Question on auto-update (anti-virus related)

jek6094 · September 13, 2018, 5:04pm

The developer build auto-update feature did not play nicely with Kaspersky Free Antivirus, which terminated it as “Suspicious activity” and removed half of the installation… I got it reinstalled by terminating the antivirus before installing Brave-dev again. Nothing was lost configuration wise, so no worries. After looking around in the task scheduler, I found two scheduled tasks that run BraveUpdate.exe, so I added that executable as a trusted application. Are there any other components involved in the auto-update or does the rest run in the same process tree as BraveUpdate.exe?

Mattches · September 13, 2018, 8:50pm

Hi @jek6094, sorry to hear about the inconvenience. I appreciate your persistence to work through it and get it resolved.

As for your question, we’ve had a decent amount of reports saying Kaspersky and Brave-Dev were not playing nicely, particularly on Windows 7. Can you tell me what OS you’re using? I’d like to make a note of this in case the issue is showing signs of regression in future updates.

In the meantime, I will ask the rest of the team and see if they have any suggestions on what to whitelist and/or how to avoid this happening again.

jek6094 · September 14, 2018, 4:14pm

I’m on Win7. It looks like whitelisting BraveUpdate.exe has resolved the issue. I haven’t seen any complaints so far anyway. In case anyone else is interested, here are the steps I followed to whitelist the update component:

Open the Anti-virus GUI and click on Settings
Choose “Additional”, and then “Threats and Exclusions”
Click on “Specify trusted applications”
Click “Add”, browse to and select C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
Check “Do not monitor application activity”
Check “Do not monitor the activity of child applications” and “Apply exclusion recursively”
Click “Save”

Just in case, I also did the same steps for C:\Program Files (x86)\BraveSoftware\Brave-Browser-Dev\Application\Brave.exe.

Hope this helps if anyone else runs into the same problem.

Dan50 · September 15, 2018, 4:01am

Kaspersky AND Comodo have this detected as malware for me. I just reported it to Comodo as a FP and the same with Kapsersky. Running Windows 10 64 bit here.

jek6094 · September 15, 2018, 7:04am

Seems it did not work by whitelisting BraveUpdate.exe, I still got malware reports this morning when the scheduled task was started. It’s the Setup.exe that runs under C:\Windows\Temp that causes detection. (Which makes sense, I guess that is how malware normally injects itself into a computer)

jek6094 · September 22, 2018, 6:59am

Question on the auto-update topic: After looking around, I have found the following:

Two scheduled tasks:

BraveSoftwareUpdateTaskMachineCore
BraveSoftwareUpdateTaskMachineUA

Two services:

Tjänsten Brave Update (brave)
Tjänsten Brave Update (bravem)

Oddly enough, the last two are named in swedish even though all other are named in English, and I have an English Windows 7 Professional…

Which of these are related to the Brave developer build? (I did have the official Brave browser installed before, so maybe some are leftovers?)

Topic		Replies	Views
Update on Brave being flagged as malware (false positive) by Kaspersky Anti-Virus Browser Support kaspersky	12	5661	February 21, 2019
Kaspersky finds Trojan in Brave files Desktop Support windows	9	1273	November 24, 2018
Virus in Brave? Desktop Support	2	1358	January 23, 2019
Brave infected with malware Desktop Support	3	4675	February 19, 2019
Latest version of Brave flagged as malware by Kaspersky Antivirus Desktop Support	3	1937	December 24, 2018
PLEASE give us a 'disable automatic updates' option! Browser Support windows	3	2576	March 7, 2021
Brave Beta detected as malware - true or false? Beta Builds	2	2326	October 8, 2018
Brave beta no auto updating Beta Builds performance	1	652	March 30, 2020

Question on auto-update (anti-virus related)

Related Topics