search

infantdeveloper / ytks-downloader

Unofficial Downloader for https://ytks.app
17 stars 0 forks source link

Malwarebytes detected this EXE as Malware.AI.3998014840 #11

Closed tzzoooma closed 1 month ago

tzzoooma commented 1 month ago

Malwarebytes scan shows the latest ytks_downloader.exe as:

Malware.AI Short bio Malware.AI.(id-nr) are detection names produced by the Artificial Intelligence module in Malwarebytes 4 and Malwarebytes business products. These generic malware detections are due to our new automated signature system called BytesTotal and DDS engine that are based on Machine Learning technology with 100% autonomous learning which don’t require any human interaction to correctly identify malware.. These techniques are part of Malwarebytes’ Katana engine and were developed for automated mass detection of wide ranges of malware and adware.

The id-nr is usually around 9 digits.

Types of infection Based on closer determination, items detected as Malware.AI can be categorized more precisely based on their behavior. Malwarebytes uses the underlying threat categories:

Adware Fraudtool Hijack Ransomware Riskware Rogue Rootkit Spyware Trojan Virus Worm Protection Malwarebytes detects unknown threats as Malware.AI by using Artificial Intelligence and Machine Learning techniques without any specific detection rules to protect users from malware that has not yet been researched and classified. This helps protect our customers against 0-day malware.

infantdeveloper commented 1 month ago

Malwarebytes and lots of other antivirus software are checking (among other things) if an application was signed using windows code signing. Since signing an application like that requires a certificate which costs money, it's not feasible for me to provide a signed version of this application for a small open source application like this downloader.

Note that if you don't trust a random developer like me (which you shouldn't) you can build the executable yourself by following the instructions in the "Build from source" section of the readme . Note that after this it may still require you to create an exception for this application in your antivirus software, since the executable you created this way will also not be signed.

Feel free to reopen this thread, if you have any followup requestions.