Hello, I am a newbie to krita, today for the first time I tried to access G’MIC in the filter dropdown, and it seems that when I click it it tries to access a website, and my antimalware blocked an attempt to access the website because of a trojan.
Is it safe to use G’MIC?
Hello and welcome to the forum 
G’MIC has the ability to update its filter definitions from the internet:
You can turn this off or adjust how often it happens:
This is probably why your Malwarebytes is giving an alert.
Alvin filed a bug report that G’MIC’s updates are enabled by default, the report is here: 439116 – gmic-qt plugin automatically connects to server to check for update without user consent
I guess the reason it treats it as “trojan” might be that it’s a process run from Krita to download a separate executable (GMIC)… I guess Malwarebytes might permit programs to update themselves, but not to update/install “other things” and from this point of view, it might look as if Krita is updating/download GMIC. (Trojan works like this: you download and install the program (infected) that you want to have, and it downloads the unwanted, harmful software in the back, without telling the user). If that’s why Malwarebytes marks it as Trojan, then, knowing how Krita and G’MIC’s relationship works (right now in Krita 4.4.5, it’s a separate program, it’s just run from Krita), you can understand why it’s marked but why it’s also safe (since it’s downloading from gmic.eu, the official website, the same website you probably downloaded it yourself).
To fix that, I would just download a newer version of GMIC yourself and see if it will stop complaining (because maybe it’s complaining when Gmic tries to download the update, not only checking for the update?).
Generally speaking, it does download from gmic.eu and while of course it might happen that either G’MIC is a huge conspiracy or that the website was hijacked recently and no one knows, but from what I know, it’s a reputable project, it’s used in Gimp and other programs and it’s used standalone, too.
In Krita 5.0 GMIC is supposed to be integrated with Krita more, so it might or might not change the situation with Malwarebytes. If it doesn’t change, we might need to think how to make it not trigger the anti-malware/anti-viruses tools… (I don’t mean cheat/fake/work around of course, but just change the way it’s updating to make it acceptable and trusted). Or maybe report a false positive to Malwarebytes.
Could you please check if Krita Next from the website will trigger that too? (make sure to backup your resources and configuration first).
Just to reiterate: I don’t think you’re in any danger here, but it’s a bad thing that it happens, of course…
From what I see the problem is not that krita tries to download a built-in program. the problem is that when accessing gmic.eu malwarebytes detects a Trojan on the web. I have done the test of trying to access https://gmic.eu in the browser and I got the same message again because it detects a Trojan on the web.
Perhaps the web has suffered an attack. As I cannot access, I do not know if there is any way to contact the owners to make a check of the web
1 Like
You can report an issue on Github but you need a Github account:
Edit:Add: This is relevant:
1 Like
Thank you all for the answers.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.