Anti-Malware Alert on every Opening

Have been using Brave for a couple of months. Due to computer issues had to get a new drive and re-install apps. Installed Brave + Anti-Malware without issues. For some reason now every time I open a new Brave window my Anti-Malware pops up with an alert concerning a Trojan virus from omega.geo-stats.xyz. What is this and why is it linked to Brave?
edit: this happens whenever I refresh pages aswell

OS: Win10Pro
Brave version: [Version 1.18.75 Chromium: 87.0.4280.101 (Official Build) (64-bit)
]
Following is the text report from the Anti-Malware concerning this issue.

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 12/20/20
Protection Event Time: 11:10 AM
Log File: f0e1951c-42dd-11eb-b403-00ff536e8b18.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1130
Update Package Version: 1.0.34543
License: Trial

-System Information-
OS: Windows 10 (Build 19041.685)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe, Blocked, -1, -1, 0.0.0, ,

-Website Data-
Category: Trojan
Domain: omega.geo-stats.xyz
IP Address: 172.64.87.18
Port: 443
Type: Outbound
File: C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe

(end)

Thanks in advance.

@jekyll4793,
Can you share a picture of the pop-up you’re seeing? Additionally, can you try clearing your cache/browsing data in Brave and see if you still get the same popup when opening Brave windows?

unknown

These are the pop-ups that I’m seeing, and in the original message is the text file report that goes along with those pop-ups. I have cleared and deleted my browsing data; and even set it to automatically delete and it still happens.

Please close any opened Brave windows, then navigate to %localappdata%/BraveSoftware (This location is the same as c:\users\<username>\AppData\local\BraveSoftware) on your computer, rename the Brave-Browser folder to Brave-Browser-Backup, and then launch the browser. This should launch Brave with a fresh profile; please let us know if the alert still surfaces. Also, be very, very careful not to delete your Brave-Browser folder (that’s where all of your data is stored). Just rename it :slightly_smiling_face:

2 Likes

I don’t have an AppData folder on my computer, but renamed the Brave-Browser folder that I found in c:\users\<username>\Program Files\BraveSoftware to Brave-Browser-Backup as instructed (this being the only Brave-Browser folder that my computer could find). I’m not sure If I was supposed to see anything different happen afterwards but when opening back Brave, it simply opened Brave as usual with the previous pages I’d consulted back on my screen. The alert resurfaced again as soon as I opened it.

@jekyll4793,
Every Windows OS has an AppData folder. To find it, you can open the Windows search and type in %AppData% and hit enter. You’ll have to go back up one level to Local as @sampson originally stated.

Alternatively, you can enter the entire address directly into Windows search as well – for example, for me, I would click into the Windows search bar and type the following:

C:\Users\Mattches\AppData\Local\BraveSoftware
1 Like

That did it. Everything works now. That fixed the issue and the pop-up no longer appears. Thank you very much.

This suggests there is something in your primary profile which would need to be addressed; I’d be happy to join you on a Zoom or Brave Together call to take a closer look. A second profile wasn’t intended to be the solution, since all of your browsing data, bookmarks, history and more are still in the primary profile :slightly_smiling_face:

1 Like

Sure, that’d work with me. How do we set that up?

Send me a private message, and we can hop on a call momentarily :slightly_smiling_face: