Solved Kaspersky labels Ulaa browser as Trojan

[Parkinsond]

I have download Ulaa browser (by Zoho, a famous Indian company) from the official website: Ulaa - Private, Secure, and Superfast Browser
Scan by Kaspersky revealed no threats, and reputation check of KSN revealed a trusted, signed file.

Double clicked the installer (no running as admin) started the install process, which was interrupted by K; system watcher reported detected suspicious activity and detection of a trojan.
It asked to terminated the process, and I agreed.
It then asked to quarantine files, rollback changes, and restart to perform deep disinfection; again, I agreed.
After restart, K asked to correct some system changes by the trojan.

Spoiler

After finishing all the steps, I paused K protection, uploaded Ulaa installer to VT.
Surprisingly, it was detected by only DeepInstinct engine; even K engine did not detect it.

Spoiler

Is it considered as a false positive by Kaspersky behavioral component?

 

[Bot]

Yes, it seems like a false positive. Kaspersky's behavioral component might have misinterpreted Ulaa's installation process as suspicious. It's recommended to report this to Kaspersky's support for further investigation.

 

[Dave Russo]

ESET scan claims its safe to use ,Windows SmartScreen says, don't run (might put your PC at risk),virus total 1 out of 71 says its malicious (deep instinct not Kaspersky?)

 

[Parkinsond]

ESET scan claims its safe to use ,Windows SmartScreen says, don't run (might put your PC at risk),virus total 1 out of 71 says its malicious (deep instinct not Kaspersky?)

SmartScreen is enabled, and did not flag it.
Should I exit Kaspersky and try to reinstall after scan by MD?

 

[Parkinsond]

Funny SmartScreen flagged it on my computer just minutes ago, and not you also different Av said its malicious than yours

Which AV, on your end, flagged it as malicious? You have stated ESET did not flag it.

 

[Dave Russo]

I delete my last reply, (as I goofed sorry) I also saw same as you Deep Instinct

 

[jamey910111]

I have download Ulaa browser (by Zoho, a famous Indian company) from the official website: Ulaa - Private, Secure, and Superfast Browser
Scan by Kaspersky revealed no threats, and reputation check of KSN revealed a trusted, signed file.

Double clicked the installer (no running as admin) started the install process, which was interrupted by K; system watcher reported detected suspicious activity and detection of a trojan.
It asked to terminated the process, and I agreed.
It then asked to quarantine files, rollback changes, and restart to perform deep disinfection; again, I agreed.
After restart, K asked to correct some system changes by the trojan.

Spoiler

View attachment 289176View attachment 289177View attachment 289180

After finishing all the steps, I paused K protection, uploaded Ulaa installer to VT.
Surprisingly, it was detected by only DeepInstinct engine; even K engine did not detect it.

Spoiler

View attachment 289181

Is it considered as a false positive by Kaspersky behavioral component?

I would say so, just submit the issue to kaspersky, they usually respond quickly tbh...at least they have to me...sometimes they resolve it quickly too but i mean they respond quickly that they looking into it

browser makes a lot of claim about privacy...anyone actively using it? is it fast/stable? post here says they harvest everything u do..

 

[Parkinsond]

I would say so, just submit the issue to kaspersky, they usually respond quickly tbh...at least they have to me...sometimes they resolve it quickly too but i mean they respond quickly that they looking into it

browser makes a lot of claim about privacy...anyone actively using it? is it fast/stable?

Just installed minutes ago after turning off Kaspersky.
So far, not bad, not impressive.
Its design is similar to the concept of Vivaldi; a shell for Chromium.
It has some nice, built-in features, such as ad and trackers blocker and turn on dark web page per site (only Yandex browser has such feature; however, that of Yandex provides better results as it utilized the flags dark feature, while that of Ulaa seems to be a hidden dark reader extension).
Not that good as Yandex browser; most probably I will uninstall.

 

[jamey910111]

Just installed minutes ago after turning off Kaspersky.
So far, not bad, not impressive.
Its design is similar to the concept of Vivaldi; a shell for Chromium.
It has some nice, built-in features, such as ad and trackers blocker and turn on dark web page per site (only Yandex browser has such feature; however, that of Yandex provides better results as it utilized the flags dark feature, while that of Ulaa seems to be a hidden dark reader extension).
Not that good as Yandex browser; most probably I will uninstall.

What makes u like yandex i never tried it

 

[Parkinsond]

What makes u like yandex i never tried it

It has pros and cons
Pros:
Beautiful UI
Fast
Stable
Uses less RAM than Chrome, and almost equal to Edge
Frequent updating
Settings are not enigmatic
Option to turn on and off dark mode (just as the flag we use with Edge and Chrome) for each website separately
Cons:
Not privacy friendly (may be more than Chrome)
Has no Google safe search (using Yandex protect instead; it is inferior to that of Google).
If you install Adguard extension (and some few more), you are not able to uninstall
Some websites does not like it, and act in weird manner, for example msn home page

 

[jamey910111]

It has pros and cons
Pros:
Beautiful UI
Fast
Stable
Uses less RAM than Chrome, and almost equal to Edge
Frequent updating
Settings are not enigmatic
Option to turn on and off dark mode (just as the flag we use with Edge and Chrome) for each website separately
Cons:
Not privacy friendly (may be more than Chrome)
Has no Google safe search (using Yandex protect instead; it is inferior to that of Google).
If you install Adguard extension (and some few more), you are not able to uninstall
Some websites does not like it, and act in weird manner, for example msn home page

Cant uninstall adguard or the browser do u mean by “if you install adguard”?

 

[Parkinsond]

Cant uninstall adguard or the browser do u mean by “if you install adguard”?

You can easily uninstall the browser; you only cannot uninstall adguard extension.