Bullguard picking up a trojan from Brave?

adamTa · July 29, 2020, 6:09pm

Hi,

Please see below message from bullguard suggesting trojan - file location suggests Brave browser…

Is this a legit file? Is Brave currently safe to use?

Thanks,

Adam

Suspected file: setup.exe

Path: C:\Windows\Temp\CR_15D7C.tmp\setup.exe

Details
• Drop.Win64.WinSelfRun.2103

Files modified
• C:\Windows\Temp\41ff0ec9-3687-4c5e-8ca8-636b26fab7b5.tmp
• C:\Windows\Temp\ec1c0e00-fe7a-451b-8e9d-eb3a0fa1bffd.tmp
• C:\Windows\Temp\09102cd9-d706-4c2a-b80b-73d7b724eea9.tmp
• C:\Windows\Temp\af981dc9-f8c8-419f-8127-820779a75ff3.tmp
• C:\Windows\Temp\e0d858a4-f7ee-465f-b9b4-156dcd9cfd93.tmp
• C:\Windows\Temp\a888f8e6-0b85-4d86-9f6f-13e6480bf9c5.tmp
• C:\Program Files (x86)\BraveSoftware\Brave-Browser\Temp\source11872_401608862\chrome.7z
• C:\Program Files (x86)\BraveSoftware\Brave-Browser\Temp\source11872_401608862\chrome_patch.diff
• C:\Windows\Temp\CR_15D7C.tmp\setup.exe

Registry modified
• HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update\ClientState{AFE6A462-C574-4B8A-AF43-4CC60DF4563B} : InstallerProgress (old value = 25 -> new value = 32)
• HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update\ClientState{AFE6A462-C574-4B8A-AF43-4CC60DF4563B} : InstallerProgress (old value = 12 -> new value = 19)
• HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update\ClientState{AFE6A462-C574-4B8A-AF43-4CC60DF4563B} : InstallerProgress (old value = 19 -> new value = 25)

Processes
• [11872] C:\Windows\Temp\CR_15D7C.tmp\setup.exe
• [12060] C:\Windows\Temp\CR_15D7C.tmp\setup.exe

29/07/2020 18:54:02

Mattches · July 29, 2020, 6:25pm

@adamTa,
Thank you for reaching out – can you tell me what version of Windows you’re using at this time? Additionally, did you download the setup/installer from our official website, or from another source?

halodule · August 19, 2020, 7:11pm

Hi, I am having the same issue using the Bullguard Antivirus, and have had the issue pop up multiple times with a slightly different file path each time. I downloaded Brave from the official website and am using Windows Version 10.0.19041 Build 19041.

Thanks!

system · September 18, 2020, 7:11pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Bullguard antivirus flags setup.exe as a potential malicious file Desktop Support windows	3	977	January 17, 2020
TROJAN in Brave browser Desktop Support bug	18	10840	March 21, 2019
Kaspersky finds Trojan in Brave files Desktop Support windows	9	1556	November 24, 2018
Trojan in the browser Desktop Support windows	8	652	May 29, 2021
Help with possible scam brave website Desktop Support macos	3	409	May 10, 2021
Windows Security found "Trojan Downloader" Desktop Support windows	1	312	March 26, 2024
AntiVirus found a weird file inside my Brave install folder	8	2629	September 24, 2020
Forwrdnow.com issue in Malwarebytes Desktop Support windows	4	3317	September 23, 2019

Bullguard picking up a trojan from Brave?

Related topics