node.exe at and with your antivirus software. To whitelist the app, follow