this post was submitted on 18 Jun 2023
10 points (100.0% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54716 readers
179 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

I'm installing pirated Adobe software, and Windows Defender says it detected a malicious program, name is in the post title. Is it a false positive, or is it actually harmful?

top 4 comments
sorted by: hot top controversial new old
[–] [email protected] 13 points 1 year ago

Pop the same file through VirusTotal and see what comes back. Defender will sometimes flag shit just because it performs activity that MS doesn’t like.

[–] [email protected] 3 points 1 year ago

Here is a quick guide on how to use Virus Total for pirated software https://rentry.org/Guide4VirusTotal

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

That's not precisely a false positive because they're not telling you it's infected with anything.

What they're saying is just "hey, this is a crack", which you already knew. As for why they do that:

  1. Many of these AV solutions are meant to be used in a business environment, where a crack would be unwanted software. (I mean so would any game, but you definitely want to know if someone is dumb enough to be downloading and installing cracked games on a computer meant for business, which puts the company at risk.)

  2. A lot of cracks - even legitimate ones - do stuff that causes malware algorithms to ping on it (modifying other arbitrary software, or interferes with stuff as it's being run in an odd manner, or is modified in a way that creates unreachable code and other stuff that a compiler wouldn't normally produce, say.)

  3. AV is trained by actual human researchers who investigate files like the above. Most likely when they come across a crack that set off their algorithms they just go "eh it's a crack, we're not going to bother investigating it further" and toss it in that bin because realistically pirates aren't the ones paying their bills.

So it doesn't mean the software is unsafe, but it doesn't necessarily mean it's safe either, so to speak. It's "no reading."

[–] HumanPerson 2 points 1 year ago

I would recommend putting it through clamtk, but I am not familiar with VirusTotal.

load more comments
view more: next ›