Advice Request Browsing Profiles

Please provide comments and solutions that are helpful to the author of this topic.

jamey910111

Level 2
Jun 7, 2024
97
This. I see no reason to use and rely on this browser. Too many unknowns. If you think Brave is bloated, use Firefox, Edge or Chrome.
I know who makes chrome and i trust them even less- so why do i use chromium based browsers if i dont trust google? Out of a lack of choice. If I followed your logic i wouldnt use chrome or chromium at all, or even windows. I do prefer firefox but its sluggish, i wont rely on it.
 
  • Like
Reactions: roger_m

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
Also I scanned the Standalone executable on virustotal and kaspersky, no flags (https://catsxp.oss-cn-hongkong.aliyuncs.com/x64/CatsxpBrowserStandaloneSetup_128_4_8_3.exe):


Here is the kaspersky it comes as clean overall. All the Extracted files (70) come out as clean, as do all the Network activities (all 6 come clean as well). But in terms of suspicious activity there is 9 high, 3 medium, and low 63.
Emsisoft is not letting it go, I have whitelisted many blocked activities.


Screenshot 2024-08-23 211313.png
 
Last edited:
  • Like
Reactions: jamey910111

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
Well keep us updated as to whether there is indeed something suspicious, malicious or if it is a false-positive. For me so far, on the portable version there are no flags (at least from Kaspersky).
Personally, I believe it is a false positive. Emsisoft BB is too sensitive and aggressive especially when the process is not digitally signed or signed with an invalid digital signature.

BTW, I do not get it why a browser focused on privacy and security is not digitally signed with a proper digital signature.
 

jamey910111

Level 2
Jun 7, 2024
97
Personally, I believe it is a false positive. Emsisoft BB is too sensitive and aggressive especially when the process is not digitally signed or signed with an invalid digital signature.

BTW, I do not get it why a browser focused on privacy and security is not digitally signed with a proper digital signature.
I wonder why/how Emsisoft and Micrsoft smart screen is detecting it as not being properly signed - while kaspersky and also virus total do not detect it as such. But regardless of that, Emsisoft is also detecting suspicious hidden installer process too as you say ( i guess time will tell if it is false or not). As mentioned in my case it is the portable version, so we are using two different versions - I wonder if kaspersky would react differnetly if i tried to actually install it, but i am fine with portable tbh.
 
  • Like
Reactions: Divine_Barakah

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
I wonder why/how Emsisoft and Micrsoft smart screen is detecting it as not being properly signed - while kaspersky and also virus total do not detect it as such. But regardless of that, Emsisoft is also detecting suspicious hidden installer process too as you say ( i guess time will tell if it is false or not). As mentioned in my case it is the portable version, so we are using two different versions - I wonder if kaspersky would react differnetly if i tried to actually install it, but i am fine with protable tbh.
Yes, when I run in the standalone X64 installer, the UAC prompt says Unknown publisher.

BTW though I whitelisted the main installer and the catsxpupdate.exe, Emsisoft BB goes crazy and terminates the setup file.

Screenshot 2024-08-23 212452.png
 

lokamoka820

Level 24
Mar 1, 2024
1,336
My basic security setup: W11 64 bit, UAC default, F-Secure Safe, Simple Windows Hardening, Firewall Hardening, Norton Power Eraser and SophosScanandClean as second opinion scanners, O&O Shutup10, Macrium Home and Syncback free, Sumo, Process Explorer and Autoruns.

Browsing profile for my secure surfing (mostly 25 sites like MalwareTips):
Chrome or Edge, Cira DNS for Canadians, F-Secure Browsing Protection and Adguard Ext. Bitwarden

Browsing profile for insecure browsing:
Enable a VPN ( Windscribe or Surfshark), Activate Sandboxie Plus and use Librewolf (uBlock Origin).

Do you guys use different browsers or different browser profiles to accommodate your surfing habits?
Your security setup is good, but I think you need to find an alternative to Sumo because it is discontinued.

My browsing profile is:
  • For my secure surfing: Microsoft Edge (AdGuard, Bitwarden, McAfee WebAdvisor).
  • For insecure browsing: Mozilla Firefox (uBlock Origin).
 

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
If you are comfortable/don't mind, u could give the protable a try; assuming emsisoft doesn't trigger, at least u can rest more comfortably. But I'd still love to know whether the installer is fully clean.
I am downloading the portable version, but I believe it would not make any difference. Emsisoft will flag the catsxpupdate.exe, but let's see.
 

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
I am downloading the portable version, but I believe it would not make any difference. Emsisoft will flag the catsxpupdate.exe, but let's see.
So I downloaded the portable version and Emsisoft, as expected, blocked the browser with new notification about firewall modification.
I am sorry, but this is too much and I started to believe that whitelisting the installer was wrong. I am waiting for Emsisoft's support reply.

Screenshot 2024-08-23 214418.png
 

jamey910111

Level 2
Jun 7, 2024
97
at least for me kaspersky is not throwing any tantrums and neither did virus total results show anything - so maybe it’s a false-positive by emsisoff to be honest…i’ve also not heard anything negative about the browser being infected with malware before. Hope u get a response from emsisoft soon to know the reason.

FYI i also have kaskpersky to add anything no trustable based on ksn to my untrusted list of apps, nothing from that either - i have unchecked trust digitally signed apps, although i also checked it to see any difference in outcome but none. I still dont get how virus total or kasperskt dont have a problem with it not being properly signed, but then again ivlack knowledge about these things.

1724439568106.png
 
Last edited:
  • Like
Reactions: Divine_Barakah

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
at least for me kaspersky is not throwing any tantrums and neither did virus total results show anything - so maybe it’s a false-positive by emsisoff to be honest…i’ve also not heard anything negative about the browser being infected with malware before. Hope u get a response from emsisoft soon to know the reason.

FYI i also have kaskpersky to add anything no trustable based on ksn to my untrusted list of apps, nothing from that either - i have unchecked trust digitally signed apps, although i also checked it to see any difference in outcome but none. I still dont get how virus total or kasperskt dont have a problem with it not being properly signed, but then again ivlack knowledge about these things.
Emsisoft warning had nothing to do with signature detection. I believe the first warnings were FPs,but the last one that blocked WF modification? I am waiting for Emsisoft support to see what they have to say.
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,783
This. I see no reason to use and rely on this browser. Too many unknowns. If you think Brave is bloated, use Firefox, Edge or Chrome.
In past I tried Brave several times, but did not like it. But last week I installed Brave again, turned off the stuff I do not need or like (da bloat? -- easy enough to do) and using its Brave search engine too, and I am liking it (fwiw).
 

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
In past I tried Brave several times, but did not like it. But last week I installed Brave again, turned off the stuff I do not need or like (da bloat? -- easy enough to do) and using its Brave search engine too, and I am liking it (fwiw).
I, too, like Brave Search and how fast the browser is. I just wish they'd allow us to choose what features to enable during browser setup.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top