Malwarebytes "AI detection" giving false positive from pirated software?
Today I was trying to download Affinity Photo 2 from the websites listed on the megathread, as normally I do exactly that and everything goes just fine.
But when scanning the downloaded files. Windows Defender detected it as hacktool.win32.keygen and malwarebytes as Generic.Malware.AI.DDS.
In the case of Windows, I am guessing that it is not detecting a virus but the actual crack right? That's what that means as far as I'm aware.
But what surprised me was malwarebytes, it has sometimes warned about cracks but it's not something it does often, and I don't recognize the detection code, but it seems to be using AI to detect malware now?
Is this something that is known to happen? Malwarebytes AI seems to be detecting cracks as malware... Or is this actually a virus?
I put it in quarantine just in case, but I am guessing this has to be false positives, as it happened with 2 different downloads from 2 different websites.
I'd say judging by the name it's a keygen / crack. So it's telling you downloaded pirated software... Are these online scanners like virustotal.com still a thing? You could upload it there and look what it's saying. Other than that I don't see any good indication of it being malware.
And I don't know much about virus scanners, but the AI detection could as well be something like: people who downloaded this file, also downloaded malware... So I wouldn't trust it to be precise.
I am guessing it's probably just the crack, and the fact that it detected the same from 2 different download on websites with good reputation on this community makes me think it's that.
And yes I did put it on virustotal. The link is on the post.
As I said, it detected the same, but still 32 / 62 (or something) went off, I don't really feel like installing it, honestly. I might look into it later
Hmmh. I mean you often get mixed results on virustotal. But in this case most of the positives say it's a "hacktool' or "patcher". I'd say if it did harm to your computer, it would be in some different category. I'd say the name suggests the majority agrees that it's circumventing the copy protection, and that's the bad thing about that file.
Maybe someone else has some more helpful insight. I'm one of the Linux guys here and I don't really pirate application software. But I don't think we have any good alternative for photo editing, at least not with a similar workflow.
I use Linux too on a secondary computer, and I do find amazing the amount of incredible open-source / free apps you can find. I have started using LibreOffice instead of (pirated) microsoft office because I honestly think it's just better.
But yeah, unfortunately, I haven't been able find a lot of free and open-source programs that can replace what this one does.
And I just don't like adobe.
GIMP can be good, but it's work-flow is almost entirely different, so it's a learning curve. It doesn't help that it looks more like Photoshop these days, so people can think it has similar workflow and then quickly be flummoxed as to how to do something that was simple in Photoshop.
Hmmh. I mean for me it's kind of the other way round. I've started with GIMP because it was free. Never saw any reason to buy Adobe software (or others) and then also invest the time to learn how to use it. I roughly know where to find things in GIMP and don't know any other workflow. But I don't do much photo editing, so I wouldn't really know. And even as an amateur the nagivation in GIMP often feels cumbersome, and sometimes you fail to grasp how you're supposed to do something. I always hoped we'd invent another big photo editing suite as Free Software. Or GIMP would do a complete overhaul. But it is how it is. I mean I don't really care. But just because I don't need a lot of photo editing in my life 😉 It's likely an entirely different story for a lot of other people, and I can relate to that.