Windows Defender constantly flagging Brave cache

Description of the issue:
Windows Defender constantly flags every new page I navigate to as a virus.

How can this issue be reproduced?

  1. Use Brave browser
  2. Get Windows Defender pop-up
  3. Site doesn’t matter, google will do it.
    https://www.screencast.com/t/VvnA09K5wgy

Expected result:
Not have it flag every Brave cache file as a virus

Brave Version( check About Brave):
Version 0.68.132 Chromium: 76.0.3809.132 (Official Build) (64-bit)

Additional Information:
Been using Brave for a few months and never encountered this issue until 2 days ago, now it renders the browser useless because of how annoying this is.

Which extensions do you have installed?

When an adware program is installed on your computer, you may see ads about dubious miracle weight loss programs, offers for get-rich-quick secrets, and bogus virus warnings that invite your click.
The advertisements may have a different text under the pop-up: “ Powered by (adware name) “, “ Brought to you by (adware name) “, “ Sponsored by (adware name) “, “ Ads by (adware name) ” or “ Ads by (adware name) “.
These ads will overlay the content on the page and when you click on a link, it will just open a pop-up to another advertisement. When a malicious program displays advertisements it will either display them in pop-up windows, directly on a web page you are visiting, or will appear as videos, banners, moving ads, or like folded down page in the top right corner of the web site. Also, you might experience new tabs opening, a change in your home page, findings from a search engine you never heard of, or even a redirect to a NSFW website.

Here are a few typical telltale signs that you have adware on your system:

  • Advertisements appear in places they shouldn’t be.
  • Your web browser’s homepage has mysteriously changed without your permission.
  • Web pages that you typically visit are not displaying properly.
  • Website links redirect to sites different from what you expected.
  • Your web browser slows to a crawl.
  • New toolbars, extensions, or plugins suddenly populate your browser

If your computer is infected with adware or any other type of malicious software, you can follow the below guide to easily clean up your computer.

Here is How you can remove Adware, Pop-up Ads and Redirects from Web Browser

STEP 1 : Uninstall the malicious programs from Windows

  1. On the Start ( menu, type Control Panel in the search box and select “ Control Panel ” from the results.
    (“In the Search box, type Control Panel then click on Control Panel”)

  2. When the “ Control Panel ” window opens click on the “ Uninstall a program ” option under “ Programs ” category.
    ( “Click on Uninstall a Program option - Windows 10”)

  3. Find the malicious program and uninstall it.The “Programs and Features” screen will be displayed with a list of all the programs installed on your PC. Scroll through the list until you find the malicious program, then click to highlight it , then click the “Uninstall” button that appears on the top toolbar.

Known malicious programs : Juliaetta version 1.5, Wajam, 1.0.0.1, DNS Unlocker, Cinema Plus, Price Minus, SalesPlus, New Player, MediaVideosPlayers, Browsers_Apps_Pro, PriceLEess, Pic Enhance, Sm23mS, Salus, Network System Driver, SS8, Save Daily Deals, Word Proser, Desktop Temperature Monitor, CloudScout Parental Control, Savefier, Savepass, HostSecurePlugin, CheckMeUp or HD-V2.2.

The malicious program may have a different name on your computer. If you cannot find any malicious programs on your PC, you can skip to the next step

( “Uninstall malicious programs from Windows”)

  1. Follow the on-screen prompts to uninstall the program.In the next message box, confirm the uninstall process by clicking on Yes , then follow the prompts to uninstall the program.Make sure to read all of the prompts carefully, because some malicious programs try to sneak things in hoping that you won’t read closely.

If you are having issues while trying to uninstall a program, you can use Revo Uninstaller Free to completely remove an unwanted program from your PC.

STEP 2: Use Malwarebytes to remove adware and browser hijackers

  1. Download Malwarebytes.You can download Malwarebytes by clicking the link below.
    MALWAREBYTES DOWNLOAD LINK
    (The above link will open a new page from where you can download Malwarebytes)

  2. Double-click on the Malwarebytes setup file.When Malwarebytes has finished downloading, double-click on the mb3-setup-consumer-x.x.x.xxxx.exe file to install Malwarebytes on your PC. In most cases, downloaded files are saved to the Downloads folder.[Double-click on mb3-setup to install Malwarebytes

You may be presented with an User Account Control pop-up asking if you want to allow Malwarebytes to make changes to your device. If this happens, you should click “ Yes ” to continue with the installation.

  1. Follow the on-screen prompts to install Malwarebytes.When the Malwarebytes installation begins, you will see the Malwarebytes Setup Wizard which will guide you through the installation process. To install Malwarebytes on your PC, click on the “ Agree and Install ” button.
    “Click Agree and Install to install Malwarebytes”)
    ( “Malwarebytes is installed on your PC”)

  2. Click on “Scan Now”.Once installed, Malwarebytes will automatically start and update the antivirus database. To perform a system scan, click on the “ Scan Now ” button.
    (“Start a scan with Malwarebytes”)

  3. Wait for the Malwarebytes scan to complete.Malwarebytes will now start scanning your computer for adware and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
    (“Malwarebytes scanning PC for malware”)

  4. Click on “Quarantine Selected”.When the scan has completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malicious programs that Malwarebytes has found, click on the “ Quarantine Selected ” button.
    “Click on the Quarantine Selected button to remove malware”)

  5. Reboot your computer.Malwarebytes will now remove all the malicious files and registry keys that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.

When the malware removal process is complete, you can close Malwarebytes and continue with the rest of the instructions.

STEP 3: Reset the browser settings to their original defaults

If your browser still is being redirected to the “Adobe Flash Player is out of date” pop-up ads, we will need to reset the web browser settings to their original defaults. This step should be performed only if your issues have not been solved by the previous steps.

  1. Open Chrome’s “Settings” menu.Click on Chrome’s main menu button, represented by three horizontal lines. When the drop-down menu appears, select the option labeled “ Settings “.

Google Chrome Settings Menu

  1. At the bottom, click “Advanced”.Chrome’s “Settings” should now be displayed in a new tab or window, depending on your configuration. Next, scroll to the bottom of the page and click on the “ Advanced ” link (as seen in the below example).

Click on the Advanced button - Google Chrome Help

  1. Under the section “Reset,” click “Reset”.Chrome’s advanced settings should now be displayed. Scroll down until the “ Reset and clean up ” section is visible, as shown in the example below. Next, click on the “ Reset settings to their original defaults ” button.

Google Chrome Reset button

  1. Confirm by clicking “Reset”.A confirmation dialog should now be displayed, detailing the components that will be restored to their default state should you continue on with the reset process. To complete the restoration process, click on the “ Reset Settings ” button.

Click on Reset to restore Google Chrome to its default settings

AdNauseam, LastPass, old reddit redirect, and amazon smile redirect. It’s not flagging the add-ons though, it is flagging the cache folder where a new file is generated every new page I browse too.

Thanks for posting a reply but that is not related to my issue.

@Lindy,
I actually believe it is. This is malware not specific to Brave – see this thread here:

And my response to another user encountering this issue:
Thanks for reaching out to us with this.

So it looks like you got yourself a virus – no good!

To confirm, you already had and had been using Brave before it was flagged – that is, this isn’t the first time installing the browser?

If so, follow the steps outlined in the article I linked to above (I will provide some additional resources below as well) to remove the infection from your machine. Additionally, since the source of the virus is likely a webpage (or files downloaded from one), ensure that you don’t re-infect your PC by:

  • Taking note of recent sites wherein Shields are not active
  • Recently visited sites that fail to establish a secure connection
  • Recently visited sites that you downloaded files from

This will also help establish whether or not this is a hole/flaw in Brave and/or the Chromium engine, the work of a crafty malware author, or some other issue entirely.

See also:
https://www.pcmalwarerepair.com/how-to-remove-android-adware-agent-xyd-virus-from-pc
https://blog.malwarebytes.com/detections/android-adware-mobidash/

This topic was automatically closed after 30 days. New replies are no longer allowed.